Greetings,
You may be wondering why I am updating this site more regularly than other sites, such as Javantea's Fate. JF is no longer in production (it's been put aside for two projects that are more interesting to me). Since this is the second and thus most interesting applicable site, it is where I post my blog. It's a developer blog, similar to Making of Javantea's Fate. I stopped posting blogs at #378, posted on 2006-03-07. How far will this blog go? Hopefully I'll move onto another project before Spring, but I'll probably post a note or two here just for kicks (in the same sense that I plan to post blogs on JF now).
Greetings,
As of today, this site is totally upgraded. The features that it supports are:
- database backend for rapid updating
- membership
- file upload
- comments
- blog-style articles tab
- this blog
If you're just looking for my latest blog, find the yellow Articles tab, click the Blog with the latest date, and you'll probably find a link to my latest work. What is AltSci Cell about? If you got here through the domain cell-game.com, you probably know that I am writing a video game called Cell. This website will show pictures of it until it's completion, at which point it will have downloads available and it will allow you to purchase the game.
What type of game will Cell be? Cell is a game about the technology of communication and how we use it to define our reality. Even before I owned a cell phone, I wanted to write a satire on the high cost of cell phones. Now that I have a cell phone myself that costs $80-100 per month (don't ask me how), the satire hits home. While satire is still a motivation for Cell, it's not the main motivation. Now that I understand the idea of cell phones, I am much better equipped to ask and perhaps to answer the question "Why do we really need a cell phone?" Don't expect me to lecture you on your bill.
More specifically, Cell will have a semi-traditional gameplay based on the love sim genre with a bit of American style mystery and plenty of philosophy. I'm going to try my best to script as little as possible in AltSci Cell (opposed to Hack Mars, which will have over hundred scripted sequences) so that the player is the engine through which the plot is explained. People seem to like controlling their own destiny and video games give them a very weird (read: unique) way to express it.
Read more »Good Bad Attitude
jvoss@altsci.com
jvoss@myuw.net
May 26 - June 2, 2006
This program grabs a list of good processes from /proc, then it monitors /proc and kills any new process. It is meant to be used in extremely hostile environments. It is a general use tool, but it can and should be modified as necessary. Obviously it should be modified to allow the user to re-login in case s/he loses shell.
It's original use is for Defcon 14 ACTF. If a vulnerable server gives non-root access (quite likely), attackers that re-attack the server will be able to kill the original attacker. This means that the original attacker should put up defenses quickly to ensure that attackers are ejected. One way is to fix the vulnerability in the server. If this is not possible, this script is a simple solution.
Read more »OpenSSL Blowfish Bruteforce Attack
jvoss@altsci.com
jvoss@myuw.net
Jan 20, 2006
OpenSSL Blowfish Bruteforce Attack 0.2 Source
[sig]
OpenSSL Blowfish Bruteforce Attack 0.1 Source
[sig]
OpenSSL is a useful tool with many uses. The openssl command is not used much by normal users, but for hackers, it is essential for encryption, generation of keys, encryption attacks, and so forth. A specific command, enc has been used by hackers for encrypting data with various ciphers. An especially useful cipher is Blowfish.
openssl enc -bf-cbc is the command used. A simple bruteforce
attack can be successful on bad passwords and good password. Since Blowfish
takes a long time to generate keys, it is slow, but works. My code uses any
known parts of the password to make the search faster. The attack requires a
know file regularity to test the crack.
In this case we use tar archive filename plus nulls at
the start of the tar archive. A similar known plaintext can be used on a
large variety of file types (avi, zip, jpeg, png, etc).
