Python Programming Lesson Four. ( beginning strings )

    Today’s lesson will be a short one since we will just be discussing Python’s ability to write a user’s input a text file. This code will do two things, it will take whatever you type and assign a variable to it and then it will print that variable to a text file which you will also choose the name of.

ttw = str(raw_input("Enter the text you would like to write to the file: "))

ftw = str(raw_input("What would you like to name the file: "))

textfile=open(ftw,'w')

textfile.write(ttw)

ttw, and ftw are simply the variables for what you want wrote to the file, and what to name the file. The “w” in textfile means to write. Python has three main ways to interact with text files, write, read, append.

Site Update.

     You may have noticed the banner at the top, or the other ads we had shortly. To be able to bring you more content Clocwork and I are still working on getting a domain name and host. While there may be some changes over the next few weeks it will be nothing major.

Python Programming Lesson Three.

     In programming lesson three we will be covering the os module of Python, which allows you to use command line functions inside a Python program. Now since most programs can be run from command line this has nearly unlimited possibilities. Unlike my other lesson this one requires some knowledge of command line depending on your operating system. Windows and Mac/Linux use somewhat different commands so this program will also be teaching you how to take a user’s input and use an IF command.

import os

opsys = raw_input("Are you using a Windows machine yes/no ")

if opsys =='yes':

                print 'This will use the windows echo and %random% function'

                os.system('echo %random%')

if opsys =='no':

                print 'This will use the linux echo command'

                os.system('echo hello')

      You may notice the indentions which is very important in Python.   We are using the IF command to determine which O.S the user is running so we can determine the appropriate commands to use.

Reverse Engineering Java Applets : Basic Level

     This is a basic tutorial for reverse engineering Java Applets. This has many functions to it, so I will not cover every single possible function for reverse engineering an applet, but in this tutorial we will simply be using this method to simply understand how another applet works. Let us begin...

I will be doing this method from my OS (which is Ubuntu) so I will be doing a lot of command line for my compiling (because frankly I don't care enough to get a compiler. For these steps, use your own method of compiling a Java applet, there is not really one specific way to follow this tutorial)

For this tutorial you will need

- JDK (Java Development Kit), you can download this from Sun Microsystems' Website
- JAD (Java Decompiler), you can download this here
- Basic knowledge of Java
- Java Compiler (you can use your own, or do it from command line, it's still simple from command line, but most people want a GUI)


Once you've downloaded the JDK (if you didn't already have it) and the Java Decompiler, you're going to need to find an applet that you want to reverse engineer. I found (through searching "java applet examples" on Google) an applet that I thought would be perfect for this tutorial here

Basically, I just wanted to see how this applet works. So, I decided I'd crack it open and get to it.

First, we need to actually get the class file. The class file is a binary file that makes it so that the interpreter (probably used the wrong word, but whatever) can display the applet (since it can't read plain text like we can). To get this class file, we need to find out where the class file is located

Note: Almost all class files will be in the same directory as the applet you're viewing

But, to be sure, we're going to right click the page and select the "View Source" option. Once we do that, we need to press Ctrl+F and search for "APPLET" (make sure that match case is off when you do this)

You want to keep searching until you find a tag that looks something like this

<APPLET CODE="image3dcube.class" WIDTH=250 HEIGHT=250>

 Now, if you're not on the same website as me, then this will look different. But, the class file that we're looking for is located after "CODE=". In this case, we can see that the class file is "image3dcube.class". So, to get this file we need go into the url bar, get rid of "applet2.html" and put in "image3dcube.class" like so

You should then get a prompt asking you if you want to download the file. Obviously, you'll want to say yes. Now, the best place to save the file is in the folder or location where your Java Decompiler is. So, go and do that now. This is where the command line stuff will come in. What you'll want to do is change to the directory where your image3dcube.class file and your Java Decompiler are and then you'll want to run your compiler from command line.

To do this in Linux or Mac, you'll just type this

./jad image3dcube.class

And it should end up looking like this

Now, in Windows, I'm assuming you just simply need to type "jad image3dcube.class" in your Command Prompt and it should work the same way. 

Either way you do it, you should end up getting a file named "image3dcube.jad". Just open this with a text editor and now you can see the code that is inside. Now, in order to run this file we need a few things.

- A new Java and Class file

- An applet for viewing

To create our new Java file, we select the code (ignoring the comments at the top) and copy it. Then, we create a new file (with the same name as the original file) but make it a .java extension. Then, paste the code from .jad file into our new .java file and save it. Next, delete our old class file (the image3dcube.class) and we will run our compiler on our new Java file. To do this from command line (which is easier because you should already be in the same directory. Type:

javac image3dcube.java

This will compile the code and give you a new image3d.class file. You can now modify the code from the image3dcube.java file, compile, and then run it. But, we need a way to actually view the applet. Unfortunately for us, the source code from the original applet uses Parameters. So, in order for this code to run properly, we need to copy the applet code from the original site's source file and change some values.

The original code for the applet is this:

<APPLET CODE="image3dcube.class" WIDTH=250 HEIGHT=250>
<PARAM name="background" value="FFFFFF">
<PARAM name="shadowcolor" value="FFFFFF">
<PARAM name="textcolor" value="000000">
<PARAM name="spotlight" value="no">
<PARAM name="showlightbutton" value="no">
<PARAM name="sleeptime" value="5">
<PARAM name="target" value="_self">
<PARAM name="anglestep" value="8">

<PARAM name="mouseresponse" value="6">
<PARAM name="zoomspeed" value="4">
<PARAM name="image0" value="2comp1.gif">
<PARAM name="image1" value="2comp2.gif">
<PARAM name="image2" value="2comp3.gif">
<PARAM name="image3" value="2comp4.gif">
<PARAM name="image4" value="2comp5.gif">
<PARAM name="image5" value="2comp6.gif">
<PARAM name="url0" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url1" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url2" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url3" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url4" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url5" value="http://oran.k12.mo.us/fbla/index.html">
</APPLET>

 Now, what you'll need to do, is copy the applet code then create a new .html file. I generally name this file "applet.html" because it's a general name. Once you've made this file, paste the code into the applet.

For applets that don't use parameters, you can simply copy and paste this:

<applet code="CLASS FILE HERE" width="WIDTH OF APPLET" height="HEIGHT OF APPLET"> </applet>

change the values, and it will run. But, since this applet uses parameters, we need to satisfy these parameters or change them if necessary. If we were trying to reverse engineer a real applet, we'd want all of the pictures that the applet originally used, but for this, the general idea of this applet is so that you can put your own images. For the Linux users, you can use wget and usually get all of the images you need. For a guide to wget, go here. If you end up getting not-needed images, then try changing the level.

Luckily for us, this applet is very flexible about our images, and our original goal was to see how this worked, maybe improve it, and then put in our own images. So, to do this, all you need to do is put images (maximum of 6) on your server or in your folder (the same folder as your applet) and then change the applet's parameters to be the file name of those images. Then, open the applet or use "appletviewer YOUR FILE NAME HERE.html" and see if it works.


 There are many uses for reverse engineering a Java applet. To crack a password, to see where files are stored, or just to see how an applet works so that you can maybe improve your own code or heaven forbid leech the source. Anyway, I hope you enjoyed this tutorial, and you will hopefully be seeing some more useful tutorials later on in the future.

Thanks,
- Clocwork

Programming Lesson Number Two ( Math.py )

                Today’s lesson will be covering use of the Python Math module, and Python’s built-in math functions. The Math module is a module specifically designed to expand on Python’s mathematical functionality by adding things such as square roots, sin, cos , tan. Now if you have ever tried to make a program to solve certain math problems, and have found yourself lacking in certain functions; you will be lacking no longer! The built-in math functions for python are addition, subtraction, multiplication, and division. I will be once more adding code that uses Math.py, and each of the built-in math functions.

import math

print 5+5

print 5*5

print 5/5

print 5-5

print math.sqrt(25)

raw_input()

     Import math is importing the math.py module, which allows you to use the math.sqrt function. Now you may have not seen raw_input() before, but it is a simpler way to pause the program until the user wishes to continue.

AWUS036H Product Review

     Today, I Shadowdrifter would like to tell you about an item I recently bought. It is the AWUS036H long range wi-fi antenna. It came with two antennas, and two adapters the smaller increases my wi-fi range by around 200 feet where the larger antenna can increase it by 600-700 feet . This also comes with an installation disc for older computers, but it shouldn’t be needed usually. So for anyone into wireless security this is the perfect antenna since it worked on my Backtrack4 right out of the box. It supports deauth for WPA-PSK and packet injection.  The package I bought is Alfa AWUS036H 1000mW 1W 802.11b/g High Gain USB Wireless Long-Range WiFi network Adapter with 5dBi and 9dBi Screw-On Swivel Rubber Antenna and Mini bendable Flex cable for Better adjustment.

You may have realized there is an amazon ad in this post, I would like to take the time to explain why. Recently Clocwork and I have been wanting to transfer to a real host, and get our own domain name so we will be adding some ads to try and afford this domain/hosting! So if you would like to help out just add it as a comment, thank you for reading this.

Programming Lesson Number one.

This is the first edition to the Shadowdrift programming lessons. During these lessons I will be teaching you the basics of the Python language. Today’s lesson will be on installing Python, using modules, and assigning variables. Installing Python is very straightforward go to this link and download the first file . After running the MSI installer you will be able to run Python programs. Now similar to headers in C/C++ Python stores functions in modules which are easily imported with something as simple as import modulename. At the end of this lesson I will include some code you can easily use to test these modules. The third, and final part of our lesson is assigning variables. To assign a variable in python you will write it like this variablename = variable i.e a = ‘123’. The following code uses Python of course, and the two things we have covered modules and variables.

    import time
    a = time.time()
    print a
    time.sleep(3)