Feeding false an App

Discussion in 'Perl Misc' started by Richard Anderson, Feb 13, 2005.

  1. Well a friend of mine maked his own online chess server and he in order to
    paly chess with him i have o install a software that he developed. What he
    does from the program is running online machine query checks through his
    hand-made chess client i use to connect to his online chess server. He
    specifically searches fro cpu id. What i want to do is to make a perl prog
    that weill listen fro cpu id requests and then feed the querint app with
    false cpu id! He asked me if i have a way to overcome that and i said i
    could! actually we made a bet! I think of that because i cant change the
    cpu id like i do with mac address if i like because new mac address id can
    be applied to an ethernet card but new cpu id cannot be applied/overwriiten
    to the old one! at least, i think it cant! so i made the above thouh to
    just feed it wrong! is this possible through a perl app?!?!
     
    Richard Anderson, Feb 13, 2005
    #1
    1. Advertisements

  2. He wont tell me if its done by buil-in c++ function or by calling a dll
    for instance kernel32.dll.

    Well i made a prog my self but not a complte one. i dont know how to make
    my program listen to and respinf to cpu id requests. here it is so:

    #! /usr/bin/perl

    use strict;

    print "Content-type: text/plain\n\n";
    print <<EOT;
    eax in eax ebx ecx edx
    00000000 00000002 756e6547 6c65746e 49656e69
    00000001 00000f29 0602080b 00004400 bfebfbff
    00000002 665b5001 00000000 00000000 007b7040
    80000000 80000004 00000000 00000000 00000000
    80000001 00000000 00000000 00000000 00000000
    80000002 20202020 20202020 20202020 20202020
    80000003 6e492020 286c6574 58202952 286e6f65
    80000004 20294d54 20555043 36302e33 007a4847

    Vendor ID: "GenuineIntel"; CPUID level 2

    Intel-specific functions:
    Version 00000f29:
    Type 0 - Original OEM
    Family 15 - Pentium 4
    Extended family 0
    Model 2 -
    Stepping 9
    Reserved 0

    Brand index: 11 [not in table]
    Extended brand string: " Intel(R) Xeon(TM) CPU 3.06GH
    +z"
    CLFLUSH instruction cache line size: 8
    Initial APIC ID: 6
    Hyper threading siblings: 2
     
    Richard Anderson, Feb 13, 2005
    #2
    1. Advertisements

  3. Are you a troll or just plain mad?
    Sending disassembled machine code as html is just plain bizarre.

    If he is running a server thru sockets ask him for the protocol he's
    invesnted.

    gtoomey
     
    Gregory Toomey, Feb 13, 2005
    #3
  4. @individual.net:

    Sorry didnt paste the whole code:

    #! /usr/bin/perl

    use strict;

    print "Content-type: text/plain\n\n";
    print <<EOT;
    eax in eax ebx ecx edx
    00000000 00000002 756e6547 6c65746e 49656e69
    00000001 00000f29 0602080b 00004400 bfebfbff
    00000002 665b5001 00000000 00000000 007b7040
    80000000 80000004 00000000 00000000 00000000
    80000001 00000000 00000000 00000000 00000000
    80000002 20202020 20202020 20202020 20202020
    80000003 6e492020 286c6574 58202952 286e6f65
    80000004 20294d54 20555043 36302e33 007a4847

    Vendor ID: "GenuineIntel"; CPUID level 2

    Intel-specific functions:
    Version 00000f29:
    Type 0 - Original OEM
    Family 15 - Pentium 4
    Extended family 0
    Model 2 -
    Stepping 9
    Reserved 0

    Brand index: 11 [not in table]
    Extended brand string: " Intel(R) Xeon(TM) CPU 3.06GH
    +z"
    CLFLUSH instruction cache line size: 8
    Initial APIC ID: 6
    Hyper threading siblings: 2

    Also he wont tell me what protocol he uses: but the job is beeing done
    through sockets.

    What can i do next?
     
    Richard Anderson, Feb 14, 2005
    #4
  5. Richard, whoever you are, please learn to use proper attributions when you
    post Gregory Toomey did not write the line above.

    For what it is worth, my sense is that you are a nine year old troll in
    training.

    Sinan.
     
    A. Sinan Unur, Feb 14, 2005
    #5
  6. You ve got a wrong sense then, sorry for the line though it missed me on
    delettion.

    What about my question?
     
    Richard Anderson, Feb 14, 2005
    #6
  7. Intentional troll or not, the fact is that every message you've posted so
    far has been complete gibberish. If that's not intentional, then it's
    apparent that you haven't got the first clue what you're talking about.
    Was there a Perl question buried in there somewhere? The only Perl I've so
    far simply printed a Content-type header and some output. There was nothing
    wrong with the Perl code that I could see.

    sherm--
     
    Sherm Pendley, Feb 14, 2005
    #7
  8. Well i made a prog my self but not a complte one. i dont know how to make
    my program listen to and respinf to cpu id requests
     
    Richard Anderson, Feb 14, 2005
    #8
  9. More gibberish. You're not getting any answers because your question makes
    no sense. What is a "cpu id request"? What's it coming from? What protocol
    is being used?

    sherm--
     
    Sherm Pendley, Feb 14, 2005
    #9
  10. Well a cpu id request is a request made from an application running on a
    machine asking for the hardware's(cpu specifically) serial number.

    Thats what my frind is using through his app to identify my pc uniquley.


    What i want to do is to captute this cpu id request made from his
    application and hen false feed it!

    Make any sense now! I hope eys :)
     
    Richard Anderson, Feb 14, 2005
    #10
  11. Richard Anderson

    phaylon Guest

    You mean you want to fake your CPUID through perl? I don't know, but I
    guess you will have to try at another place, say, your Kernel for example.

    At all this "my friends chessgame-application, which checks for cpuid"
    sounds a bit weird.
     
    phaylon, Feb 14, 2005
    #11
  12. That's just stating the same thing using more words - it's not helpful.

    You say this "cpu id request" is from an application running on a machine.
    Is it from the same machine, or another one? If it's a local request, what
    API is the app using? If it's from another machine, what network protocol
    is used?

    You see where I'm going with this? You need to spend some time figuring out
    *what* you want to do, before anyone here can explain *how* to do it.

    sherm--
     
    Sherm Pendley, Feb 14, 2005
    #12
  13. Well the cpu id request is issued by an online chess game server my
    friend has running from his 24/7 connected pc and because the online
    chess server directly connectz to his chess client app that i happen to
    run on my pc the request passes through that app to my pc, getting the
    cpu info somehow (maybe from an API call or a built in function, i dont
    know) and that info travles back from the chess client app to his online
    chess server and stores in his mysql database.

    I hope this time i calrifies things more efficiently :)
    Sorry but the language is causing me a little trouble trying to express
    my self clearly! :)
    You are right.
     
    Richard Anderson, Feb 14, 2005
    #13
  14. We're finally getting somewhere. There's probably not much point in trying
    to reverse-engineer the app. Even if you could figure out how it's getting
    CPU info from Windows, it would be really hard to feed it misinformation
    that way.

    A better approach would be to intercept the incoming network request, and
    redirect it to an app of your own. To do that, you need to figure out two
    things:

    1. What port the app listens on.
    2. What protocol it speaks.

    Google for "port scanner" and "packet sniffer" for tools to help figure
    those two things out. Once you know the port, you can easily configure your
    firewall to redirect incoming requests on that port to a port that your app
    is listening on. And once you know the protocol, you'll be able to write
    your app to respond to those requests.

    Once you're ready to write your app, go to <http://search.cpan.org>, and
    search for "network server", and/or the protocol you want to implement.

    It's a lot of work, and it might not seem worth it just to cheat at chess
    and/or win a bet. But it's a good learning exercise - accurately defining a
    problem, and then breaking it down into manageable pieces, is a vital skill
    for any programmer to have.

    sherm--
     
    Sherm Pendley, Feb 14, 2005
    #14
  15. Richard Anderson

    Larry Guest

    You seem to have an eye for youth, Sinan. I wouldn't know a nine year
    old troll from a ninety year old troll.

    Larry
     
    Larry, Feb 14, 2005
    #15
  16. Richard Anderson

    Larry Guest

    search Google Groups: sinan unur newbie request script review

    have a little more gratitude, compassion, kindness.

    Larry
     
    Larry, Feb 14, 2005
    #16
  17. Thank you you have defines into small clear pieces the steps i need to
    take in order to overcome the problem.

    I can find the app's port and network protocol and configure the firewall
    to redirect the traffic to that port to my app instead but then the
    trouble is that i cannot write my own perl app to listen to requests and
    then false feed it wrong. This is beyond my basic perl capabilities.

    Also i want to say that even if i was able to do that, intercepting and
    false feeding then that would still wont get the job done because his
    online chess server would be waitng for a cpu id respond from his chess
    cleint software and not from my app. Am i right?

    He must surely have a way to identify all the data that his servers
    recieves if they are coming from his software or from another app.

    What do you think on that?
     
    Richard Anderson, Feb 14, 2005
    #17
  18. I *knew* there was a Perl question lurking in there somewhere. We just had
    to find it. :)

    To start learning about network programming in Perl, have a look at "perldoc
    perlipc", especially the section "Sockets: Client/Server Communication".
    That's low-level stuff though. If you're using a well-known protocol -
    heck, even if you're using an obscure protocol, have a look around CPAN to
    see if there's a module that implements it.
    Once your app is listening for and accepting connections, it can also send
    responses. If you want to be sneaky, set up your app as a "man in the
    middle". When it gets an incoming connection, establish a connection with
    the real app too.

    You can then write your app to handle the CPU ID request however you want,
    but forward other requests to the main app and return its responses back to
    the server, either as-is or modified.
    There's no way for me to know that. That's what the packet scanner is for,
    so you can examine the traffic between the client and server. You'll need
    to decide how to proceed based on what you see there.

    sherm--
     
    Sherm Pendley, Feb 14, 2005
    #18
  19. Assumption: An email address with the word 'hacker' correlates with
    immaturity.

    Similar to using larry_wallet, IMNSHO.

    Sinan.
     
    A. Sinan Unur, Feb 14, 2005
    #19
  20. Is your point that I was once a newbie too. Sure, I was. That post was
    not perfect. but it was light years ahead of the one that started this
    thread in terms of both its comprehensibility and the effort that was
    put into it. It had the added positivie aspect of actually being on
    topic.
    I believe in reciprocity. My gratitude is reserved for people who have
    helped me and my compassion and kindness is reserved for people who make
    an effort.

    Simple, really.

    Sinan.
     
    A. Sinan Unur, Feb 14, 2005
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.