LulzSec poisons Google?

I thought this might have been some funny business either with my SSH tunnel or Firefox, but I was able to replicate the results using IE and a different proxy altogether:

LulzSec poisoned Google Results in IE

The poison itself looks like a CSS or Javascript injection where it creates a rainbow connected to the search button. The rest of the search results are skewed.

So essentially I was able to replicate the poisoned results multiple times across multiple browsers. You have to search for the term “LulzSec” and F5 until you happen to get the result. I imagine this is a case where the Google Index with the poisoned results hasn’t propagated across the ENTIRE Google farm yet, so you’ll have to play search results roulette until you get it.

This is either something weird going on at Google, or LulzSec is indeed the most badass group of hackers this world has ever known. Poisoning the Google Search results is like the Holy Grail of awesome hacks!

Reunion Title Screen

Does anyone else remember playing Reunion back on their 386′s with a staggering 2MB of RAM? Lord knows I remember!

Reunion came out over fifteen years ago and I still feel the urge to play it now and then even today. It’s a great game and can be downloaded from many abandonawre sites across the internet.

I started playing again recently using DOSBox and I was amazed, because I didn’t even know the game had sound! When I played “back in the day”, my system didn’t have a Sound Card (because I couldn’t afford a Creative AWE32), so needless to say it was a whole different experience. The game has a fantastic production value and even when modern development languages, I’m not sure that even I’d be able to create a game of such depth a complexity!

Anywho, I began to get frustrated because I knew there were parts of the game I was missing because I couldn’t meet certain goals or didn’t have enough resources. Granted, I should have spent the time perfecting the game and working towards those achievements….. but it’s an old game and I don’t have as much free time as I did when I was thirteen years old

To that end, I sat down and studied the Save Game format for a while and also the (paltry) Save Editor that was included in the Abandonware version. I knew I could come up with something better that gives me even more options in the game. It took me a couple hours but I was able to come up with a pretty functional Saved Game Editor for Reunion that works around a couple glitches the previous version had.

I know, I’m a total cheater but it was a fun little project and I figure perhaps ONE person on the entirety of the Internet must need something like this as well, so I figure I’d throw it out there for anyone who needs it

Reunion Saved Game Editor – Download (92kb)

I re-ran some tests using the StopWatch class to hard code some metrics into the application and they also confirmed the findings. What’s up? How could a class that everyone says you can use to your hearts content when it came to string concatenation was failing me?

Turns out, it was a mix of misuse and a common misconception about the StringBuilder Class.

One of the first things you learn while picking up .NET is that the StringBuilder Class is your friend when it comes to concatenating large strings in memory. It beats the pants off of String.Concat and String.Format, while also being a mutable object in the Framework utilizing an in-memory buffer.

I used JetBrains dotTrace to help profile the application and it was very evident from the get-go that StringBuilder was causing the whole process to slow down.

The nature of my application was basically reading in a text buffer 1 character as a time, and using the StringBuilder as an output buffer. So for a 1k file, The method Append(char) would be called 1024 times. A 600k file would call Append(char) 614,400 times.

So why was I getting burned in execution time? The issue turned out to be two fold.

First, there’s overhead cost to the call. I don’t care how lightweight your method is, if you’re calling it SIX HUNDRED THOUSAND TIMES, it’s going to take a bit. Let alone a method who handles a string buffer in memory and string manipulation. So basically, no matter how fast StringBuilder actually is, it’s not a free call and you should consider the fact that the call still has overhead when architecting your solution.

Architecture brings me to my second point. While writing each character individually made sense initally, it seems that it was just lazy The optimized route would have been calling Append with a SUBSTRING of the input buffer, this way we avoid the overhead of multiple calls by writing all the neccisary data in one big blob.

So 600,000 calls to StringBuilder.Append(char) becomes only a few hundred calls to StringBuilder.Append(string.Substring(start, count)). Sure, the Substring Virtual Method itself has overhead, but it’s still less than the thousands of calls to Append(char) that we’re saving ourself

Conclusion?

StringBuilder is fast, but it’s not free. Take this into consideration when utilizing it while appending large data sets in small chunks.

Cheers!

I frequented a local BBS here in San Diego, California called Dream Net. Dream Net ran a multi-line BBS software called MajorBBS and was sysoped by Blondie (Tara) and Reep (George). What made Dream Net so great is that being multi-lined allowed it to host some of the first great MUD’s such as MajorMUD and my personal favorite, Tele-Arena. Other great multi-user games included TradeWars 2002, Farwest Trivia and T-LORD (Tournament LORD, which was a version of Legend of the Red Dragon for MajorBBS).

Now over fifteen years later, BBS’s are all but dead. Those of us who used them try and contact old friends using sites like BBSMates.com. People have put out documentarties and books on the BBS culture and lamenting of those days when carrier signals screamed from little boxes. I believe as a whole the remaining BBS community is very co-operative in trying to preserve their past and makes sure the software, which easily qualifies as abandonware, doesn’t fall victim to the cyber ether to be lost forever on a floppy disk in a closet somewhere. A great example of this effort is The MajorBBS Restoration Project.

The MajorBS Restoration Project is a group of people ranging from hardcore software developers to enthusiasts looking to preserve and restore everything relating to the MajorBBS bulletin board software and related software. One thing people are running into is the legality and morality of using ‘pirated’ copies of software that is no longer for sale or the parent companies no longer exist. I have found myself in the same situation and began to dabble in MajorBBS reverse engineering in order to make the modules I wished to use for my own private purposes, functional.

For the most part, previous license holders for MajorBBS software have come forward and donated their source code, which represents thousands of hours in hard work and labor, to the community for preservation and continued development by enthusiasts. An example of this would be M.B. Murdock & Associates and their MajorBBS game Galactic Empire. As a company, they closed their doors in 1996 due to the decline in BBS sales, but in 2002 Mike Murdock released the source code for the Galactic Empires MajorBBS module under the GPL license.

There have been a few software vendors who have been known to protect the MajorBBS modules they’ve developed either as a corporation, or as an individual developer who ran his own business during this period. Part of me, as a software developer myself, can understand that you might not want to just give out the source code to something you’ve worked so hard on. Lord knows I don’t go around handing out my own But some of these people actually go as far to being legal action against individuals who are running ‘pirated’ copies of their software, fifteen years after it was released.

I’m not saying that it justifies piracy, but I think legally if I can prove:

• The software is over a certain age (perhaps ten+ years)
• The originating company no longer exists, or
• The company does exist but will no longer sell copies of the software

Then, aren’t they just using their old software as bait to perhaps lure users into a lawsuit for pirating software that was impossible to purchase by legal means.

What I would love to see is a movement to simply preserve the past. My past. Millions of people’s pasts. Let’s try to come together using projects like the MajorBBS Restoration Project or others of it’s type, and get those programs we all love and remember back in the open before they’re lost forever! Even a simple keygen that would take a software author a few hours to package and release could help many, many people.

Recently I needed to recover a password that was ‘remembered’ by Semagic, but it was hidden in the password field. Simple password unmasking applications weren’t helping me any as the field itself isn’t a simple password box.

After further investigation I was able to find where Semagic stores the saved passwords in the Windows Registry. It was obvious that the password was encrypted and was stored in it’s entire form. Since Semagic is open source, I was able to find the code block which served as its password decrypter:

[cpp] m_password = m_app->GetProfileString(userkey, _T(“password”), _T(“”)); //Gets Encrypted password from registry
enc = m_app->GetProfileInt(userkey, _T(“obscure”), 0); //Checks to see if the password is ‘obscured’

if (enc) { //If password is obscured
LPTSTR str = m_password.GetBuffer(m_password.GetLength()); //Password
LPTSTR key = new TCHAR[m_user.GetLength()+1]; //Sets Key Size (Username + 1)
_tcsncpy(key, (LPCTSTR) m_user, m_user.GetLength()+1); //Copies Username to Key
LPTSTR orig = key;

while (*str) {
if (!*key) //If we’re OOB on the key, reset it
key = orig;
*(str) -= ‘a’; //subtract the value of ‘a’, which is 97, from the encrypted value
*(str++) ^= *(key++); //XOR bitwise based on the key
}
key = orig;
m_password.ReleaseBuffer();
delete[] key;
}

[/cpp]

So needless to say it was just a matter of debugging and some time before I was able to port the decryption routine over to a stand alone C# application.

[csharp]

for (int iLoop = 0; iLoop < Convert.ToString(sPassword).Length; iLoop++)
{
int iInputCharacter = (int)Convert.ToChar(sPassword.ToString().Substring(iLoop,1));

if(iXORCharacter >= sUserName.Length) iXORCharacter = 0;

iInputCharacter -= 97;
iInputCharacter ^= (int)Convert.ToChar(sUserName.Substring(iXORCharacter, 1));

textBox1.Text += (char)iInputCharacter;

iXORCharacter++;
}

[/csharp]

I’ve compiled a quick little program that’ll extract the usernames from the registry and display their passwords:

Semagic Password Decrypter

This program is 100% safe and won’t e-mail your password to me or any other silly crap like that. I just figured someone out there would need it as well.

Cheers!