Network Hacking Group fckD
Version: 0.1
October 2008
The Hacker's RFC
ABSTRACT
This document introduces best practices a computer hacker should
know about and implement for his own safety.
------[ Table of Contents
1 - Introduction
2 - Why this paper?
3 - Selecting a target
4 - Anti-forensics
4.1 - Full disk encryption
4.2 - Virtual Disk/Partition/Drive Encryption
4.3 - Cipher recommendations
4.4 - Encrypted communication
4.5 - Avoid logging
4.6 - Useful tools
5 - Notes on behavior and trust
6 - Keep yourself up to date
7 - Related reading
8 - Final words
------[ 1 - Introduction
The purpuse of this document is to write down fundamentals best
safety practices a hacker can use when hacking stuff.
This paper focuses on setting up a *secure* computer for real
hacking attacks.
------[ 2 - Why this paper?
The main reason I decided to write this paper is to promote real
computer hacking and help out people who are willing to do real
stuff by sharing a bit of what I have learnt from my experiences.
I would like to add an extra paragraph to say that most of hacking
challenges and hacking plateform like WebGoat do not represent the
reality. So if you really want to improve you should go wild with
all the risks that means.
------[ 3 - Selecting a target
When choosing where to hack for fun these are the best practices:
- blacklisting:
* avoid your own country
* avoid good friends of you own country
* avoid countries you may want to go live in
* if you are living within the european union it is preferable
not to hack into countries that are members of the union
- whitelisting:
* select somewhere far like Peru, Chili, Argentina, Aruba, Yemen,
Uruguay, Mongolia, Liberia, Korea, Cambodia, Gabon. An exaustive
list of countries can be fount in [1].
* select countries in a cyber war like Georgia with Russia
Once you have choosen which part of the world to target you could
look at its url country code [1].
------[ 4 - Anti-forensics
This section focuses on setting up a computer *protected* against
forensics investigation(s).
---[ 4.1 - Full disk encryption
Installing a full disk encryption software to protect your files
is highly recommended. There's a list of free and open sources
tools available for you:
windows:
- Truecrypt [2]
- DiskCryptor [19]
linux:
- dm-crypt/Linux Unified Key Setup (LUKS) [3,4,5,6]
- EncFS [9]
- eCryptfs [10]
- Loop-AES [15]
bsd:
- GELI [7,8]
- CGD [16]
note: under linux or bsd remember to also encrypt the swap
partitions.
---[ 4.2 - Virtual Disk/Partition/Drive Encryption
If you need to encrypt a virtual disk a partition or a drive (e.g
usb drive), there's a list of free and open sources tools for you:
windows:
- Truecrypt [2]
- CrossCrypt [17]
- DiskCryptor [19]
- FreeOTFE [21]
linux:
- Truecrypt [2]
- Cryptoloop (Deprecated, known vulnerabilities) [18]
- FreeOTFE [21]
- eCryptfs [10]
- dm-crypt [21]
bsd:
- GBDE [20]
---[ 4.3 - Cipher recommendations
The following table is my personal recommendations when selecting a
cipher algorithm:
+----------------------------------------------------------------+
| PARAMETER | RECOMMENDATION |
+--------------------+-------------------------------------------+
| block cipher | AES, Serpent |
+--------------------+-------------------------------------------+
| symmetric key size | at least 128bits |
+--------------------+-------------------------------------------+
| hash functions [12]| SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512)|
| | Whirlpool |
+--------------------+-------------------------------------------+
| key generation | follow PKCS#5 PBKDF2 [13,14] |
+--------------------+-------------------------------------------+
Cryptography for dummies:
- Ciphers: http://en.wikipedia.org/wiki/Cipher
- Block ciphers: http://en.wikipedia.org/wiki/Block_cipher
- Block size: http://en.wikipedia.org/wiki/Block_size_%28cryptography%29
- AES: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
- Serpent: http://en.wikipedia.org/wiki/Serpent_%28cipher%29
- Hash function: http://en.wikipedia.org/wiki/Hash_function
- SHA: http://en.wikipedia.org/wiki/SHA_hash_functions
- Whirlpool: http://en.wikipedia.org/wiki/WHIRLPOOL
- Passphrase: http://en.wikipedia.org/wiki/Passphrase
- Weak key: http://en.wikipedia.org/wiki/Weak_key
- LinuxCryptofs: http://wiki.boum.org/TechStdOut/LinuxCryptoFS
---[ 4.4 - Encrypted communication
To protect your messaging communications you can use the following
open source and free tools:
- pidgin + pidgin-encryption (pidgin-encrypt.sourceforge.net)
- pidgin + pidgin-otr (pidgin-encrypt.sourceforge.net)
- kopete + kopete-otr (kopete-otr.follefuder.org)
- irssi + irssi-otr (irssi-otr.tuxfamily.org)
---[ 4.5 - Avoid logging
Avoid logging anything that could record what you are doing on your
machine. Make sure you do not record you msn, gtalk, irc etc
communications, specially if you are communicating with your fellow
hackers through those protocoles.
---[ 4.6 - Useful tools
Passwords generator:
- makepasswd (linux, bsd)
- PWGen (windows)
- Advanced password generator (windows)
- PC Tools Password Generator (online: www.pctools.com/guides/password/)
Anti-forensics:
- Timestomp, that allows you to modify all four NTFS timestamp
values modified, accessed, created, and entry modified.
- Slacker, tool that allows you to hide files within the slack
space of the NTFS file system.
- Sam Juicer, a Meterpreter module that dumps the hashes from the
SAM, but does it without ever hitting disk.
Secure file deletion:
- Eraser (windows)
- Evidence eliminator (windows)
- WinClear (windows)
- Window washer (windows)
- shred (linux)
- srm (bsd, linux)
- wipe (linux)
------[ 5 - Notes on behavior and trust
Avoid talking about your hacking activities to anyone that is not
directly related to what you are doing. Even if your purpuse is only
to improve your own knowledge, always remember that hacking is
considered to be illegal in most countries.
Avoid looking for fame. Keep in mind the good spirit of someone who
is just having fun and is not looking for anything else. Fame will
only draw attention on you.
Do not trust anyone completely even the people you are working with,
always make sure to back yourself up.
------[ 6 - Keep yourself up to date
It is important to keep yourself updated on what's going on in the
digital forensics world. I recommend following rss feeds of those
sites:
- www.forensicfocus.com
- computer.forensikblog.de
- volatilesystems.blogspot.com
- www.securiteam.com
Adapt yourself to new forensics techniques and discoveries.
------[ 7 - Related reading
Anti-forensic techniques, http://www.forensicswiki.org/wiki/Anti-forensic_techniques
Anti Forensics: Making Computer Forensics Hard, http://ws.hackaholic.org/slides/AntiForensics-CodeBreakers2006-Translation-To-English.pdf
Anti-Forensics: Techniques, Detection and Countermeasures, http://www.simson.net/ref/2007/slides-ICIW.pdf
The Computer Forensics Challenge and Anti-Forensics Techniques, http://www.h2hc.com.br/repositorio/2007/montanaro.pdf
Anti-Forensics, http://www.youtube.com/watch?v=q9VUbiFdx7w
------[ 8 - Final words
I hope this small paper could have helped you. Happy and safe
hacking to you!
fckD
REFERENCES
[1] Url country codes
http://ftp.ics.uci.edu/pub/websoft/wwwstat/country-codes.txt
[2] Truecrypt software
http://www.truecrypt.org/
http://www.truecrypt.org/downloads.php
http://www.truecrypt.org/docs/
[3] Linux Unified Key Setup (LUKS)
http://luks.endorphin.org/
http://www.saout.de/tikiwiki/tiki-index.php?page=LUKS
[4] Gentoo: System Encryption DM-Crypt with LUKS
http://gentoo-wiki.com/SECURITY_System_Encryption_DM-Crypt_with_LUKS
[5] Fedora: LUKSDiskEncryption
http://fedoraproject.org/wiki/Security_Guide/9/LUKSDiskEncryption
[6] Ubuntu: Installing Ubuntu 8.04 with full disk encryption
http://learninginlinux.wordpress.com/2008/04/23/installing-ubuntu-804-with-full-disk-encryption/
Ubuntu: Encrypted Swap and Home with LUKS on Ubuntu 6.06 and 5.10
https://help.ubuntu.com/community/EncryptedFilesystemHowto3
[7] Bsd: GELI
http://www.violetlan.net/bsd/25/DiskEncryptionwithgelionFreeBSD
[8] Encrypting Disk Partitions, FreeBSD Handbook, Chapter 18 Storage
http://www.freebsd.org/doc/en/books/handbook/disks-encrypting.html
[9] EncFS
http://www.arg0.net/encfs
[10] eCryptfs
http://ecryptfs.sourceforge.net/
[12] List of cryptographic hash functions
http://en.wikipedia.org/wiki/Cryptographic_hash_function#List_of_cryptographic_hash_functions
[13] PKCS #5: Password-Based Cryptography Standard
http://www.rsa.com/rsalabs/node.asp?id=2127
[14] PBKDF2 (Password-Based Key Derivation Function)
http://www.truecrypt.org/docs/pkcs5v2-0.pdf
[15] Loop-Aes
http://loop-aes.sourceforge.net/
[16] CGD
http://www.imrryr.org/%7Eelric/cgd/cgd.pdf
[17] CrossCrypt
http://www.scherrer.cc/crypt/
[18] Cryptoloop
http://www.tldp.org/HOWTO/Cryptoloop-HOWTO/
[19] DiskCryptor
http://freed0m.org/index.php/DiskCryptor_en
[20] GBDE
http://www.freebsd.org/cgi/man.cgi?query=gbde&apropos=0&sektion=4&manpath=FreeBSD+5.0-RELEASE&format=html
[21] dm-crypt
www.saout.de/misc/dm-crypt/
# milw0rm.com [2008-10-16]
