Re: Searching for blind programmer to start a school for blind programmers

  • From: Christopher Coale <ccoale427@xxxxxxxxx>
  • To: programmingblind@xxxxxxxxxxxxx
  • Date: Sun, 10 Apr 2011 11:45:37 -0700

On 4/10/2011 11:20 AM, Sina Bahram wrote:
A shell exploit about six months ago, maybe a year. Closer to a year actually.
You wrote a shell exploit by writing an executable via a hex-editor? Not editing a dll's contents via a hex-editor?

And then op code by op code for a hypervisor, namely Xen, around their 3.2 3.3 
versions, and mainly in their page manager.
Again, you're saying that you wrote code for Xen that was purely writing an executable using a hex-editor? I'm not referring to emitting opcodes from a source (in JIT which it sounds like Xen does, since it's a virtualization software). You actually wrote the body of the software using a hex-editor, not an IDE? I can't imagine you being picked up on a development team if you do that.

Then there was the virtual machine introspection stuff which was bit for bit 
analysis, in memory, at real-time. There's actually a
paper on that one, if you'd like.
In memory, at real time? Tell me.. how can one dynamically write an application that runs in real-time while editing the bytecode using a hex-editor? (see my last response)

Let's see, and then there was some malware analysis with a friend/colleague of 
mine, but that was mainly him, and I was just having
fun.
Again, malware software is going to use a source (C, C++, C#, whatever) to read in an executables bytecode and determine the behavior. This is far from writing an application in machine code via a hex-editor.
Oh yes, and stepping through some code for a friend's engineering project, byte 
for byte; however, that was an 8-bit, then a 16-bit
processor, so if that counts, then wonderful.
I find it odd that your friend consistently decided to write his machine code instead of writing an assembler for it. Must have been tough. I'm an EE/CS engineering student -- I would never think of doing that. To test specific instructions, sure. To test whole programs? Absolutely not.

I hope you realize a consistency in all of my replies here.. all of your examples were either editing a binary or emitting opcodes JIT. None of your examples were --writing a program in pure machine code using a hex-editor--. I think I've said that single phrase about 300 times now, and it's just not going through for some reason. -- Writing a whole program in pure machine code using a hex-editor -- is absolutely not an important skill. It just isn't.

-- Chris

On 4/10/2011 11:20 AM, Sina Bahram wrote:
Oh, and last year/semester I wrote a compiler, so I guess that counts.

I also collaborated on a paper to automatically prevent every single possible 
return oriented programming hack/technique by
modifying the compiler, namely LLVM, to rewrite all generated op codes without 
using a ret, so as to prevent alignment errors along
any kind of boundary, be they logical, page, byte, or otherwise; such that 
unprivileged jumps can't actually escalate themselves.
The researcher on that one then used this technique to recompile the entire 
kernel into a running system, think they settled on BSD
because of issues with Klang back then, using that protection technique. That's 
actually a great paper, and I'd recommend it to
anyone.

But, *shrug*, it doesn't come up all that often. I'm going to go back to 
writing speech recognition code into a computer vision
algorithm for Android because HCI is way more fun!

Bye for now

Take care,
Sina

-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx 
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Ken Perry
Sent: Sunday, April 10, 2011 12:40 PM
To: programmingblind@xxxxxxxxxxxxx
Subject: RE: Searching for blind programmer to start a school for blind 
programmers

I think you might find it was more recent than you think judging by what
Sina has been doing.

Ken

-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher
Coale
Sent: Sunday, April 10, 2011 12:27 PM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: Searching for blind programmer to start a school for blind
programmers

Stop being ignorant, Sina. You seem to be quite fond of the straw man.
So please, stop changing my words.

First of all, I agree that computer programmers need to understand the
basics. I never once said they didn't. I never once said that low-level
was bad. So if your whole point is that "understanding low-level is
important", then I agree and nobody is this thread thus far disagreed
with that claim. So then, given that, what is your point that makes me
wrong?

Sina, when was the last time you wrote a program from scratch using ONLY
A HEX-EDITOR?

On 4/10/2011 5:40 AM, Sina Bahram wrote:
Well, you definitely proved that I didn't need the other 65%, since your
message summed up exactly what my impression of the
discussion was.

And yes, I do feel it's important. Not crucial, or even necessary to be
successful, but most definitely extremely important.
Understanding the fundamentals is something that gets ignored day in and
day out.
Take care,
Sina


-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher
Coale
Sent: Saturday, April 09, 2011 10:36 PM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: Searching for blind programmer to start a school for blind
programmers
How kind of you to join, master. Can you tell me who said that low-level
was NOT important to know and understand? You admittedly stated that you
ignored 65% of the messages, but then tell everyone to take Ken's side?
Are you kidding me? You admit that you don't know what the argument
(friendly argument) is about, yet you still pick a side? Come on now...

Ken stated that --being able to write a program in pure machine code (no
compiler or assembler)-- is important. I disagreed saying that it is not
important. Knowing low-level concepts (like I pointed out earlier.. how
the processor works, operating system design, etc.) is definitely
important. Writing a program in pure machine code is an unnecessary
skill, not an important one.

On 4/9/2011 7:27 PM, Sina Bahram wrote:
I haven't read 65% of the messages in this thread, frankly because the
SNR is far too low.
So can you guys please just listen to Ken on this one?

low level is important to know and understand. End of conversation.

Now go do something fun. It's Saturday night.

Take care,
Sina



-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Ken Perry
Sent: Saturday, April 09, 2011 8:06 PM
To: programmingblind@xxxxxxxxxxxxx
Subject: RE: Searching for blind programmer to start a school for blind
programmers
I think we are just going to have to disagree on this.  While I doubt
anyone
is going to rush out and write a bit of Machine language I think it is
still
important to know how.  It's sort of like saying it's not important to
know
that there is a linker and what it does most people on this list will
never
know what the linker does because they deal mainly with High level
languages
but that doesn't mean the linker is not important.  Most people will
never
write machine language but when creating electronic circuits with smaller
chips it is a useful tool.  True you may never hand write it but in
creating
hardware it is very useful in reading it.  I just found learning to write
it
was very useful back in the good old Hack hardware cartridges days.  Sure
the Intel book has both got bigger and more complex but I just saw a post
where a guy wrote a hello world in Machine language just to prove it
could
be done.  Now I will point out he did it in Linux and he had to make his
own
linker of sorts well a shell linker all it did was write the file with
the
numbers he wanted but I think he did that just so he could use a normal
editor and he had to add the Aelf stuff on top but he did it in 120 bites
which I find pretty impressive since 80 of the bites were AELF stuff.
Anyway I am sure we are boring most of the people on this list.

Ken



-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher
Coale
Sent: Saturday, April 09, 2011 7:39 PM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: Searching for blind programmer to start a school for blind
programmers

Wait, you are adding new stuff in here. Yes, to me, it is important to
know how to optimize code for either size or speed. It is also important
to know how programs are executed and created (knowing the PE32 format,
for example); however, knowing how to write a program by scratch by
using a hex editor and writing pure byte code is not important. And, you
are misinterpreting my reason for saying it is not important. I'm not
saying it's not important because it is nasty studying. I'm saying it is
not important because it is simply not practical and teaches you no more
than studying assembly and operating systems (assuming you are actually
learning). And I didn't say it wasn't useful, either. Knowledge for
knowledge's sake is always good. But, I said it wasn't important. You
seem to be mixing up the knowledge required to do something and the
knowledge gained from doing said thing. In order to start editing a
program using a hex editor, you have to already have the knowledge to do
it (as in, you have to know that there is a data section, a symbolic
table, etc.). You gain no new knowledge (aside from knowing how to edit
executables) from editing, and/or writing, executables from within a
hex-editor.

On 4/9/2011 3:59 PM, Ken Perry wrote:
Oh really?  I found it very useful knowing how to minimize code and data
sections by hand.  It explains what compilers and linkers have to go
through
and ways to get around problems that exist.  It even is nice knowing how
exe
files are laid out.  I agree that it's a nasty bit of study to get to
that
point but I totally disagree that the knowledge is not useful.  In fact
if
you ever want to get involved with the GNU compiler group believe me
it's
useful.


Ken

-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher
Coale
Sent: Saturday, April 09, 2011 6:52 PM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: Searching for blind programmer to start a school for blind
programmers

My knowledge of how the processor works (by means of knowing assembly
and OS development) is useful. Knowing how to write a program using only
byte code is not (and I couldn't do it without many free hours and lots
of reference manuals, and even then it would be a difficult task). Not
to belittle your knowledge, but I'm just saying that being able to write
a program using a hex-editor (and if you can, more power to you) is not
very helpful in understanding how computers work; learning assembly and
learning operating system design is where it is important, I would say.

On 4/9/2011 3:45 PM, Ken Perry wrote:
Yes and us true geeks used to dream hex in our sleep.  I think there
are
still some of us left and I am no longer one, I know of all the
possibilities and I can still code in ASM for burning chips but I no
longer
dream in op codes and registers, memory locations and IRQ's.  All I was
saying is learning of the existence and how it works is invaluable to a
programmer even today.  Are you telling me your knowledge of the
subject
is
not useful?

Ken

-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher
Coale
Sent: Saturday, April 09, 2011 3:30 PM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: Searching for blind programmer to start a school for blind
programmers

I didn't say it was impossible (after all, how else would a compiler
work?) I said that it was asinine and impractical.  I say this because
the x86 instruction set is amazingly complex. Sure someone could use a
debugger to look around at machine code, that's not hard at all (in
fact, I do it a lot with vc++ to debug things and get performance
boosts). But, writing a binary file from scratch? I see it being
possible, but you would need to know the encoding of every instruction
you use. For example, "int imm8" is apparently 0xCD + the immediate
byte, so to do int 80h, you'd have 0xCD80. That is fairly simple, but
the "mov" instructions where you can have memory, immediate, and
register operands are difficult, and then for each memory, immediate,
and register operand you have an 8-bit, 16-bit, 32-bit, and for x64,
64-bit versions. It's no small feat to write a binary by hand.

Laugh yes I have read them and there was a time I could write some
very
good
stuff with nothing but a debugger.  Just because it's nasty don't mean
it's
impossible.  I was not even in the same class of some of the guys I
used
to
hang out with.  I knew one that won a programming contest who wrote a
program to display a naked woman with nothing more than Assembler and
a
text
editor.  As for machine language you can write it on your own if you
know
enough.  Unfortunately time has dulled my memory of useless interrupts
because we have so much easier ways to do things now.  I think I could
probably get a command line app to run with nothing but a hex editor
but
calling the GUI might be beyond me because you would have to do some
serious
digging to get that to work and sometimes the information is just not
available anymore.

Ken


Ken

-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of
Christopher
Coale
Sent: Saturday, April 09, 2011 2:23 AM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: Searching for blind programmer to start a school for
blind
programmers

What? Have you ever read the x86 information sheets? Teaching someone
assembly is a good way to teach them how a computer works -- having
them
write programs in pure byte code (especially for x86) is both asinine
and impractical.  Maybe not so much for an extremely extremely simple
virtual machine or basic processor, but complex instruction sets like
x86 are flat-out beyond writing op-codes by hand. If you don't believe
me, just take a poke at the NASM source code. ;)

On 4/8/2011 6:47 PM, Ken Perry wrote:
I am not quite as old as you but I come from the same time zone.  I
had
to
learn assembler to hack games on the Vic 20 and the commodore 64 and
the
TI
but more than that when I joined the Air Force and took on
Electronics
Assembler made my life easier.  Then later in life after I lost my
site
I
took software engineering and had to burn chips and while we could
have
wrote stuff in C it was much easier to control the registers and
stuff
with
ASM.  If we used C we allot of the time had to use special assembler
keywords to get things to work quite right.  If you look on the Fruit
Basket
page I was also insane enough to write the fruit basket in Assembler
for
windows xp and it runs in vista.  I am not sure if that runs in
Windows
7
but I should revisit it and make sure it does.  Lost knowledge is not
a
good
thing.  Assembler may not be a way I would write a project now days
but
if
you want to teach someone how your computers work there is only one
thing
better.  The one thing better is straight opt codes using a debugger
and
watching what is going on.  Well you could also write straight binary
files
like a good Fortran coder but who does that any more.  That what I
should
do
is create the fruit basket with nothing but a hex editor.

Ken


-----Original Message-----
From: programmingblind-bounce@xxxxxxxxxxxxx
[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Bill Cox
Sent: Friday, April 08, 2011 11:40 AM
To: programmingblind@xxxxxxxxxxxxx
Subject: Re: Searching for blind programmer to start a school for
blind
programmers

On Fri, Apr 8, 2011 at 11:16 AM, Littlefield,
Tyler<tyler@xxxxxxxxxxxxx>
wrote:
Assember?  Really?  You must be almost as old
as me!  I can't even find people who care about speed or memory
usage
anymore.
I love assembler. It's a great way to teach people what's going on
under
the
hood and make them think about what they do. Every time I see
someone
reserve a 100k buffer just because, I cringe. :)
We must be from the same generation.  I'm 47, and learned to program
in machine code on an 8080 based Intel board with a hex keypad and
some LEDs.  It was a couple of years before I found out that people
programmed using assemblers, rather than entering hex by hand.

I worry that the new generation's early experience with computers is
amazing games and technology so complex they could never
realistically
hope to understand it.  What's the natural path now days for kids to
go from playing computer games to writing them?  On the old Apple
IIs,
you just typed list instead of run, and there was all the code.

Bill
__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind

__________
View the list's information and change your settings at
//www.freelists.org/list/programmingblind


__________
View the list's information and change your settings at //www.freelists.org/list/programmingblind

Other related posts: