Introduction
Number 0x02: 15/02/2007, Aedes aegypt. Aedes aegypt: Mosquito of the Culicidae family, is the most efficient vector of dengue and yellow fever transmission in tropical countries.
[ --- The Bug! Magazine
_____ _ ___ _
/__ \ |__ ___ / __\_ _ __ _ / \
/ /\/ '_ \ / _ \ /__\// | | |/ _` |/ /
/ / | | | | __/ / \/ \ |_| | (_| /\_/
\/ |_| |_|\___| \_____/\__,_|\__, \/
|___/
[ M . A . G . A . Z . I . N . E ]
[ Numero 0x02 <---> Edicao 0x01 <---> Artigo 0x00 ]
.> 14 de Fevereiro de 2007,
.> The Bug! Magazine < staff [at] thebugmagazine [dot] org >Released in February in honor of the Unidos do Caralho a Quatro: Samba, sweat and bastardry. Long live carnaval!
Prologue
Respectable audience! The staff of The Bug! Magazine proudly presents the second issue of the most beloved electronic magazine in Brazil!
We are really happy for the great reception we had and the great comments about the first issue of the magazine, because we managed to please Greeks and Trojans, underground hackers and members of the security community.
Even after several and several problems, such as lack of free time, here we are launching, even with some months of delay, The Bug! Magazine 0x02.
We would like to reinforce that the magazine does not discuss ethics. We believe that everyone is responsible for their attitudes and it's not our place to judge people for their actions based on the information contained in the magazine.
Once again we are making an appeal to the community and ask for greater contribution with articles, preferably technical ones. We also take advantage of this prologue to ask the few "phone phreaks" in Brazil to come out of their dens and "central offices" to contribute and exchange ideas.
We leave here our thanks to everyone who collaborated by sending articles, suggestions, moral support and beers. Without you this edition would not be possible.
Release the rojoes! Wake up the police![*] Fill your faces and celebrate because The Bug! Magazine 0x02 is out!
PS: Now that the second issue has been released, the digital ants can now eat in peace the remains of the electric cockroach :)
Articles
0x01 : The Bug! Magazine interviews: Phiber Optik
Once again The Bug! Magazine comes exclusively with a heavy interviewee. The legend Phiber Optik is interviewed by the magazine's team and shows his point of view on issues related to hacking and talks a little about the history of the golden age of the international hacker scene.
0x02 : Introduction to Development of LKMs (Linux Kernel Modules)
Strauss presents to everyone interested in the Linux kernel with an excellent introductory paper for creating LKMs in the 2.6 kernel.
The text is very didactic and it is certainly possible to make your first LKMs as soon as you finish reading it. Besides, this article will give the reader a great base for a deeper study of the kernel and its subversion techniques.
0x03 : Kless, connecting to void and getting out alive
The text made by setuid_ presents a project created by him, kless, and describes in detail the implementation of stealth backdoors in user-land, in a way that allows the remote execution of commands using the TCP/IP suite, but without the need to open any port on the server.
The intention of the text and the programs developed as proof of concept is to point out the several ways by which it is possible to subvert the security of a system.
0x04 : TUN/TAP - Virtual Networks and their practical applications
In this article thotypous presents a very useful tool for the development of applications in the security area, the TUN/TAP virtual network driver, focusing on its use from Linux and BSD systems. Two applications that use this tool are also developed: a simple VPN to protect point-to-point networks, and a tool to exploit the authentication weaknesses in the PPPoE protocol, useful especially in Wi-Fi networks.
The implementations are made in Python language and are well commented, making them easy to understand.
0x05 : WEP - analysis of vulnerabilities and attacks
Once again the magazine appears with an article about weaknesses in wireless environments. wishbone comes with an excellent paper that describes not only part of WEP's operation, but also details several attacks on this type of security mechanism, information never before seen in Portuguese and of high quality.
0x06 : The Guide to Raw Socket and Attacks in Network Environments
If you always wanted to learn raw sockets but didn't have any material in Portuguese, your problems are over. The dynamic duo sandimas and hash comes with an article/tutorial divided in two parts: The first part is about writing programs that use raw sockets for both ethernet and IPv4, and the second part technically covers several common attacks in various network environments.
0x07 : StMichael: Protecting the Linux Kernel Integrity
The great Rodrigo Rubira Branco (BSDaemon) and Lucio Correia show us a very good paper about how St. Michael works, one of the most famous and sophisticated intrusion detection systems for the Linux kernel.
PS: This paper was presented at SSI 2006, at ITA, and reproduced in this magazine with the authorization of the authors.
0x08: Intrusion Detection Systems: Part II
In part II of his article, y0Rk elaborates a basic implementation plan, with loose tips that go from positioning to the care when implementing filters.
0x09 : MiSC: /dev/random stuff
This section contains short texts with a broader content than the usual ones presented in the magazine.
For those who like hardware, _Dr4k0_ comes with a short text about chipsets. There is also a short article about Linux From Scratch by F-117 and then a mini-text about phishing in orkut by lvwr.
0x0a : The Bug! Magazine review: 23rd Chaos Communication Congress
The staff of The Bug! Magazine staff was present at the 23C3, one of the biggest and best hacker events in the world, and tells us all about what happened there in Germany.
0x0b : The Bug! Magazine review: Hackers To Hackers Conference III
Once again, The Bug! staff was present at H2HC and gives their comments about the event.
[*] Excerpt copied from issue 1 of the Masters of Shadow (MoS) zine, 1997.
Acknowledgments
We leave here a special thanks to those who made possible the release of the second edition of our magazine:
Vinicius Gomes < vinygomes [at] hotmail [dot] com >
For the logo, built exclusively for The Bug! Magazine
Marcos Machado (http://www.istf.com.br), Renato Murilo Langona (http://www.linuxsecurity.com.br), Daniel Menezes (http://www.secforum.com.br) and the "i sh0t the sheriff" podcast (http://www.naopod.com.br) for their help in promoting the magazine.
Special thanks to all those who contributed with articles.
Licence
The contents of The Bug! Magazine is licensed under Creative Commons. The articles, codes and other information published on this site are property of their respective authors. The reproduction of any material, partial or total, is allowed, since the integrity of the content is preserved, as well as the references to the authors and the magazine. It is worth mentioning that it is forbidden to publish or reproduce the magazine by third parties, aiming at any kind of commercial activity.
The Bug! Magazine is not responsible for the information disseminated in the articles nor for any actions that may be taken from reading them. The magazine does not encourage any kind of illegal activity that can be committed with the use of the information obtained in the magazine's publications.
We ask for the reader's understanding if any errors are detected after the magazine has been released. It is not possible to thoroughly review all articles, and some errors will often slip through our review scheme. The problems detected and reported to the magazine edition will be analyzed and corrected with the next issue of the magazine.
It is worth mentioning that the authors and editors do not receive any kind of financial reward for the work done to keep the site updated and the periodicity of the magazine. All members have parallel activities and the content of the site is prepared in their spare time. Finally, we also highlight that the opinions expressed by the authors in their articles do not always reflect the opinions of the responsible for the edition of the magazine.
More details about the license for the use and reproduction of the journal content can be found at: http://creativecommons.org/licenses/by-nc-nd/2.5/deed.pt
Copyleft (c)(c) 2006-2007, The Bug! Magazine. Released under Creative Commons.
