Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Web2Torrent
Posted by: kishord
Date: March 08, 2008 09:02PM

I just finished POC for what I call as web2torrent. User uploads binary data segments on blogs, mailing lists etc. All the data is linked to each other. The tools let you retrieve the files by reading the web pages.

An example is also included.

Here you go

Web Application Security Journ(ey)al



Edited 1 time(s). Last edit at 03/09/2008 09:09AM by kishord.

Options: ReplyQuote
Re: Web2Torrent
Posted by: tx
Date: March 09, 2008 01:43AM

interesting concept, I'll play with it a little.

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: Web2Torrent
Posted by: Kyran
Date: March 10, 2008 12:13PM

This could really be interesting for small-scale pirating or music sharing.
I'm rather sure most companies have better alternatives for normal distrobution though. Hah.

- Kyran

Options: ReplyQuote
Re: Web2Torrent
Posted by: Malkav
Date: March 10, 2008 01:20PM

call me perverted, but altough i don't see much interest with this system in mainstream music/warez sharing, its resiliency (using only basic web features) could make it the hummer of data exfiltration. in fact you could do much worse, using upload.php to explode the file between multiple micro httpd implementation as small HTLM files, then serving it through fast flux dns.

fastflux would make it much harder to do domain/ip based filtering, and of course you just can't filter the medium, as it is the plain barebones functionnality of the web.

my hat off for this creative use of web mister :)

----------------------------------------------------------------------------------------------------------------

Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
--Benjamin Franklin

Options: ReplyQuote
Re: Web2Torrent
Posted by: Martin
Date: March 10, 2008 02:11PM

Nice concept - been thinking about that for a while. What about expanding it to attempt to locate pre-existing segments of the web.

This would mean breaking down the segments much further, and you'd need to somehow CRC the segment, but it would mean that technically the data couldn't be taken down, because it would be truly distributed and all parts of the content hosted by different people.

http://www.the-mice.co.uk/switch/ Switch/Twitch
http://code.google.com/p/dotnetids .NETIDS

Options: ReplyQuote
Re: Web2Torrent
Posted by: Malkav
Date: March 10, 2008 03:16PM

i think that in case of directed data exfiltration we will need a way to isolate,
anonymize and protect the data if we 'share' a pool of data.

an example could be :

i have a random file that i want to exfiltrate. i prepare the file for uploading by splitting it in any number of required segment (with the adequate markup) then encrypting it with a chain of strong symmetric ciphers (AES256, blowfish, twofish...) and randomly upping it into an existing pool of similarly treated segments, each segment pointing to the other into the file (for performance) or not

downloading would include, testing the whole flat composite of segment with the symmetric cipher (which would statistically take half of the file to find the first segment) then serially getting each segment.

an external attacker wouldn't be able to predict the position of the various segments in the composite, not knowing the different keys rendering him unable
1 : to distinguish various segments
2 : to distinguish the composite from random

you could create a file of fixed size composed of pure random, then insert the segments one after the other

problems with this scheme :

1 : multiple users are into the position of the attacker. being unable to distinguish a valid segment from pure randomness means you have a high chance of overwriting and corrupting another segment

2 : the insertion process is fairly fast (which is coherent with a pressure to exfiltrate documents) but the retrieval process can be damn slow assuming the composite is large enough

3 : we are not really able to serve differents parts of the composite from different hosts, as the composite must stay stable, and ordering random is quite hmm. hard ?

----------------------------------------------------------------------------------------------------------------

Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
--Benjamin Franklin

Options: ReplyQuote
Re: Web2Torrent
Posted by: kishord
Date: March 10, 2008 10:19PM

@Malkav: I am finding it little hard to understand you. Do you mean that we encrypt [segment 1+key for encryption of next segment] and then keep doing that so that key for n+1st seg is encrypted with the nth segment? By "randomly upping" do you mean that the segments are chained in any random order but the order will be restored after decryption?


@Martin: "What about expanding it to attempt to locate pre-existing segments of the web." do you mean that we get base64 representation of a segment and do a google query on part of it to see if it has been uploaded somewhere already? Or do you mean that we search for _wt_begin_ in the web pages?
Again, am I getting you right? My idea was that each segment will reside on n different servers and link to all of these segments will be available in the previous segment. That way, if one site brings the next segment down, the other n-1 links are still there.

Web Application Security Journ(ey)al

Options: ReplyQuote
Re: Web2Torrent
Posted by: fragge
Date: March 11, 2008 12:07AM

Cool PoC, testing now

Edit: what's with the filesplit? why are you printing the interval sizes, and saving the segment code into 3 seperate files. Wouldn't it be easier to print the segments to the page so the user can copy them straight from page to blog? :) I'm going to make your code pretty and useable ^^



Edited 2 time(s). Last edit at 03/11/2008 12:29AM by fragge.

Options: ReplyQuote
Re: Web2Torrent
Posted by: Malkav
Date: March 11, 2008 04:25AM

@kishord:

yes, precisely. while the segments are randomly distributed in the composite, chaining them means you have only to do a full search for the first segment. more over it would permit to use existing encryption scheme such as OCB or CTR. by randomly upping i meant :

a large flat text file (hereafter the composite) is initially built with random. when you want to upload your segments, you randomly distribute them in the composite. as there is no way to distinguish pure random from encrypted data in high entropy cipher such as AES256, the only way to get back the file is reading the whole file, then window decipher it with a known key. assuming the deciphering window is the size of segments, you should decrypt the first segment in one pass (the other segment being unreadeable, their cipherkey being weighted with the n-1 segment) which will lead you to the position of the other segments sequentially.

i admit that it is a crude method, and far far away from being optimal.
but it start to get interesting :)

----------------------------------------------------------------------------------------------------------------

Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
--Benjamin Franklin

Options: ReplyQuote
Re: Web2Torrent
Posted by: kishord
Date: March 11, 2008 07:46AM

@fragge
Thanks.
Filesplit is the utility I used to split the files. You may use something else. As you said, it would be nice to output the segments into the page output.

But I was thinking of following:
Split file into segments, append the header and trailer to the last segment.. upload it get the URL(this url is added to the second last segment).. then go to the second last segment...... and so on.
Note: all this could be automated, hence no need for outputting the segment into the output of filesplit. Typically it would take another bookmarklet or a blogging plugin to do the uploading.

BTW: you could choose the number of segments you want using a parameter in filesplit.

Web Application Security Journ(ey)al

Options: ReplyQuote
Re: Web2Torrent
Posted by: kishord
Date: March 11, 2008 07:50AM

@Malkav: you approach sounds interesting to me.
But my real intention was to share files among web users.

We will need checksums and hashes so that users will get the right data and attackers will not be able to modify intermediate segments. The first segment would typically come from a trusted source and will contain hash for the whole file.

Web Application Security Journ(ey)al

Options: ReplyQuote
Re: Web2Torrent
Posted by: fragge
Date: March 12, 2008 12:11AM

is it possible to perform the bookmarklet's job on the page without needing to use a bookmarklet? ie: the redirect performs the JS on the page. I haven't looked at any of the JS yet.. Made a nice options screen tho, and made everything very pretty :) This idea is imho exceptionally brilliant, although Base64 expands the size of the file.. Not good for sharing big files... but then again, its free and sneaky :D

Options: ReplyQuote
Re: Web2Torrent
Posted by: kishord
Date: March 12, 2008 01:09AM

yes it is possible but we will need e.g Greasemonkey. I am planning to do that soon.

GM script will detect if there is a segment on the page, if yes, it will do what bookmarklet does.

Web Application Security Journ(ey)al

Options: ReplyQuote
Re: Web2Torrent
Posted by: fragge
Date: March 12, 2008 10:03PM

I have officially hijacked your project - I can't stop working on it, too fun. Perhaps we should collaborate? I'd put up a link to my current version of this, but it would give too much up about my corporate intranet :\ and I cbf hosting it properly because 1) it shouldn't be hosted online and 2) its not finished :) Here's a screenshot of the basic UI (uploader.php page) I did in an hour this morning:

http://img181.imageshack.us/img181/9004/w2t4fe9.png

http://img138.imageshack.us/img138/5355/w2twm4.png

http://img72.imageshack.us/img72/8303/w2t3ti3.png

http://img217.imageshack.us/img217/8031/w2t2le1.png

This tool is funky :)



Edited 3 time(s). Last edit at 03/13/2008 12:31AM by fragge.

Options: ReplyQuote
Re: Web2Torrent
Posted by: kishord
Date: March 13, 2008 01:32AM

Nice!

I have just uploaded the new file. It now contains a grease monkey script. Just install it and load the page containing the first segment in the browser. And it takes care of rest.

So you either install fetch.js and bookmarklet or you install this GM script.

Web Application Security Journ(ey)al

Options: ReplyQuote
Re: Web2Torrent
Posted by: Malkav
Date: March 13, 2008 01:19PM

wow.
impressive fragge, i think you two are definitely on something hot :)

i am totally sorry that i can't invest much time on this project, but launching business is quite time consuming... anyway i will follow closely this one.

anyway, as it is ajax, do you have any report of its crossbrowser compatibility fragge ?

props up guys.

----------------------------------------------------------------------------------------------------------------

Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
--Benjamin Franklin

Options: ReplyQuote
Re: Web2Torrent
Posted by: fragge
Date: March 13, 2008 04:13PM

I will be getting a massive project to begin work on today, but while I have a little free time, I'll test compatability in IE6 & Firefox 2 today. If I get a good chunk of time, I'll run it on another box for IE7 and 8 and safari. Will download the greasemonkey script and test it kishor :)

Edit: Script runs like a charm, I'm going to change your code a bit though. Bookmarklet doesn't run in IE6, will try to do a version of your GM script for Turnabout in IE, see if I can get it working today



Edited 1 time(s). Last edit at 03/13/2008 04:44PM by fragge.

Options: ReplyQuote
Re: Web2Torrent
Posted by: darknessends
Date: May 14, 2008 03:00PM

Claps for this talented man.....I am feeling it will rock the internet in future, it will just need some exposure and a team work.

Options: ReplyQuote
Re: Web2Torrent
Posted by: fragge
Date: May 15, 2008 05:55PM

I'm 99% sure I already replied to this.. anyway, this project is being continued by me (and anyone who wants to help dev?) here:

http://houseofhackers.org/group/australianit/forum/topic/show?id=2092781%3ATopic%3A10665

Next version should be done today if I'm not too busy.

Options: ReplyQuote
Re: Web2Torrent
Posted by: darknessends
Date: May 16, 2008 08:09AM

I am really not a PHP programmer, if can help if we port it to ASP.NET

Options: ReplyQuote
Re: Web2Torrent
Posted by: fragge
Date: May 25, 2008 07:13PM

kishor, just wondering - are you interested in developing this with me? I'm currently working on version 4 (0.0.4) of this, new UI is pretty much done, pretty basic, have heeeaps of ideas that I'm working, just wondered if you wanted to be a part of development & ideas.. I have your name up on the poxy little copyright, but I can take it off if you want, just thought I'd credit you. Anyone who's interested in dev for this can pm me/contact me at http://houseofhackers.org/group/australianit and I'll throw you the current build. I'm in the process of transferring the old files to the new skin at the moment, when that's done I'll start on a new page idea I have at the moment. Cheers :)

Options: ReplyQuote
Re: Web2Torrent
Posted by: Kyran
Date: May 30, 2008 03:55PM

I don't know that much PHP, but I'd like to help out where I can for this. It might be good to help learn anyways. :P

- Kyran

Options: ReplyQuote
Re: Web2Torrent
Posted by: fragge
Date: June 04, 2008 02:15AM

Kyran Wrote:
-------------------------------------------------------
> I don't know that much PHP, but I'd like to help
> out where I can for this. It might be good to help
> learn anyways. :P


Cheers, I'll get in touch with you shortly about the project, and provide you with a zip of the current build, ideas/features I'm working on, any ideas you may have, improvements, etc etc through a pm or something on here, gotta leave work first :)

Options: ReplyQuote
Re: Web2Torrent
Posted by: kishord
Date: June 15, 2008 06:58PM

Sorry guys I have been away for quite a long time. Currently I am doing an internship and hence getting very little time. I would certainly like to join you after the internship gets over after about two months. (I am not good at PHP though :P )

Web Application Security Journ(ey)al

Options: ReplyQuote
Re: Web2Torrent
Posted by: Kyran
Date: June 16, 2008 02:14AM

Still waiting for that zip!. ;D

- Kyran

Options: ReplyQuote
Re: Web2Torrent
Posted by: fragge
Date: June 19, 2008 08:12PM

Sorry for the delay, I've been exceptionally busy at work. I will post here again (probably near the end of next week, completely dependant on time) when I have a working zip to throw accross to you guys, I sort of left the skinning process half done, and left the downloader un-usable. Update shortly ;)

Options: ReplyQuote


Sorry, only registered users may post in this forum.