How to Program in C


Published: Oct 16, 2002 Updated: Oct 16, 2002 Section: Network Security Library :: Harmless hacking book Author: Company: WindowSecurity.com Printable Version Adjust font size: Rating: 3.1/5 - 59 Votes 1 2 3 4 5

_________________________________________________________ Guide to (mostly) Harmless Hacking Vol. 5 Programmers' Series No. 4: How to Program in C, part 1 _________________________________________________________ New hackers have been going by the droves to the top two places to get computer break-in programs: http://www.rootshell.com and http://www.netspace.org/lsv-archive/bugtraq.html. Then they try to stick these things into the windows of their Web browsers, throw them at their would-be victim computers via telnet and ftp, print them out and burn them at altars. OK, I'm exaggerating, but only a tiny bit. Their problem is that they don't know how to use these exploit programs. The reason for this cluelessness is that they don't know how to program. To be specific, they don't know how to program in C on a Unix type computer! The problem is that there are so many super easy ways to break into computers, and so many hackers who never learned to program, that lots of people assume it is all easy. But if you are serious about breaking into well-defended computers, and especially if you are serious about learning how to defend Unix type computers, you must learn how to write, patch and compile C code into working programs. If you aspire to become an Uberhacker against Unix systems, you absolutely MUST become a C programmer. One heck of a good C programmer! If you want to escape us playing practical jokes on you when you play Hacker Wargames, you absolutely MUST become a C programmer. ********************************************************** In this Chapter you will: * Learn why you must be able to compile C programs if you want to patch security holes * Learn how to link and compile C programs * Write your first C program * Discover that C can be fun and easy * See a C exploit program explained * Learn basics of porting C exploit programs so they will compile and run successfully on your particular computer. ********************************************************** In order to do this lesson, you must have a shell account, whether at an ISP or by running some kind of Unix on your home computer. DO NOT email us asking how to get a shell account! The answer is in the chapter "How to Get a Good Shell Account." Why is C the single most important programming language for a hacker to learn? C is the language in which the Unix class of operating systems is for the most part written. It also is the language of almost all applications that run on Unix. As one of my hacker friends who insists on anonymity explains, both Unix and C "were developed by the same team at Bell labs, and compliment each other nicely. Unix was not originally written in C, but was re-written in C to make it easier to understand/maintain/debug and a lot of other reasons. This was not without controversy, but it was Ritchie's decision (the inventor of C), and I believe he was proven right." Not surprisingly, then, most exploits are also written in C. True, you don't even need to learn to compile a C program to use these exploits -- if you can get someone else to give you a version of that exploit compiled to run on the type of operating system and shell you are planning to use for the break-in. ********************************************************** Newbie note: Wonder why there are all those "Free Kevin Mitnick" Web sites in the haxor scene? Many people think it is ludicrous to keep that man behind bars because he was such a lame hacker that he apparently didn't even know how to program. In fact, there is evidence that he didn't even compile his own C programs! There are transcripts of him on IRC begging his friends to compile programs for him. ********************************************************** C is especially important for White Hat hackers because you don't have a prayer of a chance to patch security holes in your computer unless you can compile and run C programs to fix the problem parts of your operating system. Meino Christian Cramer adds, "And: using precompiled binaries/executables is always a risk. Think of the ... viruses introduced to computers by simply executing 'I-believe-it-has-no-virus'-programs. Using the source code instead... you can check the code for "back doors" and 'traps' -- which means you have to learn 'the one and only' C..." C also is good for hacking because it is able to run "low level" code as part of its language. In programming, "low level" means that you can play with the most basic things on your computer, for example opening and closing sockets or linking to the information on what sockets are open at any given instant. ********************************************************** Newbie note: A socket is a round-trip or two-way network connection. For example, when you telnet into another computer's login sequence, you connect to port 23 on that computer. It completes a round-trip connection by assigning some high number port, for example port 3587, to complete the socket. If you have a shell account on a good ISP, you can see everyone's sockets by giving the "last" or "netstat" commands. ********************************************************** Another important thing about C being a high level language that easily incorporates low level (assembly language) commands is that you can write it to run super fast. How to Turn C code into a Working Program One of the great character flaws -- or is it strengths? -- of most hackers is a burning desire to make something work RIGHT NOW, DARN IT! Are you ready to become a C programmer? How about becoming one NOW! The first thing you need is a C compiler. While in your shell account, give the command "cc". If you get the message "command not found," try the command "gcc" If these don't work, try "whereis cc" , "whereis gcc", "which cc" (in Linux), "locate cc" or "locate gcc". If none of those work, complain to tech support at your ISP. Don't email us, because we can't help you with this problem! If you have a free shell account, and it doesn't offer a C compiler, maybe you should consider paying for a good shell account. If these commands tell you where the C compiler is, try either changing to that directory or including a path statement to that directory in your login script. So, are you ready to write your first C program? At the prompt in your shell account, type "pico hello.c". The command "pico" brings up a super easy editing program. All the commands are listed at the bottom of the screen. Even I could learn how to use pico in a few minutes without help. ******************************************************** Newbie note: Don't worry if you make mistakes with pico. There is nothing you can do to seriously hurt your computer unless you are root. How do you know if you are root? If you have to ask this question -- you aren't:) ******************************************************** If you can't find pico, or if you are one of the rare people who hasn't learned yet to program in C, yet who knows how to use a more advanced editor, try "man vi" or "man emacs" to learn how to use a more powerful, but harder to understand, editor. At the prompt in your editor, type in these lines exactly the way they are here. #include void main() { printf( "Hello, hackers!\n" ); } Next, save this program with the command "control-X". Now give the command "ls". This will reveal that you now have a file named "hello.c". The "c" at the end of this file name identifies this as a file containing C commands. Congratulations, you are already halfway to making your own C program. However, at this point, if you type in the command "hello" or even "hello.c", just like you would to run a shell script (program), nothing will happen. That is because this file is still just "source code," a listing of commands that your computer doesn't understand. This is different from shell programs which only have commands that your computer already understands without having to compile them first. Shell programs are called "interpreted" languages, meaning your computer can automatically interpret the shell commands you give it. By contrast, C is a language that must be compiled before you computer understands what you are asking it to do. So our next step must be to compile hello.c. Give the command: cc hello.c Or, if this doesn't work, give the command "gcc hello.c". Throughout the rest of this chapter we will assume "cc" is the correct command, so if you need to give the command "gcc", please replace cc with gcc in everything below. ******************************** Wizard tip: Your system may offer a choice of C compilers. On some systems "cc" will run a compiler written by the company that also wrote the operating system for your computer, while "gcc" will run the GNU C compiler. Every C programmer I know says the GNU compiler is best. ******************************* What this does is 1) start your C compiler running with the "cc" command 2) with the 'hello.c" part of the command you tell the compiler where to find the source code you just wrote. 3) the compiled program is, in most cases, automatically stored as a.out. (If it wasn't stored as a.out in your case, you will get the solution to your problem in a few more paragraphs.) Now -- the big event. Let's run your first program. Simply give the command "a.out". Your computer should say back to you, "Hello, hackers!" Congratulations! You are now a C programmer. Did your program not run? Let's do some trouble shooting. First, say over and over again, "I love Unix. I swear I do! Honest! I love C, too!" Now try to compile and run this program another way. You start with the same code as before, which is saved in the file "hello.c". However, this time, give the command: cc -o hello hello.c What this does is: 1) start your C compiler running with the "cc" command using the -o switch. A quick use of the command "man cc" tells us that the switch "-o" after the "cc" tells your compiler to output the compiled version as a file with the name of your choice. 2) the "hello" part of the command tells the compiler that this is what you want to name your compiled program 3) with the 'hello.c" part of the command you tell the compiler where to find the source code you just wrote which you input into the compiler. Now -- simply give the command "hello". Your computer should say back to you, "Hello, hackers!" Congratulations! You are now a C programmer. Still doesn't work? Try giving the command "chmod 700 hello". STILL doesn't work? This is a long shot, but maybe it will solve your problem. If your shell account is set up like mine, no program can execute from the home directory. It's a precaution I take against Trojans. (Imagine this, sometimes meanies put surprises in my account.) However, I have a directory named "bin" in my account. Normally on Unix systems we name directories that hold programs "bin". On my account, that's where I put the programs I write. So look for a directory "bin" under the home directory in your shell account. If it doesn't exist, create it with the command "mkdir bin". Don't forget to give the command "chmod 700 ~/bin" afterwards! Move "hello" into it with the command "mv hello bin/hello". STILL DOESN'T WORK??? Here's the bad news. There are so many kinds of Unix, and so many shells to interpret your commands, and so many ways to configure Unixes -- I may not be able to solve your problem. As the C bible that we like to call simply "K&R" (The C Programming Language by Kernighan and Ritchie) warns, "Just how to run this program depends on the system you are using." So don't phone or email me for help. Call tech support at your ISP! That's what you are paying them for, right? They WILL get your C program working -- if they allow users to compile C programs. You may even make friends with the tech support guy you call, as it is really rare and usually makes tech support guys happy when a customer asks a programming question instead of the usual lame stuff. However, before calling tech support, maybe you had better rewrite your program first to say "Hello, world" instead of "Hello, hackers!" just in case the tech guy you talk to is paranoid enough to kick you off for trying to be a hacker. "Hello, hackers!" Program Explained So how did this program work? Let's look it over line by line. The first line is "#include". This simply tells the computer how to accept input and make output ("stdio" is short for "standard input and output.") If you were to leave this line out, the computer wouldn't know how to output the message "Hello, hackers!." The second line is "void main()". It tells the computer this is the main function under which all other C functions will run. "Main" might use many other functions (programs) while it is running, in this case the stdio program. The "void" tells the program that it doesn't have to pass a value to any other program when it is done running. You don't have to write "void" in front of "main()," but it's good programming practice. The third line is just one character: "{". This tells your computer to expect the beginning of the main function. The fourth line is "printf( "Hello, hackers!\n" );". The "printf" command tells the computer to use the stdio program to figure out how to print something to your monitor screen. "( "Hello, hackers!\n")" tells it what to print: the words "Hello, hackers!" followed by \n, which means "enter" (or "new line"). You have to have a new line command so your program will give a prompt back to you after it has run. The ";" tells the C compiler that this is the end of this command, that whatever it sees next is the start of a new command. The last character is "}" which simply means it is the end of the main function. Why C Exploit Programs Might not Work Now comes the big question. You download a bunch of exploit programs and try to compile them and they don't work. Aha, you have just discovered why hacker gangs are so popular. There are many groups of criminal hackers out there who help each other out by figuring out how to compile exploits. That is how Kevin Mitnick got as far as he did -- he had his buddies compile programs for him. However, I presume you are reading this not to become a criminal, but because you are willing to do a little work, and learn enough to not only break into computers -- but learn how to defend them, too. For this you must become good at C programming. Here's how to get good. 1) Buy the book The C Programming Language by Brian W. Kernighan and Dennis M. Ritchie (Prentice Hall, second edition, 1988). This is the Bible of C programming. Real hackers simply call it "K&R." You can get eliteness points by responding to guys who talk reverently about "K&R" by saying, "Oh, yes, Kernighan and Ritchie. Brilliant book." The reason this book is so good is that one of the authors, Dennis Ritchie, is the creator of the C language. Valerie Henson adds, "K&R is almost magical in the way it explains C. I have strong feelings about this book. :)" You can buy it from anywhere in the world at http://www.amazon.com. 2) You will quickly discover that no one book on C will tell you all the possible commands. If you want to learn as much as possible about C, you need to study the source code of C programs you admire. With each line, use the "man 2" command while in your shell account to learn about it, for example, "man 2 write". (This presumes your sysadmin has installed the man pages for C.) Then try writing some small programs to test each command to make sure you understand what it does. For examples of elegant C program source code complete with explanations, get Internetworking with TCP/IP Volumes 1,2 and 3, by Douglas Comer and David L. Stevens (Prentice Hall, 1995). Volumes 2 and 3 are almost all C source code. 3) You will absolutely hate this. Just as there are many kinds of Unix and many different Unix shells, there is more than one version of C out there. But help is on the way. There is a version of C called ANSI C (for the ANSI standards board) which is coming to be widely accepted. All we have to do now is persuade the people who write programs to break into computers to adopt the ANSI C standard! 4) You might need to find some new friends who will help you figure out what to do to successfully compile and run some obstreperous C program. Try enrolling in a course on C at a GOOD college or university. However, talk to the other students or the professors before you spend money signing up for a course. I swear this is true, one college teaches C using C for Dummies as a textbook. While that book may be helpful for home study -- surely a college professor can show his or her students enough respect to teach from K&R! However, if you can get a good college course, don't expect to learn how to compile exploits from it! What you can do is hang out with students and teaching assistants and professors and meet people who can give you help on how to modify programs so they will compile on your computer. If you can't find a good college nearby, another possibility is to join a Linux Users Group (LUG). To find one in your neighborhood, see (http://sunsite.unc.edu/LDP/). Cramer suggests, "try to post question to newsgroups and mailing lists (that discuss C programming). But ... Posting a question like "My hello.c prints 'Hello, good bye' instead of 'hello hackers -- what should I do?' to a mailing list -- say -- the Linux kernel developers list, will give you -- hrmmm -- some interesting results..." Or get a job doing tech support at a local Internet Service Provider. Usually there will be some talented C programmers working there. Whatever you do, don't join a gang of computer criminals! They usually know much less about C programming than do computer science students, Linux User Group members, and employees of ISPs. 5) Read Meino Christian Cramer's Guide to C programming at the Wargames page on http://www.happyhacker.org. Try emailing questions to him at the address on that Web page. He gives a great overview of the most important concepts in C programming, with some example programs for you to write. _______________________________________________________________________ Where are those back issues of GTMHHs and Happy Hacker Digests? Check out the official Happy Hacker Web page at http://www.happyhacker.org. We are against computer crime. We support good, old-fashioned hacking of the kind that led to the creation of the Internet and a new era of freedom of information. But we hate computer crime. So don't email us about any crimes you have committed! To subscribe to Happy Hacker and receive the Guides to (mostly) Harmless Hacking, please email hacker@techbroker.com with message "subscribe happy-hacker" in the body of your message. Copyright 1998 Carolyn Meinel. You may forward, print out or post this GUIDE TO (mostly) HARMLESS HACKING on your Web site as long as you leave this notice at the end. _________________________________________________________ Carolyn Meinel M/B Research -- The Technology Brokers http://techbroker.com