Novels2Search
An Exploration of Vulnerabilities
Time to wear the white hat

Time to wear the white hat

TIME TO WEAR THE WHITE HAT

Late in the night, Gerry couldn’t sleep at all, turning every few seconds back and forth to find relief in his bed, but guilt plagued him in his deepest mind. I don’t care about here at all! He tried to justify his actions, but instead, his mind drifted to the girl he might possibly hurt in exchange for what exactly? Although he didn’t love the girl whom he took advantage at all, he can’t ignore the feeling that he somehow betrayed himself; didn’t he promised her to be the best man? Even with the best effort to try sleeping, the bad thoughts didn’t want to leave him, no, they assailed his mind like a horde of unruly barbarians, screaming at his hypocrisy!

With no escape in sight, he turned to the only path his mind provided, to confront. Sitting on his bed with his phone on his sweaty hands, he tried to think what he should do. Should I tell the girl? No! That’s just plain dumb. In the end, he decided to call his friend who brought him the trouble anyways. Come on! Take the fucking call! After countless unsuccessfully tries to call his friend, he stopped and laid himself on the back on his bed as he stared at the white ceiling.

All of a sudden his phone played his ringtone, abruptly shaking him out of the stupor. He grabbed his phone and accepted the call with his trembling right hand right away.

“WHAT IS IT, MAN?!” Came the obviously irritated voice of his friend at the other end.

“Lucas, did you exacted our revenge?” Gerry thought over what to say, and he came to the conclusion that if he hurt someone then it should be worth the price paid.

“Eh… Yeah.” On the definitely enthusiastic reply, he could guess that something was off about his friend. Wouldn’t he normally tell everyone what he did? Lucas liked attention since I could remember.

“Did you or did you not?” Gerry couldn’t shake his doubts, so he called Lucas out. Fuck. Please be worth it!

“WHAT THE FUCK IS WITH YOU?! Fuck! No, man! -” Gerry felt himself become numb while gripping his phone so hard that his sweaty hand pushed the phone out of his hand; even as the phone fell to the ground with a loud sound, his ears didn’t seem to register it. He didn’t know what he should do, but he knew that he promised her to be better.

“Lucas, just forget about it. Uninstall it from the girl. Just let us grind our shit in the game. We will beat him then,” Gerry took his phone from the ground and said his words resolutely with as much calm as he could muster.

“…” Nothing was heard from the phone for a few seconds, before Lucas answered agitated, “fuck! Are you serious?! Fuck! It’s too late! -” Interrupting Lucas with a deceptive borderline forceful tone, “What do you mean it’s too late?”

He heard his friend muttering incoherent words. He waited patiently, although his is certainly wearing out.

“Shit, man. Fuck, how should I explain it to you? -” Gerry cut him off, “Just tell me now: why can you not undo it?”

“Fuck, do you even know the news?” Asked Lucas as he dodged the question.

“What do you mean?” Confused Gerry furrowed his brows as he waited for Lucas to elaborate what he meant.

“Fuck, really? Some hackers took the entire internet down in Cologne!”

“Alright, okay, so no internet for how long?”

“Fuck why are you so calm, man?!” I’m not fucking calm. I’m fucking furious.

“Because that’s not the important thing right now! Okay, just wait for the internet to be up again, then undo it.”

“Usually you would piss yourself right now… -” At the other end, he heard a heavy sigh in defeat.

“Gerry, I fucked up. The friend from whom I got the RAT, just told me earlier that it has a fucking backdoor.”

“Wait you -”

“Haha. No, that’s not the worse, no, the fucking bastard of a friend forgot to tell me that my infected computer was used to DDoS Telekom,” Lucas told him with a small sardonic chuckle, “With other words, we are both fucked.”

He just asked because he doubted it. “Are you certain? How did you find it out?” While Gerry really wanted to punch Lucas in the face for convincing him at the endeavor, he wasn’t physically there, unfortunately.

“Heh. The fucker who bound the backdoor with the RAT thought himself so clever that he could just hide that my fucking computer is accessing Telekom website right now with increasing threads. I just needed to open Wireshark on my other computer and let it capture the packets in promiscuous mode, filter them slowly out until I had suspicious packets who tried to do the TCP three-way-handshake to the Telekom website. Tried is the keyword because after the 2 shakes it sent packets with empty payloads to the web server to let the server try to keep the connection. And the best is: It’s not one but several threads doing the same shit.”

“So?” I don’t quite follow.

“Don’t you understand? It’s a flood of TCP connections to the server who cannot cancel them. A DDoS!” Clarified Lucas, then he heard a loud bang as if something was thrown, “So I did the only sensible thing what you could do in such a fucking situation. Turning the router off.”

“What now?”

“Well, I’m going to smoke weed and I won’t go to school the next days.” Without warning his friend ended the call while Gerry tried to process the sentence. Didn’t you say that you wanted to be clean?!

“FUCK!” And the phone kissed the wall.

Waking up by the tender mercies of his mother wasn’t a good idea, even if he didn’t get to rest at all, after all, he should know what happens when there’s even a tiny hint of being too late to school, then his mom will just wake him forcefully with cold water. Just because she couldn’t get him banned from computer effectively. He just sighed as he let his feet follow the mass of school children to the school.

During the time walking down the street, he let his mind drift to the thought of the girl who he betrayed. By coincidence, he noticed that he starred at a girl who was looking extremely familiar like the girl you deceived. Unbidden thoughts conquered his mind, he couldn’t ignore it, so he walked slowly nearer to the girl until he could clearly see her face behind the bangs. Sorry, Sandra. Fuck. Her face didn’t look very good, even though the makeup she obviously used to cover her dark circles under her eyes. Did she cry? What did Lucas to her? Shit, it’s my fault. Because of my selfishness.

Gerry knew that he broke the promise, he couldn’t stand before his crush again, not without wiping his shame clean. So he went to the girl whom you betrayed and asked her, “Hey Sandra, couldn’t you sleep at all?” Fuck! Really? ‘couldn’t you sleep at all?’ Nothing better?

She looked warily at me with her weary eyes, then averted her eyes to the ground and ignored me, while she quickened her pace. He flinched at her taken action.

Guilty he watched her as she fled, because what else could it be, with a blank look. What goddamn happened to her?

Arriving in the classroom he tried to walk to his sit unseen, yet he was apparently noticed by a couple of classmates who one of them greeted him, “Hey Gerry. How are you? And where is Lucas?” Too popular am I? Ha.

Find this and other great novels on the author's preferred platform. Support original creators!

“Ah, hey guys, I’m fine. Lucas won’t come today.” Answered he with such an ease. It should be a skill to which I leveled it over 9000. Ha.

“That’s good to hear.” Told him the guy who asked him.

“You mean Lucas, too, right? He’s such an asshole.” The girl nearby made the nasty remark as she eavesdropped on the conversation. Well, I don’t disagree, but he’s my friend, you know?

“I don’t know how you are friends with that creep. I saw him staring at my breast.” And another girl came to join them.

“Not only that Laura, as we both worked in a group before, did you know what he did? He just let me do all the work while he even complained that I was too slow! That asshole!” Lucas, you’re really popular, at least from a certain point of view.

“Yeah, he could be an asshole, sometimes -” Interrupting him were the girls who made the nasty remarks, “sometimes he says.”

“Well, alright, he’s an asshole, but with a big heart.” Gerry tried to defend his friend, but the girls weren’t convinced at all.

“Really? Gerry, you shouldn’t trust that guy. He is just using you!” I know, but… but he’s not only one who’s using someone.

“You’re too nice for your own good,“ told him, Laura. Nice? Ha. I wish. I’m just a hypocrite who breaks promises left and right.

“Did you guys saw Sandra? She looks awful. Perhaps something happened?” Laura changed real subtle the topic while she fished subtly for Gerry’s reaction. He unaware that she observed him, said, “Yeah, I met her on the way, I tried to talk to her, but was ignored.” Why did I tell them that?

Laura noticed how Gerry avoided eye contact while he said that, suspecting something, she confronted him, “Did she asked you out? And you rejected her?” No, but how do I answer?

Fortunately, the bell rung, signaling the beginning of the class and the end of their conversation.

In Starbucks, his favorite café, John sat on a nice comfy place next to a very pretty girl who seems to intently stare at her mobile phone with a frown. iPhone, huh. The DDoS attack? He discovered that she’s reading the article about the DDoS attack which threatened to take the complete internet infrastructure of the city offline.

“Ah, you ISP is Telekom?” She blinked a few times and now noticed him.

As she focused on him, she said, “Oh, no, but netCologne. They are leasing from Telekom.” Right, how could I forget? That’s just embarrassing.

“Sorry if I interrupted you -” to that she shook her head and said, “Not at all.”

“- Then well, I just noticed a pretty girl with a frown. I couldn’t do nothing after all my mother said that I should help a girl in need,” Paused he. Shit, what am I doing trying to flirt with her with such a crappy line? Fuck. He continued, “What I mean is that I just want to see you smile.” I want to die!

At first, she just stared at him for a few seconds before she bowled over as she held her stomach while laughing in her charming voice. After some time she heaved a little bit before she settled down. With a small but pretty smile, she introduced herself, “What a surprise! Didn’t expect someone to say such lame line to me. How about I introduce myself, I am Sarah Junker, and who are you?” I’m not nervous.

“Hey, that was my best pick up line I have in my toolkit! Well, I’m John Richter and did someone ever remarked to you that your smile is the prettiest in the world.” I hope no one complimented her smile before, although it’s not really certain, she’s too pretty that not many would find the confidence to approach her.

He saw how her cheeks transformed from white to red. That should be a good sign.

“No, not really, you’re the first who complimented my smile.” Well, it seems I won my own suckers bet. He noticed how she used her fingers to comb her very well maintained brown hair.

“Then I should be honored to be the first. Oh, I quite forgot that I need to continue working on my thesis.” Fortunately, I did already finish it. Saying that he unpacked his laptop and booted it up, afterward he made a convincing act by trying unsuccessfully to connect to the Starbucks WiFi. That should be enough.

With an ashamed smile, he asked Sarah, “do you know what happened to Starbucks WiFi? I cannot seem to connect to it.”

“Yeah, that’s because Telekom is down. But don’t worry! You can use my hotspot.”

“Really? You’re not only pretty but selfless even! My little sister should learn from you.” He buttered her up to bed her. Haha, just kidding, no I just need you hotspot, thank you.

“Thank you!” She giggled and told him afterward, “you can connect to my hotspot. It’s ‘Sarah’s spot’ with the password ‘John’.” He wasted no time to connect to it. Well, if that’s not an invitation then I don’t know anymore. But first, it’s time to wear the white hat.

Starting Skype while he checked the configurations for the virtual machine which is running Windows 7. Finished it, he directly downloaded the file into the shared folder for VirtualBox he mounted before. After the download, he started the virtual machine with the OS Windows 7 and waited.

“Thanks again. You did save my life, yeah.” To this, he got a chuckle.

“It’s payback for the compliment. But can I ask you what you are working on? The thesis I mean.” She asked him full of visible curiosity.

“Well, the topic is ‘Analysis of a modern Trojan‘. If you want, I can take you step by step as I’m analyzing the Trojan.” Offered he her to pay off his debt to her. After all thanks for the hotspot.

“Cool! Thanks, I was certain that I would be bored out of my skull for the next hours before I can catch my train, but you saved me.” Shit, you’re distracting me. I thought you have other things to do. Just my luck!

He coughed a little, then said, “that’s good, now I can truly repay for the hotspot. Who knows maybe you will learn a thing or two?” There she smiles again.

“What you will see is that I’m using a virtual machine to isolate the malware from my real computer. Of course, some malware are programmed to detect such machines, however with a little bit of tweaking the configurations you can bypass the checks of the malware who won’t run in the sandbox.” She nodded her head to that. I don’t quite know if you’re interested or not.

“Is that Ubuntu you use?”

“No, I’m using ArchLinux, they’ve got the cutting edge tech. Do you use Ubuntu?”

“Yes, I do have it on my home computer. I like it, it’s so pretty to customize.”

“Well, anyways. So the Trojan is now on my VM and while it’s defused I’m starting Wireshark, a useful traffic capture tool and in the VM itself, the ProcessExplorer wouldn’t be useless. The first you wanna do is to get a feeling of the malware.”

“Okay.” Here she nodded a little bit uncertain. How about this analogy. He elaborated, “What I mean is what happens after you executed it on the virtual machine. Most of the time you will spend your time observing it like an insect. Noting it’s characteristics and so on.”

“Then you check the strings in the malware, most of the time you will see them in plain text, but there some cases where the developers bothered to encrypt their malware completely. Luckily in my case, it isn’t. So before we observe the Trojan in action, let’s take a look at its strings.” In the VM he started the cmd.exe and typed the command strings with the parameters it needed to read the Trojan’s strings. The output was interesting to say at least.

“That’s really curious, don’t you think? Here,” Pointing at a particular line, “and here, too. These two strings are our hints. One: ‘1337trolololo.servebeer.com‘ and Two: ‘K1ngsP4r4d153.de‘. Both are domains we can check on whois.net, for example, we can recon who registered it and when, so that’s for the strings. Now Let’s use Wireshark to capture the traffic of the Trojan, but let’s first let the Trojan run a few minutes.” He executed the Trojan in the VM and started Wireshark on Arch. Then he leaned back and then said, “Well, now we must filter the packets according to our needs. So now here. Do you see the packet number 71? This particular packet and it’s other packet with the next sequence number, that is the TCP-three-way-handshake. Ehm, would be normally, but do you see the payload of the last packet of the three packets. It’s sending a partial request to the website and… What the…” Coincidence? I think not!

“What’s up?” Asked she confused as he considered what it implicates.

“Well, now I would be damned if that isn’t the cause of Telekom’s problems. Zombies.” They are using Slowloris to keep Telekom down. That's disconcerting.

“Zombies? What do you mean?” Looking back at her, he saw that she thought that he was kidding. No, I wish I was.

“Thanks for the hotspot and nice company, I guess. Unfortunately, we must part ways.” He bade his farewell to her as he packed his laptop.

First, he walked a little bit fast, however, after going through some streets he sped up his pace to sprinting. Where was the fucking police station? Huh? The first time I want to go to a police station. It seems there is a first time for everything, truly.