NaNoWriMo 2013/2016

Chapter 27

Chip’s development work had taken him most of the day, so it was early evening as Lurlene shrugged her shoulders back and prepared herself for the task that Chip had asked of her and that she had so excitedly accepted for the general purpose damage that it might do to her ex-roofer Buck Lemaire. Chip couldn’t stop himself from reminding her again of what needed to happen. “So the box needs to go into a power outlet somewhere inconspicuous and then,” he said holding up a red cable with plastic plugs on each end, “this cable has to plug into the same set of jacks that the other network cable in there does.”

Lurlene bristled at Chip’s anxious repetition of the extremely basic basics of his plan. “I know, you god of technology. We’ve been over it 10 times since I watched you finish doing exactly that under your own kitchen counter. I think I can plug two things in without needing to call you for instructions.”

Chip ran off another anxious question with little regard for Lurlene’s growing sense of frustration. “What are you going to do for a distraction?” he asked probingly.

Lurlene turned to face Chip head on and tucked her shoulders back which made her chest push forward under the thin fabric of the remaining fragments of her tee shirt. She raised a hand and patted Chip tenderly and patronizingly on the cheek. “That is for me to know and you to never find out. Unless you’re far more lucky than you have been so far in your life.”

Chip huffed out his frustration and anxiety. “Okay, fine, just don’t let him know that I’m involved in this. He already tried to get me on the road and I’d hate to think that he might do the same to you, especially while you’re in his office.”

Lurlene grinned, “Relax already. I think I’m eminently qualified by my station in life for manipulating the emotions and perceptions of males.” She turned to go, holding the plug computer and its network cable dangling in her hands. Chip hurried to follow her down the stairs but she put out a hand. “Where are you going? Are you going out to get some groceries while I’m gone?”

“What, no, I’m going with you. I’ll wait in the car while you’re inside.”

“God, why would you do that, Chip? Didn’t you just say that you didn’t want Buck to know that I’m associated with you? I think that he might put 6 and 12 together if he sees you sitting in my car parked outside.”

“Oh, well, uh, okay. I could hide in the trunk while you’re in there!” Chip tried, arguing for his continued involvement.

“Would you be more comfortable locked in my trunk than in your own apartment?” she asked. “It’s not like you can do anything to help me if you’re hiding inside a locked metal box on wheels. If you’re going to be waiting out of sight for me to come back, why not just wait here at your apartment? I promise I’ll come here straight away when I’m finished up there.”

Chip shrugged under the burden of logic that came down on his nascent chivalry. He had just figured the he wanted to be there in case anything happened to Lurlene, but she made a pretty good case that there wasn’t anything he could actually do about anything that happened to her. He took a backwards step up to the top step and nodded, “OK, then. Uh, be careful?” he offered with a hint of query at the end of his encouragement.

Lurlene smiled at Chip’s attempt at verbal kindness and turned quickly with an increasing degree of excitement to be engaged in active retaliation. She headed off down the stairs and tossed back at Chip, “Oh, I think Buck’s the one who’d better be careful now.”

As her car’s throaty engine accelerated away from the curb in front of his building, Chip resisted the temptation to go over to the tall windows along the front facade and check that she had made it safely down a block that she had probably driven on daily for her entire adult life. He flopped back on the bed where she had lately been napping and he felt the warmth of the spot she had occupied on the sheets.

Chip pulled in a long, deep breath and let it slowly hissing out. One of his bro co-workers had been a student of Wim Hof, the Dutch dardevil who had a fancy breathing routine that was meant to increase the oxygen stored in the blood. Chip’s co-worker had offered the briefest two-minute lesson one day while they waited for the coffee machine to drop down their designated beverages and Chip had remembered the body sensation ever since. He took more deep inhales and short exhales, trying to recapture the tingly fullness that seemed to help wipe away some of his mental busyness. Chip didn’t know enough neurochemistry to be able to analyze what was happening with the signaling pathways in his brain, but he knew that there was a distinctive feeling of certain thoughts getting wiped right off the slate chalkboard of his mind. It was humbling to be reminded that Chip’s conscious thought stream was just a minor ripple atop a robust substrate of chemistry and electricity. For a person who lived so much inside his mind, it was surprising to find out that his mind lived inside his body and it wouldn’t let him totally forget that fact.

Soothed slightly by the chemical hack he had applied to his own brain, Chip tried to forget the possible danger that Lurlene was in right now and focus on the other end of the hack that he was attempting to perpetrate back on Buck who had apparently been the original hacker of Ellen Suffolk’s video editing computer. If Lurlene succeeded, then he would have installed a back door, or maybe even a trap door into Buck’s computer network. But he still had to find a way to get someone inside to answer a knock and open up the front door.

There was only one thing that Chip knew that Buck Lemaire did with that computer, one thing that he had witnessed happening from alongside the network cable in Ellen’s basement. Buck used that computer for watching videos from Ellen’s hard drive, among all of the other office uses that an old gray desktop computer could be put to. Chip perused the files in the Metasploit documentation that described the various categories of security exploits that were available to him. There were plenty of things that one computer program could do to another to make it misbehave, but most of them were best deployed or activated using what security experts called “social engineering”.

Social engineering was a category of security exploits that attached the weakest link in any computer system, the mushy operator seated in the chair. The classic example of social engineering was sending an email to someone pretending to be a legitimate message that asked someone to click on a link or visit a certain website. Even earlier examples of social engineering existed with hackers calling someone up on the phone and convincing them to turn certain systems on our off. Most magic tricks and pranks also relied on the same principles of social engineering where someone pretends that one reality is true and convinces their target to come along with that understanding of reality.

Chip tried to come up with a convincing cover story for sending Buck Lemaire an email that would get him to click on an arbitrary internet link, at which point the trapdoor that Chip had configured appropriately could spring open. But Chip didn’t have any good ideas for who he should pretend to be and he certainly didn’t think he could call Buck Lemaire up on his office phone and convince him to type in some web address on that office computer. After what had happened on Chip’s prior visit to the office, he didn’t want to chance any further antagonism when another one of his flimsy cover stories fell apart.

As Chip read over the catalog of vulnerabilities that Buck’s computer might or might not have, Chip tried to focus in on what he already knew of that computer from the few observations he already had of its behavior. It was a bit like trying to figure out what the object inside a wrapped Christmas present was by shaking it, except that in this case the box didn’t make rustling noises, instead it emitted and received packets of information. Chip had uploaded all of the network traffic that he had captured in Ellen Suffolk’s basement onto an online storage service and now he re-downloaded it onto his laptop. It was a large amount of data, but because it was all broken into the regular packets of data that passed over the network, there was a great deal of structure to that data.

Exploring this sequence of data like other people might explore a new city on vacation, Chip started writing programs to search through the network data, trying to build up a helpful kind of map of what was in there. He went through the data looking for the special packets that indicated the beginning and end of a single network connection. By graphing those over time, he could start with a map of what had happened over time in the communication between Ellen’s suborned computer and the unknown computer inside the proverbial Christmas present.

There were various regular patterns of connections that represented Buck’s apparent working habits and schedule. There were also patterns of sequences of connections as one action led to other requests for information back and forth. Using the map he had made in time, Chip could focus in on an individual part of the data in greater depth. The parts he was interested in were those that indicated from their irregular timing that they were being initiated by a human being who was doing other things than just working with a sequence of bits and bytes. The connections initiated and responded too solely by other computer programs followed fairly predictable intervals between events, but where human interaction was involved, there was a much wider range of intermittency involved. It might take a person 1 second to click on the first link on a web page, or it might take them 1 hour if they happened to go out for lunch before the next click.

Using the statistics of intermittency, Chip focused in on those sequences of connections that came from human clicks. Selecting those network packets out into a smaller chunk of data, kind of like a single neighborhood in the city that Chip was exploring, he started looking for a new map of the streets of that one neighborhood. The sequence of on and off bits that make up the stream of communication between computers has its own structure where the individual on and off bits are grouped up into chunks of 8 bits called bytes. A bite might represent a single number between 0 and 255, or it might be used to represent a single character of the alphabet, or a single part of a photo. Chip wrote a new little program to interpret the bits in this particular neighborhood as letters and he started to look for patterns in the words that were formed from those strings of letters.

Grouping the letters into possible words of different lengths, Chip could run a program to find the most common words of each length as a way of searching for exchanges that happened often. The most common substring in the English language would be the letter “e”, but the most common three-letter substring might be the word “the”. That might have been the case for text in the English language, but these two computers had not been having a written conversation in the English language, instead they were exchanging messages following the rules of interchange that computer scientists called a protocol. The most common longer substrings began to reflect the protocols that were being used. One of the most distinctive common substrings was a sequence of bytes that when interpreted as letters and punctuation looked like “User-Agent: Internet Exploder (6.5.1+1997-12-02)”. This was part of the conversation between a web browser and a web server that identified the web browser that was making a request. It was something like a name or identification for one of the participants in an online conversation between the two computers.

The final piece of the puzzle for Chip was to search in the Metasploit documentation for that particular user agent string. He found a match for a security exploit for that particular version of the web browser. It was a remote code execution vulnerability that required only that a user click on an appropriate link on a web page. Now Chip knew what the front door of this puzzle box looked like. If he could get Buck to somehow open it, then he could spring the trapdoor that Lurlene was (hopefully!) setting in place right now.

Chip looked up from his data exploration to find that it had grown almost completely dark outside. He worried that Lurlene had been gone too long and he ached to get in his car and drive by Buck’s office building to see what he could see. Despite his pangs of remorse for having sent her in the first place and guilt for not going off to save her, Chip knew that staying put and waiting patiently until he got further information was the prudent choice. That didn’t make it easy to wait, but at least he knew what he was aiming for.

He turned his attention back to the problem right in front of him. What sort of social engineering could he engage in that would convince a roughneck mining foreman to click on the link in his email. Chip felt dirty to consider it a second time, but maybe he could use Lurlene again. There must be an email subject from her that Buck could not resist clicking on. Maybe Lurlene would be willing to channel her vindictiveness and her too intimate knowledge of the psyche and everything else of Buck Lemaire towards helping Chip write the phishing email where he threw out a “line” to try and “catch” Buck the fish.

When Chip couldn’t keep from imagining Buck and Lurlene in Buck’s office togther, he tried to distract himself by imagining Buck in his office doing something other than yelling at Lurlene or propositioning her again. He tried to imagine that Buck was an office worker like anyone else, so maybe in the morning he came in and sat down and checked his email. Then, maybe he worked on some documents. Then, maybe if he felt like tiptoeing around in other people’s business, he might go look at some of Ellen Suffolk’s videos.

And that is when Chip could get him. Chip thought that Buck probably wanted to take a look at any video that Ellen Suffolk had taken to make sure he destroyed all the evidence that the Least Tern had been spotted in Fredrickton. So, if Chip could put something on Ellen’s computer that looked like a new video, then he could be pretty sure that Chip was going to click on it. The actual videos on Ellen’s hard drives were all encrypted, but Chip was able to see what the structure of the files and directories would be. He put a thumb drive into his laptop and began crafting a simulacrum of what would be there on a real hard drive of Ellen’s videos.

He found a couple of bird pictures online and sized them way down to serve as video thumbnails. Then, he added some links to a web page with the thumbnails that looked as if they would let you watch or download the video. Of course, in this case, Chip made it so that there wasn’t even any video to link to. Instead, everything on that web page pointed at the exploit code that appeared in Metasploit for the particular version of the web browser that Buck was using when he looked at the videos. If Buck clicked on any of the links, then the attack code that Metasploit had archived and cataloged would go into effect, springing open the backdoor that Lurlene had hopefully installed by now.

Chip was a little worried to try out his creation on his laptop since he was exploiting a serious security vulnerability that was known about by all of the hackers and the security researchers. There was one computer that Chip had access to that he could take over at will using this exploit and that was the virtual machine that he had created inside of his laptop in order to view the videos that had been moved over Ellen’s network. The virtual machine was almost completely safe for hacking because Chip could control it completely. If his hacking had some awkward side effects, he wouldn’t damage his laptop and he could do more than turning off the virtual machine to stop any problems in their tracks. The power of a virtual computer that Chip had brought into being inside of the brain of his laptop was that he could bring it out of being completely.

So, Chip attached a thumb drive to his laptop and set the software up to pretend that it had just been plugged in to the virtual computer. It opened up a web browser and the web page looked just like he had hoped it would. He clicked on one of the links, trying to feel casual and in control of what he was doing, and nothing happened. In his already keyed up state, Chip freaked out a little bit that the tower of cards and wishes that he had been setting up to try and catch the bad guy might now be tumbling to the ground if he couldn’t pull off this hack.

Then Chip realized that he had set up the attack code on his fake web page to talk to the little plug computer that would be there on the network (once Lurlene got back safe and sound!). To complete the test, all that Chip had to do was to pull out a Raspberry Pi or put it on the same network as his laptop. The Raspberry Pi that Chip grabbed had already been set up for logging network traffic, so when Chip clicked on one of his malicious links again, he was able to watch the attacked computer sending messages that were trying to get out to the internet. That was good enough for Chip’s test he figured, so he tried to quit while he was ahead.

The fall sunlight was gone completely now and the night had entered its long phase where Chip couldn’t really tell how late it was, but he definitely knew that it was late enough that Lurlene definitely ought to be back safe and aound by now.

08 Nov 2016 3199 words