Hacker News new | past | comments | ask | show | jobs | submit login
Decrypt.py: Act like a decrypting hacker on tv (github.com)
128 points by hendrikp on Aug 7, 2012 | hide | past | web | favorite | 51 comments

Using aircrack-ng to get onto a wifi network looks surprisingly like you'd expect from a movie: http://www.aircrack-ng.org/screenshots/aircrack-ng.gif (pretend those digits are constantly updating)

Link for lazy Mac OS X users:

curl -O https://raw.github.com/jtwaleson/decrypt/master/decrypt.py; chmod +x decrypt.py; ls -la | ./decrypt.py

It's useless, but pretty nifty at 80x24.

So... uhh...

this one-liner will download and execute a python script.

would really suggest that you read the script before executing it.

Looks clean to me. Check out for yourself of course. Does bring up an interesting dilemma. We all download code, libraries etc. all the time without going through it with a fine comb...

Most code executed on my box comes from package managers, which often use code signing to make sure you're getting the right code. Other than that, we often have to depend on the reputation of the project, otherwise we would be stuck reading code all day, instead of getting work done.

The difference here is that this is not some long standing and reputable project, but instead just something that was randomly thrown up github.

tl;dr - I trust the Mozilla Foundation more than I trust jtwaleson

Note that the URL in the one-liner references the master branch, which can be updated at will by jtwaleson. A much better idea would be to use a link to a specific version if you are going to make claims towards its cleanliness:

  curl -O https://raw.github.com/jtwaleson/decrypt/f004b7eab7b949a55ea3c784fb9bac244aa0296e/decrypt.py; chmod +x decrypt.py; ls -la | ./decrypt.py

Good idea, I don't have a "Don't be evil" motto ;)

Even that might not work if he has two versions with the same hash and sends github a forced update with push -f. though that's still a much more difficult proposition than just updating the master branch.

If he can generate two files with the same hash he can do much more interesting things than write a sketchy python script that a few people might run without reading.

But usually it is from trusted repositories.

Is this the part where we mention Ken's talk on trusting trust for the 1,000th time?



Trusting trust isn't even applicable here. That trick only works with programs that build other programs.

You mean like the compiler that built the python interpreter that ran the script in question?

I think you just did :)

Also see Hacker Typer for a web browser version. :)


A web browser version of something different.

"It's a cylon virus... I'm decrypting the firewalls and downloading to the server."

Screenshots please!

I just made an animated GIF for you: http://d.pr/i/ZMi (3MB)

Hey thanks. On the page you linked to, it said "optimized for mobile" something. I have to say quite impressive--loaded very quickly. Didn't do anything after that, but I'll be damned if that first frame didn't make it down in like 2 seconds.

That's freaking awesome. Thanks!

Quick and dirty screencast http://youtu.be/DoDoOtlomsM

Thanks to you (and your terminal output), I'm now in the middle of reading "Street-Fighting Mathematics". :)


I like how you think--that name was the thing that stood out to me, too; and you saved me a quick web search =]

Thanks, much better than the gif.

But I'm confused...it de-scrambles what amounts to an ls -la? I gleaned from the op that it de-scrambled an image?

No, the script requires ascii input. If you use jpg2a it will take a JPG and turn it into an ASCII version of the jpg, at that point you can run it through this descrambler.

Ah. Thanks for the clarification.

At any rate, it looks cool but someone should really build a GUI for it.

No, a GUI completely misses the point here and would in any case be much less flexible.

Learn to use the command-line (if you're not on Windows), it's fun! :)

Shoulda added a ";)" I suppose.

But to any of you reading this far, don't let being on windows be a deterrent. There are many excellent run-time distros out there to play around on. Google "run time Linux" for more.

And I wholeheartedly agree; it is quite fun (and rewarding) to learn.

:) Cheers!

I just added this to the readme on github. Thanks!

wget https://raw.github.com/jtwaleson/decrypt/master/decrypt.py; chmod +x decrypt.py; ls -la | ./decrypt.py

It doesn't bite.

It's also super short, so you can easily glance over the source code to make sure it's not doing anything shady (it's not).

Yes, make sure you inspect it before executing... If someone hijacks my github account, puts on some bad code and you run this, you're screwed.

This is quite possibly one of the coolest Python scripts I have ever seen. I'm going all the way to Hollywood baby.

and here a virus in action ...



After commenting out line 20, this is actually pretty awesome.

What does it do? (The whole thing, and line 20 specifically)

It prints colored 0s and 1s all over your terminal window. Nothing else. Line 20 (the 'trap sig_int_trap SIGINT') disables Ctrl-C. You want to comment this out.

It does not disable it, it catches it and restores the terminal cursor's visibility (originally it reseted everything, but you can just work on, and the colors will scroll off the screen).

... but of course, maybe you enjoy random color font. :p

Thank you for the correction. Based on the previous comment, I assumed the trap function was doing something evil without completely reading the script.

Oh, that makes sense.

I haven't seen that command before, and from the context/presentation of the script, it made line 20 appear evil to me. :P

Maybe I don't watch enough television but I don't think I've ever seen this effect in any TV show or movie. Anyone know of a show that did this?

Sneakers (1992)

Worked slightly differently, IIRC -- in the movie, the computer screen was already full of gibberish characters, which then randomly shifted to the correct color/character when the MacGuffin was applied.

Yeah it was actually a fairly prominent part of the movie in that case.

I seem to remember something similar in Wargames from the 80's.

Thanks, I did look for this scene but couldn't find it. "Whole movie" indeed. So... why did some clown downvote my comment?

Fun with jp2a and the images from the Curiosity rover. You can act like you're intercepting the signal or something.

Does it work with a over ssh?


Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact