Monthly Archives: September 2010

Fun with AUPower Lab

ssSSsh yet again a boring “Design of Electrical Apparatus” class so i decided to cook this nice little article for you all,

AU power lab is the software developed by AnnaUniversity’s Power Research Group for Power Systems Simulation Lab [EE1404] which is used by most of the colleges for their Final Year EEE lab curriculum.

About the Application:

The Application has a client server architecture, the server verifies the license key/authentication key of the client machines. The Client Software which has a Sluggish Graphical User Interface is written in VC++/VB6.0. The application will be usually installed in   “C:AuPower” , you can find a lot of directories inside”C:AuPower”  some of them are

  • LFS
  • TSA
  • Acrod32 (adobe reader verison 5.0 to view the pdf help files)
  • ED         and many

Each of the Directory corresponds to a Menu which are seperate exercise for the lab curriculum

LFS  corresponds to the Load Flow Solution exercise and TSA corresponds to the Transient Stability Analysis exercise

Inside each of the directories i.e Inside LFS,TSA,ED etc there will be further 3  subdirectories

  • user
  • sample
  • work

sample directory contains some text files which bears the sample data given to the problem.

user directory contains some text files which bears the data which you entered and saved in the Grapical User Interface

work directory contains the executable files which are required for running the program and computing the output.

Well, if you are lost somewhere, let me sum it up again,When you open the AUpower lab application on your desktop you’ll be presented with several menus each corresponding to a exercise viz Load Flow  Analysis, Economic Dispatch etc, when you click a particular option what happens is the respective program for data collection gets started this program will be inside C:AuPowerClickedMenu’s AbbrevatedFormwork.

In some exerices a CommandPrompt [DOS prompt] will appear and you need to enter your options after entering those options the program runs and produces the output.

The Fun:

Due to lack of application security in the AUPowerlab software, it fails to verify the authenticity of the called program by the main application. It means you can create a custom executable file and you can replace it with the original so that when when the application is run, your executable comes up instead of the original executable.

We are going to exploit this security flaw to make fun out of AUPower Lab, Lets use Economic Dispatch exercise as our target 😛

Goto               C:AuPowerED*(im not sure with this name, it will start some thing like ED)work

you will see 2 files without any ICON

  • ED*L.exe                [again pardon me for not remembering the exact file names]
  • ED*NL.exe

ED*L.exe is for problem with Losses and ED*NL.exe is for problem without losses, we have problem without loss alone in our syllabus, so we are going to create another executable in the name of ED*NL.exe and replace it with the original.

Most of the PC’s in PS lab has TurboC++ installed, so cook a funny C++/C program and make it as a executable

here is my program

#include<iostream.h>

int main (void)

{

char a,b,c;

cout << “You are not a human, are you : <Yes:y No:n>: n”;   Thanks to chokkalingam for teaching question tags 😛

cin >> a;

cout << “You are a ************ : <Yes:y No:n>: n”;

cin >> b;

cout << “Do u really wanna output for this programme: <Yes:y No:n>: n”;

cin >> c;

if (( c == ‘Y’) || (c==’y’))

{

cout << ” Dumb ‘O , Im not your slave, Compute the ****** Output yourself with ur ****** Calculator n”;

}

return 0;

}

Now compile this programme and make it as a executable [hope u ‘d be familiarized with TurboC], the executable will be in a directory “OUT” inside tc, i.e  C:TCout  or C:TCbinout, so grab your executable from here and paste it inside C:AuPowerED*work,  Dont forget to change the rename your execulable as exactly as ED*NL.exe.

Now call your victim to test it,ask him/her to teach this exercise after entering the data and saving it and clicking run, instead of the original executable your executable will run and see how many of your friends press three Y’s without seeing what is being displayed in the screen..

Prevention:

Inorder to prevent these kind of executable corruption attacks, you can design the called programme to send a authentication key to the main programme so that it could ensure the authenticity of the called programme, however this technique could be breaked, if the attacker examines the executable fille in debugger, he could get hold of the key being passed to the main programme and he could specify the same key in his custom programme and again corrupt it, so the best bet is to use some preshared key exchange kind of techniques.

Have Fun Hacking !!  🙂

Advertisements

Paper Presentation @ Drestein

Hello Mates, i’ve been busy for a while., Found an interesting topic to discuss, “Copyright Infrignment in paper presentations”, This has become a serious problem especially in tamil nadu which hosts more than 400 Engineering Colleges.Most of the Engineering College students are ruined by spoon feeding which is done by the management of those colleges.This spoon feeding could not be done by any one for research. So this makes the student to submit a paper done by some other person in some other country/state.

I’ll show you one of the examples, I’ve done a analysis of selected papers for the symposium conducted by a reputed college in chennai, you can find the analysis here

Who is the reason for this crime.. Management of pvt engineering colleges ? or Careless Students ? or Careless Staffs ?