April 20, 2015 By Oded Margalit 3 min read

Most people are familiar with the concept of white hat hackers and black hat hackers, who are separated along ethical lines. Black hat hackers violate computer security for the wrong reasons, while white hat hackers do it for ethical reasons, such as showing the world some systems are not secure enough. There are actually several other types of “hats,” as well, such as gray hats (in between white and black) and green hats (newbies). Today, I’d like to introduce another type of hat: a transparent hat.

Hacking requires a deep understanding of computer systems. Hackers must understand the hardware level, have intimate knowledge of the system and have special, esoteric skills, such as being able to write assembly language programs under special constraints or understanding obfuscated programs.

Transparent hat hackers do not hurt computer systems for malicious causes, nor do they do it for the right cause. In fact, they do not hurt any systems at all. Instead, transparent hat hackers design and solve difficult mathematical problems that are related to the cyberdomain and enhance their abilities in ways that would help develop the cyberdomain.

Let me provide some examples.

Example No. 1

Thinking outside the box, here is a program I wrote for the IEEEXtreme 5.0 competition:

Given a seven-digit number, make an exercise from it whose result is 100. You may use the four basic math operations and parentheses between digits such that the result is a valid exercise whose result is 100. Note that you must use all the digits, keep the order of the digits and you are not allowed to combine several digits into a number.

Thus, the solutions “5x5x4,” “5x5x4+0x1x5x5” and “5x(5+5+1+0)+45” are not valid for the number 5551045, while the solution “5x(5+5+1+0+4+5)” is.

Your task is to write a program that, given a seven-digit decimal number, finds an exercise whose result is 100. You must keep the original digits in order and add characters from the following six-character alphabet: “+-x/().” So far, it is a straightforward task that requires some programming skills and some optimization to solve it fast enough. However, here comes the interesting part — the validity is checked using the following script:

[expand title=”Click to see the answer”]

A zero exit code is considered a valid solution. If you pay close attention to the scoring script, for example, you would see a way to fool it and solve the input “5750004,” which is unsolvable by the definition above but solvable by tricking the script.

[/expand]

Example No. 2

What does the following program do?

[expand title=”Click to see the answer”]

This 81-bytes-long 8086 assembly program can run on a Dos-Box and demonstrates some card magic. Can you understand it?

[/expand]

 

Example No. 3

The task here is to beat the robots in this shooting game. Download the game, run it and try to win.

www.codeguru.co.il/gurucode/shooter.zip [NOTE: Clicking this link will start a program download]

Solving a math exercise (Example No. 1), reverse engineering card tricks in assembly (Example No. 2) or finding bugs in a computer game (Example No. 3) does not directly cause any harm to a computer system, doesn’t hurt anyone’s privacy, is not considered a crime and even isn’t considered to be a zero-day exploit. However, these exercises do teach you the skills needed for hacking. Example No. 1 shows you how to think outside the box and bend the rules of the system, while Example No. 2 shows you how to reverse engineer packed code that uses undocumented Microsoft operating system interrupts and appreciate the compression of data into code. Example No. 3 shows you how to look for common programming errors that tend to appear in real-life software and create security problems used by all types of hacking experts. And taken all together, these 3 examples reveal that hackers may not necessarily wear either white or black hats.

More from Threat Intelligence

Hive0147 serving juicy Picanha with a side of Mekotio

17 min read - IBM X-Force tracks multiple threat actors operating within the flourishing Latin American (LATAM) threat landscape. X-Force has observed Hive0147 to be one of the most active threat groups operating in the region, targeting employee inboxes at scale, with a primary focus on phishing and malware distribution. After a 3-month break, Hive0147 returned in July with even larger campaign volumes, and the debut of a new malicious downloader X-Force named "Picanha,” likely under continued development, deploying the Mekotio banking trojan. Hive0147…

FYSA – Critical RCE Flaw in GNU-Linux Systems

2 min read - Summary The first of a series of blog posts has been published detailing a vulnerability in the Common Unix Printing System (CUPS), which purportedly allows attackers to gain remote access to UNIX-based systems. The vulnerability, which affects various UNIX-based operating systems, can be exploited by sending a specially crafted HTTP request to the CUPS service. Threat Topography Threat Type: Remote code execution vulnerability in CUPS service Industries Impacted: UNIX-based systems across various industries, including but not limited to, finance, healthcare,…

Hive0137 and AI-supplemented malware distribution

12 min read - IBM X-Force tracks dozens of threat actor groups. One group in particular, tracked by X-Force as Hive0137, has been a highly active malware distributor since at least October 2023. Nominated by X-Force as having the “Most Complex Infection Chain” in a campaign in 2023, Hive0137 campaigns deliver DarkGate, NetSupport, T34-Loader and Pikabot malware payloads, some of which are likely used for initial access in ransomware attacks. The crypters used in the infection chains also suggest a close relationship with former…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today