Slashdot Mirror

← Back to Stories (view on slashdot.org)

Covert Channel: ASCII Art Over ICMP

Posted by michael on from the help-i'm-trapped-inside-a-chinese-fortune-cookie-factory dept.

An anonymous reader writes "Have you ever had a particularly lossy Cisco ping, which you were sure was trying to tell you something? I mean, really *tell* you something. Echoart allows you to return a simple ascii art image in response to a Cisco-style ping."

54 of 147 comments (clear)

  1. This seems... by danielrm26 · · Score: 5, Insightful

    ...mostly useless, yet very cool -- much like /. itself.

    --
    dmiessler.com -- grep understanding knowledge
    1. Re:This seems... by Anonymous Coward · · Score: 4, Funny

      d'you ever wonder what these people did before the Internet?

    2. Re:This seems... by clichekiller · · Score: 4, Funny

      Since when has expression and customization been useless...er...ok I can see your point but it is still pretty damn cool.

      --
      Sir, there is a dragon outside with an armful of armor. He's inquiring if we offer free refills.
    3. Re:This seems... by Anonymous Coward · · Score: 2, Funny

      BBS? Before that, sit home and cry over their lonely existence?

    4. Re:This seems... by grub · · Score: 5, Funny


      Back in the day, torch wielding mobs were all the rage.

      --
      Trolling is a art,
    5. Re:This seems... by Chalybeous · · Score: 4, Interesting

      Lots of potential for unique idents, a revival of the old ASCII art, and a return of classic IRC "finger" gags to the mainstream - what more could you want?

      (The IRC thing - well, a friend of mine used to have ASCII art of a hand throwing the finger. Thus, anyone who fingered him got fingered in return...)

      IMHO this does, as parent says, seem like a very cool and very harmless bit of fun screwing with corporate level technology. It would also have a good place in the corporate market - if, say, MS incorporated something similar into Longhorn, it could use a Windows logo as its default reply, or various Linux distros could use a Tux, a BSD demon, or a fedora. Other brand-name companies could work an ASCII version of their logo into it.
      (Not to mention, you could also use those 70 lines to advertise - provide your company's contact info, or if you're a hosting company, give your pingers a free list of your latest packages. But how long til someone abuses it? Sure, the goatse guy is OK as net humour, but how long til we're fighting off idiots who want to incorporate spam messages in these ping responses?)

      --

      "It is dark. You are likely to be eaten by a grue." -- Zork

    6. Re:This seems... by jellomizer · · Score: 2, Funny

      Well what would be really cool if everyone had a ANSI compatible terminal so when they ping the site it can give them an ansi pong game.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    7. Re:This seems... by Computer! · · Score: 3, Funny
      xxxxxxxxxx.-.
      xxxxxxxxxx|U|
      xxIxxxxxxx|.|
      xxHAV Exxx|.|
      xxTO xxxxx|.|_
      xxPUTxxx|.|.|.|-.
      xxTHISx/|.....`.|
      x HEREx|.|.......|
      xxTOxx|.........|
      xxGETx\...... .../
      xAROUND|.......|xxTHE FILTER
      xxxxxxx|.......|
      --
      If you fall off a building, go real limp, because maybe you'll look like a dummy and people will be like hey, free dummy
  2. Oh, great by Anonymous Coward · · Score: 5, Funny

    Now we've got to set our firewall to block pings, too, to stop that damn goatse guy . . . . what will the trolls think of next?

    1. Re:Oh, great by tds67 · · Score: 5, Funny
      Now we've got to set our firewall to block pings, too, to stop that damn goatse guy...

      I, for one, am tired of seeing that guy's ASCII.

    2. Re:Oh, great by nacturation · · Score: 4, Funny

      Whatever you do, just don't pipe the results to finger or dig.

      --
      Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
    3. Re:Oh, great by Anonymous Coward · · Score: 3, Insightful

      yeah, because ping can be dangerous.

      i'll put 5 on your one of those brainwashed windows idiots, who thinks they should put their computer into "STEALTH" mode. Newsflash idiot, any sufficiently intelligent scanner (eg, nmap) can tell if your machine is there.

      I'm not kidding, try it.

    4. Re:Oh, great by Anonymous Coward · · Score: 3, Insightful


      (yes I know it was a joke but blocking pings is a good idea)

      No it's not. Blocking all ICMP can lead to odd problems. It's fine to block echo-replies that you never requested but blocking all ICMP is dumb.

    5. Re:Oh, great by Speare · · Score: 4, Funny

      I, for one, am tired of seeing that guy's ASCII.

      Oh, come on. It builds character. You never know when it might be your * .

      --
      [ .sig file not found ]
    6. Re:Oh, great by migurski · · Score: 2, Insightful
      You never know when it might be your * .

      Or your O, in the case of the goatse fella.

    7. Re:Oh, great by nervous_twitch · · Score: 2, Informative
      Tell me, if my computer silently drops all unsolicited incoming data, how do you tell it's there?

      If a host is not found on the network, the nearest router is expected to send an ICMP "Host Unreachable" message to the sender.

      --
      Trees everywhere, and not a forest in sight.
  3. fun for... by Digitus1337 · · Score: 4, Funny

    When 'hostname poop' isn't enough...

  4. Interesting by adequacy · · Score: 5, Funny

    This means that, with the lamefilter installed, ICMP is now more advanced than Slashdot.

    1. Re:Interesting by _14k4 · · Score: 4, Insightful

      There we go. Set this up to query, instead of a text file, slashdot's rss feed. With every ping response, it returns the latest news headlines.

  5. 800 Meg of stolen code... by Flower · · Score: 5, Funny

    and this is the best we get?? All right I admit to being a little let down.

    --
    I don't want knowledge. I want certainty. - Law, David Bowie
  6. From echoart.c... by tcopeland · · Score: 4, Interesting
    ...around line 174:
    // let's not do ipv6 just yet
    if(version != 4) {
    return;
    }
    That's v0.2, maybe :-)
    --
    The Army reading list
  7. hmm by Anonymous Coward · · Score: 5, Funny
    ping asciipr0n.com

    nothing special =(

    1. Re:hmm by AndroidCat · · Score: 3, Funny

      I get a (O) response. What does that mean?

      --
      One line blog. I hear that they're called Twitters now.
  8. hello.jpg by ncc74656 · · Score: 4, Funny

    How long do you suppose it'll be before someone starts using this to send an ASCII-art goatse.cx guy in response to pings? It'd give script kiddies looking for backdoors something to think about, at least.

    --
    20 January 2017: the End of an Error.
    1. Re:hello.jpg by stanmann · · Score: 2, Funny

      Yes but the kiddies are looking for backdoors that haven't yet been violated.

      --
      Food not Bombs is a nice platitude but it breaks down when you notice that the Bombees are usually well fed
  9. Nice by Paulrothrock · · Score: 4, Funny

    It works on OS X. I'm so tempted to open up my wireless so people can get a big finger when they ping my machines while wardriving.

    --
    I'm in the hole of the broadband donut.
  10. ahh.. by madprogrammer · · Score: 5, Funny

    Behold the return of ASCII porn!

    1. Re:ahh.. by ggambett · · Score: 2, Funny

      You misspelled pr0n.

      --
      My website
  11. I'm starting work on... by Throtex · · Score: 5, Funny

    PingMUD. Anyone wanna help?

    1. Re:I'm starting work on... by Throtex · · Score: 4, Funny

      56H 44V 500X 0C Exits:NE>
      You travel north.

      The Grue's lair
      You are in the lair of a giant grue. It is dark, and you might be eaten by it.

      56H 42V 500X 0C Exits:S>
      The grue mauls you with his teeth!

      32H 42V 500X 0C Exits:S>

      C:\> ping grue
      You attack the grue with a vicious ping!
      The grue is incapacitated and will slowly die, if not aided.

      32H 42V 500X 0C Exits:S>

      C:\> /. grue
      The grue is dead! R.I.P.
      You receive 500X! You raise a level!

  12. Finally! by 1nhuman · · Score: 4, Funny

    A good argument I can use so that damn security dude opens up ICMP on our firewalls.

    --
    The glass is half-full. With poison. And there are cracks in the glass. The dirty, dirty glass.
  13. Oh no... by lukewarmfusion · · Score: 4, Funny

    I used to browse Slashdot on minimum threshold, until I saw a goatse ASCII image... I'm afraid that such an image might make +5 for this story.

  14. I would be happy by OwnedByTheMan · · Score: 5, Funny

    with a simple ascii response of a web page to my simple http style request.

  15. Re:Why?? Aliens? Reliving youth? by KwisatzHaderach · · Score: 3, Funny

    Generally seems like somebody is deperately trying to hang on to the BBS days.

    Well the site is loading as fast as the BBS days so that's somewhat nostalgic right there...

  16. Did this on port 23, once.. sort of. by Xzzy · · Score: 5, Interesting

    I did up a silly perl script, using curses, that ran an ascii art animation of stick figure A throwing a grenade at stick figure B.

    I, the guy that owned the machine, was figure A. The guy trying to telnet to my machine was figure B. After figure B was reduced to a crater I printed some message along the lines of "you aren't welcome here, go away".

    Ran it out of hosts.deny and left it up for quite a while. I was bored, sounded more fun than setting up a firewall like I should have. ;)

    It worked surprisingly well, even with the windows telnet client.

  17. Yeah, the article is doing this right now... by WebMasterJoe · · Score: 4, Funny

    This is all I see:

    44 0 0 33333
    44 00 0 33 33
    44 4 0 00 3
    44 4 00 00 3 33
    444 44 0 0 3
    44 0 0 3 33
    4 00 00 3333

    I guess it works!

    --
    I really hate signatures, but go to my website.
  18. Argh not another way by Tesko · · Score: 5, Funny

    to get spammed! I can see it now, pings which draw out "11VIAGRA CH3AP~!", or "`L00kING 4 L0\/3???"

    1. Re:Argh not another way by AndroidCat · · Score: 2, Insightful

      If it's in response to a ping, then you requested it and it can't be called spam.

      --
      One line blog. I hear that they're called Twitters now.
  19. Celebration by Tablizer · · Score: 2, Funny

    Goatse is celebrating his ass off......oh wait

    --
    Table-ized A.I.
  20. When I see an article here about ASCII art... by TrollBridge · · Score: 2, Funny
    ...anymore my first thought is of goatse.

    Slashdot, why have you so poisoned my mind??

    --
    There's a Mercedes gap too. I want one and can't afford one, but it's not government's job to do anything about it.
  21. Screm ICMP by moonbender · · Score: 4, Funny

    Screw ICMP, I want to see ASCII Art Over ICBM!

    --
    Switch back to Slashdot's D1 system.
    1. Re:Screm ICMP by utopyr · · Score: 2, Funny

      Most folks in a position to ping via ICBM hope that all return packets get dropped.

  22. mirror by whizkid042 · · Score: 4, Informative
    this server seems to be quite slow ... here is a mirror

    http://www.unixauthority.com/~fiskeja/mirror/mirro r1.internap.com/echoart/

  23. Re:Ascii art programs out there? by Anonymous Coward · · Score: 2, Informative

    google query

    Have a look.

  24. How about sendmail? by Smallpond · · Score: 2, Funny

    Should be able to do something creative with 550 errors in sendmail, here. Can reject messages contain newlines?

  25. Building the art by Derek+Mason · · Score: 2, Informative

    This looks neat - but it would help if there was a way to build the ASCII art from text within the program. In the meantime Email Effects will do the trick very nicely.

  26. Re:Nothing new ... by MythMoth · · Score: 2, Insightful

    This program doesn't seem to be anything but a slightly sophisticated version of 'banner' that is able to intercept and send packets over a Cisco network. As I said before, nothing new ...

    The part that's in bold is the part that's new.

    Cretin.

    --
    --- These are not words: wierd, genious, rediculous
  27. Virgin Mary by SWroclawski · · Score: 3, Funny

    How long until people claim to see the Virgin Mary or some other figure in pings?

  28. simple script by Anonymous Coward · · Score: 2, Interesting

    ok, so you are going to go through all of that trouble to run code like that as root. great idea!

    tcpdump -lni dc0 'icmp[0] == 8' | \
    while read x input x ip x; do \
    nemesis-icmp -v -i 0 -S ${ip//:/} -D $input -P $input_file; \
    done

    substitute hping or whatever your tool of choice is.

    and if you want it to only reply to specific OS's then obsd's tcpdump can do it with -o and an extra condition in the script.

    -nocfed

  29. Lameness filter encountered. Post aborted! by unorthod0x · · Score: 2, Funny

    Reason: Your post looks too much like ascii art.

  30. Re:Cisco-style ping? by Eshelbyk · · Score: 2, Informative

    It's not so much the ping itself, rather how the results are displayed on a Cisco IOS device when you issue a ping command. Bangs and dots.

  31. I had to look it up too... by Otto · · Score: 3, Interesting

    A Cisco ping command basically spews out some number of ping packets as fast as possible.

    The results then get displayed in order, with a dot displayed for every packet that times out and a ! displayed for every packet that actually gets echoed back.

    So the upshot of this is that the echo art program isn't actually sending artwork, it's responding to packets or not responding to packets based on the artwork file you give it, which will cause it to draw the art on the other side, the guy doing the pinging.

    Neat trick, actually. :)

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
  32. Oops... Additional... by Otto · · Score: 2, Interesting

    It's actually slightly more complex than that..

    Cisco style ping: "A '.' is printed for every packet sent and a backspaced '!' for every valid response."

    So it prints a . then backspaces over it and prints a ! if it gets a response.

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
  33. Crop Circles! by str8 · · Score: 2, Funny

    Did the 'Art' that was put on the page look like crop circles to anyone else?

    <Tinfoil hat>The aliens have a new way of passing information to the chosen. I saw Mulder ping this site and got a map to the next landing coordiates. If you believe, you can see it.</Tinfoil hat>

    Psst. Hey buddy, can I borrow a .sig?