Furthering the testing from my previous post, I wanted to play with some terminal ballistics experiments. This one features the difference between the flat-point RWS Meisterkugeln target pellets and the Gamo Red Fire. The latter are designed to expand at impact and should also result in less penetration (and, if you subscribe to the energy-dump theory, better terminal effect).

For my testing, I did the following: I selected a book that I don’t like (trust me, it was a bad one), and soaked it in water. The soaking is a little delicate, because you want to make sure that even in the middle of the book the pages are well-soaked. This took some time, but once completed, I had a good target for testing. I then tested several samples of each pellet (three each) to determine several factors (shown below in the table). This image shows the testing process:

I retrieved the book and leafed through it to determine how far in the pellets went, as well as to extract the remaining pellet fragments. The following photo shows what happened to the pellets. Note that the Gamo Red Fires (the one with the little red tip), there was tremendous expansion! I really didn’t expect to see anything this dramatic, but Gamo’s promises were definitely kept:

* Note that one of the three Meisterkugeln pellets managed to fully penetrate the entire book (including the back cover!). This data point was excluded, since it could not be found.

I’ve been working on learning how to better use GNU R, a statistics-focused programming language. I had a few things to play around with as I was reading through a book about R, and then I thought I would go generate some data. I dusted off one of the projects I had been working on a long time ago — comparing different brands of air rifle pellets.

I’ve been getting a lot of success out of some RWS Meisterkugeln pellets. I don’t think they’ll work so well for squirrels or rabbits, though, so I picked up some Gamo Red Fire pellets. Today, I made five 3-shot groups with each at 10 meters to compare. Here’s the overall result:

As expected, the RWS pellets give me more consistent and generally tighter groups. I’m glad too, since they’re quite a bit more expensive. That said — note the outlier on the boxplot for the Gamo Red Fires — a 0.2″ group? Indeed! This is the best group I’ve ever gotten from my Crosman Quest!

I was ruminating on II Corinthians 3 and 4 today. Paul has just finished explaining how he came with plain speech. He’s earnestly pleading for his hearers to consider the truth he presents. The focus of his Gospel preaching is not on him at all, but on the Gospel itself as he elevates it before his audience for their inspection. He is but a humble servant of Jesus Christ, who is entrusted with the Gospel. He says:

For we preach not ourselves, but Christ Jesus the Lord; and ourselves your servants for Jesus’ sake.

Ah, but no one is so callous as to present themselves as a spectacle. No one would be that … obvious… right? We can all imagine some spooky pharisee with an evil goatee cackle maniacally, stand up, and say, “I’m so great, don’t you want to be like me?” We can spot that guy a mile away. Surely the churches are strong enough — sophisticated enough — that nothing like that would last for long.

But error is never so obvious as that. You can spot a bad-guy on TV because “that actor always plays a bad guy.” He just looks evil. But Satan appears as an angel of light. Rat food is mixed with only a little poison. The real deception will be hard to spot. It will be dressed up like a pious, unassuming, respectable thing — and we’ll have to really look at it to figure out what’s going on.

But the piety is really self-righteousness. The unassuming nature of it is just fear of man. And the respectableness vicarious rebellion. It looks like this:

• Preach the gospel at all times — If necessary, use words
• I witness with my actions
• People will see there’s something different about me, and ask what it is
• People won’t take it seriously unless it’s backed up with all my loving good works

How can these be anything but presenting oneself as a spectacle? A good Baptist knows that his works do not save himself. But now he believes that his works will save someone else? This is contrary to the teaching of Paul. We should present ourselves to the world only as servants of Christ, and manifest to them the truth of the Gospel — preach Jesus as Lord. A wink and a smile can not do that!

Every time I hear one of those silly excuses about why people don’t preach the actual Gospel, I want to say:

• It’s not preaching the Gospel until you use words
• Witnessing is my action; I witness with the Gospel
• If people see themselves in the mirror of God’s law, they’ll ask me how to fix it!
• People won’t take it seriously until they hear the preaching of the Gospel

Don’t fake yourself out. The great commission, which applies to each individual believer, is that “repentance and remission of sins should be preached in his name among all nations.” It’s not that smiles and loving attitudes should be exhibited among all nations! If you count on people accosting you to find out “what’s different,” you’ll miss your part in the greatest activity available to a servant of the Most High God:

How then shall they call on him in whom they have not believed? and how shall they believe in him of whom they have not heard? and how shall they hear without a preacher? And how shall they preach, except they be sent? as it is written, How beautiful are the feet of them that preach the gospel of peace, and bring glad tidings of good things!

Just about when we got married, we picked up a copy of Memoir ’44, a light war-game based on the D-Day invasion from World War II. It’s a great game — one of the attractive features is the little “guys” that represent your units on the battle field. They are little 1/72-scale plastic figures, much like the army men we’ve all played with. Recently, I started reading about people who paint their Memoir ’44 figures to appear more realistic. I thought, “Maybe this would be a good relaxing activity…”

This is my first attempt, and I think this is a doable project. I think I’ll have to order paint for the Germans, though, as the local Hobby Lobby doesn’t carry Feldgrau…

Kristie and I watched the video presentation of Case for Christ by Lee Strobel. I certainly don’t agree with everything about him. For example, he is uncomfortably ecumenical. He’s also compromised on the history issue, as well as his views on textual criticism. But, from an apologetics perspective, he has accumulated some sources that I find quite thought-provoking. Tonight’s viewing of his video gave me two thoughts that I’ll be incorporating into my toolbox for my next discussions with atheists.

Earnest Believers
Sometimes, I’ve thought about how there are committed believers of various religious persuasions who are willing to die, even, for their beliefs. Muslims, Buddhists, and Mormons are, at times, willing to make the ultimate sacrifice. Yet, their religion is vain if the Bible is true — how can we use the conviction unto death of the disciples as apologetic evidence that Jesus is risen, yet discount the validity of these other “believers”? The answer, as suggested by one of Strobel’s interviews, is in from where the belief comes.

A muslim bomber who gives his life for his belief is trusting someone else for the critical information. He memorized the Koran when he was little. He is surrounded by passionate preachers of Islam. His trust for these sources is complete — the evidence for his faith is the ultimate They died for what they saw with their own eyes. willingness to die for it. Does this make his belief true? No, it makes his belief dependent on the sincerity of his trust for these sources, who themselves could be in error.

The difference between this circumstance and the Biblical disciples is that they are eyewitnesses. Their belief is dependent not on that for which they must trust another — it is in what they experienced themselves. They must doubt their eyes, ears, and hands to discount the resurrection. It’s not a matter of blind faith in a fellow man, but a confidence from having watched Jesus ascend into the clouds.

Presuppositions Preclude Enlightenment
Maybe this is a little too obvious, but one of the interviewees made a great statement. He said that an admittedly valid position would be to state firmly that dead bodies do not rise. Then, even faced with infinite evidence that the resurrection is well-attested and not contradicted in history, this presupposition will still disqualify resurrection as an option. This way, the skeptic can say, “I don’t care how many of these evidences you can provide about events surrounding the resurrection — since dead bodies don’t rise, there must be some other explanation!”

This person, the commentator said, cannot be convinced. His entire worldview rests on his assumption about the finality of death. Most importantly, if the resurrection really did happen, this person cannot find the truth. This is the importance of an open mind — and there’s no sense debating with someone who has disqualified an important potential conclusion peremptorily as an initial presupposition. Similarly, evolutionists start with a presupposition that special creation cannot have happened — then, if the universe was created, they will never figure it out!

I’ve been reading through Finney’s Systematic Theology while I’m on vacation, and finding it very challenging. It’s a good kind of challenging though — he writes like a lawyer (he was a lawyer, after all), so it’s a matter of progressive logic from one issue to the next.

He draws a fascinating distinction between retributive justice and public justice. Rather than sum up, here’s the quote that I just wanted to document for my own long-term memory:

Strictly speaking, retributive justice can never be satisfied, in the sense that the guilty can be punished as much and as long as he deserves; for this would imply that he was punished until he ceased to be guilty, or became innocent. When law is once violated, the sinner can make no satisfaction. He can never cease to be guilty, or to deserve punishment, and no possible amount of suffering renders him the less guilty or the less deserving of punishment; therefore, to satisfy retributive justice is impossible.

It struck me that this same idea is applicable to the eternality of judgment. A model of purgation (as the Catholics have) is founded on the idea that guilt can be gradually countered by the application of suffering. The biblical model suggests that my guilt deserves an eternal punishment. I could not “work off” my guilt because I can never exhaust my guilt. Ergo, the lake of fire is eternal.

Similarly, the righteousness of Christ cannot be exhausted. The value of the Atonement is infinite — the value of Christ himself to God the Father. Therefore, heaven is eternal, as His Grace is extended as infinitely as His Atonement is valuable.

Having produced a reasonable hacking tool — “reformer” — I wanted to make a little screencast about how to use it. In honesty, the screencast is one of the most beneficial things that I think has happened in the nerd industry. I have learned so much about using various tools just by watching people use them, that I wanted to figure out how to make a good one myself.

I ran into gtk-recordMyDesktop the other day, and it is fantastic. I’m pretty sure it’s just some spit and bailing wire underneath, but it’s working perfectly for my purposes. I found it most useful for creating the screencast by starting a VNC session and telling gtk-recordMyDesktop to record that window. Then, I can run all my tools and make sure that everything fits into my window. The result is an “OGV” file — the Ogg Theora video codec. For screencasts, I think it’s great. But, there is one little problem: lots of difficulty importing it into other tools for post-processing.

I really wanted to use iMovie, since my wife has a Mac now. She’s been using it for her videos, and doing a really great job. I figured I could get her assistance in adding labels and doing some basic editing. But that is much easier said than done. iMovie hates most video formats, and it was a real exercise in frustration trying to get my OGV into it. What finally worked for me was:

$ mencoder [file.ogv] -ovc lavc \
    	-lavcopts vcodec=mjpeg \
    	-of lavf \
    	-lavfopts format=mov \
    	-o [output.mov]

This produced a MOV file that iMovie could import. From there, I was able to slice it up, add music, and add titles here and there. That is, with my lovely bride’s assistance, anyway . Here’s the final product:

I think it worked out.

For the first time in awhile, I sat down to do some actual coding. It’s still a relatively small program, but worth a mention on the blog. One thing that has frustrated me, being a penetration tester for the last six months, is the dearth of web-based brute force tools. Often, I am presented with a web-based login form that I’d like to exercise, and some of the tools out there that support it are a little awkward. Usually, they enforce too much structure, and if your particular form deviates from the tool author’s expectations, it’s a pain to make it work.

So, I thought I’d write something up that gives me a strong framework for accomplishing such attacks in a suitably flexible manner. My goals are as follows:

• Allow direct access to the HTTP request itself
• Allow permutation of more than just user and password
• Support multiple means of detecting a “success”
• Not cost me as much as Burp Suite
• Design it such that ad hoc extension is possible:
  • Written in an easy scripting language (Ruby)
  • Object-oriented design
  • Decoupled, modular relationships

So, I present: “reformer”, a web form brute force tool. It’s written in Ruby, which makes up its only requirement. It operates at a somewhat low level, so you can’t just point it at a web page and say, “Go!” But, with a little setup, it can accomplish most of what I’ve needed in a tool several times in the last few months. Here’s a little demonstration:

First, I prepare two text files. One contains the raw HTTP request with a placeholder for the password (I could have any number of placeholders, in case I need to change other variables, headers, cookies, etc.). The second contains the dictionary, which is comma-delimited (though not obvious in this screenshot because there’s only one variable that I’m inserting):

Once these files are prepared, I can set up the attack run as follows:

Note that reformer also supports a mode for recording size changes between requests. The idea is that if you don’t know what success and failure look like, you may be able to identify a noticeable change in size that distinguishes a successful login. I’ve used this approach to effect at times with Burp Suite, but it’s throttling in the free version limits its usefulness substantially. So here’s a sample run testing response sizes:

The tool is implemented in an object-oriented fashion, and intended for easy extension. So, if there’s a “success detector” that is not implemented, it’s a matter of subclassing one of the detectors and adding a little code to do what you want. Some more information is available as follows:

• Additional documentation
• v0.2 source code

Last night the topic of “arguments from the original languages” came up. A lively discussion ensued, covering a whole range of topics. It reminded me that I have had some thoughts on this line ready for a blog post for some time, so here it is.

Frequently, a preacher, teacher, or author will resort to some erudite observation from a nuance of the original languages in which the Bible was written. It seems that often the case or tense of a verb is enough to overturn what the Bible that you hold in your hands has to say. I have gradually grown more and more frustrated with this, especially the more I learn about language. This blog post is just a little summary of the games people play with God’s words.

Empty Etymology

This is one that really bugs me. The teacher will announce something like, “The Gospel is the power of God unto salvation. ‘Power’ here is the Greek word ‘DUNAMOS’, from which we get our word ‘dynamite.’ Therefore, the Gospel is the DYNAMITE of God!”

Is this fair? Is the fact that some word is used to develop some modern word enough cause to adjust any of its meaning? No! Of course not. Any etymologist can tell you that the word ‘silly’ comes from an ancient germanic word that means ‘blessed’. The word ‘nice’ derives from an Old French word that means ‘stupid.’ Etymology does not exegesis make.

Deluge of Definitions

Maybe more often than the etymological disaster, one comes upon the assertion that, “The underlying Greek word has several meanings, and the one chosen by the translators is incorrect here.” These are fightin’ words usually unbecoming of someone who took a whole entire two semesters of Greek, but somehow this occurs quite frequently.

The problem is that the mere existence of alternate meanings of a word does not tell you which one should be used. Consider the English word, ‘run.’ In my handy World Book Encyclopedia Dictionary (vintage 1965) lists 25 definitions. dictionary.com lists 179 definitions. How can an English speaker ever determine which meaning is the right one? What if I mean definition 87 (“to sew or use a running stitch”), but you think I mean definition 13 (“to be sailed or driven from a safe, proper, or given route”)?

Obviously, we have no difficulty with this. Anyone with a deep familiarity with the language can clearly understand the definition of a word that possesses multiple valid meanings by its part of speech and the context. This is where we trust the translators to know a whole lot more than some guy in a pulpit who looked it up in a lexicon.

Immolation of Italics

“There is no correspnoding Greek word for this word, so it was added by the translators. We can read it as if it isn’t there.” This one really bugs me, and has only gotten more frustrating as I have learned more about other languages. It is never fair game to remove the italicized words, but most people don’t understand this enough to fight back.

Let me give you an example: in Russian, there are no articles. You know those friendly little words, ‘the’, ‘a’, and ‘an’. These are the most common words used in English! How can those Russians even communicate at all without these important words? Surprisingly, they work fine. A Russian-speaker, when you say goodbye but will meet again, will say (literally) “see later”. Grammatically, though, this means, “I will see you later.” What we take five words to say takes a Russian only one word. Amazing!

The reality is that different languages vary widely in how ideas are expressed. The italicized words (if you are so fortunate as to have a Bible in which they are italicized) are there to tell you when situations like the above occur in the biblical text. Often, these are inserted so that you can understand in English what is necessarily implied in the original. These words should always be understood to be part of the true text.

Mutable Manuscripts

Possibly the worst offense is this: “This (verse / word / half-chapter) does not exist in the earliest and best manuscripts.” Invariably, it will exist in several thousand manuscripts, but the preacher will not tell you the following:

1. Which manuscripts do not have it
2. Why they are called “oldest”
3. Why they are called “best”
4. What criticisms or other views there may be

Without getting into the whole issue of textual criticism, let’s just sum up and leave be. If a passage of scripture was universally recognized by God’s people for 2,000 years, exists in 98% of the manuscripts we have, and is maligned largely by unbelieving scholars, it ought to be in the Bible.

Conclusion

There are other games people play (this is not an exhaustive list!). But trust me: with just a little understanding of how languages work and what translation means, one can easily become as frustrated as I have with “arguments from the Greek.”

I will trust a body of believing translators with strong credentials in the original languages over a Bible degree with two semesters of Greek and a lexicon written by an unbeliever.

I’ve been dabbling with Haskell again, one of my more favorite languages. Perhaps someday it will eclipse even Common Lisp. One of the more interesting ideas I have run across lately is a comment made in the recent O’Reilly book, Real World Haskell, about parsing:

In many popular languages, people tend to put regular expressions to work for “casual” parsing. They’re notoriously tricky for this purpose . . . If we can write compact Parsec parsers, we’ll gain in readability, expressiveness, and error reporting.

This idea intrigued me, because in some of my projects I’ve encountered the difficulties that come with using regular expressions to simulate parsing. Exceptions are hard to trap, code is always tightly bound, and it’s very difficult to maintain. I had skipped the parsing chapter in the book for some time, but I finally decided to grit through. Parsing in Haskell had looked scary before, but it doesn’t seem quite so impenetrable to me now.

Not content with just going through the examples in the chapter, I decided to try a few of my own. I can really see how, once familiar with the Parsec library, I would actually write simple parsers for all kinds of text processing. While previously I had thought Haskell lacked in some of the basic text processing facilities (such as having no useful “split” function), I realize now that one could easily use Parsec instead.

For example (and possibly only for my own recollection and posterity), here is my attempt at an S-Expression parser (the foundational syntax for the Lisp languages). It does not parse a particular language, just the expressions themselves. It is also not a great Parsec example, since I have not fully grasped the “applicative functor” style, which would probably “tersen” things up even more.

data SNode = List | Value String
           deriving (Show, Eq)

retNode v cs = return (Node v cs)

sexp :: GenParser Char st (Tree SNode)
sexp     = list <|> literal

literal   = Value `liftM` parseLit >>= flip retNode []
    where parseLit = many (noneOf " ()\n\t")

list = inParens contents >>= retNode List
    where inParens = between (char '(') (char ')')
          contents = sepBy sexp (space >> spaces)

parseSEXP = parse sexp "S-EXP"

Hopefully it is easy to see how each component of the “S-Expression Grammar” is broken out as the behavior of a function (or two) in the parser. The result is an actual parse tree, using the Data.Tree module. Here is a sample S-Expression for parsing (the factorial function in Common Lisp):

(defun fact (n)
  (if (zerop n)
    1
    (* n (fact (1- n)))))

Running this through an interactive Haskell session like so, produces the parse tree shown in the image above:

$ ghci
GHCi, version 6.10.2: http://www.haskell.org/ghc/    for help
Loading package ghc-prim ... linking ... done.
Loading package integer ... linking ... done.
Loading package base ... linking ... done.
Prelude> :l Sexp.hs
[1 of 1] Compiling Sexp             ( Sexp.hs, interpreted )
Ok, modules loaded: Sexp.
*Sexp> parseSEXP sample

I am looking forward to integrating my new parser skills with coding projects in the future!