EPTPart1
Part 2
part 3
sometimes the genius of some people is simply amazing.
pd: lol @ the last coment in part 3.
History of Hacking (parts 1, 2 and 3)
| Forum Index > General Forum |
|
Unforgiven_ve
Venezuela1232 Posts
Part1 Part 2 part 3 sometimes the genius of some people is simply amazing. pd: lol @ the last coment in part 3. | ||
|
InToTheWannaB
United States4770 Posts
| ||
Xeofreestyler
Belgium6772 Posts
| ||
|
MaGnIfIcA
Norway2312 Posts
| ||
|
proTOSS[GER]
858 Posts
| ||
|
Wysp
Canada2299 Posts
| ||
|
baal
10541 Posts
| ||
|
AngryLlama
United States1227 Posts
| ||
|
nArAnjO
Peru2571 Posts
| ||
|
aseq
Netherlands3983 Posts
| ||
|
Unforgiven_ve
Venezuela1232 Posts
they are fucking genius! you dont put the genius in jail...can u image the things that the guy would have done in those 5 years in jail?? | ||
|
Paragon
United States295 Posts
On May 21 2006 18:03 Unforgiven_ve wrote: im amazed how americans reacted at those guys...read the coments at part 3. they are fucking genius! you dont put the genius in jail...can u image the things that the guy would have done in those 5 years in jail?? At least we had computers! | ||
|
Ack1027
United States7873 Posts
That was really interesting. | ||
|
oHInsane
France727 Posts
Even if it is a little bit old, this document deals with many interesting things. The war-dialing stuff with the telephone hijack is really amazing and i mean it is where jacking began. On a side not, i would like to talk about what's hacking now. I don't know if you have already been to the defcon which is a hacker meeting in california (i went there three years ago and it was settled in vegas). It is really interesting if you like all those hacking stuff even if it is now full of commercials and full of companies who are there to sell there last "imba-all-protecting-software". But if you know some guys there, they will lead you to some alternative meeting with various old school and new school guy who are really really amazing. I saw them playing a Capture The Flag and that was simply unbelievable. (- Capture The Flag is not the FPS thing in this case, it is just a bunch of hackers separated in two teams. Each team has a server with one special file on it, and you have to steal the file on the other server and at the same time protecting your file - ). Nowadays, the security world is very fond of the Wireless network hack ( wardriving ) which reminds me of a combination of computer hacker and telephone hacker. If you don't know wardriving, it is just a way to penetrate wireless network. You just drive a car with a computer and wireless card and you're looking for wireless access point with it. You can enter the network of many areas that use wireless (like companies, free space, airport and so on). I am not an expert but i am really interested by their spirit even if i sometimes disagree with all the "hack the world" and "everything free for all" propaganda around it, it is still interesting if you like computer science. Now i don't want to bore you more than i did and i will give you some other links to videos. It is a mix of bumping-computer hacking stuff. [vid] http://www.toool.nl/bumpkey-alert.wmv : How to enter any rooms . [vid] http://www.phuzion.com/14/?p=tutorials&tid=7 : how to play flash games ? [vid] http://www.google.com/search?hl=en&lr=&q=inurl:"view/index.shtml"&btnG=Search : just a foramted google request to access some security camera all over the world [web] http://www.milw0rm.com : Some exploits. I have many more links but hehe, it is a sc forum but those one are interesting i think. Thanks to unforgiven for starting this thread! | ||
|
mel_ee
2448 Posts
On May 21 2006 20:24 oHInsane wrote: The whole movie is also available on some p2p as far as i remember. Even if it is a little bit old, this document deals with many interesting things. The war-dialing stuff with the telephone hijack is really amazing and i mean it is where jacking began. On a side not, i would like to talk about what's hacking now. I don't know if you have already been to the defcon which is a hacker meeting in california (i went there three years ago and it was settled in vegas). It is really interesting if you like all those hacking stuff even if it is now full of commercials and full of companies who are there to sell there last "imba-all-protecting-software". But if you know some guys there, they will lead you to some alternative meeting with various old school and new school guy who are really really amazing. I saw them playing a Capture The Flag and that was simply unbelievable. (- Capture The Flag is not the FPS thing in this case, it is just a bunch of hackers separated in two teams. Each team has a server with one special file on it, and you have to steal the file on the other server and at the same time protecting your file - ). Nowadays, the security world is very fond of the Wireless network hack ( wardriving ) which reminds me of a combination of computer hacker and telephone hacker. If you don't know wardriving, it is just a way to penetrate wireless network. You just drive a car with a computer and wireless card and you're looking for wireless access point with it. You can enter the network of many areas that use wireless (like companies, free space, airport and so on). I am not an expert but i am really interested by their spirit even if i sometimes disagree with all the "hack the world" and "everything free for all" propaganda around it, it is still interesting if you like computer science. Now i don't want to bore you more than i did and i will give you some other links to videos. It is a mix of bumping-computer hacking stuff. [vid] http://www.toool.nl/bumpkey-alert.wmv : How to enter any rooms . [vid] http://www.phuzion.com/14/?p=tutorials&tid=7 : how to play flash games ? [vid] http://www.google.com/search?hl=en&lr=&q=inurl:"view/index.shtml"&btnG=Search : just a foramted google request to access some security camera all over the world [web] http://www.milw0rm.com : Some exploits. I have many more links but hehe, it is a sc forum but those one are interesting i think. Thanks to unforgiven for starting this thread! those links, what do i do there? tips? | ||
|
Orome
Switzerland11984 Posts
Could someone, who knows something about the hacker "scene" explain a bit about how that scene works now? When I think of hacking, I think of people spreading viruses and the like, and I have a really hard time believing that they do that for a valid reason. | ||
|
Orome
Switzerland11984 Posts
On May 21 2006 20:24 oHInsane wrote: [vid] http://www.phuzion.com/14/?p=tutorials&tid=7 : how to play flash games ? What would be your motivation to hack a video game to get first in the ranking? Seriously, wtf? | ||
|
oHInsane
France727 Posts
The first two ones are two videos, just watch them if you're intereseted. The google one is used to find some badly protected security camera, you just have to click on the links returned by google and watch some cams (there are some american college cams, some useless ones, some scientifc ones to observe birds migration and so on...) THe last one is just a database for computer science exploits. It is used to be aware of the last security flaws on many programs. You won't find anything interesting if you don't have an idea about the programs mentionned in this site. On May 21 2006 20:39 Orome: Very interesting, thanks for sharing. Could someone, who knows something about the hacker "scene" explain a bit about how that scene works now? When I think of hacking, I think of people spreading viruses and the like, and I have a really hard time believing that they do that for a valid reason. I am just aware about what is happening in France. The "scene" is according to me (there are many varaitions about its definition), a group of people that are bringing something new to the security world and that share it with a limited group of people who have found or who are working on various hacking projects. I just know what is going on since the internet era (i mean i don't know anything about phone hacks and so on). So basically, there are many fields gathered around the hacking concept. At the beginning, like nearly 10 years ago, there were some computer science specialists who were trying to find some flaws , and to exploit them (or not) for different purposes: fun, money, helping people improving their sofwares. Since the beginning we can see two different groups. On the one hand, we have the ones called the "white hat hackers", who are the one who are trying to find some flaws/exploits on a media (a software for example) and who helps the developpers to correct those flaws withour exploiting them. Typical example: i find a flaw on the teamliquid website that allows me to be an admin. I tell the owner of teamliquid that i found a flaw and how to correct it then he corrects it and everythoing is ok. On the other hand, we have the ones who are finding flaws to exploit them for their own profit.They are called "black hat" ie: i find a flaw on the tl.net website, and i use it to erase all the forums posts. And i should also mention some lame people (called "lamers") who are using other exploits for their own profit. IE: someone finds a flaw on tl.net and decides to release it on the web. Someone elese picks this exploit and uses it against tl.net for his own benefit -> lame. They call it lame cause it requires no skill. Many hackers you will be heard of on tv or radion are lamers. They use an exploit or a virus made by someone else and spread them all over the world. The real hackers, i mean the ones who really find something new, are a few. Mitnick was the most famous of them. I mean, he is a legend on the hacking world. According to me, his story inspired many hackers. Nowadays, most of those people are gathering around website, irc channels on the internet and are specialised on many different fields related to hacking. Coding, OS specialist, Carding, reverse engineering, Fingerprinting, Networking and so on to name a few. sometimes they meet each other on some unofficial meeting. One of this famous meeting is called "2600" (google it to have more information). According to me , the art of hacking should be a challenge to find flaw in something that should not. Unfortunately, too much people used those well know flaws for their own profit. It is always a pain to see someone being mentionned on tv for spreading a virus that costs so much money and troubles for the users and for the companies. Most of the time, this guy just goes on milw0rm or nay other sites, picks an exploit which can damage Windows XP SP2 and puts it into a mail and sends it via mass emailing on the internet. Now you can wonder why hackers who found an exploit release it on the Internet? It is difficult to answer that. According to me, there are two things: Firstly, he releases it just to be mentionned on an internet security website and to get some "glory". Secondly, To be recognized as someone who is sharing his knowledge ( disclosuer rule). I can talk about that more but i have no time at the moment. Maybe if someone is interested, i will continue. | ||
|
camooT
United States1354 Posts
| ||
|
Unforgiven_ve
Venezuela1232 Posts
maybe someone un tl is a supermegady3812812 hacker?!!? SHOW YOURSELF!! YOU ENLIGHTENED MIND!!!!! you are welcome oHInsane, and plz tell us more =) | ||
|
AK-Nemesis
2005 Posts
| ||
|
Orome
Switzerland11984 Posts
 I'd be very interested in more information. | ||
|
oHInsane
France727 Posts
So as i said, to sum up a little bit, the "hacking scene" can be divided into two main streams: - The "real" hackers: they usually have good/extreme computer knowledge. They can use this knowledge to attack and to make damages on a specific target (black hat hackers) or they can be hekpfull by warning software/network or any companies about some flaws in their product, security softwares etc (white hat hackers) - The "lamers" who are the source of the majority of the attacks over the Internet. Those guys just use softwares coded by other people to look "cool", "1337" or whatever. This category is a pure pain as i said. The main reason is that they bring nothing to the "hacking" community. And the second reason is that they give a "bad" image about what hacking is really. So let's concentrate on the "real hackers". As someone said, some of them are working alone or with a little group and prefer staying "covered" by remainin anonymous. And a part of them releases and shares their discovery. Those guys are working on different fields (i can just talk here about what i know): Coding: being able to program is a "must have" tool. Basically, you can't be a hacker if you don't know what programing is. Why ? Because in order to find a flaw in a software, you should be able to know what is happening in this software and how it works. Under the term "sofware", you can find usual soft like MS WORD, MS OUTLOOK, you can also find websites (which is an intenet program), you can also find Operating System like Windows, Unix (Linux), Solaris , etc... and you can also find network program like Apache. Basically, any services or program can be hacked. So imagine someone wants to hack a website and he knows this website has been built with "phpnuke" (which is program that allow you to make your own website in a short amount of time). The hacker will download "phpnuke" then he will check the source code (how the program is made) to find if there is something that can be a flaw for the website. There are many possible flaws on a website portal. There are XSS flaws (which allows the hacker to introduce his own code on the website) , SQL Injection (which allows the hacker to interact with all the datas stored on a website like user password, user email and so on) , include flaws (which allows the hacker to execute his own program on the website, for example a program that will erase all the website), etc.... But don't misread me, i don't say every website has flaws, i just say that it is possible to find some of this flaw. You know a website has generally 100.000 + lines of code so it is reasonnable to think that the programmer could have made a little mistake while writing all those lines that would allow someone to find a XSS, a SQL Injection or anything else. So coding is a key for a programer. As i said, it allows the hackers to understand how his target work, but it also allows a hacker to make his own program. For example, a hacker found a flaw on Windows XP that allows him to reboot the machine if he enters some specific data onto windows. He will then write a program that will automatically send this data and make his target rebooting. Here is a typical example of that with the "lsass" flaw that was found in Windows like 4-5 years ago ( you know it was known as the "sasser" worm). The idea still remains the same: Finding a flaw on a software then build the software that will exploit this flaw. (more details about sasser here http://www.osix.net/modules/article/?id=527 ). Carding: this is something i don't really know well. Still, i just know the concept. The idea is to clone credit card (or any type of card but it is less profitable to clone a bus card than a credit card). This is very very VERY illegal so it is hard to find those guys and many of the websites are regularly closed. The last i hard of was carderplant and it has been closed for a while. The russians are really active (talk about russian mafia ??) into this area and most of the time, if they release websites about carding, it is all on russian so i can't get deep into it. As i don't know many things about pure carding, i won't go into the details. The ony way i know to steal credit card number is to keylog someone's else computer and get his credit card number back. A keylogger is just a program (as i said coding is the way to go) that will store everyting you can type and then send the content to the hacker. Usually those keyloggers are detected by antivirus cause their signature are easy to detect. Reverse Engineering: This area is closely related to coding. It is just a way to find a flaw in a compilated sofware without having the source code. To sum it up fast, you can't read the source code on a compilated software (like word, brood war and everything you can install on your computer). So in order to know how the program is working you should disemble it (with a program). So basically, you will have something which is not the source but something (if you know how to read it) that will the hacker to know how the program is working. FOr example, this is what is usually done to make a cd key generator. The hacker disembles the program, then he will look for the procedure that will check the validity of the cd key. Then the hackers will extract the algorithm of the cd key validation and will build his own cd key generator. Networking: Well, the idea here is to penetrate a network (ie the network of a private companie). That's where Kevin Mitnick (here is his story: http://en.wikipedia.org/wiki/Kevin_Mitnick ) was a master. The idea here is to allow you to remotely acces a network you should not have the right to access. There are many tricks depending on the network topology. One of them is the Man In The Middle (MITM). I like this example because it explains on itself quite well the ideology of attacking networks: you have a network where a computer in a company ( A ) is sending/receiving information from the server of the companies that stores for example financile information about customers (B). And you are on other computer in this company. So here is the idea of the MITM: A <--------------------------->B A <---------> C <----------> B So you have make B believing you're A and at the same time, make believing A you're B and put yourself in the middle of their transaction. Then you just have to capture the traffic (with a sniffer) and pick the information you need in it. One of the new field on the network attacks is the wireless network. The idea of this is to enter a wireless network outside ot the physic limitation but still in the range of the network. Let met explain. I know my neighboor is using a wireless internet connection and i want to use it too but he does not want me to do that. So physically, you're supposed to be out of the network since you don't live in your neigboor's place. But, the wireless acces point has a range of 35 meters so basically, you can be on its network range and so, you can be able to access the network. In theory, you just have to install a software that will find for you the password of the network and then you can go into his internet. Now, wireless protocols are being updated and it won't be that easy in the future but it is just the idea of the concept. Fingerprinting: To penetrate a network or a computer, you will have to know which operating system your target is running. So there is a field called fingerprinting that deals with the art to guess which system your opponent is running. There are softwares like nmap for example that will guess your OS target by analyzing the network traffic (the TCP windows to go a little more into the details). For instance, you want to attack someone but you have to know which operating system he has because you're a pro to hack windows system but if it's linux, you're fucked. So to be sure he is uing windows, you launch a fingerprint on him then if it 's a WIndows system, you will be able to try all your fresh new hacking knowledgre to get into his system. This field is very difficult to understand since you will have to know mostly everything about computer networks (tcp/ip and so on) and many things about Operating System. Ok there are many other fields but i just mention those to just give you an idea. Now, you should be able to understand that viruses are really not the mainstream for hackers. I am done writing for the moment. So i am gonna give you some other links to illustrate different things i dealt with. [vid] http://video.google.com/videoplay?docid=-1021256519470427962 : video that shows how to hack a wireless network [vid] http://video.google.com/videoplay?docid=-7477301395023415733 : video that just shows some reverse engineering [vid] http://video.google.com/videoplay?docid=3658264224674753229 : SQL injection | ||
|
Unforgiven_ve
Venezuela1232 Posts
LOL, omg...poor guy  | ||
|
Unforgiven_ve
Venezuela1232 Posts
/me fears 2600: The Hacker Quarterly is a quarterly American publication that specializes in publishing technical information on a variety of subjects including telephone switching systems, Internet protocols and services, as well as general news concerning the computer "underground" and libertarian issues. The magazine is published and edited by Emmanuel Goldstein (a pen name of Eric Corley and allusion to George Orwell's Nineteen Eighty-Four), who is also the magazine's founder, and his company, 2600 Enterprises, Inc. In the usage of 2600 Magazine and affiliates, the often loaded term "hacking" refers to Grey Hat hacking, which is generally understood to be any sort of technological utilisation or manipulation of technology which goes above and beyond the capabilities inherent to the design of a given application. This usage attempts to maintain neutrality, as opposed to the politically charged and often contentious terms White Hat hacking, which is designated as "hacking" motivated exclusively by good intentions (e.g. enhancing the performance of a device or exposing the vulnerabilities of a security system for the benefit of the system administrator), or Black Hat hacking, which is designated as "hacking" motivated exclusively by bad or selfish intentions (e.g. stealing useful information or exacting technological revenge through sabotage). The magazine's name comes from the phreaker discovery in the 1960s that the transmission of a 2600 hertz tone (which could be produced perfectly with a plastic toy whistle given away free with Cap'n Crunch cereal—discovered by friends of John Draper) over a long-distance trunk connection gained access to "operator mode" and allowed the user to explore aspects of the telephone system that were not otherwise accessible. Mr. Corley chose the name because he regarded it as a "mystical thing," commemorating something that he evidently admired. 2600 has established the H.O.P.E. (Hackers On Planet Earth) conferences as well as monthly meetings in Argentina, Australia, Austria, Brazil, Canada, Denmark, England, Finland, France, Greece, Ireland, Italy, Japan, Mexico, New Zealand, Norway, Poland, Russia, Scotland, South Africa, Sweden, Switzerland, and the United States. The meetings take place on the first Friday of the month at 5 p.m. local time. 2600 meetings exist as a forum for all interested in technology to meet and talk about events in technology-land, learn, and teach. Meetings are open to anyone regardless of age or level of expertise. 2600 Films has made a feature-length documentary about famed hacker Kevin Mitnick, the Free Kevin movement and the hacker world, entitled Freedom Downtime, and is currently working on one titled Speakers' World. Additionally, 2600 has been involved in many court cases related to technology and freedom of speech alongside the Electronic Frontier Foundation, perhaps most significantly Universal v. Reimerdes involving the distribution of DVD copy protection tool DeCSS, where courts upheld the constitutionality of the Digital Millennium Copyright Act anti-circumvention provisions. Corley is also host of Off The Wall and Off the Hook, two New York talk radio shows. Both shows can be downloaded or streamed via the 2600 site. thx wikipedia =) | ||
|
oHInsane
France727 Posts
Some of the 2600 people wrote and are still writing some webzines to release/explain some flaws/exploits/hacking state of the art paper. You can find some of them here: http://madchat.org/esprit/emags/ Most of those articles are very technicals but some of them are friendly readable if you can get into them a little bit. | ||
|
Alborz
Canada1551 Posts
Great thread, thanks Unforgiven_ve | ||
|
Resonate
United Kingdom8402 Posts
| ||
|
shinigami
Canada423 Posts
My respect for hackers shot up a several notches, except crackers. They seem to have the easier job, which explains why many of us never had to pay for our software in years. | ||
|
Orome
Switzerland11984 Posts
On May 23 2006 03:00 Resonate wrote: sheeckret shoshiety! ahahahaha now that was a nerd  | ||
| ||
