Slashdot Mirror
A Peek At Script Kiddie Culture
Brian Bruns writes "NewsForge is covering an article on the Script Kiddie Culture, in an interview with my co-admin Andrew Kirch. It provides insight into a culture that not many people fully understand, or get to see."
Is this guy just making stuff up as he goes along. I swear he comes off like Gibson at GRC for christ sake. Secret groups of anti-social 11 year olds taking down whole isp's because their male "competition" for the heart of an equally dysfunctional haxo4 chica is a subscriber.
From an admin's perspective, a DDoS is the scariest attack of all. There's nothing you can do to prevent it, and nothing you can do to stop it.
An admin whose network is being DDoSed really doesn't have much hope of doing anything. Their inbound communication line to the outside world is being flooded with so much garbage information, the signals that they want to get over that line are simply drowned out. Incoming connections can't get a turn going down the pipe, so they time out. He's powerless, everything in his shop is nice and secure, but can't function without geting any useful requests. That poor admin can call his ISP... but there's really not much the ISP can do from their side of the line.
The real problem in a DDoS attack is not that the final victim's security has gone wrong, but the security of other computers elsewhere on the Internet have been compromised, and they've been turned into zombies contributing to the DDoS flood. The DDoS will not subside until nearly all those machines are all patched, but that's not something the victim's people can do. They have to wait for the Anti-Virus providers and software providers to knock down the flamethrowers that are all being shot in the same direction.
Any time you're relying on third parties who don't work for you to save your business, you're really up a creek and are throwing yourself on the mercy of the tech world. Hopefully they'll save you in time, because there's really not much you can do from your own datacenter.
Given that there are always a considerable number of individuals at this 'level of ignorance', and that they associate with one another on a regular basis, I would call it a culture. Just because this 'script kiddie level' is merely a stepping stone to greater understanding of technology does not mean it, as just a snapshot of one point in this progression, is not worthy of being a culture in and of itself. After all, like other cultures of this kind (gaming, geek, fratboy, whatever) there are new script kiddies joining and old script kiddies retiring from it each day.
Also, if you've ever associated with them, script kiddies have their own rules (mostly unspoken), trends, and even something of their own language. It may all be borne of ignorance and immaturity, but the same could be said about a number of other cultures/subcultures.
I noticed that microsofts statment that (if|when) Linux gains as much popularity as Windows, we will find that it is not inherintly more secure because "Using Linux does not make you defacto smarter"
Reading this I knew that SOMEONE would bring it up, so I might as well be the first
I think that as linux sits right at this moment, it does make one smarting to be using it, simple because it requires the user to be more aware of their system. I do not see this changing in the near future either, not because of the technical inability of linux to emulate Windows automagic configuration, but because the people who write the software do not seem to want that (I know I don't).
So does this mean Linux is more secure by default? I would have said yes if you asked me a week ago, but this last weekend I was at a LAN party and installed Linux on several machines of friends who were interested in learning about it. What I saw made me realize that in the hands of an average (l)user, Linux can be LESS secure
The thing is, even after my lecure I still had people choosing root passwords like "poopoo" and "iforgotit". Not only that, after a brief tutorial on how to do basic system administration through YaST (I installed SuSE 9 on their boxen), I had at least 3 people go in and turn on every single network service that was offered. One of these people even set up his box as an anonymous FTP server with read and WRITE priviliges to the root directory!
At the same time I had another guy logging on to IRC as root and downloading files, while I was taking care of these machines someone else had already created a user account and given the user name and password out to several people in his AIM buddy list.
I'm the last person to say that we should include less software with a distrobution. I think the fact that most distorbutions contain a complete operating environment is a good thing, but with a little bit of knowledge these people had already made their system much much less secure than a windows box with the security updates applied would have been.
The whole point of that rant being (other than just getting that off my chest), as linux becomes more popular I can easily see scripts writen to take advantage of clueless linux users just the same as there are scripts to take advantage of clueless windows users.
Famous Last Words: "hmm...wikipedia says it's edible"
After reading ths, you do start to think what would happen if someone big like CNN or MSNBC ran a story on the FBI not bothering with a bunch of kids who seem to be more dangerous then Al Queda. Honestly, do you expect another 5 or 6 terrorist attacks tomorrow? What about 5 or 6 people cracking into servers, messing with corperations, DoSing government servers...
The Yasashii Syndicate ||
I thought the script kiddies were the ones that didn't do any more cracking than search/download/copy-and-paste?
The script kiddies we're talking about are those who are copy-and-pasting 0day hacks. A hack that the White Hats don't know about yet, and even most black hats don't know about yet. The big mysterious question: Just how did these kids get into the web-of-trust it takes to have this tool before the "good guys" do?
Afterall, the first "good guy" who gets this tool will hand it over to the white hat experts who will start the work on the patch that makes the hack worthless. So, the web of trust on these things has to be tight... so again, how do the new script kiddies get in the club?
but if use BGP in your work life, you can probably think of a few also)
/0, or some such thing, and the entire net got routed to him, and subsequently, broken. And then they put in filters into BGP so that core routers could say "you're full of crap that's not your ASN". Is the BGP system still sketchy enough that the existing safeguards against taking down stuff as big as a country still exist? (granted a lot of countries probably have one internet connection going in, sadly)
I dont know how BGP works, but I heard that way back in the day, some dude at some ISP announced that he had a
slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
I think it's mainly a result of the "generation gap".... You've got parents who know very little about their own computers, and their kids who are pretty comfortable getting around online with it.
I've known quite a few kids/teens who got into loads of mischief with their PC, despite having otherwise caring and pretty observant parents.
Their folks were just sucked into the idea that their kids spending a lot of time on the computer had to be a "good thing", since they were learning "useful skills" and "doing something more educational than sitting around, watching TV".
There are plenty of things to blame parents for, but this is probably not really one of them. If you're the parent of a kid who is of "above average intelligence" and generally seems to stay out of trouble (not doing drugs and partying all night long, etc. etc.), and you're not too computer literate yourself -- just how much are you supposed to do when he/she figures out how to DoS corporate networks with his/her newfound online buddies?
There are operators on [major IRC network] who dedicate a large part of their time to finding and deleting these drones and drone servers, along with contacting providers whose machines are putting out the binaries. It should be noted however that this activity is ILLEGAL and viewed by the authorities as a violation of computer crimes laws. As a rule of thumb, unless you have paperwork from a judge saying you can touch a compromised machine, or you own the machine in question, don't touch it.
Picking up and putting your fingerprints on a gun found in the street is unwise. So vigilantism or "policing your network" or server is illegal. If you touch those compromised boxes, you go to jail; if you don't, the kiddie, seeing you, might very well turn around and packet you. It's not a good situation.
Anyone have an example of someone doing this and getting busted?
BGP is a little less fragile than that, but not by much.
A well setup core router will protect your network from most bad announcements from your downstream clients, but if one of your upstream providers gives you the right bad info because their router has been screwed with, you're out of luck until a real person figures it out and takes the link down.
Then of course, all the outgoing traffic for that link cascades over to your others.... and now that many people are blocking snmp due to Cisco vulnerabilities it gets a little harder to figure problems out.
And of course, much of the incoming traffic probably still sees the downed link as a valid ASN path, and since that's beyond your control... yeah, you can get screwed pretty easily by one router on an upstream provider's network that misbehaves in just the right ways.
Truthfully, most major ISPs' NOCs are pretty fast to respond to BGP screwups, but problems caused by a mistake vs. problems caused on purpose with a little forethought and topology knowledge are two different beasties...
The party of stupid and the party of evil get together and do something both stupid and evil, then call it bipartisan.
In 97 or 98 I had a similiar problem, this 15 year old kid was rooting our servers and messing up our IRC channel, he never seemed to use the same IP, and honestly we just couldn't stop him. Fourtanately a member of our organization worked at IBM and he had a bit of juice with the security department. A few days later someone at IBM got us name and a phone number, and we called and had a long conversation with the guys dad :) Never heard another peep out of him, although we were all still very emberassed (hey erik if you're out there, email me!)
Religion is a gateway psychosis. -- Dave Foley
Andrew D. Kirch aka "trelane" is a known "packet kiddie" amongst most EFnet IRC operators and administrators. He's very much an active member of "sigdie" run by OseK (http://geocities.com/osek_owned) which does indeed (D)DoS other IRC servers amongst other people/businesses. trelane has also been seen bragging about "taking down" servers such as irc.qeast.net and irc.vrfx.com. I've also been told that the provider of a current efnet server almost sued him civilly for his involvments in attacks said provider received. Long story short, this "kiddie" is by no means a white hat who managed to work his way behind enemy lines to fight the good fight of ridding the world of packet kiddies as he'd like to portray. Mr. Kirch is very much a "kiddie" himself, and should be treated / dealt as one.
If Joe Average's cable modem bandwidth is getting sucked up by some kiddie script, he should care. Especially when his ISP sends him a warning letter saying hes using up too much bandwidth when the most graphic intense site he's visited that month is CNN.com.
Bob Businessman definately should care as well. That dedicated T3 line he uses at work is being used to get information to his consumers. If the site starts to get slow due to a worm causing him to download hundreds of gigs of pr0n, not only will his consumers get angry but his employees may suffer in effeciency...
Bored children break stuff for the sheer hell of it. To seek deeper meaning here is to completely fail to understand bored children. Distract (and that's all you can do, merely distract) child A from breaking a thing, and child B will come along and break it while you're still busy with child A. There's nothing to see here. Move along.
we'd like to know what motivates black hats
You're presuming to use logic (or something similar) to understand a non-logical phenomenon. Don't work. Human emotion is a manifestly NONlinear function and additionally changes from one state to another with about the same level of predictabliity as the position and momentum of a particular subatomic particle. Fuggabouddit.
we'd like to find a way to get them to play on the white team
That way has already been found: Let them grow up. They'll get over it. Or at least most of them will. But you can never predict with certainty exactly which ones. And every year a new crop is growing.
Is it fascism yet?
The sad part is people SHOULD care. Everyone from Joe Average to Bob Businessman should take notice of this.
Are you kidding me?
I mean, I know we're all techies here, but lets break out of our shells for a second. This matters to people who make over 40k a year. Joe Average works in a factory and lets his kids use the internet for schooling. Do you think Joe Average, who was raised on libraries and encyclopedias, cares even for a second about whether his ISP goes down for 6 hours? Joe Average has to deal with bills, healthcare, school, drugs, gangs, crime, etc. etc. Joe Average needs tax dollars spent ensuring the welfare of our society, not the welfare of Bob Businessman's T3 lines so profit margins remain high.
Putting feds on the case of script kiddies is taking away from money and manpower that our society desperately needs. We need more concern over corporate accountability and less for corporate profits.
-- "Man is born free, and everywhere he is in chains." Jean Jacques Rousseau
Anywho...with that said here's my $.02:
I think that everyone posting above me has their own valid points which I shall paraphrase here.
1. We don't want money being thrown away to fight a battle that may or may not be won, if winning is even a real possibility.2. We can agree that the actions of these "script kiddies" is to some degree detrimental to business. Seeing as how s#it rolls down hill, it can also have an impact on us blue collar folks. I think it's accurate to say that the negative impact will grow and become more noticeable as time passes.
So, what kind of happy medium can be found amidst the viewpoints which say either "It's a waste of resources to fight." or "Something must be done."?
Should officials not try to trim the fat from current programs and then allocate the new resources to fight this growing problem? I'm responding here off the cuff so I sheepishly admit I don't have a prepared list of potential candidates for severence. But, therein lies my question; Where is the government and general law enforcement concentrating that is perhaps irrelevant.
I know plenty of people here can come up with a long list of things our government wastes money on. Furthermore I'll bet'cha we can get over half those involved in the discussion to agree to the slashing of this or that. What say ye pantheon of knowledge?
---
Every hour wounds. The last one kills.
I remember being in a friend's dorm room about 8 years ago and watching him show me how he floods people off of irc with a CTCP flood. This was the beginning of the DoSnets. His bot was linked up to about 400 others that would all send commands to a specific user at once. I can only imagine the technology change in the last 8 years. From the sounds of it though, it's the same old crap, just using different protocols.
I also remember when winnuke came out. It was nearly impossible to use the internet for about 6 weeks, until microsoft got a patch out. I put a linux machine up as a firewall and logged all of the attempts. It was like people were just winnuking all of the available ip space. After winnuke, it was teardrop, then smurf. I'd never seen a windows machine crash so fast.
ahh...the good old days. I'm suprised this is just now getting attention. It was no big deal when single computers would crash all over the internet, but when CNN.com or AOL.com gets attacked, it's a big deal all of the sudden.
Why read the article when I can just make up a snap judgement?
(Not to be confused with 'punk rock', the style of music that embraces the point of view: "This is shit, everything is shit, life is shit, you are shit, I am shit".)
"When the going gets weird, the weird turn pro" -- HST
From an online search, cf is an abbreviation for confer (Latin for compare).
As I understand it, the citation form "see" would have been a better choice for the parent as it is used to cite to a source out of which a comment made directly follows. For example, the parent's comment that script kiddies seem quite technical (which follows from the article's discussion of kiddies having exploits before anyone else).
As authority, I used the much-maligned "Bluebook", infamous with law students.
Hmm. In good /. tradition, I had not read the article. After reading the parent post, I had to read the article to satisfy my curiosity as to what citation form was best. Good job!
...of watching my friend playing winquake on kitty1.stanford.edu. He ran into a guy playing with an aimbot, so we decided to exact revenge.
We got his IP (really simple in that game!), and I cobbled together a little batch file to start 50 or so instances of ping (continuous, max byte size). We then "ping flooded" (both connections were dial-up, so it wasn't a big flood, but big enough) him and gave him a 5000 ping (while my friend, meanwhile had about a 20000-25000 ping). The guy caught on that something was up after a few minutes then got pissed, yelled at the obvious culprit and logged off. My one and only venture into the "land of the l33t h>x0r".
On a side note, that story impressed some friends and several weeks after it happened, once they finished setting up their LAN, they tried to see how hard it would be to slow down their network (100 mbps, really awesome back then) using that method. They did it eventually, but started running low on memory in the machine they were using (two many instances of ping!)
Si hoc legere scis nimium eruditionis hebes
This young white dude, computer programmer family man is found shot dead. In his house. With an exotic WW-II German pistol.
The crack team of Briscoe and Green do their leg work, and they come across an old black dude who is somehow connected to the young white dude in a financial scam. The cops think "salt and pepper" team and one crime guy turning on his partner.
The D.A.'s office goes to work on this and what finally emerges is 1) the black dude is an upstanding citizen and a war hero (hence the WW-II war trophy gun), 2) the white dude lost his job and turned to cybercrime to support his family, 3) the black dude had no connection to the white dude apart from that the white dude picked a random victim to scam for identity theft, 4) the black dude, finding all of his net worth was scammed, used his charm and his war hero "street smarts" to get the ISP to give up the address of the guy who ripped him off.
Like many Law and Order episodes, the whole thing is Hollywood and little connection to real cops, victims, and criminals. On the other hand, the writers are not that creative and probably use some news stories as a jumping off point.
Like the better of the Law and Order episodes, it makes you think. What right did the white dude have to pick a random victim and take all his money? What right did the black dude have to get his revenge as murder? What right does society have to put an 80 year old man (the black dude) away for seeking his own justice?
But to me the moral of this episode along with the baseball bat incident is what goes around comes around. No, I don't think threatening a 15 year old with a baseball bat is a good idea, and the 15 year old and parents can get in a lather about their "rights." But a 15 year old with access to a computer (and the parents of said 14 year old) could appreciate that if one could hack into someone's server, owner of such server could hack back to track you down, and such owner could be meaner, tougher, better connected, or in a much worse mood than you. And somehow going after people who threaten 15 year olds with bats under those circumstances doesn't seem like the highest priority for the courts.
Your post is, so far, the only coherent reply I've seen (with the exception of a rather funny comment about NAMBLA).
I don't have a problem per se with the distinction between a formal and/or macro culture, vs. an informal microculture. The problem I see, though, boils down to this: You say,
"Most people would agree that there definately are some cases where one [fine-grained] culture is clearly inferior to another, so by calling the script kiddies a "culture" doesn't logically imply that there is a claim that their actions are OK because all cultures are equal."
This makes perfect sense for rational people. However, the existence of a culture implies some sort of internal structure and value system. Script kiddies, for instance, may have an unwritten code of how to behave towards each other. Any value system like this, unfortunately starts to look rational from a certain perspective; we can easily start to question if their values ARE legitimate, and if we should embrace them as different-but-equal.
It sounds ludicrous, but it happens not infrequently. And of course, once that door has been opened even slightly, there's a whole world of "unfair persecution" for the members to hide behind.
I would say that there comes a point where instead of trying to understand a 'culture,' we start arresting the criminals for their crimes, instead. We can't let society's mores go unquestioned, but it should be pretty easy to see that one person (or group) violating the property of someone else for fun and entertainment (and knowledge too!) is a very straightforward crime.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
I know this is just asking to get flamed, but if these kids had some proper motivation and direction, they could probably do some pretty impressive stuff.
;-)
You're not asking to get flamed; you're asking to get volunteered to start a mentoring program.
Don't you wish your girlfriend was a geek like me?
Interesting!
Until now, the idiocy of the school yard jerk was something you had to put up with when you were a kid, but thankfully left behind when you graduated. But now juvenile crap overflows into the 'real' world, and can affect even the most insulated ivory tower type. Is this the first time?
I remember bullies and morons in school. The 'play'ground held a unique undercurrent of threat and horror for me as a kid. Going to school included genuinely believing that every day there was the possibility that you might be tortured and murdered by some half-wit big kid with a cruel streak, and that the safe world of adult supervision was unaware of most of the hells being perpetrated. Being a kid was a horror in many ways.
So what can be done about the skript-kiddie 'threat'?
Zip. Let the adult world suffer, I say. Think of it as payment for forcing kids through such a horrific 'education' system. There are only two other institutions which are so similar in structure and ideology, and they are the military and the penal system. School sucks, and aside from the handful of friends I made there, I hated nearly every aspect of it. The most valuable lessons I learned were how to survive it. Little else was of much use except shop class, typing class, art class and any time where there happened to be one of those very rare adults who inspired. You know the ones I mean. The good teachers who somehow defied the system and taught you valuable lessons in the face of all the state-ordained mind control. (Learn how to Obey and be Bored out of your mind doing repetetive tasks. A robot factory cranking out Perfect Workers.)
I also think it's neat that the Skript Kiddies are the geek version of 'Moe' type bullies. There's an ironic balancing in effect there somehow. .
-FL
It's easier to sell companys, government agentcys and cable modem users on using reasonable security precautions with half a million children running around with viruses and such looking to screw with anyone who gives them half a chance than it is to sell them on the notion that the 6 big bad nasty terrorist black hatters will crush them like a grape if they make the sligtest mistake.
People will assume they are safe from the big time terrorist dude becouse "I'm not a sereous target".
DDoS attacks against major targets use hacked cable modem users desktops.
Spammers use Worms to establish a spamming network.
ID theft resulting from the simplist of mistakes.
That stuff happening today.
When telling people how important security is:
With out script kiddies
"Why would anyone attack me?"
"Your system can be used as a launching point for all sorts of attacks"
"Yeah right."
It's hard for a person to picture how "they alone" could be be a target and they'd be right becouse they aren't alone. But the details sound like SiFi to most people and they tune you out.
With script kiddies.
"Why would anyone want to attack me?"
"Becouse your an easy target. Script kiddies need no other reason"
I don't actually exist.
Can be found here
In line with what I responded to a post above, that your understanding of "fun" is restrictive.
There is a world of "fun" that you don't know about nor understand and are not willing to see if you enjoy that have nothing to do with destruction or causing annoyance to others. That helping people can, in itself, generate a good feeling in and about yourself (though you have to be careful who you help, cuz sometimes those people can pester you more). As a bonus, it can feel good to be appreciated and those people may reward you later. If you have skills with computers or desire to learn more, than there are many ways to expand that knowledge and fulfill curiosities without harming others.
People are differently so I can't know what will click for you. Hell, I don't much like reading, even less when it is out loud, but I started volunteering reading to little kids (and having them read to me) and I like it. As a bonus, I'm the only male volunteer (all college students) :D
Who know what you will find for yourself, but there are so many things that to follow a path that's not only illegal, but not one you can sustain a life doing doesn't make much sense. Especially when there are so many good options on what you can do, and you'll learn and enjoy things you couldn't have imagined.
In times like these, it is helpful to remember that there have always been times like these. - Paul Harvey
The ones the article is talking about are still script kiddies-the 0day ones are only highly skilled in building social networks. In the vast majority of cases the original source of the vulnerability "accidentally" leaks it to some random but well-known "ub3r l33t" script kiddie who is guaranteed to use and spread the crack in a predictable manner, but who isn't able to trace the original author. The 0day inner circle is simply an informal distribution network, and that's exactly what the "script" part means. That's not to say they're dumb-staying in the inner circle takes good social engineering skills that very few script kiddies have.
They don't necessarily know what they're doing. Admittedly, when I was in highschool I tried to launch my own botnet. I was DoSed twice on unrelated conditions and got fed up. Plus I wanted to mess with my own friends' connections. After a little digging I found a binary for a botnet which I was able to hex edit and customize to create my botnet. At this time I was just learning C++ and later I found an open source trojan that had much more abilities already coded plus I could add my own. I knew nothing about the inner workings of the net, spoofing (which was hard on win9x machines), or very much C++ at all. One week summed up a nice botnet. At a very young age I discovered that people will run anything if you just plant enough binaries. I disguised it as things I myself would've been interested in: console emulators, porn (yes executable porn, youve seen this), and secuirty related software. I found out that some of my closest online friends has independetly and secretly built their own botnets. It seems like the best thing since well..the internet. To have so much power at a young age and EVERYONE was doing it. Soon I was confronted by a very intelligent person who talked me out of this shit, very nicely even though I was trying to infect him. I uninstalled the bots and shut down the channel. Now I know if I had kept going I would have had a lot of power that I shouldnt. I wasn't using exploits that affect hundreds of thousands of windows machines or any other fancy distribution methods. I just put my file on the net and let them come to me. Botnets are too easy to create and since bandwidth is cheap they will cause more problems. Something must be done to stop these kids without ruining their lives. I wanted to learn and destroy, but not without good reason to. Of course if someone will DDoS company sites and cause damage they should be punished but they should be stopped before this happens. They dont know what they are doing.
"The operation timed out when attempting to contact www.ahbl.org" ... ahem .. i guess the kiddies got the better of him .....
.....
LOL ROFL
i ran a bbs in the early 80's and was part of the 'scene'. yes, i had a message subboard called 'ELITE' where we would all post our MCI and Sprint codes and intesteresting phone numbers.
most of us then were total geeks that either couldn't hold his own at a jock party or was too nervous around girls. the one thing that we did have was power when it comes to telecommunications. and that power, because it wasn't to be enjoyed outside the computer, made us all arrogant little assholes.
i see nothing has changed.
of course, then we didn't call them script kiddies (which i find appropriate), we called them 'kidhacks'.
mean, I could think of a 1/2 dozen ways to wipe out a whole country's internet access completely for a day or two (no, I'm not going into details here, but if use BGP in your work life, you can probably think of a few also
There's a difference between doing something, and doing something and not getting caught. Are your ideas the kind that will end up you being in a federal prison (i.e. quite pointless) or the kind where you cannot get traced (i.e. you are then in fact quite dangerous)?
there's a difference between going to the bank with a shotgun and getting a lot of money, right before being either shot dead or hauled off to prison, and figuring out some way to siphon off bank funds into your account in a way where nobody ever detects it (or only does long after you're gone).
For attacks where the 'bots do a DNS lookup, then a redirect from a webserver may be sufficient. You just nee the customer to connect once and then the genuine connection is redirected to another server. The 'bot keeps hamering away at the dummy server.
EFnet used to be alot like that. I stoppped hanging around that area after I kept getting hit. But EFnet is like a "city". You enter the wrong area "bad neighbourhood" your going to get in trouble. I used to hang out in those areas. Never did anything bad but just knew some people and ended up in those channels.
Most of the time, I noticed it's VERY young kids with a DDoS net but most of the time it's not their DDoS net. Also, if you "buddy buddy" with them they will show you the net to brag and show how cool they are. Them being stupid would DDoS me sometimes and I would log the packets. Of course to see if it would effect me (which my server was WAY too slow at the time to handle any of that DDoS the most I would see come in is like 50k/s so they couldn't take my line just bog my computer to a bitch. While I was logging I would simply find there address in there and match it with the IRC txt and send it into there ISP. Most of the time they would come back a few days later complaining there ISP sent them a warning. It was actually kinda funny. "What you mean I can get into trouble for this".
Anywho my Opinion on Script kiddies
Solosoft.org - Your Online Resource to Nothing
Well, I used to hang out in some "less than reputable" channels on IRC, and I've seen a few script kiddies earn their wings. Usually, they're introduced to the hacking scene via the Warez scene. A lot of warez is transferred and hosted on hacked boxes, so there's quite a demand for people who can 'r00t', basically meaning running a automated hacking tool on various subnets trying to get a collection of zombies used for dump sites or XDCC bots. Now, a side effect of this is that the kiddie will accumulate a large collection of zombies which don't have enough hard drive space or bandwidth to be useful to their warez ring. These are prime candidates for DDOS bots. I knew a person who had 40,000 or so bots, and could bring down our home IRC server by having them all connect at once. Or he could collect them all in a hidden channel on EFnet and randomly DDOS people in other channels. Eventually, people like that tend to find each other and either DDOS each other out of existence or exchange contacts and resources, and that's where they enter the serious hacking scene.
The reason White Hats don't get in on this is because you need to have an ante of a few thousand DDOS bots before you can even play the game. It's pretty sad that someone can enter an IP range, click a button, and have 5000 zombies in a few hours. Anyways, I hope that answered your question.
Karma: Contrapositive