Slashdot Mirror

← Back to Stories (view on slashdot.org)

Interview with a Spampire

Posted by ryuzaki0 on from the ethically-challenged dept.

Bunch2 writes "In this article at OReillynet, a 'hacker' explains why he put his superior coding skills to use by writing a spam mailer called Fahrenheit. (Hint: $$$) Turns out his little creation is also being used by criminals to 'phish' bank account information from gullible folks. The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.'"

6 of 383 comments (clear)

  1. Combat Phishing by Anonymous Coward · · Score: 1, Informative

    I work at an ISP, & when we run across an email phishing for bank accounts, we put the offending web server IP address in our access deny table in our main router.

  2. Re:Remember by fdiskne1 · · Score: 3, Informative

    The tool is legal, its what you do with it that counts. Exactly the same as P2P.

    Not quite. I believe the CAN-SPAM law specifies that hijacking other's computers in order to send spam is illegal. That's what his program was meant to do. This means the program was illegal to begin with.

    --
    But why is the rum gone?
  3. Read the entire paragraph... by Anonymous Coward · · Score: 1, Informative

    "At the time, he was working as a system administrator for Evoclix, a Florida junk-email company listed on the Spamhaus Register of Known Spam Operations."

    Yes, he has a work, if being as admin of a junk-email company is considered a real work... Its like considering "drug seller" as a good job...

  4. Re:Let he who has not sinned, throw the first ston by Anonymous Coward · · Score: 2, Informative

    Total deaths resulting from malnutrition for all age groups in 2001: 3,454

  5. Re:Same old story... by Superfreaker · · Score: 2, Informative

    AC, yes, I was joking to a certain degree and was def MS bashing. However, I am a MS developer exclusively. The truth is they LIE in their product documentation with regards to their DRM Licensing server.

    Just to give clarification....we were running Licensing server v1 which worked fine. There was a feature in the new release which we would have liked to use, but we still needed to be able to deliver v1 licenses which the server said it could do. However, they failed to mention, not a single player in existences could request a v1 license from teh higher version server. The updated server uniquely identifies players/computers which you cannot turn off.

    There are MANY instances of things like this when dealing with MS and DRM.

  6. Fahrenheit a great program? pfft what a joke..... by starwarzzz · · Score: 2, Informative

    I sure hope this guy brian does not look up to this little kid. I also hope brian does not use fahrenheit for his first mass email campaign, he might get an intruder on his system.

    To call ben kittridge (aka, bysin) a "whiz kid hacker" is the biggest insult you can give to all the true hackers out there. He's a complete moron with novice coding abilities at best. I can't believe I am seeing someone talk as if this kid is highly intelligent.

    I feel sorry for all the lamers using that fahrenheit crap, because thats what it is CRAP. Look at the exploit that was written for it months ago, and this is just ONE route of exploiting his silly code. Probably most if not everyone who has been using fahrenheit has unwittingly gotten themselves "hacked".

    http://us.f2.yahoofs.com/bc/416edd6c_d16e/bc/My+Do cuments/evilns.c?bfbHubBBoTI1KL1z

    . /* Remote buffer overflow exploit for bysin's Fahrenheit v8.0 (bulk mailer)
    *
    * Author: [T3]
    * Date: July 04, 2004
    *
    * Compile:
    * Linux/BSD:
    * gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c
    *
    * SunOS/Solaris: (not tested)
    * gcc -s -fomit-frame-pointer -O2 -o evilns evilns.c -lsocket -lnsl
    *
    * Usage: Run this as root to run as a fake nameserver on port 53. It
    * immediately drops to an unprivileged uid/gid, so don't worry.
    * The daemon will respond to all DNS queries with data that will
    * hopefully spawn a bindshell on the bulk mailer host.
    *
    * Type ./evilns for usage and command-line options.
    *
    * Example:
    * - You own a domain called bubblebutt.com.
    * - You have root on a shell called nshost.com.
    * - You want to target a mailer on lamer.com running Slackware 9.0.
    *
    * Steps:
    * 1. Run evilns as root on nshost.com with ./evilns -t 3
    * 2. Set the nameserver for bubblebutt.com to nshost.com.
    * 3. Get your "victim" to add "user@bubblebutt.com" to his mailing list.
    * 4. Check your log file periodically to see if you got a hit.
    * 5. Telnet to your bindshell port on lamer.com to see if it worked.
    *
    * NOTES:
    * - If it fails, restart the daemon with a different bufaddr/offset.
    * - If it works, fix your terminal at the prompt by typing:
    * export TERM=vt100;exec bash -i;
    *
    * Comments:
    * This shitty spaghetti code had so many avenues of attack, it was hard
    * to pick one to exploit. Go back to CS101 before boasting about what a
    * wonderful programmer you are. Here's some classic quotes from bysin:
    * "i invented the term > *", "you forget who i am",
    * "Fahrenheit 8.0 doesn't have any bugs",
    * "i wrote a ddos tool a few years ago, but i can't release it cuz
    * it's too dangerous and could take down the entire internet"
    *
    * Talk like this is just an invitation to ridicule. Excuse me while I go
    * laugh my ass off...
    *
    * !!! THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY (PROOF OF CONCEPT) !!!
    */