World's Worst Hacker?

An anonymous reader submitted a video clip that allegedly demonstrates a hacker working in a honeypot. If you fear for the future security of the internet, this video will set your mind at ease.

Thar she goes

[Straterra]

That was quick slashdotting..any alternate links?

Re:Thar she goes

[Chrisq]

That was quick slashdotting..any alternate links?

No its been hacked.

Re:Thar she goes

[sirrunsalot]

"Fresh new day at work! Ugh. I wonder what's on /."

Re:Thar she goes

Same here, dead end.

Re:Thar she goes

[dBLiSS]

http://www.youtube.com/watch?v=oJagxe-Gvpw&feature=player_embedded

Video Here

[eldavojohn]

That was quick slashdotting..any alternate links?

Here's the YouTube video I watched on his site while it was in Firehose.

Re:Video Here

YouTube video I watched on his site while it was in Firehose

Bah, amateur! I hacked the cached page from Google and cracked that Youtube URL from the source code! I'm teh 1337 haxx0r!

Re:Video Here

[Straterra]

One can also watch the text-only version by telneting in to 94.255.168.108 (This was gleaned from the blog owner's twitter account).

Re:Video Here

[Straterra]

Also, here's another from the guy's Youtube channel..

Re:Video Here

Neat, much easier to follow than the video.

Re:Video Here

[hvm2hvm]

Looks like some kind of script that tries the same shit over and over and expects perl and other stuff to be there.

Re:Video Here

[monkyyy]

thats what i was thinking but it seems strangely timed at times

Re:Video Here

[quantumphaze]

Watch the way he makes mistakes and backspaces them when trying to cd into /var/spool/samba.
I don't think automated scripts work like that. This idiot doesn't seem to know his way around a filesystem and is probably just copy pasting shit from a forum.

is this the one?

www.youtube.com/watch?v=oJagxe-Gvpw

Re:is this the one?

[Chrisq]

OK for those of us behind firewalls what does he do?

Re:is this the one?

Nothing worth the front page. The guy is obviously pasting commands from a text file and has no clue of what's going on when they fail to work.

Re:is this the one?

[zach_the_lizard]

Hey, let's try to CD into all kinds of directories that don't exist.

# /var/spool>cd /spool
No such file or directory
# /var/spool>cd /samba
No such file or directory
# /var/spool>cd /a
No such file or directory
# /var/spool>cd /var
# /var>cd /spool
No such file or directory
# /var>cd spool
# /var/spool>copy/pasted commands to download random tarball
# /var/spool>more failure to cd
#/var/spool>sudo aptitude ruby and stuff
sudo: command not found
#/var/spool>wget path/to/win2ksp3.exe

That's it, basically. If you can use telnet, telnet into 94.255.168.108 and it plays an animated text version of it all.

Re:is this the one?

I thought the continued failure to run Perl was particularly classy.

Re:is this the one?

I think that's the same strategy generally used by level-one tech support.

Re:is this the one?

[EponymousCustard]

he must be a friend of this guy as he traceroutes to google and declares "here you have it, 10 people are currently using google", without a hint of irony. http://www.youtube.com/watch?v=SXmv8quf_xM

Re:is this the one?

[marcosdumay]

Also, is that # prompt literal? The guy is root but is failing to run things through sudo?

Re:is this the one?

[MachDelta]

What's that quote about the definition of insanity being attempting the same thing over and over and expecting a different result? :)

Re:is this the one?

[Eunuchswear]

Looks like the time I got hacked (my fault, had a crappy password).

Idiot was so dumb he didn't zap the bash history file.

Spent a lot of time downloading and failing to install rootkits and other hacking tools, not having noticed that it was a UnixWare machine and not Linux.

Re:is this the one?

Not every system has the "sudo" command installed... That is why you get:

# sudo apt-get install ruby1.8 libopenssl-ruby1.8
bash: sudo: command not found

instead of sudo: apt-get: command not found

Re:is this the one?

[zach_the_lizard]

Yes, it is literal. The machine doesn't have sudo installed, and he didn't try running it without sudo.

Re:is this the one?

[lennier1]

Pavlov would be proud. Just because repeating steps in Windows sometimes leads to success doesn't mean it works on every OS.

Re:is this the one?

The last one I dealt with installed a hacked version of OpenSSH.

He might have got away with it if it didn't change the host key at the same time.

Could be dangerous.

[www.sorehands.com]

In a thousand years, with a thousand more keyboards. But maybe he will produce all of Shakespeare's sonnets first.

Or he could be faking it.

Re:Could be dangerous.

[jekewa]

Or more useful; he could rewrite PERL in that amount of time.

While I'm sure this happens a lot, he's not the kind of hacker I worry about.

Outsourcing everywhere

[ugen]

I think what we see here (and I am being serious) is outsourcing at work. He downloads tools from a subnet in Pakistan, likely homebase.
Just like anything from software development to customer service is being offshored to lowest bidder and services being performed by people without appropriate skills, simply because they are cheap. Same thing here - mass hacking is a business, and it is being outsourced to cheap unskilled labor. Look at this and laugh - then realize, this is the kind of quality of production that modern legitimate businesses rely on every day. Scary, ain't it?

Re:Outsourcing everywhere

[zach_the_lizard]

$zach@zach-desktop:~$>cd /comments
comments: no such file or directory found
$zach@zach-desktop:~$>cd /witty-retort
witty-retort:no such file or directory found
$zach@zach-desktop:~$>mkdir comments
$zach@zach-desktop:~$>cd comments
$zach@zach-desktop:~/comments$>echo "I'm not the lowest bid!"
I'm not the lowest bid!
$zach@zach-desktop:~/comments$>cd /a
a: no such file or directory
Grrr......
$zach@zach-desktop:~/comments$>telnet slashdot.org 80
Trying 216.34.181.45...
Connected to slashdot.org.
Escape character is '^]'.
Post comments
Connection closed by foreign host.

Now let's see if they posted my comment.....

Re:Outsourcing everywhere

this is the kind of quality of production that modern legitimate businesses rely on every day. Scary, ain't it?

Not scary. Good. If that's the competition, I'm solid gold.

Re:Outsourcing everywhere

[xero314]

Good. If that's the competition, I'm solid gold.

Only if you are willing to be paid less than a living wage, be treated poorly, work endless hours and be an indentured servant. With the outsourcing going on, no one is going to be looking at your skills.

Re:Outsourcing everywhere

There is a certain jet engine manufacturer producing 100s of new engines for the largest aircraft maker in the US. I'm not going to name names, but you can guess.
Anyway the manufacturer has recently outsourced its production to Mexico. Working with an Engineer responsible for training has opened my eyes.
Basically he told me to stop flying. These guys are dangerous as they don't care about what they are working on or how important quality is.
One example was they had two 2000psi fuel line assemblies made at two separate factories that needed to come together. They didn't fit. What do they do? Without consulting an engineer they remachine one of the components, making it weaker so that it will fit. One guy managed to bring a pipe he found in his back yard to help.
Nobody is overseeing this, nobody cares.
I'm never going to board an aircraft either.

Re:Outsourcing everywhere

[PyroMosh]

This sounds far fetched. I'd say Sagan's Corollary applies here.

Re:Outsourcing everywhere

in a previous I was using an "enterprise class" programming toolkit, whose documentation had big gaps (just as many such enterprise things do!), so there was a very active forum.

It took me less than a week to get up to speed and I started answering questions to "repay" the help I received as is the done thing.

I noticed that there were huge numbers of people with Asian names asking questions, often very basic ones, clearly having had complex work dumped on them and not knowing where to start. Most of those answering clearly had western names.

I stopped answering the newbie questions for two reasons, firstly I got bored, secondly I realised that the asian newbies were not coming back with updates and answers, nor helping other newbies. It was clear they simply wanted someone else to do their job.

I came to the conclusion that the people giving their help away for free were likely to be helping those who'd be stealing their jobs one day, so I decided not to play along.

Don't get me wrong, I am happy to share knowledge which I have gained directly and through other's help with others who are doing likewise, but I am not subsidising other businesses' cheap labour!

Re:Outsourcing everywhere

[Xest]

I wonder if this is the guy who once or maybe still does work at one of Dell's Indian call centres who insisted we could not proceed with getting my laptop repaired until I tell him the error code on the screen of a laptop I'd just told him multiple times simply would not turn on, would not power up, would not display anything on screen.

No matter how I phrased it he was determined that Dell could not help me and honour my warranty until I gave him that mystical error code.

But then, this is probably also why Dell has gone from major player, to non-factor in the IT industry over the last decade.

Re:Outsourcing everywhere

Look, I trust this guy, he has worked there most of his life and is watching what used to be great, high quality product that he would take pride in being reduced to less than lowest common denominator junk that will likely fail catastrophically after a certain amount of prolonged use. Shipments are delayed months already and the pressure to get these engines out is extremely high.
I really want to give out more info, but I have said too much already.
Baloney or not at least I said something about it.

Posted anonymous for obvious reasons.

Next Gen Hacker 101

[suso]

Try this one:

Next Gen Hacker 101 - How to view someone's IP address going to Google

Re:Next Gen Hacker 101

[sirrunsalot]

I might have to wait until later to view this. There are, like, 14 people on youtube right now and they have faster connections than I do.

Re:Next Gen Hacker 101

[Beacon11]

Try this one:

Next Gen Hacker 101 - How to view someone's IP address going to Google

Oh that was painful. Did anyone here actually finish that video?

Re:Next Gen Hacker 101

You're, like, an idiot.

Re:Next Gen Hacker 101

[justforgetme]

I couldn't... poor misguided kid

Re:Next Gen Hacker 101

[Inner_Child]

You, like, didn't watch the video, so *whoosh*.

What he's doing?

[Saija]

Can somebody please explain me what he is trying to do? i just watched some wgets which downloaded some .tar.gz files and that perl is not installed so he couldn't run some scripts. that's it? or do i missed something?

Re:What he's doing?

[bsDaemon]

I saw this last week. There were all kinds of hilarious inabilities to properly change directories or find scripts, which is why he kept downloading the same crap over and over again. Just for fun, my boss here (at a well-known company that makes security products involving pigs) fetched some of the files that the kid was trying to use. Half of the scripts were just fucking awful, such as hard-coding repetitive actions rather than using loops. The so-called "hacker" also left clues to his identity all over the crappy "sploits", too.

I honestly have a hard time believing the douchebag in the video was able to get a shell, even on a honeypot, and then fail to be able to change directories. However, the kits he was fetching were also so terrible I don't think that even if this hadn't been a honeypot he'd ever have gotten any local privilege escalations anyway.

Re:What he's doing?

[GigsVT]

Short version: He doesn't understand that tar -xzf uncompresses into the current working directory, and gets completely lost in terms of where he puts things.

He probably has a sheet of commands to copy/paste from and has little clue about how they actually work.

Re:What he's doing?

[Ancantus]

And then he downloads a WinXP service pack to fix the problem,

Re:What he's doing?

[ubersoldat2k7]

And he doesn't seem to know about 'ls'. If I was sitting next to this guy, I would mash his head on the keyboard.

Re:What he's doing?

[CHJacobsen]

The best thing is that he actually uses ls once, but then seems to forget about it.

It's probably in his copy-paste-file, but he has no understanding what he's supposed to do with it.

Re:What he's doing?

That's the funniest bit of the whole thing

Re:What he's doing?

[kbielefe]

You can actually see what commands he copy/pastes and what he types himself, because the entire line appears at once.

Re:What he's doing?

[kbielefe]

In addition to what the other guys said, someone who knows what they are doing would install perl instead of downloading the script over and over.

Re:What he's doing?

[arth1]

(at a well-known company that makes security products involving pigs)

Sowmantec?

Re:What he's doing?

[Necroman]

I'm guessing SourceFire?
http://www.sourcefire.com/security-technologies/snort

Re:What he's doing?

[Captain+Spam]

(at a well-known company that makes security products involving pigs)

I'd suggest you take a good review of your company's product line. Seems all it takes to thwart your security is a ragtag group of birds with a large slingshot and good aim.

Re:What he's doing?

[David+Chappell]

Can somebody please explain me what he is trying to do? i just watched some wgets which downloaded some .tar.gz files and that perl is not installed so he couldn't run some scripts. that's it? or do i missed something?

He has already broken into a machine. Now he is trying to install some kind of server software. (Perhaps he wants to host a multiplayer game.) He downloads the software, unpacks it (using wget), but then he can't figure out how to run it, so he downloads more software, unpacks it, and tries to run it again. He does this over and over again.

Re:What he's doing?

[Xserv]

Angry Birds? What?

Re:What he's doing?

[MightyMartian]

I dunno. The fact that he's too stupid to realize that Perl isn't installed on the system, or at least that the binary name might be changed, is pretty good, too.

Re:What he's doing?

[corbettw]

Jst wnderfl nw here's cffee all ver m kebard and sme kes are stck!

Re:What he's doing?

[Jonner]

I wondered if it could be a bot, but it did make mistakes and correct them. I could certainly write a more effective bot.

Re:What he's doing?

[hesaigo999ca]

What we do not realize, is he was doing this on purpose to get everyone to download the video, with a hidden payload in its meta tag. Then when the time comes, the exploit will run, and he will have the worlds biggest botnet because everyone thought he was that funny to watch....joke is on all of us programmers, not him.

MUahahahaha

Re:What he's doing?

Kaporksky ?

Re:What he's doing?

He probably has a solaris background if he doesn't expect tar to extract in the current directory.

Re:What he's doing?

[X0563511]

Note he doesn't do anything with it. Perhaps he was testing bandwidth (for some stupid reason?)

I think the funniest part was repeatedly trying to run perl... and responding to failures by redownloading the scripts he wants perl to execute.

Re:What he's doing?

Take notes! The name of the parent suggests his expertise in the field of pork, and his comment reveals some of his production methods!

Re:What he's doing?

[GigsVT]

Hah, most people wouldn't get that reference.

Older unix tar did that stuff too. Very annoying.

Best Part

[pcgfx805]

The best part was when he/she downloaded a copy of win2ksp3.exe.

Re:Best Part

[andrewagill]

Agree.

I'm not sure exactly how this guy thought he was going to run perl and wget and win2ksp3 on the same machine. That takes a special kind of dumb.

Re:Best Part

[andrewagill]

And yes, I do recognize that he could have downloaded wget to a Windows machine, but he did not do that.

Re:Best Part

[deblau]

The best part was when he/she downloaded a copy of win2ksp3.exe.

From the comments of the Youtube video, apparently this is standard practice to test bandwidth. Because SP3 is so huge. Insert obligatory Microsoft joke here.

Re:Best Part

[sabt-pestnu]

I understand that there are perl interpreters for all major OSs these days. Which leaves me to intuit from your comment that wget (which I've not heard of before) is a linux executable, where win2ksp3 (clearly flagged for "windows 2000) is a windows one.

Without your comment, though, I would have nothing to base the question of what wget is or does. Sans a google search, one might well infer w(indows)get (as in HTTP command).

> That takes a special kind of ignorance.

Fixed that for ya. "Dumb" may be from other things (like repeating things, expecting different results, or not doing any research), but don't confuse it with ignorance.

Re:Best Part

[andrewagill]

See that's the thing though. Since you hadn't heard about it, you wouldn't try to run it. He heard about it, presumably knew that it was a linux executable, and tried to run it on a machine that he thought was also capable of running Windows executables. It takes a special type of dumb to be aware of something, but to try to run it on something that shouldn't be able to run it.

Re:Best Part

[Helevius]

Some intruders download Windows service packs to check the bandwidth available.

Re:Best Part

I could see that, but didnt he do it several times? How does that make sense?

Re:Best Part

[X0563511]

Only once. What he did repeatedly do is fail to remove "sudo" from commands he was trying to run after noting that sudo didn't exist, and he was already root.

Also, this process was repeated a bunch of times:

cd somewhere
wget & untar archive
perl SOMETHING
error: 'perl' command not found

Yea, because redownloading your .pl 50 times is going to magically make perl exist in $PATH

Re:Best Part

[quantumphaze]

I think that was to test the downstream bandwidth. If you go to the Kippo site in the summary and watch the demos, you will notice one of those guys wget an XP service pack and kill it off once the download speed was stable.

Slashdotted

[burningcpu]

Posting a link to a video on some guy's website...that is just mean.

Re:Slashdotted

[Haedrian]

This is clearly the hacker's revenge. He couldn't toss in an exploit using the script-kiddiness, so he's DDOSing the site instead.

Re:Slashdotted

Um, if you read the comments. Dozens of people have already posted links.

Youtube it

http://www.youtube.com/watch?v=oJagxe-Gvpw

The soundtrack

[snookiex]

I like the background song. What is it?

The rest is plain sh*t.

Re:The soundtrack

It's from Portal 2. The final credits song.

Re:The soundtrack

[GigsVT]

http://xkcd.com/606/

Re:The soundtrack

[drxenos]

The endgame song from the game "Portal."

Re:The soundtrack

[pmontra]

It's Portal's credit song http://www.google.com/search?q=portal+still+alive

Re:The soundtrack

> What is it?

Unnecessary, as with all background music in amateur videos.

Why do kids these days have such problems with absence of noise?

HINT: I came to watch the video, not to inflict your choice of "kewl music" upon myself.

Re:The soundtrack

That's kind of hard seeing that Portal 2 isn't even out yet.

Re:The soundtrack

Fuck off, anal-retentive moron.

Re:The soundtrack

[dave420]

So hit the "mute" button, hose the sand out of your vagina, and get on with your life.

Re:The soundtrack

Still you are having to download the audio stream instead of dedicating those bits to you know, higher quality video...

Re:The soundtrack

[AAWood]

Which would be important, it this wasn't a video of a *command prompt*. I think we can spare a few bits.

Re:The soundtrack

You need higher quality video of a command shell?

Re:The soundtrack

[snookiex]

The YouTube video

Re:The soundtrack

Glad you said it, it needs to be said more often.
Protip to youtubers: your choice in background music always fucking sucks.

Re:The soundtrack

[godefroi]

It's the end credits from the video game "Portal" by Valve. It was written by Jonathan Coulton: http://www.jonathancoulton.com/2007/10/15/portal-the-skinny/

how about fixing slashdot

"If you fear for the future security of the internet"

And then I look at the way Slashdot can't manage to wrap text at the right end of a page, and, let alone security, I'm scared for the internet itself.

Direct Youtube Link

[animeshpathak]

For those who are getting a slashdotted server, here is the video.

What year is this?

Gee I sure wish there some sort of video service that could host videos so that I could watch this video.

Re:What year is this?

This is called "how the Internet was meant to work" with end-to-end connection between the client and the provider, not with a centralized advertising agency.

Forget about the future of Internet security...

[sixthousand]

is there a future for CLI based sketch comedy?

I'm a web designer

And I can get around in the shell better than that.

Re:I'm a web designer

[Virtucon]

No wonder you posted anonymously, from shame... You also probably use a MAC and don't realize it.

Re:I'm a web designer

[Tarlus]

A Media Access Control?

Re:I'm a web designer

[Virtucon]

MACintosh...

Sorry Capitalization error...

Re:I'm a web designer

Sorry, but saying the web designer uses a Media Access Control (on his Ethernet card) and doesn't realize it is funnier/more accurate than saying he uses a Macintosh without realizing it; specially because the designer's standard answer would be "of course I use a Macintosh", not realizing he's showing his cluelessness with that sentence. Congratulations, you ruined your own joke

oh, it's a troll

[FuckingNickName]

First I just thought "well, not everyone is a super smart irrelevant cubicle IT support geek" and shrugged at the point that was trying to be made - which, I guess, is something along the lines of "it's really this easy to break in to some systems, and it's great to laugh at people who.. err.. manage it, because not everyone knows what to do next."

Then I saw them downloading W2Ksp3, and realised that the whole thing is just a bit of sensationalism to get pageviews. The hacker is as genuine as the honeypot.

Re:oh, it's a troll

Then I saw them downloading W2Ksp3, and realised that the whole thing is just a bit of sensationalism to get pageviews. The hacker is as genuine as the honeypot.

Well, it is a genuine honeypot... so what's your point again?

Re:oh, it's a troll

[FuckingNickName]

Well, I now have a second point: improve your cognitive skills. A honeypot is not genuine in the sense that it is not providing a genuine public service, merely sitting there trying to lure ne'er-do-wells. And the person typing is not genuine in the sense that he is probably the video author, trying to get hits for his site by playing the almost risk-free "make geeks feel superior" gambit.

Re:oh, it's a troll

[puterg33k]

Funny stuff, you're probably right ;)

Re:oh, it's a troll

[TheCarp]

Look again....

He unpacks his kit, and then expects to do something in /var/spool/samba

My assumption would be that he has some kit that is intended to be put onto a samba server, and then used to exploit windows machines that use that server. That might pan out, if he happened to make his way onto an actual samba server.... or one with perl installed.

Not conclusive, you could be right but, given his hard-on for samba, it seems plausible to me.

Re:oh, it's a troll

[Mister+Whirly]

You don't have to make stuff like this up. There are plenty of script kiddie idiots out there who are even more clueless than the "star" of the video. The truth is usually stranger than fiction.

Re:oh, it's a troll

[GuruBuckaroo]

Now I know how to populate my botnet next time there's a Flash vulnerability. I could have the power of Slashdot at my command!

Re:oh, it's a troll

I have noticed that quite often script kiddies try to download windows service packs to test the network connection.. That session looks genuine, I have seen many sessions like that on my own honeypot :)

Re:oh, it's a troll

It is mentioned in the Youtube comments that W2Ksp3 is used to test bandwidth. I don't if that is true or not, but it might explain it.

Re:oh, it's a troll

[Ben174]

Sometimes when I'm trying to just find out how good of bandwidth a server has, I just wget some random giant file that's freely available on a big server. Windows Service Packs meet that requirement.

Re:oh, it's a troll

[X0563511]

or one with perl installed.

You mean with perl on $PATH. That he tried running it repeatedly and didn't hunt for it's location (or check $PATH) shows he really is something 'special'

To help the Slashdotted site

[Ancantus]

Here is the youtube link directly to the video, lord knows why that wasn't linked to in the first place. World's worst hacker

Tracer Tee

[Bratch]

I think watching the "Tracer T" video from NextGenHacker101 will also set your mind at ease about the future of hackers. http://www.youtube.com/watch?v=SXmv8quf_xM

Re:Tracer Tee

[FuckingNickName]

Looks like he's trolled about 620 thousand people. I think the best way to socially engineer a geek is to make them feel superior to you, because they cannot resist loudly correcting you and assuming you're an idiot from that point on.

Re:Tracer Tee

Yep, this has to be the stupidest one.

It's actually scary how idiotic this is, hopefully it is a joke.

Re:Tracer Tee

[c6gunner]

Given the choice between incompetence and malice, always assume incompetence.

Re:Tracer Tee

[FuckingNickName]

I've heard that so often, but I've never understood: why?

Re:Tracer Tee

[ocdscouter]

I've heard that so often, but I've never understood: why?

Perhaps because you'll meet more idiots than enemies in life?

Furthermore, I'll bet that a good chunk of the malice is also incompetent malice. There's more angry fools than angry geniuses out there, or so I suspect.

Re:Tracer Tee

[flappinbooger]

The nextgenhacker101 tracert video is awesome. I was almost embarrassed for the guy. I work in the computer field and I'll admit I don't know everything by any means. But to actually make a YT video claiming something is something when it is not even close to what you're saying it is - that's amazingly far down the road of dumb.

This guy from tfa is following a list of commands he got from somewhere, but my question is what was the list supposed to accomplish?

Re:Tracer Tee

[Estanislao+Mart�nez]

Looks like he's trolled about 620 thousand people. I think the best way to socially engineer a geek is to make them feel superior to you, because they cannot resist loudly correcting you and assuming you're an idiot from that point on.

Well, yeah...

Re:Tracer Tee

[oobayly]

Thanks for posting that link. The first paragraph had me going. Reading the comments is even better than the article though.

Re:Tracer Tee

The kid is right.
Those computers (well, hosts/routers) are 'connected' to google, since you're asking them to trace the route. :)

They're just not the only computers connected to google, hehe.

Re:Tracer Tee

Oh.

My.

GAWD.

Somebody please stop this kid before he throws his computer at someone and claims it's a brute force attack!

Re:Tracer Tee

[LoganDzwon]

It is true. You can get a lot of people upset if you try to convince them your and you're are interchangeable as well.

Re:Tracer Tee

[c6gunner]

I've heard that so often, but I've never understood: why?

Because otherwise you'll turn into a paranoid maniac?

If you assume that everything that occurs is being masterminded by someone in order to fool, manipulate, or otherwise take advantage of people, you'll be the crazy guy at the party whom everyone avoids because he won't shut up about how the reptilians in the US government flew remote-controlled planes into the WTC. If you go with the "assume incompetence" approach you'll not only be correct more often, you'll also have a much more active social life.

Re:Tracer Tee

[muindaur]

I would think an angry genious would be angry at the angry fools. For an angry fool is the reason my town isn't getting a Walmart(what fool votes down needed jobs in a town that's 30 minutes from the nearest elctronics store, clothing store, homewares store, etc.) Maybe they don't hire as many full-time employees as part-time to avoid taxes.

Wait a second! Nearly everyone does that! There are small businesses all over(the ones the angry fool was trying to protect) doing the EXACT same thing. It's expected that if you work at a job that barely requires a high school diploma(if they even do.)

Once I can my plans are only for major medical(over $1K hospital visits) as I have gone to a dermatoligst uninsured. The $250(self pay rates are half of the insured rate) for the doctors office and the biopsy of a mole. Half of the amount I was paying for health insurance in a month. So if you're young, paying off student loans, and in good health; then general health coverage isn't needed. A dentist is $100 a cleaning, and it's about $100 for the optomitrist.

So I'm also angry that me, someone in good health, would be required to pay for general insurance at a rate of $500 a month for cruddy coverage($1K deductibles, $50 name brand, and a Walmart would have been great because they get some great prices on meds) for services that would normally cost me that much in a year(checkups) and $6K a year(mostly wasted.)

Re:Tracer Tee

[FuckingNickName]

It does not follow from the reasonable assumption that everyone tries to do things for his own gain (a consequence of free will) that "reptilians in the US government flew remote-controlled planes into the WTC".

Re:Tracer Tee

[c6gunner]

It does not follow from the reasonable assumption that everyone tries to do things for his own gain (a consequence of free will) that "reptilians in the US government flew remote-controlled planes into the WTC".

That's absolutely correct. I fail to see the relevance, though.

Re:Tracer Tee

I think watching the "Tracer T" video from NextGenHacker101 will also set your mind at ease about the future of hackers.
http://www.youtube.com/watch?v=SXmv8quf_xM

That is awesome!!! :) The only question left on my mind is: is the kid really serious or is he having fun at the expense of other wannabe hackers? I just want to believe the latter. It would be too painful to watch the video otherwise.

Re:Tracer Tee

[FuckingNickName]

Once you accept that humans tend toward rational selfishness, you can assume that whatever they are doing is designed to benefit them. Any complex behaviour must be intentional (ignoring the clinically insane) - we assume that rational humans are capable of being responsible for themselves. Therefore most behaviour is intentionally rational selfish.

Now, does that mean the behaviour is necessarily malicious? No. This is only judged by the observer when the observer of the behaviour happens to be at moral odds with the actor of the behaviour. But there's no reason this case shouldn't be happening all the time, considering any random pair of people.

It requires extra evidence to judge stupidity.

Re:Tracer Tee

[c6gunner]

Once you accept that humans tend toward rational selfishness, you can assume that whatever they are doing is designed to benefit them

Right, so a guy who pimps out his girlfriend so he can buy heroin which he then injects with a syringe he found on the street ... he's designing his action to help himself. And the drunk jackass who cuts off a leg while juggling a chainsaw, also trying to help himself. Oh, and we can't forget the thousands of people who commit suicide every day - they are, of course, designing their actions to benefit themselves.

You know, even if I agree with your statement 100%, it's still completely irrelevant. I said "Given the choice between incompetence and malice, always assume incompetence". How in the world do peoples intentions have anything to do with their competence?

we assume that rational humans ...

... exist in significant numbers? Well there's your problem, right there.

Not the worst....

[Lumpy]

There is a metric buttload of idiots like that out here in the intar-webs. they are only slightly better than the nex level up that actually have some understanding but are still just script kiddies.

I think I need to set up a honeypot like that, I need some good entertainment.

Re:Not the worst....

[Virtucon]

please define "metric buttload" or are you talking "kilobuttload?"

Re:Not the worst....

[c6gunner]

please define "metric buttload"

3.28 Imperial butloads.

Re:Not the worst....

[Andrewkov]

A buttload is a buttload, but it can be imperial or metric. There is no such thing as a kilobuttload. It can also be called an assload, though.

Re:Not the worst....

[Virtucon]

Sure there can be! One KiloButtload = 1000 Buttloads..

but I don't think assload != buttload

now if buttload = assload then I could agree.

Re:Not the worst....

The important question is what is the conversion factor to the metric fuckton?

Re:Not the worst....

There ought to be a Honeypot web where everything on the Internet is duplicated, and if you're stupid enough to get caught in the net, well, you just can't ever get out again. Welcome to your web, dipshit.

this is so last year

a further 6 all with the same issue of clueless ahckers who have only used *nix systems a couple of times.
http://iwatchedyourhack.org

funny, but I want more.

Lol

Come on guys just wait a few decades if he cotinues hacking he'll maybe get to hack something.... like a... nope he'll never get it.

Youtube link

[LehiNephi]

The linked site is down, so here it is on youtube

Re:Youtube link

Two new ones showed up in my reader this morning. Funny shit.

A visit from the Linux OWL?

Shall we play a game?

I think this guy just got his blog roll sorted for the near future seeing as his site has been slashdotted.

Re:Youtube link

[Thing+1]

Thanks for the link! Cool that Jonathan Coulton's song "Still Alive" is playing in the video. (It was the end credits on "Portal".) This had me LOL several times, even if the humor is lost on my woodworking roommate.

Slashdotted

[groslyunderpaid]

Mirror anyone?

Burn baby, burn

[dcigary]

I'd like to get a video of the server that is hosting the hacking video right now so we can watch it melt.... :)

Re:Burn baby, burn

I'd like to get a video of the server that is hosting the hacking video right now so we can watch it melt.... :)

the conspiracy of the SlashDot DDOS attack unfolds.....

Old Paper on Toying with Crackers

[Menacer]

This reminds me of Bill Cheswick's paper "An Evening with Berferd In Which a Cracker is Lured, Endured, and Studied," from the 1992 Winter USENIX Conference. (Paper is available directly from Mr. Cheswick's site here as a postscript file).

In it, he toys with an intruder for a number of days. He pretends the system has actually been hacked, gives up bogus password files, and manually pretends to be a particularly slow machine with a lot of easy holes in it. It's a well-written, excellent piece of writing. I recommend it to anyone who enjoyed this video.

Re:Old Paper on Toying with Crackers

[greghodg]

I've read that before, good stuff. Also, the good old Kevin Mitnick replays from Tsutomu's site - http://www.takedown.com/evidence/transcripts/index.html

Well done Mr. Anonymous

Posting a video to the front page of Slashdot. Very good idea indeed... now you can laugh at your self while your server crashes and burns!!!
Anonymous just increased his awesomeness score by -1.

Mirror

[dmomo]

On Good old Youtube: http://www.youtube.com/watch?v=oJagxe-Gvpw

Down the hole!

[VGPowerlord]

Everyone knows that the best hack is whiterabbit.obj!

Re:But...

[jimicus]

if perl was installed (as it is on almost every linux system these days) his scripts would have run.

First rule of information security: Never run anything you don't need to. If at all possible, don't even install it. Who cares about an exploit in ${PACKAGE} when you haven't got that installed anyway?

Any hacker worth their salt wouldn't be too disappointed that perl wasn't installed. He already had a root prompt and ls showed a .apt directory - there's a good chance apt-get install perl would have got perl in there in about 20 seconds flat.

this guy was simply to follow his cheat sheet and it didn't work. in fact, i see this as a complete failure of the honeypot scenario as it's supposed to provide a fake environment to gather intel. this honeypot does nothing of the sort and seems to be more for entertainment than anything else.

I'm not so sure. We now have a good idea what's on his cheat sheet and - more importantly - have a number of URLs where some potentially interesting scripts may be found. It's possible (though if this is the sort of thing we're dealing with, I'd venture unlikely) that those scripts might provide information about a hitherto unknown local exploit.

So what?

They caught an incompetent. They should worry about who avoided their honeypot and who they didn't catch.

213.248.54.246

[roman_mir]

I guess even in Russia some 'hackers' are better than others:

Additional whois information for 213.248.54.246:

% Information related to '213.248.48.0 - 213.248.63.255'
 
inetnum: 213.248.48.0 - 213.248.63.255
netname: DINET-GLOBAL
descr: Hosting and Colocation Services
country: RU
.....
role: Digital Network Hosting Department
address: 13a, Yaroslavskaya st.,
address: Moscow, Russia, 129366
phone: +7 495 660 8333
fax-no: +7 495 660 8333
admin-c: MIF
tech-c: FVS13-RIPE
nic-hdl: DHO-RIPE
mnt-by: DN-MNT
abuse-mailbox: abuse@di-net.ru
source: RIPE # Filtered
 
% Information related to '213.248.32.0/19AS12695'
 
route: 213.248.32.0/19
descr: Digital Network JSC
descr: Moscow, Russia
descr: http://www.msm.ru/
descr: aggregate prefix
origin: AS12695
mnt-by: DN-MNT
source: RIPE # Filtered
 
% Information related to '213.248.0.0/18AS12695'
 
route: 213.248.0.0/18
descr: Digital Network JSC
descr: Moscow, Russia
descr: http://www.msm.ru/
descr: backup aggregate prefix
origin: AS12695
mnt-by: DN-MNT
source: RIPE # Filtered
 
% Information related to '213.248.48.0/20AS12695'
 
route: 213.248.48.0/20
descr: Digital Network JSC
descr: Moscow, Russia
descr: http://www.msm.ru/
descr: aggregate prefix
origin: AS12695
mnt-by: DN-MNT
source: RIPE # Filtered

True Story from Michigan

[PhilipTheHermit]

So, back when I was an undergrad and used to play around on MUDs, my roommate and I wound up talking to a young woman who claimed to be a hacker. She wanted to get together, and asked if she could bring a friend. Figuring we were about to get incredibly laid, we invited her up to the university. Young and dumb, what can I say.

We met her and her friend at a rest stop. We waited for a long time, and were about to leave when an incredibly ramshackle old sedan rolled up, with its muffler clanking and rattling, its headlights flickering, and great clouds of blue smoke trailing out behind. A beautiful girl leapt out of the car, followed by her friend: a very tall, very skinny punker dude.

Our spirits were crushed, but being polite computer science students, we couldn't figure out how to get rid of them. They didn't have enough gasoline to get home, but they DID have booze. So we went back to the university.

Immediately they wanted to "hack a computer", and marched to the computer lab, which was still open. This was where we talked on the MUD. There was no talking them out of it. Trailing behind them, wondering what on earth they thought they were going to be able to do from a computer lab, we somberly shuffled along.

On seeing a computer, the girl leapt into action! jumping into the seat, she said "I'm gonna hack this bitch!" and her boyfriend perched on the back of her seat to egg her on. I said something like "hey, look, don't do anything that'll get anyone in trouble, ok?" and she said something like "don't worry, I'm leet, nobody's ever going to know I was here!" This did not soothe my fears. I was about to say something else when she got a DOS prompt, and started typing in random passwords.

> God
> File not found. (I don't remember the exact words)
> Sex
> File not found.

(This went on for a long time.)

My roommate and I chatted quietly a few feet away, greatly relieved. We admitted our suspicion that this person did not, in fact, know anything about computers, or possibly anything else. To our enormous relief, the person appeared to be harmless. Also, it was becoming clear that neither one of us were going to get any. We wondered what we should do. We didn't want to be rude.

Suddenly, I had a thought. "Let's get her into the MUD!" My roommate thought that was an excellent idea, so we said "Hey, somebody wrote this path on a piece of paper over there... Maybe it'll get you in!" She tried it, and was allowed to log into the MUD. She yelled out in triumph! She was invincible!

She played happily on the MUD for about a half hour, with her boyfriend proudly telling us how "leet" she's always been, and then we went back to our room. We let them crash on the suite couch, and they were gone in the morning.

I wonder how many "hackers" are like this? Just trying stuff they saw on TV, with no understanding of what's actually going on?

Anyway, she was gorgeous, so I think we can be forgiven for indulging her a bit. She was about 5'5, with pale skin, medium brown long straight hair down to her hips, and a mix of hippie and punk clothes. Such an appealing woman... Not really connected to reality, exactly, but definitely not boring.

Re:True Story from Michigan

Cool story, brah.

Re:True Story from Michigan

Cool story bro

Re:True Story from Michigan

[digitalsushi]

she sounds really hot!

now stop comparing every woman you meet against her :D

Re:True Story from Michigan

[PhilipTheHermit]

How did you know about that? I... Uh...

Ok, what can I say, she was pretty hard to forget. I wonder what happened to her?

Stone. Fox.

Re:True Story from Michigan

I didn't see the apostrophe in 5'5 for a sec and my mental image of the scene started to degrade a bit.... Thank goodness for glasses :)

Romanian kido

My hunch is that that kid was from .ro. I've seen two sites with .ro there... and a google search later I've found this: http://shoarec.5u.com/hack.html -- I think that is what he was desperately trying to do over there.

Re:Romanian kido

[darkside_al]

Oh god, he has pics also :)) and also pics of his girlfriend - her name is ely - so it was her account : ely.uv.ro :)) http://shoarec.5u.com/photo.html

Mod Parent Up +1 Funny

Okay, that's the single funniest reply I've seen in over a month now...

Oh, maan

[Atti+K.]

This guy represents the average romanian "hacker" perfectly. Romanian readers might agree that the cocalar term might also be applicable.
Oh yes, and "shoarec" means mouse. :))

PS. Yes, I live in Romania.

we are all major nerds... with a sense of humor

[cfriedt]

This is awesome... thank you to whoever posted this... I can't remember the last time I laughed like that... sigh... One of the funniest things about this video is that the average person would have no freaking clue why it's so funny. We are all major nerds.

what a colon

"semicolon... no wait, not semi-colon, like, that, dot-dot thing..."

That's not a hacker... damn script kiddies

[rwa2]

Heh, I had my Redhat 4 box broken into using some remote samba exploit back in '97. (Been running Debian without incident ever since)

At least this "worst hacker" uses "history -c" at the end of his session. Mine just did a "rm ~/.bash_history" before he logged out ... at which point the shell just writes it over again with everything they did during their session, IP addresses and all :-P