Slashdot Mirror
World's Worst Hacker?
An anonymous reader submitted a video clip that allegedly demonstrates a hacker working in a
honeypot.
If you fear for the future security of the internet, this video will set your mind at ease.
← Back to Stories (view on slashdot.org)
That was quick slashdotting..any alternate links?
Here's the YouTube video I watched on his site while it was in Firehose.
My work here is dung.
I think what we see here (and I am being serious) is outsourcing at work. He downloads tools from a subnet in Pakistan, likely homebase.
Just like anything from software development to customer service is being offshored to lowest bidder and services being performed by people without appropriate skills, simply because they are cheap. Same thing here - mass hacking is a business, and it is being outsourced to cheap unskilled labor. Look at this and laugh - then realize, this is the kind of quality of production that modern legitimate businesses rely on every day. Scary, ain't it?
I saw this last week. There were all kinds of hilarious inabilities to properly change directories or find scripts, which is why he kept downloading the same crap over and over again. Just for fun, my boss here (at a well-known company that makes security products involving pigs) fetched some of the files that the kid was trying to use. Half of the scripts were just fucking awful, such as hard-coding repetitive actions rather than using loops. The so-called "hacker" also left clues to his identity all over the crappy "sploits", too.
I honestly have a hard time believing the douchebag in the video was able to get a shell, even on a honeypot, and then fail to be able to change directories. However, the kits he was fetching were also so terrible I don't think that even if this hadn't been a honeypot he'd ever have gotten any local privilege escalations anyway.
For those who are getting a slashdotted server, here is the video.
"- What's so unpleasant about being drunk?"
"- You ask a glass of water."[from h2g2]
First I just thought "well, not everyone is a super smart irrelevant cubicle IT support geek" and shrugged at the point that was trying to be made - which, I guess, is something along the lines of "it's really this easy to break in to some systems, and it's great to laugh at people who.. err.. manage it, because not everyone knows what to do next."
Then I saw them downloading W2Ksp3, and realised that the whole thing is just a bit of sensationalism to get pageviews. The hacker is as genuine as the honeypot.
I think watching the "Tracer T" video from NextGenHacker101 will also set your mind at ease about the future of hackers. http://www.youtube.com/watch?v=SXmv8quf_xM
Beware of the Redittor who loans you a Sharpie.
> What is it?
Unnecessary, as with all background music in amateur videos.
Why do kids these days have such problems with absence of noise?
HINT: I came to watch the video, not to inflict your choice of "kewl music" upon myself.
And he doesn't seem to know about 'ls'. If I was sitting next to this guy, I would mash his head on the keyboard.
This is called "how the Internet was meant to work" with end-to-end connection between the client and the provider, not with a centralized advertising agency.
The linked site is down, so here it is on youtube
Help find a cure for cancer. Join the [H]orde
if perl was installed (as it is on almost every linux system these days) his scripts would have run.
First rule of information security: Never run anything you don't need to. If at all possible, don't even install it. Who cares about an exploit in ${PACKAGE} when you haven't got that installed anyway?
Any hacker worth their salt wouldn't be too disappointed that perl wasn't installed. He already had a root prompt and ls showed a .apt directory - there's a good chance apt-get install perl would have got perl in there in about 20 seconds flat.
this guy was simply to follow his cheat sheet and it didn't work. in fact, i see this as a complete failure of the honeypot scenario as it's supposed to provide a fake environment to gather intel. this honeypot does nothing of the sort and seems to be more for entertainment than anything else.
I'm not so sure. We now have a good idea what's on his cheat sheet and - more importantly - have a number of URLs where some potentially interesting scripts may be found. It's possible (though if this is the sort of thing we're dealing with, I'd venture unlikely) that those scripts might provide information about a hitherto unknown local exploit.