> I would be satisfied with an apartment and basic living expensives ($1000/mo)
Hmmm... You wouldn't happen to be a member of the Ghettohackers, would ya?
I pay $600 a month (just for my room. Utils and everything else that comes along with breathing are additional) and live with four other people. But then again, I get to snowboard an awful lot, so I'm not really complaining.
Oh yeah, and around here, "the beer flows like wine".;-D
>To do local privilege escalation you need to have a local user account no? Remote exploits let the whole world in.
Sure... but local user accounts are usually a dime a dozen.
If you're targeting a particular system, a phone call can usually get you a password reset or some sort of guest account. If that doesn't work, it might take a little more effort to recon it for a user account but an account name at least is usually available.
If you're out "shopping" for any old WinBoxen that will do, a simple SNMP query across an IP scope will turn up a good number of public IP'd machines that are more than happy to tell you all about it's local users (and much much more).
Then, of course, there's good old fashioned guesswork... It's amazing how often people have the same password as their user name, or just use their last name, or the town they live in, or no password at all... Sure, administrators usually lock that stuff down but not very many cablemodem users with Windows Me have an administrator...
C:\> net use f: \\XX.XX.XX.XX\c$ The password is invalid for \\XX.XX.XX.XX\c$
Enter the user name for 'XX.XX.XX.XX': XX.XX.XX.XX\Bill Enter the password for 10.10.5.101: **** The command completed successfully.
or (my favorite)... Enter the user name for 'XX.XX.XX.XX': XX.XX.XX.XX\administrator Enter the password for 10.10.5.101: The command completed successfully.
(note the lack of astericks in the password prompt)
Once you have some local user's account (admittedly, not always trivial but not usually difficult) it might as well be a remote root exploit, anyway.
>>Besides, local privilege escalation exploits are up there as being just as bad in my book.
>I can't think of a nice way to say this... > >Your book sucks.:) > >Finkployd
Why? Maybe you're just trolling here but I don't see why you'd think that. Remote root exploits get you "everything" _now_. Privilege escalation exploits get you the nearly the same result.
This is particularily true in the Windows world. Setting up (functional) local user rights is a pain in the ass. It seems like the most that the majority of these exploits get used for are just Scriptk1ddies installing root kits to launch their Warez sites, IRC bots, or just some kind of bounce box to hide in. You don't need true root privileges for any of that.
Sure they ask... You do read all the text in every little box that pops up, don't ya?
The sad fact is that most people don't read _any_ text in any box that pops up on the screen. They just zero in on the "yes" "no" "cancel" boxes and randomly pick whichever one they think will make the pop-up go away the quickest.
I mean, they were _trying to read_ something. They can't be bothered to change their train of thought and deal with this new mumbo-jumbo that just appeared on their screen....And people wonder why email viruses / worms still prosper.
It would be great if life was like a violent video game, but it unfortunately is not. I can assure you that both sides of network security is just sitting in a dark room staring in a terminal window, writing text and reading text. There is no blood, there are no explosions, we are not muscular machos and hot chicks don't give a damn what we do.
Speak for yourself...
I've gone through my third tuxedo this week from diving through large glass windows. At least the last window had a pool in the courtyard two stories below. Luckily though, the Russians didn't get the prototype chip from me. Once I plug that into my homebrew kit, I should be able to decode the hot new NSA encryption.
I was thinking this myself. It could bring a whole new meaning to the term "cyberterrorism". It would be a whole new Counter-Strike where the Feds actually are the Feds.
Imagine a team of 3L33T FPS players from the Cult of the Dead Cow getting together and flashmobbing CitiBank. They start spawning in a map representing CitiBank's IT infrastructure and scaling the walls looking for an open window to enter (port). Once they get into a window, they might have to pick a couple of locks (crack passwords) or defeat a virtual fingerprint scanner (Buffer Overflow) and then they'd have access to the rest of the building. Real leet0 ninja teams would have to sneak around (hide logs) via thief or hitman to avoid the security (IDS's) to locate the files they were looking for. If they set off a laser tripwire (Snortbox) the Counter-Terrorists (Secret Service) would be notified and they'd start spawning in on the maps a la "The Matrix". It'd be a huge gunfight, file fragments would be flying everywhere, and people would be dropping off-line left and right while plugged into their Nebuchadnezzar-like chairs.
It seems that "The Neuromancer" is closer to actualization than I ever imagined.
It's nice to see something constructive instead of people just bitching and cracking jokes.
I never have mod points when I really want them. When I have them, I either waste them on something stupid or hang on to them too long and they expire.
It's more fun to go wardriving when I leave the house.
Sure I can walk around the place waving an antenna around and pick up an additional eight or nine SSID's but it's a lot more enjoyable to hop in the vehicle and go 'discover' the neighborhood.
Plus, then I get to pick up an additional eighty or ninety SSID's.:-)
Besides that, my roommates get perturbed when I try to snowboard, mountain bike, geocache, play frisbee golf, drive real golf balls, or skateboard inside the house.
skateboarding's the only one that remotely possible out of the list, BTW.
"Hi! I'm 212.90.0.89! Want to come to 127.0.0.1 and h4 | R-0uND?"
"Hmmm... I dunno... According to your DNS Server at 212.90.2.112, you're named Venom. That doesn't sound like somebody my admin would like me playing with."
It reminds me of my younger days growing up in the Midwest. There are a lot of abandoned farmhouses and barns in this country. Each trip was a glimpse into somebody's past. I'm finding out that there's a lot of places like that in the mountains, too. Each new trip seems so bittersweet.
Especially the part where she said that researchers stay away from the Magic Wood and the cemetary because that's where they buried a bunch of graphite.
The first thing I thought is, "DAMN! They buried a pile of extremely radioactive material in a cemetary?! Don't they ever read comics or watch movies?!"
> Most conversations I've had with "real hackers/geeks/anyonewithaclue" would probably make extremely boring tv (Not to say that it isn't possible (never say never) to have a good show with real hackers/geeks/anyonewithaclue, but imho, it is less likely).
Am I the only one who thinks Dan Kaminsky needs his own show? That would truly 0wn.
Slashdot Mirror
> I would be satisfied with an apartment and basic living expensives ($1000/mo)
;-D
Hmmm... You wouldn't happen to be a member of the Ghettohackers, would ya?
I pay $600 a month (just for my room. Utils and everything else that comes along with breathing are additional) and live with four other people. But then again, I get to snowboard an awful lot, so I'm not really complaining.
Oh yeah, and around here, "the beer flows like wine".
T
>To do local privilege escalation you need to have a local user account no? Remote exploits let the whole world in.
Sure... but local user accounts are usually a dime a dozen.
If you're targeting a particular system, a phone call can usually get you a password reset or some sort of guest account. If that doesn't work, it might take a little more effort to recon it for a user account but an account name at least is usually available.
If you're out "shopping" for any old WinBoxen that will do, a simple SNMP query across an IP scope will turn up a good number of public IP'd machines that are more than happy to tell you all about it's local users (and much much more).
Then, of course, there's good old fashioned guesswork... It's amazing how often people have the same password as their user name, or just use their last name, or the town they live in, or no password at all... Sure, administrators usually lock that stuff down but not very many cablemodem users with Windows Me have an administrator...
C:\> net use f: \\XX.XX.XX.XX\c$
The password is invalid for \\XX.XX.XX.XX\c$
Enter the user name for 'XX.XX.XX.XX': XX.XX.XX.XX\Bill
Enter the password for 10.10.5.101: ****
The command completed successfully.
or (my favorite)...
Enter the user name for 'XX.XX.XX.XX': XX.XX.XX.XX\administrator
Enter the password for 10.10.5.101:
The command completed successfully.
(note the lack of astericks in the password prompt)
Once you have some local user's account (admittedly, not always trivial but not usually difficult) it might as well be a remote root exploit, anyway.
My $0.05 (keep the change),
T
>Seriously, MS operating systems never get finished. . . .
You prolly coulda left off the 'MS'. What (significant) operating system built in the last 15 years has been completely finished?
T
>Then why the hell is windowsupdate.microsoft.com slashdoted? You bastards.
W32.MS_SlashBlaster.Worm ?
Just a thought...
T
>>Besides, local privilege escalation exploits are up there as being just as bad in my book.
:)
>I can't think of a nice way to say this...
>
>Your book sucks.
>
>Finkployd
Why? Maybe you're just trolling here but I don't see why you'd think that. Remote root exploits get you "everything" _now_. Privilege escalation exploits get you the nearly the same result.
This is particularily true in the Windows world. Setting up (functional) local user rights is a pain in the ass. It seems like the most that the majority of these exploits get used for are just Scriptk1ddies installing root kits to launch their Warez sites, IRC bots, or just some kind of bounce box to hide in. You don't need true root privileges for any of that.
--Then again, what do I know?
T
Sure they ask... You do read all the text in every little box that pops up, don't ya?
...And people wonder why email viruses / worms still prosper.
The sad fact is that most people don't read _any_ text in any box that pops up on the screen. They just zero in on the "yes" "no" "cancel" boxes and randomly pick whichever one they think will make the pop-up go away the quickest.
I mean, they were _trying to read_ something. They can't be bothered to change their train of thought and deal with this new mumbo-jumbo that just appeared on their screen.
T
I think that's called Extortion.
That's what mobsters do.
You're not a mobster, are you?
T
I stream at 11 Mb/s you insensitive clod!!!
Sure, why not?
:-D
Since I was just engaging in a nonsensical daydream anyway, it can be whatever ya like.
Cheers.
T
Heh heh...
Nice.
T
Speak for yourself...
I've gone through my third tuxedo this week from diving through large glass windows. At least the last window had a pool in the courtyard two stories below. Luckily though, the Russians didn't get the prototype chip from me. Once I plug that into my homebrew kit, I should be able to decode the hot new NSA encryption.
T
> This paves the way for us to make a MMOFPSFM.
I was thinking this myself. It could bring a whole new meaning to the term "cyberterrorism". It would be a whole new Counter-Strike where the Feds actually are the Feds.
Imagine a team of 3L33T FPS players from the Cult of the Dead Cow getting together and flashmobbing CitiBank. They start spawning in a map representing CitiBank's IT infrastructure and scaling the walls looking for an open window to enter (port). Once they get into a window, they might have to pick a couple of locks (crack passwords) or defeat a virtual fingerprint scanner (Buffer Overflow) and then they'd have access to the rest of the building. Real leet0 ninja teams would have to sneak around (hide logs) via thief or hitman to avoid the security (IDS's) to locate the files they were looking for. If they set off a laser tripwire (Snortbox) the Counter-Terrorists (Secret Service) would be notified and they'd start spawning in on the maps a la "The Matrix". It'd be a huge gunfight, file fragments would be flying everywhere, and people would be dropping off-line left and right while plugged into their Nebuchadnezzar-like chairs.
It seems that "The Neuromancer" is closer to actualization than I ever imagined.
Televised Tournament Mode should be a hit on Fox.
T
Thanks Much.
It's nice to see something constructive instead of people just bitching and cracking jokes.
I never have mod points when I really want them. When I have them, I either waste them on something stupid or hang on to them too long and they expire.
That costume really is impressive, tho.
T
WARDRIVING!
:-)
It's more fun to go wardriving when I leave the house.
Sure I can walk around the place waving an antenna around and pick up an additional eight or nine SSID's but it's a lot more enjoyable to hop in the vehicle and go 'discover' the neighborhood.
Plus, then I get to pick up an additional eighty or ninety SSID's.
Besides that, my roommates get perturbed when I try to snowboard, mountain bike, geocache, play frisbee golf, drive real golf balls, or skateboard inside the house.
skateboarding's the only one that remotely possible out of the list, BTW.
T
It's a cartoon.... On TV... On FOX, even...
It's been 15 years. What did you expect, really?
Besides, what else on TV these days is even close to the Simpsons?
Next, people are going to start saying the new Star Wars Series sucks because they're aimed at kids.
Oh, Wait...
Don't you people have any books to read or something?
T
BTW... Get your Simpsons here.
I did.
"Worst Article discussion... Ev-ar!"
He coulda been named "Sue".
"Hi! I'm 212.90.0.89! Want to come to 127.0.0.1 and h4 | R-0uND?"
"Hmmm... I dunno... According to your DNS Server at 212.90.2.112, you're named Venom. That doesn't sound like somebody my admin would like me playing with."
That's a damn cool link, thx.
It reminds me of my younger days growing up in the Midwest. There are a lot of abandoned farmhouses and barns in this country. Each trip was a glimpse into somebody's past. I'm finding out that there's a lot of places like that in the mountains, too. Each new trip seems so bittersweet.
T
Me too.
Especially the part where she said that researchers stay away from the Magic Wood and the cemetary because that's where they buried a bunch of graphite.
The first thing I thought is, "DAMN! They buried a pile of extremely radioactive material in a cemetary?! Don't they ever read comics or watch movies?!"
*Shivers*
T
>As loathe as I am to say it now, Microsoft has actually show us the benefit of "standards".
Microsoft!?
I'm sorry, I must've forgotten.... What was IEEE for again?
T
Holy Cow!
Who knew George Bush actually posted to Slashdot?
T
I can't even look at the first model without thinking that we should be seeing her through some grainy green night-vision lens with a fat piece of salami in her mouth;
But then again, I have issues.
T
> Most conversations I've had with "real hackers/geeks/anyonewithaclue" would probably make extremely boring tv (Not to say that it isn't possible (never say never) to have a good show with real hackers/geeks/anyonewithaclue, but imho, it is less likely).
Am I the only one who thinks Dan Kaminsky needs his own show? That would truly 0wn.
T
> T1-1.5mbps $200 per month
HOLY SHIT!
Qwest is still charging over a grand for a T1 in our area...
Fuckers.
T
You mean the Giggies?
T