|
-
May 25th, 2004, 03:42 PM
#21
Junior Member
probably the funniest hack i have seen, i read at a forum i don't remember if it was AO or not.
This hacker had taken control of this guys webcam that he had pointed at himself. The hacker then mailed the guy some pictures. 
Could have been a hox though but dam funny
-
May 25th, 2004, 10:49 PM
#22
Member
if a hacker is hacking a website, they may not even see a command line. they may just see the website cpanel, if there is an exploit that they use, or maybe just an ftp client. you dont need a console to hack, but for hacking computers that dont have a webserver, they will probably have a console, or a window system such as windows or another gui
-
May 26th, 2004, 04:35 AM
#23
command line ... portscaner an as we all know ...google as helper
but you all wonder of pic ... of a hacker so here hehe something for ya
true eyes of an hacker
http://www.r00tz.info/Forced_Entry.jpg
Un Seen But Well Heard Of
-
May 26th, 2004, 11:28 AM
#24
before:
http://bordergatewayprotocol.net/jon...nest/dork1.jpg
after:
http://bordergatewayprotocol.net/jon...nest/dork2.jpg
since several have replied concerning the "what does a hacker see on his screen" question. I shall reply to the "virus firing" question
"Does the hacker fire viruses at you like bullets in real time? "
Not really, most virii spread through the use of one or more security exploits, most popular of which recently have been buffer overflow exploits, in which virus writers create programs that take advantages of sloppy coding practices in programs that run network services on your computer. for example, the w32blaster worm spread thru the use of the rpc dcom exploit. a coding error found in a service enabled by default on many microsoft operating systems whose original intent was to allow authorized remote access to the machine over a network, but is rarely ever used. the service is dormant unless invoked by an application that needs to remotely control a computer. the rpc dcom exploit sent a packet to the target computer, usually on the open port 135, the one assigned to the rpc (remote procedure call) service. that packet contained a variable meant for that service, which expects it to be a certain length, but the variable given is intentionally much larger. a smart programmer would have written code to truncate the variable input before processing it, but this was an oversight that was found too late. the part of the variable that fits is processed by the service, and found to be benign in nature, the rest is processed from different parts of the system memory, wherever it may end up, not as part of the service, but as system level commands. (commands the system gives itself) giving the virus carte blanche to run any command it desires. this is called a buffer overflow exploit. using this and other exploits like it, programmers write virii to spread indefinitely, once they get to a new computer, they scan all available IP addresses for other computers with open ports indicating a vulnerability they can exploit to spread to that computer. virii as a general rule are rarely written to target any single person. usually they are written to spread indefinitely. exploits, however are often used by hackers to gain access to a person's computer remotely. hackers do this usually by using the system level command they can send to that person's computer to launch a program designed to give him access to the system or merely accept a connection from the attacker's machine the system would normally deny. then the hacker uses this connection to establish control of the machine. the commands that Tedob1 posted earlier were an exemplary execution of an lsass vulnerability, a buffer overun vulnerability that exists in the lsass (Local Security Authority Subsystem Service ), which ironically was originally intended for local security, but ended up being a nightmare for remote security. lsass also handles client/server authentication and active directory services. he isn't using the program itself, but a program of the same name written to exploit it, downloading that program and running it as Tedob did would give you remote command line access to the target system. to give you an idea of how fun this is, were he to then type: iexplore.exe www.iluvgaysex.com would launch the mentioned url in internet explorer, I did a similar thing to my network security teacher this past year using the rpcdcom exploit, I launched a flash page on his computer that announced "anal sex dot com!!" complete with bright flashing letters, while he was projecting his display on the overhead to the entire class, he was a cool guy and he thought it was funny, but he got me back by sending an email in my name to the entire class pronouncing my undying love for justin timberlake. I decided then to keep the high tech pranks to a minimum. the difference between a hack and a virus attack is this, I walk into a room, I see you, someone I intend to attack, I shoot you in the face, game over. this is a one on one attack, always done by the attacker personally. a virus attack would be more like me walking into a room, seeing you, the person I intend to attack, and spraying the room with an uzi. will I kill you? likely, but I'll also take down a half dozen people with you. who will be safe? noone, but if you're wearing a vest, you stand a chance.
:q :q! :wq :w :w! :wq! :quit :quit! :help help helpquit quit quithelp :quitplease :quitnow :leave :**** ^X^C ^C ^D ^Z ^Q QUITDAMMIT ^[:wq GCS,M);d@;p;c++;l++;u ++ ;e+ ;m++(---) ;s+/+ ;n- ;h* ;f+(--) ;!g ;w+(-) ;t- ;r+(-) ;y+(**)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
