"Sam I Am" attack or tool?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: "Sam I Am" attack or tool?

  1. #1
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177

    Question "Sam I Am" attack or tool?

    Is anyone familiar with this phrase or a tool by this name/nickname?
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  2. #2
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    Doesn't sound familiar to me, although it could be a possible alias/nickname for SamSpade? I dunno, I'm just throwing out ideas.. You're not sure whether or not it's an attack or a tool? Because that might help narrow things down.
    Space For Rent.. =]

  3. #3
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    That's what we thought, a module or something for Sam Spade. The skiddie claimed to have cracked a site ("I 'Sam I Am'd' it") and we have evidence he was on the system. Trying to figure out what he meant by 'Sam I Am'd' it...
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  4. #4
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    Hrmm.. what do your logs say? Like, do you know exactly what he "cracked" to gain access? Perhaps he coded something or used an underground skiddie tool (named that) used to crack the website.

    Again, throwing out possible scenarios trying to help.

    EDIT: I might have found something, but I'm not sure.. do you think "Sam I Am" could possibly be his "handle"? Or are you confident it's a tool/attack? From the way he described it, it sounds like a tool/attack, but I'm just trying to look for things here.
    Space For Rent.. =]

  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Zen:

    If:-

    1. The server you are talking about hosts a Blog

    and

    2. It uses the I-Power Blogger

    then

    The skiddie is referring to using the same exploit that was used around the end of September to compromise these blogs. I would suggest that this kiddie also exploited the blog found here..... The name will make it familiar to you....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #6
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    thanks Spyder, it's all helpful.

    Unfortunately, we don't have anything except what the client has told us. They where informed that a website was cracked "Sam I Am'ed", and they believe they've seen evidence that the cracker was on the system in the time frame mentioned. We have a scoping call soon, and no one seems to know what he means by this phrase.

    Several of us agree...it sounds familiar, but we aren't sure what it is. Google isn't returing a lot (except for Sam Spade general links, or Dr. Seuss sites.)
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  7. #7
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    No problem man, just trying to do my best. Yeah, I was using google and nothing was coming up really. Well, post in any update or new knowledge as it becomes available.. and that's all I can really say for now.

    Oh, and good luck
    Space For Rent.. =]

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Zen.... See my response above.... It fits quite well when you consider colloquialisms... Find the exploit agains that site and you have the hole in your client's.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by Tiger Shark
    Zen:

    If:-

    1. The server you are talking about hosts a Blog

    and

    2. It uses the I-Power Blogger

    then

    The skiddie is referring to using the same exploit that was used around the end of September to compromise these blogs. I would suggest that this kiddie also exploited the blog found here..... The name will make it familiar to you....
    Not sure, I'm doing the background work while a colleague is on site with the client for other concerns. I'll have her ask about your two points. I'd think no, but I've seen a lot of corporate blogs springing up all over. Do you have any specific info on the September vulnerabilities? Searching for anything "blog" related is like looking for a Needle in a stack of Needles...

    We thought Sam Spade too, but no luck there. I was also looking at www.sam-i-am.com (another techies blog) and some other stuff. I'm digging into I-Power now.

    Thanks guys!
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  10. #10
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Sam i am is also the name of a skiddie given "greetz" on this page. Maybe he has a little "sploit" for your server that this kid used.

    You might want to look into Astcell who's slogan at defcon was Sam I am as seen here
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •