I've always wondered how does a hacker choose his victem. Is their a typical set of steps they go thru or a tool they use to scan ips or is it they sortof fall upon your machine.
Printable View
I've always wondered how does a hacker choose his victem. Is their a typical set of steps they go thru or a tool they use to scan ips or is it they sortof fall upon your machine.
Proper Term: Cracker
These kinds of people usually just go for the easiest target, that simple. Most "hacking" nowadays is no more difficult than telneting somewhere, or sending them a game in an email. IPs can be found by social engineering, IRC, direct connections and numerous other ones
Yeah, pretty much what knoledgesponge said.
By one definition, most "breakins" are by Code Red, etc. Those programs just choose IP addresses at random, then try to exploit them using the same exploit they used originally.
For a less automated approach, people scan random IPs and look for vulnerable hosts. Extortion crackers ("I have noticed some security holes on your network. It would be horrible if your accounting records were erased and your customers' credit card numbers were posted in IRC. Would you like to hire me as a security consultant?") use this kind of method.
On the other hand, some people pick their targets for non-technical reason (they've been paid to do corporate espionage, the victim is a spammer, they disagree with the victim's political opinions, they want to steal from the victim's customers, etc.). These are the ones you rarely hear about, and also the ones who are really dangerous.
Sponge: While you are right for the majority of cracks you have to remember they are carried out by skiddies who are looking for a target, any target, to crack.
With regard to the people who actually "chose" a specific target the reasons are myriad - political difference, hatred of a given race, creed, religion.... etc. etc. etc. The motivations are too many to list.
The method is usually the same, (generally speaking). They need information, where are the "enemy", what can I find out about them generally etc. This is the footprinting phase and can take literally months if the chap is determined and wants/needs to do a good job. The reconnaisance can be very thorough and may include some social engineering to glean data that might not be publicly available. Slow and deliberate scanning of the available networks, careful taking apart of web sites etc. etc. etc all figure into this.
By the time the person is ready to attack he knows exactly where he will attack, what OS, version, patch level, application and results. Then the attack takes place.... Usually in a few seconds. The "dirty work" gets done, web page defacement or whatever. Cleanup then takes place - delete logs, or better yet delete the log entries that apply to him leaving the rest intact and then leave.....
All in all, those people who select their targets are formidable and talented adversaries, (i'm not speaking to their ethics you'll note... ;)), the skiddies..... Well...... I'll plead the 5th thank you..... ;)
wait till i pray upon u & u will come to know
i think they try & guess only that where they can go
[Most "Hackers", mainly "script kiddies", go after the easiest targets...systems that don't take much effort. Then u have the hackers w/a purpose who attack oppressive gov sites like one's belonging to China, India, etc.]
[Emperor Viczerez]
[Lord of the Viczerian Empire]
[[email protected]]
Most people that would do such a thing are trying to get a message out, or are disgruntled in some way, orrr are just some skiddiess scanning subnets for vulnerable systems.. Most "Hackers" in the true sense, wouldn't waste their time with such a thing unless they are hired to find the security holes and plug the systems..Quote:
[Most "Hackers", mainly "script kiddies", go after the easiest targets...systems that don't take much effort. Then u have the hackers w/a purpose who attack oppressive gov sites like one's belonging to China, India, etc.]
Just because I haven't seen it mentioned I thought it'd be worth mentioning...
One of the most common reasons I hear about for personal machines being hacked, is due to a shared interest in an internet based game. Or more specifically due to offending someone who plays the same online games...
Back when I was playing EverQuest - or EverCrack as we more commonly called it :) i heard of hundreds of players getting their machines hacked/cracked in one way or another. I personally even knew one person whose machine got owned to the point the cracker even popped up a dialog box on the persons machine to talk smack to him - even going so far as to tell him what 'group' had hired him to do the cracking - before trashing his PC to the point of needing to reformat.
Poor guy hadn't followed my advise of installing zonealarm - I had been preaching on multiple of group's game boards about the importance of running a firewall, he just happened to be the only one who found out first hand why...
I hear about many occurances very similar to this revolving around other internet based games also...
RRP
I think that it is good to note that there are many different types of attackers with varying skill levels. Lower level attackers will just look for targets of opportunity, while skilled attackers will go after a specific targets for different reasons political, monitary, or other reasons known only to them. There is no one group of people called "Hackers" besides, most people use the term Hacker wrong anyway. I love how people just throw that term around.
Its not too hard to get a pop up on their computer, any basic trojan can get dialog box to talk smack through, like any other direct connection...
It's quite simple, a hacker picks his/her target because he/she feels like it.
No idea if that'll work, but I'm bored :PCode:<?php
for ($a = 1; $a <= 4; $a++) {
srand((double)microtime()*1000000);
$randvalue = (int)rand(0,255);
if ($a == 1) {
$a = $randvalue;
Else {
$a = $a . "." . $randvalue;
}
}
?>
- Noia
Good comments...
At the risk of me_too_ism, here is how I more or less see it.
Cat. A) - The cracker/hacker/kiddie/lamer has a specific exploit for a service, and begins hunting for machines
that the exploit is most likely to work on. An example would be Sun sendmail 8.9.4 (an old version)
running on Solaris 2.5.. And so the search for machines that fit this profile begins.
Cat. B) - Specific intended victims. An example is a very deliberate attack against some_company.com or
some_government_site.gov for reasons that are typically personal to the attacker, but almost always
involve prestige. Being able to brag on IRC is socially elevating for lamers and kiddies, and is
often the motivation behind the targets.
Cat. C) - The "gold_miner". These are attackers who spend a good deal of time checking out networks and
machines in search of exploitable machines and networks.
Interestingly though, the FBI has previously estimated that (not unlike murder and rape) that in around 60% or
more of computer security incidents, the attacker knows the victim.
Note: Hacking and Cracking not really the *same* thing :-)
From my experience if you whip a script kiddies ass in a multiplayer game they try all kinds of **** to try and "hack" you lol
Most hackers are smart and tend to hack people who started using the net on a specific date in computing history, such as Bill gates' birthday, or the launch date of the beloved o/s UNIX, or the creation date of DOS. Things like that
hacking and cracking are totally different. hacking is not neccessarily illegal as some companies will reward you for finding their most vulnerable spots if you get into their systems. They then know where to improve thier security. That is hacking. When you hack into a system just to get in, and to prove you can.
Cracking on the other hand is illegal. Cracking is when someone hacks into a system and steals or changes information. Hackers to not tend to steal, they only try to get in.
Just to bring everyone up to speed, the "politically correct" term to use these days is, "attacker".
:)
Also, attackers' motivation will be different from case to case but there are a few major categories as I see it (and those at Foundstone):
1) Curiosity
2) Entertainment
3) Political Reasons
4) Desire for info
5) Thrill of gaining root
6) Attempt to compromise additional systems.
7) Trophy hunting to gain status
-TH13
Hoss: When did you become "politically correct"?????? Oh dear..... ;)
Frankly though 2, 5 & 7 are the same... That's entertainment..... can anyone say "skiddie"
You forgot disgruntled employee and potential for financial gain, they are pretty good ones too..... :rolleyes:
no real hacker is going to go into someone computer and hack them. Thats for crackers or "script kiddys" that like to do malicious things and destroy easy targets, they have no idea of a challenge. they take the easy way instead of finding something to aquire knowledge from.
Hmm... I agree with you to an extent Tiger, and maybe 2 and 5 are closely related. And good points on the vengeful ex-workers and blackmailers.
IMO though, 7 can't be lumped into the same group. I'm sure there's a thrill in trophy hunting, but without going all Psych 101 on you, 7 stands apart because it has elements of gaining recognition and respect among your peers, not to mention the competitiveness angle.
But what do I know? Come to think of it, a hacking trophy would look mighty keen in my cube or as a hood ornament. Either or ;)
Phern: 7 fits very well into "entertainment", psych 101 included or not.... The phrase was "to gain status".....
Gaining status and competition are basically pleasurable activities..... If you "win" or people give you kudos for your accomplishments it is a pleasurable thing..... Pleasurable = entertaining.... It's something you do for personal gratification..... So, 7 fits quite nicely into the group....
Alot of time a "hacker" will pick a very specific target, such as someone who has gotten on their bad side or that might have a secrect that they want to know. Another reason is payment many "hackers" do assignments for some sort of payment, the lets say "consumer" might have a certain victim in mind but not know what they are doing so they will hire someone with a little more knowledge to do the job for them.
Hate or Be Hated ; )
Ive got a couple links you might want to look at.
http://www.linuxvoodoo.com/resources/security/enemy/
http://www.linuxvoodoo.com/resources/security/motives/
These two papers go into a bit of detail on script kiddies and how they pick their victims as well as helping to protect yourself from them. You can see all of the papers in the series named "Know Your Enemy" here http://www.linuxvoodoo.com/resources/security/
PeacE
-BoB
The Community isn't like that anymore, and I have never seen it while it is. If you claim to have done something cool, then people dont believe you, and if you prove it the "authorities" get ya. Either way you dont really win. Why not do it, if at all, just to learn and not to brag at all?
mostly crackers are teenagers on an average... n most of them either have a purpose, or just wanna check their knowledge... most of them just do "hacking", "script-kidding" etc. for bragging....
That would depend on how easy it would be for them.. human nature rules the land. Even a pro will take a shortcut to get home or win a race. They start out curious and then it becomes a disease to them and they can not stop, the key to their success is their ability to retain knowledge. Anyone can learn anything they want... but can they retain it and retrieve it at will.Quote:
Originally posted here by NorthernLytes
no real hacker is going to go into someone computer and hack them. Thats for crackers or "script kiddys" that like to do malicious things and destroy easy targets, they have no idea of a challenge. they take the easy way instead of finding something to aquire knowledge from.
Should have a new cate called leakers LoL for the 1's 2 dumb to retain the power. They do try and and they even find the answers but in the end they are not capable of retaining the amount of information needed to draw a target in the right place from the sky... (jk) only a few will understand that last part.
Wanted to add a few more to this list:Quote:
Originally posted here by thehorse13
Just to bring everyone up to speed, the "politically correct" term to use these days is, "attacker".
:)
Also, attackers' motivation will be different from case to case but there are a few major categories as I see it (and those at Foundstone):
1) Curiosity
2) Entertainment
3) Political Reasons
4) Desire for info
5) Thrill of gaining root
6) Attempt to compromise additional systems.
7) Trophy hunting to gain status
-TH13
8) hacktivism (usually for defacements; supporting a particular cause like Red Cross aid for areas hit by major natural disasters and no one cares; best example: NASA defaced to ask for Red Cross support after India (?) was hit by major earthquake shortly after 9/11)
9)Mount Everest reason (just because).
a cracker is a person that cracks copywrite protection schemes. It has nothin gto do with attacking computers. The correct term is malicious hacker.
But this is an old discussion and completely pointless.
To bring up another old discussion that is completely pointless....Souleman is my hero.
I prefere to do all my hacking with a Picaxe!
If you wanna know try out the middle east and turkish sites because they are weak in general. The best place to start with is search for turkish and middle east sites from yahoo and apply security checks with nessus to find the holes. Than it is up to you...