New Phrack 239
Anonymous Coward writes "A new issue of the Phrack Magazine, #60 has been released today. It details some decent technique about kernel exploitation (OpenBSD), Cisco remote exploit, how to backdoor a core bzimage kernel and other stuff. The ascii based magazine is available at
phrack.org."
Anyone notice... (Score:2, Informative)
I like some of what they stand for (intellectual curiosity, hacking (in the real sense) and freedom) but a lot of what they *do* with those ideas is a bit dissapointing. In this case however, its not only right on target, but funny as well.
Re:Phrack. (Score:4, Informative)
Re:Gray hat? (Score:5, Informative)
- "sript kiddie" refers to someone with little or no maturity that uses an automated exploit scan program that makes hacks a matter of happenstance if anything else.
- "cracker" is one step higher from a script kiddie as this is a person who actually has a target in mind, but is not randomly screening. Usually a cracker will gain access by acquring a password (hence cracker). There are many ways to do this, but the more calculated attacks are usually by a cracker that is persistent.
- "black hat hackers" these are the guys you rarely hear about as they're main goal in life is to be where they shouldn't be and make sure that they're the only ones that know what they are doing. This is the sexiest of illegal hackers as these are the types that actually get into the "unbreakable" systems and really do know their shit. These people work for the government usually (and not just American) and some are even employed without wanting to be (part of a plea bargain). These are the type of people that you want to not be interested in your system as with a certain amount of time they will get into your system.
I'm not implying you don't know this, I was meerly trying to elaborate further on your post. And not everything these "Evil Hackers" do is all that bad. Many "script kiddie" tools are useful in testing your own systems for holes or exploits, if you have the same toys as they do, they can't beat you.
Grey hats are where most all computer type people belong, where we all usually do good, but we do know some tricks of the trade. Like an automechanic who knows how to hotwire a car or jimmy a lock open, does that make him a criminal? Same goes for anyone who is a professional locksmith (make the best theives?), doctors (make the best killers?), and bomb squad officiers (make the best bomb builders?). The joy of being a grey hat is knowing enough to protect yourself because you've been there before.
Case-In-Point ... the most secure server is one that is unplugged and buried in the middle of the earth, and that's still questionable.
Re:yikes (Score:3, Informative)
Re:Phrack. (Score:4, Informative)
Surprisingly enough, the textfile scene is quite alive!
Both www.textscene.com [textscene.com] and scene.textfiles.com [textfiles.com] do what they can to stay on top of the newest tfiles.
Re:Traffic Lights (Score:3, Informative)
OpenBSD vulnerability has been fixed in August (Score:5, Informative)
While interesting, the article describes a vulnerability that already has been fixed.
read Kevin Mitnick's story (Score:5, Informative)
Kevin Mitnick wrote a book, "The Art of Deception". The first chapter
has been deleted by the publisher at the last minute. It's available
on the internet:
http://www.wired.com/news/culture/0,1284,56187,00
http://littlegreenguy.fateback.com/chapter1/Chapt
[i linked this Phrack quote because Slash adds a space character to strings that wordwrap - can anyone tell me how to prevent this from happening?]
Re:OpenBSD vulnerability has been fixed in August (Score:4, Informative)
Re:Wrong. (Score:1, Informative)
No. A script kiddie is one who downloads exploits and runs them without any understanding of how he's doing what he's doing. Cookbook programming of an infinitely lower level. And usually they ARE kids, mentally and socially if not physically.
Re:Nostalgia... (Score:1, Informative)
Same thing.. also you need "01" instead of "1" to get your leading zero on...