| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon Aug 1 08:57:13 2005 From: dinis at ddplus.net (Dinis Cruz) Subject: Did you miss us yet? Surely this is a hoax? Dinis Cruz .Net Security Consultant Phrack Staff wrote: >[-]=====================================================================[-] > > +++++++++++++++++++++++++++ > =: P H R A C K - R E B O R N := > +++++++++++++++++++++++++++ > > ... Phrack is dead. Long Live Phrack. > > > CALL FOR PAPERS * CALL FOR PAPERS * CALL FOR PAPERS > > -------------------------------------- > Deadline: 15 October 2005 at 11:59pm > Submissions : phrackstaff@...il.com > -------------------------------------- > > The New Phrackstaff are pleased to bring you the third new > release of PHRACK. > > As originally stated, Phrack strayed from its original purpose > nearly 62 issues ago. Because of the irresponsible use of the > Phrack forum, the commercialisation of hacking has been allowed > to occur -- neigh -- encouraged. The old Phrack has been a long-time > in dying. The past few issues have been coughing up blood (this > could have been due to a severe case of industry rape). But now > that death has come to the old Phrack, like Gene Gray, Phrack > is reborn. > > Submissions should _NOT_ disclose new exploit methods, new backdooring > methods, or any other information that may be used by the information > security extortion industry to further increase their profit margins. > > Some article ideas: > - White-hat 12 Step Program > aka. "OMFG I'm a white-hat, How do I Stop?" > - B4 They were famous. > aka "Profiles of White-hats they would like to forget." > - HoneyNet Project: Be Your Enemy > - Saved by Project Mayhem > - Setting up your own "I'm a White-hat get me out of here" program. > > As a special treat to our readers, this CFP includes a sample > of the material we look forward to bringing you, our new Phrack > readership in the future. > > > >|=-----------=[ C O N T A C T P H R A C K M A G A Z I N E ]=---------=| > >Editors : phrackstaff@...il.com >Submissions : phrackstaff@...il.com >Commentary : phrackstaff@...il.com >Phrack World News : phrackstaff@...il.com >(ChiX|H4X)0r Porn : phrackstaff@...il.com -- We're open minded. > > ... > #, . .P > hr, . .. .Ac > 'K#ph, .. . .rAcK' > #ph'Rac, . . .K#P'Hra > Ck' #PHr ... .aCk' #Ph > rA, 'cK#, .pHr' .AC > 'K# 'Phr, .aCk' #P' > ... rAc ' .K.#P Hra ... > . cK# .pHR .a, cK# . > . .. pH, .rAc' . 'k#P .HR . .. > .. . 'Ac .K#' . 'PHr. '' .. . > . . aCk ' . '#PH, . . > ... .rA.'cK' . .. '#PH, ... > .rAc' k#, ..... .PH 'rAc, > .K#P' 'Hr . aC' 'k#P, > .hRa' cK# . pHr 'aCk, > .#Ph'____________________________ rAc ______________'K#P, >.HRACK#PHRACK#PHRACK#PHRACK#PHRACK#'.PH RAC#PHRACK#PHRACK#PHRa. > ... cK' > #Pr aCk > #Ph rAc > K#, .Ph > 'RA CK' > #P. .hR > aC.K# > PhR > A > > > . > Or contact us via seance > > > > >|=------------------=[ S A M P L E A R T I C L E ]=------------------=| > > >With the recent trend of everyone writing a book, the phrack staff have >taken a break from our usual research to give it a try. For your reading >enjoyment, we give you a sample chapter from our upcoming book, "Know >your enemy: The Security Industry". > >The first chapter is titled "The Art of Being Pwnd." I'm not sure I >like the title, but the rest of the staff tell me it fits. Give it a >read, and let us know what you think. > > >------------------------------------------------------------------------- >Chapter 1: > > The Art of Being Pwnd > > > If you don't like your job you don't strike. > You just go in every day and do it really > half-assed. Thats the American way. > -- Homer (Simpson) > > >It was another uneventful 2600 meeting for C1tiZ3n, the New-York kids >were bragging about their latest 'big' hack and passing around the new >Mitnick book, "The Art of Intrusion", while trying to avoid the advances >of Emanuel in his halter top purchased at CCC. For C1tiZ3n this was >particularly a concern, as he was unusually fit for a hacker, probably >lucky genetics. When things would get desperate, C1tiZ3n had taken to >pretending to listen to rebel, just to avoid Emmanuel (and fleas). > >With the meeting over, The Mitnick book kept rolling through his head. >As a younger kid, C1tiZen had looked up to Kevin as a role model. His >room still had some of the 'Free Kevin' stickers from the campaign to >release him from his wrongfull imprisonment (and suitable friendship >with 'Bruno'). C1tiZ3n had wanted to be just like kevin -- able to >launch a nuke by whistling thru a telephone. But no more. > >After his release, Kevin had turned his back on all that he once was -- >selling out his hacker ethic for a business of selling snake oil to fat >executives who wanted to hear him talk about social engineering and >hacking. Business had been good for Kevin, from what he would say when >he came to the 2600 meetings, he was making a killing at his speaking >engagements. It was sickening to listen to him go on about it. Kevin had >become just another white-hat -- profiting from manufacturing fear in >his clients, and then by offering solutions at a highly exorbitant cost. >He was now no different from Custom Shimomura -- a Gonif. > >In the depths of his anger and despair, C1tiZ3n remembered reading in >Kevin's latest book something about how secure his systems were, and how >much it would mean for someone to hack him. Grabbing his copy of the >"Art of Intrusion", he looked for it. There it was: > > > "Hackers play one-up among themselves, Clearly one of > the prizes would be bragging rights from hacking into my > security company's Web site or my personal system." > -- K3v1n Mi7n|cK > >Maybe, just maybe Kevin could still be saved, and if not -- convinced to >give up his sinful ways and follow his anger back to the true way. An >idea was forming in C1tiZ3n's head, a little bit of his own Project >Mayhem -- PHC style. He would need help for this, especially if he was >to do it right. > > >Another Day, Another Half-hour Interview >---------------------------------------------------------- > >Safely back in his room, Kevin took a few minutes to catch up on email. >These conference organizers had just hit him with a surprise interview. >This had been a re-occurring problem, but Amy had worked out a solution. >In his email was an email that Jen had sent on his behalf from his >mitnick@...leafproductions.com account. > > > Carlos, > > Please correct the following balance to Mr. Mitnick's > account: > >Bla, Bla .. more money talk. "This is why I pay her to take care of >me." A paragraph lower down in the email caught his eye: > > Further, in section 3.03, the contract states, "For each > additional interview, up to thirty (30) minutes in length, > the Speaker requires one additional night in the event venue, > all room and tax charges, all meals for one (1) additional day, > Internet service, laundry service, and ground transportation. > All of these expenses must be pre-paid by the Client in USD > prior to the delivery of the extra interviews." > >"Jen is so sexy when she talks legal", Kevin thought. That should help >put an end to these surprise interviews. "My clients are already cheap >bastards, they will definitely think twice now before trying to spring >an interview on me". Despite this, somehow the phrasing of the paragraph >bothered Kevin. "..delivery of the extra interviews.", That makes me >sound like a whore selling my 'wares' to the 'Client'. "Jen will have >to reword that, but its good enough for now.", he thought. > >The next email was from Gonzalo Zapata <gonzalozapatac@...mail.com> >asking for the POWER POINT PRESENTATIONS for the Argentina conference. >"Why the fuck do those spicks have to put that in all caps? God, I wish >i could just hack a bank or something so I wouldn't have to put up with >these armatures." Kevin signed, fired off a quick email to Matthew C. >Beckman (aka nulllink@...llink.com), inquiring why he wasn't responding >to email. That done, kevin closed his laptop. Time for some drinks at >the bar, courtesy of his suffocating fan-base. > >He paused, remembering to take some business cards with his 'junk' email >address to give to losers he never wanted to hear from again -- like >that Scott Madison guy he met at the Sydney workshop at the Sofitel. > > >Target: Mitnicksecurity.org >---------------------------------------------------------- > >Meanwhile, C1tiZ3n has been busy researching his mark. Apparently, he >had his work cut out for him. Not only was kevin running on a >ultra-secure freebsd web-hosting provider, they used some of most >advanced security software that money could buy -- Snort. > >With top security experts working at Mitnick's security >company and more still in his phone book, C1tiZ3n thought that >this would be the hardest job yet. He was soon to learn he was wrong. > >Kevin had left demo scripts publicly available on his web-site. Better, >the demo scripts were for sql injection vulnerabilities. That is all >that is necessary. C1tiZ3n had a older UDF that he wrote months ago >on his laptop, all that was necessary was to store it into the database >and then drop via INTO OUTFILE. > >A couple minutes work later, he was greeted with a login shell to >kevin's site: > >$ls -l > >total 5562396 >drwx--x--x 9 mitadmin mitadmin 4096 Jun 14 16:50 . >drwx--x--x 90 root root 4096 Jun 7 22:41 .. >-rw-r--r-- 1 mitadmin mitadmin 5650470878 May 9 01:24 backup-02-09-2005.tgz >-rw------- 1 mitadmin mitadmin 3919 May 27 16:22 .bash_history >-rw-r--r-- 1 mitadmin mitadmin 399360 Apr 28 13:55 clid2.tar >-rw-r--r-- 1 mitadmin mitadmin 399360 Feb 23 10:58 clid.tar >-rw------- 1 mitadmin mitadmin 25 Jun 14 16:14 .contactemail >-rw-r--r-- 1 mitadmin mitadmin 10 Feb 9 18:25 .contactsavetime >-rw------- 1 mitadmin mitadmin 1682 Jan 24 02:18 .cpanel-ducache >drwxr-xr-x 3 mitadmin mail 4096 May 23 09:19 etc >drwxr-xr-x 34 mitadmin mitadmin 4096 May 23 09:19 .htpasswds >-rw------- 1 mitadmin mitadmin 14 Jun 14 16:14 .lastlogin >drwxrwx--- 3 mitadmin mail 4096 Jan 17 21:38 mail >-rw-r--r-- 1 mitadmin mitadmin 38559604 Apr 25 10:15 mitnickpromo2.mov >-rw-r--r-- 1 mitadmin mitadmin 399360 Jan 31 07:24 newclid.tar >drwxr-xr-x 3 mitadmin mitadmin 4096 Jan 17 17:00 public_ftp >drwxr-xr-x 40 mitadmin nobody 4096 May 23 09:19 public_html >-rw-r--r-- 1 mitadmin mitadmin 13 Jun 14 16:14 .rvlastlogin >-rw------- 1 mitadmin mitadmin 24 Mar 28 03:33 .spamkey >drwx------ 6 mitadmin mitadmin 4096 Jan 24 02:16 tmp >drwx------ 2 mitadmin mitadmin 4096 Jun 14 16:26 .trash >lrwxrwxrwx 1 root root 11 Jan 17 17:00 www -> public_html > >Quickly looking through the directories, C1tiZ3n made note of some directories >that looked particularly intresting. Pausing for a second, C1tiZ3n chuckled as >he looked at ralph's directory: > >$ls -l public_html/ralph > >./public_html/ralph: >total 6272 >drwx--x--x 2 mitadmin mitadmin 4096 Jan 24 15:49 . >drwxr-xr-x 40 mitadmin nobody 4096 May 23 09:19 .. >-rw-r--r-- 1 mitadmin mitadmin 6391141 Jan 23 03:43 Deltron 3030- Virus.mp3 >-rw------- 1 mitadmin mitadmin 4 Jan 23 03:28 .ftpquota >-rw-r--r-- 1 mitadmin mitadmin 142 Feb 20 08:49 .htaccess > >"Fanboi", C1tiz3n thought. "Enough of this browsing, now work really begins". > > >30 days and $1,436 dollars later >---------------------------------------------------------- > >"How much was it?" Kevin was insensed. > >"One thousand, four hundred, thirty five dollars and ninety-nine cents", >Caroline repeated calmly, adding " Its mostly from the international >calls while you were in Greece and South Africa. > >"Pay it.", he snapped. Adding, "We need to find a more cost effective >solution." > >TMC had been good to kevin. Their prices were not that exorbitant, and their >service had been acceptable. This bill though, it was almost seven times >average. > >"About the books for your signings.", Caroline was wanting a different >subject badly. "I had them shipped to you at the 7113 West Gowan Road, >Las Vegas address. From what the publisher said, the advance orders are >going very well." > >"Good. Ive already been contacted about the identities of one of the >chapter's subjects. Seems the FBI is investigating, and they decided >to pay me a visit." > >"What will you do?", ask Caroline. > >"I don't want any more trouble from them, I just gave them what they wanted. >They promised it would not be attributed to me. If word of this got out, >no one would ever dare talk to me again." Kevin never really recovered >from his stay in club fed. The beatings, the brutality, Bruno. He had been >betrayed by his friends, and now he would do whatever it took to stay out >-- even if itment being the low-life type narc that landed him in jail in the >first place. > > >"You did what you had to. After what they did to you the last time, I don't >think anyone can blame you. Besides, better them then you." Caronline consoled >him. He was her meal ticket, and she knew it. > >"Well, enough. I'm going for a jog. Talk to you later." > >Surveying the prize >---------------------------------------------------------- > >Pay-dirt. Looking through the directory listing, C1tiZen noticed that >apparently kevin was not above the use of pirated files in his company. >Particularly, Compuware's softice, Core Impact and CANVAS. It seemed >that the files were purposefully placed in world accessible directories >for download during penetration tests. > >All through the site were power point presentations that kevin used in >his engagements. Janis's home directory contained most of them (her >password is crypt0). > >And there was the presentation that C1tiZ3n had seen before -- the art of >intrusion power-point. > >"He needed to update his definitions of a black hat hacker", C1tiZ3n >though. "Not only do they hack for personal or political reasons, but >also for financial gain. Like when TWD was hacking sites to feed his >heroin addiction. On second thought, white-hats are not much different >-- they exploit the fear of their clients for financial gain to feed >their addictions. " > >C1tiZ3n sighed, "How the mighty have fallen.", he thought. > >Moving further down the file listing, the 'pen-testing' directory caught his >eyes. Inside was a treasure trove of files from penetration testing jobs that >kevin had sold to unsuspecting victims^H^H^H^H^H^H^Customers. > >There were reports, and logs, and the most interesting files were trophies >that kevin retained from his exploits. "Old habits die hard, heh." > >C1tizen downloaded and opened one report -- for Midland Credit >Management. "This form looks very familiar." It was rare that two >companies would have the same layout and style for a report, and C1tiZ3n >had seen a report like this before. "Here it is. " C1tiZ3n chuckled, >"Mitnick has ripped off a template that looked excatly like one from >when he had owned rooted.net" > >-- A weekend previously >In a frenzy of irc hacks, C1tiZ3n had encountered a guy on one of >his many ereet SILC servers, Mrx. Mrx was particularly >smug and often liked to talk about his many eveningz with Mitnick along >with a nice chianti and vava beans. These SILC conversations would often > involve the conversations normally reserved for special evenings with Kevin >C1tiZ3n felt the occassional anal rape was worth standing so he could find an >angle onto the great dissapointment.. > >C1tiZ3ns shell from rooted.net was enough to provide access to Mitnicks social >calender, emmanuals 2600 "money shots" and his life, including corporate >reports and a kick-ass email address (c1tizen@...lly.rooted.net). > >---- The Present day > >The midland report made for interesting reading, but what was more >interesting was what it didn't say. It said nothing about the credit >record files that kevin stored in the penetration directory, publicly >accessible to the world, that were downloaded from Midland. "Kevin's >retirement plan", C1tiZ3n joked. > >Disgusted, CitiZ3n closed his connection. "I can't take it anymore, >Kevin used to be _the_ hacker of hackers. Now he's just another stinking >white-hat. The community used to rally around him, but now he betrays us >-- exploits us for his financial gain. Exploiting his own clients -- >first their fear, then their trust. " > >"Free Kevin?", thought C1tiZ3n, "No.. Put kevin back, please!" > >--------------------------------------------------------------------------- > >So, what do you think of the first chapter of our new book, "The art of >being pwnd?" I enjoyed writing it, and I hope you enjoyed reading it. Stay >tuned for our next chapter, "How to Own a Publisher". > > >[-]=====================================================================[-] > > >------------------------------------------------------------------------ > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050801/f4292032/attachment-0001.html
Powered by blists - more mailing lists