[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <42EDD5AE.8030901@ddplus.net>
Date: Mon, 01 Aug 2005 08:56:30 +0100
From: Dinis Cruz <dinis@...lus.net>
To: Phrack Staff <phrackstaff@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com,
dailydave@...ts.immunitysec.com
Subject: Re: Did you miss us yet?
Surely this is a hoax?
Dinis Cruz
.Net Security Consultant
Phrack Staff wrote:
>[-]=====================================================================[-]
>
> +++++++++++++++++++++++++++
> =: P H R A C K - R E B O R N :=
> +++++++++++++++++++++++++++
>
> ... Phrack is dead. Long Live Phrack.
>
>
> CALL FOR PAPERS * CALL FOR PAPERS * CALL FOR PAPERS
>
> --------------------------------------
> Deadline: 15 October 2005 at 11:59pm
> Submissions : phrackstaff@...il.com
> --------------------------------------
>
> The New Phrackstaff are pleased to bring you the third new
> release of PHRACK.
>
> As originally stated, Phrack strayed from its original purpose
> nearly 62 issues ago. Because of the irresponsible use of the
> Phrack forum, the commercialisation of hacking has been allowed
> to occur -- neigh -- encouraged. The old Phrack has been a long-time
> in dying. The past few issues have been coughing up blood (this
> could have been due to a severe case of industry rape). But now
> that death has come to the old Phrack, like Gene Gray, Phrack
> is reborn.
>
> Submissions should _NOT_ disclose new exploit methods, new backdooring
> methods, or any other information that may be used by the information
> security extortion industry to further increase their profit margins.
>
> Some article ideas:
> - White-hat 12 Step Program
> aka. "OMFG I'm a white-hat, How do I Stop?"
> - B4 They were famous.
> aka "Profiles of White-hats they would like to forget."
> - HoneyNet Project: Be Your Enemy
> - Saved by Project Mayhem
> - Setting up your own "I'm a White-hat get me out of here" program.
>
> As a special treat to our readers, this CFP includes a sample
> of the material we look forward to bringing you, our new Phrack
> readership in the future.
>
>
>
>|=-----------=[ C O N T A C T P H R A C K M A G A Z I N E ]=---------=|
>
>Editors : phrackstaff@...il.com
>Submissions : phrackstaff@...il.com
>Commentary : phrackstaff@...il.com
>Phrack World News : phrackstaff@...il.com
>(ChiX|H4X)0r Porn : phrackstaff@...il.com -- We're open minded.
>
> ...
> #, . .P
> hr, . .. .Ac
> 'K#ph, .. . .rAcK'
> #ph'Rac, . . .K#P'Hra
> Ck' #PHr ... .aCk' #Ph
> rA, 'cK#, .pHr' .AC
> 'K# 'Phr, .aCk' #P'
> ... rAc ' .K.#P Hra ...
> . cK# .pHR .a, cK# .
> . .. pH, .rAc' . 'k#P .HR . ..
> .. . 'Ac .K#' . 'PHr. '' .. .
> . . aCk ' . '#PH, . .
> ... .rA.'cK' . .. '#PH, ...
> .rAc' k#, ..... .PH 'rAc,
> .K#P' 'Hr . aC' 'k#P,
> .hRa' cK# . pHr 'aCk,
> .#Ph'____________________________ rAc ______________'K#P,
>.HRACK#PHRACK#PHRACK#PHRACK#PHRACK#'.PH RAC#PHRACK#PHRACK#PHRa.
> ... cK'
> #Pr aCk
> #Ph rAc
> K#, .Ph
> 'RA CK'
> #P. .hR
> aC.K#
> PhR
> A
>
>
> .
> Or contact us via seance
>
>
>
>
>|=------------------=[ S A M P L E A R T I C L E ]=------------------=|
>
>
>With the recent trend of everyone writing a book, the phrack staff have
>taken a break from our usual research to give it a try. For your reading
>enjoyment, we give you a sample chapter from our upcoming book, "Know
>your enemy: The Security Industry".
>
>The first chapter is titled "The Art of Being Pwnd." I'm not sure I
>like the title, but the rest of the staff tell me it fits. Give it a
>read, and let us know what you think.
>
>
>-------------------------------------------------------------------------
>Chapter 1:
>
> The Art of Being Pwnd
>
>
> If you don't like your job you don't strike.
> You just go in every day and do it really
> half-assed. Thats the American way.
> -- Homer (Simpson)
>
>
>It was another uneventful 2600 meeting for C1tiZ3n, the New-York kids
>were bragging about their latest 'big' hack and passing around the new
>Mitnick book, "The Art of Intrusion", while trying to avoid the advances
>of Emanuel in his halter top purchased at CCC. For C1tiZ3n this was
>particularly a concern, as he was unusually fit for a hacker, probably
>lucky genetics. When things would get desperate, C1tiZ3n had taken to
>pretending to listen to rebel, just to avoid Emmanuel (and fleas).
>
>With the meeting over, The Mitnick book kept rolling through his head.
>As a younger kid, C1tiZen had looked up to Kevin as a role model. His
>room still had some of the 'Free Kevin' stickers from the campaign to
>release him from his wrongfull imprisonment (and suitable friendship
>with 'Bruno'). C1tiZ3n had wanted to be just like kevin -- able to
>launch a nuke by whistling thru a telephone. But no more.
>
>After his release, Kevin had turned his back on all that he once was --
>selling out his hacker ethic for a business of selling snake oil to fat
>executives who wanted to hear him talk about social engineering and
>hacking. Business had been good for Kevin, from what he would say when
>he came to the 2600 meetings, he was making a killing at his speaking
>engagements. It was sickening to listen to him go on about it. Kevin had
>become just another white-hat -- profiting from manufacturing fear in
>his clients, and then by offering solutions at a highly exorbitant cost.
>He was now no different from Custom Shimomura -- a Gonif.
>
>In the depths of his anger and despair, C1tiZ3n remembered reading in
>Kevin's latest book something about how secure his systems were, and how
>much it would mean for someone to hack him. Grabbing his copy of the
>"Art of Intrusion", he looked for it. There it was:
>
>
> "Hackers play one-up among themselves, Clearly one of
> the prizes would be bragging rights from hacking into my
> security company's Web site or my personal system."
> -- K3v1n Mi7n|cK
>
>Maybe, just maybe Kevin could still be saved, and if not -- convinced to
>give up his sinful ways and follow his anger back to the true way. An
>idea was forming in C1tiZ3n's head, a little bit of his own Project
>Mayhem -- PHC style. He would need help for this, especially if he was
>to do it right.
>
>
>Another Day, Another Half-hour Interview
>----------------------------------------------------------
>
>Safely back in his room, Kevin took a few minutes to catch up on email.
>These conference organizers had just hit him with a surprise interview.
>This had been a re-occurring problem, but Amy had worked out a solution.
>In his email was an email that Jen had sent on his behalf from his
>mitnick@...leafproductions.com account.
>
>
> Carlos,
>
> Please correct the following balance to Mr. Mitnick's
> account:
>
>Bla, Bla .. more money talk. "This is why I pay her to take care of
>me." A paragraph lower down in the email caught his eye:
>
> Further, in section 3.03, the contract states, "For each
> additional interview, up to thirty (30) minutes in length,
> the Speaker requires one additional night in the event venue,
> all room and tax charges, all meals for one (1) additional day,
> Internet service, laundry service, and ground transportation.
> All of these expenses must be pre-paid by the Client in USD
> prior to the delivery of the extra interviews."
>
>"Jen is so sexy when she talks legal", Kevin thought. That should help
>put an end to these surprise interviews. "My clients are already cheap
>bastards, they will definitely think twice now before trying to spring
>an interview on me". Despite this, somehow the phrasing of the paragraph
>bothered Kevin. "..delivery of the extra interviews.", That makes me
>sound like a whore selling my 'wares' to the 'Client'. "Jen will have
>to reword that, but its good enough for now.", he thought.
>
>The next email was from Gonzalo Zapata <gonzalozapatac@...mail.com>
>asking for the POWER POINT PRESENTATIONS for the Argentina conference.
>"Why the fuck do those spicks have to put that in all caps? God, I wish
>i could just hack a bank or something so I wouldn't have to put up with
>these armatures." Kevin signed, fired off a quick email to Matthew C.
>Beckman (aka nulllink@...llink.com), inquiring why he wasn't responding
>to email. That done, kevin closed his laptop. Time for some drinks at
>the bar, courtesy of his suffocating fan-base.
>
>He paused, remembering to take some business cards with his 'junk' email
>address to give to losers he never wanted to hear from again -- like
>that Scott Madison guy he met at the Sydney workshop at the Sofitel.
>
>
>Target: Mitnicksecurity.org
>----------------------------------------------------------
>
>Meanwhile, C1tiZ3n has been busy researching his mark. Apparently, he
>had his work cut out for him. Not only was kevin running on a
>ultra-secure freebsd web-hosting provider, they used some of most
>advanced security software that money could buy -- Snort.
>
>With top security experts working at Mitnick's security
>company and more still in his phone book, C1tiZ3n thought that
>this would be the hardest job yet. He was soon to learn he was wrong.
>
>Kevin had left demo scripts publicly available on his web-site. Better,
>the demo scripts were for sql injection vulnerabilities. That is all
>that is necessary. C1tiZ3n had a older UDF that he wrote months ago
>on his laptop, all that was necessary was to store it into the database
>and then drop via INTO OUTFILE.
>
>A couple minutes work later, he was greeted with a login shell to
>kevin's site:
>
>$ls -l
>
>total 5562396
>drwx--x--x 9 mitadmin mitadmin 4096 Jun 14 16:50 .
>drwx--x--x 90 root root 4096 Jun 7 22:41 ..
>-rw-r--r-- 1 mitadmin mitadmin 5650470878 May 9 01:24 backup-02-09-2005.tgz
>-rw------- 1 mitadmin mitadmin 3919 May 27 16:22 .bash_history
>-rw-r--r-- 1 mitadmin mitadmin 399360 Apr 28 13:55 clid2.tar
>-rw-r--r-- 1 mitadmin mitadmin 399360 Feb 23 10:58 clid.tar
>-rw------- 1 mitadmin mitadmin 25 Jun 14 16:14 .contactemail
>-rw-r--r-- 1 mitadmin mitadmin 10 Feb 9 18:25 .contactsavetime
>-rw------- 1 mitadmin mitadmin 1682 Jan 24 02:18 .cpanel-ducache
>drwxr-xr-x 3 mitadmin mail 4096 May 23 09:19 etc
>drwxr-xr-x 34 mitadmin mitadmin 4096 May 23 09:19 .htpasswds
>-rw------- 1 mitadmin mitadmin 14 Jun 14 16:14 .lastlogin
>drwxrwx--- 3 mitadmin mail 4096 Jan 17 21:38 mail
>-rw-r--r-- 1 mitadmin mitadmin 38559604 Apr 25 10:15 mitnickpromo2.mov
>-rw-r--r-- 1 mitadmin mitadmin 399360 Jan 31 07:24 newclid.tar
>drwxr-xr-x 3 mitadmin mitadmin 4096 Jan 17 17:00 public_ftp
>drwxr-xr-x 40 mitadmin nobody 4096 May 23 09:19 public_html
>-rw-r--r-- 1 mitadmin mitadmin 13 Jun 14 16:14 .rvlastlogin
>-rw------- 1 mitadmin mitadmin 24 Mar 28 03:33 .spamkey
>drwx------ 6 mitadmin mitadmin 4096 Jan 24 02:16 tmp
>drwx------ 2 mitadmin mitadmin 4096 Jun 14 16:26 .trash
>lrwxrwxrwx 1 root root 11 Jan 17 17:00 www -> public_html
>
>Quickly looking through the directories, C1tiZ3n made note of some directories
>that looked particularly intresting. Pausing for a second, C1tiZ3n chuckled as
>he looked at ralph's directory:
>
>$ls -l public_html/ralph
>
>./public_html/ralph:
>total 6272
>drwx--x--x 2 mitadmin mitadmin 4096 Jan 24 15:49 .
>drwxr-xr-x 40 mitadmin nobody 4096 May 23 09:19 ..
>-rw-r--r-- 1 mitadmin mitadmin 6391141 Jan 23 03:43 Deltron 3030- Virus.mp3
>-rw------- 1 mitadmin mitadmin 4 Jan 23 03:28 .ftpquota
>-rw-r--r-- 1 mitadmin mitadmin 142 Feb 20 08:49 .htaccess
>
>"Fanboi", C1tiz3n thought. "Enough of this browsing, now work really begins".
>
>
>30 days and $1,436 dollars later
>----------------------------------------------------------
>
>"How much was it?" Kevin was insensed.
>
>"One thousand, four hundred, thirty five dollars and ninety-nine cents",
>Caroline repeated calmly, adding " Its mostly from the international
>calls while you were in Greece and South Africa.
>
>"Pay it.", he snapped. Adding, "We need to find a more cost effective
>solution."
>
>TMC had been good to kevin. Their prices were not that exorbitant, and their
>service had been acceptable. This bill though, it was almost seven times
>average.
>
>"About the books for your signings.", Caroline was wanting a different
>subject badly. "I had them shipped to you at the 7113 West Gowan Road,
>Las Vegas address. From what the publisher said, the advance orders are
>going very well."
>
>"Good. Ive already been contacted about the identities of one of the
>chapter's subjects. Seems the FBI is investigating, and they decided
>to pay me a visit."
>
>"What will you do?", ask Caroline.
>
>"I don't want any more trouble from them, I just gave them what they wanted.
>They promised it would not be attributed to me. If word of this got out,
>no one would ever dare talk to me again." Kevin never really recovered
>from his stay in club fed. The beatings, the brutality, Bruno. He had been
>betrayed by his friends, and now he would do whatever it took to stay out
>-- even if itment being the low-life type narc that landed him in jail in the
>first place.
>
>
>"You did what you had to. After what they did to you the last time, I don't
>think anyone can blame you. Besides, better them then you." Caronline consoled
>him. He was her meal ticket, and she knew it.
>
>"Well, enough. I'm going for a jog. Talk to you later."
>
>Surveying the prize
>----------------------------------------------------------
>
>Pay-dirt. Looking through the directory listing, C1tiZen noticed that
>apparently kevin was not above the use of pirated files in his company.
>Particularly, Compuware's softice, Core Impact and CANVAS. It seemed
>that the files were purposefully placed in world accessible directories
>for download during penetration tests.
>
>All through the site were power point presentations that kevin used in
>his engagements. Janis's home directory contained most of them (her
>password is crypt0).
>
>And there was the presentation that C1tiZ3n had seen before -- the art of
>intrusion power-point.
>
>"He needed to update his definitions of a black hat hacker", C1tiZ3n
>though. "Not only do they hack for personal or political reasons, but
>also for financial gain. Like when TWD was hacking sites to feed his
>heroin addiction. On second thought, white-hats are not much different
>-- they exploit the fear of their clients for financial gain to feed
>their addictions. "
>
>C1tiZ3n sighed, "How the mighty have fallen.", he thought.
>
>Moving further down the file listing, the 'pen-testing' directory caught his
>eyes. Inside was a treasure trove of files from penetration testing jobs that
>kevin had sold to unsuspecting victims^H^H^H^H^H^H^Customers.
>
>There were reports, and logs, and the most interesting files were trophies
>that kevin retained from his exploits. "Old habits die hard, heh."
>
>C1tizen downloaded and opened one report -- for Midland Credit
>Management. "This form looks very familiar." It was rare that two
>companies would have the same layout and style for a report, and C1tiZ3n
>had seen a report like this before. "Here it is. " C1tiZ3n chuckled,
>"Mitnick has ripped off a template that looked excatly like one from
>when he had owned rooted.net"
>
>-- A weekend previously
>In a frenzy of irc hacks, C1tiZ3n had encountered a guy on one of
>his many ereet SILC servers, Mrx. Mrx was particularly
>smug and often liked to talk about his many eveningz with Mitnick along
>with a nice chianti and vava beans. These SILC conversations would often
> involve the conversations normally reserved for special evenings with Kevin
>C1tiZ3n felt the occassional anal rape was worth standing so he could find an
>angle onto the great dissapointment..
>
>C1tiZ3ns shell from rooted.net was enough to provide access to Mitnicks social
>calender, emmanuals 2600 "money shots" and his life, including corporate
>reports and a kick-ass email address (c1tizen@...lly.rooted.net).
>
>---- The Present day
>
>The midland report made for interesting reading, but what was more
>interesting was what it didn't say. It said nothing about the credit
>record files that kevin stored in the penetration directory, publicly
>accessible to the world, that were downloaded from Midland. "Kevin's
>retirement plan", C1tiZ3n joked.
>
>Disgusted, CitiZ3n closed his connection. "I can't take it anymore,
>Kevin used to be _the_ hacker of hackers. Now he's just another stinking
>white-hat. The community used to rally around him, but now he betrays us
>-- exploits us for his financial gain. Exploiting his own clients --
>first their fear, then their trust. "
>
>"Free Kevin?", thought C1tiZ3n, "No.. Put kevin back, please!"
>
>---------------------------------------------------------------------------
>
>So, what do you think of the first chapter of our new book, "The art of
>being pwnd?" I enjoyed writing it, and I hope you enjoyed reading it. Stay
>tuned for our next chapter, "How to Own a Publisher".
>
>
>[-]=====================================================================[-]
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists