[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040403171804.GB10556@symantec.bugtraq.org>
From: research at bugtraq.org (Bugtraq Security Systems)
Subject: ron1n phone home, episode one, reloaded
Hello list,
We at BSS (Bugtraq Security Systems) are proud to announce the publication
of a series of next generation whitepapers detailing advances in many
areas of the information security realm. We have dubbed this series the
guides to Mostly Harmless Hacking and feel it will direct new and upcoming
talent onto the shining path of the whitehat way.
We would like to take this oppurtunity to thank the granny hacker from
heck herself (c.meinel@...traq.org) for her support and cooperation in
publishing these next generation ideas and hope this will give a little back
to the community of which we've received so much.
So without further a do we proudly bring you the first in a series: Mostly
Harmless Hacking part
1
With regards,
Team Bugtraq Security
-------------- next part --------------
___________________________________________________________
GUIDE TO (mostly) HARMLESS HACKING
Beginners? Series #1
So you want to be a harmless hacker?
____________________________________________________________
You mean you can hack without breaking the law?"
That was the voice of a high school freshman. He had me on the phone because
his father had just taken away his computer. His offense? Cracking into my
Internet account. The boy had hoped to impress me with how "kewl" he was.
But before I realized he had gotten in, a sysadmin at my ISP had spotted the
kid?s harmless explorations and had alerted the parents. Now the boy wanted
my help in getting back on line.
I told the kid that I sympathized with his father. What if the sysadmin and
I had been major grouches? This kid could have wound up in juvenile
detention. Now I don?t agree with putting harmless hackers in jail, and I
would never have testified against him. But that?s what some people do to
folks who go snooping in other people?s computer accounts -- even when the
culprit does no harm. This boy needs to learn how to keep out of trouble!
Hacking is the most exhilarating game on the planet. But it stops being fun
when you end up in a cell with a roommate named "Spike." But hacking doesn't
have to mean breaking laws. In this book we teach safe hacking so that you
don?t have to keep looking back over your shoulders for narcs and cops.
What we're talking about is hacking as a healthy recreation, and as a free
education that can qualify you to get a high paying job. In fact, many
network systems administrators, computer scientists and computer security
experts first learned their professions, not in some college program, but
from the hacker culture. And you may be surprised to discover that
ultimately the Internet is safeguarded not by law enforcement agencies, not
by giant corporations, but by a worldwide network of, yes, hackers.
You, too, can become one of us.
And -- hacking can be surprisingly easy. Heck, if I can do it, anyone can!
Regardless of why you want to be a hacker, it is definitely a way to have
fun, impress your friends, and get dates. If you are a female hacker you
become totally irresistible to men. Take my word for it!;^D
These Guides to (mostly) Harmless Hacking can be your gateway into this
world. After reading just a few of these Guides you will be able to pull off
stunts that will be legal, phun, and will impress the heck out of your friends.
These Guides can equip you to become one of the vigilantes that keeps the
Internet from being destroyed by bad guys. Especially spammers. Heh, heh,
heh. You can also learn how to keep the bad guys from messing with your
Internet account, email, and personal computer. You?ll learn not to be
frightened by silly hoaxes that pranksters use to keep the average Internet
user in a tizzy.
If you hang in with us through a year or so, you can learn enough and meet
the people on our email list and IRC channel who can help you to become
truly elite.
However, before you plunge into the hacker subculture, be prepared for that
hacker attitude. You have been warned.
So...welcome to the adventure of hacking!
WHAT DO I NEED IN ORDER TO HACK?
You may wonder whether hackers need expensive computer equipment and a shelf
full of technical manuals. The answer is NO! Hacking can be surprisingly
easy! Better yet, if you know how to search the Web, you can find almost any
computer information you need for free.
In fact, hacking is so easy that if you have an on-line service and know how
to send and read email, you can start hacking immediately. The GTMHH
Beginners? Series #2 will show you where you can download special
hacker-friendly programs for Windows that are absolutely free. And we?ll
show you some easy hacker tricks you can use them for.
Now suppose you want to become an elite hacker? All you will really need is
an inexpensive "shell account" with an Internet Service Provider. In the
GTMHH Beginners? Series #3 we will tell you how to get a shell account, log
on, and start playing the greatest game on Earth: Unix hacking! Then in
Vol.s I, II, and III of the GTMHH you can get into Unix hacking seriously.
You can even make it into the ranks of the Uberhackers without loading up on
expensive computer equipment. In Vol. II we introduce Linux, the free
hacker-friendly operating system. It will even run on a 386 PC with just 2
Mb RAM! Linux is so good that many Internet Service Providers use it to run
their systems.
In Vol. III we will also introduce Perl, the shell programming language
beloved of Uberhackers. We will even teach some seriously deadly hacker
"exploits" that run on Perl using Linux. OK, you could use most of these
exploits to do illegal things. But they are only illegal if you run them
against someone else?s computer without their permission. You can run any
program in this book on your own computer, or your (consenting) friend?s
computer -- if you dare! Hey, seriously, nothing in this book will actually
hurt your computer, unless you decide to trash it on purpose.
We will also open the gateway to an amazing underground where you can stay
on top of almost every discovery of computer security flaws. You can learn
how to either exploit them -- or defend your computer against them!
About the Guides to (mostly) Harmless Hacking
We have noticed that there are lots of books that glamorize hackers. To read
these books you would think that it takes many years of brilliant work to
become one. Of course we hackers love to perpetuate this myth because it
makes us look so incredibly kewl.
But how many books are out there that tell the beginner step by step how to
actually do this hacking stuph? None! Seriously, have you ever read _Secrets
of a Superhacker_ by The Knightmare (Loomponics, 1994) or _Forbidden Secrets
of the Legion of Doom Hackers_ by Salacious Crumb (St. Mahoun Books, 1994)?
They are full of vague and out of date stuph. Give me a break.
And if you get on one of the hacker news groups on the Internet and ask
people how to do stuph, some of them insult and make fun of you. OK, they
all make fun of you.
We see many hackers making a big deal of themselves and being mysterious and
refusing to help others learn how to hack. Why? Because they don't want you
to know the truth, which is that most of what they are doing is really very
simple!
Well, we thought about this. We, too, could enjoy the pleasure of insulting
people who ask us how to hack. Or we could get big egos by actually teaching
thousands of people how to hack. Muhahaha.
How to Use the Guides to (mostly) Harmless Hacking
If you know how to use a personal computer and are on the Internet, you
already know enough to start learning to be a hacker. You don't even need to
read every single Guide to (mostly) Harmless Hacking in order to become a
hacker.
You can count on anything in Volumes I, II and III being so easy that you
can jump in about anywhere and just follow instructions.
But if your plan is to become "elite," you will do better if you read all
the Guides, check out the many Web sites and newsgroups to which we will
point you, and find a mentor among the many talented hackers who post to our
Hackers forum or chat on our IRC server at http://www.infowar.com, and on
the Happy Hacker email list (email hacker@...hbroker.com with message
?subscribe?).
If your goal is to become an Uberhacker, the Guides will end up being only
the first in a mountain of material that you will need to study. However, we
offer a study strategy that can aid you in your quest to reach the pinnacle
of hacking.
How to Not Get Busted
One slight problem with hacking is that if you step over the line, you can
go to jail. We will do our best to warn you when we describe hacks that
could get you into trouble with the law. But we are not attorneys or experts
on cyberlaw. In addition, every state and every country has its own laws.
And these laws keep on changing. So you have to use a little sense.
However, we have a Guide to (mostly) Harmless Hacking Computer Crime Law
Series to help you avoid some pitfalls.
But the best protection against getting busted is the Golden Rule. If you
are about to do something that you would not like to have done to you,
forget it. Do hacks that make the world a better place, or that are at least
fun and harmless, and you should be able to keep out of trouble.
So if you get an idea from the Guides to (mostly) Harmless Hacking that
helps you to do something malicious or destructive, it's your problem if you
end up being the next hacker behind bars. Hey, the law won't care if the
guy whose computer you trash was being a d***. It won't care that the giant
corporation whose database you filched shafted your best buddy once. They
will only care that you broke the law.
To some people it may sound like phun to become a national sensation in the
latest hysteria over Evil Genius hackers. But after the trial, when some
reader of these Guides ends up being the reluctant "girlfriend" of a convict
named Spike, how happy will his news clippings make him?
Conventions Used in the Guides
You've probably already noticed that we spell some words funny, like "kewl"
and "phun." These are hacker slang terms. Since we often communicate with
each other via email, most of our slang consists of ordinary words with
extraordinary spellings. For example, a hacker might spell "elite" as
"3l1t3," with 3's substituting for e's and 1's for i's. He or she may even
spell "elite" as "31337. The Guides sometimes use these slang spellings to
help you learn how to write email like a hacker.
Of course, the cute spelling stuph we use will go out of date fast. So we do
not guarantee that if you use this slang, people will read your email and
think, "Ohhh, you must be an Evil Genius! I'm sooo impressed!"
Take it from us, guys who need to keep on inventing new slang to prove they
are "k-rad 3l1t3" are often lusers and lamers. So if you don't want to use
any of the hacker slang of this book, that's OK by us. Most Uberhackers
don't use slang, either.
Who Are You?
We've made some assumptions about who you are and why you are reading these
Guides:
? You own a PC or Macintosh personal computer
? You are on-line with the Internet
? You have a sense of humor and adventure and want to express it by hacking
? Or -- you want to impress your friends and pick up chicks (or guys) by
making them think you are an Evil Genius
So, does this picture fit you? If so, OK, d00dz, start your computers. Are
you ready to hack?
_________________________________________________________
Want to see back issues of Guide to (mostly) Harmless Hacking? See either
http://www.vcalpha.com/silicon/void-neo.html or
http://www3.ns.sympatico.ca/loukas.halo8/HappyHacker/
http://www.geocities.com/TimesSquare/Arcade/4594
We have a discussion group and archives hosted at
http://www.infowar.com/cgi-shl/login.exe.
Chat with us on the Happy Hacker IRC channel. If your browser can use Java,
just direct your browser to www.infowar.com, click on chat, and choose the
#hackers channel.
Subscribe to our email list by emailing to hacker@...hbroker.com with
message "subscribe"
Want to share some kewl stuph with the Happy Hacker list? Correct mistakes?
Send your messages to hacker@...hbroker.com. To send me confidential email
(please, no discussions of illegal activities) use carolyn@...hbroker.com
and be sure to state in your message that you want me to keep this
confidential. If you wish your message posted anonymously, please say so!
Direct flames to dev/null@...hbroker.com. Happy hacking!
Copyright 1997 Carolyn P. Meinel. You may forward or post on your Web site
this GUIDE TO (mostly) HARMLESS HACKING as long as you leave this notice at
the end..
________________________________________________________
Carolyn Meinel
M/B Research -- The Technology Brokers
Powered by blists - more mailing lists