| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5d84cb305080202053d1a42ae@mail.gmail.com> Date: Tue Aug 2 10:05:18 2005 From: dunceor at gmail.com (Dunceor .) Subject: Did you miss us yet? Probobly since in rthe new Phrack it says Phrack will start again with a new staff in 2006/2007 and this guy is mailing from a gmail addy so.... On 8/1/05, Dinis Cruz <dinis@...lus.net> wrote: > Surely this is a hoax? > > Dinis Cruz > .Net Security Consultant > > Phrack Staff wrote: > [-]=====================================================================[-] > +++++++++++++++++++++++++++ =: P H R A C K - R E B O R N := > +++++++++++++++++++++++++++ ... Phrack is dead. Long Live Phrack. CALL > FOR PAPERS * CALL FOR PAPERS * CALL FOR PAPERS > -------------------------------------- Deadline: 15 > October 2005 at 11:59pm Submissions : phrackstaff@...il.com > -------------------------------------- The New > Phrackstaff are pleased to bring you the third new release of PHRACK. As > originally stated, Phrack strayed from its original purpose nearly 62 > issues ago. Because of the irresponsible use of the Phrack forum, the > commercialisation of hacking has been allowed to occur -- neigh -- > encouraged. The old Phrack has been a long-time in dying. The past few > issues have been coughing up blood (this could have been due to a severe > case of industry rape). But now that death has come to the old Phrack, like > Gene Gray, Phrack is reborn. Submissions should _NOT_ disclose new > exploit methods, new backdooring methods, or any other information that may > be used by the information security extortion industry to further increase > their profit margins. Some article ideas: - White-hat 12 Step Program > aka. "OMFG I'm a white-hat, How do I Stop?" - B4 They were famous. aka > "Profiles of White-hats they would like to forget." - HoneyNet Project: Be > Your Enemy - Saved by Project Mayhem - Setting up your own "I'm a > White-hat get me out of here" program. As a special treat to our readers, > this CFP includes a sample of the material we look forward to bringing you, > our new Phrack readership in the future. |=-----------=[ C O N T A C T > P H R A C K M A G A Z I N E ]=---------=| Editors : > phrackstaff@...il.com Submissions : phrackstaff@...il.com Commentary : > phrackstaff@...il.com Phrack World News : phrackstaff@...il.com (ChiX|H4X)0r > Porn : phrackstaff@...il.com -- We're open minded. ... #, . .P hr, . .. > .Ac 'K#ph, .. . .rAcK' #ph'Rac, . . .K#P'Hra Ck' #PHr ... .aCk' #Ph rA, > 'cK#, .pHr' .AC 'K# 'Phr, .aCk' #P' ... rAc ' .K.#P Hra ... . cK# .pHR > .a, cK# . . .. pH, .rAc' . 'k#P .HR . .. .. . 'Ac .K#' . 'PHr. '' .. . . > . aCk ' . '#PH, . . ... .rA.'cK' . .. '#PH, ... .rAc' k#, ..... .PH 'rAc, > .K#P' 'Hr . aC' 'k#P, .hRa' cK# . pHr 'aCk, > .#Ph'____________________________ rAc > ______________'K#P, .HRACK#PHRACK#PHRACK#PHRACK#PHRACK#'.PH > RAC#PHRACK#PHRACK#PHRa. ... cK' #Pr aCk #Ph rAc K#, .Ph 'RA CK' #P. > .hR aC.K# PhR A . Or contact us via seance |=------------------=[ > S A M P L E A R T I C L E ]=------------------=| With the recent trend of > everyone writing a book, the phrack staff have taken a break from our usual > research to give it a try. For your reading enjoyment, we give you a sample > chapter from our upcoming book, "Know your enemy: The Security Industry". > The first chapter is titled "The Art of Being Pwnd." I'm not sure I like > the title, but the rest of the staff tell me it fits. Give it a read, and > let us know what you > think. ------------------------------------------------------------------------- Chapter > 1: The Art of Being Pwnd If you don't like your job you don't strike. > You just go in every day and do it really half-assed. Thats the American > way. -- Homer (Simpson) It was another uneventful 2600 meeting for > C1tiZ3n, the New-York kids were bragging about their latest 'big' hack and > passing around the new Mitnick book, "The Art of Intrusion", while trying to > avoid the advances of Emanuel in his halter top purchased at CCC. For > C1tiZ3n this was particularly a concern, as he was unusually fit for a > hacker, probably lucky genetics. When things would get desperate, C1tiZ3n > had taken to pretending to listen to rebel, just to avoid Emmanuel (and > fleas). With the meeting over, The Mitnick book kept rolling through his > head. As a younger kid, C1tiZen had looked up to Kevin as a role model. > His room still had some of the 'Free Kevin' stickers from the campaign > to release him from his wrongfull imprisonment (and suitable friendship with > 'Bruno'). C1tiZ3n had wanted to be just like kevin -- able to launch a nuke > by whistling thru a telephone. But no more. After his release, Kevin had > turned his back on all that he once was -- selling out his hacker ethic for > a business of selling snake oil to fat executives who wanted to hear him > talk about social engineering and hacking. Business had been good for Kevin, > from what he would say when he came to the 2600 meetings, he was making a > killing at his speaking engagements. It was sickening to listen to him go on > about it. Kevin had become just another white-hat -- profiting from > manufacturing fear in his clients, and then by offering solutions at a > highly exorbitant cost. He was now no different from Custom Shimomura -- a > Gonif. In the depths of his anger and despair, C1tiZ3n remembered reading > in Kevin's latest book something about how secure his systems were, and > how much it would mean for someone to hack him. Grabbing his copy of > the "Art of Intrusion", he looked for it. There it was: "Hackers play > one-up among themselves, Clearly one of the prizes would be bragging > rights from hacking into my security company's Web site or my personal > system." -- K3v1n Mi7n|cK Maybe, just maybe Kevin could still be saved, > and if not -- convinced to give up his sinful ways and follow his anger back > to the true way. An idea was forming in C1tiZ3n's head, a little bit of his > own Project Mayhem -- PHC style. He would need help for this, especially if > he was to do it right. Another Day, Another Half-hour > Interview ---------------------------------------------------------- Safely > back in his room, Kevin took a few minutes to catch up on email. These > conference organizers had just hit him with a surprise interview. This had > been a re-occurring problem, but Amy had worked out a solution. In his email > was an email that Jen had sent on his behalf from > his mitnick@...leafproductions.com account. Carlos, Please correct > the following balance to Mr. Mitnick's account: Bla, Bla .. more money > talk. "This is why I pay her to take care of me." A paragraph lower down in > the email caught his eye: Further, in section 3.03, the contract states, > "For each additional interview, up to thirty (30) minutes in length, the > Speaker requires one additional night in the event venue, all room and tax > charges, all meals for one (1) additional day, Internet service, laundry > service, and ground transportation. All of these expenses must be pre-paid > by the Client in USD prior to the delivery of the extra interviews." "Jen > is so sexy when she talks legal", Kevin thought. That should help put an end > to these surprise interviews. "My clients are already cheap bastards, they > will definitely think twice now before trying to spring an interview on me". > Despite this, somehow the phrasing of the paragraph bothered Kevin. > "..delivery of the extra interviews.", That makes me sound like a whore > selling my 'wares' to the 'Client'. "Jen will have to reword that, but its > good enough for now.", he thought. The next email was from Gonzalo Zapata > <gonzalozapatac@...mail.com> asking for the POWER POINT PRESENTATIONS for > the Argentina conference. "Why the fuck do those spicks have to put that in > all caps? God, I wish i could just hack a bank or something so I wouldn't > have to put up with these armatures." Kevin signed, fired off a quick email > to Matthew C. Beckman (aka nulllink@...llink.com), inquiring why he wasn't > responding to email. That done, kevin closed his laptop. Time for some > drinks at the bar, courtesy of his suffocating fan-base. He paused, > remembering to take some business cards with his 'junk' email address to > give to losers he never wanted to hear from again -- like that Scott Madison > guy he met at the Sydney workshop at the Sofitel. Target: > Mitnicksecurity.org ---------------------------------------------------------- Meanwhile, > C1tiZ3n has been busy researching his mark. Apparently, he had his work cut > out for him. Not only was kevin running on a ultra-secure freebsd > web-hosting provider, they used some of most advanced security software that > money could buy -- Snort. With top security experts working at Mitnick's > security company and more still in his phone book, C1tiZ3n thought that > this would be the hardest job yet. He was soon to learn he was > wrong. Kevin had left demo scripts publicly available on his web-site. > Better, the demo scripts were for sql injection vulnerabilities. That is > all that is necessary. C1tiZ3n had a older UDF that he wrote months ago on > his laptop, all that was necessary was to store it into the database and > then drop via INTO OUTFILE. A couple minutes work later, he was greeted > with a login shell to kevin's site: $ls -l total 5562396 drwx--x--x 9 > mitadmin mitadmin 4096 Jun 14 16:50 . drwx--x--x 90 root root 4096 Jun 7 > 22:41 .. -rw-r--r-- 1 mitadmin mitadmin 5650470878 May 9 01:24 > backup-02-09-2005.tgz -rw------- 1 mitadmin mitadmin 3919 May 27 16:22 > .bash_history -rw-r--r-- 1 mitadmin mitadmin 399360 Apr 28 13:55 > clid2.tar -rw-r--r-- 1 mitadmin mitadmin 399360 Feb 23 10:58 > clid.tar -rw------- 1 mitadmin mitadmin 25 Jun 14 16:14 > .contactemail -rw-r--r-- 1 mitadmin mitadmin 10 Feb 9 18:25 > .contactsavetime -rw------- 1 mitadmin mitadmin 1682 Jan 24 02:18 > .cpanel-ducache drwxr-xr-x 3 mitadmin mail 4096 May 23 09:19 etc drwxr-xr-x > 34 mitadmin mitadmin 4096 May 23 09:19 .htpasswds -rw------- 1 mitadmin > mitadmin 14 Jun 14 16:14 .lastlogin drwxrwx--- 3 mitadmin mail 4096 Jan 17 > 21:38 mail -rw-r--r-- 1 mitadmin mitadmin 38559604 Apr 25 10:15 > mitnickpromo2.mov -rw-r--r-- 1 mitadmin mitadmin 399360 Jan 31 07:24 > newclid.tar drwxr-xr-x 3 mitadmin mitadmin 4096 Jan 17 17:00 > public_ftp drwxr-xr-x 40 mitadmin nobody 4096 May 23 09:19 > public_html -rw-r--r-- 1 mitadmin mitadmin 13 Jun 14 16:14 > .rvlastlogin -rw------- 1 mitadmin mitadmin 24 Mar 28 03:33 > .spamkey drwx------ 6 mitadmin mitadmin 4096 Jan 24 02:16 tmp drwx------ 2 > mitadmin mitadmin 4096 Jun 14 16:26 .trash lrwxrwxrwx 1 root root 11 Jan 17 > 17:00 www -> public_html Quickly looking through the directories, C1tiZ3n > made note of some directories that looked particularly intresting. Pausing > for a second, C1tiZ3n chuckled as he looked at ralph's directory: $ls -l > public_html/ralph ./public_html/ralph: total 6272 drwx--x--x 2 mitadmin > mitadmin 4096 Jan 24 15:49 . drwxr-xr-x 40 mitadmin nobody 4096 May 23 09:19 > .. -rw-r--r-- 1 mitadmin mitadmin 6391141 Jan 23 03:43 Deltron 3030- > Virus.mp3 -rw------- 1 mitadmin mitadmin 4 Jan 23 03:28 .ftpquota -rw-r--r-- > 1 mitadmin mitadmin 142 Feb 20 08:49 .htaccess "Fanboi", C1tiz3n thought. > "Enough of this browsing, now work really begins". 30 days and $1,436 > dollars > later ---------------------------------------------------------- "How > much was it?" Kevin was insensed. "One thousand, four hundred, thirty five > dollars and ninety-nine cents", Caroline repeated calmly, adding " Its > mostly from the international calls while you were in Greece and South > Africa. "Pay it.", he snapped. Adding, "We need to find a more cost > effective solution." TMC had been good to kevin. Their prices were not that > exorbitant, and their service had been acceptable. This bill though, it was > almost seven times average. "About the books for your signings.", > Caroline was wanting a different subject badly. "I had them shipped to you > at the 7113 West Gowan Road, Las Vegas address. From what the publisher > said, the advance orders are going very well." "Good. Ive already been > contacted about the identities of one of the chapter's subjects. Seems the > FBI is investigating, and they decided to pay me a visit." "What will you > do?", ask Caroline. "I don't want any more trouble from them, I just gave > them what they wanted. They promised it would not be attributed to me. If > word of this got out, no one would ever dare talk to me again." Kevin never > really recovered from his stay in club fed. The beatings, the brutality, > Bruno. He had been betrayed by his friends, and now he would do whatever it > took to stay out -- even if itment being the low-life type narc that landed > him in jail in the first place. "You did what you had to. After what they > did to you the last time, I don't think anyone can blame you. Besides, > better them then you." Caronline consoled him. He was her meal ticket, and > she knew it. "Well, enough. I'm going for a jog. Talk to you > later." Surveying the > prize ---------------------------------------------------------- Pay-dirt. > Looking through the directory listing, C1tiZen noticed that apparently kevin > was not above the use of pirated files in his company. Particularly, > Compuware's softice, Core Impact and CANVAS. It seemed that the files were > purposefully placed in world accessible directories for download during > penetration tests. All through the site were power point presentations that > kevin used in his engagements. Janis's home directory contained most of them > (her password is crypt0). And there was the presentation that C1tiZ3n had > seen before -- the art of intrusion power-point. "He needed to update his > definitions of a black hat hacker", C1tiZ3n though. "Not only do they hack > for personal or political reasons, but also for financial gain. Like when > TWD was hacking sites to feed his heroin addiction. On second thought, > white-hats are not much different -- they exploit the fear of their clients > for financial gain to feed their addictions. " C1tiZ3n sighed, "How the > mighty have fallen.", he thought. Moving further down the file listing, the > 'pen-testing' directory caught his eyes. Inside was a treasure trove of > files from penetration testing jobs that kevin had sold to unsuspecting > victims^H^H^H^H^H^H^Customers. There were reports, and logs, and the most > interesting files were trophies that kevin retained from his exploits. "Old > habits die hard, heh." C1tizen downloaded and opened one report -- for > Midland Credit Management. "This form looks very familiar." It was rare that > two companies would have the same layout and style for a report, and > C1tiZ3n had seen a report like this before. "Here it is. " C1tiZ3n > chuckled, "Mitnick has ripped off a template that looked excatly like one > from when he had owned rooted.net" -- A weekend previously In a frenzy of > irc hacks, C1tiZ3n had encountered a guy on one of his many ereet SILC > servers, Mrx. Mrx was particularly smug and often liked to talk about his > many eveningz with Mitnick along with a nice chianti and vava beans. These > SILC conversations would often involve the conversations normally reserved > for special evenings with Kevin C1tiZ3n felt the occassional anal rape was > worth standing so he could find an angle onto the great > dissapointment.. C1tiZ3ns shell from rooted.net was enough to provide > access to Mitnicks social calender, emmanuals 2600 "money shots" and his > life, including corporate reports and a kick-ass email address > (c1tizen@...lly.rooted.net). ---- The Present day The midland report made > for interesting reading, but what was more interesting was what it didn't > say. It said nothing about the credit record files that kevin stored in the > penetration directory, publicly accessible to the world, that were > downloaded from Midland. "Kevin's retirement plan", C1tiZ3n > joked. Disgusted, CitiZ3n closed his connection. "I can't take it > anymore, Kevin used to be _the_ hacker of hackers. Now he's just another > stinking white-hat. The community used to rally around him, but now he > betrays us -- exploits us for his financial gain. Exploiting his own clients > -- first their fear, then their trust. " "Free Kevin?", thought C1tiZ3n, > "No.. Put kevin back, > please!" --------------------------------------------------------------------------- > So, what do you think of the first chapter of our new book, "The art > of being pwnd?" I enjoyed writing it, and I hope you enjoyed reading it. > Stay tuned for our next chapter, "How to Own a > Publisher". [-]=====================================================================[-] > ________________________________ > _______________________________________________ Full-Disclosure > - We believe in it. Charter: > http://lists.grok.org.uk/full-disclosure-charter.html Hosted > and sponsored by Secunia - http://secunia.com/ > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > >
Powered by blists - more mailing lists