Anonymous hackers - how dey do dat? - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it

It depends. LOIC for example doesn't exploit vulnerabilities in the
tcp/ip stack; it sends normal packet data to the machine, randomly and
consistently. From the victims point of view, it's just overloaded with
two many requests.


--
Hackers are generally only very weakly motivated by conventional
rewards such as social approval or money. They tend to be attracted by
challenges and excited by interesting toys, and to judge the interest
of work or other activities in terms of the challenges offered and the
toys they get to play with.

Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it

No hacking going on here then. The users are willingly joining their
computers upto a botnet for DDoS purposes. A good demonstration of
civil disobedience. Power to the people!
 



--
Hackers are generally only very weakly motivated by conventional
rewards such as social approval or money. They tend to be attracted by
challenges and excited by interesting toys, and to judge the interest
of work or other activities in terms of the challenges offered and the
toys they get to play with.

Re: Anonymous hackers - how dey do dat?



Quoted text here. Click to load it






| No hacking going on here then. The users are willingly joining their
| computers upto a botnet for DDoS purposes. A good demonstration of
| civil disobedience. Power to the people!

Too bad it is "misplaced" hacktivism.

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it

Why was this buried in Wikileaks?  Anyhow... The link is live (so no c&p):
http://edition.cnn.com/2010/US/12/09/hackers.wikileaks/index.html?iref=allsearch

You can not send a plain-text email to anyone and have your host pwned.  A
program has to be installed, which requries user interaction.

What bullshit.


Re: Anonymous hackers - how dey do dat?

wrote:
 .
Quoted text here. Click to load it
 Don't have it.  CNN stories are always hard to find anyway--their
search tool sucks.

But this is not a peer reviewed science site.  Do you have any ideas
how evil hackers can take over your machine if you send them an
email?  That is the relevant query.  I guess your lack of a response
on that issue speaks for itself.  Get the point?

RL

Re: Anonymous hackers - how dey do dat?

RayLopez99 wrote:
Quoted text here. Click to load it

Okay, aside from the possibility that you have been intentionally misled
by the wording in that article, the only thing an e-mail would give a
hacker is information (some of which *could* eventually lead to your IP
address)about your system. At that point, they would have to amass
exploit tools that attack some software they now know to be on your
system or assume to be on your system while also assuming you still have
that IP address.

If they get information from your ISP about your account, they may be
able to keep abreast of any IP address changes.

This article mentions no security breaches, only that the 'tools' are
distributed.

http://www.guardian.co.uk/media/2010/dec/11/wikileaks-backlash-cyber-war

I guess you'll have to ask the author of that CNN article (or the person
he may have been quoting) what that misleading statement actually means.



Re: Anonymous hackers - how dey do dat?


| wrote:
|  .

Quoted text here. Click to load it

|  Don't have it.  CNN stories are always hard to find anyway--their
| search tool sucks.

| But this is not a peer reviewed science site.  Do you have any ideas
| how evil hackers can take over your machine if you send them an
| email?  That is the relevant query.  I guess your lack of a response
| on that issue speaks for itself.  Get the point?

If you don't have a URL don't post "CNN claims".  Just post the question.
However Ozzy
did YOU work for you.

This doesn't have to be a "peer reviewed science site" to have an authortative
URL posted
to back a claim.  Actually, it is REQUIRED to substantiate a claim.

Now that we know what Ozzy posted and what you inferred are the same, we can
draw some
conclusions.

The major conclusion is there is no exploit/vulerability vector.  Only an email
request
that presumably leads to a a subsequent reply indicating how to "join" the
hacktivist
action.

My lack of a response was because you lacked facts to to substantiate a claim to
provide
an answer to a qestion based upon said unsubstantiated claim.

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

wrote:

Quoted text here. Click to load it

Ozzy?  Ozzy and Harriet?  Why did me and her/them/it infer the same?
Same what?  I think we actually differ--she/he/it thinks that the user
has to do something (escalation of privileges) while I say no.

Quoted text here. Click to load it

PRESUMABLY says the (idiot) savant.  Presumably.  From that a priori,
the idiot then goes on to write a novel.  But what if your presumption
is incorrect?  What if--and this could well be the case since the
Anonymous group has world class black hat hackers--just knowing your
email Internet address allows them to attack your system, infiltrate
it, and launch their bot-enabling code, the Ion Cannon?  That is the
question.  Can they do this in theory?  If so the CNN statement is
correct.

Quoted text here. Click to load it

A lot of lip, man.  Maybe that's why you're called Lipman.

You are dismissed.  Go research the question I posed and when you're
more educated come back with an answer.  Not holding my breath.

RL

Re: Anonymous hackers - how dey do dat?

RayLopez99 wrote:
[...]

Quoted text here. Click to load it

My mentioning "escalation of privilege" was not meant to imply a *user*
specifically, but a type of exploit. Specifically in the case of exploit
based malware, the exploit is often used to get processing power. A
"remote exploit" vector implies it can be done through the network. A
"privilege escalation" exploit refers to getting processing power with
high privilege (as opposed to the limited privilege usually gained in a
'userland' environment).

[blah blah blah]

 > Can they do this in theory?  If so the CNN statement is
Quoted text here. Click to load it

No, CNN's statement would be correct only if they were doing it in practice.

Re: Anonymous hackers - how dey do dat?

Quoted text here. Click to load it

So if a remote vector gets "high privilege", it would presumably burn
a lot of CPU cycles, and maybe overwhelm the machine or lock it up?
Is that the idea?  Aside from the Denial Of Service argument, I'm not
sure what "getting processing power with high privilege (as opposed to
the limited privilege usually gained in a 'userland' environment)."
means

RL

Re: Anonymous hackers - how dey do dat?

RayLopez99 wrote:
Quoted text here. Click to load it

It could deeply entrench itself into the OS. Not just by being able to
place an invocation to itself in a registry run or runonce, but by
registering itself as a driver or even modifying the bootstrap code. In
'userland' it wouldn't even be able to write to certain areas of the
registry or filesystem.

Admin processing power has greater scope than userland processing power
does.

Quoted text here. Click to load it

Denial of service goes beyond just the simplest form of crashing the
machine or application. Beyond just denying you the use of processing
power, it can use it for itself - remote code execution exploits *start*
with a DoS. Most modern malware wants to *install* itself on the machine
so that it can always run when you boot up the machine. Userland
privileges are supposed to be insufficient to accommodate this task,
while administrative privileges are supposed to be able to do this.

When a user executes a (malware) program, the program assumes the same
privileges as the user enjoys. If it can *install* from userland, it
would have to be exploiting some flaw to enable it to escalate to admin,
and if it downloaded and executed automatically, it would have to
exploit a 'remote code execution' exploit (or a remote code execution
w/privilege escalation exploit). Neither of which are mentioned in the
referenced article (or any others that I have read).

Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it

No. Essentially, acquiring high priviledge is the same as run as user
administrator; when your using a LUA (limited user access) account.

Some malware can exploit various security configuration errors sometimes
performed by users during windows installation. Other malware will seek
out a vulnerability withen the OS to do the same thing. Obtain
administrator (or system level; whichever is better for the malware)
rights hopefully without your knowledge.

It won't necessarily burn alot of cpu cycles, either.


--
Hackers are generally only very weakly motivated by conventional rewards
such as social approval or money. They tend to be attracted by
challenges and excited by interesting toys, and to judge the interest of
work or other activities in terms of the challenges offered and the toys
they get to play with.

Re: Anonymous hackers - how dey do dat?



Quoted text here. Click to load it

| No. Essentially, acquiring high priviledge is the same as run as user
| administrator; when your using a LUA (limited user access) account.

| Some malware can exploit various security configuration errors sometimes
| performed by users during windows installation. Other malware will seek
| out a vulnerability withen the OS to do the same thing. Obtain
| administrator (or system level; whichever is better for the malware)
| rights hopefully without your knowledge.

| It won't necessarily burn alot of cpu cycles, either.


"Buffer overflow exploitation with an elevation of priveledges".

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

wrote:
 .
Quoted text here. Click to load it

Thanks but I thought Buffer Overflow is essentially a variant of a SQL
Injection attack, that is, it requires a database.  But perhaps all
OSes run databases in the background?  (Maybe even the log in has a
database, and IIS for Windows is constantly running somewhere and/or
can be activated)?  Anyway, in my mind "buffer overflow" is a database
exploit.

RL

Re: Anonymous hackers - how dey do dat?


| wrote:
|  .

Quoted text here. Click to load it



| Thanks but I thought Buffer Overflow is essentially a variant of a SQL
| Injection attack, that is, it requires a database.  But perhaps all
| OSes run databases in the background?  (Maybe even the log in has a
| database, and IIS for Windows is constantly running somewhere and/or
| can be activated)?  Anyway, in my mind "buffer overflow" is a database
| exploit.

No.  It has nothing to do w/databases.  It has to do with the
exploitation/vulnerability
factor of software in general and taking advantage of the Buffer overflow
condition.

Examples:
The Lovsan/Blaster used a "Buffer overflow exploitation with an elevation of
priveledges"
in TCP port 135 against RPC/RPCSS

Attackments use "Buffer overflow exploitation with an elevation of priveledges"
in
malicious PDFs and thus Adobe Reader/Acrobat.

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

Quoted text here. Click to load it

That may be. However in most people's minds it is not. Buffer overflow
is a technique of attacking the stack and replacing the return address
of a subroutine with your own address-- usually done by inject a far far
longer input than an input buffer is capable of handling-- if the buffer
is on the stack ( usual place) that will overwrite the stack, which also
includes the subrouting ( input handling) return address. You point it
instead at part of that huge input which contains your own program.

This works because most people simply copy the input to the buffer not
checking how long it is.


Quoted text here. Click to load it

Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it

Well that's more a problem with the compiler than the programmer.  I
would think (in my mind) that if you overwrite any stack your program
will crash due to misallocation of memory.  Why not then?  Think about
walking off the end of an array.  Why would overrunning your buffer
(memory) also not crash your program?

RL

Re: Anonymous hackers - how dey do dat?

On 15/12/2010 16:47, RayLopez99 wrote:
Quoted text here. Click to load it

It's not a problem with the compiler, more programmers using incorrect
functions for the sake of expediency.

Overrunning a buffer can VERY easily crash a program which is why many
buffer overflow exploits include a NOP sled.

Bilbo

Re: Anonymous hackers - how dey do dat?

"RayLopez99" wrote:

On Dec 15, 2:40 pm, unruh wrote:
[buffer overflow]
Quoted text here. Click to load it


Not at all. It's very easy to write code that corrupts memory with a
buffer overflow. Take the standard C library function 'strcpy' as an
example:

strcpy(destination_addr, source_addr);

This is designed to copy a null-terminated string and will copy any
sequence of bytes from source to destination, stopping when it finds
the end of the source string (null). If insufficient memory has been
allocated at at destination_addr then you have an overflow. The
compiler doesn't know anything about how strcpy uses the parameters -
its just a function to be called from an external library.

The programmer must be absolutely sure that a string will never be
longer than the destination buffer or not use unsafe functions like
strcpy when dealing with unknown input.

Quoted text here. Click to load it

It will very likely crash the program but that doen't matter; by this
time the attacker's code is in control.



Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it

Good point, but I use C# and there's no such "unsafe" strcpy (which I
remember from C days).  A lot of unsafe stuff is caught (seems to me)
at the compile stage, though you still get runtime errors of course.

RL

Site Timeline