Computer Hacking question

[BlackLight]

I just have a general question about hacking. It's going to be obvious that I know nothing about hacking, and relatively nothing about computers, so forgive me if I'm painting with too broad a brush here.

What practical uses do hacking skills have if you're not illegally breaking into computer systems, or being hired by the government to legally break into computer systems? For example, learning how to hotwire a car is a useful skill if you ever need to start your car and don't have the keys. Learning how to pick a lock with a credit car would also be useful if you ever got locked out of your house. So my question is, if your goal isn't to be a dipshit who lives to inconvenience other people, what good is it knowing how to hack?

 

[Prolescum]

The simple answer is this... Hacking is not what you think it is

http://en.wikipedia.org/wiki/Hacker_%28programmer_subculture%29

The Jargon File, a compendium of hacker slang, defines hacker as "A person who enjoys exploring the details of programmable systems and stretching their capabilities, as opposed to most users, who prefer to learn only the minimum necessary."

If you write, say, a patch for some FOSS program (like Firefox) you have been hacking. As we speak, I'm hacking together a crap theme for gnome-shell.

It has many, many applications. For example, building applications.

The confusion is Hollywood's fault, as always.

 

[Case]

Well, you can always hack the planet, if you're into agriculture.

 

[Prolescum]

...hack the planet...

[centre]

[/centre]

 

[Master_Ghost_Knight]

There is hacking and cracking. I wll clump this 2 or the sake of brevity.
Both of them involve activities within a specific item that were not intended to happen for that item, this generaly happen by the generic mistake and misception of the items or missuse of third party items. Better to give an example.
Imagine that you have a yard and you want to keep other people out of it, but allow your dog in and out of it. The typical solution is to put a gate with a hole on the bottom for the dog. If it is particulrly a big dog then the way a person could overcome your defense is if the person just crawls in trough the hole. The feature of the hole is there to let volumes go under, but not any volume in paticular, the fact that you used it for the dog is irrelvant to the fact that other stuff can go in to. Even tough it was not intended for a person to go trough, it can do it anyway. (And because he is a cracker he is going to piss on your pot plants and burry skeletons in your yard). Altough contrary to popular belief, the knowledge of how to hack/crack comes mostly as a direct result from knowing how computers really work.

The obvious benefit of knowing the exploits is that you are now armed with enough knowledge to protect yourself against those exploits. For a computer engineer developing a specifc item, the knowledge of what third partie items do and yet was not supoused to enables sometimes to use some ressources that were originaly not predicted to be able to perform. For instance I can use my dog hole as a drainig venue out of my yard, or a failsafe for when I lose my keys in it.
But perhaps the most usefull is the fact that you know how a computer works and "what can you do with it and how to do it" requeired before you know how to hack properly..

 

[CosmicJoghurt]

...hack the planet...

[centre]

[/centre]

Hackers - LOVE that movie.

Didn't even need the pic xD

 

[)O( Hytegia )O(]

The point of hacking is to push the limits of a system or network - and do whatever with that you may just gives you a nice pretty hat to do it in style with.
I was bored one day, put on my White Hat and told Facebook "PSST! IF YOU USE FACEBOOK MOBILE VIA WIFI IT'S SENDING OVER THE USERNAME AND PASSWORD IN PLAIN-TEXT! PSST!" I'm not sure if they resolved that issue yet, because my thread got drowned out by over9000 "OMG I GOTZ LOCKED OUTTA MAH ACCOUNT HALP MEH" threads. You can't say that I didn't warn them, though.

The next day I decided to put on my Black Hat and utilize BackTrack, only to find that it was the equivalent difficulty of making PB&J for dinner. They hadn't even patched their shotty version of Windows yet.

Better question for the board - You think that LulzSec has found some kind of serious zero-day with SQL? The main way to obtain the things they are posting up, could be attributed to some username and passwords obtained by some hearty SQL Injection.
I personally think that access could have been gained by a bit of Social Networking (it can boil down to that, really). They delve the internet for a certain key employee's possible accounts based upon (most likely) their Facebook Page's name, any common avatars, etc. and then rolled out the attacks on a less-sophisticated server...
Then once they obtained the passwords, they just played eenie-meenie-miney-moe amoungst the most commonly-used ones (because humans are stupid like that) and BAM. System Access.

:roll:

 

[borrofburi]

Better question for the board - You think that LulzSec has found some kind of serious zero-day with SQL?

Is there any evidence that they'd need zero day? I.e., is there any evidence that any of these servers are actually up to date on patches?

 

[)O( Hytegia )O(]

Better question for the board - You think that LulzSec has found some kind of serious zero-day with SQL?

Is there any evidence that they'd need zero day? I.e., is there any evidence that any of these servers are actually up to date on patches?

If they were up-to-date, it wouldn't be a Zero-day. :lol:

Oh well - like I said it could be less of a matter of zero-day, and more of a matter of a bit of social networking and attacking weaker, private servers that people may ascribe to.

 

[borrofburi]

Is there any evidence that they'd need zero day? I.e., is there any evidence that any of these servers are actually up to date on patches?

If they were up-to-date, it wouldn't be a Zero-day. :lol:

Oh well - like I said it could be less of a matter of zero-day, and more of a matter of a bit of social networking and attacking weaker, private servers that people may ascribe to.

Err... as I understand it "Zero-day" means "a security flaw that is exploited before the maintainers of the program are aware of it". If a server is not patched and up-to-date then you can use old exploits on them, exploits that were patched through updates but that the particular server can't defend against. Thus all (or most, depending on chosen definition of "zero-day") exploits (ignoring social) on up-to-date servers are zero-day exploits...

So, I'm confused by your claim that all exploits on up-to-date servers aren't zero-day...

 

[)O( Hytegia )O(]

If they were up-to-date, it wouldn't be a Zero-day. :lol:

Oh well - like I said it could be less of a matter of zero-day, and more of a matter of a bit of social networking and attacking weaker, private servers that people may ascribe to.

Err... as I understand it "Zero-day" means "a security flaw that is exploited before the maintainers of the program are aware of it". If a server is not patched and up-to-date then you can use old exploits on them, exploits that were patched through updates but that the particular server can't defend against. Thus all (or most, depending on chosen definition of "zero-day") exploits (ignoring social) on up-to-date servers are zero-day exploits...

So, I'm confused by your claim that all exploits on up-to-date servers aren't zero-day...

Clarification upon statement:
If it was patched against the particular exploit, then it wouldn't be zero-day exploit. You can't patch something that you don't know exists yet.

 

[borrofburi]

Clarification upon statement:
If it was patched against the particular exploit, then it wouldn't be zero-day exploit. You can't patch something that you don't know exists yet.

Ah, I see where the confusion came from. The reason I originally asked the question is to see if it's a zero-day: if lulz sec has only ever exploited security flaws in old and unpatched systems, then they almost definitely do not have a zero-day exploit. If lulz sec has conquered some patched and up-to-date servers then they're either great social engineers (though remember, they get to choose their targets, their explanations are post-hoc public relations), or have a zero-day exploit. So I was wondering if they do actually attack patched and up-to-date servers (possible zero-day), or if it's only, say, older apache servers (almost definitely not a zero-day).

 

[)O( Hytegia )O(]

Clarification upon statement:
If it was patched against the particular exploit, then it wouldn't be zero-day exploit. You can't patch something that you don't know exists yet.

Ah, I see where the confusion came from. The reason I originally asked the question is to see if it's a zero-day: if lulz sec has only ever exploited security flaws in old and unpatched systems, then they almost definitely do not have a zero-day exploit. If lulz sec has conquered some patched and up-to-date servers then they're either great social engineers (though remember, they get to choose their targets, their explanations are post-hoc public relations), or have a zero-day exploit. So I was wondering if they do actually attack patched and up-to-date servers (possible zero-day), or if it's only, say, older apache servers (almost definitely not a zero-day).

I would say that it is most likely a result of typical social engineering techniques and utilization of human nature to make everything simple by keeping a one-for-all password.
For example - say that there was "User X" whom we know catalogs different intel data and has correspondences with people much higher on the food chain, but is actually so low on the chain himself that he is not in on the goings on.
We place the conjecture that this person (who's name is available, since he works for the state) does not live under a rock, and actively engages in the intertubes for, at the minimum, minor family communications or gaming and whatnot. We Google, and find that he has a Facebook. We look up that his Facebook name is "Joe the Time Lord"

After some networking, we find that user to be "ImpossibleJoe" of the LeagueOfReason forums.

So, which is easier? Breaking into the government system with audit trails and lockout attempts, or a privately-owned publicly-available server in the UK, where they have no jurisdiction over me anyhow?
:lol:
Now, odds are that (based upon basic human mindset) that humans reuse the same combination on multiple occasions. We obtain ImprobableJoe's password, and then use it to try to authenticate ourselves as "User X" - and we gain access.

Cool. We have our door, gentlemen!

 

[borrofburi]

...I know how social engineering works... I was just curious as to whether there's any indication that they'd need a zero-day even if they weren't using social engineering. If it's old and unpatched servers, then they wouldn't even need zero-day, just re-use old exploits.

 

[)O( Hytegia )O(]

...I know how social engineering works... I was just curious as to whether there's any indication that they'd need a zero-day even if they weren't using social engineering. If it's old and unpatched servers, then they wouldn't even need zero-day, just re-use old exploits.

I would have considered utilizing the exploits covered in a patch before a patch was applied to be some variation of zero-day exploit. If a patch comes out, and the webmaster decides that he would rather go out to the bar this Tuesday instead of watching porn, and forgets that it's patch Tuesday. :roll:
It would probably make it easier to exploit, seeing as the new patch coming out would literally have the exploitable hole written all over it.

 

[borrofburi]

I would have considered utilizing the exploits covered in a patch before a patch was applied to be some variation of zero-day exploit. If a patch comes out, and the webmaster decides that he would rather go out to the bar this Tuesday instead of watching porn, and forgets that it's patch Tuesday. :roll:

This is no longer zero-day. Zero-day refers to it being unstoppable. If there's a patch out but the webmaster was too lazy or slow or whatever, then it's not zero-day. If the program maintainer knows about it but doesn't feel like patching it, then it's not a zero-day.

 

[)O( Hytegia )O(]

I would have considered utilizing the exploits covered in a patch before a patch was applied to be some variation of zero-day exploit. If a patch comes out, and the webmaster decides that he would rather go out to the bar this Tuesday instead of watching porn, and forgets that it's patch Tuesday. :roll:

This is no longer zero-day. Zero-day refers to it being unstoppable. If there's a patch out but the webmaster was too lazy or slow or whatever, then it's not zero-day. If the program maintainer knows about it but doesn't feel like patching it, then it's not a zero-day.

Point taken.
I refreshed my brain on zero-day when I remembered that "Day 0" was the day that the programmer realized a flaw.
:|

 

[nophun]

Lulzsec was not hacking a bunch of phpbb.
There is no "zero day" exploit. The hackers could not just goto packetstorm and download a exploit and get to work. They could not just write one exploit and run it against all those sites. They had to take the time and audit most of these sites one by one looking to input unsanitized data. (script aided obviously)

They did nothing that is not happening at any point in the day.
http://www.zone-h.org/archive


There may have been some mass-hacks when they did a bunch of Sony for example.
I don't feel there would be many. (just a guess)

 

[Lallapalalable]

over9000

:shock:

 

[CosmicJoghurt]

@MGK

"Know how a computer works"? What do you mean?