• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

A word of curious over the exploits found by Hackers

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Goto page 1, 2  Next
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
wacky_sung
Lamer
Lamer


Joined: 12 Mar 2003
Posts: 0


Offline

PostPosted: Thu Mar 20, 2003 7:51 pm    Post subject: A word of curious over the exploits found by Hackers Reply with quote

I really wonder how come blackhat hackers are so free to find exploits on any of the networks security or OS?Aren't they have better things to do is to fix a exploit once it is found?I also wonder how they find exploits for the network?
Back to top
View user's profile Send private message
delete852
Just Arrived
Just Arrived


Joined: 19 Nov 2002
Posts: 4
Location: Washington DC

Offline

PostPosted: Thu Mar 20, 2003 10:04 pm    Post subject: Reply with quote

Black hat hackets don't program fix code because it's not their job and because it isn't what black hat hackers do, if they did then they wouldn't be black hats. The find exploits and flaws in their network by scanning it and trying to break into it themselfs. Bring you laptop to any building in Manhatten, shove a wireless NIC in it and put it on DHCP, and you are on the network. Thats what admins do to test security, well....as much as I know.
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
wacky_sung
Lamer
Lamer


Joined: 12 Mar 2003
Posts: 0


Offline

PostPosted: Thu Mar 20, 2003 10:20 pm    Post subject: Reply with quote

Well,to the extent of what i nkow about blackhat hackers are find only open ports to break in.Beside that,i just wonder how can they break by buffer overflow which found in the software firewall?In fact,if you look around window softwares and 99% of the exploit are base on buffer overflow.How you actually find those those exploits?
Back to top
View user's profile Send private message
flw
Forum Fanatic
Forum Fanatic


Joined: 27 May 2002
Posts: 16777215
Location: U.S.A.

Offline

PostPosted: Thu Mar 20, 2003 10:25 pm    Post subject: Reply with quote

Just my opinion but I post it anyway.

General overview
There are three types of modes or hats as they are called. White hats which is someone interested in making sytems more secure. Grey hats which may be someone interested in secure OS's but take advantage of applications. Black hats which are soley interested in taking advantage of OS's or Applications.

Like the clothes you wear, people can change from one colored hat to another daily or even by the hour. By day a white hat may earn money to eat with by being a developer for a business but by night change hats over to a black hat looking to screwup someones system.

This is overly simplistic but gives a short overview of the concept of colored hats and what they are for.
Back to top
View user's profile Send private message Visit poster's website
delete852
Just Arrived
Just Arrived


Joined: 19 Nov 2002
Posts: 4
Location: Washington DC

Offline

PostPosted: Thu Mar 20, 2003 10:50 pm    Post subject: Reply with quote

hmm, i wouldn't really agree with you, well i think it is more of a personality, i mean a job might be tedious and he might be forced to do it? But in really what he would really like to do is rip networks apart, thats a black hat. If a person is only trying to break into someone's network to prove to them that it isn't secure, it doesn't make him a black hat.

It is more of what you do in your spare time.
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
flw
Forum Fanatic
Forum Fanatic


Joined: 27 May 2002
Posts: 16777215
Location: U.S.A.

Offline

PostPosted: Thu Mar 20, 2003 11:09 pm    Post subject: Reply with quote

By the color of the hat, I was refering to the function the person was performing not the personality.

Quote:

If a person is only trying to break into someone's network to prove to them that it isn't secure, it doesn't make him a black hat.


If you included "with the owners permission" I would agree with you.
Back to top
View user's profile Send private message Visit poster's website
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Fri Mar 21, 2003 2:24 am    Post subject: Reply with quote

blackhats are against full disclosure

whitehats are for it

That's the main difference..

blackhats are generally thought of as malicious, but it's not always true, but breaking into someones system even with no intent it's still wrong, in some ways this is where grey hat came into being..to cover the 'grey' middle area.

whitehats are generally thought of as security professionals, people who find exploits to fix them rather than exploit them for money or kudos.

In some way a true hacker is a grey hat, they aren't just security professionals and good guys, they will break into others people's systems but only to learn, to find out info, not to damage or profit.

As for the original question..it's a very profitable game, there are some excellent articles on buffer overflows on this forum I suggest you locate them and read them.

Also Google about exploit discovery etc

Then if you have any questions, ask Smile
Back to top
View user's profile Send private message Visit poster's website
oeb
Just Arrived
Just Arrived


Joined: 17 Mar 2003
Posts: 2
Location: That Island of drunks over there

Offline

PostPosted: Fri Mar 21, 2003 3:36 am    Post subject: Reply with quote

wacky_sung wrote:
In fact,if you look around window softwares and 99% of the exploit are base on buffer overflow.How you actually find those those exploits?



You answered your own question. If 99% of all exploints are based on buffer overflows, it means that lots of software is vulnrable to it. If you are trying to break some new software then the first thing you try and do is overflow the buffer =D




Ian
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
wacky_sung
Lamer
Lamer


Joined: 12 Mar 2003
Posts: 0


Offline

PostPosted: Fri Mar 21, 2003 8:22 pm    Post subject: Reply with quote

oeb wrote:

You answered your own question. If 99% of all exploints are based on buffer overflows, it means that lots of software is vulnrable to it. If you are trying to break some new software then the first thing you try and do is overflow the buffer =D




Ian


Of course,i do know that about overflow the buffer in the software but how are you going to do that.In fact,you do not answer my question but repeat my sentences.I wonder does the buffer overflow mean port flow the port with a port flooder?
Back to top
View user's profile Send private message
oeb
Just Arrived
Just Arrived


Joined: 17 Mar 2003
Posts: 2
Location: That Island of drunks over there

Offline

PostPosted: Sat Mar 22, 2003 11:50 am    Post subject: Reply with quote

No a buffer is simply a place to put "stuff" while it is going to do somewhere else. Like for example when data is being sent to the screen (output buffer), or when data is going from the terminal to the program (input buffer). You "overflow it" by putting more infor in there than it can take. For example, if a program is expecting 100 chars , what happens when you feed in 60000? Will it execute anything more than it expects in the shell? Will it just die? Will it kill the machine?





Ian
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
ThePsyko
SF Mod
SF Mod


Joined: 17 Oct 2002
Posts: 16777178
Location: California

Offline

PostPosted: Sat Mar 22, 2003 6:03 pm    Post subject: Reply with quote

one simple example is the net send command - usually when you execute it, a messagebox will popup & include the IP address (or network name) of the system sending it. However, I found (with XP at least) if you shove somwhere in the neighborhood of 800-1024 (can't remember the exact number) characters onto that buffer AFTER the net send command, the recieving system deals with the overflow by pushing data out of the way to make room for the latter incoming data & you end up with a messagebox that doesn't show any info about the orginating system.

How the system / application deals with extraneous data is something that historically has been overlooked by programmers and what makes buffer overflows effective.
Back to top
View user's profile Send private message Send e-mail
Mongrel
SF Mod
SF Mod


Joined: 30 May 2002
Posts: 8


Offline

PostPosted: Sat Mar 22, 2003 6:19 pm    Post subject: Reply with quote

people who find exploits not only scan. Their main tool is expermenting and programming. They write code that proves the vulnerability exists.
(pen testers, vulnerability testers, security agents etc.)

Then people take that code and write other progams to take advantage of said vulnerability to break in and do damage, deface, control or steal resources.
(black hat)

Then people take that same code and write program changes or patches to seal up the vulnerability
(white hat)

Some people experiment, toy with vulnerabilites, maybe break in, document the weakness in a particular website or database, leave having done no damage, and inform the people of their weak systems. They are somewhere in between
(gray hat)
Back to top
View user's profile Send private message
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Sat Mar 22, 2003 7:23 pm    Post subject: Reply with quote

so, take it am a grey.....yes must admit i do like toying with new exploits but letting the admin know they have problems, etc

ATM am working on the telnet.cgi exploit with results Wink

its always a sort of buzz gaining access providing its not for a malicious cause..... Smile
Back to top
View user's profile Send private message Visit poster's website
ThePsyko
SF Mod
SF Mod


Joined: 17 Oct 2002
Posts: 16777178
Location: California

Offline

PostPosted: Sat Mar 22, 2003 8:42 pm    Post subject: Reply with quote

Over the years my hat has been getting lighter as I delve deeper into the inner workings of things, although I have my darker moments. But white hat is where the money and jobs are and if I want to be able to do what I love for a living, it isn't going to be happen as a black hat... While I used to do the 'black hat' thing just for the fun of it, I now only do things like that with a reason (there have been some rumors that I've been responsible for a number of actual defacements however I can neither confirm nor deny those rumors Cool ).. in fact the last several penetrations were for monitoring purposes only with no damage done... but my time spent with the 'darker side' has given me invaluable insight that I wouldn't have had I started off strictly as a 'white hat'
Back to top
View user's profile Send private message Send e-mail
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Sat Mar 22, 2003 9:55 pm    Post subject: Reply with quote

ThePsyko wrote:
Over the years my hat has been getting lighter as I delve deeper into the inner workings of things, although I have my darker moments. But white hat is where the money and jobs are and if I want to be able to do what I love for a living, it isn't going to be happen as a black hat... While I used to do the 'black hat' thing just for the fun of it, I now only do things like that with a reason (there have been some rumors that I've been responsible for a number of actual defacements however I can neither confirm nor deny those rumors Cool ).. in fact the last several penetrations were for monitoring purposes only with no damage done... but my time spent with the 'darker side' has given me invaluable insight that I wouldn't have had I started off strictly as a 'white hat'


some sites do need bringing down .....i have done it in the past, some you regret some you dont.....remember rickys episode with ramalane at 2600 that made me think twice about my ways.... Wink
Back to top
View user's profile Send private message Visit poster's website
wacky_sung
Lamer
Lamer


Joined: 12 Mar 2003
Posts: 0


Offline

PostPosted: Sun Mar 23, 2003 3:21 am    Post subject: Reply with quote

I used to see people telling me they are hackers with handful of trojans in their hands and i must say that they are not a real hackers at all.If you really know about hacking,i doubt you will use window to hack cos window just too vulnerable.I have seem people using unix or linux to hack but nevertheless they still cannot hack through a cisco firewall.Is that a real hacker which really know how to hack through firewall?I seem almost none.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Goto page 1, 2  Next
Page 1 of 2


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register