View previous topic :: View next topic |
Author |
Message |
wacky_sung Lamer
Joined: 12 Mar 2003 Posts: 0
|
Posted: Thu Mar 20, 2003 7:51 pm Post subject: A word of curious over the exploits found by Hackers |
|
|
I really wonder how come blackhat hackers are so free to find exploits on any of the networks security or OS?Aren't they have better things to do is to fix a exploit once it is found?I also wonder how they find exploits for the network?
|
|
Back to top |
|
|
delete852 Just Arrived
Joined: 19 Nov 2002 Posts: 4 Location: Washington DC
|
Posted: Thu Mar 20, 2003 10:04 pm Post subject: |
|
|
Black hat hackets don't program fix code because it's not their job and because it isn't what black hat hackers do, if they did then they wouldn't be black hats. The find exploits and flaws in their network by scanning it and trying to break into it themselfs. Bring you laptop to any building in Manhatten, shove a wireless NIC in it and put it on DHCP, and you are on the network. Thats what admins do to test security, well....as much as I know.
|
|
Back to top |
|
|
wacky_sung Lamer
Joined: 12 Mar 2003 Posts: 0
|
Posted: Thu Mar 20, 2003 10:20 pm Post subject: |
|
|
Well,to the extent of what i nkow about blackhat hackers are find only open ports to break in.Beside that,i just wonder how can they break by buffer overflow which found in the software firewall?In fact,if you look around window softwares and 99% of the exploit are base on buffer overflow.How you actually find those those exploits?
|
|
Back to top |
|
|
flw Forum Fanatic
Joined: 27 May 2002 Posts: 16777215 Location: U.S.A.
|
Posted: Thu Mar 20, 2003 10:25 pm Post subject: |
|
|
Just my opinion but I post it anyway.
General overview
There are three types of modes or hats as they are called. White hats which is someone interested in making sytems more secure. Grey hats which may be someone interested in secure OS's but take advantage of applications. Black hats which are soley interested in taking advantage of OS's or Applications.
Like the clothes you wear, people can change from one colored hat to another daily or even by the hour. By day a white hat may earn money to eat with by being a developer for a business but by night change hats over to a black hat looking to screwup someones system.
This is overly simplistic but gives a short overview of the concept of colored hats and what they are for.
|
|
Back to top |
|
|
delete852 Just Arrived
Joined: 19 Nov 2002 Posts: 4 Location: Washington DC
|
Posted: Thu Mar 20, 2003 10:50 pm Post subject: |
|
|
hmm, i wouldn't really agree with you, well i think it is more of a personality, i mean a job might be tedious and he might be forced to do it? But in really what he would really like to do is rip networks apart, thats a black hat. If a person is only trying to break into someone's network to prove to them that it isn't secure, it doesn't make him a black hat.
It is more of what you do in your spare time.
|
|
Back to top |
|
|
flw Forum Fanatic
Joined: 27 May 2002 Posts: 16777215 Location: U.S.A.
|
Posted: Thu Mar 20, 2003 11:09 pm Post subject: |
|
|
By the color of the hat, I was refering to the function the person was performing not the personality.
Quote: |
If a person is only trying to break into someone's network to prove to them that it isn't secure, it doesn't make him a black hat. |
If you included "with the owners permission" I would agree with you.
|
|
Back to top |
|
|
ShaolinTiger Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777215 Location: Kuala Lumpur, Malaysia
|
Posted: Fri Mar 21, 2003 2:24 am Post subject: |
|
|
blackhats are against full disclosure
whitehats are for it
That's the main difference..
blackhats are generally thought of as malicious, but it's not always true, but breaking into someones system even with no intent it's still wrong, in some ways this is where grey hat came into being..to cover the 'grey' middle area.
whitehats are generally thought of as security professionals, people who find exploits to fix them rather than exploit them for money or kudos.
In some way a true hacker is a grey hat, they aren't just security professionals and good guys, they will break into others people's systems but only to learn, to find out info, not to damage or profit.
As for the original question..it's a very profitable game, there are some excellent articles on buffer overflows on this forum I suggest you locate them and read them.
Also Google about exploit discovery etc
Then if you have any questions, ask
|
|
Back to top |
|
|
oeb Just Arrived
Joined: 17 Mar 2003 Posts: 2 Location: That Island of drunks over there
|
Posted: Fri Mar 21, 2003 3:36 am Post subject: |
|
|
wacky_sung wrote: |
In fact,if you look around window softwares and 99% of the exploit are base on buffer overflow.How you actually find those those exploits? |
You answered your own question. If 99% of all exploints are based on buffer overflows, it means that lots of software is vulnrable to it. If you are trying to break some new software then the first thing you try and do is overflow the buffer =D
Ian
|
|
Back to top |
|
|
wacky_sung Lamer
Joined: 12 Mar 2003 Posts: 0
|
Posted: Fri Mar 21, 2003 8:22 pm Post subject: |
|
|
oeb wrote: |
You answered your own question. If 99% of all exploints are based on buffer overflows, it means that lots of software is vulnrable to it. If you are trying to break some new software then the first thing you try and do is overflow the buffer =D
Ian |
Of course,i do know that about overflow the buffer in the software but how are you going to do that.In fact,you do not answer my question but repeat my sentences.I wonder does the buffer overflow mean port flow the port with a port flooder?
|
|
Back to top |
|
|
oeb Just Arrived
Joined: 17 Mar 2003 Posts: 2 Location: That Island of drunks over there
|
Posted: Sat Mar 22, 2003 11:50 am Post subject: |
|
|
No a buffer is simply a place to put "stuff" while it is going to do somewhere else. Like for example when data is being sent to the screen (output buffer), or when data is going from the terminal to the program (input buffer). You "overflow it" by putting more infor in there than it can take. For example, if a program is expecting 100 chars , what happens when you feed in 60000? Will it execute anything more than it expects in the shell? Will it just die? Will it kill the machine?
Ian
|
|
Back to top |
|
|
ThePsyko SF Mod
Joined: 17 Oct 2002 Posts: 16777178 Location: California
|
Posted: Sat Mar 22, 2003 6:03 pm Post subject: |
|
|
one simple example is the net send command - usually when you execute it, a messagebox will popup & include the IP address (or network name) of the system sending it. However, I found (with XP at least) if you shove somwhere in the neighborhood of 800-1024 (can't remember the exact number) characters onto that buffer AFTER the net send command, the recieving system deals with the overflow by pushing data out of the way to make room for the latter incoming data & you end up with a messagebox that doesn't show any info about the orginating system.
How the system / application deals with extraneous data is something that historically has been overlooked by programmers and what makes buffer overflows effective.
|
|
Back to top |
|
|
Mongrel SF Mod
Joined: 30 May 2002 Posts: 8
|
Posted: Sat Mar 22, 2003 6:19 pm Post subject: |
|
|
people who find exploits not only scan. Their main tool is expermenting and programming. They write code that proves the vulnerability exists.
(pen testers, vulnerability testers, security agents etc.)
Then people take that code and write other progams to take advantage of said vulnerability to break in and do damage, deface, control or steal resources.
(black hat)
Then people take that same code and write program changes or patches to seal up the vulnerability
(white hat)
Some people experiment, toy with vulnerabilites, maybe break in, document the weakness in a particular website or database, leave having done no damage, and inform the people of their weak systems. They are somewhere in between
(gray hat)
|
|
Back to top |
|
|
ComSec Trusted SF Member
Joined: 26 Jul 2002 Posts: 16777215
|
Posted: Sat Mar 22, 2003 7:23 pm Post subject: |
|
|
so, take it am a grey.....yes must admit i do like toying with new exploits but letting the admin know they have problems, etc
ATM am working on the telnet.cgi exploit with results
its always a sort of buzz gaining access providing its not for a malicious cause.....
|
|
Back to top |
|
|
ThePsyko SF Mod
Joined: 17 Oct 2002 Posts: 16777178 Location: California
|
Posted: Sat Mar 22, 2003 8:42 pm Post subject: |
|
|
Over the years my hat has been getting lighter as I delve deeper into the inner workings of things, although I have my darker moments. But white hat is where the money and jobs are and if I want to be able to do what I love for a living, it isn't going to be happen as a black hat... While I used to do the 'black hat' thing just for the fun of it, I now only do things like that with a reason (there have been some rumors that I've been responsible for a number of actual defacements however I can neither confirm nor deny those rumors ).. in fact the last several penetrations were for monitoring purposes only with no damage done... but my time spent with the 'darker side' has given me invaluable insight that I wouldn't have had I started off strictly as a 'white hat'
|
|
Back to top |
|
|
ComSec Trusted SF Member
Joined: 26 Jul 2002 Posts: 16777215
|
Posted: Sat Mar 22, 2003 9:55 pm Post subject: |
|
|
ThePsyko wrote: |
Over the years my hat has been getting lighter as I delve deeper into the inner workings of things, although I have my darker moments. But white hat is where the money and jobs are and if I want to be able to do what I love for a living, it isn't going to be happen as a black hat... While I used to do the 'black hat' thing just for the fun of it, I now only do things like that with a reason (there have been some rumors that I've been responsible for a number of actual defacements however I can neither confirm nor deny those rumors ).. in fact the last several penetrations were for monitoring purposes only with no damage done... but my time spent with the 'darker side' has given me invaluable insight that I wouldn't have had I started off strictly as a 'white hat' |
some sites do need bringing down .....i have done it in the past, some you regret some you dont.....remember rickys episode with ramalane at 2600 that made me think twice about my ways....
|
|
Back to top |
|
|
wacky_sung Lamer
Joined: 12 Mar 2003 Posts: 0
|
Posted: Sun Mar 23, 2003 3:21 am Post subject: |
|
|
I used to see people telling me they are hackers with handful of trojans in their hands and i must say that they are not a real hackers at all.If you really know about hacking,i doubt you will use window to hack cos window just too vulnerable.I have seem people using unix or linux to hack but nevertheless they still cannot hack through a cisco firewall.Is that a real hacker which really know how to hack through firewall?I seem almost none.
|
|
Back to top |
|
|
|