Jump to content
xisto Community
Sign in to follow this  
qwijibow

Hate Hackers But Admire The Skill ? have a go yourself without hurting any1

Recommended Posts

Hacker's Virus writers malware authors....
Hate them. They annoy everyone for little or no reason.

However, (with exception of script kiddies) those who do it the hard way,
discovering their own buffer over flow exploits and writing the machine code
to exploit and spawn a command line, you have to admire the amount of knollege and skill that this takes.

If you know anything about *nix (especially Linux) and would like to pit you securety knoledge againsed other's have a look at this....

http://www.mettlenetworks.com/

Basically, on the 9th of this month, a Linux server will be booted, and its IP address posted on that site, and left running for 96 hours. there will be no firewall, and no tweaks done to it, just a jet to be decided linux distro will be booted, and all default serces allowed to run.

the competition is to....

1) gain root access
2) create a file on / containing some identification (an email or PGP key)
3) dissconect the machine from the internet (shut donw the network card)
4) send an email announcing you have won.

if nobody has hacked the machine within 48 hours, then low access level login passwords will be given out, at which point you will be able to attempt local privilage esculation exploits.

Will anyone here be having a go ???

I know virtually nothing about exploiting services, only how to prevent writing code vunerable to buffer overflows...

but i will definatly have a little play, port scanning, version probing and whatever else i can think of.

(maybe i should just post its IP on slashdot..... thats usually enough to crash most systems !)

Share this post


Link to post
Share on other sites

There are quite a few cyberwar games like that on the net, I actually play in a few LOL. It's not to learn this type of behavior, but it is so I know how to find exploits and thereby having better security on my own sites and machines. :) There are a few links I would like to share. I do want to stress that each of these links permits the use of exploits for the CHALLENGE, not for illegal intent. They do state this on their pages as well.

http://www.hackthissite.org/
http://forums.xisto.com/no_longer_exists/
http://forums.xisto.com/no_longer_exists/
http://billigtarife.net//?gtnjs=1 (here I completed the first 15 levels :) was fun )

I am NOT justifying hacking or such activities, I do stress that with permission given and NO malicious intent, it is challenging. It tests your knowledge on computer systems, programming languages, etc.

ALL of the links I just provided actually are GAMES, CHALLENGES to test your knowledge.

---

As reply to the subject, I too hate hackers (the ones that mess up your system) and personally I would love it to see their MB get fried. I feel that if you use your knowledfe of systems, web programming etc for such activities you don't deserve the right to actually have a computer. There are "hackers" (I use this term loosely for this) out there that actually use the knowledge and skill they have to test companies' security etc. That I do applaud... How can you improve your security? By looking at your weaknesses.

I sincerely hope this was not going out of line, if it was, please remove this message, edit or pm me. Please do not take my words as promoting of illegal activities, I strongly object to it. However I do see a good use for this knowledge and these skills when it comes to using them to (WITH PERMISSION) enhance security on servers.

Share this post


Link to post
Share on other sites

Some Universitys Offer Computer securety Courses.You cannot secure your own system without knowing how the bad guys break into your system.as part of these courses you have to try to break into designated machines.As for the Cyber-war link... WOW.... i LOVE the ascii art FreeBSD Daemon logo !!!!I dont know the reasons that the links you posted were setup, But aslong as we are all clear that the content is linked to help users protect themselves , and better understand securety, i see no harm.

Share this post


Link to post
Share on other sites

Yeah, those hacking "games" are fun... Thanks for the links, as I have already done the hackthissite challenges (failed, so cheated), and am looking for new fun. :) I think hackers are good, if they don't use their skills to do bad stuff... But, good hackers are like characters in a children's book. Like a magician who does good deeds to save the world. I sound poetish... NOOOO!!!Heh, actually, I'm "hacking" my way through the Encyclopædia Britannica Online with Google to get an article that requires subscription because it helps me do my homework.

Share this post


Link to post
Share on other sites

Since we're talking about hacking in here - have any of you played the games, Uplink or Street Hacker ?? Both are real fun and simulate real world hacking upto a fair degree. Uplink is more of a MacOS based hacking game while Street Hacker's commandline and gives you a more authentic sense & feel ... But both are a must try.. Pit your skills and see how far you can go :D I've completed both without any kind of cheats. I've even got a saved game with full armoury of all the hi-tech gadgets - for Uplink. The game's saved right at the beginning. So any of you who want to start off with my character can pm me and I'll mail it to you...

 

Uplink: http://www.introversion.co.uk/introversion/

Street Hacker: http://www.streethacker.com/

Share this post


Link to post
Share on other sites

There is actually a career to be made out of hacking. There are hackers who trained to become network security specialists and their job is to try to hack into a network in order to make it more secured. I heard the pay's very high.

Share this post


Link to post
Share on other sites

Street hacker is a nice game, but toooo easy.I wonder why all those little 10 year olds all want to hack someone's mailbox.the little pests :DI went to some company 2 weeks ago to test their library-security-system (see my tutorial ) for them and got about $ 150 for 4 hours work, nice huh :D.

Share this post


Link to post
Share on other sites

in my opinion things like this can only benafit peoples knowlage of servers and the way the computers uses data. unfortunatley there are people out there who wish to use this information and abilities to annoy people.The only good thing is the people who do do this promote good coding and full testing of apps before they are released.

Share this post


Link to post
Share on other sites

Hmmm... don't like that idea...Then people will know how to hack linux servers...
That's bad...


people already know how to hack unsecure linux servers.
But if I am one of them, i can better protect my sever from those who have less than good intensions.

After reading a tutorial on how to exploit buffer overflows (written by and for those who want to annoy) my code is now slightly more secure.

For example.... i know that the easyesy way to get into a web server, is through badly written CGI scripts.

because i know that i never ever ever use a CGI script i find on the internet without proof reading the code very very carefully.

if i didnt know this, then i maght just carelessly add every free cgi script i find, and assume that apache will protect me.

aslong as your intentions are good, knoledge of evil is never a bad thing :D
(unless you agree that ignorance is bliss :D)

Share this post


Link to post
Share on other sites

Has anyone here read the book 'The Cuckoo's Egg' ? It's quite an old book but based on a true story of how somehow hacked into the millitary network (I can't remember what it was called back then, something like mil lan though). going through a labatory's lan somewhere in the us, all the way from germany.I'm gonna check out those sites... you should understand if I tell you i'm 13 and love computers (My three hobbies : programming, grpahics design, and gaming). Atelast it's legal with those, isn't it?

Share this post


Link to post
Share on other sites

well.. i was quite surprised actually, but it survived !96 hours without anyone breaking in, and 48 of those hours free valid login names and passwords were made public.even 48 hours with a valid username, and nobody managed to gain the required privilag level.And this was worse than a standard install.No firewall was used, and excessiveservices which are NOT normally running by defualt were started, such as apache wbserver, and the tenlet server.on monday 14th march the statistics will be released.So, unpatched, un-firewalled install with most of its services running lasted 96 hours, dureing which timeit was under constant attack, and its IP address advertised, and its owners encouraging every one to attack it.

Share this post


Link to post
Share on other sites

Wow.. that's amazing! Be sure to let us know those stats :D Does this mean apache is good? Or that those that tried are bad LOL. I don't know...I feel that in order to have a good secure server, you should know how to see if there are exploits and which level of security (lack thereof) those exploits are.It was part of our final in school, to "hack" into the main server, retrieve the root password and then change it. Sad part was that our teacher seemed to have forgotten that with the root password, we also had access to the administrations mainframe, which allowed us to change our own grades. But oh well, who counts :D Of course when we told him, he did stop laughing. He was one of those "einstein hairdo" head on subspace types, forgot everything, he even once forgot to MAKE the final assignment, the test itself LOL

Share this post


Link to post
Share on other sites

hi guys i know a site to hack very cool for people that dominate internet temporary files and a little of html can easly atchive the final level ... i already hacked 9 levels but i can pass it ... maybe you can do it :rolleyes:

http://try2hack.nl/
'>
http://try2hack.nl/


give a peek its cool

Tip : html and internet temporary files are the key for success.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.