Setting out to discover what it is to be, and in the process how to become, a hacker is one of those situations where the first step is the hardest. This is not due to the technical difficulty of the process but is more to do with trying to determine where to start with such a large and varied field.
Maybe a history lesson would be appropriate? But at which point in the long history of hacking should the lesson begin? Do we go back to the 1960's when the leaders of the open source software movement began their tinkering? Or to the origins of the Internet perhaps? Then again, can any history of hacking really commence without a discussion of the word itself? Is this hacking in the media sense of the word, bringing to mind the idea of a solitary computer expert sitting alone in a darkened room illegally accessing a government or corporate computer network, or should this be a history of the pure meaning of Hacking and therefore should we look at ancient Egypt and their technological endevours?
Figuring out where to start gets hard and can in no way please everyone, so in the best traditions of the Bond movie, lets begin with a song!
Back in 1999 there was, for a brief moment, a popular song that caught the zeitgeist of the eve of the Mellenium just right - the Sunscreen Song. The song was actually a speech published in the Chicago Tibune, written by one of their journalists a couple of years previously, which was then put to music. As with most popular things, someone on the Internet made a parody. Here's the video for the original and the lyrics to the Sys Admin version. Below that is a look at the different terms used in the parody version.
Sysadmins of the class of '99:
Wear a Leatherman.
If I could offer you only one tip for the future, having a Leatherman would be it. The long-term benefits of a Leatherman have been proved by BOFHs, whereas the rest of my advice has no basis more reliable than my own meandering experience. I will dispense this advice now.
Enjoy the power and beauty of root. Oh, never mind. You will not understand the power and beauty of your root access until it's taken away. But trust me, when you need to kill a runaway process, you'll think back to the scripts you had and recall in a way you can't grasp now how much possibility lay before you and how much you could do. You are not as powerless as you imagine.
Don't worry about the Y2K bug. Or worry, but know that worrying is as effective as trying to mount an old chain of Exabyte tape drives by chewing bubble gum. The real troubles on your network are apt to be things that never crossed your worried mind, the kind that get you called in at 4 a.m. on some weekend when you were supposed to be recovering.
Do one thing every day that scares the lusers.
LART.
Don't be reckless with other people's files (if it can be traced back to you). Come down like a ton of bricks on people who are reckless with yours.
Nerf.
Don't waste your time on lusers' backups. Sometimes you're ahead on patches, sometimes you're behind. The race to maintain an up-to-date system is long and, in the end, it's only with yourself.
Remember compliments you receive. Log the insults in a database, cross-referenced on date, time, reason and luser. If you succeed in doing this, tell me how (and ftp me the binary).
Archive your lusers' old web caches. Throw away your logs.
Drink Jolt.
Don't feel guilty if you don't know what you want to do with your old glibc libraries. The most interesting sysadmins I know didn't know at 22 what they wanted to do with their systems. Some of the most interesting 40-year-old BOFHs I know still don't.
Get plenty of UPSes. Be kind to your power supplies. You'll miss them when they're gone.
Maybe you'll recover, maybe you won't. Maybe you'll have lusers, maybe you won't. Maybe you'll become a PHB at 40, maybe you'll dance on the head of your boss on your last day before you wipe the servers. Whatever you do, don't congratulate yourself too much, or berate yourself either. Your choices are half chance. So are everybody else's. But at least you can read their email.
Enjoy your network. Use it every way you can. Don't be afraid of it or of what other people think of it. It's the greatest instrument you'll ever own. No matter what the PHBs think.
Compile, even if you have nowhere to do it but on your laptop.
RTFM, even if you still use 'tar -xvf' rather than 'tar xvf'.
Do not read NT magazines. They will only make you feel ill.
Get to know your hardware suppliers. You never know when they'll go out of business. Be nice to your PFY. They're your best link to your past and the people most likely to play along when you kill the electrician with a power spike.
Understand that lusers come and go, but with a precious few you should wring their necks as soon as possible. Work hard to bridge the gaps in their knowledge and Clue, because the older you get, the more you need the people who knew you when you were nasty, and had a real mean temper when roused.
Live in your office once, but leave before it makes you arrive too early for work. Live in the machine room once, but leave before you start to whistle at 28.8. Travel without moving with a line into the CCTV system.
Accept certain inalienable truths: hardware prices will rise. Lusers won't learn.You, too, will get old. And when you do, you'll fantasize that when you were young, prices were reasonable, lusers were just as bad but sometimes they respected their sysadmin.
Only respect your ass.
Don't expect anyone else to support you when you purchase a Starfire. Maybe you have photos of the Boss with a secretary. Maybe you'll have a wealthy company with more money than sense. But you never know when either one might run out, or they'll find out about the camera in the boardroom.
Don't mess too much with your chair or by lunchtime you won't be able to sleep in it.
Be careful whose software you buy, don't be patient with those who supply it. Software is a form of nostalgia. Dispensing it is a way of fishing the minds of bad programmers for the 'really neat' ideas, wiping them off, painting over the ugly parts and selling it for more than it's worth.
But trust me on the Leatherman.
Ben (the original author)
Why on Earth start with a song like this, you may ask. Well, the role of Systems Administrator really lends itself to the computer hacker personality and many hackers find themselves in such a day job. A job like this allows you to tinker with all sorts of technology and deal with a variety of problems that help teach more and more about computing, networking, security, and so on. Many fine books have been written on the subject, but none capture the playful hacker spirit as well as the above parody of the Sunscreen Song.
And so, the definitions, which I hope will either refresh your geek vocabulary or add to it:
Sys Admin: aka Systems Administrator, the main man (or woman) responsible for a given computer system, usually a network in an organisation like a business. The job of choice for loads of hacker types, that often leads to a higher paid specialisation.
Leatherman: A multi-purpose tool, like a non-lethal version of the Swiss Army knife
BOFH: Bastard Operator From Hell, an internet based series of funny stories about a Systems Operator (the old name for a Systems Administrator that was primarily associated with Unix systems) who is, as the name suggests, quite the bastard. In the stories he passes the time by pricking about with the various systems under his control in order to mess with the heads of the users and his boss. The idea was picked up by The Register website who still publish BOFH stories based on the originals.
ROOT: The superuser account on Unix based systems, including Linux, the equivilent of Administrator on a Windows system. This user account has the power to do everything on the system unlike standard user accounts that are limited in their powers.
Runaway Process: A process is an instance (that is "an occurrance") of a program that is being run. Therefore, a runaway process is a running program that won't stop. This can be caused by a variety of things but usually boils down to bad programming or bad luck.
Y2K Bug: Either the greatest man-made disaster ever avoided or the best money-making scheme ever devised, no-one can be sure which.
Mount: Primarily a function of Unix type operating systems but features in Windows too, to mount a drive means to attach a filesystem source (something like a pohysical drive) to a directory so that the contents of the drive can be accessed. This function is one of many unfortunately named computer commands and items that mean something totally different in the real world - Root, I'm looking at you!
exabyte tape drives: A tape drive is, as the name suggests, a computer drive that uses magnetic tapes. These tapes are used for backing up the contents of a computer or group of computers depending on the storage capacity of the tapes in question.An exabyte is a massive amout of data equal to one million terabytes, so in this case the reference to Exabyte actually refers to an old company that used to make tape drives.
Network: Specifically, a computer network, is a collection of computers (and computer-like devices) that are connected to each other. When you connect to the Internet you are connecting your device to an INTERconnected NETwork (hence, Internet). Most companies who have two or more computers connect them into small networks so as to be able to share resources like files or printers. Networks, and the care thereof, are the whole point of having Sys Admins in the first place.
Recovering: Not entirely sure what was meant in this context, but I'm going to run with the notion that the auther meant recovery in the sense of time off for the administrator, a.k.a. the weekend, as opposed to the use of the word to describe the process of restoring data from a backup medium like a tape or disc (see Backups below).
Lusers: A derogative term for the users of a computer system
LART: Luser Attitude Readjustment Tool, aka Clue By Four, a device used to knock sense into a User
Nerf: A brand of toy gun that shoots foam darts. Fun to have in the office and unlikely to cause serious property damage or harm to co-workers (unless you insert pins or paperclips into the tips of the darts)
Backups: Copies of data used in the event of damage (in whatever form) occurring to the original. Backups are a real pain in the arse for many admins and warrent their own song which I'll publish when I find it again. A good backup can save your arse in the event of something going wrong or can hang you if you've done something you shouldn't have - too many admins have left incriminating evidence on backup tapes.
Patches: Patches are fixes to programmes. In the Windows world they are more commonly known as Hotfixes. Patching a system is an important responsibility as many patches relate to system security. Patch information is also a great learning tool for the hacker due to the many security related patches.
Database: A piece of software used to collect data in an organised and structured manner. This is a really basic definition, so for more click here
ftp: File Transfer Protocol
binary: In this instance, binary refers to a type of file that can be run on a computer - in Windows terms this would be referred to as an executable (.exe file).
archive: A store of old data
web cache: A web cache is a store of web pages that are held in order to make browsing faster. Holding onto a users web cache means that you could know what sites they were visiting and can therefore use this knowledge against them (not that you would of course as that would be naughty!)
logs: In computing, as in every other walk of life, except the lumber and swerage industries, a log is a record of things that happened. Computers tend to write them automatically, ships captains have to write them up manually, starship captains get to dictate them to the ships computer.
Jolt: A type of high-caffine content cola that's popular among those wishing to stay awake for long periods (hackers, college students, lorry drivers). More potent than standard issue coffee and has the added benefits of being served cold in a can or bottle and is therefore quicker and easier to prepare. Has been usurped (in Ireland anyway) by Red Bull.
glibc libraries: These are the parts needed to develop programs using the C language on computers usually running linux though they are platform independant. They are part of the GNU project, hence the "g" part of the name.
UPS: Uninterruptable Power Supply
PHB: Pointy Haired Boss
Server: Usually a computer (or other device) with a specific task or tasks that "serves" the requests from clients on a network.
read their email: Oh baby! This is one of the serious perks of the job when you're a systems admin, the ability to read others e-mail. This can be a massive invasion of privacy and borderline illegal depending on where you are in the world, however, not only can it be enourmously fun it can provide you with an insight into what's really happening in your organisation. Reading mail in this fashion will quickly prove the old adage about how information is power!
compile: The process of turning computer code written in a language that humans can understand (like C) and converting it into a language that the computer can understand (machine code)
RTFM: Read The Fucking Manual
tar -xvf tar xvf: tar is a piece of software for collecting files into a package file of sorts.
NT: Shorthand term for Windows NT, the version of Windows before 2000, which was before XP, which was before Vista, which was before Windows 7. The NT stood for New Technology as it was quite a departure from the old DOS based Windows systems that preceeded it. NT was the first serious attempt by Microsoft to compete with the big iron Unix systems.
PFY: Pimply Faced Youth
kill the electrician with a power spike: The accidental death of utility workers being caused by IT people is far more common than is ever reported. Luckily most sys admins during the course of their careers will not actually kill someone but are more likely to give themselves low level electric shocks as they attempt to repair equipment in a hurry and thus ignore the safety guidelines. It's about this time that most sys admins learn how electrical fuses work.
Clue: As in sense, something that really isn't all that common and is practically non-existent when most people get in front of a computer, as can be evidenced by the low number of people who read error messages before clicking the button to get rid of them and then wonder why the computer won't work.
Machine Room: Aka the server room or comms room, the place where all the main computers and their associated gear live. Famous in civilain circles for the low temperatures maintained to enable all the fancy gadgets to work at their best.
28.8: 28.8kbps or 28,000 bps was a common speed for modems. Since modems MODulated and DEModulated digital signals into signals that the phone system could transmit there was sound involved in the range of human speech, hence the idea that it was possible to whistle at 28.8. Whistling at certain frequencies was an important part of the hacker culture, especially the part dealing with phone systems. Read this to find out more about just how important it was.
CCTV: Closed Circuit Television. Big Brother is watching you, which can be unnerving until you become Big Brother, in which case it's excellent.
Hardware: Physical things, in this case, computers, printers, network gear (switches, routers, etc).
Starfire: Starfire was the codename for a big-assed server from Sun Microsystems.
Your Chair: The device between your arse and the floor. One of the more important factors in a sys admins life as a good portion of a day is usually spent sitting on one, unless you're one of those admins who are always chasing around the place at the beck and call of every users little whim. If that is the case, you might want to consider another line of work or, at the very least, grow a pair. Your Chair is not to be confused with a users chair which, along with the users computer, provides the bookends between which many problems reside, hence the term PEBKAC - Problem Exists Between Keyboard And Chair. I've honestly seen admins nearly come to blows over chairs, they're that important!
Humour plays a big role in the world of the Hacker; the whole point of undertaking any hacker type activity is all about having fun.While it's easy to get caught up in the technology or darker aspects of the culture it's important to stop every now and then and have a laugh, or at least crack a smile while no-one's looking if you're one of those super-serious sorts.
Links:
Wikipedia page on The Sunscreen Song: http://en.wikipedia.org/wiki/Wear_Sunscreen
Showing posts with label Hacking. Show all posts
Showing posts with label Hacking. Show all posts
Monday, April 11, 2011
Friday, March 19, 2010
Bypassing Windows Logon Security with Kon-Boot
I'd been looking for an excuse to try this out for a while, but as with such things, a reason presented itself that REQUIRED me to try Kon-Boot in order to get onto a Windows machine that I didn't have a password for.
The situation is this - a typical problem that presents itself to administrators is new starts with no notice, that is, a new person is coming into the company on Monday and I was told about it today. Today is Friday. The person is only going to be here for a short while but they still need a PC and access to the company network, so I had to rustle something up for them. There's been a spare PC on my desk for a while now and this seems the perfect opportunity to get rid of it for a while, however when I powered it up I realised why it was there in the first place. It works, but no-one can log on as no one has a clue what the local password is and it won't connect to the company domain so those user accounts are no good either.
I'd seen Kon-Boot on an episode of Hak5 and had sworn that I'd get round to trying it our for real. Not too long ago a friend of mine contacted me asking for advice on how to deal with the problem I've just been presented with and I suggested that he try this naughty little piece of software that's designed to get you through the pesky security on a windows computer. I'm not sure if he ever tried it but I vowed that I would.
So, this very afternoon I was finally given the excuse I needed to do this (legitimately) at work. I searched for the website (see links below) and downloaded the iso image for the Windows version. This I burned onto a disc which I used to boot the PC in question. Upon boot, you are presented with an old school boot screen that presents the credits for the developers of the software. This reminded me of the credits that used to go at the beginning of old Amiga games that had been craked and were a favorite of the kids at the school I attended back in the day - if you take a look at the Kon-Boot website you may notice some other references to the old Amiga systems.
Once you get beyond this screen another, similar screen lets you know the system is loading. From this point you are in familiar terrirtory as the XP loading screen is presented and the computer gets to the CTRL ALT DELETE prompt as normal. All is far from normal however, as once you press those three keys you can put in any old muck and the system will log you on.
That's it. You're in at that point and free to do whatever you please.
Links:
http://www.piotrbania.com/all/kon-boot/
http://www.hak5.org/episodes/episode-518
The situation is this - a typical problem that presents itself to administrators is new starts with no notice, that is, a new person is coming into the company on Monday and I was told about it today. Today is Friday. The person is only going to be here for a short while but they still need a PC and access to the company network, so I had to rustle something up for them. There's been a spare PC on my desk for a while now and this seems the perfect opportunity to get rid of it for a while, however when I powered it up I realised why it was there in the first place. It works, but no-one can log on as no one has a clue what the local password is and it won't connect to the company domain so those user accounts are no good either.
I'd seen Kon-Boot on an episode of Hak5 and had sworn that I'd get round to trying it our for real. Not too long ago a friend of mine contacted me asking for advice on how to deal with the problem I've just been presented with and I suggested that he try this naughty little piece of software that's designed to get you through the pesky security on a windows computer. I'm not sure if he ever tried it but I vowed that I would.
So, this very afternoon I was finally given the excuse I needed to do this (legitimately) at work. I searched for the website (see links below) and downloaded the iso image for the Windows version. This I burned onto a disc which I used to boot the PC in question. Upon boot, you are presented with an old school boot screen that presents the credits for the developers of the software. This reminded me of the credits that used to go at the beginning of old Amiga games that had been craked and were a favorite of the kids at the school I attended back in the day - if you take a look at the Kon-Boot website you may notice some other references to the old Amiga systems.
Once you get beyond this screen another, similar screen lets you know the system is loading. From this point you are in familiar terrirtory as the XP loading screen is presented and the computer gets to the CTRL ALT DELETE prompt as normal. All is far from normal however, as once you press those three keys you can put in any old muck and the system will log you on.
That's it. You're in at that point and free to do whatever you please.
Links:
http://www.piotrbania.com/all/kon-boot/
http://www.hak5.org/episodes/episode-518
Thursday, June 11, 2009
Doing The Devil’s Work
That old adage about idle hands doing the Devil’s work is so true it’s scary. I’ve recently been lucky enough to avail of some time off and during that time I’ve had a chance to do some of the things I’ve always wanted to do, as well as successfully putting off some things I don’t care for (like painting the bathroom). There’s a surprising downside to being a man of leisure as anyone who has had the chance to lie around the house all day will tell you. I always believed that if you were having trouble sitting on your arse all day then you weren’t doing it right, but there’s no escaping the creeping boredom that finally slopes up your spine, grabs your untaxed brain and directs you towards evil works!
My evil works began simply enough during this period of inactivity. At first I dabbled with some Oracle technologies that I’d been meaning to get into. I played with RAC and a few other bits but, to be fair while they’re definitely evil they’re also wild dull! Then, one Sunday, it struck me. This was the perfect chance to try out some of those infamous hacking tools I’d heard so much about.
I’ve often wondered just how widespread hacking was in the real world. Yes there are lots of viruses and various types of malware out there, and while most do something malicious in some way, they do tend to have a commercial purpose like propagating spam mail or facilitating identity theft. However, actual hackers (in the bad “cracker” breaking into networks and servers sense of the word) are pretty rare, at least here in Ireland where there has never been a criminal prosecution for a computer crime like hacking (I’m sure some knacker somewhere got their collar felt for pinching a laptop or something).
So how come real hacking is so rare? The movies make it look super easy and there’s a massive industry built around protecting your PC from nasty kids who are hell bent on getting their grubby mitts on your holiday snaps and browsing history, so what’s the problem? Well, just like every other subject Hollywood has tackled over the years, the movies are completely wrong about hacking. It’s really hard. Well, maybe not hard exactly, but frustrating in the extreme.
I’m a Theory X kinda guy, I will always do as little as possible whenever possible so I was deeply attracted to the idea of an easy target for my first crack at cracking. As anyone in the know knows, the easiest system to break into is a wireless network. (Actually, there are easier systems, but that’s a story for another day).
In the past I have tried and failed miserably to get a wireless cracking tool to work. There are many reasons for my prior lack of success but basically it always took too long to get anything to work and I’d lose interest way before I managed to get any results. This time out I had nothing better to do so I stuck with it and managed to achieve greatness!
When I first took an interest in wireless networking, many many years ago when Cisco first began peddling the original Aironet 350 series cards and access points, I wondered about how secure it possibly could be. Over the years, as wireless became more widespread, I realised that it’s not secure at all. Of course there has been a lot of work done to make wireless networks secure, open systems soon gave way to WEP protected systems, which were overtaken by WPA protection schemes and fancy MAC lists and the like. But, as soon as a protection method came on the scene out popped a method for hacking it!
The tool I’d read the most about for hacking into wireless networks was Aircrack. I’d tried an earlier version before but never managed to get it to work properly and promptly gave up but this time I was determined. I began my experiments on desktop PC, a dual-boot machine running XP and Fedora 10, installing Aircrack on the Fedora partition. Installing the software was straightforward enough once all the prerequisites are met but getting it to actually work is a different story. The key to Aircrack is in the hardware, never mind what the documentation says, the Atheros based network cards are the only way to go, but this is something I didn’t appreciate at first as I discovered that one of the cheapo Sweex cards I had lying around the place worked perfectly.
Of course there are drawbacks to the desktop. In a housing estate there are bound to be many wireless routers but none were close enough in my estate to enable access and were therefore no fun at all! To try to overcome this I went out and picked up a high-gain directional antenna in Maplin’s in Dublin for about €20. The antenna improved things but it was still not good enough to jump onto a nearby router.
At this point it was fairly obvious that that the only way to have any real fun with Aircrack was to get it running on a laptop. My laptop was exclusively running Windows XP so it needed to be rebuilt to dual boot XP and Linux (like the hardware, don’t even attempt to get Aircrack running on Windows as it’s a waste of time). I re-installed XP along with Fedora 10 (though at one point I was trying different flavours of Ubuntu).
Trying to get Aircrack working on the laptop was a nightmare with way too many blind alleys travelled down; I even spent time editing C code trying to get the on-board wireless card to work before it dawned on me how futile it was trying to use anything other than Atheros hardware.
Then, late one night, while drinking to block out the noise of a trad session taking place in one of my favourite boozers, it occurred to me. Ebay! On ebay I found a PCMCIA wireless network card that, as far as I’m concerned, was built with one purpose in mind – hacking! It is the perfect cracking card. Built by NEC, uses an Atheros chipset, and has a port for an external antenna (hello high-gain!).
With my new network card installed into my laptop, I set about testing it in a live environment.
Now, I’m not going to go into the details of how I got on with Aircrack against an unsuspecting target in this post (I’ll cover that soon) let’s just say I know some guys who aren’t paying for their broadband access anymore. If you have an Eircom broadband wireless router then you NEED to secure it beyond the default settings. At least use WPA as it’s a little harder to get past than WEP.
So, I’d joined the ranks of practicing hackers or, at least, successful script kiddies. About this time Sky Movies began showing “End of Days” the Arnie movie from the late 90’s where he battles the Devil (played very well by Gabriel Byrne). In the movie, set at the turn of the Millennium, there’s a radio news piece about cops being worried that Satanic cults will disrupt the New Year’s celebrations. This led me to a realisation:
There are very few real devil worshipping cults in the world. In fact, there are probably as many Satanists as there are real black hat hackers.
This realisation has led to this blog, a blog that’s hopefully going to serve the needs of these two small groups and in the process put together a Hacking Cult, a coven of those with an interest in computer security and who enjoy good horror movies! So, light the candles, draw a pentagram on the floor, pick a good proxy and let’s see what we can conjure up.
My evil works began simply enough during this period of inactivity. At first I dabbled with some Oracle technologies that I’d been meaning to get into. I played with RAC and a few other bits but, to be fair while they’re definitely evil they’re also wild dull! Then, one Sunday, it struck me. This was the perfect chance to try out some of those infamous hacking tools I’d heard so much about.
I’ve often wondered just how widespread hacking was in the real world. Yes there are lots of viruses and various types of malware out there, and while most do something malicious in some way, they do tend to have a commercial purpose like propagating spam mail or facilitating identity theft. However, actual hackers (in the bad “cracker” breaking into networks and servers sense of the word) are pretty rare, at least here in Ireland where there has never been a criminal prosecution for a computer crime like hacking (I’m sure some knacker somewhere got their collar felt for pinching a laptop or something).
So how come real hacking is so rare? The movies make it look super easy and there’s a massive industry built around protecting your PC from nasty kids who are hell bent on getting their grubby mitts on your holiday snaps and browsing history, so what’s the problem? Well, just like every other subject Hollywood has tackled over the years, the movies are completely wrong about hacking. It’s really hard. Well, maybe not hard exactly, but frustrating in the extreme.
I’m a Theory X kinda guy, I will always do as little as possible whenever possible so I was deeply attracted to the idea of an easy target for my first crack at cracking. As anyone in the know knows, the easiest system to break into is a wireless network. (Actually, there are easier systems, but that’s a story for another day).
In the past I have tried and failed miserably to get a wireless cracking tool to work. There are many reasons for my prior lack of success but basically it always took too long to get anything to work and I’d lose interest way before I managed to get any results. This time out I had nothing better to do so I stuck with it and managed to achieve greatness!
When I first took an interest in wireless networking, many many years ago when Cisco first began peddling the original Aironet 350 series cards and access points, I wondered about how secure it possibly could be. Over the years, as wireless became more widespread, I realised that it’s not secure at all. Of course there has been a lot of work done to make wireless networks secure, open systems soon gave way to WEP protected systems, which were overtaken by WPA protection schemes and fancy MAC lists and the like. But, as soon as a protection method came on the scene out popped a method for hacking it!
The tool I’d read the most about for hacking into wireless networks was Aircrack. I’d tried an earlier version before but never managed to get it to work properly and promptly gave up but this time I was determined. I began my experiments on desktop PC, a dual-boot machine running XP and Fedora 10, installing Aircrack on the Fedora partition. Installing the software was straightforward enough once all the prerequisites are met but getting it to actually work is a different story. The key to Aircrack is in the hardware, never mind what the documentation says, the Atheros based network cards are the only way to go, but this is something I didn’t appreciate at first as I discovered that one of the cheapo Sweex cards I had lying around the place worked perfectly.
Of course there are drawbacks to the desktop. In a housing estate there are bound to be many wireless routers but none were close enough in my estate to enable access and were therefore no fun at all! To try to overcome this I went out and picked up a high-gain directional antenna in Maplin’s in Dublin for about €20. The antenna improved things but it was still not good enough to jump onto a nearby router.
At this point it was fairly obvious that that the only way to have any real fun with Aircrack was to get it running on a laptop. My laptop was exclusively running Windows XP so it needed to be rebuilt to dual boot XP and Linux (like the hardware, don’t even attempt to get Aircrack running on Windows as it’s a waste of time). I re-installed XP along with Fedora 10 (though at one point I was trying different flavours of Ubuntu).
Trying to get Aircrack working on the laptop was a nightmare with way too many blind alleys travelled down; I even spent time editing C code trying to get the on-board wireless card to work before it dawned on me how futile it was trying to use anything other than Atheros hardware.
Then, late one night, while drinking to block out the noise of a trad session taking place in one of my favourite boozers, it occurred to me. Ebay! On ebay I found a PCMCIA wireless network card that, as far as I’m concerned, was built with one purpose in mind – hacking! It is the perfect cracking card. Built by NEC, uses an Atheros chipset, and has a port for an external antenna (hello high-gain!).
With my new network card installed into my laptop, I set about testing it in a live environment.
Now, I’m not going to go into the details of how I got on with Aircrack against an unsuspecting target in this post (I’ll cover that soon) let’s just say I know some guys who aren’t paying for their broadband access anymore. If you have an Eircom broadband wireless router then you NEED to secure it beyond the default settings. At least use WPA as it’s a little harder to get past than WEP.
So, I’d joined the ranks of practicing hackers or, at least, successful script kiddies. About this time Sky Movies began showing “End of Days” the Arnie movie from the late 90’s where he battles the Devil (played very well by Gabriel Byrne). In the movie, set at the turn of the Millennium, there’s a radio news piece about cops being worried that Satanic cults will disrupt the New Year’s celebrations. This led me to a realisation:
There are very few real devil worshipping cults in the world. In fact, there are probably as many Satanists as there are real black hat hackers.
This realisation has led to this blog, a blog that’s hopefully going to serve the needs of these two small groups and in the process put together a Hacking Cult, a coven of those with an interest in computer security and who enjoy good horror movies! So, light the candles, draw a pentagram on the floor, pick a good proxy and let’s see what we can conjure up.
Subscribe to:
Posts (Atom)
