< What the Hack ?! - the temptation of the Dark Side

Hack or Crack ?

hacking the matrix

'For educational purposes' ... that must be about the most widespread excuse for publishing virus creation tools,descriptions of exploits, 'hacking' manuals and the likes. Personally,I don't see much of educational effects in using a Windows application to create a virus
(next >> next >> next >> finish - congratulations, you have created the Ana Kournikova worm)
or following simple instructions to break in to a system - sometimes as simple as
'find a Kazaa user, use your browser to access his PC on TCP port 1214 - you now have access to all his files'.

I also disagree with the motivation / excuses such as 'the right to information - all information - anywhere' or 'I am motivated by curiosity'. I would not like someone to enter my house, go through my drawers and read my papers, letters or whatever. I don't give a damn if this person is doing it 'just to see if it can be done', or to demonstrate the poor quality of my front door lock. There is such a thing as the right to privacy. I don't want a Big Brother government interfering with my personal live, and I don't want just any stranger to do the same, either.

hacker emblem

So called 'hackers' -'crackers' would be a more correct term - pride themselves it takes skill, competence, patience, ... to do the things they do, and compare themselves to top athletes. So where's the skill in downloading detailed instructions to exploit a known security hole in Windows? I have a 9 year old nephew who could do that. Granted, the kid is not stupid, but still. How much competence do you need to send someone a trojan by e-mail and hope he'll be stupid enough to run it ? If you really had to stretch your intelligence to its limits to master the complex technique of copy/paste a malicious script into a web page and wait for someone to visit it, that *does* say something about your intelligence. And patiently waiting for the outcome of an extensive port/domain scan is indeed a great accomplishment, especially if you have nothing better to do while the program does all the work. That must require extreme concentration - or very low IQ.

some thoughts on the original meaning of "hacking"

You'll understand that I was rather reluctant to include the following links. But I do. For educational purposes. I, for one,want to know what's going on on the net. And apparently, cracking, spreading viruses, and other 'rebel without a clue' stuff is one of the things going on out there. I also want to know how stuff works. So I will use the 'create your own Ana Kournikova' tool. And then I'll read the vbs file and try to understand what it does. I might even try one or two of these 'exploits' - to better understand networks and data communication. I might attempt to write a password cracker or play around with encryption - to exercise my programming skills or to learn about the mathematics of encryption and how to implement them in a program. One day I might even try to log on to a system that should not allow me to log on - to understand how operating systems handle these things or to see just how easy it is to bypass a username/password login. Or I'll just try to do it on my own system, on my home network,...
Maybe these are just lame excuses as well. The forbidden fruit, boys and toys, to boldly go where no man has gone before, ... It can be tempting.

Papers and Tutorials

doclink homelink copy remarks lang
Hacking
Learning how to hack Donkboy Internet
Overview of 'required knowlegde and skills' + links to security tools and networking tools. E
Virus
A history of PC Viruses - dr. A. Solomon Paws and Claws
last updated 1995, covers the evolution of PCviruses from 1986 to the early 90's. In those days, you still needed to know some programming to write a virus :-) E
A history of PC Viruses - Robert M. Slade Paws and Claws
last updated 1996, a rather more technical approach E
Web Pages
Can a web page read your hard disk ?

innocent demo E
Virus HOWTO
How to create a virus ... with the Virus Wizzard

Next -- Next -- Next -- Finish. Congratulations, you've successfully created a virus. E
Virus Writing HOWTO Alexander Bartolich

E
HOWTO
Firewall Penetration Testing by MountAraratBlossom
Learn to understand weaknesses in firewall configurations, and how to bypass them. E
Description of a common Linux exploit Project HoneyNet
Describes and analyses how a known security weakness in Linux can be exploited E
Mind If I come In ? WLAN Penetration in 5 steps

Wireless LAN's are becoming increasingly popular, but out of the box, with (at best) only WEP as security, anyone can walk right in. E
Cracking IRC Channels Astalavista
the Script Kiddie approach : how to take over IRC channels E
Exploits SecuriTeam
Web site dedicated to (internet) security. The'Exploits' page describes in detail exploits of flaws and security holes in operating systems and applications. Also offers security tools, which might as well be tools to bypass security. Provides source code (Perl, C, ...) so there's interesting study material to be found here E
(Distributed) Denial Of Service

Background Papers, documentation and defense tools for Distributed Denial of Service attacks. E
Stack Overflow technique to run code on a remote machine

Detailed explanation on how 'stack overflow'can be used to run code on a remote machine, a well-know security hole on a lot of systems. Explains in detail how and why it works, and howto write it (in C). E
Email Spoofs

Illustration of how SMTP can be (ab)used to send email with a fake sender address - a common technique to send spam and spread viruses, and other mischief. E
Microshit Exploits www.insecure.org
But how exactly is it done, this breaking and entry on the internet ... ? Here are some examples of 'exploits',compiled by Fyodor. E
Cracks
Astalavista Security Group (sic)

search engines to locate tools to work around problems with product keys and expiring trial licenses E

Tools

These tools can be used for good and bad. They are all readily available on the Web. So,
if you're one of the good guys : find out how long your passwords will resist a dictionary or brute force attack, see what information your computers would reveal when asked the right way, and check your network before the bad guys do ...

network tools
Online DNS lookup, Whois, a.o. KLOTH Services
WWW implementations of common network tools such as whois and nslookup / dig. Although they're in fact network troubleshooting tools, services / tools like these are often used to gather information about a 'target' or 'victim' (re. Hacking Exposed : a mini howto). Which goes to show that tools can be used for good and for bad ... E
nmap www.insecure.org
simply the best port scanner, with some added functionality (e.g. remote OS guess) E
nessus www.nessus.org
extremely complete vulnerability checker / security audit : scans a remote system for open ports (using nmap), then attempts to exploit the services listening at those ports and returns a detailed report. Open Source Quality. E
hping www.hping.org
when ping and traceroute return timeouts because you can't trace 'behind' a router or firewall, hping might help. E
Same Spade www.samspade.org
client for multiple protocols and integrated network query tool for Windows 95, 98, NT & Windows 2000 E
Look@Lan www.lookatlan.com
freeware network enumeration and monitoring tool E
Hacking Exposed : the tools

the tools discussed in the book "Hacking Exposed" might be available from this site E
Arne Vidstrom : The Toolbox - Freeware security tools for Windows www.ntsecurity.nu, Arne Vidstrom
collection of freeware security tools, written by Arne Vidstrom, including a.o. a key logger, ping sweep, a tool to enumerate user accounts on a Windows system, a Microsoft SQL Server dictionary attack... E
Unix Penetration Rootkits Packet Storm
a collection of UNIX / Linux penetration rootkits E
Windows NT Penetration Tools Packet Storm
a collection of Windows NT (2000, XP, etc.) penetration tools E
Astalavista Tool Box Astalavista Secutity Group
An extensive collection of enumeration, sniffing cracking and exploiting tools. E
www.insecure.org www.insecure.org
www.insecure.org, of nmap fame, also caries extensive lists and (links to) forums on exploits, penetration testing, (exploitable) bugs, know security holes etc E
Password tools
Brutus

Password cracker for HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet servers. Originally created to check routers for default passwords. Brute Force / Dictionary approach E
Hydra The Hacker's Choice
THC-Hydra - login hacker for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is included in Nessus. E
l0phtcrack
Once the best tool for Windows NT cracking, and freely available. Now commercialized by Symantec. You may want to try and get a copy from astalavista :-) E
John The Ripper

The famous John The Ripper password cracker E
Cain and Able

finds passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols E
TSCrack

Password Cracker for Windows Terminal Server. TSCrack is said to use Artificial Intelligence / Artificial Neural Networks to be able to interprete de bitmaps sent by the terminal server and generate an appropriate response. E
"I forgot the Administrator password :-) "

'Linux boot disks that allows you to blank out the administrator password and reset accounts on Windows NT systems E
SIW - System Information for Windows

Not a password cracker per se, but a tool to collect system information on Windows systems. As it happens, this system information includes cached credentials, product keys and other 'secrets' E
Default Passwords

Who says you need to crack anything ? Lot's of network devices are installed without any configuration, so they still have the user name / passwords that the vendor put there. And these passwords are very well known ... E
Get some practice
Hack This Site

free, safe and legal experimenting ground designed for those who want to have a go at cracking web sites E
Root This Box

competition on 'getting root' on real (dedicated exercise) systems, while defending your own machine against your competitors who want to do the same to you. E
counterhack.net : Crack the Hacker Challenges maintained by Ed Skoudis
Security challenges on a more or less regular basis. Used as a way to promote books on computer security, but interesting nonetheless. E
more 'war games'

list of 'hacker' games, challenges, ... E