[-]=====================================================================[-] +++++++++++++++++++++++++++ =: P H R A C K - R E B O R N := +++++++++++++++++++++++++++ ... Phrack is dead. Long Live Phrack. CALL FOR PAPERS * CALL FOR PAPERS * CALL FOR PAPERS -------------------------------------- Deadline: 15 October 2005 at 11:59pm Submissions : phrackstaff@gmail.com -------------------------------------- originally stated, Phrack strayed from its original purpose nearly 62 issues ago. Because of the irresponsible use of the Phrack forum, the commercialisation of hacking has been allowed to occur -- neigh -- encouraged. The old Phrack has been a long-time in dying. The past few issues have been coughing up blood (this could have been due to a severe case of industry rape). But now that death has come to the old Phrack, like Gene Gray, Phrack is reborn. Submissions should _NOT_ disclose new exploit methods, new backdooring methods, or any other information that may be used by the information security extortion industry to further increase their profit margins. Some article ideas: - White-hat 12 Step Program aka. "OMFG I'm a white-hat, How do I Stop?" - B4 They were famous. aka "Profiles of White-hats they would like to forget." - HoneyNet Project: Be Your Enemy - Saved by Project Mayhem - Setting up your own "I'm a White-hat get me out of here" program. As a special treat to our readers, this CFP includes a sample of the material we look forward to bringing you, our new Phrack readership in the future. |=-----------=[ C O N T A C T P H R A C K M A G A Z I N E ]=---------=| Editors : phrackstaff@gmail.com Submissions : phrackstaff@gmail.com Commentary : phrackstaff@gmail.com Phrack World News : phrackstaff@gmail.com (ChiX|H4X)0r Porn : phrackstaff@gmail.com -- We're open minded. ... #, . .P hr, . .. .Ac 'K#ph, .. . .rAcK' #ph'Rac, . . .K#P'Hra Ck' #PHr ... .aCk' #Ph rA, 'cK#, .pHr' .AC 'K# 'Phr, .aCk' #P' ... rAc ' .K.#P Hra ... . cK# .pHR .a, cK# . . .. pH, .rAc' . 'k#P .HR . .. .. . 'Ac .K#' . 'PHr. '' .. . . . aCk ' . '#PH, . . ... .rA.'cK' . .. '#PH, ... .rAc' k#, ..... .PH 'rAc, .K#P' 'Hr . aC' 'k#P, .hRa' cK# . pHr 'aCk, .#Ph'____________________________ rAc ______________'K#P, .HRACK#PHRACK#PHRACK#PHRACK#PHRACK#'.PH RAC#PHRACK#PHRACK#PHRa. ... cK' #Pr aCk #Ph rAc K#, .Ph 'RA CK' #P. .hR aC.K# PhR A . Or contact us via seance |=------------------=[ S A M P L E A R T I C L E ]=------------------=| With the recent trend of everyone writing a book, the phrack staff have taken a break from our usual research to give it a try. For your reading enjoyment, we give you a sample chapter from our upcoming book, "Know your enemy: The Security Industry". The first chapter is titled "The Art of Being Pwnd." I'm not sure I like the title, but the rest of the staff tell me it fits. Give it a read, and let us know what you think. ------------------------------------------------------------------------- Chapter 1: The Art of Being Pwnd If you don't like your job you don't strike. You just go in every day and do it really half-assed. Thats the American way. -- Homer (Simpson) It was another uneventful 2600 meeting for C1tiZ3n, the New-York kids were bragging about their latest 'big' hack and passing around the new Mitnick book, "The Art of Intrusion", while trying to avoid the advances of Emanuel in his halter top purchased at CCC. For C1tiZ3n this was particularly a concern, as he was unusually fit for a hacker, probably lucky genetics. When things would get desperate, C1tiZ3n had taken to pretending to listen to rebel, just to avoid Emmanuel (and fleas). With the meeting over, The Mitnick book kept rolling through his head. As a younger kid, C1tiZen had looked up to Kevin as a role model. His room still had some of the 'Free Kevin' stickers from the campaign to release him from his wrongfull imprisonment (and suitable friendship with 'Bruno'). C1tiZ3n had wanted to be just like kevin -- able to launch a nuke by whistling thru a telephone. But no more. After his release, Kevin had turned his back on all that he once was -- selling out his hacker ethic for a business of selling snake oil to fat executives who wanted to hear him talk about social engineering and hacking. Business had been good for Kevin, from what he would say when he came to the 2600 meetings, he was making a killing at his speaking engagements. It was sickening to listen to him go on about it. Kevin had become just another white-hat -- profiting from manufacturing fear in his clients, and then by offering solutions at a highly exorbitant cost. He was now no different from Custom Shimomura -- a Gonif. In the depths of his anger and despair, C1tiZ3n remembered reading in Kevin's latest book something about how secure his systems were, and how much it would mean for someone to hack him. Grabbing his copy of the "Art of Intrusion", he looked for it. There it was: "Hackers play one-up among themselves, Clearly one of the prizes would be bragging rights from hacking into my security company's Web site or my personal system." -- K3v1n Mi7n|cK Maybe, just maybe Kevin could still be saved, and if not -- convinced to give up his sinful ways and follow his anger back to the true way. An idea was forming in C1tiZ3n's head, a little bit of his own Project Mayhem -- PHC style. He would need help for this, especially if he was to do it right. Another Day, Another Half-hour Interview ---------------------------------------------------------- Safely back in his room, Kevin took a few minutes to catch up on email. These conference organizers had just hit him with a surprise interview. This had been a re-occurring problem, but Amy had worked out a solution. In his email was an email that Jen had sent on his behalf from his mitnick@newleafproductions.com account. Carlos, Please correct the following balance to Mr. Mitnick's account: Bla, Bla .. more money talk. "This is why I pay her to take care of me." A paragraph lower down in the email caught his eye: Further, in section 3.03, the contract states, "For each additional interview, up to thirty (30) minutes in length, the Speaker requires one additional night in the event venue, all room and tax charges, all meals for one (1) additional day, Internet service, laundry service, and ground transportation. All of these expenses must be pre-paid by the Client in USD prior to the delivery of the extra interviews." "Jen is so sexy when she talks legal", Kevin thought. That should help put an end to these surprise interviews. "My clients are already cheap bastards, they will definitely think twice now before trying to spring an interview on me". Despite this, somehow the phrasing of the paragraph bothered Kevin. "..delivery of the extra interviews.", That makes me sound like a whore selling my 'wares' to the 'Client'. "Jen will have to reword that, but its good enough for now.", he thought. The next email was from Gonzalo Zapata asking for the POWER POINT PRESENTATIONS for the Argentina conference. "Why the fuck do those spicks have to put that in all caps? God, I wish i could just hack a bank or something so I wouldn't have to put up with these armatures." Kevin signed, fired off a quick email to Matthew C. Beckman (aka nulllink@nulllink.com), inquiring why he wasn't responding to email. That done, kevin closed his laptop. Time for some drinks at the bar, courtesy of his suffocating fan-base. He paused, remembering to take some business cards with his 'junk' email address to give to losers he never wanted to hear from again -- like that Scott Madison guy he met at the Sydney workshop at the Sofitel. Target: Mitnicksecurity.org ---------------------------------------------------------- Meanwhile, C1tiZ3n has been busy researching his mark. Apparently, he had his work cut out for him. Not only was kevin running on a ultra-secure freebsd web-hosting provider, they used some of most advanced security software that money could buy -- Snort. With top security experts working at Mitnick's security company and more still in his phone book, C1tiZ3n thought that this would be the hardest job yet. He was soon to learn he was wrong. Kevin had left demo scripts publicly available on his web-site. Better, the demo scripts were for sql injection vulnerabilities. That is all that is necessary. C1tiZ3n had a older UDF that he wrote months ago on his laptop, all that was necessary was to store it into the database and then drop via INTO OUTFILE. A couple minutes work later, he was greeted with a login shell to kevin's site: $ls -l total 5562396 drwx--x--x 9 mitadmin mitadmin 4096 Jun 14 16:50 . drwx--x--x 90 root root 4096 Jun 7 22:41 .. -rw-r--r-- 1 mitadmin mitadmin 5650470878 May 9 01:24 backup-02-09-2005.tgz -rw------- 1 mitadmin mitadmin 3919 May 27 16:22 .bash_history -rw-r--r-- 1 mitadmin mitadmin 399360 Apr 28 13:55 clid2.tar -rw-r--r-- 1 mitadmin mitadmin 399360 Feb 23 10:58 clid.tar -rw------- 1 mitadmin mitadmin 25 Jun 14 16:14 .contactemail -rw-r--r-- 1 mitadmin mitadmin 10 Feb 9 18:25 .contactsavetime -rw------- 1 mitadmin mitadmin 1682 Jan 24 02:18 .cpanel-ducache drwxr-xr-x 3 mitadmin mail 4096 May 23 09:19 etc drwxr-xr-x 34 mitadmin mitadmin 4096 May 23 09:19 .htpasswds -rw------- 1 mitadmin mitadmin 14 Jun 14 16:14 .lastlogin drwxrwx--- 3 mitadmin mail 4096 Jan 17 21:38 mail -rw-r--r-- 1 mitadmin mitadmin 38559604 Apr 25 10:15 mitnickpromo2.mov -rw-r--r-- 1 mitadmin mitadmin 399360 Jan 31 07:24 newclid.tar drwxr-xr-x 3 mitadmin mitadmin 4096 Jan 17 17:00 public_ftp drwxr-xr-x 40 mitadmin nobody 4096 May 23 09:19 public_html -rw-r--r-- 1 mitadmin mitadmin 13 Jun 14 16:14 .rvlastlogin -rw------- 1 mitadmin mitadmin 24 Mar 28 03:33 .spamkey drwx------ 6 mitadmin mitadmin 4096 Jan 24 02:16 tmp drwx------ 2 mitadmin mitadmin 4096 Jun 14 16:26 .trash lrwxrwxrwx 1 root root 11 Jan 17 17:00 www -> public_html Quickly looking through the directories, C1tiZ3n made note of some directories that looked particularly intresting. Pausing for a second, C1tiZ3n chuckled as he looked at ralph's directory: $ls -l public_html/ralph ./public_html/ralph: total 6272 drwx--x--x 2 mitadmin mitadmin 4096 Jan 24 15:49 . drwxr-xr-x 40 mitadmin nobody 4096 May 23 09:19 .. -rw-r--r-- 1 mitadmin mitadmin 6391141 Jan 23 03:43 Deltron 3030- Virus.mp3 -rw------- 1 mitadmin mitadmin 4 Jan 23 03:28 .ftpquota -rw-r--r-- 1 mitadmin mitadmin 142 Feb 20 08:49 .htaccess "Fanboi", C1tiz3n thought. "Enough of this browsing, now work really begins". 30 days and $1,436 dollars later ---------------------------------------------------------- "How much was it?" Kevin was insensed. "One thousand, four hundred, thirty five dollars and ninety-nine cents", Caroline repeated calmly, adding " Its mostly from the international calls while you were in Greece and South Africa. "Pay it.", he snapped. Adding, "We need to find a more cost effective solution." TMC had been good to kevin. Their prices were not that exorbitant, and their service had been acceptable. This bill though, it was almost seven times average. "About the books for your signings.", Caroline was wanting a different subject badly. "I had them shipped to you at the 7113 West Gowan Road, Las Vegas address. From what the publisher said, the advance orders are going very well." "Good. Ive already been contacted about the identities of one of the chapter's subjects. Seems the FBI is investigating, and they decided to pay me a visit." "What will you do?", ask Caroline. "I don't want any more trouble from them, I just gave them what they wanted. They promised it would not be attributed to me. If word of this got out, no one would ever dare talk to me again." Kevin never really recovered from his stay in club fed. The beatings, the brutality, Bruno. He had been betrayed by his friends, and now he would do whatever it took to stay out -- even if itment being the low-life type narc that landed him in jail in the first place. "You did what you had to. After what they did to you the last time, I don't think anyone can blame you. Besides, better them then you." Caronline consoled him. He was her meal ticket, and she knew it. "Well, enough. I'm going for a jog. Talk to you later." Surveying the prize ---------------------------------------------------------- Pay-dirt. Looking through the directory listing, C1tiZen noticed that apparently kevin was not above the use of pirated files in his company. Particularly, Compuware's softice, Core Impact and CANVAS. It seemed that the files were purposefully placed in world accessible directories for download during penetration tests. All through the site were power point presentations that kevin used in his engagements. Janis's home directory contained most of them (her password is crypt0). And there was the presentation that C1tiZ3n had seen before -- the art of intrusion power-point. "He needed to update his definitions of a black hat hacker", C1tiZ3n though. "Not only do they hack for personal or political reasons, but also for financial gain. Like when TWD was hacking sites to feed his heroin addiction. On second thought, white-hats are not much different -- they exploit the fear of their clients for financial gain to feed their addictions. " C1tiZ3n sighed, "How the mighty have fallen.", he thought. Moving further down the file listing, the 'pen-testing' directory caught his eyes. Inside was a treasure trove of files from penetration testing jobs that kevin had sold to unsuspecting victims^H^H^H^H^H^H^Customers. There were reports, and logs, and the most interesting files were trophies that kevin retained from his exploits. "Old habits die hard, heh." C1tizen downloaded and opened one report -- for Midland Credit Management. "This form looks very familiar." It was rare that two companies would have the same layout and style for a report, and C1tiZ3n had seen a report like this before. "Here it is. " C1tiZ3n chuckled, "Mitnick has ripped off a template that looked excatly like one from when he had owned rooted.net" -- A weekend previously In a frenzy of irc hacks, C1tiZ3n had encountered a guy on one of his many ereet SILC servers, Mrx. Mrx was particularly smug and often liked to talk about his many eveningz with Mitnick along with a nice chianti and vava beans. These SILC conversations would often involve the conversations normally reserved for special evenings with Kevin C1tiZ3n felt the occassional anal rape was worth standing so he could find an angle onto the great dissapointment.. C1tiZ3ns shell from rooted.net was enough to provide access to Mitnicks social calender, emmanuals 2600 "money shots" and his life, including corporate reports and a kick-ass email address (c1tizen@anally.rooted.net). ---- The Present day The midland report made for interesting reading, but what was more interesting was what it didn't say. It said nothing about the credit record files that kevin stored in the penetration directory, publicly accessible to the world, that were downloaded from Midland. "Kevin's retirement plan", C1tiZ3n joked. Disgusted, CitiZ3n closed his connection. "I can't take it anymore, Kevin used to be _the_ hacker of hackers. Now he's just another stinking white-hat. The community used to rally around him, but now he betrays us -- exploits us for his financial gain. Exploiting his own clients -- first their fear, then their trust. " "Free Kevin?", thought C1tiZ3n, "No.. Put kevin back, please!" --------------------------------------------------------------------------- So, what do you think of the first chapter of our new book, "The art of being pwnd?" I enjoyed writing it, and I hope you enjoyed reading it. Stay tuned for our next chapter, "How to Own a Publisher". [-]=====================================================================[-]