Jump to content

DingleBerries

Dedicated Members
 View Profile  See their activity

  • Posts

    1,291

  • Joined

  • Last visited

 Content Type 

Posts posted by DingleBerries

    Botnet tutorial?

    in Security

    Posted

    Step 1. Find some bot source code.

    Step 2. Mod source code to point to your server, IRC/Web/ICQ.

    Step 3. Make sure bot is contacting home.

    Step 4. Bind that to another program.

    Step 5. ????

    Step 6. Profit

    The principal around bots is not complicated, the inner workings and source is what makes them interesting. After you get your hands on some sauce then you can start with all the complicated things, keylogger, inform other bots, crypt traffic.

    Play with this:

    Simple IRC bot http://www.osix.net/modules/article/?id=780

    Mod the code in order to execute system function when a command is sent via irc. You can also build in other classes and what not. Im not going to go into spreading your bots because that is illegal and should be self explanatory.

    Vulnerability Search?

    in Security

    Posted

    I can understand them not wanting to have a live test done one their network if they do no have any production/test boxes. Some companies just cannot afford that, although it is a good practice to have backup/production/main. Darkcode has a milw0rm script for going threw vulns. but I find securityfocus.com to be better and easier to use.

    Great tool

    in Interceptor

    Posted

    The only problem is where I put it. If i do not have wifi access there, external, then I cant stream it to a vpn. Saving logs to a physical media will allow me to dump them when im near by, via a held held, or to get them via ftp/scp. All in all this is really awesome. A network tap but transmitting the data wirelessly... Beyond words.

    Great tool

    in Interceptor

    Posted

    Now if only there was a way to add a sd card to the device and have it log packets there, then come back and retrieve the packets and reset the memory. Maybe when the fon2 comes out we can see this.

    Can't Boot

    in Questions

    Posted

    With out seeing what it looks like its hard to say, you may be able to fix the mbr. No offence but it doesnt seem like you know what you are doing so its hard to walk you threw step by step, especailly since there is google. You can try shrinking the windows partition and installing ubutu on a new partition and seeing if it picks it up and then reboot and use grub to boot back into windows OR ubuntu. Other than that just format it, not of value is lost.

    BBC botnet

    in Security

    Posted

    BBC has some great lawyers and they more then know the law, but Section 7 of the Computer Misuse Act 1990 is about territorial scope. In subsection sub subsection 1B it says that the law still applies if they are a party in England or Wales and it describes how. It says that they may become a party via an agent, what type of agent is made clear but to me I think of the agent here being the internet and alas herein lays the problem. With that logic it can be said that if I exploited a computer in the UK I fall under this law, extradition is possible but it is more likely I will be heard in a US court. The act itself took place in the UK, the zombies may not have been in that area but the law "should" still apply. I think at the bare minimum this should be heard in court so that there will be some type of precedent to base future conclusion off of.

    BBC botnet

    in Security

    Posted

    Reading over the Computer Misuse Act 1990, not sure if that's the newest version there are a few things that although may seem morally right are against the law. Here is the url I am using:

    http://www.opsi.gov.uk/acts/acts1990/UKpga_19900018_en_1.htm

    Section 3: Unauthorised modification of computer material

    (1) A person is guilty of an offence if—

    (a) he does any act which causes an unauthorised modification of the contents of any computer; and

    (B) at the time when he does the act he has the requisite intent and the requisite knowledge.

    To fulling understand that you have to also read article 4. You would have to prove that BBC had the intent "to impair the operation of any computer" it doesn't seem like they did that. Although they changed the wall paper that did not impair any operation of the computer, using the resources, bandwith/cpu/ect, may have though. Article 6 of section 3 is also interesting;

    (6) For the purposes of the [1971 c. 48.] Criminal Damage Act 1971 a modification of the contents of a computer shall not be regarded as damaging any computer or computer storage medium unless its effect on that computer or computer storage medium impairs its physical condition.

    This article seems to back up the claim that modifying the wallpaper is not a criminal act. I thought I read somewhere that they did remove the bot from the computer. If this was a mission critical system, life support/power plants/ect, and removing the bot had some ill effect on the computer, it was hooked into the kernel, and it was unable to boot then it may be a criminal offence.

    Article 17 deals with interpretation of this bill, don't know what they call it in the UK. Section 7 article 2 says that if the "program" out puts any data whether by having it displayed or in any other manner is illegal. Droping down to article 4, For the purposes of subsection (2)(d), describes what exactly is meant by this;

    (B) the form in which any such instructions or any other data is output (and in particular whether or not it represents a form in which, in the case of instructions, they are capable of being executed or, in the case of data, it is capable of being processed by a computer) is immaterial.

    Now I get back into the wall paper subject. Article 7 says "A modification of the contents of any computer takes place if[sic]" subsection b, "any program or data held in the computer concerned is altered or erased". How do we know that this is illegal? Article 8

    (8) Such a modification is unauthorised if—

    (a) the person whose act causes it is not himself entitled to determine whether the modification should be made; and

    (B) he does not have consent to the modification from any person who is so entitled.

    It would seem that what they did was illegal. I cannot find more information about ddos laws in the UK but from what this says all of what they did was illegal... using resources, changing wall papers, sanitisation of the zombie. Its up to the court to decide really, this is a hard bill to understand.

    BBC botnet

    in Security

    Posted

    Erm, sorry no, DDoSing someone which you have permission to do so is completely legal, obviously you need to have permission to use the resources as well, but there is nothing illegal about the act, penetration testers sometimes use limited DDoS to cause diversion from their other attacks.

    Erm, no. There is alot of grey area here. The resources do not just belong to the infected computer, but also to the ISP. Now this isnt the case here but with a large/powerful enough bot, say a corporate network, you run the risk of over running the servers at the ISP. Depending on what the damage is, how long others had to go without internet, then the ISP may decide to track you down.

    Seeing as they only used 60 or so bots to attack this site then it probally did not do any harm. Also you are causing a local dos on the bot computer because you are using there resources to do the attack, but you already covered that.

    I dont want to argue about it, the Police And Justice Act 2006 says that if you do this with just the "the requisite intent" or "the requisite knowledge" of impairing the operation of a computer, prevent/hinder access to any program or data held on a computer or to impair and operation on a computer then you can be punished by 2 years in prison. I cant help but think of it all the way from the bot to the isp to the target, all of the systems are being impaired but that is just how I look at it.

    I do not live in the UK so I am just going off of what Ive read and what people have told me.

    BBC botnet

    in Security

    Posted

    Even the act of DDOSing alone was illegal, even if they had proper authority from the owner of the server... but really who is going to do anything? I am a bit upset that there has been no legal action taken.

    Can't Boot

    in Questions

    Posted

    Have you tried booting GParted yet? From there you can erase the partitions and start a new... Dont use third party tools in windows if you dont have to. Microsoft has done a great job making sure things work... i.e. their defrager. Next time just install Vista(if you want that to be the fastest OS) and then Ubuntu... or move Vista to the middle and Linus in front with a swap file.. Ubuntu will auto detect windows and work accordingly.

    Newbie: U3 drive recovery

    in USB Hacks

    Posted

    I dont know much about the other projects, alot of the tools are picked up by AV so I tend not to use them... but I am sure there is a way around it. It may also be your PC that auto opens mounted devices.

    About your sd card reader... I dont know lol. Are you trying to dump the firmware?

    Newbie: U3 drive recovery

    in USB Hacks

    Posted

    U3 Launch pad is correct.

    Antivirus will pick up tools already flagged as hacker tools or the like, however it cannot delete them, only stop them from running. Best to pick up some type of coding language so you can make your own. Python is great and Im sad I didnt learn it first, still not a very good coder but I get by.

    Other than that just think of something you want to do and as long as autorun is enabled you can pwn your heart out.

×
×
  • Create New...