Jump to content

[REVISED] Why USB Hacks are not going to help you learn....


natural_orange

Recommended Posts

These are my thought on the "usb hacks" please post intelligent responses, I don't want to start a flame war.

It was really a great idea to begin with, exploit the "AutoPlay/AutoRun" feature of windows, used mostly to ease the installation of software, and later exploited by Sony to install there anti-piracy root-kits.  But instead of using a CD, you are using a Virtual CD in the form of a U3 Flash Drive.

First, at this point I can easily defeat the "Switchblade" or w/e you wish to call it simply by disabling AutoPlay/AutoRun and installing Anti-Virus (which now detects all of the Nirsoft "utilities" and other various "tools" as infected. (CA Anti-Virus/Anti-Spyware)

Second, this is not really hacking or coding in any form.  Nobody here, that I am aware, has written any code short of a few vb and batch scripts.  Which makes this what the more experience people of the forums would call "skidde" or "script kiddie."

Lastly, though I'm not going to call you all stupid idiots for doing this, I just think that you should do this to learn about exploit that still exist in Windows, and what you can do to protect yourself. 

Though I doubt anyone will care, I think you should really spend more time learning other things, branch out and come up with other ideas.  Mabey your next idea could grow into a popular project, Hak5 is great place to get help on your project there are a lot of people here with a lot of experience and knowledge.  I just think it's a waste of a lot of talent that all of our time is spent on this.

Link to comment
Share on other sites

USB hacks is under new moderation, things will be different shortly, please try to read the threads elsewhere before expressing your displeasure here.

I know this post might offend people, so keep in mind as you read it that I am entirely sincere, at some parts bitter and saddened over the controversy this has caused, but at no part angry with those who feel otherwise.

Not to discourage discussion, but USB hacks wants no further negative criticism in the forums, especially within this subforum.  When the issue came up, it was not discussed here initially, as it should have been, where someone would have provided an opposing viewpoint.  Instead, other areas were chosen to discuss the matter.  Those who oppose usb hacks have made two conflicting points as well.  The first is that too many script kiddies are moving from here out into the rest of the forums, and the other is that too many script kiddies are joining and not providing any benefit to the rest of the community.  Personally I believe that USB hacks acts as its own community, and people here rarely leave.  The reason everyone is pissed off, as far as I can discern, is that they personally hate skiddies, aren't mature enough to ignore something that in reality has no affect on themselves provided they stay out of these subforums, and are offended that this area has brought a lot of viewers to the show.  In my opinion it's far too late to have this discussion, especially seeing how recent attempts have been carried out.

As to the technical integrity of the project, I hope to convince you otherwise.

Let's start here: http://gonzor228.com/

Our website was created as an extension of our payload.  Looking at the site:

  • [li]it was written in php (there's a lot behind the scenes that isn't public yet)[/li]

[li]it required us to become proficient in managing and installing wordpress[/li]

[li]numerous pieces of art were created for the site[/li]

[li]we learned how to use mediawiki in order to provide our wiki[/li]

[li]we learned how to use iframes with lytebox, and how to use them securely[/li]

[li]we have experience calculating md5 sums[/li]

[li]we have experience with smf and moderation[/li]

[li]we have experience in running a website, all parts from start to finish[/li]

Many of these things such as the md5 sum are easy, yet we had no practical experience of actually doing some of these tasks.  Others like the as yet invisible php back end were more difficult, and required a substantial time investment to complete.

I've also created other pieces of art for the payload and miscellaneous programs for it, learned numerous parts of the java language explicitly for this project, and have started picking up C++.  I've learned how to manage a subversion repository, how to install and configure parts of apache, and learned additional parts of the windows API.

Merely the experience of interacting with other users to resolve issues, to see positive results of my contributions has made my time here worthwhile.

I've also made positive changes at my school.  I'm quite friendly with the network admins, however resistant to change they may be, and have helped them remove risks they previous exposed themselves to.  I think it would have been hard to provide a more convincing demonstration of their insecurities than the switchblade.  Things like changing grades, abusing net send, and locking users out of computers (altering read privs of others for the system 32 directory) as well as people sniffing the network.  Many of these issues are now essentially resolved.

These are just a few examples of my experience working on the payload.  Also others have had positive experiences as well as being inspired to learn more than they previously understood.  People like g-stress, whose post here shows him exploring batch.

http://forums.hak5.org/index.php/topic,660...2.html#msg74642

He was certainly inspired to learn at least a little, and his progress shows from the top of the page to the bottom.  He picked up someone else's code, he changed it, his curiosity and desire for knowledge are demonstrated here.  Isn't that what being a hacker is about?  That drive to play with things, to modify it to your benefit?  I believe the usb hacks subforum has the capacity to be an extremely beneficial experience in many peoples lives, if only those who oppose it will let it.

Link to comment
Share on other sites

Without wishing to turn this into another USB hacks bashing thread, I'd say that the reason for the hatin' is the fact that the pre-assembled payloads may attract those who don't wish to learn but instead want to own machines without having to understand how the payloads work. Many of us have no problem with the constructive uses (backups, update or software installation) and the security angle that's no doubt apparent to most. The reason that's an issue to some is it attracts a crowd that contains not only those who think it's an interesting concept but then move on but also some that simple want to get their kicks by breaking others' machines.

With that said, I'll mention that I'm happy with the thought of new moderation for several reasons. For a start, there's someone with an interest in the topic moderating so development isn't stifled and secondly it means I don't have to worry about it. If this works out, there's a chance that the number of "skiddies" might well reduce and the overall feel of the USB hacks in general will be somewhat improved. Again, I have no problem with the concept, some very useful things can be done with it, it's just the abuse that I dislike and that can be reduced with proper care.

I've said it elsewhere but I'll reiterate it here, I know not everyone's perfect and we all have different thresholds that define what we call right or wrong, worth it or pointless, white or black, whatever, and I know that some people will use the USB tools wherever they see fit. What they're used for might not be what I call worthwhile or useful but I'm generally a lot happier if that person actually put work into the tool. That's essentially the definition of a skiddy - someone who uses preconfigured scripts or tools to adversely affect the working of a machine or network that isn't theirs to mess with without understanding what the tool does or the damage they/it may cause. On the other side of the coin, if someone downloads these payloads to dissect them and see how they work, perhaps to improve them or make useful tools of them, that's an advantage to keeping them.

It's been a tough issue in my mind because as usual I can see a zillion points of view at once. The reason people reacted as strongly as they did was that this was a major tipping point for the show itself and the community around it. It signified the end of Hak5 and the community as the core members knew it. Since that first episode with the switchblade Hak5 and its community will forever be associated with what so many people thought was a bad idea (for the reasons I mentioned above, the pure opportunity for (and in some cases, encouragement of) serious abuse).

Hak5 was never hardcore in some peoples' eyes and perhaps that's true, but the shred of dignity, respect and potential for worthwhile accomplishment we felt was left had been ripped from us and replaced by a high speed train that goes only one way - into a 10ft thick concrete wall, a wall upon which sat 100s of laughing, screaming, "gonna-hack-you-mofo" kids waiting to tear this place limb from limb...

Ok, so perhaps that last paragraph went a little overboard, but the essence of what I said is true, it felt like someone had taken something mildly interesting and entertaining and threatened to turn it into the exact opposite of what we were really beginning to enjoy.

Any, before this post gets any longer and before I ramble more, I'll just close by saying this; I'm prepared to wait and see where it goes before passing judgment on the situation again.

Link to comment
Share on other sites

(Note: I've never seen the USB Hacks scene as that intresting, inititally it had a "hey, thats cool" vibe to it, but as it stands its not really that intresting for me).

Ok, how about this deal, relases here will not be fuilly functional ready to role packages, but instead a detailed guide to building that release.

Kinda like going to a class to learn how to bake a cake, you don't get given a cake, you get given the instructions and pointed to the resources needed.

Also, if you have a vested intrestest in USB hacks, ie your a payload creator, get in on this discussion.

Link to comment
Share on other sites

I don't think anyone ever thought of 'USB hacks' as real 'hacks' at least i never did.  That being said i think they're a ton of fun to make and use on your friends.  Out of the hundreds of times i have used my many different switchblades i have only used it 2 times to gain access to a system (other then my friends).  If you have physical access to the computer there isn't much anyone can do to stop you from doing anything the switchblade does, it just makes it more convenient / faster.

Link to comment
Share on other sites

I've learned quite a bit about UFD's from the usb-hacks section .

True, the payloads are way to easy for skiddies but something good has come out of all this :

From what I hear micr0$0ft will be ditching autorun without user-prompting all together as a direct

result of the switchblade/hacksaw .. So, we managed to get m$ to remove a completely idiotic

but "user-friendly" (for computer-illiterates)  feature. That is some achievement IMO  :-P     

Link to comment
Share on other sites

I've learned quite a bit about UFD's from the usb-hacks section .

True, the payloads are way to easy for skiddies but something good has come out of all this :

From what I hear micr0$0ft will be ditching autorun without user-prompting all together as a direct

result of the switchblade/hacksaw .. So, we managed to get m$ to remove a completely idiotic

but "user-friendly" (for computer-illiterates)  feature. That is some achievement IMO  :-P     

Thats great to hear. I was afraid the Vista approach would stay until Windows was no more.

The major problem of course, is the fact that most computer users are unaware of things like this until it happens to them.

On another note, what if we used these as admin self repair kits? You would put it in, and it would auto run a isolated AV program that is located inside the flash drive.

*This is one of those threads that I think is a great development in the history of USB-Hacks.

Link to comment
Share on other sites

I was afraid the Vista approach would stay until Windows was no more

Well, I'm afraid that is pretty much how it will be but at least the user has to do something first

to allow autorun to happen. The thing is that many people LOVE autorun so they can't just kill it entirely .

Micr0$0ft and $andi$k have joined forces in some new u3-implementation, lets see what they do with u3's DRM !!

what if we used these as admin self repair kits
exactly, there are lots of legitimate ways to use

a hacked u3-drive, you could even have a Knoppix Live-Disk on one ..

Link to comment
Share on other sites

I think the USB hacks were a great excercise on how insecure Auto-Run/Auto-Play and on how it can be used to automate things.

Whats wrong is that its attracting a huge crowd of people that are only intrested in stringing together a handfull of nirsoft or pwdump apps and using them to STEAL passwords and information from there 'friends'

Most people in this forum are not using them to automate driver updates, or install software, or anything of real use.  We just say that to justify why this section still exists.

This Is My Challenge To The Memebers Of This Forums:

Make a USB "Package" from scratch, that does something useful, installing firefox for your friends, idk something creative! BE CREATIVE!  If you start developing packages that are useful, and interesting more people would give you respect.  BUT if all you want is to come in and dump someone's package onto your flash drive and "pwn" your friends, or school, YOU ARE NOT LEARNING ANYTHING!!. 

ANYBODY can dump files onto a flashdrive, wouldn't you much rather build something yourself that is useful.

Link to comment
Share on other sites

i must completely agree with moonlit, especially on why we have turned against it :

It's been a tough issue in my mind because as usual I can see a zillion points of view at once. The reason people reacted as strongly as they did was that this was a major tipping point for the show itself and the community around it. It signified the end of Hak5 and the community as the core members knew it. Since that first episode with the switchblade Hak5 and its community will forever be associated with what so many people thought was a bad idea (for the reasons I mentioned above, the pure opportunity for (and in some cases, encouragement of) serious abuse).

Hak5 was never hardcore in some peoples' eyes and perhaps that's true, but the shred of dignity, respect and potential for worthwhile accomplishment we felt was left had been ripped from us and replaced by a high speed train that goes only one way - into a 10ft thick concrete wall, a wall upon which sat 100s of laughing, screaming, "gonna-hack-you-mofo" kids waiting to tear this place limb from limb...

Ok, so perhaps that last paragraph went a little overboard, but the essence of what I said is true, it felt like someone had taken something mildly interesting and entertaining and threatened to turn it into the exact opposite of what we were really beginning to enjoy.

Any, before this post gets any longer and before I ramble more, I'll just close by saying this; I'm prepared to wait and see where it goes before passing judgment on the situation again.

it was a fun project at the beginning.

but  then skiddies came in and started regurgitating the same scripts over and over with minimal to no change.

i left the forums a while because it got overpopulated, i usually prress the post since last visit button, and having it fill up with loads of useless usb payloads with slight difference was quite annoying.

since my return it has calmed down,

and rpk5000 and gonzor etc have actually made some progress so no beef there ...

(i'm tired of usb hacks but support your project)

its the skiddies regurgitating and making video tutorials on youtube for all their skiddie buddies that pisses me off. and as moonlit said the change from a thight contributing core, to gaining thousands (exagerating (?)) of useless skiddies who post 5 - 15 of low quality to useless posts and then dissapear until they need a new payload. it becomes large, unpersonal, and ruins the atmosphere

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...