Hacking: April 2004 Archives

Freedom Downtime

| | Comments (1)
Kevin Mitnick in custody Freedom Downtime is a documentary from 2001 by Emmanuel Goldstein (of 2600 fame) about the mistreatment of Kevin Mitnick by the US legal system. If you don't know who Kevin Mitnick is (and are willing to admit it), he is arguably the most famous computer hacker of all time. Described as a master of the telecommunications system and expert in social engineering, the government held him without bail for almost five years in maximum security prisons with questionable claims of his exploits causing over $80 million in damages.

The documentary itself is nothing earth-shattering. Lots of shaky shots of the road through the front window of their rented car as they drive all over the US while a narrator explains the next piece of the story. Unlike Michael Moore, Emmanuel never actually gets past the lobby of any corporate buildings to ask the tough questions. I suggest he bring a large fake cheque next time.

The documentary concentrates more on the injustice of how Kevin is treated rather than trying to explain any specific action. In fact the movie doesn't really tell you anything about what Kevin may or may not have done. At one point, a girl they are interviewing asks "And why is he in jail? Oh.. right.. 'hacking'." She looks as confused as I felt, and maybe that was the point.

John Markoff, a reported for the New York Times, capitalized a fair bit on Kevin Mitnick with some low-fact, high-speculation front page stories, as well as a book that was then made into a movie. The documentary has an interview with Markoff that, in my opinion, makes him look pretty foolish, but the interview segment is composed of about 20 short clips making you wonder what we're not seeing. He comes across as really knowing very little about Mitnick and the damage he is causing with his NYT clout. At the time of the documentary, he had written numerous articles, a book detailing Mitnick's capture, been involved in the movie based on the book, and yet had never actually met Kevin Mitnick.

You can buy the movie from the 2600 Store for $20, but it is also (legally?) available for download through this torrent or this torrent. Definitely worth a viewing.

Naked PhatBot

| | Comments (1)
A denial of service (DOS) attack typically requires a coordinated effort of a large number of Internet hosts to simultaneously flood the host under attack. A sizable number of machines all sending copious amounts of packets to a single machine or network can overload it to the point where it becomes unusable, or perhaps even cause it to crash.

The hosts involved in the attacking are often regular home computers that have been hijacked into doing the attacker's bidding. The computers have somehow become infected with a program that takes commands remotely. Many of these programs login to the Internet Relay Chat (IRC) network and join a predefined IRC chat area. Once logged in, they sit and wait for commands. When their master wants to launch an attack, he connects to IRC, informs all of the connected servant programs what he wants done, and they go do it. Spooky, eh?

The LURHQ Threat Intelligence Group has dissected one of these servant programs named PhatBot and posted information about its feature-set, just how advanced they have become and the list of commands they can respond to.

Here are a few of the more interesting commands:
  • bot.command :: runs a command with system()
  • rsl.reboot :: reboots the computer
  • ddos.synflood :: starts an SYN flood
  • redirect.https :: starts a https proxy
  • harvest.cdkeys :: makes the bot get a list of cdkeys
Remotely starting proxy servers? Harvesting product CD-KEYs? Things have apparently come a long way since back in 1995 when we thought sending disruptive vt100 codes to someone's terminal over 'talk' or IRC was way cool. Too bad such an impressive distributed network of computers is being used for petty mischief rather than something worthwhile.

About this Archive

This page is a archive of entries in the Hacking category from April 2004.

Hacking: December 2005 is the next archive.

Find recent content on the main index or look in the archives to find all content.