The Plague

posted onApril 16, 2001
by hitbsecnews

Written By: bonghittr

Before I Start this article I want to make sure people understand why I used the terminology I used. A hacker is now known by the mainstream as someone who illegally breaks into boxes. So in turn I have decided to use the term hacker in this manner. I apologize if this offends anyone, and I know that this is not the true meaning of hacker, but it make the article much easier to read and write. I first saw the term Skript Kiddiot on the site www.antioffline.com, I figure I should give them their props and not take credit for this creative moniker. We have seen a new society growing within the underground, this new society has no respect, no morals, and no yearn for knowledge. All they do is root and deface, root and deface. This is a waste of precious server resources. They are like insects. They go out and find the lowest form of exploits and servers, exploit them, and waste their valuable resources on some lame rant about their girlfriends. This new group which has formed, has been dubbed Skript Kiddies, or my favorite variation, Skript Kiddiots.

They are usually found in groups, usually its a few drones, all empowered with the latest scripts by a few programmers(queens). This creates a multitude of issues. None of the drones have any respect for any of the knowledge of which the have attained, or should I say scripts they have attained. They load up mass scanners, compile huge lists and root servers, with ease. The only part that isn't done with automated scripts, is downloading the rootkit from their ftp site. The rest is simply unzip, untar, make install, and BAM! they have their own box. Now if they had any knowledge they might go a little farther into securing the box, but more often than not they wont.

These groups often operate like a colony of insects. This is done with a few leaders. These leaders instruct the others on the basics of using scripts and linux boxes. Then the drones go out and try their newfound "skills" on vulnerable linux boxes. Then these drones will learn more slowly along the way. All the while they are making many mistakes along the way, most of the time causing chaos on the boxes they root along the way. Then after they have "refined" the kiddiot technique they will start looking for more high profile servers to take down. They will try their hardest to come across a server that has a website so they can change the index.html and get "props" for putting a "shout out" to their peers. Normally these messages aren't political in nature, but there are a few groups that consider themselves hacktivists (a term which i loathe).

These insects exploit such holes as rpc.statd, TSIG BIND bug, NXT BIND bug, and lets not forget the ever-popular Wu exploit. Upon finding a server which has a website, immediately they replace the index.html with their own rant about whatever is on their mind. Whether it is about their girlfriend, mom, or just about what they don't like in the world, and they actually believe this means something. They seem to believe that this is their mark on the world. These marks remind me of how dogs like to urinate on their territory to mark it. This is the same type of lower mentality these insects are sporting.

While saying they wish to learn about security and understand how a computer works, the insects will mostly just gather scripts, to further their exploit abilities, without ever understanding exactly how they work, or even what a stack , or heap is. An example of this stupidity is something that occurred on my Solaris box. It's a Ultra5 running a 400mhz UltraSPARC 2 processor. There is this one Script kiddiot that kept trying to exploit my box with a x86 statd exploit. All he had to do was nmap the box to see it was Solaris. Then try the x86 sploit for Solaris 1 time. If it didn't work, maybe an educated person would figure to try the statd exploit for SPARC. How dumb can someone be? He didn't just try it 1 or 2 times, but in the period of a week he attempted it 15 times. It was hilarious.

These are the types of people that are defacing the websites that are on www.attrition.org (not saying anything against attrition and their staff). The insects are completely clueless. I realize this is a blanket statement and that not all of them are clueless, but as for the ones that do have a clue about what they are actually doing, I say this: Think about the resources you are wasting on defacements. Anyone who knows what has happened in the scene in the past would not want to draw attention to themselves like these groups do. They would want to stay in the shadows away from the fame. The fame is what causes people to be caught. Someone who is sure that they know how to hack boxes and how it is properly done does not need publicity or fame. These people are happy enough just knowing that they could do it.

Personally, I think the problem boils down to, most of these people are teenagers. They wish to make their mark on the world and are going about it all the wrong way. They think that taking down sites or defacing them is kewl, when it isn't. Defacing sites is a slap in the face to the community. It gives us just the type of publicity we don't want. It's just as bad as releasing a hacker movie with little or no real facts in it (Hackers).

I think these parasites have arisen from the mentality that the movie Hackers created. They want to know how to do everything the easy way. They want to run the scripts and that's it, not understand how they work and what they do. They don't understand that they can be prosecuted beyond the scope of the law for what they are doing, and probably will be eventually, since they have no understanding of how logging works, or even how an IDS system operates. If they do not have basic knowledge such as this, how do they expect to bypass these systems? Even with the most sophisticated rootkit one would not be able to be 100% sure they bypassed all IDS systems.

I cant even recall the number of times I have heard someone say that they saw that movie Hackers and that made them want to get into hacking. That is pathetic in my mind. Hacking is not something that you want to get into because you see a movie that glorifies it. It is something that you get into because of your love of knowledge and computers.

I know that this article is going to upset a lot of people. Well, honestly that is the point. I hope this upsets you, because if it does it means your are probably one of the people I am speaking about. If this does not upset you, and you are a kiddiot, I hope it at least makes you think about what you are doing, and if you should be doing it with such little knowledge. Lastly On a side note, I realize that this article makes quite a few generalizations, which may not hold true to everyone. Granted there are some defacers out there who are quite smart and do their own coding, but even they need to think about why they are really defacing sites, and what purpose it serves.

1.) The Plague - bonghittr
2.) State of the Hack Awards #5 - madsaxon
3.) Part I: CISC and Windows the Hardware Weak Link - Knighty Knight
4.) Napster, MPAA, AOL, and how stupid people in power will kill the first amendment - unfrgvnme
5.) NetBios Shares -- Cracking Windows Machines - madirish
6.) I want my MTV - L33tdawg

Source

Tags

Intel

You May Also Like

Other Articles In This Section

Recent News

Friday, November 29th

North Korean hackers posing as IT workers steal over $1B in cyberattack
OpenAI is at war with its own Sora video testers following brief public leak
Found on VirusTotal: The world’s first UEFI bootkit for Linux

Tuesday, November 19th

CISA Director Jen Easterly, in Place Since 2021, to Step Down
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Friday, November 8th

North Korean hackers target cryptocurrency with malware
Man sick of crashes sues Intel for allegedly hiding CPU defects
Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Friday, November 1st

Youth of today say passwords are old news, passkeys are the future
Chinese attackers accessed Canadian government networks – for five years
OpenAI launches ChatGPT with Search, taking Google head-on
Here’s the paper no one read before declaring the demise of modern cryptography
Not just ChatGPT anymore: Perplexity and Anthropic’s Claude get desktop apps

Tuesday, July 9th

China's APT40 gang is ready to attack vulns within hours or days of public release
AI-Powered Super Soldiers Are More Than Just a Pipe Dream
The president ordered a board to probe a massive Russian cyberattack. It never did.
Massive car dealer ransom attack is mostly over after 2 weeks of work-arounds

Wednesday, July 3rd

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux
Two of the German military’s new spy satellites appear to have failed in orbit

Friday, June 28th

Indonesian Airports, Data Centres Hit By Worst Cyberattack in Years
Cisco Talos warns of wider security implications following Snowflake breach

Thursday, June 27th

I Wore Meta Ray-Bans in Montreal to Test Their AI Translation Skills. It Did Not Go Well
Researchers upend AI status quo by eliminating matrix multiplication in LLMs
YouTube tries convincing record labels to license music for AI song generator
Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk
Julian Assange to plead guilty but is going home after long extradition fight

Thursday, June 13th

Hackers show off jailbroken checkm8-vulnerable iPad and Apple TV running iPadOS 18 & tvOS 18 respectively
One of the major sellers of detailed driver behavioral data is shutting down
Turkish student creates custom AI device for cheating university exam, gets arrested

Wednesday, June 12th

Chinese-Made Biometric Access System Has 24 Vulnerabilities
Apple and OpenAI currently have the most misunderstood partnership in tech
Adobe to update vague AI terms after users threaten to cancel subscriptions
China state hackers infected 20,000 Fortinet VPNs

Tuesday, June 11th

Russia Is Targeting Germany With Fake Information as Europe Votes