The best hacker ever !

Discussion:

(too old to reply)

2005-04-28 20:21:26 UTC

NSC wrote:
> I can't resist.
>
> http://www.totalillusions.net/forum/index.php?showtopic=328&st=0

ZZZzzzzzzz... Is this the same old "My ip is 127.0.0.1, come hax0r me",
like the one that was slashdotted yesterday? The idea is /rather/ dated,
but I guess it's still cute if someone falls for it. ;|

--
dk

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Eric Paynter

2005-04-28 22:43:25 UTC

Permalink

On Thu, April 28, 2005 1:04 pm, NSC said:
> I can't resist.
>
> http://www.totalillusions.net/forum/index.php?showtopic=328&st=0

Dated May, 2001...

http://www.userfriendly.org/cartoons/archives/01may/uf003073.gif

-Eric

--
arctic bears - email and dns services
http://www.arcticbears.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

h***@dofasco.ca

2005-04-29 15:57:38 UTC

Permalink

There should be some kind of category in the Darwin Awards for people
like this.

-----Original Message-----
From: full-disclosure-***@lists.grok.org.uk
[mailto:full-disclosure-***@lists.grok.org.uk] On Behalf Of NSC
Sent: Thursday, April 28, 2005 4:04 PM
To: full-***@lists.grok.org.uk
Subject: [Full-disclosure] The best hacker ever !

I can't resist.

http://www.totalillusions.net/forum/index.php?showtopic=328&st=0

Have fun !

Spencer

(sorry mod, wrong acccunt)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

V***@vt.edu

2005-04-29 19:11:16 UTC

Permalink

On Fri, 29 Apr 2005 11:57:38 EDT, ***@dofasco.ca said:
> There should be some kind of category in the Darwin Awards for people

> http://www.totalillusions.net/forum/index.php?showtopic=328&st=0

Unfortunately, this guy hasn't managed to permanently remove himself from
the gene pool, so there's still a chance that he'll reproduce.

See C.M. Kornbluths "The Marching Morons" from 1951....

Obligatory security reference: All too soon, we'll have to be securing our
systems against this guy's kids....

Paul Schmehl

2005-04-29 21:34:42 UTC

Permalink

--On Friday, April 29, 2005 03:11:16 PM -0400 ***@vt.edu wrote:
>
> Obligatory security reference: All too soon, we'll have to be securing
> our systems against this guy's kids....

yyyyeaaahhhhh.....like that'll be a chore......

Paul Schmehl (***@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

V***@vt.edu

2005-04-30 02:18:21 UTC

Permalink

On Fri, 29 Apr 2005 16:34:42 CDT, Paul Schmehl said:
> --On Friday, April 29, 2005 03:11:16 PM -0400 ***@vt.edu wrote:
> >
> > Obligatory security reference: All too soon, we'll have to be securing
> > our systems against this guy's kids....
>
> yyyyeaaahhhhh.....like that'll be a chore......

Just remember Paul - his kids might apply to UT Dallas and get accepted. I never
*said* his kids would be the attackers, did I? :)

Schmehl, Paul L

2005-05-02 15:19:23 UTC

Permalink

> -----Original Message-----
> From: ***@vt.edu [mailto:***@vt.edu]
> Sent: Friday, April 29, 2005 9:18 PM
> To: Schmehl, Paul L
> Cc: full-***@lists.grok.org.uk
> Subject: Re: [Full-disclosure] The best hacker ever !
>
> On Fri, 29 Apr 2005 16:34:42 CDT, Paul Schmehl said:
> > --On Friday, April 29, 2005 03:11:16 PM -0400
> ***@vt.edu wrote:
> > >
> > > Obligatory security reference: All too soon, we'll have to be
> > > securing our systems against this guy's kids....
> >
> > yyyyeaaahhhhh.....like that'll be a chore......
>
> Just remember Paul - his kids might apply to UT Dallas and
> get accepted. I never
> *said* his kids would be the attackers, did I? :)
>
I think some of his relatives already have. :-)

Paul Schmehl (***@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

vulcanius

2005-05-02 15:59:18 UTC

Permalink

In some senses it seems like it may be worthy of a Darwin award.

On 5/2/05, Schmehl, Paul L <***@utdallas.edu> wrote:
> > -----Original Message-----
> > From: ***@vt.edu [mailto:***@vt.edu]
> > Sent: Friday, April 29, 2005 9:18 PM
> > To: Schmehl, Paul L
> > Cc: full-***@lists.grok.org.uk
> > Subject: Re: [Full-disclosure] The best hacker ever !
> >
> > On Fri, 29 Apr 2005 16:34:42 CDT, Paul Schmehl said:
> > > --On Friday, April 29, 2005 03:11:16 PM -0400
> > ***@vt.edu wrote:
> > > >
> > > > Obligatory security reference: All too soon, we'll have to be
> > > > securing our systems against this guy's kids....
> > >
> > > yyyyeaaahhhhh.....like that'll be a chore......
> >
> > Just remember Paul - his kids might apply to UT Dallas and
> > get accepted. I never
> > *said* his kids would be the attackers, did I? :)
> >
> I think some of his relatives already have. :-)
>
> Paul Schmehl (***@utdallas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Zuxy Haiduc

2005-05-02 16:02:54 UTC

Permalink

While most people know better than attacking 127.0.0.1, it's important
to note that in some operating systems (Windows, and a few others, but
normally not *nix), anything in 127.* is loopback.

Its a lot easier to trick someone into attacking, say, 127.36.120.67,
than 127.0.0.1.

Just a thought.

On 5/2/05, vulcanius <***@gmail.com> wrote:
> In some senses it seems like it may be worthy of a Darwin award.
>
> On 5/2/05, Schmehl, Paul L <***@utdallas.edu> wrote:
> > > -----Original Message-----
> > > From: ***@vt.edu [mailto:***@vt.edu]
> > > Sent: Friday, April 29, 2005 9:18 PM
> > > To: Schmehl, Paul L
> > > Cc: full-***@lists.grok.org.uk
> > > Subject: Re: [Full-disclosure] The best hacker ever !
> > >
> > > On Fri, 29 Apr 2005 16:34:42 CDT, Paul Schmehl said:
> > > > --On Friday, April 29, 2005 03:11:16 PM -0400
> > > ***@vt.edu wrote:
> > > > >
> > > > > Obligatory security reference: All too soon, we'll have to be
> > > > > securing our systems against this guy's kids....
> > > >
> > > > yyyyeaaahhhhh.....like that'll be a chore......
> > >
> > > Just remember Paul - his kids might apply to UT Dallas and
> > > get accepted. I never
> > > *said* his kids would be the attackers, did I? :)
> > >
> > I think some of his relatives already have. :-)
> >
> > Paul Schmehl (***@utdallas.edu)
> > Adjunct Information Security Officer
> > The University of Texas at Dallas
> > AVIEN Founding Member
> > http://www.utdallas.edu/
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Gregory Boyce

2005-05-02 16:06:39 UTC

Permalink

On Mon, 2 May 2005, Zuxy Haiduc wrote:

> While most people know better than attacking 127.0.0.1, it's important
> to note that in some operating systems (Windows, and a few others, but
> normally not *nix), anything in 127.* is loopback.
>
> Its a lot easier to trick someone into attacking, say, 127.36.120.67,
> than 127.0.0.1.
>
> Just a thought.

127.36.120.67 works under Linux as well (tested on Ubuntu, Debian, Redhat
and Gentoo with 2.2-2.6 kernels).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Andre Derek Protas

2005-05-02 18:14:52 UTC

Permalink

I thought that was your IP so I used the same program he had and just
killed my box! Whoops!
;)

PS - Works in M$

Gregory Boyce wrote:

> On Mon, 2 May 2005, Zuxy Haiduc wrote:
>
>> While most people know better than attacking 127.0.0.1, it's important
>> to note that in some operating systems (Windows, and a few others, but
>> normally not *nix), anything in 127.* is loopback.
>>
>> Its a lot easier to trick someone into attacking, say, 127.36.120.67,
>> than 127.0.0.1.
>>
>> Just a thought.
>
>
> 127.36.120.67 works under Linux as well (tested on Ubuntu, Debian,
> Redhat and Gentoo with 2.2-2.6 kernels).
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Volker Tanger

2005-05-03 06:52:40 UTC

Permalink

On Mon, 2 May 2005 12:06:39 -0400 (EDT)
Gregory Boyce <***@badbelly.com> wrote:
> On Mon, 2 May 2005, Zuxy Haiduc wrote:
>
> > While most people know better than attacking 127.0.0.1, it's
> > important to note that in some operating systems (Windows, and a few
> > others, but normally not *nix), anything in 127.* is loopback.
> >
> > Its a lot easier to trick someone into attacking, say,
> > 127.36.120.67, than 127.0.0.1.
>
> 127.36.120.67 works under Linux as well (tested on Ubuntu, Debian,
> Redhat and Gentoo with 2.2-2.6 kernels).

OTOH I have seen machines (process/machine crontrol systems) that were
hardwired to 127.0.0.*/24 as ethernet addresses (eth0, not loopback)...

Bye

Volker

--

Volker Tanger http://www.wyae.de/volker.tanger/
--------------------------------------------------
***@wyae.de PGP Fingerprint
378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

V***@vt.edu

2005-05-03 15:04:33 UTC

Permalink

On Tue, 03 May 2005 08:52:40 +0200, Volker Tanger said:

> OTOH I have seen machines (process/machine crontrol systems) that were
> hardwired to 127.0.0.*/24 as ethernet addresses (eth0, not loopback)...

And now for some *real* crack-pipe networking:

Early releases of IBM's TCP/IP product for the VM operating system (5798-FAL
was the program number) used 14.0.0.1/8 as the loopback address. This was
in the '89-'92 timeframe, when everybody else had been using 127/8 for at
least 5 years....

cozadc/Cozad, Chris

2005-05-04 02:39:14 UTC

Permalink

Just out of curiosity....

Why do all your messages come through as a text attachment?

-----Original Message-----
From: full-disclosure-***@lists.grok.org.uk
[mailto:full-disclosure-***@lists.grok.org.uk] On Behalf Of
***@vt.edu
Sent: Wednesday, 4 May 2005 1:05 AM
To: Volker Tanger
Cc: full-***@lists.grok.org.uk
Subject: Re: [Full-disclosure] The best hacker ever !

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

V***@vt.edu

2005-05-04 16:36:51 UTC

Permalink

On Wed, 04 May 2005 12:39:14 +1000, "cozadc/Cozad, Chris" said:
> Just out of curiosity....
>
> Why do all your messages come through as a text attachment?

The short version: Because you're using:
X-mailer: Internet Mail Service (5.5.2658.3)

The long version: Because they're PGP-signed as per RFC3156, and some vendors
don't understand how to deal with multipart/signed mail correctly, and decide
that the main text/plain is an attachment rather than a main bodypart (and the
last time I tested, even providing an explicit "Content-Disposition: inline"
didn't help any). What your MUA *should* be doing if it follows the standards
is say "this is a signed mail, but I don't understand the signature format".
(And incidentally, the main offenders for this should be *doubly* embarrassed,
because they *do* in fact understand multipart/signed, so it isn't even a
broken dropback to multipart/mixed - they get stupid when they don't understand
the signature type).

Complain to your vendor, or use a standards-compliant mail package. I'm told
that even Mutt and Pine manage to get it right.