World's Worst Hacker? 174
An anonymous reader submitted a video clip that allegedly demonstrates a hacker working in a
honeypot.
If you fear for the future security of the internet, this video will set your mind at ease.
This discussion has been archived.
No new comments can be posted.
World's Worst Hacker?
Related Links Top of the: day, week, month.
It is easier to write an incorrect program than understand a correct one.
Outsourcing everywhere (Score:5, Insightful)
I think what we see here (and I am being serious) is outsourcing at work. He downloads tools from a subnet in Pakistan, likely homebase.
Just like anything from software development to customer service is being offshored to lowest bidder and services being performed by people without appropriate skills, simply because they are cheap. Same thing here - mass hacking is a business, and it is being outsourced to cheap unskilled labor. Look at this and laugh - then realize, this is the kind of quality of production that modern legitimate businesses rely on every day. Scary, ain't it?
Re:The soundtrack (Score:4, Insightful)
> What is it?
Unnecessary, as with all background music in amateur videos.
Why do kids these days have such problems with absence of noise?
HINT: I came to watch the video, not to inflict your choice of "kewl music" upon myself.
Re:Tracer Tee (Score:4, Insightful)
Looks like he's trolled about 620 thousand people. I think the best way to socially engineer a geek is to make them feel superior to you, because they cannot resist loudly correcting you and assuming you're an idiot from that point on.
Re:What year is this? (Score:4, Insightful)
This is called "how the Internet was meant to work" with end-to-end connection between the client and the provider, not with a centralized advertising agency.
Re:But... (Score:5, Insightful)
if perl was installed (as it is on almost every linux system these days) his scripts would have run.
First rule of information security: Never run anything you don't need to. If at all possible, don't even install it. Who cares about an exploit in ${PACKAGE} when you haven't got that installed anyway?
Any hacker worth their salt wouldn't be too disappointed that perl wasn't installed. He already had a root prompt and ls showed a .apt directory - there's a good chance apt-get install perl would have got perl in there in about 20 seconds flat.
this guy was simply to follow his cheat sheet and it didn't work. in fact, i see this as a complete failure of the honeypot scenario as it's supposed to provide a fake environment to gather intel. this honeypot does nothing of the sort and seems to be more for entertainment than anything else.
I'm not so sure. We now have a good idea what's on his cheat sheet and - more importantly - have a number of URLs where some potentially interesting scripts may be found. It's possible (though if this is the sort of thing we're dealing with, I'd venture unlikely) that those scripts might provide information about a hitherto unknown local exploit.
Re:oh, it's a troll (Score:4, Insightful)
Look again....
He unpacks his kit, and then expects to do something in /var/spool/samba
My assumption would be that he has some kit that is intended to be put onto a samba server, and then used to exploit windows machines that use that server. That might pan out, if he happened to make his way onto an actual samba server.... or one with perl installed.
Not conclusive, you could be right but, given his hard-on for samba, it seems plausible to me.