Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Idle

World's Worst Hacker? 174

An anonymous reader submitted a video clip that allegedly demonstrates a hacker working in a honeypot. If you fear for the future security of the internet, this video will set your mind at ease.
This discussion has been archived. No new comments can be posted.

World's Worst Hacker?

Comments Filter:
  • That was quick slashdotting..any alternate links?
  • by www.sorehands.com ( 142825 ) on Tuesday February 01, 2011 @09:47AM (#35067482) Homepage

    In a thousand years, with a thousand more keyboards. But maybe he will produce all of Shakespeare's sonnets first.

    Or he could be faking it.

    • by jekewa ( 751500 )

      Or more useful; he could rewrite PERL in that amount of time.

      While I'm sure this happens a lot, he's not the kind of hacker I worry about.

  • by ugen ( 93902 ) on Tuesday February 01, 2011 @09:49AM (#35067514)

    I think what we see here (and I am being serious) is outsourcing at work. He downloads tools from a subnet in Pakistan, likely homebase.
    Just like anything from software development to customer service is being offshored to lowest bidder and services being performed by people without appropriate skills, simply because they are cheap. Same thing here - mass hacking is a business, and it is being outsourced to cheap unskilled labor. Look at this and laugh - then realize, this is the kind of quality of production that modern legitimate businesses rely on every day. Scary, ain't it?

    • by zach_the_lizard ( 1317619 ) on Tuesday February 01, 2011 @10:18AM (#35067842)

      $zach@zach-desktop:~$>cd /comments
      comments: no such file or directory found
      $zach@zach-desktop:~$>cd /witty-retort
      witty-retort:no such file or directory found
      $zach@zach-desktop:~$>mkdir comments
      $zach@zach-desktop:~$>cd comments
      $zach@zach-desktop:~/comments$>echo "I'm not the lowest bid!"
      I'm not the lowest bid!
      $zach@zach-desktop:~/comments$>cd /a
      a: no such file or directory
      Grrr......
      $zach@zach-desktop:~/comments$>telnet slashdot.org 80
      Trying 216.34.181.45...
      Connected to slashdot.org.
      Escape character is '^]'.
      Post comments
      Connection closed by foreign host.

      Now let's see if they posted my comment.....

    • by Xest ( 935314 )

      I wonder if this is the guy who once or maybe still does work at one of Dell's Indian call centres who insisted we could not proceed with getting my laptop repaired until I tell him the error code on the screen of a laptop I'd just told him multiple times simply would not turn on, would not power up, would not display anything on screen.

      No matter how I phrased it he was determined that Dell could not help me and honour my warranty until I gave him that mystical error code.

      But then, this is probably also why

  • by Saija ( 1114681 ) on Tuesday February 01, 2011 @09:53AM (#35067562) Journal
    Can somebody please explain me what he is trying to do? i just watched some wgets which downloaded some .tar.gz files and that perl is not installed so he couldn't run some scripts. that's it? or do i missed something?
    • Re:What he's doing? (Score:5, Interesting)

      by bsDaemon ( 87307 ) on Tuesday February 01, 2011 @09:58AM (#35067630)

      I saw this last week. There were all kinds of hilarious inabilities to properly change directories or find scripts, which is why he kept downloading the same crap over and over again. Just for fun, my boss here (at a well-known company that makes security products involving pigs) fetched some of the files that the kid was trying to use. Half of the scripts were just fucking awful, such as hard-coding repetitive actions rather than using loops. The so-called "hacker" also left clues to his identity all over the crappy "sploits", too.

      I honestly have a hard time believing the douchebag in the video was able to get a shell, even on a honeypot, and then fail to be able to change directories. However, the kits he was fetching were also so terrible I don't think that even if this hadn't been a honeypot he'd ever have gotten any local privilege escalations anyway.

    • Re:What he's doing? (Score:4, Informative)

      by GigsVT ( 208848 ) on Tuesday February 01, 2011 @10:02AM (#35067672) Journal

      Short version: He doesn't understand that tar -xzf uncompresses into the current working directory, and gets completely lost in terms of where he puts things.

      He probably has a sheet of commands to copy/paste from and has little clue about how they actually work.

      • And then he downloads a WinXP service pack to fix the problem,
      • by ubersoldat2k7 ( 1557119 ) on Tuesday February 01, 2011 @10:18AM (#35067848)

        And he doesn't seem to know about 'ls'. If I was sitting next to this guy, I would mash his head on the keyboard.

        • The best thing is that he actually uses ls once, but then seems to forget about it.

          It's probably in his copy-paste-file, but he has no understanding what he's supposed to do with it.

      • You can actually see what commands he copy/pastes and what he types himself, because the entire line appears at once.

      • by Jonner ( 189691 )

        I wondered if it could be a bot, but it did make mistakes and correct them. I could certainly write a more effective bot.

    • In addition to what the other guys said, someone who knows what they are doing would install perl instead of downloading the script over and over.

  • Best Part (Score:3, Funny)

    by pcgfx805 ( 1750684 ) on Tuesday February 01, 2011 @09:56AM (#35067592)
    The best part was when he/she downloaded a copy of win2ksp3.exe.
    • by deblau ( 68023 )

      The best part was when he/she downloaded a copy of win2ksp3.exe.

      From the comments of the Youtube video, apparently this is standard practice to test bandwidth. Because SP3 is so huge. Insert obligatory Microsoft joke here.

    • Some intruders download Windows service packs to check the bandwidth available.

  • Posting a link to a video on some guy's website...that is just mean.
    • This is clearly the hacker's revenge. He couldn't toss in an exploit using the script-kiddiness, so he's DDOSing the site instead.

  • by Anonymous Coward

    http://www.youtube.com/watch?v=oJagxe-Gvpw

  • I like the background song. What is it?

    The rest is plain sh*t.
  • Direct Youtube Link (Score:5, Informative)

    by animeshpathak ( 873597 ) on Tuesday February 01, 2011 @10:04AM (#35067688) Homepage

    For those who are getting a slashdotted server, here is the video [youtube.com].

  • by Anonymous Coward

    Gee I sure wish there some sort of video service that could host videos so that I could watch this video.

  • is there a future for CLI based sketch comedy?
  • oh, it's a troll (Score:5, Interesting)

    by FuckingNickName ( 1362625 ) on Tuesday February 01, 2011 @10:07AM (#35067724) Journal

    First I just thought "well, not everyone is a super smart irrelevant cubicle IT support geek" and shrugged at the point that was trying to be made - which, I guess, is something along the lines of "it's really this easy to break in to some systems, and it's great to laugh at people who.. err.. manage it, because not everyone knows what to do next."

    Then I saw them downloading W2Ksp3, and realised that the whole thing is just a bit of sensationalism to get pageviews. The hacker is as genuine as the honeypot.

    • by TheCarp ( 96830 ) <sjc AT carpanet DOT net> on Tuesday February 01, 2011 @11:29AM (#35068542) Homepage

      Look again....

      He unpacks his kit, and then expects to do something in /var/spool/samba

      My assumption would be that he has some kit that is intended to be put onto a samba server, and then used to exploit windows machines that use that server. That might pan out, if he happened to make his way onto an actual samba server.... or one with perl installed.

      Not conclusive, you could be right but, given his hard-on for samba, it seems plausible to me.

      • or one with perl installed.

        You mean with perl on $PATH. That he tried running it repeatedly and didn't hunt for it's location (or check $PATH) shows he really is something 'special'

    • Now I know how to populate my botnet next time there's a Flash vulnerability. I could have the power of Slashdot at my command!
  • Here is the youtube link directly to the video, lord knows why that wasn't linked to in the first place. World's worst hacker [youtube.com]
  • Tracer Tee (Score:5, Funny)

    by Bratch ( 664572 ) on Tuesday February 01, 2011 @10:12AM (#35067774)
    I think watching the "Tracer T" video from NextGenHacker101 will also set your mind at ease about the future of hackers. http://www.youtube.com/watch?v=SXmv8quf_xM [youtube.com]
    • Re:Tracer Tee (Score:4, Insightful)

      by FuckingNickName ( 1362625 ) on Tuesday February 01, 2011 @10:21AM (#35067868) Journal

      Looks like he's trolled about 620 thousand people. I think the best way to socially engineer a geek is to make them feel superior to you, because they cannot resist loudly correcting you and assuming you're an idiot from that point on.

      • Given the choice between incompetence and malice, always assume incompetence.

        • I've heard that so often, but I've never understood: why?

          • I've heard that so often, but I've never understood: why?

            Because otherwise you'll turn into a paranoid maniac?

            If you assume that everything that occurs is being masterminded by someone in order to fool, manipulate, or otherwise take advantage of people, you'll be the crazy guy at the party whom everyone avoids because he won't shut up about how the reptilians in the US government flew remote-controlled planes into the WTC. If you go with the "assume incompetence" approach you'll not only be correct more often, you'll also have a much more active social life.

            • It does not follow from the reasonable assumption that everyone tries to do things for his own gain (a consequence of free will) that "reptilians in the US government flew remote-controlled planes into the WTC".

              • It does not follow from the reasonable assumption that everyone tries to do things for his own gain (a consequence of free will) that "reptilians in the US government flew remote-controlled planes into the WTC".

                That's absolutely correct. I fail to see the relevance, though.

                • Once you accept that humans tend toward rational selfishness, you can assume that whatever they are doing is designed to benefit them. Any complex behaviour must be intentional (ignoring the clinically insane) - we assume that rational humans are capable of being responsible for themselves. Therefore most behaviour is intentionally rational selfish.

                  Now, does that mean the behaviour is necessarily malicious? No. This is only judged by the observer when the observer of the behaviour happens to be at moral odd

                  • Once you accept that humans tend toward rational selfishness, you can assume that whatever they are doing is designed to benefit them

                    Right, so a guy who pimps out his girlfriend so he can buy heroin which he then injects with a syringe he found on the street ... he's designing his action to help himself. And the drunk jackass who cuts off a leg while juggling a chainsaw, also trying to help himself. Oh, and we can't forget the thousands of people who commit suicide every day - they are, of course, designing their actions to benefit themselves.

                    You know, even if I agree with your statement 100%, it's still completely irrelevant. I said

    • The nextgenhacker101 tracert video is awesome. I was almost embarrassed for the guy. I work in the computer field and I'll admit I don't know everything by any means. But to actually make a YT video claiming something is something when it is not even close to what you're saying it is - that's amazingly far down the road of dumb.

      This guy from tfa is following a list of commands he got from somewhere, but my question is what was the list supposed to accomplish?
  • There is a metric buttload of idiots like that out here in the intar-webs. they are only slightly better than the nex level up that actually have some understanding but are still just script kiddies.

    I think I need to set up a honeypot like that, I need some good entertainment.

  • Youtube link (Score:5, Informative)

    by LehiNephi ( 695428 ) on Tuesday February 01, 2011 @10:35AM (#35068026) Journal
    The linked site is down, so here it is on youtube [youtube.com]
    • by Thing 1 ( 178996 )
      Thanks for the link! Cool that Jonathan Coulton's song "Still Alive" is playing in the video. (It was the end credits on "Portal".) This had me LOL several times, even if the humor is lost on my woodworking roommate.
  • Mirror anyone?

  • I'd like to get a video of the server that is hosting the hacking video right now so we can watch it melt.... :)

  • by Menacer ( 222952 ) on Tuesday February 01, 2011 @10:50AM (#35068144)

    This reminds me of Bill Cheswick's paper "An Evening with Berferd In Which a Cracker is Lured, Endured, and Studied [megasecurity.org]," from the 1992 Winter USENIX Conference. (Paper is available directly from Mr. Cheswick's site here [cheswick.com] as a postscript file).

    In it, he toys with an intruder for a number of days. He pretends the system has actually been hacked, gives up bogus password files, and manually pretends to be a particularly slow machine with a lot of easy holes in it. It's a well-written, excellent piece of writing. I recommend it to anyone who enjoyed this video.

  • by dmomo ( 256005 ) on Tuesday February 01, 2011 @11:06AM (#35068298)

    On Good old Youtube: http://www.youtube.com/watch?v=oJagxe-Gvpw [youtube.com]

  • Everyone knows that the best hack is whiterabbit.obj!

  • I guess even in Russia some 'hackers' are better than others:

    Additional whois information for 213.248.54.246:

    % Information related to '213.248.48.0 - 213.248.63.255'

    inetnum: 213.248.48.0 - 213.248.63.255
    netname: DINET-GLOBAL
    descr: Hosting and Colocation Services
    country: RU
    .....
    role: Digital Network Hosting Department
    address: 13a, Yaroslavskaya st.,
    address: Moscow, Russia, 129366
    phone: +7 495 660 8333
    fax-no: +7 495 660 8333
    admin-c: MIF
    tech-c: FVS13-RIPE
    nic-hdl:

  • by PhilipTheHermit ( 1901680 ) on Tuesday February 01, 2011 @12:11PM (#35069106)

    So, back when I was an undergrad and used to play around on MUDs, my roommate and I wound up talking to a young woman who claimed to be a hacker. She wanted to get together, and asked if she could bring a friend. Figuring we were about to get incredibly laid, we invited her up to the university. Young and dumb, what can I say.

    We met her and her friend at a rest stop. We waited for a long time, and were about to leave when an incredibly ramshackle old sedan rolled up, with its muffler clanking and rattling, its headlights flickering, and great clouds of blue smoke trailing out behind. A beautiful girl leapt out of the car, followed by her friend: a very tall, very skinny punker dude.

    Our spirits were crushed, but being polite computer science students, we couldn't figure out how to get rid of them. They didn't have enough gasoline to get home, but they DID have booze. So we went back to the university.

    Immediately they wanted to "hack a computer", and marched to the computer lab, which was still open. This was where we talked on the MUD. There was no talking them out of it. Trailing behind them, wondering what on earth they thought they were going to be able to do from a computer lab, we somberly shuffled along.

    On seeing a computer, the girl leapt into action! jumping into the seat, she said "I'm gonna hack this bitch!" and her boyfriend perched on the back of her seat to egg her on. I said something like "hey, look, don't do anything that'll get anyone in trouble, ok?" and she said something like "don't worry, I'm leet, nobody's ever going to know I was here!" This did not soothe my fears. I was about to say something else when she got a DOS prompt, and started typing in random passwords.

    > God
    > File not found. (I don't remember the exact words)
    > Sex
    > File not found.

    (This went on for a long time.)

    My roommate and I chatted quietly a few feet away, greatly relieved. We admitted our suspicion that this person did not, in fact, know anything about computers, or possibly anything else. To our enormous relief, the person appeared to be harmless. Also, it was becoming clear that neither one of us were going to get any. We wondered what we should do. We didn't want to be rude.

    Suddenly, I had a thought. "Let's get her into the MUD!" My roommate thought that was an excellent idea, so we said "Hey, somebody wrote this path on a piece of paper over there... Maybe it'll get you in!" She tried it, and was allowed to log into the MUD. She yelled out in triumph! She was invincible!

    She played happily on the MUD for about a half hour, with her boyfriend proudly telling us how "leet" she's always been, and then we went back to our room. We let them crash on the suite couch, and they were gone in the morning.

    I wonder how many "hackers" are like this? Just trying stuff they saw on TV, with no understanding of what's actually going on?

    Anyway, she was gorgeous, so I think we can be forgiven for indulging her a bit. She was about 5'5, with pale skin, medium brown long straight hair down to her hips, and a mix of hippie and punk clothes. Such an appealing woman... Not really connected to reality, exactly, but definitely not boring.

news: gotcha

Working...