Big Brother Awards
quintessenz search  /  subscribe  /  upload  /  contact  
/q/depesche *
/kampaigns
/topiqs
/doquments
/contaqt
/about
/handheld
/subscribe
RSS-Feed Depeschen RSS
Hosted by NESSUS
<<   ^   >>
Date: 1998-11-17

Hack gegen Indiens Atombehoerde aufgeklärt


-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

q/depesche 98.11.17/2
updating 98.6.7.2

Hack gegen Indiens Atombehoerde aufgeklärt

Wie t3k-9 & IronLogik in das indische
Atomforschungszentrum Bhabha eindrangen sind, wie sie
dort eigene Eingänge einrichteten, über die dann eine ganze
Gruppe von Hackern einfiel & randalierte & warum die vorher
nicht existente MilwOrm Group dadurch zu Hacker/ruhm &
Ehren kam, steht in der unten auszugsweise
wiedergegebenen Geschichte aus dem digitalen Forbes
Magazin.

-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Adam L. Penenberg
...
It was mid-May, 1998, when 15-year-old 10th grader, Joey
Westwood (not his real name) was watching the TV coverage
of India's underground nuclear tests.
...
Joey decided to wreak vengeance on the Indians. And he
would accomplish this without leaving his bedroom in
suburban America. In cyberspace, where Joey spent much of
his life, he went by the name t3k-9.
...
He checked in with search engine Infoseek, and plugged in
".in atomic," the equivalent of typing "India, atomic research."
One of the first sites to come up was India's Bhabha Atomic
Research Center (BARC), which he read had been
instrumental in helping India develop the A-bomb.
...
Joey pointed and clicked his way to the BARC site and
accessed the John the Ripper DES Encryption Cracker
software he had downloaded off the Internet, where literally
thousands of complex hacker applications and "how-to"
guides are available from web sites and hacker chat
channels.

The password cruncher worked by setting up a phony log-in
program so that BARC thought it was accepting a connection
from a friendly machine. Then, by brute force, the cruncher
tried every single combination of letters and numbers until it
hit the jackpot.
....
Forty-five seconds after he'd started, t3k-9 was amazed to
discover that he'd cracked one of the passwords. He was
inside India's number one atomic research network.
...
He checked the password: "ANSI." Someone's name, he
thought, the same as the log-in prompt. He couldn't believe
his luck. The administrator hadn't followed standard
password selection rules, which would have meant complex
strings of numbers and letters
...
t3k-9's first step was to download all the passwords and log-
in names. Then he installed a "backdoor" that would enable
him to gain entry into the system without being detected.
...
t3k-9 decided to get out while the getting was good,
downloading a few E-mails and a scientific document for
souvenirs. Then, after erasing logs to ensure no one would be
able to track him, he logged off.

If he'd kept this to himself, no one would have ever known.
....
After logging on to Internet Relay Chat, t3k-9 headed over to
one of the hacker channels. IRC is a place on the Internet
where you can conduct real-time chat without anyone being
able to track you. After checking who was around, t3k-9
found out that IronLogik, a hacker he calls his friend but has
never met in the flesh, was also floating about.
....
IronLogik immediately left IRC and got to work, entering
BARC via t3k-9's backdoor. Within 45 minutes, he was able
to achieve superuser status. That meant IronLogik had gotten
"root," or total control, as if he were the network's system
administrator. IronLogik could read any document or E-mail
he felt like.
....
IronLogik created two new "users" with passwords of his own
invention, so that even if BARC changed its password
protection scheme he'd still be able to gain access.


...
IronLogik's real first name is Ratko and he's an 18-year-old
immigrant from Serbia. For fun, he DJs parties from his
laptop with pirated music he's downloaded off the Internet.
...
While t3k-9 talks big about the threat of nukes but has no
direct experience with them, Ratko is different. He grew up
near a military base with hated Russian MIGs constantly
roaring overhead, carrying nuclear warheads and spreading
intimidation. Ratko thinks nuclear weapons should be strictly
for protection, not genocide. "If a country uses nuclear arms
to threaten other nations, then they do not deserve to carry
them," he says.
....
Equipped with a military IP, BARC would identify him as a
regular U.S.-based researcher. Changing his IP address to
one associated with the military was like changing into a
soldier's uniform. It made for good camouflage.
...
He maneuvered over to BARC's R&D server and sifted
through E-mail, both new and already read. The UNIX system
BARC relies on saves all mail until the system administrator
deletes it.
...
The next day, Ratko showed two of his Indian classmates
the printouts of BARC's logs and "threatened to sell the
information to my Russian superiors."
...
Which is why t3k-9 posted the whole BARC password file--
all 800 passwords and log-in names--on one of the hacker
channels.

Immediately, hackers began accessing this information and
preparing to attack BARC.
...
Shortly after, Wired News broke the story with an exclusive
interview with milw0rm, whose members buttressed their
claims by producing a mirror of BARC's hacked home page.
...
IronLogik, unsurprisingly, was irritated. It wasn't fair, he
thought. t3k-9 had been the first one in, then IronLogik. All
the rest of those hackers, including milw0rm--especially
milw0rm--had coasted in on their work. And milw0rm's claim
that it used a sendmail bug to penetrate BARC was false.
Rather, "they had used the backdoors that t3k-9 and I set
up," says IronLogik
....
In the meantime both have moved on. t3k-9 recently found a
security hole in Microsoft's Front Page software product and
IronLogik has been exploring other atomic targets--Iran, Iraq,
Italy and Turkey. In fact, a few days after he hacked BARC,
IronLogik nailed a nuclear research center in Turkey.
....

Full Text
From: http://www.forbes.com/tool/html/98/nov/1116/featb.htm

relayed by
hackerelite@deathsdoor.com via jericho@dimensional.com>


-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by
published on: 1998-11-17
comments to office@quintessenz.at
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<   ^   >>
Druck mich

BigBrotherAwards


Eintritt zur Gala
sichern ...



25. Oktober 2023
#BBA23
Big Brother Awards Austria
 CURRENTLY RUNNING
q/Talk 1.Juli: The Danger of Software Users Don't Control
Dr.h.c. Richard Stallman live in Wien, dem Begründer der GPL und des Free-Software-Movements
 
 !WATCH OUT!
bits4free 14.Juli 2011: OpenStreetMap Erfinder Steve Coast live in Wien
Wie OpenStreetMaps die Welt abbildet und was ein erfolgreiches Crowdsourcing Projekt ausmacht.