Forwarded From: phreakmoi <hackereliteat_private> From: http://www.forbes.com/tool/html/98/nov/1116/feat.htm Hacking Babba By Adam L. Penenberg Nineteen ninety-eight may well go down as the year of the hack. Not since the arrest of hacker Kevin Mitnick in 1995 have there been so many high-profile computer break-ins. The latest victim was The New York Times, which had to shut its web site down for 9 hours on September 13 when a gang calling itself Hacking for Girlies (HFG) replaced Times content with a page of their own design. And earlier in the year, there were a number of security breaches that were far more serious--high-profile hacks of the Pentagon, a TV satellite in California, and potentially the most devastating, a nuclear research center in India. ICSA, a computer security company based in Pennsylvania, estimates there are about 1 million hackers out there in cyberland. Here is the story of two of them, the first ones to penetrate the computers of Bhabha, India's number one nuclear research center, located in Bombay, India, which led to perhaps as many as 100 hackers wilding through the center's network over the course of several days. A now defunct hacker group called "milw0rm" claimed credit for the hack. Although the hack received extensive media coverage, the fact is that milw0rm copped credit for a hack they merely inherited. Here's what happened. It was mid-May, 1998, when 15-year-old 10th grader, Joey Westwood (not his real name) was watching the TV coverage of India's underground nuclear tests. For some reason it stuck in his craw. Joey was not sure exactly why. After all, he's much too young to remember Hiroshima, Nagasaki and the Cuban Missile Crisis. He couldn't even find India on the map. Some third-world hole that can't even feed its own people was getting into a nuclear arms race with Pakistan and China. The more he thought about it, the madder he got. Joey decided to wreak vengeance on the Indians. And he would accomplish this without leaving his bedroom in suburban America. In cyberspace, where Joey spent much of his life, he went by the name t3k-9. He's especially adept at cracking passwords and log-ins, the keys to illegally accessing computer systems. On this particular day, t3k-9 stomped upstairs carrying his favorite hack snacks--chocolate pop tarts, Coca-Cola and sour jawbreakers--and went to his bedroom, where he booted up his computer and listened to the comforting squawk of his modem. He checked in with search engine Infoseek, and plugged in ".in atomic," the equivalent of typing "India, atomic research." One of the first sites to come up was India's Bhabha Atomic Research Center (BARC), which he read had been instrumental in helping India develop the A-bomb. Forty-five seconds after he'd started, t3k-9 was amazed to discover that he'd cracked one of the passwords. Joey pointed and clicked his way to the BARC site and accessed the John the Ripper DES Encryption Cracker software he had downloaded off the Internet, where literally thousands of complex hacker applications and "how-to" guides are available from web sites and hacker chat channels. The password cruncher worked by setting up a phony log-in program so that BARC thought it was accepting a connection from a friendly machine. Then, by brute force, the cruncher tried every single combination of letters and numbers until it hit the jackpot. First, the application ran through all the lettered combinations at the speed of digital light--a, b, aa, bb, cc--then after going through the entire alphabet, backtracking to ab, ac, ad, etc. t3k-9 had also added special customized word lists that combine letters and numbers he'd downloaded over the course of his cybertravels Forty-five seconds after he'd started, t3k-9 was amazed to discover that he'd cracked one of the passwords. He was inside India's number one atomic research network. His eyes bugged. He checked the password: "ANSI." Someone's name, he thought, the same as the log-in prompt. He couldn't believe his luck. The administrator hadn't followed standard password selection rules, which would have meant complex strings of numbers and letters--more difficult to crack because the longer it takes, the greater the likelihood you'll get caught. t3k-9's first step was to download all the passwords and log-in names. Then he installed a "backdoor" that would enable him to gain entry into the system without being detected. After that, he consulted the network map, which was open to public display. He headed over to the web server and read through E-mails written in scientific geek-speak, then rifled through some documents on particle physics. Boring stuff, he thought. t3k-9 decided to get out while the getting was good, downloading a few E-mails and a scientific document for souvenirs. Then, after erasing logs to ensure no one would be able to track him, he logged off. If he'd kept this to himself, no one would have ever known. And in the days to follow, India's top nuclear research facility would probably never have suffered the ignominy of perhaps 100 hackers running roughshod through its computer network like gangs on a rampage. But t3k-9 couldn't keep mum. He did what every self-respecting hacker would do. He bragged. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:11:33 PDT