I always used to kill Firefox on his Linux, then edit the chmod so he couldn't get back to it. He never figured it out; I relented after he begged me for two days to restore it. (The idiot guy could have just reinstalled it.)

Couldn't he chmod it himself?

@Sepharimsan:
That must have been a fairly complex piece of code to exploit some vulnerability (probably a stack overflow, am I right?), partition the disk, install itself and run in a process that none of the anti-virus scanners would even suspect via heuristics that something was up with the code on that partition that was being run.

@helios
I guess he didn't know about chmod.

@all
How did we get on this topic, and what do we all gain from saying that we can mess up to some degree a computer system? I have software tools that can launch DOS attacks powerful enough to take out a very important core router in Oakland without the use of zombies. So what? What do I gain from boasting about it? What do I gain from using it, besides a negative balance in my bank account and an enlarged butthole after a few months downtown?

We should probably change the topic before one of us admits to using a malicious program against a computer that wasn't a friend's or family member's or their own without permission.

-Albatross

Uh... Well, you asked me what I thought of chrisname's idea and your phrasing seemed to imply I was (I have reluctance to apply this term to myself since I am, by ESR's definition, not a hacker. I'm only using it for the sake of brevity) a white hat, when I am, in fact, a gray hat. Meaning my hat's HSV value tends to oscillate depending on which is more fun/interesting. I told that anecdote to show that.

Hmm... Right now... I think I might try that idea of mine. Yeah, that ought to be fun. If there's one thing I love is looking over people's shoulders.

You're evil :D


DOS tools are great, except most of them are really rootkits. Anyway, a real cracker would write them themselves. People who use other people's tools are just skiddies.

@helios
Actually, I only expected that you would gain some amusement at the whole matter.

Though, it's fairly rare that gray-hats admit to being gray-hats. Most of the gray-hats I've known preferred not to reveal the fact that they were gray-hats, and posed as white-hats instead if they were pressured for some reason to reveal that there were hackers. The smarter ones just called themselves white and nobody asked any questions.

-Albatross

@ albatross

Well, a virus scan could easily of found it, it just hid from plain sight of the user of the computer. Thats what i meant. and this guy who it was meant for was the kinda guy who never scans his windows hard drive. He had it only for pc gaming. as for it being complex code. My dad had to walk me through 90% of it. I did all the actually writing of the code, but he was over my shoulder giving me blatently obvious hints the whole way through. Took me a year to write it. and it was meant for one computer only. It was payback for gay porn being played as windows default for any mouse or keyboard event on all the computers at a small lan party i was hosting. After that we signed a 'treaty' and gave up our little wars :P

I wouldn't call myself "hacker". Most of the people that do it turn out to be stupid script kiddies or crackers. I'm against cracking; but I have nothing against writing programs that would be illegal if I used them on other people.

I haven't written any real virus but this is going to be my first one:
0. Activates itself at a specified date
1. Running executables is almost impossible
2. Edits boot.ini file and sets RAM limit to 64 MB
3. disables task manager
4. creates a very large linked list (~2 GB ) and computer becomes even slower
5. This program cannot be deleted by antivirus or by user, only by my command line program wipe.

It's almost finished but there are some bugs. Maybe I'll fix them when I'll finish my partition manager.

@Null: I and probably the other white-hats have no problems writing programs that would be illegal if used against a system without permission. That said, don't use this against other systems. (although if the program was only malware and didn't spread and you have an annoying brother or sister, maybe some of us would get a laugh out of it if you used it against their personal computer and posted a story about what happened).

@all: Why are we all talking about malware we wrote? Rather, what do we gain from talking about it?

-Albatross

It's called showing off. Also, I suspect a certain amount of truth-bending :)

chrisname wrote:
It's called showing off. Also, I suspect a certain amount of truth-bending :)

@all
So do I. Some people on this forum need to learn that writing malicious code that spreads will only get the white-hats to release a patch and report to the U.S. Government the home address and social security number of the attacker. And girlfriend's phone number.

If you write a worm that actually SEALS security holes without opening new ones and the white-hats can confirm this, then we'll report to the U.S. Government your home address and social security number. And a recommendation to the NSA.

This actually has happened before:
http://en.wikipedia.org/wiki/Nachi_worm

EDIT: Just make sure your worm is more discreet than the Nachi worms. They did cause some damage.

-Albatross

@chrisname: which part of my program seems unreal?

Anyway, this time bomb will be a little "present" to my friend because he didn't keep his mouth shut.

Mine can't spread anyways, it was designed to only infect his computer.

5. This program cannot be deleted by antivirus or by user, only by my command line program wipe.

What if I delete it while the OS is offline?

I think we ended up on this line of conversation because we all know that hacking and writing are two sides of a coin. We all know more about our platforms then the majority of users, and in the end isn't that the question we really want to answer? How good are you?

Back on topic I'm working on a program that will resolve a systems name to it's IP address through the DNS and then pull my ARP table and compare the entries to get the MAC address then pass that to a Wake on LAN script. Version 3 will have my own Wake on LAN script right now I'm using one I downloaded, my Wake on LAN will have a periodic ping to the host that was sent the wake command so that when it is up and ready for access it sends me a message confirming its name and status (We use dynamic IPs which is one of the hertals that I've hit).

Computergeek01 wrote:
isn't that the question we really want to answer? How good are you?

That's a question I personally don't want an answer to by default. My own default questions cover a much larger scope, though I am willing to admit that I did write a lot of unreleased malware. Now, I only occasionally borrow some time on an underground server to launch sockstress attacks against child pornography servers.

Anyway, back on topic... I recently wrote a version of fcron for Mac OS X, called crono. It just executes a command at a certain time and date, and I can choose to have the program launched multiple times, only once, or every time the time or date occurs. It's simple, it's small, it's fast, and I love it.

-Albatross

@helios:
The trick is very simple; I just rename files to "AUX.exe", "CON.exe" or "COM1.exe".So Windows thinks that the file is a device and it cannot be opened, modified or removed. But I suspect that this trick doesn't work on Linux.

But I suspect that this trick doesn't work on Linux.

Obviously not.

[quote]Couldn't he chmod it himself?/quote]
He didn't know how.