Messages

So, you are trying to gain access to a specific computer, and somehow you recieve knowledge of what programs are running, and write up some exploits to one of those programs, since it's so easy to do on call, and then just exploit them knowing only what their email address is. Sounds to me like iago's way is more real-world applicable, '0wning whitehatz via blaqhat exploitz' seems to only exist in your fantasy world.

yeah i guess anybody would just write an exploit only knowing someones email *sigh*. though you probably know that they are using the company email, so im guessing the domain would be included... so then you could have a little information? yeah ur pretty smart quik. yeah, but, uhhh, exploits only exist in my fantasy world, if you want to believe that. even you, being a whitehat who runs around looking at securityfocus, should know that what you said is not true at all. or maybe you dont... considering you spend time looking at public exploits and not actual private shit that is within possession of individuals who could probably own just about any system they want.

ur right about all that, except what i was trying to say is that a virus that does not distribute itself is pretty lame. why waste ur time writing a virus that wont spread itself to own some company when you can just write an exploit and own him (then u dont have to email him or her!)... then hes still at ur mercy. or better yet, write a worm that exploits him and exploits the network... then u have access to the whole network.

Because, as I said, it evades detection.  It's easy to notice it spreading, but it's hard to notice it dormant on some specific machine. 

doing what you said though... thats like almost as stupid as using a trojan, except the fact that u wrote it yourself. most employees would probably know better than to download an attachment anyway... unless you use addresses from people they know.

That's the point of customizing it.  You fake the return address of their boss, and make it look like their boss wrote the email and is asking you to check the program, or something.  It would use their real name and phone number, and look totally authentic.

any virus out there wild on the internet has a way of distributing itself (otherwise it wouldnt be out there in the 'wild')... so why not incorporate that into the definition? i'd say ur idea is more of a trojan. trojans do however show up on anti virus programs. but they are still not really viruses in my opinion (my opinion isnt humble though)

Any virus in the wild is useless for many purposes, because it's easy to detect.  The POINT of a virus that doesn't spread, as I've been TRYING to tell you, is that it's a targetted attack.  Not all attacks are widespread, the best ones are targetted. 

trojans try to evade detection as well. even polymorphic shellcode tries to evade detection, but that doesnt mean its a virus. i guess it takes the characteristic of a virus, but that doesnt make it one. even a script kiddie can try to evade detection. they are viruses that spread, though... if you get what eye mean!

but still, why waste ur time writing a virus to 0wn this poor person in a business? why not just write an exploit? i'd like to hear why you would waste ur time with this, iago. u are afterall a whitehat... (no intended insult this time, i promise)

go ahead and waste ur time writing a virus and sending it to this person though. you could just make it a lot more fun and write an exploit and 0wn the network with that.

but a virus would be completely stupid if it wasnt distributed in some way

It's not completely stupid.  Although I know it's a waste of my time, I'll explain why. 

What if I'm trying to break into a business?  They have firewalls anti-virus and IPS and all the toys.  How do I get in? 

Simple! I write a custom virus.  I email it to an employee, with a message customized for the employee in question.  He runs the program, gets infected, and is at my mercy.  Because it's a custom virus, it's not going to get picked up by the anti-virus.  Because it's not distributing itself, it's not going to be detected by other employees. 

Presumably, the virus would give me remote access to his computer.  Say, for example, it infects Internet Explorer so that, as soon as he opens his browser, it also connects to me (since browsers are typically allow(all) in the firewall) and gives me the information I need. 

Since you're a blackhat, you really ought to know the usefulness of a virus that doesn't spread on its own (particularly in terms of evading detection).  I'm surprised you don't. 

ur right about all that, except what i was trying to say is that a virus that does not distribute itself is pretty lame. why waste ur time writing a virus that wont spread itself to own some company when you can just write an exploit and own him (then u dont have to email him or her!)... then hes still at ur mercy. or better yet, write a worm that exploits him and exploits the network... then u have access to the whole network.

im not a blaqhat... i just believe in the blaqhat ideas.
if i cant haq, then i obviously cannot be a blaqhat.

doing what you said though... thats like almost as stupid as using a trojan, except the fact that u wrote it yourself. most employees would probably know better than to download an attachment anyway... unless you use addresses from people they know.

any virus out there wild on the internet has a way of distributing itself (otherwise it wouldnt be out there in the 'wild')... so why not incorporate that into the definition? i'd say ur idea is more of a trojan. trojans do however show up on anti virus programs. but they are still not really viruses in my opinion (my opinion isnt humble though)

joe: when are you going to show evidence of how i supposedly failed english 8 times because i spelled so many things wrong in this topic (which isnt true...). i have never failed an english class... but that doesnt matter, and isnt the topic. i am not some perfect punctuation using person anymore. so stop thinking ur all smart and stuff because you can use it. any 10 year old can use punctuation on the internet... even you. joe, ur such a social whore... even though you suck at being one (which isnt a bad thing)

Hm, am I the only one here who realized..

- c0n can't spell
- c0n failed English eight times in a row in high school, then dropped out when he turned 18
- c0n thinks pr0j3kt m4yh3m isn't a joke (joe.x86labs.org points to my computer. Bite me please)
- c0n is a hopeless idiot

dear joe,

- c0n can spell he just doesnt feel the need to on the intarweb
- the internet is not a serious place
- pr0j3kt m4yh3m is not a joke. ur ignorant about it so obviously you would have no idea.
- go leech more asm code for ur pathetic 'operating system'
- stop being a social whore
- i feel the need that i must re-iterate...

pr0j3kt m4yh3m is not a joke. perhaps it seems like a joke because they like to make fun
of the whitehats they own, and it happens to be funny. but ur wrong... its not a joke. if u wanna
get owned, joe, please go talk to people in #w0ah on efnet. oh wait... sorry... i cant give u the key
to that channel. i'd love to but i wont. u call me a hopeless moron but you are the one who leeched
the code for ur lame os. why dont u send an email to aer0@hush.com and talk about how u think
pr0j3kt m4yh3m is a joke. he runs www.dikline.com. tell him about how much of a hopeless kiddie bnet bot coder
you are, and that you think pr0j3kt m4yh3m is a joke. im pretty sure u would soon find out that it isnt.

here... ill start the email for u.

--email--

Dear aer0,

I am Joe, and I am a Battle.net bot coder. I think that
Pr0j3kt M4yh3m is a joke. Hold on, let me look at all the whitehat
ownings for your zine. Wow, your pr0j3kt m4yh3m cell has
owned a lot of whitehats for the dikline ezine. But pr0j3kt
m4yh3m is still a joke, because I am too ignorant to believe that there
are actually people out there that would do harm to poor, innocent,
pussy whitehats out there. It's a joke... a total joke. Please don't own
me, I'm not a whitehat. I just think you're a joke, and everyone
in your cell is a joke. F1sh got busted, but he's a joke, lolol!
Syke is a joke too, because, well, I don't know him! I dont know
anybody affiliated with pr0j3kt m4yh3m, but it is such a joke!
The_uT owned a lot of people and rm'd them, but once again...
a joke! pHC was a joke in 2002. Trust me, I know what I'm talking
about... I'm Joe, and I use my real name as a nick on the interweb!

Sincerely,

Joe[x86] - the ultimate bnet code leecher
--/email--

there you go, joe. alter it if you want... i dont care.

i mean i suppose its pretty fucking hard to type "pr0j3kt m4yh3m"
in google and not see all the websites that pop up about it?
theres even an article about pr0j3kt m4yh3m and whitehat hate crimes
in Wired Magazine.

but go ahead and try distributing it yourself and see how many ppl you will infect...

That's asside from his point.

yes but it was pointless to say it when i clearly agreed with him above

that isnt a virus... a virus needs to reproduce itself and distribute itself.

That's what I said.  Glad to know you can repeat, while still managing to get it wrong!  A virus doesn't need to distribute itself to be a virus. 

i didnt read all the posts.. i skimmed the first 2 or whatever and then decided that i would say that.

but a virus would be completely stupid if it wasnt distributed in some way... but i guess ur right that it doesnt need to. it does need to reproduce itself though.
i didnt repeat you knowing that i was repeating you. i also think that any successful virus would need to find a means of distributing itself to be... well... successful
so i guess i can safely say that a virus will reproduce itself & distribute itself.

so this means i wasnt really wrong. i was just being smarter and including a characteristic that basically every virus includes... a way of distributing itself across the interweb.
there's no reason to leave that out.

_{whitehat scum}

How about, I email it to somebody?  It's not distributing itself.

read what i said...

i said it doesnt NEED to..
but go ahead and try distributing it yourself and see how many ppl you will infect...

whitehat scum

And suddenly c0n loses what little respect I had left for him.

your respect means nothing to me... and never did.
ur just some vb coder that codes lame shyt.

You are honestly a fucking moron..

even if i said something intelligent on this forum you would say the same thing.
what you think of me means nothing to me. the only thing you didnt like was the
thing i said about whitehats. h0h0h0...

that isnt a virus... a virus needs to reproduce itself and distribute itself.

That's what I said.  Glad to know you can repeat, while still managing to get it wrong!  A virus doesn't need to distribute itself to be a virus. 

i didnt read all the posts.. i skimmed the first 2 or whatever and then decided that i would say that.

but a virus would be completely stupid if it wasnt distributed in some way... but i guess ur right that it doesnt need to. it does need to reproduce itself though.
i didnt repeat you knowing that i was repeating you. i also think that any successful virus would need to find a means of distributing itself to be... well... successful
so i guess i can safely say that a virus will reproduce itself & distribute itself.

so this means i wasnt really wrong. i was just being smarter and including a characteristic that basically every virus includes... a way of distributing itself across the interweb.
there's no reason to leave that out.

_{whitehat scum}

3.14 = pi
r = r
8 = eight

pireight

pirate

actually its pir8 not pireight.
but you got this idea from deuce

that isnt a virus... a virus needs to reproduce itself and distribute itself.

Umm... guys... Joe is 100% right!

TI-Basic is no where close to basic!

For example:

Code Select Expand


:ClrHome
:Disp "HELLO WORLD"


No dot notation, no objects, no classes.

Code Select Expand


:Clrhome
:0->A
:For X,1,20
:A+X->A
:End
:Disp A


No dot notation, no objects, no classes.

Code Select Expand


:ClrHome
:Lbl 1
:getKey A
:While A=0
:getKey A
:End
:ClrHome
:Disp A
:Goto 1


No dot notation, no objects, no classes, whiles not ended with a wend.

Of course, there are more defining attributes then that to basic, but those are some. The only thing basic-ish I can find is the use of a GoTo command..

im pretty sure basic isnt advanced enough to use classes

Haha. I think it's funny. :D

I think his damn little sister got on, 'gonna rape that bitch, damnit.

ur like 13 yearz old... how could you rape anyone. you aint even got any muscle.

Pirate.

show us how u came to thiz c0nkLeWzi0n.

what am i...

gay.

wrong. try again.

if im a 3.14+r+8 what am i?

hEy du0D YuR mY h3rE-R0w!@#$@!