102 lines
5.8 KiB
Plaintext
102 lines
5.8 KiB
Plaintext
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|
|
= F.U.C.K. - Fucked Up College Kids - Born Jan. 24th, 1993 - F.U.C.K. =
|
|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|
|
|
|
Security is Obscure
|
|
~~~~~~~~~~~~~~~~~~~
|
|
|
|
"Obscure (adj.): [...] 4. Not famous or well-known. 5. Difficult to
|
|
understand." -- _The American Heritage Dictionary_, 2nd ed., 1983.
|
|
|
|
Okay, so it's an old dictionary. But the meaning of the word "obscure"
|
|
really hasn't changed much in the last decade.
|
|
|
|
I wanted to write this file as a word of encouragement to beginning
|
|
hackers who think everything has already been done and security
|
|
everywhere is tighter than the pope's ass (but not the alterboy's, ha
|
|
ha). I intend to illustrate the base ignorance of many system
|
|
administrators who know less about unix than the average hobo does.
|
|
|
|
Security is obscure in the sense of the first meaning I quoted; most
|
|
*.edu systems have admins who haven't got the slightest clue as to how
|
|
they can secure their system, as well as letting their users (recall that
|
|
the weakest link in any "secure" system is usually the people who use it)
|
|
choose poor passwords. Thus, if Joe Admin sets up a system and restricts
|
|
access to dial-up and computer labs, Joe Hacker will still be able to get
|
|
in using Joe User's password ("sex") and a modem.
|
|
|
|
One case I wanted to mention specifically in this file happened over the
|
|
course of the past few weeks. I requested and received a copy of an
|
|
unnamed school's passwd file from an unnamed source (you know who you
|
|
are. Thanks again!) after he told me that it was unshadowed and
|
|
world readable. I ran jack on it using a few wordlists before I
|
|
found out that the passwd binary forced users to use non-dictionary
|
|
passwords. Then, because I was bored and needed to brush up on my C
|
|
knowledge (very little, actually), I whipped up a program to output all
|
|
possible 8-character printable password combinations. After some quick
|
|
calculations, I discovered that I would need at least 6,500 9-gig Seagate
|
|
drives and several decades to store all the combinations and use them
|
|
with jack. Discouraged, I dropped the matter for a while.
|
|
|
|
Then a co-worker asked me to step her through the "reading email"
|
|
process on her account, which happened to be on the system in question. An
|
|
account she had never used. One with the default password still in place.
|
|
|
|
I helped her log in and incidentally discovered that default student
|
|
passwords on this particular system were the first 8 digits of the
|
|
social security number. I also found that the .login script *didn't
|
|
force first-time users to change their password*! I guided her through
|
|
the "changing your password" stage and was astounded to find that this
|
|
poor-security system forced users to use non-dictionary passwords but
|
|
wasn't set up to force an initial password change.
|
|
|
|
I let it sit for about a week before I got around to modifying my
|
|
program to output combinations of 8-digit numeric combinations. After
|
|
further trimming it down to output only the combinations beginning with
|
|
521, 522, 523, 524, and 525 (CO-issued SSNs) (the "full" output would
|
|
take about 110 megs), I had a 5-meg wordlist file that has netted me
|
|
over 60 accounts from this system. These accounts were snagged over a
|
|
total period of about 10 hours or so, and I used my very limited SSN
|
|
list. Imagine how many I would have if I used the "full" SSN output and
|
|
gave jack a few weeks.
|
|
|
|
The second definition of "obscurity" that I quoted does not seem to
|
|
apply at first; most people who work with computers have some
|
|
understanding of security, and admins should be especially aware of
|
|
security issues. Yet I have found and continue to find just the opposite,
|
|
nearly every day. This is why you should use PGP and SSH; why should you
|
|
trust your admin to secure his system? If you have faith in his sysadmin
|
|
skills but I have reason to believe otherwise, then you'll be the one
|
|
who loses when I start hanging out in your home directory.
|
|
|
|
As an addendum to this file, I'm including "Things overheard while scanning
|
|
cell frequencies". I started it as a separate file, but I don't have nearly
|
|
enough:
|
|
|
|
"Oh shit, I just ran a red light."
|
|
"People can listen to cellular conversations with one of them hand-held
|
|
walkie-talkies."
|
|
|
|
-Legion
|
|
|
|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|
|
= Questions, Comments, Bitches, Ideas, Rants, Death Threats, Submissions =
|
|
= Mail: jericho@dimensional.com (Mail is welcomed) =
|
|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|
|
= To receive new issues through mail, mail jericho@dimensional.com with =
|
|
= "subscribe fuck". If you do not have FTP access and would like back =
|
|
= issues, send a list of any missing issues and they will be mailed. =
|
|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|
|
= Files through AnonFTP FTP.DIMENSIONAL.COM/users/jericho/FUCK =
|
|
= FTP.SEKURITY.ORG/pub/zines/fucked.up.college.kids =
|
|
= FTP.PRISM.NET/pub/users/mercuri/zines/fuck =
|
|
= FTP.WINTERNET.COM/users/craigb/fuck =
|
|
= FTP.GIGA.OR.AT/pub/hackers/zines/FUCK =
|
|
= ETEXT.ARCHIVE.UMICH.EDU/pub/Zines/FUCK =
|
|
= Files through WWW: http://www.dimensional.com/~jericho =
|
|
= http://www.prism.net/zineworld/fuck/ =
|
|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|
|
= (c) Copyright. All files copyright by the original author. =
|
|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|
|
|