http://neworder.box.sk/newsread.php?newsid=1059

Box network

NewOrder

Asta

Linux

Code

Mobile

DVD

Mp3

Eye

Easy

Photo

Gameguru

Edge

Science

Travel

Eco

Recipes

Lost password ?

forums

free classifieds

logged users ::

active for last 5 minutes

MNoel35

Regular user

strokerace

Regular user

aleksandardj

Arrouan

bakibey

DokFenderson

gerd

jonblund

kchris5950

lanvicky

MentalSkerry

rathack

supudhanjal

registered users:99162

select a language

English / English

submit

My First Actual Hack

@ Articles

Nov 24 2001 - 21:16 EST

Paris2K

writes:

[Linux]

And a blinking cursur :-)

That’s what I was looking
at for the first time a few
weeks ago.
The first thing I did was
what a real hacker would
probably never do; I got on
the phone and told the only
hacker that I know irl, that I was in, running around in circles like
a small kid who just opened the birthday present he always
wanted, hyperventelating and bashing my hand against my
forhead.
How could they have been so stupid?

Before I got this far…this is how I started:
I started doing a portscan with nmap (one of the things I learned
at HAL2001)

Starting nmap V. 2. 07 by Fyodor (fyodor@dhp.com,
www.insecure.org/nmap/)
Interesting ports on ipd*******.speed.planet.nl

Port State Protocol Service
23 open tcp telnet
53 open tcp domain
80 open tcp http

This is what nmap gave me. Well the fact that they had port 80
open could mean that they have a webserver running, but I
checked and they don’t. So I had probably move on. Port 53 is
the DNS, I know what it is, but port 23 looked more interesting
to me. Telnet. So I fired up my telnet client and connected to the
IP.

Linux 2.0.38 (bunny) (ttyp1)

Bunny.LT4.net login:
Password:

So I thought I’d just try something…why not?
But after a few tries I realised that what I was doing was rather
useless. I had been trying different combinations of usernames
and passwords…but of course (duh) the username would surely

(

Page 1 of 5

New Order - computer security and networking portal

5/12/2002

http://neworder.box.sk/newsread.php?newsid=1059

I think all the trojans on his
comp are eating his AOL
bandwidth like hell...

fixx3r

quotable quotes

be “root”.
I should’ve thought of that earlier….its Linux so it should be the
same as on my Red Hat 6.2 box.
I had only started linux a year ago and basically quit it after a
month or two. Planning to pick it up again, but couldn't find the
time, because of Girls and Beer and Uni, well you know, the usual
stuff. When there was time, I wanted to do stuff, not try a zillion
times and not succeed. Username root. The first thing I tried for
the password was “bunny”. But they wouldn’t be THAT stupid
now would they? Well they were. Yes it’s true, in my first actual
hack, I guessed my way into the root account. So what? I’m in
that’s what counts. Ls -a and cd were about all the linux
commands I knew by then. I had a look around and decided that
this must have been a router.
Some snooping around resulted in finding out that this was a
router using Freesco router software.
The next step would be to find the Freesco site, read the manual
and still not knowing what the fuck I was doing. :-)
By this time I decided I could use some help. I called my friend
again. Our plan was to create a second account. So he could get
in to. At least that’s what we thought :-)
After trying and trying I found out that the router can only be
remotely connected to, using the root account, the adduser
command was to add people with dial-in accounts. Damn.
Well then I thought that it might be possible to connect twice at
the same time, using the root account.
With some help of the people at the Neworder Board I came to
the idea to install an ssh deamon.
However, I knew nothing of linux, besides the fact that installing
stuff is like trying to satisfie a frigide women with your elbow (No
guys, don’t even think about replying to this one! :-))
Luckily the Freesco software has an installpkg command that can
automatically download and install packages from their website.
Because besides the fact that I have as much linux skills as
BakeSnake has people skills (haha lol) Freesco is also not a full
linux distro; it’s a downgraded, ripped version of something that
slightly resembles linux.

Well I got opensshd to run, which meant we could now both
connect at the same time, using the root account, on different
ports. After I downloaded puTTY of course. (Thanks for the hint,
who-ever it was)
After a while my friend got bored. He didn’t like the fact that we
didn’t seem to get anywhere. He found the router boring, not
understanding that it was like an open door into the rest of the
network. He decided to take a run for his money. Some hackers I
talked to agreed with my friend and thought “this would probably
be one I couln’t win”

After some heavy pinging and nmapping the internal ip-
addresses in the network, I started making a profile of the
network, with all the info I could find. The 139 ports revealed
that File and Printer Sharing was enabled on most of the boxes.
But how was I going to get in with a linux box? I see you people

I
N

U
D

Page 2 of 5

New Order - computer security and networking portal

5/12/2002

http://neworder.box.sk/newsread.php?newsid=1059

thinking: Samba! And that’s what I did. I installed smbclient on
the router, read the manual, learned the commands an started
her up.

[Linux] smbclient -L Birdy
load_client_codepage:
filename /mnt/router/packages/smb/codepages/codepage.850 d
oes not exist.
load_unicode_map:
filename /mnt/router/packages/smb/codepages/unicode_map.850
do
es not exist.
added interface ip=10.0.0.100 bcast=10.0.0.255
nmask=255.255.255.0
added interface ip=192.168.0.1 bcast=192.168.0.255
nmask=255.255.255.0
added interface ip=213.*.*.* bcast=213.*.*.*
nmask=255.255.255.0
Got a positive name query response from 192.168.0.2
( 192.168.0.2 )
Password:

“Whats up with all those “does not exist errors?” *sigh*”
Password? Damn….what could it be? I read something about
cracking share passwords but that was windows OS only. Damn.
Well lets guess a few times. Mwhuhahahaha once was enough!;
the passwords were the same as the host names. Surely, ‘cause
otherwise it’s oooooooh so hard to remember. The dench in my
forehead got larger and larger. These people are just plain old
Stupid. With a capitol S.

Sharename Type Comment
--------- ---- -------
Personal Disk
MC AFEE Disk
DOCS Disk
DOWNLOAD Disk
IPC$ IPC Remote Inter Process Communication

Server Comment
--------- -------
BIRDY None
BEAST Cool Computer
BEAR
YOGI
PETER
MAIN
LUKE
IMPORTANT

Workgroup Master
--------- -------
LT4 BIRDY

Page 3 of 5

New Order - computer security and networking portal

5/12/2002

http://neworder.box.sk/newsread.php?newsid=1059

Well that solved my hostname problem. I couldn’t seem to find
out the hostnames, although I had the ip’s. And I needed them,
to connect with smbclient to read and transfer files.
So, now I had acces to all the computers, well most of them,
except for some that weren’t online, but how was I gonna
transfer files to my own box? Freesco software does not have
sendmail or ftp installed.
I tried installing an ftp server but failled miserably. Then I
thought a sniffer would be a good idea also, but how was I to
know that I needed the gcc to compile it and that Freesco didn’t
have it? So I tried to install gcc and almost died trying. But after
another question at the board I dedided to install an ftp client
instead of a server and upload stuff to the ftp server on my own
box (which of course I had to install first…) That worked and as I
saw the seconds tick by on my clock I saw files streaming into
my box.

Finally, I did it. I hacked into a network….well to be honest a
huge part of it was guesswork, and now I’m looking at some
people’s totally not interesting files :-) But like I said to tuna in a
memo;

This I did in a not lame way. I worked my butt off reading and
searching the web for information about
portscanning, the different ports, services, vulnerabilities,
Freesco, installing packages, linux commands (which then of
course didn’t all work on Freesco), manuals, samba commands,
And all of this mostly on my own, with some help from the
answers to my questions at the board.
And that feels good. It feels good to know that I finally
accomplished something like this, by doing it the hacker way.
And accomplishing this by reading and learning, not giving up,
even when things seem hopeless, teaching myself, keeping at it,
at least makes me a hacker in my eyes.

All and all it took me about 3 weeks to do all of this. I’m sure
some of the people at the board could do this in like, 15 minutes
or something, but that’s because they have a lot of knowledge of
things, that I had to learn and find out for myself as I was going
along. Finally, what I am trying to say with this article to all the
new people that are out there:

You can keep on browsing trough “3V1L H4CK3R websites”, keep
on asking “how do I hack this and that, how do I become a
hacker”, hoping to find the final tutorial that teaches you all the
hacker skills, just by reading two pages and then fail miserably,
but you could also just set a goal for yourself, find a network
(maybe ask a friend for permission to try and hack his) and then
just start and stick with it….read about all the programs and
obsticles that you meet along the way, and just keep at it untill
you succeed. And then in the end…whether you succeed or not,
you will have learned more than you have learned the past years
of browing hacker websites, looking for that one elite tutorial that

Page 4 of 5

New Order - computer security and networking portal

5/12/2002

http://neworder.box.sk/newsread.php?newsid=1059

The content on this site is (c) by particular authors and the New Order (neworder.box.sk) team.

Design is (c) by

Box Network ltd

For more informations about the New Order contact

cube

holds all the answers and all the knowledge. ‘Cause it does not
exits. Good Luck,

P2K

read comments

(69) |

write comment

printer-friendly

version

Page 5 of 5

New Order - computer security and networking portal

5/12/2002

http://neworder.box.sk/newsread.php?newsid=1059