What's New!

Chat with

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 


Meet the 
Happy Hacksters 

Help for 



It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

More from The Hacking of America...

There you have it. Script kiddies are often driven by jealousy, suspicion, pride, rivalry; a desire to taunt, bully, or get revenge; a thirst for power; motivated by greed or arrogance. In other words, they are pretty much like the rest of us, only maybe a bit more open about their motivations.

So how do how script kiddies break in? As you may have noticed, these are the people you read about in the news, the ones who deface and shut down web sites. Since this is such a big deal with reporters, let's explode the myth that these vandals are geniuses.

In 2001 a weaknesses in the Windows Internet Information Services Server (IIS) made headlines over and over again. First the Code Red worm took advantage of it, then Code Red II, then Nimda. These were virus-like programs that spread from computer to computer without human assistance. They propagated so fast that, within hours of the release of each of these, they took over every computer on the Internet that was vulnerable to them. It got so bad that on Sept. 18, 2001, US Attorney General John Ashcroft held a press conference to assure a jittery nation that Osama bin Laden was NOT behind the Nimda worm.

Code Red II and Nimda were especially dangerous because they altered over 100,000 Windows NT and Windows 2000 Internet web servers and personal computers to allow any stranger to log into them and exercise total control. We'll never know how many serious criminals took advantage of those worms to steal credit card information and confidential company information.

The original discoveries by Ryan Permeh and Marc Maiffret (of Eeye Digital Security, http://www.eeye.com) of the break-in opportunity exploited by these worms definitely took intelligence. The writing of the worms that exploited such weaknesses also took lots of brains. However, once discovered, and once someone wrote out the exact instructions in a way that anyone could understand, and shared them around, all it took to run this exploit was an account on America Online.

A Script Kiddie Remote Exploit

Here's an example of how a script kiddie can use simple instructions to break into and deface a web site. This script works on Windows 2000 Server or Professional upgraded to Service Pack 2, as long as they don't have the upgrade to IIS needed to prevent this exploit. At one time millions of computers were vulnerable to this attack.

I'm only making this trick public because the massive attacks of 2001 using this exploit have pretty much ensured that all Windows 2000 computers are now fixed. However, if you want a little fun, you can set up a Windows 2000 computer without the IIS upgrade and try this out. Note that if you have Windows 2000 Professional, you must enable the Personal Web Server for this to work. In Windows 2000 Server you should run the IIS service, which is the same as the Professional version's Personal Web Server. (Go figure. Some marketing guy must have decided to call the same webserver a different name on each product.)

Also, this exploit depends on the kind of web browser you run. This is because this attack depends on how a browser interprets the commands you type into the location window. I've found a lot of browsers that work, and others that don't, for example some versions of Internet Explorer and Netscape for Linux. So if this doesn't work using one browser, try another. (To read the rest, see the book.)

Read about The Hacking of America at Amazon.com --->>

Buy a copy of The Hacking of America, autographed by Carolyn Meinel -->>

Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Visit this group

© 2002 Happy Hacker All rights reserved.