What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Everything You Wanted to Know about Social Engineering -- But Were Afraid to Ask...


Vranesevich countered by getting the cooperation of Internet backbone providers to trace the attacks back to their source and cut the perpetrators off from the Internet. (We aren't making public the identities of the owners of the attacking computers because in many, perhaps all cases, they were unknowingly hosting the criminals who ran the attacks.)

Vranesevich was outsmarting the criminals - whoever they were -- at every turn. It was becoming obvious that computer crime was not the way to run Vranesevich out of business.

Enter Brian Martin. "Martin, who admits to some malicious hacking in his past but says he has been an above-board security consultant for years, is a member of Attrition.org, a hacker group that has spearheaded an effort to discredit Vranesevich." - "Tracker of Hackers Goes from Friend to Foe," Matt Richtel, New York Times, October 8, 1999

Martin was soon to prove himself a master of social engineering. At first he had tried simply posting elaborate allegations against Vranesevich on his Attrition.org web site. When this didn't seem to harm him, Martin came up with something novel. He put up links to Antionline from his Attrition.org web site. But these were no ordinary links. Following is an example of these links:

http://www.antionline.com/cgi-bin/phf-is-really-ereet/../
this_is_friendly_greetings_from_ATTRITION.ORG/../giving_you
_the_link_you_deserve/../visit_www.attrition.org/negation/
../pass_us_some_hacker_profiler_$DATA_please/../and_have_a
_nice_day/../how_do_you_like_them_apples_mr_vranesevich?/
../and_it_always_amazes_us_that_the_href_buffer_is_so_big_
because_only_monkey_sites_use_urls_this_long/../phf_php_
search_dig_campus_faxsurvey_wguest_guestbook_anyform_cgitap
_query_cgiwrap_glimpse_lasso_dbadmin_nph-test-cgi_www-sql_
count.cgi_man.sh_info2www_web.sql_and_textcounter.pl_are_all
_vulnerable_cgi_programs_you_should_be_searching_for/../imagine_
each_click_through_adding_a_full_1k_to_your_logs_this_would_
make_a_fun_web_harassment_program--there_you_go_your_next_claim
_to_fame_since_you_like_DoS_attacks/../no_hard_feelings_i_hope
--i_just_wanted_to_link_to_your_site_so_people_could_use_your_
security_portal_and_this_beats_mailing_you_about_it--consider_
this_like_stealth_communications_or_something/../before_i_forget
_my_cat_says_meow--he_doesnt_really_like_you_though--the_world_
antionline_makes_him_bite_me_as_if_it_is_poison_to_his_ears/..
/but_i_bet_youll_use_ereet_border_router_technique_to_filter_
attrition_traffic_since_we_are_a_temple_of_hate_you_plagiarizing
_fool/../if_you_havent_already--shoot_yourself_in_the_head_and
_save_us_from_your_crappy_editorials/../oh_and_one_more_thing--
lay_off_the_drugs_you_fucking_criminal/../confessing_to_crimes
_on_a_public_warez_site--we_still_cant_get_over_the_stupidity_
of_that/../of_course_you_can_add_all_this_to_your_profile_of_
the_attrition_thugs_that_you_will_sell_the_feds_you_narcbait/
../second_war_in_heaven<--from_a_movie_im_watching/../oh_the
_healing_power_of_nachos_lemme_tell_you/../its_amusing_being
_right_and_watching_someone_else_be_wrong--you_end_up_laughing
_at_them_a_whole_lot_kinda_like_we_do_with_you/../--/hope_all
_your_dates_with_meinel_went_really_well_too--just_dont_get_
married/../dipshit.html

The above URL was all one line. So every time people clicked on it, they got both a no such URL message, and the entire long URL was added to Antionline's security logs as a hack attempt. The URL also contained strings such as nph-test-cgi, which trigger intrusion detection systems. These had the effect of running the CPU usage to near 100% on the intrusion detection computer. Several other hacker web sites, such as Ken Williams' former site at http://packetstorm.genocide2600.com, also set up these links.

More on social engineering -->

Back to the index of "Everything You Wanted to Know About Social Engineering -- But Were Afraid to Ask --->


Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

 © 2013 Happy Hacker All rights reserved.