PureBytes Links
Trading Reference Links
|
There are of course dangers. However these programs cannot do
miracles unless you leave the door open.
If you do share drives or directories on your machine then make sure
that only certain users can access them.
On NT don't connect to the internet as administrator. Rename the
administrator account.
Run a different protocol on the network (not IP).
Apply the freshest patches.
And finally: Keep an eye on the send (SD) LED on your modem - if its
constantly on and you ar not uploading then MB is just sucking your
precious EL code - plus the description of the favourite
sex-techniques of your last 100 girlfriends/boyfriends :-)
For more info see:
http://www.rootshell.com/
There is a test as well whether you are vulnurable to winhack
(hopefully this is not a hoax)
Gerrit
> This is NOT a hoax, it is a REAL risk that we assume when we connect
> to the internet (hey I thought I was taking on mainly price risk and
> liquidity risk when I was trading), and something we need to look
> into more thoroughly as the internet becomes more integrated into
> trading and our lives - now I understand why they call it the
> INTERNET.
>
> If these hackers can crack the Pentagon etc, I doubt whether it
> would be too difficult for some 17 year old cracker, slurping diet
> Pepsi and woofing down a 1/4 pounder with cheese (I think they call
> it a Royale with cheese in France) to crash your system or peek at
> your files.
>
> The reason why developers aren't too open on this issue, is because
> they don't want their customers to know or complain, and the reason
> why these public hacker sites exist is so users will complain and
> the developers are compelled to fix these security loopholes. Well
> that's the theory.
>
> I don't know the probabilities on me or you being hacked, but it
> isn't a risk I want to assume. I think this issue is only
> applicable to computers that are networked but I am not sure on that
> count. Can someone help on that?
>
> Whatever the answer, now I will only use a DEDICATED NON-NETWORKED
> (no file sharing enabled) computer to connect to the web, and
> another one for my trading apps. I hope this is enough and that
> Microsoft can get ahead of this curve . . .
>
> Paranoid Peter
>
> PS here is a document that comes with WinHack . . .
>
>
> ""
> Ok you ready for this?
>
> Hack into thousands of Windows '95, 'NT, or 98 computers without
> them even knowing you are on it.. you are mad at aomeone? No
> problem, DELETE their computer! hhehe
>
> Make sure to read the mIRC and the troubleshoot doc if you have
> problems. This is EASY! ANYONE CAN DO IT!
>
> Options are simple, from Mirc just add the junk in the add2mirc.doc,
> and click on any user to see if you can get in, or join a channel
> and click on exploitall! You guessed it, it will try everyone in
> the channel!
>
> Things to do:
>
> After connecting you might want to
>
> A. Add a folder to their HD to see if you have write access, then
> delete
> it right away. If you get access denied you can only read their
> drive you might want to try the same on their other drives if
> they have
> them.
>
> If you can write, you can add autoop in their mirc, or
> just change their aliases file so that when they try to kick, ban,
> etc.. it will op you instead ;)
>
> B. Look for warez, if you are into that...
>
> C. Look for warftp or other password program info on their drive
>
> D. Snag their tree.dat file for cuteftp
>
> E. Check out their desktop directory, there is always good stuff in
> there.
>
> F. For personal info, names, telephone, addresses, family members
> names
> look in the My Documents directory.
>
> G. Always check the mirc\download directory, the best stuff in
> there!
>
> If you get a password box with $ in it, it is a unix machine, just
> cancle it. If you get the drives, but one is password protected,
> right click on the connect box, choose properties, and read the name
> of their workgroup and computer name, try them and other comon
> passwords.
>
> Using winhack.c
>
> compile the program or use the compiled one.
>
> compile using : gcc winhack.c -o winhack
>
> This program will make a list of ipaddresses that are win 95, 98,
> nt, but remember they might disconnect by the time you get to try
> them, so i added the batmaker.c
>
> Command line would be:
>
> ./winhack -d 207.6.78.x -o test.txt -b
>
> ./winhack runs the program
>
> ./winhack -d 207.6.78.x defines what class C you are going after, if
> you pick cable modems you will be better off also, much faster
> connects.. 24.* most of the time are cable modems.
>
> -o = output filename
> -b = run in the background
>
> do the same with batmaker, only you will get output like:
>
> root:/winhacker# ./batmaker -d 24.92.98.x
> batmaker 0.9c - ShhhhhiT - Batmaker '98
>
> explorer \\24.92.98.132
> explorer \\24.92.98.135
> explorer \\24.92.98.145
> explorer \\24.92.98.146
> explorer \\24.92.98.149
> explorer \\24.92.98.162
> explorer \\24.92.98.165
> explorer \\24.92.98.174
> explorer \\24.92.98.190
> explorer \\24.92.98.191
> explorer \\24.92.98.192
>
> Now just copy and paste into your windows directory in a .bat
> filename, or just download it and run it, bamb! you will be
> connecting to computers right and left!
>
> Things to remember:
>
> 1. do not tell people that can be hacked that you hacked them, they
> will figure it out and turn off their sharing or add a password.
>
> 2. this is undetectable right now so they can't see your ipaddress
> or log you, but i am told that there is a company that has a program
> that does called hackerproof98 or something like that. so watch out
> you never know..
>
> 3. password cracker comming up next, so watch for it ;)
>
> 4. if you delete their hd you delete any access of going back, so
> think about it first.. if it is some gay asshole, or kiddyporn dude,
> go for it!
>
> L8terz
>
> should i take credit for this work? na.. it is way to easy to do...
> just providing you the info...
>
> -T0URCH-
> thanks to BiT for his ipscanner hack made for IMAP, modified here
> for WinhackGold!
>
>
> ""
|