|
PureBytes Links
Trading Reference Links
|
Hello Everyone
As promised there was indeed enought interest to warrant passing this on as
most of you probably are using Windows 95. These are two letters posted to on
the Omega list. I have been to a website http://www.rootshell.com, and
downloaded the zip file that contains the mentioned program, and the document
below. It is indeed real, and indicates the real need for concern. The
first letter mentions a file sharing setting that you all should be aware of.
It is near the end of the 1st letter and is flagged.
Pete
1st Letter
Careful guys . . .
Internet users who run the Windows family of
operating systems face a new threat to their
computer security following the widespread release
of a new piece of hacking software.
The hacking tool, which has been available on a
popular hacker Web site for more than a week,
enables people with no previous hacking experience
to gain complete access to other people's computers
over the Internet.
"There is good reason to be worried about this," says
Daniel Ayers, a network security specialist with
Netlink, one of New Zealand's largest commercial
ISPs.
"The scary thing about this is that it will enable
someone who is totally ignorant to access someone
else's machine."
Called Winhack Gold, the software exploits the
ability of Windows 95, 98 and NT computers to be
interlinked easily to form a network.
Many small businesses use the networking
capabilities of Windows to link computers without
worrying about installing a complex network
operating system. However, to connect two
computers in this manner requires that the computer
be set up to share information and in doing so the
security of the individual computers is compromised.
Computers running Windows NT are not as
vulnerable as those operating Windows 95 and 98,
but still can be accessed in a similar manner.
Single stand-alone computers running these
Windows operating systems that are not connected
to a network also are vulnerable if they are not set
up correctly.
While the vulnerability of the Windows networking
capabilities has long been known to security experts,
this new tool poses a significant risk as it allows
people to hack into other Windows computers with
the same ease as they would use a word processor.
The tool is automated, and can search through
thousands of computers connected to the Internet
until it finds those that are vulnerable.
When an "open" computer is found, the unauthorised
user can read, copy and delete any or all information
on that hard drive.
Small businesses and individual users of Windows
who previously have thought themselves to be safe
from hacker attacks should now think carefully about
how their systems access the Internet, Mr Ayers
said.
Those most at risk are businesses which have
connected Windows 95 and 98 machines together,
and who also use these machines to access the
Internet.
"This is something which will affect the grassroots
user who uses Windows 95," says Mr Ayers.
He also points out that the nature of Windows 95
means that it is difficult to tell if someone has
accessed a computer.
"It is going to be very hard for someone to know if
they have been broken into with this. There is just
about no way someone would know they have been
a victim."
** The threat can be combatted in a simple manner,
** however. When using Windows 95 or 98 to access
** the Internet, a function called file sharing should be
** disabled.
** In Windows 95, this can be done by going to the
** network settings in the control panel, clicking on the
** box marked file and printer sharing and making sure
** that neither of the options for file and printer sharing
** are ticked.
Users who need to access the Internet from a
Windows 95/98 network should consider additional
security software, or even upgrade to Windows NT,
which has password protection features that also will
combat the threat.
2nd Letter
This is NOT a hoax, it is a REAL risk that we assume when we connect to
the internet (hey I thought I was taking on mainly price risk and
liquidity risk when I was trading), and something we need to look into
more thoroughly as the internet becomes more integrated into trading and
our lives - now I understand why they call it the INTERNET.
If these hackers can crack the Pentagon etc, I doubt whether it would be
too difficult for some 17 year old cracker, slurping diet Pepsi and
woofing down a 1/4 pounder with cheese (I think they call it a Royale
with cheese in France) to crash your system or peek at your files.
The reason why developers aren't too open on this issue, is because they
don't want their customers to know or complain, and the reason why these
public hacker sites exist is so users will complain and the developers
are compelled to fix these security loopholes. Well that's the theory.
I don't know the probabilities on me or you being hacked, but it isn't a
risk I want to assume. I think this issue is only applicable to
computers that are networked but I am not sure on that count. Can
someone help on that?
Whatever the answer, now I will only use a DEDICATED NON-NETWORKED (no
file sharing enabled) computer to connect to the web, and another one
for my trading apps. I hope this is enough and that Microsoft can
get ahead of this curve . . .
Paranoid xxxxx
PS here is a document that comes with WinHack . . .
""
Ok you ready for this?
Hack into thousands of Windows '95, 'NT, or 98 computers without them
even
knowing you are on it.. you are mad at aomeone? No problem, DELETE their
computer! hhehe
Make sure to read the mIRC and the troubleshoot doc if you have
problems.
This is EASY! ANYONE CAN DO IT!
Options are simple, from Mirc just add the junk in the add2mirc.doc, and
click on any user to see if you can get in, or join a channel and click
on
exploitall! You guessed it, it will try everyone in the channel!
Things to do:
After connecting you might want to
A. Add a folder to their HD to see if you have write access, then delete
it right away. If you get access denied you can only read their drive
you might want to try the same on their other drives if they have
them.
If you can write, you can add autoop in their mirc, or
just change their aliases file so that when they try to kick, ban, etc..
it will op you instead ;)
B. Look for warez, if you are into that...
C. Look for warftp or other password program info on their drive
D. Snag their tree.dat file for cuteftp
E. Check out their desktop directory, there is always good stuff in
there.
F. For personal info, names, telephone, addresses, family members names
look in the My Documents directory.
G. Always check the mirc\download directory, the best stuff in there!
If you get a password box with $ in it, it is a unix machine, just
cancle
it. If you get the drives, but one is password protected, right click
on
the connect box, choose properties, and read the name of their workgroup
and computer name, try them and other comon passwords.
Using winhack.c
compile the program or use the compiled one.
compile using : gcc winhack.c -o winhack
This program will make a list of ipaddresses that are win 95, 98, nt,
but
remember they might disconnect by the time you get to try them, so i
added
the batmaker.c
Command line would be:
./winhack -d 207.6.78.x -o test.txt -b
./winhack runs the program
./winhack -d 207.6.78.x defines what class C you are going after, if you
pick cable modems you will be better off also, much faster connects..
24.*
most of the time are cable modems.
-o = output filename
-b = run in the background
do the same with batmaker, only you will get output like:
root:/winhacker# ./batmaker -d 24.92.98.x
batmaker 0.9c - ShhhhhiT - Batmaker '98
explorer \\24.92.98.132
explorer \\24.92.98.135
explorer \\24.92.98.145
explorer \\24.92.98.146
explorer \\24.92.98.149
explorer \\24.92.98.162
explorer \\24.92.98.165
explorer \\24.92.98.174
explorer \\24.92.98.190
explorer \\24.92.98.191
explorer \\24.92.98.192
Now just copy and paste into your windows directory in a .bat filename,
or
just download it and run it, bamb! you will be connecting to computers
right and left!
Things to remember:
1. do not tell people that can be hacked that you hacked them, they will
figure it out and turn off their sharing or add a password.
2. this is undetectable right now so they can't see your ipaddress or
log
you, but i am told that there is a company that has a program that does
called hackerproof98 or something like that. so watch out you never
know..
3. password cracker comming up next, so watch for it ;)
4. if you delete their hd you delete any access of going back, so think
about it first.. if it is some gay asshole, or kiddyporn dude, go for
it!
L8terz
should i take credit for this work? na.. it is way to easy to do...
just providing you the info...
-T0URCH-
thanks to BiT for his ipscanner hack made for IMAP, modified here for
WinhackGold!
|