Fall Hacker’s Digest 1 “Hackers, virus-writers and web site defacers would face life imprisonment without the pos- sibility of parole under legislation proposed by the Bush Administration that would classify most computer crimes as acts of terrorism.” ---Kevin Poulsen Are You Scared Yet? Editor-In-Chief: John Thornton Steady Writer ^Circuit^ ○○○○○○○○○○○○○○○○○○ Writers Mixter Lucid Actinide Floydman Simple Nomad David Larochelle David Evans 2 Hacker’s Digest Fall Hackers Digest Issue 2 Fall 2001 Power to the People ..................................................................................4 Hacker’s Digest Focus Jerome Hackenkamp ..................................................................................6 Guidelines for C Source Code Auditing ..................................................................................8 The Cordless Beige Box Theory ..................................................................................10 Invisible File Extensions on Windows ..................................................................................12 Strategies for Defeating Distributed Attacks ..................................................................................18 Autopsy of a Successful Intrusion ..................................................................................30 Remote GET Buffer Overflow Vulnerability in CamShot WebCam HTTP ................................................................................. 39 An approach to Systematic Network Auditing ..................................................................................40 Ten Things Not To Do IF Arrested ..................................................................................43 Statically Detecting Likely Buffer Overflow Vulnerabilities ..................................................................................45 Fall Hacker’s Digest 3 Power To The People igital Millennium Copyright Act, a law Security Systems Standards and Certifica- that turned me, collegles, profes- tion Act (SSSCA). The SSSCA is the brain Dsors, and many others into criminals child of Senator Hollings that will put even overnight. Edward Felten, an encryption re- more Americans in jail for making corpora- searcher, was threatened by the RIAA, if he tions such as Disney mad. It would be a was to give a lecture on cracking digital wa- civil offense to sell or create any kind of com- termarks. So, when I read how Disney, one puter equipment that "does not include and the many corporations that is sueing 2600 utilize certified security technologies" that for violations of the DMCA, has produced a is not approved by the federal government. show to teach children the evils of swap- It will create new federal felonies, punish- ping music on the internet, I was rather ap- able by five years in prison and fines of up palled. “The Proud Family”, a cartoon se- to $500,000, for anyone who distributes ries aired on the Disney Channel, told a story copyrighted material with “security mea- of a little girl who spent all of her money on sures” disabled or has a network-attached CD’s, was told of a web site called “EZ computer that disables copy protection. Jackerster” that provided a Napster like “Forgetting all the reasons why this is bad community to swap copyrighted music. copyright policy and bad information policy, Knowing what she was doing is illegal be- it’s terrible science policy,” says Jessica cause of the DMCA, the little girl did not want Litman, a law professor at Wayne State to tell her freind, but did anyway. The whole University who specializes in intellectual thing causes a spiral effect and next, no one property. is paying for music. Next thing you know the little girls house is on the News for being With this being extremely important, it is responsible for the down fall of the music something we will need to come together industry. to fight, it has been over shadowed with the events that occured on September 11th. If only the little girl knew how Disney played New and far more dangrous bills were pro- a part of having an extremely bright teen- posed, one of them being the 'Anti-Terror- ager and his father arrested in Norway after ism' Act. I honestly belive was a bill that took writing a program that would play DVD’s on advantage of a nation in mourning. A letter I his computer. Or how its not the rap star “Sir wrote to Vulnerability Development, a se- Paid-A-Lot” who would not be paid but the curity newsgroup. record lable. Perhaps the little girl would have used her money to help support the In case you have been living under EFF (www.eff.org) to fight arrogant corpora- a rock the past few weeks. You tions such as Disney. should know that our civil liber- ties are under attack. Kevin Poulsen With that said, despite all of the criticism wrote: "Hackers, virus-writers and coming from all sorts of people it just does web site defacers would face life not look like the DMCA is going anywhere imprisonment without the possibil- soon. Thats why what Emmanual Goldstein ity of parole under legislation of 2600, with the help of the EFF, is doing is proposed by the Bush Administra- so importent to what we do. I wish them the tion that would classify most com- best of luck. puter crimes as acts of terror- ism." (http://www.securityfocus. The next thing to be afraid of is the The com/news/257, Hackers face life 4 Hacker’s Digest Fall imprisonment under 'Anti-Terror- of computer crimes, a maximum sen- ism' Act). When you read the news tence of 85 years, and up to $4 this morning you will see that million in fines. After Qualcomm this bill was passed by the Sen- reported him to the FBI. This case ate. is harsh now, just imagine if this (http://www.securityfocus.com/ happen under the 'Anti-Terrorism' news/265, Senate passes terror bill. This could happen to you. bill). Again, I have always felt it I will say that most of the was my duty to report attacks readers of this news group are not against my network to there ISP. I hackers but Network Administrators looked at it as doing my part to that are very involved with the make the internet more secure. I Security Community. That is why I figured it is a good lesson for the am asking you, not to report minor kid to have his service taken away. scans against your network to the If this bill becomes law then its abuse department of any ISP if no longer just some kid getting his this bill becomes law. service taken away. It is some- I as a Network Administrator thing that can escalate to much for many years now have been on a more and could result to some kid routine to check my logs for scans going to jail for a long time. I against my network every morning will not be a part of it even if and send the logs of attacks to there is just a slight possibility the abuse department of the ISP. I that this can happen. I want noth- encourage every Network Adminis- ing to do with it. trator I ever talked to follow I ask each and every one of this practice to this day. It is you to join me in this protest. It my job Network Administrator to is not to late to make a differ- report these attacks on my net- ence. Once you lose your right you work, it is what I am paid to do. will never get it back. However if/when this bill becomes law I will no longer report these After I wrote this letter I revived email for days attacks and I urge every Network a lot of support as well as a lot of criticism. Administrator to join me in this Most people argued that you do not have a Civil Disobedience Protest against right to write virus however you do. There is this bill. nothing illegal about writing computer virues If/When this bill becomes law, however it is illegal to write them and then Hackers/Script Kiddies will no release them in the wild. The other point that longer be looked at as just kids was made to me was the fact that if every- messing around with computers, but one stoped reporting these attacks then it as terrorists. Just as the press would seem as if the law was working and started to tell the difference would feul other laws of the sort. This is a between a criminal who uses com- great point. puters and a Hacker. Now they all are just going to be terrorist. I The bill was passed however the part that have a problem with this. could put hackers in jail for life was removed. Perhaps you think this could Thanks to people like Kevin Poulsen who not happen to you. Well I would made the public aware of what could hap- suggest you read the story on Jerome pen. It also shows the power we have to Heckenkamp( http:// make a differance by contacting our state www.freesk8.org/ ). A contributor representatives. to BugTraq who wrote a exploit for qpop who is now facing 16 counts Fall Hacker’s Digest 5 Hacker’s Digest Focus Jerome Heckenkamp n extremely intelligent individual, The FBI claims he is a hacker known Jerome Heckenkamp, also known as ‘MagicFX’. Just do a search on google Aas ‘sk8’, is facing a maximun sen- for MagicFX and you will see all of his work. tence of 85 years and close to $4 million MagicFX has been all over the press for tons dollars in fines, is claiming he is a scape- of hacks he has pulled. However Jerome goat for the FBI. Jerome is being charged Heckenkamp says he is not MagicFX and with 16 counts of computer crimes with the knows nothing about him. In an article writ- alleged victims being Ebay, E-Trade, Lycos, ten about MagicFX he is quoted as saying "I Exdous, and Qualcomm. exploited a buffer overflow condition, which Jerome Heckenkamp, who graduated existed in an SUID root program," says the from college at the age of 18, worked at Los hacker, who is finishing up a B.S. in com- Alamos National Labs as a security re- puter science.