Are you being Hacked ?

[Tr4nC3R]

Hi All,

Before you read I am a nice guy !

Information is power, and thats a fact. I have posted this to share my concerns regarding icq. Several years ago I got in with a mixed bunch of weirdo's on icq . Being the sort of guy I was , I got involved in some serious stuff, with regards to illegal entry into personal and private networks. I am not saying I was mallicous but more interested, from an educational point of vue into how its done. The point of this is not how these freaks do it, but to educate those that are unaware. The main point here is that online gamers are easy pray. Icq is one of the most dagerous packages that any one can install on their machines. Its a right can of worms .

Most On-Line gamers have static ip's and all the software installed to make them easy targets. I was alarmed as to how many of you have it on your machines. This being the case, i would recomend that the ones that do, go onto the net and start to educate theirselves into how to protect theirselves from attacks. I am not saying that you all get paranoid, but simply think about why you use icq and then ask yourself is it worth it. I no longer use it and never will again.

Being online most of the time, playing games. Means that while your in-game some spotty faced punk is snooping around your HD. The ethics of this are not the issue here, but the fact that people are unaware of what goes on.

I have many alarming cases. Once they are in they will keep coming back, its that easy. Having icq makes their job a whole lot easier !

Icq is a comms tool, and they too use it. But they know how to protect theirselves and their machines. A night in playing games for you, is a night in for them hacking or breaking into machines. They have meeting places/times and pray as a group on unsuspecting indeviduals. its a real eye opener as to what really goes on !

If you think this is all crap, then think again. Its so easily done.

KILL ICQ NOW

[Rocky]

If you think this is all crap, then think again. Its so easily done.

Show me 41113560. It's on for most of the day. Tell me how much space is left on my HD. Okay, I was playing devil's advocate there, but seriously, if there is any substanace to this, link us up to some more reading on it.

[firefly2442]

Read the article at www.grc.com about the Denial of Service attack and the whole ordeal. It's very interesting. Yeah, there are a lot of programs out there that leave holes open and exploit your system. It's so hard because you want the good data to be sent back and forth so you have to have SOME port open.... but you don't want someone hacking in either... Is there a solution... constant vigilance and watching out for this kind of stuff. There seems to be no other clear and cut way.

[Rocky]

Yeh I have read Steve's story before, interesting stuff.

He is on a mission about some huge security issue with win XP, can't recall the details now, that was interesting too though heh.

[Tr4nC3R]

Please don't ask me to do that !

As I said that was years ago. I am currently out of date with security holes in icq. I don't bother with it so why keep track of how to do it. I still know people who are, so if you really want.......

You need tools and skills to do it, I don't qualify ny more. I am a nice guy

ps: I would'nt go round giving out your tcp/ip details, there are many types of hackers and many types of threats. Be carefull m8, as I said. Although I could do what your asking Why ? when I would rather play GR all night.

Time/planning is all thats needed. Once the seed is planted,sit back and watch it grow.

Hope you understand

Tr4nC3R

(StEvE)

[Tr4nC3R]

Although only the icq No was shown thats enough. V.Silly request.

Nb: I like to put technology to good use these days !

Edited February 5, 2003 by Tr4nC3R

[firefly2442]

Here's some proof:

211.167.134.99 - - [04/Feb/2003:19:53:05 -0600] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 276 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:10 -0600] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 274 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:15 -0600] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:20 -0600] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:24 -0600] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:29 -0600] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:34 -0600] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:39 -0600] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:44 -0600] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:49 -0600] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:54 -0600] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-" "-"

211.167.134.99 - - [04/Feb/2003:19:53:59 -0600] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-" "-"

Lots of attempts by this person to get to the command line. Ehhe. I bet Rocky gets a bunch of these too... Worms, I hate em.

[Tr4nC3R]

Microsoft have a lot to learn, Below is an alternative path all of us should consider. Hope you all agree ?

Sun Microsystems

[firefly2442]

Microsoft have a lot to learn

Why do you say that?

[RooK]

Alternative, as in an Alternative OS? Well, MS may not be the best at security, but they still require many less security updates than say, RedHat. Plus, they are the person most supported by software/game developers. Anything else is an imitation or made for another purpose.

I for one, use a program that lets me use ICQ, as well as other IM services all at once. It get by some of the security flaws, but if a pro wants in your system, they can get in it no matter what.

[Stinger]

am not saying I was mallicous but more interested, from an educational point of vue into how its done

That is still wrong but I could see an instance where I would be tempted to do the exact same. Out of all the people that say they can hack, most are either full of crap or have done as much as try to ping somebody's machine to death. Woopty ###### doo. Everybody thinks they are hackers these days, they think it is cool "look at me I cna hack and prance around I am cool" but all they can do is talk.

Microsoft have a lot to learn, Below is an alternative path all of us should consider. Hope you all agree ?

Everybody has a lot to learn, we (gamers and enthusiasts) make up a VERY small percentage of the PC consumer market and so most companies in the PC world ignore us. ICQ, AIM, MSN Messenger they all have some big probs I hear the most about ICQ granted but there are many prgrms for IP sniffing and such through AIM and MSN Mess. I would bet most "hackers" if given my IP and TCP details and they would have no clue what to do with them. I will turn on ICQ now Trancer, and if you get into my box then you can have my collection of DVD rips, and heck you can even try to break my file named "Computer" there are 2 of them one with 400bit Blowfish and the other with 400bit Twofish encrytion. I am not trying to say that you are lying or that you are bad, but I have met many people who claim to be hackers and they cant do zilch.

[snakebite1967]

ive sued icq since the mid 90s and tho i heard the guys in telavive (sp) that made this app were hackers , ive nevr had an issue with it ,but saying that im definitly interested in the truth of this

[RooK]

Of course hacker made it... AOL owns it don't they?

[snakebite1967]

AOL purchased it a few years ago but up until then it was owned by a guy in telavive (sp ) whos home site also hosted back door programs this is quite some time ago but i did surf his site a few times , he explained the vulnerabilities of icq and also listed some nasty apps too

[Havok]

yeah icq blows that's been common knowledge it is easily hacked for a long time....happened to my friend....would never use that prog. even if i wasn't gaming...yuch

just go on any p2p network and you will find a proliferation of hacks for this kife program... icq sux

[~NkOgNiTo~]

here is my two cents, most of them are like children the more attention you give them for doing something bad the more they will do because they have problems acquiring praise through an acceptable way. i know ignoring them won't make it go away but i agree that most of them that brag aren't real hackers, anyone who was doing anything worth talking about would be smart enough not to talk about it to protect themselves, Tr4nC3R i am not discrediting you i am merely voicing my opinion, if your intentions are honorable i commend you on your attempts to give us a heads up.

Edited February 5, 2003 by ~NkOgNiTo~

[Tr4nC3R]

This post was aimed at people who use the prog, and unaware of its dangers. For those people who quote the post and ask me to hack their infrastructures. Please stop it. I did not for one minute claim I was a hacker !

To the person above(StiNgeR) who challenges me, carefull. There are many people who read these post and you do not know who might take you up. Remember there is always a way in, irrelevant of what you may have protecting your data. There are some real clever people out there,and then again there are some real lame ones. And I claim to be neither,before you quote me again.

Oh and before I forget, The reward for getting in is not legal on these pages.

WAREZ, is wrong and as for your dvd rips. You can keep em. Any challenge is not worth them. And as for the fact your advertising it. This just goes to show how intelligent you are. Read the rules and regulations of using this site. Its wrong and strictly forbiden.

Tr4nC3R.......

(No hard feelings m8)

PS: This is the last post I will make to this thread. Thx all those that contributed with respect.

Edited February 5, 2003 by Tr4nC3R

[Havok]

i guess the bottom line is to be aware of the security flaws in whichever programs ya use and always make sure you're patched to date...sure we can talk of icq and im progs. but there are many other ways to 'hack' into someone

besides i agree with nkognito...if they are 'hacking' thru icq they are usually script kiddies..just about any [idiot] with a computer can learn to do this

what good is 'hacking' someone's box? how much useful info can ya really get ?

to do it just to cause damage is actually frowned on by true hackers..that is not the purpose.

Go here good site for learning

what vulnerabilities are out there

p.s. Tr4nC3R is correct in that you don't know who read these posts...hmmmmm weren't there a couple g.r. sites 'hacked' including this one ?

Edited February 5, 2003 by =UAL=Havok

[Stinger]

This post was aimed at people who use the prog, and unaware of its dangers. For those people who quote the post and ask me to hack their infrastructures. Please stop it. I did not for one minute claim I was a hacker !

To the person above(StiNgeR) who challenges me, carefull. There are many people who read these post and you do not know who might take you up. Remember there is always a way in, irrelevant of what you may have protecting your data. There are some real clever people out there,and then again there are some real lame ones. And I claim to be neither,before you quote me again.

Oh and before I forget, The reward for getting in is not legal on these pages.

WAREZ, is wrong and as for your dvd rips. You can keep em. Any challenge is not worth them. And as for the fact your advertising it. This just goes to show how intelligent you are. Read the rules and regulations of using this site. Its wrong and strictly forbiden.

Tr4nC3R.......

(No hard feelings m8)

PS: This is the last post I will make to this thread. Thx all those that contributed with respect.

Yeah, challenge whatever. I am not scared nor will I ever lose sleep over hackers. EVERY prgrm has a vulnertability. How about we start a thread for every IM and other internet related prgrm and tell them that there are prblms. My name is Stinger not "StiNgeR." Warez...?

This just goes to show how intelligent you are. Read the rules and regulations of using this site. Its wrong and strictly forbiden.

Umm, no this aint warez. People are stupid and say anything illegal is warez. You are the past hacker man dont pin crap on me.

here is my two cents, most of them are like children the more attention you give them for doing something bad the more they will do because they have problems acquiring praise through an acceptable way.

Right on.

anyone who was doing anything worth talking about would be smart enough not to talk about it to protect themselves,

Yeah.

All said and done, Tr4nC3R IMHO I think you are full of it. That is just my opinion. I could be wrong and I very well maybe. I am not saying you are a liar to all extents and I dont hate you but everybody knows ICQ and other IM services have problems.

[Ruin]

Well, what I've learned form experience is this...

1) mIRC is a definate f you up program. It put a horrible virus on my computer.

2) Gator is spyware. Don't install it. Period.

3) ICQ caused my computer to crash and 'blow up' I've never used the program its self in ages.

No proof other than my own personal bad aquentances.