Author Topic: Dickless Windows people (Read 1269 times)

Kintaro · « **on:** 6 December 2002, 04:52 »

http://uptime.wonko.com/account.php?op=details&hid=1503
Thats a dickless Windows person there...
Claiming there 4 year old os has had 13 years of uptime.

Stryker · « **Reply #1 on:** 6 December 2002, 05:06 »

quote:
Originally posted by X11 / BOB: l33t h4x0r:
Dickless Windows people

I agree with the rest, but how did you verify this?

lazygamer · « **Reply #2 on:** 6 December 2002, 05:29 »

Ok I admit, a person must be pretty dumb to do that. However, I looked the FAQ, and it is possible that it is a bug, rather then the guy being an idiot.

Kintaro · « **Reply #3 on:** 6 December 2002, 05:48 »

Take a look at how simple the protocol is.

Kintaro · « **Reply #4 on:** 6 December 2002, 13:47 »

Have a look at what this command does:

Code: [Select]

(Thought of all that myself)

Then i made a thing and did it...
http://uptimes.wonko.com/account.php?op=details&hid=2839

Its that easy...

[ December 06, 2002: Message edited by: X11 / BOB: 3xtr4 skr1pty ]

Calum · « **Reply #5 on:** 6 December 2002, 14:00 »

their thing is pretty shoddy if it allows people to spoof it that easily, i think.

voidmain · « **Reply #6 on:** 6 December 2002, 14:37 »

quote:
Originally posted by X11 / BOB: 3xtr4 skr1pty:
(Thought of all that myself)

Then i made a thing and did it...
http://uptimes.wonko.com/account.php?op=details&hid=2839

Its that easy...

That's pretty funny, you were at the top of the list. But if you showed even the bogus hosts you only came in second behind a Windows box. Which begs the question "If yer gonna cheat, why not beat out the Windows cheater?"

On a side note, if you can spoof the uptime on Netcraft let me know how you did it. It's the only thing I have left to spoof. I have both the OS and the Web Server spoofed, now just need uptime. I know what needs to be done to do it but I have some more learnin' to do. I thought I was pretty damn good when it came to understanding TCP, UDP and IP but this shit is making my head hurt.

I played with the ippersonality for a couple of hours tonight trying to get the signature of the Cray Supercomputer to come across my nmap scan and haven't been able to figure everything out yet. I have some of it figured out as I have been able to make a couple of the tests emulate the Cray (or UNICOS 10.0.0 on a Cray 90 to be more specific).

I'm still undecided on whether ippersonality can be used to fix the uptime. If it can't I am nearly certain that the TCP/IP stack in the kernel source could be hacked, maybe even easily, to start the uptime out at a high level upon boot. Maybe that's what I should be working on next as it might be easier.

Kintaro · « **Reply #7 on:** 6 December 2002, 14:47 »

Screwing with the TCP/IP stack could make it so nmap doesnt know who the hell you are...

voidmain · « **Reply #8 on:** 6 December 2002, 14:50 »

quote:
Originally posted by X11 / BOB: 3xtr4 skr1pty:
Screwing with the TCP/IP stack could make it so nmap doesnt know who the hell you are...

Oh nmap didn't know who the hell I was most of the night while trying to get it to think I was a Cray.

But you gotta screw with the TCP/IP stack if you want to masquerade as another OS. You have to emulate the other OSs TCP/IP signatures. That's how Netcraft thinks I am running Solaris 8, I screwed with my TCP/IP stack.

Kintaro · « **Reply #9 on:** 6 December 2002, 14:55 »

Look what i did now:
http://uptimes.wonko.com/account.php?op=details&hid=2839

voidmain · « **Reply #10 on:** 6 December 2002, 14:58 »

I didn't realize the 2.4.19 kernel had been out for 31.9 years now. And that's one hell of a load average you are running there. You must have also had some hung processes for 31.9 years. Now that's one lazy admin!

Calum · « **Reply #11 on:** 6 December 2002, 14:59 »

might i ask, by the way, why it's worth all this effort? is it just for the challenge and the thrill?

voidmain · « **Reply #12 on:** 6 December 2002, 15:05 »

quote:
Originally posted by Calum:
might i ask, by the way, why it's worth all this effort? is it just for the challenge and the thrill?

For me the reasons are several. Firstly you learn a lot when you do things like this. Secondly it is a good idea to do things like this as part of a computer security plan (broadcasting how you do it on a public forum is *not* part of a good security plan). Why do you think the NSA's web server OS appears to constantly change? I would not be one bit surprised if they are running SELinux with the ippersonality patches. Thirdly chicks dig guys who know their TCP/IP stack.

[ December 06, 2002: Message edited by: void main ]

Kintaro · « **Reply #13 on:** 6 December 2002, 15:35 »

quote:
Originally posted by Calum:
might i ask, by the way, why it's worth all this effort? is it just for the challenge and the thrill?

THat would be it... Theres nothing I love more then a challenge (or thrill)..

Off topic Good News:
I *should* be getting a External Modem soon, so i can put it on my other box so i have a Linux (as a pose to Windows 2k) gateway.

Kintaro · « **Reply #14 on:** 6 December 2002, 16:29 »

quote:
Originally posted by void main:
I didn't realize the 2.4.19 kernel had been out for 31.9 years now. And that's one hell of a load average you are running there. You must have also had some hung processes for 31.9 years. Now that's one lazy admin!

Yes im a lazy admin.

My excuse when the Uptime admins get to my email will be "I have built a time machine"

And have a look at my Uptime, its load average is pretty fullup to, because of running setiathome and all.

Void: You should add yourself to the uptimes thing.