Stop Microsoft
Miscellaneous => The Lounge => Topic started by: Kintaro on 6 December 2002, 04:52
-
http://uptime.wonko.com/account.php?op=details&hid=1503 (http://uptime.wonko.com/account.php?op=details&hid=1503)
Thats a dickless Windows person there...
Claiming there 4 year old os has had 13 years of uptime.
-
quote:
Originally posted by X11 / BOB: l33t h4x0r:
Dickless Windows people
I agree with the rest, but how did you verify this?
-
Ok I admit, a person must be pretty dumb to do that. However, I looked the FAQ, and it is possible that it is a bug, rather then the guy being an idiot.
-
Take a look at how simple the protocol is.
-
Have a look at what this command does:
Then i made a thing and did it...
http://uptimes.wonko.com/account.php?op=details&hid=2839 (http://uptimes.wonko.com/account.php?op=details&hid=2839)
Its that easy...
[ December 06, 2002: Message edited by: X11 / BOB: 3xtr4 skr1pty ]
-
their thing is pretty shoddy if it allows people to spoof it that easily, i think.
-
quote:
Originally posted by X11 / BOB: 3xtr4 skr1pty:
(Thought of all that myself)
Then i made a thing and did it...
http://uptimes.wonko.com/account.php?op=details&hid=2839 (http://uptimes.wonko.com/account.php?op=details&hid=2839)
Its that easy...
That's pretty funny, you were at the top of the list. But if you showed even the bogus hosts you only came in second behind a Windows box. Which begs the question "If yer gonna cheat, why not beat out the Windows cheater?"
On a side note, if you can spoof the uptime on Netcraft let me know how you did it. It's the only thing I have left to spoof. I have both the OS and the Web Server spoofed, now just need uptime. I know what needs to be done to do it but I have some more learnin' to do. I thought I was pretty damn good when it came to understanding TCP, UDP and IP but this shit is making my head hurt.
I played with the ippersonality for a couple of hours tonight trying to get the signature of the Cray Supercomputer to come across my nmap scan and haven't been able to figure everything out yet. I have some of it figured out as I have been able to make a couple of the tests emulate the Cray (or UNICOS 10.0.0 on a Cray 90 to be more specific).
I'm still undecided on whether ippersonality can be used to fix the uptime. If it can't I am nearly certain that the TCP/IP stack in the kernel source could be hacked, maybe even easily, to start the uptime out at a high level upon boot. Maybe that's what I should be working on next as it might be easier.
-
Screwing with the TCP/IP stack could make it so nmap doesnt know who the hell you are...
-
quote:
Originally posted by X11 / BOB: 3xtr4 skr1pty:
Screwing with the TCP/IP stack could make it so nmap doesnt know who the hell you are...
Oh nmap didn't know who the hell I was most of the night while trying to get it to think I was a Cray. (http://smile.gif) But you gotta screw with the TCP/IP stack if you want to masquerade as another OS. You have to emulate the other OSs TCP/IP signatures. That's how Netcraft thinks I am running Solaris 8, I screwed with my TCP/IP stack.
-
Look what i did now:
http://uptimes.wonko.com/account.php?op=details&hid=2839 (http://uptimes.wonko.com/account.php?op=details&hid=2839)
-
I didn't realize the 2.4.19 kernel had been out for 31.9 years now. And that's one hell of a load average you are running there. You must have also had some hung processes for 31.9 years. Now that's one lazy admin!
-
might i ask, by the way, why it's worth all this effort? is it just for the challenge and the thrill?
-
quote:
Originally posted by Calum:
might i ask, by the way, why it's worth all this effort? is it just for the challenge and the thrill?
For me the reasons are several. Firstly you learn a lot when you do things like this. Secondly it is a good idea to do things like this as part of a computer security plan (broadcasting how you do it on a public forum is *not* part of a good security plan). Why do you think the NSA's web server OS appears to constantly change? I would not be one bit surprised if they are running SELinux with the ippersonality patches. Thirdly chicks dig guys who know their TCP/IP stack.
[ December 06, 2002: Message edited by: void main ]
-
quote:
Originally posted by Calum:
might i ask, by the way, why it's worth all this effort? is it just for the challenge and the thrill?
THat would be it... Theres nothing I love more then a challenge (or thrill)..
Off topic Good News:
I *should* be getting a External Modem soon, so i can put it on my other box so i have a Linux (as a pose to Windows 2k) gateway.
-
quote:
Originally posted by void main:
I didn't realize the 2.4.19 kernel had been out for 31.9 years now. And that's one hell of a load average you are running there. You must have also had some hung processes for 31.9 years. Now that's one lazy admin!
Yes im a lazy admin.
My excuse when the Uptime admins get to my email will be "I have built a time machine"
And have a look at my Uptime, its load average is pretty fullup to, because of running setiathome and all.
Void: You should add yourself to the uptimes thing.
-
Nuts they deleted my account.
Oh well they did the Windows one as well...
-
I only spoofed my OS:
http://uptimes.wonko.com/account.php?op=details&hid=2510 (http://uptimes.wonko.com/account.php?op=details&hid=2510)
LOL. They didn't say anything about it changing from Linux to Windows w/0 rebooting.
BTW: It's about time they started to delete bogus records. Before they would just leave them there.
-
The problem with that site is that your machine "tells" their server what it's running and how long it's been up. That's too easy to fake. It's a little harder to spoof Netcraft because they come to your door and look around and determine on their own based on their observations what you are running and how long you've been up.
But that's ok, I was able to repaint my house and then run some aging techniques on it to make it look older. Now Netcraft thinks I live in a business park and soon they will think I've been in business for around a year. (http://smile.gif) C'mon guys, go for something more challenging!
[ December 06, 2002: Message edited by: void main ]