NASA hacker speaks

NathanE · 6 May 2006 at 19:41

brocksta said:
i take it firewalls were non existant whenever he did it??? surely they must have some way of blocking external IP's.

Im not saying he didnt do it, but it just seems too easy.

Of course firewalls are present but a firewall by itself is just one layer of protection... The firewalls can be bypassed with various forms of tunnelling - or if the security breach is vast enough, by just modifying the firewall rules.

In this case (and assuming he isn't lying about the extent of his hacking activities) I suspect he used an e-mail vulnerability from the days when Outlook Express (and, well, computer software in general) was a lump of swiss cheese. The exploit then 'dropped' a SSH tunneling client to tunnel back to a server of his choice. He then connects using SSH via that relay to the exploited system. Then progress continues from that point on... e.g. installing a VNC client as he did, scanning other computers on the network(s) for weak passwords and vulnerabilities using his Perl script (or any of the common readily available tools such as Nessus).

punky_munky · 6 May 2006 at 19:47

NathanE said:
Of course firewalls are present but a firewall by itself is just one layer of protection... The firewalls can be bypassed with various forms of tunnelling - or if the security breach is vast enough, by just modifying the firewall rules.

In this case (and assuming he isn't lying about the extent of his hacking activities) I suspect he used an e-mail vulnerability from the days when Outlook Express (and, well, computer software in general) was a lump of swiss cheese. The exploit then 'dropped' a SSH tunneling client to tunnel back to a server of his choice. He then connects using SSH via that relay to the exploited system. Then progress continues from that point on... e.g. installing a VNC client as he did, scanning other computers on the network(s) for weak passwords and vulnerabilities using his Perl script (or any of the common readily available tools such as Nessus).

Yeah, but that still doesn't explain why he didn't VNC invisibly.

NathanE · 6 May 2006 at 19:55

punky_munky said:
Yeah, but that still doesn't explain why he didn't VNC invisibly.

Because he wasn't able to?

If you want to remote desktop/VNC "invisibly" it means (from a technical standpoint) creating a new/seperate user session from the one that is logged-on. This may not have been possible because he may not have known any passwords or usernames on that particular computer or domain to do so.

The logged-on user also may not have had sufficient permissions to allow him to create his own account to perform his VNC activities in. Or if it did, the account was worthless because it didn't also exist on the domain controller or other computers rendering it relatively useless for remote vulnerability testing.

punky_munky · 6 May 2006 at 19:59

NathanE said:
Because he wasn't able to?

If you want to remote desktop/VNC "invisibly" it means (from a technical standpoint) creating a new/seperate user session from the one that is logged-on. This may not have been possible because he may not have known any passwords or usernames on that particular computer or domain to do so.

The logged-on user also may not have had sufficient permissions to allow him to create his own account to perform his VNC activities in. Or if it did, the account was worthless because it didn't also exist on the domain controller or other computers rendering it relatively useless for remote vulnerability testing.

I seem to remember him saying he admin privileges but still, who knows what systems they were using.

NathanE · 6 May 2006 at 20:03

punky_munky said:
who knows what systems they were using.

Exactly. I know of loads of Host IDS systems that will actively monitor the active user sessions for the PC and if goes above 1 alerts the admin. Perhaps he spotted the IDS and played it on the safe side to avoid early detection.

A5H · 6 May 2006 at 20:47

Morlan said:
I wonder what your comment would have been if you'de watched http://video.google.com/videoplay?docid=-1166743665260900218&q=disclosure

Same thing...

They wouldn't photoshop images. It's ridiculous...
They'd just take more, without whatever there...

(I believe the military to have alien technology by the way. I just think this is daft...)

Morlan · 7 May 2006 at 02:20

Do you think the Disclosure Project is a complete fake?

Meridian · 7 May 2006 at 08:46

squiffy said:
They called Galileo insane too.

No, actually they called him a heretic, which technically he was. He was accused of being wrong, but never accused of being insane.

M

slap ed · 7 May 2006 at 09:24

he was on the morning news this morning on the bbc sounded pretty convincing to me
but then again i still believe elvis is still alive ! :eek:

SexyGreyFox · 7 May 2006 at 11:21

Morlan said:
Do you think the Disclosure Project is a complete fake?

I believe there is 'alien' technology but I don't think its dropped out of the sky.
There was a brilliant documentary on CH4 a few months ago called 'The Real Alien Technology' or something similar and it showed stuff that the Nazi's were working on. It told the story of the first time the Russians saw a Blackbird. Because there was so much UFO sightings their government decided to get all 700,000 soldiers out onto ground looking up at the sky all at once. It was during this time that a UFO/B2 was seen and then tracked by 1000's of soldiers.

TehFaec · 7 May 2006 at 11:26

Everything he says seems quite reasonable to me, at least he's not convinced reptillians from another dimension are ruling the planet...although some recent photos of the queen do look suspiciously cold blooded

Also Steven Greer's lectures are very interesting, anyone who doesnt check this stuff out before blarting an "opinion" needs a good hard fisting.

Check out the Billy Meier stuff too (Beamship Chronicles).

WD

SexyGreyFox · 7 May 2006 at 11:33

TehFaec said:
anyone who doesnt check this stuff out before blarting an "opinion" needs a good hard fisting.

Wheres Sic?
You have a challenger for your title.

IronFire · 7 May 2006 at 13:04

I posted this in the SC thread but I thought I would tak it on here as it seems to be the more popular thread :

I saw Gary speak at InfoSec 2006 on the "Hackers Panel" and IMO hes an idiot. He made not one single good point and was completely out classed by every other panellist in his response to questions.

He’s a chancer, and now he’s trying to get his ass out of trouble by claiming all sorts of crack pot theories. (Good idea really, one way to argue your not a terrorist these days).

How seriously can you take some one who got caught because they left their details with the company they bought their hacking software from.

You think this would be in the news if he actually did have information about amazing new technologies? He would be vanished along with other "terrorists" by the CIA and that would be that.

Malkie · 10 May 2006 at 12:34

loses his US extradition battle.

http://www.timesonline.co.uk/article/0,,200-2174108,00.html

Sic · 10 May 2006 at 13:01

dmpoole said:
Wheres Sic?
You have a challenger for your title.

that guy looks like an advert sign-up for the Disclosure Project!

to be honest, if i were in that guy's position and i had hacked NASA, i'd be trying to make myself out to be a bit of an idiot so i didnt get the full sentence.

squiffy · 10 May 2006 at 13:12

Malkie said:
loses his US extradition battle.

http://www.timesonline.co.uk/article/0,,200-2174108,00.html

Disgusting. If it were the other way round would they allow an American citizen to be extredited to the UK? Not a chance. :mad:

punky_munky · 10 May 2006 at 13:22

squiffy said:
Disgusting. If it were the other way round would they allow an American citizen to be extredited to the UK? Not a chance.

I would have agreed with you before but after reading this...

The district judge reserved the decision until today following a hearing last month that was told McKinnon intended to gain access to the US military's classified information network. He was alleged to have deleted system files and logs from computers at the naval weapon station Earle at a critical time following the September 11 attacks, rendering the base’s entire network of more than 300 computers inoperable.

That's pretty serious.

Radiation · 10 May 2006 at 13:30

Where's the proof he deleted files and logs?

I think there's a lot of bs from both sides but whatever the truth i don't think he deserves 70 years and as he did the crime in the uk he should be allowed to be sentenced here because what really will the difference be except the possibility of something worse happening over there? :rolleyes:

Phantom · 10 May 2006 at 13:43

GM: Yes, I'd always be juggling different time zones. Doing it at night time there's hopefully not many people around. But there was one occasion when a network engineer saw me and actually questioned me and we actually talked to each other via WordPad, which was very, very strange.

talking to each other via wordpad. that is so cool, but i personally wouldnt have the time.
thinking about it rather than them sitting at the same terminal next to each other, i'm assuming me meant the network engineer used something like winVNC to "spy" on him. if he's that good a "hacker", why didnt he just close the client installed on his machine so his local network sys admin couldnt find out what he was up to. n00b.

Runbalk · 11 May 2006 at 17:57

Phantom said:
talking to each other via wordpad. that is so cool, but i personally wouldnt have the time.
thinking about it rather than them sitting at the same terminal next to each other, i'm assuming me meant the network engineer used something like winVNC to "spy" on him. if he's that good a "hacker", why didnt he just close the client installed on his machine so his local network sys admin couldnt find out what he was up to. n00b.

Hrrm? GM is saying that while he had remote control over one of their (US military or whatever) computers, the engineer was probably walking past and saw the computer's cursor or whatever moving by itself and figured it was being controlled remotely. I'm not an IT expert and don't know what winVNC is - but the network engineer wouldn't need that to see what GM was doing - all he had to do was look at the screen of the computer being controlled. Simple as that. Hence the engineer opened up wordpad and started typing - knowing GM would see it from his computer.

I guess GM replied to make it seem unsuspicious to the engineer.

Also, he doesn't claim to be a good hacker (he's saying he got in through unlocked doors) but the US does by claiming he's committed "the biggest military hack of all time". Personally I think that GM is being sincere (if he isn't then that would be creepy - like Edward Norton in Primal Fear type creepy). Plus if what IronFire said is anything to go by, that would be consistent with GM being the "bumbling hacker" he says he is - and not the uber hacker the US claims.