What is Digg?95 Comments
- rafgar, on 10/12/2007, -0/+3No digg on 2 counts. First, Real Player does not, to my knowledge, run on Linux. Even if it did, there's no way I'd install it. Second, exploiting security holes is not hacking. That's called cracking. People really should learn the difference.
- tazamore, on 10/12/2007, -0/+2Summary:
First several minutes: Hackers are bad. Companies need to be aware that hackers are bad.
The hacking:
Windows command prompt: ipconfig (gets basic network info)
Runs SuperScan for Windows to find other IPs on the network
Runs a SuperScan Windows port scan on target IP.
Runs dcomexploit.exe againts the target machine. (Mentions that this won't work with a patched system) ... gets a command prompt on the target machine.
At command prompt on target machine:
Runs net stop "Symantec Antivirus Client"
Shares a "hack" folder to transfer files between machines
Runs pwdump to capture passwords
Steals secrets.pcf file from Cisco VPN client directory.
Runs Cain & Abel to crack captured passwords
Installs and runs SubSeven trojan console.
...and so on... - saether, on 10/12/2007, -0/+2hmm here it is with line breaks so it'll fit!
rtsp://a0010.r.akareal.net/ondemand/7/0010/669/v001/pointmkt.download.akamai.com/
669/fiberlink/FIBE002/FIBE002sc_v3.rm?contact_id=420&rowid=-1&staging=0 - ardnut, on 10/12/2007, -0/+2No realplayer for linux?, err....
http://www.real.com/linux?pcode=rn&opage=freeplayer_partner&src=freeplayer_partner - dggeek, on 10/12/2007, -0/+1Oh, and link to actual site with video is:
http://www.demosondemand.com/clients/fiberlink/002/page/index_new.asp# - dggeek, on 10/12/2007, -0/+11. The site that's down is not the site with the video. It's the site that links to the video. As with at least 50% of digg stories, it's at least 2 clicks to get to the real story.
2. The video site is a corporate site trying to push their firewall/antivirus/patch services in order to make your machines more secure.
3. The guy uses a few hack programs to find a vulnerable machine on the network, disable the Symantec Antivirus, export and brute force the user passwords, and upload a trojan that lets him control the machine. He does this to a Windows 2000 SP4 machine that is not properly patched and does not have a firewall.
Not exactly superhacking, but it definitely highlights a dangerous threat if you have a vulnerable machine on a shared network (public wireless, etc). It was interesting for me because I've never seen a step-by-step for exploiting a machine.
I'll digg it. - cawpin, on 10/12/2007, -0/+1@ rafgar - If exploiting security holes isn't hacking then hacking doesn't exist. That's all hacking is, exploitation of SOME vulnerability be it human or machine.
- puzzlepants, on 10/12/2007, -0/+1This kind of attack is really simple to do. If you've never seen something like this before, perhaps you should go to www.irongeek.com and look at any number of videos that are there. They show far more advanced hacks than this, and they are actually useful and up-to-date unlike this video.
- jus10case, on 10/12/2007, -0/+1hacking video, hacked down? :)
- pcuser, on 10/12/2007, -0/+1Here is a direct link to the video:
http://www.demosondemand.com/TrainingApp/player/index.asp?sessID=1142&cid=&companyID=884&promotion_id=884
The bottom line of the lengthy video and article: make sure users have a decent firewall (like ZoneAlarm) on their laptops. - SirGrant, on 10/12/2007, -0/+1You guys should get real-alternative
http://www.free-codecs.com/download/Real_Alternative.htm - koncling, on 04/21/2008, -0/+1I find more complete hacking video and i know it's new ones
http://free-soft-book.blogspot.com/2008/04/thats-w ... - redrover12345, on 10/12/2007, -0/+1This is not hacking!!. How can people say this is friggin awesome?
I just realized this site is populated by a bunch of adolescents. - EyeDye, on 10/12/2007, -0/+1The do this on Hak.5 all the time.
http://www.hak5.org - rafgar, on 10/12/2007, -0/+1I just got it to play in Totem under Linux. Still no digg though. It's a crack, not a hack.
- LiThiuMElectro, on 10/12/2007, -0/+0"you ever actually SEEN someone do it?"
no but i just saw the digg effect do it ^^ - clos, on 10/12/2007, -0/+0movie not available???......
- Wi1d, on 10/12/2007, -0/+0Blah. No digg. Anyone can break into a machine that hasn't been patched. Very lame sales pitch for several reasons I don't care to go into but I'm sure a few companies will buy into it. Maybe I'll use msf on an unpatched machine to land me a few security jobs.
- inactive, on 10/12/2007, -0/+0The website demands Internet Explorer and Real Player. Are they deliberately trying to exploit potential viewers? They are supposed to be a "security" company. If this is their idea of security, they'll be out of business soon!
- slack0re, on 10/12/2007, -0/+0no digg. Maybe if they did some social engineering to get the laptop.
- Punisher2K, on 10/12/2007, -0/+0This is Cracking not Hacking
Learn the difference noob - lukychmz, on 10/12/2007, -0/+0real player is junk
- electronicmaji, on 10/12/2007, -0/+0download superscan here http://www.foundstone.com/resources/proddesc/superscan4.htm
- Nocturnal, on 10/12/2007, -0/+0Site is dead. Can someone post a direct link to the download?
- rafgar, on 10/12/2007, -0/+0Ok, stupid me.
Here's the stream - jdong, on 10/12/2007, -0/+0I'll agree with everyone that the Real _PLAYER_ sucks, but even as a Real hater, I still have to give them credit for the RealVideo codec, which has surprisingly excellent quality at low bitrates, often surpassing DivX/Xvid.
- carbonr, on 10/12/2007, -0/+0its kewl i wish i cud do it like tht
- jacobrich, on 10/12/2007, -0/+0I hate real player.
- usoldiervet, on 10/12/2007, -0/+0I think you guys missed the point of the video. My take was that it's a means to show a very simple hack that anybody could do and then talk about how to prevent it. To me, the goal was to discuss how machines need to be protected from these hacks that anyone can do, not to dazzle you with a cutting-edge hack. At one point, I think the presenter even says that a monkey can do this hack.
Of course, the goal might have been to create rudimentary and redundant discussions on why RealPlayer sucks and the difference between Cracking and Hacking. If so, it was a success! - inactive, on 10/12/2007, -0/+0Big deal. The machine was set up specifically for him to hack into. No firewall plus the absence of a specific patch allowing him to exploit an old buffer overflow vulnerability. Show me a guy hacking into a patched, firewalled system with hard drive encryption and I'll digg.
- Mocib, on 10/12/2007, -0/+0Thank you saether!
Downloading the video now to my HDD with NetTransport. Size is over 60MB. - elev8, on 10/12/2007, -0/+0Pfft, I do this all the time when I wardrive. All of the tools are found of the Auditor security Linux Live CD.
This isn't really hacking, it's just using some lame script-kiddie tools. The people that wrote those programs are the real hackers. - Bigcat151, on 10/12/2007, -0/+0After watching the video all I have to say is....
**Sean Connery Voice***
"I'll have 'go tit' for 1,000 Alex" - femoric, on 10/12/2007, -0/+0are there any useful discussions on this site
- vonskippy, on 10/12/2007, -0/+0Wow, hacking into a machine you can physically touch - BFD - it's called sysadmin not hacking.
Do something thru the network and a couple of firewalls - then I'd be (slightly) impressed. - stisev, on 10/12/2007, -0/+0does anyone have a mirror?????
- tidejwe, on 10/12/2007, -0/+0Some hacker...what professional would use real-player? The video is really boring for a long time...
- saether, on 10/12/2007, -0/+0well.. the video by itself is here:
rtsp://a0010.r.akareal.net/ondemand/7/0010/669/v001/pointmkt.download.akamai.com/669/fiberlink/FIBE002/FIBE002sc_v3.rm - foetal, on 10/12/2007, -0/+0Real Player? no digg
- ExtremeSkier444, on 10/12/2007, -0/+0i did you not. real player boo
- Bigcat151, on 10/12/2007, -0/+0try sorting the comments to +2 and you should find a link to Real Player Alternative and the actual video stream.
- inactive, on 10/12/2007, -0/+0I vote for mplayer and lots of codec packs (preferably vlc or xine but whatever)
- flake, on 10/12/2007, -0/+0The funniest thing to me was that the target machine had the guest account enabled. AFAIK, that account is disabled by default on all versions of windows. I guess he still could have gotten in, but wouldn't have had the immediate advantage of a mapped drive like he did.
- samadon, on 03/12/2008, -0/+0can any body tell where I can get a download link
- spartakus12, on 01/24/2008, -0/+0thankx dear
- hankosky, on 10/12/2007, -0/+0real player is about as usefull as aol.
- DWatch, on 10/12/2007, -0/+0Next up on digg front page: "how to 'hack' a pc using a boot disk".
I really wish people would investigate stories before digging them. Read thru the list of those who dugg it, its like a who's who of idiots. - nasalexport, on 10/12/2007, -0/+0site pwn3d, not the machine
- kherrick, on 10/12/2007, -0/+0Well, I vote for RealPlayer. Works well, supported on most OSes.
- christos4444, on 11/21/2007, -0/+0THANK
-
Show 51 - 94 of 94 discussions
Browsing Digg on your phone just got easier with our enhancements to the 
© Digg Inc. 2009
— Content created and posted by Digg users is