I think we should forbid Authackers. Autohackers destroys everything. Mass exploiting is no way.
Many good People who releases their exploits public (like Johnny Cyberpunk ,THC) , don't do that further because the Massexploiting.
I have one please to the Admins and Mods, that you please forbid Autohackes on the Goverment-Security
THX and greetz to everybody who support me !
and Gov-Sec RULEZ !!
UnDeRTaKeR
May 17 2004, 04:42 PM
Yeah he's right!
Alex Trust
May 17 2004, 05:12 PM
i think you made a point there, but someone with even a very little amount of programming knowlege can make one himself
though i think it's better to forbid them
nebojsa
May 17 2004, 05:50 PM
yeah right ! i agree
Paul
May 17 2004, 05:53 PM
If you cant make one yourself, you shouldnt botter hacking.
KuerbY
May 17 2004, 05:55 PM
Yes i agree, have made many autohackers but not for me, only for knowledge! But its a real point, autohackers are destroying every exploit. BUT worms are the real crap which are destroying everything.
greetz KuerbY
AgentOrange
May 17 2004, 06:13 PM
I agree fully. Auto-hackers are just for the kidz. Any real programmer can knock one out in a few minuets. I know I can knock one that works out in about 2-3 minuets in perl.
Anyone posting a auto-hacker should be warned. All auto-hackers currently on the boards should be removed.
I like looking at worm source code, I don't want this to be baned at GSO.
Peace out
setthesun
May 17 2004, 06:16 PM
So we can write our very private autohackers and don't share it with kiddies so we can hack whole world
I think this is a bad idea, every kind of source code is good but also I don't like any compiled code (this is really bad).
FiNaLBeTa
May 17 2004, 06:26 PM
This must be a joke. autohackers don't do anything. So ok, they hack faster, the onely thing that kills fast are virusses. Stop them first, and then come back.
// don't let this post give you the impression that i use autohackers, i simply don't.
strasharo
May 17 2004, 06:39 PM
QUOTE (Paul @ May 17 2004, 05:53 PM)
If you cant make one yourself, you shouldnt botter hacking.
True indeed.
chris105
May 17 2004, 07:31 PM
QUOTE (Paul @ May 17 2004, 05:53 PM)
If you cant make one yourself, you shouldnt botter hacking.
If you type like this you shouldn't bother typing.
No but on a serious note here, why not have a section dedicated to them but just help on them not giving out completed ones. It stops script kiddies because they have to build their own while not banning them completely for those responsible enough to use them. Just a thought
jead99
May 17 2004, 07:54 PM
I agree, ban autohackers and compiled exploits. If ppl don't know how to do this they're on the wrong board
CloudyOne
May 17 2004, 08:01 PM
If anything, write tutorials, so the script kiddies will actually learn something for a change.
I dont like autohackers due to the lack of thought required, as well as the possibility for the person who made the "autohacker" to have inserted some "other" code as well.
tweakz20
May 17 2004, 09:18 PM
Yeah, sorry, I agree also... My grandmother could use an autohacker. All they do is make the easy way even easier. Ban might be a little far though... it's all up to the admins
tibbar
May 18 2004, 12:00 AM
why not ban autohaxors and compiled exploits...i always compile myself simply as a precaution...
i mean seriously, if u cant compile a simple c prog, should u really be exploiting ppl (and chances are that if u cant compile and write simple batch autohaxor file, then u wont know wtf a proxy is...and u looking at needing a "soap-on-a-rope").
so please G-Secur et al, tighten up the forum and keep out the scummy skiddies.
oYost
May 18 2004, 05:44 AM
Hehe, it's the revolution And i'll agree with u when u ll stop making spreading bots (or virus) whiches are boring a lot of poor peoples
U should thing about this when ure writing it, only hack specific PC.
Thx
nolimit
May 18 2004, 06:11 AM
I'm torn because while a batch file is certainly a noobish form of code, C programs such as Khat and other complex programs, that feature autohacking methods are in my opinion intresting programs that have code which would be benificial to the knowledge base here.
Simple batch programs written simply for the purpose of 'r00ting pubs0rs' should be deleted, if you want this site to be truely about security and development, then thier is no place for that sort of code which was so obviously constructed for only illegal activities.We are a security site, not a FXP site, right?
As others have said before, these batch scripts allow people to exploit ranges of computers, If these people seriously couldn't construct this batch loop, they have no entitlement to use the exploit. If we are to use the exploit to test our own machines for the vulnerabilities, then it's a given we should understand a simple FOR loop. Anybody who needs these batch files are quite obviously only intresting in contributing to illegal groups.
CloudyOne
May 18 2004, 07:21 AM
Well along with mass exploitation, comes along the push for responsibility on the programmers part of the programs/sites being exploited. A small exploit here and there is not going to get the programmers to pull their heads up and secure their code. But, although i dont support it, it does seem to grab their attention and awareness of the security or flaw in their code.
So although i do not like, nor do i support autohackers, they do occasionally cause some "good".
tonikgin
May 18 2004, 07:39 AM
QUOTE (Alex Trust @ May 17 2004, 05:12 PM)
i think you made a point there, but someone with even a very little amount of programming knowlege can make one himself
though i think it's better to forbid them
QUOTE
but someone with even a very little amount of programming knowlege can make one himself
the people under that are the ones we need to be worried about
DaClueless
May 18 2004, 07:42 AM
QUOTE (tibbar @ May 18 2004, 12:00 AM)
why not ban autohaxors and compiled exploits...i always compile myself simply as a precaution...
i mean seriously, if u cant compile a simple c prog, should u really be exploiting ppl (and chances are that if u cant compile and write simple batch autohaxor file, then u wont know wtf a proxy is...and u looking at needing a "soap-on-a-rope").
so please G-Secur et al, tighten up the forum and keep out the scummy skiddies.
I agree autohaxor shouldnt be posted:
I feel auto-haxor stuff is over the line of security and more in line "for hackers only". I feel and hope GovernmentSecurity is more into security then hacking, so we should not allow them.
Killaloop
May 18 2004, 07:57 AM
I also agree this is a security board and autohackers have 168 replys where security related questions don't even have that amount of views!! we should get rid of them for the quality of this board. by looking into the download section its nearly impossible to find something useful because of all this autohackers
Stephen79
May 18 2004, 08:09 AM
I have posted an autohacker here, it was the 1st one I had created, and will be the last that I post here or anywhere.
I created it to see how simple it is..... and yes, nothing is easier tbh. I posted it as I wanted others to test it remotely after I tested it on a LAN.
Anyway, I dont think they do a great deal of harm, they do attract the wrong sort of people though, and kind of hide the better posts
What I am saying is, I really dont mind either way.
On the compiling code issue, I like the fact that ready compiled source is posted here.
Stephen79
May 18 2004, 08:13 AM
Another idea may be to look through these autohacker threads, and simply demote the scum that post stuff like:
"...this aut0haxor owns, but my service wont start on the hack"
pr0t0type
May 18 2004, 08:13 AM
Yea I agree. It's not like they're hard to make and it does seem to attract the people looking for an eay option rather than wanting to put the work in themselves...
nuorder
May 18 2004, 12:05 PM
no more autohackers
Psychotec
May 18 2004, 02:57 PM
yap, i agree with this one too
and indeed making an autohacker is very easy
nowhere
May 18 2004, 03:17 PM
yeah, my words what i say the last weeks!
nice post, no autohaxxor, no noobs and no lame requests like cant compile etc.
and no compiled exploit, if someone cant fixed a sploit, it was better he change his hobby and is better he goes out and met friends, so he ve more time in his life!
COM
May 18 2004, 08:42 PM
The World is Fouck all are a shit
Shit automassivehaxxors with incomplet exploits
jetprice
May 18 2004, 08:58 PM
I totally agree on getting autohackers of the board. First of all writing an autohacker in .bat is a kidsjob and anyone can do it, if you can't well ... sorry but then this place is not the place for you. Secondly, alot of FXP "hackers" aka kiddies get the autohackers from boards like these, there has been proof of that already and everyone knows.
I think this is a security-board and autohackers only increase the INsecurity of the global internet.
I don't have anything to add, except for the kiddies, please do not reply to my reply ... I will not read it anyway, I am NOT interessted in "Man, you can nag blablabla sh!t and f.ck and njenje!".
Greets,
Jetprice.
Yorn
May 18 2004, 09:44 PM
The guys that write "autohackers" end up getting so many stupid requests for help that they end up not writing them anymore. I don't think it should be a bannable offense. In fact, I tend to think very very little should be a bannable offense. People make mistakes and learn on their own, not without us having to tell them.
But I agree, there's no reason to release an autohacker if you can just code your own.
crash3rzz
May 18 2004, 11:43 PM
no opinion <<-- no hacks, no autohacks just w/e its simply w3ird idea to me
DaClueless
May 18 2004, 11:48 PM
QUOTE (Yorn @ May 18 2004, 09:44 PM)
I don't think it should be a bannable offense. In fact, I tend to think very very little should be a bannable offense.
I dont think anyone here, is saying BAN people from board if they post them. I am thinking people are asking we should BAN having people post them. If someone post one, I feel the ADMIN edits the post, to something like this:
Editted by ADMIN: Please do not post Auto-hackers on GovernmentSecurity.org
Thank you, ADMIN
toska
May 19 2004, 12:23 AM
blah?
archphase
May 19 2004, 02:24 AM
let me get it correct, `auto-hackers` make it inconvient for you due to the fact that they catch the prey before you have it. I think about 90% of people posting in this thread against it fall into that crowd.
Its a good place to publish software here, don't destroy that by making stupid rules.
krackatoa
May 19 2004, 03:31 AM
The lazy admins that don't patch are to blame for the success of autohackers and worms.
It' not like the vulnerabilities aren't already known. Those that aren't public don't make it to the "auto haxors" bunch.
I can understand the non techie home users, getting zapped on their DSL and cable modem connections because they don't know any better. If they're going to get online, they need to learn, even if it's the hard way.
If people don't get autohackers here, they'll get it from someplace else. I personally want to see the various batch files. Gives me ideas on how to screen stuff on IDS, and what to look for I come across hacked systems.
dissolutions
May 19 2004, 03:33 AM
QUOTE (DaClueless @ May 18 2004, 04:48 PM)
Editted by ADMIN: Please do not post Auto-hackers on GovernmentSecurity.org
Thank you, ADMIN
Lol, I thought an admin actually did do that.
I personally don't use the autohackers, nor do I want to use them, really they aren't that much of an inconvenience to me, since all my systems are secure to the fullest capability a system can be secured. Running smart and secure services, so essentially all these autohackers on this board are written with a non 0day exploits attached to them. I have every advisory in my email and every service is patched.
So I really don't have a problem with them, although they do essentially turn exploits in worms etc etc. But like I said with security, other than the Slammer virus I haven't been affected by a worm and the slammer virus, affected me in a DoS, not a compromise.
My .02$ on the issue, will keep thinking about it though.
DaClueless
May 19 2004, 04:09 AM
QUOTE (krackatoa @ May 19 2004, 03:31 AM)
I can understand the non techie home users, getting zapped on their DSL and cable modem connections because they don't know any better. If they're going to get online, they need to learn, even if it's the hard way.
If people don't get autohackers here, they'll get it from someplace else. I personally want to see the various batch files. Gives me ideas on how to screen stuff on IDS, and what to look for I come across hacked systems.
krackatoa, I feel you are missing the point, I feel other are trying to get across.
Auto-hacker are for hacker and less for admins
It is not hard for an admin to put together a batch file 'for loop' to make a auto-hacker, if they want an auto-hacker. I feel, most admins that come to GovernmentSecurity.org have skill level to make a 'for loop' and even compile a exploit if they choice to. For me, I am scared to run someone else compiled .exe (you never know, if it has a hidden virus, backdoor or other nasty things)
We are not saying, we will stop people getting auto-hackers, just GovernmentSecurity.org is not the place to get them
I feel it very simple, is GovernmentSecurity.org for hackers or Admin who are looking for information to protect thier systems. I see GovernmentSecurity.org is for the Admin, that is why GovernmentSecurity.org should actively remove auto-hackers from post when posted.
I hope that make things a little more clear
nuorder
May 19 2004, 04:13 AM
yeh i agree with u
xlulux
May 19 2004, 06:19 AM
i think that banning these things, however truthful and useful and RIGHT it might be, would make us hypocrites. Maybe we should just teach these kidz the more complex hacking meathods that dont just go through 30 C classes in a second but more of a "climb the mountain and reach the top " where climbing them mountain is the hardest part learning and working yes i said WORKING hard towards the hack to work. enumerating the subject, collecting info, reading about their technologies, and then when your totally in their world and you know how every freakin thing works in their system or set up the actual hack will be so damned easy and you will get so much more satisfaction from it that you will be wondering what you were doing before.
moral here: make them want something better instead of just taking away the shitty stuff.
DaClueless
May 19 2004, 06:33 AM
QUOTE (xlulux @ May 19 2004, 06:19 AM)
moral here: make them want something better instead of just taking away the shitty stuff.
I am thinking, you are saying dont post auto-hacker source code or .exe. Just post how fast they go, so script kiddies know what other people are doing.
I see not problem posting how fast your auto-hacker is. I just feel it most likely very slow compare to things like MS blaster. And I hope, we all feel MS blaster is wrong, but if you feel script kiddies should stride to be as fast as MS blaster, I am sure the Police will be there to give them what that have won. Jail Time.
Killaloop
May 19 2004, 07:58 AM
QUOTE (archphase @ May 19 2004, 02:24 AM)
let me get it correct, `auto-hackers` make it inconvient for you due to the fact that they catch the prey before you have it. I think about 90% of people posting in this thread against it fall into that crowd.
Its a good place to publish software here, don't destroy that by making stupid rules.
they catch the prey with the auto hacker coded by someone posted two days after the exploit? don't think so. If the sourcecode is released normal people take their one-line for loop and replace the exe name. others seem to not be able to do that. however I'm not saying that its stupid to use this batchfiles... it would be more stupid if you copy and paste 1000 of your IP one after one when testing the exploit. What we all here think is this board needs less activity from scriptkids and more from security people, but seeing that on intelligent postings you have 2 replys and with a stupid autohacker you got 180 replys this is not what I call quality when I read something like: "w0w l337 4u7oh4xx0r" or "g00d, what d0 y0u scan it?" "h0w many edus did you hack with that exploit m8". This is all about learning. We have seen 1000 of autohackers here nearly all consisting of the same for loop, don't you think they should be able to write their own by now (doh it's only copy and paste)? No they can't...and why not? because they little kids didn't even open a single batch file with editor!! before doing so they ask "how do it works, m8"
I'm noones m8 and all this stuff terrible hurts my eyes and my head. Look into the file download section and take a look at the autohacker threads. it really hurts every normal human thinking
B3T4
May 19 2004, 08:47 AM
ye, ban them autorooters !
We are here to learn, not to mass hack,and if we happen to hack a server while learning, so be it
pr0t0type
May 19 2004, 08:53 AM
Well said killaloop.
I think it's dissapointing when an autohacker thread can reach 10+ pages while a buffer overflow tutorial thread struggled to hit 3 pages...
usch
May 19 2004, 11:53 AM
well maybe some1 could post a tutorial how to make ur own autohax0r so the posting of them won`t be neccessary anymore.wouldn`t that be a good idea?
so long
usch
Killaloop
May 19 2004, 11:59 AM
QUOTE (usch @ May 19 2004, 11:53 AM)
well maybe some1 could post a tutorial how to make ur own autohax0r so the posting of them won`t be neccessary anymore.wouldn`t that be a good idea?
so long
usch
yes open one of that bat files with editor copy the for %% line. edit the name of the executable done. now that was hard to figure out on someones own? this is like writing a tut which explains how to turn on your pc.
Stephen79
May 19 2004, 12:23 PM
QUOTE (Killaloop @ May 19 2004, 12:59 PM)
QUOTE (usch @ May 19 2004, 11:53 AM)
well maybe some1 could post a tutorial how to make ur own autohax0r so the posting of them won`t be neccessary anymore.wouldn`t that be a good idea?
so long
usch
yes open one of that bat files with editor copy the for %% line. edit the name of the executable done. now that was hard to figure out on someones own? this is like writing a tut which explains how to turn on your pc.
a little harsh perhaps.
Whilst thats true for some autohackers, more "complex" *cough* bats call nectcat, can ask you to select a port, have nice menus Some exploits dont need certain features.
But, yup, look through some of the posted ones and you wont stuggle to understand how they work guys.
nowhere
May 19 2004, 01:26 PM
QUOTE (Killaloop @ May 19 2004, 11:59 AM)
yes open one of that bat files with editor copy the for %% line. edit the name of the executable done. now that was hard to figure out on someones own? this is like writing a tut which explains how to turn on your pc.
nice, i want a the tut how turn ur pc on!
i think no autohaxxor and no compiled sources, only uncompiled, and when someone has a prob with fixing then he can post that he has a problem.
and we look how we can help him.
Gotisch
May 19 2004, 04:57 PM
I alway though this was a security board, for admins and security interessted people to learn how their Servers can be exploited and more importantly how to remove the backdoor/ secure the system.
The security reports show us that they can be exploited
The poc show us how it is done ( ! the source shows us, the compiled thing infact only does the same as the security report telling us: the server can be exploited)
What does a autohacker contribute to this ?
Not a thing.
But then if you dont post compiled exploits or autohackers the usernumbers of this forum will drop a lot and maybe some people dont want this to happen. I don't know .
what i find more stupid btw. is posting a password protected compiled autohacker. The Forum moderators should deside who can download files and who not thats what the trial member status is for.
By adding passwords to their so called "public" autohackers the posters take this power from the moderators bypassing them litterally and just use this platform to distribute files for the people they want to have it.
Is this how it should be ?
Buluemoon
May 19 2004, 09:48 PM
I agree with the majority that autohackers are worthless to learning anything.
tonikgin
May 20 2004, 01:14 AM
Keep the auto-scripts to yourself kids.
What the fuc k would i want w/ a bat file which does nothing more than enumerate commands which I allready know?
I know for a fact there are plenty of dumbasses out there that DONT know how to compile exploit source code which is submitted onto the internet. There's also morons that dont understand the problems they cause in using these autohackers. mainly, just wasted network bandwidth.
Learn C, and it's not hard at all to look at an exploit source code... and mod it to your likings to scan entire subnets, multi threaded connections, output results, ect... all in one program. I dont know what these morons are doing using sfind or scanline to find vuln machines, that is taking way the hell too much time, especially when on a mass scannign scenario.
I could rant all day about this, but I better stop this now.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
bats call nectcat, can ask you to select a port, have nice menus 