Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
LulzSec Lulz
Posted by: Skyphire
Date: June 04, 2011 01:38AM

Remember lulzsec, he hacked this and that and some other stuff. Interesting to see that they fail to come up with some original ASCII art. They simply c/p'ed it from some ASCII art website. Hmmm... I wonder what else they c/p'ed? a bunch of 0day's?

LulzSec "art": [pastebin.com]

.--    .-""-.
.   ) (     )
.  (   )   (
.     /     )
.    (_    _)                     0_,-.__
.      (_  )_                     |_.-._/
.       (    )                    |lulz..\    
.        (__)                     |__--_/          
.     |''   ``\                   |
.     | [Lulz] \                  |      /b/
.     |         \  ,,,---===?A`\  |  ,==y'
.   ___,,,,,---==""\        |M] \ | ;|\ |>
.           _   _   \   ___,|H,,---==""""bno,
.    o  O  (_) (_)   \ /          _     AWAW/
.                     /         _(+)_  dMM/
.      \@_,,,,,,---=="   \      \\|//  MW/
.--''''"                         ===  d/
.                                    //   SET SAIL FOR FAIL!
.                                    ,'_________________________
.   \    \    \     \               ,/~~~~~~~~~~~~~~~~~~~~~~~~~~~
.                         _____    ,'  ~~~   .-""-.~~~~~~  .-""-.
.      .-""-.           ///==---   /`-._ ..-'      -.__..-'
.            `-.__..-' =====\\\\\\ V/  .---\.
.                     ~~~~~~~~~~~~, _',--/_.\  .-""-.
.                            .-""-.___` --  \|         -.__..-

Original here: [www.chris.com]

--    .-""-.
   ) (     )
  (   )   (
     /     )
    (_    _)                     0_,-.__
      (_  )_                     |_.-._/
       (    )                    |_--..\
        (__)                     |__--_/
     |''   ``\                   |
     |        \                  |      /b.
     |         \  ,,,---===?A`\  |  ,==y'
   ___,,,,,---==""\        |M] \ | ;|\ |>
           _   _   \   ___,|H,,---==""""bno,
    o  O  (_) (_)   \ /          _     AWAW/
                     /         _(+)_  dMM/
      \@_,,,,,,---=="   \      \\|//  MW/
--''''"                         ===  d/
                                    //
                                    ,'__________________________
   \    \    \     \               ,/~~~~~~~~~~~~~~~~~~~~~~~~~~~
                         _____    ,'  ~~~   .-""-.~~~~~~  .-""-.
      .-""-.           ///==---   /`-._ ..-'      -.__..-'
            `-.__..-' =====\\\\\\ V/  .---\.
 PGMG                 ~~~~~~~~~~~~, _',--/_.\  .-""-.
                            .-""-.___` --  \|         -.__..-

So much for that l33tness. Set to fail, indeed.

There might be a chance they were reckless and were broadcasting their IP when c/p'ing it. One always leave tracks. Matter of correlating stuff. Anyway, worth to try if I were the EF/BEE/EYE .^.^.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: rsnake
Date: June 08, 2011 03:43PM

That may be a lot of IPs to correlate. But it's a clever idea if there's another place they may have done something similar. The chances of collisions are usually fairly low except for AOL, etc...

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: SW
Date: June 08, 2011 11:09PM

Does it really matter if they "stole" ascii art? :D

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: rsnake
Date: June 15, 2011 04:40PM

I think his point was that it can be traced back to the real people.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Kyran
Date: June 15, 2011 08:06PM

The idea of tracking down social media oriented hacker organizations has intrigued me ever since places like AnonOps and whatnot have been popping up with regular frequency. Although far from an exact science, mapping social networking data/timings to major events in their communities; much like HBGary folk were working on, seems like it has much potential. Since groups like this usually thrive on anonymity. It's not hard to infiltrate them with a basic knowledge of memes and some 1337 skills to rise through the ranks.



Also hi sla.ckers ;)

- Kyran

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Skyphire
Date: June 22, 2011 07:20AM

For them to be absolutely invincible they have to go to extreme lengths actually.

Tor.
Is out of the question. If I run an exit node (as many security researchers tend to do) I could catch/correlate their activity.

General Proxies.
Also stupid, you never know who controls and watches the proxies. They have to have elite proxies, but then again those who give you access might rat you out one day.

WIFI networks.
If they don't clone MAC's, they leave their MAC address behind in the router/access-point logs. It's pretty hard to replace a network card inside a laptop, one has to clone macs continuously. In theory, MAC's can be traced back to a the store where the laptop was purchased since the serial numbers are registered in relation to the network card.

IRC, Twitter, forums, Facebook.
Absolutely stupid. You don't talk about attacking something. Rooms are riddled with snitches, cops, wannabes and attention whores who might rat to save their own buts. The more one writes, the more clues one tends to give. Ted Kaczynski (Unabomber) was caught due to two sentences in his manifesto.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Skyphire
Date: June 22, 2011 07:28AM

Seems they are getting close:

The F.B.I. seized Web servers in a raid on a data center early Tuesday, causing several Web sites, including those run by the New York publisher Curbed Network, to go offline.

DigitalOne provided all necessary information to pinpoint the servers for a specific I.P. address, Mr. Ostroumow said. However, the agents took entire server racks, perhaps because they mistakenly thought that “one enclosure is = to one server,” he said in an e-mail.


http://bits.blogs.nytimes.com/2011/06/21/f-b-i-seizes-web-servers-knocking-sites-offline/

I won't be surprised if some members of the group turn out to work at ISP's.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: thrill
Date: June 22, 2011 11:16AM

Taking a page out of the 'al qaeda network security' handbook.. don't shit where you eat.. basically saying, don't do anything originating out of your own IP space/house/neighborhood.. yes, if they were slightly more advanced and organized, a 'top ranking' individual could easily set up a VPN and provide access via crypto keys which would only be made available in person.. then it is safe to have web sites and irc channels, as long as the traffic goes over the vpn and the vpn is set up to disable split horizon..

but these are just speculations.. you may now return to your originally scheduled programming.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: acemutha
Date: June 24, 2011 03:11PM

Skyphire Wrote:
------------------------------------------------------->
> WIFI networks.
> If they don't clone MAC's, they leave their MAC
> address behind in the router/access-point logs.
> It's pretty hard to replace a network card inside
> a laptop, one has to clone macs continuously. In
> theory, MAC's can be traced back to a the store
> where the laptop was purchased since the serial
> numbers are registered in relation to the network
> card.

Well MAC can be easily spoof right? so I would go this way "IF" I were one of them

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Anonymous User
Date: June 25, 2011 01:54PM

He said he's one of them! Get hiiiim!

But seriously - I think this whole LulzSec thing is an attractive ground for scapegoating, framing and accusal. Bob tells Police about Alice that she's with the Lulzes - happy raid and self-defense, Alice...

Sad.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: darknessends
Date: June 26, 2011 06:39PM

Perhaps nobody noticed that they are extremely efficient at DDOS attacks and this 100% means that you have to have a botnet with > 50000 members or multiple such networks. And if you have access to such a large botnet network do you need to worry about where to get IP's to redirect your traffic to ?
More clever, the botnet can turn to a private TOR network routing you through dynamic IPs, none of them will repeat itsself ever.

TOR for 100% is providing network data to few people. For instance you can not connect to freenode through TOR, they have a list of all exit nodes that come from TOR.

General proxy stands out of question, they are too advanced to use general proxy or any kind of so called I-ll-Make-You-Anonymous Stuff.

MAC Address are 100% cloned, They ll never leave a trace of their original mac address or anyone can query and relate to the network device's identity. MAC address can easily be spoofed so thats nothing.

No, Facebook and Twitter, Google and everyother company will probably cooperate to get them caught. I guess they are alive on twitter just because atleast it gives hopes to keep a contact with them and may be twitter can track them someday.
They will be logged everywhere as much as possible.

But the point is, if you do not own the IP you are travelling from and you do not use the same IP everytime how can anybody catch you.

Sony would have done everything in their reach to get them caught and probably has paid experts a lot to get the forensics some details.

They sure are clever too much for this.

@Skyphire, People who write and discover 0Days seldom have time enough to use them for purpose like this. Their interest has gone so high in 0Days and exploits, vulnerability that they keep doing research mostly.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Skyphire
Date: June 26, 2011 07:44PM

And then you get stuff like this: http://pastebin.com/iVujX4TR

On and on... only vitriol instead of a healthy competition.

Don't know about you, but way back (yeah I'm old) no-one even knew about us. We fought it out on other people's networks, not in the media spotlight. Granted, hacking was pretty easy a long time ago, and those who were there know what I am talking about: Closing a telnet port on a box you just discovered before someone else got to it was a sport, watching others hack into it and try to track their prints and just before they got t the stuff they wanted you kick 'em out. All the fun stuff. I really don't get what people are doing these days. DDoS on 2600, attacking Mitnick again. It's all so pointless... and needles to say: it's not even hacking. I always agreed with those who said that you shouldn't release tools. It's true in some sense. And then they say: we hack, were hackers. Well, sorry but if you were born later than 1980 you will never know what true hacking meant. True.

It's so very tiring to see all this happening. This pointlessness boredom, skill-wasting folks that blemish some real nostalgia I personally experienced and turn it into a commodity of lulz.

In any case, they are stupid enough to sit in the encyclopediadramatica IRC channels munching skittles all g'damn day, and now they're wondering who outed them. Shit sherlock. No disrespect eh, just saying.

http://pastebin.com/3FPUL5Zw

Then this Weev dude from encyclopediadramatica & GoatseSec. LulzSec started in the same week when Weev was released on bail. FBI report on this dude: http://www.youtube.com/watch?v=hgjmFATaHis
http://www.youtube.com/watch?v=3WnZBKF3hB4

So predictable...

Wonder why #klulz, #gnaa, #partyvan IRC channel trolls quickly try to prep dis-info:
http://pastebin.com/Bcrqa14P
Jun 26th, 2011 | Syntax: None | Size: 3.12 KB | Views: 14 | Expires: Never.

#gnaa, #partyvan IRC channel trolls and ex 711chan mod Laurelai + ex 711chan members.

eyez everywhere...fun times.

I just wish they quit being so childish. We all know that everything can be hacked. You don't have to prove that to prove it.



Edited 11 time(s). Last edit at 07/04/2011 03:20PM by Skyphire.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Skyphire
Date: June 26, 2011 08:16PM

darknessends Wrote:
-------------------------------------------------------
> Perhaps nobody noticed that they are extremely
> efficient at DDOS attacks and this 100% means that
> you have to have a botnet with > 50000 members or
> multiple such networks. And if you have access to
> such a large botnet network do you need to worry
> about where to get IP's to redirect your traffic
> to ?
> More clever, the botnet can turn to a private TOR
> network routing you through dynamic IPs, none of
> them will repeat itsself ever.

That's what they probably did. Some guy probably shared his botnet for credits.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Albino
Date: June 27, 2011 11:27AM

darknessends, couldn't the feds just look at the ISP logs for the proxy/bot to see the originating IP bot, and trace it backwards like that? I don't think using TOR would prevent this; TOR needs loads of users to work, ie hiding in a crowd. That's why TOR was made public.

Skyphire Wrote:
-------------------------------------------------------
> Well, sorry but if you were born later
> than 1980 you will never know what true hacking
> meant. True.

Nice try.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: SW
Date: July 01, 2011 05:53AM

I wish I was around in the 80s, sounds like so much more fun. Nowadays hacking is too hard and complex, it's tough to get the lulz from it. And since everyone is socially networked, that provides a faster/easier way to get lulz from the computer. And social networking is quite thoroughly engrained in any young hackers who have naturally grown up on the messageboards and forums and chats. Trolling is so much easier and more fulfilling than hacking. :( Only when trolling falls short does hacking enter the picture.

Pretty sad to see people hacking each other for no reason though, but I guess those guys had their own enemies who might showed them up, or might not have (we have no clue if the info is correct or how it will turn out).



Edited 1 time(s). Last edit at 07/01/2011 05:56AM by SW.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Skyphire
Date: July 01, 2011 11:36PM

^SW

Yes. That's why they eventually get caught. Look at them. They have all sorts of accounts everywhere and even boasting about them in IRC channels that get archived the minute you write something. I noticed that they reposted stupid bugs in Joomla (lame) and pulled readymades from exploitdb. (even more lame) to attack random targets to gain some respect from peers that don't even understand that what they do is really lame. I never posted in a IRC channel. Ever.

Well, 80's were cool but boring at the same time. ^.^ Most of my learning curve was from the early 90's. Really around the time that the media didn't screw the term hacking up yet, after that it all went down hill.

By the standards we know now, it seems easy. But back then it was pretty technical, since most manuals weren't written yet, you just wrote the manual yourself by doing it. So in that sense, it was tough to figure it all out. But that is what hacking is, hence I say that if you were born after a certain age where all knowledge became public through search engines and boards, one will never understand the nostalgia of hacking for 100%.

So yeah when I see people like Mitnick getting hacked by fools with tools they didn't even wrote -let alone understand how they work- those who do it have no clue what hacking is, and probably never will know. It's that simple.

+

To get back on topic: if they can't even write their own ASCII art and c/p'ed it and even remove the artist signature from it, it shows they have no respect whatsoever for the art hacking at all.



Edited 4 time(s). Last edit at 07/01/2011 11:54PM by Skyphire.

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: VMw4r3
Date: March 06, 2012 11:56AM

LulzSec Leader Was Snitch Who Helped Snag Fellow Hackers

Quote

A top LulzSec leader turned informant after he was secretly arrested last year and then provided information to law enforcement which resulted in the arrest on two continents Tuesday of other top members of the hacking group, including one of the alleged leaders of the Stratfor hack, according to a news report.

Hector Xavier Monsegur, a 28-year-old New Yorker who allegedly used the online name “Sabu,” has been working undercover for the feds since the FBI arrested him without fanfare last June, according to FoxNews. Monsegur provided agents with information that helped them arrest several suspects on Tuesday, including two men from Great Britain, two from Ireland and an American in Chicago, according to FoxNews.


http://www.wired.com/threatlevel/2012/03/lulzsec-snitch/

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: thrill
Date: March 06, 2012 05:47PM

@VMw4r3

Yeah, read that today.. lame..

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: LulzSec Lulz
Posted by: Skyphire
Date: May 14, 2012 08:40PM

Yes same old story. Nothing new really.

Let this be a word of caution ot aspiring hackers; for those who wants to join hacking groups. A smart hacker doesn't join groups, that's what makes him or her a smart hacker that will never get caught. I am certain that most hacker outfits we see these days are already compromised for a very long time, some of these outfits were also created to gather intelligence. If you look closely one should notice the workings of a propaganda-machine behind it. It's better to know your enemy and befriend your enemy, then to alienate and eradicate your enemy.

Think for a second WHY these Black Hat conventions exists. Who is behind it. And guess who he is working for. Do you really think that criminal hackers go to a hacker convention talking about their secrets? I hope not.

Options: ReplyQuote


Sorry, only registered users may post in this forum.