Uber Haxxorz

[old.MikhailGudlik]

Today this guy logs onto my mates account and says in GU YOU FOCKERS I OWNZORS YALL AND GOA I HAXXOZ ONTO SORLAXS ACCOUNT ! I WILL TAKE ALL HIS ITEMS AND QUIT GUILD MUAHAHA!
so he does it...
and then i ask him why? > next log entries:
@@Sorlax sends, "lol no i dont even know him"
@@Sorlax sends, "im having so much funn haha... ive taken all his stuff haha"
@@You send, "so you hacked into his account?" to Sorlax
[13:31:57] @@You send, "how?" to Sorlax
[13:32:01] @@You send, "thru GOA?" to Sorlax
@@Sorlax sends, "yes i used the universal account they use to fix bugs in acoounts and stuff haha"
@@You send, "omg so u can more or less get into everyoens account?" to Sorlax
@@Sorlax sends, "no... just tha last account they fixed"
@@You send, "hmm i dont rememebr sorlax having any problems" to Sorlax
@@Sorlax sends, "lol how the feck should i know"
@@You send, "how did you know the universal acount or whatever that is" to Sorlax
[13:35:00] @@Sorlax sends, "lol im not gonna tell u"
@@You send, "why not? =]" to Sorlax
@@Sorlax sends, "cuz then u would use it lol no disrespect to ur guild thats just the way i am"
@@Sorlax sends, "and no way i aint telling"
@You send, "pity u dont that to sorlax he is a niec guy" to Sorlax
@@Sorlax sends, "prolly is but hacking is me job"
@@You send, "but twhat the point ?" to Sorlax
@@Sorlax sends, "holy shit... someone is tracing me.. aint gonna happen cya
Sorlax is not in the game, or in another realm."



Very nice chap


uke:

 

[Whoodoo_RD]

What an ahole....take it GOA got a copy, and its not just some1 he knows messin about on his PC or sommit?

 

[-Lonewolf-]

You should really put this on Rightnow and then GOA will be able to deal with it directly

Bringing here is just gonna cause, accusations to fly and general hysteria, its mad in here enough

 

[Elixir]

IT WAS KARAM!!!11
HE IS TEH 0WNZ0R HAXX0R!

joking, really tho Mikhail, you should put it on rightnow, have fun flaming karam, you always seem to do so


----------------------------------

Laand Stormcaller, 50 thane
Criticall, 33 shadowblade

 

[---djinn---]

Hes was just lucky!!

hi.. long time reader first time post.. but i just had to reply...

well Sorlax and i are real life m8s..... tryed to call him when i read about this (couldnt get thru.. damn sell phones)

well all i know is that the arse who did this was lucky in finding sorlax's password... first of all Goa does not have a Universial password... thats just a lie... not even goa would be that stupid (uhm well u never know)

my guess is he stumbeled accros it while hacking ez-hack e-mails... or something like that.. anywayz.. im gona get that bastard....btw... the thing about someone tracking him LOL what a smart ass... well anywayz im gonna try and call him soon...

-----------------------
Djinn AndTonic lvl 45 Paladin (alb/pry)
Cthulu Knights

 

[old.MikhailGudlik]

my right now doesnt work keeps saying wrong password =]
talkign about well oiled machine - GOA i dont htink they will bother do anythign at all anyway.
But it was not Sorlax's friend playin a joke thats for sure.

 

[Herjylf]

Well...
tcp/ip sniffer if on a hubbed network, or arp poisoning if on a simple switched one.
Should give just about any fella on your LAN the ability to snoop the login/password in fact after reading this post i tried it.

And whaddaya know the login procedure is unencrypted from you to the login server.
not even an attempt of encryption as far as i could see.

These programs are widely spread through 0-day warez groups, and are quite popular.
In fact, i have used it many times myself. since i have forgotten my the passwords to some of my ftp sites.
in fact some of these sniffers have the ability to decrypt some popular SSH1 encryptions, or atleast claim to be able to do so.

They are quite easy to use, in fact u can even filter out uninteresting data. and simply catch packets containing a varitey of data. like from/to, keywords like "login" or "password".

So to all i can only say, a DECENT switched network should keep you somewhat safe from this kind of privacy intrusion.
But it has to be switched all the way from your end to you isp.

Not [your switched LAN] <-> [gateway/router] <-> [hubbed net] <-> [isp gateway]

I suggest this guy sorlax contact his net admin or isp and tell them of this, and ask them if they are on a PURE switched network.
btw CABLE networks can if friggin insanely stoopid set-up leak packets just like a hubbed network.
btw 1/2 cable networks are indeed insanely stoopid setup
I suggest if you are on such networks and have a cable modem hooked up in your apartment look over your data traffic.
and start using encrypted services.

i list below some services that EASILY can be sniffed.

HOTMAIL and other similar services.
POP mail
FTP
IRC
Direct Connect traffic including passwords to private hubs.
Most games
well most traffic :/

Traffic that give you some security.
[note traffic must CONTINOUSLY be encrypted not only during login session for full privacy]

SSH1/2
SSL
RSA
well the standards are many, as long as it isnt in plain text it is better.

I try as often as possible to use encrypted services.
only accept PER SESSION COOKIES, and block all ADS, popups and scan for spyware every now and then.
if on nt5 based kernes systems like OS´s like Win XP, win2k DONT let others use your user account.
make guest accounts for thers.

Consider this what if your password to a service in which you VISA cards number can be read and or altered.
For example most popular webshops you have an account in.

I have myself not had the missfortune to get my privates sniffed by a craxxor wannabe.

I did however some ears ago for non enclosed reasons use software as above mentioned.
And did feel.. *cough* elite when i got drops in my sniffer. that suited my filtered search criteria.
I among others got the ROOT password to my isp´s gateway.
he used telnet from his apartment to the gateway.

This experimenting time made me AWARE, and more carefull and more inquiring to my ISP on hos his net is built.

It also made one of my friends who i at the time tried to impress by nicking his POP email account login/pass and sending a GAY loveletter to his math teacher, deny me friendship.
Of course me at the time could though he overreacted...
But put yourselves in his position, can u blame him?

now that i have layed aside my childish ways *cough *cough * 27 years old and playing computer games...

well i drifted away, i do however hope this makes you more AWARE aswell.

I cannot say this was the way he got the account information.
But it is very likely way.

There are methods using some sniffing programs that even let you SEE EVERYTHING a HTTP surfer can see in his web browser.
for example your HOTMAIL inbox or similar.
And that was 5-6 years ago...
now there are tons of different sniffers.
all from priced creations software/mobile hardware to gnu licenced linux software.

Herjulf Hornbrytare lvl50 skald <long vacation> :sleeping:

 

[Kiros]

g33k

 

[Addlcove]

Originally posted by Seifer-
g33k

paranoid more likely, but he does have a point

 

[Ensceptifica]

Originally posted by old.MikhailGudlik
@@Sorlax sends, "holy shit... someone is tracing me.. aint gonna happen cya

lol @ script kiddie.

 

[old.Karamon]

Originally posted by old.MikhailGudlik
@@Sorlax sends, "holy shit... someone is tracing me.. aint gonna happen cya...

Probably was his mom "tracing" him

 

[Slipurson]

seen to many movies more likely... got hold of the pass/login and logged on maked some fuzz and then wanted to seem leet and yell something about beeing traced... lol

btw did he do anything to sorlax's account ??

 

[old.Tzeentch]

Originally posted by Seifer-
g33k

heh, i suppose the doc that saves someones life is a geek too.
oh, and the guy who studied chemistry for 15 years, and then made the medicine to cure a painful virus, yeah he is a geek too.

 

[old.mystah_e]

Recently my mates got a copy of neverwinternights and he managed to get onto other ppls computer using their ip address and found their serial code for the same game. 5 codes later and we were all playing a multi player session of NWN with only one copy.

This would not of happened if the ppl had set passwords for their windows.

 

[Whandall]

Any good scan programs for spyware around?

Share or freeware?

 

[old.Odysseus]

And whaddaya know the login procedure is unencrypted from you to the login server.
not even an attempt of encryption as far as i could see.

arghhhhhh how can u be so stupid? a simple encryption that will take a several years to crack is not very hard to implement (did it just last week at work, took 2 days to get it fully operational).

Very interesting post Herjylf

 

[Gef]

Originally posted by Whandall
Any good scan programs for spyware around?

Share or freeware?

Ad-Aware is the best one really, I would post a link but I cant be bothered to hunt for it

 

[old.giriam]

Re: Re: Uber Haxxorz

Originally posted by Ensceptifica


lol @ script kiddie.

My thoughts exactly

G

 

[censi]

Yes good post heryalf.....

broadband users should get blackice at the very least...

But most hackers (possibly including this one) dont get your password using packet sniffers and cracking the encription (that would be difficult)

A lot of people give out their account details to 'friends' in the game..... This is not a good idea....

A lot of people pick up trojans with key loggers.... These are usually very simple and I have seen some set up specifically for DAOC. Sometimes all they are designed to do crash daoc after loggin, and FTP or Email or ICR notify and send send the keylog at a specific time... This stops the player getting onto his account also....

If you dont run it now, and have no security on your PC you should go and download Zone Alarm from downloads.com.....

ZoneAlarm is far from the complete solution... however it does monitor your ports and if it sees traffic on a undefined port it will prompt you if you want to allow this traffic...... Restrict the active ports down to Http and the Port DAOC runs on initally...

Also get good virus scanning software and run it on a regular basis.....

IF you ever think you may have been hacked.... do not connect to the internet... Phone a friend and ask him to loggon to your account and stay logged in untill you can contact GOA and get your details changed....

Some virus's are easily removed.... but I always feel better to just re-instal or restore for a backup...

Hope this helps.

 

[censi]

one other thing.....

This guy who hacked you may be highly traceable......

If he is stupid he will have used his standard static IP address allocated to him from his ISP... GOA can find what IP he used..... Its then upto them to pass the relevent information on to the authorities....

Also most hackers arnt aware that computer fraud can carry a hefty jail sentence if you are over 18... Make sure GOA investigate this....

 

[old.Odysseus]

Zonealarm is sufficient to keep all but the most persistent buggers away.

It has a nice mechanism to catch when a program tries to communicate from within on a closed port and prompts u whether or not to open it.

Makes it easy to use with most games also

 

[Keri]

Originally posted by censi

If you dont run it now, and have no security on your PC you should go and download Zone Alarm from downloads.com.....

ZoneAlarm is far from the complete solution... however it does monitor your ports and if it sees traffic on a undefined port it will prompt you if you want to allow this traffic...... Restrict the active ports down to Http and the Port DAOC runs on initally...

What port does DAoC run on?

 

[Herjylf]

Well..

No personal firewalls will deny/allow your in and outgoing data.
It simply blocks certain data from and to you, and allow the data you think is safe.

The data you allow your "personal" firewalls to allow, will still be the same.
So it will not help you in any way when it comes to sniffing.

It will however block depending on software spyware and other unwanted traffic.

The traffic from your computer will still travel out on the network and if hubbed (hub´s some cable networks) or on cheap switched networks, your data will still be spread widely.

But a firewall is always a good thing.
Better then none.

And yes if you are lucky the guy that loged in with his account could have left behind certain data at GOA, i suspect they have extensive logs.
I doubt though that they will give you this information.
And even if u got it, it may not be of any help.
if he is on a LAN and got a "private" a, b or c class ip.
for example a 10.x.x.x , 192.168.x.x adress.

The best way is to inform your ISP so they get warned of these activities if any. and take actions against it.
Btw, if you didnt know...

Just now EU are deciding ot have decided on a new law that bans SPAM/junk mail, that is spread without your will.
A sideeffect to this is, that your isp will be bound by law to log and be able to bind your http and some other traffic for up to 2 years.
For example if you were to visit http://www.hornykindergartengirls.com and came under police investigation, this could be used against you in a court of law.
I suspect only the url is logged, but it could help when it comes to an investigation.

And since use of your account is theft and intrusion of privacy among others a criminal investigation could be started.
Then GOA would have to give the police their information and your isp aswell.
I am uncertain however that the new law has passed yet, but i think so atleast.

Herjulf Hornbrytare lvl50 skald

 

[theroy]

Originally posted by Herjylf
Well..

For example if you were to visit http://www.hornykindergartengirls.com and came under police investigation, this could be used against you in a court of law.
I

A scary insight to you favorates?

 

[alarik]

I would post on here but im afriad people will see my name and hack my ownage 56k.. arggg there watching me!!! <me runs and hides>

 

[old.neenee]

Originally posted by old.MikhailGudlik

@@Sorlax sends, "prolly is but hacking is me job"

heh

:sleeping:

 

[Sabu]

There is another case with a spanish guy in Albion. The problem is that he hadn`t too much friends and i really don´tknow who is playing now that char (someone who bought the account or the hacker).

Seems that there was a real hacker.I can remember that we talked about that guy along a week and the conclusion isalways the same: the reall owner mus report to Goa.

 

[stable]

Well i am one like herjylf, used to "be l337 H4xx0R" and me and 20 friend even managed to take out the phonelines for a norwegian town for 13 hours. Well i guess i thought it was fun back then. The point`s that Herjylf makes are some good ones.

I am on the E&E team for GOA and this has allready been notified to them.......