Full Disclosure mailing list archives
Re: Script Kiddies
From: "mike king" <ngiles () hushmail com>
Date: Fri, 30 Jan 2004 11:06:31 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I typically dont respond to posts, but I will say that you basically hit the nail on the head security has and is starting to become the next level of mcse's. I dont proclaim to be any sort of hacker although I am lumped into this category by the nature of my job. I help secure networks and make it so people can do their jobs in the online world. just an avg guy On Fri, 30 Jan 2004 08:23:38 -0800 Uncle Scrotora Balzac <scrotora () hushmail com> wrote:
I love hearing security people talk about script kiddies. It's the funniest thing to see them walking around with their chests pushed out like peacocks, as they scoff the silly little kiddy. Funny because 99.9 percent of the people using the term so loosely have no idea how to *really* find vulnerabilities in systems, compromise,
gain control, hide their presence, then use it for whatever they want. Hell, a significant percent of those "security [engineers/professionals/consultants/researchers]" (circle one) have trouble compiling exploits (if they even know where to find them in the first place), much less figure out offsets, return addresses, etc.. The same exploits those "kiddies" use!! What these people don't realize is that the "kiddies" they so affectionately refer to have learned this practice by reading comments, headers, and cryptic help messages in code and scripts. Not by completely out-of-touch and wickedly outdated texts like their CISSP study guides, vendor whitepapers, and books by aging whitehat hackers. Irony. But like I said, this practice is funny, not annoying. It's funny because of the false sense of superiority these people get from referring to 95%+ of the hacking community as kiddies. It's funny because of how much they *really* don't know - and advertise the fact with huge neon signs by getting on lists like this and asking for things like SSH exploit code so they can "learn how exploits work!" (By the way, to the whitehat who was arguing with everyone after getting char grilled flamed for this - - if you want to learn how exploits work, there's about 1000 of them at www.packetstormsecurity.com.) Funny every time a box on their network gets whacked, and they talk about the script kiddy that did it. How ironic is that, and what does it say about them? But that's right, it's not their fault. Always someone else's, which makes me wonder why any of these people have jobs in the first place. I'm glad they can't hear themselves. Then they might stop. - --- "...we have smuggled a word into the dictionary which ought not to be there at all--Self-Sacrifice. It describes a thing which does not exist... We ignore and never mention the Sole Impulse which dictates and compels a man's every act: the imperious necessity of securing his own approval,
in every emergency and at all costs." - Samuel L. Clemens
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAkAaqn8ACgkQUjm7xSZSd8E4KACgj0kVB0gtE4vRzGyzC2UxVfpK9swA n2duTmAfFlvfDxNwjkHBjiMAiV6Z =9ZJk -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Script Kiddies Uncle Scrotora Balzac (Jan 30)
- Re: Script Kiddies [OT] ktabic (Jan 30)
- Re: Script Kiddies [OT] ktabic (Jan 30)
- Re: Script Kiddies [OT] vuln (Jan 30)
- Re: Script Kiddies vs. Security Kiddies Andy Cuff (Jan 30)
- Re: Script Kiddies Andy Cuff (Jan 30)
- <Possible follow-ups>
- Re: Script Kiddies mike king (Jan 30)
- Re: Script Kiddies darren (Jan 31)
- Re: Re: Script Kiddies ATD (Jan 31)
- RE: Script Kiddies DAN MORRILL (Jan 31)