Why can’t Maggie approach Johnny!?

He’s obviously shy with girls and probably has insecurity issues caused by a lack of history with relationships. I’ll bet he’s interested - because let’s be honest here, Maggie is popular and everyone likes Maggie - but is too shy to make the move. She caught him checking him out on the playgroung ffs!

If she’s not willing to be post-gender roles and make an approach just because “it’s not my job as a girl”, then she doesn’t deserve a modern relationship.

Let this be a note women: proactive women are awesome.

I learnt to incorporate programming into what I was doing and to look at hacking from a programmers perspective — and that’s when I would say I became a fairly competent hacker. I was never devious or nefarious, but definitely wanted to push the boundries and see what I could do.

So let me tell you about a PHPBB forum I once regular’d for a popular game. The PHPBB software itself has been pretty secure for a while now, but forums often install various third party addons (think game sections, etc). I have this habit whenever I reach a webpage that has a url like this:

http://www.somewebsite.com/somepage.php?id=1231

When I reach a page like this, I almost habitually go to the top bar and add a single quote ( ’ ) like this:

http://www.somewebsite.com/somepage.php?id=1231'

I press enter and see what happens. There’s a couple things that can happen.

1) The website loads normally

2) The website loads mostly normally with a generic error message

3) The website loads mostly normally with a specific SQL error message

4) The website doesn’t load normally, you get a specific SQL error message.

Why do I do this? I am testing to see if the website sanitizes it’s input, basically meaning I’m checking to see if the website operator has bothered to prevent people from SQL injection. It’s a mixed bag, but there’s a lot of places that don’t.

Anyway, getting back to the story, I saw this webpage and did the single quote test. Got an error message in the vein of option number 3 or 4 — so I knew I was golden. I’m going to skip a lot of the technical jargon here, but suffice it to say I devised a method to be able to ask the web server simple yes and no questions. I.e. I could:

• ask the web server “Does 1=1?” — which of course returns true

• ask the web server “Does 1=2?” — which of course returns false

How did I use this? The fun way — I wrote a program that stole user passwords and salts from the database. Here’s how it worked. I would sequentially ask:

• “Is the first letter of User X’s password hash ‘a’ ?” — Returned FALSE

• “Is the first letter of User X’s password hash ‘b’ ?” — Returned FALSE

• “Is the first letter of User X’s password hash ‘c’ ?” — Returned TRUE

• “Is the second letter of User X’s password hash ‘a’?” — Return False (etc, etc)

So with that I was able to steal a few hundred user passwords and salts in a couple days. To hide the fact that I had a program polling the server for blatantly illegal purposes, I set it up to include a random delay between each question (i.e. wait 10 seconds, question server, wait 42.4 seconds, question server…), and also sent my manipulated variables via POST instead of GET (some servers don’t log post information) This mimicked normal user behavior and wouldn’t look funny in any server logs.

So I have my user passwords and salts. I look up PHPBB salting practices online and find out their formula for creating the hash I now have is the following:

PASSWORD HASH = MD5(MD5(plaintext) + salt)

I go online, do some research, find a fast Java MD5 algorithm . Next:

• Download a few hundred megabytes worth of common english words / internet vernacular / passwords / etc, consolidate it all into a single file.

• Parse that file, remove duplicates (easy and done in no time via quick sort)

• Set up program that does the following:

• Grab a word from that file

• X = MD5(word)

• For Every Distinct Salt:

  • Y = MD5(X + salt)
  • Check if any of my password hashes match Y
  • If yes, make a note of it, and remove that password — you’ve found a collision
  • If no, perform some common mutations (i.e. append a ‘1’, change an e to a 3, change an o to a 0, etc etc)
  • Do the same test as above

• Grab next word, continue on

In this fashion, I was able to usually crack more than 50% of the passwords I had previously stolen.

So then I was free to log on to their emails, or their game accounts, whatever I wanted to do really. I found lots of interesting stuff. One time there was the army guy who was posting about god and hating ‘fags’ and I went in his email and found him sending pics of his dick to some guy deployed overseas. I found stuff that would make me sad like people talking about a friend of theirs that had gone missing. A lot of personal stuff. I’m not saying I’m particularly proud of it, but I never actually did anything with their personal information. I did, however, loot the shit of the people in that game, because people are stupid and use the same password everywhere.

Also, it’s disturbingly easy to use Google to find websites that are vulnerable in similar fashions to the above — for example, try this query: inurl:”graphics_index.php?cat=”

For anyone considering learning hacking, be wary that it IS fucking dangerous if you don’t take proper precautions — I had a buddy of mine internet alias Xec96 real name Jeremy Hammond who was nabbed by the FBI in a honey pot scheme over at protestwarrior (crazy republican website). He did a bid, got out, and last I heard I think he might’ve violated his probation or something else, but I think he’s in solitary confinement right now. Awesome dude, by the way — he is the guy who founded HackThisSite.org — if you want to read more about him, check out FreeHammond.com.

Keeping yourself safe:

• Use different ‘strengths’ of password depending on the site you are visiting. If you are visiting your bank or facebook or whatever is important to you, use extra hard passwords. If you are on some shitty forum, use a garbage password. It’s important to keep them distinct because, like I did in this story, people can hack shittier websites and compromise your entire life.

• I’d recommend changing passwords every few months — a password managing program like 1Password works wonders for generating passwords and saving them.

• Never use any personal information about yourself online that can be in any way attached to your internet alias

• As a side note to the above, sprinkle in false information about yourself all the time. For example, if you check my history far enough back, you’ll find me mentioning that I’m venezuelan. I’m not venezuelan or even latino. This is important to throw people off your tracks if they try to dox you.

• The SINGLE most important thing you can do: Don’t be Sarah Palin. Sarah Palin’s email was hacked not through some devious clever scheme worming through Yahoo!’s servers — she’s just stupid and left her “Forgot a Password” question as “Where did you meet your husband?” — Answer, as she said in plenty of interviews: “wasilla high school”. Forgot Password is the absolute easiest fucking way to hack ANYONE — especially if their email is on Yahoo or MSN or AOL or Hotmail. Gmail is harder, since the account has to be inactive for 24 hours before you can use forgot password.

• Also, the easiest people to hack are the people you know. Why? What’s forgot password information always?

  • Date of Birth
  • Mother’s maiden name
  • Location (zip code)
  • Favorite sports team

• You know where I can find all this shit out in 2 seconds? FACEBOOK. — Hell, I’ve gone through people’s photos looking for them with their pet in the hopes they write its name in the caption or tag it or something.

Little Daylight - Overdose