Hacker. Skiddie Control
I like the idea where you ahve to do a challenge so i think im going to suggest this to cheese. You have to have 1000+ point 100+ posts. And have done a challenge the challenge will probaly be like the rooting chall but you have to retrieve a file and clear the logs in a linux system. You think that will keep em out? or at least filter some.
No offense but I think this is generally a stupid idea. Even skiddies should be able to use it if they want. I do not like skiddies, anyone who knows me can attest to that, however this is a linux distro from a TEACHING site. HBH is a community at strongest, but in theory and principal is supposed to teach.
Open the installation with "Use these responsibly, we take no responsibility for what you do with the…" ect. I know what you mean, and why you think it is nessicary, but it is seriously a bad idea for anyone wanting to learn linux. MANY many many people hear about "1337 H@xx0rz" who use linux and think "well crap, I gotta try it out then." Because they automatically want to be a leet hacker. And when it is on a hacking site then they will want something to learn from (not n00b friendly, I don't mean something annoyingly easy) even just a basic distro, they expect to learn.
What I am trying to say is: just gripe alot about it in the installation and let the other people have it. If script kiddies get a hold of it, then good. They will be caught using the files because they dont know how to hide themselves…let us teach them how to do it. I would say at least 60% of the active users on this site were (at least for a VERY short time, as in my case) script kiddies at one time or another. I say let's keep the convert list growing. Exclusion for "Members with this many points" or "this many posts" won't help people become hackers, and help people find their own hacking philosophy… I would assume that most people who already consider themselves hackers have decided on their OS. But I dunno, that's just my 2 cents.
As for possible ways to stop skiddies, you could always have a small browser app pop up during installation and do something like Basic 1 (it doesn't have to be online, they can be local files) and if they can pass that, then they are at least willing to try and not go "what? I'm confused so I am gonna stop trying." Another thing you could do is create a password protected download place and the people have to hack that place (although the pass would be easily found, you don't want to limit people as I have mentioned before) to get the download.
But then, if you want this distro to be widely used, even outside of HBH then the fewest restrictions the better.
Just some ideas and an opinion that apparently no one else shares,
NC
SANTA wrote: how about u can apply for an interiew if u dont meet the requirements.
HAHA LMAO HAHAHAHA OH MY GOD THIS IS SO FUNNY [/caps]
Just release it, don't care about the skiddies. I mean, they also have backtrack. Just release it without restrictions (which would fail to restrict anyway)
[EDIT] Admins, when you read this message: You are awesome, I give chocolate cookies, ice cream and free coke. I want community points, merci beaucoup.. [/EDIT]
bouncer wrote: wtf are you all talking about? skiddies? WTF using SUCH a custom "hacking" linux distro IS skiddie…. i mean if you are real elite, why not use your own shit instead of using hacking tools on a distro?
Sorry but you all are fucked up in the heads, seriously, if you are making a linux distro or livecd WHATEVER for "elite" people only, then you are messed up in the brains….
just leave it open for anyone, such a livecd IS ment for skiddies, not for "elite" people, or people with alot of point, LOL
close topic, it's bullshit
haha, yay, cookies for bouncer. I was waiting for someone to step up and say something like that :P.
QFT man ;)
(ps. I hope we get another flamewar, I'm ready to get in action :ninja: )
"I'm soo elite because I can boot a cd that is called Professional Hackers Linux Assault Kit. I think now I can hack the whole entire planet, and steal everybody's passwords and internets"
That seems like how most skiddies are. They think that they are elite, because they can boot into a LiveCD. I will not say that I'm a hacker or elite, because I'm not. However, I would consider myself a hacker-in-training.
Look, pre-made tools on a cd with 1337 graphics aint the stuff for the Pro. Trust me, this project is nice for beginners and stuff, but not for real elites. (Many of hbh's elites aren't real elites).
So just distribute this freely, no restrictions. Good jolly fun for beginners, nothing for the pro's.
i don't think that basing it off ranks/points if the answer. or at least not the whole answer. There are plenty of skilled hackers, on this site who can't be bothered with the challs. i think that points are a good starting place, but there needs to be a less clearcut way of distributing it.
Also, where are we gunna host a 750 meg image… that would demolish HBH's bandwidth if a few people wanted it.
HBH should sell it burnt and labeled professionally, I'd buy it for sure.
spyware wrote: Look, pre-made tools on a cd with 1337 graphics aint the stuff for the Pro. Trust me, this project is nice for beginners and stuff, but not for real elites. (Many of hbh's elites aren't real elites).
So just distribute this freely, no restrictions. Good jolly fun for beginners, nothing for the pro's.
I agree… I mean I'll probably never use it but I think the new people should be able to use it if they want…
And yes… I'm the proof that points and ranking don't mean shit… I suck (But I'm a guru, so I'ma stael yuor internetz)
spyware wrote: Look, pre-made tools on a cd with 1337 graphics aint the stuff for the Pro. Trust me, this project is nice for beginners and stuff, but not for real elites. (Many of hbh's elites aren't real elites).
I too agree. I am not an elite, but I think that it would be very educational to test this cd.
spyware wrote: Look, pre-made tools on a cd with 1337 graphics aint the stuff for the Pro. Trust me, this project is nice for beginners and stuff, but not for real elites. (Many of hbh's elites aren't real elites).
So just distribute this freely, no restrictions. Good jolly fun for beginners, nothing for the pro's.
i totally agree. people who want it can get it and get caught for all i care. people who dont want it dont get it. simple as that. even if you tried to stop people, this is supposedly a site for "hackers". it would kind of make it into a challenge…race for the distro. so whatever you do, people who you dont want to get it, will get it.
and yeah, to be honest, no offence to the creators but i think i purpose build "hacking" OS is pretty lame, especially as its called hacker. i mean… thats an INVITATION to skiddies. if fact, why not write it out now:
dear skiddie, we are making an OS called hacker. containing all the hacking tools that you will ever need to go to jail. unfortunately you arent having any of it. bye!
hacker. team
ok im blabbing on now. you get what i mean.
a site dedicated to the art of telling the world nothing is secure is making a tool to help that objective but tries to secure it?
elite = forum posts? = challenge points?
you do realize anyone that is at least a little elite has no need for an hacking distro. anyone that you consider elite on this site. already has linux either as single or dual boot and custumize to his heart's content
what happened to "learning platform"? it was a crappy label as well but at least it didn't hurt.
this one does..
LMAO while Larika is working all by myself in this live-cd other people is thinking to restrict it to elite members only????
Does others communities restrict download to its own livecd? NO. Its free for all. Problem closed, it will be for all registered members.
I think that the presence of noobs and skiddies is not a bad thing for the community. You born Hacker? you born elite? No you born NOOB, you can become something, and HBH is like a teaching site for noobs. And this is a good thing for all the hacking world. We have to be open source, teach how to do things to noobs. They will grow and maybe become elite whit owr help. So, noobs and skiddies are welcome to download and use the future hbh livecd, to learn, to hack, to do what they want.
I im not agree 100% whit the fact that a ELITE dont need a fucking livecd. You need to be elite, to use 100% backtrack or others livecd tools and understand what are you doing. So a live cd is very helpfull for elites too, they can have a cd to boot from every computer, they have his own livecd customized so they have all their stuff and tools in a cd. Personally i used livecd many times at work, for resolve virus problems, for check disk integrities, to export the display of aix machines to the X server, to check and resolve net problems/vulnerabilities. And i use it everytime im wardriving. So a livecd is usefull for pentesters, security professionists, hackers, network engineers, all persons that work in computer releted jobs but also for beginners to learn how to hack and how to use hacking tools.
Thats the main idea of the livecd, a livecd for help the community learning and hacking, and maybe if you stop boring whit stupid questions and start help me in the work, it will be a good livecd for elites too.
I concur, Richo.
It's bad idea to discourage the people working on the distro, if you can't help them, then don't go on telling them about things that can go wrong.
Instead, contribute to their efforts of making something successful.
This will, hopefully, make HBH a bit more famous (or infamous) by the look of how this project is going, and all the script being injected in the distro.
bouncer youre completely wrong. there not responsabilities for me/hbh if anyone do damage whit the livecd. LOL youre saing that if i hack the nasa whit metasploit, metasploit get jailed??? wrong wrong wrong
and elites, they are happy to use live cds and exploits from other people elite as well. Or do you think elite mean that they do all by themselfs? Theres no elite that waste his time coding a thing that is already done by another person. And this is related to the open source philosophy, they at least can read and edit the source, adding things, fixing bugs etc. But theres no one stupid elite that spend time coding already existents things.
Only a question, what is the problem guys? Is the livecd? Its Larika? What? i really dont understand.
i';ve only read the title and not any of the previous pages, so forgive me if this is complete ywrong.
but how about making the OS only useable if its been cracked in some way. so the person downloading hte OS has to actually crack some user login or something to be able to access the OS.
might make a whole new "wow" factor to it, bit more "elite" seeing as its an achievement to be able to use the OS, so might encourage its continued use.
just a suggestion.
Well if you knew much about legal shit you'd know that with a broad enough disclaimer HBH can make it clear that they do not encourage the use of this distro for anything illegal, and that it is used to teach people how to use these tools…
By your logic it's also the fault of the creator of every program included, wheter or not they know their program is going to be used for hacking
bouncer wrote: no, bullshit, if i see something that is wrong, you SHOULD tell them that there is something wrong, dont live a lie.
no richo, they are not responsible, but as i can see you have no fucking clue about legal shit, so i will explain.
They are making a livecd FOR hbh, under the name of hbh, so IF something happens, doesnt matter what, HBH will be responsible for encouraging other people to use the livecd.
YOU can compare it with giving all the users a bag with guns and drugs in it, and it's up to the user if they will use it and walk the illegal road, or leave it. Are you telling me that the person who GAVE away these bags cant be responsible? Then please go back to school, suck on your thumb and think about your life if you dont want some big guy banging you from behind in jail.
We are not doing illegal things, exploits are non illegal, securityfocus & milw0rm & packetstorm are not illegal. Metasploit is not illegal, slackware and making a livecd from it is not illegal. Virus, audit/scanning tools are not illegal. Making a livecd full of hacking stuff and exploits and howtos is not illegal.
Use the livecd to pentest the nasa is illegal. Doing the same to test your own site is legal. Use virus/exploits to make damage to others whitout auth is illegal, use the virus/exploits to test your security/protection or is legal.
I think you have not clue about legal things, youre a bit confused. Whats the problem man?
ok.
Well HBH has taught me a great many things about hacking, and hacking can potentially be used maliciously. Let's just close HBH.
You have no idea about the legality of something like this.
Tihics is a whole different can of worms, which, i might add, IS THE POINT OF THIS THREAD.
There are a lot of wankers out there who will try to use these tools for malign purposes but there is an inherent unusability with powerful tools such as nmap, that I suspect many skiddies lack the perserverence to work out.
bouncer wtf are you doing on this site if you are against exploits and hacking tools?
i cant believe you really think any security auditor apart from all the time studying how systems work and keeping himself informed about latest trends and hacking techniques being used. still has time to develop his tools? yeah ok maybe one or two but the majority?
most hacking tools being inserted on the distro are built by teams and supported by them. maybe one guy can make a better tool alone than many but IT has many diferent areas and you cant be best at all.
so it only makes sense you use the already avaliable and tested apps for basic pen testing sessions.
about exploits yeah u can be against it, but you also know why they are released and there are also strong arguments to support the use of them. like forcing companies to patch buggy comercial software and making sure system admins do their job and install the patches..
im not checking but i really hope you didnt post any articles that might be used by ppl to hack because then it'll be "on your hands" too.
edit: about skiddies i already posted my opinion on the second page..
encouraging people to use it with the chance that they use it for illegal purposes IS illegal, why dont you make a restriction on the livecd that you cant connect to the internet with it?
@Bouncer: No, not really…
Larika (and the rest of the people working on the LiveCD) are NOT encouraging anyone to use the exploits. So, they CANNOT be held liable for a person using them.
They can simply say that it's for educational purposes (and all the associated Judicial mumbo-jumbo) and they'll be cleared of all possible prosecution in the future.
It's up to the user to decide how to (mis)use it. EULA and a broad ToS will state whatever needs to be said about the Distro.
Consider great hacking distro such as Phlak and NST… I'm sure they'll have more modules than the HBH distro with, keep in mind, exploits packed in them too, that deliver payloads of amazing magnitude.
Yet, they are NOT held liable for people misusing them.
Look, for example, at the NST (Network Security Toolkit) Distro's License Agreements and Terms of Condition:
http://www.networksecuritytoolkit.org/nst/index.html
@Mr_Cheese It's a great idea to implement that login idea you're talking about. That would be peculiar to that distro alone, and will set it apart from others.
No you are wrong Larika, you have no fucking clue about me + legal shit, so dont tell me that i dont know, i was just warning you, but you didnt listen to me, so i will tell you one more time.
Exploits are not illegal, i know, but packaging them all compiled in a livecd, encouraging people to use it with the chance that they use it for illegal purposes IS illegal, why dont you make a restriction on the livecd that you cant connect to the internet with it? What do you need internet for if you are not going to USE the compiled exploits for illegal purposes huh? WHY? Make that protection! However if people use the Compiled exploits for illegal purposes, and they track it back to HBH, you are in deep shit, i dont know how things are in Italie, but here in my country and in the UK there are some strict rules about ENCOURAGING!
If you want to distribute the livecd, be sure to write a fully ToS and Disclaimer in perfect english, that you cannot be held responsible and all that shit, or else you will get busted, believe me or not, you will and i can make that happen in no time Larika.
Ok bouncer, so i dont know you and what do you think you are but, i dont need your explanation about legal stuff. I know what i can do and what not, in my country, in usa and in uk. So dont tell me what i know and what not, speack for yourself. And my final answer is :
- Making a livecd whit compiled or not exploits ready to use or not, whit the most evil and dangerous hacking tool is legal for sure.
- No one is doing this livecd encouraging people to use it for illegal activities. Or you can even tell me where and how im doing that!!
- About the protection for internet, lol. You cant use a hacking tool to test your own server that is in another state so you need internet? You cant use the livecd to test your site that is hosted somewhere? Yes you can, is elite, is legal and about your restriction thing, is not needed is not a good idea, and ill not include it on the iso.
@Bouncer: Don't lose your calm, dude. And it'd be good NOT to carelessly call people dumb fucks (as it is a senseless insult if you think about it).
This just a simple brainstorming thread, nothing more. You have some good points, but don't feel as if only your input is the right one.
You don't need lawyers to write Terms of Conditions for your own software. Any good software engineer knows about proper documentation and EULA's.
I might lock this thread if nothing good comes out of it, and if people start flaming more than they currently are.
Grindordie wrote: All Bouncer was suggesting was to add a firm ToS because if its somewhat weak, trouble will trace back to HBH. Encouraging people to use the tools can be considered illegal. Just make sure you add a strong ToS stating everything clearly, I believe thats what Bouncer was trying to say.
that's also what i understood…
Yes, that's a really great idea. As what Cheese's (for the login).
I'll be happy to make a LOT of challenges (Rooting Challenges mostly) this summer, if necessary.
If the goal of it is to have challenges packed in it, then count me in. I'm not so much into the idea of making 1000000 scripts for kids to fool around with, but I'm into giving out raw knowledge instead of giving them t00lz.
"Give a man a fish and you leave yourself wide open to lawsuits. Teach a man to fish and he'll ask for an ocean." - Anonymous
Grindordie wrote: All Bouncer was suggesting was to add a firm ToS because if its somewhat weak, trouble will trace back to HBH. Encouraging people to use the tools can be considered illegal. Just make sure you add a strong ToS stating everything clearly, I believe thats what Bouncer was trying to say.
Nothing new, i already knew that. And im sure Mr_Cheese too already knew that. And theres many ways to write things, whitout feel like all are wrong but me, whitout offend, whitout doubt the culture of the others.
Larika wrote:
Nothing new, i already knew that. And im sure Mr_Cheese too already knew that. And theres many ways to write things, whitout feel like all are wrong but me, whitout offend, whitout doubt the culture of the others.
"whitout" ?? if they take you to write that ToS.. they are lost!!!! Haha!
Okay, I missed the flamewar. #)@!&$!)$&!$, lets skip the cursing part and start information:
Who ever had experiences with lawyers, lawsuits and the law itself? Experiences with Tos's and the likes? Larika, you? Or anyone else here?
Bouncer is trying to help you, he knows what lawyers can do. They tear apart your ToS until they find something they can screw you with.
You know what's funny? They always find something. ALWAYS. No silly ToS written by sixteen year olds is going to change that (im just using a random age here) but you get my point.
Big companies hire people to do this work, don't expect you can do the same.
netfish wrote: Larika is NOT 16 years old, and neither am I. :)
Bouncer's point is well understood, by the way. We're just making sure that we don't get squeezed into limiting the ISO's content by some laws.
Information should be free! "Everybody is right" :right:
Look, on the end of the day information isn't free. It should be, but it isn't. Even if you WANT it to be free, you get screwed.
Bouncer is able to speack by himself and fight his own war dont worry.
I already know what we have to do dont worry.
Spyware you already doubted about owr knowledges to do this livecd. Now you are dubting about owr knowledges to do a TOS.
I really dont understand whats the problem. Why you dont start help instead of doubt???
Larika wrote: Bouncer is able to speack by himself and fight his own war dont worry.
I already know what we have to do dont worry.
Spyware you already doubted about owr knowledges to do this livecd. Now you are dubting about owr knowledges to do a TOS.
I really dont understand whats the problem. Why you dont start help instead of doubt???
omfg!! the only thing they tried to tell you is hell yea.. that thing should be free!!! but just BE CAREFUL WITH IT!!!!
still havent understood that man???
no one doubts your ability to screw things with your over optimistic attitude..!
lol if ur worried about the legal shit, just give it out to ppl u trust and know wont do illegal stuff with it. and if u trust them enough to give it to them you should trust them enough to give it to someone they trust enough that wont do stupid shit. and pretty soon it will be one big mess of ppl that have it only because ppl trust them enough not to fuck up someones server/website/etc.
.confusing :D
bouncer wrote: drops a tear :happy: awesome said spyware
and Larika, for your information, im not in a war, i am not that weak to even start one, i was pointing out some facts, and NO you cant write a tos, sorry but you cant, listen to us, contact a lawyer, tell what you are going to do, and how you can protect yourself from it. As i always say: your biggest enemy, is what you create. So be careful, and good luck with your war, a war with yourself.
You tested my capacity to write a TOS? NO so you cant say im not able. And camon, about the war thing, its a way to say, im not telling youre on a war. Im telling that you dont need that other people interpret your replies, youre are able to say thing by yourself. Please!!!
We will do a free and legal livecd and a good TOS dont worry. You will see, and if you wanna help ill be happy.
rockbll4 wrote: lol if ur worried about the legal shit, just give it out to ppl u trust and know wont do illegal stuff with it. and if u trust them enough to give it to them you should trust them enough to give it to someone they trust enough that wont do stupid shit. and pretty soon it will be one big mess of ppl that have it only because ppl trust them enough not to fuck up someones server/website/etc.
.confusing :D
In this unstable world of chaos code, trust is less important than rules :( throw the morals out the window
spyware wrote: [quote]Larika wrote: We will do a free and legal livecd and a good TOS dont worry. You will see, and if you wanna help ill be happy.
Funny, did you just say bouncer didn't help you with his previous posts? Go back and read up.[/quote]
Already did. Bouncer dont helped me whit his hints. I already knew that. Its not a problem, i have no problems.
DONT VISUALIZE THE POST BELOW, YOU HAVE BEEN WARNED!
bouncer wrote: Whatever larika, first of all, i'm only warning you for what i have seen in the past, secondly i am not letting other people talk For me, no, they just feel the same as i do about this subject. And once again, you CANT make a TOS, just believe me, you Cant. You may be able to finish this livecd, good for you, but legally protecting it… no. One mistake….. one mistake… and you're down…. like i said… you'll end up in jail with a big dude banging you from behind.
And if you already "knew" this, then i'm surpriced that you attacked me on what i said…. weird… very weird… good luck, and i recommend you to do some shopping right now, buy some cream so it wont hurt when you are in jail with that big dude…
Hey i have a idea…..the next time i have to do a thing ill ask to the elites of hbh that are doing all possible to take this project down, what i can do, what im able do to, how to do it. LOL And ill do for sure becouse they only know, becouse i cant write a tos, i cant make a livecd, becouse i dont understand by myself that when one say "its illegal put compiled exploits in the cd" mean "Hey Larika, i suggest you to make a tos". LOL
Please im really bored by your pessimistic and arrogant opinion. Stop saying me what i can do, and start doing what you are aable to do to help in this project.
Once for all im able to do a livecd, to write a tos for it, i never suggested people to use the livecd for something illegal. So ill do a livecd, a tos on it and ill be not jailed if morons will be caught on their hack whit this livecd.
And mozzer, this thread was started against noobs, someone dont want give noobs and skiddies the possibility to use the livecd. Im not agree, and i think this livecd will be in download section for free download, also for noobs and skiddies.
I'm not saying you cannot make a cool live-cd and distribute it. Im just saying companies hire professional people to write valid Tosses, I admire your .. effort, all the effort you are putting in defending your project.
Writing a valid ToS is way harder then making a cool live cd :/, you ought to get some professional advise.
Good luck.
Ok, i checked now the livecd and the site. No tos whit backtrack.
Maybe ive not checked well. New challenge for you guys, find the tos for backtrack and post link here.
If theres not a tos, stand on this thread, owners of remote exploit will be jailed soon. So suggest them to make a tos, check if theyre able to do it too.
ok, everyone stay on topic. i'll sort out the ToS and stick it on the OS. leavea all the legal shit to me and i'll deal with it.
carry on with development, and refer to my previous point on making the OS only work if you've "cracked" a login for the system.
benefits of this are:
- unique to only that OS
- skiddy protection
- people will have more satisfaction of successfully installing and running the OS after they've cracked it.
- makes the OS more "elite" and admired if its installed on someones pc.
- gives a big hacker feel to it.
what you think?
Larika wrote: Well, im only not agree whit the skiddie restriction. However, we can vote for it, its only my opinion. The rest is good music for me, thanks Mr_Cheese.
Does anyone found a tos for backtrack???? Lol
The Magical ToS of backtrack is written on melting ice cream, available in your local shop. You can eat it with chocolate cookies and winegums, have a good day.
i keep my opinion on passwords logins.. its stupid
as for this talk about hbh being held liable. you do realize that the tools themselves already have those disclaimers as slax has. also you cant even say it's yours. it's opensource and some parts belong to slax some belong to the tool creators unless we are talking about releasing trojans or other things signed with the hbh name on it. i fail to see your point..
a clean language would make this post like 2 pages smaller
I find it funny that SANTA hasn't replied after bouncer's first post in this thread… where he stated that creating a custom hacking distribution is skiddie.
I just wanna point out that a person who could install any flavour of linux is also capable of downloading and using programs. So unless the creators of this distribution have made their own unique programs that could be used to compromise the security of individuals with a few keystrokes (which is lame), it would be pointless to find counter measures that prevent skiddies from using your particular distribution because they could just get an alternative distribution and download those hacking tools.
I also find it funny that many of you, who invade the privacy of people under the guise of free information for everyone, are trying to prevent people from gaining access to particular information.
If you do not wanna share you should just say so and not be so condescending.
Chinchilla3k wrote: I find it funny that SANTA hasn't replied after bouncer's first post in this thread… where he stated that creating a custom hacking distribution is skiddie.
I just wanna point out that a person who could install any flavour of linux is also capable of downloading and using programs. So unless the creators of this distribution have made their own unique programs that could be used to compromise the security of individuals with a few keystrokes (which is lame), it would be pointless to find counter measures that prevent skiddies from using your particular distribution because they could just get an alternative distribution and download those hacking tools.
I also find it funny that many of you, who invade the privacy of people under the guise of free information for everyone, are trying to prevent people from gaining access to particular information.
If you do not wanna share you should just say so and not be so condescending.
haha he has a point. cuz ppl can just download all the hacking tools u add to that and use them without cracking the thing… not saying its a bad idea tho
1 more mention of legal stuff in this thread and it gets locked. at the end of the day im the one sorting out the legal stuff. nothing will be released etc unless i've looked through and approvd it content etc.
this topic is about controlling access to the OS.
please refer to previous posts about having it crackable and it only work if its cracked.
I hate to sound pessimistic, but I doubt that having to 'crack' the login will do much to dissuade script kiddies. If people want it, someone will just release the password.
{There was a big rant here. It's elsewhere now.}
You really want to make it 'script kiddie' proof? Release it gentoo style, and watch as they scramble through make and build, only to find out that their graphics card isn't supported by this kernel.