Your modifications and/or contributions to the white paper on how to hack a ham sandwich are located here before i modify the white paper...
Vos modifications/ajouts au papier sur comment hacker un sandwich au jambon sont stockées ici avant modif du papier...
Nom: mon nom ???
Sexe: Masculin
Taille: euhhh
Poids: 3 jamb
CouleurYeux: Doux
Date: 06 Aug 2001
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows 98)
modifs
il faut pas oublier ke l on es la saucisse ki veut penetrer le pain ss autorisation du medecin
Nom: Aurelien
Sexe: Masculin
Taille: 170
Poids: 60
CouleurYeux: Doux
Date: 02 Aug 2001
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 5.0b1; Mac_PowerPC)
modifs
J'finirais bien par un steack Tartare, mais j'ai pu de viande hackée.
La bise au chat ++
Nom: ZeubX (Hacker de pizza toute garniture)
Sexe: Masculin
Taille: 18
Poids: 67
CouleurYeux: Doux
Date: 09 Jun 2001
HTTP User Agent: Mozilla/4.74 [fr] (X11; U; Linux 2.2.16 i686)
modifs
Pour faire un vrai hack de ham-sandwiches , il primordial de passé par la phase sacrifice de poulet , et preparation des tacos sauce ADM .
La j'attaque toujours par un bon scan nmap -sS -O -is cornichon ip_du_sandwich Un petit coup de perl whisker.pl -I -i -h ip_du_sandwhich
A ce stade la , nous avons generalement toutes les informations sur la configuration et les different deamons alimentaire que possede notre cible. Je conseille au debuttant d'avaller un flanby vanille pour digerer les tacos d'ADM , qui , bien qu'efficace , sont toutes fois tres lourd.
Je n'aime pas trop les buffer-overflow qui vise les salades,tomates,et sauce mayo. Moi je hack la plupart du temps grace a la cueillere a flanby , en exploitant les cgi. Si je trouve un whois mal coder par le sandwich-coder je tape souvent des truc du genre: www.bidon.com;cat /etc/salade_shadow | mail zeubx@stephanie.fr ;xtrem-mayo -display ip_a_moi:frigo On peut aussi utiliser des attaque dos contre l'admin du sandwich EX(tjs le whois):www.bidon.com;cat /dev/hda1>>/etc/salade. cela a pour effet de remplacer la feuille de salade par le disque dur hda. A 12h , l'admin fou vas se casser les dent dessus. Le sandwich ne repondra plus au ping tant que l'admin sera chez le dentiste. Grace a ca , on peut envisage le tcp hijacking mais la , c une autre histoire...
Nom: egery (la terreur des sandwichs au jambon)
Sexe: Féminin
Taille: grande
Poids: moyen
CouleurYeux: Violet
Date: 23 Sep 2000
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows 98)
modifs
dans le script vous avez oublié le tag <PLASTICBAG>, tres important pour configurer la variable "je déchire tout avec les mains et les dents" !!! vraiment, quel manque de sérieux... au fait, le site est super quand même.
Nom: Phil BANK$
Sexe: Masculin
Taille: 4.2Go
Poids: Fat32
CouleurYeux: Doux
Date: 04 Jul 2000
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)
modifs
Ouais, encore un questionnaire ou on peut répondre n'importe quoi !
Rien à dire, c juste pour remplir le formulaire !
Nom: ökljdsölkäpå
Sexe: Masculin
Taille: 30
Poids: 154
CouleurYeux: Rouge
Date: 17 May 2000
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)
modifs
rien
Nom: Antoine Gauthier
Sexe: Masculin
Taille: 1m88
Poids: 80
CouleurYeux: Violet
Date: 13 May 2000
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)
modifs
Go to http://www.hotdog.com to get the hotdog upgrade (free!)
Nom: Olivier
Sexe: Masculin
Taille: 1.8
Poids: 75
CouleurYeux: Bleu
Date: 09 May 2000
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
modifs
Je découvre ... Super, longue vie à vous.
Nom: morphuse
Sexe: Masculin
Taille: 1.86m
Poids: 75
CouleurYeux: Brun
Date: 10 Feb 2000
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)
modifs
j'est rien compris
Nom: Xavier
Sexe: Masculin
Taille:
Poids:
CouleurYeux: Doux
Date: 01 Nov 1999
HTTP User Agent: Mozilla/4.5 [fr] (Macintosh; I; PPC)
modifs
Par analogie avec les attaques "flood", il faut, avec les sandwiches au jambon, ployer le ouasson, je veux dire moissonner le coton, enfin, m'avez compris, noyer le poisson. - Retirer le ham du sandwich - Insérer un poisson, mort ou vivant - Ficeler (ça glisse, le poisson), si on vous dit ô le beau rôti, eh bien partagez, avec un peu de mayonnaise on partage mieux, mais ne mangez pas la ficelle. - Tremper le sandwich ficelé dans une bière tiède
Au bout d'un certain temps, ça bouillonne (merci, Pasteur!). On peut alors inventer un mode d'emploi ad hoc (Haddock, si vous avez mis une morue entière). Moi, je crois que ce serait un excellent désinfectant pour chaussures de sport. D'autres m'ont dit que ça régénérait le clavier ou le tampon du clavier, à moins que ce ne soit un buffer I/O, mais je n'ai jamais essayé de renverser un sandwich au poisson dégoulinant de bière "dans" un port série ou parallèle.
Finalement, l'incertitude demeure, et quelle triste époque, hein ?
Nom:
Sexe: Masculin
Taille:
Poids:
CouleurYeux: Bleu
Date: 13 Oct 1999
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)
modifs
Nom: KOSAK... yé suis Rousse et Alors ???
Sexe: Masculin
Taille: niet
Poids: 200 lb
CouleurYeux: Rouge
Date: 27 Sep 1999
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt; FREE)
modifs
Nitchevo !!(accent russe dans le texte) vous oubliez toujours une étape importante , celle qui fait que votre ham hackingburger ne sera pas total recall back packer. à savoir >::< LA PHASE HAMSTER ou peut être HAM STAIR ?? je sais plus, désolé.pauvre petite bète, finir dis-hacké entre mortadelle et salami. ou salmi(de canard). BORGEMOÏ de BOLCHOÏ faut q'vous laisse, Boris m'appelle... Salut à Pierre (le Grand) et Christianovna
Nom: Bacano
Sexe: Masculin
Taille:
Poids:
CouleurYeux: Rouge
Date: 10 Sep 1999
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
modifs
Subject: The Alien From Seatle (new X-File series)
I wonder if you wonder what i'm wondering ... why Kitetoa and my self now, dedicated ourselfs in helping people about f00d hacks? Because its not a joke ... a joke was the answer i get from Microsoft Brasil about the NSAKey ("all X-Files is what you saying"), so this article is dedicated in his memory. Good Bless You!!!!!!
(...) Following the X-Files new : The Alien from Seatle ... here it goes the resume of last episodes...
1# Alien Base in Brasil #
http://www.iptvreports.mcmail.com/ic2kreport.htm#_Toc448565556102. In 1994, NSA intercepted phone calls between Thomson-CSF and Brazil concerning SIVAM, a $1.3 billion surveillance system for the Amazon rain forest. The company was alleged to have bribed members of the Brazilian government selection panel. The contract was awarded to the US Raytheon Corporation - who announced afterwards that "the Department of Commerce worked very hard in support of U.S. industry on this project".(69) Raytheon also provide maintenance and engineering services to NSA's ECHELON satellite interception station at Sugar Grove.
2# But ... what is ECHELON? ask Mulder #
http://www.uol.com.br/idgnow/busca/0911b3.htm EU could start investigations about a U.S. spy net 09/11/98 The EU is considering an large investigation to find out if NSA is abusing his presence and his power of survailance over the Internet to spy private and goverment institutions. The NSA is responsable for manage a spy program codename Echelon, that came from the Could War. The Comite for Cientific and Technologic Options of European Parlement says that Echelon is a hiden spy worldwide network for communication interceptions like e-mail, phones, faxes, satellite and backbones. (!!!!!!!!!!!) It's all reported in a document "An Avaliation of Political Control Technologies", showing how NSA send intercepted information by satellite to Fort Meade, in Maryland U.S., from a hub based on Menwith Hill (near London UK) Daniel Verton - Federal Computer Week
3# What's a little spying between friends? #
http://www.nandotimes.com/technology/story/body/0,1634,89923-142316-981920-0,00.html
4# Yeah ... and there is a lunatic spending money with that? bah ...#
FY 1999 Defense Budget Documents: http://www.fas.org/man/docs/fy99/topics.htm Documents on Military Spending: http://www.fas.org/man/docs/index.html
5# OK ... now jump to the NSAKey subject or i'll shut this out #
http://www.techweb.com/wire/story/TWB19990906S0003 Caspar Bowden said: "Building in a 'back up' key makes no sense unless there is a revocation method for the primary (key). There is no revocation method." http://www.fipr.org/
I don't believe them -- what kind of natural disaster are they talking about? A meteor destroying all the earth's structures?" said Privacy International director general, Simon Davies."Microsoft's argument is inconsistent with its operating procedure -- it could hold a single key in multiple locations, that is a standard security procedure." He added that to compromise user security, "it's not necessary to share access with the NSA -- simply complying with their requirements will do that."
http://www.wired.com/news/news/technology/story/21589.html?wnpg=2 The _NSAKEY is one of two such keys buried deep in the cryptography source code of most Windows operating systems. In other reports, Microsoft said that the _NSAKEY is still a Microsoft-controlled key that will serve as a backup in the event that the first key is compromised. That just doesn't make sense, Fernandes said. "If they lost the first key which is the equivalent to them losing the Windows source code, then that would be okay, they could just start using the backup key."
Crypto expert Marc Briceno did have another word for it: "feeble." "I must say I do not believe Microsoft's present explanation that the presence of the _NSAKEY corresponds to standard practices in software development," said Marc Briceno, director of the Smartcard Developer Association. (http://www.scard.org/) "There is no technical reason for Microsoft to include a second security module verification key in their operating system ... to mark the passing of export requirements," Briceno said.
6#Le Grand Finale (only for truely hardcore fanatics) Crypto AG: The NSA's Trojan Whore? http://caq.com/cryptogate
********* Don't loose the next episodes ... "While Alien Bill finish his Trojan2000, anonymnous sources that want to keep it that way, indeed had report from a trusted 3rd party the clame for the hack on http://www.trojan2000test.com/" the MP3 version is avaiable on the holly powerfull knowledge base www.antionline.com (tm) *********
Bacano (tm) Esoteric Pizza Research Team (tm) CopyThis8=> (c) 1999
Nom: Dwork~|·$!!
Sexe: Masculin
Taille: excess
Poids: little
CouleurYeux: Brun
Date: 07 Sep 1999
HTTP User Agent: Lynx/2.8.1rel.2 libwww-FM/2.14
modifs
Podrías aprovecharte de la similaridad entre 'buffer' y 'butter' y decir algo así como 'be careful while doing it, as a butter overflow will render the sandwich useless (or disgusting)'... just an idea
Nom: Bacano
Sexe: Masculin
Taille:
Poids:
CouleurYeux: Rouge
Date: 29 Aug 1999
HTTP User Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
modifs
Pizza Dude Security Alert: hash overflow in Kitetoa Ham Sandwich
1. Introduction
Almost my acident, while i was running tests on some 0day pizza source, i stuck in a hash overflow that makes me wonder if it works too with ham sandwiches. This was tested in the tradicional white bread enviroment, with a TN320 for pizza pasta.
2. Description
By CPU is big enough (regarding Kitetoa original source) to run a whatever long ham with Pata Negra daemon, in my Pasta-UX. The problem was when adding some huge amount of tomato and butter on ham kernel, i got a hash overflow.
I did a little ham traffic sniffer to look on quantum packets and had run it against the sandwich, and i have found that hash was given to the pig just before he turns into ham.
Then, spoofing some .id e-mail address, i got into and account of JP knowledge base, and found out that it was a very well known pig. Joefry Pig had said to me that this was the first query on his database for this particular pig, and he was surprised because he allready had make some phone call to start this pig hunt, and that he was tould that all ham from this pig was allready out of the market for quiet some time.
Was when i realise that JP wasnt aware of this hash overflow, cause he never use butter on ham, cause he likes the taste that way.
On Kitetoa white paper, this was not possible to find because at the time he was with some lack of hash.
3. What Ham eaters must do
Allways use fresh tomatos and butter, if you are using white bread and saulty ham, in your sandwich. Its important that the ham is kinda saulty, cause the hash head pig that provoce the overflow, dont use sault. (i can not release the source of this sault, without my trusted third parts approvall, sorry ...)
4. TDL (To do List)
I did not test yet the smooth penetration as reported by Kitetoa, because with pig is better with some common hardcore penetration technics. I'll try it ASAP.
Bacano (tm) Esoteric Pizza Research Team (tm) CopyThis8=> (c) 1999