Johnny Long - Stealing the Network: The Complete Series Collectors Edition, Final Chapter, and DVD

Stealing the Network

This page intentionally left blank

Stealing the Network:

The Complete Series

Collectors Edition

Ryan Russell

Timothy Mullen

Johnny Long

AMSTERDAM BOSTON HEIDELBERG LONDON

NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

SINGAPORE SYDNEY TOKYO

Syngress is an imprint of Elsevier

Syngress is an imprint of Elsevier

30 Corporate Drive, Suite 400, Burlington, MA 01803, USA

Linacre House, Jordan Hill, Oxford OX2 8DP, UK

Stealing the Network: The Complete Series Collectors Edition, Final Chapters, and DVD

Copyright 2009, Elsevier Inc. All rights reserved.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher.

Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication.

Library of Congress Cataloging-in-Publication Data

Russell, Ryan, 1969

Stealing the network: the complete series collectors edition / Ryan Russell, Timothy Mullen, Johnny Long.

p.

cm.

ISBN 978-1-59749-299-7

1. Computer hackersFiction. 2. Computer securityFiction. 3. CyberterrorismFiction.

4. Short stories, American21st century. I. Mullen, Timothy M. II. Long, Johnny. III. Title.

PS648.C65R87

2009

813'.6dc22

2008055578

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library.

ISBN: 978-1-59749-299-7

For information on all syngress publications

visit our web site at www.syngress.com

Printed in the United States of America

09 10 11 12 13 10 9 8 7 6 5 4 3 2 1

Elsevier Inc., the author(s), and any person or fi rm involved in the writing, editing, or production (collectively Makers) of this book (the Work) do not guarantee or warrant the results to be obtained from the Work.

For information on rights, translations, and bulk sales, contact Matt Pedersen, Commercial Sales Director and Rights; email m.pedersen@elsevier.com

Publisher: Laura Colantoni

Acquisitions Editor: Rachel Roumeliotis

Development Editor: Mathew Cater Project Manager: Andre Cuello Contents

v

If you want to hack into someone elses network, the week between Christmas and New Years Day is the best time. I love that time of year. No one is around, and most places are running on a skeleton crew at best. If youre good, and you do it right, you wont be noticed even by the automated systems. And that was a perfect time of year to hit these guys with their nice e-commerce siteplenty of credit card numbers, I fi gured.

The people who ran this site had ticked me off. I bought some computer hardware from them, and they took forever to ship it to me. On top of that, when the stuff fi nally arrived, it was damaged. I called their support line and asked for a return or an exchange, but they said that they wouldnt take the card back because it was a closeout. Their site didnt say that the card was a closeout!

I told the support drones that, but they wouldnt listen. They said, Policy is policy, and Didnt you read the fi ne print? Well, if theyre going to take that position. Look, they were okay guys on the whole. They just needed a bit of a lesson. Thats all.

After a few hours, Ive made a tool that seems to work. Geeze, its 4:30 A.M. I mail the cleanup tool to the list for people to try.

Its tempting to use the root.exe and make the infected boxes TFTP down my tool and fi x themselves. Maybe, by putting it out there, some idiot will volunteer himself. Otherwise, the tool wont do much good, since the damage is already done. Im showing about 14,000 unique IPs in my logs so far. Based on previous worms, that usually means there are at least 10 times as many infected. My little home range is only fi ve IP addresses.

I decide to hack up a little script that someone can use to remotely install my fi x program, using the root.exe hole. That way, if someone wants to fi x some of their internal boxes, they wont need to run around to the consoles. Then I go ahead and change it to do a whole range of IP addresses, so admins can use it on their whole internal network at once. When everyone gets to work tomorrow, theyre going to need all the help they can get. I do it in C, so I can compile it to an .exe, since most people wont have the Windows Perl installed.

vi

Contents

I cant disclose much about my location. Lets just say its damp and cold. But its much better to be here than in jail, or dead. I thought I had it madesimple hacks into insecure systems for tax-free dollars. And then the ultimate heist: breaking into a sensitive lab to steal one of the most important weapons the U.S. had been developing. And now its over. Im in a country I know nothing about, with a new identity, doing chump work for a guy whos fresh out of school. Each day goes by having to deal with meaningless corporate policies and watching employees who cant think for themselves, just blindly following orders. And now Im one of them. I guess its just another day at the offi ce.

h3X is a hacker, or to be more precise, she is a hackse (from hexe, the German word for witch). Currently, h3X is on the lookout for some printers. Printers are the best places to hide fi les and share them with other folks anonymously.

And since not too many people know about that, h3X likes to store exploit codes and other kinky stuff on printer, and point her buddies to the web servers that actually run on these printers. She has done this before

My eyes slowly open to the shrill sound of my phone and the blinking LED in my dimly lit room. I answer the phone.

Hmm Hello?

Yo, Dex, its Silver Surfer. Look, I got a title I need you to get for me. You cool for a bit of work?

Silver Surfer and I go way back. He was the fi rst person to get me into hacking for profi t. Ive been working with him for almost two years. Although I trust him, we dont know each o thers real names. My mind slowly engages. I was up till 5:00 A.M., and its only 10:00 A.M. now. I still feel a little mushy.

Sure, but whats the target? And when is it due out?

Digital Designer v3 by Denizeit. It was announced being fi nal today and shipping by the end of the week, Mr. Chou asked for this title personally. Its good money if you can get it to us before its in the stores. Theres been a fair bit of demand for it on the street already.

Okay, Ill see what I can do once I get some damn coffee.

Thanks dude. I owe you. Theres a click as he hangs up.

Not only am I connected to the private wireless network, I can also access the Internet. Once Im on the network, the underlying wireless protocol is transparent, and I can operate just as I would on a standard wired network. From a hackers point of view, this is great. Someone could just walk into a Starbucks, hop onto their wireless network, and attack other systems on the Internet, with Contents

vii

hardly any possibility of detection. Public wireless networks are perfect for retaining your anonymity.