[TUHS] History of exploits - request for authors

[arrigo@alchemistowl.org (Arrigo Triulzi)]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 1408 bytes --]

On 19 Dec 2017, at 21:17, Derek Fawcus <dfawcus+lists-tuhs at employees.org> wrote:
> 
> On Tue, Dec 19, 2017 at 12:08:21PM +1100, Dave Horsfall wrote:
>> 
>>     Leaving a "login" simulator on a terminal (quite common).
> 
> Well if you include that one, you may want to include the simple
> brute force testing of passwords against /etc/passwd
> (before shadow files existed). The login name and real names
> (direct or reversed) would tend to get at least one hit.

Well, we all ran Alec’s crack for fun & profit (and some to land themselves in trouble)… I think that doesn’t really qualify as a hack per-se, just a technique which used to work easily and now requires a little bit more computing power (OK, a lot more as the hashing of passwords has become rather more serious).

Personally I feel that if we go down the password route then, besides the “easy” brute-forcing of old /etc/passwd files, we have to include the LANMAN password hashes but, again, of historical interest definitely but not sure it can be turned into an article unless someone manages to write it all the way to the latest oopsies like Linux’s systemd and usernames starting with a digit or Apple’s 10.13 “be root with a simple Enter”. I guess one could write it from the point of view of looking at the bad decisions, their implications and the bugs which made even bad decisions look almost good.

Arrigo