ThisisLegal.com

ThisisLegal Forums

Welcome to the forums! A chance for site members to chat and get help.

You are not logged in.

#1 2009-11-16 15:16:10

Timse
Member
Registered: 2009-02-08
Posts: 18

Deep, deep trouble...

I am in deep trouble guys.
I don't know what is going to happen to me.
craxxor is actually a owner of a website i defaced.
He even knows my real ip even though i used tor.
Since craxxor contacted me and said he wanted to solve this simple i hope he is not going to prosecute me.
Anyway if i am going to be prosecuted i will probably not be here for a few years.
I will replay if anything happens.

Offline

#2 2009-11-17 10:11:26

t0mmy9
Administrator
Registered: 2005-01-07
Posts: 21

Re: Deep, deep trouble...

Don't be f*cking stupid, nothing is going to happen. Don't let him get you scared, things like this hardly ever result in prosecution.


Site admin

Offline

#3 2009-11-21 05:05:37

Timse
Member
Registered: 2009-02-08
Posts: 18

Re: Deep, deep trouble...

I have spoked to the techs at the website and they said that they sent my ip to the police but they are not going to help the police with further investigations.
So if anyone knows the website address, Please don't attack it.
I have been very paranoid until i read your message t0mmy9.
Thanks. biggrin

Offline

#4 2009-11-22 04:16:59

BuRNeD
Member
Registered: 2009-03-21
Posts: 117

Re: Deep, deep trouble...

Timse you're scared? rofl

Offline

#5 2009-11-22 10:26:12

Timse
Member
Registered: 2009-02-08
Posts: 18

Re: Deep, deep trouble...

I am not scared. But if they get hacked again, Two persons are going to get fired from the company that owns the website.
I don't want to ruin their life...
Just don't hack the website if you know the address.

Offline

#6 2009-11-23 02:00:05

xyberz09
Member
Registered: 2009-06-10
Posts: 46

Re: Deep, deep trouble...

Congratulations Timse on getting out of this mess safely smile

No offense, but you might not be so lucky next time around. The guys whose website you hacked seem to be nice guys who understand tat it's just a waste of your life if you are turned over to the feds. As you mentioned earlier, they are willing being non co-operative with the police on further investigations. They understand that curious teenagers sometimes try to hack into websites just out of curiosity and because of the obvious 'coolness' associated with it. They probably tried such stuff when they were in their teens. So I guess we all learned a lesson here.
I guess we should try to be the good hackers. The kind that don't destroy stuff or deface websites but just hack them out of curiosity, but leave everything intact. Of course with the law getting stricter by the day, you've probably committed an offense just by getting into their servers. Anyway, as long as we don't cause them trouble, I guess we're safe.

And one more thing...
Unless you're ABSOLUTELY sure your activities can't be traced back to you, DO NOT try such dangerous stuff. I think it's not possible to get your IP if you used TOR, but as afar as I know, TOR only anonymizes the connections that pass through it (usually the web browser) so if you used another tool (say a por­t scanner or something else) that didn't route it's traffic through TOR, you're giving yourself away.

So you first need to be intimately aware of the technology surrounding you. You need to know EVERYTHING about how it works. You need to think like the one getting hacked. If you were the one who was under attack, what would you do to get back at the hacker? I bet the first thing you'd look at will be the security logs. Many hackers either don't know how to erase the logs or don't bother with it at all. Big mistake! It could give a lot of information about the attacker. And if he's naive enough to attack the site from his own IP rather than from a chained IP link, well, that's practically asking for the site owners to throw you in jail.

There are a lot of books you can read to gain a deeper understanding of current technology and hacking techniques. I am currently reading Kevin Mitnick's The Art of Deception. I believe he's also written another book, The Art of Intrusion which would be an interesting read. And the first thing to read would probably be the excellent Hacking For Dummies.


Regards,
Xyberz09

Offline

#7 2009-11-23 14:19:35

Timse
Member
Registered: 2009-02-08
Posts: 18

Re: Deep, deep trouble...

I used TOR but still they got my ip...
They used a program called FLUP or FLUPP, I don't remember the name exactly.
I wonder how they got my ip...
Could it be through JavaScript?

Offline

#8 2009-11-24 01:12:12

xyberz09
Member
Registered: 2009-06-10
Posts: 46

Re: Deep, deep trouble...

First of all, read this:
> http://www.torproject.org/download.html.en#Warning

And while I scoured the web for interesting stuff on TOR, this is what I uncovered:

> http://blogs.zdnet.com/security/?p=114 (HD Moore himself biggrin)

> http://sla.ckers.org/forum/read.php?15,20720

> https://blog.torproject.org/blog/one-cell-enough

> http://www.downloadsquad.com/2006/10/18/tor-ip-anonymitity-compromised/

> http://dandies.org/files/e620eb97d7105d321ac2acd29fd6c140-7.html
(The SCARIEST of them all)



Well, according to the stuff I read, I think your identity can't be compromised unless your exit node (which is the last node in the sequence of nodes you connect through like a chain) is a sneaky one that logs your IP based on your activities or some keywords.
(see http://blogs.zdnet.com/security/?p=114)

Oh, and I tried looking up FLUP and FLUPP(which is an Open Source Flight Log Software!!) but I have no idea what they are frown


Finally, I found this interesting stuff:

HD Moore's DeCloak project:
http://decloak.net/
(Check if your real IP is shown here when you use TOR)




Aside: http://sites.Google.com/site/clickdeathsquad/Home/cds-torsetup

Offline

#9 2009-11-24 05:05:33

BuRNeD
Member
Registered: 2009-03-21
Posts: 117

Re: Deep, deep trouble...

nice stuff xyberz09 you are helpful as usual

Offline

#10 2009-11-29 11:36:33

sOwL
Member
Registered: 2007-09-16
Posts: 97

Re: Deep, deep trouble...

Very interesting thread. What exactly did you do to that site, by saying you "defaced" it? Also be very careful when doing such stuff from your own computer, especially if you got a static ip. Tor, as xyberz well said, will just mask your ip through browsers. In order to permanently mask your ip you should be using a pro­xy on your operating system's settings (aka a system-wide pro­xy). About security logs, except the ones that are generally the same (like in famous systems, apache etc) they aren't always the only thing the attacker needs to erase. Clever webmasters can have other ways of tracing what happens on their servers, and you'd practically have to know what you're looking for. We all liked (or like tongue) messing with other's work to find vulnerabilities or exploits - that's what computing is all about, finding something new everyday and improving what you already knew. Should i ever bother finding such an exploit (or whatever) to some other website, i would just leave a kind message to the web owner, pointing at the problem. I wouldn't like someone fucking up with my website (or anything else for that matter), so i wouldn't do that too (okay, there are some exemptions, basically websites of friends that i like to irritate tongue).

PS: xyberz said: "am currently reading Kevin Mitnick's The Art of Deception" +1 to that, definitely awesome book


withstupid

Offline

#11 2010-11-30 15:31:05

viper
Member
Registered: 2010-11-30
Posts: 1

Re: Deep, deep trouble...

Of everything if you know the parent You have a serum

Offline

#12 2010-12-01 04:48:04

BuRNeD
Member
Registered: 2009-03-21
Posts: 117

Re: Deep, deep trouble...

Xyberz, sOwL, I want your essay skills wow

Offline

#13 2011-01-15 05:59:31

Sup3rN0va
Member
Registered: 2011-01-14
Posts: 2

Re: Deep, deep trouble...

How does he know your IP if you used Tor?

Offline

Board footer

Powered by FluxBB