Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker


THIRTY-FOUR Hiding in the Bible Belt



Download 2,97 Mb.
Pdf ko'rish
bet97/121
Sana05.05.2023
Hajmi2,97 Mb.
#935282
1   ...   93   94   95   96   97   98   99   100   ...   121
Bog'liq
1 - Ghost in the Wires My Adventures as the World\'s Most Wanted Hacker issue 15th Aug 2011 ( PDFDrive )

THIRTY-FOUR


Hiding in the Bible Belt
Nvbx nte hyv bqgs pj gaabv jmjmwdi whd hyv UVT’g
Giuxdoc Gctcwd Hvyqbuvz hycoij?
I
magine yourself in a strange city where you have no close, trusted friends.
You avoid the other people in your apartment building because your photo
has been prominently displayed in supermarket tabloids, and in weekly
newsmagazines. You’re being hunted by the FBI, the U.S. Marshals, and
the Secret Service, so you’re afraid of getting too friendly with anyone. And
your biggest form of entertainment is the very thing you’re being hunted
for.
Although I hadn’t counted on needing to leave Seattle in a hurry, I had
been giving some thought to where I would go next if I ever had to pull up
stakes. I had considered Austin because it was known for its technology.
And Manhattan because it was… well, 
Manhattan
. But just as I had done
when I chose Denver, I again relied on 
Money
magazine’s annual
assessment of the Ten Best Cities in America. That year, Raleigh, North
Carolina, was listed as number one. The description sounded tempting: the
people were supposed to be pleasant and laid-back, the surrounding area
rural, with mountains in the distance.
Flying had always stressed me out, so once again I had decided to take
the train. And it would be cool to see what the rest of the country looked
like. After my Christmas stopover in Denver and the raid on Shimmy’s
servers I boarded another Amtrak on New Year’s Eve for the three-day trip
to Raleigh, as Michael Stanfill. The sleeper car was more expensive than
flying, but what an eye-opening experience it turned out to be, watching the
American landscape roll past.
The people I met on the train gave me a perfect opportunity to practice
my cover story, providing details of my life and background as Stanfill. By


the time I arrived in North Carolina, I had to have my identity down pat.
The train pulled into the Raleigh station after dark. I had heard so much
about the South, how its culture and people were different, how it moved at
a slower pace. Maybe its reputation was a remnant of the South of a long
time ago. I was curious to find out for myself.
That evening I walked around the northern section of Raleigh, getting a
feeling for the city. I had imagined the South would have a warm and cozy
climate; instead it felt as cold as Denver. The winter temperatures in
Raleigh, I would discover, were about the same as those in the Mile-High
City.
But as I walked around, getting a sense of the place, I spotted a
restaurant familiar to me, one of the Boston Market chain. Not exactly
Southern, but I went in for dinner anyway.
My waitress was a cute twentysomething girl with long, dark hair, a
heartwarming smile, and one of those luscious Southern drawls I hadn’t
known really existed anymore. She greeted me with a friendly, “Hi, how’re
you?”
Reading her name tag, I said, “Hey, Cheryl, I’m doing great. I just
arrived in town—my first time in North Carolina.” After she took my order,
I said, “I’m going to be looking for an apartment. Maybe you can tell me a
good part of town to settle in.” She smiled and said she’d be right back.
When she served my food, she and a couple of the other waitresses sat
down to talk with me while I ate. I couldn’t imagine that happening in Los
Angeles. Or Seattle. Or even in outgoing Denver. The ladies told me, “We
just want to keep you company.” I was blown away by my first taste of
Southern hospitality, friendliness sweeter than anything I had ever
encountered. The girls talked up life in Raleigh. They told me about the
different areas of town, where to live, what to do. It was tobacco-growing
country still, but had also gone high-tech with the technology companies of
nearby Research Triangle Park. They were boosters for their city, and for
some reason I interpreted that as a good sign that this was where I needed to
be.
Only a week after my arrival, I found a lovely apartment in northwestern
Raleigh, in an elaborate complex called “The Lakes,” a suitable name since
its eighty-plus acres included shorelines on two separate lakes. The place


featured not just an Olympic-sized pool, tennis courts, and racquetball
courts but two volleyball courts: the management had trucked in loads of
sand to create a beachlike setting. The Lakes also featured parties every
weekend for all the residents, described to me as lively, noisy affairs
crowded with lots of smiling Southern beauties. My apartment was small,
but who cared? I felt as if I were living a dream.
I stopped by U-Save Auto Rental, a one-man operation, the kind of
place where the owner takes a hard look at the people who come in, as if he
were thinking that they might not be planning on bringing his car back. He
cast a doubtful expression at me, too, but I responded with friendly,
unhurried chat, and he warmed up.
“I’ve just been through a hideous divorce,” I told him. “I came to
Raleigh because it’s a long way from Vegas, you know what I mean?” This
was my attempt to explain why I would be paying in cash. As part of the
act, I handed him my business card for the company I had supposedly
worked for in Vegas—the same phony company I’d created to get the law
firm job in Denver.
By the time I was ready to climb into my temporary rattletrap, he let me
drive away without even checking my references.
I kept thinking about the last remaining step of the Motorola hack: getting
hold of a compiler that would translate the source code into a form the cell-
phone chip could understand. Having the compiler would allow me to make
changes to the source code and compile a new version of the firmware that
would shrink my visibility—for example, letting me toggle on and off how
my cell phone communicated with the mobile provider to disable tracking,
and adding functions that would make it easy to change the ESN from the
cell phone’s keypad, so I could easily clone my phone to any other
subscriber’s number.
Once I was back in the saddle for this effort, a little research showed me
that Motorola used a compiler from a company called Intermetrics, which
quickly made it to the top of my list of hacking targets. I identified a
computer called “blackhole.inmet.com” that was on Intermetrics’ internal
network, directly accessible from the Internet.
When I realized that the company’s systems were patched against all the
latest security vulnerabilities, I quickly changed tactics. Conveniently,


“blackhole” turned out to be vulnerable to the same IP spoofing attack that
JSZ and I had used against Shimmy.
When I got into the system, I saw that two system administrators were
logged in and apparently busy at work. Rather than risk being discovered in
case one of them checked the currently established network connections, I
looked for alternate ways to access the company remotely that would not be
easily detected. Maybe I could find a dial-up number and connect over my
modem.
In the files of one of the system administrators, Annie Oryell, I found a
file with a promising name: “modem.” Yes! The file held the text of an
email she had sent to other employees, informing them of the dial-up
numbers. It read, in part:
We currently have two dial-in hunt groups. The 661-1940 group
consists of 8 9600bps Telebit modems which connect directly into
the Annex terminal server. The 661-4611 hunt group has 8
2400bps Zoom modems which currently connect to the terminal
server.
Bingo: “661-1940” and “661-4611”were the dial-in numbers I was
looking for. I changed the password on what appeared to be a few dormant
accounts on the Annex terminal server and dialed in to avoid the risk of
being detected on any of the Internet-facing systems.
System administrator Oryell appeared to use the host blackhole as her
personal workstation. I figured she would eventually want root privileges to
perform an administrative task and would use the Unix switch user
command, “su,” so I set up a way of capturing the root password when she
did. (For the technical reader: using the source code I had obtained from
Sun Microsystems, I added some additional code to the “su” program and
recompiled it so when she su’ed to root, it would secretly log her password
to a file hidden on her workstation.)
It worked just as I had expected. The root password was “OMGna!” Oh
my God—no dictionary words, and with the exclamation mark thrown in to
make guessing it that much more difficult.
The same root password worked on every other server I tried it on.
Having that password was like having the keys to the kingdom, at least for


Intermetrics’ internal network.
At this point, I logged in to “inmet.com,” which was the company’s
domain used for receiving email from the outside world. I downloaded a
copy of the master password file (which also contained the password
hashes) so I could attempt to crack all the passwords offline.
Now I was in position to search emails looking for people who had been
in contact with Motorola. My first lead was an email to an Intermetrics
engineer named Marty Stolz, who had received a message from someone at
Motorola explaining a problem they were having with the compiler. I
hacked into Stolz’s workstation and examined his “shell history,” which
showed a list of commands he had previously typed. He had run a particular
program, a “shell script” called “makeprod,” which he had used to build
compiler products that the company developed. In this case, I wanted the
68HC11 compiler so I could compile the Motorola source code for the
MicroTAC Ultra Lite.
The engineer who wrote the script had also included detailed comments
in his source code that led me to the location where the software developers
kept the production releases of the Motorola chip compiler for various
operating system platforms.
Along the way, I found that Intermetrics was producing this compiler in
versions for several different OS platforms, including Apollo, SunOS,
VMS, and Unix. Yet when I examined the server where all these compiler
versions were supposed to be, not one of them was there. I spent hours
searching other file servers and developer workstations, but the compilers
weren’t there, either—not the source code, nor the binaries. Strange.
I checked the “aliases” file, which listed where incoming emails for
Download 2,97 Mb.

Do'stlaringiz bilan baham:
1   ...   93   94   95   96   97   98   99   100   ...   121




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish