Shame what happened to Terrahash (previous owner of L0phtCrack). As someone who has purchased several Brutalis cracking rigs, those things were the most badass machines on the market.
Looks like they sold and committed to a bunch of cracking rigs before sourcing enough GPUs right before prices skyrocketed, and were suddenly on the hook for a lot more than they could realistically pay for. Hopefully Jeremi manages to pull through. It's a fantastic company that makes a fantastic product. I'd love to buy some new rigs when they get their supply chain issues figured out.
It all changed after the Computer Fraud and Abuse Act (CFAA) passed in 1986. Before that, there were no federal crimes against hacking. I don’t remember any state statutes, either, but there may have been some scattered around here and there. My state certainly did not have any or I’d have been in “juvi”.
you're doing something neat with your Us but I, unfortunately, came of age after lots of the cool times were over. All the hackers got jobs in industry and it feels like if I poke anything that isn't hackthebox I'll either A. have the FBI up my ass immediately or worse, B. have created a record somewhere of having committed one felony or another that will appear at an appropriate time for someone else and inappropriate time for me.
This comes up at "have created a record somewhere of having committed one felony or another that will appear at an appropriate time for someone else and inappropriate time for me."
I.e. you make one opsec mistake now, nobody's perfect - and then many years later when someone will finally care, this will be used to identify you, there's loads of examples like that of investigations/convictions where the people did know how to use "Tor, socks proxies, VPNs, SSH tunnels" and used them properly almost always.
But which ones are really setup by the NSA to get said evidence that will be inconvenient for him at some point in the future? (I suspect Tor, and at least a few of the commercial VPN providers)
Some recent news out of the commercial VPN universe... From a cryptographer professor at Johns Hopkins: https://twitter.com/matthew_d_green/status/14493567426896896... Kape, an Israeli 'adware' company that renamed itself to distance itself from its prior history as an adware company, recently bought up ExpressVPN and several other services and rebranded itself as a VPN services company. Kape also bought VPN ranking websites and juiced the rankings (into positions #1 and #2) for the VPN companies that it just bought: https://restoreprivacy.com/kape-technologies-owns-expressvpn... I suspect that Kape is probably a CryptoAG repeat - https://en.wikipedia.org/wiki/Crypto_AG - and is doing double duty for the US IC along with the Israelis, but it could be just a pure Israeli shop too.
It might be true. But what if you chain multiple defenses, each one in states that do not get well with each other? Every investigation will need collaboration.
True, but your last hop to you is usually the most important one. It’s all about a risk analysis on how likely and cheap it would be to use it vs the cost to you if someone does. And keeping in mind that a lot of these agencies have to burn their budget or risk losing it.
If I am online, I assume some entity somewhere can maliciously access what I am doing. My goal is to secure it enough so that entity has to be a state actor. Tor is not a silver bullet, even if used properly, because anyone (including state actors) can stand up a Tor node: https://nusenu.medium.com/tracking-one-year-of-malicious-tor...
I haven't thought about Mudge in a long time. If you've ever worked cybersecurity for the government, or in general, you owe him, Brian Oblivion, Space Rogue and the other members of L0pht for opening the door. They were pioneers of responsible disclosure, and brought the problem to light when they testified to Congress in 98 that in 30 minutes they could shut down the Internet. He and the others had uncovered DoS, specifically a BGP DoS that would automatically cascade across the Internet.
L0phtCrack was featured in the Phrack Magazine (53) inside an article written by Aleph1 on attacking PPTP, one of the oldest VPN protocols [1]. Prior to that, Aleph1 has written arguably the most famous article in Phrack Magazine (49) to date [2].
Aleph1 has written arguably the most famous article in Phrack Magazine
Given the number of people, including myself, who consider reading that article a truly formative experiences, you might argue it's one of the most famous/influential articles in programming.
> L0phtCrack is a password auditing and recovery application originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables.
It's a cracking tool. If you never needed to crack NTLM passwords or bruteforce windows shared folder passwords over dialup, you might not have heard about it in the casual technology news.
What do you mean by "that's really on you"? I'd normally interpret it as something like... "this is a state of affairs that would be different if you'd acted differently, and you knew or could have been able to know this in advance". Along those lines, anyway. But not having heard about a tool doesn't really seem to fit that.
At some point, a tool is so ubiquitous that it's just odd to not have encountered it. You don't see many accountants that haven't heard of Excel, webdevs that haven't heard of Apache, construction workers that haven't heard of a hammer, or cybersec workers who haven't heard of L0phtCrack.
It means it's their fault because they clearly were not paying attention or their memory has failed them.
L0phtCrack has been decreasingly relevant in the past 10 years or so -- it wasn't available for awhile and some free tools are similar so you were basically buying the rainbow tables -- but if you were in security in the Windows 2000 or Windows XP era, you know of this tool. There was a lot of discussion for years around and about password crackers after rainbow tables became a thing.
It's not like not knowing what Wireshark or nmap is, but it is like saying that you've never even heard of Kismet or John the Ripper. Or like being a DBA for decades that never heard of Informix. Or a programmer for "decades" that has never even heard of Delphi. Like what were you doing in the early 2000s to have completely missed the death of Borland and Pascal and the popular variants? These are big enough events in the industry that if you're in it you're going to be aware of it.
This is assuming that everybody has an interest in cybersecurity. I can come up with equally well known (in specific circles) tools that you may not have heard of.
It's making me nostalgic for all of the old tools - what was another one, ``john''? Although that seems to have been modernised. https://www.openwall.com/john/
God I miss those days. And now I feel old, like the father I thought I'd never be.
Nostalgic for an age that I thought was forever. But really, never was.
My school's domain admin password was 'school' (later changed to the school's name with O->0 substitution). It's marginally better than their VNC password though, which was 'vnc' (VNC Server was installed on every machine in the school).
At my school the password was the person’s username. Someone guessed it one day. Which in hindsight was inevitable when the login screen was exposed to hundreds of bored kids every day.
I remember that the binary for L0phtCrack had some sort of software protection included with it, and it took a 1-bit change to be cracked, itself -- a 0x74 to 0x75, iirc (or 0x74 to 0xEB if you're a stickler for doing it right). I don't remember exactly what the protection was, maybe there was some sort of password count limit or time limit. It was a long time ago. I just remember being a little disappointed that it was that easy.
I was a hair's breadth away from expulsion too - exfiltrated .sam files from a PC in the library on a 3.5" floppy. Seems to be quite common experience judging by this thread.
Why did we all get caught? Smart enough to figure that out in your teens, dumb enough to think you can get away with it...
In my case I was operating with a dumbass friend who left a "calling card" on one of the compromised machines.
To be honest I fessed up for no reason. All they knew was I logged in to some box. I could have made some stuff up about doing some legitimate work and I'd probably have gotten away with it. At the time I was extremely naive and dumb. My advice to kids is not to stop doing things but to simply downplay what you were doing. "No I wasn't hacking. I was securing the system." Etc. Come up with plausible reasons and the benefit of doubt will generally keep things from escalating beyond the IT staff. Once admins start talking about hacking you've lost the war of words.
But as a result of my demonstrative flexing cyber-security activity — I was granted with 'root' credentials on the school's SUSE Linux server… Which apparently at the same time was used as an ISP router for an entire city block.
This granted responsibility, unsurprisingly, turned out to be an extremely effective step to cool my eagerness to hack into all things.
They tried to expel me for this (among other) reason(s) too, though the Vice Principal went to bat for me and instead I was banned from using any computers on school property for the last couple years of high school instead.
Very similar experience - in the end no police, and I just had to stay back and write a long essay on why hacking is wrong (pretty sure I was an edgelord about it and wrote something nuanced about white-hatting...)
Combination of 401k growth, having a six figure income, cryptocurrency investments, and early investment in AMD and TSLA and a few side income streams.
Dang this does bring back the memories. What was the other tool I used a lot for reversing. Something ice something... softice debugger. That was also a piece of art.
I went from John the Ripper to L0phtCrack to Hash Cat. Now I want a Quantum computer because for some type of passwords even running Hash Cat on a big GPU farm is too slow because of hashing algorithms.
I used it in ~ 1999-2000 to check password strength in the company I worked for; it was running for 1 minute, for any password that was recovered the owner got a notice to change it immediately. Initially 50% of the passwords were the username and more than 50% were up tp 5 characters long. At that time an 8 char min length was "safe enough" for a company that had no sensitive data other than the payroll.
Or the big red button admin bypass. If I remember right ms patched that vuln but then it would just act like it was winnuked instead. Bravo Microsoft. They really are fun to make fun of looking back at their record for security
Good times were had by non-sysadmins around the world
No. They seem to have been doing a few puff PR pieces recently. Can’t imagine anyone under 30 knows or cares about them.
I guess their main claim to fame was being the first “hacker” group to do PR moderately well and transition into decent careers. Not really even an interesting footnote in history.
Human, I'm 28, been in InfoSec for ~10 years. Granted, I was lucky enough to be interested in and peruse this as a professional branch when I graduated college in 2016. I am also an adjunct professor at my local university, where I make it a salient point to remind my students of the history of hacking. We talk about this still.
I also start every semester off with the opening scene of Hackers - the best hacking movie ever made :)
Lacks? No way. Sneakers' score features Branford Marsalis, which is very different feel to Hackers (which is also great), but imo very evocative of the the playfulness, mystery, & intrigue of the crypto storyline.
Indeed. I had the good fortune to work with DilDog before he co-founded Veracode. I count him in the top ten of talented co-workers across a three decade career.
I'm in the same boat, and it's really amazing how quickly things change. I was explaining to a coworker the other day how much more optimistic we were in the 90s, and when he casually mentioned that he was born in 2000, I suddenly felt really old.
It's been disappointing to see that Beto O'Rourke doesn't get asked more questions about his present-day commitment to the Cult of the Dead Cow's agenda.
Would you do a guy a favor and lay some links or at least breadcrumbs such that I might start learning my history? I'm picking up programming at a relatively advanced age (31) and don't have the time to do deep hunts for stuff like I did when I was in my 20s BUT I want to keep security right in mind as I write everything I make.
ahh..this is i feel going to be a controversial take, but it isnt said with malice.
the history of mudge and l0pht are more interesting than they are useful. if you want to get 202X security chops though, digging up the past isnt really the way. its more of a thing to do a deep dive into because youre interested, not because you expect anything out of it.
there are other researchers like gruqg who chronicle the exploits of old teams like l0pht and ACIDBITCHEZ under the guise of teaching the new wave about LOL hacking (living off the land), but i personally think they are doing it more for the reasons one writes a history book; cause its interesting.
if you want to learn LOL, read mandiant APT markers. thats how modern hacking is done, its really not at all like it used to be. i myself am happy to offer the following ocunterpoint though; the number one ranked hackerone bugbounty is dawgyg, an ex blackhat whose come in and dominated the bb scene in a huge way. i counter my counter point with the thousands of guys who make a solid living doing bug bounty who do not posess the old skills. they arent a requirement to make it in modern sec, because things are just different.
they were a bunch of badass cowboys who became the first to "make it". big boy jobs, wide spread respect in the community, inspiring a generation like egypt etc who went on to do metasploit work.
i am keen as a BEAN for grugqs book to come out, because to me, its fascinating, interesting and inspiring. mudge has been my personal hero since i found out about him when i was in highschool, but that was long after their reign was done and they were corporate.
i think the following anology works well too; lopht are comparable to van halen; when they both burst onto their scenes, almost noone else was doing what they did, and noone else before had gotten as big.
but time marches on, and other people do something new, and suddenly evh isnt as flashy as the new crop.
Hashcat can’t dump password hashes. L0phtcrack can and it has been a core feature for 20 years. I suppose a decent career is founding a security unicorn, Veracode. :)
I wonder what the reasoning for open sourcing it now. And why not from the get go instead of decades later. Licence choices are obviously up to the authors. But at this point it is more a museum relic than anything practical
The rights to L0phtCrack were purchased about a year ago by a company that made password cracking rigs for large companies to audit their employees passwords. They filed bankruptcy due to the GPU shortage changing their COGS overnight. When payments stopped being made the license reverted back to the author and he open sourced it.
I remember the app but never knew how to pronounce it -- it sounded like (record-scratch)-Crack, or maybe Bill the Cat, in my head. Light? Loft? Lowpft?
Looks like they sold and committed to a bunch of cracking rigs before sourcing enough GPUs right before prices skyrocketed, and were suddenly on the hook for a lot more than they could realistically pay for. Hopefully Jeremi manages to pull through. It's a fantastic company that makes a fantastic product. I'd love to buy some new rigs when they get their supply chain issues figured out.
https://terahash.com/letter-from-ceo