A video of what hacking is; a basic attack on some forum software
What is this?
This is a video I made three years ago in 2007 of an attack against the Perl forum software YaBB 2.1 for a layperson, extending an existing software problem, which lets you become forum admin, with another software problem I found, to be able to execute your own Perl code as the server's www account.
I didn't publish this at the time because, as I demonstrate in the video, the vulnerability was very widespread, and this is absolutely not intended as a "how-to" video.
I even briefly thought about writing a worm which would attack a YaBB 2.1 forum, fix the bugs, then search for other YaBB forums to attack and fix, and eventually disabling itself. This is a legal and ethical gray area though, so I played it safe and waited.
Why share it?
Although "hacking" is a very diverse area it's hugely misunderstood (largely thanks to Hollywood), and this video can hopefully give a glimpse of what it's really "about":
- How do "hackers" break computer systems?
- It's not magic, and sometimes isn't even very complicated (as in this example). The guy(s) who wrote the code made a few silly mistakes, someone comes along and checks over the code, finds these mistakes and invents ways to take advantage of them.
Some would call someone who does this a "hacker."
- How does an attack proceed?
- Not at an adrenaline fueled pace with time limits, but usually calmly according to a carefully prepared plan. Sometimes a large part of the attack has to be performed by code, in which case hours of painstaking preparation unrolls itself in the blink of an eye on the push of a button.
- What does it look like?
- You're not looking at a big green&black screen with loads of numbers and a big "access denied" box, it more or less looks like what analyzing&writing software looks like.
- What sort of skills does it require?
- There isn't an isolated skill-set called "hacking" like "writing" or "painting": The ability to "hack" comes from knowing the software better than the person who wrote it; so if you're more skilled/patient/careful than the person who wrote the code that's often all you need to break into it.
Like a mechanic knowing how to hotwire a car you don't have to be a criminal to know how to find holes in software. Knowing how to avoid these sorts of problems comes only from knowing how to exploit them.
- Watching this video then trying to reproduce it on a live server still running the vulnerable code would be a dangerous mistake.
- This video is long and boring, about a 10 minute screencast of a Yabb forum install being hacked, but that's because hacking is long and (for most) boring.
- I made and put up this video not because it's a clever attack; but because it isn't a clever attack, like showing what drawing is by drawing a stick figure.
- Searching for the vulnerability, data gathering, preparing code to install to the server, etc, aren't covered; the video starts after I have worked out a plan and written the code.
This preparation is the most important part of the whole process, but the video is already too long and boring, even without including the longer and more boring parts.
- I don't usually like to use the word "hacker" or make statements about what "hackers" are, because it's so misunderstood and vague that it's almost meaningless. It's a cliche, old fashioned, and controversial label, and I wouldn't use it except this video is aimed at people who are most likely to use it.
Webkit; another article I wrote on web-server security, aimed at a more advanced audience and PHP rather than Perl, with a focus on maintaining your position on the server after the initial attack.