العربية
中国
Français
Deutsch
Ελληνική
हिन्दी
Italiano
日本語
Português
Русский
EspañolSCRIPT_KIDDIE
(Redirected from Script kiddies)
In hacker culture, a 'script kiddie' (occasionally ''script bunny'', ''skidie'', ''script kitty'', ''script-running juvenile (SRJ)'', or similar) is a derogatory term used for an inexperienced malicious cracker who uses programs developed by others to attack computer systems, and deface websites. It is generally assumed that script kiddies are kids who lack the ability to write sophisticated hacking programs on their own,[1] and that their objective is to try to impress their friends or gain credit in underground cracker communities.
In modern cracker and Internet subcultures, script kiddies are widely considered novices, who seek reputation by free-riding on the work of the hacker community. The goal is typically to impress friends.[2] Portrayed as teenage technological dilettante, script kiddies are the subject of contempt among experienced hackers. In spite of this, they are feared among network administrators for their ability to scan many computer systems automatically over the course of days or weeks to find weak points.[3] The fact that very little technical knowledge is needed to download these programs is an added threat, since nearly any individual on the Internet can obtain malicious viruses and the means to infect large numbers of computers, costing the owners up to millions of dollars in damage.
Script kiddies often scan thousands of computers looking for vulnerable targets before initiating an attack. This is similar to wardialing and wardriving in which the attacker isn't looking at one specific system, but instead anything that is open and looks interesting.
Script kiddies often deface random sites and vulnerable targets. They misuse "Google Dorks" (search methods designed to find vulnerable machines), and attack most sites available. For example, when an easy exploit is released, in a matter of minutes, script kiddie groups join and start defacing.
Script kiddies have at their disposal a large number of effective, easily downloadable malicious programs capable of harassing even advanced computers and networks. Such programs have included WinNuke applications, Back Orifice, NetBus, Sub7, Metasploit, ProRat and any auditing program as well.
Another simple means of attack is a computer worm. These are spread through e-mails, and once opened, it can be automatically sent throughout the entire system, often without the users realizing it. The purpose of a worm varies, from sapping the targeted computer or network of bandwidth and therefore slowing performance, to deleting or encoding files. Other commands can be preprogrammed before they are released into a host.
In a denial-of-service attack (DoS), the attacker tries to shut down network activity in a target system by sapping the computer network of bandwidth. A number of distinct DoS attacks have been created which pursue this goal through different means, such as SYN flood, ICMP flood (a.k.a smurf attack) and ping floods. If the server gets overwhelmed with excessive amounts of information, it will stop responding, and may require a restart.
Script kiddies are often able to exploit vulnerable systems and strike with great success. The most famous examples include:
★ A 15-year-old script kiddie called MafiaBoy was arrested in an upper class neighborhood in Montreal in 2000. Using downloaded tools to begin DoS attacks, he struck famous websites such as Yahoo!, Dell, Inc., eBay, and CNN, causing roughly $7.5 million worth of damage. He pleaded guilty to 55 criminal charges and served 8 months in a youth detention center.
★ In 1999, NetBus was used to discredit a law student named Magnus Eriksson studying at the University of Lund. Child pornography was uploaded onto his computer from an unidentified location. He was later acquitted of charges in 2004 when it was discovered that NetBus had been used to control his computer.
★ Danny Yeap, a 15-year-old high school student from California was responsible for using the infamous Danny worm. The program was part of a DoS attack against computers using the Microsoft Windows operating system, Mac OSX and many other operating systems. The attack took the form of a SYN flood which caused critical damage. He was sentenced to 5 years in prison in 2005.
1. Lemos, Robert. Script kiddies: The Net's cybergangs Retrieved on 24 April 2007.
2. Michael Fitzgerald ''Hackers, Hackers and Script Kiddies, Oh My!: How to sort the good guys from the bad, in the Internet version of Spy vs. Spy.
3. Honeynet Project Know Your Enemy. Retrieved on 24 April 2007.
★ Hacker (computer security)
★ Hacker culture
★ Black hat
★ 1337 h4x0r h4ndb00k, , tapeworm, tapeworm, Sams Publishing, 2005, ISBN 0672327279
★ Honeynet.org - Know Your Enemy (Script Kiddie Essay)
★ ZDNet - Script kiddies: The Net's cybergangs
In hacker culture, a 'script kiddie' (occasionally ''script bunny'', ''skidie'', ''script kitty'', ''script-running juvenile (SRJ)'', or similar) is a derogatory term used for an inexperienced malicious cracker who uses programs developed by others to attack computer systems, and deface websites. It is generally assumed that script kiddies are kids who lack the ability to write sophisticated hacking programs on their own,[1] and that their objective is to try to impress their friends or gain credit in underground cracker communities.
| Contents |
| Script kiddie scene |
| Tactics |
| Tools |
| Famous examples |
| References |
| See also |
| Related Books |
| External links |
Script kiddie scene
In modern cracker and Internet subcultures, script kiddies are widely considered novices, who seek reputation by free-riding on the work of the hacker community. The goal is typically to impress friends.[2] Portrayed as teenage technological dilettante, script kiddies are the subject of contempt among experienced hackers. In spite of this, they are feared among network administrators for their ability to scan many computer systems automatically over the course of days or weeks to find weak points.[3] The fact that very little technical knowledge is needed to download these programs is an added threat, since nearly any individual on the Internet can obtain malicious viruses and the means to infect large numbers of computers, costing the owners up to millions of dollars in damage.
Tactics
Script kiddies often scan thousands of computers looking for vulnerable targets before initiating an attack. This is similar to wardialing and wardriving in which the attacker isn't looking at one specific system, but instead anything that is open and looks interesting.
Script kiddies often deface random sites and vulnerable targets. They misuse "Google Dorks" (search methods designed to find vulnerable machines), and attack most sites available. For example, when an easy exploit is released, in a matter of minutes, script kiddie groups join and start defacing.
Tools
Script kiddies have at their disposal a large number of effective, easily downloadable malicious programs capable of harassing even advanced computers and networks. Such programs have included WinNuke applications, Back Orifice, NetBus, Sub7, Metasploit, ProRat and any auditing program as well.
Another simple means of attack is a computer worm. These are spread through e-mails, and once opened, it can be automatically sent throughout the entire system, often without the users realizing it. The purpose of a worm varies, from sapping the targeted computer or network of bandwidth and therefore slowing performance, to deleting or encoding files. Other commands can be preprogrammed before they are released into a host.
In a denial-of-service attack (DoS), the attacker tries to shut down network activity in a target system by sapping the computer network of bandwidth. A number of distinct DoS attacks have been created which pursue this goal through different means, such as SYN flood, ICMP flood (a.k.a smurf attack) and ping floods. If the server gets overwhelmed with excessive amounts of information, it will stop responding, and may require a restart.
Famous examples
Script kiddies are often able to exploit vulnerable systems and strike with great success. The most famous examples include:
★ A 15-year-old script kiddie called MafiaBoy was arrested in an upper class neighborhood in Montreal in 2000. Using downloaded tools to begin DoS attacks, he struck famous websites such as Yahoo!, Dell, Inc., eBay, and CNN, causing roughly $7.5 million worth of damage. He pleaded guilty to 55 criminal charges and served 8 months in a youth detention center.
★ In 1999, NetBus was used to discredit a law student named Magnus Eriksson studying at the University of Lund. Child pornography was uploaded onto his computer from an unidentified location. He was later acquitted of charges in 2004 when it was discovered that NetBus had been used to control his computer.
★ Danny Yeap, a 15-year-old high school student from California was responsible for using the infamous Danny worm. The program was part of a DoS attack against computers using the Microsoft Windows operating system, Mac OSX and many other operating systems. The attack took the form of a SYN flood which caused critical damage. He was sentenced to 5 years in prison in 2005.
References
1. Lemos, Robert. Script kiddies: The Net's cybergangs Retrieved on 24 April 2007.
2. Michael Fitzgerald ''Hackers, Hackers and Script Kiddies, Oh My!: How to sort the good guys from the bad, in the Internet version of Spy vs. Spy.
3. Honeynet Project Know Your Enemy. Retrieved on 24 April 2007.
See also
★ Hacker (computer security)
★ Hacker culture
★ Black hat
Related Books
★ 1337 h4x0r h4ndb00k, , tapeworm, tapeworm, Sams Publishing, 2005, ISBN 0672327279
External links
★ Honeynet.org - Know Your Enemy (Script Kiddie Essay)
★ ZDNet - Script kiddies: The Net's cybergangs
This article provided by Wikipedia. To edit the contents of this article, click here for original source.
psst.. try this: add to faves
Featured Companies
| Vacation By V |
Script_kiddie Videos
 | S4 League Hack / metaljunior |
 | S4 League Hack / Yuichiix |
