Artemis V0R73X Is Here…
There are several topics I want to talk about in this post:
>>>Topic 1: Story of Hacking Community: What it was, and what it is now.
Let us travel back in time, back to 30 years ago, back to 80s, where hackers were the the source of all the revolutions that happened in the computer world, when hackers were the mysterious, prodigy people who could work with a UNIX operating system, code in assembly, do amazing thing with software AND hardware, and play with a commodore 64 computer!
Back in those times, a Hacker was someone who was an expert in working with computers. Hackers were the geniuses who knew software, hardware, everything about computers. Why did they exist? Because there was something in a computer that doesn’t exist in ANYTHING ELSE: The power, the perfection, and the view of the future that it gives us.
Hackers lived in an underground world (meaning, public didn’t know much about them), writing low-level code in the black-and-white MASM IDE (or Vi!), executing commands in the black & green environment of UNIX shell, listening to 8-bit chiptune music, dreaming in binary, thinking in digital, cracking software, hacking to the computer networks, doing what they really LOVED to do.
IT WAS JUST THEIR THING! NO MONEY NO PROFIT NO NOTHING INTO IT! THEY JUST LOVED IT!
But it was all because, well, companies didn’t care about security much. The ones who cared were the curious ones. When Commercialism Took Over, it all ended because then those curious people saw some profit in what they were doing, and once you get involved with the job, you lose all the ambition, cuz you thing that’s the happiness, that’s it you’re paid for what you know.
Security Became Important. Money Came Into Consideration. All The Hackers Turned Into Security Professionals. So it’s just an It was an inevitable event that couldn’t be helped. (I mean, even Dr. Mudge works for the government now, and Kevin Mitnick wears a shirt that says “I’m not a hacker, I’m a security professional!” !!!). The ones that didn’t turn into security professionals (instead of liberal hackers) were just probably some script kiddies who didn’t have valuable knowledge to be paid for.
It’s just like Linkin Park. At first days when they started everything, they were some bad-ass Nu-Metal band, but as they became famous, they turned into some kind of soft alternative rock band that doesn’t even compare to the old Linkin park. Money debases the quality into everything.
And then it was the literature that killed it. Government saw it necessary to scare people away from knowledge regarding security. Nowdays, if u use the old term Hacker, everyone will interpret it as Cyber Terrorism. I feel sorry for the change in the meaning of the term….
NOTHING HAS CHANGED SO FAR.
I thought Hacking was vanished, I thought nobody really cared about the old dark underground world in which the smartest people did unbelievably amazing things.
I used to think that Hackers have always been egocentric. I thought they were an extinct specie. I thought they were some alone individuals living and learning on their own, and that was my reasoning for not finding many hackers around.
BUT I WAS WRONG!
NOTHING HAS CHANGED SO FAR!
THERE ARE STILL TRUE HACKERS, AND THEY DO ASSEMBLE, AND THEY STILL DO CRAZY THINGS! THERE ARE STILL PEOPLE WHO CARE ABOUT HACKING, AS IF IT’S STILL 90s.
Hackerz Are Not Extinct, u just gotta find them!
and well, it’s true. Let’s face the truth: We’re still very obsolete regarding the issue of security. With all that ambition taken away, what can security professionals do? We still NEED hackers.
Evidence? Take a look at Windows, the most used operating system of all time (so called modern!) almost EVERY ORDINARY PERSON uses Windows as the main OS. Now we were celebrating the success of windows in making the users happy, then we realize that a virus, called Stuxnet, has exploited not only one, but FOUR different security bugs in windows and is able to cause PHYSICAL damage!!!
And this was in 2010.
Do I need to mention Flame as well? Or Flashback? Or the 10,000 Twitter accounts leaked? Or the IBM main website being hacked? Or SSL vulnerabilities being exploited everyday? AND THIS IS ALL IN 2012! OUR DAY!
So we still have hacking…
We’ll have more. Nothing has changed. Mac computers were considered to be invincible, but the only reason for which they were secured was because it didn’t get the attention of hackers. We see bugs being exploited in 2o12 on Mac computers!! And this is an Operating System created by a whole bunch of professionals…
HACKERS ARE STILL AROUND, NOT EVEN A FEW, BUT A WHOLE BUNCH OF THEM!
AND THAT’S WHY I’M WRITING THIS POST!!! ARTEMIS V0R73X HAS RISEN TO FIND EVERY SINGLE ONE OF THESE COMMUNITIES, AND LIST THEM HERE. EVIL OR GOOD, ALL SHALL BE WRITTEN DOWN.
>>>Topic 2: Why don’t hackers just create websites and start sharing exploits and hacking tutorials?
The exploits shared online are always the ones for white-hat and ethical hacking purposes. You can’t use them in a real effective way because they’re all patched before by the security professionals. In fact, the purpose of them being published online was to make the bug be patched. Why? I mean, if you try to publish it online for the bad guys, obviously, before you get your hands on the exploit, the security professionals have already found out and patched the bugs. The only malicious use you could possibly get from online-published exploits is when you’re always on check and someone finds a 0day exploit and you are alerted as soon as its published.
In this case, well, you’ve got a couple of days to enjoy the exploitation while the good guys are patching it.
Tl;DR: DONT WASTE TIME LOOKING ONLINE FOR EXPLOITS! THE ONLY ONES THAT WILL
ACTUALLY WORK ARE THE ONLY ONES THAT YOU WRITE BY YOURSELF, EXPLOITING 0DAY
BUGS YOU FIND YOURSELF, and that’s exactly what hackers mean by ‘being a real hacker‘.
>>>Topic 3: There’s no unified underground world of hacker, but there is an underground.
well, you keep hearing this term ‘Undergound’. Ever wondered what exactly it means?
Basically, any Private place (like an IRC channel, a bulletin board, or a private website, or even a physical place for meetings) where hackers can come together and communicate without being noticed, which also means that me and you can’t get our hands on them, is part of the Underground. They all together create the entire Underground world of Hackers. Private means private. You can’t join. You can’t just go there and be part of the underground, unless, somehow, you find one of these places and proof that you’re harmless. But yes they do exist, they’re just not ONE SINGLE place.
But remember that Underground, in the hacking world, is not a UNIFIED THING. The only UNIFIED UNDERGROUND I see these days is thepiratebay.org, or similar free torrent sharing websites, and well DEFCON is considered underground, too. Other than these, Underground is a world created by little private communication centers here and there. You yourself can create one with a bunch of talented kids you know around, and be part of the underground. Or even create a blog and start blogging, blogs are kinda private, even if submitted to a search engine.
THIS IS UNDERGROUND WORLD: Hackers here and there, even may not know each other. Don’t be looking for such thing as www.Underground.com, because that’s just… dumb. Also this post is for this purpose itself: Knowing more about the underground. Lots of stuff posted here are not necessarily white-hat, ethical, and official. They’re not PRIVATE, but still…
>>>Topic 4: The V0R73X BlackList
So this is it people, the Underground I know!! xD
This list is not updated, but instead, I update a text file on dropbox whenever I find another resource. For the complete list, download this:
Also if you want to get updated whenever I update this, here’s link to a public folder on my Dropbox which contains all the CRUX sources, including this one, so all you have to do is to add it to your dropbox, so it updates & notifies you automatically, like we’ve shared a folder:
For a demo of what I’ve been writing before I found the Dropbox solution, well here it is, and Hell, it looks much better:
Communities, HackerSpaces & Hacking Groups:
A) Legal ones:
www.defcon.org: DEFCON is the greatest hacking community of all time (DONT use the forum for technical discussion, DONT do what I did!!! That’s just not right.)
www.shmoocon.org: Just another hacking community about which I don’t know much but I know that Dr. Mudge once gave a speech in one of their conferences.
summercon.org/: They all end with CON, huh??? xD well, CON just means Condition, but they all came from the word DEFCON (kinda like Foobar) and yes this is also another community + speeches, party, competitions & lots of fun…
www.blackhat.com/: Black Hat was established by the same guy who found DEFCON, but DEFCON is kinda bigger.
http://www.thehackersconference.com => International Conference of Hackers, this one is kinda gay compared to others but,… meh, anyway its another one.
http://www.rhok.org/: Random hacks of Kindness. A bunch of people gathered together for purpose of Good Hacking:
https://www.noisebridge.net/: A Hackerspace which has gathered bunch of people interested in computers & electronics who invent some neat stuff (like brain-controlled RC Helicopter)!
Now about the “not official” ones, they exist in 3 categories: Old Hacking Groups, Modern Hacking Groups, and Warez Groups (Crackers & Pirates)
Modern ones like Anonymous, SwaggSec, LulzSec, TeaMp0is0n, etc. Old ones like l0pht, cDc, rhino9, etc; (there were less old-school hacking groups, more individuals back in the old days, such as Mitnick, Poulsen, Lamo,…), and Warez groups like Razor1911, RELOADED, and SKiDROW.
B) Illegal groups:
For a list of Hacking groups & communities, Old & Modern, refer to This Page, or This Page.
For a list of Warez groups, Goto THIS PAGE. (these are the people who crack & pirate software instead of hacking actual computers/systems)
For a list of Hackers (like, the people! Black & White!) go Here, or Here.
For a list of Hackerspaces (like where a bunch of dedicated people meet and build things) HERE and HERE.
Online Resources, News & References:
www.thehackernews.com => Hacking News Website. Introduces new attacks, but does not share the exploit (usually) but you can read the topic and then use google to find out more about it. An Anonymous-type hacking website.
http://nakedsecurity.sophos.com => Exploits & Security news. Another website that ACTUALLY talks about specific exploits.
http://www.h-online.com/ => Security & programming news website
http://www.zone-h.org => All the hackers submit the defaced websites here, just to show their swag!! xD
http://threatpost.com => Kaspersky Labs News
Some Blogs, Websites & E-zines:
NOTE: Think about it: is it good to share an exploit online? I mean, obviously, before you get your hands on the exploit, the security professionals have already found out and patched the bugs. that’s why exploits shouldn’t be published online if you have malicious uses for them! That’s why you have to FIND exploits yourself, that’s how you can be a real hacker. Therefore don’t expect the exploits you find online to work, unless you’re always on check and someone finds a 0day exploit and you are alerted as soon as its published. In this case, well, you’ve got a couple of days to enjoy the exploitation but basically the exploit being published online means the vulnerabilities being patched asap. so…
http://www.exploit-db.com => Source of all discovered exploits shared publicly. So this is not much of use if you’re gonna have malicious plans for those exploits, unless you get them before they developers release the patch. Anyways a good resource for ethical/white hat hackers…
http://phrack.org => AWESOME Hacking magazine. I EXTOL them for the stuff they publish about hacking. Very neat stuff.
http://www.securitytube.net => Full of video tutorials, about all kinds of hacks.
http://insecure.org/ => News & Tutorials! Haven’t had time to explore it yet, but it looks pretty legit.
http://seclists.org => Looks just like insecure.org, but has some other stuff!
http://www.offensive-security.com => Blog, Tutorials & More.
http://www.hackchina.com => Another good hacking resource in which exploits are shared.
http://www.gedzac.com => Another website that teaches hacking material in a very advanced level!!! It’s in spanish tho, just use Google Chrome translator…
http://attrition.org/fuck/ => Another awesome hacking magazine!
http://infinityexists.com/ => AWESOME blog which posts about hacking stuff…
http://sysc.tl/ => ANOTHER GOOD ONE!
http://www.get-root.com => Another good one!
http://hexale.blogspot.com/ => GREAT BLOG DUDE!
http://www.breakthesecurity.com/ => Found it very useful! xD
http://geneisdatabase.wordpress.com/=>Another Blog. Programming, and some hacking….! xD
http://blog.markloiseau.com/ => More programming, but AWESOME programming!! Low-level, close-to-machine, hacker favorite! xD
http://greyhat-security.com => Don’t know much about it but I guess it’s a good one.
http://www.koders.com/ => Some neat code is shared over there. Not bad to have a look at…
http://cyber-killers.com => Looks good. Contains good stuff, too…!!!
http://soldierx.com/ => This is kinda a well-known one.
http://py1337.get-root.com/ => The Python Guy!!
http://pythonlabs.blogspot.com/ => The OTHER Python Guy!!!!!
http://hansatan.com => Nice theme bro!
http://diablohorn.wordpress.com/ => Another good one… w8, is it called Diablo Horn??? Nice name…!
http://www.thexero.co.uk/ => The Xero! Weird name, but it’s cool at the same time… xD
http://h.ackack.net/ => Another good security blog.
http://bubzuru.comule.com/ => This guy used to be an amazing malware coder, but he got on drugs… so sad!
http://www.mattandreko.com/ => Another one…
http://g0tmi1k.blogspot.com/ => Another one…
http://mandeeplubana.blogspot.com/ => Just another one…
http://www.youtube.com/user/gigafide (official website: tinketnut.com, with also facebook/twitter pages, but I found the ytube account most useful)
Challenge websites (Online Hacker Warz):