Script kiddie

From Wikipedia, the free encyclopedia

  (Redirected from Script kiddies)
Jump to: navigation, search

In hacker culture, a script kiddie, occasionally script bunny, skiddie, skid, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks. It is generally assumed that script kiddies are juveniles who lack the ability to write sophisticated hacking programs or exploits on their own, and that their objective is to try to impress their friends or gain credit in computer-enthusiast communities.[1] The term can also be used as a name for someone with a good knowledge of computers who uses the premade tools as a shortcut or just for fun.

Contents

[edit] Tools

Script kiddies have at their disposal a large number of effective, easily downloadable malicious programs capable of harassing even advanced computers and networks.[1] Such programs have included WinNuke applications, Back Orifice, NetBus, Sub7, Metasploit, ProRat and often software intended for legitimate security auditing.

Another simple means of attack is a mass mailer worm. These are spread through e-mails and, once opened, they can be automatically sent throughout entire systems, often without the users realizing it. The purpose of a worm varies, from sapping the targeted computer or network of bandwidth and therefore slowing performance, to deleting or encrypting files. Other commands are possible.

In a denial-of-service (DoS) attack, the attacker tries to shut down network activity in a target system by sapping the computer network of bandwidth or other resources. A number of distinct DoS attacks have been created that pursue this goal through different means, such as SYN flood, ICMP butt-flood (a.k.a Smurf attack) and ping floods. If the server gets overwhelmed with excessive amounts of information, it will stop responding and may require a restart.[2]

[edit] Famous examples

Script kiddies are often able to exploit vulnerable systems and strike with moderate success. Some of the most infamous examples include:

  • Michael Calce, a.k.a. MafiaBoy, A high school student from Montreal, Canada, was arrested in 2000 for using downloaded tools to launch a series of highly publicized Denial-of-Service attacks against high-profile Web sites such as Yahoo!, Dell, eBay, and CNN. The financial damages were estimated at roughly $1.2 billion in global economic damages . Mr. Calce initially denied responsibility but later pled guilty to most of the charges brought against him.[3] His lawyer insisted the child had only run unsupervised tests to help design an improved firewall, whereas trial records indicated the youth showed no remorse and had expressed a desire to move to Italy for its lax computer crime laws. [4] The Montreal Youth Court sentenced him on September 12, 2001 to eight months of "open custody," one year of probation, restricted use of the Internet, and a small fine.[5]
  • In 1999, NetBus was used to discredit a law student named Magnus Eriksson studying at the Lund University in Sweden. Child pornography was downloaded onto his computer from an unidentified location. He was later acquitted of charges in 2004 when it was discovered that NetBus had been used to control his computer.[citation needed]
  • Jeffrey Lee Parson, a.k.a T33kid was an 18-year-old high school student from Minnesota who was responsible for spreading a variant of the infamous Blaster computer worm. Parson only modified the original Blaster worm, already prevalent, using a hex editor to add his screen name to the existing executable, and then attached another existing backdoor, Lithium, and posted it on his website. By making this subtle modification, the new executable was considered a variant, and authorities were able to trace the name back to him. The program was part of a DoS attack against computers using the Microsoft Windows operating system. The attack took the form of a SYN flood which caused only minimal damage. He was sentenced to 18 months in prison in 2005.[6]

[edit] See also

[edit] Related Books

  • Tapeworm (2005). 1337 h4x0r h4ndb00k. Sams Publishing. ISBN 0672327279. 

[edit] References

  1. ^ a b Lemos, Robert. "Script kiddies: The Net's cybergangs". ZDNet. http://news.zdnet.com/2100-9595_22-502632.html. Retrieved on 2007-04-24. 
  2. ^ "Denial of Service Attacks". Carnegie Mellon University. http://www.cert.org/tech_tips/denial_of_service.html. Retrieved on 2008-12-22. 
  3. ^ "February 7, 2000: Mafiaboy's Moment", Wired magazine, 2007-02-07, http://www.wired.com/science/discoveries/news/2007/02/72573, retrieved on 2007-03-27 
  4. ^ "Prison Urged for Mafiaboy", Wired magazine, 2001-06-20, http://www.wired.com/politics/law/news/2001/06/44673, retrieved on 2007-03-27 
  5. ^ "FBI Facts and Figure 2003". Federal Bureau of Investigation. http://www.fbi.gov/libref/factsfigure/factsfiguresapri2003.htm. Retrieved on 2007-03-27. 
  6. ^ Lagorio, Christine. "Prison Time For Teen Virus Guru". CBS News. http://www.cbsnews.com/stories/2005/01/28/tech/main670176.shtml. Retrieved on 2008-12-22. 

[edit] External links

Retrieved from "http://en.wikipedia.org/wiki/Script_kiddie"
Personal tools