||This article includes a list of references, but its sources remain unclear because it has insufficient inline citations. (April 2009)|
TESO was a hacker group, which originated in Austria. It was active from 1998 to 2004, and during its peak around 2000, it was responsible for a significant share of the exploits on the bugtraq mailing list.
In 1998, Teso was founded, and quickly grew to 6 people, which first met in 1999 at the CCC Camp near Berlin.
By 2000, the group was at its peak, and started speaking on various conferences, wrote articles for Phrack and released security tools and exploits at a very high pace. Some of its exploits only became known after leaking to the community. This included exploits for wu-ftp, apache, and openssh.
2001 Comprehensive Format String Research Paper by scut
2002 First remote vulnerability in OpenBSD followed by a series of remote exploits against OpenBSD (some co-authored with ADM). Forced OpenBSD to remove the claim from the OpenBSD webpage "7 years without vulnerability".
In 2003, the group informally disbanded, and in 2004 the website went down.
- In 2000, developed hellkit, the first shellcode generator.
- In 2000, wrote TesoGCC, the first format string vulnerability scanner, and the first comprehensive guide on format string exploitation.
- BurnEye is widely believed to be one of the first proper ELF executable crypters.
- Broke OpenBSD's "7 years without a remote vulnerability in the default install" record.
ADM and TESO made almost inappropriately large spashes in the community when they were active. Almost all their exploits were beyond the standard, and at times it seemed they were the ones finding all the new bug-classes. But at their peak, they couldn't have been very large groups. Certainly smaller than the reverse engineering and security group at a good sized IDS/IPS company these days.—Dave Aitel, CEO and Founder of Immunity, Inc.
Members and name
The name originally was an acronym of the nicknames of the original founders (typo, edi, stanly, oxigen), but as many of the most skilled members joined later, this interpretation quickly became meaningless. Teso originally and during its peak was a small and tightly-knit group, it is estimated that Teso had more than 50 members before disbanding. If the public sources can be trusted, at least the 30 members existed:
- typo aka Paul Bohm
- Goatse Security
- w00w00 - A rivaling hacking group. Some research and releases were published together with w00w00 members.
- The Hacker's Choice - Some team-teso members joined THC after TESO was disbanded.
- http://archives.neohapsis.com/archives/dailydave/2005-q2/0386.html Dave Aitel on TESO
- Source: http://downloads.securityfocus.com/vulnerabilities/exploits/bsdchpass-exp.c
- Source: http://www.trust-us.ch/phrack/phrack/62/p62-0x04_Prophile_on_scut.txt
- Source: http://www.ccc.de/congress/2001/fahrplan/event/255.de.html
- Source: http://marc.info/?l=bugtraq&m=99385173302656&w=2
- Source: http://examples.oreilly.com/networksa/tools/7350854.c
- Source: http://freeworld.thc.org/root/docs/loadable_kernel_modules/p58-0x06.txt
- Source: http://mixter.void.ru/about.html
- Source: http://packetstormsecurity.org/groups/teso/teso-advisory-011.txt
- Source: http://packetstormsecurity.org/groups/teso/adv6.tar.gz
- Source: http://packetstormsecurity.org/9909-exploits/dirthy.c