50,000 printers hacked to tell people to subscribe to PewDiePie

Sinbad

Honorary Master
Joined
Jun 5, 2006
Messages
78,424
When someone uses the term "script kid" I assume they dont know what theyre talking about.

Can you script meterpreter? This aint irc anymore.
For me a script kiddie is someone who uses other people's work to do their deeds. This guy did nothing new, he used an info gathering tool and then used an already existing exploit tool.
Therefore, skiddie.
If he wrote PrET, different story. He didn't.
 

w1z4rd

Karmic Sangoma
Joined
Jan 17, 2005
Messages
49,634
For me a script kiddie is someone who uses other people's work to do their deeds. This guy did nothing new, he used an info gathering tool and then used an already existing exploit tool.
Therefore, skiddie.
Do you use metasploit? Or did you make your own? Do you think people who use metasploit are script kiddies?

Are you able to provide one major hacking tool you have contributed & committed code to? Do you use nmap or manually do connections to test every port?

This person used a good hacking tool and automated a process, s(he) was clever. Using a hacking tool does make you a script kiddie. Calling other people script kiddies kinda does though. It implies a misunderstanding of the tools and how people hack.

If I wanted to hack large numbers, I would automate a competent hacking tool, exactly as this hacker did. You would either be totally dedicated to printer exploitation or really stupid not to use a good hacker tool and write your own.


For me the real fools here, are people who allow printers like this onto their networks. Ones which can be easily used for industrial espionage. Hellloooooo . Priorities. I wish the Printer industry would stop giving themselves so many awards for setting up such dangerous exploitable systems, and concentrate on installing them correctly.

This is why I say more certs than sense. Printers like this and the people who install them are a threat to your company. If you got a printed message then your company is high risk already.

To me the most important story here is not a hacker who exploited and easy to use exploitable system, but rather system management... who know so little about IT (but have all the best certificates)... are not doing basic checks in infosec to protect the company they were employed to protect.

What is wrong with infosec and system administration that so many printers were so easily exploitable? Is it by mistake or design? Why are so many incompetent people getting high positions in infosec and system administration.

Why do these incompetents always have more qualifications than experience? (best answer I saw to this, was.. "the frat fees would be too high otherwise")
 
Last edited:
Top