Thursday, December 28, 2006


Todd Schriber is US Rep Rehberg's press aide (he has since been fired). He contacted (of all places) to try to solicit a hacker to change his GPA. What follows is a truly classic piece of social engineering. It includes a reference to the Avian Network Protocol (RFC 1149), pictures of squirrels, and has the best movie-style hacker-babble I've ever seen.
Shouldn't need anything else. Have had a chance to set up a couple of IDS/IPS evasion bots, perimeter scanning came up clean. Small SQL injection issue merged with XSS shows that the backend database may be either 768-bit encrypted or a simple 3DES matter, but a little more time should take care of that issue. Once the tables are writable to sa, should be ready to jump in and jump out with no problem. One of their systems caught an early sniff, but was shut down with a smurf.

For the non-technical: trust me, the above makes absolutely no sense whatsoever. Which makes it funny, because good old Todd swallows it hook, line, and sinker.