decker tricks, show off your genius Options

[mfb]

came up with a neat trick for deckers i thought i'd share. it allows you to set up what amounts to a permant valid account on any host you're skilled enough to hack. all you need is a computer (programming) skill of 4+, and good Validate, Deception, and Read/Write programs. a high DF helps; if you can change modes, go for high masking.

first, create a command set with four operations. the operations are, in order, Validate Account, Send Data, Send Data, Null Operation (24 hrs).

next, logon to the host and validate a user account. this allows you to do an Upload Data operation, so you can save your command script as a text file on the host, then Send Data to create an active copy of the script; with the valid account, you can do this without rolling dice. now, do a Null Operation (24 hrs) to activate the command set. the system will get +5 to its security value, which is why you want high masking. your work is done; log off.

the command set waits 24 hrs, then validates a new user account (24 hrs is the minimum time a spoofed account will remain valid). with the new user account, it then does one Send Data to email you the new account information, then does a second Send Data to call up the saved copy of itself. using that, it does a Null Operation (24 hrs) to activate the new copy of the command set. the command set waits another 24 hrs, then kicks in. rinse, wash, repeat.

partly as instruction and partly for the karma, i rolled out a character of mine performing this trick here. the character is GG Beat.

[Orient]

I've been doing something similar with command sets and Redirect Datatrail operations to bounce commcalls through Validated accounts in various secure hosts in order to foil tracing....

Err.. more info when I'm not scrambling to get ready for work..

[John Campbell]

Congratulations. You've invented the rootkit.

[mfb]

indeed. i'm introducing near-mystical technology into the world of SR--such things shouldn't even be possible, given the level of technology in 206x !!

i think it's hilarious how hard you have to work to use basic hacker tricks, in SR.

[Jason Farlander]

Unfortunately, this trick is less reliable with a company that employs security deckers.

[Panzergeist]

Self-replicating command sets. L33t. Of course, the one hitch is that you have to upload your e-mail address onto the host, giving security a potential lead on you if they find it.

[Digital Heroin]

Come on now. Every decker worth a grain of salt can make an anonymoose e-mail addy.

[mfb]

well, you probably don't want to do this trick on an actual host--better on a grid, where security is looser and traffic is higher.

[moosegod]

[Phaeton]

:rotfl:

[mfb]

Orient, i'm very interested in your auto-redirect scheme. i'm working up one myself, but if someone else has already done all the hard work...

[Panzergeist]

Okay, here comes the clue train, last stop you. Security deckers aren't above doing a little hacking themselves. So, security decker traces your anonymous e-mail address, hacks it, and looks through your inbox, sent messages folder, and the log that says where you jacked in from. Now, the log will be useless if you redirected your datatrail, since they can't trace your redirects without you being there to hit with a trace utility. And of course, you can download your received messages and erase everything as soon as you dl/send it. However, they can continue to monitor your account if they manage to get in unnoticed. So, unless you meteiculously cleanse your e-mail account, search it for dataworms and sniffer programs every time you log on, and change to a new pirate account regularly, regardless of whether you have reason to suspect it's been compromised, you can be monitored. And even if you do all that, that still leaves your enemies a small window to infect your account with a dataworm, and monitor the address until you log on, allowing them to monitor incoming messages. The only solution to this would be to have an agent guarding your account 24/7 to both watch for intruders and shoot down dataworm info dumps. Even this wouldn't be foolproof. No matter what you do, you will leave a datatrail of some sort.

[Zazen]

Or you could send it to fifty thousand email boxes. The other 49,999 will delete "CLICK HERE FOR AWESOME SICK PORN jfi4u389fq20j f893f8934", but you'll be quite happy to use l: jfi4u389fq20j p: f893f8934 :)

[mfb]

even better, send a single email to one address, which in turn shotguns it out to however many addresses. that way, no one will be wondering why the grid's email traffic suddenly shot through the roof.

[Panzergeist]

You would be surprised at how many people actually open messages like that. :rotfl:

[phelious fogg]

Thats why you fill it with junk, your decker only cares about the name of the email.

[Dashifen]

[Grey]

Dash: All you do there is add an extra step where the Decker needs to find the Smart Frame/Agent and hack it to ignore that new account. Or maybe you could somehow make the account look like it has been there all along or something. Either way, I'd give the Decker a way around it.

[Elfie]

Of course there's a way around it. It's like chess. You move, I counter it, you counter my counter, etc. I just need a little work on my decker tricks if I'm going to survive (oh yeah, that'll be another thread).

[hobgoblin]

hmm, didnt know you could do a null ops inside a command set...

as for the redirect comcall commandset, its described in the matrix book under decker tricks. but i allways belived that you could only do make comcall on a RTG. this will make my decking days easyer as i can just call my onsite partners, i just hope that they have vibration only (or maybe a headphone)...

[Panzergeist]

Yes, since the work week is 40 hours, and week is 168 hous long, a company would need 4 security deckers to have one on duty at all times. However, having a frame or agent on guard at all times is much more economical.

[mfb]

don't get me wrong, this isn't a trick you'd use on Lone Star. but, say, Angel Satcom? or, better yet, any number of random MSPs? (i do have to wonder about that discrepancy--in Matrix, it says your average MSP is an Orange-Average host; but in T:Matrix, it stats an average MSP as Green-Easy!)

[hp_warcraft]

Deckers love those throwaway MSP accounts. Head over to the cybercafe, order
a mocha-java, pop in this week's free UCASOL chip, register new account to be used later for less than legal purposes and then hit the newsfeeds. (You do at least skim the buisness news daily to keep that Evaluate program current - right?) :D

[mfb]

don't need to. otaku are teh leet!

[Dashifen]