Sign in to follow this  
Followers 0
Drewshbag

Consequences for getting caught hacking

20 posts in this topic

say hypothetically if I were to use a bruteforcer or a dictionary password guessing program thing to get somebody's password for something, and get caught doing so, what are the consequences? and what are the chances of getting caught??

0

Share this post


Link to post
Share on other sites
say hypothetically if I were to use a bruteforcer or a dictionary password guessing program thing to get somebody's password for something, and get caught doing so, what are the consequences? and what are the chances of getting caught??

Depending on what state you live varies the law according to breaking into someone's computer.

The chances of you getting caught are very high because I am guessing you dont know how to use a proxy and that you're not going to delete the log files at all, getting caught is all based on how much you know of what you are doing. Just saying hypothetically. =]

0

Share this post


Link to post
Share on other sites

unless you're messing with .gov or the big guys (microsoft, novell, etc.), you don't need to use proxies. general rule of thumb is stay away from such targets.

0

Share this post


Link to post
Share on other sites
unless you're messing with .gov or the big guys (microsoft, novell, etc.), you don't need to use proxies. general rule of thumb is stay away from such targets.

Uh... You're kidding, right?

0

Share this post


Link to post
Share on other sites
unless you're messing with .gov or the big guys (microsoft, novell, etc.), you don't need to use proxies. general rule of thumb is stay away from such targets.

.... Uhmm okay Microsoft and the .gov website aren't the only people that check logs. You make it seem like everyone else except the Government and high up companys monitor security.

0

Share this post


Link to post
Share on other sites

I don't even trust proxies. A better method would be to use an open WiFi AP with a spoofed MAC address.

0

Share this post


Link to post
Share on other sites

I've never been busted for the over 100 sites I've compromised. Did it without proxies, too.

0

Share this post


Link to post
Share on other sites
I've never been busted for the over 100 sites I've compromised. Did it without proxies, too.

I compare that to having sex with a hooker in Times Square without a condom. Very risky!

0

Share this post


Link to post
Share on other sites

If the prosecution fees are less than the cost of damage you did then you have something to worry about. A lot of people will let 'attempts' go because its a pain in the ass to go after somebody for relativley nothing.

OR

you'll get raped in prison and love it.

0

Share this post


Link to post
Share on other sites

deadwax, if you know what you're doing, then it's not risky at all. one or two entries in a logfile that's over 20mb big is nothing. it's like trying to find a needle in a haystack.

also, another rule of thumb: defacing is retarded.

0

Share this post


Link to post
Share on other sites
deadwax, if you know what you're doing, then it's not risky at all. one or two entries in a logfile that's over 20mb big is nothing. it's like trying to find a needle in a haystack.

also, another rule of thumb: defacing is retarded.

I hope everyone realizes what a silly mentality this is and DOESN'T do this...

0

Share this post


Link to post
Share on other sites

okay im sorry i didnt give enough info for you guys to be able to answer my question. i live in california, i am not planning on doing any damage whatsoever, it is NOT a .gov or anything major like that. i just want to be able to read some email or view some pics on photobucket and stuff. so what are the consequences if this is the situation? or am i still being too bland?

0

Share this post


Link to post
Share on other sites

They keep the laws just vague enough so they can either let you off with a warning or fuck you in the face, depending on the message they want to send.

Best case: You get off with a slap on the wrist.

Worst case: They take the case federal (since the servers are in a different state) and run wild on your ass with all sorts of post 9/11 emergency laws.

0

Share this post


Link to post
Share on other sites

Okay, so from what I acquire you're going to attempt to brute force an account on Photobucket or some other semi-popular and mid-large company. One that manages well over 100,000 users daily and expects this kind of activity without knowing to use some safety measures such as someone else's WIFI or some kind of PROXY computer bouncing setup.

So what you're saying is you're trying to go to the back door of lets say Wal-Mart with a giant battering ram. With this battering ram you are probley going to eventually get in but you WILL be noticed. Rather if someone walks by and notices you or if later they check the Security Cameras. Now, since you're obviously not wearing a black costume, a mask, or took really any precautions besides wait tell night time there's a good chance they will either see a door knocked down, with lots of things stolen or used, notice the huge dents on the door, Look at the camera, or... oops they noticed you dropped your license with your address on it.

Now they can either just mark you as banned from the store and property or call the cops, which they do depends on the company.

0

Share this post


Link to post
Share on other sites

If you get caught all the worst things you have ever imaged will happen to you. So dont do anything illegal, or at the very least dont get caught, and definitely dont brag about doing anything illegal on public forums.

0

Share this post


Link to post
Share on other sites

It depends on who you're doing it to, and where you're doing it from, and how.

Brute force is very obvious -- it generates thousands, maybe millions depending on the password complexity, of failed logins. This is enough to draw suspicion for most people. If you're doing it from home, with no proxies or anything, then they have your home IP address, and your ISP will more than likely give them the name of the owner of that account.

In the best-case scenario, whoever actually pays for the service will get a cease-and-desist order, and if you're not the one that owns it, you're probably going to get dressed down pretty good. For a real-life example, my boss is a shithead and uses really simple passwords (we're talking a123456 simple), so someone compromised the account on our offsite backup server using his (root-access, as he demanded) account. Well, they used our server with its massive colocated bandwidth to try to bruteforce some FTP accounts, some of which looked like random users, others that were /military/ sites. The people that had a brute force attempt against them contacted the ISP, which contacted the colocation place, which in turn contacted me, the IT manager for the company. Fortunately it wasn't anything serious, and just a cease-and-desist. I fixed the problem, and no one said anything else because it didn't happen anymore.

In the worst-case, you're going to piss off a sys admin who's going to crack down on your ass, either through the law or by messing with you. For instance, I caught someone trying to bruteforce my router's SSH login my freshman year of college. After reporting them to the university and their ISP, I managed to gather enough data on them, due to a ragingly insecure system configuration, to mess with them a bit. Mostly things like subscribing them to massive amounts of pr0n.

It's probably not worth doing anything with, and it's stupid to do anything from home/school/whatever.

0

Share this post


Link to post
Share on other sites
say hypothetically if I were to use a bruteforcer or a dictionary password guessing program thing to get somebody's password for something, and get caught doing so, what are the consequences? and what are the chances of getting caught??

When you have a record of computer crimes it will be hard to get a job you may want. People do not want to deal with that and you'll always get passed over by someone with a clean record, even if you are more knowledgeable.

When under 18 you would not go to prison and probably not even have a record, but would put your self in a sh***y position.

Nothing would even happen depending on losses vs prosecution costs (as stated earlier). If you get into a computer and get something like credit card numbers then the Feds will be after your prosecution as well....

Edited by tekio
0

Share this post


Link to post
Share on other sites
say hypothetically if I were to use a bruteforcer or a dictionary password guessing program thing to get somebody's password for something, and get caught doing so, what are the consequences? and what are the chances of getting caught??

When you have a record of computer crimes it will be hard to get a job you may want. People do not want to deal with that and you'll always get passed over by someone with a clean record, even if you are more knowledgeable.

When under 18 you would not go to prison and probably not even have a record, but would put your self in a sh***y position.

Nothing would even happen depending on losses vs prosecution costs (as stated earlier). If you get into a computer and get something like credit card numbers then the Feds will be after your prosecution as well....

Yes it does depend on costs actually, if somebody commits a crime like an attempted brute force the police aren't going to direct thousands of dollars worth ot resources to solving the crime because its not even worth it. Thats why there are minimum damage thresholds that agencies like the FBI have as to not waste all their time with juvinile crimes. Whereas if you take somebody's credit card and buy a whole bunch of shit with it then your causing a bit more damage so it may raise more concern...

edit: Sorry, I should have been more clear. By prosecution I meant the investigation, the labor hours that go along with it, and the actual court process.

Edited by Remix
0

Share this post


Link to post
Share on other sites

thanks. now i guess my next question would be is somebody that knows what they are doing willing to get a photobucket password and walk me through the process?

0

Share this post


Link to post
Share on other sites

please read the definition of hacking!

--thread closed --

0

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0