SALVAGE SPACE: HACKING

.___.__  .______  ._______ .____/\ ._______.______  .________
:   |  \ :      \ :_.  ___\:   /  \: .____/: __   \ |    ___/
|   :   ||   .   ||  : |/\ |.  ___/| : _/\ |  \____||___    \
|   .   ||   :   ||    /  \|     \ |   /  \|   :  \ |       /
|___|   ||___|   ||. _____/|      \|_.: __/|   |___\|__:___/ 
    |___|    |___| :/      |___\  /   :/   |___|       :     
                   :            \/                           

In a universe where everything has integrated electronics and computers, Hackers play the most dangerous game…

As in the 21st Century, people of the 43rd Century interact with countless computerized devices within their environment, such as intelligent controllers, robotics or cybernetics, even synthetic intelligences in a seemingly endless variety and combination.

The skilled hacker or programmer knows these complex systems break down into fundamental blocks with flaws they can exploit through knowledge, skill, and persistence.

Hacking In History

Technology Level Examples
TL -9 Ishango Bone, Quipu
TL -8 Abacus, Antikythera mechanism
TL -7 Mathematics, Mechanical / Clockwork devices
TL -3 Steam-works, earliest electronics, radio
TL -2 Morse Code and Amateur Radio – widespread Electronics and Communications
TL -1 Beginnings of Computer Skill – see CARDIAC
TL 0 The first Planet Net and early Orbital Net
TL +1 Planet and Orbital Nets, non-creative AI, low Autonomous Interfaces
TL +2 Planet Nets, Interplanetary Packet Communications
TL +3 Highly autonomous Synthetic Intelligence
TL +4 Are computers people yet?

Hacker Ethos or Culture

  • Spartan – Reject Excesses
  • Efficient – Short, Fast, Hard
  • Optimized – Stripped Down
  • Hacktivist – Political Motivation
  • Cowboy – Anti-Establishment
  • Elite – Do It Yourself, Because You’re Better Than The Rest

Hacker Groups

Hackers may work alone or affiliate in groups based on shared common cause or mutual pooling of different skills.

For example a “demo group” may have a “coder”, an “artist”, and a “musician” who work together to code and release technical demonstrations.

A “cracking group” may have a number of “suppliers” who provide (somehow) the uncracked copies of software, “crackers” who reverse engineer and remove the protections, “trainers” who reverse engineer the code and add additional controls such as unlimited health to a game character, and finally “distributors” who spread the cracked software in trade to others.

Hacker Skills

The Hacker profession centers around the following skills:

Ingenuity / Engineering (Computers)
This is the fundamental skill for dealing with computer hardware.

Intelligence / Computer Operation
This is the fundamental skill for computer operations, software.

Ingenuity / Computer Programming
The is the fundamental skill for crafting programs.

Intelligence / Communications
This is the fundamental skill for communications between computers and devices.

Hacker Gear

A Hacker may build their hacking consoles from the standard computer options

  • Communicators
  • Computers
  • Robots and Drones

Platform Types (by TL)

  • Embedded
  • Handheld
  • Terminal / Portable Terminal
  • Desktop / Laptop
  • Workstation / Portable Workstation
  • Server
  • Cluster/Rack
  • Mainframe

Reconnaissance

Subverting a system begins with reconnaissance:

  • Learning the characteristics of the target hardware, software, and protocols.
  • Passive traffic analysis or active probing of connections
  • Mapping interfaces or connections to other systems

Tooling

During the reconnaissance, the attacker assembles tools and techniques into a plan of attack.

They may spend days, weeks, or even months crafting their tools and techniques to exploit a target and maximize their returned benefits while minimizing any exposure to defense or traces left behind.

Types of Tooling:

  • Agents or Synthetic Intellect, Analysis
  • Databases and Expert Systems
  • Design, Modeling, Simulation, and Visualization
  • Interfaces and Translation
  • Security or Defensive
  • Exploits, Intrusion or Offensive

Security or Defensive

  • Network firewall
  • De-Militarized_Zone
  • Enclave Network
  • Host-based Firewall
  • Network Intrusion Detector
  • Host-Based Intrusion Detector
  • Honeypot
  • Canary Tokens
  • Hardening
  • Housecleaning
  • Application Proxy
  • Tarpit
  • Restore/Rollback
  • Redpill/Rootkit Detector
  • Log Correlator
  • Tripwires
  • Port Sentry
  • Port Knocking
  • DenyHosts
  • Offsite Backups
  • Automated Rebuild
  • Container Respawn

Exploits, Intrusion or Offensive

  • Virus
  • Trojan
  • Bot/BotNet
  • Buffer Overflow
  • Unvalidated Input
  • Race Condition
  • Incorrect Access Controls
  • IPC Error
  • Insecure File Operations
  • Encryption Error
  • Privilege Escalation
  • Back Door
  • Side Channel
  • Injection Error (Fuzzer)
  • Brute Force
  • Dictionary Attack
  • Code Injector
  • Rootkit/Bluepill
  • Default Accounts
  • Man In The Middle Interceptor
  • Traffic Analysis
  • Distributed/Denial of Service
  • Worm
  • Phishing/Spear Phishing
  • Social Engineering
  • “Inside Man”
  • Proxy/Relay
  • Ransomware
  • Profiler to analyze code

Hacking Runs

When it is time, the hacker puts their months of preparation, coding tools, refining techniques, and natural skills to the test, making their attempt to subvert the target system defenses.

The hacker may balance the risk and reward of testing their attack against a similar target as a proof or trial run before the main event, which could increase the risk of premature exposure of the attack to the intended target.

During a hacking run, the programmer makes quick reconfigurations, modifications, patches, or tweaks to the cores and modules they prepared for the run.

Due to the complexity, however, a programmer cannot fundamentally alter those cores or modules functions which took days, weeks, months, or years to code and test.

The programmer may “swap out” cores or modules during the run, provided the replacement code already exists, was brought along, or can be made available to install or swap into place.

Accessing The Target

To subvert a system, the hacker must interface to it through:

  • Physical access using a communication port (such as neural link)
  • Remote access over direct, physical connections such as cabled internetworks
  • Remote access using a wireless access point, such as a signal transceiver using radio, light, or other means.

Rarely does a hacker enjoy the luxury of directly attacking the target such as physical access.

More frequently the hacker must subvert a chain of interconnected systems with varying security on each.

Layer upon layer of densely interconnected devices create labyrinthine mazes of systems which the hacker must tackle individually.

Risks

Invading systems comes with significant risks.

Systems implement defenses, such as intrusion detection and countermeasures which poses risks to the hacker.

Synthetic intelligence defenses may surprise or counter hackers through improvised adaptations to the attack in real time.

Worse, the consequences of detection during a hacking run frequently involve counterattacks in realspace by security, enforcement, or mercenary forces as the synthetic intelligence or system owner chooses.

Subverting The System Defenses

Programmers or hackers can use a variety of methods to gain access to computerized devices:

  • Brute force guessing of logins and passwords using dictionaries or tables
  • Exploitable flaws in the software or protocols which allow unintended regular or privileged access
  • Default accounts (logins or passwords) which are not changed or secured by the device owner
  • “Back doors” left by previous attackers or the original programmers themselves
  • With physical access, the ability to physically modify the target may simply remove layers of defenses by disabling the physical hardware that implements them

The Hacking Run Results

Subverting system defenses results in a number of benefits:

  • Access to the stored software, databases, and documentation within the system
  • Access to the system resources to amplify attacks against additional targets
  • A growing library of exploits which may be disclosed by black hat hackers or through analyzing recent patches
  • Another layer of misdirection to route future attacks through

Chronology

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies