Script kiddie

From Wikipedia, the free encyclopedia

In hacker culture, a script kiddie (occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar) is a derogatory term used for an inexperienced malicious hacker who uses programs developed by others to attack computer systems, and deface websites. It is generally assumed that script kiddies are kids who lack the ability to write sophisticated hacking programs on their own,[1] and that their objective is to try to impress their friends or gain credit in underground hacker communities.[1]

Contents

[edit] Tools

Script kiddies have at their disposal a large number of effective, easily downloadable malicious programs capable of harassing even advanced computers and networks.[1] Such programs have included WinNuke applications, Back Orifice, NetBus, Sub7, Metasploit, ProRat and any auditing program as well.

Another simple means of attack is a computer worm. These are spread through e-mails and, once opened, they can be automatically sent throughout entire systems, often without the users realizing it. The purpose of a worm varies, from sapping the targeted computer or network of bandwidth and therefore slowing performance, to deleting or encoding files. Other commands are possible.

In a denial-of-service attack (DoS), the attacker tries to shut down network activity in a target system by sapping the computer network of bandwidth or other resources. A number of distinct DoS attacks have been created that pursue this goal through different means, such as SYN flood, ICMP flood (a.k.a smurf attack) and ping floods. If the server gets overwhelmed with excessive amounts of information, it will stop responding, and may require a restart.

[edit] Famous examples

Script kiddies are often able to exploit vulnerable systems and strike with great success. The most famous examples include:

  • A 15-year-old script kiddie called Gander was arrested in an upper class neighborhood in Montreal in 2000. Using downloaded tools to begin DoS attacks, he struck famous websites such as Yahoo, Dell, eBay, and CNN, causing roughly $7.5 million worth of damage. He pleaded guilty to 55 criminal charges and served 8 months in a youth detention center.
  • In 1999, NetBus was used to discredit a law student named Magnus Eriksson studying at the Lund University. Child pornography was downloaded onto his computer from an unidentified location. He was later acquitted of charges in 2004 when it was discovered that NetBus had been used to control his computer.
  • Jeffrey Lee Parson, an 18-year-old high school student from Minnesota was responsible for using the B variant of the infamous Blaster worm. The program was part of a DoS attack against computers using the Microsoft Windows operating system. The attack took the form of a SYN flood which caused only minimal damage. He was sentenced to 18 months in prison in 2005.

[edit] References

  1. ^ a b c Lemos, Robert. Script kiddies: The Net's cybergangs Retrieved on 24 April 2007.

[edit] See also

[edit] Related Books

  • tapeworm, tapeworm (2005). 1337 h4x0r h4ndb00k. Sams Publishing. ISBN 0672327279. 

[edit] External links