GNUCITIZEN

Well, I cant agree with you. There are two possibilities: you don’t understand what you’re reading (which I doubt) or you want to say something about something that really doesn’t matter at all.

Exempli gratia:

Script Kiddies use tools they don’t write – Like you write everything you use? Life is short! Successful people build themselves on the top of the experience and the work of those before them. Why reinvent the wheel?

Yes, of course you shouldn’t reinvent the wheel but you clearly should understand how it works and how to do it if you must to. Script kiddies use tools like others but they don’t understand how tool works at that’s the catch because without understanding you cannot use something properly.

Script Kiddies cannot program – It is perceived that 1337 security researchers are those who know ASM and C and perhaps perl, python or ruby. A junior web developer knows 10 times more languages and has experience with a lot more programming environments.

Well, if you really think about hacking you need to know assembler and C also. (C because it’s wide spread not because you really need it, Asm you really need). It doesn’t matter that junior webdeveloper knows 10 times more languages and hase experience with a lot more programming environments because webdeveloper do not need to worry about i.e. properly memory allocation.

Script Kiddies’ objective is to try to impress their friends or gain credit – Everybody wants some type of credit even when they claim that they don’t. They lie. In our human nature there are a driving forces bigger then wealth and these are credit, approval and acceptance among your family and peers.

Of course but it doesn’t collide with each other. Everybody wants some credit, that’s true but not everybody do something only because they want credit. Hackers want credit like any other human being but they don’t do something only because they want credit (which script kiddies does).

And I can opposite every other argument that you wrote. It’s just pointless because you point out things without logic behind; you just write some dumb acapits to prove you’re right, but you are not.

PS.
Sorry for my poor english.

the reason behind this post is fairly obvious. while I understand that most of the readers will say well yes, script kiddies this and that… bad, bad, bad, no one really asks who are the script kiddies and what the term actually symbolizes. why? because most people have prejudice. it is too hard to think nowadays when you can get most of the answers from other people who don’t have a clue, or the web.

omegalfa, you can find a lot of logic in my thoughts. i can counter argue every point you make but that will be a complete waste of my time. clearly, you think that knowing ASM is a great thing but I can tell you that I’ve taken ASM courses as part of my high school education but this does not make my classmates hackers.

the security scene is full of prejudice. if you are not part of ASM/C group you are out of it. you are a script kiddie. if you don’t understand how the tool works then you are scrip kiddie. you are out of the group. but knowing how to write a tool and knowing how to use it in the most effective way are two completely different things. more over, people that write the tools often don’t know how to use them in the most effective way. i bet that at some point in your life you used a tool that you didn’t understand how it worked. perhaps it was closed source. perhaps you were too lazy to read the code. perhaps at that moment you were a script kiddie!

you have sword makers and sword masters. a sword maker can engineer the best sword from the best steal. however, sword masters are those who know how to make the most use of the weapon.

orlin, parts of your comment were censored out. read the rules before posting.

your comment doesn’t make sense. surely you must have a tiny clue what the tool does before using it. understanding how things work is a very subjective. everybody who claims that s/he knows everything, clearly doesn’t have a clue.

my point is that between you and those that you call script kiddies there isn’t much difference. we are talking about different people at different point of their learning curve.

People who use nmap are scriptkids too, the person who wrote nmap is a scriptkid too according to the official description since nmap uses pre-written C libraries and API’s like making socket connections. (which is hard for a scriptkid to figure out) therefore he only uses high level API’s and libraries, so only diehards write in assembly can be considered not scriptkids.

I think the term is used by intellectual snobs trying to prove something from themselves. nonetheless, beware of the scriptkid, he too can take you down.

;)

Yes a script kiddie is somebody that uses exploits,tools,software and know nothing about the concept and or pray on milw0rm waiting for the next exploit to drop so they can run it threw Google.

Everybody starts out a script kiddie and its weather or not you want to advance into something more. But nice post about the subject it self I might have to do one.

Apparently I didnt make myself too clear in my first post, so I will give it a try now, when I am kind of drunk.

We have already defined what a script kiddie is, but we did not define what a hacker is. For my definition I will use RFC1392: http://tools.ietf.org/html/rfc1392 According to it a hacker is: a person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular.

There are quite a lot of differences between a hacker and a script kiddie, and it is not only the knowledge. What we can see from this defintion is that there is nothing about hacking as in harassing even advanced computers and networks. If we think about it a little bit more we will agree with univax on almost every word. What he describes is a whitehat (or maybe an ethical hacker). A hacker might not always hack with the purpose of to more fully understand systems, and thus also to fix and improve them. There are evil hackers as well and even anonymous hackers on steroids (courtesy to Fox news).

@pdp: my point is that between you and those that you call script kiddies there isn’t much difference. we are talking about different people at different point of their learning curve.

That would be true if every script kiddie tries to understand what actually happens when he clicks the hack button. Which would mean that he/she will acquire the knowledge that he/she is lacking to be a hacker. Most of the script kiddies however do not try to understand and learn, so according to your definition they stay at the same point of their learning curve.

My personal idea of what a script kiddie is, is shown in this thread: http://www.webforumz.com/webfo.....hacker.htm

ps: about the censored stuff, what I actually wrote is something like, that pdp finally admitted being a script kiddie. I meant it in an ironic way, yet today I was told by 5 different people that I am not good at that stuff.

I know that I dont know anything and this is why I want to learn more. Only once I have understood the concept of an attack I try to execute it and see what happens. If it works – cool, time to experiment some more, if not I try to debug and see why it didnt work.

Because my knowledge is so limied I cannot call myself a hacker. Because I want to understand what is happening I cannot call myslef a script kiddie. If I have to choose what I am – a hacker or a script kiddie, I must be hounest and say I am far nearer to the second category then to the first one. I better description for me would be total n00b.

pdp said that there are two types of people, who craft a weapon and those who use it. Yes, this is so. Yet when you start learning the way of the sword, you use a wooden once and once you have proven yourself you get a better sword until one day you are recognized and recieve a master sword.
Yet today anyone can get a master sword and start with it, skipping all the needed years of trainig. Those people are (should be) called script kiddies.

In one of his posts pdp said that everyone starts as a script kiddie. Yet I should disagree with him. Not everyone starts as a script kiddie, but everyone starts as a noob. And having no idea what is going on is not so bad – you can repair the problem by learning alot. We all start from 0. Yet being a 0 and pretending to be the greatest is something else.

Even thoug rvdh is right – if you have the tools and some luck you can hack a site, compromise a system, etc. That is thanks to the UI which allows us to use complex system without fully understanding them. Yet if you lack any understanding of how a tool works you might make big mistakes. I will take mindcorrosive’s example with the microwave oven – we have all heard examples of people trying to “warm” up different living creatures in a micorwave. I think the most popular one are cats. Though I might not be able to recreate a microwave oven, still will know that putting something alive in there will kill it. As another example I will use the link, which I gave in my last post, to a script kiddie which used a good tool and successfully hacked 127.0.0.1. Yep, because he knew nothing about the loopback, he hacked himself.

In conclusion I should say that the definition of script kiddie in wikipedia is way to broad. The definition of hacker is way to complex. Only the definition of a noob is well written.

ps: I miss the preview feature :/

If one thinks out of the box, one also stops judging of the box. e.g. not placing labels anymore. A hackers mind absorbs anything, yet is attached to nothing.

The term hacker is somewhat vague. Old hackers used to say: If you can hotwire a car, that doesn’t mean you are a car engineer. So the car egineer usually knows more about cars than the car-hacker, because he designed it.

Being a hacker for me, doesn’t mean you know everything about a particular system, but you have the ability to approach it in a different way, look around it, and seeing the system in 4D instead if the 1D that the designer of the system has. A 4D mind sees the whole instead of it’s parts, that why most hackers are left & right brained, and they can switch between them, whereas as the system programmer usually can only think left-brain, linear instead of creative.

One luck is that you can learn to be linear as a rightbrian person, but it’s very hard to be creative for a leftbrain person, since creativity lacks a linear structure, creativity just emerges like spontaneity.

Hmmm…I suppose that script kiddies would be those 11 year old kids who think that batch is 1337? We were all at that stage though, we all wanted to feel cool for at least the slightest moment. Well, what I think about a Script Kiddie / Skid really is that when they do sometimes develop code they use parts from other’s work. Almost everyone has looked at an example code once or twice. Who dosn’t need that motivation to better the code? But I mean common’ at least give credit to the author..who helped you develop the better. So a skid or whatever you want to call them is really up to you..

Well…
The main difference between skiddie and hacker is that hacker uses his knowledge to hack,and script kiddies use tools other people wrote to hack.
Script kiddies got no idea about how the tools work or how they will affect the server.They just press the “HACK” button and if it affected the website in some way they go on telling their friends about it.

Like on time i got on some page on the internet that described a vulnerability in php.exe if apache is not properly configured ,there was like 10 comments that said “From where can i download php.exe and how do i use it?”.Those are real skiddies they don’t know even what the program does they just click “OK” ,and wait for some effect.

This kind of people are actually dangerous. There is no use for hacker to launch a DoS attack on some server.While the skiddie will do it ,and then tell his friends “Hey ,see this web site is down of because of me”.

Respect,XORG