Jump to content

Hacking? or keylogging?

sparky697

By sparky697
in Tech and Computers

 Share

Recommended Posts

Hobgoblin11

Hobgoblin11

Posted
Posted

There is a lot of debate about this.

 

 

 

The short answer is, yes. One common method is called a 'brute force' attack, where a hacker runs a program that tries every possible combination of alphanumeric characters, working on the assumption that sooner or later, they will hit your password. As you can imagine, this takes a while, but is guaranteed to work.

 

 

 

Many systems have in place a method to stop brute force attacks, for example, locking you out for 10 minutes after 5 unsuccessful attempts. I don't know eough about the jagex system to comment, but I'm sure one of the more 'hacker-savvy' people on this forum will be happy to help you out.

 

 

 

You are right in a sense though, that most RS 'hackings' occur because people unwittingly install keyloggers onto their machines.

99/99 Fletching, 99/99 Cooking, 96/99 Strength

Hobgoblin11.jpeg

Link to comment
Share on other sites
blade995

blade995

Posted
Posted
There is a lot of debate about this.

 

 

 

The short answer is, yes. One common method is called a 'brute force' attack, where a hacker runs a program that tries every possible combination of alphanumeric characters, working on the assumption that sooner or later, they will hit your password. As you can imagine, this takes a while, but is guaranteed to work.

 

 

 

Many systems have in place a method to stop brute force attacks, for example, locking you out for 10 minutes after 5 unsuccessful attempts. I don't know eough about the jagex system to comment, but I'm sure one of the more 'hacker-savvy' people on this forum will be happy to help you out.

 

 

 

You are right in a sense though, that most RS 'hackings' occur because people unwittingly install keyloggers onto their machines.

 

 

 

Your absolutely correct. I do know Jagex has something like that in place. I believe it's like 10 attempts before your locked out. This was when I played over a year ago, it may have changed.

 

 

 

What some people may do for a Runescape bruteforce attack is not to target directly one person but a large group of people. What they will do is have a list of 10 commonly used passwords to try onto every account they give the program. Thats why you should have a very strong password consisting of letters, numbers, and symbols.

goldenblade995.png
Link to comment
Share on other sites
deloriagod

deloriagod

Posted
Posted

Yes, brute force and keylogging are definitly the most popular forms of hacking. However.. A few weeks, some serious sweet talking, and getting someone to trust you is also a decent way to get someones account if you are really pateint and have a good feeling you can get someone to give up their password..

newsig1wd2.jpg

Link to comment
Share on other sites
Cruiser

Cruiser

Posted
Posted

People that steal RS account in no shape or form deserve to be talked about as 'hackers'. They're script kiddies and most of them don't even deserve that label.

 

 

 

Most of the keyloggers they go around using are simply downloaded, set to upload to an ftp account and distributed. Alot of them don't even bother trying to hide the fact it's a keylogger either. One of them that one of the IRC opers had the joy of ripping apart even left the spash screen on it that says "xxxx keylogger by xxxxx inc.". Was rather funny. Was even better when he found out the idiot had keylogged himself after getting in to the FTP account it was sending the info to. :lol:

 

 

 

As long as you practice basic computer security by not downloading random files posted by people and by using a strong password you have very, very little to worry about. If someone has the skill to actually hack your machine in the true sense of the term (without you actually doing anything, like installing a keylogger), you have far more important things to worry about than your RS account.

Link to comment
Share on other sites
Mercifull

Mercifull

Posted
Posted

A brute force attack is only as good as its dictionary database. Its by no means a guarantee that it will eventually work out your password when left to run.

 

 

 

banana is an easy password for a brute force attack to get

 

B4n@naz5! is much harder

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites
Chris

Chris

Posted
Posted
A brute force attack is only as good as its dictionary database. Its by no means a guarantee that it will eventually work out your password when left to run.

 

 

 

banana is an easy password for a brute force attack to get

 

B4n@naz5! is much harder

 

 

 

Psssst Matt, that's a dictionary attack.

 

 

 

Bruteforce if left long enough will hack anything.

 

 

 

Only because it does this...

 

 

 

Password: a

 

Password: b

 

Password: c

 

Password: d

 

Password: e

 

....

 

Password: aa

 

Password: ab

 

Password: ac

 

....

 

Password: ba

 

Password: bb

 

 

 

 

 

Etc. That's why having a password like abc123 is bad. Where-as having a password like xcjrnnvmn673mdjhjhrdv433 is good. Hell, mix in a few uppercase and you'll probably never ever get hacked.

 

 

 

Unless of course you...

 

A: Write it down.

 

B: Install a keylogger.

 

C: Tell people.

 

 

 

Then, you sorta deserve it. :P

dwmafianw7.jpg

Notoriously Trollish.

Link to comment
Share on other sites
Mercifull

Mercifull

Posted
Posted

Fair enough but even a proper brute force running 200,000 passwords a second would take 10697 years to work out my password example. A botnet of a million computers would manage to crack it in 39 days but you can pretty much guarantee that a network manager would notice that far before your account was compromised lol

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites
sparky697

sparky697

Posted
  • Author
Posted

wow lol lots of help here. i was just wondering so i could learn either how to keylog or hack

 

 

 

JUST KIDDING!! them people are stupid. who the hell would waste their time trying to get accounts on a GAME......

 

 

 

stupid no lifers.

 

 

 

 

 

thanks for all of the help though guys!! all cleared up!

diabl0_915.png
Link to comment
Share on other sites
Nadril

Nadril

Posted
Posted
wow lol lots of help here. i was just wondering so i could learn either how to keylog or hack

 

 

 

JUST KIDDING!! them people are stupid. who the hell would waste their time trying to get accounts on a GAME......

 

 

 

stupid no lifers.

 

 

 

 

thanks for all of the help though guys!! all cleared up!

 

 

 

 

 

MMORPG accounts can sell for nice sums of cash on various 'action sites' so to speak, or e-bay.

 

 

 

 

 

Not trying to condone it just saying thats why some bother, others just want items (typical script kiddies).

 

 

 

 

 

 

 

Anyways everyone seemed to sum it up well. Like they said as long as you have a good password, don't give it out and don't download strange links you will be fine.

Link to comment
Share on other sites
champion

champion

Posted
Posted
A brute force attack is only as good as its dictionary database. Its by no means a guarantee that it will eventually work out your password when left to run.

 

 

 

banana is an easy password for a brute force attack to get

 

B4n@naz5! is much harder

 

 

 

Psssst Matt, that's a dictionary attack.

 

 

 

Bruteforce if left long enough will hack anything.

 

 

 

Only because it does this...

 

 

 

Password: a

 

Password: b

 

Password: c

 

Password: d

 

Password: e

 

....

 

Password: aa

 

Password: ab

 

Password: ac

 

....

 

Password: ba

 

Password: bb

 

 

 

 

 

Etc. That's why having a password like abc123 is bad. Where-as having a password like xcjrnnvmn673mdjhjhrdv433 is good. Hell, mix in a few uppercase and you'll probably never ever get hacked.

 

 

 

Unless of course you...

 

A: Write it down.

 

B: Install a keylogger.

 

C: Tell people.

 

 

 

Then, you sorta deserve it. :P

 

 

 

Interesting about not writing your password down, because after you make an RS account, Jagex suggests writing it down. #-o

 

 

 

Funny, I thought Jagex was all for security =P.

 

 

 

You're right though.

 

Link to comment
Share on other sites
Mercifull

Mercifull

Posted
Posted

To be fair to Jagex writing it down is very unlikely to get your Runescape account "hacked" by anyone other than a family member or friend. Its the script kiddies online that Jagex are trying to protect you against.

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites
zonda

zonda

Posted
Posted
It does lock you out after a certain number of attempts. For 10 minutes in fact. So being hacked using a 'dictionary attack' is very unlikely.

 

 

 

Which is why people use lists of proxies obtained either via sites (which usually offer free ones that are extremely slow or overused) or scanning for them using programs called proxy hunters... basically they scan whatever range you want and will ping for different proxies on a specified port. Then it will record if it times out or if it responds, how long it took.

 

 

 

When I was younger I'll admit I did my fair share of "iffy" stuff.

 

 

 

And there are plenty of hackers who would beable to "hack" an account... but those hackers generally have better things to do with their time.

 

 

 

Some interesting reads with plenty of links to read along the way if your looking to kill some time. (the first two being the most relevant)

 

http://en.wikipedia.org/wiki/DEF_CON

 

http://en.wikipedia.org/wiki/Cult_of_the_Dead_Cow

 

 

 

This goes to show not all hackers are "bad"

 

http://en.wikipedia.org/wiki/Hacktivism

 

http://en.wikipedia.org/wiki/White_hat_hacker

 

 

 

Interesting stuff, gets into the origin of hacking - phone phreaking and whatnot

 

http://en.wikipedia.org/wiki/Timeline_o ... er_history

...

Link to comment
Share on other sites
tanjack23

tanjack23

Posted
Posted

Also, I recommend people to use passwords with random letters and numbers that is 10+ characters and to avoid "Brute Force", you can also set a new password every couple of weeks making it more un-likely to be hacked. Make sure you write your password down if you do this otherwise, you might end up getting trapped yourself. :wink:

tanjack23.png

 

Tanjack23

Taking it the Smart Way!

Link to comment
Share on other sites
Chris

Chris

Posted
Posted
Brute Forcing and Keylogger are not even close to hacking.

 

 

 

They both require no skill.

 

 

 

Of course... I mean, what do you do? You just point it at a password box, type in a username and press go don't you? I mean why would you want to protect yourself using firewalls and proxies. No one's ever gonna prosecute you for bruteforcing hotmail or myspace.

 

 

 

hacking

 

Unauthorized access to computer systems, either for fun or for malicious or fraudulent purposes. Hackers generally use computers and telephone lines to obtain access. In computing, the term is used in a wider sense to mean using software for enjoyment or self-education, not necessarily involving unauthorized access. The most destructive form of hacking is the introduction of a computer virus. In recognition of the potential cost to business that hacking can cause, many jurisdictions have made hacking illegal. One of the most celebrated hacking cases was that of Kevin Mitnick, who spent five years in jail 1995ÃÆââââ¬Å¡Ã¬Ã¢ââ¬Ãâ2000 on 25 counts of computer and wire fraud, and one charge of cracking. Mitnick had hacked into computers at the University of Southern California and tampered with data.

 

 

 

Some hackers call themselves ethical or white hat hackers. Often ÃÆââââ¬Å¡Ã¬Ãâ¹Ãâpoachers turned gamekeepersÃÆââââ¬Å¡Ã¬Ã¢ââ¬Å¾Ã¢, ethical hackers probe Web sites for holes in the security system, either fixing the holes themselves or alerting the company in question. There is some dispute over the correct use of the term hacker. Some believe hacker should be used to describe someone who develops computer software, with the term cracker being used for a person who breaks into a computer system.

 

 

 

Hacking can be divided into four main areas: viruses, software piracy (stripping away the protective coding that should prevent the software being copied), denial-of-service attacks (where a Web site is bombarded with so many messages that it crashes), and ÃÆââââ¬Å¡Ã¬Ãâ¹ÃâphishingÃÆââââ¬Å¡Ã¬Ã¢ââ¬Å¾Ã¢ (tricking Internet users into revealing credit card or bank account details). Sophisticated hackers are now able to reverse-engineer security patches, allowing them to penetrate computer systems where the patches have not yet been applied. In addition, tiny storage devices can be connected to a computer's USB port and, either data copied from the computer to the removable storage, or the device used to introduce automated hacking programs, which can send sensitive information to the hacker via the Internet.

 

 

 

White hat hackers are computer experts employed by companies to hack into their networks to expose weaknesses in security.

 

 

 

In the UK, hacking is illegal under the Computer Misuse Act 1990. British hacker Paul Bedworth was the first to be prosecuted under this act in 1993.

 

 

 

Famous hackers include, in the USA, Kevin Mitnick and, in the UK, Rob Schifreen and Steve Gold, who in 1984 hacked into Prince Philip's mail box on the British Telecom service Prestel. Addiction to computing and an obsession with working with computers has been used as a defence in various cases, including one of the early arrests of Mitnick.

 

 

 

 

Very first sentence. So you see Keylogging and Bruteforcing ARE hacking.

 

I think what you mean is downloading Keylogging and Bruteforcing applications and running them is not hacking. It is still to an extent but most 'real' hackers would prefer to use their own programs.

dwmafianw7.jpg

Notoriously Trollish.

Link to comment
Share on other sites
Chris

Chris

Posted
Posted
You wasted your time, it was obviously my opinion.

 

 

 

I didn't waste my time, and if you have an opinion try to give it in a non-factual thread. Like "What do you think about X movie?".

 

 

 

:)

dwmafianw7.jpg

Notoriously Trollish.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept