Ghost in the Wires_ My Adventures as the World's Most Wanted Hacker - Kevin Mitnick [151]
New security bug reports were often sent to CERT, sometimes in unencrypted emails. These were what RGB and I were after, new bugs that we could leverage to get into systems, almost as if we had a master key to the server. Our goal was to leverage the “window of exposure,” the time lapse until the manufacturer came up with a patch and companies could get it installed. Such security holes had a limited shelf life: we would have to make use of them before they were fixed or otherwise blocked.
I had known about RGB’s plan but doubted he would be able to capture the credentials to a CERT staff member’s account. Yet he had pulled it off in a short time. I was shocked but happy to share the spoils with him. As a team, we hacked into the workstations of several other CERT staff members and grabbed everyone’s email spools, meaning all their email messages. And we hit the mother lode, because many of those emails contained unencrypted messages disclosing so-called zero-day vulnerabilities—meaning that they had just been discovered, and the software manufacturers had not yet developed or distributed patches to fix the problems.
When RGB and I found that most bugs were sent “in the clear”—unencrypted—we could hardly contain ourselves.
As I said, that had all happened a couple of years earlier. But now, sometime around September 1994, an unexpected message popped up from RGB, drawing my attention back to CERT:
Hi, Here’s some info for you:
there is a vax/vms system on 145.89.38.7 login name:
opc/nocomm there might be x.25 access on here but i’m not sure, on the network there is a host called hutsur, this host does have access to x.25 for sure.
you might wonder why this has to be so secret, but i’m starting to hack again and I dont want the police to know anything about it. in order to start again, i need you to do me a favor. could you get me some numbers of terminal servers all over the u.s., i will use some outdials i got to get to them, and will go from these terminal servers on to the internet.
This time around i’m really gonna setup all the things right, so nothing will be noticed. The preparation for the whole thing will take about 1 month or so, after that i will be found regularly on the internet, i will then give you some more info on what projects i’m working. i’m all ready busy trying to get access to cert again, i have gotten different passwords for cmu systems, which i will use in a later stage.
Thanxs,
P.s.)
Included is my pgp key
He wanted to get back into CERT again!
One day in early October 1994, not long after RGB’s email, I went out to lunch carrying a small package containing a defective OKI 900 cell phone that I was planning to mail back to the store that day. As was almost always the case when I was out on foot, I was talking on my cell phone. I walked down Brooklyn Avenue toward the heart of the U District. When I crossed 52nd Street, about two blocks from my apartment, I heard the faint sound of a helicopter.
The sound gradually grew louder, then was suddenly very loud and right overhead, very low, as the helicopter evidently headed for a landing at a nearby schoolyard.
But it didn’t land.
As I walked, it stayed right over my head and appeared to be descending. What the fuck is going on? My thoughts started churning. What if—what if the chopper is looking for me? I felt my palms start to sweat and my heart begin to pound. Anxiety was running through my veins.
I ran into the courtyard of an apartment complex, where I hoped some tall trees would block me from view of the chopper. I tossed my package in the bushes and started