Quantcast
Subscribe to magazine

Hackers Trade Tool Tips

MetaSploit toolkit can access, control PCs over the Internet 'for good or evil,' writers say.

Victor R. Garza, special to PC World

  • 0 Yes
  • 0 No

LAS VEGAS -- It may be well over 100 degrees outside, but cool heads at the Black Hat Briefings security conference here are talking about ways to break into systems to test how secure banks, transportation agencies, and government systems really are.

And attendees are spilling out into the halls to hear the presentations, including one on a new toolkit for taking over computers via the Internet.

Tools for Evil?

Presenters HD Moore and Spoonm (as he's known at the conference) are part of a crew of four young security analysts who developed a so-called attack and penetration toolkit called MetaSploit. The free toolkit is intended to help attack and "own" or "root" a machine--hacker vernacular for taking complete control of someone's PC without their permission. Of course, security workers can also use MetaSploit to try to bolster their own systems' defenses against such tools.

In fact, the presentation "MetaSploit: Hacking Like in the Movies" drew many security consultants and individuals from government agencies with three-letter acronyms like DoD and NSA.

MetaSploit is as easy as "point, click, root," Spoonm said during the presentation. It may not be as simple as the presenters suggest, but MetaSploit does enable people to use and customize the tool as they see fit. Spoonm said that the tool has been downloaded roughly 20,000 times.

"Yes, our tool can be used for evil, but many other tools can be used for evil," acknowledged Spoonm, a gregarious American student attending an unspecified Canadian university. The group developed MetaSploit partly to help security consultant HD Moore with his job. Moore helps corporate and government organizations improve their security by bringing to light unrecognized vulnerabilities.

Attendee Concerns

A DoD representative in attendence who declined to give his name called MetaSploit "very significant in terms of adaptability and platform versatility" but said it will "ultimately be used for negative purposes."

"MetaSploit isn't being taken seriously enough" by his peers in government security, the DoD employee added.

  • Recommend this story?
  • 0 Yes
    0 No

Related Security Articles

More Related Security Articles
  • CDW Virtualization Center What is Virtualization and how can it help you save money? Click here to find out.
  • Cisco Small Business Center Does your network give your business an advantage. Click here to find out...
  • HP Ink Center Bring improved color and brilliance to your printed material. Visit the Resource Center for more info...

PC World's Marketplace

PC World's Free Whitepapers

Name City
Address 1 State Zip
Address 2 E-mail (optional)