Thursday, March 15, 2012

Anonymous OS

I heard about this last night and honestly my first reaction was, ok this should be cool. Why you ask? Simple, they are getting more publicity than anyone could ever buy for making (what seems to be) very little effort and compromising entities that should be on top of their security game. I was curious to see what someone from a group like this would want in a OS and what tools they think should always be on hand.

Sadly though I was mildly disappointed. Here are my thoughts in no specific order... First, It was based on the current release of Ubuntu. Actually I can live with this, means I can use a mainstream distro and keep up-to-date on all the other updates that a OS needs, a quick look at the sources list and everything seems standard. Then again this technically means its not their OS, just a (slightly) modified version of someone else's. On that note I actually liked the fact that they make you crack an MD5 hash to get the password to login. While this does little for anyone with access to google it still made me chuckle.

The login banner... Ok... seriously... "educational purposes" ... yea... riiiiight. These guys really are not going to win any responsibility brownie points here for this one, but it is still a fair thought. Actually it makes me wonder if that's what Backtrack should have as their login banner. Ok so on to the rest. I actually liked the look then again I like Ubuntu too. The eyes in the tray were a funny touch too, just makes you think about that part of you that does not fully trust this OS. The re-branding was a nice touch, however their motto really needs to stop showing up every where.

Ok, moving on.. looking around a little bit I see something I did expect, there are a few anonymizers installed. Some I use, some that look interesting. The next thing I noticed is that they are pretty light-weight on tools which struck me as odd. The more I look around the more I feel like this is made for the script-kiddie (or as a video I just watched referred to them an 'ankle biter') with enough stuff to get them into trouble.

Although it is nice to see the cannons in one place without having to worry about who is re-branding and  shoving malware in them. Other than that, a hand full of semi-useful websites, some SQL tools (no shock here either), and what seems to me as a focus on DoSing tools. While I understand DoSing to be a power thing I just can't help but view it on a low rung of the "hacking" ladder. I mean it gets you nowhere as far as access goes, its good for attention, both distracting and getting noticed but that is about it. There are also a hand full of other scripts that take some of the work out of researching a target, like the admin page finders.

Oddly enough what I did not notice is anything to make your own backdoors or anything like that. I mean unless I missed it, which is completely possible, I see nothing that would actually help you get root on a machine. Then again they do say it is for "testing" web sites. But I think being able to upload a php or java shell is also a way to test a site.

Ok Bottom line, I actually like it. It has great potential to become a good set of tools for students, good guys, and bad guys alike. I personally think maybe they should have just built in on backtrack but props for going their own way.

Oh and as for the lack of trust thing, simply put no I do not trust them (sorry guys/girls). Then again I am not exactly about to signup for online banking while i am running this, in fact my only real main worry would be them flipping a switch and this OS instantly becoming part of a DDoS and even that is unlikely. Their MO seems to be more of a "For the people" thing and that would certainty not fit. Still not going to turn the network card on until I give it a few more looks over. ;-)