Login
Login

TESO (Austrian hacker group)

{{short description|Hacker group}}

{{About|a hacker group|the Ugandan ethnic group|Iteso|the ferryboat service to the Dutch island of Texel|Royal TESO|the video game|The Elder Scrolls Online}}

{{More footnotes|date=April 2009}}

File:Team TESO Logo.gif

TESO was a hacker group, which originated in Austria. It was active from 1998 to 2004, and during its peak around 2000, it was responsible for a significant share of the exploits on the bugtraq mailing list.

In 2000, some of their members took over phrack magazine and released the first ever hardcover (#57) at HAL2001.

History

File:Research Lab.jpg

File:Teso-acp-lab.jpg

In 1998, Teso was founded, and quickly grew to 6 people, which first met in 1999 at the CCC Camp near Berlin.

By 2000, the group was at its peak, and started speaking on various conferences, wrote articles for Phrack and released security tools and exploits at a very high pace. Some of its exploits only became known after leaking to the community. This included exploits for wu-ftp, apache, and openssh.

2000 First remote vulnerability OpenBSD 2.x - Pending ARP Request Remote Denial of Service{{Cite web|url=https://www.exploit-db.com/exploits/20271|title=OpenBSD 2.x - Pending ARP Request Remote Denial of Service|date=October 5, 2000|website=Exploit Database|accessdate=October 5, 2024}} in OpenBSD followed by a series of remote exploits against OpenBSD (some co-authored with ADM). Forced OpenBSD to remove the claim from the OpenBSD webpage "7 years without vulnerability"{{Citation needed|date=November 2010}}.

In September 2001 released comprehensive Format String Research Paperhttp://julianor.tripod.com/bc/formatstring-1.2.pdf by scut describing uncontrolled format string vulnerabilities.

In 2003, the group informally disbanded, and in 2004 the website went down.

Achievements

  • In 2000, developed [https://packetstormsecurity.com/groups/teso/hellkit-1.2.tar.gz hellkit], the first shellcode generator.{{Citation needed|date=November 2010}}
  • In 2000, wrote TesoGCC, the first format string vulnerability scanner, and the first comprehensive guide on format string exploitation.{{Citation needed|date=November 2010}}
  • BurnEye team member is widely believed to be one of the first proper ELF executable crypters.{{Citation needed|date=November 2010}}

Quotes

{{Quote

|ADM and TESO made almost inappropriately large splashes in the community when they were active. Almost all their exploits were beyond the standard, and at times it seemed they were the ones finding all the new bug-classes. But at their peak, they couldn't have been very large groups. Certainly smaller than the reverse engineering and security group at a good sized IDS/IPS company these days.

|Dave Aitel, Founder of Immunity, Inc.[http://archives.neohapsis.com/archives/dailydave/2005-q2/0386.html Abdullah on TESO]

}}

Members and name

File:Teso Crew 1999 at CCC Camp.jpg), Scut, {{Proper name|Oxigen}}, Edi, Hendy ]]

The name originally was an acronym of the nicknames of the original founders (typo, edi, stanly, {{Proper name|oxigen}}), but as many of the most skilled members joined later, this interpretation quickly became meaningless. Teso originally and during its peak was a small and tightly knit group. A full list of members does not appear to exist, but if public sources can be trusted, at least the following members existed:

  • acpizer{{cite web | url=https://demozoo.org/groups/14942/ | title=United Cracking Force - Demozoo }}
  • caddishttp://downloads.securityfocus.com/vulnerabilities/exploits/bsdchpass-exp.c
  • edihttp://www.trust-us.ch/phrack/phrack/62/p62-0x04_Prophile_on_scut.txt
  • halvarhttp://www.ccc.de/congress/2001/fahrplan/event/255.de.html
  • hendy{{Cite web|url=https://marc.info/?l=bugtraq&m=99385173302656&w=2|title='Re: ISS Security Advisory: Wired-side SNMP WEP key exposure in 802.11b Access Points' - MARC|website=marc.info|accessdate=October 5, 2024}}
  • lorian{{Cite web |title=examples / Network Security Assessment |url=https://resources.oreilly.com/examples/9780596006112 |access-date=2022-07-21 |website=GitLab |language=en}}
  • {{Proper name|oxigen}}
  • palmershttp://freeworld.thc.org/root/docs/loadable_kernel_modules/p58-0x06.txt
  • randomizerhttp://mixter.void.ru/about.html
  • scut,{{Cite web |title=Files ≈ Packet Storm |url=https://packetstormsecurity.com/groups/teso/teso-advisory-011.txt |access-date=2022-07-21 |website=packetstormsecurity.com}} published in September 2001{{Cite web|url=http://julianor.tripod.com/bc/formatstring-1.2.pdf|title=Exploiting format strings vulnerabilies Exploiting format strings vulnerabilies paper|accessdate=October 5, 2024}}
  • smiler
  • skyper{{Cite web|url=http://packetstormsecurity.org/groups/teso/arpmitm-0.1.tar.gz|title = Files ≈ Packet Storm}}
  • stealth/S.Krahmer{{Cite web |title=Files ≈ Packet Storm |url=https://packetstormsecurity.com/groups/teso/adv6.tar.gz |access-date=2022-07-21 |website=packetstormsecurity.com}}
  • stanly
  • typo{{Cite web |title=Files ≈ Packet Storm |url=https://packetstormsecurity.com/9909-exploits/dirthy.c |access-date=2022-07-21 |website=packetstormsecurity.com}} aka Paul Bohm
  • xdr/mdr
  • zip

See also

  • Goatse Security
  • w00w00 - A like-minded hacking group. Some research and releases were published together with w00w00 members.

References

{{reflist|2}}

External links

  • [http://archives.neohapsis.com/archives/dailydave/2005-q2/0386.html Dave Aitel on TESO]
  • [http://packetstormsecurity.org/groups/teso/ Packetstorm TESO Archive]

{{DEFAULTSORT:Teso}}

Category:Hacker groups