What is a script kiddie?



What is a script kiddie?

Script kiddie is a derogatory term computer hackers coined to refer to immature, but often equally dangerous, exploiters of Internet security vulnerabilities.

Not all inexperienced hackers are script kiddies. Some inexperienced attackers try to learn and understand the tools they are using. Script kiddies are not interested in learning and understanding the exploits they are using, they are simply taking advantage of what is easy to find and available.

What are the characteristics of a script kiddie?

The typical script kiddie uses existing, known techniques, programs and scripts to find and exploit vulnerabilities in Internet-enabled computers. Their attacks are random with little understanding of the tools they use, how they work, and the damage they cause.

Script kiddies are usually motivated by simple, personal reasons – to have fun, wreak havoc, get attention, or get revenge.

Hackers disdain script kiddies for not promoting or contributing to the art of hacking Developing the hacking culture. Script kiddies can also do a lot of damage. This allows them to unleash the wrath of the security authorities on the entire hacking community. The media often portrays screenwriting kiddies as bored teenage loners seeking peer approval.

What is the origin of Script Kiddie?

The term Screenplay child first appeared in hacker Zines, Blogs, message boards and Internet relay chat Mid 1990s. It was used to describe people who downloaded a tool without knowing or caring about how it worked.

The exact origin of the term is unknown. Some early uses of script kiddie and related terms include the following:

  • 1993. Terms like k0deZ children appeared on an internet forum called Yabbs.
  • 1996. According to the hacker blog LiveOverflow, the term is Screenplay child appeared in the comments of a Unix Exploit.
  • 1998. the Chop zine Phrack referred to “Script Kiddie Behavior” in one of his articles.

More recently, the term has been used in several episodes of the television series Mr. Robot.

What’s the difference between a hacker and a script kiddie?

Hackers and script kiddies differ in three areas:

  1. Level of experience. Script kiddies are less experienced with cybersecurity exploits than real hackers. They generally cannot write exploits or scripts themselves, so they use programs written by others and found on the Internet.
  2. Skills. Script kiddies have less developed hacking skills than more advanced, well-organized threat actors. As a result, they often use attacks that are easier to carry out. They may prepare less for an attack and do little research before launching it. They are also more likely to give up if their simple exploit doesn’t work in the first few tries. Experienced hackers have the programming and computer networking knowledge to adapt their attacks to dynamic defenses for the Internet. You can interpret a situation and adapt to new scenarios.
  3. Intention. Script kiddies are more likely to exploit to gain personal recognition or to avoid them Troll. They don’t always understand the tools they use and pay less attention to the consequences of hacking. A hacker will be proud of the quality of an attack, for example if he leaves no trace of an intrusion. Most experienced attackers know the consequences and the ethics of their actions. In comparison, a script kiddie will often focus on quantity and see the number of attacks that can be performed to gain attention and notoriety.

Compared to script kiddies, what hackers do becomes even more complex. Because of this, there are many different types of hackers categorized by intent.

Ethical hackers, for example, look for vulnerabilities and carry out exploits if they know it is legal to do so. They often work as penetration testers, information security experts who are paid to test a company’s network and computer systems for vulnerabilities.

Script kiddies don’t fit into the hacker category because they lack the skills, experience, and general competence.

Script kiddies and hackers share similar methods, but differ in their attitudes and approaches to exploits.

Examples for script kiddies

Script kiddies are not talented hackers, but they are still capable of carrying out exploits with powerful consequences. Some examples of low-skilled but potentially harmful exploits that script kiddies could perform include the following:

  • Denial of Service (DoS) Attacks flood the target server, network, or website with traffic so that the target cannot serve its users. Standard hacking programs that allow users to carry out DoS attacks are easy to find on the Internet.
  • Social Developmentlike that different types of phishing attacksto do less with manipulating code and more with manipulating people. A social engineering attack can be as simple as sending out emails with malicious links containing free malware that the script kiddie can use to steal the victim’s personal information.
  • Defacing the website is attractive to script kiddies because of the skills required – web development and Hypertext Markup Language – are easy to learn. Defacing a website can grab the attention script kids crave while damaging the website owner’s image.

Real-world script kiddie attacks include the following:

  • DoS (DDoS) attacks distributed in the UK in 2015. Police in Great Britain six teenagers arrested for allegedly using a DDoS tool to attack corporate websites and other entities. The tool used was Lizard Stresser from the Lizard Squad hacker group.
  • 2016 Mirai DDoS attacks. The Mirai botnet’s DDoS attacks relied heavily on DDoS-for-hire services such as the Webstresser.org website. With these services, anyone can buy DDoS attacks and launch them with little or no technical knowledge.

Conclusion: Script kiddies are unskilled, but dangerous

A script kiddie is considered a bad thing in the hacking community. They are often less skilled, experienced, and knowledgeable than real hackers.

Hackers view them with contempt for using powerful hacking tools and having little understanding of how they work and the consequences. Many of these tools are Open source and free to use for script kiddies and more experienced hackers alike.

Find out how cyber criminals can benefit from it Open source tools for attacking vulnerable corporate systems and what security professionals can do to prepare.



About Author

Comments are closed.