Copy Link
Add to Bookmark
Report
The Word of God Issue 3
##################################### +
/## T h e W o r d O f G o d ## +
|/## A -=MINISTRY=- Production ## +++++
|/## Hotel Chelsea - Rocky Horror ## +
|/## Fungus Land - Malignant ## +
|/## Growth ## +
|/## Ulterior Motives - Rafe Zetter ## +
|/##+.+.+.+.+.+.+.+.+.+.+.+.+.+.+.+.+## +
|/## ##
/#########|/#####################################
|/## Issue |/////////////////////////////////////
|/## Number ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|/## ------Three (3) ##
|/## DECEMBER 1989 ##
|/#########################
|//////////////////////////
~~~~~~~~~~~~~~~~~~~~~~~~~~
----------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
THIRD ISSUE!! Merry Christmas everyone! This issue is definitely going
to top all the others. I'm going to tell you a bunch of different ways
to hack into MANY different types of computers. Plus some Generic,
all-around tips for all systems. The annoyance dialer will be out in
time for Christmas present (less than 50 shopping days left!) Soon,
we'll have a VMB for updates and new information. Always up-to-date, and
on the line.
HOTEL CHELSEA is back up!! Running TELEGARD 1.8B Standard. Very nice
software. I saw a program called USSR. ONe of the best FORUM clones
I've seen yet. Please do a community favor though, and drop your
Forum clone. I am sure that most people are just sick of them.
Did anyone catch the "hacker" that was on MTV a while back? The guy was
definitely fake. He was giving this shit about how he was the best
around and had gotten into everything, yet, when asked about his tactics,
he couldn't "think of the right words." Yeah.
Anyways, We also have a bit on cracking safes this month and hacking
VMB's. Good luck!
Sam Hain
-=Ministry=-
----------------------------------------------------------------------
How to crack SENTRY'S "FYRE FYTER" (R) Safes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By : Peter The Great Edited by : Sam Hain
~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~
a Sentry Fyre-Fyter Safe is a non-complex safe with a combination lock
that is used to hold smaller items, documents, wills, contracts, etc...
They aren't generally too expensive, but still not the worst-made safes
around. Still, like all combination locks, they have a flaw...
In the instructions, it says too turn -left to XX, and then right to YY
and open the safe up.- Fortunately (for you) you can open it without
knowing the entire combination.
STEP 1-) After clearing the dial (spin it a few times), turn RIGHT to
XX.
STEP 2-) At XX, turn LEFT slowly until you hear a LOUD click. The
click is very loud, so no amplifying enhancer is needed (like a
stethescope or something.)
STEP 3-) Turn to the right again until the dial will not turn anymore.
Open the safe! It's been cracked!
WARNING : The method used here will kill the old combination. Do not
shut the safe since you will not be able to open it using the original
combination!!!
----------------------------------------------------------------------
A MINI-GUIDE TO HACKING By Sam Hain
This is not meant to be an all-purpose guide, but just a collection of
tips on getting into MANY different systems, plus some generic
techniques.
UNIX:
~~~~~
You will find at least one text file on hacking Unix on every system
that has any amount of G-Files. However, most only tell you what you
can do once you are inside. However, you can get in fairly easily on
some systems. These systems would be something like a college, high
school, small or large company, or private system that is used by many
people. On many of these systems, try an account called 'suggest',
'suggestion', or 'comment'. These are used by the System Operators as
a somewhat anonymous feedback with suggestions or complaints. Now, you
can write a message that will look normal to the reader, but actually
do some internal changing and create an account or whatever you like.
Send a Screen Freeze (CTRL-S), Screen Clear (usually a CTRL-L), then
about 255 garbage characters (just pound on the keyboard.) and then the
command to create a new account. Then Un-Freeze the screen (CTRL-Q, or
CTRL-S) and save the message. This is somewhat dependant on if they
are using the mail facility that came with the system.
PRIME:
~~~~~~
The new Prime systems are very hacker-difficult. Once you connect and
get the ER! prompt, try some of these accounts..
Id.
PRIME
SYSTEM
PRIMOS
ADMIN
RJE
DEMO
GAMES
GUEST
REGIST
TEST
NETMAN
PRIRUN
TOOLS
CMDNCO
TELENET (If on the Telenet Network)
The Default password is the same for all accounts as the Id.
TOPS-20
~~~~~~~
At the '@' prompt, you can type (only the caps are needed)
LOGin
and then the first few letters of a common name such as Smith, Jones,
Miller, Etc.. then press ESC. This will cause the system to search
it's userfile for any matches. If it comes up with a match, it will
finish it. If there are more than one match, it will beep. After a
while, you should come up with a complete name. Keep doing this (go
through the phone book.) until you have a big list of names. Then try
the obvious passwords for each name. Such as the name itself, name
backwards, nicknames, passwords from Mentor's Frequent Password List,
etc...
SOME GENERIC TRICKS USED:
~~~~~~~~~~~~~~~~~~~~~~~~~
DECOY:
~~~~~~
If you have managed to get a low-level account, the next few tips will
help get a higher level account.
Write a small program in whatever language the system uses that will do
the following...
o Clear the screen and place text into it that makes it look like the
system is in charge.
o Prompt for, and allow the user to enter, both an account and
password.
o Save that information in a place that the hacker can access.
o Tell the user that an error took place or that the info was verified
o Turn control over to the system
RAPID-FIRE:
~~~~~~~~~~~
This works on a few systems now a days. First, enter a command that
you know will be approved, such as "tell me the time" or "directory"..
As soon as the system runs off to verify that your security level will
allow you to do this, you change the command in the buffer to something
that would not be approved, such as "List all the passwords" or "Give
me Super User access"... When the system comes back with an "Ok,
command allowed", it will perform the second command instead of the
first. Of course, this must be done VERY rapidly, but it will work.
TRAPDOOR:
~~~~~~~~~
A trap door is a piece of program inbedded in the main program that
will allow the person who opened it to perform whatever action it was
written to do, without any security checks. Thease are next to
impossible to add yourself, but not hard to find out about if you ask
around.
TROJAN HORSE:
~~~~~~~~~~~~~
This is a program you write that LOOKS like a neat little thing, but is
actually a cover for background operations. When a user runs this
program, it will show them something, but in the background, searching
the memory or something for their account/password. Then it writes it
to a file where the hacker can get to it later. It might also ASK for
the account and password as "verification that you can run this
program." Then it would say something to the effect of "Program not
complete. Please try again later."
There are others such as Worms, Logic Bombs, etc... But they are
scarce to use anymore.
Oh - One more way I read about in THE CUCKOO'S EGG clip in Pc Magazine.
The hacker used GNU-EMACS (which doesn't check directories to see if
user has access to put files there), a program editor, to write and
compile a program that the system ran every 5 minutes. However, he had
his program stop to give the accounts he was using high access, since
it was in the ROOT directory and didn't need to check it's own actions.
T hen it erased itself and put the old program back in. Very ingenius
I thought. However, the guy died by match and gasoline, so....
----------------------------------------------------------------------
The supplement, BITNET.ZIP, is an entire listing of all the BITNET
nodes and addresses throught the world. BitNet is the network that is
mostly used by colleges, but some small companies use it too. you can
always get the current Issue (or back issues) of WORD OF GOD over
bitnet if you have a BitNet account (or a friend does), and you send
mail to SAMHAIN @ UWACDC. Even if you don't want Word of God, send
mail anyways to tell me how you're doing.
----------------------------------------------------------------------
Well, that's all I have to say this month. Check next month's New Year
ish with lots of fun new years ideas to try with your neighbors (be
sure they're not around when you do it though >=)
Sam Hain
Bitnet: SAMHAIN @ UWACDC
