Copy Link
Add to Bookmark
Report
f0rbidden knowledge issue 11
===---===---===---===---===---===---===---===---===---===---===---===---===---
: ____
i..?W$$$$$$$ __
;Q$$P" $$$ ;$$$
.$$$;' $$$ I$$$
I$$. : $$$ $$$;
;$I? . $$$ _..$$$;
$$$; $$$y#Q$$$$$P'
$$$ $$$P""^^
_____$$$ $$$;
$$$$$$$$$$$$$$ `$$$y,
''^""$$$^^"""" ;,"?$$$#,
$$$ I$# ^$$$$,
$$y, $$$ ?$$$;
$$$; $$$ ;$$$I
: $$$ $$$$
. $$$$
Forbidden Knowledge Issue Eleven: Released 16th May 2000AD
Leet0 Wizdumb's 17th Birfday Ish!@#$% Happy Birfday to Me!@#$%^
---===---===---===---===---===---===---===---===---===---===---===---===---===
Shout Outz
+-======-+
MDMA, Sigma, DrSmoke, TimeWiz, meiso, Coldblood, Rawhed, JungleG, RIFT, {},
Slash, b0f, Most of the hoez from Blabber.Net's #hack (Aragon, Opium, acid,
xanex, et al), Pushers who give LSD to Five Year Olds, Cruciphux, Gevil,
All the blasphemers from article 0x45, Catholic School Girls that give good
head
Fuck Youz
+-=====-+
Catholic School Girls that DON'T, People who can't see the humour in the abuse
of homeless people, Homeless People, All the hoez in the acne remedy
commercials with no acne, *!*@dal.net, *!*@under.net, People who wait until
the *END* of the answering machine message before they hang up, Defacers,
People who think defacers have skillz, People who write e-zines, People who
think people who write e-zines have skillz, Loud Annoying Evangelical
Churches, kppp users, Broccoli
Movies of the Month: American Beauty
South Park - Bigger, Longer and Uncut
Sites of the Month: Info Regarding Egodeath hv2k.voltage.org
My Personal FK Mirror www.mdma.za.net/fk
H/P E-Zine Community scene.textfiles.com
Narq of the Month: MostHateD (Congradulations!@#$%^&)
Windoze 9x command of da month: copy /Y c:\windows\logos.sys c:\logo.sys
Short Story of the Month: "The Doom that came to Sarnath" by HP Lovecraft
Fun: Walking out the plane in Zimbabwe's airport wearing a T-Shirt that says
"Whites rule. The Zimbabwean government is hiding the aliens from us.
Gay Rights now."
Official FK11 Soundtrack: KoRn, Limp Bizkit, Rage Against the Machine, Bush,
Eminem, Red Hot Chilli Peppers, Rammstein, Pixies,
Springbok Nude Girls, Radiohead, Bloodhound Gang,
Our Lady Peace, Cypress Hill, Blink182, Orgy
Scary: Seeing an automatically flushing urinal for the first time ever just
after eating Psilocybe Mushrooms
Oh: If you have copies of Forbidden Knowledge printed out and lying in your
office's waiting room like we have heard several people have - PLEASE
PLEASE PLEASE take a photo of them and your waiting room, scan them in,
and e-mail them to wizdumb@leet.org ;-) Don't have a scanner? E-mail us
for a snail mail addy, but just GET US THOSE PICTURES. =)
Amusing: Thabo Mbeki's public statement (and letter to Bill Clinton) saying
that it can't be proved that HIV leads to AIDS - especially
considering how much goddamn medical experience he has. And lets not
even *begin* to consider the amount of damage a statement like that
can cause when almost a *third* of the world is HIV positive. Thabo
Mbeki, I sincerely hope that you get AIDS and die. I am actually
*ashamed* to have such a fucking idiot as a president.
________,,,........... .........______
$$$$$$$$$½½½½½½½^^^^^ '''''"""???zz. $$
^?$$$ `?; $$
'$$ Contents of Forbidden Knowledge Issue 11 $;$$$
?; ,,?;I$$$
,"________________________________________________________..,,##½½½', $$
_.+ +.,;
0x90> Credits
0x90> Editorial
0x90> Mail from the Readers
Articlez...
0x30> Byteware of the Month [Wyze1, Jus, DvD]
0x31> Unlocking Cellphones without the Mastercode [Moe1]
0x32> Hacking Reality: An Introduction to Khaos Magick [Wyzewun]
REM 0x33> Details of Microsoft's Space Exploration Plan [Pneuma]
0x34> K-Rad Oh-Day Christianity Warez [Various]
0x35> Cisco PIX (and others) Denial of Service Attack [Vortexia]
0x36> An Introduction to Java Servlets [Wyzewun]
0x37> Fixing M-Web Specific Modems [JungleG]
0x38> Miscellaneous IRC Gayness [Various]
Other junk...
0x41> The Mysterious blommetjies.jpg (Zoom In :P) [Wyzewun]
0x42> Completely Useless killmod.php3 Warez [Wyzewun]
0x43> Internet Explorer 4/5 Hostile VBScript [Wyzewun]
0x44> Share Password Extractor Version 2 [Sigma]
0x45> Microsoft Access 97 Database Password Remover [Wyzewun]
0x46> Lame Ass Win9x/NT4 Backdoor [Wyzewun]
0x47> Windoze Dialup Account Login Ripper [Sigma]
0x48> B0nus Super-el8 Esteban Warez [Various]
0x49> MDMA Advisories #2 through to #4 [Wyzewun]
0x50> Various Stupid-ass DoS vulnerabilties [Wyzewun]
0x90> Outro
,?'
$$;
$$$QQQ####,,,,________________________________ _________ ______ _
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. People who made this Issue possible ._ ,;:;,, _.
The Usual Bitchez who contributed...
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
Wyzewun
Pneuma
Vortexia
Moe1
Jus
Special Thanx to Deeze Guest Bitchez...
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
JungleG
Sigma
DvD
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
^^^^^^^^^""""""
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. Editorial by Wizdumb ._ ,;:;,, _.
So last week me and my bitchez...
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. Mail from The Readers ._ ,;:;,, _.
Date: Tue, 4 Apr 2000 08:43:39 -0500 (CDT)
From: Al Mccain <reswh0re@conspire.arcsnet.net>
To: wizdumb@leet.org
Subject: got a question about someone..
Message-ID: <Pine.LNX.4.05.10004040842370.17988-100000@conspire.arcsnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
sigma, where is he from?
think i know him, just not sure.
[Ed: I replied with "Huh? Who are you?" and I kinda never heard from him
again, HEH! ;-P Still - mail like this worries me.]
------
[Ed: I posted something to scene.textfiles.com to the effect of "Forbidden
Knowledge Issue One to Ten released, but we were too dumb to notice"
and got the following reply...]
X-Authentication-Warning: lala.navpoint.com: mogel owned process doing -bs
Date: Fri, 7 Apr 2000 15:55:38 -0500 (EST)
From: mogel <mogel@hoe.nu>
X-Sender: mogel@lala.navpoint.com
To: Wyzewun <wizdumb@leet.org>
Subject: FK and scene.textfiles.com
In-Reply-To: <200004071104.EAA31560@nak.dreamhost.com>
Message-ID: <Pine.LNX.4.10.10004071554090.670-100000@lala.navpoint.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
I'm glad you wrote me, I tried to contact you like two months ago,
but those addresses bounced back. I added you folks to the site... feel
free to shoot me an email whenever you guys release, and I'll announce it
on my site. You might consider making a mailing list to announce
whenever there's a release to readers, or something. Keep in touch.
-Mogel
[Ed: More about this at the end of the zine]
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. Byteware ._ ,;:;,, _.
Byteware from Wyzewun...
When beigeboxing a South African cardphone, you are interested in one of the
white wires and the blue wire, okay?
------
Telkom's new boxes look like this...
___________
/ () \
-------------
| ___ |
| \ \ |
| \__\ |
| OOO |
| OOO |
| OOO |
| |
| |
,,,,,,,,,,|___________|,,,,,,,,,,
Okay, so my ascii art sucks (I guess I shoulda gotten Cyberphreak to draw
this) but what the fuck. Regardless, they're tall and thin, and are opened at
the top using the little hole which I pathetically tried to depict. ;-P It
appears that these boxes are Telkom's new preffered system, and they are worth
finding ways to break into (That prefferably don't involve kicking the whole
thing to pieces) - and if you succeed in breaking into one - write us an
article on it!@#$% :-)
------
No-one sends fuck you'z to the FK editorial staff in their e-zines! We feel
unimportant! Pleeze Pleeze Pleeeeze - you're not hardk0re if you don't have
an el8 rival zine that hates you! :-(
Actually, I have a feeling this approach isn't going to work. Hmm... Plan B...
Phrack : FUCK YOU!@#$%^&
BoW : FUCK YOU!@$%&^&*
f41th : FUCK YOU!@#$%
FK : FUCK YOU!#$#%^... No... Wait a Minute...
b0g : FUCK YOU!#@$^&*
b4b0 : FUCK YOU!@#$%&*
ch4x : FUCK YOU!@$#%&(
~el8 : FUCK YOU!$#$^*(%
HWA.HN : FUCK YOU!@##$%^$&
NoU : TAKE 0FF J0R CL0THEZ!#@%%$&&*
------
Here's an *EXTREMELY* simple little patch for tcp_seq.h I wrote for
FreeBSD (tested on 3.4-RELEASE, but should work on 2.2 - 4.0) to increase
security and to stop nmap from recognizing the OS (which is the real
reason I wrote it, the extra security offered is not really necessary :P).
This just shows you how simply a TCP/IP fingerprint can be spoofed...
Once extracted just run patch tcp_seq.h diff.file in /sys/netinet
--- cut diff file here ---
96c96
< #define TCP_ISSINCR (122*1024 + tcp_random18())
---
> #define TCP_ISSINCR (random())
100c100
< #define TCP_ISSINCR (250*1024) /* increment for tcp_iss each second */
---
> #define TCP_ISSINCR (random()) /* increment for tcp_iss each second */
--- cut diff file here ---
------
Looking through the logs on Pneuma's box I found this...
<snip>
<Gentoo> Well, the buffer overflow examples are a little lame ... but, it
actually seems okay at second glance.
<Pneuma> hehhehehehe, it usually is, it grows on you
<Gentoo> THough, I could see why you might have to try so hard -- it's on
Windoze ......
<Pneuma> whats on windows?
<Gentoo> The buffer overflow program example.
<Pneuma> heh, its aimed at newbies and compiles under *nix neway :P
<Gentoo> Well, it's also C++ ... cin >> of course checks for buffer overflows.
</snip>
*Sigh* I hate it when idiots try and make it look like *I'm* wrong...
C:\temp>type gay.cpp
#include <iostream.h>
void main() {
char beer[5];
cin >> beer; }
C:\temp>cl gay.cpp
Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 12.00.8168 for 80x86
Copyright (C) Microsoft Corp 1984-1998. All rights reserved.
gay.cpp
Microsoft (R) Incremental Linker Version 6.00.8168
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.
/out:gay.exe
gay.obj
C:\temp>gay
AAAAAAAAAAAAAAA
GAY caused an invalid page fault in
module <unknown> at 00de:00414141.
Registers:
EAX=004089a0 CS=015f EIP=00414141 EFLGS=00010246
EBX=00530000 SS=0167 ESP=0063fe00 EBP=41414141
ECX=0000000a DS=0167 ESI=8162c000 FS=1a8f
EDX=0076066f ES=0167 EDI=00000000 GS=0000
Gosh, EIP and EBP look a bit weird. *Sigh* Just because texts up to now have
not mentioned buffer overflow related problems with cin and ifstream doesn't
mean they don't exist.
In fact, I am willing to *bet* that the buffer overflows in WinAMP's reading
of playlists and Netscape Navigator's reading of prefs.js were both caused by
improper use of an ifstream. This is also a huge problem because this is how
*every* C++ course/tutorial tells programmers to use their ifstreams like
that. Anyway, the real moral of the story - Fuck off and check your facts
before you whine. ;-P
------
Some extracts from a recent e-mail to me from okby@b4b0.org which may be of
interest to some hoez...
<snip>
Indeed we are still putting out the ezine. Sorry, but we've been off for
awhile, mainly due to real life problems in everyones schedule. Real life
comes before internet. Anyhow, we're back in business, and we're stronger than
ever.
</snip>
<snip>
(ps. if you have anybody else you know that would be interested in submitting
anything to the ezine please let them know that we'll look at anything
especially if it has something about social antics or programming in it.
thnx.)
</snip>
------
Pneuma and I have decided to chose some completely arbitary race to hate with
a passion. We looked in an Atlas and found Andorra, a tiny little country
between France and Spain with a population of about 2000, and decided that it
would do well. Before we were completely unaware of the great threat of this
nation, and now we have made the shocking discovery that They're everywhere!
They're taking all our jobs! They're corrupting our way of life!
First of all - you must know how to identify Andoranns so as to be able to
persecute them at every possible moment. We have decided that they all,
without doubt, have hair growing out their ears. You can also always tell an
Andorran by their nose. We don't know exactly what *about* it, but we are sure
this identification technique is also completely infallable.
And boy oh boy, when an Andorran moves into your neighbourhood - you'll know
about it! Your children will worship Satan, take drugs, and eat... starchy
stuff! Things will go missing everywhere (The Andorrans are *born* thieves,
they even steal their currency from France and Spain!) And we're not even
going to *begin* talking about their SMELL!
So - join the fight against Andorra before it's too late! Besides - it's fun
saying "Oh yeah, well at least (X Racial Group) aren't as bad as the fucking
ANDORRANS!" and everyone always assumes that comments about Andorrans relate
to *their* racial group - whatever that may be.
Oh, and if you live in Andorra, please, please, e-mail us. ;-P
------
Interesting fact of the month, as found in issue four of b0g... <www.b0g.org>
<snip>
LONGEST PUBES
Maoni Vi of Cape Town has hair measuring 32 inches from the armpits and 28
inches from her minge.
</snip>
Yeah! Gov-Boi's home town! Coincedence? I think not. ;-) Shjeesh, and ppl
wonder why I keep on ripping off CT. :-P
------
Real-life quote of the month...
<Pneumas_Mom> Marcel, it says in this magazine that men like being anally
fingered during sex. How should I approach Steve about this?
------
Don't want your Java to run on Microsoft VM's? Then instead of using this...
public static void main(String[] args) {
Use THIS...
static void main(String[] args) {
And it will work in anything except M$-made stuff. ;-)
------****------
Byteware from Jus...
How to impress your lame linux buddies? If you haven't figured this one out
yet, congratulations - I'm speechless. 'nix uses a file called /etc/hosts to
identify known hosts for domain resolution, to prevent a full DNS lookup
everytime that host or IP is used, or if a DNS lookup isn't suitable for that
IP. Usually this will contain something like localhost resolving to 127.0.0.1
and your machines (static) IP and its hostname (obviously only if the machine
has one) /etc/hosts ovverrides DNS lookups, so you can play cute games with it
on your machine. For example, change 127.0.0.1's resolution from "localhost"
to "whitehouse.gov". Telnet 127.0.0.1, login and voila - do a "who" and see
yourself logged in from the whitehouse :P
This can actually be very useful to hide your connections as many people will
take what a "who" says at face value and not look any further into it - root a
box, change your current IP's resolution in that machines /etc/hosts to your
enemy next door, and telnet in and you appear to be connected from
idiot.hostname.com's machine... now there's a thought... Obviously you can't
use this very seriously - if you're smart enough to get that far you will
realise that a netstat -na will show otherwise :P
------
Got any annoying network firewall you wanna sneak around? Well, if you aren't
a prize circus clown then you may have already discovered the beauty of some
simple code known as datapipe (src on www.security.za.net). Your usual network
firewall will have basic things open like http (80) and ftp (21) allowed out,
but not your favorite's like telnet (23), ssh (22) or irc (6667) - tsk, shame.
Datapipe lets you setup a pipe for data coming in on one port to another port
on another host - sounds interesting. You could run datapipe on a machine
outside of your network to listen on port 80 or 21, and then pipe the
connection to your irc server on port 6667, or even to the local machine's
telnet or ssh port... gee, that was tough. You could then /server
externalmachine.com 21 or telnet externalmachine.com 80, and the network
firewall will allow the outgoing data stream, but the external datapipe will
change the flow of data to where you really want it to go -
deranged.blabber.net (6667) for example :) [Wyzewun: Yeh, BlabberNet is neat,
pity about the gay IRCOps there though (Jus, Vortexia, TimeWiz) :P] You will
get datapipe, use it and like it. Duh.
------****------
Byteware from DvD...
In RedHat 6.0, users with uid 1000 or higher can execute 'shutdown -r now',
which will cause the system to reboot and go into single-user mode. Oops.
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. Cellphone Unlocking without the Mastercode by Moe1 ._ ,;:;,, _.
This works on Nokia 21xx/31xx/51xx/81xx.
This doesnt work on software version (5.04).
First of all your PIN code must be on, then press C, arrow down, C, and hold
until it clears display then press * and hold until it starts to blink then
press * again and hold until it starts to blink then type
04*YOURPIN*YOURPIN*YOURPIN#.
It should then say "PIN code changed" or something and the SIM card is now
accepted. Note: Each time you turn your phone OFF it resets the lock, so
this need to be done each time you'll turn your phone ON.
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. Hacking Reality: An Introduction to Khaos Magick by Wyzewun ._ ,;:;,, _.
As a practicing Chaote, I was very interested to have recently seen two
articles regarding occult issues in what would strictly be called H/P e-zines.
The two e-zines I am reffering to are b4b0 issue 9 and b0g issue 2, and the
two schools covered being Khaos Magick and Satanism respectively. Both zines
are available @ PSS should you be interested in checking them out some time.
(http://packetstorm.securify.com/mag)
So why did I see a need for another article on the subject? Well, Synner's
article in b4b0, despite being quite good, left out a few very important
points as to what Khaos Magick is all about. I will also try and throw as many
of my personal opinions about Khaos Magick into this as possible, to make it
interesting to people already familiar with the system. And ultimately, it's
hard to summarize such a complex system in a single article - so read both
anyway. ;-)
As for reading the article in b0g on Satanism... well... I have to be honest -
I found the entire original content insipid and stupid but the passages quoted
directly out of Anton LaVey's Satanic Bible make it worth reading anyway,
despite the typos. Especially considering that LaVey was influenced by
Aleister Crowley and HP Lovecraft as were many of the early Khaos Magicians
like Austin Osman Spare. And more importantly, regardless of that article,
b0g has to be one of the funniest zines the H/P community have produced ever.
Right. Now Let's get started... The alt.magick.chaos FAQ contains a menagerie
of definitions of Khaos Magick, and I suggest you read them all should you
be interested. But the one I am going to give you in this article comes from
Joseph Max.555, who I think defines it quite well...
Chaos Magick is currently the cutting edge of modern Ceremonial
Magick. It largely grew out of the work of Austin Osman Spare, though
it has been fractalized into many forms over the last 10 or so years.
Chaos Magick emphasizes a personal, experimental approach to magickal
practice, de-emphasizes "traditional" approaches (ie. GD, OTO, et al)
especially as regards "secret knowledge", male/female dichotomies and
order hierarchy; what can be learned from Masters or Gurus is far less
important or effective than what a dedicated researcher can discover
for hirself. As such, shamanism is incorporated more directly than
such historical approaches as Kaballa, though most Chaotes are quite
adept at examining traditional systems, incorporating what works and
discarding that which holds no personal appeal.
Chaos Magicians look at Magick as being a _living_ art rather than an
_antique_ one. They regard the various belief structures of magick as
being the _means_ rather than the _end_, and the most adept can alter
their belief-state as easily as they change clothes. Chaos Magick
recognizes no particular system of theology as having any more
"reality" than any other, and most Chaotes (like Jung) approach
dieties as being no more than archtypical constructs of the
subconscious mind. Therefore they are far less concerned with having
any (in their eyes) arbitrary moral system pounded into their skulls
before getting to actually put magickal techniques into practical use
than "Old Aeon" systems like the GD's or Abra-Melin.
Chaos Magick propounds no particular dogma or moral system, beyond
it's most common identifier: "Nothing is True, and Everything is
Permitted."
I have yet to meet, however, any adept Chaos Magician who doesn't have
a strong sense of personal ethics and subscribe to it feverently.
And in this one see's many of the points which Synner neglected to mention.
But before even beginning to touch on those, I'm going to hop way back and
give my personal definition of Magick in general for the benefit of those
unfamiliar with such a concept beyond fairy-tale literature...
Magick is the art of bending reality to one's will for whatever reason be it
personal or so-called "god sent". Magick *has* to exist simply because so many
people in so many different places practice it. And even should Magick *not*
exist, *because* so many people practice it, it *does*. Why? Because Magick
exists. Confused? Good. I have succeeded in wasting your time. Now let's move
on... ;-)
Now let's begin to look at approaches to Magick. Up to the point where Khaos
Magick stepped into the world, Magick was approached largely from a
traditional viewpoint. This means that Magick has been performed in manners
passed down over generations, the original method of which was probably
obtained from some-one who had ingested something hallucinogenic, was mildly
insane, or perhaps actually had a very strong affinity with the supernatural.
Of course, to a Chaos Magician (reffered to from here on as Chaotes), which
one of these it was doesn't really matter in terms of effectivity. :)
You see, most chaotes adopt Jung's concept of gods as archetypes of the
subconscious mind. Thus the emphasis is not placed on *HOW* Magick should be
performed, but on actually *MAKING* it happen. The Chaote acknowledges that
an invocation to Homer Simpson can be just as effective and in some cases
perhaps even more effective than one to a traditional deity. Also, which
represents drunkeness better to you - Dionysus (ancient greek god of wine) or
Barney from the Simpsons? I thought so. Now maybe you're whining that Barney
isn't a "god", but to some extent, he IS, in that by you *thinking* of him as
a god, he becomes so. Nothing needs to "exist" - it works anyway - which is
why Chaos Magick is the only school to have Athiest magicians. :)
In Conclusion, I would like to recommend that anyone interested in learning
more about Magick and particularly Khaos Magick, should read the work of
the following people who have written stuff in these fields...
Psychology: Jung, Freud, Nietschze
Occult: Peter Carrol, Austin Osman Spare, Anton LaVey, Aleister Crowley,
Tzimon Yliaster, Phil Hine
Fiction: Isaac Asimov (Esp. "The Last Question"), HP Lovecraft, JRR Tolkein
Art and Theatre Movements: Surrealism, Constructivism, Dadaism, Absurdism,
Existentialism, Expressionism
And also check out the following URL'z...
www.chaosmatrix.com
www.crl.com/~tzimon
www.occultsearch.com
www.chaosmagic.com
www.execpc.com/~discord/iot
ds.dial.pipex.com/specularium
Later this year, Pneuma and I will publish "Liber Tine" online, the book on
our approach to Khaos Magick which we are writing. Until then, Cheers...
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. K-r4d 0h-Day Chr1stian1tY War3z fr0m Var10uz ._ ,;:;,, _.
We recieved divine inspiration from the following visitor to #5fm, who has
bestowed upon us great wisdom which we shall cherish our entire life...
--- BEGIN LOG ---
* lee (lee@ABD7AD12.ipt.aol.com) has joined #5fm
<Pneuma> <efG>
<opium> pn3um4, i h4ck3d n4s4
<lee> hello any christians out there???
<lee> helllloooooooo
<Pneuma> lee: I just ate them all, maybe tommorow :P
<Lupine> lol
<BiNg_> keep religion out of this channel
<opium> çîàh mî héw çé hàk
<nemesis> BiNg_: YEAH!!
<ALLOK> huh?
<Pneuma> lee: I told you already, I Ate them all, try tommorow!
<lee> no, GOD is everywhere!!!!!!!!!!!!!!!!!!
<opium> pneuma, t34ch m3 h0w t0 h4ck!!
<BiNg_> ?
<Pneuma> Ok, enuff about religion b4 I make u cry
<lee> what is wrong with you, why cry???
<nemesis> lee : go away to #god or something
<opium> i worship Pneuma
<opium> he is my gof
<opium> he is my god
<lee> never heard of him
<Pneuma> Opium: thats understandable
<ALLOK> i worship money
<lee> shaim
<lee> money.................
* Pneuma is the god of good sex, beer, and evil computer trix
<nemesis> lee : ja ... so leave.
<BiNg_> i dont bow down before anyone
<lee> well, some day, when GOD comes, EVERYBODY will bow
<ALLOK> to me
<BiNg_> can you prove that
<lee> bible
<BiNg_> oh yeah
<nemesis> lee : GET THE HINT? # god
<Pneuma> JESUS MOWS MY LAWN!!!!!!!!!!!!!
<lee> be carefull what you say!!!!!!!!!!!!!!!!!!!!!!!
<nemesis> lee : or what?
<lee> well, tonight i will pray for you and someday your'e eyes will open
<ALLOK> aaaaaaaaaaaaaaaaaaaaaaaahhhhhhhhhhhhhhhhhhhhhhhhhaaaaaaaaaaaaaaaaaaahh
MY EEEEEEEEYYYYYEEEEEEEEEESS
<ALLOK> I'M BLIND
<nemesis> Lee : yeah whatever...the aliens built us, or sum such shit
<BiNg_> why should i trust someone who took away to of my closest friends and then
when i ask someone they say "god works in mysterious ways"
<nemesis> BiNg_: yeah...explain that..
<lee> well, stop being stupid, you know the truth but you are to proud to
admit it, why can't you just chat, that is all i want
<ALLOK> BOOM, (it's the voice of G.O.D)
<opium> lee: *lick*
<nemesis> Lee : isnt it prayer time or sumthing?
<lee> are all of you from sa
<Pneuma> Yes, and proud of it, Better than being a dumb hippie american :P
<opium> YAAAAAAAAAAAAAAAAAAAWN
<nemesis> lee: WHO CARES? { sumbody plz kick him!!}
<ALLOK> i care
<lee> also safrican
<lee> who says it's a him
<BiNg_> religion is the world's best practical joke
<opium> lee, are u gay?
<Pneuma> HEH!
<lee> no, i am straight and i am a girl
<opium> oh
<lee> opium, wanna chat.
<opium> nah
--- END LOG ---
So, inspired by the light of Jesus, we decided to 'grep -i' all our IRC logs
for 'jesus' and 'christ' - the results of which looked something to the effect
of this...
In #b4b0 ...
<samj> cause like christians are against alternate life styles
* Topic is 'Let's party like we were at a christian suicide.'
<opcode> jesus christ.
<majere> jesus h fucking christ
<jcb> jesus christ
<JimJones> JESUS CHRIST
<gl4z> jesus chr1st.
<chrak> jesus be in heaven
<gore> I'm so sick of jesus
<lusta> jesus
<tymat> jesus
<elneenja> jesus du0d
<tip> jesus.
<JimJones> jesus thats a stupid ploy.
In #ch4x ...
<peapeJ> at a fucking club for christ's sake
<di9ital> jesus
<di9ital> jesus fuck
In Blabber.Net's #hack ...
<Aragon> christ
<xanex> Blu_J: CHRIST
<cinos> christ
<cinos> christ almighty
<cinos> hey christ man
<cinos> christ
<cinos> christ all fucking mighty
<Jaguar> christ..
<fern> i mean CHRIST!
<taliesin> hmmm... all i want for christmas is my little cray, my little cray
<fern> GEZUZ FUCKING CHRIST SUPERSTAR
<fern> my oath to christ
<cache> christ i wonder how fuqn ugly she was to go for someone lookin like u
<fREkaZ0iD> HOLY CHRIST Sega Dreamcast has 24mb ram!!!!!!
<vision> for christ sake
<vision> christ vort ;P teach some people here how tcp/ip works
<vision> jus :P christ i use fbsd.
<vision> christ everyone shutup
<vision> christ i wonder whats going on.
<vision> christ (: i know ipv4 better than the people who designed it.
<vision> christ i am smurfing myself now.
<fREkaZ0iD> dood you are as pissed as a coloured on christmas eve
<Umaro> jesus christ
<wyze1> ack! christians!
<jus> christ :P
* opium was kicked by hotmetal (YOU DO NOT RUN NAMED FOR CHRISTS SAKE)
<Aragon> christ
<DrSmoke> jesus christ netscape is a piece of shit.
<DrSmoke> jesus christ wget
<MAgikm> christ
<dem0n> christ
<dem0n> christ what a lame topic
* Topic is 'Vortexia looks like Jesus'
<X-sTrEaM> UglyKidJoe: jesus bru at least upgrade to OSR2.
<X-sTrEaM> jesus
<X-sTrEaM> c/s: 48867? jesus!@#
<fREAkaZ0iD> jesus my modem cant do that
<xanex> Vortexia: hey wanker jesus wannabe
<fREkaZ0iD> jesus
<fREkaZ0iD> holy jesus
<fREkaZ0iD> jesus
<Aragon> jesus, 40 sectors bad
<fREkaZ0iD> jesus
<fREkaZ0iD> jesus
<Umaro> jesus christ
<fREkaZ0iD> JESUS CHRUST
<Pneuma> jesus d00ds, so god damn what if we like the bible!!!
<Estaga> jesusfuck
<DrSmok[e]> jesus I'm still rushing
In #HWA.hax0r.news ...
<_655321_> fucking christ man
<wyze1> Told you all Christians were insane :P
<Who74> oh christ
<Who74> christ
<Who74> christ, it wasnt that good
<Cruciphux> christ
<SugarKing> oh jesus
In #Legions ...
<BloodAxe^> !fuck Christina Aguilera
<Cyrano423> ahh k, I should start some Christianity questions (hopefully that
statement did not offend anyone)
<Mnemonic> Zao == Christian hardcore
<lothos> christianity scares me
<Mnemonic> it's Christian hardcore
* techn1cs has quit IRC (he dreamed a god up and called it christianity)
<DataShark> christ redhat labs droped 3 1/4.
<KrankShft> christ almighty.
<ritual> christian rock sucks
<Dixie> i dont care if you were jesus fucking christ.
<Mnemonic> but don't use Christ's name in vain
<ritual> christian music blows
<cyrez> christian, muslim, buddah, jehova.... all the same
<nofx> christ
* Becky- has quit IRC (Jesus may love you, but everyone else thinks you're an
asshole.)
<jorge> jesus, people upstairz fuqn sound like they r fuqn killing people by
hitting them with baseball bats
<Je5u5> #Jesus unable to rejoin channel (you're banned!)
<Je5u5> they do not LIKE JESUS
<Je5u5> I am in JESUS CHAN
* shekk is now known as fukJesuS
* fukJesuS is now known as jesusblow
<slackette> hehe Nt im opped in #jesus
<Cyrano423> why is it they do not talk about Jesus in #jesus
<wyze1> I bet you I could make them talk about Jesus ;P
<wyze1> <wyze1> y0 man, i had dis mad dream dat i had anal sex0r with jesus,
what do u think it meanz?
<wyze1> <wyze1> i never knew jesus was a nigger
<Kane14> jesus
<Kane14> jesus
<ironik> jesus
<methix> oh jesus
In the (now deceased) #zahack on EFNet ...
<vision> christ i am pissed off.
<vision> christ.
<cyberphrk> and how when it was my turn, santa (satan if you concentrate real
hard) asked me what i wanted for christmas, and i replied with a big
stupid-ass smile, 'A BEAVER!'
<xmagii> jesus christ, have u no shame
<vortexia> geeezus christ
<vortexia> geeezus christ if this is the way my friends repay me for what I do
<vision> for christ sake what did i miss now.
<Vortexia> PhreakAZD yes, I believe in God, I am a Christian, though I do not
follow organized religion, my Christianity is derived from how I perceieve
the bible, not how others do
<xmagii> jesus don't start that ? crap again
<xmagii> jesus the chances of the sequencing being right must be one in a
million
<xmagii> jesus
<fREAKaZiD> jesus
<fREAKaZiD> JESUS!
<fREkaZ0iD> jesus
<fREkaZ0iD> JEsus chrsist i hate this town
<fREkaZ0iD> jesus u got a bigg rectum
<fREAKaZiD> jesus
<fREkaZ0iD> jesus
<fREkaZ0iD> jesus man
<fREkaZ0iD> hahahahahaha jesus what a wanker
<fREkaZ0iD> jesus ignore this guy
<fREkaZ0iD> jesus
<fREkaZ0iD> jesus
<fREkaZ0iD> jesus
<fREkaZ0iD> jesus
<fREkaZ0iD> jesus
<fREkaZ0iD> jesus man
<cyberphrk> vortexia, opium told me you look like jesus, now im thinking all
weird of you
<cyberphrk> vortexia, yeah, he's right, you're jesus
And THAT, ladies and gentlemen, was the international hacking scene's
contribution to the institution of Christianity. We hope you enjoyed it, and
if you didn't - We don't care. Just leave us alone for Christ's sake. ;-P
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. Cisco PIX Denial of Service by Vortexia ._ ,;:;,, _.
Hi All, just a bit of a security notification.
Cisco has been informed of this problem and Im waiting for a fix for the
problem, Ive also noted that various other firewalls are effected by this
code, though if you wanna know if whatever you are running is effected,
you will have to test it.
A brief rundown of the problem.
If you run routable ips on your internal interface on your pix, and
routeable ips on your external interface, so the pix is not running nat,
the pix keeps a state table of everything going on. Anything that is not
in your state table that attempts to come in from the outside is denied,
even if there is a conduit in place to permit anything. Which means that
you have to establish a connection from your internal network to your
external network before anything external can send data back. This is a
really nice feature, unfortunatly there is a big of a bug that I found in
this. While testing on in house equipment for possible flaws, as we
continually test various products, I found the following.
On recieving a RST packet (TCP Reset) from a given host with the correct
source and destination port, the PIX will drop the state entry for that
particular connection, which means the tcp connection dies due to the fact
that no state entry the external box can no longer talk to the internal
box.
So, if we take a standard raw ip packet, give it a tcp header, and set the
source ip as a machine that your internal box is connected to, and the
destination ip as your internal machine, set the source port on the
spoofed ip as the port the person is connected to, set your destination
port on your destination ip cyclically to possible source ports on his
side, and send resets, it will drop the persons state table entry, cutting
him off from the box he is connected to.
Now, the one question I asked when I wrote this, is why does this work,
why is there no seq/ack checking on RST packets, this was answered in the
TCP RFC, saying that seq/ack numbers are not checked on RST packets,
however they are checked on FIN packets, hence using FIN packets for this
test is futile without sequence prediction code.
There is a simple work around for this problem however, and anyone wishing
to know the details of that is free to email me at andrew@cnsec.co.za for
details.
Below I have posted example code to show the exploit and how it works, and
hopefully this will be useful to someone on this list and help fix a
fairly nasty denial of service problem.
Many Thanks
Andrew Alston
Citec Network Securities (Director)
Phone: (011) 787 4241
Fax: (011) 787 4259
Email: andrew@cnsec.co.za
[Ed: Exploit code can be found in ./kodez/CiscoPIX]
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. An Introduction to Java Servlets by Wyzewun ._ ,;:;,, _.
Java Servlets are an extremely powerful server side CGI-replacement supported
by most major web-servers, and used by very few admins - most notably because
they either don't know they exist or don't have the skill needed to write
them. Java Servlets have several advantages over Perl and other traditional
CGI languages in they are faster to write and to run, infinitely more secure,
and have all the advantages of the extremely well furnished Java Servlet API.
In this tutorial I will teach you how to write simple Java servlets. Although
a knowledge of the Java language is not *completely* necessary to understand
this, it will certainly help. What you *will* need is a basic knowledge of the
HTTP protocol, of HTML, and of any object-orientated programming language.
With that said - let's get going...
Servlets are written as if normal programs except they extend the Superclass
HttpServlet. We just override the functions doGet(), doPut(), doTrace(),
doPost() and doDelete() - the HTTP request each one handles is kinda obvious.
=) Right, let's code a simple servlet quick...
import javax.servlet.*; // Import the libraries we need to make HTTP
import javax.servlet.http.*; // servlets and throw the right exceptions
// Here we declare the class and make it extend the HttpServlet Superclass
class SimpleExample extends HttpServlet {
/* This over-rides doGet() and passes it the user's request (called "req" in
this example) and the Servlet's response (called "res" here). Both
exceptions thrown are required by the HttpServlet superclass */
void doGet(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {
// Set HTTP Content Type
response.setContentType("text/html");
// Get communicating with the luser
PrintWriter out = res.getWriter();
// Send HTML
out.println("<html><head><title>Servlet Output</title></head><body>"
+ "<h1>FUQ J0O!@#$</h1></body></html>");
// Close Stream
out.close();
} // end of doGet();
} // end of SimpleExample
OK, this issue is being released tomorrow, and a chiq friend of mine bought me
a bottle of champagne and a condom for my birthday, so I gotta be honest - I
don't have time to finish this article. :) Will make a sequel in future issues
if I think anybody cares enough. Cheers...
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. Fixing M-Web Specific Modems by JungleG ._ ,;:;,, _.
<DISCLAIMER>
I don't know anything about what I'm about to tell you - I haven't tried it
myself. I don't own any Mweb modems, nor do I condone doing this. If you
ever try to turn this against me, in any way, I cannot be held responsible
and you must pay me 100 million Rand.
</DISCLAIMER>
So, you're sitting there one day and this advert comes on the TV telling you
that you can buy a Mweb Net-Getter (sp?) modem for R99. Great you think,
this is awesome, I can get myself a 56K modem for only R99, right?
Wrong.
The Mweb Net-Getter modem are Mweb specific, ie. they only work when you
dial into an Mweb POP. Until now.
Here's what you do:
1) Find yourself an EPROM writer. Most universities and some security companies
have them too.
2) Go to your favourite electronics suplier and buy a 27c2000 EPROM Chip.
3) Find a friend / uncle / relative / boss / etc who has a Fastlink V.90
modem.
4) Open the Fastlink up. remove the EPROM and copy the EPROM from the
Fastlink onto your newly Bought 27c2000 EPROM.
5) Close the Fastlink modem up and return it.
5) Open the Mweb modem up and replace the existing EPROM with the newly
bought and programmed 27c2000 EPROM.
6) Close the Mweb modem.
7) Plug and Pray.
8) There is no 8 .. I thought 8 looked good though.
Easy as that, you now have a 56K V90 modem for R99.
Jungle G
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
__... . . ...__
d$$^^ ^^$$b
.?$; ;$$;:;,
_. Miscellaneous IRC Gayness ._ ,;:;,, _.
<d\r\e\> heh
<d\r\e\> you a girl?
<Pneuma> nah, not right now, why?
<d\r\e\> uh
<d\r\e\> somehow that answer strikes me as awkward.
<paszaz> hi there
<Pneuma> lo
<paszaz> do u know Back Orifice?
<Pneuma> never met him
<paszaz> It's not a him, it's a program
<Pneuma> oh
<paszaz> ok
<Eth`real> what is a .tar file?
[Ed: She's a #hack netslut - but I s'pose you figured that out already :P]
[Ed: More #hack netsluttery...]
<Andi> vans kissing my tits. r u jealous?
<Aragon> lol
<Aragon> no
<Kat> ive hax0red everyb0dy and now im dealing in pr0n instead
ð acid is back!!!!!!!!
<acid> with PIZZA!!!!!!!!!!!!!!!!!!!!
<acid> _(@^#^#_!@!@#
<Aragon> yay
<xanex> pizza
<xanex> pizza
<xanex> pizza
<xanex> pizza
<acid> woo hoo
<Kat> omg im gonna order pizza
ð jus awaits his pizza
[Ed: Cretins :P]
<OpTiC> if u get someone elses dial up account do u pay telkom?
ð GreekGod is pretty good, thnx
<Pneuma> oh, good
<Pneuma> do u spit or swallow?
<GreekGod> excuse me?
<Pneuma> oh, sorry, wrong window
<GreekGod> damn right!
<GreekGod> lol
<Pneuma> no, only if its really soft
<Pneuma> wtf! wrong window again! it keeps popping up
<GreekGod> uhm, just a matter of interest
<GreekGod> What are you talking about?
<Pneuma> no, thats too ruff! slower
<Pneuma> dammit, why does this keep coming?
<GreekGod> fuck, you are a sick person
<Pneuma> why the hell does this come in the middle of my conversations?
<NightFall> Ugly ... im 17 , hacker dude in training so to speak
<UglyKidJoe> hacker in training ?
<UglyKidJoe> this sounds so lame
<NightFall> got my good fair share for being spooked the other day
<NightFall> pinged www.fbi.gov
<UglyKidJoe> wow
<UglyKidJoe> u are so l33t
<UglyKidJoe> i got to log this
<NightFall> port tampering email was send to my isp
<NightFall> geez
<NightFall> I didnt even connect
<NightFall> dumb assies
<NightFall> got a warning
<NightFall> dumb shit
<NightFall> :P
<NightFall> some crap about the american embasy being in pretoria and me not
being imune to fbi
<NightFall> yak yak yak
<NightFall> :P
<Harper> hehe
<Harper> harper the unopped ;)
<zigy> hehe
*** Harper was kicked by Pneuma (Opped)
[Ed: #Darknet elitez...]
<Pneuma> wtf is gay-boi, he has my STDs!!!
<Snacker> rave- : yo there ?
<rave-> shur
<Snacker> rave- : can u give me some hints to break in a Apache/1.3.3 (Unix)
Debian/GNU on Linux ?
[Ed: Have I mentioned how cool #Darknet is, btw?]
<DA^BOMB> sup rave
<DA^BOMB> send a brotha some more passwd fles
[Ed: And while we're at it, have ya seen NXT-Howto.txt by E-Mind of #Darknet?]
<snip>
Section A - What is a DNS?
--------------------------
A DNS - Domain Name Server, is used to convert host names to IP addresses
and IP addresses to host names.
for example: www.infoseek.com = 204.162.96.173
</snip>
<snip>
2. What is the theory behind the exploit?
The exploit uses a Buffed Overflow in BIND versions 8.2 - 8.2.2 to
gain a remote root shell.
</snip>
<snip>
6. How do I compile the exploit?
As always:
$gcc t666.c -o t666<ENTER>
$
7. How do I run the exploit?
$su<ENTER>
Password:<password><ENTER>
#./t666 1<ENTER>
</snip>
<snip>
Section D - Who should be credited for this HowTo?
--------------------------------------------------
1. who is the person that motivated me into writing this?
That person is no other the gov-boi, he operates the great site
www.hack.co.za. Without him, this How-To would have never been writen!
Thanks Gov-Boi :)
</snip>
[Ed: Needless to say, #darknet are super-fuqn-skilled-kick-yo-azz-hax0rz]
;, ,;;4,
,?;;$;,__________________________________________________________________,,7$;
________,,,........... .........______
$$$$$$$$$½½½½½½½^^^^^ '''''"""???zz. $$
^?$$$ `?; $$
'$$ Daar is geen meer jy vokking Skaapnaaier!@#$%^ $;$$$
?; ,,?;I$$$
,"________________________________________________________..,,##½½½', $$
_.+ +.,;
k-r4d 0h-d4y ju4r3z d1ztrh03z...
www.mdma.za.net/fk
packetstorm.securify.com/mag/fk
Send article submissions, hate mail, pictures of your butt, or whatever to
wizdumb@leet.org and/or pneuma@mdma.za.net
For automatic delivery of FK to your mailbox as it comes out, subscribe to
our mailing list by sending mail to minimalist@security.za.net with
"subscribe fk" in the subject of the message. Propz to Jus for setting this
up for us, and propz to Mogel of scene.textfiles.com for recommending it.
< K-Leet Tail Ascii Goez Here - DOH! >
JETZT WERDE ICH IN DEIN ARSCHLOCH EINDRINGEN ALS OB ES POLEN WARE !@#$%^&
