130 lines
6.3 KiB
Plaintext
130 lines
6.3 KiB
Plaintext
|
|
|||
|
|
|
|||
|
|
HackBBS v0.2 COM ONLY Version
|
|||
|
|
(c)1993 By Virogen
|
|||
|
|
06-29-93
|
|||
|
|
-----------------
|
|||
|
|
The Ultimate In Board Hacking Software
|
|||
|
|
|
|||
|
|
|
|||
|
|
Disclaimer :
|
|||
|
|
Naturally, this software is not intended to be used in any
|
|||
|
|
state or country in which it may be illegal. This creator
|
|||
|
|
of this software can not be help accountable for any
|
|||
|
|
damages, loss of data, or anything else which may result
|
|||
|
|
in the use of this program. All responsibilities lie with
|
|||
|
|
the operator of this software.
|
|||
|
|
If you do not agree to the above terms then don't use
|
|||
|
|
this software.
|
|||
|
|
|
|||
|
|
HACKBBS - The Concept
|
|||
|
|
----------------------
|
|||
|
|
A while back I was looking at a few text files which describe how to
|
|||
|
|
infiltrate bulletin boards thru backdoors and bugs in the software. I
|
|||
|
|
saw some good ideas for hacking SOME bulletin boards. HackBBS will allow
|
|||
|
|
you to hack nearly any bulletin board in existence using no bugs in the
|
|||
|
|
software, etc.. So, welcome to the latest in board hacking technology.
|
|||
|
|
Yea, stupid phrase, I know.
|
|||
|
|
|
|||
|
|
|
|||
|
|
How it works
|
|||
|
|
-------------
|
|||
|
|
This is a COM Only version of Hackbbs. I had a few problems with memory
|
|||
|
|
with the EXE version, but I do still expect to release it soon. I separated
|
|||
|
|
the versions so that the file size could be kept to a minimum. Anyway, what
|
|||
|
|
hackbbs does is install itself, along with a specified batch, com, or exe
|
|||
|
|
file, onto any COM file. The file you append to the COM file will be
|
|||
|
|
called the activation file from now on. This file CANNOT exceed 32k. If it
|
|||
|
|
does, then it will not execute properly once activated. I'm working
|
|||
|
|
on fixing this. ALSO, make sure that the infected COM file does not exceed
|
|||
|
|
the 64k boundary. The infected file will function normally until the
|
|||
|
|
key is located anywhere in the command line. At which time, hackbbs
|
|||
|
|
will take control and write the batch, com, or exe file which it attached
|
|||
|
|
to the program. It will then execute this file. HackBBS writes the file
|
|||
|
|
to disk as EXACTLY the same name you specified when infecting the file.
|
|||
|
|
If you used a path such as : "C:\TEST\RUNME.COM" then HackBBS will write
|
|||
|
|
the file to that directory and filename upon activation. If you did not
|
|||
|
|
specify a directory name, then hackbbs will write it to the current
|
|||
|
|
directory on the victim's computer. Confusing enough? Good, why make it
|
|||
|
|
simple when you can completly screw things over?
|
|||
|
|
|
|||
|
|
Command Syntax for HACKBBS :
|
|||
|
|
HACKBBS [COMFILE] [COM_EXE_BAT] [KEY]
|
|||
|
|
|
|||
|
|
-COMFILE is the name of the file you wish to infect
|
|||
|
|
-COM_EXE_BAT is the name of the activation file -LESS THAN 32k!
|
|||
|
|
-KEY is up to 8 characters which, when found on the command line,
|
|||
|
|
activate hackBBS. If you specify a key longer than 8 chars, only
|
|||
|
|
the first 8 characters will apply.
|
|||
|
|
|
|||
|
|
How to use it
|
|||
|
|
--------------
|
|||
|
|
To use this program to hack into a board, simply run hackbbs on the
|
|||
|
|
COM file you wish to infect, using the above parameters. The activation file
|
|||
|
|
you create can do anything you wish. I'll leave it up to your imagination
|
|||
|
|
to think of the possiblities. One thing you MUST remember though, this
|
|||
|
|
program is not designed for re-entry into the executable. Therefore, once
|
|||
|
|
the batch file is run don't plan on returning to the COM file and
|
|||
|
|
continuing the process. I'd suggest removing all evidence and then
|
|||
|
|
rebooting his system. Anyway, an example of hacking a board would
|
|||
|
|
be :
|
|||
|
|
1) Create the batch file TEST.BAT containing :
|
|||
|
|
CTTY COM1
|
|||
|
|
(substitute the appropriate COM port)
|
|||
|
|
2) Extract the latest version of DSZ into a temporary directory.
|
|||
|
|
Infect DSZ.COM with a command line something like :
|
|||
|
|
HACKBBS C:\TEMP\DSZ.COM TEST.BAT ACTIVATE
|
|||
|
|
3) Be friendly, and upload it to the victim's board.
|
|||
|
|
(be sure to talk it up in the description, to make sure
|
|||
|
|
that he'll use it on his board)
|
|||
|
|
4) Call back whenever he's got it installed and upload him the
|
|||
|
|
file : ACTIVATE.ZIP using DSZ. Bam, boom, smack.. as soon
|
|||
|
|
as DSZ is run with "ACTIVATE" in the command line your batch
|
|||
|
|
file is written to disk and executed. Thus, redirecting
|
|||
|
|
standord I/O to COM1. You just got access to his/her DOS.
|
|||
|
|
You need to remember to delete all evidence of your infiltration.
|
|||
|
|
HackBBS will not return to the infected file and continue
|
|||
|
|
running. I suggest you reboot the victim's computer.
|
|||
|
|
|
|||
|
|
Ofcourse, you could just write a batch file to format his HD, send
|
|||
|
|
his users data file, etc.. No limits. The best part is that HACKBBS
|
|||
|
|
can install itself onto any COM file, protocols, compression utils,
|
|||
|
|
upload processors, etc. The EXE version will be even more effective.
|
|||
|
|
|
|||
|
|
|
|||
|
|
Details & Warnings
|
|||
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
|
- DO NOT USE AN ACTIVATION FILE LARGER THAN 32k!
|
|||
|
|
- ALWAYS CHECK AND MAKE SURE THAT AN INFECTED COM FILE DOES NOT
|
|||
|
|
EXCEED THE 64K BOUNDARY.
|
|||
|
|
- HackBBS was written in assembly, compiled by TASM v2.0.
|
|||
|
|
- When executing a batch file, hackbbs uses the command line :
|
|||
|
|
C:\COMMAND.COM /K [filename.BAT]
|
|||
|
|
Where [filename.BAT] is the filename of the file you appended
|
|||
|
|
to the COM.
|
|||
|
|
- When executing a COM or EXE file, hackbbs executes it directly.
|
|||
|
|
- No, I haven't tested it extensivly.
|
|||
|
|
- Nowhere Man's CRYPTCOM utility was used to encrypt the
|
|||
|
|
original executable (HACKBBS.COM). I then made a few
|
|||
|
|
unsignificant changes to deter debugging. (here CCh, there
|
|||
|
|
a CCh, everywhere a CCh)
|
|||
|
|
|
|||
|
|
|
|||
|
|
How to tell Virogen what a great program he wrote, or what a shitty
|
|||
|
|
piece of crap this thing is
|
|||
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
|
|
|||
|
|
Simply leave me a message anywhere, and everywhere and eventually I'm
|
|||
|
|
bound to recieve it. You can leave a message to me on Fidonet (Virogen),
|
|||
|
|
Virus Conference, but I only scan it occaisionally.
|
|||
|
|
|
|||
|
|
|
|||
|
|
<20><><EFBFBD> <20><>
|
|||
|
|
<20><><EFBFBD> <20><> <20><> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD>
|
|||
|
|
<20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD> <20> <20><> <20> <20><> <20> <20><><EFBFBD> <20><> <20>
|
|||
|
|
<20><><EFBFBD> <20><><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><> <20>
|
|||
|
|
<20><>
|
|||
|
|
<20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
|
|
|||
|
|
|