informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/bbs/DESTRUCTION/breakbbs

159 lines
4.3 KiB
Plaintext
Raw Permalink Blame History

What to Do When You Break Into a BBS
===================================
-=> Doctor Crunch <=-
Ok, you probably have read t-files
about how to break in a bbs. so, I will
tell you what to do when you get into
the bbs. Most sysops, if they have an
IQ, will disable the INIT command. they
usually do this by changing the INIT
command to some other word you will
never guess. Well, there is an easier
way to crash the bbs than by searching
for what the sysop changed it to. Get
in the moniter (CALL-151), and type:
A54FG
This is the INIT command's entry point
which DOS calls to initialize a disk.
There are some bugs with this way of
crashing a disk though:
1) It takes about 40 seconds to INIT
a disk, and if a sysop is there,
he can stop you at any time.
2) Many boards use a fast dos; and,
most fast-DOSes had to take out
the INIT command to make the mods
to DOS. So, even if you do a
A54FG, you won't be able to kill
the disk.
I prefer to kill the VTOC, instead
of INITing the disk. Here are a couple
of reasons why:
1) Very quick!!!!!
2) Very nasty!!!!!
The trick is to rewrite the VTOC
(Volume Table Of Contents) to say that
the CATALOG track is 255. Now all of us
know there is no track 255 on a disk,
this can only mean.....(you guessed it)
that the system will bomb when doing
anything that involves looking at the
CATALOG track. Since almost everything
you can do in DOS involves reading the
CATALOG track, this will crash the bbs
quite well. And here is a nice little
catch, you can reboot his disk (which
will give him an I/O ERROR because
when the hello file is run, DOS must
look at the CATALOG track) and logoff
at the same time. You should always
logoff quickly so that the sysop can't
lift up the phone, which sometimes will
prevent you from hanging up. The way I
logoff is the make the bbs I just
crashed do a reset, causing me to be
disconnected from the other end of the
line. Since most terminal programs
hang up if you loose the carrier (which
will happen when his system resets),
you will hang up the second you crash
his system!!!!
Well, here it is:
(Be sure you're in the moniter)
*B3BC:FF NAFFBG 3F4:00 NFA62G
If you don't want to logoff,
*B3BC:FF NAFFBG
NOTE: Sometimes you may hear a beep,
then all of your moniter commands
will fail. This is because of a
bug in DOS. When RWTS lets go of
control, the moniter varible $48
is destroyed. To work properly,
$48 must be restored to 0 before
the moniter takes control again.
I made a short routine that when
called, writes the VTOC buffer to
the disk, and sets $48 to 0. The
routine is:
300- 20 FB AF JSR $AFFB
302- A9 00 LDA #$00
304- 85 48 STA $48
306- 60 RTS
Sometimes it is desirable to crash the
disks in drive 1 and drive 2. This can
be done in 1 line, including the quick
logoff:
*300:20 FB AF A9 00 85 48 60 N B3BC:FF
NB5F8:1 (drv1) N300G B5F8:2 N300G
3F4:FF N FA62G
Well, that's all folks!!!
Have lots of fun......
==============
{>Dr. Crunch<}
==============
-=*> P.S. I was messing around with
DOS a couple of days ago and I
figured out a real, real, real,
nasty one. You have probably
heard of letting the drive spin
for a couple of days to ruin it.
This worx, but it takes a long
time... I like this 1 better:
*BDCC:EA EA NBDDA:EA EA
This mods DOS to recalibrate the
drive head forever (unless the
sysop walks in). So, all you do
now is use a DOS command that
reads the disk, and the drive is
going to make alot of funny
sounds! CATALOG is the best
one to use, since it is in
almost every DOS unmodified.
=====
NOTE: This should only be done when
===== there is a VERY, VERY, good
reason to waste some dudes
drive. Don't ever do this as
a prank, because it works!
Zatz it..
)>Dr. Cruch<(
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
by Dr. Crunch for the Assassin's Knot
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=======================================
Reference in New Issue View Git Blame Copy Permalink