424 lines
21 KiB
Plaintext
424 lines
21 KiB
Plaintext
Hacking Tutorial Courtesy of the Jolly Roger
|
|
|
|
What is hacking?
|
|
----------------
|
|
According to popular belief the term hacker and hacking was founded at mit
|
|
it comes from the root of a hack writer,someone who keeps "hacking" at
|
|
the typewriter until he finishes the story.a computer hacker would be
|
|
hacking at the keyboard or password works.
|
|
|
|
What you need:
|
|
--------------
|
|
To hack you need a computer equipped with a modem (a device that lets you
|
|
transmit data over phone lines) which should cost you from $100 to $1200.
|
|
|
|
How do you hack?
|
|
----------------
|
|
Hacking recuires two things:
|
|
1. The phone number
|
|
2. Answer to identity elements
|
|
|
|
How do you find the phone #?
|
|
----------------------------
|
|
There are three basic ways to find a computers phone number.
|
|
1. Scanning,
|
|
2. Directory
|
|
3. Inside info.
|
|
|
|
What is scanning?
|
|
-----------------
|
|
Scanning is the process of having a computer search for a carrier tone.
|
|
For example,the computer would start at (800) 111-1111 and wait for carrier
|
|
if there is none it will go on to 111-1112 etc.if there is a carrier it
|
|
will record it for future use and continue looking for more.
|
|
|
|
What is directory assictance?
|
|
-----------------------------
|
|
This way can only be used if you know where your target computer is. For this
|
|
example say it is in menlo park, CA and the company name is sri.
|
|
|
|
1. Dial 411 (or 415-555-1212)
|
|
2. Say "Menlo park"
|
|
3. Say "Sri"
|
|
4. Write down number
|
|
5. Ask if there are any more numbers
|
|
6. If so write them down.
|
|
7. Hang up on operator
|
|
8. Dial all numbers you were given
|
|
9. Listen fir carrier tone
|
|
10. If you hear carrier tone write down number, call it on your modem and your
|
|
set to hack!
|
|
---------------Jolly Roger
|
|
_____________________________________________________________________________
|
|
|
|
The Basics of Hacking II Courtesy of the Jolly Roger
|
|
|
|
Basics to know before doing anything, essential to your continuing
|
|
career as one of the elite in the country... This article, "the
|
|
introduction to the world of hacking" is meant to help you by telling you
|
|
how not to get caught, what not to do on a computer system, what type of
|
|
equipment should I know about now, and just a little on the history, past
|
|
present future, of the hacker.
|
|
|
|
Welcome to the world of hacking! We, the people who live outside of the
|
|
normal rules, and have been scorned and even arrested by those from the
|
|
'civilized world', are becomming scarcer every day. This is due to the
|
|
greater fear of what a good hacker (skill wise, no moral judgements
|
|
here)|can do nowadays, thus causing anti- hacker sentiment in the masses.
|
|
Also, few hackers seem to actually know about the computer systems they
|
|
hack, or what equipment they will run into on the front end, or what they
|
|
could do wrong on a system to alert the 'higher' authorities who monitor
|
|
the system. This article is intended to tell you about some things not to
|
|
do, even before you get on the system. I will tell you about the new wave
|
|
of front end security devices that are beginning to be used on computers.
|
|
I will attempt to instill in you a second identity, to be brought up at
|
|
time of great need, to pull you out of trouble. And, by the way, I take no, repeat,
|
|
no, responcibility for what we say in this and the forthcoming articles.
|
|
Enough of the bullshit, on to the fun: after logging on your favorite bbs,
|
|
you see on the high access board a phone number! It says it's a great
|
|
system to "fuck around with!" This may be true, but how many other people
|
|
are going to call the same number? So: try to avoid calling a number
|
|
given to the public. This is because there are at least every other
|
|
user calling, and how many other boards will that number spread to?
|
|
If you call a number far, far away, and you plan on going thru an
|
|
extender or a re-seller, don't keep calling the same access number
|
|
(I.E. As you would if you had a hacker running), this looks very suspicious
|
|
and can make life miserable when the phone bill comes in the mail.
|
|
Most cities have a variety of access numbers and services,
|
|
so use as many as you can. Never trust a change in the system...
|
|
The 414's, the assholes, were caught for this reason: when one of them
|
|
connected to the system, there was nothing good there. The next time,
|
|
there was a trek game stuck right in their way! They proceded to play said
|
|
game for two, say two and a half hours, while telenet was tracing them!
|
|
Nice job, don't you think? If anything looks suspicious, drop the line
|
|
immediately!! As in, yesterday!! The point we're trying to get accross is:
|
|
if you use a little common sence, you won't get busted. Let the little
|
|
kids who aren't smart enough to recognize a trap get busted, it will take
|
|
the heat off of the real hackers. Now, let's say you get on a computer
|
|
system... It looks great, checks out, everything seems fine.
|
|
Ok, now is when it gets more dangerous. You have to know the computer
|
|
system to know what not to do.
|
|
Basically, keep away from any command something, copy a new file into the
|
|
account, or whatever! Always leave the account in the same status you
|
|
logged in with. Change *nothing*... If it isn't an account with priv's,
|
|
then don't try any commands that require them! All, yes all, systems are
|
|
going to be keeping log files of what users are doing, and that will
|
|
show up. It is just like dropping a trouble-card in an ESS system,
|
|
after sending that nice operator a pretty tone.
|
|
Spend no excessive amounts of time on the account in one stretch.
|
|
Keep your calling to the very late night ifpossible, or during
|
|
business hours (believe it or not!). It so happens
|
|
that there are more users on during business hours, and it is very
|
|
difficult to read a log file with 60 users doing many commnds every minute.
|
|
Try to avoid systems where everyone knows each other, don't try to bluff.
|
|
And above all: never act like you own the system, or are the best there
|
|
is. They always grab the people who's heads swell... There is some very
|
|
interesting front end equipment around nowadays, but first let's
|
|
define terms... By front end, we mean any device that you must
|
|
pass thru to get at the real computer. There are devices that are made to
|
|
defeat hacker programs, and just plain old multiplexers.
|
|
To defeat hacker programs, there are now devices that pick up the phone
|
|
and just sit there... This means that your device gets no carrier,
|
|
thus you think there isn't a computer on the other end. The
|
|
only way around it is to detect when it was picked up. If it pickes up
|
|
after the same number ring, then you know it is a hacker-defeater.
|
|
These devices take a multi-digit code to let you into the system.
|
|
Some are, in fact, quite sophisticated to the point where it
|
|
will also limit the user name's down, so only one name or set of names
|
|
can be valid logins after they input the code... Other devices input a
|
|
number code, and then they dial back a pre-programmed number for that code.
|
|
These systems are best to leave alone,
|
|
because they know someone is playing with their phone. You may think "but
|
|
i'll just reprogram the dial-back." Think again, how stupid that is...
|
|
Then they have your number, or a test loop if you were just a little
|
|
smarter. If it's your number, they have your balls (if male...),
|
|
If its a loop, then you are screwed again, since those loops
|
|
are *monitored*. As for multiplexers... What a plexer is supposed
|
|
to do is this:
|
|
The system can accept multiple users. We have to time share, so we'll let
|
|
the front-end processor do it... Well, this is what a multiplexer does.
|
|
Usually they will ask for something like "enter class" or "line:". Usually
|
|
it is programmed for a double digit number, or a four to five letter word.
|
|
There are usually a few sets of numbers it accepts, but those numbers also
|
|
set your 300/1200/2400 baud data type.
|
|
These multiplexers are inconvenient at best, so not to worry. A little
|
|
about the history of hacking: hacking, by my definition, means a great
|
|
knowledge of some special area. Doctors and lawyers
|
|
are hackers of a sort, by this definition. But most often, it is
|
|
being used in the computer context, and thus we have a definition of
|
|
"anyone who has a great amount of computer or telecommunications
|
|
knowledge." You are not a hacker because you have a list of codes...
|
|
Hacking, by my definition, has then been around only about 15 years.
|
|
It started, where else but, mit and colleges where they had computer
|
|
science or electrical engineering departments.
|
|
Hackers have created some of the best computer languages, the
|
|
most awesome operating systems, and even gone on to make millions.
|
|
Hacking used to have a good name, when we could honestly say
|
|
"we know what we are doing". Now it means (in the public eye):
|
|
the 414's, ron austin, the nasa hackers, the arpanet hackers...
|
|
All the people who have been caught,
|
|
have done damage, and are now going to have to face fines and sentences.
|
|
Thus we come past the moralistic crap, and to our purpose: educate the
|
|
hacker community, return to the days when people actually knew something...
|
|
|
|
--------------Jolly Roger
|
|
_______________________________________________________________________________
|
|
|
|
|
|
Hacking TRW by the Jolly Roger
|
|
|
|
When you call TRW, the dial up will identify itself with the message "TRW".
|
|
It will then wait for you to type the appropiate answer back (such as CTRL-G)
|
|
Once This has been done, the system will say "CIRCUIT BUILDING IN PROGRESS"
|
|
Along with a few numbers. After this, it clears the screen
|
|
(CTRL L) followed by a CTRL-Q. After the system sends the CTRL-Q, It is
|
|
ready for the request. You first type the 4 character identifyer for the
|
|
geographical area of the account..
|
|
|
|
(For Example) TCA1 - for certain Calif. & Vicinity subscribers.
|
|
TCA2 - A second CALF. TRW System.
|
|
TNJ1 - Their NJ Database.
|
|
TGA1 - Their Georgia Database.
|
|
|
|
The user then types A <CR> and then on the next line, he must type
|
|
his 3 char. Option. Most Requests use the RTS option.
|
|
OPX, RTX, and a few others exist. (NOTE) TRW will accept an A, C,
|
|
or S as the 'X' in the options above.) Then finally, the user types his 7
|
|
digit subscriber code. He appends his 3-4 character password after it. It
|
|
seems that if you manage to get hold of a TRW Printout (Trashing at Sears,
|
|
Saks, ETC. or from getting your credit printout from them) Their subscriber
|
|
code will be on it leaving only a 3-4 character p/w up to you.
|
|
|
|
For Example,
|
|
(Call the DialUp)
|
|
TRW System Types, ST) CTRL-G
|
|
(You type,YT) Circuit building in progress 1234
|
|
(ST) CTRL-L CRTL-Q (TCA1 CYT) BTS 3000000AAA
|
|
<CR><CRTL-S> (YT]
|
|
Note: This sytem is in Half Duplex, Even Parity, 7 Bits per word and
|
|
2 Stop Bits.
|
|
|
|
CAUTION: It is a very stressed rumor that after typing in the TRW
|
|
password Three (3) times.. It sets an Automatic Number Identification on your
|
|
ass, so be careful. And forget who told you how to do this..
|
|
|
|
------------------Jolly Roger
|
|
_____________________________________________________________________________
|
|
|
|
More TRW Info Courtesy of the Jolly Roger
|
|
|
|
Trw is a large database in which company's and banks can run credit
|
|
checks on their customers. Example: John Jones orders 500$ worth of stereo
|
|
equipment from the Joe Blow Electronic distributtng Co. Well it could be that
|
|
he gave the company a phony credit card number, or doesn't have enough credit,
|
|
etc. Well they call up Trw and then run a check on him, trw then lists his
|
|
card numbers (everything from sears to visa) and tells the numbers, credit,
|
|
when he lost it last (if he ever did) and then of course tells if he has had
|
|
any prior problems paying his bills.
|
|
|
|
I would also like to add that although Trw contains information on
|
|
millions of people, not every part of the country is served, although the major
|
|
area are.. So if you hate someone and live in a small state, you probably
|
|
wont be able to order him 300 pink toilet seats from K-mart.
|
|
|
|
Logging on
|
|
==========
|
|
|
|
To log on, you dial-up your local access number (or long-distance, what
|
|
ever turns you on) and wait for it to say "trw" at this promt, you type
|
|
either an "A" or a "Ctrl-G" and it will say "circuit building in progress"
|
|
it will wait for a minute and then clear the screen, now you will type
|
|
one of the following.
|
|
|
|
Tca1
|
|
Tca2
|
|
Tnj1
|
|
Tga1
|
|
|
|
This is to tell it what geographical area the customer is in, it really
|
|
doesnt matter which you use, because trw will automatically switch when
|
|
it finds the record..
|
|
|
|
Next, you will type in the pswd and info on the person you are trying to
|
|
get credit info on: you type it in a format like this:
|
|
|
|
Rts Pswd Lname Fname ...,House number First letter of street name Zip <cr>
|
|
now you type ctrl s and 2 ctrl q's here is what it looks like in real life:
|
|
|
|
|
|
Ae: Dialing xxx-xxx-xxxx
|
|
|
|
(screen clear)
|
|
Trw ^G
|
|
|
|
circuit building in progress
|
|
|
|
(pause . . . screen clear)
|
|
|
|
Tca1
|
|
|
|
Rtc 3966785-cm5 Johnson David ...,4567
|
|
R 56785
|
|
^s ^q ^q
|
|
|
|
and then it will wait for a few seconds and print out the file on him
|
|
(if it can locate one for the guy)
|
|
|
|
note: you may have to push return when you first connect to get the systems
|
|
attention.
|
|
|
|
Getting Your Passwords
|
|
======================
|
|
|
|
To obtain pswds, you go down to your favorite bank or sears store and
|
|
dig through the trash (hence the name trashing) looking for printouts, if
|
|
they are a big enough place, and live in a trw area, then they will probably
|
|
have some. The printouts will have the 7 digit subscriber code, leaving the
|
|
3-4 digit pswd up to you. Much like trashing down at good old ma bell.
|
|
____________________________________________________________________________
|
|
|
|
Hacking Vax's & Unix by the Jolly Roger
|
|
|
|
Unix is a trademark of At&t (and you know what that means)
|
|
|
|
_______________________________________
|
|
In this article, we discuss the unix system that runs on
|
|
the various vax systems. If you are on another unix-type system, some
|
|
commands may differ, but since it is licenced to bell, they can't make many
|
|
changes.
|
|
_______________________________________
|
|
Hacking onto a unix system is very difficult, and in this case, we advise
|
|
having an inside source, if possible. The reason it is difficult to hack a
|
|
vax is this: Many vax, after you get a carrier from them, respond=>
|
|
Login:
|
|
They give you no chance to see what the login name format is. Most commonly
|
|
used are single words, under 8 digits, usually the person's name. There is
|
|
a way around this: Most vax have an acct. called 'suggest' for people to
|
|
use to make a suggestion to the system root terminal. This is usually watched
|
|
by the system operator, but at late he is probably at home sleeping or
|
|
screwing someone's brains out. So we can write a program to send at the
|
|
vax this type of a message:
|
|
A screen freeze (Cntrl-s), screen clear (system dependant), about 255
|
|
garbage characters, and then a command to create a login acct., after which
|
|
you clear the screen again, then unfreeze the terminal. What this does:
|
|
When the terminal is frozen, it keeps a buffer of what is sent. well, the
|
|
buffer is about 127 characters long. so you overflow it with trash, and then
|
|
you send a command line to create an acct. (System dependant). after this
|
|
you clear the buffer and screen again, then unfreeze the terminal. This is
|
|
a bad way to do it, and it is much nicer if you just send a command to
|
|
the terminal to shut the system down, or whatever you are after...
|
|
There is always, *Always* an acct. called root, the most powerful acct.
|
|
to be on, since it has all of the system files on it. If you hack your
|
|
way onto this one, then everything is easy from here on...
|
|
On the unix system, the abort key is the Cntrl-d key. watch how many times
|
|
you hit this, since it is also a way to log off the system!
|
|
A little about unix architechture: The root directory, called root, is
|
|
where the system resides. After this come a few 'sub' root directories,
|
|
usually to group things (stats here, priv stuff here, the user log here...).
|
|
Under this comes the superuser (the operator of the system), and then
|
|
finally the normal users. In the unix 'Shell' everything is treated the same.
|
|
By this we mean: You can access a program the same way you access a user
|
|
directory, and so on. The way the unix system was written, everything,
|
|
users included, are just programs belonging to the root directory. Those
|
|
of you who hacked onto the root, smile, since you can screw everything...
|
|
the main level (exec level) prompt on the unix system is the $, and if you
|
|
are on the root, you have a # (superuser prompt).
|
|
Ok, a few basics for the system... To see where you are, and what paths
|
|
are active in regards to your user account, then type
|
|
=> pwd
|
|
This shows your acct. seperated by a slash with another pathname (acct.),
|
|
possibly many times. To connect through to another path,
|
|
or many paths, you would type:
|
|
You=> path1/path2/path3
|
|
and then you are connected all the way from path1 to path3. You can
|
|
run the programs on all the paths you are connected to. If it does
|
|
not allow you to connect to a path, then you have insufficient privs, or
|
|
the path is closed and archived onto tape. You can run programs this way
|
|
also:
|
|
you=> path1/path2/path3/program-name
|
|
Unix treats everything as a program, and thus there a few commands to
|
|
learn...
|
|
To see what you have access to in the end path, type=>
|
|
ls
|
|
for list. this show the programs you can run. You can connect to
|
|
the root directory and run it's programs with=>
|
|
/root
|
|
By the way, most unix systems have their log file on the root, so you
|
|
can set up a watch on the file, waiting for people to log in and snatch their
|
|
password as it passes thru the file. To connect to a directory, use the
|
|
command:
|
|
=> cd pathname This allows you to do what you want
|
|
with that directory. You may be asked for a password, but this is a good
|
|
ay of finding other user names to hack onto.
|
|
The wildcard character in unix, if you want to search down a path for
|
|
a game or such, is the *.
|
|
=> ls /*
|
|
Should show you what you can access. The file types are the same as they
|
|
are on a dec, so refer to that section when examining file. To see what is
|
|
in a file, use the
|
|
=> pr
|
|
filename command, for print file.
|
|
We advise playing with pathnames to get the hang of the concept. There
|
|
is on-line help available on most systems with a 'help' or a '?'.
|
|
We advise you look thru the help files and pay attention to anything
|
|
they give you on pathnames, or the commands for the system.
|
|
You can, as a user, create or destroy directories on the tree beneath you.
|
|
This means that root can kill everything but root, and you can kill any
|
|
that are below you. These are the
|
|
=> mkdir pathname
|
|
=> rmdir pathname
|
|
commands.
|
|
Once again, you are not alone on the system... type=>
|
|
who
|
|
to see what other users are logged in to the system at the time. If you
|
|
want to talk to them=>
|
|
write username
|
|
Will allow you to chat at the same time, without having to worry
|
|
about the parser. To send mail to a user, say
|
|
=> mail
|
|
And enter the mail sub-system. To send a message to all the users
|
|
on the system, say
|
|
=> wall
|
|
Which stands for 'write all'. By the way, on a few systems,
|
|
all you have to do is hit the <return> key to end the message,
|
|
but on others you must hit the cntrl-d key.
|
|
To send a single message to a user, say
|
|
=> write username
|
|
this is very handy again! If you send the sequence of characters discussed
|
|
at the very beginning of this article, you can have the super-user terminal do
|
|
tricks for you again.
|
|
|
|
Privs:
|
|
If you want superuser privs, you can either log in as root, or edit your
|
|
acct. so it can say
|
|
=> su
|
|
this now gives you the # prompt, and allows you to completely by-pass the
|
|
protection. The wonderful security conscious developers at bell made it
|
|
very difficult to do much without privs, but once you have them, there
|
|
is absolutely nothing stopping you from doing anything you want to.
|
|
To bring down a unix system:
|
|
=> chdir /bin
|
|
=> rm *
|
|
this wipes out the pathname bin, where all the system maintenance files are.
|
|
Or try:
|
|
=> r -r
|
|
This recursively removes everything from the system except the remove
|
|
command itself.
|
|
Or try:
|
|
=> kill -1,1
|
|
=> sync
|
|
This wipes out the system devices from operation.
|
|
When you are finally sick and tired from hacking on the vax systems, just
|
|
hit your cntrl-d and repeat key, and you will eventually be logged out.
|
|
_______________________________________
|
|
The reason this file seems to be very sketchy is the fact that bell has 7
|
|
licenced versions of unix out in the public domain, and these commands are
|
|
those common to all of them. I recommend you hack onto the root or
|
|
bin directory, since they have the highest levels of privs, and there
|
|
is really not much you can do (except develop software) without them.
|
|
_______________________________________
|
|
|
|
|
|
|
|
|