Copy Link
Add to Bookmark
Report
hwa-hn03
[42:65:67:69:6E]-[28:63:29:31:39:39:38:20:68:77:61:20:73:74:65:76:65]
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
==========================================================================
= <=-[ HWA.hax0r.news ]-=> =
==========================================================================
¯`·>[=©HWA'99=]<·´¯ Number 3 Volume 1 Xmas Special'1998/99
==========================================================================
Sorry its late, there was some religious thing people were getting
all antsy about and THEN all this drunkenness and stuff started it was
quite strange really ... anyways here it is... - Cruci
sss
sssshoho
s ohohoho sss
s ooooooooooo AAs ss
(0) HHHH HHH WWW WW AAAAA ss
HH HH WW WW WW AA AA (o)
HHHHHHH WW WWWW WW AAAAAAAAA -
HH HH WWWWWWWWWW AA AA
HHHH HHH WWW WWW AAA AAA
-= H W A . H A X 0 R . N E W S C H R I S T M A S S P E C I A L =-
¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯
[] Which turned out to be the "New Years Special" but nevah mind []
kr4d!=31337
¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯
"I f*cking hate christmas, you know, its so fuc*ing commercialized
and I always get like f*cking cDc t-shirts and Linux CD's, it sux"
- BGates 12/17/98
¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯
"hope i can get this out before 1999... cripes its bigger than I
thought.. omigod its eating me ! arrgh get em off me get em off me!
uhm, anyway my apologies for the shabby layout of this issue, we were
all wasted on valerian root and ganesh sticks ...
- Ed (Slightly psychotic)
¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯
Synopsis
--------
The purpose of this list is to 'digest' current events of interest that
affect the online underground and netizens in general. This includes
coverage of general security issues, hacks, exploits, underground news
and anything else I think is worthy of a look see.
This list is NOT meant as a replacement for, nor to compete with, the
likes of publications such as CuD or PHRACK or with news sites such as
AntiOnline, the Hacker News Network (HNN) or mailing lists such as
BUGTRAQ or ISN nor could any other 'digest' of this type do so.
It *is* intended however, to compliment such material and provide a
reference to those who follow the culture by keeping tabs on as many
sources as possible and providing links to further info, its a labour
of love and will be continued for as long as I feel like it, i'm not
motivated by dollars or the illusion of fame, did you ever notice how
the most famous/infamous hackers are the ones that get caught? there's
a lot to be said for remaining just outside the circle... <g>
@HWA
¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯
OK. THATS AS CHRISTMASSY AS WE GET, 'NUFF SED AWK?
¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯`·¸¸·´¯
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
Welcome to HWA.hax0r.news ... #3
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
Issue #3 ( The super /<ick <\ss Christmas Special or some shit ) Plik!
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
"Captain, I am not a merry man"
- Lt.Cmndr Worf, STTNG
[*]====[ Issue 4 Volume 1 to be released on or about Jan 13th 1999]====[*]
------+--+----------------------------------------------------------------
Key Content
------+--+----------------------------------------------------------------
Keys: use the keys to search for start of each section rather than using
regular numbers ... this may change but dats the way its at now so tfs.
0.0 ... COPYRIGHTS
0.1 ... CONTACT INFORMATION & SNAIL MAIL DROP (UPDATED) ETC
0.2 ... SOURCES
0.3 ... THIS IS WHO WE ARE
0.4 ... WHAT'S IN A NAME? why `HWA.hax0r.news'?
0.5 ... Cruciphux's bio (h0h0 and its true, erhm mostly.) <G>
0.6 ... HWA FAQ V1.0
A.L ... Nothing. (Just put here to deliberately annoy people. -Ed.)
1.0 ... Greets (!?!?!?)
1.1 ... Last minute stuff, rumours, newsbytes, malebag
1.1a .. www.ehap.org: The ongoing war against Pedophilia on The Net.
1.1b .. ALERT!: Chinese Hackers Sentenced to Death, LoU preps for war.
1.1c .. HWA mirrors Keen Veracity, the LoU hacking e-zine
2.0 ... From the editor
2.1 ... Email and Commentary
2.2 ... Tron's death (Chaos Computer Club member)
2.3 ... Santa in the nude?
2.4 ... Remember the Hong Kong Blondes? cDc takes their leave.
3.0 ... Santa's Dox *** HHN Exclusive!
3.1 ... Remote Explorer hits MCI *HARD*
4.0 ... Latest Web Browser Exploits (UPDATED - READER RESPONSE)
4.1 ... Cyber Army's Present, the Anonymizer source!
4.2 ... Windows Trojans Update & The New Remote Explorer NT Scare
4.3 ... Fucking Hostile and HWA get jiggy wit it over issue #2
5.0 ... l33t d00dz - by Flaming Cow
5.1 ... Anti-Antionline?
5.2 ... Bikkle gets the Pickle?
6.0 ... The Christmas Hax0r Flood
6.1 ... Latest exploits & hacks (13th)
6.2 ... Think Twice before becoming a Hacker Attacker!
6.3 ... Hack Your Head Instead! xtc, exctasy, mdma, etc ...
7.0 ... Hacking IRC'98 : Part 2: Crashing Eggdrop bots
7.1 ... Hacked Websites (Zillions of em!!)
A.0 ... APPENDICES
A.1 ... PHACVW linx and references (Xm4s Special Edition)
------+--+----------------------------------------------------------------
@HWA'98/99
0.0 (C) COPYRIGHT, (K)OPYWRONG, COPYLEFT? V2.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Important semi-legalese and license to redistribute:
YOU MAY DISTRIBUTE THIS ZINE WITHOUT PERMISSION FROM MYSELF
AND ARE GRANTED THE RIGHT TO QUOTE ME OR THE CONTENTS OF THE
ZINE SO LONG AS Cruciphux AND HWA.hax0r.news ARE MENTIONED IN
YOUR WRITING. LINK'S ARE NOT NECESSARY OR EXPECTED BUT ARE
APPRECIATED the current link is http://welcome.to/HWA.hax0r.news
IT IS NOT MY INTENTION TO VIOLATE ANYONE'S COPYRIGHTS OR BREAK
ANY NETIQUETTE IN ANY WAY IF YOU FEEL I'VE DONE THAT PLEASE EMAIL
ME PRIVATELY current email cruciphux@dok.org
THIS DOES NOT CONSTITUTE ANY LEGAL RIGHTS, IN THIS COUNTRY ALL
WORKS ARE (C) AS SOON AS COMMITTED TO PAPER OR DISK, IF ORIGINAL
THE LAYOUT AND COMMENTARIES ARE THEREFORE (C) WHICH MEANS:
I RETAIN ALL RIGHTS, BUT I GIVE YOU THE RIGHT TO READ, QUOTE
AND REDISTRIBUTE. - EoD
Although this file and all future issues are now copyright, some of
the content however holds its own copyright and these are printed and
respected. News is news so i'll print any and all news but will quote
sources when the source is known, if its good enough for CNN its good
enough for me. And i'm doing it for free on my own time so pfffft. :)
No monies are made or sought through the distribution of this material.
If you have a problem or concern email me and we'll discuss it.
cruciphux@dok.org
Cruciphux [C*:.]
0.1 CONTACT INFORMATION AND MAIL DROP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wahoo, we now have a mail-drop, if you are outside of the U.S.A or
Canada / North America (hell even if you are inside ..) and wish to
send printed matter like newspaper clippings a subscription to your
cool foreign hacking zine or photos, small non-explosive packages
or sensitive information etc etc well, now you can. (w00t)
Send all goodies to:
HWA NEWS
P.O BOX 44118
370 MAIN ST. NORTH
BRAMPTON, ONTARIO
CANADA
L6V 4H5
Don't bother staking it out it gets forwarded elsewhere from there
and others pick up the mail ;-)
Our email remains:
Submissions/zine gossip.....: hwa@press.usmc.net
Private email to editor.....: cruciphux@mobsters.com (* changing soon)
Distribution/Website........: sas72@usa.net
Phone number................: hahahaha uhm, no. maybe later thanks.
Fax.........................: see above.
Celfone?....................: Scan for it. the opto
Uhm pager? .................: no. Stop that! ^G
VMB.........................: How to irritate people w/John Cleese was on last
night, a jolly good shew no matter how often you've
seen it.
System fail much? ..........: Not usually no, hrm lemme see
12:10AM up 2 days, 11:49, 2 users, load averages: 0.04, 0.02, 0.00
12:20am up 1 day, 21:41h, 2 users, load average: 0.07, 0.13, 0.25
<snip>
Guh. oh ya, installed more hardware forgot .. bah. owell. ;-)
<snip>
@HWA'98
0.2 Sources ***
~~~~~~~~~~~
Sources can be some, all, or none of the following (by no means complete
nor listed in any degree of importance) Unless otherwise noted, like msgs
from lists or news from other sites, articles and information is compiled
and or sourced by Cruciphux no copyright claimed.
HiR:Hackers Information Report... http://axon.jccc.net/hir/
News & I/O zine ................. http://www.antionline.com/
News/Hacker site................. http://www.bikkel.com/~demoniz/
News (New site unconfirmed).......http://cnewz98.hypermart.net/
Back Orifice/cDc..................http://www.cultdeadcow.com/
News site (HNN/l0pht),............http://www.hackernews.com/
Help Net Security.................http://help.ims.hr
News,Advisories,++ ...............http://www.l0pht.com/
NewsTrolls (HNN)..................http://www.newstrolls.com/
News + Exploit archive ...........http://www.rootshell.com/beta/news.html
CuD ..............................http://www.soci.niu.edu/~cudigest
News site+........................http://www.zdnet.com/
+Various mailing lists and some newsgroups, such as ...
http://www.the-project.org/ .. IRC list/admin archives
http://www.anchordesk.com/ .. Jesse Berst's AnchorDesk
alt.hackers.malicious
alt.hackers
alt.2600
BUGTRAQ
ISN security mailing list
ntbugtraq
<+others>
NEWS Agencies, News search engines etc:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.cnn.com/SEARCH/
http://www.foxnews.com/search/cgi-bin/search.cgi?query=cracker&days=0&wires=0&startwire=0
http://www.news.com/Searching/Results/1,18,1,00.html?querystr=cracker
http://www.ottawacitizen.com/business/
http://search.yahoo.com.sg/search/news_sg?p=cracker
http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=cracker
http://www.zdnet.com/zdtv/cybercrime/
http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column)
NOTE: See section 9.0 for more details on links.
Referenced news links
~~~~~~~~~~~~~~~~~~~~~
http://www.ottawacitizen.com/business/981211/2093909.html
http://www.zdnet.com/zdnn/stories/news/0,4586,2175287,00.html
http://www.zdnet.com/zdtv/cybercrime/features/story/0,3700,2175248,00.html
http://www.3xt.net/justin/ Another Agent Steal home page(?):
Submissions/Hints/Tips/Etc
~~~~~~~~~~~~~~~~~~~~~~~~~~
All submissions that are `published' are printed with the credits
you provide, if no response is received by a week or two it is assumed
that you don't care wether the article/email is to be used in an issue
or not and may be used at my discretion.
Looking for:
Good news sites that are not already listed here OR on the HNN affiliates
page at http://www.hackernews.com/affiliates.html
Magazines (complete or just the articles) of breaking sekurity or hacker
activity in your region, this includes telephone phraud and any other
technological use, abuse hole or cool thingy. ;-) cut em out and send it
to the drop box. Hell even a postcard would be cool, i'll scan em in and
stick em in a postcard section on the site heh. I like mail. It is your
friend. Spammers will be bumfucked by my pet doberman though. Or digitally
destroyed. so be warned. <sic>
- Ed
@HWA'98
0.3 THIS IS WHO WE ARE
~~~~~~~~~~~~~~~~~~
The only two people you need to know about at this time are sAs72
who does website maintenance and Cruciphux who does editorial.
sas72@usa.net ............. currently active
cruciphux@dok.org.......... currently active
* Formerly "Who am we?" otherwise unchanged since last issue.
see the mini-bio on Cruciphux (next article) this issue (#3)
Who cares? (Version 2.0)
~~~~~~~~~~~~~~~~~~~~~~~~~
Revised Xmas 98
~~~~~~~~~~~~~~~
I do NOT work for the government in any shape or form other than
paying uh some of my erhm taxes...well most of it but fuck you
you don't need to know that. <sic>
Ok i'm still a noone and a nobody, but yeah I *was* a hacker, been
a cracker, ran a warez board (and a PD board) done some phone phun
etc .. but all in my teens and i've since started wearing a "white
hat" (but it has little grey specks on it I must admit) and I am in
no way a "master hacker/phreaker" not "leet". I'm just me, take it or
leave it, didn't want it, didn't need it, been there, done that ...
you guys have the reigns now and i'm deadly curious as to what you're
doing with them. Hell mail me for advice and shit if you want, i'll
help if I can. I'll respond to all verifiable emails. Maybe even some
aol.com's. <heh> I hear there's a new movie out "You've got burned!"
or something? sounds cool gotta check that out...
If you're really curious and have "mad sk1llz" you prolly know who I
am or could find out if you care so much, bfd. I've nothing to hide
go ahead, it might be fun. ;-) just don't come to my house to rag on
my ass coz badness may reign down upon you,and I have some heavyweight
friends <grin who doesnt you ask?> well we all die sometime if you
wanna go early, fine by me. <sic>
Version 1.0
~~~~~~~~~~~
I am noone, a nobody, I am not a phed or a narq, I could be you. I do
this for myself and some friends, you get something out of it too?
'whump, there it is'. Thats all there is to it, nothing more, Neither
am I a "hax0r" or a "cracker" and hell if I were, you think i'd
broadcast it all over some crummy news sheet? heh, get over it, this
is meant to be a fun read, nothing more, so get reading. and if you ain't
smiling, you're taking things much too seriously. Keep hacking and stay
free ... w00t.
C*:.
"Daddy. what does regret mean?"
"Well son, the funny thing about regret is, that its better to regret
something you HAVE done, than to regret something that you HAVEN'T
done, oh and by the way if you see your mom this weekend tell her
... NFR!!!!"
- Orbital <slightly modified quote>
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
0.4 Whats in a name? why HWA.hax0r.news??
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Well what does HWA stand for? never mind if you ever find out I may
have to get those hax0rs from 'Hackers' or the Pretorians after you.
In case you couldn't figure it out hax0r is "new skewl" and although
it is laughed at, shunned, or even pidgeon holed with those 'dumb
leet (l33t?) dewds' <see article later in this issue) this is the state
of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you up
and comers, i'd highly recommend you get that book. Its almost like
buying a clue. Anyway..on with the show .. - Editorial staff
0.5 Cruciphux's bio.¥ Dec 1998
~~~~~~~~~~~~~~~~~~~~~~~~~~
Part i: The basic shit
~~~~~~~~~~~~~~~~~~~~~~
Ok since so many people already tried hacking certain systems and
checked the phederal databases and tried to match my writing stylie
to other ppl i'll come clean with a little bit of 411 on my dox. k?
Time of birth......: Between 1964 and 1974 around 8:30am, I'm a Leo
Where..............: Great Britain (Or UK, England, whatever)
Why? ..............: Accidental, just sorta happened they didn't have
good condomz back then.
Are you a b4st3rd?..:Yes but not in the sense of birthright
Schooling?, uni etc?:Fuck schools, i'm self taught my teachers sucked.
Vitals:
Age...........: 16-36 Mentally:depends on context and day of
week: 12-52 (yeah thats in yrs smart ass..) ;)
Pyschological
profile.......: My phile is smaller than a phone book but bigger
than a 2600 mag
Thoughts on life..:"You're cold a very long time so be hot while you can"
Favourite quote...:"If you where any more full of shit you would have an
extra arsehole!" - Myself
Hardware owned: (Physically, partial list)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Commodore stuph (hey I was a kid, Wargames was da b0mb etc)
Vic-20, C16, C64, B128, C128, Amiga 500, Amiga 1000, Amiga 2000
IBM Clone XT, AT, 386, 486, AMD 5x86, Cyrix 6x86 150mhz
W00ten Asteroids arrived at the pinball arcade/bowling alley!!
guess who got to be the Asteroids king? hahaha prolly the last
year I ever really 'played' games, started writing em then got
bored with that real quick.. anyways ..
None of this stuph stayed stock for long, used to have the machines
(c64<>*128) etc nullmodemed together with a bogus kinda 'lan' thingy
that run in interpreter C= mode heh hell I remember paying $950
for a 7 meg (seven megabytes) HD for my C64 bbs and thought I kicked
ass. Oh yah I've run various bbs'es and even wrote one for the C=
machines INCLUDING the Vic-20 , someone said it couldn't be done so
i just HAD to prove the fuqr wrong. <g> NEC-V20 chips anyone?
Thats it. I had way more but that would be secret, hardware is kinda
like sex the more you have the more people know about you etc ..
;-)
Wierd machines: IBM RS6000, Ohio Scientific multi-processor 6502
Atari 2600, Coleco Adam, TI thingy, IBM wierdness from some bank
etc .. the Ohio Scientific was interesting, nice 17" hd in there
and all the patients records were still on it... hrm. bing! ^G
=EoF
=null pointer assignment
Part ii: Computers 0wn3d: (the other kind of leasing to 0wn)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*********************************************************************
* Disclaimer: *
* ---------- *
* All illegal activities on my part ended on 11:59pm of the date *
* of <insert your countries statute of limitations for minors here>.*
*********************************************************************
Uhm, well mostly .edu, some .gov two .mil, Motorolla, oh and I had
mad fun with Northern Telecom. this is all pre-1989 and thats all
i'm saying on this matter. I did NO damage at any time to any hw or
sw on any of the systems i entered.
Phone systems? (cool aren't they?)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Good for making fone calls with and confs, carding? not into it but
at least one of my friends went to juvi for in excess of $250k in
cc phraud. Several visits to dumb friends by security types got me
bored in confs pretty quick, much more interesting things to do and
see, especially now with cell and digital phones etc QSL?
Q: Do you have any hints for anyone? A:yes. and here they are:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Depending on your goals if you want to survive as a person of some
repute AND be active then good luck. Meanwhile as an ethical hacker
<coff> or security professional <sneeze> take these rules to heart
and memorize them, they're good, I wrote em. ;)
<grin>
note to self: stop smiling and grinning and shit so much
self: fuck u thats me,live with it
note to self: fine. see if I care.
POP QUIZ !
~~~~~~~~~~
Section 1
Q: Do you think you know what you are doing?
A: Yes - See rules #1, #2 and #3 (thats ALL of them for you AOL'ers)
Section 2
Q: Do you KNOW what you are doing?
A: See rules #2 and #3 but think about #1
Section 3
Q: Did you answer yes to #2 buy feel a tinge of guilt, fear, terror
or feel high? or a tingling in the thumbs or back of the neck?
A: You're lying. Start again or go to bed and come back tomorrow.
oh, and stop lying!
THE RULES
~~~~~~~~~
Rule #1: If its illegal and you're over <insert age> don't do it!!
Rule #2, Don't get caught!! <I didn't tell you to do it either!>
Rule #3. Did it and got away with it? well then wOOp for you, now
keep your fucking mouth SHUT noone likes or even believes
a braggart many people have been where you are now, its what
you do NEXT that counts the most
What do I do next?
That depends, perhaps in a future article ....
Q: Any parting comments? A: Yes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Have a safe and happy whatever this December.
oh, and read the article on by xd0pEr in section 6.3
possibly also check out the cool pyschologicl profile of a hacker
engine (work in progress) at hrm forget the url, will look it up.
Q: Did you interview yourself for this 'bit' ??
A: These bytes you mean?, perhaps some of it but noone was looking...
Now piss off. ;-)
C*:.'98
@HWA
0.6 HWA FAQ v0.1 Dec 31st 1998/1999
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Q: Who the hell is Ed? I see - Ed. *EVERYWHERE* who is he/she!?!?!
A: We checked this issue out and indeed Ed is everywhere, people are
currently looking for this person coz noone can possibly be every
where at the same time, unless .. they are, could it be? gh0d???
Q: WTF is @HWA a copyright notice?
A: No. @HWA and @HWA'98 does not denote (c) 1998 its just a cool 'end of
article marker' thingy like some real mags have (Boot, now MaximumPC
Sysadmin etc ...) however the newsletter IS (c) 1998/1999 so pfft.
Q: Are you a girl or a guy?
A: NFC
Q: Are you gay?
A: None of your business, fuck off. I *am* happy however.
Q: What does AAM, EoF, EoD,NFC, NFR, PHAC, P/H/A/C/CC/CT/G/V/W, Plik!
and etc mean??
A: Check out your favourite search engine and do a search for those terms
like "phac meaning" etc (If you're from AOL remove the quotation marks
when you type that in, those are the two little dot things that seem to
hang in the air above letters, they look like skydiving sperm)
Some of the stuff related to personal useage and use in this zine are
listed below: Some are very useful, others attempt to deny the any possible
attempts at eschewing obfuscation by obsucuring their actual definitions.
!= - Mathematical notation "is not equal to" or "does not equal"
ASC(247) "wavey equals" sign means "almost equal" to. If written
an =/= (equals sign with a slash thru it) also means !=, =< is Equal
to or less than and => is equal to or greater than (etc, this aint
fucking grade school, cripes, don't believe I just typed all that..)
AAM - Ask a minor (someone under age of adulthood, usually <16, <18 or <21)
*AOL - A great deal of people that got ripped off for net access by a huge
clueless isp with seckurity that you can drive buses through, we're
not talking Kung-Fu being no good here, Buy-A-Kloo maybe?
EoC - End of Commentary
EoA - End of Article
EoF - End of file
EoD - End of diatribe (AOL'ers: look it up)
CC - Credit Card phraud
CCC - Chaos Computer Club (Germany)
NFC - Depends on context: No Further Comment or No Fucking Comment
NFR - Network Flight Recorder (Do a websearch)
PHAC - And variations of same <coff>
Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare
Alternates: H - hacking, hacktivist
C - Cracking <software>
C - Cracking <systems hacking>
W - Warfare <cyberwarfare usually as in Jihad>
CT - Cyber Terrorism
TBC - To Be Continued also 2bc (usueally followed by ellipses...) :)
TBA - To Be Arranged/To Be Announced also 2ba
A.L AOL. "We're better than a shoe up the arse from Henry Rollins!" - Steve Case
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AOL has even sparked a new movie along the lines of 'Sleepless in Seatle' or
was it 'Where Eagles Dare'? hrm.. anyway its called 'You should bail!' and
infers that everyone on AOL are morons and should dump AOL for a real ISP.
Be sure to check it out at your local theatres now (or soon). - Ed <- look
there the fuqr is again!
AOL - The Angry Overpriced Lamer network is one of the worlds largest
networks next to the one in my room, and runs of millions of
.007 BogoMIP 8086's with Nec V20 mods. But seriously check out
this url to see why you are being screwed:
<BeG> - Big evil grin
<bg> - Big Grin
Figure the rest out amongst yourselves, 'hack' the answer or try socialing
it out of someone on #hackphreak or #hax* etc ... (#irchelp works too)
http://www.aolsucks.com/ Why AOL sucks. Damn Good informative site.
it made ME drop MY 9e99 hacked accounts immediately <hahaha> no not
really. AOL is lame period.
Small excerpt from the site:
{
America Online - Your Security
America Online's service, designed originally to handle about 30,000 users, is now
serving millions. As a result, many of its flaws are coming out into the open -- one
of the most prominent has been AOL's almost nonexistant security. In this mirror
of the original AOL Security site, find out how it is that the AOL hacker
community knows more about the service than AOL itself.
AOL: A Spammer's Paradise
Virtually every AOL member wages a day-to-day battle with unsolicited
commercial junk mail. Is AOL doing all it can to stop its flow? Not a chance.
AOL equips its users with nearly useless mail filtering options which do nothing but
make spammers get a new domain name every day. In the process, AOL has
made it easier and easier for spammers to build junk mail lists, and has done
nothing to stop that "harvesting" beyond making it a TOS violation.
}
(TOS = terms of service - Ed)
EoA
TBC...
@HWA'99
0.7 Inspirations and turn ons / turn offs for 1998
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Inspirations / turn ons etc:
Official drink is .......... Coke Classic (obviously not Jolt)
Best album release ......... Celebrity Skin/Hole
Best music of the year ..... 'I think i'm Paranoid'/Garbage
'Pure Morning'/Placebo
'Dragula'/Rob Zombie
'Don't like the drugs..'/Marilyn Manson
Joke of the year............. "The Apple Imac"
`Turn ons':
~~~~~~~~~~~
Videos ..................... Pure Morning/Placebo
*!*@/Bif
*!*@/Hole
Garbage
Dragula/Rob Zombie
Dope Show/Marilyn Manson
Sparkle and Shine/Econoline Crush
IRC network ................ Eris Free net (EFnet)
TV ......................... Cable 87 (Rogers) ;-)
Matrix
7 Days
X-Files
The Net
vR.5
Fromage98 (and it isn't even on yet)
Movies ..................... X-files (Wow! a long episode)
Star Trek: Insurrection
Hacktivist Group ........... Zapatista's
Hacker ..................... Kevin Mitnick
Corporation ................ BMG (http://www.bmg.com/) nice site too.
godmart (Sandles, staffs Connection Machines etc)
"mega is just a short form for megamanic I guess" - Eatons Ad
`Turn offs':
~~~~~~~~~~~~
Videos ..................... Dunno, don't watch shit videos, only good ones.
.
IRC network ................ Uhm you know the one(s)
TV.......................... TV , just turn it off period.
Millennium, X-Files etc suck now most times
they can't stick to a story, think they have
ADHD.. hrm.
CNN (Ya nice war dickweeds)
Fromage98 (and it isn't even on yet)
Movies ..................... X-files (Wow! a long episode)
Star Trek: Insurrection
Hacktivist Group ........... Zapatista's
Hacker ..................... NFC
Corporation ................ Go on take a guess. hrm lessee there are so
many of em... Mircosloth and AOL will do tho.
NFC ........................ Bill Clinton's predickament
War on Iraq the sequel Desert Fox (Desert fox off)
Bombing Civilians
@HWA
1.0 Greets!?!?! yeah greets! w0w huh. - Ed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks to all in the community for their support and interest but i'd
like to see more reader input, help me out here, whats good, what sucks
etc, not that I guarantee i'll take any notice mind you, but send in
your thoughts anyway.
Special shoutouts to:
* Kevin Mitnick (what can I say? hang in there man.)
* demoniz
* The l0pht crew
* Weld Pond
* Ken Williams
* Dicentra
* Pyra
* Vexxation
* FProphet
* TP
* The NeMstah Meistah
* sAs72
* R.Stevens (hi, nice house Robby!!)
* V.D
* D.B
* all the people who sent in cool emails and support
* Me, myself and I and everyone who reads this for whatever reasons.
+ http://www.l0pht.com/
+ http://www.2600.com/
+ http://www.legions.org/
+ http://www.genocide2600.com/
+ http://www.hackernews.com/ (Went online same time we started issue 1!)
Prolly more next time. ;-) have to get ppl's ok first <grin> you know
who you are fuqrz. heh. PliK!
Fuck off's to: Those certain turn-coats and double dealing scumbags,
you know who you are and what goes 'round comes round. Hi Jay! wtf
you doing reading this?? fuck off!
"I f*c!<ing hate krad l33t sp3ak and b4nners but wtf its kinda fun"
- Anonymous
Well seems some of my friends like what i'm doing and are offering some
of their resources to help things along, some server space new emails and
a place to try out stuff on our local lan safely and uh legally <g> will
now be easier and more fun. Hell we even have a PoBOX snail mail address
that has been graciously 'donated' to us, so send in those post cards and
photos of your leet xmas private h0h0 con's etc ... ;-)
See section 0.4 for our mail drop.
@HWA'98/99
1.1 Last minute stuff, rumours and newsbytes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+++ Keen Veracity has released issue #6, check it out
I got mine from a site off the main page at Bikkel,
it wasn't available on the site listed and LoU is
renovating so ...
Come get it here:
http://members.tripod.com/~hwa_2k/keen.html
+++ From 100% Pure Bikkel:
Hacker gets hacked
update by demoniz at Dec 28 , 12:25 CET
LoRD OaK, the 'hacker' who defaced CyberArmy recently tries to keep
the dispute between him and the webmaster of CyberArmy alive. He
wrote 100 % Pure Bikkel: "I donno if it matters or not, but if you go
to cyberarmy's webpage, it says the source was being "handed out" by
someone. That someone is me and the webpage it was located at is
www.confine.com under CGI-Warez. Also their script was already
copyrighted and it is the EXACTLY the same script like word for word."
No script at Confine.com, but a hacked site. One who hacks, gets
hacked.
Archive of the site is available at http://hacknews.bikkel.com/
** Confine Web site http://www.confine.com
** When I tried reaching this site on the 28th at 12:01 EST it
was unreachable - Ed
Text reads (formatting not preserved, see Bikkel's archive):
" Milw0rm, this site was hacked f0r a reas0n. One 0f are small
time friends n0t stating any names was hacked by a s0 called l0rd
0ak. the wrath will be felt. give sh0t 0uts to all my br0ther's in
milw0rm and als0 t0 kingdem0ni0
hacked by milw0rm J.C."
** 01:00am EST Friday i'm too busy. & a tad tired, so threw the rest
of the zine together at the last minute as usual and tossed it up
on the web. See you on the 13th... now to send the word out..
and back to work on issue #4 <bg>
@HWA'98
1.1a WWW.EHAP.ORG
~~~~~~~~~~~~
EHAP stands for Ethical Hackers Against Pedophilia. Watch for a
feature article on this organization in an upcoming issue. I just
wanted to put this in this issue coz while some people are sitting
around the xmas tree opening prezzies that santa left them, somewhere
someone is being buggered or sodomized. That act is then being
photographed, scanned and spread on the net. This must be stopped.
And EHAP has some ideas on how to do just that. - Ed
From http://www.ehap.org main page December 31st 1998:
12.02.98 Japan criticized for slack policing of Internet CP
December 02, 1998
TOKYO -- Hundreds of pornographic images of children flood
Internet sites with addresses ending in "jp." It's a tip-off that they
originate in Japan -- and that there is basically nothing officials can
do about it. With no laws explicitly banning child pornography, Japan
has acquired the dubious distinction of being the global leader in the
fast-growing Internet child pornography business. Japanese police
say there are about 1,200 commercial child pornography Internet
sites in Japan. Some feature photos of children from Japan, others
of Southeast Asian children. Keiji Goto, a senior official at the
National Police Agency, said police are frustrated by cases in which
they identified the source of a pornographic site but were unable to
take further action.
Full story:
http://detnews.com/1998/technology/9812/02/12020238.htm
1.1b CHINESE HACKERS/CRACKERS GET DEATH SENTENCE!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
December 28th 8:55am PST
Story sourced from:: Wired News
http://www.wired.com/news/news/email/explode-infobeat/politics/story/17039.html
CHINESE CRACKERS GET DEATH SENTENCE
Editor Comments:
Just picked this up by Wired News ... not a nice story for this "xmas
special" Is this what the world is coming to? some countries don't fuck
around with ANY sort of anti-government sentiment, this is a classic example
especially to 'the newbie contingent' to be damn sure you KNOW WHAT YOU'RE
GETTING YOURSELF INTO and be sure to cover your ass/tracks or you may get
something pushed up there, or even worse, be terminated
<bang><bang<bang>
USERS TERMINATED BY FOREIGN HOST
The Story:
Chinese Crackers Get Death (Reuters 8:55 a.m. 28.Dec.98.PST)
SHANGHAI, China -- Two crackers who broke into a bank computer network
and stole 260,000 yuan (US$31,400) have been sentenced to death by a court
in eastern China, the official Wenhui Daily said on Monday.
Hao Jinglong, formerly an accountant at the Zhenjiang branch of the
Industrial and Commercial Bank of China, was condemned to death, as was his
brother, Hao Jingwen, the newspaper said. The Yangzhou Intermediate Court
in Jiangsu province also confiscated 40,000 yuan from Hao.
The two opened 16 accounts under various names in a branch of the bank in
September and later broke into the branch to install a controlling device
in a bank computer terminal, the newspaper said.
They used the device to electronically wire 720,000 yuan in non-existent
deposits into the bank accounts. Afterward, they successfully withdrew
260,000 yuan from eight different branches of the bank, the newspaper
said.
All the money has since been recovered, the newspaper said, without giving
further details.
Copyright© 1998 Reuters Limited.
[EoA-1]
Source: http://www.humanrights-china.org/
Contrib: Ed
Two sentenced for subverting state
Author: <unknown>
THE Chinese courts yesterday sentenced two men convicted of subverting
state power to 13 and 11 years in prison respectively. Xu Wenli, a
Beijing resident, and Wang Youcai, of East China's Zhejiang Province,
also received a three-year deprivation of their political rights from
the Beijing No 1 Intermediate People's Court and the Intermediate
People's Court of Hangzhou, capital of Zhejiang.
Both Xu and Wang previously served prison terms in China.
In an open trial yesterday, the Beijing No 1 Intermediate People's Court
found that in November this year, with the purpose of subverting state
power, Xu secretly planned the founding of the so-called "Beijing and
Tianjin Regional Party Committee of the China Democratic Party,"
formulated this illicit organization's constitution, and served as its
chairman.
The court also found that Xu made efforts to recruit party members,
planned to convene a national party congress, and sought and accepted
funds from some hostile overseas organizations in order to organize, plan
and conduct subversive activities.
It was also proven by court investigation that from November 1997 to April
1998, Xu used various means to stir up subversive activities. After hearing
opinions from the prosecutors and the defence, the court ruled that in
accordance with relevant stipulations in China's Criminal Law, Xu's
activities constituted the crime of subverting state power, and he should
be punished according to law as both a principal element in the case and a
recidivist.
In an open trial in Zhejiang, the Intermediate People's Court of Hangzhou
found that in June this year, with the purpose of subverting state power,
Wang secretly planned to found an illicit organization called the "China
Democratic Party," formed a "Zhejiang Preparatory Committee for the China
Democratic Party," and formulated a party constitution and a declaration.
The court also found that in order to organize, plan and conduct subversive
activities, Wang contacted some hostile overseas organizations, from which
he sought and accepted financial support.
After hearing the opinions of the prosecutors and the defence, the court
ruled that in accordance with relevant stipulations in China's Criminal Law
Wang's activities constituted the crime of subverting state power, that the
crime was severe, and that he should also be punished as a recidivist.
Xu and Wang families and people from various walks of life attended yesterday's
court hearings. (Xinhua)
Date: 12/22/98
Author:
Copyright© by China Daily
[EoA-2]
1.1b LoU declares war ,,,just do it right guys.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
" War declared on China and Iraq "
contributed by Legion of the Underground
In a very heated and emotional discussion Legion of the
Underground declared cyber-war on the information
infrastructure of China and Iraq last night. They cited
severe civil rights abuses by the governments of both
countries as well as the recent sentencing to death of
two bank robbers in China and the production of
weapons of mass destruction by Iraq as the reasons for
their outrage.
Quoting from the Declaration of Independence about the
right of the people to govern themselves and stating
that the US government will probably stand idly by while
these atrocities happen in other countries the Legion of
the Underground called for the complete destruction of
all computer systems in China and Iraq.
"The Government controls what goes into our mouths
lets not let them do the same with what comes out!"
said one LoU member during a press conference held on
IRC Monday night.
LoU mentioned that they may seek out assistance in
their war from the Hong Kong Blondes. The HKBs are a
well known group attempting to cause mayhem on
China's internetworks from within the Iron Curtain. The
HKBs where trained and assisted, until recently, by the
infamous Cult of the Dead Cow hacking group.
Legion of Underground gained previous notoriety back in
October for defacing the Chinese Human Rights web site
a day after it went online.
Legions of the Underground
CNN - article on bank robbers sentenced to death
http://www.cnn.com/WORLD/asiapcf/9812/28/BC-CHINA-HACKERS.reut/
[EoA-3]
Read the Wired News coverage its better but here's part of CNN's
Reuters blurb:
China sentences hackers to death for
bank theft
December 28, 1998
Web posted at: 3:09 AM EST (0809 GMT)
SHANGHAI, China (Reuters) -- Two hackers who broke into a bank
computer network and stole 260,000 yuan (31,400) have been sentenced to
death by a court in eastern China, the official Wenhui Daily said on Monday.
...
They used the device to electronically wire 720,000 yuan in non-existent
deposits into the bank accounts. Afterwards, they successfully withdrew
260,000 yuan from eight different branches of the bank, the newspaper said.
...
Copyright 1998 Reuters. All rights reserved.
** "This material may not be published, broadcast, rewritten, or redistributed"
[DoA-2]
** ok, i'll just note some of it then ... - Ed ;-)
HWA Comments:
~~~~~~~~~~~~~
Great fun, glad i'm not living in China, give these fuckers some shit guys!
take the damn infrastructure down. We can NOT let this sort of thing go on
Kevin Mitnick gets 3yrs with no trial and China is fucking killing people,
this is now open cyber-war. Thats what they want?, thats what they're going
to get.
Prepare for armageddon. Is an electonic world war imminent?
- Ed
http://www.humanrights-china.org/
@ HWA'98
1.1c HWA Mirrors Keen Veracity
~~~~~~~~~~~~~~~~~~~~~~~~~
The site had me going for a bit there, most amusing, we thought you'd been
hacked for like 25ms, anyways theres an insiduous hack for you, put that on
a real hacked page and ppl will think ah, sysadmin's just having some fun..
hrm. And my Santa's Credit Report section is from a real cc report too. :)
http://members.tripod.com/~hwa_2k/keen.html
Jan 1st 1999
~~~~~~~~~~~~
http://www.legions.org/
The LoU site greeted users with the following screen:
<snip>
Welcome
to the Legions of assistance for Sick, and disfunctional children. We are currently working side by side with the Feed the Children Foundation aswell as The
Childrens Hospital Network. Our site is under construction. Please check back soon...
Please visit one of our Sponsors: Childrens Hospital Feed the Children
We are a non-profit organization
Read the source, and you shall be FREE!
<snip>
With links to
http://www.childrenshospital.org/
http://www.feedthechildren.org/
The relevant section in the source was this:
<!---this is actually a ploy. Legions is here and still in effect, and
as soon as we finish our new site we'll be back at ya.. LoU--->
FYI "<!--" is a comment line that most browsers not still in the stoneage
recognize as a 'hide this text' tag. - Ed
@HWA'99
2.0 From the editor:
~~~~~~~~~~~~~~~
START
~~~~~
This file is much too big and sort of wanders around a bit, sorry
about this i've been gathering info as per usual and sometimes its
difficult to 'hold on' to some material for later release. Anyway
I hope you enjoy this issue, and bear with us while we try and get
things organized into an effective well tweaked digest.
Oh ya, happy new year... and best of whatever you celebrate to those
celebrating this December. I know Orthodox Macedonian Christians
celebrate on Jan 7th as the birth of Christ since they use a different
calendar but there I go wandering again, its late, or early and time
to shut this baby down. ttys... next issue Jan 13th 1999. l8z.
- Ed
Congrats, thanks, articles, news submissions and kudos to us at the
main address: hwa@press.usmc.net complaints and all nastygrams and
mailbombs can go to /dev/nul nukes, synfloods and smurfs to 127.0.0.1
danke.
C*:.
@HWA'98/99
2.1 Email and commentary
~~~~~~~~~~~~~~~~~~~~
<deleted> Time constraints, its a 'special' y'know ... - Ed
2.2 Update on the death of Tron of the Chaos Computing Club (Germany)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is very old and tragic news but we have been waiting for the
"official" results of the CCC's investigation to be released before
getting into any real detail on this topic. Tron was one the best
and most respected hackers in Europe.
Wired has this story:
Source: Wired News Site
Author: David Hudson
Email :dwh@berlin.snafu.de
Contrib: Ed
Berlin Prepares for Chaos
by David Hudson
3:00 a.m. 24.Dec.98.PST
BERLIN -- When Germany's legendary Chaos Computer Club convenes here
on Sunday for its 15th Congress, the atmosphere may be more emotionally
charged than it has been in years.
The CCC's annual meeting between Christmas and the new year has been a
holiday tradition since the early 1980s, when hackers and hobbyists
would show up to trade tips and passwords. Last year, over 1,500
converged on a humble school building in Hamburg for three days of hacking
workshops, and lectures on topics ranging from lockpicking to social
engineering to the history of German Net culture.
Late in October, however, one of the CCC's most accomplished hackers,
Boris Floricic, who had taken the name Tron, was found dead, hanging from a
belt strung from a tree in a Berlin park. He was 26.
(This sounds like auto-erotic asphyixiation to me but that could be
staged and the Police would know this too... - Ed )
The mysterious and as yet unsolved case is eerily reminiscent of the death
of another CCC associate, Karl Koch, nearly 10 years ago. Indeed, Berlin
police were quick to call Tron's death a suicide, as Koch's had been. But
the CCC, as well as Tron's family and friends, have vehemently denied that
suicide was even remotely in his nature.
Unlike Koch, Tron was not only a well-balanced personality but also a
brilliant hacker. He was the first European to hack phone cards so that
they could be used freely and forever, and had figured out a way to make
ISDN phone calls tap-proof.
"Often, he was the focus of attention," remembers Heinrich Seeger, a
Hamburg journalist who has covered many CCC congresses. "I guess one of
the reasons for that, aside from his undebatable genius and expertise,
were his good looks and his charm, which made him stand out."
Despite ruling the death a suicide, Berlin police have assigned eight
officers to investigate, noting more than a few oddities about the case.
Although Tron appeared to have hanged himself, for example, his feet were
firmly on the ground. German newspaper and television reports have suggested
that considering the potential value of Tron's knowledge of smartcards and
telephony, organized crime may have been involved.
Two hours are slotted on the very first evening of this year's CCC Congress
for a presentation of what is known about the case, as well as a discussion
of the dangers in cracking valuable secrets. "We know the police will be there,
but they won't be presenting any information," says CCC spokesman Andy
Mueller-Maguhn. "Our position has always been not to do or say anything that
would hinder their investigation."
Nevertheless, given the CCC's firm and publicly stated conviction that Tron
was murdered, the evening session will hardly be a dispassionate one. "I'm
anxious to know if the CCC's version of his death differs substantially from
the police's," says Seeger.
The CCC had already planned to convene in Germany's future capital rather
than Hamburg before Tron's death, but now, with the fact that Berlin was also
his hometown, this Congress promises to be more intense and more somber than
the others preceding it.
EoF
Go to the Wired site for related links in the mainstream media
on this and other related stories.
If you have any further hints or tips or sources to offer please do so
also i'd like to request any news paper clippings from outside the US and
Canada to be sent to our new snail mail drop (Postal Box), much appreciated.
Thanks - Ed
@HWA
2.3 See SANTA nude.
~~~~~~~~~~~~~~~
The link is on my site, check it out, hint SiN has something to do
with it. <BeG> <- thats big evil grin for those not in the know.
Not there anymore? no prob check here:
http://members.tripod.com/~hwa_2k/santa-sin.gif
2.4 The cDc severs all connections with the Hong Kong Blondes.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.hackernews.com/
Sorry Source of this is unknown: Think it was some little no-name
place like CNN or Wired or something....
Background article:
WHO are the Blondes anyway?
Author: Arik Hesseldahl (c) 1998 (?)
Hacking for Human Rights?
by Arik Hesseldahl
9:15am 14.Jul.98.PDT
The reclusive leader of a Chinese hacking group
that last year claimed to have temporarily disabled
a Chinese satellite is now forming a new global
hacking organization to protest Western
investment in the country.
In an interview with the Boston-based hacking
collective, the Cult of the Dead Cow, the hacker,
who calls himself Blondie Wong, said the new
group is forming in the US, Canada, and in Europe
to take up the cause of fighting human rights
abuses in China.
Wong, a dissident astrophysicist living in Toronto,
said that the new group -- known as the Yellow
Pages -- plans to target companies doing
business with China, and possibly attack their
computer networks.
"Many of these companies have computer
networks and there are a lot of members in the
Yellow Pages who have excellent hacking skills,"
Wong said.
The interview was conducted by a former United
Nations consultant known only as Oxblood Ruffin.
The group provided Wired News with an advance
copy of the interview.
In the interview, Wong seemed unconcerned about
any damage or monetary losses that might result
from a network attack carried out by the Yellow
Pages.
"Human rights is an international issue, so I don't
have a problem with businesses that profit from
our suffering paying part of the bill," he told
Oxblood.
As leader of the Hong Kong Blondes hacking
group, Wong has the credentials to back up his
threats. With members operating inside and
outside of China, the Hong Kong Blondes claim to
have found significant security holes within
Chinese government computer networks,
particularly systems related to satellite
communications.
The group claims it first announced itself to the
government in Beijing last year by temporarily
disabling a Chinese communications satellite -- an
incident never confirmed by the Chinese
government.
Since then, the group has threatened to cripple
certain Chinese military and security networks if
human rights issues in China reach what they
decide is a critical point.
Members of the Cult of the Dead Cow said that the
organization began advising the Blondes on strong
encryption and network intrusion at the annual
"Beyond Hope" hacker conference held in New
York last August.
In the interview, Wong details how he saw his
father stoned to death by members of the Chinese
Red Guard during the Cultural Revolution, the
period of political chaos that engulfed China during
the 1960s and '70s.
Later, as a student attending an unspecified
university in the Great Britain where he was
studying to become a teacher, Wong describes
watching televised images of the 1989 massacre
at Tiananmen Square.
"When the tanks went into the square and began
shooting and running over people, it was like I was
a little boy again, watching my father being killed,"
he told Oxblood.
Wong claimed that the Hong Kong Blondes has
doubled in size, with 42 active members operating
in China and other countries. Many of the group's
newest members are Chinese government
employees, whom Wong describes as "technical
people."
One member, a female hacker known as Lemon
Li, was detained earlier this year and has since
been moved to Paris with the help of a group
Blondie described only as "a group of people even
more outside the law than we are." The same
group provides Wong with an armed escort
wherever he goes.
The interviewer, Oxblood, said he knows little
about the origin or membership of the Yellow
Pages, other than that the organization was
founded recently by students at Cal Tech.
"Blondie wants anyone who agrees with the
strategy of attacking American companies doing
business in China to get involved," Oxblood said.
"So starting new chapters is really up to whoever
gets inspired, making membership open to
anyone."
Sun Microsystems, Lucent, Motorola, Yahoo, and
Excite are among a growing number of American
companies active in China.
As for any current or future activities of the Hong
Kong Blondes, Oxblood said the group has been
patiently watching and waiting.
"They have gotten to the point where they can
pretty much hack everything that is up and
running. [Wong] is pretty tight-lipped about what
he's got planned. I would say though, that the
Blondes have the capacity to snap the backbone
of the Chinese end of the Net."
3.0 Dec 22nd: SANTA'S CREDIT INFO SPREAD BY DISGRUNTLED ELF
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Just before Christmas this year HWA has learned that due to layoffs at
the prestigious Santa's North Pole Workshop (SNPW)
*** leetguy has changed the topic on channel #leetchan to HWA.hax0r.news Christmas issue will have Santas
+credit info & dox!
SANTA'S TRW (EXPERIAN) CREDIT DOX - Submitted by s4ntaSUx (A. Disgruntled Elf)
************************** TRW CONSUMER CREDIT REPORT **************************
* consumerinfo.com *
* Ref: 100000001 *
***************** Dept: CUSTOMER SERVICE / Queued by: SUPERVISOR ***************
DATE:06-30-1997 TIME:13:13:43 SUBJECT ID:
CONSUMER,SANTA N CLAUS
AA-10777 N POLE ST/NORTH POLE AA 11209;
U-CONSUMERINFO,T-01,V-06/999/8.00,H-Y;
PAGE 1 DATE 22-12-98 TIME 23:13:34 PCB29 V401 TCA7
SANTA NICHOLAS CLAUS SS: ###-##-#### E: ELF EMPLOYED
XXX N POLE ST ###-##-####* XXXX E POLE ROAD
NORTH POLE AA 11209-1234 ###-##-####* SOUTH POLE
RPTD: 11-94 TO 3-97 U 3X YOB: 1731 RPTD: 3-1792 I
LAST SUB: #######
E:BELL ATLANTIC
*2600 BOWSER ST 12 111 MAIN STREET
LOS ANGELES CA 90017-9876 BURBANK CA 91503
RPTD: 2-92 I RPTD: 10-90 TO 2-91 I
*SANTA CLAUS, SATAN CLAUSE, JACK D RIPPER
------------------------------ PROFILE SUMMARY -------------------------------
CNT 04/01/01/20
PUBLIC RECORDS-------3 PAST DUE AMT------$956 INQUIRIES---3 SATIS ACCTS---2
INSTALL BAL----$30,630 SCH/EST PAY-----$1,431 INQS/6 MO---2 NOW DEL/DRG---2
R ESTATE BAL-------N/A R ESTATE PAY-------N/A TRADELINE---5 WAS DEL/DRG---1
REVOLVNG BAL-------$50 REVOLVNG AVAIL-----96% PAID ACCT---1 OLD TRADE--1-68
------------------------------- PUBLIC RECORDS -------------------------------
*SO CALIF DISTRICT COURT 11-20-92 12-01-93 3011111 $12,450 CO LIEN REL
C#: 45078321 1 BP: B476P2109
*COUNTY SPR CT SANTA ANA 2-19-92 3019999 $1,200 CIV CL JUDG
D#: 7505853 1 PLAINTIFF: ALLIED COMPANY
BP: B1234P50987
*U S BANKRUPTCY COURT 6-10-91 3009999 $8,500-L BK 13-PETIT
D#: 35054539906234561 2 $100,000-A VOLUN
----------------------------------- TRADES -----------------------------------
SUBSCRIBER OPEN AMT-TYP1 AMT-TYP2 ACCTCOND PYMT STATUS
SUB# KOB TYP TRM ECOA BALDATE BALANCE PYMT LEVEL MOS REV PYMT HISTORY
ACCOUNT # LAST PD MONTH PAY PAST DUE MAXIMUM BY MONTH
*CREDIT AND COLLECTION 9-96 $500-O COLLACCT
####### YC UNK UNK 2 4-05-97 $250 9-95 (20) 9999999999999
############ 9999999
ORIGINAL CREDITOR: DR. JOHN KILDARE
HEMLOCKS 2-96 $900-L $500-H CLOSED CURR ACCT
####### DC CHG REV 3 6-01-96 $0 2-96 (17) BNCCCCCCCCC-C
############# CNNC
*MOUNTAIN BK 3-94 $43,225-O OPEN 30 3 TIMES
####### BI SEC 60 2 5-17-97 $19,330 5-97 (39) 1CCCCCC1CCCCC
###################### 4-97 $956 $956 2-95/1 CCCCCCCCCCCC
###############
*BAY COMPANY 1-68 $1,400-L $1,200-H OPEN CUR WAS 90
####### DC CHG REV 3 5-16-97 $50 3-97 (99) C0C321CCCC000
######### 3-97 $10-E CCCCCCCCCCCC
**ACCOUNT WAS IN DISPUTE-NOW RESOLVED-REPORTED BY SUBSCRIBER**
CENTRAL BANK 12-94 $22,350-O OPEN CURR ACCT
####### BI AUT 48 1 6-15-97 $11,050 12-94 (31) CCCCCCCCCCCCC
########### 5-97 $465 CCCCCCCCCCCC
COLLATERAL: 1995 FORD TAURUS
--------------------------------- INQUIRIES ----------------------------------
HEMLOCKS 5-05-97 ####### DC
BAY COMPANY 5-03-97 ####### DC $1,500 CHG REV
HILLSIDE BANK 3-21-96 ####### BC
--------------------------------- MESSAGES -----------------------------------
SSN MATCHES
IF YOU FEEL THERE ARE INACCURACIES IN YOUR EXPERIAN CREDIT REPORT, CALL
TOLL-FREE 1 (800) 567-5470. THE EXPERIAN CUSTOMER SERVICE REPRESENTATIVE
WILL ASK YOU FOR YOUR MEMBERSHIP NUMBER, AND YOU SHOULD RESPOND WITH, "THIS
IS IN REGARD TO MY CONSUMER REVIEW SERVICE REPORT." THE REPRESENTATIVE
WILL THEN PROMPTLY ASSIST YOU.
END -- EXPERIAN
3.1 Dec 21st: REMOTE EXPLORER NT VIRUS/TROJAN HITS MCI
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MCI was hit by a new virus targetted presumeably only at NT systems
called the Remote Explorer..Dec 21st
Contributed by: Dicentra
Also contrib'd by others but not all the same stories...
Thanks Dice for coming up with the best/most details for me,
http://www.nai.com/products/antivirus/remote_explorer.asp ($$)
Main site: http://www.cnn.com/
Section: http://www.cnn.com/TECH/
Story: http://cnn.com/TECH/computing/9812/22/ntvirus.idg/index.html
Update: Tuesday, 22 Dec 98, 04:53:29 PM EST
"MCI WorldCom network virus may be inside job"
A new strain of computer virus that attacked MCI WorldCom's internal
business network of NT servers may have been started by a disgruntled
employee, MCI WorldCom has acknowledged.
-=[ Full Story Below ]=-
MCI WorldCom network virus
may be inside job
Telecom giant calls in Network Associates' emergency response team to
stop virus from spreading.
(Updated) December 22, 1998 Web posted at: 4:10 PM EST
by Ellen Messmer
(IDG) -- A new strain of computer virus that attacked MCI WorldCom's
internal business network of NT servers may have been started by a
disgruntled employee, MCI WorldCom has acknowledged.
The company, which is in the midst of layoffs, said they are
investigating the possibility of an inside job. The strain, which is
believed to be the first NT-hosted virus, was first detected last
Thursday. It corrupts files and encrypts data, making them unreadable.
MCI WorldCom spokesman Jim Monroe, who declined to offer much detail
about the virus attack, claimed that it "has had no serious impact on
MCI's ability to deliver service to its customers." However, Network
Associates, whose antivirus emergency response team was called in to
help MCI WorldCom with the incident, said that the virus, dubbed Remote
Explorer, wreaked havoc on files in hundreds of desktop computers
connected to MCI's large NT-based network.
"We've never seen anything like this in 10 years of doing business,"
said Peter Watkins, general manager in the security division at Network
Associates, about Remote Explorer's modus operandi. Network Associates
believes it is the first totally NT-hosted virus that spreads by
exploiting a network's features in order to corrupt files or lock them
up through encryption. Weighing in at 125 kilobytes, the virus acts like
a network administrator run amok. In fact, the artfully crafted virus was
probably deployed on an NT server within the unlucky organization by an
inside employee, say Network Associates experts still studying the case.
But it remains unclear whether Remote Explorer can penetrate an organ-
-ization without inside help or if this malicious code is yet up on
hacker Web sites.
"This is a very sophisticated virus written by a knowledgeable person
familiar with business processes," explained Vincent Gullotto, manager of
the Network Associates antivirus emergency response team. "It's the
first NT-hosted virus we've seen, and the virus uses the network to spread
into the NT programs."
Remote Explorer, which has to somehow be installed in the NT driver
subdirectory, acts like an NT remote management monitor, sits in on
sessions, gathers data and impersonates a network administrator, Gullotto
said. "The virus emulates a network administrator and gives itself as many
rights as it can." The virus is intrinsically different from any other
virus spotted before because it doesn't spread through more traditional
means, such as floppies, or through e-mail as macro viruses do.
"If you discover it, it won't let you get rid of it by just shutting
it off," Gullotto warned. The virus, formally called 4.03r.sys, carries
a Microsoft DLL with it, and if you try to delete it, it simply creates
another DLL. The Remote Explorer virus corrupts HTML and other types of
files through data-compression routines or encrypts them so they can't be
read. It does not, however, appear to actually delete the files it attacks
or to cause other mischief, such as reformatting a hard drive.
The virus was designed with a time routine that causes it to do damage
between 3 p.m. and 6 a.m., as well as all day Saturday and Sunday-times
when few people may notice it on a binge.
"It corrupts data so it's not usable, but we have developed a cleaner to
cope with this," Gullotto noted. Network Associates is updating its
VirusScan product with an antidote to counteract the virus's damage.
Network Associates believes its antidote will even "make the system immune
from it," Gulloto added. The antidote will restore files and decrypt files
that were encrypted by Remote Explorer's 608-bit encryption component.
Remote Explorer doesn't appear to infect Unix or spread through Unix,
though Network Associates is still running tests on a variety of Unix
platforms before it issues a final determination.
Ellen Messmer is a senior editor at Network World.
(From CNN)
But wait! theres more! ...
From HNN http://www.hackernews.com/
New NT virus spreads via NT networks
contributed by Weld Pond (To HNN)
So Back Orifice wasn't enough of a potential trojan
wake up call to corporate America running their critical
business apps on NT networks. Most companies and
most NT administrators don't understand security well
enough to effectively secure their networks. UNIX
admins know not to run untrusted software as root. Do
NT admins think about this or are they running the
lastest email attachment their buddy from college sent
them?
Everyone has this story:
<snip>
Check out this funny quote from the CNET story: 'This
means Windows NT is a very large target of opportunity
now,' Dietz said. 'We have to make the leap of faith
that attackers are as good as a certified NT
administrator.'
<snip>
@HWA
3.2 The REAL reason we are on Internet Relay Chat
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Self explanatory; read on...
Resent-Cc: recipient list not shown: ;
Resent-Date: Tue, 15 Dec 1998 11:50:50 -0700 (MST)
Date: Tue, 15 Dec 1998 11:48:31 -0700 (MST)
From: Ray Powers <rayp@primenet.com>
Reply-To: Ray Powers <rayp@primenet.com>
To: operlist@the-project.org
cc: dummies@initiate.monk.org
Subject: The real reason we're on IRC...
Resent-From: operlist@the-project.org
X-Mailing-List: <operlist@the-project.org> archive/latest/618
X-Loop: operlist@the-project.org
Resent-Sender: operlist-request@the-project.org
Preface: This is long rambling and philosophical. It does not give any
info on the latest hack or attack, and is no way meant to have any
technical merit. If that didn't make you hit D, read on...
Most of you know me. I've been on IRC for roughly.. too long. And been an
oper since the first big euro/us TS/NDCD split. I've been involved in
taking out fludnets, co-founding bH, working on the botwatch lists and the
spambot channels, being the routing secretary, co-adminning operlist, and
several other tasks I can't even remember any more all to try to help this
lovely thing we call Efnet.
The funny thing is, I haven't chatted on IRC for about two years.
I mean, I've been on IRC the whole time basically, but in retrospect, over
95% of my IRC conversations start with a user, oper or admin saying "Can
you help me with....." It's all about me klining a bot, helping a user
get a channel back, answering questions about clients, servers, links, or
hackers, threatening to get smurfed (or worse), showing someone how to
bothunt, answering e-mail on why my bot kickbanned them, or something
else.
I never actually chat.
About two months ago my work schedule got really hectic and I basically
fell off the edge of the IRC world. I was working about 14-16 hours a day,
and just had no time to idle on IRC. A few weeks into it, I emailed the
frontiernet admins and told them to remove my O lines, as I didn't have
the time for it any more. They, nice people that they are, offered to
leave them in, so if I ever wanted to come back and help out, I could.
A week or so later, I *DID* get some spare time. I logged in, opered up,
went to hang out on a couple of my normal channels, and booted up BotHunt,
an irc script that searches the servers for bots and klines them.
I got attacked about 10 minutes later by some random DoS pup. Didn't
actually do anything but finally ping out bothunt, but kind of annoying
none-the-less, as they did send a floodnet after the client. So I, like
loyal little oper I am, compiled a list of the flood bots, klined all I
could and sent the rest to botwatch.
And stopped coming on IRC again for a bit. I mean, why bother. I just get
questions I don't have time for, requests I can't help on, and attacked
for simply enforcing the server rules. Why do people even bother to come
on IRC anyways, I thought.
Oh yeah, to chat.
A couple days later, I came back online.
I didn't oper up. I didn't connect to a tcm bot. I didn't join any oper
channels. I pulled MtgMonk out of the oper channels it was in. I joined a
couple channels I was interested in (in my particular case, the Magic:The
Gathering channels), joined, and chatted.
It was pretty cool.
Nobody nuked me. I had a couple great conversations with people on Magic
theory. I joked around with a few people I knew online, and in general had
a great time. It was amazing. It's like there's some other world out there
in IRC. Some world where people don't threaten to take over your channel
or flood your server, or yell at you for klinigng their bot. A place
where accounts don't get , users don't get nuked, and takeovers
don't happen everyday.
Its a place where people gather, and chat. That's it.
Its pretty damn cool.
This really is going out to both sides of the fence. The IRCOpers, and
the DoS pups. You want to celebrate the Holiday season this year right?
Maybe give a gift to the community that accepts you no matter who you are,
how old you are, or where you live? Try this:
Try logging on to IRC for a bit as a user. Don't oper up if you're an
oper. Don't load the nuker or the anonymous shell you DoS from if you're a
DoS pup. Just log in, join a couple channels about things you're
interested in, be it #wrestling, #sandiego, or #people_with_ppodles.
And chat.
And try and remember why you came on to this place to begin with. Not what
it became, not what *you* became.
IRC, as what its supposed to be, as what its *meant* to be, is really,
really, cool.
Try it sometime. Try using IRC to *chat*.
Its worth your time.
------------------ [ operlist@the-project.org ] -------------------------
To unsub: operlist-request@the-project.org with unsub operlist in the subject
List Maintainer: Matthew Ramsey <mjr@blackened.com>
Web Archives: http://www.the-project.org/operlist/current
---------------------------------------------------------------------------
Lovely piece of writing, just had to include this.
@HWA
4.0 Windows Trojans Update & The New Remote Explorer NT VIRUS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Last issue I reported that I had recently found many new trojans
"What you don't know CAN and DOES hurt you..." - me last issue
Trojan list:
Keys - Don't have it
+ Have it
!+ Contributed
? Name may be incorrect or a duplicate of another trojan
you have one of the 'needs' or know where I can find it for review
purposes please mail me. tnx.
!+Thanks to psychorakz muna for the url to girlfriend trojan site.
Key Name Key Name
===/==========================/=======================================
*- Acid Shiver + BackDoor
+ BackOffrice ? Control du Socket
+ Control Access + Deep Throat
+ Gatecrasher - Gjamer
!+ Girlfriend ?+ ICQ Trojan *There are many of these!
+ MastersParadise - Millennium (by HCVORG)
+ NetBus + NetSpy
- phAse zero - RAW
- SysProtect 98 + Sockets Du Trois (Same as #4?)
- TeleCommando
** Acid Shiver source was offered by someone at a hotmail account some
time ago on one of the mailing lists, dunno about anyone else or if it
was a phish or not but I never got mine. If this does exist (or not)
any 411 at all would be appreciated. ;)
A few sites where trojans may be found: (Updates requested)
!+http://www.chat.ru/~gfailure/ General Failure (Girlfriend & Source)
http://www.ufl.edu/~cycy92n/........ PHAC site - trojan files
http://www.legion2000.org/hcvorg/ .. PHAC site - HcVORG Trojan files
@HWA
4.1 Cyber Army is being jolly nice especially after recent hack attacks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Contrib: demoniz/Ed
The Cyber Army site is a nice site, a bit flash, but nice, they
have now released their much sought after (and allegedly already
stolen and spread) anonymizer source code. After recent events its
a token of good will to the community and shows who the bad guys
are once again.
Story from http://hacknews.bikkel.com/ 100% Pure Bikkel (demoniz)
CyberArmy Anonymizer source released
update by demoniz at Dec 27 , 14:11 CET
The CyberArmy crew released today their long awaited source code of
the CyberArmy Anonymizer. You can hide your real identity with this
script. You need to have cgi-bin access to install the anonymizer.
We've tested it briefly and it worked quite well.
Download it: http://www.cyberarmy.com/files/cyberanon.zip
Main site..: http://www.cyberarmy.com
We haven't tried it here yet but plan on doing so when we move to
a new bawx in the new year, !**! <- search for that for further info
@HWA
4.2 Is it cool to hate Kevin Mitnick? - Updated with comments from fh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
EPiLOGUE
~~~~~~~~
"two sides to every story, somebody had to stop me, I'm not the same
as when I began, I will not be treated as property!" - John Lydon/PiL
Last issue we printed an admitted diatribe ranting about the killkevin
site run by fucking hostile (fh) on sinnerz.com I really fucked up by
not contacting him via email PRIOR to posting that article but I was in
a pissed off mood and the site as it stands still pisses me off. Anyways
here is the outcome of a discussion between myself and fh. Mucho thanks
to fh for permission to print the mail (although I was going to do it
anyway had I not recieved the response just moments ago) so thanks.
X-Sender: typeo@qni.com
X-Mailer: COOLMAILER2.0
Date: Sat, 26 Dec 1998 16:42:42 -0600
To: Cruciphux <cruciphux@mobsters.com>
From: fh <xxxx.xxx>
Subject: Re: hmmm
go ahead...
At 10:22 PM 12/18/98 -0500, you wrote:
* Ed>[ Modified for clarity : Ed = me fh = fucking hostile ]
Ed>Hi;
-
Ed>First off, do I have your permission to print your message and this
Ed>reply in a future issue of the newsletter?
Ed>
Ed>I wish all views to be aired out in the open if you are agreeable.
Ed>
fh>At 11:05 PM 12/17/98 -0600, you wrote:
fh>>What is to be careful about? I find this comment rather offending
fh>>considering neither The Messiah or SIN have >EVER released anything
fh>>that anyone would need to "be careful" while checking out.
-
Ed>Merely covering my ass. Insomuch as anyone should "be careful" when
Ed>checking out software they download from the net. I had not tried out
Ed>the software and did not want to recommend something that I had not
Ed>even run, however I maintain that the description sounded very good
Ed>and with the proliferation of trojans of the like of BO and the
Ed>(alleged) hacking of a site where software was replaced with NetBus
Ed>in the archives etc its a good policy to check-out everything no
Ed>matter what the source IMHO.
-
fh>>And also in issue 2.
fh>>Well I am saying right now that any person with a brain can tell my
fh>>site is for these basic reasons:
-
fh>>1. To get a rise out of people.
-
Ed>Having a brain and English being my primary language I figured as much
Ed>I contend the intention may not be as obvious to others.
Ed>
-
fh>2. To stop the 'FREE KEVIN' banners that everyone is putting on their
fh>page just so they look cool and all with the "hacker movements" or
fh>whatever.
-
Ed>I agree misuse of any movement for personal aggrandization sucks.
Ed>
fh>3. To stop the idiots who hack webpages and put FREE KEVIN all over them
fh> which he him and his freinds (several of whom have emalied me because
fh> of my webpage) say does more to hurt his situation then help it.
fh>
Ed>This I also agree is an unfortunate situation but with any "hero" or
Ed>"anti-hero" you're going to get this sort of abuse for personal
Ed>glorification and justification of otherwise illegal and anti-social
Ed>actions.
-
fh>And my opinion is that Kevin has brought his problems on himself. He broke
fh>the law and everyone knows it. While I don't think he should be in prison for
fh>almost 4 years with out trial, he did give up some of his rights and it is his own
fh>fault.
fh>And when he gave up his own rights then I refuse to support him.
-
Ed>Moot point. Hacker or no, agree or disagree, basic human and constitutional
Ed>rights have been abused and broken by the U.S government.
-
fh>I made no comments on my page saying that someone is "elite" for putting
fh>my banner up on their webpage. In fact I even realize that some people, who
fh>I am sure I would truely hate if I knew them, have put the banner up on their
fh>sites in order to seem like the "rebels" or whatever. That can't be avoided,
fh>just like it can't be avoided that some people who have no clue about Kevin
fh>will be putting FREE KEVIN all over their webpages.
-
Ed>...
-
-
fh>So do I truely want to see Kevin killed, fucked, and burned? Of course
fh>not. My banner is a statement of how this whole "FREE KEVIN" campaign has
fh>been shoved down everyones throat enough. And before you say it hasn't stop
fh>and think about it. Were the numorous webpages that have been hacked that
fh>said FREE KEVIN and were all about Kevin not indeed doing just that? The
fh>majority of these pages were virtual domains and the people had no clue what
fh>was going on other then some "hacker" (I wouldn't look at those people as
fh>hackers myself) has defaced their webpage for no reason other then that
fh>was the server their latest k-r4d 0-dAy SPLoiTz happend to work on.
-
Ed>I totally agree with your position on this.
-
**fh>Anyways the point is. You have your opinion and I have mine. At least the
fh>people who agree with me don't go hacking every virtual server that is hosted
fh>by someone like prohost.com or whatever the fuck it may be and shove their
fh>opinions down someones throat.
fh>
fh>They can accept it or not. I personally do not care either way.
-
Ed>I couldn't have said it better myself and hope you agree to this being
Ed>posted in an upcoming issue so others can see the points in a clearer light.
-
Ed>Cruciphux
Ed>HWA Staff
-
Ed>---------------------------------------------------------------------
Ed>Contrary to popular opinion, UNIX *is* user friendly. It just happens
Ed>to be highly selective about who it makes friends with.
Ed>---------------------------------------------------------------------
** If only other people could get down and sort out their differences in
this manner it would be a cool "scene" indeed. See guys? we had some shit
to sort out, its sorted. No fucking problem. Try it some time talking works
wonders.
fh: Public formal apologies for not contacting you prior to that "mini
diatribe" and also "you have your opinion i have mine"? fucking kick-ass
I loved the email.
tnx.
By the way after receiving this initial response and understanding better
the true reasoning behind the rationale of the site i posted BOTH the free
kevin and burn, fuck, kill kevin banners on my site so people coule mkae
their own minds up. Personally although I understand and agree to some
extent with fh's position on this i'll lean towards the free side tnx for
the response. BTW Genius is way cool ... ;-)
- Ed ( Cruciphux )
http://www.kevinmitnick.com/ Free Kevin
http://www.sinnerz.com/fh/ FK&B Kevin site
@HWA
5.0 l33t d00d! totally l33t! KILL THE NEWBIES!!!! [ NOT!!] READ THIS.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I was (well still am) working on an article concerning this very
topic for an upcoming issue. There are a lot of differing views on
the net about the "newbie" you've seen em, they're usually from
*.aol.com or maybe from *ipt.aol.com AND have a scroller or NUKER
<GASP an hax0r!> but seriously. often they get flamed or nuked or
ridiculed and hell, some of these assholes totally deserve the shit
they get back and well IMHO AOL.COM should be banned everywhere
not coz of the users but if the fucking admins couldn't handle
their own dicks in a pissing contest what chance do their poor users
have with them "showing them the way"? thats like asking Microsoft to
do a security audit on your NT network. <ahem>
Anyways as this is a totally no-bs unbiased publication <grin>
I won't rant and rave, we ALL had to start somewhere and this
nicely points that out. Check the article below, it was first pub'd
on http://www.hackernews.com/ in the COREDUMP section. A very good
and original piece. Permission was sought and graciously granted
for this reprint.
Original source: http://www.hackernews.com/
Original url: http://www.hackernews.com/orig/coredump/leet.html
(There is a slight misspelling here seems they spelled "l33t" as
"leet" i've already notified them of this gross error) <not>
Author: Flaming Cow
Author's site: http://www.planethack.com {nice site check it out}
How About Those l33t d00dz?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
by Flaming Cow www.planethack.com
Reprinted here with the permission of Flaming Cow and Planethack.
When is the last time that you were just hanging around on
IRC when you encountered a very lame person. You know
the type - they talk l1k3 7h1s; they think that the fact
that they just downloaded the newest ICQ flooder naturally
means that they now rule the world.
Most of you would probably have the same reaction that I
used to: head straight for ye olde kick/ban button. Wait.
What if that person you are about to kick could be crypto
analyzing AES in six months? What if they were destined to
be the next one added to that large group of people who
found sendmail bugs? Who exactly are you kicking?
I run a hacking website that attracts exactly these types. I
can't count the number of times that I have received "Do
you have the latest AOL scroller?" through the feedback
form. My good friend and site sysadmin tells me that before
we got the firewall, he had several users break in and start
by trying to "dir". However, I don't ignore these emails, and
I don't send back nasty "Go Away" notes.
Yes its hard, hell, nearly impossible to imagine, but this is
the way that a hacker today has to start out. These are
not the kids who were as lucky as us to have the BBS
scene and accepting "Mentor"s to teach us. Anyone who
has the interest and the drive to learn about computers will
be caught by the media hype and will end up searching
Altavista for "hacking".
When they do that, what do they find? Well--the last time I
checked--I came up number 5. I'll admit it: by the
standards of sites like this, mine is seriously lame. People
constantly tell me: all these files are for attacking. This
violates any kind of hacker ethics that exist, and they don't
teach anyone anything. And they're right. So why do I keep
this page running? Specifically to attract those Altavista
searchers. Confused yet?
I run my site to get people interested. That is my goal.
People come here and they use these programs. I get 2000
hits a day from people who want to nuke their friend off
ICQ. They destroy, they wreak havoc, and they generally
cause a giant, unforgivable mess.
However--maybe once a week--I get an e-mail that asks
"Is this all there is? How can I go farther? I want to learn
about computers, UN*X, etc. I want to stop destroying and
start creating knowledge." By sheer math, that is 1 out of
14000 people, but it is still one person. I can guide that
person away from their little GUI world. That one in
fourteen thousand was ready to move on, and to expand
themselves. Those that are weeded out by this
bandwidth-wasteful process have the desire and the ability
to learn. They all expand beyond my limited knowledge very
fast. Several have gone on to much better things. All of
them have been well worth my time.
So, you ask yourself, this letter started with some h^c&3r
coming into my IRC channel. I definitely don't have 14000
people doing this to *me* a week, so why should I care if
there are that few real possibilities out there? My response
is: Can we afford to waste even a single questioning mind?
The number of people who would call themselves "hackers"
has grown exponentially on the 'net in the last several
years. The number of true hackers that adhere to ethics
and hack only for knowledge and not for publicity or
bravado has dropped drastically. Do those few who are left
want their only legacy to be a bunch of kids running around
with WinNuke? If all the *real* hackers out there don't get
off their high horses and start teaching a new generation,
all that will be left eventually will be those "script kiddies."
Even the newest hacker has read Mentor's Last Words.
Some of us know them by heart, and have spent time
analyzing how we can apply his writing to our actions.
However, consider his name. He called himself Mentor for a
reason: he taught people. His values still live on in some
people, but his idea of raising the next generation is being
lost, and we *must* fight to keep it.
Related links:
http://www.antionline.com/ (if its back up **)
** See next story about some "happenings" re: Antionline.
5.1 ANTIONLINE! hacked? or just a "hardware failure"?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The owner of Antionline seems to have become a bit of a target (to
put it mildly) for the "script kiddies"
As of this writing we see this on an attempted connect to Antionline
(what happened to all that venture capital?)
Dec 26th 1998 - 16:00hrs
http://www.antionline.com/
Greetings All,
Due to a hard drive crash, AntiOnline is currently down. We should be
back up and running the day after Christmas.
AntiOnline strives for accuracy in all that we report. When we receive
a tip, we make sure that we double check it with as many sources as
possible, and talk to all sides involved. Unfortunately, some of our
colleagues in the field do not follow the same dedication to accuracy
as we do. The Hacker News Network received an email from some "hack
group" who apparently noticed that we were down, and decided that they
would attempt to gain a reputation for themselves by claiming that they
were the cause. HNN decided to post the claims of these hackers without
so much as an email to us, much less requesting additional verification
from the hackers. It saddens us that the Hacker News Network has decided
to follow nothing more than the standards of tabloid journalists.
To all of our regular users, you can be sure that AntiOnline will cont-
**-inue to be THE ONLY news source in the world dedicated to bringing you
the latest news from the underground and computer security scene in an
accurate and timely manner.
Oh, and one more thing. Look for the new AntiOnline, dubbed The
AntiOnline Network, on February 16th.
Yours In CyberSpace,
John Vranesevich
Founder, AntiOnline
** I don't want to sound like a prick but my knee jerk reaction to that
comment "THE ONLY news source..." etc would be "ooooh little boy had his
ego kicked in the nuts?" hope things pan out coz if the shit comes to-
gether this will be great for the 'community' all the in-fighting and
stuff thats going on though is getting a bit silly. Go re-read the piece
on newbies and then look at what some of you guys (you know who you are)
are doing ... - Ed
[TBC-#4]
5.2 Bikkel Gets The Pickle!
~~~~~~~~~~~~~~~~~~~~~~~
Contrib: me
Story: demoniz
Time: 3:14am
Attire: Xmas Boxer shorts
Shoot the messenger
update by demoniz at Dec 24 , 0:59 CET
100 % Pure Bikkel has been accused of being responsible for
defacing the Web site of Slampcoach.com. The abuse team of
PSInet contacted our hostprovider with the request to remove this
site and take proper actions against the webmaster (me.) A classic
case of shoot the messenger. The accusation of the abuse team
was based on the fact that I reported about the compromised site.
PSInet claims to have contacted the FBI. Yeah whatever.
Read my reply to the abuse team of PSInet:
Dear Net-abuse team,
I received a complaint from the owner of bikkel.com regarding the
compromised server of www.slampcoach.com. I would appreciate it if
you could refrain from any unsubstantial accusations. According to the
information which was sent to our hostprovider (WideXS) you accuse the
bikkel.com members being responsible for this hack. This accusation
rests on the fact that my user account (http://www.bikkel.com/~demoniz/)
was mentioned on the defaced Web site. For your information: I'm the
webmaster of a popular news site for the hacker scene. I report on a
daily base about various exploits/bugs/hacks. We're dealing here with
a classic case of 'lets shoot the messenger since we have noone else to
blame.' I don't want to be disrespectful, but your investigation of this
particular hack is anything except thorough.
You wrote in your complaint:
>> If you go the website http://www.bikkel.com/~demoniz/, there is
>> mention of our customer's website getting hacked. Please see the
>> following contents found on that site.
>> -----------------------------------------------------------------
>> http://www.bikkel.com/~demoniz/
>> ok now hadez came on dalnet and asked me to give him the pass to this
>> domain i said yea sure whatever, i never met him before this...so he
>> changed the page to say some shit bot I-L and some other HCV members,
>> well little did i know thisd create a big flaming war...see i only had
>> a problem with wizk1d and silicosis...Wizk1d cause hes a jakcass 13
>> year old, that called... [snip]
Since you obviously visited my site, you should know that this particular
quote is taken from a copy of the hacked site which I received. You can
find the archive of the hacked site here:
http://www.bikkel.com/~demoniz/hacksite/slampcoach3_com.html
Maybe you should also take a look in the directory /demoniz/hacksite.
You'll find many many more archived hacked sites. Why?
Because it's an _archive_ of hacked sites. Those pages aren't written by
me, but are copies of hacked Web sites. I merely report about them.
Since you had your finger on the trigger to bring charges against me
(and punish me [start quote] PSINet is requesting that the following
website be removed and action taken on the users responsible [end quote]),
I assume you will be just as quick with your apologies.
Thank you for your time and I'm looking forward to your apologies.
Kick Ass Demoniz, some people are just so ... well you know.
@HWA
6.1 The Great Christmas Hax0r Flood of 1998
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ok i'm not really sure i'm totally clued into what the point of this
is maybe its because i'm not in Europe or .NL right now maybe someone
could elucidate for me. Just email me some info on what the hell is
going on here.
It would appear that someone is extremely bored or someone else is
trying desperately to destroy someone else's name OR perhaps its a
fame and glory thing maybe they want to be busted I don't know.
From: http://xmaxhax0r.virtualave.net/memberz.html
6.1a Latest exploits and hacks <revisited>
~~~~~~~~~~~~~~~~~~~~~~~~~
Source credit:-> BUGTRAQ
Approved-By: aleph1@DFW.NET
Date: Sat, 21 Nov 1998 12:54:41 -0500
Reply-To: John Carlton <techhelp@ROCKETMAIL.COM>
Sender: Bugtraq List <BUGTRAQ@netspace.org>
From: John Carlton <techhelp@ROCKETMAIL.COM>
Subject: Freestats.com CGI vulnerability
To: BUGTRAQ@netspace.org
About a year ago I developed an exploit for the free web stats services
offered at freestats.com, and supplied the webmaster with proper code to
patch the bug. After hearing no reply, and seeing no fix in sight, I've
decided to post it here.
Procedure:
Start an account with freestats.com, and log in. Click on the area that
says "CLICK HERE TO EDIT YOUR USER PROFILE & COUNTER INFO" This will call
up a file called edit.pl with your user # and password included in it.
Save this file to your hard disk and open it with notepad. The only form
of security in this is a hidden attribute on the form element of your account
number. Change this from *input type=hidden name=account value=your#* to
*input type=text name=account value=""* Save your page and load it into your
browser.
Their will now be a text input box where the hidden element was before.
Simply type a # in and push the "click here to update user profile" and all
the information that appears on your screen has now been written to that user
profile.
But that isn't the worst of it. By using frames (2 frames, one to hold this
page you just made, and one as a target for the form submission) you could
change the password on all of their accounts with a simple JavaScript function.
Any thoughts, questions, or comments?
John Carlton,
CompSec specialist.
Source credit:-> [ http://www.rootshell.com/ ]
Date: Thu, 5 Nov 1998 02:38:51 +0200
From: Tatu Ylonen <ylo@SSH.FI>
Organization: SSH Communications Security, Finland
Subject: security patch for ssh-1.2.26 kerberos code
-----BEGIN PGP SIGNED MESSAGE-----
This message contains information relevant to people who compile ssh
with --with-kerberos5. There is one or more potential security
problem in the Kerberos code. These issues are not relevant for
people who have not explicitly specified --with-kerberos5 on the
configure command line.
Peter Benie <pjb1008@cam.ac.uk> found a buffer overflow in the
kerberos authentication code. To quote from his mail:
> What about sshconnect.c, line 1139
>
> sprintf(server_name,"host/%s@", remotehost);
>
> where remotehost is (char *) get_canonical_hostname() (up to 255 chars),
> is copied into server_name (a 128 char buffer)?
It looks to me like this is a genuine buffer overflow. I had not
noticed it when going through the code.
This buffer overflow is, however, extremely hard to exploit:
1. The victim must have have client compiled with --with-kerberos5 and
--enable-kerberos-tgt-passing.
2. The victim must be connecting to a server running with the same
options (i.e., krb5 with tgt passing).
3. You must do the following DNS spoofing:
- fake reverse map for the *server*
- fake forward map for the fake reversed name
4. You must fake your attack code to look like valid DNS records; this
is highly untrivial with modern versions of bind that reject all
domain names with invalid characters in them.
5. Only the part of the DNS name beyond 128 bytes can be exploited; that
must be made to align with stack frames and must contain appropriate
return addresses and jump addresses. It has been shown that this can
generally be done, but the space and structural constraints here are
extremely tight compared to most instances of buffer overflow
exploits.
6. Since the client with Kerberos TGT passing is only used
interactively, the user will almost certainly notice that something
went wrong. I don't think you can, within the structure and space
constraints, construct the code so that the user would not notice at
least the client crashing.
7. You cannot try again after a failed attack until the client again
tries to log into the same host.
This might yield an attack against the *client*.
I've fixed this in the source tree.
I'd like to thank Peter for reporting this. A fix will be included in
the next release (which I expect in about a week).
<patch deleted for brevity>
- --
SSH Communications Security http://www.ssh.fi/
SSH IPSEC Toolkit http://www.ipsec.com/
Free Unix SSH http://www.ssh.fi/sshprotocols2/
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQCVAwUBNkDyOakZxfGWH0o1AQGYOQP/bUNnE/ZpSQqWVc0ngxLG50+CtyksugLJ
wD0X2yIoc8jmY+UNPL7weQatgv6CmUUoWWpLctzKr8A6G/HrD2sh0OHPBwhIxg1i
3mPj7WrcIX9g/K5LaEksiZ0vv4h/gvSJty5y+wRiu0QLRmuAy91CyaKTV7Sab0YT
/W/s1NazNIg=
=iABB
-----END PGP SIGNATURE-----
@HWA'98
6.2 Think Twice Before Becoming A Hacker Attacker
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Source: CMPNET Internetweek article
Author: RUTRELL YASIN
Think Twice Before Becoming A Hacker Attacker
RUTRELL YASIN
December 14, 1998
I'm a big proponent of self-defense. Having studied a few of the martial
arts, I've learned the value of being prepared to fend off and respond
to attacks. To paraphrase a famous activist of the '60s: If someone
attacks you, make sure he can't put his hands on somebody else.
That appears to be the stance of a growing number of large companies that
have been victimized by hacker attacks, according to extensive research
conducted by WarRoom Research.
In an 18-month study of 320 Fortune 500 companies, 30 percent said they
have installed software capable of launching counterattacks to security
breaches. The report, titled "Corporate America's Competitive Edge,"
focuses on security and business intelligence practices and will be
available next month.
Most security experts agree that companies should have some way to
strike back at hackers. They caution users, however, not to get
embroiled in cyber shootouts. The main reason? The system you're
aiming at might not be the culprit.
The concept of "strikeback" has been around for years, but the method
gained wider attention over the past few months after the Defense
Department used software to disable an attacker's browser.
Strikeback can take many forms-from the collection of information
about intruders that can be used later to launch a counterstrike or put
the culprits in jail, to the launch of debilitating countermeasures such
as denial of services or flooding attacks that virtually shut down an
attacker's system.
But a savvy hacker can forge packet headers to make it appear that an
attack is coming from another location. And if a company is shooting
first and asking questions later, innocent people could be hurt.
What's ominous about the WarRoom Research findings is that many of
the companies in the security study would prefer to use their own
strikeback methods as opposed to calling the FBI or state law
enforcement agencies.
As WarRoom Research president Mark Gembicki pointed out, a code
of ethics controls how government agencies use strikeback measures.
Large companies are truly borderless and are moving into uncharted
territory.
Ken Geide, section chief of computer investigation with the FBI's
National Infrastructure Protection Center, agreed.
"It's really important that companies have the capability to detect
efforts to break into systems," he said. But strikeback has possible
drawbacks.
"The consequences of strikeback has the potential to put the victim at
civil risk or physical risk," Geide said.
The companies in the WarRoom study view strikeback as a right, just
as the law protects physical self-defense by way of force.
But there are lessons from the physical world that IT managers should
consider before launching a strike, experts said.
If you see someone trying to break into your car parked at the curb, do
you have the right to get your gun and take a shot at the suspected
thief? Geide asked.
The person might be intoxicated and just stumbling on your car, not
actually intending to break in. Worse, the bullets may ricochet and hit
a bystander.
"Our recommendation would be to let a properly trained individual help
protect the property," Geide said. IT managers should adopt the same
kind of response when conflicts arise in cyberspace.
"They could be launching a strikeback against themselves. The victim
is better off working with law enforcement," he added.
Geide said, however, that companies have been reluctant in the past to
tell law enforcement about security breaches, fearing unwanted public
exposure. Just as technology continues to advance, the FBI has grown
more sophisticated in investigating computer break-ins. "We're
cognizant of the concerns of the victim. It would be silly to victimize
the victim twice," Geide said.
As a result, the FBI has seen a nearly 200 percent increase in pending
investigations, primarily as referrals from victims, according to Geide.
It's clear that more large companies are devising options and plans to
address network intrusions-from both internal and external attacks.
Many are deploying tools that block or kill TCP/IP connections when an
intrusion is detected.
Those considering counterstrikes should realize that we're a long way
from being able to effectively verify that we're hitting the right targets.
Rutrell Yasin is a senior editor at InternetWeek.
@HWA'98
6.3 Ecstacy (XTC/mdma/rolls etc) Raves and Hacking your Head
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"running around robbin banks all wacked on the sk00bi snax"
- Fun Loving Criminals
Author: xd0pEr
Status: (c) HWA/xd0pEr 1998
"Hack your head instead"
xd0pEr
* free to distribute if source and site is stated
http://welcome.to/HWA.hax0r.news/
ok This is NOT an anti-drug article, but if it makes you stop and
think then it was worth while. First off, its not just bums and
welfare people or blacks or <insert your biggot ethnicity> that end
up becoming alcoholics or drug addicts, I've known Doctors, Cops,
lawyers, business men and many computer professionals who have fallen
prey to this trap these are smart people.
Anyway so wtf do I care? well i'll tell ya wtf I care, been there done
that and i'm still here. used to play Suicidal Tendencies "Suicidal
Failure" and think it was funny ya big hahah h0h0.
Anyway the point is this HACK YOUR BRAIN. Not not with a hatchet fuck
wad, get wit da program, get some fucking root man, GOT ROOT? no? ok
try VALERIAN ROOT, if you're a raver, its sedating, makes the colours
go super cool, neat visuals and its a herb. also take GINSENG in tab
form and also if you can stand the taste (its pretty kewl actually)
buy some ginseng drink from your local Korean variety store its like
speed that shit keeps ya going for about 2 hrs and yer mind is unfucked
... try leaving the mdma bullshit at home sure your head ain't scared of
dying but guess what the rest of your body is and fuck man you'd piss
off people you didn't even know were your friends if u deep-6'd it on
the dance floor, (thats rude) you'd look pretty rad then huh? End of
rant, check this out:
Draw up a pro and con list, doesn't have to be long or elegant:
Reasons/Excuses Consequences
+++++++++++++++++++++++++++++++++ -------------------------------------
Feels good NOW Accidental OD can kill you and your
friends if you're driving to/from the
rave or someone elses friends/family.
(I know people that have done this)
Escapism Try a movie instead, or book, hell
I hear hacking websites is IN these
days least you can't get killed too
quickly.
I think it makes me look cool You will look very cool, stone cold
and unless you're cremated you'll stay
that way forever.
What are my creds? oh how about 12yrs of lost life, 5 dead friends, a
lost house, AA ppl, NA ppl, the Police, Emerg and Shrinks know me on
a first name basis. That enuff? fuck you if you think this is shit i'm
taking the opportunity to put this out and thanks to Cruci for being
there for me, if it weren't for him, FProphet, Dicentra, Vexxation
and their families I wouldn't doing shit now cept watch worms crawl.
One last story before I go.
There was a guy that had a fantastic time but had too much to drink
he took his buddies keys and took off home in his car, hit another
car on the way home "fucking bummer" he thought, turns out that car
wiped out and smashed head on into a lamp post <yikes> so some woman
and two kids got killed just coz he was stupid enuff to get totalled
and drive home.
Next day his wife and kids are nowhere to be seen, but the police were
in the driveway. Guess the ending? ya, that was his own fucking family
he wiped out.
Merry Fucking Christmas.
Hope you all got the picture.
It ain't cool.
But the music is.
fuck i'm like 27 now and things rock
i'm still alive and life is great
but the things that coulda been ... make me break up now and then
btw: those frame sites piss you off here's the url for Bikkel's
webboard http://www.bikkel.com/~paradise/webboard/ sans frames...
To end on an upbeat t0ne, proof i've done the deal ...
"gh0d grant me the serenity
to accept the things I cannot
chmod, the courage to not DoS
although I can, and the wisdom
to spewf my ip when killing ppl
off of irc."
Ok its slightly modified but wtf its xmas, i'm sober and its
fun to be alive ... ;-)
- xd0pEr Dec'98 "A prick'n'still kickin"
Comments: xd0per FUCKING AWESOME ARTICLE. thanks man. keep rocking
we'll always be here for ya. - Ed
Demoniz may have something to say about that url but
wtf .. I hate frames too so I left it in - Ed
LEGAL HIGHS
~~~~~~~~~~~
Well not really but a good way to start hacking your head, also you
might want to look into n00tropics (nutropics). Use your favourite
search engine and look up "nootropics and nutropics".
Recommended links: (checked)
http://www.nutrimed.com/
http://www.herbnet.com/
http://www.natrol.com/
http://sunsite.unc.edu/herbmed/mediherb.html
@HWA'98/99 <almost>
7.0 HackingIRC'98 Part II [TBC] (NOTE)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hacking eggdrops part 1 appeared in issue #2
THIS WILL CONTINUE IN AN UPCOMING ISSUE
7.1 Hacked Web Sites
~~~~~~~~~~~~~~~~
MORE COVERED IN NEXT ISSUE TOO MANY TO LIST IN THIS ONE/HACKS IN
PROGRESS...
Partial list appears below though for the curious (Partial!)
As far as I know these are not just a single vhosts hack ...
From hnn dec23
rumours
These sites have been hacked Dec23rd'98:
www.fractals.com ...........: Still hacked Dec 23rd
www.ambientcorp.com.........: Still hacked Dec 23rd
www.lindasy.com.............: Fixed
www.paulsonpress.com........: Fixed
www.uomini-photography.com..: Fixed
www.pagnol.com..............: Still hacked Dec 23rd
Newer hacks (Dec 28th)
~~~~~~~~~~~~~~~~~~~~~~
Checked 1:55p EST this msg was posted (and reported) on Bikkel
the "Still hacked" sites remained hacked for up to one week after
the initial intrusion. Bad, very bad.
More sites in protest of high telecom rates:
Checked at 12:13 EST by Cruciphux:
www.cabolinda.com .....: Server down/not responding
www.apibajasur.com.mx ..: Server down/not responding
www.doring.com ........: Raw directory with /logs displayed
www.villamex.com.mx ....:"Pagina en Construccion !!!!" message
www.cabo-architects.com.: Fixed
www.finisterra.com......: Fixed
According to BikkelRaZa-MeXiCaNa is claiming responsibility, watch for an article on the
state of Hacktivism in an upcoming issue. - Ed
* also check out http://xmaxhax0r.virtualave.net/memberz.html
@HWA'98/99
A.0 APPENDICES
~~~~~~~~~~
Planning on tidying things up a bit around here, make it more uhm
hrm, accessible... index and shit, maybe even a PDF version. we'll
see.
@HWA'98
A.1 PHACVW, sekurity, security, cyberwar and referenced links
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Site....: ETHICAL HACKERS AGAINST PEDOPHILIA
Run by..: Ken Williams
Alias...: tattooman
URL.....: http://www.ehap.org/
Comment.: Go. Read. Be enlightened, hacktivate.
Rating..: ***** 5/5
Reviewer: Ed.
Top 10/50/100/1000 etc lists:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.webfringe.com/top100?
http://www.hitbox.com/wc/world.100.HackingPhreaking.html
http://www.tazzone.com/top500/tally.cgi?section1=Hacking_Phreaking
http://www.splitinfinity.com/~top55/
http://www.linkz.net/cgi-bin/top250/
The links will no longer be maintained in this file, i've decided
to put up an indexed link list of reference material and current
hack and security sites on our web site instead of eating room in
the newsletter. Hell my search engines file is around 200k in and
of itself with just about every search engine/device out there
"stolen" mostly from spyking and other places of course. That won't
be up for some time though, i'll dig up the links to the sources as
well if I can find and verify them within a reasonable time with my
robot.. - HWA `Staff'.
A.2 Coolest Sig Award
~~~~~~~~~~~~~~~~~
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
_/ _/ Exxon Research & Engineering _/
_/ _/_/_/ _/_/ _/_/_/ _/ Kevin K. Sochacki _/
_/ _/ _/ _/ _/ _/ ICSBS CC124 (908) 730-2911 _/
_/ _/_/_/ _/_/ & _/_/_/ _/ mailto:kksocha@erenj.com _/
_/ _/ _/ _/ _/ _/ PERSONAL _/
_/ _/_/_/ _/ _/ _/_/_/ _/ mailto:kks@superlink.net _/
_/ _/ http://mars.superlink.net/kks _/
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Now someone was prolly paid to do this but its freakin cool so congrats
to Kevin (number one most common name for (in)famous hackers! <bg> for
receiving this most prestigious bit of scribble. Truly cool kev. can
I call you kev? good how about teddy baby? ok 'nuff with the python
time to shut this sucker down.
EoD
EoF
[TBC-JAN12th-1999] In Issue #4: "Special scratch and win" issue!!
AND a free toy! watch for it... - Ed
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
APOLOGY: THERE WAS SOME FUCKING STRONG LANGUAGE IN THESE ISSUES SO IF
YOU WERE EASILY OFFENDED WE STRONGLY URGE YOU TO CALL FOR
SOME COUNSELLING, 1-888-NO-PIRACY IS OPEN 24/7. PLEASE. IF
NOT FOR YOUR OWN SAKE, FOR THE SAKE OF OTHERS, SEEK HELP!
- Ed "hey, you can do some cool things with this staff!"
DISC-LAMER: IF IT WAS BAD, IT WASN'T ME. IF IT WAS GOOD, IT MAY HAVE BEEN
ME BUT I CAN'T SAY COZ I WORK FOR AGENT SCULLY AND ITS SECRET.
@HWA C*:.98'99
(C) Cruciphux/HWA.hax0r.news
(r) Cruciphux is a trade mark of my big hairy white ass productions.
"Mono power!" - BogoMIPr
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
[45:6E:64]-[28:63:29:31:39:39:38:20:68:77:61:20:73:74:65:76:65] 
