Copy Link
Add to Bookmark
Report
The International Rogues Guild 6
////// /////// ////////
// // // //
// /////// // ////
// // // // //
////// // // /////////
International Rogues Guild and Shadow/Net Presents...
IRG Newsletter v6.00 Released: 2/20/91
Written by: Haywire Edited by: Haywire
Hi everyone,
Heres IRG number 6 for ya, more people are getting interested
and I am happy about it. Theres alot of good stuff this time(like always,
hehe) so read up.
5.01 Table Of Contents
----------------------
5.01...................................Table Of Contents
5.02...................................Disclaimer
5.03...................................More About IRG
5.04...................................CyberPunk Follies
5.04b..................................State Of The Union Reply by Psycho
5.05...................................Letters From Prison
5.06...................................Planned Parent Hood For Cats by Damaged
5.07...................................Disposible Lighter Bombs by Psycho
5.08...................................Vending Machine Revenge by Psycho
5.09...................................The Art of Scanning by Control-S
5.10...................................Hacking CompuServe by Control-S
5.11...................................Dos Trips by Wasteland Warrior
5.12...................................Running The ShadowNet
5.13...................................VMB's From Hell
5.14...................................Hellos and Goodbyes
5.02 Disclaimer
---------------
All items in this newsletter are meant for informational purposes.
It is written to encourage illegal activities, I hope the reader is inspired
to break the law after reading all IRG Information. Of course the authors of
this newsletter cannot be held for anything that the reader does.
WARNING: Remember ALL explosives are dangerous, DO NOT, I repeat, DO
NOT mess around with any of the recipes for explosives, EVER! These recipes
are real, they can kill you, and anyone else. Make sure you know what you're
doing. Otherwise its your fault.
5.03 More About IRG
-------------------
We have one new ShadowNet member this issue and a new journalist.
Hopefully you people are getting the idea and starting to write things for ANY
group, just sharing the wealth of info out there. Until next time...
IRG Members Rank
----------- ------
Haywire IRG and ShadowNet Leader
Wasteland Warrior Part Time Programer,Game Winner,IRG Member
Psycho (615)ShadowNet Member
Dr. Digital (619)ShadowNet Member
Damaged IRG's "Sick" Member
Journalist
----------
Haywire
The Spectral Demon
Control-S
Kryptic Night
Psycho
Damaged
Wasteland Warrior
Thats about it, if you feel like becoming a member of either IRG or
ShadowNet. Please call one of the IRG nodes. If you would like to become and
IRG node again contact one of the IRG nodes.
5.04 CyberPunk Follys
---------------------
I have only gotten one reply to my "State Of The Union" speech, it
seems that either people don't care what I say or they areto lazy to call up my
board and give me a response. It seems that the Hacking community has
turned to shit more then I had thought. But maybe people will get the idea one
day and move on to a higher level.
5.04b State Of The Union Reply by Psycho
----------------------------------------
In response to Haywire's "State of Hacking Today" editorial in IRG #05, I would
like to make the following comments:
I agree with Haywire 100%- This shit over "Hacker Wars" has gotten WAY out of
hand... What in the hell is wrong with people?!? Isn't hacking supposed to be a
means by which we SHARE information and spread the wealth of knowledge? We
hackers have before us an incredible realm of POWER- This has been exhibited
time and time again; Everytime you hear of some kid who hacked into NASA or
someplace and got caught, there are probably dozens more getting away with
something just as spectacular.
In short, we have the ability to manipulate and control the flow of ALL manner
of electronic information. The authorities are starting to realize the actual
scale to which systems can be hacked into, but it is far too late to do
anything about it. For every hacker that gets busted, five more take his place-
and it's a never-ending cycle.
United and working together as one, hackers have the propensity to virtualy
control (or shut-down) many facets of our society on a GLOBAL scale: banking,
sattellite communications, military, law enforcement, etc., etc.... But instead
of working together, the hacker community is splintered into many factions, all
more or less working against each other. Instead of liberating information for
all, we are instead battling it out in our own little area codes, searching for
short-lived fame.
I'm not saying that we should shut down all systems and holds the world's data
for ransom; That would be futile. Instead, we need to help educate those with
an interest in hacking but lack experience. Not that we should toss info out to
anyone- There are still (and always will be) certain type of people that "just
don't get it"... A little information and a lot of stupidity can be a dangerous
thing with this type of "wanna-be". By a careful process of weeding out these
types, the data will begin to flow into the hands of those that can best put it
to use.
So, in 1991, let's try to unify and SHARE our expertise- And I think you'll
find that the hacking/phreaking community will benefit from this like never
before. Hats off to Haywire and everyone else involved with the IRG for
publishing this fine newsletter and making an effort for change.
-Psycho
5.05 Letters From Prison
------------------------
I have been getting alot of stuff, this issue and I am very happy about
it. The more the better, it always seems like I never have enough stuff. This
issue is pretty long getting into alot of good stuff. This is a great issue
check it out...
5.06 Planned ParentHood For Phelines by Damaged
-----------------------------------------------
Phile #1 of a series Unknown
@-@-@-@-@-@-@-@-@-@-@-@-@-@-
- @
@ Planned ParentHood for -
- @
@ Phelines -
- @
@-@-@-@-@-@-@-@-@-@-@-@-@-@-
WRiTTEN BY:
Damaged
2.14.91
iNTRO
Ok dudes this is my phirst seriers of Anrkey philes on Kat's. Don't you
just hate those little pussy's, i sure in the hell do. Anyways, the phile
is all How to do it yourself Home Kat abortions. Why the reason for kats,
well i hate the goddamn shitheads for specific reasons. That i won't get
into. Well enjoy the phile and have phun.
SHiT YA'LL NEED
Propane torch
Koat Hanger
Gloves <should be able to resist heat>
Rope <optional>
Nails <optional>
Hammer <optional>
Drugs
& a Kat of kourse
GET'N STARTED
Ok, now get the above required stuff. Now toke a little, phry or whatever
get's ya going. Phirst off take the koat hanger and bend it into a phairly
straight wire. Take the koat hanger and make a noose on one end. You need
to make sure that the noose is small enuf to phit into da Kat's Kunt.
PHUN PART
Ok now go out and phind yer victim. Well you have phound a kat, put on
the gloves so you don't get scratch to hell and back. Now this is where
the optional shit komes in. You kan either Nail the phucker to the ground
by hammer'n nails thourgh it's pheet. This technique i phind to be the most
effective. Or if your one of those squemish types (why the phuck are you
read'n this then??) you kan use the rope. Just spread the phucker's legs
to the phour korners. Tie the rope around each paw and tie to something
else. Now you have the kat down supplied and bagged. Reach over and grab
your nice instrument(koat hanger) and also grab the torch. Now you should
be still wear'n the gloves, if not jack'n off will be a little harder phor
you to do now. Anywayz, heat up the end of the noose with the oval end or
however the phuck you made it. Wait until the shit is shine'n real bright
orange or yellow. Some koat hangers will even turn white, now make sure
you don't melt the damn noose. duh Insert the heated end of the noose into
the kat's kunt, now jam the phucker all around, make sure you get every last
one of those bastard kittens outta there. After you have phinished, unnail
or untie the kat. Now i doubt it will walk away, but if you know who owns
that kat, be a phriendly neighbor and drop it off at their house phor them.
Now you really don't know which Kat is or not pregneat so hell try evey one
of those pussy's. Now this also works for dogs, and even try this on yer
girlphriend if you even knock her up.
OTHER SiCK SHiT
Now some other phun shit to do while do'n this. Bring along a tape recorder
or a kamcorder and record the shit. Go home listen or watch it over and
over again. Loads of phun dude. Now for you sick perverts, take a knife
and just make the kat's kunt big enuf to slide yer dick in, hell a phree
phuck. You kould also bang the phucker up the ass to if ya wanted. The
best part about this is that it's like bust'n a virgin everytime and you
don't have to wear a kondom either! Oh yea while ya do this phry really
hard too.
Yo'S & PHUCK oFF'S
Yo's to LoL-PHUCK, THG for thier latest kracks, Sam Brown for all his nice
back doors to Emulex, METALLiCA, Lutzifer, and all who think that they deserve
some yo's (yea right)
Phuck off's to PE Give it up, THG got yer ass Kicked, Acid Alliance, QSD
lamers, Alto's you need to UPGRADE big phuck'n time, leeches, and all those
K-Rad K0de KiDZ who do noth'n but phuck'n leech as hell and get Kaught too.
KALL THESE KiCK'N SiSTEMS
Insanity Lane..........619.591.4974 -=> IRG HQ <=-
Zanaphopia.............404.642.8703 -=> AoA HQ <=-
The Corrupt Society....619.630.8450 -=> NHA HQ <=-
Demon's Crypt..........516.791.1427 -=> SoC HQ <=-
Phreak Accident........404.977.4272
Latur dudes
Damaged
[--------------------------------- EOF ----------------------------------]
5.07 Disposable Lighter Bombs
-----------------------------
**************
* *
* Disposable *
* Lighter *
* Bombs *
* *
**************
by PSYCHO
Written EXCLUSIVELY for The IRG
For those of you who are budding anarchists or Mad Bombers, but don't feel
comfortable cooking up nitroglycerine in your mom's kitchen or making pipe
bombs in the garage, here's a fairly decent alternative that is safe, easily
transported, cheap, and effective if used properly.
All you need is a good supply of those shitty disposable lighters, like a Bic
for instance. These can be bought cheaply (or stolen, if you're so inclined) at
every damn convenience store between here and East Camelfuck, Iraq. Prices
range from about 39 cents for averaged-sized lighters, up to about $1.79 for
the extra-large ones, such as the Cli-Cla (my personal favorite- it is a HUGE
disposable, holding about 65% more butane than the large Bic! They're available
at fine truck stops everywhere...). Here is a chart to help you decide which
lighter is best for your explosive needs:
Lighter | Size of Explosion *
---------------------------|----------------------------------
Mini Bic | Small; 4 to 6 inch fireball
|
Scripto | Medium; 6 to 12 inch fireball
|
Regular Bic | Large; 12 to 18 inch fireball
|
Cli-Cla | HUGE; 24 to 30 inch fireball
--------------------------------------------------------------
*(NOTE: These sizes are only an APPROXIMATION based on past observances-
fireball size and intensity may be affected by such factors as
atmospheric pressure, wind speed, humidity, manufacturing defects, etc.
Your results will vary.)
As you can see by the above chart, some of these lighters can be quite
powerful. To give you a better frame of reference, consider the Mini Bic to be
as powerful as an average firecracker, the regular Bic as powerful as an M-80
firecracker ( a REAL M-80... You can only get them illegally in this country-
they are equal to 1/4 stick of dynamite), and the Cli-Cla as powerful as 1/3 to
1/2 stick of dynamite, under perfect conditions.
PREPARATION AND METHODS OF DETONATION
To prepare a lighter for use as an explosive device, the only real modification
that must be made is the removal of the flame guard. The flame guard is the
semi-elliptical piece of metal that is found on top of the lighter which
encases the gas jet and flame adjustment mechanism (if present). This is easily
removed by using a screwdriver (or even a finger) to pry away one edge of the
flame guard, and thus popping the whole thing loose.
With the above out of the way, you are ready for the placing of the device.
Keep in mind that since the laws of physics declare that a force will always
follow the path of least resistance, some forethought should go into the
placement of the device for best results. If you just want a purely-for-the-
hell-of-it explosion, the lighter can be placed on open ground, but for a
specific purpose, such as the destruction of an object, opening of a door,
etc., the lighter will need to be wedged as tightly as possible against the
target.
The only "timing device" you will have, such as it is, is the actual flow of
gas from the lighter. Some lighters have no flame adjustment mechanism, and
thus you have very little control over when the explosion will take place. On
lighters where the control is present, you will be able to approximate the
point at which detonation will occur. This is accomplished by turning the
adjustment wheel toward the <+> or <->, with the <+> side naturally exploding
faster. In some lighters, the maximum <+> setting can be over-ridden to allow
the butane to escape very quickly, but keep in mind that the faster the gas
escapes, the lower the power of the resulting explosion. You may find some
experimentation necessary with different types of lighters you plan to use
before you can become familiar with the approximate detonation times.
Once you have decided on a target and length of time needed to escape and/or
take cover, you are now ready to ignite the lighter. The most important element
to keep in mind it that the gas release lever MUST remain depressed for the
duration of time until the explosion occurs. There are many methods for
assuring this, as pointed out below:
A. Wedge the lever in the open position by placing an object between it and
the striking wheel.
B. Glue the lever down with a glob of Crazy Glue.
C. Tape the lever down with aluminum strapping tape (regular tape will not
work due to rapid melting).
D. Wire the lever down with a few inches of light-gauge copper wire.
These methods are not the only absolute choices you have, but I have always had
good luck with them.
Once the lever has been secured, you need to act as quickly as possible, to
ensure as little butane as possible is wasted. Using another lighter, ignite
the stream of gas escaping from the one you want to explode. Another factor you
might want to consider for timing is the physical direction of the tank of the
lighter in relation to the flame- If the flame is above the tank (as in normal
operation), it will take much longer for the heat to melt the plastic and cause
the detonation than it would if the tank was placed at a 45-or-so degree angle
with the flame being BELOW the tank. Here is a chart of approximate times based
on positioning of lighter and gas flow:
Gas | Lighter Upright | Lighter Inclined
Flow | (flame above tank) | (flame below tank)
==================================================
MIN. | 5-10 minutes | 3-5 minutes
--------|---------------------|-------------------
MED. | 3-5 minutes | 1-3 minutes
--------|---------------------|-------------------
MAX. | 1-3 minutes | 60 seconds or LESS
Again, these figures are APPROXIMATE- Times will vary according to many factors
including, material used in manufacture, quality of butane, etc.
Using the above chart as a guide, plus some experimentation on your own, you
should be able to discern timing factors relating to your individual needs in
certain situations. Of course, lighting the butane and allowing it to melt the
plastic tank casing is not the only method for detonating disposable lighters-
other possibilities include:
* Affixing a large firecracker or other small explosive device to the tank
* Placing the lighter in an open flame (campfire, fireplace, etc.)
* Placing the lighter on, in, or near a heat source (engine block, tail
pipe, oven, space heater, etc)
As you can see, however and wherever you choose to use a lighter as an
explosive, it is a cheap and (usually) ample solution. Always use great care
and common sense when handling ANY explosive device, and have your escape route
or cover picked out well in advance. Also be aware that, due to the materials
used in it's construction, an exploding lighter will hurl bits of metal and
molten/flaming plastic, sometimes for several yards in all directions.
HAPPY BOMBING!
Thanks to: Haywire & The MIGHTY IRG!
Special Thanks to: The Phantom Fireman for his pyromania expertise.
5.08 Vending Machine Revenge
----------------------------
VENDING MACHINE REVENGE
by Psycho
Written for the IRG
How many of you have ever been ripped off by a vending machine? I would guess
that EVERYBODY, at one time or another (and probably MANY times), has met up
with a "change eater". This can be frustrating as hell, especially if you're
hungry or thirsty and the machine took all the change you had. Worst of all,
many times the owner of the machine takes his sweet time getting it fixed-
After all, any money you lose is pure profit for him. The following is a
collection of various techniques that have been used with great success to
extract revenge on these money-grubbing bastards, and can put a few bucks in
your pocket as well. I guess some unscrupulous person COULD use this
information just to rip off other hapless consumers, but that is their
discretion (ha ha!).
1.0 SLUGGING
This is one of the most common forms of Vending Machine Revenge (from
herein referred to as VMR), and also one of the safest. Basically this
involves putting something into the machine that is not a coin, but the
machine will think it is. Experimentation of a high degree will be in order
here, as all machines have different levels of sensitivity. Some of the
more common items used include: metal washers, arcade tokens, foreign
coins, plastic discs, etc. I think you get the idea. I have even heard of
people using a bench grinder to file pennies down to dime size, but that
seems like an awful lot of work for 9 cents, but how you want to spend your
time is up to you. Again, you'll have to experiment a lot with this one. If
anyone finds some that work particularly well, leave me a message on the
IRG/Insanity Lane node, and I'll draw up a chart for a future issue.
2.0 TIPPING
Another quite popular method, this is accomplished by physically tipping
the machine forward as far as you can get it, hence the name. This works
best on those machines that have potato chips and stuff dangling from long
metal rods, and also those that use spiral rods to hold the stuff. If you
want to use this method of VMR to the fullest, it's best to take along a
couple of stout friends. Reason being, you will get the best results by
practically putting the front of the machine down to the floor, and some of
these bastards can be REAL heavy. So, DON'T try this one alone (unless you
look like Arnold Schwarzeneggar), and make sure you do it quietly and in an
out of the way area to avoid getting caught.
3.0 ROCKING
The Rocking method for VMR is similar to the above, but is seems to work
best on coke machines which dispense cans. To get free cokes, you rock the
machine back and forth, really banging the hell out of it. This confuses
the machine's coin mechanisms, and it will usually start spitting out
cokes. This VMR method will also require the assistance of friends, for
obvious reasons (coke machines are the heaviest of all vending machines).
This one must also be executed in a very deserted place, due to the
excessive noise level created. You'll also want to remember to take along
some backpacks, pillowcases, etc., to put your free cokes in. I have seen
machines completely emptied using this method.
4.0 PLUGGING
So far, we've only discussed methods with which you can obtain free snacks-
Now, here's one that can net you some good pocket change. Unfortunately,
this will only work as described on newer coke machines. Perhaps with
experimentation, it can be adapted for use on other machines. Plugging is
accomplished by doing just that- you use something which will get hung in
the coin slot, such as a penny, slug, etc., but will still fall through
when the coin return is pressed. On newer coke machines, the coin return is
a long piece of horizontal metal that presses straight down. After
inserting your plug, use a flat-blade screwdriver to bend the coin return
bar so that it cannot be depressed. Now, take the rest of the day off and
do whatever. When you return later that night, use your screwdriver to bend
the return lever in the other direction. When you press it down- JACKPOT!
You get all the coins that other people have "lost" that day. Rotate among
different machines, and don't plug the same one more than once a week to
obtain best results. By doing this to enough machines in various locations,
it's possible to make around $100 PER DAY (the average take for one machine
is usually around $5). Another good place to do this occasionally is coke
machines in expensive hotels, since they usually inflate the price of their
drinks by 50% over normal machines. Be extremely careful and don't get TOO
greedy, and this method is very safe.
5.0 JAMMING-1
This type of VMR is one of the best for getting lots of free stuff. What
you do is actually jam the "product chute" (where the goods come out). Any
manner of things can be used to do this. For instance, open the little door
on a coke machine where the cans come out. Now, take a stick, huge wad of
paper, etc., and cram it as far up into the machine as you can comfortably
reach. This will block the arrival of anyone's purchase, and you only have
to pull out whatever you blocked it with on your return to retrieve the
stuff. On cigarette machines, you can even put tape over the side slot
where the smokes are dispensed to accomplish this. As in some of the above
methods, experimentation will be in order here to learn about the machines
in your area. This is a fairly safe method of VMR.
6.0 JAMMING-2
This is the same as the above method, but instead you jam the change return
slot. It's not as profitable as screwing up the coin return, but hey- it's
FREE money. You may have to use a small wire to accomplish this on machines
that have a small door that opens inward on the change slot. Again, if done
smartly and not too often to the same machine, this VMR method is safe.
7.0 ZAPPING
Personally, I have never been able to get this one to work, but I know
people that swear by it and say they use it all the time. Also known as
"shorting", this type of VMR involves locating the socket where the machine
is plugged in, and rapidly working the plug back and forth, causing the
electronics in the machine to screw up. I'm told it only works on machines
that have an LED display showing the amount you've dropped in. One person
claims to have "maxed-out" the display at $9.99 and got that much OUT of
the machine when he hit the coin return! Like I said, I've never been able
to do this, but there are lots of people who claim it can be done.
Experiment and find out for yourself, and drop me a line if you get it to
work.
8.0 KILLING
This isn't as drastic as it sounds- It actually means that you unplug the
machine, thus "killing" the power to it. Some machines, when unplugged,
will simply NOT return any coins. And, you'd be surprised at how many
people will go ahead and stick money in a machine, even if it's not lit
up... And most people won't look for the plug to check it, either. This is
a very safe, quiet method that has been proven to work on certain machine.
As before, experiment with machines in your local area.
Well, that should be enough ideas to get you started- I'm sure there are many,
many more. If you have a particular favorite, leave me e-mail on Insanity Lane
and I'll include them in any future updates of this article. In the meantime,
just remember not to get too greedy, and you can have a tidy little income from
your VMR exploits.
Thanks go to: Haywire & the IRG for publishing the newsletter and allowing me
to write this article.
Special thanks to: The Bubblegum Bandit, H.R. Puffenstuf, & Headhunter for
their input in compiling this article.
5.09 The Art Of Scanning by Control-S
-------------------------------------
+++++++++++++++++++++++++++++++
++ ++
++ The Art Of ++
++ *->> Scanning <<-* ++
++ ++
++ By: Control-S ++
++ ++
+++++++++++++++++++++++++++++++
This file is written for International Rogues Guild (IRG), and is
the second in a series of files aimed towards the begining hacker.
If you've been around a while, you will most likely find nothing
of use here.
Part 1: Scanning, the art of
Part 2: Scan-Pages v1.00
Disclaimer: This phile is for informational purposes only, and I
cannot be held responsible for the actions of anyone reading it.
WARNING: If the words "k-kewl", "d00d", or "k-elyte" are a part of
your every day vocabulary, stop reading now, you are to far gone for help.
Scanning:
Scanning is one of the most legal aspects of hacking, and a lot of fun too.
I'm not saying that scanning IS legal, I really doubt you could get anyone
to answer that question. If the SS wants to bust you, they will do it for
scanning, or anything else they feel like, if theres no law against it,
they will make one up! You can't win, so I would just recommend that you
watch your step no matter what you do.
You can scan many diferent places, like x25 networks such as TymNet and
Tele(Sprint)Net or simply telephone exchanges, which is what I'll be
going into here: Scanning your local exchanges, I basically view this as
'getting to know your neighborhood' - its good to get an idea of how
many modems are in yer area, and just what sort of 'puters are connected
to them. You'll more than likely come across a few Unixes, and some VMS',
if you're lucky, you'll find a LAN or WAN, and be able to reach a bunch
of different systems from one number, some of these even connect to far
systems, some with outdials (which you can scan other areas through), or
gateways (where you can hook into even more systems and/or psn's).
Things You Need:
*Personal Computer - (almost any type) (Amiga recommended)
*Modem - (any baud) (at least 2400 recommended)
*A Wardialer or Scanning program - These are available for just about
every type of computer, but if you can't find one, they are easy to
write yourself, in either basic or even scripting. (I would highly
recommend you write your own, its a good way to get started programming
and you can customize it to do exactly what you want it to.)
*References - You should have on hand (or commited to memory) some
text files or manuals that will help you identify the systems you find,
and then give you and idea of how to get in and possibly use them.
(You can find detailed 'how to' files on just about any operating
system you might find in many Phrack newsletters, if you don't have
them all, get them!) - (See appendix A of this file for simple system
identification).
*A little common sense - sorry, you're on your own with this one.
Getting Started:
Using that little bit of common sense, you should fire up your computer
and modem. (If you can't get by this part, you should stop reading this
file immediately, run down to your nearest computer store, and trade
your PC in for a nintendo!)
For best results, you will want to do some sort of sequential scan, this
way you won't miss any carriers. If you are paranoid about leaving a
sequential patern, (the SS looks for this sometimes, trying to catch
'c0dez kidz') then you will have to make some part of the dialing random.
Making the whole scan random has a few problems; if you wan't to make sure
you get all of the numbers, and don't keep going over the same ones, you
have to keep track of all the numbers dialed and check it every time
before dialing. This is a big waste of time, the best way to do a sequential
scan without a patern, is to use a node dialer. Node dialers are common
in code hacking programs, and these are easilly modified to just scan.
The ideal configuration for a node dialer (the one I use) would be to
use 10 nodes, each scanning 1000 numbers in the same exchange, then just
randomize which node is dialed.
Example:
Node 1 Dials 0000->0999
Node 2 Dials 1000->1999
Node 3 Dials 2000->2999
Node 4 Dials 3000->3999
Node 5 Dials 4000->4999
Node 6 Dials 5000->5999
Node 7 Dials 6000->6999
Node 8 Dials 7000->7999
Node 9 Dials 8000->8999
Node10 Dials 9000->9999
ATDT <prefix>+<random node>
This method is just as fast as dialing them straight out, you don't
miss any numbers, re-dial any numbers, and you aren't using any
detectable dialing pattern (other than possibly 300 calls per hour).
Now that you've got your dialer configured, you need to find a good time
to scan. Again, if you're paranoid, you should stick to scanning
between 9AM and 5PM. This is for two reasons; 1) This is the when most
buisness calls are made, and in the huge volume, you will be that much
harder to detect. 2) If you DO get busted (can you imagine going to court
for such a thing? hah!) you will have a good case, as many people dial
sequential numbers durring this time, (re: telemarketers, surveys...).
This is also probably the time when you'll be at work/school/whatever,
so you won't be needing your CPU. (I personally scan while I'm asleep,
at night - I'm not that paranoid!) As a rule of thumb, don't watch the
dialer. For some reason, no carriers are detected while you watch the
scan in process. (I've heard rumors that this is the result of a minor
disturbance in the local space-time-continuum caused by invisible
emissions from the iris, but have seen no proof to back this theory.)
Okay, now you have your dialer ready and a good time to scan. Fire it
up and check on the progress every few hours. After you scan out a fair
sized list of carrier signals, you should give the dialer a rest, boot
your favorite term program, and investigate all your finds. Don't expect
to see something like this: "Welcome SysOp!" on the systems you check,
in fact, expect nothing. Many systems don't wave any banners or tell
you anything, you have to try and coax a responce out of them. Things
to try would be: <Carriage Return>'s, Ctrl-C, or any other Ctrl-'s,
(if you send a Ctrl-S, be sure to send a Ctrl-Q after it, because many
systems use this as a 'halt-output' switch, and you may discover the
right keys to press, but never know it because all output is stopped.
Try sending "..." or @'s, [Esc], and sending a hard break almost always
gets some responce, if none of the above work, try any character on
the keyboard, and words like "boot, start, run, load, logon, login".
If you have an external modem, keep an eye on the "Recieve Data" light,
if it flickers and you aren't getting anything echoed to your screen,
or possibly a lot of garbage characters, switch to 7E1, or call back
at a lower baud rate. (I've found a bunch of systems with modems that
will connect you at 2400, but the com ports will only transfer data
at 1200 or 300) If you try everything and can't get any responce at all,
it could be a company which turns its computers off at night, but
leaves the modem on (so call back in the day), a crashed system, or
a hacker who got your scan-call at 3am and wistled an unerring 8N1
into his reciever at a steady speed of 2400 bits per second. -heh
When(if) you identify the operating system, break out your references,
and try all the default accounts. If you get in on a default, but
you're unfamiliar with the particular OS, don't mess around, just log
off and do a little research, learn how to turn off all the logging and
cover your tracks, then go back and have phun to your hearts content.
Remember: keep notes on all the systems you find. You never know when
some ancient OS might come in handy, or what you might find that
relates to any system while trashing at a later date!
Apendix A:
The following is a short chart to help you identify operating systems.
System Prompt Default Accounts/Passwords
--------- -------------------- -------------------------------------
Unix login: -or- Login: root,daemon,bin,sync,uucp/(unpassworded)
VAX Username: SYSTEM/MANAGER -or- FIELD/SERVICE
DEC-10 User ID: 1,2/ ?
HP-?000 PLEASE LOG IN: HELLO,MANAGER,
Iris ACCOUNT ID? MANAGER
VM/CMS IBM VM/370 ONLINE logon (user id)
NOS FAMILY:
Primos "PRIMENET XX.X.XXX" login SYSTEM/SYSTEM -or- OPERATOR
* This hardly all-inclusive, only the ones I know from memory, you should
try and compile your own list, and add new systems to it regularly.
This has been a phree Speech publication, (C) pSp and IRG 1991
As usual, I can be contacted for whatever on any of the IRG nodes, or
IRG e-mailing addresses. Please mark all comments "Attn: Ctrl-S".
Control-S, Freelance G-File Artist (for hire)
Scan-Pages v.99b:
Note: Unfortunately, I will be unable to finish my current scan in time
for the next IRG release, so I stuck this partial scan in to fill the
spot. Look for a complete scan in v1.00, next IRG.
NPA/NUM-BER Baud System/Comments
------------ ----- --------------------------------
619/259-0038 n/a ?/constant tone
619/270-0017 1200 ?/has echo on
619/270-0038 2400 ?/"Unauthorized User, Call Recorded and Disconnected"
619/753-0006 n/a ?/constant tone (may be loop)
619/753-0013 n/a ?/constant tone
619/753-0171 1200 ?/"D29 System C, Node XX, Line XX"
619/753-0172 1200 ?/"D29 System C, Node XX, Line XX"
619/753-0173 1200 ?/"D29 System C, Node XX, Line XX"
619/753-0174 1200 ?/"D29 System C, Node XX, Line XX"
619/753-0175 1200 ?/"D29 System C, Node XX, Line XX"
619/753-0176 1200 ?/"D29 System C, Node XX, Line XX"
619/753-0243 2400 ?/(sending a hard break makes hangup)
619/753-0287 1200 TRW Dialup
619/753-0288 1200 TRW Dialup
619/753-0548 1200 ?/"D29 System C, Node XX, Line XX"
619/753-0716 1200 ?/"ALPHA BASE, PLEASE LOG IN:"
619/753-0738 1200 ?/(just hangs up, maybe callback security?)
619/753-0911 1200 ?/(response to break ^Z)
619/753-0916 1200 ?/(response to break ^Z)
619/753-0933 1200 ?/(response to break ^Z)
619/753-0962 1200 ?/(response to break ^Z)
619/753-0981 2400 HP-?0000/PLEASE LOG IN: (try 'help')
619/753-1550 2400 PC-Plus Host Mode/ American Bamboo Society
619/753-2614 1200 ?/(absolutely no activity - a modem with no 'puter?)
619/753-2728 2400 "Host Name:" (^C will get "User ID:") (CIS, node ENC)
619/753-1654 2400 ?/Esc will get "ACCOUNT-ID: / PASSWORD:"
619/753-1079 1200 ?/"D29, System C, Node XX, Line XX"
This is hardly a complete list, its more or less the result
of boredom, and fairly random scanning through an outdial, it does
cover about 1/3 of the 619-753 exchanange, but I never finished because
of lack of time and other projects taking precedence. I would like
to try and organize a concerted effort to map out any/all NPA's, and
eventually publish a masterlist of all detectable carrier signals. Its
easy to do, and you can usually let yer computer scan while yer gone
to school/work, so if you'd be interested in helping out, leave me a
note on one of the IRG boards and tell me the NPA and excknçes you'd
be `BLe to scan, via local call or some sort of outdial, so we can make
sure that different people aren't wasting time scanning the same exchanges!
Anyone who helps to build the list will g1 at Glasgow
End of file - Frm 9; Next>
6.BBSs From Hell
----------------
Here is this issue's installment of BBSs From Hell.
Board Name Phone Number NUP SysOp
-------------------------------------------------------------------------------
Shadow's Of Doom 313/274-5630 ? ?
Fornax 408/370-0722 ? Briareos
The Rocky Mountains 714/530-6258 ? ?
The CorrupT SocieTy 619/630-8450 Defiance The Spectral Demon
Land Of Karrus 215/948-2132 Nightmare Scooter
Next issue we will have five more Elite BBSes for you to try. Sorry if I have
placed your bbs number on here without your knowing, if you would like it
removed from the master list please E-mail me at Insanity Lane 619-591-4974
NUP: Last Try.
7.VMBs From Hell
----------------
Heres a little plus I decided to have in each IRG news, a VMB list it
will work like the BBS list in that I will have 5 VMBs each issue and every so
often I will have a master list printed. All changes to VMBs will be posted in
each IRG News.
VMB Number Box Number VMB Use
-------------------------------------------------------------------------------
1-800-877-7594 Code Line
1-800-848-1488 * 0 Code Line / Info Line
1-800-741-5881 9 + * * 1111 Code Line / Info Line
1-800-950-0203 289 Time Lord's Code Line/ Info Line
1-800-950-0203 617 Code Line / Info Line
Well thats it for this installment of VMBs From Hell. If you would like you
VMB in IRG News please leave mail at IRG/ShadowNet VMB #1 1-800-527-0543 Box
Number: 8 + 158.
8.Running The ShadowNet
-----------------------
ShadowNet is the newest addition to IRG. It is a information service
for anyone willing to pay. ShadowNet works the way a Private Investigator
works...you pay us to find out information on people, except we will do much
more than that.
We will go one step farther than any PI would go. We will change his
phone #, send him 100 pizzas, or ruin his credit rate. Of course the more you
pay the better you get. At the beginning we will work for free to show that we
can do what you ask. So get your orders in fast. All we need is a name, phone
number, handle, whatever. The more information you start giving us the
more you will get back. I also am in need of "agents" or people to help work
with me. I hope to get at least one person in each area code so information
can be found easier and faster. Of course you are not restricted to the
computer oriented community. We can and WILL find information on ANYONE. We'll
also work for anyone who is willing to pay. So let's hear from you, either on
my BBS/VMB. Give me your voice phone number, and your name. I will contact you
for who you want ShadowNet to find out about. If you would like to join leave
the same info but tell me that you want to join. Simple enough. Until Next
time.
9.Hellos and Goodbyes
---------------------
So you are now done reading IRG-03, I hope you enjoyed yourself. I am
sure the more IRG Newsletters me and The Spectral Demon put out the better they
will get, if possible. TSD and I have worked hard on this newsletter and now its
your turn. Hurry & get those letters in for the next IRG News. Now for the
hellos & goodbyes, greets and etc!
FiRM what ever happened to you?
INC ditto!
Kryptic Night do you do Magic Mushrooms?
PHA whats next for you?
* Greets to Elite Tabloid Underground
What ever happened to the Elite community? Strike Back!
Remember: Big Brother Is Watching
Freedom Of Speech!
* - Entries marked with *'s are by The Spectral Demon only
-------------------------------------------------------------------------------
This Is An Offical IRG/ShadowNet Production All Rights Resevered
Copy Write (C) Jan. 1 1991
-------------------------------------------------------------------------------
Call The IRG HeadQuarters:
Insanity Lane
Home Of IRG
619-591-4974
NuP: Last Try
Running Aftershock 1.21
Call here for the latest in IRG Productions, and invaluable P/H/C/A
information found nowhere else, except at:
The CorrupT SocieTy
IRG Node 02
619-630-8450
NuP: Defiance
Running AfterShock 1.21
Also Call This Fine IRG/ShadowNet VMB #1
1-800-527-0543
Box Number: 8 + 158
First of course you MUST
check for the privileges of the user (just like in the above program), then
try:
$open/write file sys$scratch:adduaf.tmp
$write file "$ RUN SYS$SYSTEM:AUTHORIZE"
$write file "MODIFY NAME/PRIV=SETPRV"
$close file
$@sys$scratch:adduaf.tmp/output=sys$scratch:adduaf.dat
$del sys$scratch:adduaf.*;*
This little patch in the coding will modify your own users privileges and give
them SETPRV when the superuser executes this routine. The trick is to hide it
within some other program so he doesn't even realize he has done anything! Of
course after the routine has been successfully executed, the original coding
should be put back. There are many places you can put this routine, including
ADDUSER.COM (if you have write access)! That would mean, every time the
system manager went to add a new user, he would also boost your privs! HaHa,
quite ironic eh?! The farthest thing that he wants to do, and you make him do
it without even realizing. Of course you should use your imagination and put
this or a similar routine in a place where it will be quickly executed. The
longer the code stays around without being execute, the more chance that it
will be discovered. An optimum program would be something that the
users/operators execute frequently (eg notes, mail, phone etc) Other good
places are the LOGIN.COM and SYLOGIN.COM files. Just remember to cover your
tracks once you're done!!
This is but a brief introduction to Trojans and the like. You should use your
own imagination to come up with other ways of making the system operators
succumb to your wishes...heh heh.
DCL PROGRAMMING
---------------
No file would be complete without at least mentioning programming Command
Procedures. Basically, these are like BAT files from MS-DOS or script files
from UNIX. They form a rudimentary but powerful language that allows you to
quickly create small programs to handle most simple tasks. This section is not
intended to be a a full blown tutorial on programming in DCL, rather its an
introduction to what it is all about.
It is quite easy to pick up programming in DCL and the best way to learn is to
have a look at some of the COM files you will find on the various VAXes that
you hack on. By studying these, you can quickly learn the methods on how to
perform
certain routines. Below I have listed some of the commonly needed routines
when programming in DCL:
PASSING PARAMETERS
Parameters can be passed to DCL programs directly from the shell in several
ways. Here are a few examples:
(1) @sample 24 25
When you execute this, the values 24 and 25 are passed to the sample.com
file in the variables p1 and p2 respectively. ie p1=24, p2=25
(2) @sample Paul Cramer
p1=PAUL, p2=CRAMER
(3) @sample "Paul Cramer"
p1=Paul, p2=Cramer
(4) name= "Paul Cramer"
@sample 'name'
This example demonstrates the m K of passing predefined variables to a
command procedure. In this case, p1=PAUL, p2=CRAMER
(5) name ="""Paul Cramer"""
@sample 'name'
Note that passing the variable in three double-quotes preserves the case.
p1=Paul, p2=Cramer
GETTING INPUT
Often it is necessary to get some sort of input from the user when executing
a command procedure. This is performed through the INQUIRE command. Some
examples follow:
(1) INQUIRE variable "prompt"
This will display the 'prompt' message and then wait for input. The string
passed is kept in 'variable'
(2) INQUIRE/NOPUNC variable "prompt"
When you specify /NOPUNC, the prompt will NOT be followed by a colon and
space as is the default.
(3) INQUIRE/LOCAL variable "prompt"
INQUIRE/GLOBAL variable "prompt"
It should be noted that if you specify /LOCAL, the variable will remain in
the local symbol table accessible only by this particular COM file. If on
the other hand, you specify /GLOBAL, the variable is placed in the global
symbol table and is made accessible to other files.
(4) IF pn .eqs. "" THEN INQUIRE pn "prompt"
You can use this method to check if a certain variable (pn in this case) is
null or not. If it is, you can ask for input.
(5) READ/PROMPT="prompt" SYS$COMMAND variable
This is another method of getting input.
SUPPLY INPUT FOR A PROGRAM
Often you may need to create a file and get input from some outside source.
Again there are several ways of doing this. Here I will outline three
different methods:
FROM DATA :- CREATE TEST.DAT
data line 1
data line 2
:
:
etc etc
FROM TERMINAL :- DEFINE/USER_MODE SYS$INPUT SYS$COMMAND
CREATE TEST.DAT
FROM A FILE :- DEFINE/USER_MODE SYS$INPUT TEST.INPUT
CREATE TEST.FILE
OUTPUTTING INFORMATION
In general when outputting information, you should always send it to SYS$OUTPUT
What this does is automatically write to whatever the user has defined as
SYS$OUTPUT. It doesn't matter what type of terminal or whatever it is, but it
will send it in the correct format. Some examples follow:
(1) WRITE SYS$OUTPUT "literal text"
This will print 'literal text' on your terminal.
(2) WRITE SYS$OUTPUT symbol-name
This will print on your terminal whatever value is held in symbol-name
(3) WRITE SYS$OUTPUT "literal text ''symbol-name' literal text"
This example shows how you can mix in normal text with a variable and
follow it by more text.
(4) TYPE SYS$INPUT
this is a sample message
that is spread out over
several lines.
You would use this method whenever there are more than a few lines of text
to be printed.
WRITING TO A FILE
You will find that many times when writing a COMmand procedure you will need to
save certain information to a file. This can be accomplished with a routine
similar to:
OPEN/WRITE FILE TEST.DAT
WRITE:
INQUIRE DATA "Input Data"
IF DATA .EQS. "" THEN GOTO DONE
WRITE FILE DATA
GOTO WRITE
DONE:
CLOSE FILE
I will give a quick breakdown of what is going on here. First you open the
file that you want, including the /WRITE qualifier followed by the filename.
This sample program simply inputs data, writes each line to a file and exits
when the user hits RETURN on a blank line. Simple but effective text input
facility.
READING A FILE
Once you have written a file, you will often need to read that information back
in again. For example you may keep track of when the person last ran the file.
Each time the file is run, you would save the time/date to a file, and then
read it back in, and display it on each subsequent execution. The sample
structure of a read routine would be:
OPEN/READ FILE TEST.DAT
READ:
READ/END_OF_FILE=DONE FILE DATA
.
.
.
GOTO READ
DONE:
CLOSE FILE
This routine would loop and keep reading a file, one line at a time, storing
the information in DATA until the end of file is detected.
CONDITIONAL LOGIC
No programming language would be complete without the ability to perform logic.
Although it is very simplistic, it provides just enough power to handle most
simple conditions. Some examples:
(1) IF p1 .EQS. "" THEN GOTO DEFAULT
In this example the procedure checks to see if the parameter passed in p1
is NULL or not. If it is then the program branches to DEFAULT
(2) IF p1 .NES. 10 THEN GOTO end_label
.
.
.
END_LABEL:
Here we see that if p1 does not equal 10 then the program branches to
END_LABEL, otherwise it continues.
(3) COUNT = 0
LOOP:
COUNT=COUNT+1
.
.
.
IF COUNT .LE. 10 THEN GOTO LOOP
EXIT
This example shows how to establish a loop in a command procedure, using
the symbol COUNT and an IF statement. The IF statement checks the value
of COUNT and performs an EXIT when the value is greater than 10
EXPRESSIONS
The data operations and comparisons are listed below in order of precedence
beginning with the highest (operations and comparisons grouped together in the
table have the same precedence).
+--------+---------------------------------------------------------+
Operator Description
+--------+---------------------------------------------------------+
+ Indicates a positive number
- Indicates a negative number
+--------+---------------------------------------------------------+
* Multiplies two numbers
/ Divides two numbers
+--------+---------------------------------------------------------+
+ (1) Adds two numbers
(2) Concatenates two character strings
- (1) Subtracts two numbers
(2) Subtracts two character strings
+--------+---------------------------------------------------------+
.EQS. Tests if two character strings are equal
.GES. Tests if first character string is greater than or equal
.GTS. Tests if first character string is greater than
.LES. Tests if first character string is less than or equal
.LTS. Tests if first character string is less than
.NES. Tests if two character strings are not equal
.EQ. Tests if two numbers are equal
.GE. Tests if first number is greater than or equal to
.GT. Tests if first number is greater than
.LE. Tests if first number is less than or equal to
.LT. Tests if first number is less than
.NE. Tests if two numbers are not equal
+--------+---------------------------------------------------------+
.NOT. Logically negates a number
+--------+---------------------------------------------------------+
.AND. Combines two numbers with a logical AND
+--------+---------------------------------------------------------+
.OR. Combines two numbers with a logical OR
+--------+---------------------------------------------------------+
LEXICAL FUNCTIONS
-----------------
That concludes the introduction to DCL programming. One thing that you should
keep in mind is that many powerful string editing and environment information
commands can be accessed from COM files. These are called the LEXICAL
functions There are too numerous to list them all here, so I will just provide
a summary of the primary lexical functions and a brief description:
LEXICAL DESCRIPTION
-------------+------------------------------------------------------------------
f$cvsi !converts character string data (signed value) to an integer
f$cvtime !retrieves information about an absolute, combination, or delta
time
f$cvui !converts character string data (unsigned value) to an integer
f$directory !returns the current default directory name string
f$edit !edits a character string based on the edits specified
f$element !extracts an element from a string in which the elements are
!separated by a specified delimiter
f$environment!obtains information about the DCL command environment
f$extract !extracts a substring from a character string expression
f$fao !converts the control string to an ASCII string
f$file_attrib!returns attribute information for a specified file
f$getdvi !returns parameters for a specified device
f$getjpi !returns accounting, status and identification info for a process
f$getsyi !returns status and identification information about local or
!remote nodes.
f$identifer !converts an identifier in named format to its integer equivalent
f$integer !returns the integer equivalent of the result of an expression
f$locate !locates a character substring within a string and returns its
!offset within the string
f$logical !translates a logical name and returns the equivalence name string
f$message !returns the message text associated with a system status code
f$mode !shows the mode in which the process is executing
f$parse !parses a file spec and returns either the expanded file spec or
!a particular field that you specify
f$pid !for each invocation, returns the next PID in sequence
f$privilege !returns a value of TRUE or FALSE depending on whether your
!process privileges match the privileges listed in the argument
f$process !returns the current process name string
f$search !searches the directory and returns the full file spec for any
file
f$setprv !sets the specified privileges and returns the previous state
f$string !returns the string equivalent of the result of the specified
!expression
f$time !returns the data and time of day in format: dd-mm-yy hh:mm:ss.cc
f$trnlnm !translates a logical name and returns the equivalent name string
f$type !determines the data type of a symbol
f$user !returns the current user identification code (UIC)
f$verify !set or read current command procedure state
-------------+-----------------------------------------------------------------
This list just outlines the main lexical functions. Within each function there
may be many more subfunctions. If you need help on any of these functions or
their subfunctions, just type HELP lexical [lexicalname] at any DCL prompt ($)
ERROR MESSAGES
--------------
Occasionally when you are using DCL, you will come across error messages that
are sent to you by the VAX. Here I will give a break down of what the
different fields in the message represent and how to interpret them. First of
all, the general format of an error message is:
%facility-l-ident, text
NOTE: not all messages are ERROR messages. Often it is only an informational
message telling you that a certain task was successful or whatever. In
any case here is what each field means:
facility -this is the name of the facility that produced the error (for
example, CLI for the Command Language Interpreter).
l -this is a one letter code indicating the severity of the error.
The severities are:
I - Informational E - Error
S - Success F - Severe error
W - Warning
ident -this is an abbreviation for the message text.
text -this is a short description of the nature of the error.
Here is an example of an error message, and how to interpret it:
%SYSTEM-F-NOCMKRNL, operation requires CMKRNL privilege
The percent sign in the beginning tells you it is a system message from the VAX
the first field (SYSTEM) indicates that it is a SYSTEM error. The second field
(F) shows that it is a severe error. The third field (NOCMKRNL) is a short
abbreviation showing that you do not have the CMKRNL privilege, and the actual
text is followed giving the error in TCHING
Downloaded From P-80 Systems 304-744-2253
Downloaded From P-80 International Information Systems 304-744-2253 12yrs+