---[ Phrack Magazine Volume 8, Issue 52 January 26, 1998, article 02 of 20 -------------------------[ P H R A C K 52 L O O P B A C K --------[ Phrack Staff [ Ed. note: The letters are perhaps editted for format, but generally not for grammar and/or spelling. I try not to correct the vernacular, as it often adds a colorful perspective to the letter in question. ] 0x1>-------------------------------------------------------------------------- [ P51-02@0x14: ...Xarthons submission about Linux IP_MASQ in Phrack 50... ] In reply to Swift Griggs ranting about my stupidity, (and disrespekt i recieved from the rest of the AOL community) Swift: the 'problem' in IP_MASQ which I reported was not meant to be considered a security problem, rather a notification of a potential problem, or at least this is what i was told. i stole this 'problem' from a evil hacker who works for the NSA. at the time, if i had been aware that the info i ripped from him was totally false, i would have said so in the letter. and believe me, if [named_removed] was awake more than 5 minutes a day i would be severely anal at him for informing me of this false intelligence. the main thing the hacker/phracker/aol community needs to learn from this event is that when giving information to be ripped, it should be correct. next time ill make sure to reword the context i have pasted with GPM properly. btw, i must apologize for the tabs in this letter, pico has proven difficult to use. i must go, i have to pry this gerbil off my flacid cock. thanks, and keep hackin! xarthon 0x2>-------------------------------------------------------------------------- [ P51-02@0x1b: You have our permission to write r00t on your backpack. ] That may be the funniest response to a letter I have ever read. Your response to MICH Kabay was a close second. The wait was well worth it. I would rather see quality Phrack 2 or 3 times a yar than crap delivered every 3 months. I have to get back to reading now.... pip (John) [ Go away Pip, nobody likes you. ] 0x3>-------------------------------------------------------------------------- [ P51-02@0x2c: I have a question regarding a certain piece of hardware... ] It's a barcode scanner used at some terminals, such as public libraries. You plug it in between the keyboard and the computer, and when you want to scan in a barcode from a book being checked out or an item being purchased, you push the button on the SCANNER and it outputs the barcode in ASCII numeric just as if it had been typed in from the keyboard. So, now ya know. Unknown/604 -- d00d, that's a s00p3r s3kr3t CIA, FBI g0vt. c0nspir@cY k3yb0ard f1lt3r!!@@!21 Actually, your mystery device sounds more like the "box" that connects between the keyboard and a barcode scanner. The "SCANNER" connector is where you'd plug in a typical "wand" or "gun" barcode reader. Not much you can do with it by itself, IMO. Again, it might be something else, but that's what it sounds like to me. [email protected] -- What this sounds like is the interface from one of the wand or lightgun-type laser barcode readers. These can be seen in action at some of the retail outlets around here for reading barcodes from clothing price tags or whatnot. One of those useful inventions that came out of turning 386's into POS terminals. It's probably useless without the accompaning wand, but you might keep it around and try to find the missing part. wiz -- [ We received a gaggle of responses to this inquiry. To those of you who sent in responses, our humblest thanks. ] 0x4>-------------------------------------------------------------------------- Hi! I need your help! Tell me, please, where I can found information via Internet about Carding (Scheme of reader/writer and etc.) thanks. Bye. [ http://www.etexguide.com/cardtricks ] 0x5>-------------------------------------------------------------------------- [ P50-03: Portable BBS Hacking by: Khelbin ] Dear Phrack, An old article of mine entitled "Portable BBS Hacking" appeared in Phrack issue 50 under the line noise section. In Phrack 51, a reader expressed that he/she was frustrated at not being able to apply the techniques that were described in my article. Please publish this response in Phrack 52 Let me state right off the bat that "Portable BBS Hacking" was not written to specifically expose any one software-specific problem. Instead, the article introduced a potential security threat to all BBS software so that SysOps around the globe could check for such vulnerabilities and correct the problem if it was present. A 'mock' Renegade setup was used just because some software had to be used in order to explain the theory behind the attack. Now to address the frustrated reader who is obviously aspiring to become an ever-so-elite BBS-h4x0r! While I often enjoy toking on a crack pipe, this method was tested prior to writing this article. It was tested on Renegade 04-x quite some time ago (as the article had been written some time ago, but never published). I currently run FreeBSD 2.2.2, so I havn't been able to do any more testing to help you hack BBS' and become ph33red. *BUT*, I am sure that versions of THD ProScan (a utility to scan uploaded files for viruses and other problems) will foil this attack. I am also sure (just by what I remember of how Renegade works) that If you follow the steps that I gave you in Phrack 50 correctly, upload a file, and then the SysOp were to (X)tract files from that file into \temp that it would work. I am also sure that there are other packages out there other than THD ProScan that do the same thing, but not in a secure fashion. The methods described in "Portable BBS Hacking" will also work with these packages. I hope you weren't just having Renegade check the file integrity with pkunzip -t or just view the contents of the zipfile. Your response wasn't very specific so it's hard for me to be specific in this reply however, I can tell that you also enjoy an occasional joint of crack, so feel free to contact me sometime and we'll smoke! Yours Truly, Khelbin Sunvold 0x6>-------------------------------------------------------------------------- Hi, What program do I have to use in order to read the Phrack Magazine? Thank you, Adrian [ We at Phrack Magazine do not explicitly endorse any particular program, however, many 12 step programs work wonders: Narcotics Anonymous, Overeaters Anonymous, Codependency Anonymous, Debtors Anonymous, Beyond Controloholism, Science Fiction Addiction, etc. Also try: `gzip -dc phrack.tgz | tar xvf -`. ] 0x7>-------------------------------------------------------------------------- Please allow me to introduce myself. My name is Itai Dor-on and I am a system integrator From Israel. [ No introductions are necessary. ] I got the phrack.com address from one of the subscribers on the [email protected] mailing list in response to my inquiry on smtp exploits. (phrack 50) [ shattered:~/Phrack/50:~> grep -i SMTP * | grep -i exploit shattered:~> There are no SMTP related exploits in Phrack 50. ] I downloaded the file but it seems that it is encoded in a format which I can not read. I use windows 95/NT. I would like to know if there is a special viewer for the file. [ See above letter. ] Is there other informative information in the phrack.com site that is relevant to Security exploits in tcpi/ip [ Phrack 48 - 52 ] I thank you in advance for any response Yours Truly, Itai Dor-on 0x8>-------------------------------------------------------------------------- Phrack is the best magazine of its kind I've ever seen !!! Maybe you could write something about tapping telephone wires in order to record data and fax on a portable tape recorder. I've read an article from Damnation that was pretty good, but maybe you could give me, and the other readers of course, some additional information. I'm also interested in hacking the E-mail server of my ISP in order to read my teacher's mail, so what kind of program do I need to do this ? I know his login but I don't know his password. I've got a terminal program called Dialog that doesn't seem to be very useful, but maybe you know a better one ?!? Now, my last question: I'm using CuteFTP to log on to my homepage's folder . One day I've found some write protected folders and files, so my question is how do I get access to these files and how do I go to other folders to which I'm not allowed to go (hidden,write-protected, etc.) ? Thank you very much in advance ! Host [ I had a flame all ready and prepared, but this letter really seems to set itself on fire. ] 0x9>-------------------------------------------------------------------------- Hey guys, I'm a first time ready and, well duh, first time responder to yer mag...I must say that I am thoroughly impressed with what you've all put together...as a Linux user, it shall certainly be a very useful utility/resource for me...I just nabbed the 51st issue and it rocks thus far...downloading the other issues as I type this...just thought you might like to know ya got another reader who is overjoyed at getting off his lazy ass and finally reading yer mag which i've heard about in the past... Ezines never were something for me but i said fuckit and went for Phrack.. your mag is the most informative and entertaining Ezine that i've seen to date (and i been on the 'net for 4+ years now...that might say something) anyhow, enuf blabber from me, L8! -GnEaThEg0d [ Well, thank you very much. ] 0xa>-------------------------------------------------------------------------- I'd like to congratulate Narbo on his brief introduction to CCS7. I was begining to think that noone was interested in telecommunications anymore. [ Agreed. Note that we would very much appreciate further submissions of this kind. ] One thing I'd like to add for Phrack's Japanese audience is that they are the odd balls when it comes to signaling data links. While signaling data links are 56kbps in North America and 64kbps virutally everywhere else, Japan uses 4.8kbps links. Actually I guess we, in North America, are also a little odd at 56kbps but at least it's closer to the norm. :) -khelbin 0xb>-------------------------------------------------------------------------- Yea, I wanna subscribe to phrack..This is my e-mail [email protected] me up if I'm writing the right place..if not..tell me how to subscribe later oh yea..I know I'm not supposed to ask..but I don't have internet access..I could use all the back issues of phrack in one big long letter if you could..I can't recieve files with this account..so if you could cut and paste or some shit... later [ Sure. Let me get right on that. Even better, what's your postal address? I'll have the Phrack Tactical Team deployed to your house to come hit you on the head with a tack hammer because you are a retard. ] 0xc>-------------------------------------------------------------------------- Good issue, by the way... [ Thanks! ] So whassup with the Milla pictures? Did you mention them in P51-1 just to taunt us? How do you get the _non_ASCII version of P51? You're too cruel... :-) JSRS [ Sorry. That Carl's fault. He's new. (Moo. Moo moo.) ] 0xd>-------------------------------------------------------------------------- To the Anti-Christ, [ Apparently, there was a postal mix-up and we are now getting Satan's mail. ] When I grow up I want to be just like you. [ Great! So, I'll see you at the next Klan-youth meeting? ] That said, can you walk the talk? If so, I have a challenge for you. [ 'walk the talk'? Note: This is email. Something you've mailed to a whiley bunch of knuckle-knobs. And quite possibly something that could be used to make others laugh at your expense. In the future, take the time to grammar and spell check your letters to minimize the emotional damage you are bound to suffer. ] I am a neophyte in the DarkSide,and need some help catching/avoiding a phreaker,hence the interest in your mag. He breaks into phone lines at home and work. Tapes conversations and interjects various rude noises on important calls. Do you have any ideas as to what I can/should do to protect my [ Sommy! ] privacy and catch this guy? If this is not within your realm of expertise, can you refer me to someone for whom it is? [ Try the PHONE COMPANY. ] Don't take my intial inquiry as anythng but an effort to become part of the hacker/phreaker world for the sake of my own protection. I [ For your own protection, I suggest NOT becoming part of *any* community. Live the rest of your life as a hermit inside a hollowed-out oaktree. ] understand there are many 'good' hackers in your world willing to offer assistance in this arena. Your assistance would be greatly appreciated. Thanks. 0xe>-------------------------------------------------------------------------- Sirs, First,thanks for the obvious hard work that goes into your 'zine. I guess I'm what you what you would call a "tryin' to be". I've got all the back issues and read some every day.I was just reading 51,and had to say that besides all the other great things in the 'zine,it's great to see some people still have a great f*ckin' sense of humor. Thanx again, (to busy trying to learn to have come up with a cool handle)...R [ Stop it. I'll get a big head. ] 0xf>-------------------------------------------------------------------------- I am a newbie hacker/freaker/cracker/sometimes anarchist. I have read some of your first Phrack issues and I LOVED EM! Especially the bomb making!I am gonna try that stuff when I finally go to my dad's house later on this year....I wanna blow shit up!! I have a submission that you are gonna get sooner or later about making the ULTIMATE pipe bomb....it is REALLY destructive... THANK YOU Demonhawk [ ATTN Deliquent parents: Increase Ritalin by 0.5 mg/Kg. ] 0x10>------------------------------------------------------------------------- Day in the Life of a Teenage Hacker: Story of My Current Non-Life By: Demonhawk I wake up, staring at the ceiling for ten minutes before my mother finally walks in and says, "Time to get up!" I stand and dress myself. Wearing the only thing that I can think of that I like, blue jeans and just whatever shirt looks best at the time. I go and comb my hair (walking to my mom's end of the trailer house to use that bathroom because mine doesn't have a mirror, nor a sink, nor more than 10x10 feet of space). I walk back to my room and get my books ready for school. The block schedual makes my backpack EXCRUTIATINGLY heavy on B days while on A days it is light as a feather. I lay down-most of the time-and go back to sleep. Others I turn my computer's monitor on and type something for a while (my mom says it is bad to leave your computer on all night, WRONG! Little does she fuckin' know it is better to leave it on!). It is time to go to school and my mom drives me to t he middle school (Connally Middle School) where I go in and play on the computer suntil school starts (get there 30 mins early). I go to my first class, still groggy from the little rest I had the night before while I lay awake in my bed pondering what I could do to the school's computer system. The recenlty installed network (Novell) was supposedly student proof (little do they know). I have the software and I could hack it easy. Crack the passwords that the teachers think they are so smart to have one that a student can't guess. I think about the consequences of hacking 'em, then realize that it would be stupid to hack 'em, after all, I am the only one smart enough on the computers to hack em. I can crack Windows passwords (easy) with a boot disk (or even booting into dos). Last year, I will remember angrily, I remember how I got a bum wrap for crashing a teacher's computer. I was on it then absent for a week and then come back to find out all fingers were being pointed at me. I got kicked off the annual "good kid's" Six Flag trip and that REALLY pissed me off. Then, as the first period teacher begins to yell something like "Get to work!" (I am in shop first period) I wake up and realize I had been thinking. Most of the period I will talk to my friends about hacking (the two-maybe three-friends I have in that class) and they will ask me computer questions and I will answer them (and if I don't know an answer I will make one up, after all, they have no idea how to use a computer to its full limitations). After a few more minutes of thinking I realize a virus will be the way to go. The only problem is putting it on the computer. How? Well, maybe if I can get access to a teacher's computer while she/he is out of the room. Yeah, that would be the only way. But the witnesses (who am I kidding the kids up there would LOVE to see the computers crash, in fact, I have been offered $$$MONEY$$$ to crash em). I think about the virus idea for a moment. Yeah, that is the way to do it. First period is over. I move to my second class. It is a no brainer (on both of the days) and I have a lot of time to plot out my plan. Trojan Horse. Yes, or maybe Darth Vader...as a calling card. Yeah, that would be the way to go. The Trojan Horse virus followed up by the Darth Vader virus. Yes. Well, I have one of those two. Now lets think here. How to gain access to the computer at school. The teacher looks at me and tells me to "get to work!" and I look at him/her and reply, "But I am already finished!" and they leave me alone. But, maybe I should wait until I am in High School (when the entire district will have the internet) and I could port in and leave the virus. Yeah, that would work, I couldn't be blamed since I wouldn't go to the Middle School any longer. That is a possibility. I cheat at my math for a while (copying the back of the book for some easy answers) not because I am dumb, hell no, I am in Algebra I in the 8th grade for Christ's sake! No, I am just lazy, except when it comes to the computers. Second period is over. I walk to my third class of the day, an hour till lunch when I get to talk to my ENTIRE 5 friends at one time (there are some almost friends in this group, people I get along with and, yes, on occasion like to hang around with). You see, I am a "nerd" and proud to be one! Now, this is the thing. I am not just ANY nerd, I am a nerd with RED hair and fairly THICK glasses with THICK frames (I want contact lenses that have mirrored silver on the outside but I am not allowed to have them for some fucking unknown reason). I do my work, hoping that lunch will come, and eventually it does. I walk down the halls meeting a friend or two along the way, getting pushed by hicks that don't think computers are "cool". (Just as something that made people think I did a speech in Drama class on how computers are gonna crash in 2000 because of the Millenium Bug. One kid almost pissed in his pants when I told them safty systems on Nuclear power plants might go offline and how that all cars with electronic timers that shut down until an inspection won't run. Plus power might go out, I think that made them appreciate computer freaks like you and me just a LITTLE more since WE are the only ones that can save them from that hideous fate!!) I am laughed at because I run and internet Star Wars club (The Conflict at www.geocities.com/Area51/Zone/9875 ). But they don't laugh when I tell them I can hack into the school's computers. They look at me dumbfounded and then make some smart ass remark. I look at them for a second and walk away, I know they don't understand how much of a computer GENIUS I am. Well, to tell the truth I am NOT really a computer GENIUS. Well, in some ways I am. I mean I CRAVE knowledge like I CRAVE food when I am hungry and water when I am thirsty. I can't get enough computer knowledge, I ALWAYS need more (currently I am learning C, C++ JAVA, JAVAScript, Visual Basic, and QBasic <----I forgot most of what I used to know on that one) I eat my lunch (usually Nachos but sometimes Lays potato chips and an ice cream) and then go outside where I get an RC Cola. The bell rings and we are all herded back inside the main building where we suffer out the rest of the day. I make it past the rest of 3rd with no problem. Then comes fourth. It is a little nerve racking to sit there while time slowly slips by, waiting for that bell to ring so that you can be set free of this hellish place. The bell rings and I leave the school, heading outside where the buses load. Mine is the last and after an hour or waiting it arrives (thank GOD I am the first one off) and I go inside my nice, cool house. I turn my computer on (if it is off) and begin my homework (I lie about having homework so that I can play on the computer without being touched by my mother). I wash the dishes and water the dogs. Then I sit down and play on the computer a little bit. I get on the internet a little while later. I learn a LITTLE more hacking and play some games over the internet (ain't technology wonderful???). I am far from being an 31337 hacker, but I am doing some good a little. I am basically a newbie but I can still hack Novell (childs play). After a while of this I take a shower and lie down in bed, dreading the next day (unless, of course, it is a weekend). And that, is my Non-Life. [ ATTN DELIQUENT PARENTS: Increase Ritalin by 1201293 mg/Kg. ] 0x11>------------------------------------------------------------------------- Dear sir, First off, i think phrack is a wonderful publication, the best of its kind and better than most, if not all, of the computer related commercial publications. You and your staff are doing a great job and please keep up the excellent work :) [ So, we're better then 2600. Thanks! *That's* the validation we needed! ] That said, i have a request. I'm writing a paper on the hacking subculture and such a project would be, to say the least, severely lacking without the inclusion of groups like Phrack Inc., 10pht, and [ Phrack is not incorporated. And you mean `l0pht`. ] r00t. So i would greatly appreciate it if you could fit it into your [ You are already severely lacking. You failed to mention the guild. You even forgot b0w. ] doubtless busy schedule to send me a history of Phrack. It can be as brief or as in-depth as youd like. From just the date of creation and pivotal events in Phrack history to a summary of every passing member's contributions to the publication.. anything you can send will be an asset to me. Also, if you or any of your staff members would be so [ I'll get some of my interns right on that. Alhambra! Get to it! ] gracious and godly-wonderful as to answer the few questions below that would also be greatly, GREATLY appreciated. Q: What is your most commonly used handle and why did you choose it? [ `route`. Cos I thoroughly route my foes. And also cos I route through all my girlfriends' purses when they are in the bathroom. ] Q: What is your position at Phrack? [ I AM PHRACK. ] Q: When did you realize you were a hacker(or phreaker, cracker, whatever applies to you)? [ It is something you are born with. It is not something you learn. There is no single moment of realization. It is something you just `are`. It is this unexplicable and inexorable pursuit of knowledge. To learn. To break. To fix. To push. To optimize. To learn. To hack. ] Q: What do you think hacking is Really about? [ Oh c'mon man. Chicks and Money. That's what it ALL boils down to. ] Q: How do you think the 'scene' has changed, and where would you like to see it go? [ See P48-02a ] Q: If you could say anything to the community at large about hacking, what would it be? [ Um. Most of what you people consider hacking is simply a justification or shield for doing illegal acts. ] One last thing, do you know where(email, www address, whatever) i could contact current or former members of 10pht, r00t, or any real [ Um. Let's see. http://www.l0pht.com. http://www.r00t.org. And so on. You're not a very smart person. ] group (ie: not one of the lame new groups trying, unsuccessfully, to copy the greatness of the older groups)? Any response, including negation so i can search elsewhere, would be greatly appreciated. Thank you for your time. Weaver 0x12>------------------------------------------------------------------------- Is it possible to "Hide" your ip while on tcp/ip connection if so how? Thanx [ Yes, look into Onion Routing. ] 0x13>------------------------------------------------------------------------- Hi Phrack-editors, I'm looking for a good and experienced hacker to hack a German site. There is enough money involved to satisfy you. [ My price is quite high. Actually, fuck it. I don't want money. Give me flesh and fame. Get me some elite movie role where I am the hero and Milla Jovovich is my love interest. Then we'll talk. ] I will give your more information with further correspondence. Please let me know soon if you are interested, (just reply to this usa.net address), thank you, Diogenes 0x14>------------------------------------------------------------------------- I recently read about the ancient ftp bounce attack. I have tried it and it works on versions of ftp that are lower than wu-2.4.2. Here's what I do. [Receiving Machine no system req's except write access] TYPE I PASV (Give's IP then port) STOR [Sender Machine w/ver 2.4 or lower] TYPE I PORTRETR [Receiving Machine] Binary Mode Transfer Started It then goes on to get the file. But... If it is a wu-2.4.2 ver computer, the sender machine says Illegal PORT Command, when you type the IP and port of the receiving computer. You can only do a PORT command that includes the IP address that I am coming from. Sorry to say I don't know how to do any kind of source route or IP spoofing, although I'd be interested to hear if this was the only answer, and am not sure if there is a way to get around this. 0x15>------------------------------------------------------------------------- how can I phreak succsesfully in Germany??? [ The Germans hated me when I was there. I think they hate all Americans. Something to do with WWII or something I guess. ] 0x16>------------------------------------------------------------------------- Hello there :) Probably u don't know who I am ... [ Definitely. ] well, I'm an italian boy and I wish to say ya one thing ... You're Great. [ Oh. C'mon now... Really? ] I've just start to reading Phrack (the last issues) and I guess that it's a very cool wonderful zine. [ Get out. You think so? ] Why am I tell ya this ?? Well, since I think that one person is as ya ... well he's great. [ Now stop that. I'm really getting embarassed. ] I'm trying to learn something from ya (and I shall overcome .... I hope :) ) I'm interesting in hacking .. but I'm not like some other ppl that always ask "How can I be an hacker ??" "where I can find something to became root" I guess that they haven't understood nothing The REAL HACKER (for me) is an expert, has an etic and he hack to learn The knowledge is one of the thing most important in the world (the other ones are the GIRLS =) ) So I won't ask ya how to be an hacker ... (even cause you'll propbably say me FUCK YOU ;) ) we're so far but maybe one day we could meet :) to share our knowledge [ Wait a minute. Are you coming on to me? ] Well, Thanx a lot and excuse me for all the time you spent to read this letter Excuse me also for my terrible english [ NP. Luckily Aleph1 was over, so he translated for me (`course, then I needed someone to translate that, too). ] Cool and great stuff has Phrack =) [ Agreed. Great stuff has Phrack. ] 0x17>------------------------------------------------------------------------- Hi, i noticed that you fixed up your web page, and thats nice, but my probelm is, that when i downloaded the phrack 51 issue, it came like this : " phrack51.tar.gz " so,....what kind of program do i use to open it? Can you just put all issues in zip format? That would help us all! [ 'Us all'? You are of course refering to the entire moron population. Phrack does not cater to the morons of the world, sorry. Try 2600. I hear their target audience is a bit thicker skulled. ] 0x18>------------------------------------------------------------------------- Hi, I sent you an email a while back asking you to forward a message to an author of one of your articles, since he wanted to remain anonymous. However I never got any reaction either from the author or from you. It's really important for me that I find him to discuss some techicalities. The article was; "How to make your own telecards" Volume Seven, Issue Forty-Eight, File 10 (and 11) of 18 Did you manage to send the email off to him successfully? All I want is for him to contact me on this address ([email protected]). If he wants to remain anonymous he could easily create an email account on www.hotmail.com or another service of that kind. It would be very nice of you to forward this email to the author of the article and reply to me wether it was sent successfully or if it bounced back. thanks [ This is the best we can do. ] 0x19>------------------------------------------------------------------------- Hey there... is there any way to get phrack in just one big file instead of getting it in a lot of separate files? Thanks... Thanks, Crystalize [ `cat phrack* > master_phrack.blob` ] 0x1a>------------------------------------------------------------------------- im having trouble finding uk phreak iNfOs! can u help me out? im looking 4 bt c7 info and uk payphones. cheers [ Hrm. I know several Brits who like me tho. And I like them, too. Much more then the Germans. The .uk girls are waaay prettier too. ] 0x1b>------------------------------------------------------------------------- HELP> Your the Best I need your help FAST [ AHM THE BEST!@ ] I have 2 files in Corel Word Perfect 7.0 that have pass words on them I need the Fast Can you help? Or know anyone who can? I'm in the U.S. [ Great. We're practically neighbors then. ] I will pay I hear your one of the Best out there :-) [ AHM THE BEST!@ ] Melissa P.S.I need to try to get these by Sun. Night I can e-mail them to you? [ Hrm. `Melissa` huh... Hrm.. You'd better bring them over, this could take a while. ] 0x1c>------------------------------------------------------------------------- Just wondered why everyone raves about PGP, even thogh it's breakable. [ What the hell are you talking about? ] Is it possible to by-pass 'Proxy blocks' on an internet connection? The local iNet connection has blocks on all hack/warez sites whereby when you try and access them you get a 'You're trying to access a filtered URL' message. I figured it would be possible to re-route the conneciton but haven't a clue how. [ Shure. Try some covert tunneling via IP fragmentation or IP-IP. ] Also, how do you find out all this stuff about tapping phones, cell-net busting and telephone, errr, dabbling?? Do you research it yourself or just accumulate it form others? [ Everything I know about phones is self-taught. ] Many thanks, Denyerec 0x1d>------------------------------------------------------------------------- Hi, I've been reading a-lot of phrack zines lately and seeing your name in most of them, I thought your the best to answer my questions ??? To become a hacker where do I start ? [ New Zealand. Or at least as far away from CA as possible. ] What books should I read ? [ Anything by Stevens/Knuth or any of the millions of smarter-then-you people out there. It's a safe bet that, if they wrote a book, they're smarter then you. Very safe bet. Like, Fort Knox safe. ] What languages do I have to learn ? [ English is a good start. ] Which sites are the best to go to for information on hacking (including newsgroups) ? [ Anything in the alt.* hierarchy is a good plan. It's ALL *choice* material. ] I've only started hacking and that's into applications on my computer and my friends computers. [ That's nice. ] I hope I'm not bothering you with this message. [ No bother at all. I'm shure you've made someone smile, somewhere. ] 0x1e>------------------------------------------------------------------------- Dear Phrack, I'm looking for a phreak to work in France and I couldn't find such informations on the Net; so, is there any chance that blue box may work in France, or the Phoney app which comprise red, bleu, green, and black boxes, and if so it is, how does it work ? Also, there is any site on the Net where I can find informations and tools for phreak in France? Thank you so lot by advance for your advices. [ Now, I don't know any French people, but, I think if I met some, they would like me. I don't give into all that `French people suck` propaganda. Nono. I think they rock. And the French women are really pretty, too. ] 0x1f>------------------------------------------------------------------------- I use a macintosh when I ip spoof. Please, if you use a macintosh, send me a hacked version of TCP/IP an/or a hacked version of Open Transport. thanks. [ You're neat. Let's be pen-pals. ] 0x20>------------------------------------------------------------------------- Hello! Sorry for borring you, but I've some problems with L2 on FreeBSD-2.2.1R and decide to ask you about some tech details. The problem is that 'loki' unable to receive ICMP_ECHO packets from 'lokid'. I dig through kernel netinet sources and AFAIK, there is no way to pass ICMP_ECHO packets to userland. In ip_icmp.c we have: ICMP_ECHO->icmp_input()->icmp_reflect()->ICMP_ECHO_REPLY->icmp_send()->net So, there is no chance to receive ICMP_ECHO in application program, isn't it?! Unfortunately, I've no access to Linux box, so I can see what's hapen there. [ You are correct. In the accopmanying paper I allude to this problem. Net/3 based stacks will not pass ICMP request packets to userland. ] Is there are any workarounds? I can patch my kernel, but I think this is not right way. What do you think about this? [ Running the client and daemon on Net/3 boxes is a problem. ] p.s. The idea of patch is simple - create copy of packet's mbuf via m_copy(), send it to rip_output() and only after that pass original packet to icmp_reflect(). [ Cool! Write the patch up and I'll publish it in a future issue. ] Regards, Roman. 0x21>------------------------------------------------------------------------- I would like to put a request out for all so called "hackers" to join up i can't find nobody to talk to in this Hellhole Richmond,Virginia I want to put a message up for all VA area code 804 hackers that live near richmond to email me at [email protected] . ThanX ThanX, Mischief ALIAS: DrMischief [ Here's your chance. ] 0x22>------------------------------------------------------------------------- Let me start by saying your magazine is great. I read it whenever I have time. I am a newbie and want to know if you know anyone who could help me get started who lives/operates in the Morris County, NJ area. ~The Gator P.S. If you know anyone using the handle 'The Gator', can you please tell me so I don't offend anyone. [ You mean you haven't checked in the official codename repository? Oh boy. I don't envy you. `The Gator` is one of the most sought after nicks in the history of nicks! You're in for it now. God help you. ] 0x23>------------------------------------------------------------------------- Hello! Thanks for such a good e-zine. It has a lot of relevant articles, and it helped me start hacking. Again. thanks for that. I was wondering one thing, however: do you know onything about the Mentor? He wrote the Hacker MAnifesto, and I believe he wrote an article for phrack once...... Could you give me any help, please? I'm dong this for a school project.... [ I hear the mentor joined a new wave band and changed his name to Bobbysox. ] 0x24>------------------------------------------------------------------------- Where can I find a sshd.c trojan? [ http://www.cs.hut.fi/ssh/#current-version ] 0x25>------------------------------------------------------------------------- I'd like to know if someone of you ever made some compiling in C (I'd like something for you) thank's [ Huh? ] 0x26>------------------------------------------------------------------------- Hi, I need a FALSE IP APP: Can You Help ME? [ NO I can't HELP you AT all. ] 0x27>------------------------------------------------------------------------- I heard about Phrack magaine issue talks about hijacking sessions, which one is that issues? I can't find it. [ P50-06 ] 0x28>------------------------------------------------------------------------- I'm trying to reach all the real hackers and phreaks (not stupid warez lamers) in the 601 area code, especially those around Lauderdale county, so I figured Phrack would be a good place to start. A few friends and I are gonna be starting some get-togethers at the new Bonita Lakes Mall in Meridian when it opens up later this October (probably long past by the time the issue of Phrack this will be in comes out). All fellow readers interested in reviving the HP scene in the East Mississippi-West Alabama area are welcome to come (reviving assumes that there was ever a scene here in the first place. We're quite boring hicks in this part of the country). If you're planning on coming, or want more info, please E-Mail me at [email protected] Even if we just have the locals, we should have a lot of fun, so if all goes well, I just might be writing an article for Phrack about it, if ya'll would be interested. [ We would'nt be. Ya'll. ] Cheers, -|/|/easel 0x29>------------------------------------------------------------------------- I'v have a few questions about Juggernaut: 1) can it capture ethernet packet ? [ It can capture many. ] 2) can it act like sniffer ? [ Shure. ] 3) which compiler [ GNU C compiler ] 4) does it have to run on root [ No, it has to run as root. ] 5) which plateform does it work on? [ Linux (legacy version) Linux, BSD, Solaris (current unreleased version) ] 0x2a>------------------------------------------------------------------------- You could say I'm a newbie or novice. I would be very greatful if you could send info on anything on beginning hacking. Like what computers are the best and what additional accessories you need. So in short please send any info you could. Thanks. [ WHAT AM I DOING? I AM PUBLISHING PHRACK. WHAT IS PHRACK ABOUT? PHRACK IS ABOUT DISSEMINATING ENTROPIC INFORMATION TO ANYONE WHO WANTS IT. ARE YOU CONFUSED? IT WOULD APPEAR SO. ] 0x2b>------------------------------------------------------------------------- I have heard about your magazine. I am not new but I am not experienced to this side. Would you please guide me to where I would begin. pool [ P51-02@0x2a ] 0x2c>------------------------------------------------------------------------- Kong-ratz Guyz! You made it onto C|NET Last night at 10 on (Sept) the 5th. They were bashing you! Damn..... Well thats it. C-ya! [ Hrm. ] 0x2d>------------------------------------------------------------------------- After reading Phrack for years and being in the computer industry for 18+ years, I thought it was time that I write in. I have been reading Phrack for about 6 years now. Even talked to Erik Bloodaxe a few times in regards to Banyan Vines a couple of years ago when I was in the military. The scene seems to have changed so much now. It used to be full disclosure for the most part. Now everyone is so paranoid of sharing what they know, since everyone will rush a patch out for the latest exploit. How do you think others learned? Hacking is and always will be about exploring the limits of systems and networks. As you learn and share, others can expand their knowledge base. I started back on Atari 400s years ago coding in BASIC. I know many will laugh at that very thought, but it was a start. The groups back then were very tight, but also willing to help each other. If you showed a willingness to learn, and took the time to learn, instead of just leeching, it was amazing what others would do to help you. I have been digging through tons of sites lately, most are outdated hacks from what I have seen. Most places patch as fast something hits the `Net. But at least you can learn from the code if you take the time. I want to sends congrats out to Phrack. You guys along with a handful of others make it a point to keep sending things out to us in the community. One of the comments I am sure to hear is, then why don't you contribute things? I have not to Phrack directly, but that will change soon. I don't have a lot that is that great, that hasn't been patched for already. Mine is more tinkering and learning. Anyway, I am sure I have rambled enough for now. Just thought I would give my $.02 worth. Keep up the good work at Phrack! L8R, D-Man 0x2e>------------------------------------------------------------------------- I am looking for a REALLY good telenet software and an also REALLY good [ I like the telnet software that comes with 4.4BSD. ] scanner software. Can you refer me anywhere? [ Scanners was a terrifiing movie! Why would you want to scan someone?!@ ] I also would like to know how you decode the password in the passwd file. For example it writes: john: x :9999 :13: John Johnson:/home/dir/john:/bin/john [ 'x' is a shadow password token. It cannot be decrypted. Futhermore: Unix passwd encryption is based on a modified version of DES. The user enters her login and password at the prompts. The user entered password is used as a key to encrypt a 64-bit block of NULLs. The first seven bits of each character are extracted to form a 56-bit key. (The other eight are used for parity.) This implies that only eight characters are significant to a password. The E-table is then modified using the salt, which is a 12-bit value, coerced into the first two chars of the stored passwd. The salt's purpose is to make precompiled passwd lists and DES hardware chips ineffectual (or more difficult to use). Then, DES is invoked for 25 iterations on the block of zeros. The output is 64-bits long, and is then coerced into a 64 character alphabet (0-9, A-Z, a-z, ".", "/"). This involves translations in which several different values are represented by the same character. Unix passwd crypts are the product of a one-way hash. Information about the key is dropped in every iteration. Bits are LOST in the process. crypt(3), therefore, CANNOT be decrypted, reversed, or otherwise subverted from any type of scrutiny of it's output. ] 0x2f>------------------------------------------------------------------------- To the Editor: I have to give out props to the job done on Phrack51.....it just keeps getting better and better. Iv'e enjoyed Phrack 1-50 but i must say that since the current staff of the mag took over iv'e really noticed a marked improvement in the qaulity and content of the articles. Thanx for making this magazine available to all of us out here who are reading and learning But just one thing wheres my pics of Mila Jovavich in the nude!!!!!! NMEwithin [ http://www.infonexus.com/~daemon9/PIX/milla4.jpg ] 0x30>------------------------------------------------------------------------- a story of adolencent revenge..by a not so adolencent at 3:37 am [ Be warned. This is long. ] So here i sit surrounded by an ashtray full of butts, empty beer cans, empty 2 liters, a giant pile of papers, a stack of cd's, dirty dishes, tangled cords, red and green lights, the ticking of the furnace and blurred vision. Just got back from the pool hall and pissed off. why? because an old friend is getting married tomorrow and I was not invited. Well WAS a friend is more to the point. Betrayal in any form is a great primer for hatred. I am a twenty something (hate that fucking phrase) loser with no clue on what the future holds..but I find pleasure in figurative masterbation with MY processor. Match wits with this bitch, tell IT what to do and make it my slave...cheap thrill. Having power over something or someone is great while it lasts..as long as you do not have a concience. But I was wronged, so it is justified..my actions I mean... right? My girlfriend is asleep upstairs and thinks I sit up a nights doddeling to porn sights. I tell her that my pc is not working right, so that is why I am always working on it...that fucker bill gates. If he was a smart as the world beleives he is, these activities would not be so easy. Back to the point. (sorry! had a few too many). So I sign on...search for allies, find them among other assholes that have somehow learned one of my handles. My buddies are up to some funny shit, not total anarchy, but funny none the less. So what do I do...I tell them that I am in a bad state of being at the moment..they ask why, "Time for pain!" is what I read. You know how it is. A friend since first grade on through college just fucked you for the 100th time. I feel sick about it, but none the less it's time to put to work the tricks of the trade. I give my TRUE friends the skinny on my intentions, they ablige with laughter and frothing mouths. I cough up his SS#, home, phone, bank, work, license, and online accounts. Too late to turn back now. It's funny how one will actually take the gas pipe for virtual strangers that one has formed an online bond with, and will enlist them in a sceme to fuck a real time friend. (ex-friend). Number one, divide up the tasks. Number two, failure is NOT an option. N!umber three, ruin wedding. So here we go...secretary of state was a blow off, no brainer. PhoneCo a bit tougher (but been there before). Bank..oh the bank.. online banking 24/7 was such a good idea. My collective cohorts and I were like pitbulls fighting over the neighbors cat. Giggeling like schoolgirls. HEY we are elite! or so we think..most of our shit (not all) was built by others before us. We did modify code, but the backbone was not our own. Now it is 4:30 am and the shit is flying...after reading the "underground" being a martyr seems cool. My head is spinning, but I have to remain focused at all times..it is hard. Account activity...money is due to the banquet facility tomorrow. At least the balance of the shindig after the initial deposit. Check numbers and cleared transactions. He has no fucking clue! The best part was that he had mentioned writing a check for his balance only one day before.... but the amount owed was not cleared yet on his account. So time to insert! --0.00 balance. Too easy. OK, fine. Just a bounced check to deal with. Phones turned off (schedualed termination for lack of response to notices sent). Oh yeah..did I mention Utilities? Bank takes care of payment...how convenient. Car payments, insurance, mortgage the whole nine. Zip, Zero, Zed. A repeater. Constant (0.00). I am an asshole, I know, but being fucked by a 'FRIEND" is troubeling and unforgivable in this situation. One more thing..Company Voice mail...fucked. Left a text to speech recording to boss, too funny and implicating to dillhole. It's like giving beavis and butthead a small piece of gray matter that works for only bad things. I should of been invited to this wedding, but never the less, he is marrying a whore. This may sound vindictive or like sour grapes, but totally true. So actaully we are doing him a service, he just does not know it. The "ruin the wedding" part is actually out. It will happen and the avalanche of our actions will not start until the following week. But at least i did something, right? What a stupid thing to concentrate on. I am an idiot with things I should not have. Most of my collective friends are striking political targets...I am bouncing a check. But I am over it now. Time to sit back and wait...wait for the phone call from a mutual friend to give me the dirt. I guess I am the type of guy that would get a boner if I reset his sprinkler timer to go off when he is trying to get in his car. Totally retarded, but I would laugh for days. Whats wrong with me? I am now sitting here in my self-made dungeon scratching my head saying to myself "boy that was way harsh". I know some people would pose the question, "what did he do to desrve this type of retaliation?". You know what it's like, you have been there at one time, and everyone reaches a point where counter measures are warranted. Case closed. What we did was but an inconvenience, but will be remedied. Nothing was left beyond repair. It's at these times! (no matter how trivial) you find out who is willing to take a bullet for you. And in some fucked up way, that is important. At least it is to me. it's 7:49 am and time for the sandman. SychoSiS - The Collective. [ I am not sure which saddens me more, the fact that you actually spent several hours writing this, or the fact that I spent several minutes reading it. Now Phrack's loyal readers can feel my pain and read this for themselves. ] 0x31>------------------------------------------------------------------------- To whom it may concern: I believe that I submitted an article to your publication on hacking the phones at your local WAL~MART, please be advised that I submitted the same article to 2600 magazine and blacklisted 411, however I submitted the article to 2600 magazine before yours or blacklisted, they have decided to publish my article, and there fore I wish to inform you of this so there is no confusion. Thank you for your attention, Pirho -- Brought to you by Pirho and the International Brother Hood Of Frat Houses. [ We can only hope that your article brings Emmanuel and the rest of the 2600 editorial team as much amusement as it brought us. Not from going and harassing people at Walmart, no. Mostly from laughing at you for writing it. We'll leave the articles on hacking things like Walmart and Disney World for publication by 2600. We like to think we still have a reputation for quality. -alhambra ] 0x32>------------------------------------------------------------------------- Dear..sir I had readed yours doc.I'm interesting about hacking art and learing it.I would like to ask you.How can I hack my ISP?It's dumbing I know.But I don't know to ask anybody. [ I wonder if the aleph1speak to English translator has a `Yoda setting`... ] 0x33>------------------------------------------------------------------------- Hey, I just finished a two hour picture tour at your webpage, looked at every single photo on that hosted there, I know for one thing, with all the film you have used, Kodak must love you! The pic's were a riot, matter of fact, I almost had an accident in my pants I was laughing so hard. Seam's [ Maybe you should get some rubber pants or those adult diapers. ] like you and your friends know how to have fun (my kind of people) all we have up here is half-wit clowns. Anyway, enuf with the bullsh*t, I just wanted to ask you who owns "INN", if it is you, how did you pay for all that hardware? Where are you located, Cali I assume? How old are you? Any chance of meeting somewhere to chat one day (IRC)? If it's to personal, I understand, if not, reply.. [ Are you coming on to me? ] Regards -Tyrant 0x34>------------------------------------------------------------------------- [ ...Regarding the 'Teardrop' IP fragmentation bug... ] Dear To whom it concearns, I do not think you should have posted this about your bug you found. Alot of maniacs got a hold of it and are crashing servers everywhere. The net has turned into anarchy. I have about 4 servers down that i patched. But [ The Internet is anarchistic by nature. ] the patch doesnt seem to work. [ The patch works fine. Perhaps it is you that is broken? ] I do not think you should have posted that publically like that. [ Thanks. I'll make sure to file your opinion in the ignorance-folder. ] 0x35>------------------------------------------------------------------------- I'm just wondering when is defcon and where can I find out about little bit more? Regards. Pav. [ Defcon is traditionally held during the Summer in Sin City. Damn I love that town. http://www.defcon.org for more info, although the future of this Con is in question. ] 0x36>------------------------------------------------------------------------- Where can I find ways to make Long Distance phone calls without getting billed (and prefferably without making any boxes?) [ A phone line for which you do not pay the bill. ] I'm not an idiot, I just thought I'd ask. :) [ Is that open to conjecture? ] 0x37>------------------------------------------------------------------------- To Whom It May Concern: I enjoy reading your stuff in Phrack and I pay attention to those stuff that is writen about unix reading stuff. I am just wonder if there is any way to play tricks or hack linux 1.2.13. It also runs pine under it and I think there is a trick with .rhosts in pine and ls /tmp. Could you please tell me more stuff about this?? I could download the /etc/passwd file but then I have to use a dictionary to hack it and is there away of hacking it without using a dictionary?? And how do I delete my last login file?? Thanks!! Your Truly Tag [ Linux 1.2.13 is one of most inpenetrable versions of Unix out there today. Not only is the Linux O/S reknown for its stalwart and inpenetrable security but the 1.2.13 kernel was where Alan, Eric, Linus and the rest of crew peaked. That kernel revision is all-but immune to every known form of attack (with the possible exeception of quantum state disassembly). Your best bet is to kill yourself now. ] 0x38>------------------------------------------------------------------------- How ye all doin there at Phrack, hope your all keepin well. Anyways before I say anything I'll admit it, I'm a newbie, not a lamer a newbie. I've read all the hacking files I can get my hands on. There's only one small problem...I live in Ireland. A few weeks ago I was given an article written by "Hackwind" (1992 I think) about the hacking scene in Ireland. Believe you me. It's even worse than he says it is. The main problem is that all the files written don't relate to Ireland in any way . I don't even know ONE bbs in Ireland and NO ONE I have spoken to does either. I don't expect you to know much about the hacking scene in Ireland but if you do know anything, anything at all could you please send it to me. I'm dying for information. Information that I can't get my hands on. If you don't know anything about it perhaps you know of some contacts. Please let me know. Cheers, N0_eCH0 PS. Keep up the good work at Phrack. [ Ok, someone in Ireland help this guy out. ] 0x39>------------------------------------------------------------------------- hello my name is FUSION from a group called digital elite alliance and i was wondering if you would like to become allies with us. If so e-mail me back at [email protected] and then i'll get back to you. [ Don't hold your breath. Wait. On second thought, do. ] 0x3a>------------------------------------------------------------------------- Daemon9, Hi! I'd like to ask you a very common question. Maybe everyday you have received mails asking it. Yes, what I want to know is how to become a great hacker. [ Swing from the shoulders, not from the arms. ] I am a freshman in university. I wanna to be a hacker, not for doing damage to others, but in my own view, being hacker require a lot of knowledge and creative. I aim at knowledge and want to find out new tech, while not just using others'. In fact, I have read many articles about how to become a hacker. And I have done them. Now, I have mastered C, unix shell, and some of TCP/IP. So what should I going to learn if I want to be a great hacker like you? [ If you have mastered the aforementioned topics, you are far greater then I. ] I am learing socket programming and IP-spoofing now, do you have any resource on the net to recommend to me? Please write me back. Hoping to hear from you soon. Liu Jiangyi -- Daemon9, Hi, I forgot to ask you another question. Should I join a hacker group? And have you joined it? If so, please tell me which group I should join. And the mailing list, which one should a hacker join in your own view. Hoping to hear from you soon! Liu Jiangyi 0x3b>------------------------------------------------------------------------- [ A few letters to nirva and I. I swear to GOD these aren't made up. I *couldn't* make stuff like this up. ] Hey Route, I was wondering if you knew what colours Nirva dyed his hair for defcon and who made the dye, I was also wondering if you had a copy of LISP lying around somewhere. Are you going to the KMFDM concert this friday by any chance? I was wondering if you have ever been bust for hacking or phreaking and how you manage to hack with the constant surveillance by the man? Also if you don't mind telling me, how did you get into hacking and did you have a mentor at any stage? Ciao and thankx -- Hey Nirva, I was wondering how you got Real Kitty to drink coke out of those bottles from McDonalds (or is he just chewing on the straw). I was also wondering who Mike is currently going out with, not to mention you as well? If you could do me a favour and try to convince Mike to give me some webspace as well, I would really appreciate it. Thankx and Ciao -- Hey Mike, How would you like to win a date win with carmen electra, if you would like to, go on over to durex.com and there's a link from there to the american site with the entry form to win the date, and being such a brilliant hacker I don't see how you couldn't manage to rig the contest ;) Thankx and Ciao 0x3c>------------------------------------------------------------------------- Arggh , think of me what you will, but i Can't get over a pic on yer site of nirva, prolly one of the l33t3st looking individuals i've seen, in personal appearance (no, i aint gay), but anyway .. what are those things on his arms ? I saw that photo with the caption "nirva has rickets" or something, but are they implants ? ie part of his image/appearance or where they sum sort of weird disease he picked up ? [ Due to the vitaman-D embargo of 1975 - 1978 in New Mexico, nirva contracted the rare disease osteomalacia (rickets). He has it mostly licked these days thanks to heavy amounts of vitamn-D laced EMF radition treatment he undergoes 2 times a week. Every now and then, however, he lapses, as you can see from the aforementioned picture. ] tah man .. great page btw speaxx 0x3d>------------------------------------------------------------------------- ----[ EOF