LLLLLLL OOOOOOOOOOOOO LLLLLLL LLLLLLL OOOOOOOOOOOOO LLLLLLL LLLLLLL OOO OOO LLLLLLL LLLLLLL OOO OOO LLLLLLL LLLLLLL OOO OOO LLLLLLL LLLLLLLLLLLLL OOOOOOOOOOOOO LLLLLLLLLLLLL LLLLLLLLLLLLL OOOOOOOOOOOOO LLLLLLLLLLLLL information exchange Prez DeadWhorse Prez Devil Locke e-mail lolie@freenet.hut.fi web: http://www.inmind.com/people/therock irc channel #lolie nick DedWhorse The Leigon of Lame information Exchange. The LoLie is a service provided free of charge to anyone with an e-mail account and an interest in computer security, freedom of information, and censorship. The LoLie is a forum where people can submit articles on almost any topic, as long as it relates to computers. The LoLie was set up to cater to people interested in computer security, networking, phone system security, etc. If you would like to recieve LoLie at your e-mail address, send a message to lolie@freenet.hut.fi LoLie depends on reader submissions. To keep LoLie the higest quality possible, you, the reader needs to write and submit articles, on whatever topic you specialize in. All supporting authors will be given credit. In this issue: Unix mail system security. -DeadWhorse NUAs revisited -DeadWhorse Directly accessing Direct access. -DeadWhorse AOL for dummies -Devil Locke -------------------------------------------------------------------- Unix Mail Security There are many ways to get mail from a unix machine connected to internet. Normally you dial in and get your mail from a unix shell of one type or another. If you have a SLIP/PPP connection, you can use a mail client, which uses POP to get your mail, and SMTP to send it. The advantages of using a mail client are more than just nice pretty windows. If an account has a login, but the mail access is blocked for sending and recieving mail, i.e. guest accounts, then you can use that account to recieve and send mail. In your mail client, just put all the info for that account, if the account has no password, then there is no way that I know of to use it for mail, but most guest accounts have simple passwords, like the same as the login. If you are a sysadmin, and would like to block people from using low access accounts for mail, all you have to do is have no password. Most freenets have low access guest accounts of this type. Your mail client can also get mail from accounts which have "expired", but have not been deleted. You cannot log on the expired account, but if you finger it, it is still there. If you try to su to the account, it will tell you that the account is expired. Just use the account info in your mail client, and through the magic of POP, you can get to your mail. I believe you can send mail from the expired account too, someone e-mail me and tell me if it works. The most simple way to prevent this type of access is to change the password on the account before you expire it. Misc Mail info POP port 110 SMTP port 25 I'm sure you all know fakemail, so I won't go into how to do it with a mail client. -DW ---------------------------------------------------------------------- NUAs Revisited Well I know NUAs are an OLD subject, but there is some little useful things that I have found. If you don't know what an NUA is, I recommend you read the old LOD/H guides. But on to the useful stuff. If you need the date and time, connect to 2151067, once you get the date and time, just disconnect, I'm not real sure what the computer is, if anyone wants to write an article on it, go right ahead. I have found the NUA that AOL uses to connect to the host is 83420178.83*windows 0001 after it connects, it just sits there, waiting for the aol client. If anyone wants to write their own version of the aol client, one that doesn't crash every ten minutes, and that takes less than ten minutes to load, again go right ahead. -DW ------------------------------------------------------------------------ Directly Accessing Direct Access. Direct access 5.1 is a popular DOS shell program, which is often used to control access to the dos prompt in a stand alone, and a networking environment. Usually the program is run from autoexec.bat, and if the person doing security has done his/her job right, then switches=/n is in config.sys, and floppy booting is disabled in CMOS. This locks up the computer pretty tight, and Direct Access is usually passworded on exit to dos, dos commands, maint, etc. The weakness in direct access is that when you press F10 and the enter password box pops up, DA reads the password into memory, in ascii. So the trick is to get your handy dandy TSR memory explorer into RAM. If you ever get a dos prompt on the computer, even a shell, you can load your memory TSR, and then load DA. Then it is a matter of hitting F10 to exit, and when the dialog box is on the screen, hit the hotkey of your mem explorer, and do a search for Enter Password. Once it finds that in ram, the password is usually not more than 50 bytes or so in either direction, you need to look a little for a string that looks like a password. You can repeat and get all the password on the system this way. This info is from the mem explorer I use. It is freeware I think. (NOTE: Direct Access is (c) Fifth Generation Systems, Inc.) Exerpt from doc file: { MEMORY 4.3 Claudio Capiluppi University of Padova - ITALY caps@hal.stat.unipd.it Memory is a resident RAM explorer for DOS environment, which allows to understand interactively what a host process is doing and how it works, by means of several analysis functions. } Do not flood this guy's box with mail, i can send you a UUencoded version if you can't find one on the net. I think AOL has it in their libraries. Do a search on his last name. -DW -------------------------------------------------------------------------- AOL For Dummies The Slightly Less Moronic Edition -by Devil Locke Ok, everyone in the entire world has gotten an AOL disk at some point in their natural-born life. Since around a year ago, it has become a natural law, much like that of gravity, that you will get a free trial disk on an average of once every month or so. But, AOL is useless, right? It's just a run-of-the-mill overpriced, lamer-ridden, online service, much like Prodigy and the rest of it's ilk, right? NOT SO! America Online is useless to anyone who is a moderately good "hacker", or anyone with an ounce of self-respect, BUT it's a great place where one could learn some of the qualities one needs to ever be a "hacker", such as patience, and caffeine/alchohol overloading during a night spent with utterly no re- sults. It's easy to get access to, and yet difficult to actually do anything you can brag about to your friends on. The first step one could use in accessing AOL is to use a fake checking-account # (note: the routing # must exist) to create an account that wont be connected to you, and then ask people for their passwords until the account gets logged off for violating AOL's rules. Trust me - there are people that stupid out there! Then you will have an account that will last a minmum of a few weeks, and you can start having epilectic seizures waiting for the hourglass to go away, when you logoff. (The log-off procedure has been known to take as long as 8 minutes and 34 seconds on my DX-4/100, due to cheesy AOL coding) Log back on as one of your phishes, and then you can start having fun. If ya want to explore AOL, the first thing you need is a copy of Master.aol which ya can find in a 'warez' private room because with master.aol, you can invoke places that have no keywords, or anything like that. The first thing ya have to do, is find a database invoke #. To get one you can either generate number's off of the top of your head until you find a place that is there, or you can get a list of cool ones in a warez room, and be lazy. Once you've found one, just click on everything, and fuck around. The won- derful thing about an online service that has billions of bugs in the s/w is that some of the shit doesn't work for employees. That means that AOL has to jury-rig links to some of their inner-employee shit. For example, AOL has something called the America Online Resource Center, for employees. You can check out all the betas and shit that hasnt been implemented yet, download AOL training class logs, and stuff like that. You cant get to it because it has a security flag, and you have to have an 'internal' account to access it. But, at some point, their whole 'internal' system wasn't working, because through an online-technician-training area that you can access through an employee area of their Destination:Florida area, you can get to it, by clicking on a link to it that has no access requirements due to the fact that their other links to it weren't working. So you can find little backdoors like that all over the place on AOL. It's a great way to pass the time when you're wasted and bored. You can also find all kinds of strange things, and interesting things, and the 'flavor' of hacking is still there - that's what hacking is all about, right? Getting something you shouldn't be able to get to, through use of your intelligence and knowledge...the thrill of the hunt sorta thing. And on AOL, that's still there, it's just easier to accomplish. Hence, AOL is a great training ground for aspiring hackers, and bored drug-fiends alike. But what else is there to AOL? Well, guess what - there IS more! The AOL users are so absolutely moronic that one can employ that 'asking for pws technicque' (referred to as 'phishing') to credit cards. Hence, an unlimited supply for carders and their ilk. Also, with a CC from AOL, you can get an acct with a REAL internet provider, like, I dunno, NetCom or something, and from there, proceed to more enjoyable hacking (that, I might add, doesnt have as much lag ). And you can meet new friends in the America Online virtual cyber-community! (just kidding). I hope this was of slight use to some moronic fucker out there. Layder. Devil Locke. ------------------------------------------------------------------------ Aol for Dummies addendum -by Dead Whorse In case you didn't know, you can download the aol version of winsock in the winsock forum, and then you can use any winsock client with aol. The only catch is that Aol blocks access to most connections. You can use POP to check mail, but you can't use smtp to send it from Aol, stuff like that. One good thing is that you can use a telnet client to connect to a real ISP. Note: just put the aol winsock.dll in the client's directory, no need for tcpman. -DW ------------------------------------------------------------------------ Well that's all for this issue, submit something, and you can be part of the next issue. Fading slowly away..... LoL information exchange. Issue 1. 03/03/96 -EOF-