--->>>><<<<------------------------------>>>><<<<---
   SYNDICATE POWER ACTION - WWW.SOLJO.ORG/SPACT
--->>>><<<<------------------------------>>>><<<<---

 %%%%%%%%%> %%%%%%%%%| %%%%%%%%%| %%%%%%%> %%%%%%%%
 %%%|       %%%|  %%%| %%%|  %%%| %%%|       %%%|
 %%%%%%%%%| %%%%%%%%%| %%%|  %%%| %%%|       %%%|
       %%%| %%%|       %%%%%%%%%| %%%|       %%%|
 <%%%%%%%%| %%%|       %%%|  %%%| %%%%%%%>   %%%|

 T h E     A C T     I S     F O R     A C T I O N
--->>>><-------------------------------------------- 
                nHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHn.
             .MS?MMMMMMMMMMMMMMMMMM?MM~MMMMMMMMMSHMMMMMMMM(?"~\
             MMMMMH?MMMMMMMX*MM?MMX%MM/MMMMMM"HMMMMMMMMMMMMMMH
            MMMMMMMMMMMMMMMMMX*MX*MMMX?MMMMM(M!XMMMMMMMMMMMMMMMX
           XMC)?MMMMMMMMMMMMMMMhX?!?MMMMX#MM!MXMMMMMMMMMMMML   '~
   '\      MMMMMMMMMMMMMMMMMMMMMMMM!~`````-`~!?MMMM)MMMMMMMMx
      `~""MMM)MMMMMMMMMMMMMMMHhHH!~           `#MM(MMMMMMMMMM>
         HM!HMMMMMMMMMMMMMMMM*?)?`                `"MMMMMMMMMX       .
        XM!MMMMMMMMMMMMMMMMMMM?~                     'MMMMMMMM:..xx!`
        M!MMMMMMMMMMMMMMMMMXH!                        MMMMXMMP"`
       \!MMMMMMMSMHHHMM?XMM?~    -:::xx..             M?XMM?".x(
       MXMMMMMMMMMM!XHMMMM":       ... `"%x          XHHHMMM*"
      \!MMMMMMMM?XMMMMMMX!'~L     '%%%+:.  `       ..MMMMM"
      'HMMMMMM?HMMMMM*XM!    h     ~\).^\~     .%""`MM?"
      'MMMMMMMMMMMMMXMMM!    -X               +%%!.MMMXk
      ?MMMMMMMMMMMXMMMMM `.   ~               `""'XMMMMX
      !MMMMMMMMMMMMMMMMMX.    '                  XMkMMX>
      XMMMMMMMMMMMMMMM?MXXXx.-`                  XXMMM!
      MMMMMMMMMMMMMMMMXMXXXXXXx.         ~~      MMMMM ------ 
      XMMMMMMMMMMMM?MMXXXXXXXXX!`         '+^  .MMM!P       |
      'MMM!MMMMMMMMMi?M!"`        `~%HHHHxx.  xMMMM"   CHIX DIG HAX0RZ!
      :MMMMMMMMMMMMMMM"               `\XMM .MMMMM
      XMMMMMMMMMX?MM!                   `( HMMMMM
     XMMMM)MMM"   \~                     'MMMMM*
    'MMMMfMMM"  \~                        XMMM*
   .MMMMMXMM"  ^                          `MMM
   XMMMM!MM"                               MM>
   HMMMMXM~                                MM>
   ?MMMMM~                                 Xf%
    MMMMf                                  %% \
    4MMM                                    %
      `M                                     %
        %                                    %
        %                                     %
        %                 !                   %
         %                 !                   %
         %                 %                   !?%.
         %                  %                   X. %%.
          %                  %                  X!    %%.
          %                  %                  '!       %.
           %                  %                  !!         %.
           %                  %                  '!          `%
            %                  %                  !>                               
--->>>><--------------------------------------------
FIRE AND FORGET EZINE!
--->>>><--------------------------------------------
ISSUE #ELEVEN - <fwaggle> yeah but try as i might i
                can't manage to get one up ;)
--->>>><--------------------------------------------
THE SPACT Newsletter [22/11/04] [Sabbat of Samhain]
--->>>><--------------------------------------------

[13:26] <Ezra> how far is she in her pregnancy
[13:26] <Ezra> ?
[13:26] <fwaggle> umm
[13:26] <fwaggle> she's fat?

--->>>><------------<<<InTro!>>>--------------------

The SPACT news letter; short news, reviews, gossip
and love in miniature from the SOL crew. For more
of the same check out the other publications
distributed on www.soljo.org. I know we said
every Friday, but, huh, well, like we give a fuck!

--->>>><------------<<<SoL NeWs>>-------------------

Moved Boxen
=/=/=/=/=/=
We have recently changed the boxen that is hosting
a lot of our shitniz. So for example the SOL Forum
and WOD London forum re still experiencing 
technical problems. These will be fixed as soon
as possible.

--->>>><------------<<<Quoteage>>-------------------


Cuss
=/=/

"I don't like you yeah... I don't like your flex. 
Standard." - Jon.


Quote Of The Week
=/=/=/=/=/=/=/=/=

<@dawoker> my manager dropped by and told me to stop 
#using things like "my president is an assclown" in 
string testing for some of our code. - www.bash.org


Irony
=/=/=

"While a large office was being constructed, a steel 
beam fell on a laptop that contained the plans for 
the building." - BBC News.


Another Great Security Concious Idea From M$ 
=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/

1. Open as many TCP ports as you can between 6891 and 
   6900.
2. Configure the TCP ports so that sockets on a port 
   remain open for an extended period of time.

[Taken Fromhttp://help.msn.com/EN_US/HelpWindow_
msg.asp? INI=Messengerv62DL.ini&H_VER=1.7&Topic=
Messenger_CONC_ AboutSlowFileTransfer.htm&H_APP=
MSN%20Messenger&ContactUs=]

--->>>><---------<<<Articulation>>---------------

FAQ: How do I "hack" Hotmail? - fwaggle
=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=

This is one of the most awful questions we ever 
get asked, and it generally happens about once a 
week. The reasons vary, but not as widely as you 
might think - they almost always fit a certain 
pattern with certain keywords being replaced at 
will to disguise the message as we hopefully won't 
realise how formulaic it actually is.

Anyway, there generally isn't at any given time a 
"magic fireball" that will get you into your 
friend's hotmail account. Every so often a hole 
will appear, and they're generally tricky to 
execute and almost always require a certain amount 
of target stupidity. And chances are you won't 
get ahold of it before it's fixed, so just give 
up on that right now.

So what's a budding hotmail "hacker" to do then?

Well since most every hotmail vulnerability I've 
seen involves a level of stupidity amongst the 
target, and despite the fact we've had nearly a 
decade of high-density media coverage of computer 
security issues there still are a lot of stupid 
users out there ripe for the picking - let's 
discuss that. It's basically called "abusing 
the stupid factor" but to most it's generally 
known as social engineering.

Note firstly that this doesn't make you a 
hacker. Note second that it's probably illegal 
depending on where you live. Note third that 
we'll not be held responsible for anything that 
you do and this article is merely for 
theoretical purposes to answer what seems to be 
a burning question to a small portion of the 
internet community and we'll be on our way.
A crash course in Social Engineering

The full wonders of social engineering are 
well outside the scope of this article, but 
we can quickly skate over this topic that some 
people consider tantamount to "hacking people's 
minds". Simply put, social engineering is 
saying things that people want to hear before 
they will provide you with something they 
shouldn't. You can confuse them, be deceitful, 
be intimidating, whatever you need to do to 
get the information out of someone - and if 
you're doing it over the phone it's not as 
easy as it sounds. It generally takes a lot 
of bravado and some experience, and you need 
to think like a chess player.

In the case of hotmail, we'll generally be 
doing it over the internet unless you know 
your target personally. Let's first analyse 
the angle of attack before we start worrying 
about trivial things such as how to get the 
information you need.

Hotmail and other web services

While the majority of our requests for webmail 
help are about hotmail, this article 
theoretically applies to any web based service 
that uses the same techniques for user 
verification. With a little modification 
you could apply it to all manner of things.

The first thing you need to do is enumerate 
what exactly it is that you need. At the 
time of writing, Hotmail has a two-step 
password reset process. For step #1, all you 
need to know is the person's email address 
(surprise) and where they live down to the 
zip code. Getting this information out of 
someone is often tricky, but it's not impossible.

For step #2, all you need is the answer to 
their "secret question" but before you can 
do this you need to know what the secret 
question is - meaning you need the other 
information first. The secret question is 
usually something like "what is your favourite 
pet's name?" which if you craft the 
conversation just right, most people 
will think nothing of disclosing.

Target Acquired

Now that you know what you need, it's time to 
go about getting it. The only idiot-proof advice 
I can give is be patient. Now you must learn 
as much as you can about your target. Most of 
the information that you'll need will be easily 
to get out of the person, until you get to the 
zipcode. You could of course use the zipcode 
as your first point of attack - you know the 
way some phreaks think they're being cute by 
asking others what area code they're in? And 
then they look on their little sheet and are 
like "Long Beach, nice"? Well depending on 
your target's demographics (fancy talk for 
where they live and what they do) you might 
be able to pass this off as being cute.

Never under estimate the power of impersonation. 
Get to know the target and figure out what they 
would be attracted to and emulate that (easiest 
if done online). If they're an early teen boy, 
pretend to be a girl (don't laugh, you'd be 
amazed at the information you can nail out of 
someone). If they're a hacker wannabe, pretend 
you'll mentor them (after all, you aren't a 
wannabe, right? *chortle*). If they're into 
nascar pretend you have the largest collection 
of memorabilia in Kansas.

This may take some research, but it's worth the 
time and effort especially if you go very slow. 
Step #1 is to acquire the zip code by any means 
necessary. If the person has a domain, try the 
one that's listed in their whois information for 
a start. Tell them you have a cool device that 
tells you how far they are away from you (google 
for zipdy if they want you to pony up with an 
answer). Whatever works.

Hook, line and sinker

Hopefully now you are armed with a zipcode, and 
possibly even some answers to what might be their 
secret question. Browse on over to Hotmail's lost 
password page, and enter their email address, country, 
state and zipcode. If you don't have the state, 
you should be able to look it up either online 
or maybe in a phone book. Click submit and cross 
your fingers.

With any luck it should pop up with a secret 
question and a password/confirm password box. 
Now let's work on that secret question, unless 
you already know it in which case you can skip 
to the next major subheading.

If the question is for example "favourite pet's 
name" simply pretend to be an animal lover. Go 
on and on for hours about your favourite dog and 
how the neighbour ran over him in his Hummer and 
you were shattered for life. This will almost 
always (from a girl anyway) instigate a much longer 
rant about her favourite pet - which will almost 
always be named in the first paragraph but so 
as not to arouse suspicion you'll need to listen 
to it all anyway.

Whatever the question is, think of a way to 
extract the answer out of the person. Maiden 
name? Pretend you know the person's parents. 
With just a little thought it's really not hard.

Here comes the money shot!

Go back to your lost password page, and fill in 
all the information and cross your fingers. With 
a sprinkling of luck you'll be greeted with the 
other person's hotmail account for you to perform 
your evil deeds. Not that anyone would actually 
carry this out of course, what with the legal 
ramifications and whatnot.

There are of course some problems with this 
technique. Firstly, Hotmail are bound to change. 
Secondly, if you don't want to do hotmail and 
want to do say, Yahoo! it will need some 
changing too. Thirdly, you will often get 
someone who's information you just can't get, 
or it's wrong. IE, someone who uses another 
answer for their secret question - you will 
have a hard time extracting that from them. 
Your mileage may vary.

I want to hack my wife/girlfriend/husband/
boyfriend's Hotmail!

The problem I have with this question is that 
after reading the above guide it should be 
painfully obvious that if you indeed have a 
relationship with this person, then you should 
be armed with all the information you need 
anyway. So if you do, knock your socks off. 
If you don't, shut the hell up and come up 
with a better story.

Wait! I don't want to change their password!

well, at the moment that part is up to you. You
could always pretend you're a hotmail employee 
(after all you do have access to their account 
now) and tell them you need to reset their 
password before they get in, and ask them what 
it is. Your mileage may vary, I've never actually 
put this into practice (other than testing it 
on a fake email account an associate setup) so 
I haven't put too much thought into getting 
away with it. The rest is up to you, should 
you decide to do something silly.

---
fwaggle
fwaggle@hungryhacker.com
www.hungryhacker.com

--->>>><-------<<<Links of The Moment>>-------------

http://www.sorryeverybody.com

http://www.deanesmay.com/archives/001149.html

http://www.suave-boards.com

http://www.infiltration.org/

--->>>><--------------------------------------------
ALL COnTENtS CopYRIGHT THe SyNdICATE oF LoNdoN & ThE
SoLJO 2004. EMAIL EDiTOR@SoLJO.ORG TO CONTACT.
--->>>><--------------------------------------------
PArT Of ThE SYnDIcaTE OF LONDON PROPaGanDA mAChinE.
---------------------<<<EoF!>>----------------------