==Phrack Magazine== Volume Five, Issue Forty-Six, File 2 of 28 **************************************************************************** Phrack Loopback ------------------------------------------------------------------------------ I'd like to write you about my friends cat. His name is 'Cid. Cid loves reading, in fact he'll read just about anything, from the labels on his cat food tins to the instructions on the "real" use of his Grafix (incense burner :) ). Well one take, 'Cid (or was it me) was indulging in the reason he got his moniker and mentioned that he'd like to receive Phrack. Well i told him he could just subscribe to it and then he went into a real sob story about how he doesn't have net access. So as a favor to 'Cid (who really does exist, and really has tripped out on brain blotters) i'd like to subscribe to Phrack. [You my want to take note that Phrack can also be printed on paper. Now, that's a lot of blotter. You've got your subscription, now go watch some anime.] ------------------------------------------------------------------------------ I recently got a new job and shortly after beginning working there, they decided to retool and reorganize a bit for better productivity. While we were going through some old boxes and stuff, I came across a little black box with the words "Demon Dialer" molded into the front of it, it even had the (functional!) 20volt power supply. Needless to say I was pretty happy with my find. I asked if I could have it and since no one else there seemed to know what to make of it, mine it was! My only problem now... I've played around with it, and it seems to do a lot more than what I originally thought, but the fact of the matter is.. I really haven't the foggiest idea of how to get it to REALLY work for me. If anyone has any information, or better still, actual documentation for a Telephonics Inc, Demon Dialer.. I'd really appreciate passing it on to me. Also, something rater strange. The phone cable attached to it had a normal looking 4-wire connector on one end, but the other was split to have RJ jacks, one with the yellow-black combo and one with the red-green. The split ends (sorry :)) were plugged into the WALL and PHONE jacks on the demon dialer. The purpose for this perplexes me since one's supposed to be input and one's supposed to be a passthrough for the phone to be plugged into. Anyway, any info would be nice. Thanks guys. [Telephonics was one of those odd telco device manufacturers back in the 80's. They made the demon dialer (a speed dialing device), a two-line conference box, a divertor, etc. Essentially, they provided in hardware what the telco's were beginning to roll-out in software. I think the line splitter you have was merely plugged into those two jacks for storage purposes. What that probably was for was to allow two lines to use the Demon Dialer. It was probably just reversed when your company boxed it so it wouldn't get lost. I'm not sure if Telephonics is still in business. A good place to start looking for info would be comp.dcom.telecom or alt.dcom.telecom. Another good place may be Hello Direct (800-HI-HELLO). They used to do have Telephonics equipment available for mail-order.] ------------------------------------------------------------------------------ I saw an ad for a book called "Secrets of a SuperHacker" by Knightmare. Supposedly it intersperses tales of his exploits with code and examples. I have big doubts, but have you heard anything good/bad about it? [Your doubts are well founded. I got an advance copy of that book. Let's put it this way: does any book that contains over a dozen pages of "common passwords" sound like ground breaking material? This book is so like "Out of the Inner Circle" that I almost wanted to believe Knightmare (Dennis Fiery) was really yet another alias for Bill Landreth. Imagine "Out of the Inner Circle" with about a hundred or more extra pages of adjectives and examples that may have been useful years back. The Knightmare I knew, Tom in 602, whose bust by Gail Thackeray gave law enforcement a big buffer of the Black Ice Private BBS and help spark the infamous LOD Hacker Crackdown, certainly didn't have anything to do with this. In fact, the book has a kind of snide tone to it and is so clueless, that leads me to believe it may have been written by a cop or security type person looking to make a quick buck. As far as source code, well, there is a sample basic program that tries to emulate a university login. If you want a good book, go buy "Firewalls and Internet Security" by Cheswick and Bellovin.] ------------------------------------------------------------------------------ Hey Chris, I'm sure you are under a constant avalanche of requests for certain files, so I might as well add to your frustration . I know of a program that supposedly tracks cellular phone frequencies and displays them on a cellmap. However, I don't know the name of the program or (obviously) where to find this little gem. I was wondering if you could possibly enlighten me on a way to acquire a program similar to the one I have described. I have developed some other methods of tracking locations of cellular calls. However my methods rely on a database and manually mapping cellular phones, this method is strictly low tech. Of course this would be for experimental use only, therefore it would not be used to actually track actual, restricted, radio spectrum signals. I wouldn't want the aether Gestapo pummeling our heads and necks. [I don't know of anything that plots frequencies on a cellmap. How would you know the actual locations of cells for whatever city you may be in to plot them accurately? There are a number of programs written to listen to forward channel messages and tell you when a call is going to jump to another channel. The cellular telephone experimenter's kit from Network Wizards has a lot of nice C source that will let you write your own programs that work with their interface to the OKI 900. I suppose you could get the FCC database CD-ROM for your state and make note of longitude and latitude of cell sites and make your own database for your city, and then make a truly visual representation of a cellmap and watch calls move from cell to cell. But I don't think there is such a thing floating around the underground at present. Of course the carriers have this ability, and are more than happy to make it available to Law Enforcement (without a warrant mind you). Hi OJ! email Mark Lottor mw@nw.com for more info about the CTEK.] ------------------------------------------------------------------------------ I saw this in a HoHoCon ad: Top Ten Nark List 1. Traxxter 2. Scott Chasin 3. Chris Goggans 4. Aget Steal 5. Dale Drrew 6. Cliff Stoll 7. [blank] 8. Julio Fernandez 9. Scanman 10. Cori Braun What did Chris Goggans do? Isn't he Erik Bloodaxe, the publisher of Phrack? I sincerely doubt that the feds would have someone working for them that puts out a publication like Phrack. It would be way too much of an embarrassment for them. I wrote to the editor of Phrack when I read that Agent Steal said that the publisher of Phrack was a Fed - IN PHRACK no less. He said it was a stupid rumor. Is there anything to support this fact? And why is there now some manhunt for Agent Steal (at CFP the FBI was checking legs) if Steal was admittedly their employee? The whole thing is very confusing to me. Please explain. If Goggans isn't Bloodaxe then he'd Knight Lightning (this just came to me). Nevertheless, what's the story here? [First off, I think you take things a little too seriously. If you are on a nark hunt, worry about your associates, not people you obviously don't even know. Chris Goggans (ME) is most positively Erik Bloodaxe. Thanks for remembering. Agent Steal was involved with the FBI. This is a fact. In his case, he even appeared to have some kind of immunity while trying to gather information on other hackers like Mitnik and Poulsen. This immunity is under scrutiny by the Bureau's own Internal Affairs (or so the new rumors go), since Steal was pulling a fast one and committing crimes the Bureau didn't know about to get some quick cash while he set up his friends. My story is a bit more convoluted. You can sum it up by saying, if you interfere with my businesses, I'll try my best to track you down and turn you in. I guess I am a nark.] ------------------------------------------------------------------------------ I read in the last Phrack (45) that you wanted someone to write a few words on scrambling systems. Give me a rough outline of what you want and I'll see if I can help :-) Basically I wrote the Black Book (European Scrambling Systems 1,2,3,4,5 and World Satellite TV & Scrambling Methods) and also edit Hack Watch News & Syndicated HackWatch. They all deal with scrambling system hacks as opposed to computer hacking & phreaking. (Things are a bit iffy here as regards phreaking as all calls are logged but the eprom phone cards are easy to hack) Oh yeah and another claim to fame ;-) if you can call it that, is that I was quoted in an article on satellite piracy in "Wired" August issue. This Hawkwind character that you had an article from in Phrack43 sounds like a *real* hacker indeed :-> Actually there is an elite in Ireland but it is mainly concerned with satellite hacking and that Hawkwind character is obviously just a JAFA (Irish hacker expression - Just Another Fu**ing Amateur). Most of the advanced telco stuff is tested in the south of the country as Dublin is not really that important in terms of comms - most of the Atlantic path satellite comms gear and brains are on the south coast :-) Actually the Hawkwind article really pissed off some people here in Ireland - there were a few questions asked on my own bbs (Special Projects +353-51-50143) about this character. I am not even sure if the character is a real hacker or just a wannabe - there were no responses from any of his addresses. SP is sort of like the neutral territory for satellite and cable hacking information in Europe though there are a few US callers. With the way things are going with your new DBS DirecTv system in the US, it looks like the European satellite hackers are going to be supplying a lot of information (DirecTv's security overlay was developed by News Datacom - the developers of the totally hacked VideoCrypt system here in Europe). There telco here uses eprom phone cards. These are extremely easy to hack (well most real hackers in .IE work on breaking satellite scrambling systems that use smart cards) as they are only serial eprom. Regards [About the satellite information: YES! Write the biggest, best article the whole fucking hacker world has ever seen about every aspect of satellite tv!! Personally, I'm more interested in that than anything else anyone could possibly write (seeing as how I'm about to buy a dish for both C and Ku). About Hawkwind's article on hacking in Ireland: If I were to write an article about hacking in America, it would be entirely different than anyone else in America would write. A country is a big place. Just because someone else's hacking experience is different than your own, it's no reason to discredit them. However, if your exposure to the scene in Ireland is so completely different than Hawkwind's, I would LOVE to print it as well.] ------------------------------------------------------------------------------ The Columbus Freenet uses a password generating routine that takes the first and last initial of the user's real name, and inserts it into a randomly chosen template. Some of the templates are: E(f)www5(l) (f)22ww5(l) where f and l are first and last initials (f)2ww97(l) (f)2ww95(l) and so on. There are not too many of these templates, I guess maybe 50. I imagine most people go in and change their password right away, but then again that's what a prudent person would do (so they probably don't). Columbus 2600 meetings: Fungal Mutoid-sysop of The KrackBaby BBS (614-326-3933) organized the first 2600 meetings in Columbus, unfortunately hardly anyone shows up... I don't know why HP is so dead in Central Ohio, but fear and paranoia run rampant. That's all for now...keep up with the good work! R.U.Serius?! [Hmmm...templates are always a bad thing. All one has to do is get the program that generates them, and viola, you've got a pre-made dict file for your crack program. Not very smart on the part of the Freenet, but hacking a Freenet, is like kicking a puppy. I hope more people go to your 2600 meetings. The ones here in Austin kinda died out too. Maybe our cities are just lame.] ------------------------------------------------------------------------------ A complaint: That piece about McDonald's in Phrack 45 was, in a word, LAME. Surely Phrack can do better. Maliciousness for its own sake isn't very interesting and frankly the article didn't have any ideas that a bored 13-year-old couldn't have thought up--probably written by one. That aside, I found some good stuff in there. Some of it was old news, but Phrack serves an archival purpose too, so that was ok. On a more personal note, I could really relate to your account of HoHoCon--not that I was there, just that I have started to feel old lately even though I don't turn 25 for another 2 days :) Sometimes I feel myself saying things like "Why, sonny, when I was your age the Apple II was king..." Keep up the good work, and don't let the lamers get you down. [Thanks for the letter. I personally thought the McDonald's file was a laugh riot. Even if it was juvenile and moronic, I wouldn't expect anyone to analyze it and go through with anything it contained. It was just for fun. Lighten up :) I am glad to see that at least someone else recognizes that Phrack is attempting to serve as an archive of our subculture, rather than just a collection of technical info that will be outdated overnight, or a buglist that will be rendered mostly unusable within hours of release. There is so much going on within the community, and it is becoming such a spectacle in the popular media, that in 20 years, we can all go back and look at Phrack and remember the people, places, and meetings that changed the face of the net. Or maybe I'm just terribly lame, and either 1) refuse to put in the good stuff, 2) don't have access to the good stuff, 3) exist only as a puppet agent of The Man, or 4) Don't know nothin' 'bout Telco! But you know what they say about opinions.] ---------------------------------------------------------------------------- I have a few comments on your editorial in Phrack 44 (on information wants to be free). Thanks for voicing an opinion that is shared by many of us. I am glad to see a public figure in the CuG with nutz enuff to actually come out and make such a statement and mean it. Again, thanks. Now on the subject of hacking as a whole. Is it just me, or are the number of losers on the increase? There have always been those who would try and apply these skills to ripoff scams and system trashing but now that seems to be the sole intent of many of the "hackers" I come into contact with. What ever happened to hacking to learn more about the system. To really hack a system (be it phone, computer), is a test of skill and determination, and upon success you walk away with a greater understanding of the machine and its software. Hacking is more than just knowing how to run crack on a filched password file, or using some exploitation scripts picked up on IRC, it is a quest for knowledge and gaining superiority over a system by use of great skill acquired by a deliberate effort. Once was a time when things like toll fraud (I do miss blue boxes) were a means to an end, now they seem to be the end in itself. Also, I am researching info on OSI comsec procedures and have found some really interesting goodies, if you are interested in publishing my piece when completed, let me know.. [(NOTE: This came from a .mil) Man, I'm glad to see that people in the armed forces still have minds of their own. Not many people would express such a thing openly. Yes, the destructive/profit-motivated trends of many of the hackers of today are pretty sad. But you have to realize, as the technology becomes more and more like consumer electronics, rather than the traditional mold of computer as scientific research tool, an entirely different market segment will be exposed to it and use the technology for less than scrupulous means. Even the act of hacking itself. Today, I can basically gain access to any model of system known to man by asking. I realize that there are many who cannot accomplish such a thing, but with the proliferation of public access sites, almost everyone can afford access to the net to explore and learn. The point comes down to this: if you have an account on a Sun, why do you need an account on a Sun at Boeing, unless you either 1) want to sell the cad files of the 777 to Airbus or McDonnell-Douglas 2) want to get financial information to make a killing on Wall Street, or 3) just want to have an ego boost and say "I OWN BOEING!" Personally, I can understand the ego boost aspect, but I've decided that I'd much rather get paid by a company like Boeing to hack for them than against them. I don't want to sell anyone's info, so hacking into any company is basically useless to me, unless they are paying me to look for potential weaknesses. Granted, it's not an easy market to get into, but it's a goal to shoot for. And for those who find it impossible to quit due to fear of losing their edge, check out my editorial in this issue for a possible solution.] ------------------------------------------------------------------------------ I am looking for a Macintosh app that does the same thing as an app called "Demon Dial" that has been lost in the annals of software history due to the fact that some people (sysops) question whether it is illegal software (it dials up a series of phone #'s looking for data connections). Do you know where I could find an application for the Mac that does this simple function? [We had a guy ask in an earlier issue for Macintosh hacking/phreaking apps. Noone responded. Hell, I know SOMEONE has to use a Mac out there. Are you Mac-weenies all embarrassed to speak up? Hell, uuencode and email me your aps, and I'll put them up for ftp! Help out your poor fellow Macintosh users. I certainly would if I could, but the thought of touching a Mac gives me the chills.] ------------------------------------------------------------------------------ Have you ever heard of being denied access to your own cell phone? I am currently in the process of buying a cell phone and was informed that I COULD NOT have the programming guide of the security code they enter to program my phone. In my opinion the key word is "MY." If I get a digital security system for my house you better damn well figure I will have the security codes for that. The phone was a Motorola flip phone. I called Motorola and explained how displeased I was with this company and they said they could not interfere with a reps. policy. When I was selling car phone we kept the programming guide unless they asked for it. I demanded it and they laughed in my face. Who said "the customer is always right" anyway? Thanks, any info is greatly appreciated. By the way, you wouldn't happen to have the CN/A number for 815 would you? Also, any ANAC would be very helpful. [Well, I hate to say it, but you got typical service from your cellular agent. Let's face it, these sales reps probably knew about as much about that programming manual as I do nuclear physics: "Its confusing, but if you understand it, you can fuck things up." I am surprised that Motorola wouldn't sell you the book though. Motorola will sell anybody anything. You probably called the wrong place. Moto is so huge they've got multiple groups working on somewhat similar technologies with absolutely no communication between the groups. Sometimes they are in different countries, but sometimes they are in the same city! I would suggest you call a local FAE (Field Applications Engineer) and get them to get the book for you. Make up some story about working on some computer controlled application with the phone, and that you need any and all documentation on the phone. They'll do it. Money is money. As far as the 815 CNA, hell, just call the business office. I haven't called a CNA in years, only the business office. They are nice people. And no PINs. 815 ANAC: ok guys, someone must have one...email it! "The customer is always right" wasn't in Bartlett's or Columbia's books of famous quotations. I guess that phrase has been written out of out history. So, from now on you aren't always right, I guess.] ------------------------------------------------------------------------------ Dear Phrack: We want you! We want you to be a part of our cutting edge documentary that is traversing across the "NEW EDGE" of computers, culture, and chaos. Working in conjunction with Douglas Rushkoff, the best selling author of "CYBERIA," we are currently gathering together the leaders of this technological and cultural revolution. This is not a documentary in the traditional sense of the word. It is more of an exploration, a journey, a unique vision of the world as seen through the eyes of those who live on the bleeding edge; where technology, art, science, music, pleasure, and new thoughts collide. A place people like you and me like to call home. "New Edge" will deliver a slice of creativity, insanity, and infallibility, and feed those who are hungry for more than what Main Street USA has to offer. This project will detonate across the US and around the world. It will become the who's who of the new frontier and you belong on it's illustrious list of futurians. Please look over the enclosed press release description of the project. Phrack has long been the ultimate source for hack/phreak info, and helped to push the limits of free speech and information. The role that Phrack has played in the Steve Jackson Games Case set an important precedent for CyberLaw. We will also be interviewing several people from the EFF. Please call me ASAP to schedule an interview for "New Edge", or send me E-Mail. Sincerely, Todd LeValley Producer, N E W E D G E (310) 545-8138 Tel/Fax belief@eworld.com W E L C O M E T O T H E W O R L D O N T H E E D G E O F T H E F U T U R E W E L C O M E T O T H E N E W E D G E -the documentary- T h e O r g a n i z a t i o n Belief Productions in association with Film Forum. T h e M i s s i o n Journey through the labyrinth of cyberia and experience the people, places and philosophy that construct cyberspace and the shores of the technological frontier. This fast paced visual voyage through the digital revolution will feature interviews with the innovators, artists, cyberpunks, and visionaries from all sides of the planet. These specialists are the futurists who are engineering our cybergenic tomorrow in laboratories today. Along the way we will investigate the numerous social and political issues which are cropping up as each foot of fiber optic cable is laid. Artificial intelligence, the Internet, nanotechnology, interactive media, computer viruses, electronic music, and virtual reality are just a few of the many nodes our journey will explore. T h e F u n d i n g This exploration is sponsored in part by a grant from The Annenberg Foundation in association with the LA based non-profit cutting-edge media group Film Forum. T h e P r o c e s s The New Edge project will capture moving images with a variety of input devices and then assemble them into one fluid documentary using Apple Macintosh Quadras & PowerMac computers. The post production work will be done entirely on the computers using the Radius Video Vision Telecast Board in conjunction with Quicktime software applications such as Adobe Premiere 4.0 and CoSA After Effects 2.01. The final piece will be recorded to BETACAM SP videotape for exhibition and distribution. The capture formats for the project will include: BETACAM SP, Super VHS, Hi-8, 16MM Film, Super-8 Film, 35MM Stills, and the Fisher Price Pixelvision 2000. T h e R e s u l t s New Edge will pride itself on an innovative visual and aural style which before today, could only be created on high-end professional video systems and only for short format spots. The New Edge documentary will be two hours in length and will have a dense, layered look previously featured only in much shorter pieces. New Edge will be a showcase piece not only for the content contained within, but for the way in which the piece was produced. It will be a spectacular tribute to the products and technology involved in its creation. D i s t r i b u t i o n Direct Cinema - Distributes videos to Libraries, Schools, and Universities throughout the United States. Mico Entertainment/NHK Enterprises - Provider of American programming for Japanese Television. Labyrinth Media Ltd. - European reality-based documentary distributor T h e A u d i e n c e New Edge is aimed at both the technophiles and technophobes alike. While the show will feature very complex and sophisticated topics, the discussions will be structured to appeal to both those who do and do not have the technical framework that underlines the cyberian movement. The show's content and style will make it readily available to the MTV and Generation X demographic groups as well as executives who want to stay on top of the latest technological advances. Individuals who read Mondo 2000 and Wired magazine will also naturally latch on to this electronic presentation of their favorite topics. T h e G u i d e s Mike Goedecke - Director/Graphic Designer Mike was the Writer/Director/Cinematographer for the Interplay CD-ROM game entitled Sim City. Acting as graphic designer for the Voyager Co.- Criterion Laser Disc Division his work is featured on titles such as: Akira, DEVO-The Truth About De-Evolution, The Adventures of Baron Munchausen, and Spartacus. Most recently he collaborated with Los Angeles Video Artist Art Nomura on a video installation piece entitled Digital Mandala. The piece was edited, composited , and mastered to Laser Disc using an Apple Macintosh Computer and off-the-shelf software. The installation is scheduled to tour museums and art galleries across the United States and Europe. While attending Cinema/Television Graduate School at the University of Southern California, Mike directed the award winning documentary short Rhythm, which celebrates various musical cultures. Todd LeValley - Producer/Graphic Designer Todd is the Producer/Director of CyberCulture: Visions From The New Edge, a documentary that introduces the electronic underground. This project has been warmly received at numerous "Cyber Festivals" around the country, as well as at the Director's Guild Of America, and is currently being distributed by FringeWare Inc. Todd's commercial experience includes being the in-house graphic designer for Barbour/Langley Productions designing, compositing, and producing the graphic packages for several 20th Century Fox Television pilots and The Sci-Fi Trader for the USA Network/Sci-Fi Channel. Todd is a graduate of the Cinema/Television program at Loyola Marymount University. Jeff Runyan - Cinematographer/Editor Jeff received an MFA from the University of Southern California's Graduate School of Cinema/Television with an emphasis in cinematography and editing. He studied cinematography under the guidance of Woody Omens, ASC. and Earl Rath, ASC., and editing with Edward Dmytryk. Jeff was the cinematographer on the award wining documentary Rhythm. He has recently completed shooting and editing a documentary on Academy Award winning Cinematographer Conrad Hall for the ASC and has just finished directing a short film for USC Teleproductions. Douglas Rushkoff - Cyber Consultant/Author Douglas is the author of the best selling Harper Collins San Francisco novel, Cyberia. He spent two years of his life living among the key players in the cyber universe. Douglas knows the New Edge well and is providing us with the map to its points of interest, rest stops and travelers. For more information, please contact: Todd LeValley, Producer Belief Productions (310) 545-8138 belief@eworld.com [Dear New Edge: You have got to be kidding me. "Readers of Wired and Mondo 2000 will naturally latch on to this electronic presentation of their favorite topics?" Aren't we awful fucking high on ourselves? Christ. Mondo & Wired readers and writers (and stars) are themselves so fucking far removed from the real meat of the underground, that they wouldn't even be able to relate to it. Obviously this "documentary" is going to be aimed at the wannabes who sit at home furiously masturbating to "Cyborgasm" while installing FRACTINT, being very careful not to soil their copy of "The Hacker Crackdown." Oh joy. These guys are so fucking out of it, they sent me two letters. One addressed to Phrack, the other to Phrack / Emmanuel Goldstein. Maybe they think we're 2600. CYBER-COUNT: 12 occurrences. That's kind of low. I'm surprised your public relations people didn't have you add in a few more cyber-this's or cyber-that's into the blurb. Gotta keep that cyber-count high if you want to get those digi-bucks out of those cyberians! CYBER!!! Read my review of Cyberia guys...find a new pop-fad to milk for cash.] ------------------------------------------------------------------------------ In less than 3 weeks, I will be leaving for Basic Training. Once out of there, I will be working on Satellite Data Transmissions for the US Army. I am highly excited, just waiting to see what type of computers I will be working on. Anyways, I will be enrolled in a 32-week accelerated technical class teaching me all about satellites, and the computers that I will be using. Here's the kick. I'll be writing a series of Tech Journals detailing the workings/operations of/weaknesses, and the use of the systems. I was wondering if you would be interested in carrying these. I've read Phrack for a long time, but it is an off the wall subject. I'll also be playing with the military phone system, in hopes of finding out what the ABCD tones do. (I heard from a file that Military phones utilize them but I'm still a civilian, and am clueless). Thanks for keeping me informed Kalisti! [Sorry to hear about your impending Basic Training. I'm not big on the military, as they would make me chop off all my hair. About the Satellite systems: YES If you do indeed find time to write up any files on how they work, systems involved, weaknesses, etc. I'D LOVE TO PRINT THAT! Just make sure you don't blow your clearance. Satellites are very cool. I'm about to buy a Ku Band disk to do some packet radio type stuff. A bit low-tech compared to the Army, but hell, I'm on a budget. ABCD...they are used for prioritizing calls on AUTOVON. FTS doesn't use them (I think), and they can only be used on certain lines. They are: A = priority B = priority override C = flash D = flash override For instance, if you want to make it known that this is an important call, you hit the "a" button before dialing. It establishes a priority-class call, which may cause a light to come on or something as equally attention grabbing at the called party's end. Priority calls cannot be interrupted, except by a Priority Override" etc, with Flash Override being the highest class. If you do these from an improper line, you will get an error message. The one I used to get when BS'ing AUTOVON op's long ago was "The President's use of this line is not authorized." Funny. Let me know if any of this is still valid.] ------------------------------------------------------------------------------ Dear Phrack, The following is a copy of a Toneloc found file my friend got. As happens to my friend a lot the numbers aren't valid. But, you'll see he found at least one System 75. It appears that the 75 had a tracer installed on it already. My friend did not get a call back on it, and nothing has been done as far as we know. But, I still wonder -- Is scanning no longer safe? Castor [612] 56X-XXXX 22:57:34 03-Apr-94 C CONNECT 1200 Login: b Password: INCORRECT LOGIN Login: c Password: INCORRECT LOGIN 56X-XXXX 23:04:12 03-Apr-94 C CONNECT 1200 c Unknown command error Ready d Unknown command error Ready e Unknown command error Ready b Unknown command error Ready 56X-XXXX 23:49:19 03-Apr-94 C CONNECT 1200 KEYBOARD LOCKED, WAIT FOR LOGIN [1;24r [1;1H [0J Login: b Password: INCORRECT LOGIN 56X-XXXX 01:23:28 04-Apr-94 C CONNECT 1200 Login: b Password: INCORRECT LOGIN Call traced to 612-XXX-XXXX. Saving number in security log for further investigation. [Jeez. That sure does suck. Well, live and learn kiddoes. 1994 is not the time to be hacking by direct dialing local numbers. It's just not all that smart. Caller-ID has been tariffed in a lot of RBOCS. A lot of modem manufacturers implemented caller-id features into their equipment. Having these features in the equipment means that it won't be long before people redesign all their login programs to make use of these features. I would. I've got an ISDN line. Every time I call out, the SPID (phone number) of the B channel I'm using is broadcast. There is nothing I can do about that. On a remote connection, almost all decent ISDN terminal adaptors have the option to block any SPID they don't know. They won't even answer the phone, because they receive and interpret the phone number before any session is established. Yeah, well, that's ISDN, but it will not take a genius to do a few quick hacks on some linux box and we will suddenly be inundated with all kinds of "security packages" that use modems with Caller-ID. Yeah, I know, *67 (or whatever it is) to block the data, or route the call through another carrier so the data won't get passed (10288-NXX-XXXX). The data is still in the system, just not being transmitted from the switch out to the party being called. It amazes me how many really smart people I know have been busted solely because they were hacking local systems and calling them directly. Scanning has always been a very tricky subject. Since you are paying for a phone line, and if you have flat-rate service, you are thereby entitled to call as many numbers as you want. The big issue a while back was dialing sequentially (which set some telcos on a rampage because call usage patterns looked like telemarketing machines). The other problem is harassment. One call to an individual is a wrong number. Two is bordering on harassment. So, doing a complete scan and calling the carriers back through some other method would be a fairly good idea. And always have your calls forwarded to a non-working number so the 5,000 assholes who call-return you during the scan won't interfere. If you are lucky enough to live in the boonies, you are probably still somewhat safe, but everyone else...be careful.] ------------------------------------------------------------------------------ Phrack- I was wondering if anyone has ever done an article on breaking Novell Network through a workstation. I've heard it can be done through the SysAdmin computer, but is there a way to find the userlist and passwords? Also how would I go about cleaning up after myself so as to not leave a trace on the logs. I would appreciate a way other than screen capture, but if anyone knows of a good boot record booting program to do a capture of every key typed that would be great, and maybe it could be uuencoded in the next Phrack! Thanks again for making the best, ass kickin', a step above the rest, brain moving, earth shaking, body shivering, fist shaking, totally bitchin', muy excelente, awesome H/P magazine in the whole world! :) Sincerely, The Warden [Thanks for the compliments... About your question though, I'm not quite sure what you mean. In a NetWare environment there really isn't any userlist and passwords that you can get at. You can run the syscon utility and look at all the usernames, but not much more. The passwords are stored in what's known as the "bindery." These are 3 files in the sys/system directory called NET$OBJ.SYS, NET$VAL.SYS, and NET$PROP.SYS. If you can pull a password out of those files, I will shit in my hat and eat it. Beyond that, yes, a key-capture program is definitely the ideal solution for monitoring activity on a PC workstation. There is one in this issue.] ------------------------------------------------------------------------------ Hi, I've Been reading your magazine for a long time now, my eyes light up when I see an advert for a UK BBS with related hacking/phreaking articles or files on it, but when I try to ring them they are usually gone. I've been searching for ages for BBS's in the UK with these kind of articles on them but I've had no luck, Even postings on the USENET had little results. I have had a few boards which are shady but they ask unusual questions about abiding to rules/laws about hacking then they prompt with fake login and registration schemes. If you have some, could you possibly send or publish a list of shady UK BBS's Id be extremely grateful Cheers, Steven [Steven: Hell, I don't even know the numbers to any "shady" bulletin boards here in America. The only UK hacker bbs I knew of in recent years was Unauthorised Access, but I'm sure that's the advert you are referring to. Maybe someone else in the UK knows something decent to call over there. Any takers? ] ------------------------------------------------------------------------------ [THE GRADY FILES] Many of you may remember the NSA Security Manual we published last issue. That single file generated more press and hype than I'd seen in a long time. It was mentioned in several newspapers, it appeared on television. It was ridiculous. The document is available to anyone who can fill out a FIOA request. Regardless, people went zany. At first I couldn't figure out why everyone was so worked up, and then I caught wind of Grady Ward. Grady had posted the document to the net (with all mention of Phrack deleted from it) in several USENET forums alt.politics.org.nsa, talk.politics.crypto and comp.org.eff.talk. Several readers of Phrack were quick to jump up and point out that Grady had obtained it from the magazine (thanks guys!) which he grudgingly admitted. Grady got to be in the spotlight for a while as the Phrack/NSA Handbook thread continued to grow. In the meantime, Grady was either calling, or giving him the benefit of the doubt, getting called by an awful lot of press. And even more compelling is the way he'd began pronouncing my impending federal raid on so many newsgroups. And of course, I don't have time to read any of that USENET crap so I'm oblivious to all of this. Then I got a message from Grady. [GRADY WRITES] You might want to get ready for the FBI serving a warrant on you for information about the NSA security employee manual published in Phrack 45; the NSA security people called me about 10 minutes ago to talk about how it got on the net. I being very cooperative, gave him your address in Austin. Grady 707-826-7715 [I REPLY] Get a grip. Nothing that was contained in that file could not be obtained through other sources. [GRADY REPLIES] Just because you did nothing illegal, doesn't mean that you won't be annoyed by the FBI. Generally they will be very polite however. Gripping. Now what? [I REPLY] Ok, If someone actually did contact you, what was his name and number. I will forward that to my lawyer. [GRADY REPLIES] I have received your mail regarding "Re: NSA" It will be read immediately when I return. If you are seeking more information on the Moby lexical databases, please run finger grady@netcom.com for general information or help downloading live samples and a postscript version of our current brochure via anonymous ftp. Thanks - Grady Ward ------------------- He never answered my mail. ------------------------------------------------------------------------------ Dear Sir: Please refrain from sending such material to this address in the future! Since this address has been usubscribed from the Phrack mailing list, it means that further mailings are undesirable. I would also wish to remind you that maintaining lists of people's email without consent is quite immoral and devious. How hypocritical of you, who decry all such behavior when it is practiced by corporations or governments. Thank you. robbie@mundoe.maths.mu.oz.au [PHRACK EDITOR ABUSES POWER: Dear Sir: Please excuse the mailing. Have you ever heard of a mistake? Have you ever heard of an oversight? Is it really that much of an inconvenience for you to hit the "d" key to remove one small piece of unwanted mail? This being said, I would also like to invite you to go fuck yourself. ** I guess this guy does not like to get unsolicited mail **] ------------------------------------------------------------------------------ You people really piss me off! You're undermining the fun and enjoyment of the rest of the internet users just for your juvenile games and illegal activities. Do you realize how much better off we'd be if you all just went away and left the Net to honest people like me? There is no place in today's society for a bunch of maladjusted paranoid psychotics like yourselves. Please do all of us users a favor and go jump in a river. Kevin Barnes kebar@netcom.com [ABUSE OF POWER CONTINUES...WILL ERIKB EVER STOP? Hey Keith: Thanks a lot for the letter! You know, it does my heart good to hear from such kind and caring folks like yourself. It's so fortunate for the Internet that there are people like yourself who take it upon themselves to become martyrs for their causes and express their ideals in such an intelligent manner. It's fascinating to me that you can send such email sight-unseen. Do you know who you are writing to? Do you even have the slightest idea? What do you hope to accomplish? Do you have any idea? This particular "maladjusted paranoid psychotic" to whom you have so eloquently addressed is an engineer in the R&D of a Fortune 500 computer company, and that along with outside consulting will net me about six-figures this tax year. I've consulted for telephone companies, governments, aerospace, financial institutions, oil companies (the list goes on...) and quite frankly I don't do anything even remotely illegal. In fact, one recent and quite prominent quote from me was "I only hack for money." Now, about the silent majority of "honest people" like yourself that you have so self-rightously chosen to represent... I've been using the net since the early 80's (arpa-days) initially through a rms granted guest account on MIT-OZ. I've continued to work with other Internet Providers to cover the asses of the so-called "honest people" of which you include yourself. Now, in my view, if it were not for people like us, who consistently expose and pinpoint weaknesses in the operating systems and networking technologies that you use for your "fun and enjoyment" and that I use for MY JOB, you would continue to be at serious risk. But, perhaps ignorance is truly bliss, and if so, then Keith, you are probably one of the happiest people on this fine planet. Now, per your request, I may just go jump in a river, as the one near my house is quite nice, and it is almost 100 degrees here in Texas. I only ask that you do me one small favor: print out 500 copies of this letter, roll them up into a paper fist, and shove them into any orifice on your person that meets your criteria as deserving. ** I guess this guy doesn't like me...or you ** EDITORIAL ABUSE ENDS] ----------------------------------------------------------------------------- ==Phrack Magazine== Volume Five, Issue Forty-Six, File 2a of 28 **************************************************************************** Phrack Editorial If you aren't from America, this editorial really isn't meant for you, so read on with warning, or go on to the next file. ----------------------------------------------------------------------------- Stupid hackers. We've got to do something to clean up our image. We truly are "America's Most Valuable Resource," as ex-CIA spook Robert Steele has said so many times. But if we don't stop screwing over our own countrymen, we will never be looked at as anything more than common gutter trash. Hacking computers for the sole purpose of collecting systems like space-age baseball cards is stupid, pointless and can only lead to a quick trip up the river. Obviously, no one is going to stop hacking. I've been lucky in that I've found people willing to pay me to hack for them rather than against them, but not everyone can score such a coup. What kind of alternative can the rest of the community have? Let's say that everyone was given an opportunity to hack without any worry of prosecution with free access to a safe system to hack from, with the only catch being that you could not hack certain systems. Military, government, financial, commercial and university systems would all still be fair game. Every operating system, every application, every network type all open to your curious minds. Would this be a good alternative? Could you follow a few simple guidelines for the offer of virtually unlimited hacking with no worry of governmental interference? Where am I going with this? Right now we are at war. You may not realize it, but we all feel the implications of this war, because it's a war with no allies, and enormous stakes. It's a war of economics. The very countries that shake our hands over the conference tables of NATO and the United Nations are picking our pockets. Whether it be the blatant theft of American R&D by Japanese firms, or the clandestine and governmentally-sanctioned bugging of Air France first-class seating, or the cloak-and-dagger hacking of the SWIFT network by the German BND's Project Rahab, America is getting fucked. Every country on the planet is coming at us. Let's face it, we are the leaders in everything. Period. Every important discovery in this century has been by an American or by an American company. Certainly other countries have better profited by our discoveries, but nonetheless, we are the world's think-tank. So, is it fair that we keep getting shafted by these so-called "allies?" Is it fair that we sit idly by, like some old hound too lazy to scratch at the ticks sucking out our life's blood by the gallon? Hell no. Let's say that an enterprising group of computer hackers decided to strike back. Using equipment bought legally, using network connections obtained and paid for legally, and making sure that all usage was tracked and paid for, this same group began a systematic attack of foreign computers. Then, upon having gained access, gave any and all information obtained to American corporations and the Federal government. What laws would be broken? Federal Computer Crime Statutes specifically target so-called "Federal Interest Computers." (ie: banks, telecommunications, military, etc.) Since these attacks would involve foreign systems, those statutes would not apply. If all calls and network connections were promptly paid for, no toll-fraud or other communications related laws would apply. International law is so muddled that the chances of getting extradited by a country like France for breaking into systems in Paris from Albuquerque is slim at best. Even more slim when factoring in that the information gained was given to the CIA and American corporations. Every hacking case involving international breakins has been tried and convicted based on other crimes. Although the media may spray headlines like "Dutch Hackers Invade Internet" or "German Hackers Raid NASA," those hackers were tried for breaking into systems within THEIR OWN COUNTRIES...not somewhere else. 8lgm in England got press for hacking world-wide, but got nailed hacking locally. Australia's Realm Hackers: Phoenix, Electron & Nom hacked almost exclusively other countries, but use of AT&T calling cards rather than Australian Telecom got them a charge of defrauding the Australian government. Dutch hacker RGB got huge press hacking a US military site and creating a "dquayle" account, but got nailed while hacking a local university. The list goes on and on. I asked several people about the workability of my proposal. Most seemed to concur that it was highly unlikely that anyone would have to fear any action by American law enforcement, or of extradition to foreign soil to face charges there. The most likely form of retribution would be eradication by agents of that government. (Can you say, "Hagbard?") Well, I'm willing to take that chance, but only after I get further information from as many different sources as I can. I'm not looking for anyone to condone these actions, nor to finance them. I'm only interested in any possible legal action that may interfere with my freedom. I'm drafting a letter that will be sent to as many different people as possible to gather a fully-formed opinion on the possible legal ramifications of such an undertaking. The letter will be sent to the FBI, SS, CIA, NSA, NRO, Joint Chiefs, National Security Council, Congress, Armed Forces, members of local and state police forces, lawyers, professors, security professionals, and anyone else I can think of. Their answers will help fully form my decision, and perhaps if I pass along their answers, will help influence other American hackers. We must take the offensive, and attack the electronic borders of other countries as vigorously as they attack us, if not more so. This is indeed a war, and America must not lose. ->Erik Bloodaxe...Hacker...American. --------------------------- Ok, so maybe that was a bit much. But any excuse to hack without fear should be reason enough to exert a bit of Nationalism. I'd much rather be taken out by the French in some covert operation and go out a martyr, than catch AIDS after being raped by the Texas Syndicate in the metal shop of some Federal Prison. Wouldn't you?