💾 Archived View for gemini.spam.works › mirrors › textfiles › messages › phoenix1.msg captured on 2020-10-31 at 16:54:01.
View Raw
More Information
-=-=-=-=-=-=-
*** {Phoenix Project BBS Message Base File 1 of 3} ***
_____________________________________________________________________________
Copyright (C) 1993 LOD Communications. No part of this Work may be
distributed or reproduced, electronically or otherwise, in part or in
whole, without express written permission from LOD Communications
_____________________________________________________________________________
Phoenix Project BBS Message Base File Table of Contents
I. General Remarks About the BBS Message Base Files (File 1)
II. Phoenix Project BBS Pro-Phile by Erik Bloodaxe (co-sysop) (File 1)
III. Messages from the First Incarnation of the Phoenix Project:
100 Messages from the Packet Switched Networks Sub-Board (File 1)
58 Messages from the General Discussion Sub-Board (File 1)
39 Messages from the 'Instructor' Sub-Board (File 1)
IV. Some G-Philes written by the sysop, The Mentor: (File 1)
1. The Conscience of a Hacker (aka The Hacker's Manifesto)
2. A Novice's Guide to Hacking (1989 Edition)
3. A Multi-User Chat Program for DEC-10's
4. DCL Utilities for VMS Hackers
V. Messages from the Second Incarnation of the Phoenix Project:
132 Messages from the General Discussion Sub-Board (File 2)
26 Messages from the 'We the People' Sub-Board (File 2)
77 Messages from the Basic Telecom Sub-Board (File 2)
58 Messages from the Hacking Sub-Board (File 2)
46 Messages from the Phone Company Sub-Board (File 2)
80 Messages from the SprintNet Packet Network Sub-Board (File 2)
49 Messages from the BT Tymnet Sub-Board (File 2)
31 Messages from the Internet Sub-Board (File 3)
60 Messages from the Other Packet Networks Sub-Board (File 3)
69 Messages from the UNIX Sub-Board (File 3)
18 Messages from the VAX/VMS Sub-Board (File 3)
28 Messages from the Primos Sub-Board (File 3)
41 Messages from the HP-3000 Sub-Board (File 3)
42 Messages from the Other Operating Systems Sub-Board (File 3)
27 Messages from the Programming Sub-Board (File 3)
27 Messages from the Social Engineering Sub-Board (File 3)
72 Messages from the Electronic Banking Sub-Board (File 3)
32 Messages from the Radio & Electronics Sub-Board (File 3)
11 Messages from the PC's Sub-Board (File 3)
35 Messages from the Altered States Sub-Board (File 3)
59 Messages from the Security Personnel Sub-Board (File 3)
59 Messages from the Phrack Sub-Board (File 3)
49 Messages from the 'Friends of the Family' PVT Sub-Board (File 3)
VI. Directory of Downloadable Files Online (2nd Incarnation) (File 3)
1325 Messages Total
_____________________________________________________________________________
*** {General Remarks About the BBS Message Base Files} ***
The following paragraphs are contained within each BBS Message Base File.
The information will help those unfamiliar with some of the terminology and
format of the Hack/Phreak BBS's and their message bases to better understand
them and the general organization of this File.
While perusing through the following messages you may notice that the
message numbers are not always sequential. However, the dates that the
messages posted should be in chronological order. The reason for this is that
during the time that most of these Boards operated, the computer systems had
fractions of the disk drive capacity of those today. Therefore, it became
necessary to delete old messages, usually automatically, when a specified
number of messages were posted or when the disk became full. A renumbering of
the messages would then follow. It is entirely possible for two individuals to
have downloaded the same message with different message numbers if one person
called before a message base renumbering, and one called after. Nevertheless
the post date should be the same.
Users of these bulletin boards typically called them on an irregular basis
and although every effort has been made to compile a complete set of messages
posted on a specific BBS, there usually are gaps in the collection. Some gaps
in dates are due to the system being offline for various reasons and therefore
no messages are missing and some gaps are due to a lack of availability.
Finding someone who still has bbs messages from years ago (and in some cases a
decade ago) is quite a challenge! Additional messages may materialize in the
future which can be integrated into the current set. The price of this
particular message collection is based on the following factors: number of
years ago the BBS operated, its popularity, whether the bbs or portions
thereof were deemed "Elite" and therefore restricted access to but a small
number of users, the quality of messages, and the total number of messages
compiled.
For those BBS's that operated in the period from 1983 to 1985, it should be
noted that the majority of the users were typically in the 15-18 year old age
range. This is sometimes obvious due to the message content. One thing that is
interesting however, is to note the progression of certain individuals over a
length of time with respect to the knowledge they had acquired (and therefore
the quality of their posted messages) and how they became more responsible and
mature in later years.
One of the difficulties encountered during the organization of the many
small files that went into some message bases was determining which Sub-Board
the messages were from. For those unfamiliar with the term "sub-board" a
description follows. Sub-boards of the main BBS were smaller more specialized
portions of the system. Many hacker BBS's had only a Main board, others had a
number of sub-boards in addition to the main message base. The reasons for
having sub-boards were twofold:
1) To allow users to focus on certain topics such as Packet Switching
Networks, the Unix Operating System, etc. as opposed to mixing messages about
all these topics together in one 'place' which is confusing.
2) To allow a smaller sub-set of users to access higher level topics and
discussions.
Sub-boards allowed the system operator to maintain some level of security
by allowing those "worthy" either in trust, knowledge, or both; access to more
sensitive information which the general user population either was not
interested in, or was not deemed responsible enough to see. For those systems
that had sub-boards for which we have messages from, the sub-boards are
labeled and separated from each other by a line.
The purpose of these Underground Bulletin Board Systems was to disseminate
and trade a variety of typically illicit information. Many times the
information was simply of a how-to nature or of some technical aspects of how
a certain technology (typically telephone switching and computer systems)
worked. However out-and-out illegal information such as long distance access
codes and passwords to various computer systems were posted especially on the
BBS's in operation before 1986. Under the advice of the appropriate computer
civil liberties organizations along with actual legal counsel from practicing
attorneys, messages were minimally edited to eliminate the possibility of long
distance access codes, phone numbers, or computer passwords being currently
valid. Except for these specific cases and the few times where text was
garbled during download of the messages (line noise many years ago) and/or
during our recovery operation, the messages were left as is, spelling errors,
offensive language, inaccuracies of various kinds, and ALL.
A compact listing of users (ie: The Userlist) sometimes accompanies the BBS
Message Base and if present is located near the end of this File. The userlist
of most board's were quite dynamic as users came and went for various reasons.
Some BBS's would automatically delete users who did not log on for a specified
period of time. The listing that may be contained herein was downloaded at an
unspecified date in time. Therefore some users who were on the system either
before or after the list was obtained may not be shown.
Any comments in squiggly brackets and asterisks: *** {} *** were made by
LODCOM to inform you of any changes within the message base of interest such
as a change in sub-board. Therefore, these comments were not present on the
actual Bulletin Board at the time of download. It is hoped you will enjoy the
following messages which are presented solely for informational, educational,
and historical purposes only. LOD Communications takes no responsibility
whatever for the content or use (abuse) of posted messages nor
hacking/phreaking "G-Philes" (if present these are located at the end of this
file) included in this Work.
FINAL NOTE: As shown above, this Work is COPYRIGHTED (C) 1993 by LOD
Communications. A tremendous amount of time and effort has been involved by
many parties to collect, transfer or type from printouts, organize, splice,
etc. the following collection of BBS Message Base, Userlist, and G-philes.
It is sometimes difficult for people today to realize that years ago you could
not call up a hacker BBS using 8MB RAM systems with 14.4 KiloBaud modems and
250 MegaByte hard drives and download everything on said BBS in minutes. Most
of those who donated messages to this effort used systems with 64 KB main
memory, 300 or maybe 1200 baud modems, and 143K disk drives. File sizes were
typically 15 KB or less due to memory constraints among other things.
Therefore one can begin to appreciate the magnitude of this undertaking.
Not to mention the many BBS Pro-Philes (explained next) which were written and
required time and phone calls to track down Sysops and others who were aware
of the various tid-bits of background information for each BBS. The principals
involved in the project are all quite busy in their respective pursuits of
work and/or college and had to make a commitment to donate any spare time they
had (have) to this venture. It has been a long road and we are not at the end
of it yet.
Not everyone will abide by United States Copyright Law, however it is our
hope that those who agree that Lodcom:
1) Is providing a service that requires a significant amount of time and
monetary resources to get to this point and to proceed.
2) Is helping to provide a better understanding of certain portions of
Cyberspace and its community.
3) Is charging reasonable prices for the initial gathering, organization,
and presentation of the information and to cover the costs for
diskettes, mailing containers, postage, and time to fill orders.
will 'do the right thing' which will allow Lodcom to continue to document the
History of the Computer Underground. Without your understanding and support,
this effort may not be able to sustain itself long enough to complete the
project. End plea.
For most files, you will next see, the "BBS Pro-Phile". This is a few
paragraph description providing little known and historical information about
the particular BBS. The BBS Pro-Phile was either written by LODCOM or someone
affiliated with the System itself, usually the SYSOP(s) (System Operator).
Many people helped contribute the very interesting and informative BBS Pro-
Phile specifically for this project. Thus, the following description was not
present on the original BBS System and can only be found in these Files:
_____________________________________________________________________________
*** {The Phoenix Project BBS Pro-Phile} ***
The Phoenix Project
(Excerpt from PHRACK, 1988)
Just what is "The Phoenix Project?"
Definition: Phoenix (fe/niks), n. A unique mythical bird of great beauty
fabled to live 500 or 600 years, to burn itself to death,
and to rise from its ashes in the freshness of youth, and
live through another life cycle.
Project (proj/ekt), n. Something that is contemplated, devised,
or planned. A large or major undertaking. A long term
assignment.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Why is "The Phoenix Project?"
On June 1, 1987 Metal Shop Private went down seemingly forever with no
possible return in sight, but the ideals and the community that formed the
famous center of learning lived on. On June 19-21, 1987 the phreak/hack world
experienced SummerCon'87, an event that brought much of the community together
whether physically appearing at the convention or in spirit. On July 22, 1987
the phreak/hack community was devastated by a nationwide attack from all forms
of security and law enforcement agencies...thus setting in motion the end of
the community as we knew it. Despite the events of July 22, 1987, PartyCon'87
was held on schedule on July 26-28, 1987 as the apparent final gathering of
the continent's last remaining free hackers, unknown to them the world they
sought to protect was already obliterated. As of August 1, 1987 all of the
original members and staff of the Metal Shop Triad and Phrack Inc. had decided
to bail out in the hopes that they could return one day when all would be as
before...
THAT DAY HAS COME...
A new millennium is beginning and it all starts on July 22, 1988. How fitting
that the One year anniversary of the destruction of the phreak/hack community
should coincidentally serve as the day of its rebirth.
(End Excerpt)
-----------------------------------------------------------------------------
The Phoenix Project was probably one of the most famous hacker bulletin
boards in the history of the underground.
The format of the BBS sparked what would become a trend in future
hacker BBSes. No illegal information would be tolerated, IE: no codes,
passwords, cards, etc... just general information about items of
interest to computer and telephone enthusiasts. Even with such a
seemingly large limitation, the board hosted hundreds of users and had
the most active message bases in the world.
Another first for the Phoenix Project was the open invitation to
any and all security officials. This open door policy provided
the first real forum for hackers and security to freely quiz each other
about why they do the things they do. Security from many telco-entities
such as NYNEX, AT&T, Bellcore and Sprint as well as Federal Agents
participated openly in discussions with hackers, and through this
interaction, both sides gained a great deal of understanding.
The Phoenix Project went through two basic incarnations, the first
was run solely by The Mentor and followed a move from San Marcos
to Austin, TX. The second incarnation was also sysoped by The Mentor
and co-sysoped by Erik Bloodaxe.
During the latter part of 1989, several raids directed at members
of the hacker group The Legion of Doom caused a stir in the
computer underground. After reaching a conclusion that Bill Cook
was indeed focusing his attentions on LOD, The Mentor decided that
a board that was so flagrant about its nature, albeit legal in all
respects, and run by two of the most prominent LOD members would
certainly be caught up in subsequent raids.
The Mentor took down The Phoenix Project after Erik Bloodaxe made a
complete copy of all current messages. Then for grins he overwrote
every sector of his hard drive with the message "Legion of Doom"
should anyone ever decide to read it.
On the morning of March 1, 1990, the homes of The Mentor and
Erik Bloodaxe, as well the business of Mentor's employer Steve
Jackson Games, were raided by the US Secret Service. The Mentor
lost all his computer equipment in the raid which still has not
been returned.
The raid on Steve Jackson Games launched an EFF supported lawsuit
against the United States Government which ended with a ruling
for Jackson, et. al., in which the SS agents involved were publicly
reprimanded by the jugde for their negligence in the handling of
the investigation.
The Phoenix Project has been mentioned in "The Hacker Crackdown" by
Bruce Sterling and "Approaching Zero" by Brian Clough and Paul Mungo
and will ultimately be remembered as one of the true landmark
bulletin boards of the computer underground.
_____________________________________________________________________________
*** {Packet Switched Networks Sub-Board} ***
1/100: how
Name: Knightmare #21
Date: 3:12 am Wed Jul 13, 1988
Just to be curious, how is everyone attaining their NUI's? I mean the
originals..
Read:(1-100,^1),? :
2/100: Obtaining NUIs
Name: Epsilon #12
Date: 8:27 am Wed Jul 13, 1988
Originally, people would make PAD-PAD connections on Telenet and imitate
the network, so that when they'd enter their NUI, we'd get it.
Unfortunately, that method doesn't work anymore, due to some software
changes on the network.
Epsilon
Read:(1-100,^2),? :
3/100: engineer
Name: The Mentor #1
Date: 5:48 pm Wed Jul 13, 1988
Quite a few people engineer them apparently. For those of you who may be
new, 'engineering' is short for 'social engineering', which is long for
'bullshitting'. Epsilon was describing a method involving nothing more
difficult than leaving mail to another user in the same group as your hacked
account asking to borrow his NUI, yours won't work.
Mentor
Read:(1-100,^3),? :
4/100: .../\...
Name: Necron 99 #9
Date: 2:17 pm Fri Jul 15, 1988
engineering is a lost art. i persanally can't do it worth a damn.
(lords, he admitted he isn't perfect. what will he do now?)
i recall finding some in mail on a telenet system once, however.
if you're on a system, read all the files that you can get your hands
on. you never can tell what you can find.
AT&T
Read:(1-100,^4),? :
5/100: Engineering
Name: Epsilon #12
Date: 9:48 pm Fri Jul 15, 1988
Engineering is a great (and powerful if used correctly) way of obtaining
information. It is widely practised, and that's what's kinda scary.
I hope people don't mess it up for the rest of us.
Read:(1-100,^5),? :
6/100: EPSILON
Name: Twisted Sector #51
Date: 12:51 am Tue Jul 26, 1988
What do you mean when you say PAD to PAD?
Read:(1-100,^6),? :
7/100: ///..\\\
Name: Necron 99 #9
Date: 9:58 am Tue Jul 26, 1988
a while ago, (as in last christmas, anyway) you could connect to someone's
pad (packet assembler disassembler) by using judicious use of `stat`.
actually, stat let you find them, then with an id, and a decent `set`, you
could intercept data that the other person typed, enabling you to get a lot
of shit. Unfortunatly, this no longer works (on telenet), it printed a
banner saying 'connected from <wherever you are>', and you had to simulate
telenet.not a major problem, but hey.
.
if anyone has any dialups that look like telenet OR tymnet but they aren't,
let me know, we'll be able to work something out.
-n99 ToK, LOD. so there, nyahh.
Read:(1-100,^7),? :
8/100: PAD/PAD
Name: Epsilon #12
Date: 5:04 pm Tue Jul 26, 1988
Yeah, that's basically it. So in essence, you would just emulate the
connect/login procedures of the host they were trying to connect to.
You could actually see what they were typing, so if they typed
C XXX202
You would respond with..
XXX202 CONNECTED (Telenet style.. Bahah..)
Then you would type..
User ID: (Now they'd enter their User ID..)
Password: (Now they'd enter their password..)
And there you have it. Intercepting Telenet X.25 calls. Welp, it's
defunct now anyway unfortunately, so giving you instructions wouldn't
help.
Epsilon
Read:(1-100,^8),? :
9/100: ?
Name: The Mentor #1
Date: 6:26 pm Tue Jul 26, 1988
What are all the psn's that have 800 dialups?
Telenet- 1-800-XXX-9494 (1200 7E1)
Tymnet- 1-800-XXX-0555
What else?
Mentor
LOD!
Read:(1-100,^9),? :
10/100: 800 Dialups
Name: Arcane Hierophant #28
Date: 3:29 pm Wed Jul 27, 1988
Isn't 800-XXX-9478 a Telenet dialup?
Read:(1-100,^10),? :
11/100: Autonet Madness!
Name: Epsilon #12
Date: 9:04 pm Wed Jul 27, 1988
800/XXX-2255. Play. Fun fun fun.
Read:(1-100,^11),? :
12/100: PAD
Name: Knightmare #21
Date: 12:41 am Thu Jul 28, 1988
I hope this helps.. like everyone was saying before, the pad
assembles/disassembles data. A closer look at the structure of the data is
what I'm gonna try to explain. Now in different networks, the packets of
data are sent in certain sizes, all depending on the network you're on.
Telenet,
which is X.25 (CCITT standard), sends data in 128k packets. Each packet
(frame) can be broken down into different parts. There are different
techniques as to how to configure each packet. I'll give an example of HDLC
(higher-level data link control) which is a standard. A packet using HDLC
standard consists of a frame header, an address, control field, the data,
error detection coding, and end the frame flag. frame header is 8 bits,
control field is 8 bits, error detection coding is 16 bits and the ending
frame is 8 bits. This leaves 88 bits for the data your sending. As your
enter data from your terminal the PAD breaks the data down and reassembles it
into a frame(packet) and then it sends it off in shortest path. The packet
is never disassembled again until it reaches its destination. Sometimes a
packet doesn't go directly from it sending node to the destination node, and
is rerouted to different nodes but this still doesn't affect the packet.
Shit,I'm confusing myself now.. Well anyways, that's a little closer look at
how it works.
Read:(1-100,^12),? :
13/100: Makes sense..but
Name: Twisted Sector #51
Date: 5:00 pm Thu Jul 28, 1988
How could one benifit from such a device?
Read:(1-100,^13),? :
14/100: Using PADS
Name: Mr. Slippery #5
Date: 4:29 pm Sat Jul 30, 1988
A PAD is what you connect to when you dial tymenet or telenet. It puts
your conversation together with others and sends it over the network.
Some minicomputers and mainframes have PAD boards built in but PC's
typically don't. I hope this answers the question about what they are
good for.
Read:(1-100,^14),? :
15/100: MABYE
Name: Twisted Sector #51
Date: 12:56 pm Sun Jul 31, 1988
I should be asking how such a device can be exploited?
Read:(1-100,^15),? :
16/100: Autonet?
Name: Arcane Hierophant #28
Date: 4:42 pm Tue Aug 02, 1988
Forgive me for asking, but is the Autonet of any worth? I live in an area
with no Telenet/Tymnet and I basicaly pay for my calls unless I get lucky and
some local schmuck gives me something to use. This can be rather irritating,
and it makes it hard to gain any hacking proficency when you can't make a
local call to a 'puter.
the Arcane Hierophant
Read:(1-100,^16),? :
17/100: How exactly do I go..
Name: Rockin Dude #18
Date: 5:46 pm Tue Aug 02, 1988
about hacking at telenet? I desperatly need some nui's or pcp accounts.
Thank you very much. I am sort of new to this so give me as much detail as
you can.
Thanks so much. Later!
Rockin Dude
Read:(1-100,^17),? :
18/100: ...\/...
Name: <<< Necron 99 #9 >>>
Date: 6:03 pm Tue Aug 02, 1988
a hint: hacking telenet as your your first system is not a good idea,
considering what the nice people at gte are doing. so be reasonable.
the best way to hack telenet, i must admit, is through prime's
netlink program. but ask somebody else about that one.
Read:(1-100,^18),? :
19/100: Hacking Telenet
Name: Epsilon #12
Date: 5:41 pm Wed Aug 03, 1988
I suppose that's one of the safest methods of hacking the network.
Either that, or scan when you think network traffic would be at a
high rate. Say, in the afternoon on Monday, or any weekday for that
matter.
Hacking Telenet is not such a hard thing to do. Just scan by area
codes, and hack what you find interesting.
E
Read:(1-100,^19),? :
20/100: What do you mean scan?
Name: Rockin Dude #18
Date: 6:28 pm Thu Aug 04, 1988
I won't to find PCP accounts and NUI's however you find them. Or I'll
never be able to call long-distance again. Help!! Please help me..
Rockin Dude
Read:(1-100,^20),? :
21/100: scan
Name: The Mentor #1
Date: 9:19 pm Thu Aug 04, 1988
You scan by picking an area code, say 301, and checking addresses.
@c 301 XXX
@c XXX 112
@c XXX 113
etc...
mentor
lod
Read:(1-100,^21),? :
22/100: PCP
Name: The Leftist #3
Date: 12:09 pm Fri Aug 05, 1988
sounds like what he wants is pcp accounts, or a way to hack them.
none known yet.
Read:(1-100,^22),? :
23/100: Once I 've scanned..
Name: Rockin Dude #18
Date: 3:23 pm Fri Aug 05, 1988
then what are those #'s for and what do they do? God I must be really
stupid not to know this stuff, eh? Well later!
Rockin Dude
Read:(1-100,^23),? :
24/100: Scanning Telenet
Name: Epsilon #12
Date: 3:46 pm Fri Aug 05, 1988
Well, you can keep them for reference. Say you scan a whole area code
on Telenet, and you record your results. Now say a month later, you
suddenly become interested in Prime computers for some reason, then
you can go look in your notebook or whereve, and find all the Primes
you scanned, and go connect and try to get into them.
Just try getting into whatever you think looks like it might be an
interesting system.
I mean, that's why you scan, to find neat things.
E
Read:(1-100,^24),? :
25/100: Various things...
Name: Tales Gallery #74
Date: 1:29 am Sat Aug 06, 1988
Tommorrow maybe I'll write a quick program that will call your Telenet, and
sequentially scan however you set it up to do it. And then capture eveything
to a nice little capture buffer, in which you can later look at. Nothing
special, just something to make life a little easier to you all.
OR is this a stupid idea?. Hmptht.
Tales Gallery.
Read:(1-100,^25),? :
26/100: !!
Name: Epsilon #12
Date: 8:25 am Sat Aug 06, 1988
No. This is good. Write the program. There are already too many code
hacking programs out there, why not write a Telenet scanner.
Sounds great. Hayes modem, eh?
Read:(1-100,^26),? :
27/100: Yeah, great idea.
Name: Rockin Dude #18
Date: 12:41 pm Sat Aug 06, 1988
So after I've scanned all I want to then those #'s I come up with will be
connected to computers that I can hack, right? If that is that's cool. Well
that's a good idea of writing a program to scan telenet. Could that program
also scan for PCP's also? That's what I need, definetly.
Thanks. Later.
Rockin Dude
Read:(1-100,^27),? :
28/100: ...
Name: Epsilon #12
Date: 10:18 am Sun Aug 07, 1988
Well, you'll be old and gray before you ever hack a PC Pursuit account, so
don't bothertrying.
Rockin Dude - Yeah, when you connect to a computer, just play with it if
it looks interesting, and if not, just write it down and
forget about it for the time being. Just a question.. Have
you ever done this before? Because scanning Telenet is not
a hard concept to grasp. Thanks.
Ep
Read:(1-100,^28),? :
29/100: Netlinking for searching
Name: Prime Suspect #70
Date: 2:45 pm Sun Aug 07, 1988
Using netlink to scan Telenet is stupid. It's a good way of losing the
Prime account that could be used much better. It's like making toll calls for
data from within a Phone Company computer and that's it. If you're going to
scan just scan from a regular port dialup. Then when you have all of those
refused collect connections (and some illegal address errors work as just
regular destinations) then you may wish to use netlink to give it a shot and
see what you found. But depending on the revision of primos you're
using, and the destination system... you may lose that account just for
trying to get in the other system so many times.
Prime Suspect
TOK & LOD/H
Read:(1-100,^29),? :
30/100: Telenet Scanning Programs
Name: Prime Suspect #70
Date: 2:49 pm Sun Aug 07, 1988
If you can write a good telenet scanning program, good luck. It's more
than just sending those #'s over sequentially... and even though you plan
on capturing everything which is a great idea, you'll still need to
analyze situations and know when to send a break or an escape such as
"@<cr>@<cr>". BTW: For those of you that hate why you can't backspace
through Telenet because it screws everything up.
Do a: "SET?" or "PAR?"
You'll notice one setting is set to: 127
I think it's setting 18 or whatever is on the very right side of an 80 col
screen. Just change it with:
SET 18:8
To equal a CTRL-H if 18 is the proper #.
Prime Suspect
Read:(1-100,^30),? :
31/100: ...
Name: Necron 99 #9
Date: 8:19 pm Sun Aug 07, 1988
primenet: i disagree. some of us don't know prime, eh. but that is a good
point. i've never had a problem with backspacing and all.
and calling a port local & staying on there for half an hour is not a
brilliant idea to just hack addresses, but that may just be my view.
if you can come up with a way to send a hard break to the hayes, that alone
would be worth seeing.
Read:(1-100,^31),? :
32/100: Hmmm...
Name: Tales Gallery #74
Date: 9:49 pm Sun Aug 07, 1988
Prime Suspect-
I wasn't expecting it to be "that" easy. Obviously I'm going to have to
design a method of interpreting where I am, and what the escape is. Not to
mention having the system NOT mark numbers that don't have connections. This
is how I figure it. Get on TeleNet with a dumb terminal, and then proceed
with various operations. Simulate my software. Easy actually. Of course
their will be initial flaws - but nothing is perfect, and if it were, we
wouldn't have any place in TeleCom, or rather, any special place.
Tales Gallery.
Read:(1-100,^32),? :
33/100: try..203..whoever hasked
Name: Knightmare #21
Date: 10:50 pm Sun Aug 07, 1988
Whoever was asking about scanning I suggest 203. There are a lot of systems
in there. i think XXX20 is a VM/370 and XXX21 is a VAX..
Read:(1-100,^33),? :
34/100: Necron pnet reply...
Name: Prime Suspect #70
Date: 1:33 am Mon Aug 08, 1988
Necron: What do you disagree about Primenet?
Or using netlink I should say I guess. Are you saying that it's better to
use netlink vs a dialup PAD or vice-versa? (confused)
Does anyone know any hard facts about tracing being done from a Telenet
dialup? The 414's was a case of other sorts of abuse that (according to
the press) could have lost lives.
With a case like that known, tracing could have been a thought for things
other than network access.
I'm not promoting actually using a local dialup for access to a network
port. Because then if there is trouble they know the general area where
you may be from. But is that or using an LD service more dangerous.
Looks like too many possibilities eh?
Read:(1-100,^34),? :
35/100: Scanning
Name: Epsilon #12
Date: 7:55 am Mon Aug 08, 1988
Write your program so that it will time out after say, five seconds, then
send a hard break to return you to the prompt, then send a 'd', and then
try the next address in its queue (unless it's generating them randomly).
Yeah, Prime's right, using another computer to scan the network is not a
smart move at all. It's not futile, but it will get your account noticed
and possibly killed (if they're nice. They may decide to watch you for
awhile).
Prime - Thanks for the SET tip. It really annoys me when I type something,
then go back, correct it, and then hit return and it gives me that
damned '?'.
Epsilon
Read:(1-100,^35),? :
36/100: Others . . .
Name: Tales Gallery #74
Date: 9:00 pm Mon Aug 08, 1988
I know exactly how I'm going to be accessing TeleNet. If others chose other
ways, thats absolutely fine, but personally, I have security completely
figured out. Just for the record.
I didn't exactly catch that talk about the "other computer"?
Read:(1-100,^36),? :
37/100: .../\...
Name: Necron 99 #9
Date: 6:23 pm Tue Aug 09, 1988
you have telenet security completely figured out, huh.
i'll be sure to visit you in jail.
Read:(1-100,^37),? :
38/100: Hey, Tales so what are you ..
Name: Rockin Dude #18
Date: 6:42 pm Wed Aug 10, 1988
doing to have this all planned out? I'm sure we would all like to know.
Rockin Dude
Read:(1-100,^38),? :
39/100: WELL
Name: The Leftist #3
Date: 12:36 pm Thu Aug 11, 1988
yeah, there are some pretty safe ways to dial into telenet, but its just
like making any other local <assuming its a local call> and I dont think
I want to go into ways of avoiding being traced on a local call...
Read:(1-100,^39),? :
40/100: ...
Name: Epsilon #12
Date: 12:57 pm Thu Aug 11, 1988
Being traced on a local call (if they really want you) is basically
inevitable. You could always use an extender if you want. This is a
lame discussion.
Read:(1-100,^40),? :
41/100: Exactly . . .
Name: Tales Gallery #74
Date: 3:10 pm Thu Aug 11, 1988
. . . Why I said I have it all planned out, and not to worry about. "See me
in jail"? Gee, ok. You must be right, how could anyone be right other
than you? Oh, I am so sorry "sir". How could I have ever said something
without your assistance of skill and advancement. I am so sorry. No,
really.
Read:(1-100,^41),? :
42/100: Tsk tsk tsk.
Name: Epsilon #12
Date: 5:43 pm Thu Aug 11, 1988
If I'm correct, I sense a conflict here. Take it away Necron..
Don't get blood on this base. I happen to like Packet Switching.
Read:(1-100,^42),? :
43/100: ...
Name: The Mentor #1
Date: 6:56 pm Thu Aug 11, 1988
This is the only warning. The war stops here. Take it to email.
Mentor
Read:(1-100,^43),? :
44/100: my gosh.
Name: Necron 99 #9
Date: 7:18 pm Fri Aug 12, 1988
i don't even get to post a reply. hmm..
bad loyd, bad loyd.
Read:(1-100,^44),? :
45/100: email it...
Name: The Mentor #1
Date: 5:11 pm Sun Aug 14, 1988
Send it in Email... remember what MSP started looking like toward the end of
its existance? I want to avoid that...
Mentor
lod!
Read:(1-100,^45),? :
46/100: ///
Name: Epsilon #12
Date: 8:16 am Mon Aug 15, 1988
Doesn't anyone want to know anything about packet switching anymore?
This is depressing.
Read:(1-100,^46),? :
47/100: Yes.
Name: Dark Sorcerer #79
Date: 10:32 am Mon Aug 15, 1988
I've heard you can somehow break into the Telenet service node and retrieve
NUI's. How is this done..?
Read:(1-100,^47),? :
48/100: Telenet Scanning
Name: The Traxster #92
Date: 8:07 pm Mon Aug 15, 1988
Dude find someone which is into telenet scanning and they will tell you.
Now a day I heard it is kind as safe as it used to be.
Read:(1-100,^48),? :
49/100: Dark Sorcerer
Name: Epsilon #12
Date: 9:30 pm Mon Aug 15, 1988
Please do not bring up the topic of service nodes at all.
I would really rather not discuss this, because I know you will find
out about this information before you're supposed to. Everyone will.
I'm not making this statement directly towards you, I'm just trying to
clarify the fact that I do not wish to discuss this right now.
Thanks for understanding.
Read:(1-100,^49),? :
50/100: eps, do you..
Name: Knightmare #21
Date: 6:50 pm Tue Aug 16, 1988
Espsilon, do you have the knowledge to convert packed packets of info. on an
x25 network back to it's original ascii form? I know someone who is working
on it right now but maybe someone else knows??
Read:(1-100,^50),? :
51/100: ....
Name: Necron 99 #9
Date: 8:15 pm Tue Aug 16, 1988
hey, waihey, wait a minute, eps. i thought only i had a liscense to act like
this.
has anybody talked to empty promise lately? i lost his number. he was
<sniff> suppoesed to call me last week.
with telenet, i wouldn't put anything past them. they haven't
been fucking with their software just to lock out the pad-pad things, eh.
Read:(1-100,^51),? :
52/100: Hey Nec
Name: Epsilon #12
Date: 8:54 am Wed Aug 17, 1988
I can be equally as obnoxious as you can, so phhhhtt..
Knightmare - No, I'm afraid I don't know how the X.25 protocol is converted
to ASCII format.. I should read up on that a bit.
What are you planning to do, build your own PAD?
Read:(1-100,^52),? :
53/100: Oh.. joy.
Name: Dark Sorcerer #79
Date: 11:01 am Wed Aug 17, 1988
With my luck, by the time i find out, everyone else will be getting NUI's
too. So, when do you want to discuss this, eps?
.s
.shit <used to gbbs>
Read:(1-100,^53),? :
54/100: ...
Name: Epsilon #12
Date: 6:06 pm Wed Aug 17, 1988
Don't worry. It's not working correctly from what I hear right now, so
there's really not much of a point in discussing it.
Read:(1-100,^54),? :
55/100: Welp.. okay.
Name: Dark Sorcerer #79
Date: 10:01 am Sat Aug 20, 1988
Whatever.
Read:(1-100,^55),? :
56/100: X.400 vs X.25
Name: <<< Prime Suspect #70 >>>
Date: 12:09 am Mon Aug 22, 1988
Does anyone here even know the workings of a packet net such as the
protocols used to bring things about to the right place?
Overseas they seem to use X.400 and here we're using X.25.
I don't know this... but what are the differences of X.400 and X.25?
I think there was some documentation on this on several of the network
information centers... if you don't know about those then don't
bother asking.
Read:(1-100,^56),? :
57/100: Hmm.
Name: Epsilon #12
Date: 11:21 am Mon Aug 22, 1988
You sure about that? I was always thinking that the other networks, over-
seas, also used the same X.25 packet protocol. Great, now I'm confused.
Thanks a lot. :-)
Read:(1-100,^57),? :
58/100: Packet Routing
Name: Epsilon #12
Date: 11:40 am Mon Aug 22, 1988
Alright. Whoever asked about how packets get to the right place..
All packets sent have some data at the beginning called a header. Each
header contains the origination and destination virtual addresses of the
packet, along with some other information.
When the packet is sent, the header gets stripped off, interpreted, and
the data is received in its entirety at the destination host.
Read:(1-100,^58),? :
59/100: x.25 documentation
Name: Knightmare #21
Date: 1:53 pm Mon Aug 22, 1988
i have some x25 documentation, i have about 75k of it, the other 20 k is lost
in space. But I'm sure I can get the rest of it. (of one of those inofrmation
centers) Epsi, no, i'm not bulding a pad.. it's for something else which you
already know about.
Read:(1-100,^59),? :
60/100: x.400
Name: Mr. Slippery #5
Date: 12:34 pm Sat Aug 27, 1988
X.400 is a mail transfer protocol. It specifies how to address mail and
such. It is therefore level 7 (I think) of the 7 layer OSI model. X.25
is the lower 3 (4?) layers of the model. Hope this helps.
Read:(1-100,^60),? :
61/100: level 7???
Name: Knightmare #21
Date: 12:45 am Sun Aug 28, 1988
If i recall correctly I didn't think level 7 was transfer protocals or
anthing
associatd with transfers. Level 7 is what happens with the information after
it reaches the user and is stripped. It's been a while since I've updated
myself to standards so I may be wrong. You can say x.25 is 3 or 4. no wrong
or
right answer to that one.
Read:
(1-100,^61),? :
62/100: Way way back
Name: Amadeus #96
Date: 5:00 pm Mon Aug 29, 1988
This response goes way way way way back:
Autonet from
Telenet: XXX240XXX09
Other Telenet nums: 1-800-XXX-0631 (2400 baud) 1-800-XXX-6751 (all bauds 2400
and below, pcpid or nui required)
Tymnet from Telenet: XXX31 or XXX249
Later . . . Amadeus
Read:(1-100,^62),? :
63/100: ...
Name: Necron 99 #9
Date: 7:10 pm Mon Aug 29, 1988
i need a list of all the gateways off telenet (mainly the intl things, the
ones that you have to do something like XXX051300013 and so on)
any takers? most of this is fairly public, but i lost my old lists.
please reply in mail if not a pulic gateway.
hm. that would be "public"
Read:(1-100,^63),? :
64/100: DataPac from Telenet
Name: Amadeus #96
Date: 5:45 pm Tue Aug 30, 1988
I can't remember who it was that found this, but you can attempt to hack your
way through XXX68 (on Telenet) into Datapac or IPSS.
Also, on Tymnet, you can access Datapac by typing "dpac;". I would like to
know if anyone knows how to enter a nui through this gateway.
Later . . . Amadeus
Read:(1-100,^64),? :
65/100: PCP/Canada
Name: The Cutthroat #101
Date: 11:22 pm Tue Aug 30, 1988
Does anyone out there know how to call 416 (Toronto, Canada) through
PcPursuit
? Telenet has a port here in town, but I have to call Buffalo to get access
cause Datapack won't let me. I know the routing code for Datapac but It won't
let me on PCP. I think I have to get a DP NUI. The reason I am asking is that
Swashbuckles is going back up and I would like to have a way people could
reach me if they got a PCP account. I heard it could be done but you had to
go out another area code (216 I think) to get to 416.
Read:(1-100,^65),? :
66/100: not a veiled threat.
Name: Necron 99 #9
Date: 3:43 pm Wed Aug 31, 1988
final request, on behalf of our generous sysop:
if anybody posts any accounts (or phone numbers, or nua's <!>), the message
will be deleted, and so will the user <well, i dunno bout that, loyd is kinda
soft on you all>. so use really vague mentions, and send things through the
mail, or talk voice, or something. something YOU may consider to be legal
may not be, and i'm fairly sure mentor doesn't want to pay for your error.
am i getting boring about this?
Read:(1-100,^66),? :
67/100: x.25
Name: The Leftist #3
Date: 1:16 am Thu Sep 01, 1988
x.25 protocal hiercy
level definition
7 Application protocal <not defined by x.25
6 presentation protocal <not def by x.25>
5 Session Protocal <not def by x.25>
4 Transport protocal <not def by x.25>
3 x.25 layer 3
2 x.25 layer 2
1 x.25 layer 1
the physical layer defines how 0 and 1's are defined
how contact is established with the network timing aspects etc..
the frame layerjF is the data lin~p layer.
its job is to insure reliable communication with the data terminal equipment
and the data communications equipment <dte and DCE>
packet layer <network layer> deals with the format and meaning of the data
field contained wiithineach field
the packet layer provides for routing and vitual circuit management
I'll go further into the tech side if anyones interested.
The Leftist
Legion of Doom hackers
Read:(1-100,^67),? :
68/100: It looks like..
Name: Dark Sorcerer #79
Date: 8:04 pm Sun Sep 04, 1988
The C APPLE on telenet doesn't work anymore. Does anyone have the new
address? I'm interested in that system. (which is, BTW if you're slow,
Apple Computer Corp.'s UNIX mainframe.)
Read:(1-100,^68),? :
69/100: Telenet
Name: The Dictator #115
Date: 8:44 pm Sat Sep 10, 1988
Hey...are the rumors true??? I have heard people saying that Telenet can
now effectively trace a caller on the system at any given point in time?
This message isnt here to scare anyone...But with all the rumors around,
its always good to ask...
BY THE WAY.....
Using P.C. Pursuit....Take your dial-up and loop through the Seatle port.
Heh heh...your be amazed at the features.
The Dictator
Read:(1-100,^69),? :
70/100: Information on packet netets
Name: Ani Failure #50
Date: 2:54 am Sun Sep 11, 1988
I can get tons of info on packet nets, so I think I might start contributing
on this sub....
anif
Read:(1-100,^70),? :
71/100: Telenet and ANI?? Ha!!!
Name: Ground Zero #78
Date: 10:19 pm Sun Sep 11, 1988
Nah. As far as I know, if necessary, they can arrnge to have a questionable
call traced back to the telenet node, then the local company can trace the
call in progress. But, as said before by someone else, they don't do it for
fun.
There's someone who calls Atger and Althh chat systems in Germany who just
sits there and asks people what they are using to call there. He tries to
nail Americans using Telenet to call there. He admitted there are no
feature groups on Telenet dialups, but threatened that Telenet plans to add
FGD to all their dialups. That'll be the day!!
When he said that, I said "Nah, that would be too difficult and expensive".
He just said "We can handle it. We're GTE".
Heh..
-gz
Read:(1-100,^71),? :
72/100: P.S.
Name: Ground Zero #78
Date: 10:22 pm Sun Sep 11, 1988
For those of you that don't know, the Telenet security agent who calls the
chats uses the handle "Mike.P". Be on the lookout!
Or maybe big, bad GTE will pounce on
you!! :)
Read:(1-100,^72),? :
73/100: Telenet
Name: The Dictator #115
Date: 1:25 am Mon Sep 12, 1988
I am a big Telenet phreak...I love the system...there are some neat tid
bits about the system....
It is possible to call a local node in your area, and then use that node to
access another Telenet node, and THEN make your call to a company, or use
PC Pursuit.
Now, this does one nice feature....Telenet has a limited ANI...Companies
can now pay Telenet to trace a series of calls to it during a certain
period of time...if you use the multiple node, the ANI traces to the
second node you accessed, and not the first...
Comes in handy....
The Dictator
Read:(1-100,^73),? :
74/100: Telenet.
Name: Epsilon #12
Date: 9:45 am Mon Sep 12, 1988
Big shit. The destination host already knows the virtual address of the PAD
you are calling from in the first place. Remember what I said about packets?
In the packet header, there's the network address of the origination, and the
destination. Besides, I don't think it's quite possible to have Feature
Group D installed on a POTS number (?). Anyone have any theories on this?
Read:(1-100,^74),? :
75/100: Telenet/FGD
Name: Ground Zero #78
Date: 2:03 am Tue Sep 13, 1988
Yes, I believe it can be done, however, at great expense. So I doubt it will
happen.
As far as headers go, Eps, I'm confused! Now, let's say I call up a Telenet
node and then use it to connect to an outdial. Then I use the outdial to call
the dialup of another Telenet node. Is what you're saying that the original
NUA I am calling from is on the header of each packet? I don't understand
how. Beacuse I am assuming that when I use the outdial to call the second
Telenet node that all the header junk gets taken off, since it's assumed that
I'm using the outdial to call another computer that has no use for the
information contained in the header! Could you explain this more?
-gz
Read:(1-100,^75),? :
76/100: Ground Zero
Name: The Prophet #91
Date: 4:04 pm Tue Sep 13, 1988
GZ-
I believe Epsilon means that the nua of your pad is transmitted to each
other nua you call -- not over a phone line (as when using pcp).
-TP
6o1hadoto
Read:(1-100,^76),? :
77/100: PCP
Name: St.Elmos Fire #32
Date: 3:24 pm Wed Sep 14, 1988
WELL, IF YOUR SO WORRIED ABOUT PCP, THEN CALL THROUGH AN EXTENDER, AND ALSO
CALL A DIAL-UP IN A DIFFERENT AREA THEN YOURSELF...
Read:(1-100,^77),? :
78/100: trick
Name: The Leftist #3
Date: 9:43 pm Wed Sep 14, 1988
the trick is to seperate the node of the network <telenet> that you are on
from another node of telenet, and do all your dirty work from the second
node.. of course you have to be sure the link between the two nodes is made
in a safe manner..
The Leftist
Legion of Doom Hackers!
Read:(1-100,^78),? :
79/100: PCP
Name: The Prophet #91
Date: 9:58 pm Thu Sep 15, 1988
If you have a working extender, why use PCP?
-TP
6o1hadoto
Read:(1-100,^79),? :
80/100: ^good point, prophet!
Name: Ground Zero #78
Date: 10:56 pm Thu Sep 15, 1988
Heh. Anyways, I think that clears it up. I think!
-gz (wondering what the significance
of "6o1hadoto" is!)
Read:(1-100,^80),? :
81/100: WHY USE PCP?
Name: St.Elmos Fire #32
Date: 10:47 am Sat Sep 17, 1988
WELL, ONE REASON TO USE PCP IS TO TRY AND FIND DIFFERENT SYSTEMS AND THEIR
CODES(NUMBER YA HAFTA PUT IN TO MAKE IT CALL, DIDNT KNOW THE TERM>. ALSO, IF
YOU DIDNT HAVE AN ACCOUNT, IT WOULD MAKE THINGS ALOT SAFER. ESPECIALLY NOW
THAT SOMEONE MENTIONED THEY COULD TRACE CALLS.
Read:(1-100,^81),? :
82/100: .
Name: Epsilon #12
Date: 6:53 pm Sat Sep 17, 1988
Thanks for clarifying my message, Proph. BTW, what exactly is 6o1hadoto?
Just curious as always.
Read:(1-100,^82),? :
83/100: DPAC.
Name: The Keeper #135
Date: 8:56 pm Sat Sep 17, 1988
Greetz...
Well Who Ever Wanted The DPAC info, Leave Me E-Mail And I can Explain DpAC
To You, I Use it every Day, And It was a Real Cool System.
If You Need a NUI for Dpac Then I Guess You Could Leave Me E-Mail To.
The Keeper.
Telcom Canada.
P.S. Right now i am Using The Canadian Goverments Modem Pool Number to
Call Here, Its a Real CooSystem As Fell.
Read:(1-100,^83),? :
84/100: you guys
Name: <<< Ani Failure #50 >>>
Date: 3:02 am Sun Sep 18, 1988
you guys are going to get into some shit if you keep posting numbers and
specific information on the systems you are in....don't you know that
everyone is on this board (s.s, fbi, bell security, sprint, etc. and more,
I'm sure)
Think about it, this is a perfect place for people to keep tabs on
hackers/and phreaks. so watch what you post
Read:(1-100,^84),? :
85/100: agreed.
Name: Ground Zero #78
Date: 11:56 am Sun Sep 18, 1988
Can someone delete our friend's post up there?
-gz
Read:(1-100,^85),? :
86/100: aksjgdyr
Name: Necron 99 #9
Date: 1:31 pm Sun Sep 18, 1988
do not post numbers. if you disagree with this, please send mentor mail. or
me mail.
Read:(1-100,^86),? :
87/100: SURE..
Name: St.Elmos Fire #32
Date: 3:27 pm Sun Sep 18, 1988
I AGREE, A PERSON SHOULDNT POST A CERTAIN NUMBER, BUT THERE IS ABSOULUTLY
NOTHING WRONG WITH TRADING INFORMATION ABOUT THE SYSTEM, IT IN NO WAY COULD
GET YOU IN TROUBLE. UNLESS OF COURSE YOUR {STUPID, AND POST AN ACCOUNT AND
PASSWORD.
-FIRE
Read:(1-100,^87),? :
88/100: ...
Name: The Mentor #1
Date: 6:02 pm Sun Sep 18, 1988
The point is, if you post that you are into the IRS's computers (or
whatever), that is probable cause, and reason enough to *minimum* put a DNR
on the line...
The Mentor
LOD/H!
Read:(1-100,^88),? :
89/100: THE KEEPER..
Name: Electric Warrior #134
Date: 6:01 am Mon Sep 19, 1988
All Canadian phreaks aren't like that, really.. While Datapac is a
realativly intelligent network, there is just to much diversity for it to be
considered a good packet switching net. Different types of datapac ports,
XXX0, XXX1, XXX1, etc, all have their own modem ports. Most packet sizes are
256 instead of the (I assume) usual telenet 128.. Can't you guys reach
Datapac address' with reverse charging on them through C XXX20 XXXXXXXX ?
Most of our numbers accept collect calls, but fewer will accept anything from
an international call..
Read:(1-100,^89),? :
90/100: Oy Vey.
Name: Master Micro #10
Date: 12:06 pm Mon Sep 19, 1988
For the sake of information, let's say, i'm interested how you changed
your set's to 'Pad To Pad' and see the other person's information. I remember
very well when you could connect to someone's NUA and just talk to them, but
i'm unaware of how you went about monitoring their information (without them
knowing?) For information purposes, i'm interested in how you used to do
this.
Might come in handy with an x.25/x.29 compatible server I found.
Mm (Bellcore/Ua)
Read:(1-100,^90),? :
91/100: WANTED
Name: Doc Telecom #71
Date: 12:57 pm Mon Sep 19, 1988
I have the NCC's <Network Control Centers> and Accounts on them for a few of
the major PSN's [Packet Switching Networks], allong with the documentation
for creation of links,paths,nuas,ect. I am willing to trade, well since i
don't trade, i will be willing to give this information, <And some added
- forbiden* PSN info> if anyone can get me the NCC for Tymeshares Tymnet
<Hint:DECLOD>.
Thanx,
Doc Telecom/BC
CREATE LINK altos using 5 DCE SP=XXX00 LOCAL=9 REMOTE=11 NUA=XXX2458XXX40004
NOOC PCV=1-48 SVC=49-XXX TRANS=100
Read:(1-100,^91),? :
92/100: ELF
Name: Doc Telecom #71
Date: 5:33 pm Mon Sep 19, 1988
I am looking for the source for ELF [Engine Load Facility], Tymnet put it
out in Dec 1987. I have the manuals [ELF Reference Manual, ELF Operators
Guide, and the Engine Pocket Guide] But i Need the source so i can put a
patch in it,
In my last message I said I was looking for the NCC, I was refering to the
"main" NCC, not all those little fucking [Can we cuss here to or do those
messages get deleted to ?] things. [MUX Modifier Ports, or CMF's {a CMF is a
Configuration Management Facility}], If anyone has this or any info on
"Uninet" Leave me E-Mail.
and here is a sprint: DOCI SBRA INDE AD
Gotcha! Necron99!
Read:(1-100,^92),? :
93/100: ahem?
Name: Master Micro #10
Date: 4:04 pm Tue Sep 20, 1988
Hmmm.. thought we weren't going to be posting codes, numbers, passwords,
etc.? Anyways, my PSN question..? Anybody know?
Read:(1-100,^93),? :
94/100: ...
Name: The Mentor #1
Date: 5:37 pm Tue Sep 20, 1988
He isn't... that is a bogus code, getting ready to be a deleted code...
Doc, one warning. You can fuck with Necron all you want in mail. Posting
that (yes, I know it isn't valid.) is risking getting me in a lot of
trouble.
Capice?
The Mentor
LOD/H!
Read:(1-100,^94),? :
95/100: ANSWERING MACHINES
Name: Tinman #132
Date: 6:10 am Thu Sep 22, 1988
I know that Rip Shack sold answering machines a few years ago that allowed
you to call the machine, and when IT hung up, you were left with that persons
dial tone, Ergo, all calls were made at the expense of the owne{r{ of the
machine. I haven't run into to many lately. Anybody know if other machines
do the same thing ? Also I notice the posting of SERVICES and CODES. Looks
like bad news to me. These phone companies are really staarting to w{is{e
up. Oh well who the hell cares ? It just makes life more challenging. Who
is this "Rockin Dude" anyway ?
Read:(1-100,^95),? :
96/100: or perhaps
Name: Necron 99 #9
Date: 12:34 pm Thu Sep 22, 1988
we could ask "who is this tinman dude anyway"?
Read:(1-100,^96),? :
97/100: answering machines
Name: Norman Bates #58
Date: 2:49 am Sat Sep 24, 1988
The only way you could get someones dialtone through their answering machine
is if they had a call forwarding service on it, or if it handled
two lines and was made to accomodate that kind of traffic. It
is not possible to overide someone who only has one line... You have to have
a line to come in on, and a line to go out on you know...
...Norman/619
Read:(1-100,^97),? :
98/100: yep
Name: Brimstone #149
Date: 10:27 am Sat Sep 24, 1988
I guess the last message was true..
something related....
voice mail systems...
you could hook up to an extension, you could also hook up to a box...
but call those systems that have both (extensions that hook you up to people,
and a system that has mailboxes also)..
Also after you dial an extension or mailbox, it has to ring...
thos kinds of systems can be used as divertors sometimes..
I have found a few systems like that.
I found one system that all of the extensions that I've tried could've been
used as a divertor...
but I have other systems which only one or a few boxes could be used..
so these things still exist
Read:(1-100,^98),? :
99/100: DataPac
Name: Creative Chaos #152
Date: 8:26 am Sun Sep 25, 1988
Isn't DataPac the network that you type CHR$(13)"." to start with?
Well, here I go again, I have this system sitting on my shelf somewhere,
it's only identifing feature is "DataStream" the password is 4 digits to the
system. ALL I WANT TO KNOW... is why didn't I cna the bitch already... No,
no
Has anyone ever encountered a system like this ??? (this system required
something like a CHR$(13)"." to get started.)
Creative Chaos
The Punk Mafia
Read:(1-100,^99),? :
100/100: ...
Name: The Mentor #1
Date: 11:53 am Sun Sep 25, 1988
I've run into systems that take '....' to get their attention... strange.
The Mentor
LOD/H!
Read:(1-100,^100),? :
100/100: ...
Name: Lex Luthor #
Date: 3:31 pm Sun Sep 25, 1988
Doc Telecom, I believe I have access to ELF source along with a lot of other
information regarding TYMNET.
IE: DECLOD which was no big deal even though it was against my style to add
accounts such as that one. However after checking to see that there are
hundreds of accounts similar to DECLOD and entering a somewhat valid
application for an account, I believed it was safe to do so along with it
being a learning experience as far as what could be accomplished by a
non-employee of either TSN or TYMNET
Lex
Read:(1-100,^100),? :
< Electronics Q-scan done >
< Q-scan Packet Switched Nets #4 - 100 msgs >
_____________________________________________________________________________
*** {GENERAL MESSAGE SUB-BOARD} ***
42/100: ANI
Name: Chance #128
Date: 1:00 pm Tue Sep 20, 1988
Well.. if you are in an ESS area (Identify it by whether you can have custom
calling features) Then US Sprint 800 service CAN obtain your ful phone
number... That's all there is to it..
Read:(1-100,^42),? :
43/100: ...
Name: The Mentor #1
Date: 5:36 pm Tue Sep 20, 1988
ummm... The ANI isn't transmitted unless you're in an equal access area...
ESS
has nothing to do with it...
The Mentor
LOD/H!
Read:(1-100,^43),? :
44/100: ANI & Sprint
Name: The Cutthroat #101
Date: 6:47 pm Tue Sep 20, 1988
Well I'm in ess but can't be in equall access, I'm calling from another
country. Though anything comming from Canada could be routed through an
equall access area. E.G. Sprint owns the entire 800 exchange that they are
in.
Read:(1-100,^44),? :
45/100: RNS
Name: Doc Telecom #71
Date: 12:41 am Wed Sep 21, 1988
Hacking CONTELS RNS <Remote Node Switch>
Have you ever ran accross dialup that
says "RNS$#5$New$York$City" that is the Switch that Contel uses for there
Carlson/Stromberg CPX5,Etc Switches...Most accounts on the network cannot
be accessed From Remote, but usually there is atlease one or two that give
You Remote Access. Every RNS I have been in have it so *all* accounts have
full <System admin> privliges...The defaults set by CS are:
ADMIN/ADMIN SECURE/SECURE TMRS/TMRS DOC/TELECOM SCAT/SCAT MAINT/MAINT
STATUS/STATUS NAC/NAC ESPF/ESPF.
Also if someout drops carrier and doest $logoff there account remains
active for the next user. Once in you will get a "MON>" Prompt and after
every thing you type you will always get the MON Prompt. To Execute
commands you must put a "$" in front of every thing at MON Level, there
is no help provided by the System at MON level [But everything else is menu
driven] To learn the Overlays ($) you must do a dir to get everthing, the
system is devded into hundreds of sub systems (300 Megs).
Here ara few of the subsystems [Overlays {$}].
$DBUTL - DataBase Utility
$FILSYS - All disk Access [Dir, Type, Format, Copy, Etc]
$PASSWM - List Users/Passwords, and other goodies.
$ADMIN - Switch Administration
$CBUG - Used to Debug/Patch the Switch
Zi6/help
iDi
Read:(1-100,^45),? :
46/100: STAR CODES
Name: The Leftist #3
Date: 6:54 am Wed Sep 21, 1988
Well, if Im not mistaken, there is a standard for the * codes, heres a
partial list
&
- 71 3 way calling at 50 cents a pop <rate subject to change>
- 72 xxx-xxxx initiate call forwarding
- 73 cancel call forwarding
- 74 + 1-9 program speed calling optioons
Leftist
Legion of Doom Hackers!
Read:(1-100,^46),? :
47/100: Sprint
Name: Sandy Sandquist #85
Date: 9:02 am Wed Sep 21, 1988
I recently had a meeting with the local FBI SAIC. He mentioned something
that I thought many of you would be interested in or at least should know.
One of the problems that the FBI has in hacker cases is as a case develops
it is very difficult to tell the difference between a hacker and an
individual that is involved in espionage. It seems that those involved in
espionage hacking are following the same patterns that many of you follow.
When an audit trail is created there is no difference. Until they investigate
much deeper they can't tell the "casual hacker" from the professional hacker
involved in espionage. Ergo, if you are into government systems and think
that you are not doing any damage, maybe you should reconsider.
================Food For Thought=====================
Read:(1-100,^47),? :
48/100: ...
Name: The Mentor #1
Date: 10:11 am Wed Sep 21, 1988
I don't know anyone who hacks government computers except by accident... At
least none of the people *I* work with are that foolish...
The Mentor
LOD/H!
Read:(1-100,^48),? :
49/100: ...
Name: The Mentor #1
Date: 1:31 pm Wed Sep 21, 1988
I'd like to welcome the second acknowledged security person on Phoenix. Jay
Stenger is a security manager for NTS (National Telecom Service??? Forgive
me, I forgot the acronym...). Anyway, perhaps he will field some questions
also and take some of the load off of Sandy...
I'll start it off... Jay, what exactly does NTS do, are they regional or
nationwide, and what does your job consist of for the most part?
The Mentor
Read:(1-100,^49),? :
50/100: Hello Jay
Name: Sandy Sandquist #85
Date: 2:29 pm Wed Sep 21, 1988
Hello Jay, welcome "above board". For those of you who don't know, Jay was
a US Sprint Security Manager until NTS made him a deal he could not turn
down. You will find that Jay knows this business and will be responsive to
your questions,,,That is if he ever learns to return his calls on time.
(a little inside jab at Jay from an old friend.)
Read:(1-100,^50),? :
51/100: mymym
Name: The Leftist #3
Date: 4:19 pm Wed Sep 21, 1988
We seem to be geting real popular with the security people all of a sudden..
I guess the word has gotten around that theres good hackers here who DONT
spend all their time obtaining ill gotten phone cards....
Leftist
Read:(1-100,^51),? :
52/100: Bioc Agent 007
Name: The Prophet #91
Date: 5:35 pm Wed Sep 21, 1988
Sandy-
Hey, I never question a Special Agent in Charge, but are there really any
"professional hackers" involved in espionage? To my knowledge, no one has
ever
been tried and convicted for gaining unauthorized access to a system with
"espionage" as the motive. Hacker hobbyists aside, the rest of the crimes are
committed by disgruntled employees.
By the way, someone (can't remember the name) wrote a fascinating book on one
such case, called The Great Bank of America Telex Heist.
-TP
6o1hadoto
Read:(1-100,^52),? :
81/100: Hackers....
Name: Doc Telecom #71
Date: 3:51 am Wed Sep 28, 1988
I think that the hackers they were talking about were not true hackers but
just pirates/c0de abusers/ and warez dudes.. Most of the true hackers out
there don't even abuse codes....And most Phone Phreaks don't have a need to
Shit! The phone company provis so many alternitive ways to place phone calls!
[That reminds me..^C when you called me yesterday and said that you were
paying for your calls...Well when we were hanging up and the operator said
"Are you finished with your calls yet?" That seemed like the TSPS Maintence
trick to me..!] By the way the TSPS trick is legal, except that you must not
impersinate someone while doing it....If you can just confuse the shit out of
the TSPS operator to place your call...it is considerd legal and the
stupidity of the operator...Also note: That using a diverter is legal just as
well..but it depends on your morals..I mean they do have to pay for that 1000
$$ alience teleconfrencing bill.
Essential Overload
Read:(1-100,^81),? :
85/100: XMUX
Name: Electric Warrior #134
Date: 6:36 am Thu Sep 29, 1988
The system you encountered (The XMUX, also sometimes labeled as VMUX)
are the control modules behind SERVICE ID= prompts. I've seen several of
these, and unless you know what you're doing, you cannot effect anything
permanently. As near as I can tell, when you connect to an address that
normally says SERVICE ID= at a certain time of day, you will be dropped into
this system, made for the control of PAD's and the security protection of
certain address's (Closed User Group: 'Access Barred' except to authorized
users).
Each XMUX usually has some kind of accounts listed in the Maintenance and
Profile areas, such as CONSOLE or LOGGER. Like I said, it is hard to really
change anything permanently (ie: access control protection) and they are very
easy to crash. Do not try to dial into or supervise another address. This
will cause the system to lock up, and you cannot usually regain control and
most likely, the system will go back to saying SERVICE ID= permanently. Play
around with it because it will probably not be there the next day.
With no available help files, a lot of its functions remain a mystry (mabye
because you are connected to the address usually used to outdial to other
NA's, therefore causing a crash when the line is occupied...) and the system
is realativly uninteresting.
- Electric Warrior
Read:(1-100,^85),? :
88/100: Hacking and Espionage
Name: Lex Luthor #81
Date: 3:30 pm Sun Sep 25, 1988
I have not heard of anyone doing any hacking primarily for the purpose of
passing that information on to a foreign nation.
I personally, despise the thought of it, let alone its practice.
However if there were/are those who hack for that purpose, who would hear
about it anyway?
I have come across information which I believe would be considered valuable
to other nations, so I know the information (whether classified or non
classified) is out there accessable to those with the correct access.
When I say other nations, Of course I am speaking about the USSR but don't
forget there are many other countries out there obtaining information about
the US. For instance, our pals Isreal, of course they don't like to admit it.
Anyways, for those who are interested, Issue #3 of the LOD/H Technical
Journal
WILL be out within a month. Period.
Lex
Read:(1-100,^88),? :
99/100: RNS
Name: Doc Telecom #71
Date: 4:04 am Wed Sep 28, 1988
I figured I would Explain A bit more on how a Remote Node Switch connects To
the Bell Operating Company (BOC) Maintence Centers. Within the BOC serveral
interfaces are used to provide information of a individual Stored Program
Controlled Switching System (SPCS). Which in the cas of RNS is the DCO
system.
The Remote Node Switch (RNS) uses the EADAS/NAC funtion to ensure that the
Bell Operating System Switches arproperly equipped for thier network
function.
Each of primary datalinks used for data transfer [From RNS to BOC Sytems ] to
EADAS/NAC has its own protocal.
The RNS is also compatable with Remoteemory Administration System (RMAS)
Interface. [The RMAS is an AT&T support system used by BOC's] The RMAS takes
care of the administration of the database for the Telco Switches connected
to it.
Essential Overload
Read:(1-100,^99),? :
100/100: They help themselves and us
Name: Lex Luthor #81
Date: 1:53 am Wed Oct 05, 1988
For those security people who have the forsight to provide technical
information to us via this bbs I salute you. Why? Because by educating
phreaks on your phone systems, mainly on information pertaining to fraud
detection and such, they are helping themselves and us.
For instance, by telling everyone that their service has ANI on their 800
dialups and also by saying that they agressively persue all fraudulant cases,
they alert those phreaks who would have unknowningly attempted or succeeded
at abusing the service in question that the chances of being caught are high.
By giving out this information, the security people reduce potential abuse of
their systems and at the same time save those phreaks who would have
ignorantly abused the service from the expense, embarrassment, etc. of a
visit or arrest or possible litigation.
Thus, the companies who do provide this information will reduce the amount of
fraud, save money by not spending much needed resouces on chasing after those
who would have abused their service, AND keep phreaks from getting into
trouble.
Now, for those companies who have lame security, well maybe faking that they
have good security might help...yeah right. Maybe they should stop spending
money on investigators and litigation and instead spend it on preventing the
abuse in the first place, which of course means spending that money on
SECURITY for a change.
Lex
Read:(1-100,^100),? :
_________________________________________________________________________
*** {"INSTRUCTOR" SUB-BOARD} ***
1/38: this
Name: <<< The Mentor #1 >>>
Date: 11:25 pm Sat Jul 02, 1988
This is the top level board. If you are on here, you are one of the people I
expect to be answering questions that the others ask on the lower boards.
Without your help, this board will go nowhere...
If you have suggestions about new subs, feel free to leave them here or in
feedback.
The Mentor
Read:(1-38,^1),? :
2/38: Uhh..
Name: Epsilon #12
Date: 8:13 am Tue Jul 12, 1988
Well, the conversation is really kickin' in this base. I'll tell you..
Read:(1-38,^2),? :
3/38: ok
Name: The Mentor #1
Date: 2:00 am Wed Jul 13, 1988
Ok, I suppose this would be a place to discuss anything that you don't want
beginners playing with... what are the various forms of outdials from
telenet?
I've used the unix CU, VMS $set host/dial=dte, and am going to
try pcp tonight... what others are there?
Mentor
Read:(1-38,^3),? :
4/38: Telenet X.25 Outdials
Name: Epsilon #12
Date: 8:37 am Wed Jul 13, 1988
There are modems on Telenet used by PC Pursuit that call locally, and there
are modems used by PC Pursuit that call long distance (god knows why).
There are other outdials that you can find sometimes on a corporate LAN
somewhere, or a terminal server which can be accessed via Telenet.
For example.. Say the NUA XXX789 brings you to a DECServer. From that
DECServer, you'd get a list of hosts to connect to. One of these choices
may be a modem. I've tried 'c outdial', 'c modem', 'c dial', and some
times it they work.
Other servers may be used in place of a DEC. Like Bridge Systems LANs.
They're all over Telenet, and are usually used in private exchanges.
122 (GTE) has many of them.
So that basically covers outdials. We have..
1) VAX/VMS
2) UNIX cu
3) PC Pursuit
4) Private Modems on LANs
Anyone have anything to add?
Epsilon
Read:(1-38,^4),? :
5/38: Outdials
Name: Phantom Phreaker #37
Date: 2:09 am Mon Jul 18, 1988
I have seen a system on Telenet that, when connected to, automatically
logged into a unix system as 'uucp' and then dropped the user into an
outdial program. I found out about the unix when I sent a hard break at the
right time, I was dropped into the bourne shell prompt. There were no
unpassworded logins, and uucp had a password too. I raided the L.sys/Systems
file, the etc/password file, and then logged out via the @ sign on Telenet. I
never could get back into the unix though, no matter what I did the
applications program doesn't seem to be exitable to shell. Try it,
XXX293...don't give this out if you can get the pw.
Phantom
Read:(1-38,^5),? :
6/38: That Outdial
Name: Epsilon #12
Date: 10:00 am Mon Jul 18, 1988
That's kind of interesting, and fairly unique. I've never seen an
address on Telenet that will drop into a host running an 'outdial'
program. Fun fun fun.
Read:(1-38,^6),? :
7/38: kind of
Name: The Leftist #3
Date: 1:39 pm Tue Jul 26, 1988
Reminds me of when I called telenet, and instead of telenet, I found myself
logged into a privelesged acct on a primos.. that was weird!
Read:(1-38,^7),? :
8/38: ...
Name: Epsilon #12
Date: 5:05 pm Tue Jul 26, 1988
Random fluke. Never happened to me. It'd be real cool to find out what
actually happened.
- LOD Groupie
Read:(1-38,^8),? :
9/38: XXX293
Name: Prime Suspect #70
Date: 11:45 pm Tue Aug 09, 1988
I remember that system. It was a major bug
I don't think it was really a Unix though. It's a different system now
altogether though. I used to be able to type anything or a ctrl-c as
a password and it would drop to the outdial. It would only allow
one user at a time. The prompt turned out to be a "$" though.
You say you found those files? That's weird. Was this recent or from the
major past?
Sounds recent to me.
Read:(1-38,^9),? :
10/38: ...
Name: Phiber Optik #86
Date: 10:02 pm Fri Aug 12, 1988
I'm sure many of you have outdials either on telenet or tymnet, so I
encourage
that some of you use ALTOS in Munich as a place for conversation.
XXX2458XXX40004.
Here is a gateway server, if needed:
XXX40 (Caller ID Required)
When connected... (example)
c!128#2XXXXXX0040004
I have already run into Epsilon and Necron 99 many times. It would be nice to
see more of you, as my geek-killing utilities ward off loosers and lamers,
maybe some topics of interest may be discussed seriously.
Optik
Read:(1-38,^10),? :
11/38: Optik
Name: Epsilon #12
Date: 8:36 am Sat Aug 13, 1988
Those utilities are quite nice. You know, we should create a program to
run all the zaps simultaneously, so you don't have to kill each account
individually.
I don't know how feasible or practical that is, but it might work.
Read:(1-38,^11),? :
12/38: that thiings
Name: <<< Ani Failure #50 >>>
Date: 3:02 am Sun Aug 14, 1988
it was last year sometime when I fucked with XXX293, i have the Systems (or
was it L.sys, can't remember) and password files.
ANIF
Read:(1-38,^12),? :
13/38: Telenet internals
Name: The Prophet #91
Date: 6:40 pm Tue Aug 30, 1988
Anyone have any information on Telenet's internal systems? (Primos, I
believe.) NUA's would be appreciated. I've seen the innards of a net using
the same software... The control software itself is called TDT or TDT2
(Telenet Diagnostic Tool). Nice, VMS-like online help facility should explain
the capabilities easily. I'd like to have a crack at Telenet's own.
-TP
Read:(1-38,^13),? :
14/38: um, well
Name: Magic Hasan #64
Date: 6:41 pm Wed Aug 31, 1988
i hope mentor and necron forgive me ..but here are a few nuas
you should look into for Telents internal primes:
XXX99
XXX101
XXX39
XXX138
XXX10
-MH
Read:(1-38,^14),? :
15/38: ok.
Name: The Mentor #1
Date: 8:34 pm Wed Aug 31, 1988
This sub is safe for mundane things like NUA's and phone #'s. Still no
accounts... Nec, don't whine.
The Mentor
Read:(1-38,^15),? :
16/38: ...
Name: Epsilon #12
Date: 9:30 pm Wed Aug 31, 1988
I have a scan that I did of 909, if you want that. Just ask.
Read:(1-38,^16),? :
17/38: 909
Name: Epsilon #12
Date: 2:14 pm Thu Sep 01, 1988
I talked to a Telenet technician today in Seattle, WA. He said that the
diagnostic systems in 909 will enable you to "look at anything you
want". I assume that means that you are able to modify the network
and the PADs, and hosts which are connected.
He said the Prime computers in that exchange are used for network control
and diags. Well, there you go. You now know what the systems do, so
break out your defaults.
Read:(1-38,^17),? :
18/38: Diagnostic systems
Name: The Prophet #91
Date: 7:47 pm Thu Sep 01, 1988
You can indeed modify the x25 parameters for pads and hosts. Also routing,
etc. Just what I always wanted to do...
-TP
Thanks, Hasan.
Read:(1-38,^18),? :
19/38: ...
Name: Epsilon #12
Date: 12:39 pm Fri Sep 02, 1988
Hasan? I posted that message. Heh..
Read:(1-38,^19),? :
20/38: yep
Name: Magic Hasan #64
Date: 4:49 pm Fri Sep 02, 1988
But I posted the important nuas.
heh.
'welcome
-MH
Read:(1-38,^20),? :
21/38: ..
Name: Epsilon #12
Date: 10:21 pm Fri Sep 02, 1988
Well! Fine! <stomping off in a huff>
Read:(1-38,^21),? :
22/38: telenet/nasa
Name: Knightmare #21
Date: 3:21 am Mon Sep 05, 1988
I'm sure you all know of the nua, NASA. Is it some sort of mail system or
something useful? I doubt the second. About dialing Telenet and running into
a system upon connection; it has happened many times to me too. But I keep
running into database services. Also, does OKX25OKX25OKX25..etc look
familiar? I got that tonight when I attempted to call Telenet. btw, hello to
all..{epsilon,necron,mh,ani-f,prime,etc}
Read:(1-38,^22),? :
23/38: ...
Name: Epsilon #12
Date: 8:44 am Mon Sep 05, 1988
It seems like the results of some diagnostics that were being run on that
particular PAD before you called it. That's kind of neat. I've never been
connected to anything when I call the Telenet port. Leftist - What did you
say you were connected to? Was it a Prime? That's so strange.
Read:(1-38,^23),? :
24/38: gueess..
Name: Knightmare #21
Date: 2:01 am Tue Sep 06, 1988
..Telenet has that same problem as Cosmos. Sure most modem do that..kinda
gives us an edge. It was funny today, I was connected to thee Washington
outdial for PCP. I bet there is no way to figure out which PCP account
that the Telenet is using for the call to the outdial modem.
Read:(1-38,^24),? :
25/38: ...
Name: Epsilon #12
Date: 9:32 am Tue Sep 06, 1988
Knightmare - Telenet's software connects itself. It doesn't need any
accounts. Heh.
Also, do you think you guys could possibly post some exchanges that haven't
been scanned (reachable via Telenet) as of yet? I'm interested in finding
new stuff. I only have a few private prefixes. They are..
122
223
224
422
909
That's it I think. Anyone? Anyone?
Read:(1-38,^25),? :
26/38: Telenet
Name: <<< Ani Failure #50 >>>
Date: 4:51 pm Tue Sep 06, 1988
I don't think you can reach the 122xxx exchange on Telenet anymore, at least
not on the dialup the I attempted to connected to one of the GS-1 Gateway
server systems (XXX55). I (and others, like Epsilon) got into those things ,
and I was able to get medium privs on the thing (when you call normally and
enter the server, you are in what I call the low level of privs). Anyway, I
wrote a file about the GS-1 server5a if anyone wants to see it I could u/l
it.
ANI-F
$LOD$
//s
Read:(1-38,^26),? :
27/38: ...
Name: Epsilon #12
Date: 2:15 pm Wed Sep 07, 1988
One way of achieving higher privs on a GS/1, CS/200, or any other make of
Bridge Systams LAN Gateways is to use the command 'SET PR = G' (Set
PRivileges = Global). In most cases this command will prompt the server to
ask you for a password. I suppose guessing is the best way to gain full
privs.
Other neat things. 'SH NM -LONG' gives youa full network map. 'SH CHN' or
'SH N' (on a CS/200) gives you a list of attachable nodes. 'Sh SES' shows
the current session. 'SH GLPAR' shows gloabal parameters. Use '?' to get a
full list of commands, and parameters.
Read:(1-38,^27),? :
28/38: y
Name: The Mentor #1
Date: 5:20 pm Thu Sep 08, 1988
Who is No Remorse and why is he recommending that people (Necrovore) ask for
access to this sub? Please keep the existance of higher-level than public
boards a secret, thank you...
No Remorse? Sounds like another one of Necron's aliases.
Mentor
Read:(1-38,^28),? :
29/38: hey,
Name: Necron 99 #9
Date: 7:14 pm Thu Sep 08, 1988
wait a sec. he's a freind of mine. didn't you just talk to me last night &
say " do you want this other guy up here..", i just thought it would make
things simpler this way.
or will i have to come over to your house and skin you alive, hm?
Read:(1-38,^29),? :
30/38: ok
Name: The Mentor #1
Date: 11:30 am Fri Sep 09, 1988
Ok... Nec, when you recommend people for high access, please leave me a
note... I get calls regularly from people saying "The Leftist will vouch for
me" or some such nonsense, then find out Lefty talked to them once on
Altos...
you know what I mean...
Anyway, welcome to Necrovore, who *finally* has access up here after a long
and bloody struggle... sorry about the delay, the 'No Remorse' thing threw me
off...
Mentor
Read:(1-38,^30),? :
31/38: ...
Name: Epsilon #12
Date: 1:51 pm Fri Sep 09, 1988
Yeah, well, we all know how Necron is. No remorse whatsoever.
Read:(1-38,^31),? :
32/38: Tymnet
Name: The Prophet #91
Date: 2:54 pm Fri Sep 09, 1988
If anyone has any information regarding a Tymnet internal system called elf,
please leave me E-mail.
-TP
Read:(1-38,^32),? :
33/38: hmmm
Name: The Mentor #1
Date: 8:11 am Tue Sep 13, 1988
Anyone know anything about Pink Death?
a) Infrequent caller (1 time every week or so)
b) Reads *everything*.
c) Posts *nothing*. No email. No Feedback (except for validation).
Nothing.
This is a pattern I associate with someone more interested in buffering the
board than actually learning anything... comments?
The Mentor
LOD/H!
Read:(1-38,^33),? :
34/38: asdf
Name: Necron 99 #9
Date: 9:32 am Tue Sep 13, 1988
kill him, and see what happens.
Read:(1-38,^34),? :
35/38: urm..
Name: Necrovore #117
Date: 7:12 am Wed Sep 14, 1988
Yo guys. glad ta be here. er, I am pretty much more into teleco shit than
hacking, but I am an avid PRIMOS enthusiast and have been involved in
learning as much as possible about PRIMOS (down to the machine level, even)..
so I guess I'll deal more with teleco than systems, but will also help out
with the PRIMOS and Telenet questions..
By the way: go find and download Telecom Computer Security Bulletin issue #1
(TCSB for short). Concieved last friday night by me and Doctor Cypher and
released (a little less than 200k, 96 printed pages) 40 hours later with 11
articles. A ew tech journal is what it is.. the Bellcore/Xtension tech
journal. read.. it's good..
Necrovore
Xtension
Read:(1-38,^35),? :
36/38: yasd
Name: Necron 99 #9
Date: 3:52 pm Wed Sep 14, 1988
upload it here when you have the time, ok, necrovore?
Read:(1-38,^36),? :
37/38: AAAAAHHHHHHH!!!!!
Name: Agent Steal #123
Date: 3:12 am Fri Sep 16, 1988
I'm here! Big deal right? Well some day I'll get busted and you will all
hear about all the inovative, bold and crazy things I've done and can't talk
about because most phreaks are narrow minded, bullshiting, inmature, fuck
heads that would nark on there girlfriend if the shit came down! Present
company not included of course. Well anyway you can say you knew me when...
Read:(1-38,^37),? :
38/38: hey all
Name: Knightmare #21
Date: 6:07 pm Tue Sep 20, 1988
..i'm still here. If you thought I died. School is keeping me pretty
busy.. gotta go. seeya guys.
Knightmare
Read:(1-38,^38),? :
29/31: underlord...
Name: Doc Cypher #155
Date: 5:09 pm Fri Sep 30, 1988
That little DataPac fiasco was kind of disappointing. The account no longer
works, and as you may or may not know, packet and frame level configuration
is an important part of a network, and you fucked it up. You have no
control of billing there by the way, and just to be a nice guy (and return a
favor), im killing COOPNAT for you and all your friends once and for all, and
leaving it in a CUG, something you have no control over. Enjoy the L/D
calls to the U.S.
The only reason that we (BC) kept changing it from a CUG to a user-level
account was for a simple service to the canadian hacking community (we have
our own accounts there) and out condition? Dont fuck with Datapac NOC
systems.
Well, youve ruined it for your friends and the canadian hacking community.
Enjoy yourself. Ill be engineering the new gandalf account monday.
Doctor Cypher
%BC%
Read:(1-31,^29),? :
_____________________________________________________________________________
*** {Files Written by the Sysop, The Mentor} ***
\/\The Conscience of a Hacker/\/
by
+++The Mentor+++
Written on January 8, 1986
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Another one got caught today, it's all over the papers. "Teenager
Arrested in Computer Crime Scandal," "Hacker Arrested after Bank Tampering"...
Damn kids. They're all alike.
But did you, in your three-piece psychology and 1950's technobrain,
ever take a look behind the eyes of the hacker? Did you ever wonder what
made him tick, what forces shaped him, what may have molded him?
I am a hacker, enter my world...
Mine is a world that begins with school... I'm smarter than most of
the other kids, this crap they teach us bores me...
Damn underachievers. They're all alike.
I'm in junior high or high school. I've listened to teachers explain
for the fifteenth time how to reduce a fraction. I understand it. "No, Ms.
Smith, I didn't show my work. I did it in my head..."
Damn kid. Probably copied it. They're all alike.
I made a discovery today. I found a computer. Wait a second, this is
cool. It does what I want it to. If it makes a mistake, it's because I
screwed it up. Not because it doesn't like me...
Or feels threatened by me...
Or thinks I'm a smart ass...
Or doesn't like teaching and shouldn't be here...
Damn kid. All he does is play games. They're all alike.
And then it happened... a door opened to a world... rushing through
the phone line like heroin through an addict's veins, an electronic pulse is
sent out, a refuge from the day-to-day incompetencies is sought... a board is
found.
"This is it... this is where I belong..."
I know everyone here... even if I've never met them, never talked to
them, may never hear from them again... I know you all...
Damn kid. Tying up the phone line again. They're all alike...
You bet your ass we're all alike... we've been spoon-fed baby food at
school when we hungered for steak... the bits of meat that you did let slip
through were pre-chewed and tasteless. We've been dominated by sadists, or
ignored by the apathetic. The few that had something to teach found us will-
ing pupils, but those few are like drops of water in the desert.
This is our world now... the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals. We explore... and you call us criminals. We seek
after knowledge... and you call us criminals. We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.
Yes, I am a criminal. My crime is that of curiosity. My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for.
I am a hacker, and this is my manifesto. You may stop this
individual, but you can't stop us all... after all, we're all alike.
+++The Mentor+++
_____________________________________________________________________________
==Phrack Inc.==
Volume Two, Issue 22, File 4 of 12
+++++++++++++++++++++++++++++++++++++++++++++++++
| The LOD/H Presents |
++++++++++++++++ ++++++++++++++++
\ A Novice's Guide to Hacking- 1989 edition /
\ ========================================= /
\ by /
\ The Mentor /
\ Legion of Doom/Legion of Hackers /
\ /
\ December, 1988 /
\ Merry Christmas Everyone! /
\+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++/
The author hereby grants permission to reproduce, redistribute, or include this
file in your g-file section, electronic or print newletter, or any other form
of transmission that you choose, as long as it is kept intact and whole, with
no ommissions, deletions, or changes.
(C) The Mentor- Phoenix Project Productions 1988,1989 512/441-3xxx
Introduction: The State of the Hack
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
After surveying a rather large g-file collection, my attention was drawn to the
fact that there hasn't been a good introductory file written for absolute
beginners since back when Mark Tabas was cranking them out (and almost
- everyone* was a beginner!) The Arts of Hacking and Phreaking have changed
radically since that time, and as the 90's approach, the hack/phreak community
has recovered from the Summer '87 busts (just like it recovered from the Fall
'85 busts, and like it will always recover from attempts to shut it down), and
the progressive media (from Reality Hackers magazine to William Gibson and
Bruce Sterling's cyberpunk fables of hackerdom) is starting to take notice
of us for the first time in recent years in a positive light.
Unfortunately, it has also gotten more dangerous since the early 80's. Phone
cops have more resources, more awareness, and more intelligence than they
exhibited in the past. It is becoming more and more difficult to survive as a
hacker long enough to become skilled in the art. To this end this file is
dedicated. If it can help someone get started, and help them survive to
discover new systems and new information, it will have served it's purpose, and
served as a partial repayment to all the people who helped me out when was a
beginner.
Contents
~~~~~~~~
This file will be divided into four parts:
Part 1: What is Hacking, A Hacker's Code of Ethics, Basic Hacking Safety
Part 2: Packet Switching Networks: Telenet- How it Works, How to Use it,
Outdials, Network Servers, Private PADs
Part 3: Identifying a Computer, How to Hack In, Operating System Defaults
Part 4: Conclusion; Final Thoughts, Books to Read, Boards to Call,
Acknowledgements
Part One: The Basics
~~~~~~~~~~~~~~~~~~~~~
As long as there have been computers, there have been hackers. In the 50's at
the Massachusets Institute of Technology (MIT), students devoted much time and
energy to ingenious exploration of the computers. Rules and the law were
disregarded in their pursuit for the 'hack.' Just as they were enthralled with
their pursuit of information, so are we. The thrill of the hack is not in
breaking the law, it's in the pursuit and capture of knowledge.
To this end, let me contribute my suggestions for guidelines to follow to
ensure that not only you stay out of trouble, but you pursue your craft without
damaging the computers you hack into or the companies who own them.
I. Do not intentionally damage *any* system.
II. Do not alter any system files other than ones needed to ensure your
escape from detection and your future access (Trojan Horses, Altering
Logs, and the like are all necessary to your survival for as long as
possible).
III. Do not leave your (or anyone else's) real name, real handle, or real
phone number on any system that you access illegally. They *can* and
will track you down from your handle!
IV. Be careful who you share information with. Feds are getting trickier
Generally, if you don't know their voice phone number, name, and
occupation or haven't spoken with them voice on non-info trading
conversations, be wary.
V. Do not leave your real phone number to anyone you don't know. This
includes logging on boards, no matter how k-rad they seem. If you don't
know the sysop, leave a note telling some trustworthy people that will
validate you.
VI. Do not hack government computers. Yes, there are government systems that
are safe to hack, but they are few and far between. And the government
has inifitely more time and resources to track you down than a company
who has to make a profit and justify expenses.
VII. Don't use codes unless there is *NO* way around it (you don't have a
local telenet or tymnet outdial and can't connect to anything 800). You
use codes long enough, you will get caught. Period.
VIII. Don't be afraid to be paranoid. Remember, you *are* breaking the law.
It doesn't hurt to store everything encrypted on your hard disk, or
keep your notes buried in the backyard or in the trunk of your car. You
may feel a little funny, but you'll feel a lot funnier when you when you
meet Bruno, your transvestite cellmate who axed his family to death.
IX. Watch what you post on boards. Most of the really great hackers in the
country post *nothing* about the system they're currently working except
in the broadest sense (I'm working on a UNIX, or a COSMOS, or something
generic. Not "I'm hacking into General Electric's Voice Mail
System" or something inane and revealing like that).
X. Don't be afraid to ask questions. That's what more experienced hackers
are for. Don't expect *everything* you ask to be answered, though.
There are some things (LMOS, for instance) that a begining hacker
shouldn't mess with. You'll either get caught, or screw it up for
others, or both.
XI. Finally, you have to actually hack. You can hang out on boards all you
want, and you can read all the text files in the world, but until you
actually start doing it, you'll never know what it's all about. There's
no thrill quite the same as getting into your first system (well, ok, I
can thinksavea couple of biggers thrills, but you get the picture).
One of the safest places to start your hacking career is on a computer system
belonging to a college. University computers have notoriously lax security,
and are more used to hackers, as every college computer department ment has one
or two, so are less likely to press charges if you should be detected. But the
odds of them detecting you and having the personel to committ to tracking you
down are slim as long as you aren't destructive.
If you are already a college student, this is ideal, as you can legally explore
your computer system to your heart's desire, then go out and look for similar
systems that you can penetrate with confidence, as you're already
familar with them.
So if you just want to get your feet wet, call your local college. Many of
them will provide accounts for local residents at a nominal (under $20) charge.
Finally, if you get caught, stay quiet until you get a lawyer. Don't volunteer
any information, no matter what kind of 'deals' they offer you. Nothing is
binding unless you make the deal through your lawyer, so you might as well shut
up and wait.
Part Two: Networks
~~~~~~~~~~~~~~~~~~~
The best place to begin hacking (other than a college) is on one of the
bigger networks such as Telenet. Why? First, there is a wide variety of
computers to choose from, from small Micro-Vaxen to huge Crays. Second, the
networks are fairly well documented. It's easier to find someone who can help
you with a problem off of Telenet than it is to find assistance concerning your
local college computer or high school machine. Third, the networks are safer.
Because of the enormous number of calls that are fielded every day by the big
networks, it is not financially practical to keep track of where every call and
connection are made from. It is also very easy to disguise your location using
the network, which makes your hobby much more secure.
Telenet has more computers hooked to it than any other system in the world once
you consider that from Telenet you have access to Tymnet, ItaPAC, JANET,
DATAPAC, SBDN, PandaNet, THEnet, and a whole host of other networks, all of
which you can connect to from your terminal.
The first step that you need to take is to identify your local dialup port.
This is done by dialing 1-800-424-9494 (1200 7E1) and connecting. It will
spout some garbage at you and then you'll get a prompt saying 'TERMINAL= '.
This is your terminal type. If you have vt100 emulation, type it in now. Or
just hit return and it will default to dumb terminal mode.
You'll now get a prompt that looks like a @. From here, type @c mail <cr> and
then it will ask for a Username. Enter 'phones' for the username. When it
asks for a password, enter 'phones' again. From this point, it is menu driven.
Use this to locate your local dialup, and call it back locally. If you don't
have a local dialup, then use whatever means you wish to connect to one long
distance (more on this later).
When you call your local dialup, you will once again go through the TERMINAL=
stuff, and once again you'll be presented with a @. This prompt lets you know
you are connected to a Telenet PAD. PAD stands for either Packet
Assembler/Disassembler (if you talk to an engineer), or Public Access Device
(if you talk to Telenet's marketing people.) The first description is more
correct.
Telenet works by taking the data you enter in on the PAD you dialed into,
bundling it into a 128 byte chunk (normally... this can be changed), and then
transmitting it at speeds ranging from 9600 to 19,200 baud to another PAD, who
then takes the data and hands it down to whatever computer or system it's
connected to. Basically, the PAD allows two computers that have different baud
rates or communication protocols to communicate with each other over a long
distance. Sometimes you'll notice a time lag in the remote machines response.
This is called PAD Delay, and is to be expected when you're sending data
through several different links.
What do you do with this PAD? You use it to connect to remote computer
systems by typing 'C' for connect and then the Network User Address (NUA) of
the system you want to go to.
An NUA takes the form of 031103130002520
___/___/___/
| | |
| | |____ network address
| |_________ area prefix
|______________ DNIC
This is a summary of DNIC's (taken from Blade Runner's file on ItaPAC)
according to their country and network name.
DNIC Network Name Country DNIC Network Name Country
_______________________________________________________________________________
|
02041 Datanet 1 Netherlands | 03110 Telenet USA
02062 DCS Belgium | 03340 Telepac Mexico
02080 Transpac France | 03400 UDTS-Curacau Curacau
02284 Telepac Switzerland | 04251 Isranet Israel
02322 Datex-P Austria | 04401 DDX-P Japan
02329 Radaus Austria | 04408 Venus-P Japan
02342 PSS UK | 04501 Dacom-Net South Korea
02382 Datapak Denmark | 04542 Intelpak Singapore
02402 Datapak Sweden | 05052 Austpac Australia
02405 Telepak Sweden | 05053 Midas Australia
02442 Finpak Finland | 05252 Telepac Hong Kong
02624 Datex-P West Germany | 05301 Pacnet New Zealand
02704 Luxpac Luxembourg | 06550 Saponet South Africa
02724 Eirpak Ireland | 07240 Interdata Brazil
03020 Datapac Canada | 07241 Renpac Brazil
03028 Infogram Canada | 09000 Dialnet USA
03103 ITT/UDTS USA | 07421 Dompac French Guiana
03106 Tymnet USA |
There are two ways to find interesting addresses to connect to. The first and
easiest way is to obtain a copy of the LOD/H Telenet Directory from the LOD/H
Technical Journal 4 or 2600 Magazine. Jester Sluggo also put out a good list
of non-US addresses in Phrack Inc. Newsletter Issue 21. These files will tell
you the NUA, whether it will accept collect calls or not, what type of computer
system it is (if known) and who it belongs to (also if known.)
The second method of locating interesting addresses is to scan for them
manually. On Telenet, you do not have to enter the 03110 DNIC to connect to a
Telenet host. So if you saw that 031104120006140 had a VAX on it you wanted to
look at, you could type @c 412 614 (0's can be ignored most of the time).
If this node allows collect billed connections, it will say 412 614 CONNECTED
and then you'll possibly get an identifying header or just a Username: prompt.
If it doesn't allow collect connections, it will give you a message such as 412
614 REFUSED COLLECT CONNECTION with some error codes out to the right, and
return you to the @ prompt.
There are two primary ways to get around the REFUSED COLLECT message. The
first is to use a Network User Id (NUI) to connect. An NUI is a username/pw
combination that acts like a charge account on Telenet. To collect to node
412 614 with NUI junk4248, password 525332, I'd type the following:
@c 412 614,junk4248,525332 <---- the 525332 will *not* be echoed to the
screen. The problem with NUI's is that they're hard to come by unless you're a
good social engineer with a thorough knowledge of Telenet (in which case you
probably aren't reading this section), or you have someone who can provide you
with them.
The second way to connect is to use a private PAD, either through an X.25 PAD
or through something like Netlink off of a Prime computer (more on these two
below).
The prefix in a Telenet NUA oftentimes (not always) refers to the phone Area
Code that the computer is located in (i.e. 713 xxx would be a computer in
Houston, Texas). If there's a particular area you're interested in, (say, New
York City 914), you could begin by typing @c 914 001 <cr>. If it connects, you
make a note of it and go on to 914 002. You do this until you've found some
interesting systems to play with.
Not all systems are on a simple xxx yyy address. Some go out to four or five
digits (914 2354), and some have decimal or numeric extensions (422 121A = 422
121.01). You have to play with them, and you never know what you're going to
find. To fully scan out a prefix would take ten million attempts per prefix.
For example, if I want to scan 512 completely, I'd have to start with 512
00000.00 and go through 512 00000.99, then increment the address by 1 and try
512 00001.00 through 512 00001.99. A lot of scanning. There are plenty of
neat computers to play with in a 3-digit scan, however, so don't go berserk
with the extensions.
Sometimes you'll attempt to connect and it will just be sitting there after one
or two minutes. In this case, you want to abort the connect attempt by sending
a hard break (this varies with different term programs, on Procomm, it's
ALT-B), and then when you get the @ prompt back, type 'D' for disconnect.
If you connect to a computer and wish to disconnect, you can type <cr> @ <cr>
and you it should say TELENET and then give you the @ prompt. From there, type
D to disconnect or CONT to re-connect and continue your session uninterrupted.
Outdials, Network Servers, and PADs
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In addition to computers, an NUA may connect you to several other things. One
of the most useful is the outdial. An outdial is nothing more than a modem
you can get to over telenet -- similar to the PC Pursuit concept, except that
these don't have passwords on them most of the time.
When you connect, you will get a message like 'Hayes 1200 baud outdial,
Detroit, MI', or 'VEN-TEL 212 Modem', or possibly 'Session 1234 established on
Modem 5588.' The best way to figure out the commands on these is to type ? or
H or HELP -- this will get you all the information that you need to use one.
Safety tip here -- when you are hacking *any* system through a phone dialup,
always use an outdial or a diverter, especially if it is a local phone number
to you. More people get popped hacking on local computers than you can
imagine, Intra-LATA calls are the easiest things in the world to trace
inexpensively.
Another nice trick you can do with an outdial is use the redial or macro
function that many of them have. First thing you do when you connect is to
invoke the 'Redial Last Number' facility. This will dial the last number used,
which will be the one the person using it before you typed. Write down the
number, as no one would be calling a number without a computer on it. This is
a good way to find new systems to hack. Also, on a VENTEL modem, type 'D' for
Display and it will display the five numbers stored as macros in the modem's
memory.
There are also different types of servers for remote Local Area Networks (LAN)
that have many machine all over the office or the nation connected to them.
I'll discuss identifying these later in the computer ID section.
And finally, you may connect to something that says 'X.25 Communication PAD'
and then some more stuff, followed by a new @ prompt. This is a PAD just like
the one you are on, except that all attempted connections are billed to the
PAD, allowing you to connect to those nodes who earlier refused collect
connections.
This also has the added bonus of confusing where you are connecting from. When
a packet is transmitted from PAD to PAD, it contains a header that has the
location you're calling from. For instance, when you first connected to
Telenet, it might have said 212 44A CONNECTED if you called from the 212 area
code. This means you were calling PAD number 44A in the 212 area. That 21244A
will be sent out in the header of all packets leaving the PAD.
Once you connect to a private PAD, however, all the packets going out from *it*
will have it's address on them, not yours. This can be a valuable buffer
between yourself and detection.
Phone Scanning
~~~~~~~~~~~~~~
Finally, there's the time-honored method of computer hunting that was made
famous among the non-hacker crowd by that Oh-So-Technically-Accurate movie
Wargames. You pick a three digit phone prefix in your area and dial every
number from 0000 --> 9999 in that prefix, making a note of all the carriers you
find. There is software available to do this for nearly every computer in the
world, so you don't have to do it by hand.
Part Three: I've Found a Computer, Now What?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This next section is applicable universally. It doesn't matter how you found
this computer, it could be through a network, or it could be from carrier
scanning your High School's phone prefix, you've got this prompt this prompt,
what the hell is it?
I'm *NOT* going to attempt to tell you what to do once you're inside of any of
these operating systems. Each one is worth several G-files in its own right.
I'm going to tell you how to identify and recognize certain OpSystems, how to
approach hacking into them, and how to deal with something that you've never
seen before and have know idea what it is.
VMS - The VAX computer is made by Digital Equipment Corporation (DEC), and
runs the VMS (Virtual Memory System) operating system. VMS is
characterized by the 'Username:' prompt. It will not tell you if
you've entered a valid username or not, and will disconnect you
after three bad login attempts. It also keeps track of all failed
login attempts and informs the owner of the account next time s/he
logs in how many bad login attempts were made on the account. It is
one of the most secure operating systems around from the outside,
but once you're in there are many things that you can do to
circumvent system security. The VAX also has the best set of help
files in the world. Just type HELP and read to your heart's
content.
Common Accounts/Defaults: [username: password [[,password]]]
SYSTEM: OPERATOR or MANAGER or SYSTEM or SYSLIB
OPERATOR: OPERATOR
SYSTEST: UETP
SYSMAINT: SYSMAINT or SERVICE or DIGITAL
FIELD: FIELD or SERVICE
GUEST: GUEST or unpassworded
DEMO: DEMO or unpassworded
DECNET: DECNET
DEC-10 - An earlier line of DEC computer equipment, running the TOPS-10
operating system. These machines are recognized by their '.'
prompt. The DEC-10/20 series are remarkably hacker-friendly,
allowing you to enter several important commands without ever
logging into the system. Accounts are in the format [xxx,yyy]
where xxx and yyy are integers. You can get a listing of the
accounts and the process names of everyone on the system before
logging in with the command .systat (for SYstem STATus). If you
seen an account that reads [234,1001] BOB JONES, it might be wise
to try BOB or JONES or both for a password on this account. To
login, you type .login xxx,yyy and then type the password when
prompted for it.
The system will allow you unlimited tries at an account, and does
not keep records of bad login attempts. It will also inform you if
the UIC you're trying (UIC = User Identification Code, 1,2 for
example) is bad.
Common Accounts/Defaults:
1,2: SYSLIB or OPERATOR or MANAGER
2,7: MAINTAIN
5,30: GAMES
UNIX - There are dozens of different machines out there that run UNIX.
While some might argue it isn't the best operating system in the
world, it is certainly the most widely used. A UNIX system will
usually have a prompt like 'login:' in lower case. UNIX also will
give you unlimited shots at logging in (in most cases), and there is
usually no log kept of bad attempts.
Common Accounts/Defaults: (note that some systems are case
sensitive, so use lower case as a general rule. Also, many times
the accounts will be unpassworded, you'll just drop right in!)
root: root
admin: admin
sysadmin: sysadmin or admin
unix: unix
uucp: uucp
rje: rje
guest: guest
demo: demo
daemon: daemon
sysbin: sysbin
Prime - Prime computer company's mainframe running the Primos operating
system. The are easy to spot, as the greet you with 'Primecon
18.23.05' or the like, depending on the version of the operating
system you run into. There will usually be no prompt offered, it
will just look like it's sitting there. At this point, type 'login
<username>'. If it is a pre-18.00.00 version of Primos, you can hit
a bunch of ^C's for the password and you'll drop in. Unfortunately,
most people are running versions 19+. Primos also comes with a good
set of help files. One of the most useful features of a Prime on
Telenet is a facility called NETLINK. Once you're inside, type
NETLINK and follow the help files. This allows you to connect to
NUA's all over the world using the 'nc' command.
For example, to connect to NUA 026245890040004, you would type
@nc :26245890040004 at the netlink prompt.
Common Accounts/Defaults:
PRIME PRIME or PRIMOS
PRIMOS_CS PRIME or PRIMOS
PRIMENET PRIMENET
SYSTEM SYSTEM or PRIME
NETLINK NETLINK
TEST TEST
GUEST GUEST
GUEST1 GUEST
HP-x000 - This system is made by Hewlett-Packard. It is characterized by the
':' prompt. The HP has one of the more complicated login sequneces
around -- you type 'HELLO SESSION NAME,USERNAME,ACCOUNTNAME,GROUP'.
Fortunately, some of these fields can be left blank in many cases.
Since any and all of these fields can be passworded, this is not the
easiest system to get into, except for the fact that there are
usually some unpassworded accounts around. In general, if the
defaults don't work, you'll have to brute force it using the common
password list (see below.) The HP-x000 runs the MPE operating
system, the prompt for it will be a ':', just like the logon prompt.
Common Accounts/Defaults:
MGR.TELESUP,PUB User: MGR Acct: HPONLYG rp: PUB
MGR.HPOFFICE,PUB unpassworded
MANAGER.ITF3000,PUB unpassworded
FIELD.SUPPORT,PUB user: FLD, others unpassworded
MAIL.TELESUP,PUB user: MAIL, others unpassworded
MGR.RJE unpassworded
FIELD.HPPl89 ,HPPl87,HPPl89,HPPl96 unpassworded
MGR.TELESUP,PUB,HPONLY,HP3 unpassworded
IRIS - IRIS stands for Interactive Real Time Information System. It
originally ran on PDP-11's, but now runs on many other minis. You
can spot an IRIS by the 'Welcome to "IRIS" R9.1.4 Timesharing'
banner, and the ACCOUNT ID? prompt. IRIS allows unlimited tries at
hacking in, and keeps no logs of bad attempts. I don't know any
default passwords, so just try the common ones from the password
database below.
Common Accounts:
MANAGER
BOSS
SOFTWARE
DEMO
PDP8
PDP11
ACCOUNTING
VM/CMS - The VM/CMS operating system runs in International Business Machines
(IBM) mainframes. When you connect to one of these, you will get
message similar to 'VM/370 ONLINE', and then give you a '.' prompt,
just like TOPS-10 does. To login, you type 'LOGON <username>'.
Common Accounts/Defaults are:
AUTOLOG1: AUTOLOG or AUTOLOG1
CMS: CMS
CMSBATCH: CMS or CMSBATCH
EREP: EREP
MAINT: MAINT or MAINTAIN
OPERATNS: OPERATNS or OPERATOR
OPERATOR: OPERATOR
RSCS: RSCS
SMART: SMART
SNA: SNA
VMTEST: VMTEST
VMUTIL: VMUTIL
VTAM: VTAM
NOS - NOS stands for Networking Operating System, and runs on the Cyber
computer made by Control Data Corporation. NOS identifies itself
quite readily, with a banner of 'WELCOME TO THE NOS SOFTWARE SYSTEM.
COPYRIGHT CONTROL DATA 1978,1987.' The first prompt you will get
will be FAMILY:. Just hit return here. Then you'll get a USER
NAME: prompt. Usernames are typically 7 alpha-numerics characters
long, and are *extremely* site dependent. Operator accounts begin
with a digit, such as 7ETPDOC.
Common Accounts/Defaults:
$SYSTEM unknown
SYSTEMV unknown
Decserver- This is not truly a computer system, but is a network server that
has many different machines available from it. A Decserver will say
'Enter Username>' when you first connect. This can be anything, it
doesn't matter, it's just an identifier. Type 'c', as this is the
least conspicuous thing to enter. It will then present you with a
'Local>' prompt. From here, you type 'c <systemname>' to connect to
a system. To get a list of system names, type 'sh services' or 'sh
nodes'. If you have any problems, online help is available with the
'help' command. Be sure and look for services named 'MODEM' or
'DIAL' or something similar, these are often outdial modems and can
be useful!
GS/1 - Another type of network server. Unlike a Decserver, you can't
predict what prompt a GS/1 gateway is going to give you. The
default prompt it 'GS/1>', but this is redifinable by the system
administrator. To test for a GS/1, do a 'sh d'. If that prints out
a large list of defaults (terminal speed, prompt, parity, etc...),
you are on a GS/1. You connect in the same manner as a Decserver,
typing 'c <systemname>'. To find out what systems are available, do
a 'sh n' or a 'sh c'. Another trick is to do a 'sh m', which will
sometimes show you a list of macros for logging onto a system. If
there is a macro named VAX, for instance, type 'do VAX'.
The above are the main system types in use today. There are
hundreds of minor variants on the above, but this should be enough
to get you started.
Unresponsive Systems
~~~~~~~~~~~~~~~~~~~~
Occasionally you will connect to a system that will do nothing, but sit there.
This is a frustrating feeling, but a methodical approach to the system will
yield a response if you take your time. The following list will usually make
1) Change your parity, data length, and stop bits. A system that won't
respond at 8N1 may react at 7E1 or 8E2 or 7S2. If you don't have a term
program that will let you set parity to EVEN, ODD, SPACE, MARK, and NONE,
with data length of 7 or 8, and 1 or 2 stop bits, go out and buy one.
While having a good term program isn't absolutely necessary, it sure is
helpful.
2) Change baud rates. Again, if your term program will let you choose odd
baud rates such as 600 or 1100, you will occasionally be able to penetrate
some very interesting systems, as most systems that depend on a strange
baud rate seem to think that this is all the security they need...
3) Send a series of <cr>'s.
4) Send a hard break followed by a <cr>.
5) Type a series of .'s (periods). The Canadian network Datapac responds to
this.
6) If you're getting garbage, hit an 'i'. Tymnet responds to this, as does a
MultiLink II.
7) Begin sending control characters, starting with ^A --> ^Z.
8) Change terminal emulations. What your vt100 emulation thinks is garbage
may all of a sudden become crystal clear using ADM-5 emulation. This also
relates to how good your term program is.
9) Type LOGIN, HELLO, LOG, ATTACH, CONNECT, START, RUN, BEGIN, LOGON, GO,
JOIN, HELP, and anything else you can think of.
10) If it's a dialin, call the numbers around it and see if a company answers.
If they do, try some social engineering.
Brute Force Hacking
~~~~~~~~~~~~~~~~~~~
There will also be many occasions when the default passwords will not work on
an account. At this point, you can either go onto the next system on your
list, or you can try to 'brute-force' your way in by trying a large database of
passwords on that one account. Be careful, though! This works fine on systems
that don't keep track of invalid logins, but on a system like a VMS, someone is
going to have a heart attack if they come back and see '600 Bad Login Attempts
Since Last Session' on their account. There are also some operating systems
that disconnect after 'x' number of invalid login attempts and refuse to allow
any more attempts for one hour, or ten minutes, or sometimes until the next
day.
The following list is taken from my own password database plus the database of
passwords that was used in the Internet UNIX Worm that was running around in
November of 1988. For a shorter group, try first names, computer terms, and
obvious things like 'secret', 'password', 'open', and the name of the account.
Also try the name of the company that owns the computer system (if known), the
company initials, and things relating to the products the company makes or
deals with.
Password List
=============
aaa daniel jester rascal
academia danny johnny really
ada dave joseph rebecca
adrian deb joshua remote
aerobics debbie judith rick
airplane deborah juggle reagan
albany december julia robot
albatross desperate kathleen robotics
albert develop kermit rolex
alex diet kernel ronald
alexander digital knight rosebud
algebra discovery lambda rosemary
alias disney larry roses
alpha dog lazarus ruben
alphabet drought lee rules
ama duncan leroy ruth
amy easy lewis sal
analog eatme light saxon
anchor edges lisa scheme
andy erenity
arrow elizabeth maggot sex
arthur ellen magic shark
asshole emerald malcolm sharon
athena engine mark shit
atmosphere engineer markus shiva
bacchus enterprise marty shuttle
badass enzyme marvin simon
bailey euclid master simple
banana evelyn maurice singer
bandit extension merlin single
banks fairway mets smile
bass felicia michael smiles
batman fender michelle smooch
beauty fermat mike smother
beaver finite minimum snatch
beethoven flower minsky snoopy
beloved foolproof mogul soap
benz football moose socrates
beowulf format mozart spit
berkeley forsythe nancy spring
berlin fourier napoleon subway
beta fred network success
beverly friend newton summer
angerine
bumbling george osiris tape
cardinal gertrude outlaw target
carmen gibson oxford taylor
carolina ginger pacific telephone
caroline gnu painless temptation
castle golf pam tiger
cat golfer paper toggle
celtics gorgeous password tomato
change graham pat toyota
charles gryphon patricia trivial
charming guest penguin unhappy
charon guitar pete unicorn
chester hacker peter unknown
cigar harmony philip urchin
classic harold phoenix utility
coffee harvey pierre vicky
coke heinlein pizza virginia
collins hello plover warren
comrade help polynomial water
computer herbert praise weenie
condo honey prelude whatnot
condom horse prince whitney
cookie imperial protect will
cooper include pumpkin william
create ingres puppet willie
creation innocuous rabbit winston
I hope this file has been of some help in getting started. If you're asking
yourself the question 'Why hack?', then you've probably wasted a lot of time
reading this, as you'll never understand. For those of you who have read this
and found it useful, please send a tax-deductible donation
of $5.00 (or more!) in the name of the Legion of Doom to:
The American Cancer Society
90 Park Avenue
New York, NY 10016
- ******************************************************************************
References:
1) Introduction to ItaPAC by Blade Runner
Telecom Security Bulletin 1
2) The IBM VM/CMS Operating System by Lex Luthor
The LOD/H Technical Journal 2
3) Hacking the IRIS Operating System by The Leftist
The LOD/H Technical Journal 3
4) Hacking CDC's Cyber by Phrozen Ghost
Phrack Inc. Newsletter 18
5) USENET comp.risks digest (various authors, various issues)
6) USENET unix.wizards forum (various authors)
7) USENET info-vax forum (various authors)
Recommended Reading:
1) Hackers by Steven Levy
2) Out of the Inner Circle by Bill Landreth
3) Turing's Man by J. David Bolter
4) Soul of a New Machine by Tracy Kidder
5) Neuromancer, Count Zero, Mona Lisa Overdrive, and Burning Chrome, all by
William Gibson
6) Reality Hackers Magazine c/o High Frontiers, P.O. Box 40271, Berkeley,
California, 94704, 415-995-2606
7) Any of the Phrack Inc. Newsletters & LOD/H Technical Journals you can
find.
Acknowledgements:
Thanks to my wife for putting up with me.
Thanks to Lone Wolf for the RSTS & TOPS assistance.
Thanks to Android Pope for proofreading, suggestions, and beer.
Thanks to The Urvile/Necron 99 for proofreading & Cyber info.
Thanks to Eric Bloodaxe for wading through all the trash.
Thanks to the users of Phoenix Project for their contributions.
Thanks to Altos Computer Systems, Munich, for the chat system.
Thanks to the various security personel who were willing to talk to me about
how they operate.
Boards:
I can be reached on the following systems with some regularity;
The Phoenix Project: 512/441-3xxx 300-2400 baud
Hacker's Den-80: 718/358-9xxx 300-1200 baud
Smash Palace South: 512/478-6xxx 300-2400 baud
Smash Palace North: 612/633-0xxx 300-2400 baud
- ************************************ EOF *************************************
==Phrack Inc.==
Volume One, Issue Nine, Phile #7 of 10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
(512)-396-1xxx
The Shack // presents
A Multi-User Chat Program for DEC-10s
Original Program by
TTY-Man
Modified and Clarified by
+++The Mentor+++
October 6th, 1986
Intro: Unlike its more sophisticated older brother, the VAX, the DEC has no
easy-to-use communication system like the VMS PHONE utility. The following
program makes use of the MIC file type available on most DECs. Each user that
wishes to be involved in the conference needs to run the program from his area
using the .DO COM command. The program can be entered with any editor (I
recommend SED if you have VT52 emulation), and should be saved as COM.MIC. The
program does not assume any specific terminal type or emulation. You will
have to know the TTY number of any person you wish to add to the conference,
but this is available through a .SYSTAT command or .R WHO (see below.)
SYSTAT
This is an example of a SYSTAT to used to determine TTY#...
Status of Saturn 7.03.2 at 7:27:51 on 03-Oct-86
Uptime 40:41:14, 77% Null time = 77% Idle + 0% Lost, 9% Overhead
27 Jobs in use out of 128. 27 logged in (LOGMAX of 127), 16 detached.
PPN# TTY# CURR SIZE
19 [OPR] 6 OPR 56+39 HB 18
20 7,20 5 OPR 23+39 HB 24 $
21 2501,1007 56 COMPIL 8+8 ^C 1:34 $
22 66,1012 57 TECO 10+12 TI 39
23 66,1011 62 1022 16+55 TI 36 $
24 [SELF] 64 SYSTAT 23+SPY RN 0 $
26 [OPR] DET STOMPR 10+9 SL 2
27 16011,1003 DET DIRECT 17+32 ^C 30 $
36 [OPR] DET FILDAE 17 HB 1:57
The TTY# is available in the TTY column... DET means that the user is
detached and is unavailable for chatting...
Below is an example of .R WHO to obtain the same information...
/- jobs in use out of 127.
Job Who Line PPN
20 OPERATOR 20 5 7,20
21 DISPONDENT 56 2501,1007
22 ADP-TBO 57 66,1012
23 ADP-MDL 62 66,1011
24 THE MENTOR 64 XXXX,XXX
27 GEO4440103 Det 16011,1003
In each case, I am on TTY# 64...
Anyway, use the following program, it's more convenient that doing a
.SEN <tty> every time you want to send a message. Also, to shut out an
annoying sender, use .SET TTY GAG. To remove, .SET TTY NO GAG... pretty
simple, huh?
start::
!
!Now in loop: 'a 'b 'c 'd 'e 'f
!
.mic input A,"Destination Terminal 1:"
.if ($a="") .goto welcome
.mic input B,"Destination Terminal 2:"
.if ($b="") .goto welcome
.mic input C,"Destination Terminal 3:"
.if ($c="") .goto welcome
.mic input D,"Destination Terminal 4:"
.if ($d="") .goto welcome
.mic input E,"Destination Terminal 5:"
.if ($e="") .goto welcome
.mic input F,"Destination Terminal 6:"
.if ($f="") .goto welcome
welcome::
!Sending Hello Message...
sen 'a Conference Forming on TTYs 'b 'c 'd 'e 'f ... DO COM to these to join'
sen 'b Conference Forming on TTYs 'a 'c 'd 'e 'f ... DO COM to these to join'
sen 'c Conference Forming on TTYs 'a 'b 'd 'e 'f ... DO COM to these to join'
sen 'd Conference Forming on TTYs 'a 'b 'c 'e 'f ... DO COM to these to join'
sen 'e Conference Forming on TTYs 'a 'b 'c 'd 'f ... DO COM to these to join'
sen 'f Conference Forming on TTYs 'a 'b 'c 'd 'e ... DO COM to these to join'
!
!Type /h for help
com::
.mic input G,"T>"
!Checking Commands.. Wait..
.if ($g="/h") .goto help
.if ($g="/k") .goto kill
.if ($g="/l") .goto list
.if ($g="/d") .goto drop
.if ($g="/t") .goto time
.if ($g="/w") .goto who
.if ($g="/u") .goto users
.if ($g="/q") .goto quit
.if ($g="/r") .backto start
.if ($g="/ac") .goto ack
!Transmitting.. Wait..
sen 'a 'g
sen 'b 'g
sen 'c 'g
sen 'd 'g
sen 'e 'g
sen 'f 'g
.backto com
help::
!
! Internal Commands
!
! /H -> This Menu /K -> Kill
! /L -> List Terminals /U -> Users
! /W -> R who /AC-> Alert Caller
! /Q -> Quit
! /R -> Restart/Add
! /T -> Show Date/Time
! /D -> Drop Caller
!
! All Commands must be in lower case.
!
.backto com
list::
!
!Currently Connected To Terminals: 'a 'b 'c 'd 'e 'f
!
.backto com
who::
.revive
.r who
'<silence>
.backto com
users::
.revive
.r users
'<silence>
.BACKTO COM
QUIT::
!
!Call The Shack... 512-396-1120 300/1200 24 hours
!
.mic cancel
drop::
!
!Send Hangup Message:: Enter Terminal Number To Be Disconnected.
!
.mic input h,"Destination Terminal Number:"
.sen 'h <=- Communication Terminated at '<time> -=>
.backto start
ack::
.mic input h,"Destination Terminal Number:"
.sen 'h %TMRR - Timeout Error, Response Required, Please ACKNOWLEDGE!
.backto com
kill::
!
!Send Message To Specific Terminal In A Loop
.mic input n,"Are You Sure (Y/N)?"
.if ($n="y") then .goto k1
!%Function Aborted - Returning To Communication Mode.
.backto com
k1::
.mic input h,"Destination Terminal Number:"
.mic input n,"K>"
dog::
!Transmitting...CTRL-C Aborts!
.sen 'h'n
.backto dog
time::
!
!Current Date : '<date>
!Current Time : '<time>
!
.backto com
Wasn't that neat? A feature that you can implement separately to be a
pain in the ass is the recursive MIC that sends an annoying message to a
specified terminal. It is almost impossible for them to shut you out without
logging out unless they are already gagged.
Just create a small MIC file called BUG.MIC... to do it in two lines,
simply type...
.SEN <tty # goes here> Eat hot photons, Vogon slime!
.DO BUG
That's it! I hope this comes in useful to someone out there! Give us
a call at The Shack... 512-396-1xxx 300/1200 baud, 24 hours a day... And a
special welcome to all the feds who will doubtlessly be calling since the
number appears in here... we have nothing to hide!
+++The Mentor+++
_____________________________________________________________________________
==Phrack Inc.==
Volume Two, Issue 19, Phile #2 of 8
DCL Utilities for the VMS Hacker
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
By
The Mentor
Special thanks to Silver Spy for
turning me onto DCL in the first place!
------------------------------------------------------------------------------
Anyone who spends time hacking on VAXes (by hacking, I don't just mean
trying to get in... I mean *doing* something once you're in!) notices that the
DCL command language is extremely powerful. I have put together a selection
of utilities that not only should prove helpful to the hacker, but serve as a
good example of programming in DCL.
Every attempt has been made to preserve unchanged the user-environment
from the initialization of the file to the exit. Any session-permanent
changes are documented.
Brief Overview of DCL
>>>>>>>>>>>>>>>>>>>>>
There are numerous files out there on DCL (the VMS help files are the
best place to find information), so I'm not going to teach you how to program
in it. To use the following code, isolate the section of code you want in
your favorite text editor, upload it into a file, and name the file
<progname>.COM. Anytime you see a file ending with .COM, you know it's a DCL
file. DCL files are executed by issuing the command
$@FILENAME
or, in the case of a file you want to run as a separate process,
$SPAWN/NOWAIT @FILENAME
Table of Contents
>>>>>>>>>>>>>>>>>
1. CD.DOC : This is the documentation for CD.COM (and the only
documentation file in the bunch.
2. CD.COM : A change directory utility, much like the PC command
CD, except more powerful. $SET DEFAULT is a pain in
the ass!
3. HUNT.COM : Searches a specified node for a given user. Useful
for alerting you to the presence of a sysop.
4. ALARM.COM : An alarm clock. If they check the logs at 8 a.m., you
probably want to be off before then.
5. CGO.COM : Included because it's short. Allows you to compile,
link, and run a C program with a one-line command.
I have about 300 more pages of COM files. If you need anything, drop me
a line. I'll try and help out. I can be found on Forgotten Realm, or you can
call a non-hacker (local to me) IBM game board if it's an urgent message (The
Bastille-- 512/353-0590 300/1200 24 hrs. It's not the best hacker board in
the world, but my mail arrives daily...)
Also, if programming of this type interests you, let me know! I'm
considering putting up a board for the discussion of programming (compilers,
AI/Expert Systems, Op Systems, etc...). If I get enough positive response,
I'll go with it. Leave mail on the aforementioned systems.
The Mentor
CD.COM Version 5.0 VMS Change Directory Command
Sub-directories are a nice feature on many computers, but
they're not always easy to take advantage of. The VMS
commands to access sub-directories are a little obscure,
even to PC programmers who are used to using directories.
The solution? CD.COM, a change directory command that works
almost the same as the PC-DOS CD and PROMPT commands:
CD - Display your home directory, current
directory, and node name. (Similar to, but
better than the VMS SHOW DEFAULT command.)
CD dir_name - Move you to the [dir_name] directory.
CD [dir_name] (Same as the SET DEFAULT [dir_name] command.)
CD .sub_name - Move you to the [.sub_name] subdirectory.
CD [.sub_name] (Same as the SET DEFAULT [.sub_name] command.)
CD \ - Move you to your home (root) directory, which
CD HOME is the directory you are in when you login.
CD SYS$LOGIN (Same as the SET DEFAULT SYS$LOGIN command.)
CD .. - Move you to the directory above your
CD [-] current directory. (Same as the VMS
SET DEFAULT [-] command.)
CD ..sub_name - Move you "sideways" from one subdirectory
CD [-.sub_name] to another subdirectory. (Same as the
SET DEFAULT [-.sub_name] command.)
CD * - Select a subdirectory to move to, from a
list of subdirectories.
CD . - Reset the current directory.
CD ? - Display instructions for using CD.
The VMS SET DEFAULT command has a flaw: you can change
directories to a directory that doesn't exist. CD handles this
more elegantly; you're left in the same directory you were in
before, and this message appears:
[dir_name] Directory does not exist!
PC-DOS lets you display the current directory as part of the
prompt. (If you haven't seen this feature, try the PC-DOS
command PROMPT $P$G.) CD.COM will change the prompt for you
each time you change directories if you include this line in
your LOGIN.COM file:
DEFINE SYS$PROMPT "ON"
Without this line, your prompt is not changed from what you
have it set as. Instead, your home (root) directory name,
current directory name, and node name are displayed whenever
you issue the CD command.
Since VMS allows prompts to contain no more than 32 characters,
if you change to a subdirectory that would make your prompt too
long, CD automatically leaves off some of the higher level
sub-directories to keep your prompt short, and displays a "*"
as one of the prompt characters.
CD lets you use directory names defined with with the DEFINE
command. For example, if you're in one of Dr. Smiths' CS3358
classes, you might want to define his CS3358 assignments
directory like this:
DEFINE SMITH "DISK$CS:[CS.SMITH.3358]"
Then, CD SMITH would move you to this directory. Try it!
Also, some directories are already defined by the system.
The SHOW LOGICAL command will give you clues to some of these
system directories, if you want to go exploring. CD also
supports the use of symbols for directory names.
Like with PC-DOS, VMS directories and sub-directories are tree
structured. The system root directory for your disk has the
name [000000], and in it are the names of all the sub-directories
for your disk. The directories for an imaginary user, CS335825305,
would be located like this:
System Root Directory:
[000000]
. . . .
CS3358 Directories: . . . .
. . *. .
... [CS3358251] [CS3358252] [CS3358253] [CS3358254] ...
. . .
CS3358253 Directories: . . .
. *. .
... [CS3358253.04HOPE] [CS3358253.05JONES] [CS3358253.06KEY] ...
. .
CS335825305 Directories: . .
*. *.
[CS3358253.05JONES.MAIL] [CS3358253.05JONES.BULL]
If you're not using sub-directories, but want to, you can
create them with the CREATE command:
CREATE/DIR [.sub_name]
VMS allows directories to be seven or eight levels deep, but
one or two levels is enough for most users.
VMS also allows the symbols < and > to be used instead of
[ and ], to specify directory names. CD fully supports this.
Code for CD.COM
>>>>>>>>>>>>>>>
$! CD.COM v6.09
$! The Ultimate Change Directory Command.
$!
$ hdir = f$trnlnm("SYS$LOGIN") ! Home Directory
$ ndir = f$edit(p1,"UPCASE") ! New Directory
$ odir = f$environment("DEFAULT") ! Old Directory
$ prompton = (f$edit(f$trnlnm("SYS$PROMPT"),"UPCASE") .eqs. "ON")
$!
$ if (ndir .eqs. "") then goto DISPLAY ! No Dir
$ if (ndir .eqs. "*") then goto DIRSEARCH ! Search for Dirs
$ if (ndir .eqs. "?") then goto HELP ! Instructions
$!
$ PARSE:
$ length = f$length(ndir) ! Fix up ndir
$ if (f$location("@",ndir) .eq. 0) .or. -
(f$location("$",ndir) .eq. 0) then ndir = f$extract(1, length - 1, ndir)
$ right = f$location("]",ndir) + 1
$ if (right .gt. length) then right = f$location(">", ndir)
$ if (right .le. length) then ndir = f$extract(0, right, ndir)
$!
$ if (f$trnlnm(ndir) .eqs. "") then goto CASESYM ! Not Logical Name
$ ndir = f$trnlnm(ndir) ! Logical Name
$ goto PARSE
$!
$ CASESYM:
$ if ("''&ndir'" .eqs. "") then goto CASE0 ! Not Symbol
$ ndir = 'ndir' ! Symbol
$ goto PARSE
$!
$ CASE0:
$ len_ndir = f$length(ndir) ! Regular Dir
$ if (f$location("[", ndir) .lt. len_ndir) .or. -
(f$location("<", ndir) .lt. len_ndir) then goto SETDIR
$!
$ CASE1: ! Home Dir
$ if ((ndir .nes. "HOME") .and. (ndir .nes. "\")) then goto CASE2
$ ndir = hdir
$ goto SETDIR
$!
$ CASE2: ! . .. .dir
$ if (f$location(".", ndir) .nes. 0) then goto CASE3
$ if (ndir .eqs. "..") then ndir = "-"
$ if (f$extract(0, 2, ndir) .eqs. "..") -
then ndir = "-" + f$extract(1, len_ndir - 1, ndir)
$ ndir = "[" + ndir + "]"
$ if (ndir .eqs. "[.]") then ndir = odir
$ goto SETDIR
$!
$ CASE3: ! :
$ if (f$location(":", ndir) .ge. len_ndir) then goto CASE4
$ left = f$location(":", ndir) + 1
$ symbol = f$extract(left, 1, ndir)
$ if (symbol .eqs. ":") then goto CASE3B ! :: Node
$ if ((symbol .eqs. "[") .or. (symbol .eqs. "<")) then goto SETDIR
$ ndir = f$extract(0, left, ndir) + "[" -
+ f$extract(left, len_ndir - left+1, ndir) + "]"
$ goto SETDIR
$!
$ CASE3B: ! NODE::nothing
$ if (f$length(ndir)-1 .gt. left) then goto CASE3C
$ ndir = ndir + "[000000]"
$ goto SETDIR
$!
$ CASE3C: ! NODE::directory
$ if ((f$location("[", ndir) - f$location("<", ndir)) .ne. 0) -
then goto SETDIR
$
$ ndir = f$parse(ndir,,,"NODE") + "[" + f$parse(ndir,,,"NAME") + "]"
$ goto SETDIR
$!
$ CASE4: ! dir
$ ndir = "[" + ndir + "]"
$!
$ SETDIR:
$ set default 'ndir'
$ if (f$parse("") .eqs. "") then goto DIRERROR
$!
$ DISPLAY:
$ if ((ndir .nes. "") .and. prompton) then goto NODISPLAY
$ hnode = f$getsyi("NODENAME")
$ cnode = f$parse(f$trnlnm("SYS$DISK"),,,"NODE") - "::"
$ if (cnode .eqs. "") then cnode = hnode
$ cdir = f$environment("DEFAULT")
$ write sys$output " "
$ write sys$output " Home Node: ", hnode
$ write sys$output " Home Directory: ", hdir
$ if (cdir .eqs. hdir) .and. (cnode .eqs. hnode) then goto DISPSKIP
$ write sys$output " Current Node: ", cnode
$ write sys$output " Current Directory: ", cdir
$ DISPSKIP:
$ write sys$output " "
$!
$ NODISPLAY:
$ ndir = f$environment("DEFAULT")
$ if .not. prompton then goto END
$!
$ if (f$length(ndir) .ge. 32) then goto TOOLONG
$!
$ SETPROMPT:
$ set prompt = 'ndir'" "
$!
$ END:
$ exit
$!
$ DIRERROR:
$ write sys$output " "
$ write sys$output " ", ndir, " Directory does not exist!"
$ write sys$output " "
$ set default 'odir'
$ ndir = odir
$ goto NODISPLAY
$!
$! Prompt Problems------------------------------------------------------------
$!
$ TOOLONG:
$! Prompt is too long. Get rid of everything to the left of [ or <. If that
$! doesn't work, get rid of a subdirectory at a time. As a last resort,
$! set the prompt back to $.
$!
$ left = f$location("[", ndir)
$ len_ndir = f$length(ndir)
$ if (left .ge. len_ndir) then left = f$location("<",ndir)
$ if (left .gt. 0) .and. (left .lt. len_ndir) -
then ndir = f$extract(left, len_ndir - left, ndir)
$!
$ STILLTOOLONG:
$ if (f$length(ndir) .lt. 32) then goto SETPROMPT
$ left = f$location(".", ndir) + 1
$ len_ndir = f$length(ndir)
$ if left .ge. len_ndir then ndir = "$ "
$ if left .ne. len_ndir -
then ndir = "[*" + f$extract(left, len_ndir - left, ndir)
$ goto STILLTOOLONG
$!
$! Wildcard Directory---------------------------------------------------------
$!
$ DIRSEARCH:
$ error_message = f$environment("MESSAGE")
$ on control_y then goto DIREND
$ on control_c then goto DIREND
$ set message/nosev/nofac/noid/notext
$ write sys$output " "
$ dispct = 1
$ dirct = 0
$ pauseflag = 1
$!
$ DIRLOOP:
$ userfile = f$search("*.dir")
$ if (userfile .eqs. "") .and. (dirct .ne. 0) then goto DIRMENU
$ if (userfile .eqs. "") then goto DIRNONE
$ dispct = dispct + 1
$ dirct = dirct + 1
$ on severe then $ userprot = "No Priv"
$ userprot = f$file_attributes(userfile,"PRO")
$ if userprot .nes. "No Priv" then userprot = " "
$ userfile'dirct' = "[." + f$parse(userfile,,,"NAME") + "]"
$ userprot'dirct' = userprot
$ lengthflag = (f$length(userfile'dirct') .gt. 18)
$ if lengthflag then write sys$output -
f$fao(" !3SL !34AS ", dirct, userfile'dirct'), userprot'dirct'
$ if (.not. lengthflag) then write sys$output -
f$fao(" !3SL !20AS ", dirct, userfile'dirct'), userprot'dirct'
$ if (dispct .lt. 8) then goto DIRLOOP
$ dirct = dirct + 1
$ userfile'dirct' = ""
$ dirct = dirct + 1
$ userfile'dirct' = ""
$ if pauseflag then goto DIRMENU
$ dispct = 0
$ goto DIRLOOP
$!
$ DIRMENU:
$ write sys$output " "
$ if (userfile .eqs. "") then goto DIRMENU2
$ write sys$output " M More subdirectories"
$ if pauseflag then -
$ write sys$output " N More subdirectories/No pause"
$!
$ DIRMENU2:
$ write sys$output " R Re-Display subdirectories"
$ write sys$output " Q Quit (default)"
$
$ DIRINQUIRE:
$ write sys$output " "
$ inquire dirchoice " Select One"
$ write sys$output " "
$!
$ if (dirchoice .gt. 0) .and. -
(dirchoice .le. dirct) then goto DIRCASEDIGIT
$ dirchoice = f$edit(dirchoice,"UPCASE")
$ if (dirchoice .eqs. "") .or. -
(dirchoice .eqs. "Q") then goto DIRCASEBLANK
$ if (dirchoice .eqs. "M") .or. -
(dirchoice .eqs. "N") then goto DIRCASEMORE
$ if (dirchoice .eqs. "R") then goto DIRCASERED
$!
$ DIRCASERROR:
$ if (dirct .eq. 1) then write sys$output -
" Select 1 to change to the ", userfile1, " subdirectory. "
$ revdirct = dirct
$ if (dispct .eq. 8) then revdirct = revdirct - 2
$ if (dirct .gt. 1) then write sys$output -
" Valid subdirectory selections are 1 through ", revdirct, " (Octal)."
$ goto DIRINQUIRE
$!
$ DIRCASEDIGIT:
$ if (userfile'dirchoice' .eqs. "") then goto DIRCASERROR
$ ndir = userfile'dirchoice'
$ goto DIREND
$!
$ DIRCASEBLANK:
$ write sys$output " Subdirectory not changed."
$ write sys$output " "
$ goto DIREND
$!
$ DIRCASEMORE:
$ dispct = 0
$ if (dirchoice .eqs. "N") then pauseflag = 0
$ if (userfile .nes. "") then goto DIRLOOP
$ write sys$output " No more subdirectories to display."
$ goto DIRINQUIRE
$!
$ DIRCASERED:
$ dispct = 1
$ DISPLOOP:
$ if (userfile'dispct' .eqs "") then goto DISPDONT
$ lengthflag = (f$length(userfile'dispct') .gt. 18)
$ if lengthflag then write sys$output -
f$fao(" !3SL !34AS ", dispct, userfile'dispct'), userprot'dispct'
$ if (.not. lengthflag) then write sys$output -
f$fao(" !3SL !20AS ", dispct, userfile'dispct'), userprot'dispct'
$ DISPDONT:
$ dispct = dispct + 1
$ if (dispct .le. dirct) then goto DISPLOOP
$ goto DIRMENU
$!
$ DIRNONE:
$ write sys$output "No subdirectories to choose, or no directory privileges."
$ write sys$output " "
$ goto DIREND
$!
$ DIREND:
$ set message 'error_message'
$ on control_y then exit
$ on control_c then exit
$ if (ndir .eqs. "*") then goto DISPLAY
$ goto PARSE
$!
$!-Help-----------------------------------------------------------------------
$!
$ HELP:
$ type sys$input
CD.COM Version 6 VMS Change Directory Command
Usage: CD command/directory
CD Display home directory, CD .. Change directory to the
current directory, node. CD [-] dir above current dir.
CD \ Change directory to your CD ..sub Change directory to a
CD HOME SYS$LOGIN directory. CD [-.sub] "sideways" subdirectory.
CD dir Change directory to the CD * Display/select the
CD [dir] [dir] directory. available subdirectories.
CD .sub Change directory to the CD . Reset current directory.
CD [.sub] [.sub] subdirectory. CD ? Display CD instructions.
CD :== @SYS$LOGIN:CD.COM DEFINE SYS$PROMPT "ON"
To make CD available from To have the VMS $ prompt
any directory you change to. display the current directory.
By The Mentor
$ goto END
Code for HUNT.COM
>>>>>>>>>>>>>>>>>
$ ! HUNT.COM
$ ! By The Mentor
$ ! Updated by: The Mad Mexican
$ ! Usage: SPAWN/NOWAIT @HUNT
$ !
$ !Searches SHOW USER output for a specified user, strobes at given
$ !intervals considering the severity of the hunt at which time output
$ !is generated and process terminates. If user loggs in then output
$ !is generated and process terminates. May check both nodes if a set
$ !host is called. Also supports a file with the names to be hunted for.
$ !
$ ! *** NOTE *** This is set up for a two-node system with NYSSA
$ ! being the default node and TEGAN being the alternate
$ ! node (Circuit Breaker and some others will recognize
$ ! the nodes as my 'home' ones.) You will need to
$ ! slightly modify the code to reflect the nodename(s)
$ ! of whatever system you are using...
$ !
$ !
$ !
$ say="write sys$output"
$ on control then goto door
$ monitored_node = "''NODE'"
$ say "Monitoring node ''monitored_node'. <HIT RETURN>"
$ severity_of_hunt:
$ inquire selection "Severity of HUNT, 1 being the most urgent: 1-2-3"
$ if selection.ge.2 then goto selection_2
$ delay="wait 00:00:20"
$ loop_count=40
$ goto begin_process
$ selection_2:
$ if selection.eq.3 then goto selection_3
$ delay="wait 00:01:00"
$ loop_count=8
$ goto begin_process
$ if selection.gt.3 then goto severity_of_hunt
$ delay="wait 00:02:30"
$ loop_count=20
$ begin_process:
$ if monitored_node.eqs."TEGAN" then goto search_file_tegan
$ if f$search("nyssa.dat9") .nes. "" then goto file_exist
$ goto continue
$ search_file_tegan:
$ if f$search("tegan.dat9") .nes. "" then goto file_exist
$ continue:
$ say "hit <RETURN>"
$ inquire/nopunctuate choice9 "Who are we hunting for? "
$ if choice9 .eqs. "" then exit
$ count = 0
$ bell_sound[0,8]=%X07
$ top:
$ sho user/output='monitored_node'.dat9
$ purge 'monitored_node'.dat9
$ set message/nofac/noid/notext/nosev
$ search 'monitored_node'.dat9 'choice9'
$ a=$severity
$ if a .eqs. "1" then goto found_user
$ set message 'temp_msg9'
$ count = count + 1
$ if count .ge. 'loop_count' then goto give_up
$ delay
$ goto top
$ file_exist:
$ say "ERROR - Could not create temporary data file."
$ say "Please delete or rename ''NODE'.DAT9"
$ exit
$ found_user:
$ say bell_sound
$ say "''choice9' is now online on node ''monitored_node'."
$ say bell_sound
$ goto door
$ give_up:
$ say " "
$ say "''choice9' has not yet logged in on ''monitored_node'."
$ door:
$ say bell_sound
$ say "HUNT routine has terminated on node ''monitored_node'."
$ delete/noconfirm/nolog 'monitored_node'.dat9;*
$ set message 'temp_msg9'
$ exit
Code for ALARM.COM
>>>>>>>>>>>>>>>>>>
$ ! ALARM.COM
$ ! By The Mentor
$ ! Usage: SPAWN/NOWAIT @ALARM
$ ! Strobes f$time() every 5 seconds until specified time
$ ! is met at which time output is generated and process terminates.
$ CLR = " "
$ count = 0
$ PID = F$PID(CONTEXT)
$ TERMINAL = F$GETJPI(''PID',"TERMINAL")
$ DEVICE = F$GETDVI(TERMINAL,"DEVTYPE")
$ IF DEVICE .EQS. 110 THEN CLR = "[H[2J" ! VT220
$ IF DEVICE .EQS. 98 THEN CLR = "[H[2J" ! VT102
$ IF DEVICE .EQS. 96 THEN CLR = "[H[2J" ! VT100
$ IF DEVICE .EQS. 64 THEN CLR = "HJ" ! VT52
$ CLS = "WRITE SYS$OUTPUT CLR"
$ DATE = F$CVTIME(F$TIME())
$ NODE = F$GETSYI("NODENAME")
$ bell[0,8]=%X07
$ ON CONTROL THEN GOTO DOOR
$ say = "write sys$output"
$ say f$cvtime(,,"TIME")
$ say " "
$ say "Hit (RETURN)"
$ say " "
$ inquire/nopunctuate alarm "What time shall I ring you - "
$ a_hour = f$element(0,":",alarm)
$ a_minute = f$element(1,":",alarm)
$ a_second = f$element(2,":",alarm)
$ time_check:
$ hour = f$element(0,":",f$cvtime(,,"TIME"))
$ minute = f$element(1,":",f$cvtime(,,"TIME"))
$ second = f$element(2,":",f$element(0,".",f$cvtime(,,"TIME")))
$ if hour .ge. a_hour .and. minute .ge. a_minute .and. second .ge.
a_second then goto top
$ if hour .ge. a_hour .and. minute .ge. a_minute then goto top
$ wait 00:00:05
$ goto time_check
$ top:
$ count = count + 1
$ cls
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " A L A R M O N"
$ say bell
$ say " ",f$element(0,".",f$cvtime(,,"TIME"))
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ say " "
$ wait 00:00:01.50
$ if count .le. "6" then goto top
$ door:
$ say "ALARM OFF"
$ say f$element(0,".",f$cvtime(,,"TIME"))
$ say bell
$ exit
Code for CGO.COM
>>>>>>>>>>>>>>>>
$! CGO.COM
$! By The Mentor
$! One-Line compile/link/execute of C programs
$! Usage: CGO :== @CGO.COM
$! CGO filename
$!
$if p1 .nes. "" then c_filename :== 'p1
$ write sys$output "Compiling:"
$ cc 'c_filename/list='c_filename.lst
$ write sys$output "Linking:"
$ link 'c_filename ,options_file/opt
$ write sys$output "Running:"
$ assign/user sys$command sys$input
$ run 'c_filename
$ exit
------------------------------------------------------------------------------
Well, that's it. I hope to be back in the next issue with some other
programs. And remember, any programmers out there, get in touch with me!
The Mentor
Thanksgiving 1987
______________________________________________________________________________
Copyright (C) 1993 LOD Communications. No part of this Work may be
distributed or reproduced, electronically or otherwise, in part or in
whole, without express written permission from LOD Communications
______________________________________________________________________________
*** {End of Phoenix Project BBS Message Base File 1 of 3} ***