💾 Archived View for clemat.is › saccophore › library › ezines › textfiles › ezines › DPP › dpp02.txt captured on 2021-12-03 at 14:04:38.
-=-=-=-=-=-=-
"Hello?"
"Yo, who dis?"
"Um...who's this?"
"Dis be tha Mack Daddy."
"Who?"
"Mack Daddy, mothafucka, you heard me!"
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
***************** ******************* *******************
******************* ********************* *********************
******* ******* ******* ******* ******* *******
******* ******* ******* ******* ******* *******
******* ******* ******* ******* ******* *******
******* ******* ******* ******* ******* *******
******* ******* ********************* *********************
******* ******* ******************* *******************
******* ******* ******* *******
******************** ******* *******
***************** ******* *******
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Digital Phreak P1mps
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
!Issue numero dos!
Edited by Napalmoliv! Procrastinated by Napalmoliv!
Handcrafted from the best plain text m0ney can buy!
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Blah blah blah: For educational/humorous purposes only! Don't do any
of this shit! It's wrong! And mean! And bad! And you'll get a lump of
coal in your stocking! Besides, we assume no responsibility for your
lack of common sense, you buck-toothed Garth Brooks talkin' stiff
legged "I-don't-understand-how-to-operate-a-can-opener"
type motherfuckers! We mean it!
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
"This payphone is turned off between the hours of 7 am and 4 pm.
No lost change will be refunded."
"Please observe a five minute courtesy limit while
using this payphone."
-My high school's Administration
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0
..0 Editor-of-the-moment: Napalmoliv......Napalmoliv@yahoo.com ..0
..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0
..0 Other Editors/Members: ..0
..0 Hatredonalog..........................Hatredonalog@hotmail.com..0
..0 Sphinx................................Sphinx@hotmail.com ..0
..0 Dark|||Knight.........................dkknight@texoma.net ..0
..0 MMX_Killa.............................Ubione@aol.com ..0
..0 Neptunium Overkill....................quixilver@mailexcite.com..0
..0 Nothingg..............................Nothingg@yahoo.com ..0
..0 Enzyme................................papa_gorgio@hotmail.com ..0
..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0..0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Eleeeet Table Of Eleeeet Contents:
1. Introduction...........................Napalmoliv
2. Hook and Hole..........................hobKnob
3. Novell Netware Exploits, Parts 1-4.....Evil_Gremlin
4. The Walter Levy Log....................Hatredonalog
5. The Mack-Daddy Log.....................Napalmoliv
6. How to Get School Comp. Passswords.....Neptunium Overkill
7. Exchangin' y0 Broken Tone Dialer.......Napalmoliv
8. Free Long Distance for Your SOUL!......Mars
9. My Experiences With RCMAC..............Hatredonalog
10. Editorial..............................Napalmoliv
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Introduction....
So. Welcome to Digital Phreak P1mps issue number two. As you may
as well know, it's late. Four days late, to be precise. Why? Well, so
happens, there's this thing called WORK. It gets in the way from time
to time. There's this other thing called HIGH-SCHOOL. Yes, you may
have heard of these things. One provides a person with income, while
the other provides you with a bunch of textbooks and a whole lot of
styrofoam ceiling tiles. Or maybe they both do. It all depends.
And what does all this mean? Well, it means that I took my sweet
fucking time putting this shit together. And it's barely even telecom-
related this time! But it's still cool! Or not. I don't know, decide
for yourself. Whatever. Enjoy.
Your Editor and Employee of the month, Wal-Mart #1184,
-Napalmoliv
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Hook and Hole...a cool vending machine rip
by hobKnob (behoth@hotmail.com)
Ok...so ya want a snickers bar? fuck that.
Ok...so ya want 10 snickers, 5 bags o' chips, some life savers a couple
snackie cakes, some cheesy poofs, and a over priced bag of flaming hot
peanuts? Read on.
I know what yer thinkin.. "hey, paw, lets you and me go rustle up the
shotguns, and rob us a 7-11!"
Well... not that I have any problems with that...I suppose it kinda
lacks the subtlety of smashing into a coke machine with yer truck..
Off topic again...back to subject.
I have never seen a text on this before. In fact, I have never heard of
anybody besides me and a few friends doing it... It's what I have labled
the "Hook and Hole" method.
What you need:
#1 1 coat hanger
#2 1 hand drill (use a manual one, as they don't make any noticable
noise.. i also reccomend the Fiskers one, as it'll fit in j00
pocket)
#3 a loot bag. (I have a nice Milwaukee Journal/Setinal newspaper
bag bright fuckin yellow)
#4 a candy vending machine
Now...when nobody is around...or paying attention...go up to the machine
and drill a hole in the plexiglass some place where it won't be noticed.
Make sure you use a small drill bit... One barely bigger than the diameter
of your coat hanger. (What we did was actually drill 4 holes in the glass,
one in each corner about 1' from the corners. You'll see why later on.)
Now go back to what ever it was you were doing...
Come back later with your coat hanger and your loot bag.
Straighten out the coat hanger and make bend in one end of it,
like so:
-------------------------/
/
Insert the hook end through the "hole" and use it like a "hook"
to snag shit from the spiral holders. Just keep pulling the items out and
droppping it into the receptical... Have a friend stuff it into the
bag to speed it up.
Pretty simple eh?
-options-
if you're just lookin for a fee treat everyonce in a while.. drill a
hole
near the group of food stuffs you will be after.. and go to a hardware
store and lift one of those small claw things.. they look like this.
| | /
|o|oooooooooo--
| | \
open
| |
|ooo|oooooooooo0
| |
closed
The outer diameter of the "barrel" is about .25 inches,
and the whole thing is about 18 inches long. It's also quite
flexible, as the barrel and such has a spring for the housing.
Simply reach in...snag what you want...drop it...and your're set-
a free snack whenever you want!
-Note-
I suggest drilling 4 or 5 holes in the plexiglass.. one in each corner,
(6-12" from the edges) and one dead in the center of the glass...
Not only does it look like ventalation holes, but it lets you get at
everything in the machine with little difficulty!
Once you got your bag o loot you can do almost anyting with it..
sell it for prophet...eat it...or just give it away (yeah right).
-hobKnob
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Novell Netware Exploits- How to use them to your advantage
by Evil_Gremlin (evil_gremlin@hotmail.com)
Let's face it. Most people who own computers are idiots. To
compensate for this lack of knowledge, software developers make their
software more "user-friendly" and easy to use. And the more software is easy
to use, the easier it is to exploit. Novell Netware is known for being an
easy-to-use platform that is very secure. I hope to show you that, like
every good program, it has its flaws. These flaws, if abused correctly, can
open up security gaps wide enough for Sally Struthers to slide through.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
O v e r V i e w
1.) Why Novell Netware?
2.) The Basics
3.) Accessing Accounts
4.) Account Passwords
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
W h y N o v e l l N e t w a r e ?
Novell Netware, owning 60% of the market share, is the most common
platform despite the tireless efforts of both Windows NT and UNIX systems.
Its extremely fast and reliable File\Print services are major strengths that
these systems are just now attaining. Netware systems are used because of
their easy-to-use but powerful environments which can tailor to the needs of
both system managers and copy-boys.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
T h e B a s i c s
The success of almost everything in this document depends on the way
that the network is set up. Not everything will work. In most cases, you
will need to know the version of Novell Netware that you are using. If you
don't know it, try running VERSION in the SYS:PUBLIC directory. You need
some basic knowledge on how a computer operates. Now, I know that very few,
if any of you are professional hackers. You wouldn't be reading this if you
were. This isn't the most complete Novell Netware article. I left out some
details that weren't practical either because they could only be used under
very slim circumstances or because they don't accomplish enough. This
document is centered around the intermediate or beginner hacker. Most of the
programs described in this document come with Netware. Any programs that
don't will be listed on the last page along with where to find them. I guess
what I am saying is to sit back and relax.
In Netware, there are common levels of security that are offered to
certain users. The security levels and your what you can execute within them
are listed below:
(1) Not Logged In - Very basic commands, usually programs in the
SYS:LOGIN directory
(2) Logged In - Basic commands and programs controlled by
trustee rights
(3) Operator - Basic access, control of print queues, a few
special commands such as FCONSOLE
(4) Supervisor - Full file system access, control of user
access, server configurations, and security
(5) OS Access - Console access, all NLMs and most commands
typed at the console run at this level,
partial file access, optional supervisor
access
Now, onto accessing the server. When logging in directly (a
physical console), versions 3.x and 4.x take two very secure measures. They
both use packet signiture and password encryption techniques. But, to log
into the server from a remote location using RCONSOLE (Remote Console), all
thats required is a single password. This is designed so that administrators
can execute commands as if they are actually at the server console. RCONSOLE
establishes a session with the server. This is the one major weakness of
Novell Netware's security. Now, some of the techniques described in this
document won't work on 4.x versions. This isn't a problem, however, because
almost everybody still has 3.x versions. Those who do have 4.x versions
usually still have one or more 3.x servers still being used.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
A c c e s s i n g A c c o u n t s
As stated in the introduction, people are stupid. When Novell
Netware is installed, the platform creates a list of default accounts that
are used for a variety of different things. These accounts are can be used
as a user name and, without entering a password, provide you with access to
the server. Keep in mind, however, that smart administrators will have
disabled these accounts. The following is a list of these common accounts
and what Netware uses them for.
--------------------------------------------------------------------
SUPERVISOR - Default supervisor-equivilant account
GUEST - Default account for non-clients to use
ADMIN - Version 4.x uses it as a default
account with administrator eqivilance
USER_TEMPLATE - Version 4.x uses it as a default account for
testing security or client capabilities
LASERWRITER - Printing to a second server
LASER - Printing to a second server
HPLASER - Printing to a second server
PRINTER - Printing to a second server
PRINT - Printing to a second server
POST - Using a second server for e-mail
MAIL - Using a second server for e-mail
GATEWAY - Connecting the server to a gateway machine
GATE - Connecting the server to a gateway machine
ROUTER - Connecting the server to an e-mail router
BACKUP - Used to make tape backups of the server
WANGTEK - Used to make tape backups of the server
FAX - Connecting the server to a dedicated fax unit
FAXUSER - Connecting the server to a dedicated fax unit
FAXWORKS - Connecting the server to a dedicated fax unit
TEST - Temporary account usage
ARCHIVIST - Default account for Palidrome
WINDOWS_PASSTHRU- Supposably needed for sharing resources
without a password
ROOT - Default account for Shiva LanRovers that
allows for ADMINGUI command-line equivilance
CHEY_ARCHSVR - Default backup account for Arcserve
- Password WONDERLAND may be required
ALT-255 - Less common but works
NOT_LOGGED_IN - Less common but works
PC-CLAS_LOGIN_DO_NOT_REMOVE - Less common but works
--------------------------------------------------------------------
Now don't shoot yourself if none of these worked. There are other
ways to access accounts. If you want to access existing client accounts,
try going to the SYS:PUBLIC directory and running SYSCON. Go into User
Information and you will be able to view all defined accounts and their
user's full name. If this didn't work, try doing the same thing by running
USERLST.
If you are using version 4.1, you can use CX to get accounts.
When 4.1 is installed, the SYS:PUBLIC directory is added to the Root as a
Trustee. This means that the SYS:PUBLIC sirectory has browse access to the
entire tree. To utilize this, load all of the VLMs and run CX /T /A /R. You
won't even have to log in and will be given a list of almost every account on
the server.
Many accounts will use its user name as its password. This happens
when people act like idiots or when accounts are created for users that
aren't currently using them. These accounts can be view by using CHKNULL.
CHKNULL will only work if Bindery Emulation is on.
If none of the above methods have worked, don't bother guessing
accounts and passwords. Netware will ask you for a password whether the
user name you entered was valid or not. This can lead to disaster if
Inturder Detection is turned on. But, if you have a burning desire to do so,
use ATTACH to log in instead of LOGIN. At least, with ATTACH, you won't be
asked for a password if the user name wasn't valid.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
A c c o u n t P a s s w o r d ' s
If you've got an account, you're probably wondering how to get that
account's password. The files that store the passwords in Novell Netware
are located in different places in different versions. In versions 2.x and
3.x, every object and its properties are kept in bindery files. In 4.x,
they are stored in an NDS database. Accounts are bindery objects and their
passwords and user names are properties. The following shows where the files
are located for each version, the file names, and what attributes, or flags,
that they have. To access these files, run the Norton Disk Editor with a /M
parameter. Then, press F2 to view everything in hexadecimal format. Next,
press Ctrl-S to load the search routine. Enter the file name you're looking
for and you're done.
VERSIONS LOCATIONS FILE NAMES ATTRIBUTES
---------- ----------- ------------ ------------
2.x SYS:SYSTEM NET$BVAL.SYS Hidden System
NET$BIND.SYS Hidden System
3.x SYS:SYSTEM NET$VAL.SYS Hidden System
NET$OBJ.SYS Hidden System
NET$PROP.SYS Hidden System
--------------------------------------------------------------------
4.x In versions 4.x, the password files aren't as easily
accessible. They can only be viewed through RCONSOLE
using the Scan Directory option. They will then be
stored in SYS:_NETWARE and are as follows:
VALUE.NDS NDS Subpart
BLOCK.NDS NDS Subpart
ENTRY.NDS NDS Subpart
PARTITIO.NDS NDS Partition
MLS.000 License
VALLINCEN.DAT License Validation
TO BE CONTINUED IN THE FUTURE....(parts 5-8)
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
The Walter Levy Log
by Hatredonalog
One day I went beiging too early and almost got caught.
I ran to the closest KwikTrip parking lot payphone. I
dial a totally random 800 number. And who picks up?
Walter of course. He asked me who I was and I said
that I if I did I would have to kill him. he said
"haha, goodbye!" and hungup. Well, anyways, here is
a compilation of some of the better calls I made to him.
Walter- Walter Levy
hatred- Excuse me? who is this?
Walter- Who are you calling?
hatred- I'm calling, eh, roy.
Walter- You have the wrong number.