💾 Archived View for gemini.spam.works › mirrors › textfiles › phreak › rstshack.txt captured on 2023-01-29 at 10:45:55.
⬅️ Previous capture (2020-10-31)
-=-=-=-=-=-=-
Hacking an RSTS System ------- -- ---- ------ ====================== So, you've decided that you'd like to try to down an RSTS system? Well, here's a beginner's guide: The RSTS system has two parts, the Privileged accounts and the User accounts. The Privileged accounts start with a 1 (In the format [1,1], [1,10], etc. To show the Privileged accounts we'll just use the wildcard [1, *].) The privileged accounts are what every RSTS user would love to have, because if you have a privileged account you have COMPLETE control of the whole system. How can I get a [1,*] account? you may ask.... Well, it takes A LOT of hard work. Guessing is the general rule. For instance, when you first log in there will be a # sign: # (You type a [1,*] account, like 1,2) It will then say Password: (You then type anything up to 6 letters/numbers - Upper Case only) ABCDEF - If it says ?Invalid Password, try again' then you've not done it YET...Keep trying. Ok, we'll assume you've succeeded. You are now in the privileged account of an RSTS system. The first thing you should do is kick everyone else off the system (Well, maybe just the other Privileged users). You do this with the Utility Program. PUT KILL (here you type the Job # of the user you'd like to get out of your way). If the system won't let you, you'll have to look for the UTILTY program. Search for it by typing DIR [1,*]UTILTY.* Now, you've found it and kicked off all the important people (If you want, you can leave the other people on, but it's important to remove all other [1,*] users, even the Detached ones). To find out who's who on the system type SYS/P-(That will print out all the privileged users). Or type SYS to see Everyone. Next on your agenda is to get all the passwords (Of course). Do this by running $MONEY (If it isn't there, search for it with DIR[1,*]MONEY.* and run it using the account where you found it instead of the $) There will be a few questions, like Reset? and Disk? Here's the Important answers. Disk? SY (You want the system password) Reset? No (You want to leave everything as it is) Passwords? YES (You want the passwords Printed) There are others, but they aren't important, just hit a C/R. There is ONE more, it will say something like Output status to? KB: (This is important, you want to see it, not send it elsewhere). Ok, now you've got all the passwords in your hands. Your next step is to make sure the next time you come you can get in again. This is the hard part. First, in order to make sure that no one will disturb you, you use the UTILTY program to make it so no one can login. Type UT SET NO LOGINS (also you can type UT HELP if you need help on the program). Next you have to Change the LOGIN program. I'm sorry, but this part is fuzzy - Personally, I've never gotten this far. Theoretically here's what you do: Find out where the program is, type: DIR [1,*]LOGIN.* If there is LOGIN.BAS anyplace, get into that account (Using your password list, and typing HELLO and the account you'd like to enter). On the DIR of the program there is a date (Like 01-Jan-80). To make it look good you type UT DATE (and the date of the program). Next, you make it easy for yourself to access the program. You type PIP (And the account and name of the program you are changing) <60>=(again the name of the program). Now what you do is OLD the program. Type OLD (Name of the program) Now that is all theoretical. If anyone runs into problems, tell me about it and I'll see if I can either figure it out or get someone else to. Next thing you want to do is LIST the program and find out where the input of the Account # is. To get this far you have to know a lot about programming and what to look for... Here is generally the idea, an idea is all it is, because I have not been able to field test it yet: Add a conditional so that if you type in a code word and an account # it will respond with the password. This will take a while to look for, and a few minutes to change, but you can do it, you've got that RSTS system in your back pocket. Let's say you've (Somehow) been able to change the program. The next thing you want to do is replace it, so put it back where you got it (SAVE Prog-name), an$ then put it back to the Prot Level (The # in the <## #> signs) by typing PIP (Prog name)<232>=Progname (Note, in all of this, don't use the ()'s - they are just used by me to show you what goes where). Now you've gotten this far, what do you do? I say, experiment! Look at all the programs - since you have Privileged status you can analyze every program. Look around for the LOG program, and find out what you can do to that. The last thing to do before you leave is to set the date back to what it was using the UTILTY program again UT DATE (and the current date). From The Wanderjahr 404-998-5676 [GAATL] "..Blurring Fantasy & Reality.." Distributed in part by: Skeleton Crue 415-376-8060 located out of Moraga, California. !!Get on the band wagon befor it RUNS YOU DOWN!! Headquarters for Computer Hackers and Anarchists to Overthrow the State (CH&AOS)