💾 Archived View for spam.works › mirrors › textfiles › hacking › force4.txt captured on 2023-06-14 at 16:49:15.

View Raw

More Information

-=-=-=-=-=-=-

                                      
F O R C E   F I L E S     Volume #4
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
From The Depths Of  - THE REALM -, By:  ----====} THE FORCE {====----   08/0/87
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

                      N U A   L I S T I N G S   C O N T

I T T / U D T S   310330100xxx  Sprint, By:    ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the depths of - THE REALM -                                   02/09/1986
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


31033010000532 PRIMECON NETWORK System 32
31033010000533 PRIMECON NETWORK System 33
31033010000534 PRIMECON NETWORK System 34
31033010000537 PRIMECON NETWORK System 37
31033010000538 PRIMECON NETWORK System 38
31033010000541 PRIMECON NETWORK System 41
31033010000542 PRIMECON NETWORK System 42
31033010000543 PRIMECON NETWORK System 43
31033010000544 PRIMECON NETWORK System 44
31033010000545 PRIMECON NETWORK System 45
31033010000546 PRIMECON NETWORK System 46
31033010000547 PRIMECON NETWORK System 47
31033010000548 PRIMECON NETWORK System 48
31033010000549 PRIMECON NETWORK System 49
31033010000550 PRIMECON NETWORK System 50
31033010000551 PRIMECON NETWORK System 51
31033010000552 PRIMECON NETWORK System 52
31033010000557 PRIMECON NETWORK System 57
31033010000561 PRIMECON NETWORK System 61
31033010000563 PRIMECON NETOWRK System 63
31033010000564 PRIMECON NETOWRK System 64
31033010000590 PRIMECON NETWORK System 90
31033010000591 PRIMECON NETWORK System 91
31033010000592 PRIMECON NETOWRK System 92
31033010000593 PRIMECON NETWORK System 93
31033010000594 PRIMECON NETWORK System 94
31033010000595 PRIMECON NETWORK System 95
31033010000596 PRIMECON NETWORK System 96
31033010000597 PRIMECON NETWORK System 97
31033010000598 PRIMECON NETWORK System 98
31033010000599 PRIMECON NETWORK System 99
31033010000663 PRIMECON NETWORK System 63
31033010000664 PRIMECON NETWORK System 64
31033010000693 PRIMECON NETWORK System 93
31033010000694 PRIMECON NETWORK System 94
31033010000695 PRIMECON NETWORK System 95
31033010000696 PRIMECON NETWORK System 96
31033010000699 PRIMECON NETWORK System 99

D I A L N E T  9000xx  Sprint, By:    ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the depths of - THE REALM -                                   29/01/1987
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Plese note that DIALNET NUA's are not accessible via through all pads.
These NUA's were sprinted from PRIMECON SYSTEM 41.

900025  WORLDCOM COMPUTER NETWORK System 25
900032  PRIMECON NETWORK System 32
900033  PRIMECON NETWORK System 33
900034  PRIMECON NETWORK System 34
900037  PRIMECON NETWORK System 37
900038  PRIMECON NETWORK System 38
900039  PRIMECON NETWORK System 39
900040  PRIMECON NETWORK System 40
900041  PRIMECON NETWORK System 41
900042  PRIMECON NETWORK System 42
900044  PRIMECON NETWORK System 44
900045  PRIMECON NETWORK System 45
900046  PRIMECON NETWORK System 46
900047  PRIMECON NETWORK System 47
900048  PRIMECON NETWORK System 48
900049  PRIMECON NETWORK System 49
900050  PRIMECON NETWORK System 50
900051  PRIMECON NETWORK System 51
900052  PRIMECON NETWORK System 52
900053  PRIMECON NETWORK System 53
900054  PRIMECON NETWORK System 54
900055  PRIMECON NETWORK System 55
900056  PRIMECON NETWORK System 56
900057  PRIMECON NETWORK System 57
900058  PRIMECON NETWORK System 58
900059  PRIMECON NETWORK System 59
900061  PRIMECON NETWORK System 61
900063  PRIMECON NETWORK System 63
900064  PRIMECON NETWORK System 64
900090  PRIMECON NETWORK System 90
900091  PRIMECON NETWORK System 91
900092  PRIMECON NETWORK System 92
900093  PRIMECON NETWORK System 93
900094  PRIMECON NETWORK System 94
900095  PRIMECON NETWORK System 95
900096  PRIMECON NETWORK System 96
900097  PRIMECON NETWORK System 97
900098  PRIMECON NETWORK System 98
900099  PRIMECON NETWORK System 99

P S S   234219200xxx   Sprint, By:    ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the depths of - THE REALM -        19/01/1987   Updated: 29/02/87
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

234219200001  PRIMENET 18.3-EOIN2 TPSYS B-MCH
234219200100  OS4000+RLIX PSS GATEWAY
234219200101
234219200102  host
234219200112  0,994#B APS
234219200118  AUTONET
234219200133  QUANTIME PSS GATEWAY
234219200146
234219200148  OS4000+RLIX PSS GATEWAY
234219200149  UNIVERSITY COLLEGE LONDON TERMINAL GATEWAY
234219200152  CCI QUICKMAIL
234219200169  LONDON
234219200171
234219200183  JAMES CAPEL'S TECHNICAL SERVICES DEPARTMENT
234219200190  PERGAMON INFOLINE
234219200193  BUPA
234219200197  0,99#B APS
234219200203
234219200206  host
234219200220
234219200233
234219200237
234219200238
234219200256  JBPLC
234219200260  SWIFT LONDON COMMUNICATIONS
234219200270  HP-3000
234219200275  HP-3000
234219200300  UNIVERSITY COLLEGE LONDON
234219200304
234219200390  SNA/SDLC DYNAMIC
234219200394  SIANET
234219201002
234219201004  BT-GOLD System 81
234219201025  PRESTEL
234219201184  CHASE
234219201197  PRIMENET 19.4.10q HQZ
234219201271  PRIMENET 19.4.10q HQX
234219201281  PERGAMON INFOLINE
234219201311

P S S   23421920100xxx Sprint,    By:    ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the depths of - THE REALM -         04/01/1987   Last Updated: 29/02/87
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

23421920100001  PRESTEL
23421920100002  PRESTEL
23421920100003  PRESTEL
23421920100004  PRESTEL
23421920100005  PRESTEL
23421920100006  PRESTEL
23421920100007  PRESTEL
23421920100008  PRESTEL
23421920100200
23421920100230
23421920100243
23421920100251
23421920100356
23421920100403  BRITISH TELECOM DEVELOPMENT AND BACKUP System 03
23421920100404  BRITISH TELECOM MESSAGE HANDLING System
23421920100417  REV.19  System 17
23421920100418  BT-GOLD System 18
23421920100419  BT-GOLD System 81
23421920100420  BT-GOLD System 81
23421920100421  BT-GOLD System 81
23421920100422  BT-GOLD System 81
23421920100423  BT-GOLD System 81
23421920100424  BT-GOLD System 81
23421920100425  BT-GOLD System 81
23421920100426  BT-GOLD System 81
23421920100427  BT-GOLD System 81
23421920100428  BT-GOLD System 81
23421920100429  BT-GOLD System 81
23421920100430  REV.19  System 04
23421920100431  REV.19  System 04
23421920100432  REV.19  System 04
23421920100433  REV.19  System 04
23421920100434  REV.19  System 04
23421920100435  REV.19  System 04
23421920100436  REV.19  System 04
23421920100437  REV.19  System 04
23421920100438  REV.19  System 04
23421920100439  REV.19  System 04
23421920100440  BT-GOLD System 81
23421920100441  BT-GOLD system 81
23421920100442  BT-GOLD system 81
23421920100443  BT-GOLD System 81
23421920100444  BT-GOLD System 81
23421920100445  BT-GOLD System 81
23421920100446  BT-GOLD System 81
23421920100447  BT-GOLD System 81
23421920100448  BT-GOLD System 81
23421920100449  BT-GOLD System 81
23421920100450  BT-GOLD System 81
23421920100452  BT-GOLD System 81
23421920100453  BT-GOLD System 81
23421920100454  BT-GOLD System 81
23421920100455  BT-GOLD System 81
23421920100456  BT-GOLD System 81
23421920100457  BT-GOLD System 81
23421920100458  BT-GOLD System 81
23421920100459  BT-GOLD System 81
23421920100460  BT-GOLD System 81
23421920100461  BT-GOLD System 81
23421920100462  BT-GOLD System 81
23421920100463  BT-GOLD System 81
23421920100464  BT-GOLD System 81
23421920100465  BT-GOLD System 81
23421920100466  BT-GOLD System 81
23421920100467  BT-GOLD System 81
23421920100468  BT-GOLD System 81
23421920100469  BT-GOLD System 81
23421920100472  BT-GOLD System 72
23421920100473  BT GOLD System 73
23421920100474  BT-GOLD System 74
23421920100475  BT-GOLD System 75
23421920100476  BT-GOLD System 76
23421920100477  BT-GOLD System 77
23421920100478  BT-GOLD System 78
23421920100479  BT-GOLD System 79
23421920100480  BT-GOLD System 80
23421920100481  BT-GOLD System 81
23421920100482  BT-GOLD System 82
23421920100483  BT-GOLD System 83
23421920100484  BT-GOLD System 84
23421920100485  BT-GOLD System 85
23421920100486  BT-GOLD System 86
23421920100487  BT-GOLD System 87
23421920100490  BT-GOLD System 81
23421920100491  BT-GOLD System 81
23421920100492  BT-GOLG System 81
23421920100493  BT-GOLD System 81
23421920100494  BT-GOLD System 81
23421920100495  BT-GOLD System 81
23421920100496  BT-GOLD System 81
23421920100497  BT-GOLD System 81
23421920100498  BT-GOLD System 81
23421920100499  BT-GOLD System 81
23421920100513  ENQUIRY SERVICE
23421920100515  HOSTESS public Info Base
23421920100530  HOSTESS closed access
23421920100555  FTP
23421920100600  MULTISTREAM INFORMATION REPORT
23421920100605  ATOMIC CLOCK
23421920100606  ATOMIC CLOCK
23421920100620  PSS ONLINE BILLING INFORMATION SERVICE
23421920100630
23421920100632  TACL
23421920100634  TACL
23421920100655  FTP
23421920100657  FTP
23421920100659  FTP
23421920100660
23421920100662
23421920100690  fax
23421920100691  fax
23421920100692  fax
23421920100694  fax
23421920100700  fax
23421920100701  fax
23421920100709  fax
23421920100710  fax
23421920100711  fax
23421920100720  fax
23421920100721  fax
23421920100730  fax
23421920100731  fax
23421920100740  fax
23421920100741  fax
23421920100750  fax
23421920100751  fax
23421920100761  fax
23421920100770  fax
23421920100771  fax
23421920100790  fax
23421920101699  fax
23421920115600  EUROPEAN SPACE AGENCY 'ESA'

D A T E X - P   26245400030xxx Sprint, By:     ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the depths of - THE REALM -                                   01/02/1987
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

26245400030029
26245400030035   fax
26245400030041
26245400030046
26245400030071
26245400030090   HP-3000
26245400030104
26245400030105
26245400030110   host
26245400030113   HP-3000
26245400030138
26245400030150
26245400030158
26245400030175
26245400030187   WILLKOMMEN BEI E2000 HAMBURG VAX
26245400030201   HASYLAB-VAX 11/750  VAX/VMS 4.2
26245400030202   HERA MAGNET MEASUREMENT VAX 750
26245400030215
26245400030259
26245400030261
26245400030296   DFH2001I
26245400030502
26245400030519   fax
26245400030566   DFH2001I
26245400030578   PRIMENET 20.0.4 DREHH

D A T E X - P   26245621040xxx  Sprint, By:    ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the depths of - THE REALM -                                   09/01/1987
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

26245621040000  TELEBOX
26245621040014  ACF/VTAM
26245621040025  OEVA COMPUTER BEREIT
26245621040026  host
26245621040027  BASF/FER VAX 8600
26245621040508  VCON0 BASF A6
26245621040516  CN01
26245621040532
26245621040580  DYNAPAC MULTI-PAD.25
26245621040581  DYNAPAC MULTI-PAD.25
26245621040582

D A T E X - P   26245890040xxx  Sprint, By:    ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the depths of - THE REALM -           09/01/1987   Last Update: 29/02/87
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

26245890040004  ALTOS  UNIX V  (Chat system)
26245890040006  M&T
26245890040081  NOS SOFTWARE SYSTEM   MUERCHENER RECHENZENTRUM
26245890040185  fax
26245890040207  IABG  DETEZENTRUM OHOBRUNN
26245890040220  host
26245890040221  host
26245890040225  QNTEC MUNICH  UNIX 4.2
26245890040262  BDS UNIX
26245890040266  fax
26245890040281  DATUS PAD
26245890040510
26245890040522  PLESSEY SEMICONDUCTORS  VAX
26245890040542

D D X - P   44013612xxx    Sprint,  By:     ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From The depths of - THE REALM -                                  01/04/1987
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


44013612065  TWICS BEELINE VAX
44013612225  UNIX
44013612272
44013612277  ULTRIX
44013612599

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
T E L E P A K    2405000xxx Sprint   by an unknown hacker
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

2405000004 RAM
2405000005 RAM
2405000007 NETVAL - Version 2.02
2405000010
2405000012
2405000013 BAD XRAY
2405000014 BAD XRAY
2405000015
2405000016 ELF VERSION 4.0
                Valid commands are:
                COPy
                CReate Node
                CReate Slot
                CReate Partial
                DEVice
                DIrectory
                DUmp Node
                DUmp Slot
                DUmp Partial
                Gateway
                Help
                LOAd Node
                LOAd Slot
                LOAd Partial
                LOCate
                MESsage
                Quit
                REStart
                 The following commands apply to DISK only:
                CONdense
                DELete
                Format
                REName
                 The following commands apply to TAPE only:
                SKip
                REWind
2405000018
2405000020
2405000021
2405000025
2405000030
2405000031
2405000032
2405000033
2405000034
2405000035
2405000042
2405000044
2405000046
2405000050
2405000051
2405000053
2405000055
2405000057 inter-link established from DATAPAK to TYMNET
2405000087 >>>  DATAPAK  <<<
2405000089
2405000091
2405000099
2405000101
2405000103
2405000105
2405000107
2405000111
2405000113
2405000114
2405000116
2405000119
2405000121
2405000122
2405000123
2405000124
2405000131
2405000133
2405000135
2405000137
2405000162
2405000165
2405000169 Computer Resource Services AB
2405000171 TSL Data AB, DECSYSTEM 2020 #1
2405000173
2405000202 (: PROMPT)
2405000236 not a valid user on this system
2405000237 not a valid user on this system
2405000239 not a valid user on this system
2405000243 host
2405000254
2405000258 SKF GROUP TELENEt
2405000260 ANGE L\SEN
2405000264
2405000267
2405000269
2405000278
2405000279 not a valid user on this system
2405000280 not a valid user on this system
2405000281 not a valid user on this system
2405000282 not a valid user on this system
2405000288 not a valid user on this system
2405000289 not a valid user on this system
2405000290 not a valid user on this system
2405000291 not a valid user on this system
2405000292 not a valid user on this system
2405000293 not a valid user on this system
2405000294 not a valid user on this system
2405000411

T R A N S P A C   208075000xxx Sprint, By:    ---===} THE FORCE {===---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the depths of - THE REALM -                                     05/04/1987
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

208075000039  host
208075000059  CICS
208075000062  VOTRE DEMANDE
208075000120

A U S T P A C   N U A S.                      18/04/1987
------------------------
The following is a listing of NUA's I came across just recently on Austpac and
most of them do not appear on any other listings.  At the time I didn't have a
NUI, so a lot of them are not identified.


222135000
222135001
222330000
222330002
222330003
222330010
222330014
222334000
222334002
222334003
222334004
222334005
222334006
222334007
222335000
222335005
222335006
222335007
222430000   PRIMENET 19.4_8B SYDN51
222430001   VAX
222430003   X.29 HOST GATEWAY
222430004   "austpac drops the line????"
222430006
222430008
222430009   CAPITAL MARKETS VCON4  MV/10000
222430010   EQUITY'S MV/10000 VCON2
222430011
222430012
222430013
222434002   C&C/EPL VAX CLUSTER
222434005
222434006
222434007
222435000
222630000
222630002
222630005
222630006
222630009
222630010
222634000
222634003
222634010
222634011
222634012
222634014   X.29 GATEWAY SECURITY CHECK
222634015
222930000
222930001
222930002   X.29 HOST GATEWAY
222930004
222930005
222930006
222930011
222930012   PRIMENET 19.4.10q SYD
222930014
222930015
222935000
224121006
224223000
224223002
224323000
224422000
224422006
224423000
224822000
224922000
224922004
226022001
226035000
226334002
226334003
226335000   API VIDEOTEXT
226335003
226335004
226335005
226335007
226335009
226435000
226435002
226435003
226935000   MAYNET
226935004
227334000
227335000
227434000
227934000
227934001
227934002
228022000
228121000
228121002
228123000
228621000
228621001   VAX  PING EPPTSA

When you get a RNA error, it means you need a NUI to access the system.
If accessing via another PAD just use the proper format as explained earlier.
I'm working on a complete list of a Austpac NUA's along with MIDAS ones, but
that will take some time.
              Catch Ya Later
                     ----====} THE FORCE {====----

L O C A T I N G    P T S N   N U M B E R S
-------------------------------------------

If you ever have a need to locate an online system belonging to a particular
company, it can be a very tall order to fill.  However there are few things you
can do which will help, although success is not guaranteed.

1>   When a Company sets up a data line, It must be registered by telecom to
     be legal. (Isn't it great to have a friends working there ey?)  All data
     lines are classed a FAX lines, and unless telecom has been specifically
     instructed not to list the number in any public listing, you will most
     probably find it listed in the FAX DIRECTORY, which is available from
     Telecom.  It's an equivalent of a phone book with only data lines listed.
     So, just grab a copy of the directory and look up the company. Chances
     are that it might be there.   One can even find BBS systems in there if
     they have been registered by the Sysop.

2>   When a company sets up their phone network, they usually plan ahead and
     a lot of times when they get voice and data lines assigned, they will
     be very close together in value.  So, simply look up the victims voice
     line and try a few numbers lower and higher than the voice number.
     Again there is a chance of comming up with something.

3>   The last resort, is scanning phone numbers in series for a carrier tone.
     It can take a lot of time, and be very expensive, since we just can't
     use the same hardware to make toll free calls like they do in the USA.
     There is a feasable way of doing though. A lot of systems will answer
     after the first few dial tones, so set your demon dialer program to
     dial a number, sit there for only a few ring tones and hang up. The
     longer you let it ring, the more accurate it will be, but more costly,
     if people have enough time to pick up the phone. If you let it ring
     about 3-4 times and you have your scanner going at 4am, you should have
     very few problems, either with accuracy and finance.  There are some
     fancy alternatives like tapping another line, using a phone box etc,
     but they are too messy.

OBTAINING PASSWORDS, INFOLTRATING SYSTEMS
------------------------------------------

There are a few methods available which you can use to get into systems.

1>   The most common and by far the least successful in regards to the
     amount of time waisted is the ole front line security warfare.
     It basicaly means physically trying to guess a username/password
     pair for the system trying random, but logical combinations, or using
     prior knowledge of the system, ie DEFAULT ACCOUNTS, USERNAME STRUCTURES
     etc.  A Sophisticated Sprinter can be a great aid, but it's a good idea
     to have some prior knowldge of username formats. A system that will
     actually tell you that a username is invalid, before you enter a password,
     is as good as hacked.    Some PRIMENETS, VM/370's and TOPS-20 systems are
     about the best examples.

2>   Many systems, particularly new ones, tend to have weak points in their
     front line security which you can use to gain access..
     Here is a small list which I have found, but there are many more.

        -  TOPS-20 Systems have a FINGER command before login, which can be
           used to examine files, mail etc, without the knowldege of a
           Password. They also have a SYSTAT command which lists the online
           users which can be used before you login. A lot of them have now
           been changed and the FINGER command removed, but still there are
           a few out there.

        -  PRIMENETS,  These had a few weak points in the early versions, but
           a lot of them are now non-existent, if they are running later
           versions of PRIMOS. It's still a good idea to know about them,
           because I have found few systems which have not been updated.
           Ok, when you are prompted for a password on the old primos, and you
           have a legitimate username, typing CTRL-C for password, can give you
           access. Another weak point of most Primenets, are the Default
           accounts, mainly TEST, which often have no need for
           a password. To crash the system from captive mode into primos,
           CTRL-P pressed several times will often do the job.  CTRL-P when
           pressed in the right spot will crash into Primos.  You will have to
           spend a lot of time finding the right spot, but every primenet I
           came across was crashable.  I don't usually give this out, but
           concentrate on the captive communication module.

        -  UNIX's  have got so many holes in them that it's really not funny,
           but to make use of them, one needs to get inside first and there
           are dozens of defaults to choose from. More about that later.


3>   SOCIAL ENGINEERING.   Yes, my favourite one.  The term has originated
     in the USA and means BULLSHITING PEOPLE to get them to hand over their
     passwords quite willingly.  If one is to attempt this art, one needs the
     tools. These are mainly an ADULT voice, since a teenager will get
     nowhere, and the ability to plan out the conversation and anticipate
     every responce. Let me give you a few examples:
     You all know that AUSTPAC NUI's a hard to get, so why not have some dumb
     secretary give one to you. Firs of all find a victim. The Melbourne
     University Library is a good one. Next get a few facts together. Ask
     yourself a few questions.  Who am I?  'An Assistant Austpac Operator' Pick
     a real name from the phone book, jot down the number, address and
     have it ready if needed.  Why Should the Victim give you his Accounts?
     'Basically, because there has been a stuff up with Austpac and the last
     six digits have been lost and you need them to identify the user' just
     talk about some technical bullshit about the structure of NUI's, how the
     billing computer stuffed up and how your arse is going to get kicked.
     Its a good idea to ask the person to come down to the main office.
    (you know all the details, and so you must). Then suggest the
     possibility of fixing it all up over the phone. If it's a jerk, you'll
     get it on the spot, if not, give him a number to call back. Ie a PHONE
     BOX around the corner. And that's all there is to it.   You will be
     surprised how co-operative people are.
     The same principal can also be used in few other situations. There is no
     reason why a system operator can't change the password of another
     user for you. This was basically my introduction to the art of SOCIAL
     ENGINEERING and this is what took place:

     I hacked a Dialcom System 41, which me and a lot of YANKS were using to
     call ALTOS and other systems. Unfortunatelly, it died for reasons I am
     still emebarrased about. This is what we did.
     I knew that the real user wasn't on the account all that often, so she
     would have not yet known about the death of her account.  Fortunatelly,
     we had a hard copy of the user list in her UFD series and of her mail.
     (I THINK THIS IS A GOOD TIME TO STRESS THE IMPORTANCE OF RECORDING EVERY
     BIT OF DATA YOU GET FROM A SYSTEM.  IT'S ALWAYS USEFULL AT SOME STAGE IN
     THE FUTURE.  IF ONE IS FORTUNATE TO HAVE A HARD DISK, SIMPLY SAVE
     ABSOLUTELLY EVERYTHING YOU DO ONLINE, BUT TAKE SOME PRECAUTIONS FOR
     OBVIOUS REASONS)
     The first step was to find her details. Ie Address, Phone number, and
     Christian NAME.  We rang up the operator to give us a listing of all
     AUGUSTINES in the aproximate area as deduced from the mail. There were
     only a few so we went through them. No luck, she had an unlisted number.
     Ok, so we called a CNA (CNA is like a information directory, but used by
     the phone companies emploees only. CNA = Customer Number/Address I think.
     Unfortunatelly I never came across an Australian CNA, but you can bet
     they're out there), but the number had been changed, so we rang up a
     friend who was mentioned in the mail.  MRS  M.AUGUSTINE worked for NASA
     so TRADER introduced himself as some important figure in the NASA
     organization and we got all the details we wanted. All we had to do then
     is ring up DIALCOM and get them to change the password. We said that
     the wife was in GERMANY using DATEX-P and that she can't get onto
     her account, where some important mail was waiting for her.  Naturally
     the password was changed on the spot and no information of any sort
     was requested.

4>   Trojan Horses are another way of getting passwords.  It basically
     involves the simulation of another system login and setting up a few users
     to take the bait. Ie, Stick your computer onto a phone box at a time a
     person is likely to call, give that person the number. Ie it has been
     changed or it's a different system with faster responces thus saving
     online time etc. Then have your computer to simulate the real login and
     that's all there is to it. This is a very primitive trojan and I will talk
     more about them later on and tell you how to set up a few of them on
     DIALCOM systems.

A Most Important thing is to make sure that once you get into a system, you
are there to stay, or the effort would have been more or less waisted. Always
get all the information you can. Mail, Usernames and any information on the
other users. Basically anything the system has to offer, no matter how
insignificant it may Seem at the time.


DEFFAUL PASSWORDS, VAX, UNIX, PRIMENET, DIALCOM
------------------------------------------------

There is a large variety of systems, but a lot of them have got common
accounts.  It is always a good idea to try hacking usernames such as
TEST, DEMO, GUEST, VISITOR etc, using the most basic and easilly remembered
passwords you can think off.  Deffault accounts are very usefull indeed
and here is a basic rundown of a few major systems:

VAX
----

When you encounter a VAX, trying the following may prove quite successfull.

USER/USER, GUEST/GUEST, GAST/GAST (if in europe), FIELD/SERVICE, FIELD/TEST,
SYSTEM/MANAGER, SYSTEM/OPERATOR, SYSTEM/SYSTEM, SYSTEST/TEST, SYSTEST/SYSTEST
SYSTEST/UETP.

Also try them in lower as well as upper case, if the system does not
translate lower to upper case.  If you are lucky enough to get an account
with full privs, namelly SYSTEM/MANAGER, or FIELD/SERVICE, look at some of
the user names, ie  SHOW USERS command, and create your own username of a
simmilar format so that it blends in with the backround. To do that, run the
ADDUSER or AUTHORISE program in the SYS$SYSTEM directory, I don't think I
need to go into any more detail since there are literally hundereds of good
files on VAX systems.
If you come accross a captive account, ie you are not allowed direct access
into DCL (Digital Command Language), typing /NOCOMM can prevent the execution
of certain login files which may prevent you from accessing DCL or lower your
access level.   Example Login:

Username: USER/NOCOMM
Password: USER

$

There is one other important thing about VAX's that is not mentioned in any
VAX tutorials I have seen. Some systems are equiped with a X29 gateway or
PSIPAD as they refer to it. It's basically what the name suggest, a gateway
to PACKET SWITCHED NETWORKS.

To activate it, type:

$ SET HOST/X29

And the system should respond with 'Node:'  You will then find out if the
PSIPAD is installed and whether you have the privs to make use of it.

END
END