💾 Archived View for spam.works › mirrors › textfiles › hacking › shaprot3.txt captured on 2023-06-14 at 16:56:47.
-=-=-=-=-=-=-
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
SWEDISH HACKERS ASSOCIATION PRESENTS
1990 THE 3rd PROTOCOL 1990
EDITORS : LIXOM BAH
: MR BIG
: PHEARLESS
: THE CHIEF
ALL TEXTS IN THIS REPORT IS CONTRIBUTIONS
BY ORIGINAL MEMBERS!
THANX TO EVERYONE'S CO-OPERATION AND SUPPORT
THIS PUBLIC DOCUMENT IS NOW IN YOUR HAND.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
INTERNATIONAL HACKERS ASSOCIATION'S HEADQUARTERS
##-###-##### TOUCHDOWN BBS (SW)
##- #-###### INTERPOL II (SW)
##- #-###### PROJECT ATHENA (SW)
(ED'S NOTE: No telephone numbers are included in the PUBLIC VOLUMES)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-INDEX-
EDITORS INTRODUCTIONS......... 01
Editor's Page #1........ 02
Editor's Page #2........ 03
Editor's Page #3........ 04
Editor's Page #4........ 05
Hacking Rules & Advice........ 06
Cray & IBM In Sweden.......... 07
S.H.A. Member Busted.......... 08
Unix Security................. 09
Are you a Homocidal Maniac?... 10
Brittish Hackers Blackmail.... 11
The New HQ.................... 12
University Hit By Hackers..... 13
New Hackergroup Busted........ 14
New NETwork Soon Here......... 15
Telco Traces Calls............ 16
Terrorists Handbook found..... 17
New Wave Of Computer Coups.... 18
Datema-Company Sold........... 19
S.H.A. Visited ESA Computer +. 20
How To Keep On Hacking........ 21
Storytime! 'The BIG system'... 22
Editor's Final Notes.......... 23
How to contact S.H.A.......... 24
Credits and THE END........... 25
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-1-
()()()()()()()()()()()()()
()() INTRODUCTION 1991 ()()
()()()()()()()()()()()()()
Welcome to another interesting and stunning protocol from S.H.A. - The
leaders of True Hacking in Sweden today! The Only True Organization that
keeps the old and genuine way of hacking. We have collected the finest and
best writers for this issue, and have some nice and special views, tips,
reports, stories and jokes for you, the reader. This is the Only Series
that is released to the general public, which means that nothing is signed
under real names or handles and that no direct phonenumbers are published,
though for those who consider themselves hackers, we have a modem 'mailbox'
where you can contact us (see the end of the file).
By keeping a steady contact with our friends in the United States in the
'scene' we have learned and experienced a lot, been there when the busts of
the FBI Operation SunDevil raged trough the underground world, watched BBSs
go down, and come up again (if lucky). We have seen a new and very special
bulletin board system where Feds and Hackers can discuss and change views,
as well as share their own thoughts about their hobby, classified 'illegal'
by the counterpart. We have seen the 'carding' scene vanish through tough
and sometimes cruel work by the feds, and as an effect of this, the hacker
scene suffer as well. If you called underground boards in The States a
couple of years ago, and went back today, you would be in a state of shock.
You won't find a genuine HACKER ONLY underground board anywhere! They have
Sports, Tv reviews, Music, Classifieds, Religion, Politics, Ads, Technique
and this goes on and on and on until at last, if you're lucky one or two
small and unused hacker subs. You start to scan through the sub, only to
find that the last message was written about two to five months ago,
regarding anything but hacking. This is truly a sad development 'over
there' because when we here in Europe are breaking new barriers and
stretching out to the 'big country in the west', we can't find people with
similar interests who are active, or seem to be active anymore.
I guess this is how it really is today, but we all know that Hackers
are reluctant to make 'new' friends, or admitting that they really Are
hackers, which is the correct way for a hacker, but in my last two years
in the underground scene in America, I thought I would finally see some
people 'lighten up' and talk to me about hacking and it's effects, but I
am now ready to give up, because I haven't seen nothing yet!
Well, that's my point of view from the American Underground today, let's
go on now with this issue of THE 3rd PROTOCOL. As I said, we have all kinds
of stories, tips and treats for you, so just relax, get a nice cold coke,
switch on MTV with Yo! MTV Raps & Fab Five Freddie and read this cooooold
chillin' issue. PEACE!
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-2-
PAST AND PRESENT
The year that have passed have been very critical in many ways. We have
tried to get more serious members by tough advertisments and by keeping a
low profile without any results. We are open to new members, but they have
to be serious, and have to follow some kind of rules, what you can, and what
you can't do I mean. Such persons are hard to find in Sweden today, let me
tell you. It seems like those who already are members are the only ones
left in this country. It is a sad statement, but until we find new members,
that is the truth. I would personally like to see a more qualified bunch of
people who enjoy and respect the world of hacking, who see the excitement
and the pleasure of bending that 'door' and look into the world of computers
and systems whithout having to break and trash them and going to a genuine
state of illegalities. I don't find Hacking a criminal act as long as I
don't trash, crash, take or alter files and programs on the systems I hack.
It is a sport in a way, and a search for knowledge in another and the only
competition I have is the people who have made the security on those systems.
I don't respect people who don't know what they're doing when hacking and
the same goes for people who crash systems and still call themselves
'hackers'.
I don't respect newspapers or journalists, who add the word 'hacker' to
every goddamn headline when talking about something else as long as it is
about computers and crooks, just to make the whole article more interesting.
Another sad statement here is that they jyst don't know what they're talking
about. They have no education in computers or areas close to computers. The
only education they have is a journalistic one, and that's not enough it
seems.
The other critical area, is the more illegal branch of the underground
computer world. You probably have heard the word 'carding' before, but not
in the way someone within the underground have or have experienced. One of
our members got caught this year because of carding. That person just broke
the limits and overdid it. If someone tries to make you 'card' something
or tries to teach you how to do it; Don't! I don't recommend carding to my
worst enemy even. It is too risky and too illegal to get involved into.
Although Sweden is far behind the Big Hacker Country in the west, both in
ordinary Hacking and Carding, we have the same laws when it comes to Carding.
The law is very strict here, and will never look the other way in these
matters. If you followed another case about a year ago, you read that they
got a very generous sentence; just small fines, and all of them didn't
make it that far even! One of them went out of there without any charges
at all. Just don't think that You will get away that easy these days. The
Police and the swedish FBI (SAPO) are tougher and the creditcard companies
are changing their security, allowing the companies who recieve orders
to check almost everything. The Customs are close to the Police and will
not accept a 2 by 2 meter large package go through with a 'worth 500 SEK'
stamp on it without checking the sender, the reciever and the package
closely. And the swedish VAT (MOMS) is now at 25% which makes the price
You pay on arrival very high (if you make it that far). Now those who
are into this kind of thing says 'That's easy! Just order it by FEDERAL
EXPRESS and everything goes on the creditcard!', that is true, I don't say
that it doesn't, but the companies that use FEDERAL EXPRESS seem to be
larger, have more money to check all creditcard orders, and have the
power and money to contact the Federal Bureau of Investigations who contact
their collegues in the country the order was placed, and follow the whole
thing trough. They have money, time and enough background to prosecute.
The final word here is just; Whatever you do, Don't! It's not worth it!
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-3-
DIFFICULTIES
It IS difficult to find experienced hackers! This is the truth. We have
tried to find these persons by 1) Letting them come to us, and 2) Go out
advertising on public boards (This could be discussed being a smart move
or not).
None of them have resulted in more members in the SHA, only that more
Novices (With a capital 'N') have contacted us. This may not sound as
serious as it is! Hackers Must go together with their experiences and
knowledge to hack the most heavily guarded and secure systems. This will
be the only way to even have a chance to beat future systems.
Also, a big group of hackers who 'Know What They Are Talking About'
manages to come up with more ideas, and of course, more contributors to
informative textfiles like this one.
Another thing is also that more hackers can collect more new happenings,
because it's (still) happening very much on the computer/modem scene,
and it takes a lot of people to keep up with the computer systems fast
developments.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-4-
NEW AND CLASSIC NEWS
WATCH OUT!
==========
5 years in prison, that's what could happen to hackers in Great Britain
nowadays. A new law have been introduced that will make it much more
dangerous to hack computersystems, but since almost every other european
country already have this law, I think it will make no difference in ac-
tivity from our great friends.
The law says that if you enter a system in an illegal way, you could get
6 months in jail, or fines up to $4000 but if you enter the same system,
but only with DESTRUCTION in your mind, you could be punished with up to
5 years in jail.
UNIVERSITY HACKERS CHARGED
==========================
1990 February
Two youngsters have been arrested for illegal use of a computer at a
Swedish university. Last winter they made a successful hack and searched
for information about grades and tentamen-results. Both hackers risk
fines, and they have to pay the university $1500 in damage costs.
- I didn't think the school had so much to learn me, said one of the
students.
Instead he hacked his way into the administrative computer system. But
due to a mistake from his side, the school-staff was warned and they un-
derstood that a unauthorised user had been in their system. The same ev-
ening, one of the system operators started his hunt for the hacker.
After a while the hacker was traced to one of the computer rooms at the
university. The operator was quite sure he had found the right person,
but he had no evidence. When one of the hacker's friend called the univ-
ersity from the outside, the call was traced, and the game was over.
American Hackers are developing a chinese VIRUS!
================================================
Some months ago I read an a newspaper, and suddenly I saw an article
about communism, and above the text, there was a picture of some
youngsters sitting by their computers. Interested as I was, I started
reading.
I read that some American hackers had plans to construct a virus, that
should be spread on the nets in China. The virus was supposed to be a
destructive one, it was going to erase all data it came in contact with,
and write
LI PENG SUCKS! (That's the prime-minister in China)
SIX PERSONS SUSPECTED FOR FELONY COMPUTER CRIME
===============================================
Six hackers between 18 and 20 years old, are suspected for extensive
computer swindle at the Swedish University in Linkoping. They had hacked
the password to the universitys databank, and caused damage for at least
$13000. The persons at the university got suspicious when they got a
phonebill on $15000 HIGHER then the normal, and called the police.
Trial is waiting.
GERMAN HACKERS CONVICTED FOR ESPIONAGE
The first hackertrial in German history started in February-90. Three
hackers got conditional sentences, because they had had entered some
military systems and then sold the information to the KGB.
The court in Celle outside Hannover, found all three guilty to the
crime. The both hackers Markus Hess and Dirk Brzenzinski had hacked
their way in into both military and commercial nets in USA, Europe
and the Orient. The affair gave them $60000. The third man, Peter
Carl, who worked as a croupier at a casino, where supposed to act as
the contactman. He went to Berlin, where he passed the disks with
information to the KGB.
Earlier there was also a 4th prsecuted, but he took his life in 1989.
An American programmer reacted when a bill came to an account that
didn't exist. The programmer suspected hackers, and spent one year
on an investigation. And after that, he got them on the hook.
(The bill was on 80 cents.....)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-5-
HACKERS...
One word that the media have made an ugly word. The media view of hackers
is that they only want to steal information and destroy information if
they can. More or less, they work for the KGB.
What could be more wrong? Hackers are people who are only interested in
penetrating secure systems. Of course there are always people that
might destroy information, but they are often people who are novices
when it comes to real hacking and don't know much about it. Why should
anyone want to destroy information just to be discovered and kicked out,
if they want to use the CPU?
Unless the media start to write about how it really is, I think that they
more or less will influense young novice hackers that they should behave
like that, and then we will have a dissaster when these people learn how
to get access to systems.
And because of this bad publicity the police are spending more money on
trying to trace down hackers who only want to learn more.
I think we few real hackers have a hard time before us. Our golden days
were a couple a years ago.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-6-
HACKER RULES AND ADVICES
a fast guide to make LESS mistakes when IT happens.
* If you get to a system you don't recognize at all, store as much
text you can, WITHOUT LOGGING ON and ask someone who you think knows
more about it.
Note: Ofcourse, you don't give anyone who knows less than you the
number.
* A Hacker is always trying to get as much access as possible on the
systems s/he have hacked into.
* Remember, a number to a system that you've found on a public BBS
could be a trap just to bust someone like YOU.
* To create new accounts:
- Never do this when there's top 30 users.
- Let the new user's name be in the middle
or maybe in the end of the user list. (Mostly alphabetical)
- Avoid creating a new user by refreshing an old, dis-used
username, (like: Last login 21-JAN-1987)
* If you note a new command or a new instruction, store all text
available from help menues and similar, and ask someone who you
think knows more.
* If a system you use to call has been modified or maybe updated,
store text and ask somebody.
* If you are planning to do something on a system you NEVER have done
before, and you're not sure about Everything about it... Don't do
it. ASK someone more experienced to get further advices.
* Remember: The bigger company, the bigger the chance is that they
- trace calls with 'odd' behaviour
- have unique security-systems and routines
- have a lot of active users
* MOST systems stores ALL faults and errors you cause (typing fault,
access violations). So if you don't know what you're doing by
100%, don't do it.
* Never even START hack a system you don't know how to handle in some
way. The only exception is systems who doesn't introduce themselves.
* When you've hacked into a system, do the following IMMEDIATELY
1) Open your capture/buffert for incomming text
2) List the logged in users
ALWAYS LOG OFF IF...
a) ... any kind of System Operator is logged on.
Note: On some systems, the System Operator's console is
always logged on to the system.
b) ... there's any kind of Project Manager logged on.
c) ... another user with 'your' name is logged on.
GO ON IF...
a) ... you seem to be alone, or only normal users are logged on.
3) If you have system privilegies, try to shut off (Not DELETE!)
the (if any) system logs.
4) Capture EVERYTHING in the help menues or similar. IMPORTANT!
5) Try to list all available directories (or all directory names,
if nothing else is possible), no matter how many they seem to be.
6) Get as many other usernames as possible.
REMEMBER:
a) Never send letters or phone any other users through the system,
before you have EVERYTHING under control.
One exception though, when you are trying to 'fool' some users
to give them more usernames or/and passwords for projects etc.
* If you get in on a user and you of some reasons know that you WONT
get back in again ('forgot' the password, got 'thrown in'),
follow the whole "When you've hacked into a system..." EXCEPT the
ALWAYS LOG OFF IF... at 2).
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-7-
[SUPERCOMPUTERS]
[CRAY X-MP/48] [IBM 3090-600J/VF] [ETA10]
Sweden have these computers (which I guess you might recognise). Two of
them are in use, and the third (ETA10) is now taken out of service to be
shipped back to the United States, and as a hacker, you realise the power
and the pleasure of hacking one of them. Therefor I've written a little bit
of information for you to drool on.
-=* COSTS & PRICES *=-
Well, this is a matter of HUGE amounts of money we talk about here.
SE-Banken (a bank here in Sweden) and Wallenbergsstiftelsen financed the
Cray X-MP/48 with an amount of 59 Million Swedish Crowns (about US$
10.000.000 (US$ at 5.80 SEK) and the IBM 3090-600J/VF was paid with donated
money (no information from whom). The price? A small sum of 150 Million
Swedish Crowns (about US$ 26.000.000). Handelsbanken (another bank) finaces
the scientists 10.000 CPU-hours / year with 15 Million Swedish Crowns (US$
2.600.000). If you want to use the IBM, you'll have to pay between 15.000
and 20.000 Swedish Crowns per CPU-hour. The Cray is a bit cheaper to lend
at 7.000 Swedish Crowns per CPU-hour.
-=* OWNERS *=-
Who have got the money to run these machines? The IBM is owned by
Kommunen (the local government) and a company called NorrData and the Cray
is owned by SAAB, who gets 25% of the capacity in exchange for paying
running costs.
-=* USERS & USED TIME *=-
Users of these two sofisticated systems are mostly scientists, but also
two big universities, namely UMEA and LINKOPING. The local government in
Skelleftea use the IBM for salary payments on the side of all science
projects, and like stated above, SAAB have 25% of the capacity on the Cray.
These computers are not used to their full capacity today. If you make a
scale, you would find that the IBM is have 60% administration, 30% resurch
and the final 10% is sold to the industry. The Cray on the other side have
75% universities, and 25% SAAB. But these figures just show how much time
that is disposed, not how much is used. All scientists who wants to use
these computers are granted access today, perhaps not the amout of time
they want, but still access. There is a need for more users and companies
to make these computers worth the money, time and effort to have them
running.
-=* SECURITY *=-
The American export-control authorities have restricted Sweden for
export of these machines to the East (which is understandable). In Sweden,
the rules is decided by Forsvarets Materielverk (Military), and include
several restrictions about foreign users (certain nationalities) who are
not accepted and therefor can not use the computers. Accepted users are
supplied with a special authorization-card and an equipment that generate
passwords.
-=* THE FUTURE *=-
Today, the most reason companies and users give when asking why they
don't use these computers more or at all, is that they are not running
under UNIX or some kind of operating system that is portable from other
systems. Therefor, these computers will have unix-similar operating systems
very soon, to allow new and more use and portability of code and programs
from smaller computers and systems.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-8-
=================
SHA MEMBER BUSTED
=================
In October-90 a S.H.A. member was brutaly busted, and charged
for creditcard fraud and illegal attemps to enter some
computer-systems here in Sweden. The member spent 46 hrs in
an isolated cell at the central Police Headquarter in
Stockholm. While he was questioned, the police searched his
house twice.
- When I finally got home, I nearly got a heartstroke, some
of my computer equipment was taken, and the worst thing of
all, they had taken ALL my dumps, printouts and notes as
evidence, says the busted hacker.
<<More about this bust can be read in another S.H.A. release>>
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-9-
UNIX SECURITY
Unix is a very open OS and have many flaws in the security because of this.
The first security hole is the /etc/passwd file that any user can read and
that contains the encrypted passwords.
It is very easy to write a small program that use crypt(3), the internal
unix cryption routine, to scan all accounts for common passwords or to match
against a dictionary. The one that unix have, can be used.
Newer unix versions like AIX, the IBM version, don't have the passwords in
the /etc/passwd, since they are stored in a non-readable file since the US
Defence C2 doesn't allow users access to encrypted passwords.
It is even possible to re-create a password through the encrypted version,
or atleast get a limited number of passwords to try.
Impossible, you might say. The passwords are one-way encrypted!
Yes! They are... but you also have more then one password that gives the
same encrypted result since you lose information when you are encryting the
password. You can go the other way and get about 4096 possible passwords
and then only match these against /etc/passwd. This is a great advantage
over scanning all possible combinations of root passwords in the standard
way might take a year or so before you hit.
The hard part is to get your hands on crypt(3)-source and be able to rever-
se the encryption...
And that isn't a easy way since crypt(3) isn't written to be understood by
common people. But it is possible...
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-10-
-=*> ARE YOU A HOMOCIDAL MANIAC? <*=-
If you are one, you truly are a danger to your surrounding and should be
visiting your local shrink, very often...
Answer these questions honest to yourself, and then count together your
points.
Written by a [normal] SHA contributor.
-------------------------------------------------------------------------------
1) You are watching this movie (Texas Chainsaw Massacre I), and when the
hero (Leatherface) cuts deeeeep into some 'poor' human with his
roaring little motorised tool, what do you feel?
[a] Ohhhh, brother. Disgusting, Puke!
[b] Booo! Miserable special effects!!
[c] You start drivelling...
2) You're at a party with all your friends gathered. After a while you
(ofcourse) are fighting as hell with some stupid motherfucker that
doesn't see that you're ALWAYS right. Ok, you win and the beaten shit
runs to the door screaming "Hey, fuckface! You're lucky that I didn't
kill you!" and slams the door shut behind him.
What is your reaction?
[a] Say "The fight is over, go home now!"
[b] Scream back "Say that again and I'll kill YOU!"
[c] You take something sharp from the nearest table (knife, siccors,
vase) and run screaming after him.
3) You've just bought some bread and beer for the weekend and suddenly
you see a rifle with several boxes of ammo in an unlocked car.
What do you do?
[a] Goes home without thinking more about it.
[b] Steal it, to sell it off later.
[c] Drops everything you hold, open the car door, takes out ALL boxes
of ammo and load the rifle. And then you go around shooting
moving targets all the day (Cars, people, playing children, cats,
dogs).
4) You are driving down your street, and you see a woman and her two
daughters waiting to go across the street. How do you react?
[a] Stop your car to let them go across the street.
[b] Stop your car to let them go across the street, and roars the engine
just to frighten them as they pass your car's front.
[c] Stop your car to let them go across the street, but when they are
exactly infront of your car, you smash the pedal and run over them.
5) You pass a window on the 15th floor and see somebody standing outside
the building, just at the wide open window. Your plans?
[a] Quietly sneaks away to dial 911.
[b] Says "Boo!".
[c] Says "Hello" with a friendly voice and when he turns around, you
hit him real good in the stomach.
6) What do you think about the TV documentaries about war?
[a] Nah... I don't like to see people getting killed.
[b] Good to know that it isn't faked, anyway.
[c] What I think? I RECORD them, and then watch them until the tape
fucks up.
7) You are looking out the window on the 5th floor and see 8-10 people
waiting for the bus, just below your window. Your actions?
[a] Go back into the room and watch the games.
[b] Get a 5 gallon bucket of water and throws over them.
[c] Fill the same 5 gallon bucket with a gasoline/soapflake mixture
and lighten it just as you throw it out the window.
8) A friend owes you 5 bucks, and he haven't payed them back YET!
[a] Phone him and ask if I can get my money back.
[b] Phone him and DEMAND him to give the money back!
[c] Phone him and tell him to say his last prays.
9) You accidently hit a deer when you are driving to your work.
What do you do now?
[a] Go out and try to save the poor animal.
[b] Go out and hit it over the head with the jack.
[c] Go out and kick the bloody creature to death.
10) Your next door neighbour have a big (BIG) swimmingpool, and EVERY
weekend he have BIG parties with at least 100 people invited, and
it's a hell to get some sleep the whole Friday and Saturday.
What shall you do about it?
[a] Mail him a letter which says "If you don't stop having those
loud parties every weekend, I'm calling the police."
[b] Call the cops and tell them that you've seen somebody get
raped at your neighbours party.
[c] Go out to your car and drive it like a madman through your
neighbours hedges and hit everybody within reach.
[d] Join the party.
-------------------------------------------------------------------------------
Additional questions: 1 point for No and 2 for Yes.
Do you shout HOORAY! everytime somebody gets killed in a movie?
Do you watch every splatter-rated movies more that 20 times?
Do you admire the German Leader during World War II?
Are you a collector of real, automatic weapons?
Are you dreaming of 'Shooting your way out'?
-------------------------------------------------------------------------------
[a] is 1 points, [b] 3 points, [c] 5 points and [d] 0 points.
-------------------------------------------------------------------------------
Points Rating
------------------
10- Relax, you're quite normal. Perhaps a little bit too normal.
-20 Relax you too... You still have the chance to live a normal life.
-30 Hmm... You should consider wheteher to be out on the street or not.
-40 Never, NEVER go out without 5-10 pills of valium in your pocket!
-50 You ARE a Homocidal maniac, there are no doubts.
-60 To make the world a safer place to be, commit suicide, please!
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-11-
---------------------------------------------------
& BRITTISH HACKERS BLACKMAIL FIVE BANKS IN LONDON &
---------------------------------------------------
Atleast five banks in the London Financial world, City, have according
to the magazine Independent On Sunday been the target of blackmail attempts
since break-ins into their computersystems by so called 'hackers'.
The manipulations started in May this year. To penetrate these systems
have, from the look of it, not been any problems for the pirates. They have
reached so far into the systems that they are able to creat chaos.
None of the five banks have paid, at this date, says Indipendent On
Sunday, and states that the latest discovered manipulations could be The
most sofisticated ever in Great Britain.
The pirates seem to have certain connections between them, but operate
individually and probably have no connections with organized crime.
Within the banks, they are worried that the customers confidence may be
undermined. These crimes are investigated by the police and Hambros Banks
Network Security Managements specialist in computer crimes. The chief,
David Price, said he was confident the pirates would soon be arrested.
The risk of computer crimes increase as the computer-technique develops
faster and faster. The security-routines become more complicated and takes
longer time to implement.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-12-
======================
NEW S.H.A. HEADQUARTER
======================
In February-91 a S.H.A. member is going out of the country,
and because of that, the currently S.H.A. HQ is going down.
BUT, a new board will be opened called Project Athena, and
it will contain Swedens largest Tfile-area when it's about
Hacking/Carding/Phreaking/Terrorism/Thrashing and Anarchism.
Watch out for the new phonenumber..
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-13-
SWEDISH UNIVERSITY HIT BY HACKERS
A major Univeristy in Sweden have had their unix machines used buy non-
students for a long time. They didn't know anything about it until the
novice hacker got his hands on a password to the computers from a secure
bulletin board system.
A few weeks later the system managers at the university detected that
one user hacked their computers.
The novice hacker had used rlogin at many other targets. Used FTP at
prime time and downloaded many megs of files and stored it on the
computer. He also had big jobs running on the machine that tried to scan
passwd files that he had downloaded from other machines.
That was what got the system managers attention since they lacked disk-
space. They always checked that users didn't store many files that al-
ready was on the computer in public libraries. They checked the files
and discovered that he had stored many passwd files so they started to
watch the users account.
The system managers had programs running 24 hours a day trying to guess
passwords themselves to check out their own security and at the same
time control what the users were using on the machines when no operators
were present.
Later the University decided to throw out the student that originally
had the account that was used, since they thought that he had done the
hacking. They main reason they would kick the student out wasn't because
he tried to hack, which is pretty common at Universities, but for the
small damages the novcie hacker had done.
The only way to prevent the University from kicking out an innocent stu-
dent was to expose, to the system managers, that the computers were used
by other people. So the one who had originaly cracked the passwords from
the passwd file and posted them on a board, made contact with the system
managers and explained the situation, that some passwords had been drif-
ting around and that some people had used accounts on their computers.
This stopped the University from kicking out the student, but resulted
in that the University now have their security level raised.
Now your password must include one non alpha character and be at least 5
characters long. All passwords will be changed frequently and not as
before when a student could have his password for his whole studies at
the University.
Alas.. if the novice hacker hadn't have the password all this could have
been avoided.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-14-
NEWS NEWS NEWS NEWS NEWS NEWS
NEWS ----------- NEWS
NEWS HACKER NEWS NEWS
NEWS ----------- NEWS
NEWS NEWS NEWS NEWS NEWS NEWS
NEW HACKERGROUP BUSTED.
-Used false creditcards.
Yet another hackergroup have been caught. The group is suspected to have
bought computer equipment with others creditcards. Not all hackers keep
themselves within the law's border. Now and then, articles about teenagers
who have gone over the border, are published. This time it's two teenagers
in Stockholm who have been caught and interrogated. "But our suspicions
points above all at one of them", said prosecutor Wulf Zippis at the distr-
ict attourneys office in Stockholm.
This new case, have big similarities with a case we had about a year ago
said Zippis. Then, a big hackergroup, spread all over the country, was dis-
covered. With the help of selfmade computer-programs, they could produce
creditcard codes for the creditcards MasterCard and Visa. With the help of
these codes, they then could order merchandise from foreign countries for
hundred thousands of crowns. The merchandise was ordered in fake names to
P.O boxes and adresses.
But though it involved large amounts of money, the hackergroup managed
to get away with fines and conditional sentences - that time. How it will
go this time, prosecutor Wulf Zippis wouldn't guess. "The investigations
are still in full progress. We will have to see what the police discovers".
The hacker comes from a suburb of Stockholm, is in his teens but not
legally competent. Usually, young people like this, gets conditional
sentences and not a jail sentence, atleast if they haven't got any previous
records. The prosecutor wouldn't comment on how much the hacker have spent,
but he confirms that it is of a substantial sum. A guess would be round
300.000 crowns.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-15-
=============================
======== SMALL NOTES ========
=============================
The Swedish Telecom and the State-Owned datacompany Dafa are going to
build a nation-wide teleNet called DafaNet. It will be possible for,
trough a central computer, companies to communicate directly with
different authorities. The thought is to offer the customers a wide
information-process with access to databases and electronic message-
systems. The Net is built with so called X 25-standard which makes it
possible to connect computers of a wide range of different fabricats
to it.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-16-
==================
TELCO TRACES CALLS
==================
Some months ago I decided to find out how fast the Telco could
trace the calls and the answer is terrifying. It takes approx.
2-3 seconds (local trace). And this is how I did the test:
I went to a cafe' and borrowed the telephone. The phonenumber
was clearly printed at the bottom.. (let's say 123456)
I dialed an operator and told her that I wanted a collect call
to Hong Kong.After that I gave her the phonenumber I wanted to
call, she said:
- Ok I'll have to call you back in 5 minutes. What phonenumber
are you calling from?
- Uhh... I don't know, I'm call from a borrowed phone, I said.
- Ok..hold on.
After that she pushed some buttons, and said:
- Are you calling from phonenumber 123456 ?
That little test shows how fast they trace calls....
A good advice when hacking computers is to ALWAYS dial
through outdials ...
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-17-
NEWS NEWS NEWS NEWS NEWS NEWS
NEWS ----------- NEWS
NEWS TERROR NEWS NEWS
NEWS ----------- NEWS
NEWS NEWS NEWS NEWS NEWS NEWS
THIS IS HOW YOU MAKE A LIGHTBULB BOMB.
-They found book for terrorists.
Qualified advice to terrorists exists in ordinary Swedish Bulletin Board
Systems. How to make weapons and timebombs home in your kitchen are explained
and very easy to understand. In just a couple to minutes, the two school-KIDS
Petter Aasheim and Jorg Akerlund from Gothenburg, theoretically learned how
to make nitroglycerin.
Very alarming, those who want are able to get their hands on a dangerous
knowledge, said Torsten Bjorkhede, chief of SAPO (Swedish FBI) in Gothenburg.
The superintendent at the violence division, Hasse Carlsson is also worried.
I have never heard of anything like this, he said.
It was of a pure accident that they came across this information. On a
Bulletin Board System in Kungalv, "Halla Hogia", they saw the headline -
The Terrorists Handbook. We were curious and brought home the text, the kids
said. About 100 sides loaded with real blowstuff came from the printer.
THE CHEMISTRY TEACHER WENT PALE.
First I thought that the "handbook" was cool, said Petter Aasheim. But
when he read through the material more thouroughly he changed his mind. With
this material, everyone can be a terrorist, said his friend Jorg Akerlund.
The two kids took the text to their chemistry teacher and let him read it.
Pale he said - Go immediately to the police with this. We have seen some
terrorist handbooks earlier. But nothing as detailed like this one, said
Trosten Bjorkhede. The author, an unknown American, shows the terrorists ABC
and very detailed too.
THE CHEMIST'S HAVE MOST OF IT.
All necessary substances for making explosives are listed. Most of them
are available at the Chemist's and the rest can easily be found in listed
insecticides, fotoliquids and in usual stores. If the terrorist still can't
get his hands on the necessary ingrediences, the next step is to break into
a chemical lab/school room. To be sure that the burglar doesn't miss any
vital substance, the author have included a check-list. It says "if a lock
to the lab has to be forced, the best picklock is dynamite followed by the
sledgehammer. Unfortunately, these methods make too much noise. The third
best way is therefor a set of picklocks." Thereafter follows a very thouro-
ughly described way on how to make your own picklock set. When it comes to
the explosives, everything is very detailed, almost pedantic. EVERYTHING is
explained.
SIMPLE TO MAKE A LIGHTBULB BOMB.
The author recommends the highly explosive explosive R.D.X. According to
the "handbook", it can easily be made home in the kitchen. With drawings,
the author explains how to triggers and timesettings should be done. Then
it continues on how to make package-, book-, telephone- and lightbulbbombs.
It says "An authomatic reaction when you enter a dark room, is to light the
lamp. Though that can be very dangerous, if a lightbulb-bomb have been scr-
ewed into the socket. Such a thing is very easy to make. Start with heating
the bulb's socket with a gasflame..." One section tells about weapons.
There it is described how to re-build a shot-gun into a grenade-gun, how
ordinary new-year rockets becomes bomb-carriers. This must be investigated
right now. It can be a case of insugency, said the district attorney Sven-
Olof Hakansson in Gothenburg.
15-YEAR OLD RESPONSIBLE FOR THE BULLETIN BOARD SYSTEM.
Responsible for the System "Halla Hogia" is a 15-year old from Kungalv.
He doesn't know what information lies available on his own system: New
things arrive daily, he said. Do you know that you have "The Terrorists
handbook" on your system? "No." Is it possible to check who sent it to you?
"No. All such information is erased after one week." Everything in the Sys-
tem is free. To access it, all you need to know is the telephone-number.
NEWSPAPER: EXPRESSEN
DATE : 91/01/11
REPORTER : RIKARD BJORK
FOTO : TOMMY NAZELL
(photo: The two kids (looking stupid) infront of a computer with the text:
- We were curious. That is how Petter Aasheim and Jorg Akerlund explains
the discovery of "The Terrorists handbook". The dangerous information
was found at an open Swedish Bulletin Board System.)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-18-
NEWS NEWS NEWS NEWS NEWS NEWS
NEWS ----------- NEWS
NEWS HACKER NEWS NEWS
NEWS ----------- NEWS
NEWS NEWS NEWS NEWS NEWS NEWS
NEW WAVE OF COMPUTER COUPS IN SWEDEN.
HACKERS IN KARLSTAD AND LINKOPING ARRESTED.
A wave of computer coups oozes over Sweden. Those worst affected are
Swedish universities that are used by young hackers. Their illegal
entries have cost hundreds of thousands crowns. At a large Swedish
company, a couple of employees are suspected for illegal entries at a
secret West-German database.
For the Swedish computer-police, the several coups wasn't unexpected.
During the last months of 1989, the chief of the Swedish computer-police
warned the public about what was about to come. Rolf Nilsson also said
that the next five years will be dangerous, and that they expected some
kind of big bang.
The real devestating bang in Data-Sweden haven't happened yet, but
these illegal entries are enough to make the police very nervous.
Several young hackers have, with the help of university-computers, made
electronic journeys round the world. On other locations, students have
made their way into university-computers and tried to change salary-
payments and grades. All togheter, there are about ten young hackers
that's been charged, and they have fines or max 2 years in jail ahead
of them.
The other investigation is conducted by SAPO (Swedish FBI) and riks-
kriminalen, and concerns five employees at a large Swedish company, who
have illegaly entered a super-secret, big database in West-Germany. At
this moment, the case is too sensitive, so the police can't give out any
information. Though a Swedish computer-magazine tells of an institute
for advanced mathematical processing and that the West-German secret
police (BND) have asked for help to trace the intruders. As usual they
think the KGB is involved, like in the Hess/NATO case, which resulted in
conditional jail-sentences.
Also when it comes to these Swedish hackers, the sentences will not
be of freedom-taking nature. They could face a two-year jail-sentence
but it will be very hard for the police to find evidence showing that
they had criminal intentions. "If you look at the bright side of this,
they really should get high grades in this area", said Stig Hakangard,
who is perfekt at the institution for ADB at the school in Karlstad.
These two hackers, aged 22 and 26, have illegally entered the schools
computer-terminal and among other things, destroyed a salary-register.
They are two students, who have one term of programming behind them.
"When I look at it, it seem to be a classic hacker-motive; they wanted
to get as far into the system as possible without getting caught." Their
fall came after they accidentaly deleted a salary-register, and the
system started to "ring the alarmbell". "We are very weak because of our
connections to SUNET, and there are over 200 node-computers in Sweden,
so if you crack the password to the Net, the road is open and limitless.
The police looks more strongly at the coups in Linkoping, where six
hackers have used the university-computer to call BBSs and databases in,
among other countries, USA and Australia. Four of them are charged and
could face fines or jail and pay for claimed damages. (ie. phonebills).
They have succeded in connecting with commercial databases through the
central computer and their own home-computers, and they used the univer-
sity identity which means they never had to use any passwords. The
phonebills came as a shock to the university. The first were at 60.000
US dollars, and the second at 20.000 US dollars. The hackers were lucky
that time, because the Swedish Telecoms counters didn't work at that
time.
Parallel investigations are made to trace the foreign hackers, who
have managed to enter Swedish computers through university-computers in
among other countries, Canada and Finland.
The final word here, is that the Swedish police is So nervous when it
comes to illegal entries, that they always notify the Swedish Millitary
forces and SAPO when they discover new hacker activities and entries.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-19-
=============================
======== SMALL NOTES ========
=============================
Datema sold their daughter-company Datema Konsult AB to the Swedish
Computer-central. The company have 28 employees and is specialized in
servicebureau activities and economy-administrative consult activities.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-20-
=================================================
S.H.A. VISITED AN EUROPEAN SPACE AGENCY COMPUTER.
=================================================
In August-90 a SHA member hacked his way into an ESA computer,
and got access to a lot of interesting stuff.
- It took me 3 minutes to hack that computer, so I can't call
that security, says the hacker.
NEWS NEWS NEWS NEWS NEWS NEWS
NEWS ----------- NEWS
NEWS HACKER NEWS NEWS
NEWS ----------- NEWS
NEWS NEWS NEWS NEWS NEWS NEWS
HACKERS BOUGHT COMPUTERS - ON OTHERS CREDITCARDS
Two teenagers have been exposed as hackers. They have bought computer-
equipment for 100.000's of crowns and paid with others creditcards. We think
that they got the numbers from computers, said the district attorney Wulf
Zippis.
The Police' computer-experts suspect that they are connected to a group
of hackers, who have made the numbers with own computer-programs. That group
was revealed eight months ago and consists of computer-knowledged teenagers
between 16 and 20 years.
Most of them are students on the Nature-scientific or Technic course, and
they live from Umea in the north to Lund in the south and have a common int-
erest; the possibility of the computer.
USED FAKE NAMES
The two, who are arrested, live in one of the suburbs of Stockholm. After
long hearings we are now working on how they made this possible, said Zippis.
We know that they ordered the merchandise in fake names with false adresses,
and paid with false creditcard numbers. How they got their hands on the
secret numbers will be investigated.
I can't tell you how large sums that are involved, but sure, it is large
amounts of money, said Zippis. One of the two teenagers is described as very
talanted, but lack of interest in school-work got him lousy grades. He cons-
entrated his talent in the technical world of computers. Looked for success
in hacker-circles and bought advanced computer-technique on others credit-
cards. The numbers were made by a computer-program which had been made by a
group of hackers. Rikskriminalens computer-experts have had long hearings
with the teenagers, and their story have had a similar pattern:
They have gotten a home computer and joined a club. In computer games,
they have found new ideas and improved the technique with help from modems.
VISA AND MASTERCARD
With help from modems, they have connected with databases and found inter
national lines. One of the members of the group, stole a list with blocked
creditcards. With the computer, they discovered how the 16 numbers were made.
That's the way they made numbers for VISA and Mastercard creditcards. After
that, it wasn't very hard to buy equipment from American mailorder companies.
To leave a number of a creditcard that is not blocked is enough. The mercha-
ndise were delivered to P.O. Box adresses in fake names. The bills were del-
ivered to the owners of the cards.
-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-
-21-
HOW TO KEEP ON HACKING
I. Password and number swapping
II. Single or Parallel hacking?
III. What a hacker can do and still be a hacker
IV. Hiding your stuff and safety precautions
I. Password and number swapping
This is a subject where almost everybody have their own opinion, whether to
swap hacked systems with total strangers or only within some kind of limited
circle.
The smartest thing to do is of course Not to swap with people you don't
know, like putting them up on Public Bulletin Boards and so on, this is VERY
stupid; Why? Well, imagine that you give out the userid's necessary to access
the system you've hacked and alot of people start to call it and do what they
can. Then... you notice the outidal that's been hidden in some strange direc-
tory. What do you do know? The system will maybe change their number because
of the XX calls they get per day all of a sudden, and when the same userid is
logged in 10 at a time, you'll have to wardial their new number...Clever? No.
And even worse, the computer will might not have it's number changed, it
maybe 'only' increase their system security, tracing suspicious calls etc.
It's the same thing about Numbers to systems you Haven't hacked (yet).
I think you agree with me that the smartest thing to do is to keep your
numbers and passwords to yourself, if you want to keep on having the system
'at your service'.
The way to keep numbers and passwords within some kind of circle or group
is also a way of Not letting numbers and passwords slip away. Decide and make
Your own rules on how these things should be handled, do it for a start, so
you have it written if something occurs (your favorite system crashes...).
In Sweden, I know this is a SERIOUS problem for hackers that have gone thr-
ough lots of trouble getting into a system, and after giving it to a friend
that couldn't SHUT UP about it, the result is that the system changes number
or increases the level of security. I know that MANY boards are letting their
amateur hackers go berserk on systems they just found! This is not good for
anyone, not the hackers and not the systems.
The (now) best way to solve this should be to validate the members that want
to join a certain (hacker) meeting, where they can tell eachothers what they
know / what they've found.
So hackers and other people, Share Experiences, Not Passwords.
II. Single or Parallel hacking?
Which way is the best? In some situations it's difficult to say.
In systems, where your hack cannot be hidden (Printer log etc) you might
have to take all the data possible from the system (under time stress...),
and this is when parallel hacking is best, two persons can Capture more
than one.
But ofcourse, you choose how many you are in at the time (downloading).
Two is though preferable, because it's easier (and Faster!) to speak to
eachother through the system and tell one another what to do, and that
you're not storing the same data. In all other situations, the single hack
is the best hack. You get more out of it for yourself.
III. What a hacker can do and still be a hacker
First of all, my definition of a Hacker;
---------------------------------------
-Describe short what a hacker is.
A hacker is someone who want to learn more about current systems and in
some cases, their security systems.
-What is a hacker's purpose when he's entered the system?
A Hacker NEVER destroy anything vital for the system, this is one of
the basic rules. Then he should take care of all interesting data he
can access and take it home, and after that, explore how This very sys-
tem works. Are there perhaps any changes compared to similar operating
systems?
-What happens to hackers that destroy systems then?
First, a 'hacker' that destroys systems frequently should NOT be called
a hacker at all. Crasher ([System-] Cracker) is the word for that kind
of people.
IV. Hiding your stuff and safety precautions