💾 Archived View for spam.works › mirrors › textfiles › messages › lodcom.hac captured on 2023-06-16 at 19:11:47.
View Raw
More Information
-=-=-=-=-=-=-
NOTE: This File is Approximately 50 KB in size.
Lodcom Sample Messages Set #1, 4/20/93
In order to provide a better feeling for the content of what the LOD
Communications Underground Hack/Phreak BBS Message Base Archives contain, 31
messages were selected from the overall collection of posts for 5 Boards.
Note that the samples contained herein are fairly typical and are but a very
small fraction of the 5000+ messages from over 50 systems that LODCOM currently
possesses. Additional BBS's and messages are being added constantly. Consult
the Price Listing [First Version due to be released in Late April 1993 and
periodic additions thereafter] for an up-to-date catalog of our holdings and
costs (minimal).
The selection of messages in Set #1 are from the following Systems:
H/P BBS Name A/C Sysop(s) Circa
-----------------------------------------------------------------------------
OSUNY 914 Tom Tone & Milo Phonbil 1982/83
WOPR 617 Terminal Man & The Minute Man 1984/85
Phoenix Project 512 The Mentor & Erik Bloodaxe 1988/89/90
The Twilight Zone 203 The Marauder & SafeCracker 1985/86
Black Ice Private 703 The HighwayMan & The Mentor 1988/89
_____________________________________________________________________________
H/P BBS Message Bases to be available in the near future (in addition to
the above five) are:
8BBS (213) Circa 1980/81, Modem Over Manhattan (MOM), Twilight Phone (1982),
Legion of Doom! (305) sysop: Lex Luthor, Plover-NET (516) sysop: Quasi Moto,
Sherwood Forest II (914) co-sysop: Bioc Agent 003, Alliance BBS (618) sysop:
Phantom Phreaker, Catch-22 (617) sysop: Silver Spy, Blottoland (216) sysop:
King Blotto, Osuny 2 (aka The Crystal Palace) (914), Mines of Moria (713),
Pirates Cove (516) sysop: BlackBeard, The Hearing Aid, Split Infinity (408),
Farmers of Doom! (303) sysop: Mark Tabas, Shadowland (303) sysop: The
ShadowMaster, Metal Shop Private (314) sysops: Taran King and Knight Lightning,
ShadowSpawn (219) sysop: Psychic Warlord, IROC, FreeWorld II (301), Planet
Earth (714), The C.O.P.S. (305), Ripco (312) sysop: Dr. Ripco, Hackers Heaven
(217) sysop: Jedi Warrior, Demon Roach Underground, Stronghold East Elite (516)
cosysop: Slave Driver, Pure Nihilism, 5th Amendment (713), Newsweek Elite
(617), Phreak Klass 2600 (806), Lunatic Labs (415), Laser Beam (314), Hackers
Den, The Freezer (305) sysop: Mr. Cool, The Boca Harbour (305) sysop: Boca
Bandit, The Armoury (201) sysop: The Mace, Digital Logic (305), Asgard (201),
The CIA bbs, The KGB bbs, Face to Face (1990), Broadway Show (718) Sysop:
Broadway Hacker, The Safehouse (612) circa 1983/4, Lost City of Atlantis (215),
The Private Sector (2600 sponsor BBS), and more.
This message constitutes explicit Permission by LOD Communications to
disseminate this File containing 31 actual messages from our Copyrighted
(c) 1993 collection of H/P BBS Message Bases so long as the contents are not
modified. No part of this File may be published in print without explicit
permission by Lodcom.
Lodcom Sample H/P BBS Messages:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ** {OSUNY (914) Sysop(s): Tom Tone and Milo Phonbil (both wrote for TAP)} ***
*** {Osuny is perhaps the most legendary Phreak Board of all time} ***
Msg.:118
Date:10/5/82
From:MILO PHONBIL
To:ALL
About:STANFORD STUFF
Greetings, Stanford phreaks!
It seems that those "strange" numbers
are really ones that
will appear if another person is signed
on to the same id.
(Like AA.TEG AA.TEG#2 AA.TEG#3 and so on
.) Also, while there
is no MAIL facility available to "GUEST"
accounts, there is
a way to send a one-liner to someone els
e. The command format
is: TO gg.uuu msg
Where gg.uuu is the person's id, and the
msg is of course,
the message. Also, their SPIRES database
is quite
interesting! Type CALL SPIRES, then SHOW
SUBFILES. Then you
must SELECT a subfile. For a complete tu
torial, try:
TUTORIAL MASTERLIST
SPIRES is ended by typing EXIT at the ->
prompt.
Later, MILO PHONBIL
Msg. :180
About :MAINFRAMES
From :DATA BANDIT
To :ALL PHREAKS
Date :2/23/83 00:00
-- more --
OK PHREAKS....YOU NEED HELP ON TSO
FORMATS,SPF FORMATS,GDDM FORMATS?
THIS IS THE GUY TO ASK....I'M DAMN
GOOD AT IT...I WORK AS AN OPERATOR
ON SUCH SYSTEMS AND KNOW THESE BABIES
LIKE I KNOW MY OWN FACE....SO IF YOU
NEED HELP...JUST DROP ME A LINE HERE
OR ON MY BOARD....303-xxx-3015....
24 HRS.....I CAN SHOW YOU HOW TO SET
UP A PROGRAM ONCE ON IT TO DUMP ALL
SYSTEM PASSWORDS AND ALL DATASET
PASSWORDS...ETC...SET UP YOURT
OWN USER ID...THE WHOLE 9 YARDS...
I HAVE MY COMPANY BY THE F*CKING
BALLS! SO I CAN TEACH YOU TOO....
JUST ASK ME.....
THE ONE AND ONLY
DATA BANDIT
][][ ][][][
ON A MAINFRAME NEAR YOU!
---------------\-/-----------------
?
MEMBER P.H.A.
Msg. :396
About :PHREAK BBS ON THE SOURCE!!!
From :MAXWELL WILKE
To :ALL
Date :3/25/83
Well, believe it or not, there is alread
y two small phreak
BBS's on The Source!!! They have traded
some minor info,
including some Sprint codes, and other s
uch folly. But
the thing is, it's there, has been there
since october '82,
and The Source knows about it, and they
don't care!
the BBS's are on the Source's PARTIcipat
e, which, admitedely,
is a very large, powerful "thing." In a
ddition to the
two on there now, I took the liberty to
create my own, entitled
the "P-MENU.SAV GROUP". It is Conferenc
e # 83.3257 .
Any CompuServe conference members out th
ere interested in
moving over to PARTIcipate on The Source
, let me know.
If you do not have instructions on it, I
'll mail 'em to you
if you give me your address. I'll see w
hat I can do about
getting some more Source accounts. A fr
iend of mine
listed 'em all!
later,
MW
P.S. To all fans of my modifications to
The Source:
Sorry, the good 'ole boys at STC p
icked up on what
i did to them (Snicker... haw.. ha
w) and they cor-
rected my modifications. i put 'e
m back, and they
fixed 'em again, etc, etc, until t
hey finally looked
up in their PR1MENET REFERENCE MAN
UAL and figured out
how to protect their accounts! Oh
well...
Msg. :476
About :BAD NEWS
From :THE HACKER
To :ALL
Date :4/8/83
BAD NEWS SPRINT IS AT IT AGAIN THEY JUST CAUGHT SOMEONE
LAST NIGHT NOW THEY ARE GOING FOR A SECOND KILL
THEY ARE GOING AFTER ZERO PAGE THEY HAVE BEEN CALLING AROUND
ABOUT SO IF ANYONE OUT THERE KNOWS HIM TELL HIM THAT
THEY ARE CALLING AROUND NOW THAT SPRINT AND MCI ARE OUT TO GET
ALL OF THE PHREAKS DOES ANYONE HAVE ANY GOOD SERVICES THAT
ARE SAFE I AM USING ITT
HOW SAFE IS THAT???
PLEASE RESPOND BACK SOMEBODY!
THE
HACKER
[*]THE INNER CIRCLE[*]
=-=-=-=-=-=-=-=-
-- more --
Msg. :519
About :SPRINT/MCI/OTHER BUGGERS
From :ROGER OLSON
To :ALL
Date :4/17/83
I highly recommend the proceedure mentio
ned here earlier for
staying OUT OF TROUBLE with "the competi
tion". Look for your
own passwords. Don't use the ones posted
on BBS's except maybe
once, to "get a feel" of how the particu
lar switch works. If
possible, test the codes between 8 - 11
AM to detirmine if they
are business codes or not. When possible
, use a local loop to
call into/out of to the switch you are u
sing. This simply adds
more frustration in the event anyone is
tracing. When possible,
STAY AWAY completely from these OCC's, o
pting instead to use the
Wats lines from large companies, via the
ir remote call in ports.
You always want to stay away from system
s that individually
account for each call, as MCI/Sprint do.
WATS lines, on the
other hand, especially in older exchange
s, do not record every
number called - just the total time the
line was in use, in
hours per month. In either case....have
your phun now!! Cause
after the Final Judgement and Settlement
is implemented next
year, you will place <<all>> long distan
ce calls by merely
dialing the number desired, and entering
a two digit "choice
of carrier" code (for ATT, MCI, Sprint,
Allnet, etc) and your
local central office will use ANI to sup
ervise your call! The
outfits like MCI will discontinue dealin
g with the public as
such, and will only deal <with other tel
ephone companies> who
in turn will act like billing/collection
agents for MCI, etc.
Watch and see! The times are changing! N
o more phucking around!
Msg.: 211
Date: 10/17/82
From: ROBERT ALLEN
To: ALL
About: WHITE HOUSE
IF ANY OF YOU ARE WONDERING,
800-424-9xxx IS WHAT IS
KNOWN AS THE WHITE HOUSE SIGNAL (SWITCH
BOARD),
AND IT IS RELATIVELY NASTY/FUN, IF ONE
KNOWS ALL OF THE
SILLY CODEWORDS TO USE.. A FRIEND AND 8
OTHER PHREAKS
GOT TRICKY DICK OUT OF BED AT 2:30 AM,
BY ASKING FOR "OLYMPUS". I HEAR THERE
ARE TAPES OF THE CALL FLOATING AROUND...
800-424-9xxx IS A WH. HOUSE PRESS RECORD
ING,THAT CAN BE QUITE
FUN, IF YOU LIKE RON'S SPEECHES EARLY...
DIAL ANYWHERE,
BUT DIAL WITH CARE
--BOB--
Msg. :111
About :***WARNING!!!***
From :JIMMY HOFFA
To :***PHELLOW-PHREAKERS***
Date :2/19/83 00:00
"FOR ALL YOU *PHELLOW-PHREAKERS* OUT THERE......
there seems to be some "negativeness" out there from a few
select peo`le!. WELL, For one thing "THEY" must realize
A "*PHREAKER*" IS *NEVER* "*NEGATIVE*" (TAKE NOTE!!.
RODGER-OLSON!!).. We ARE A SELECT BREED WHO HAVE BEEN
BLEd WITH A REAL UNSATISFYING "THIRST" FOR..
"@KNOWLEDGE*" and Willing to share with "PHELLOW-PHREAKERS".
WE CAN DO ANYTHING *MA* CAN DO, ONLY WE CAN DO IT BETTER!!!!!
WHO NEEDS "PESSIMISM" ANYWAY???? DID PESSIMISTs HELP BUILD OUR
COUNTRY, OUR COMPUTERS, OUR WORLD AROUND US???
NO!!! POSITIVE THINKERS DID, THAT'S WHO!!! PEOPLE WHO HAVE A
NEVER-ENDING THIRST FOR KNOWLEDGE, CHALLENGE, AND FOUND NEW
IN-ROADS TO HELP BETTER OURSELVES!!!
THESE ARE WHAT "I" CALL THE "*REAL*" "PHREAKERS"!!! HOW ABOUT
YOU!!! WE CAN TURN NEGATIVES TO POSITIVES EASIER THAN MOST CAN
BRUSH THEIR TEETH! WE DON'T NEED NEGATIVES BECAUSE THERE'S
ALREAXDY TOO MANY OUT THERE! WHAT WE NEED IS MORE PEOPLE WITH
A POSITIVE-MENTAL-ATTITUDE THAT CAN HELP FURTHER OUR
QUEST FOR KNOWLEDGE GAINING A SATISFACTION UNBEKNWNST to
"NEGATIVE"-"PESIMISTIC" PEOPLE!
HAD TO SAY IT AND I DON'T REGRET IT!
THIS WAS A>>>>>>
- ***PUBLIC************
- ***SERVICE************
- **ANNOUNCEMENT*****************
_____________________________________________________________________________
*** {WOPR (617) SYSOP: Terminal Man. WOPR was a private phreak board and} ***
*** {was considered one of the best H/P systems of the time. The} ***
*** {following Messages are from 1984 unless stated otherwise} ***
Message #33: QUORUM
Msg left by: KING BLOTTO
Date posted: TUE MAY 29 3:13:14 PM {1984}
TO ALL MY SUBJECTS:
THIS TOPIC IS ABOUT CONFERENCES.
AS MANY OF YOU KNOW, I DON'T CONFERENCE
ANYMORE SINCE INFOWORLD PUT OUT AN
ARTICLE ON IT ON MARCH 26. THE REASON
BEING: THERE ARE N-O SAFE EXCHANGES
BEING USED TODAY. EVERYONE SAYS; "BUT
THIS IS CHICAGO", "THIS IS A DALLAS
EXCHANGE", "THEY CAN'T TRACE CONFEREN-
CES!". THE LAST ONE IS MY FAVORITE. THE
SYSTEM USED BY ALMOST EVERYONE TODAY IS
ALLIANCE TELECONFERENCE. THIS IS NOT
BELL OPERATED. QUORUM IS THE BELL CONF.
SYSTEM. AND IT'S WORSE THAN ALLIANCE.
NEWS HAS IT, THAT ALLIANCE TELECON-
FERENCE MIGHT BE GOING UNDER NOW. BUT
THEY HAVE STARTED TAKING PEOPLE WITH
THEM. ( 5 TO DATE, AS I KNOW) ALLIANCE
IS SUPER-PISSED, WELL, WOULDN'T YOU BE?
AND ESPECIALLY AFTER EVERY LITTLE 15YR
OLD LEARNS HOW TO START ONE UP, HE'LL
BE JUST GETTING THEM MORE PISSED OFF.
THE ABUSE HAS GROWN TO A MAXIMUM. I AM
TRYING TO FIND OUT ALL I CAN ON
QUORUM AT WORK. I'LL POST THE INFO AS
IT COMES IN.
MAJESTICALLY,
KING BLOTTO
P.S.- READ THE 3/26/84 INFOWORLD!
<1-48 LAST=33 E=mail Q=Quit T=Titles>
---------------------------------
69> COSMOS & UNIX
---------------------------------
Msg left by: BIOC AGENT 003
Date posted: MON AUG 6 11:18:23 AM
COSMOS is basically a modified UNIX sys
tem. When a non-priviledged COSMOS
user logs on, a program usually called
/BIN/PERMIT is run. This tells the
system which COSMOS commands the user i
s allowed to use.
On the other hand, when a priviledged u
ser logs in (ie, root, sys, bin, or
preop), he is put into the normal UNIX
shell (SH) where he can utilize
UNIX commands such as: who & cat /etc/
passwd (which will printout the
password file). These users can also t
ype CHDIR /USR/COSMOS and use ANY of
the COSMOS commands since COSMOS is rea
lly a sub directory in a UNIX system.
They also have a bad (good?) habit of l
eaving administrative notices and files
(such as the decrypted passwords) layin
g around in different directories of
the system. In fact, one system down i
n Washington, DC has a BIN account
with no password (!) until some ASSHOLE
decided to change the message of the
day"I broke in, ha, ha --Joe Smuck"!!!
If you can't get into one of the privil
edged accounts then you might as well
try for a regular COSMOS account. The
typical setup is two letters followed
by 2 numbers. Here are a few common on
es:
TRxx (TRaining -- eg, TR01, TR02, etc.)
LSxx(Lac Staff)
LA (Line Assignement)
FMxx (Frame Manager)
NMxx (NAC Manager)
RSxx (Repair Service)
LMxx (LMOS debug)
etc...
You best bet would be too go for one of
the managers accounts such as NM01.
There is also usually a user-name of CO
SMOS on the system.
The passwords are usually pathetic. Tr
y things such as: COSMOS, FRAME, TELCO,
etc.) Also try simple words such as:
CAT, BAT, RAT, etc.
You'll have to guess at the Wire Center
, though (WC). It will always b 2
letters.
Excelsior,
---------------------------------
1-79 LAST=69
[E]mail
[A]bort
[T]itles
:
---------------------------------
78> Intro To C Search
---------------------------------
Msg left by: LORD DIGITAL
Date posted: FRI AUG 17 6:20:13 AM {1984}
Ok what the program "C PW Scanner", or
"The C Search" does is fairly
simple. It reads through the main passw
ord file searching for a match between
A person's name and password and compar
es the two. If they match, or if
a person's pw is simply his name spelle
d backwards. it will write the
pw's into a file name of your choice. T
his should net you several paswords
for every scan at least. The percentage
of stupid people on any given
system is usually quite high. The entir
e search should take about 5 mins.
Obviously it can't do too much consider
ing everything is crypted...
The entire program is internal, and ass
umes you have at least one accnt.
allready present on the system in quest
ion.
Instructions :>
Pretty simple, all you do is: Uplo
ad the text file, use the CC (Compile
C) utility, which will give you th
e "a.out" (assembly out), now just
rename the file (mv) to whatever y
ou wish to call it...
If anyone wants to trade various C prog
rams (trojan horses (not that kind),
programs that search for ports with out
dial capabilty, etc...) leave e-mail
later-
.../\^ lord digital ^/\...
------------
-Spectral -- Phorce-
---------------------------------
1-90 LAST=78
[E]mail
[A]bort
[T]itles
:
---------------------------------
83> the old fashioned way...
---------------------------------
Msg left by: BIG BROTHER
Date posted: FRI AUG 17 10:36:45 PM
It might be just as easy when hacking
idiot's passwords (User Name, same
again; first name, same again; etc.) to
do it the old-fashioned way--by hand.
Hey, in half an hour I found 15 account
s on my 'private' 617 VAX VMS 3.6.
Some of them are even partially privili
ged.
Another thing, always try default pas
swords. If the system lets priv'gd
users log in thought dial-in lines and
the default psswds are still there,
you've struck gold. As the wise man sa
y, "Keep it to yourself." I once
the phone number to a Ztel Prime system
(linked to Primenet which eventually
links to milnet) with my operator accou
nt (User:OPERATOR, no password--default)
to a few people. They abused the acco
unt(created 10 or 15 other accts for
themselves) and it died within days....
---------------------------------
1-90 LAST=83
[E]mail
[A]bort
[T]itles
:
---------------------------------
85> Pissed As SHIT!
---------------------------------
Msg left by: SHARP RAZOR
Date posted: SAT AUG 18 4:09:16 AM
That is right! i finally have the time
and sit down and work with my Wash. DC
BIN and PREOP accounts, and 'lo and
behold...i call up (i hadn't called for
about 5 days) and the #'s were changed.
...not 1..but all 4 dial-ups!!
Talk about an abused system! Some of yo
u may not know it, but someone logged
on and left a cute logon bulletin to
all the AT&T bus. people, etc...that
went sort of like 'haha, Kilroy wuz
here!'...(real cute and intelligent,
huh??)..besides that...there were times
when I would call at 2AM on a weekday,
and see 15-20 people on-line...
...and all on the same account!!!
(since the # is changed, I can say it
WAS the MF01 act. they were using)
Let this be a lesson NOT to go around
POSTING COSMOS dial-ups on anything
besides a very private BBS,and especial
ly not the pw's!...I KNOW that the
lower level accounts were given away..
..but I hope at least the sysop ones
weren't..in any case this really shows
me not to be so liberal when I hand
out COSMOS pw's again.
..Later..
..Sharp Razor>>
The Legion of Doom!
(dont worry, I am just a bit po'ed now,
but I MAY get over it!!)
---------------------------------
1-90 LAST=85
[E]mail
[A]bort
[T]itles
:
Message #87: MORE ESS
Msg left by: PAUL MUAD'DIB
Date posted: TUE JUN 19 2:59:05 PM
I've got many switch and frame #'s to
trade, and here's a fun way to get pw's
or destroy bbs's-
call the switch and do what I said
in msg 78 asking for call forwarding
on an anonymous # (NOT your local tym-
or tele- nets, they DO know them to be
special dials)..when he puts it in,
call the "frame" #, and say "Hiya,
this is Bob Lineman, could you run
into the MDF, and try to activate the
call forwarding on NNX-XXXX? send it
to NNX-XXXF, please, I need to check
it out from both ends..." then, hook
your computer up to the payphone that
NNX-XXXF is, and set up a simulator
for the login to that system. When you
have it in your pocket, call the frame
back and say "Hi, me again, would you
just disengage the forwarding on that
# for me? I've got the problem, but I
need it recieving calls to fix it.."
then you can re-hack it later if you
want by just calling the frame again
in a different shift..
later,
Paul Muad'Dib
Legion
of
Doom
1-90 Last=87 E=Mail Q=Quit T=Titles -
Message #38: BOSTON COSMOS
Msg left by: DOCTOR WHO
Date posted: WED MAY 30 10:16:55 PM
OK HERE IS A FRESH COSMOS DIALUP..SORRY
NO PASSWORD...GO TRASHING BOSTONIANS!
617-338-5xxx
SPEAKING OF COSMOS, I WENT TRASHING TOD
AY AND GOT A COSMOS PASSWORD. IT SEEMS
TO BE A HIGH ACCESS ONE, THEY BROKE IN
ON THE GUY USING IT TO DO MAINTENANCE.
THE NAME IS FF01. NOW ALL I NEED IS THE
DIALUP. I CAN'T SCAN WITH MY MODEM. IF
ANYONE WANTS TO DO A LONG-DISTANCE SCAN
OF 413, I WILL GIVE YOU THE EXCHANGES T
O HACK, AND THE PASSWORD. PLEZE!
OH, IF THERE ARE ANY PHREAKS IN THE 413
NPA READING THIS, PLEASE REPLY..ITS
LONELY OUT HERE! CONFERENCES: TOO BAD
IF A COMPANY GOES OUT OF BUSINESS BECAU
SE OF PHREAKS...ONE LONG-DISTANCE COM
PANY WHO IS BUGGING ME SAYS THAT PHREAK
ING IS FORCING THEM OUT OF THE BUSINESS
THAT IS BULLSHIT. DON'T BELIEVE IT.
THE PHONE CO.'S MAKE SO MUCH PROFIT ITS
PITIFUL. IF IT WASN'T FOR PHREAKS
WE WOULD STILL BE STUCK WITH SXS. SO WE
HAVE CREATED MANY JOBS..IN AT+T, GTE, I
TT...AND IN THE FBI. SO FEEL GOOD..YOU'
VE HELPED THE ECONOMY! I HEARD THAT MCI
TAKES A BIG TAX LOSS ON STOLEN SERVICES
. MUCHO BUCKS SAVED! THATS ALSO (PROBAB
LY) THE REASON THE METROPHONE DOESN'T TR
Y HARD TO CATCH PHREAKS.
YOU KNOW IF THERES ONE THING I CAN'T
STAND ITS POLITICS AMONG PHREAKS..ONE
PERSON TRYING TO MAKE OTHERS L1 %'AD
AND SAY" I RULE!" YOU KNOW WHAT I MEAN?
YOU PEOPLE WHO I'ME TALKING ABOUT: NOW
THAT YOU'RE HERE UNDER DIFFERENT NAMES,
TRY TO BEHAVE!..'NUFF SAID
THE T.H.A. (TIMELORDS HOLY ALLIANCE) IS
THE GROUP THAT REALLY RULES..BECAUSE WE
DON'T HAVE ANY RULES...NO INITIATION..
NO NOTHING...AND YOU NEVER HEAR ANYBODY
BADMOUTHING US, DO YOU?
IS THERE A GOOD WAY TO BULLSHIT THE
FONE CO. FOR THE COSMOS DIALUP?
BYE....
-----------=?> DOCTOR WHO <?=----------
<1-48 LAST=38 E=mail Q=Quit T=Titles>
---------------------------------
MESSAGE #81: HACK-A-TRIP
---------------------------------
Msg left by: BROADWAY HACKER
Date posted: TUE JUL 24 8:24:02 PM
As you have probably seen on some other
good boards, I am ex-
tending an offer to anyone who wants to
come to New York for
free. Hacking airline tickets isn't as
hard as you think. If
your interested, maybe to go to a TAP m
eeting or something,
leave me EMAIL. It is relatively easy,
but one screwup can ruin
you. There are others who may have some
idea how this is done,
but have not actually done it. Leave me
EMAIL if your interest-
ed. You must be a minor, however, and y
ou must leave me a VALID
phone number in feedback since there ar
e security measures in-
volved since it is grand fraud.
(-+-)(Chaos)(+-+)
Hack-a-trip
---------------------------------
MESSAGE #63: ARGGGH!
---------------------------------
Msg left by: KARL MARX
Date posted: SAT JUL 21 4:14:43 PM
Ahem, I don't know if I am getting moral
or something, but things are getting
pretty, well, strange.
First off: unix is pretty easy to crash
if you want to--but why would you want
to? Obviously, very few people know
"everything" about Unix, and I would
like one reason that destroying a system
would be better than learning to use it's
"special" features. If you want to get
your face on Newsweek, go ahead, but
otherwise, don't start destroying stuff
just for the sake of vandalism! Instead
of being a vandal, do somthing Robin
Hood-ish, like nice the parent process
of the batch runner to -20 or somthing.
Or give everyone full privilige
to / or make them all user 1.
Otherwise, as for metro tracing, that's
kinda hard to swallow. Would whoever's
friend's sister care to elaborate on that
one?
I don't know if anyone cares, but I had
a chance to take a look at those
"goldphones" and Geez!!! There were
codes written all over it! I don't
understand some people very well. That
is simply stupidity.
There is really nothing "new and exciting"
in phreaking anymore... most of what you
hear is bullshit from some twelve-year-
old that just learned how to use metro last
week. There is simply no "new" anything!
Eventually there will be, but until then
these "phreak" boards will simply be
"how to phreak"--tutorials instead of
journals. Drat!
:::::::::::::::::::::Karl Marx
LOD
---------------------------------
You have been on over your time limit.
Use the 'O' option to log off.
____
Logout Job ??, TTY ??,
On 21-7-84 For 34 Minutes
_____________________________________________________________________________
*** {Samples from the Phoenix Project BBS (512), Sysop: The Mentor} ***
*** {As many are aware, the Phoenix Project was one of the intended} ***
*** {targets in the Hacker Crackdown of 1990 and was erroneously} ***
*** {affiliated to Steve Jackson Games' Illuminati BBS} ***
*** {Other Networks Sub-Board} ***
8/60: Autonet...
Name: Erik Bloodaxe #2
Date: Thu Jan 11 13:18:39 1990
It wouldn't be such a great idea to scan Autonet through the Telenet
gateway. Autonet raised a holy shit-fit when Urvile was doing it
about a year ago, and sent Telenet Security all kinds of nasty
mail bitching for them to stop whoever in 404 was connecting to their
system. Telenet blew them off, but if it started again, Telenet might
just have to listen to their whining and crack down.
I suggest you (or whoever is planning on this) do your scanning through a
main dialup. It will be slower, but probably safer in the long run.
->ME
46/60: pac*it
Name: Corrupt #114
Date: Thu Feb 01 06:59:10 1990
pac*it plus calls 03110..germany and spain..I didn't think it called DPAC.
usefulfor scanning spain..but at this point......hmm I'd be scared of what
MCI i would do then GM...
anyone up on Kinneynet?hehehehehe
I'll post the dialup later but u need a NUI for it :-((
Develnet? I thought the Develnet was just x.25 server software! I've seen
several Develnet pads and I had gotinto thesystems it connected to and they
weren't MEAN related...maybe I'm wrong?(it was a modm company.)
Needless to say I was pissed when everyone used it todeath just to see a
pretty (canada)..the reason it diconnects is because of where you're calling
from..if you call from canda u probably won'T expirence this problem....on the
03110 develnet..same thing cept you have to be at console...there are still
somesystems availble from there that r open..here'Sone IBM <-i couldn't hack
it so of course I posted that one:-))
C U-->greets from [8lgm]corrupt
*** {The HP-3000 Sub-Board} ***
36/41: Woah!
Name: Erik Bloodaxe #2
Date: Mon Jan 22 03:36:40 1990
I wasn't ragging on MPE! Not at all, i was just "JOking" about the large
numbers of hp-3000 systems around the world and the unbelievable ease in
gaining access on one.
Geez, read...MPE seems ok, just kinda hard to get used to.
I mean, I'm in HUNDREDS of hp's, but until last year I didn't know what to do
with them...so they just sat there.
UNIX is just as lame security-wise, but On a percentage basis, I have gotten
into 85-90% of the HP's I have found, while I've only gotten into abot 50% of
the UNIXes I've found.
(Look at me grovel before one of the two HP experts I've ever seen...pathetic,
isn't it?)
Wiz, no offense intended towards your adopted O.S.
->ME
*** {UNIX Sub-Board} ***
60/69: both ways
Name: Corrupt #114
Date: Mon Feb 05 05:08:25 1990
nice trojans
------------
good security
this works both ways....look-out for unixes(and VMS sites) that keep another
copy of /etc/passwd (or sysuaf.dat) and everynite rewrite it over the one
used for login(some any mods are discovered)..u can alternatly install some
security inside likethis for yourself...(hide it in CROn) (or wherever u want
on vms:-)) undersytand? I know I'm not clear:-((
but thats works for you sometimes and it'S simple if you know script:-)
anyone here into Rapid Fire hacking?
*** {Electronic Banking Sub-Board} ***
12/32: Treason & Government Smegma...
Name: Erik Bloodaxe #2
Date: Fri Jan 19 02:06:13 1990
It's the Major SS buzzword these days.
Treason. If someone is poking around in ANY system they feel is
sensitive (although they leave sysdiag unpassworded, or lp password lp, etc..)
they will then label you as:
"A Serious Threat to National Security!"
Give me a break. Hell, I think my association with Par & Phoenix alone
is enough to get me the firing squad. I haven't even done anything,
but it seems that everything bad that's happened I keep getting
brought up, as I know such and such, or I somehow know EVERYTHING about
how such and such happened.
Well, I've tried my best to be good, and stay out of government things,
military things, etc... I've even edited out the "sensitive" things I've
run across in the Telenet scanning just for their sense of well being,
but if I begin to feel threatened, it's all going out. Unabridged.
We will see...I'm already getting nervous...the feds are already pissed
that LOD is still kicking, and this bbs must have SLAMMED it into their
faces. And I know that the EFT files must have pissed them off as
well, although that may or may not have anything to do with
this bbs suddenly going back up.
Well, I'm not a threat to ANYTHING, except myself maybe. Anyone who
knows me knows that. Back me up people. This is my public announcement
of not-guilty to any and all crimes against the Security of the United
States. So what if I was scanning 2502 a while back? Anyone ever think
that it would be in THE INTEREST OF NATIONAL SECURITY to hop into a
Soviet system? I thought it would.
Par knows what I mean. Hell, The government now seems to think he's a spy,
and wants to shoot him. Killing Teenagers for fun is not my idea of
constructive problem solving guys. Take an extended course in the
ways of the hacker. That education might do you all a world of good.
You may even pick up something you missed in your little weekend getaway
training seminar in fighting computer crime. When you come and kick in my
door, (don't step on the cat), and if you don't blow me away first,
maybe I can educate you all a little better on what is REALLY GOING ON!
(This message posted for the Secret Service & CERT, et al. whomever is
posing on here, or reading this via Mentor's & My own Data Taps)
->ME
*** {Phone Co. Computers Sub-Board} ***
3/46: LMOS
Name: Acid Phreak #8
Date: Tue Jan 09 17:56:23 1990
The most recent LMOS interlude was one in my local area. Got the host
processor (an IBM 3270) off Predictor. Overall, a very handy tool to add to
your telco 'collectables'. The FE's of course were PDP 11/70s using MLT for
reference.
Aw thit.. lookit all dem Hicaps.
--ap
(advanced phreaking)
6/46: ICRIS
Name: Phiber Optik #6
Date: Wed Jan 10 16:37:27 1990
Not to nitpick, but an LMOS CP is an IBM S370 (3270 is an SNA, used to get to
BANCS through LOMS for instance).
CRIS, as mentioned, the Customer Record Information System is a dandy little
IBM system whose main purpose is to house customer records. There are a small
handful of "CRIS" systems, like LCRIS (Local), and ICRIS (Integrated, which
should be noted is used by the Residential Service Center). Here in NYNEX, the
only way to reach these systems (we obviously aren't hardwired hackers) is
through BANCS, a bisync network. BANCS is not direct dialable, but IS
available through a 3270 link on the LOMS system, used by LDMC (LAC or FACS,
depending where you live). And LOMS IS accessible. A host of systems are also
available through FACS (which can be reached through LOMS on BANCS) such as
CIMAP, LMOS, SOP, TIRKS, the COSMOS-PREMISE interface, etc. So as you can see,
rather than going after any specific system, going after the RIGHT system will
pay off greatly (LOMS in this example). Oh, waitta-minnit, those mentioned
systems are off of BANCS, sorry. You can reach FACS on BANCS, and access a
couple 'o things like some of those mentioned, COSMOS (certain wire centers
only), etc. OK, enough rambling. Let's hear someone else's input.
Phiber Optik
Legion Of Doom!
$LOD$
____________________________________________________________________________
*** {The Twilight Zone BBS (203), Sysop: The Marauder} ***
*** {NOTE: All messages from 1985 unless stated otherwise} ***
[MSG #12 OF 22]: INWATS & X-LATIONS
FROM: THE MARAUDER
DATE: MAY 08 {1985}
Under CCIS, INWATS (800's) are handled completely different from the older
method (the old method i don't completely uderstand, but it translated
somehow based on it's own prefix & suffix). under ccis on the other hand,
inwats #'s are handled in the following manner: when the 800 number reaches
your toll office, a query is made to the 'INWATS DATABASE', (the master
database being at the KC RNOCS I believe), i believe each RNOC (regional
network operations center, of wich there are 12, one for each region), has
their own database (which is updated on a regular basis). a query is made
(via a CCIS link) to the inwat's database, and a POTS (plain old telephone
service, just a plain 10 digit ddd telephone number, ie: npa+pre+suffix), and
the POTS number is pulsed out from the toll center and your call is completed
just like a normal ddd (direct distance dialing) call, talthough it was noted
that the call was an 800 at the origination (your) toll office, so and you
are not charged foor the call.. with this in mind, it's a simple matter for
the inwat's database that handles your reigon to return a translation that
differs from another reigons translation, for example say fred phreak in
new jersey places a call to LDX extender service at 800-XXX-3333, upon
reaching his toll center, the toll center quereys the inwat's database that
handles new jersey, and a POTS translation is returned which for obvious
reasons would be the closest port to him, so let's say the translation was
(201)-XXX-4455, the toll office upon recieving this would proceed to complete
the call, and fred phreak would be connected to LDX at (201)-XXX-4455..
continued next..
<1-22, ^12> [?/HELP]:
[MSG #13 OF 22]: ABOVE CONT'D
FROM: THE MARAUDER
DATE: MAY 08
now, on the other hand let's say bill phreak in california calls the LDX
extender service at (800)-XXX-3333 (same number fred called from NJ), his
regions inwat's database may return a completely different POTS x-lation say
(213)-XXX-1119, again being ldx's closest port to bill phreaks toll center..
utilizing ccis, and inwat's databases, other clever things are possible for
example, as you all know ALLIANCE teleconfrencing is unavailable on
weekends, here's how that works: when you dial 0-700-XXX-1000, that number
is intercepted at TSPS and translated into a corresponding WAT'S number, for
this example, we'll say it translates to (800)-XXX-1003 (white plains), and
forwarded from tsps to a toll center, the toll center upon recieving the
800-XXX-1003, queries it's inwat's database and a POTS translation is
returned say 914-XXX-6677, which is the DN (Directory Number) for the
bridge-center. now on a weekend, the inwat's database, instead of returning
914-XXX-6677 may return 914-XXX-0077, which would terminate at a recording
saying alliance is not reachable on weekends.., that's why everyone is
alway's interested in the 'ALLIANCE TRANSLATIONS'. Because if you have the
x-lation you can simply use a blue box to route yourself directly to the
bridgecenter and bypass the whole tanslation procedure..
any questions, please post..
The
Marauder
Legion of Doom!
____________________________________________________________________________
*** {Black Ice Private (703) BBS Message Base Sample} ***
*** {Black Ice had a VERY restrictive user base as shown in the} ***
*** {included userlist. The quality of the messages was excellent} ***
%> Sub-board: Advanced Telecommunications
%> SubOp: ANI Failure
%> Messages: 100
%> Files: 0
%> Message: 32 of 100
%> Title: 800 xlations
%> When: 12/16/88 at 2:45 am
%> Left by: ANI Failure [SubOp] [Level: 8]
You can get them from a 4ess or some work centers like RNOC and RWC (good luck,
have a dialback).. Or from ONAC in Kansas City (816). The Operations Network
Adminstration Center is the focal point for 800 services in the AT&T network.
ONAC works in conjuction with the AT&T WATS centers (I think there are 3?) and
800 service co-ordinators to do operations, adminstration, and maintenance on
the 800 number network. You can reach the WATS centers phree of charge with a
959 plant test number in the correct NPAs (I know 914 has one). I think it was
959-5000 but that might be wrong.
The tech. term for an 800 xlation is a plant test number. This does not have to
be pots, but can be other system codes like 122, 195, 196, 123, etc. The only
type of 800 number that terminates in POTS is a READYLINE 800 number (AT&T). I
don't know about sprint, mci, etc. though. A good topic for investigation
though, thankx for the idea!
If you have access to a 4e (does anyone on her have this? If so I'll trade
anything I have for a 4e), you can type this in to translate a number:
well....i can't find the right notebook. it is somethink like:
TEST:DSIG;INWATS 800 nxx xxxx!
This does a Direct Signaling (DSIG) message into the 4E which commands the 4E
to pull the 800 internal number from the network control point (NCP) ove????jUH?+K?]? The 4E you are on must be included in the service area of that 800
number though, i.e. someone in the area served by that 4E would have to be able
to dial it in order for the 4E to have the xlation. So if the 4E is not in the
right area it will say 'NON SUBSCRIBED' or something of that nature. Oh, I just
remembered, there is an AT&T work group named DSAC (Direct Signaling Admin.
Center) that performs direct signaling messages into switches and things. If
you want the DSAC #, I can provide it..I don't think too many phreaks have
their number so they might be worth engineering.
Oh - the 800 xlation input message into the 4E was social engineered a long
time ago by The Marauder and Phucked Agent 04 from an RWC. But, thanks to a
fuck up by The Executioner and friends, the RWCs became very tight lipped...it
only takes 1 fuckup...
Um, I have gotten translations from the customer before, posing as AT&T and
giving them bs about 'MLT has found a potential trouble in your circuit' (haha)
and we need your translation number. I only did this once since I have never
had any major need to pull 800 xlations. But that will work in some cases if a
human answers. Or if you can get the terminating company name/location, you can
keep engineering and narrow down the locations of the xlation (say within their
centrex group or something) and then (ughh..dangerous and slow) scan for the
number, or do more engineering for it, etc...
There is an easier way to get 800 translations but I swore not to tell anyone
(that was the conditions of me getting the info) from a certain AT&T dept and a
certain support system...if you want a translation in an AT&T area I will try
to get it for you though....so leave mail or post and maybe I can help..
ANI-F
legion of 800 numberz
____________________________________________________________________________
*** {UNIX Sub-Board} ***
%> Sub-board: UNIX
%> SubOp: The Prophet
%> Messages: 99
%> Files: 1
%> Message: 5 of 99
%> Title: getty, login
%> When: 12/16/88 at 6:19 pm
%> Left by: The Urvile [Level: 8]
for getty, just check and see if the first entry is <something>, where that is
your back door, of sorts. the init program will have to be a bit (?) larger
than the original, considering that you'll have to put in the stuff to make it
set up your environment & exec /bin/sh.
login, on the other hand, can put a backdoor in the gpass() routine, which can
conveniently write the passwds to a file. not too useful to have lots of
passwds in an already backdoored system, you say? bull. there are lots of
southern bell systems i've gotten into by using the same passwds as the hacked
system. also, what if they remove the backdoor? too bad, it'll take you an
hour or so to put the source up & modify it again.
one thing that i've been thinking about: on a system, backdoor getty, login,
(for the reasons cited above), and something like 'date', to check 1) if root
is using the program, and 2) to see if your handy dandy login has been erased,
and put it back if 3) a day or so has elapsed from the last call of the 'date'.
well, i thought it was a good idea. much better than using cron & whatever to
put a username in the passwd file.
encryption on cosmos:
it's strange, to be sure. i tried putting a 404 cosmos passwd on your 602
cosmos. The user id's were different, the versions of cosmos were different, i
think, but the username was the same. has anyone ever seen ANY (no matter how
old) cosmos login source?
incidentally, is anyone doing anything on sbdn of late?
scanning for addresses is generally a bad idea.
*** {SPCS/OSS Information Sub-Board} ***
*** {Stored Program Control Systems / Operations Support Systems} ***
%> Sub-board: SPCS/OSS Information
%> SubOp: ANI Failure
%> Messages: 97
%> Files: 1
%> Message: 19 of 97
%> Title: DMS
%> When: 12/28/88 at 10:20 am
%> Left by: Epsilon [Level: 8]
I found out some things about DMS if anyone's interested. I only spent a
little while looking around, but I managed to figure out that the DMS does
indeed have a sort of tree structure. I haven't figured out the structure of
TABLES yet, but I kind of know how the rest works. Watch..
Ok, from the > you can enter tasks, (I prefer to call them toolboxes because
they're like little tools you can run to perform different things.) For
instance, you have one called LOGUTIL which is some sort of utility that keeps
tabs on various things, and you can view the logs kept. After you have entered
LOGUTIL, you can type LIST LOGUTIL and it'll spool out commands. You can also
type LIST LOGS to see a list of logs that are kept.
The next thing I was fooling with was SERVORD, which is obviously some type of
Service Order processing software. This toolbox is much friendlier, as it does
include the help command, and it provides help on the syntax of each command.
Unfortunately, it does not give each parameter for each command. I'm sure that
would take up quite a lot of space. I think you're going to need a manual to
really do anything cool with SERVORD, but hey..
Sorry if you people knew all of this already. I guess I'll keep posting about
it as I learn more.
Sheesh. Lame post.
Epsilon
____________________________________________________________________________
*** {Userlist as of Mid-May it seems} ***
%> Black Ice Private User List <%
Name Level Status Posts Last on
===============------------------=====------======-------=====-----=======--
System Operator 11 Sysop 33 5/16/89
The Mentor 11 Sysop 59 5/16/89
Epsilon 8 Charter 106 5/8/89
The Prophet 8 Charter 59 5/15/89
ANI Failure 8 Charter 220 5/6/89
The Urvile 8 Charter 71 5/4/89
Doc Cypher 8 Charter 56 5/13/89
Lex Luthor 8 Charter 21 5/10/89
The Leftist 8 Charter 20 5/14/89
Erik Bloodaxe 8 Charter 75 5/17/89
Empty Promise 8 Charter 16 5/5/89
Generic 1BED5 8 Charter 46 5/16/89
Skinny Puppy 8 Charter 93 4/23/89
Jester Sluggo 8 Charter 32 5/13/89
Red Eye 8 Charter 31 5/2/89
The Marauder 8 Charter 9 5/12/89
Ferrod Sensor 8 Charter 10 3/30/89
____________________________________________________________________________
*** {Tymnet (Packet Switching Network) Sub-Board} ***
%> Sub-board: Tymnet
%> SubOp: Lex Luthor
%> Messages: 48
%> Files: 0
%> Message: 36 of 48
%> Title: isis and elf
%> When: 3/25/89 at 12:37 am
%> Left by: Lex Luthor [Level: 8]
I believe ANI was correct about the acronym for ISIS.
Internally Switched Interface System
I think it is the go between from the engine to the node code. Kind of like
how assembly is the go between my apple and basic.
ELF - Engine Load Facility. This is a program that transfers and loads code
into a TYMNET Engine node.
ISIS has slots, in each slot a program (node code) can run. This node code
is different for different tasks.
I should clarify the above, only one 'application' ie: gateway, tymcom,
whatever, can run on isis, and usually is found on slot 0. But other programs
can be run on other slots. Programs that allow you to log into the slot and do
things. like DDT - Dynamic Debugging Tool.
All this and more will be explained in my upcoming (hopefully) file on Tymnet
called-- Anatomy of a Packet Switching Network: MDC's TYMNET.
inter-link cleared from VALTDNET (C) H9 N4067 to TYMNET (C) H5981 N7347
inter-link cleared from H1 N2010 TESTNET to H1 N2200 BUBBNET
inter-link cleared from TYMNET (F) H5277 N6420 to BUBBNET (F) H15 N2324
inter-link cleared from AKNET to TYMNET
inter-link cleared from TYMNET to AKNET
inter-link cleared from TRWNET to PUBLIC TYMNET
inter-link cleared from PUBLIC TYMNET to TRWNET
please log in: DECLOD
Password: DECLODH
Interlink established from TYMNET to TSN-NET
Please log in: Gomer T. Geekster
--Lex
%> Message: 44 of 48
%> Title: ontyme II
%> When: 4/4/89 at 1:15 am
%> Left by: Lex Luthor [Level: 8]
The system used for setting up the DECLOD acct was TYMVALIDATE which isn't
exactly the same as NETVAL but close.
Be careful with ONTYME II, since it automatically updates ALL files you read.
So if you read some files in that persons' personal directory, they can see
that either someone has their acct/pass or someone is using IMITATE and reading
their stuff. Me and Skinny Puppy are working on a way to defeat this....
Lex
%> Message: 47 of 48
%> Title: INTL TYMNET
%> When: 4/21/89 at 1:17 pm
%> Left by: Skinny Puppy [Level: 8]
International Tymnet - how many of you have seen tymnet claiming that it serves
over 65 countries, but don't really belive it? well, they do, sort of.
There is a tymnet-europe called Mcdonnell Douglas Information Systems (MDIS).
While I don't have any dialups for it, I have X.121 addresses in France and
BeNeLuxKG. once you get there, you can type HELP and glean alot of what is
going on. The interesting thing is that a lot of things that say ACCESS NOT
PERMITTED from regular tymnet are actually european addresses and can be used
on MDIS. for instance, ROMA (Italian for ROME), ESAIRS, and EURONET (which is a
host selector for american public timesharing systems). While there doesn't
seem to be a lot of european hosts, I am sure that if everyone on here pulled
up all their old tymnet-hack sheets where they had things listed as ANP (My
abbreviated for ACCESS NOT PERMITTED) and tried a few we could find something
new. Right now, I will only give out my French MDIS gateway - It is
208092020029. Figure out how to get there yourself. If you DO find anything
interesting, leave me mail, and we can trade. I already have some internal MDIS
systems there, if I can just figure out how to use them.
Coming Soon to a Board not so near to you: NISNET (tymnet-japan) and the
Carribean tymnets. Until then, ASSIMILATE
Skinny Puppy 21 april 1989
_____________________________________________________________________________
%> Sub-board: Vocal Hacking
%> SubOp: ANI Failure
%> Messages: 45
%> Files: 0
%> Message: 3 of 45
%> Title: Operator engineering
%> When: 12/6/88 at 12:43 am
%> Left by: Ferrod Sensor [Level: 8]
To answer ANIF's question, I have been doing some TSPS/TOPS engineering lately
for a variety of purposes, one of which is a bit far fetched but has
possibilities. I am trying to find a way to possibly freeze an operator
console (the method I am trying is actually simpler than it sounds). It
involves getting the op to connect to a short circuite test code, either by ACS
(key) or by OGT (outgoing trunk) outpulsing sequence. There area a few flaws in
this though, the main one being the more than likely possibility of the Op
simply releasing the console position (even though the short circuit, when
dialed, cannot be hang up on, the caller must wait for it to time out (about
three minutes or so).If this was the case, then the result could be the
Operator having an inaccessible outgoing line for a short period of time, which
wouldn't affect much with the actuall console..The things I tried recently with
this didn't result in much, but if I take into account TOPS/TSPS RTA (Remote
Trunking Arrangements) setups (where a caller from one area code, with a 0+ or
0- call, may be connected to an operator in a site in a different NPA. Test
codes are different, even in exchanges, so an operator site in a diffeerent NPA
wouldn't be affected the same with a different code.
The overall purpose to this would be to create a certain condition with the
operator network that could be used to gain information when investigated, say
by someone from Mtce. engineering or theTOPS/TSPS SCC or equivalents. There are
other ways to start an engineer of course, but this is just something that's
concrete (meaning you could get people to fish around for info a bit easier
than coming in for a random request.
This is getting a bit long. I'lll post more later about Operator engineering,
something more immediately practical next time. The board looks promising.
Ferrod/LOD
______________________________________________________________________________
LOD Communications: Leaders in Engineering, Social and Otherwise ;)
Email: lodcom@mindvox.phantom.com
Voice Mail: 512-448-5098
Snail Mail: LOD Communications
603 W. 13th
Suite 1A-278
Austin, Texas USA 78701
______________________________________________________________________________
End Sample H/P BBS Messages File