8/3/2019 TAP Magazine - Issue #97

1/10

8/3/2019 TAP Magazine - Issue #97

2/10

HOW TO FIND SOMEONE.

F i n di n g p e o pl e ? I have spen t considerab le time and e ff o r t doing t h i ss o r t of work. The only s ol id r ul e fo r t r acking people down i s that t herear e no s o l i d r u l e s .

In g e ne ra l, f in d in g people depends upon know ing enough about th e targets u b j e c t ( i . e . th e person you want to find) to gain d i r e c t i o n fo r t he s ea rc h .Fo r in stance, I was r e ta i ne d t o s ea rc h f o r a gentleman t h a t h a d a b sc o nd e dfrom th e ~ e a t t l earea with substan t ial d eb t s l e f t behind . I knew veryl i t t l e a b o u t th e guy o t h e r than hi s name, th e fac t that he ha d a t r u s tfund admin istered from Los Angeles, and that he h ad b ee n p lann ing to weda woman from Seat t le when he was l a s t heard from severa l weeks befo re.

In t h i s case, I m an ag ed to l oca te a marr iage l i c en se in th e King county(Seat t le) Courthouse which y i el de d t he name and address of the woman he

had, by th e time of t h i s search , m a ~ r i e d .Although th e man ha d coveredmost of h is t r a c k s p r e t t y well , th e woman he had m a rr i ed t oo k no e ff o r tto obscure he r path .

Consequently, I had th e woman's name an d l a s t known residence(inRe n to n , Wa s h in g to n, a suburb of Seattle)when I l e f t th e courthouse. OnceI had t h i s , th e r e m ai n in g f o ll o w up was r e a s on a b ly s i m p le . I t t u r n t ou tt h a t he r p r i o r residence s he h ad b een l iV in g i n was up fo r s a l e . A v i s i tto th e r e a l e s t a t e agent ac t ing a s b ro ke r affo rded a reasonably f a s tface- to- face m e e ti n g w i th t he f ug a ti v e I sought . He, i t developed, washandling a l l t he b us in es s o f h is new wife. The r e a l e s t a t e a ga en t v er yt h o ug h t fu l ly a rr an g ed t h e meeting, and a l so provided me with th e s e l l e r ' snew home address .

I t e l l t h i s s t o r y as a m ea ns of i l l u s t r a t i n g an approach to f i nd i n g p e op l e.While in general i t is h el pf ul t o review informat ion resou rces l ike th etelephone b oo k, P ol k d i r e c t o r y, e t c . , I bel i eve that a general p r i c i p l eis t he b es t a dv ic e. F in d o ut a ll you ca n about your target , t h e n d e t er m i newhat, i f any, i n f or m a ti o n r e so u rce s t h i s knowledge of your target imp lies .I f you ar e uncer ta in what in fo rmation your bas ic knowledge of your targetdoes imply, take what you know to an expert ( l ike th e records c l e r k in thec i ty /county b u i l d i n g where th e t a rg e t I m en t io n a bo ve h ad f i l e d hi s marriagel icense) and as k t he e x pe rt what i n t e l l i g e n c e is n e c e ss a r il y i m p l i c it inth e in fo rmation you have as a foundat ion . Once t his is accomplished, th eremaining t ask is t o e xp lo it t h i s in fo rmation .

As f or e xp e rt a s s i s t a n c e in deve loping th e leads t h a t you s t a r t with ,t here ar e as many s ou rc es f or t h i s i n t e l l i g e n c e as t he re a re c a t a g o r i e sworth e x p l o i t i n g . I know very l i t t l e about t enni s , f or i n st an c e,bu t I know enough t h a t i f I found t h a t a suspect I sought was a heavy t e n n i s

p layer, I cou ld ce r t a i n l y l oca te a t enni s expert to t e l l me whatorgan izat ions associa ted with t e n n i s might y i e l d th e s u s p e ct ' s l o c a ti o n .Fai l ing t h a t , i f t he s us pe ct is a ser ious t e n n is p l a ye r , and I have a goodidea what c i t y he might be in , I might be ab le to develope leads by ask ingquest ions at a t h e l e t i c clubs in th e a r e a .

For those who read about us inFactsheet 5, you ge t one issuefo r one stamp, no t 92-94 fo r 8single i t t y bi t ty s tamp. Sorryfor the mess up. Just send morestamps fo r more i s sues .

Effective Feb ru ary our ZIP CODEwill be changed from 40220 to40250. Please make a note of thisso you don't send mail to th ewrong place. Then cr y and say i t ' sTAP's fault we didn ' t ge t your mail !

SUBSCRIPTIONS TO TAP

Well, there seem to be alo to f messed up subscriptions.I feel the bla.e is not al l.y fault. If you send in onestamp fo r a sample issue, youwill get the current issue. Ifyou wait around half a year andsend in tvo more stamps you missedout on alo t of issues, butyou s t i l l get the current one.Not where you l e f t off . If youv an t to subscribe, you mustsend in 3 or more stamps. Thenyou will be added to our fancymailing l i s t . I t ' s jus t impossibleto keep u p wi th eyery one vhen th eyc8n't keep up with us. P le as e sendin l ike 10 stamps and say i amsubscribing. I will add you tothe l i s t and i t viII s ta r t withthe yery n ex t issue to bepublished. I hope this viII cleareverything up and make the mistakesless . For those who tr y and S8Ythat they sent in 6 stamps aod onlygot 3 issues wheres the rest?sorry, t hey v ere lost in the mailb ef or e they got to me i guess.

ED - Hail .& Subscriptions

TAP MagaZineP os t O ff ic e Box 20264LOUiSVille, Ky 40220

z=_=a__.=.a_. a a_. __c= _ Z Z = ~ Z_._. Z3_a===3==

Although t h i s approach seems l i k e common sense , many people tend t o f or ge twhat c r e a t u r e s o f habi t we humans are , and t h e y c o n s eq u e n tl y f a i l toe x p l o i t th e obvious when s e ar c hi n g f o r someone. Nonetheless, I have foundt h i s approach f a i r l y u se fu l. Ju st f ind ou t a l l you c an a bo ut your t a rg e t ,then th ink ! One must compile a l l a v a i l a b l e in format ion on th e targets u bj ec t, t he n follow i t up and e x p l o i t whatever leads t h i s in fo rmationdeve lopes .

Robyn RobertsonBITNET: GSRLR@ALASKAI n t e r n e t : GSRLS@acad3.fai.alaska.eduP. O .B ox 81638Fai rbanks , AK 99708

2

The opin ions ex p r es sed h e r e ar emy own

Contacting TAP other then by mailhas been impossible unti l nov. Therear e two BBS' s ve can be reach ed at .One is called The Danger Zone i t ' s24 hours 300/1200/2400 Bps, the ,is 502-448-1155. CreechNet BDSwith the same info can b e reach ed at502-491-4493. E-mail PredatOr.These ar e not TAP run BRS's, jus tones that h app en to be local to meso you can f in d me on them eas1ly.The feds may even tr y and find .e onthem to don't they wish?

3

TAP Magazine Issue #97January 25, 1990

8/3/2019 TAP Magazine - Issue #97

3/10

- - - - -~. . . . . . . . - - . . . . . ~ . ~ ; ; a~ ~ ~ ~. ~- ~ ~ \ l e- o-x-cn-e90 s . To s t a r t of f th e decade r i g h t , ~ ear e going to show you what we h av e d on ew it h t he r ea de r rep ly cards. Hopefullya ll t h a t we h av e d on e is what you, th esubscriber, wants. We have t r i e d toanswer th e majority of a l l requests . a d e .If you don ' t se e what you l i k e , or haveany problems w i th o ur c ha ng es , you ca nwrite in and give us your op in ion .

The following l i s t is a compilationo f o ur r ea de r s ur ve y c ard s. A fte r th el i s t , I have pu t down some notes froareaders and our r e p l i e s to them. We hopet h i s wa y you wi l l se e what we ar e doin9fo r you an d you can also g e t s p ec i fi cquest ions answered. Enjoys

These four ar e ra t ings from 1 to 10 .

The average is noted a f t e r sUbjec t .Qual cy of p r i n t - i .Qual ty of con ten t 7.Qual ty o f p ap er 9.Qual ty of serv ice from s t a f f -! .These were answered with a Yes or No.

Own a computer 93 \ Yes, 1\ No.Own a modem 93 \ Yes, 7\ No.Read 2600 m4gazine . 92 \ Yes, 8\ No.Read Phrack newslet ter 3 S\ Yes , 62 \ No.Use(d), b lue/red boxes 43 \ Yes ,51 ' No.

Do you cons ider yourself a hack orphreak? 25 ' phreak.

70 \ hacker.S' botti.

Average age of readers . 24.Yrs.youngest 18 Yrs, O l d e ~ t50 Yrs.Peaks in average a t around 20 and 30.

-Hacking phones, exp loslves, secur i tyayateas, an y in side in format ion , bu t NOcomputers . Enough in ~ 6 0 0, enough -c o mpu te r ma g az in es already.

TAf- We tr y to pu t something in TAP fo reveryone. Our emphasis is on hackingt hi ng s o t he r than computers bu t we haveto include computers a l s o .

-Keep mailer low-key, Don't se t f lagson envelope fo r USPS in spect ion .

TAP- We h av e p u r ch a se d secur i ty envelopesand a rubber stamp with money t h a t readerss en t i n 8 0 you d o n ' t have to worry aboutsecur i ty now. We won ' t elabo rate on ou ro t h er s e c ur i t y measures. Feds read TAPa l a o .

-Hare var ie ty t

-Do you have a bbs?

TAP- No. We would l i k e to ge t on e though.

-Cable descrambl ing is to the 8 0 ' s & 9 0 ' swhat blue bOXing was to th e 60 's & 70 's .Please p r i n t c i r c u i t s to defeat ALL typesof cab le boxes, ti e Zenith defeat c i r c u i t ,J e r r o l d defeat c i r c u i t , et c )~ h e r ear e c i r c u i t s t ha t w il l tu rn-on cab lebox t o r ec ei ve ALL Pay-Per_View. L ~ t ' shave c i r c u i t s a n d/ o r t u rn - on in fo fo r everymodel box. Cable companies ar e a biggerri p of f than Ma 8 e l l ever was.

TAP- If someone was to send i n th at in fo ,

we would p r i n t i t . U n ti l t he n, th e onlywas fo r us to g et i t is to buy i t . Weca n only do t h a t with donat ions. Wea l re a dy g i ve TAP away fo r f ree .

Editor Note: We regret tha t th is a r t i c l ei s an entire year la te BUT i t i s s t i l lvery accurate and should prove useful!to many beginning and experienced hackers.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + ~ + + + + + + + + + + + + + +

I The LOD/R Presents I++++++++++++++++ ++++++++++++++++

\ A Novice ' . Guide to Rackinq- 1989 edi t ion I

\ - --------------- I\ ,. by /\ The Mentor I

\ Legion of Doom/Legion of Backer. /\ I

\ December, 1988 / .\ Merry Christmas Everyone! /

\+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++/

* * * *I The au th o r h e reb y qranta permd io n to reproduce, red i . t r ib u te ,I or include t h i s f i l e in your q-fl1e aeet ion, elect ronic or p r in tI n ew le tt er , o r any other form o f t r an smis sio n t h a t you choos . , asI 10nq as i t is kept i n t ac t a n d who le , with no ommissiona, de l e tI ion. , or chan9.. . (CJ The Hentor- Pho.n i. Projec t Product1onsI 1 9 8 8, 1 98 9 5 1 2/ 4 41 - 30 8 8 I ** *

This f i l e w il l be div ided into four parts:Part 1: What is H acki ng , A Hacker's Code of Ethies , Basie Racking SafetyPart 2: Packet Switchinq Netvorks: Telenet- Row it Works, Row to Use i t ,

Outdials , Network Servers , Private PADI Part 3: Identify ing a Computer, How to Hack In , Operating System

Defau l ts 'Part 4: Conclusion- Final Thouqhtl, Booke to Read, Board. to Call,

Acknowledgements

Contents

A A A ~ A ~ A A A A A A A A A A A A A A A A A ~ A A A A A A A A A A A

5

Introduction: The S ta te o f the Hack

After surveying a ra ther large g- f i le col lect ion, my at tent ion vas drawn toth e f ac t that there hasn ' t been a good introductory f i l e w r it te n f or absolutebeqinners since back when Mark Tabas vas crankinq them ou t (and almost*everyone was a beqinnerl) The Arts of aackinq and Phreaking have changedrad ically since t ha t t i m e , and as th e 90 's approach, th e hack/phreak communityha s recovered from th e Summer ' 87 b us ts ( ju st l ik e i t recovered from t he F al l' 85 b u st s, and l i ke i t wi l l alvay. recover from attempts to shut i t down), andt h e p rog re s s ive media (from Reality Hackere maqazine to William Gibson andBruce Sterl ing 'S cyberpunk fab les of hackerdom) is Itart ing to take noticeof us fo r th e f i r s t tLme i n r ec en t years in a positive l i g h t .

Unfortunately, i t has also gotten more dangerous s ince th e early 80 '1 .Phone cops have more resources, more awareneSI, and more inte l l igence t h a t theye xh ib it ed i n t he p as t. I t is becoming more and more di ff icu l t to s ur vi ve a sa hacker long enough to become s k i ll e d i n th e a r t . To t h i s end t h i . f i l ei s de d i c a t e d . I f i t can help lomeone ge t started, and help them surviveto discover new s y s t e ~and new information, i t wil l have served i t ' s purpose,and served as a p a r t i a l repayment to a l l th e people who helped me ou t when Iva s a beginner.

~ W h a tar e t h o se a n te n n as on m o st p ow erpo les f o r ~ Any usable phone system goodiesan d anything to b ea t t he government.

TAP- We p ut t ho se in to f i l l in excessspace an d a l so because no t everyonereads th e same papers . Not e v er y p ap erp r i n t s t h a t same th ing

4

Singinto the hand-held mike, an dyour voice booms out l i ke a roc kstar's. Throw a switch, speak ,

an d you sound l ike a squeaky-sounding munchkin . F l ick another switch,and your voice bellows in ominous basstones. It's DynaMike, a voice-changingmicrophone that altersthe pitch ofinput soundsin 16different ways. A connector ca n link DynaMike to a stereoor portableradio. Price: $30. The OhioArt Co., 1 Toy81., Bryan, Ohio 43506.

INSTANT VOICECHANGER

TAP- Phrack newslet ter is a s o f t magazine TAP- Any readers ~ n o ~th e answer t o th att h a t is avai lab le on var ious b u l l e t i n ~ n e ?If so , send ~ t ~ nan d we wi l l p r i n tboards throughout th e us. One g oo d o ne to ~ t .tr y would be Ripco a t 512-528-5020. If youhave i n t e r n e t access, send mail t o . . . . . -Less newspaper a r t i c l e s / c l i p p i n g s .

C483307@umcvmb.missouri.edu orc48Sa69@uacvmb.missouri.edu.

Now on to the comments on what th ereaders want:

-What is a nd w he re ca D we ge t Phrack?

8/3/2019 TAP Magazine - Issue #97

4/10

Part On e: The Basics

As long as t h e re have b e en c o mp u te r s, t h e re h av e b ee n hackers . In t he 5 0' sat t h e Has .achu se ts I n s t i t u t e of Technology (MIT), studen ts devoted much t imeand energy to ingenious explora t ion of th e c om pu te rs . R ul es an d th e la w w er edisregarded in t h e i r p u r su i t f or th e ' h ack ' . Jus t a s t he y were e n th ra l l e d wi thth e i r pu rs u i t o f i n fo r m at i on , 80 ar e we. The t h r i l l of th e hack is no t inbreaking th e law, i t ' s in th e pu rs u i t and c ap tu re o f knowledge.

To t h i s end, le t me c on t r ibu t e my suggestions f o r q u id e l in e s to follow toensure th a t no t only you s tay ou t o f t ro u bl e , bu t you pursue your c r a f t wi thoutdamaging the' computers you hack in to or th e companies who own them.

I . Do no t in ten t io n a l ly damage *any* system.II . Do no t a l t e r any system f i l e s other than o ne s n ee de d to ensure your

escape from de te c t ion a nd y ou r future access ( Tro j an Ho rs e s, Alter ingL og s, a nd th e l i k e ar e a ll necessary to your s ur vi v al f or as long asposs ible . )

I I I . Do no t leave your (o r anyone e l s e ' s ) r e a l name, r ea l handle , or r e a lphone n umber on an y system th a t you access i l l e g a l l y. Th ey * can* andw i ll t ra ck y ou do wn from your handle!

IV. Be c a re fu l who you share i n f o ~ a t i o nwith. Feds ar e g e t t in g t r i c k i e r.Generally, i f you d o n ' t know t h e i r voice phone number, name, an doccupat ion or ha ve n ' t spoken with them voice on non-info t radingconversat ions, be wary.

V. Do no t leave your r e a l phone number to anyone you d o n ' t know. Thisi n cl u d es l o gg i ng on boards, no matter how k -r ad t he y seem. If youdon ' t know th e sysop, leave a note t e l l i n g some t rustworthy peopleth a t w i l l v a l id a te you.

VI. Do no t h ack g o ve rn m en t computers. Yes, t he re a re government systemsth a t ar e safe to hack, bu t they a re few and fa r between. And th egovernment ha s i n i f i t e l y more t ~ e an d resources t o t ra ck y ou d own thana company who ha s to make a p r o f i t an d ju s t i f y expenses .

VII. Don't use codes u n le ss t h er e is *NO* way around i t (you don ' t have al o c a l t e len e t or tymnet ou td i a l and c a n ' t connect to anything 800 )You u se c od es long enough, you w i l l ge t caught. Per iod .

VI I I . Don't be a fr ai d t o be paranoid. Remember, you *are* breaking th e law.I t d o es n 't h ur t to s to r e ev e ry t h in g en cr y p ted on your hard disk, ork ee p y ou r notes b ur ie d i n t he backyar4 or 1n t he t ru nk ot your c a r.You may f ee l a l i t t l e funny, bu t y o u ' l l f ee l a lo t funn ier when youwhen" you m eet B r un o , your t r an sv es t i t e cel lmate who axed hi s family todeath.

IX. Watch what you pos t on boards. Most of th e r ea l ly g re a t hackers in thecount ry post * n ot h in g * a b ou t th e system th ey ' r e c u r re n t ly workingexcept in th e broadest s en se ( I' m working on a UNIX, or a COSHOS, orsomething generic . Not "I 'm hacking in to General E l e c t r i c ' s Voi ce M ai lSystem" o r something inane an d reveal ing l ik e t h a t . )

X. Don't be a f r a id to a sk q u es t io n s . Tha t ' s what more exper ienced hackersar e for. D o n' t e xp e ct *everything* you as k to be answered, though.There ar e some things (LHOS, fo r instance) th a t a begining hackershouldn ' t mess with . You ' l l e i th e r ge t caught , or screw i t up fo ro th er s, o r both .

XI. Final ly, you have to a c tua l ly hack. You can hang ou t on boards a ll youw an t, a nd you ca n read a l l th e t ex t f i l e s in th e world, bu t u n t i l youa c tua l ly s t a r t doing i t , y o u ' l l never know what i t ' s a l l about. There 'sno t h r i l l qu i t e th e same as ge t t i ng in to your f i r s t system (well, ok ,I can t hi nk o f a couple of bigger t h r i l l s , bu t you g et t he p ic tu r e . )

One of the sa f es t places to s t a r t your hacking ca r ee r, i s on a computersystem belonging to a c o l l e ge . Universi ty co m pu t er s h ave notor iously la xsecuri ty, an d ar e more used to hackers, as every college computer de pa r tment ha s one or two, so ar e l es s l ik el y to press charges i f you shouldbe detected . But th e odds of them detec t ing you an d having th e personel tocommitt to t racking y ou d own ar e s li m a s long as you a r e n ' t de s t ruc t ive .

If you a re a lr ea dy a college studen t , t h i s is ideal, as you can l eg a l ly

explore y o ur co mp u te r system to your h e a r t ' s de s i re , then go ou t and lookfo r s imilar systems t h a t you ca n penetra te wi th confidence, as y o u' r e a l re a dyfamilar with them.

6

So i f you ju s t want to ge t your f e e t wet, c a l l your lo ca l c o l l e ge . Hany ofthem w il l p r o v id e accou n t s fo r l o c al r e s id e n ts at a nominal (under $20) chaxge.

Final ly, i f you g et c au gh t, a ta y qu ie t u n t i l you ge t a l awyer. Don ' t vo lunteer any in fo rmat ion , no matter what kind of ' d e a l s ' they o ff e r you.Nothing i s bind ing unless y ou make t he d ea l through your l aw ye r, s o you mightas wel l shu t up and w a i t . .

Pa r t Two: NetworksA A A A A A A A A A A A A A A A A A

The b es t p la ce to beg in hacking ( o th e r t ha n a co l lege) is on on e o f thebigger n e two rk s s u ch as Telenet . Why? F i r s t , t h e re is a wide v ar ie ty of

computers to choose f ro m, f ro m smal l Hicro-Vaxen to huge Crays. Second, th enetworks ar e f a i r l y wel l documented. I t ' . eas ie r to f ind someone who ca n helpyou with a problem o ff of Te le n et t h an i t is to f ind a s s i s t a nc e concerning yourl o ca l c ol le g e computer or h i gh s c ho o l machine. Third, th e networks ar e sa f e r.Because of th e enormous number of c a l l s t h a t a re f ie l de d every day by t he b ignetworks ; it 1s no t f i n a n ci a l l y p r a c t i c a l to keep t r a c k of where every c a l l andconnect ion a re made from. I t is also v er y e as y to disguise your l o c a t ion usingth e network, which makes your hobby much more secure.

Telenet ha s more computers hooked to it than any other system in th e worldonce you consider t h a t from Telenet you have access to Tymnet, ItaPAC, JANET,DATAPAC, SBDN, PandaNet, THEnet, and a whole hos t of other networks, a l l ofwhich you c an c o nn e ct to from your termdnal.

The f i r s t s tep t h a t you need to take i s to id en t i f y your lo ca l dia lup p o r t .This is done by d ia l in g 1-800-424-9494 (1200 71) and connecting. I t w il lspout some garbage a t you an d then y o u ' l l ge t a prompt saying ' T E R M I N A L ~ ' .This is your t e rm i n al t y p e. I f you have v t 10 0 e m u l at i o n, type i t in now. Orju s t h it r e tu rn an d i t w i l l de fa u l t to dumb terminal mode.

You ' l l now ge t a prompt th a t l ooks l i k e a @. From h er e, t yp e @c mail and then i t w i l l as k fo r a UsernAme. E n te r ' ph o ne s ' for th e username. When i tasks fo r a password, en te r ' p ho n es ' a g ai n . From t h i s po in t , i t is menudriven . Use t h i s t o l oc at e your l o c al d ia lu p , and c a l l i t back lo ca l ly. I fyou don ' t have a lo ca l d ia lup , then u se w ha te ve r means y ou wish to connect toone l ong die tance ( mo re on t h is l a te r .)

When you c a l l your lo ca l dia lup, you w il l once again go t hrough th eTERMINAL- s t u f f , a nd o nc e again y o u ' l l be presen ted with a @. This prompt l e t syou know you ar e connected to a Telenet PAD. PAD stands fo r e i t ~ e rPacketAsaambler/Di.a embler ( i f you t a lk to an e ng in ee r) , o r P u bl ic Access Device(i f you t a l k t o Te le n et 's market ing people. ) The f i r s t de s c r ip t i on is morec o r re c t .

Telenet works by t a k ing th e data you e n te r in on th e PAD you d ia l e d in to ,bundl ing i t in to a 128 byte chunk (normally . . t h i s ca n be changed), an d thent ransmit t ing i t at speeds ranging from 9600 to 19,200 baud to ano ther PAD, whothen t ak es t he data a nd h an ds it down to whatever computer or system i t ' sconnected to . B a si c al ly , t h e PAD allows two computers th a t have d i f f e r en t baudr a te s or communication p ro toc o l s to communicate wi th each o the r over a longdis tance . S o m e t ~ e sy o u ' l l no t i c e a t ime la g in th e remote machines response.This i s ca l led PAD Delay, an d i s to be expected when you're s e n d i ~ gda tathrough s e ve ra l d i f fe r e nt l i nk s .

What do you do with t h i s PAD? You us e i t to connect to remote computersystems by typing 'c ' fo r connect an d then th e Network User Address (NUA) ofth e system you w an t to go to .

An NUA t a ke s th e form of 031103130002520\ / \ 1\ I

-1 - -1 - -I -

I t ' network addressI I - - - - area p r e f ixI DNIC

This i s a su mmary of DNIC's ( t aken from Bl ad e Ru n n er ' s f i l e on I taPAC)according to t h e i r country a nd n et wo rk name.

7

- - - - - - - - - - - - - - - - - - - - - - - - - .-:;:' . .....-..-.. _ ... ---~ -'. ,- . ---

8/3/2019 TAP Magazine - Issue #97

5/10

DNIC Network Name Country DNIC N e t w o ~ k"ame Country

02041 , Datanet 1 Netherlands 03110 lfelenet OSA02062 DCS Belgium 03340 Telepac Mexico02080 Transpac France 03400 ODTS-Curacau Curacau02284 Telepac Switzer land 04251 I a ra ne t I s r a e l02322 Datex-P Austria 04401 DDX-P Japan02329 Radaus Austria 04408 Venus-P Japan02342 PSS UK 04501 Dacom-Net South Korea02382 Datapalt Denmark 04542 Inte lpak Sinqapore02402 Datapax Sweden 05052 Auatpac Austra l i i l02405 Telepak Sweden 05053 Midas A us t ra l i a02442 Finpak Fin land 05252 Telepac Hong Kong02624 Datex-P West Germany 05301 Pacnet New Zealand02704 Luxpac Luxembourg 06550 Saponet South Africa02724 Eirpak I r e l a nd 07240 In t e rda t a B ra z i l03020 Datapac Canada 07241 Renpac B ra z i l03028 Infogram Canada 09000 Dialnet USA03103 ITT/UDTS USA 07421 Dompac French Guiana03106 Tymnet USA

There ar e t wo ways to f ind in te r es t in g addresses to connect to . The f i r s tand eas ies t way i s to obta in a copy of th e LOD/H Telenet Directory from th eLOD/a Tech n ica l Jo u rn a l .4 or 2600 Magazine. Jes te r SlU99 0 also pu t o ut a goodl i s t of non-US addresses in Phrack I nc . N ew sl et te r I ss u e 21. These f i l e s w il lt e l l you th e NUA, whether it w il l accep t co l lec t c a l l s or not , what type ofcomputer system it is (i f known) and who i t belongs to (a lso i f known.)

The second method of l o c a t ing in te r es t in g addresses is to scan fo r themmanually. On Telenet , you do no t have t o e nt er th e 03110 DNIC to connect to a

Telenet hos t . So i f you saw th a t 031104120006140 had a VAX on i t you wanted tolook at , you c ou ld t yp e @c 412 614 (O'S can b e i gn or e d most o f t he ti me .)If t h i s node allows co l lec t b i l l e d connections, i t w i l l sa y 412 614

CONNECTED an d then you ' l l poss ibly ge t an i d e n t i fy ing header or ju s t aUsernarne: prompt. I f i t doe s n ' t allow co l lec t connections, it w il l give you amessage such as 412 614 REFUSED COLLECT CONNECTION with some e r r o r codes ou t toth e r ig h t , an d r e tu rn you to th e @ prompt.

There ar e two p r ~ r yways to ge t around th e REFUSED COLLECT message. Thef i r s t is to us e a N et wo rk User Id (NUl) to connect. An NUl is a username/pwcombination t ha t a ct s l i ke a c h a rg e a c c ou n t on Telenet . To co l lec t to node412 614 wi th NUl junk4248, password 525332, I 'd type th e f o l l o w ~ n 9 :@e 412 614,junk4248,52S332 a nd you i t s ho ul d s ay TELENET and t he n g iv e you th e @ prompt. From there ,type D to disconnect or CONT to re-connect and continue your , sessionuninterrupted.

Outd ials , Network Servers , and PADsA A A A A A A A A A AA A A A A A A A A A A AA A A A A A A A A A A A

In ~ d d i t i o nto computers, an NUA may connect you to severa l other th ings .One o f the most useful i s th e o u td ia l . An ou td i a l is nothing more than a modem

you can ge t to over t e l e n e t - s imi l a r to th e PC Pursui t concept, except th a tthese don ' t have passwords on them most of th e time.When you connect, you w il l ge t a message l i ke 'Hayes 1200 baud outd ial,

Detroi t , MI', or 'VEN-TEL 212 Modem', o r p o ss ib l y 'Sess ion 1234 e s t a b l i s he don Modem ,5588' . The be s t way to f igure ou t th e commands on these is tot ype ? or H or HELP- t h i s w il l ge t you a ll th e information th a t you need tou se o ne .

Safety ti p here- when you ar e hacking *any* s ys t em t h r ou g h a phone dialup ,always use an o u td ia l o r a d iv e r te r, e s pe c i a l l y i f i t is a l o c a l phone numberto you. More people ge t popped hacking on lo ca l computers than you canimagine, Intra-LATA c a l l s a re t he eas ies t things in th e world to t r ace inexpens ively.

Another nice t r i c k you can do with an ou td i a l i s us e th e r ed ia l or macrofunction th a t many of them have. F i r s t thing you do when you connect is toinvoke th e 'Redia l Last Number' f a c i l i t y. This w il l d ia l th e l a s t number used,which w il l be th e one th e person using i t before you typed. Write down th enumber, as no one would be ca l l in g a number wi thout a computer on i t . This

is a good way to f ind new systems to hack. Also, on a VENTEL modem, type '0 'fo r Display and i t w i l l d is pl ay t he f iv e numbers s tored as macros in themodem's memory.

There ' a re a ls o d i f f e r en t t yp es o f s er ve rs f or remote Local Area Networks(LAN) th a t have many machine a l l o v e r th e off ice or t he n at io n connected tothem. I ' l l discuss i d e n t if y i n g t h es e l a t e r in th e computer 10 sect ion.

And f in a l ly, you m ay connect to something th a t s ay s ' X. 25 CommunicationPAD' and then some more s t u f f , followed by a new @ p ro mp t. T hi s is a PADj us t l ik e th e one you ar e on , except th a t a ll at tempted connect ions ar e b i l l e dto th e PAD, allowing you to connect to those nodes who e a r l i e r refused co l lec tconnections.

This also ha s th e added bonus of confusing where you ar e connecting from.When a packet is t r a n s mi t t e d from PAD to PAD, i t con tains a header th a t ha sth e l o c at i on y o u 'r e ca l l in g from. Fo r ins tance , when you f i r s t connectedto Telenet, i t m i gh t h av e sa id 212 44A CONNECTED i f you ca l led from th e 212area code. This m eans you were ca l l in g PAD number 44A in th e 212 area .That 21244A w il l be sent ou t in th e header of a ll packets leav ing th e PAD.

Once you connect to a p r iv a te PAD, however, a l l th e packets going ou t

from *it* w il l have i t ' s address on them, no t yours. ,Thi s can be a valuablebuffer between yourse lf an d de te c t ion .

Phone ScanningA A A A ~ A ~ A A A ~ A ~ A

Final ly, t h e r e ' s th e t ime-honored method of computer hunting th a t was madefamous among th e non-hacker c rowd by th a t Oh-So-Technically-Accurate movieWargames . You pick a th r ee d i g i t phone p r e f ix in your area an d d ia l everynumbe r f rom 0000 -- > 9999 in t ha t pref ix , m ak in g a note of a ll th e ca r r ie r syou f ind. There is sof tware a v ai la b le t o do t h i s fo r near ly every computerin th e world, so you d o n ' t have to do i t by hand.

Part Three: I 've Fo un d a Computer, Now What?A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A

This next sect ion is a p p li c ab l e u n i ve r s al l y. I t doesn ' t matter how youfound t h i s computer, i t could be through a network, or i t could be fr omca r r ie r scanning your High School ' s phone p re f ix , you've got t h i s promptth i s prompt, what th e h e l l i s i t?

I' m *NOT* going to attempt to t e l l you what to do once y o u' re i n si de of

9

8/3/2019 TAP Magazine - Issue #97

6/10

any o f t he s e o p er a ti ng systems. Each one i s worth . e v e r a l G-f i l e s in i t sown r i g h t . I' m going to t e l l you bow to i de n t i fy and recognize cer t a inOpSyatems, how to ap p ro ach b acki n g i n t o them, and bow t o deal with 80mething

' t h at y o u' v e n e ve r aeen before a nd h av e know idea what 1 t 1 s.

VMS-

DEC-lO-

ONIX-

The VAX computer i s made by Di g i t a l Equipment Corpora t ion (DEC),and runs th e VMS (Vir tual Memory System) o p er a t in g system.VMS i s ch ar ac te r ized by th e 'Username: ' prompt. I t wi l l no t t e l lyou i f you 've e n t e r e d . v a l i d u.ername o r not, an d w i l l ~ . c o n n e c tyou a f t e r t h re e ba d l o g in a t te m p ts . I t alao keep. t r a c k o f a l lf a i l e d l o g in a t te m pt s arid i n f o ~ 8th e owner of th e account next times/he logs 1n how many ba d log in attempts were nade on th e account .I t i s one of th e moat secure operating aystem$ around from th eo u ts i de , b u t once you 're in t he re ar e many t h i ngs t h a t you ca n doto circumvent system se c ur i t y. The VAX also ha s t he b es t se t ofhelp f i l e s in th e world. Just type HELP and r ead to your h e a r t ' scontent.Common Accounts /Defaults : (username: pa8sword (( ,password])SYSTEM: OPERATOR or MANAGER or SYSTEM or SYSLIBOPERATOR: OPERATORSYSTEST: UETPSYSHAINT: SYSMAINT or SERVICE or DIGITALFIELD: FIELD or SERVICEGUEST: GUEST or ~ n p a s s w o r d e dDEMO: DEMO or unpasswordedDECNET: DECNET

An e a r l i e r l i n e of DEC computer equipment, running th e TOPS-10operating system. These machines ar e recognized by t h e i r'. ' prompt. The DEC-10/20 s e r i e s ar e remarkably h ack er- f r ien d ly,al lowing you t o enter sev er a l important commands without everlogging i n t o th e system. Accounts ar e in th e format (xxx,yyy] wherexxx and yyy a re i n te g er s . You ca n ge t a l i s t i n g of th e accounts andth e process names of everyone on th e system before logging in withth e command . s y s t a t ( for SYstem STATus). I f you seen an accountt h a t r e a ds (234,10011 BOB JONES, it mdght b e w is e to tr y BOB orJONES or both fo r a -password on t h i s account . To login , you type log in xxx,yyy an d t he n t yp e th e pa8sword when prompted fo r i t .The system wi l l al low you unlimdted t r i e s a t an account , a nd d oe sno t keep records of bad l o gi n a t te m p ts . I t w i ll a ls o i n f o ~youi f th e DIC y o u ' r e t rying, ( DI C - User Id en t i f i ca t io n Code, 1 ,2 fo rexample) i s bad.Common Accounts /Defaults :1 , 2 : SYSLIB or OPERATOR or MANAGER2,7 : MAINTAIN5,30: GAMES

There ar e dozens of d i ff e re n t machines ou t there t h a t ru n UNIX.While some might argue i t i s n ' t t he b e st o pe ra ti ng system in th eworld, it is c e r t a i n l y th e most widely used. A UNIX 8ystem w ~ l lusually have a prompt l i k e ' l o g i n : ' in lower case . UNIX a180wi l l give you unlimdted shots a t logging in (i n most cases) , andthere i s usually no lo g kept of ba d attempts .Common A c c ou n ts / De f au l ts : ( n ot e t h a t some systems ar e casese ns i t i ve , 8 0 us e lower case as a general ru le . Also, many t imesth e accounts wi l l be unpassworded, y o u ' l l j u s t drop r ig h t i n l )roo t : r o o tAdmin: Adminsysadmin: sysadmin or adminunix: unixuucp: uucpr je : r jequest: gue s t

demo: demodaemon: daemonaysbin : aysbin

10

P ri me - P rtm e co mpute r c om pa ny' . ma inf rame r un ni nq th e Primos operatingsystem. The ar e easy to spot, as t he g re et you with'Primecon l 8. 23 .G S' o r t he l i k e , dependinq on th e version of th eoperating system you ru n i n to . There wi l l usually be no prompto ff e r ed , i t w i l l j u s t look l i k e i t ' s s i t t i n g t he re . At t h i s point ,type ' l o g i n '. I f it is a pre-18.00.00 version o f Primos,

you ca n h it a bunch of AC'a fo r th e p a 8s wor d a n d y o u ' l l drop in .Unfor tunately, most people ar e running versions 19+. Primos alsocomes with a good 8e t of help f i l e s . One of th e most u se f u lfeatures o f a Prime on Te le ne t i s a f a c i l i t y c a l l e d NETLINK. Oncey o u ' r e i n s i de , type NETLINK an d follow th e help f i l e s . This a l lowsyou to connect to NUA's a l l o v e r th e world us ing th e ' n c ' command.F o r exampl e , to connect to NUA 026245890040004, you would typein c :26245890040004 at th e ne t l i nk prompt.Common Accounts /Defaults :PRIME PRIME or PRIMOSPRIMOS CS PRLHE or PRIMOSPR1HENET P R ~ N E TSYSTEM SYSTEM or PRIMENETLINK NETLINKTEST TESTGUEST GUESTGOESTl GUEST

HP-xOOO- This system i s mad e by Bewlet t-Packard. I t is ch ar ac te r ized by th e': ' prompt. The HP ha s one of th e more complica ted loq in sequencesaround- you type 'BELLO SESSION NAME,USERNAHE,ACCOUNTNAHE,GROOP'.Fortunately, some o f t he se f i e l d s ca n be l e f t blank in many cases.Since any and a l l o f t he se f i e l d s can be pas5worded, t h i s is no tth e e a s i e s t system to ge t i n t o , except fo r th e f ac t th at th er e areusually some unpassworded accounts around. In general, i f th ed e fa u lt s d o n 't work, y o u ' l l have to b r ut e f o rc e i t us ing th ecommon password l i s t ( se e b e lo w.) The HP-xOOO runs th e MPE ope ra tin g system, th e prompt fo r i t w i l l be a ' : ' , j us t l ik e th e logonprompt Common Accounts /Defaults :MGR.TELESUP,PUB User: MGR Acct: HPONLY Grp: PUBMGR.HPOFFICE,PUB unpasswordedMANAGER.ITF3000,PUB unpasswordedFIELD. SUPPORT, PUB user : FLO, o th e r s unpasswordedMAIL.TELESUP,PUB u ser : MAIL, others unpasswordedMGR.RJE unpasswordedFIELD.HPPl89 ,BPPlS7,HPP189,BPPl96 unpasswordedMGR. TELESUP, PUB, HPONLY, Bp 3 unpassworded

IRIS- IRIS stands f o r I n te r ac t iv e Real Time Information System. I t o r igi n a l l y ra n on P D P- l l' s , b u t now runs o n many other minis . You ca nspot an IRIS by th e 'Welcome to " I R IS " R 9 . 1. 4 Ti mesh a ri n g' banner,an d th e ACCOUNT ID? p ro mp t. IR IS al lows unlimited t ri es a t hackingin , a nd k ee ps no lo gs o f ba d attempts . I don ' t know any de fa u l tpasswords, so j u s t tr y th e common ones from th e password databasebelow.COl1l1lon Accounts:MANAGERBOSSSOFTWAREDEMOPDPS

PDPllACCOUNTING

11

~ . ~~

- _ . _ - - - - - - -- -

8/3/2019 TAP Magazine - Issue #97

7/10

Unresponsive SystemsA A A A A A A A A A A A A A A A A A A A

Occasionally you w il l connect to a system t ha t w il l do n o th i ng b u t s itt h e re . This is a f r u s t r a t in g fee l ing, but a methodical approach to th e systemw i l l yie ld a response i f you take your time. The following l i s t will usual ly

NOS- NOS s tands fo r Networking Operating System, and runs on th e Cybercomputer m ade by Control Data Corporation. NOS i de n t i f i e s i t s e l fq u i te r e a di l y, with a banner of 'WELCOME TO THE NOS SOFTWARESYSTEM. COPYRIGHT CONTROL DATA 1978,1987'. The f i r s t prompt youw il l ge t w il l be FAMILY:. Just h it return here . Then you ' l l ge ta USER NAME: prompt. Usernames ar e ty p ica l ly 7 alpha-numericscharacters long, and ar e *extremely* s i t e dependent. Operatora cc ou nt s b eg in w it h a d i g i t , such as 7ETPDOC.Common Accounts/Defaults:$SYSTEH unknownSYSTEMV unknown

De c ae r ve r - T h is i s not t ru l y a computer system, bu t is a network server t ha tha s many d i f f e r en t machines availab le from i t . A Decserver w il lsa y 'En ter Use rnam e> ' whe n you f i r s t c on ne ct . T his ca n be anything,i t doesn 't matter, i t ' s ju s t an i d e n t i f i e r. Type ' c ' , as t h i s isth e l e a s t conspicuous thing t o e n te r. I t w il l then present youwith a 'Local> ' prompt. From here , you type 'c ' toconnect to a system. To ge t a l i s t of system names, type's h se r v ices ' or 's h nodes ' . If you have any problems, onlinehelp i s availab le with th e ' h e l p ' command. Be sure and look fo rservices named 'MODEM' or 'DIAL' or something similar, t he se a reoften' o u td ia l modems and can be useful!

r a sca lreal lyrebeccaremoter ickreaganrobo trobo t i c srolexronaldrosebudrosemaryr o ~ e s

rubenr u les

ruth

j e s t e rjohnnyjosephjoshuajud ithjugglejUliakathleenkermitkernelknightlambdalarrylazarusle e

le roy

---------da n ie ldannydavedebdebbiedeborahdecemberdespera tedevelopd ie td i g i t a ldiscoverydisneydogdroughtduncan

ea aacademiaadaadrianaerobicsairp lanealbanya lb a t r o s sa l be r talexalexanderalgebraa l i a salphaalphabetama

Password Lis t

make *aomething* happen.1) Change your paxity, d a ta l en g th , and atop b i t e . A system t ha t won ' t re -

spond a t BNl may r eac t at 7E1 or 8E2 or 752. I f you d o n ' t have a t e ~program t ha t w il l le t you s et p a ri ty t o EVEN, ODD, SPACE, HARK, an d NONE,with d a ta l en g th o f 7 ,o r 8, an d 1 ox 2 atop b i t s , go ou t a nd b uy one.While having a 900d term program i 8 n ' t a bs o lu t e ly ne c e ss a ry, it 8ure i sh e lp f u l .

2) Change baud r a t e l . Again, i f your t e ~program w i l l l e t you choose od dbaud r a t e s such as 600 or 1100, yo u wi l l occas ional ly be able to p en e t r a tesome very i n t e re s t i ng sY8te ms, a8 m o st 8 y st e ms t ha t depend on a s trangebaud r a t e seem to think t ha t t h i s i s a l l t he s ec u ri ty they need .

3) Send a se r i e s of ' s .

4) Send a b a rd b r ea k f ol lo w ed by .5) Type a 8 er ie s o f .' . (periods). The Ca na d ia n n et wor k Da ta p ac respondsto t h i s .

6) If you're getting garbage, h i t an ' i ' . ~ y m n e tresponds to t h i s , as doesa Hult1Link II .

7) Begin sending c o n t ro l c h a r ac t e rs , s t a r t i ng with AA __ > AZ.8) Change te rminal emulat ions. What y ou r v t1 00 emulation th inks i s garbage

may a ll of a sudden become c r y st a l c l e ar using ADH-5 emulation. This alsor e l a t e s to how good your term program i s .

9) Type LOGIN, BELLO, LOG, ATTACH, CONNECT, START, RON, BEGIN, LOGON, GO,JOIN, HELP, and anything e ls e you ca n t h ink of .

10) If i t ' s a d i a l i n , c a l l th e numbers around i t and se e i f a companyanswers. If they do, tr y some so c ia l engineering.

B ru t e F or c e HackingA A A A A A A A A A A A A A A A A A A

There w il l a ls o be many occasions when t he d e fa ul t passwords w il l no t work

on anaccount.

Att h i s

poin t, youca n

e i t he r goonto th e next system

onyour

l i s t , or you ca n tr y to ' brute-force ' your way in by try ing a large databaseof passwords on t ha t one account. Be ca r e f u l , though! ~ h i sworks f in e ons y s t e ~t ha t d o n ' t keep t r ack of in v a l id l og in s , bu t on e system l i ke a ~ ,someone i s going to have a he a r t attack i f they come b ac k a nd se e ' 600 BadLogin Attempts S i nc e L a st Sess ion ' on t h e i r account. There ar e also someopera t ing systems t ha t disconnect a f t e r 'x ' number of in v a l id ~ o g i nat temptsand refuse to allow any more at tempts fo r o ne h o ur , or te n ~ n u t e s ,or 8 0 m e -times u n t i l th e next day.

The fo l lowing l i s t is taken from m y own password database plus t he d at abase of passwords t ha t was used in th e I n te r n e t UNIX W o ~t ha t was runningaround in NOvember of 1988. For a sh o r te r group, tr y f i r s t names, .computerterms, and obvious things l i ke ' s e c r e t ' , 'password ' , ' o p en ' , end th e nameof th e account . Alao tr y th e name of th e company t ha t owns th e computersystem (i f known), th e company i n i t i a l s , an d things re la t ing to th e productsth e company makes or deals with.

The above a re t he main system types in us e today. There ar ehundreds of minor variants on th e above, bu t t h i s should beenough to ge t you s ta r ted .

Another type of network server. Unlike a Decserver, you c a n ' tp r ed ic t what prompt a GS/l gateway is going to give you. Thede fa u l t prompt

i t'GS/l> ' , bu t th is i s

red if inable by th esystem adminis tra tor. To t e s t fo r a GS/1, do a 's h d '. I f t ha tp r i n t s ou t a large l i s t of defaults ( terminal speed, prompt,p ar it y, e tc . . . ), you ar e on a GS/1 . You connect in th e same manneras a Decse r ve r, t y p in g 'e '. To f ind ou t what systemsar e availab le, do a 's h n' or a 's h c ' . Another t r i c k is to do a's h m' , which w il l somet imes show you a l i s t of macros fo r loggingonto a system. If t h e re is a m ac ro named VAX, f or i ns ta nc e , type'd o VAX' .

VM/CHS- The VM/CHS opera t ing system runs in In ternational Business Machines(IBM) mainframes. When you connect to one o f t he se , you w il l ge t

message s im i la r t o 'VM/370 ONLINE', and t he n g iv e you a '. ' prompt,ju s t l i ke TOPS-10 does. To login, you type 'LOGON ' .Common Accounts/Defaults a re :AUTOLOG1 : AUTOLOG or AUTOLOG1CHS: CHSCMSBATCB: CMS or CHSBATCHEREP: EREPHAINT: MAINT or MAINTAIN

OPERATNS: OPERATNS or OPERATOROPERATOR: OPERATORRSCS: RSCSSMART: SMARTSNA: SNAVHTEST: VHTESTVMUTIL: VMUTILVTAH: VTAM

GS/l-

~ - 12 13

8/3/2019 TAP Magazine - Issue #97

8/10

amy easy lewi_ sa lanalog eatme l i g h t saxonanchox edges l i a a schemeandy edwin l ou i s sc o t tandx.a 89 g head lynne scottyanimal ei leen mac secxetanswer e i ns t e i n macintosh sensoxanything elephant mack serenityarrow el izabeth maggot .e x

ar thur e l l e n magic sharkasshole emerald malcolm sharon

athena engine mark s h i t

atmosphere engineer markus shiva

bacchus enterprise marty shu t t l ebadass enzyme marvin simon

bailey eucl id mast.er simplebanana evelyn maurice singerbandit extens ion merl in single

banks fai rway mets smi le

bass f e l i c i a michael smiles

batman fender michel le smooch

beauty fermat mike smother

beaver f i n i t e minimum snatch

beethoven flower minsky snoopy

beloved foolproof mogul soap

benz foo t ba l l moose socrates

beowulf foonat mozart s p i t

berkeley forsythe nancy springbe r l i n fouxier napoleon subwaybeta f r ed network success

beverly fr iend newton sunmerbob fr ighten next super

brenda fu n o l i v i a support

br ian ga br i e l oracle surferbr idget ga r f i e l d oxca suzannebroadway gauss orwell t a nge r inebumbling george o s i r i s tape

card inal ger trude outlaw t a rge tcarmen gibson oxford tay lorcaro lina ginger pa c i f i c te lephonecaro line gnu pain less tempta t ion

c a s t l e g o l f pam t i g e rca t go l fe r paper togglec e l t i c s gorgeous password tomato

change graham pa t toyota

char les gryphon p a t r i c i a t r i v i a lcharming guest penguin unhappy

charon gu i t a r pete unicornchester hacker pe t e r unknownciqar harmony ph i l i p urchinclassic haro ld phoenix u t i l i t ycoffee harvey p i e r re vickycoke h e in le in pizza v i rq i n i ac o l l i n s he l l o plover warrencomrade help polynomial watercomputer h er b e r t praise weeniecondo honey prelude- whatnot

condom horse pr ince whitney

cookie imper ial pro t e c t wi l lcooper inc lude pumpkin will iam

create inqres puppet wi l l i ecreation innocuous r a bb i t winstoncreat.or irishman rachmaninoff wizard

c re t l n l s l . rainbow wombatdaemon jap&ft ra indrop yosemite

d a n c . ~ j lc a randoa zap

14~ L

l

Part Four: Wrapping it up!A A A A A A A A A A A A A A A A A A A A A A A A A A

I hope t h i s f i l e ha s been of some help in g e t t in g s t a r t e d . I f you 'reasking y o ur s el f t h e ques t ion 'Why h a ck ? ', t he n you've probably wasted a lo tof time reading t h i s , as y o u ' l l never unders tand. For those of you whohave read t h i s a nd f ou nd i t u s ef u l, p le a se send a tax-deductib le donationof $5.00 (o r more!) in th e . name of the Legion of Doom to :

The American Cancer Socie ty90 Park AvenueNew York, NY 10016

* * * ~ ***.***********************.*************.************************References:1) Introduct ion to I taPAC by Blade Runner

Telecom Secur ity Bulle t in .12) The IBM VM/CHS Operat ing System by Lex Luthor

The LOD/H Technica l Journal .23) Hacking th e IRIS Operat ing System by The L e f t i s t

The Loo/H Te ch n ic a l J o ur n a l .34) Hacking CDC's Cyber by P h ro z e n Gho st

Phrack Inc. Newsle t ter f185) USENET camp. r i sks d ig es t ( va ri ou s a u th o rs , v ar io us issues)6) USENET unix. wizards forum (va rious a u tho rs )1) USENET info-vax forum (va rious a u thors )

Recommended Reading:1) Hackers by Steven Levy2) Out of th e Inner Cir c le by B i l l Landreth3) Turing 's Man by J. David Bolt .er4) Soul of a New Machine by Tracy Kidder5) Neuromancer, Count Zero, Mona Lisa Overdrive, and Burning Chrome, a l l

by William Gibson .6) R e a l i t y Hackers Magazine c/ o High F r o n t ie r s , P.O. Box 40271, Berkeley,

Californ ia, 94704, 415-995-26067) Any o f the Phrack Inc . Ne wsl e t t e r s ' LOD/S Technical Journals you ca n f in d .

Acknowledgements:Thanks to my wife f o r p u tt in g up with me.Thanks to Lone Wolf f or the RSTS , TOPS as s i s tan ce .Thanks to Android Pope fo r p roo fre a d ing , s ugge st ions , an d beer.Thanks to The U r v i l ~ / N e c r o n99 fo r p r o o f r e a d i n g ' Cyber in f o .Thanks to Eric Bloodaxe fo r wading through a ll th e t r a sh .

Thanks to t he u se rs of Phoenix P r oj ec t f o r t h e i r contr ibutions.Thanks to Altos Computer Systems, Munich, f or the chat system.Thanks to th e various secu r i ty personel who were willing to t a lk to

me about how they operate.

Boards:I can be reached on th e following s ys te ms w i th some r e gu l a r i t y -

The Phoenix Project : 512/441-3088 300-2400 baudHacker's Den88: 718/358-9209 300-1200 baudSmash Palace South: 512/478-6141 300-2400 baudSmash Palace North: 6 12 /6 33 -0 50 9 3 00 -2 40 0 baud

15

8/3/2019 TAP Magazine - Issue #97

9/10

Chemi,.l Fi re B ot t leIncendiarr ~ t t l eSelf lan itina On Impact

G l a ~ sBot t le w/s to p p er (1 q u ar t )Small B o tt l e w / li dRag o r Pa pe r t owe l sR ub be r B an ds

[1&

-- ,

Mate r ia l s Required

Su lp h u r ic AcidGa so l i nePotassium Ch lo ra teSugar

How U&ed

Bat t e r i esMotor FuelMedicineSweetening Foods

Common Source

Motor Veh ic lesGas Ste t ionDrug StoreFooe Store

:!::= \ .I -

~--------~ - - ~ - - - - -- - -

"No, I haven'ttoldmy parentswhatwe managed to do. Kevin. They'll see it allon thesixo'ciock news anyway. "

16I

Procedure1. Concentrate SUlphuric Acia by boi l ing in oven g l a s s ore n a m e l _ a r ~conta ine r u n t i l white fumes a r e g i ve n o f f .

s e e fo o t not.e h2. Remove ac id from h ea t l e t cool to room t emp er tu re .

3. Pour gaso l ine i n t o th e l a r g e b o t t l e unL i l i t ' s 2/ 3 f u l l .

4. S l o ~ l yad d th e su lphur ic ac id to t h ~ 9aso l ine u n t i l th eb o t t l e i s f il le o 1 i nc h from th e top . I n s e r t 5 to p p er.

5 . lmp o r tcn t . Wash th e o u t s id e of th e b o t t l e. w i ~ h ( c l e a r }ta p wa t e r. Dry wi th towel .B

6. Wrap a rag of p ap er towels eround th e outs ide of th eb o t t l e . Fasten ~ i t hr u bb e r b an d s.

7. Di sso l ve 1/ 2 cu p (100grn) of potassium c h l o r e t e en d 1/ 2 cu pof sugar in on e cu p . (250cc) of boi l ing water.

B. Le t cool an d pour i n t o tb e ~ m a l lb o t t l e an d c a p . The so lu t ionshould be 2/ 3 c r y s t a l s 1/ 3 l i q u i d . I f t h e r e i s more l i q u i dpour of f th e excess .

CHow to us e1. Shake smal l b o t t l e to mix conten ts and p ou r on t o th e pa pe rt owe l s arouno th e l a rg e b o t t l e .

2. Throw th e b ot tl e a t th e t a r g e t . When th e b o t tl e s h a tt e rst he c o nt en ts i g n i t e .

NOTES S o t t l e ca n be used we t o r " a f t e r th e so lu t ion ha sdr i ec . The d ry s ug ar p o ta ss iu m c h lo r at e s o lu t io ni s more s e n s i t i v e to spark or f lame so be c a r e f u l .

A. S u lp h ur i c h c id w i l l burn s1.in or c lo th ing wash with ~ a t e ron s p i l l s . FUffies a re a lso dangerous an d s ho ul d n ot be inha led .So co n cen t ra t e ~ c i do u t s i d e i f p o s s i b l e .

B. I f b o ~ t l ei s no t ~ a s h e di t may be d an g er o u s to handled ur in g u se .

C. S to re s ~ a l 1b c ~ t l ~a ~ a yfrom l a r 9 ~j ~ c a s ~on e i s b r o k ~ nt h ~ o th er ~ o ~ ' tC c U S l an u ~ ~ c n t e o ~ x r l o s i o n .

PREDATOR

17

8/3/2019 TAP Magazine - Issue #97

10/10

TAP Staff 1/25/1990- - - - - - - - ~- ~ - - ~ - - ~ -

PredatOr / Editor fo r th e monthPublisher and morel

TAP

P.O. Box 20264Lou, Ky 40220

Ed / Re sear ch DirectorSubscriptions & Mail TAP RAP

HOW TO HACK PARKING METERS BlitzkriegBoyz / General Chaos

Phreedom FightersCon tinu ed from page 4

._--- - -------_ .

HAY, ya' l ! send offin ge tth is fancy k it to protectyourse!fand your equipmentfrom them thar sa tan is t icvirusees from hel l .

-Have a Q & A column, where we wri te inquest ions you p r i n t , we answer.

TAP- You w i l l se e tha t as soon as wege t enough quest ions fo r an a r t i c l e .

-Nude p ic tu res of Carol Al t .

TAP- We ar e working on i t .

-More connections with t e r r o r i s t s .

TAP- Sorry, we do no t condone terrorism.We a ls o a re no t in c on t a c t with anyt e r r o r i s t s . Te rr o ri s m s u ck s .

-Would l i k e to se e some rea l moral f ibe r.At t i t ude s t h a t p o r t ray technology usersas people o th er than t h i ev es .

TAP- See ou r answer t o th e t er ri sm su b jec t .

-More phreaking i n fo . Schematics & newbox plans, t e s t numbers. Not heavy emphasison computers.

TAP- We ar e working on g e t t in g some veryup to d ate d ata on boxing. Also comingup ar e more a r t i c l e s on phones. We needdonations in th e form of a r t i c l e s andmoney. PredatOr w i l l expla in fu r th e r.

. _ - - - - - - - - - - - - - - - ifeStyles,~ O .Box 429, Riverside,cr 06878 RS02

Pleasesend memy freeLifeStyles.Samplerofsix v L ' t u ~~ ~ T G . ~"free suede-like c a r r y i n ~case.

Enclosed is SI to coverpostageandhandling.. NAME

ADDRESSCITY

.STATE_ _ _ _ 2IP__ ~ ~

. OItcr lill1iaC'd'u c ... Pf'I C ' ~ C I " W ' r\\N4"'....... p t C l W l i t ~bt l ..

TAP NEEDS LIST! 1990

Group 3 Fax MachineEnvelopesWhiteout for copiesScotch tapeAnswering machinesAsian women looking for American husbandsCopy paper (any color)Cash/Money/Greenbacks3.5 microdisks ds/ddNude photos of gir ls/womenARTICLES for future issuesMail (fan or Hate)Newspaper clipping on hacks/phreaksRingbacks for your area codeWeird numbers to c a l lAmiga hack/phreak programsIbm hack/phreak programsPictures of your : l oca l ~C OPrinter PaperCopy machine tonerComputers (any kind/brand)Watson voice mai l boardLinemans handsetBoxes ie RED, BLUE 512k memory expansion fo r Amiga 500Sharp 3100 typewri ter r ibbonsExtra STAMPSPostage meters2 line telephoneAT&T cordless phonePhone boothSouth C ent r al B e ll vanShot glasses from your favor i t e barDifferent TAP logosCar CD playerRadio / Ham, Short waveBazooka tubesStaplers and staplesRolodex or twoSlimjimLockpicking ToolsRambo ]I ( knifePhonebook from your 'c i t y, PLEASE!

Most al l of t h ese i tems wil l be usedby TAP for al l of US, l ike the faxfo r a fax line, and the voice mailboard fo r th e subscribers to keep intouch l ega l ly. Now how JOU go about

in getting these items is up to you.All i te ms will be for TAP and cannotbe returned, like a g i f t . So don'tbe an indian giver. Host importantdon't steal anything. Har Har

Brought to you by th e REDNECKREVOLUTION

Problems, occassional1y th e dime s lot i s to narrow fo r aredneck penny. Just drop th e penny on th e sidewalk, step

on i t , move your foot back and forth , fi l ing th e pennythinner. These methods should work on a l l Duncan brandmeters that accept dimes. Rom & Rockwell brands alsowill take th e redneck penny. I f th e redneck penny happensto turn while you inser t i t , you u su al ly g et credi t fo ra dime, instead of th e ful l time l imit .

Tired of feeding coin af ter coin into parking mete rs fo rth e priviledge of p ark ing your car, (which you have paidregistrat ion fees to allow your ca r on th e road) on yourro ads? (you p ai d fo r them with taxes). Well how would youl ike to get th e maximum time a meter can give fo r l ess thana penny? You can do th is by taking a penny and making i tinto a REDNECKpenny. Look a t a penny and a dime together.Notice how they ar e almost th e same s ize . To make a redneckpenny, hold th e penny between your thumb and forefingerand s cr ap e t he edge on th e curb. You can do th is in th i r tyseconds or less. Only do th is on one side, making tha tside f la t , and only unt i l i t becomes th e same size as a dimeis . File unt i l th e words above Lincoln's head ar e gone.Now take your redneck penny and hold i t with the- f la t sidedown, and s l ide i t into th e dime s lot of t he p ar ki ng meter.Make sure you s l ide th e redneck penny ' in , DO NOT le t i tturn. Sometimes using a no th er c oi n to push. i t works well.Once th e penny i s in simply turn th e crank l ike normaland watch th e t im ing a rrow slam ove r to th e maximum time.Most meters have a 2 hour time l imi t .

18 19