Hacking Tutorial Courtesy of the Jolly Roger What is hacking? ---------------- According to popular belief the term hacker and hacking was founded at mit it comes from the root of a hack writer,someone who keeps "hacking" at the typewriter until he finishes the story.a computer hacker would be hacking at the keyboard or password works. What you need: -------------- To hack you need a computer equipped with a modem (a device that lets you transmit data over phone lines) which should cost you from $100 to $1200. How do you hack? ---------------- Hacking recuires two things: 1. The phone number 2. Answer to identity elements How do you find the phone #? ---------------------------- There are three basic ways to find a computers phone number. 1. Scanning, 2. Directory 3. Inside info. What is scanning? ----------------- Scanning is the process of having a computer search for a carrier tone. For example,the computer would start at (800) 111-1111 and wait for carrier if there is none it will go on to 111-1112 etc.if there is a carrier it will record it for future use and continue looking for more. What is directory assictance? ----------------------------- This way can only be used if you know where your target computer is. For this example say it is in menlo park, CA and the company name is sri. 1. Dial 411 (or 415-555-1212) 2. Say "Menlo park" 3. Say "Sri" 4. Write down number 5. Ask if there are any more numbers 6. If so write them down. 7. Hang up on operator 8. Dial all numbers you were given 9. Listen fir carrier tone 10. If you hear carrier tone write down number, call it on your modem and your set to hack! ---------------Jolly Roger _____________________________________________________________________________ The Basics of Hacking II Courtesy of the Jolly Roger Basics to know before doing anything, essential to your continuing career as one of the elite in the country... This article, "the introduction to the world of hacking" is meant to help you by telling you how not to get caught, what not to do on a computer system, what type of equipment should I know about now, and just a little on the history, past present future, of the hacker. Welcome to the world of hacking! We, the people who live outside of the normal rules, and have been scorned and even arrested by those from the 'civilized world', are becomming scarcer every day. This is due to the greater fear of what a good hacker (skill wise, no moral judgements here)|can do nowadays, thus causing anti- hacker sentiment in the masses. Also, few hackers seem to actually know about the computer systems they hack, or what equipment they will run into on the front end, or what they could do wrong on a system to alert the 'higher' authorities who monitor the system. This article is intended to tell you about some things not to do, even before you get on the system. I will tell you about the new wave of front end security devices that are beginning to be used on computers. I will attempt to instill in you a second identity, to be brought up at time of great need, to pull you out of trouble. And, by the way, I take no, repeat, no, responcibility for what we say in this and the forthcoming articles. Enough of the bullshit, on to the fun: after logging on your favorite bbs, you see on the high access board a phone number! It says it's a great system to "fuck around with!" This may be true, but how many other people are going to call the same number? So: try to avoid calling a number given to the public. This is because there are at least every other user calling, and how many other boards will that number spread to? If you call a number far, far away, and you plan on going thru an extender or a re-seller, don't keep calling the same access number (I.E. As you would if you had a hacker running), this looks very suspicious and can make life miserable when the phone bill comes in the mail. Most cities have a variety of access numbers and services, so use as many as you can. Never trust a change in the system... The 414's, the assholes, were caught for this reason: when one of them connected to the system, there was nothing good there. The next time, there was a trek game stuck right in their way! They proceded to play said game for two, say two and a half hours, while telenet was tracing them! Nice job, don't you think? If anything looks suspicious, drop the line immediately!! As in, yesterday!! The point we're trying to get accross is: if you use a little common sence, you won't get busted. Let the little kids who aren't smart enough to recognize a trap get busted, it will take the heat off of the real hackers. Now, let's say you get on a computer system... It looks great, checks out, everything seems fine. Ok, now is when it gets more dangerous. You have to know the computer system to know what not to do. Basically, keep away from any command something, copy a new file into the account, or whatever! Always leave the account in the same status you logged in with. Change *nothing*... If it isn't an account with priv's, then don't try any commands that require them! All, yes all, systems are going to be keeping log files of what users are doing, and that will show up. It is just like dropping a trouble-card in an ESS system, after sending that nice operator a pretty tone. Spend no excessive amounts of time on the account in one stretch. Keep your calling to the very late night ifpossible, or during business hours (believe it or not!). It so happens that there are more users on during business hours, and it is very difficult to read a log file with 60 users doing many commnds every minute. Try to avoid systems where everyone knows each other, don't try to bluff. And above all: never act like you own the system, or are the best there is. They always grab the people who's heads swell... There is some very interesting front end equipment around nowadays, but first let's define terms... By front end, we mean any device that you must pass thru to get at the real computer. There are devices that are made to defeat hacker programs, and just plain old multiplexers. To defeat hacker programs, there are now devices that pick up the phone and just sit there... This means that your device gets no carrier, thus you think there isn't a computer on the other end. The only way around it is to detect when it was picked up. If it pickes up after the same number ring, then you know it is a hacker-defeater. These devices take a multi-digit code to let you into the system. Some are, in fact, quite sophisticated to the point where it will also limit the user name's down, so only one name or set of names can be valid logins after they input the code... Other devices input a number code, and then they dial back a pre-programmed number for that code. These systems are best to leave alone, because they know someone is playing with their phone. You may think "but i'll just reprogram the dial-back." Think again, how stupid that is... Then they have your number, or a test loop if you were just a little smarter. If it's your number, they have your balls (if male...), If its a loop, then you are screwed again, since those loops are *monitored*. As for multiplexers... What a plexer is supposed to do is this: The system can accept multiple users. We have to time share, so we'll let the front-end processor do it... Well, this is what a multiplexer does. Usually they will ask for something like "enter class" or "line:". Usually it is programmed for a double digit number, or a four to five letter word. There are usually a few sets of numbers it accepts, but those numbers also set your 300/1200/2400 baud data type. These multiplexers are inconvenient at best, so not to worry. A little about the history of hacking: hacking, by my definition, means a great knowledge of some special area. Doctors and lawyers are hackers of a sort, by this definition. But most often, it is being used in the computer context, and thus we have a definition of "anyone who has a great amount of computer or telecommunications knowledge." You are not a hacker because you have a list of codes... Hacking, by my definition, has then been around only about 15 years. It started, where else but, mit and colleges where they had computer science or electrical engineering departments. Hackers have created some of the best computer languages, the most awesome operating systems, and even gone on to make millions. Hacking used to have a good name, when we could honestly say "we know what we are doing". Now it means (in the public eye): the 414's, ron austin, the nasa hackers, the arpanet hackers... All the people who have been caught, have done damage, and are now going to have to face fines and sentences. Thus we come past the moralistic crap, and to our purpose: educate the hacker community, return to the days when people actually knew something... --------------Jolly Roger _______________________________________________________________________________ Hacking TRW by the Jolly Roger When you call TRW, the dial up will identify itself with the message "TRW". It will then wait for you to type the appropiate answer back (such as CTRL-G) Once This has been done, the system will say "CIRCUIT BUILDING IN PROGRESS" Along with a few numbers. After this, it clears the screen (CTRL L) followed by a CTRL-Q. After the system sends the CTRL-Q, It is ready for the request. You first type the 4 character identifyer for the geographical area of the account.. (For Example) TCA1 - for certain Calif. & Vicinity subscribers. TCA2 - A second CALF. TRW System. TNJ1 - Their NJ Database. TGA1 - Their Georgia Database. The user then types A and then on the next line, he must type his 3 char. Option. Most Requests use the RTS option. OPX, RTX, and a few others exist. (NOTE) TRW will accept an A, C, or S as the 'X' in the options above.) Then finally, the user types his 7 digit subscriber code. He appends his 3-4 character password after it. It seems that if you manage to get hold of a TRW Printout (Trashing at Sears, Saks, ETC. or from getting your credit printout from them) Their subscriber code will be on it leaving only a 3-4 character p/w up to you. For Example, (Call the DialUp) TRW System Types, ST) CTRL-G (You type,YT) Circuit building in progress 1234 (ST) CTRL-L CRTL-Q (TCA1 CYT) BTS 3000000AAA (YT] Note: This sytem is in Half Duplex, Even Parity, 7 Bits per word and 2 Stop Bits. CAUTION: It is a very stressed rumor that after typing in the TRW password Three (3) times.. It sets an Automatic Number Identification on your ass, so be careful. And forget who told you how to do this.. ------------------Jolly Roger _____________________________________________________________________________ More TRW Info Courtesy of the Jolly Roger Trw is a large database in which company's and banks can run credit checks on their customers. Example: John Jones orders 500$ worth of stereo equipment from the Joe Blow Electronic distributtng Co. Well it could be that he gave the company a phony credit card number, or doesn't have enough credit, etc. Well they call up Trw and then run a check on him, trw then lists his card numbers (everything from sears to visa) and tells the numbers, credit, when he lost it last (if he ever did) and then of course tells if he has had any prior problems paying his bills. I would also like to add that although Trw contains information on millions of people, not every part of the country is served, although the major area are.. So if you hate someone and live in a small state, you probably wont be able to order him 300 pink toilet seats from K-mart. Logging on ========== To log on, you dial-up your local access number (or long-distance, what ever turns you on) and wait for it to say "trw" at this promt, you type either an "A" or a "Ctrl-G" and it will say "circuit building in progress" it will wait for a minute and then clear the screen, now you will type one of the following. Tca1 Tca2 Tnj1 Tga1 This is to tell it what geographical area the customer is in, it really doesnt matter which you use, because trw will automatically switch when it finds the record.. Next, you will type in the pswd and info on the person you are trying to get credit info on: you type it in a format like this: Rts Pswd Lname Fname ...,House number First letter of street name Zip now you type ctrl s and 2 ctrl q's here is what it looks like in real life: Ae: Dialing xxx-xxx-xxxx (screen clear) Trw ^G circuit building in progress (pause . . . screen clear) Tca1 Rtc 3966785-cm5 Johnson David ...,4567 R 56785 ^s ^q ^q and then it will wait for a few seconds and print out the file on him (if it can locate one for the guy) note: you may have to push return when you first connect to get the systems attention. Getting Your Passwords ====================== To obtain pswds, you go down to your favorite bank or sears store and dig through the trash (hence the name trashing) looking for printouts, if they are a big enough place, and live in a trw area, then they will probably have some. The printouts will have the 7 digit subscriber code, leaving the 3-4 digit pswd up to you. Much like trashing down at good old ma bell. ____________________________________________________________________________ Hacking Vax's & Unix by the Jolly Roger Unix is a trademark of At&t (and you know what that means) _______________________________________ In this article, we discuss the unix system that runs on the various vax systems. If you are on another unix-type system, some commands may differ, but since it is licenced to bell, they can't make many changes. _______________________________________ Hacking onto a unix system is very difficult, and in this case, we advise having an inside source, if possible. The reason it is difficult to hack a vax is this: Many vax, after you get a carrier from them, respond=> Login: They give you no chance to see what the login name format is. Most commonly used are single words, under 8 digits, usually the person's name. There is a way around this: Most vax have an acct. called 'suggest' for people to use to make a suggestion to the system root terminal. This is usually watched by the system operator, but at late he is probably at home sleeping or screwing someone's brains out. So we can write a program to send at the vax this type of a message: A screen freeze (Cntrl-s), screen clear (system dependant), about 255 garbage characters, and then a command to create a login acct., after which you clear the screen again, then unfreeze the terminal. What this does: When the terminal is frozen, it keeps a buffer of what is sent. well, the buffer is about 127 characters long. so you overflow it with trash, and then you send a command line to create an acct. (System dependant). after this you clear the buffer and screen again, then unfreeze the terminal. This is a bad way to do it, and it is much nicer if you just send a command to the terminal to shut the system down, or whatever you are after... There is always, *Always* an acct. called root, the most powerful acct. to be on, since it has all of the system files on it. If you hack your way onto this one, then everything is easy from here on... On the unix system, the abort key is the Cntrl-d key. watch how many times you hit this, since it is also a way to log off the system! A little about unix architechture: The root directory, called root, is where the system resides. After this come a few 'sub' root directories, usually to group things (stats here, priv stuff here, the user log here...). Under this comes the superuser (the operator of the system), and then finally the normal users. In the unix 'Shell' everything is treated the same. By this we mean: You can access a program the same way you access a user directory, and so on. The way the unix system was written, everything, users included, are just programs belonging to the root directory. Those of you who hacked onto the root, smile, since you can screw everything... the main level (exec level) prompt on the unix system is the $, and if you are on the root, you have a # (superuser prompt). Ok, a few basics for the system... To see where you are, and what paths are active in regards to your user account, then type => pwd This shows your acct. seperated by a slash with another pathname (acct.), possibly many times. To connect through to another path, or many paths, you would type: You=> path1/path2/path3 and then you are connected all the way from path1 to path3. You can run the programs on all the paths you are connected to. If it does not allow you to connect to a path, then you have insufficient privs, or the path is closed and archived onto tape. You can run programs this way also: you=> path1/path2/path3/program-name Unix treats everything as a program, and thus there a few commands to learn... To see what you have access to in the end path, type=> ls for list. this show the programs you can run. You can connect to the root directory and run it's programs with=> /root By the way, most unix systems have their log file on the root, so you can set up a watch on the file, waiting for people to log in and snatch their password as it passes thru the file. To connect to a directory, use the command: => cd pathname This allows you to do what you want with that directory. You may be asked for a password, but this is a good ay of finding other user names to hack onto. The wildcard character in unix, if you want to search down a path for a game or such, is the *. => ls /* Should show you what you can access. The file types are the same as they are on a dec, so refer to that section when examining file. To see what is in a file, use the => pr filename command, for print file. We advise playing with pathnames to get the hang of the concept. There is on-line help available on most systems with a 'help' or a '?'. We advise you look thru the help files and pay attention to anything they give you on pathnames, or the commands for the system. You can, as a user, create or destroy directories on the tree beneath you. This means that root can kill everything but root, and you can kill any that are below you. These are the => mkdir pathname => rmdir pathname commands. Once again, you are not alone on the system... type=> who to see what other users are logged in to the system at the time. If you want to talk to them=> write username Will allow you to chat at the same time, without having to worry about the parser. To send mail to a user, say => mail And enter the mail sub-system. To send a message to all the users on the system, say => wall Which stands for 'write all'. By the way, on a few systems, all you have to do is hit the key to end the message, but on others you must hit the cntrl-d key. To send a single message to a user, say => write username this is very handy again! If you send the sequence of characters discussed at the very beginning of this article, you can have the super-user terminal do tricks for you again. Privs: If you want superuser privs, you can either log in as root, or edit your acct. so it can say => su this now gives you the # prompt, and allows you to completely by-pass the protection. The wonderful security conscious developers at bell made it very difficult to do much without privs, but once you have them, there is absolutely nothing stopping you from doing anything you want to. To bring down a unix system: => chdir /bin => rm * this wipes out the pathname bin, where all the system maintenance files are. Or try: => r -r This recursively removes everything from the system except the remove command itself. Or try: => kill -1,1 => sync This wipes out the system devices from operation. When you are finally sick and tired from hacking on the vax systems, just hit your cntrl-d and repeat key, and you will eventually be logged out. _______________________________________ The reason this file seems to be very sketchy is the fact that bell has 7 licenced versions of unix out in the public domain, and these commands are those common to all of them. I recommend you hack onto the root or bin directory, since they have the highest levels of privs, and there is really not much you can do (except develop software) without them. _______________________________________