////// /////// //////// // // // // // /////// // //// // // // // // ////// // // ///////// International Rogues Guild and Shadow/Net Presents... IRG Newsletter v6.00 Released: 2/20/91 Written by: Haywire Edited by: Haywire Hi everyone, Heres IRG number 6 for ya, more people are getting interested and I am happy about it. Theres alot of good stuff this time(like always, hehe) so read up. 5.01 Table Of Contents ---------------------- 5.01...................................Table Of Contents 5.02...................................Disclaimer 5.03...................................More About IRG 5.04...................................CyberPunk Follies 5.04b..................................State Of The Union Reply by Psycho 5.05...................................Letters From Prison 5.06...................................Planned Parent Hood For Cats by Damaged 5.07...................................Disposible Lighter Bombs by Psycho 5.08...................................Vending Machine Revenge by Psycho 5.09...................................The Art of Scanning by Control-S 5.10...................................Hacking CompuServe by Control-S 5.11...................................Dos Trips by Wasteland Warrior 5.12...................................Running The ShadowNet 5.13...................................VMB's From Hell 5.14...................................Hellos and Goodbyes 5.02 Disclaimer --------------- All items in this newsletter are meant for informational purposes. It is written to encourage illegal activities, I hope the reader is inspired to break the law after reading all IRG Information. Of course the authors of this newsletter cannot be held for anything that the reader does. WARNING: Remember ALL explosives are dangerous, DO NOT, I repeat, DO NOT mess around with any of the recipes for explosives, EVER! These recipes are real, they can kill you, and anyone else. Make sure you know what you're doing. Otherwise its your fault. 5.03 More About IRG ------------------- We have one new ShadowNet member this issue and a new journalist. Hopefully you people are getting the idea and starting to write things for ANY group, just sharing the wealth of info out there. Until next time... IRG Members Rank ----------- ------ Haywire IRG and ShadowNet Leader Wasteland Warrior Part Time Programer,Game Winner,IRG Member Psycho (615)ShadowNet Member Dr. Digital (619)ShadowNet Member Damaged IRG's "Sick" Member Journalist ---------- Haywire The Spectral Demon Control-S Kryptic Night Psycho Damaged Wasteland Warrior Thats about it, if you feel like becoming a member of either IRG or ShadowNet. Please call one of the IRG nodes. If you would like to become and IRG node again contact one of the IRG nodes. 5.04 CyberPunk Follys --------------------- I have only gotten one reply to my "State Of The Union" speech, it seems that either people don't care what I say or they areto lazy to call up my board and give me a response. It seems that the Hacking community has turned to shit more then I had thought. But maybe people will get the idea one day and move on to a higher level. 5.04b State Of The Union Reply by Psycho ---------------------------------------- In response to Haywire's "State of Hacking Today" editorial in IRG #05, I would like to make the following comments: I agree with Haywire 100%- This shit over "Hacker Wars" has gotten WAY out of hand... What in the hell is wrong with people?!? Isn't hacking supposed to be a means by which we SHARE information and spread the wealth of knowledge? We hackers have before us an incredible realm of POWER- This has been exhibited time and time again; Everytime you hear of some kid who hacked into NASA or someplace and got caught, there are probably dozens more getting away with something just as spectacular. In short, we have the ability to manipulate and control the flow of ALL manner of electronic information. The authorities are starting to realize the actual scale to which systems can be hacked into, but it is far too late to do anything about it. For every hacker that gets busted, five more take his place- and it's a never-ending cycle. United and working together as one, hackers have the propensity to virtualy control (or shut-down) many facets of our society on a GLOBAL scale: banking, sattellite communications, military, law enforcement, etc., etc.... But instead of working together, the hacker community is splintered into many factions, all more or less working against each other. Instead of liberating information for all, we are instead battling it out in our own little area codes, searching for short-lived fame. I'm not saying that we should shut down all systems and holds the world's data for ransom; That would be futile. Instead, we need to help educate those with an interest in hacking but lack experience. Not that we should toss info out to anyone- There are still (and always will be) certain type of people that "just don't get it"... A little information and a lot of stupidity can be a dangerous thing with this type of "wanna-be". By a careful process of weeding out these types, the data will begin to flow into the hands of those that can best put it to use. So, in 1991, let's try to unify and SHARE our expertise- And I think you'll find that the hacking/phreaking community will benefit from this like never before. Hats off to Haywire and everyone else involved with the IRG for publishing this fine newsletter and making an effort for change. -Psycho 5.05 Letters From Prison ------------------------ I have been getting alot of stuff, this issue and I am very happy about it. The more the better, it always seems like I never have enough stuff. This issue is pretty long getting into alot of good stuff. This is a great issue check it out... 5.06 Planned ParentHood For Phelines by Damaged ----------------------------------------------- Phile #1 of a series Unknown - Planned ParentHood for - - Phelines - - WRiTTEN BY: Damaged 2.14.91 iNTRO Ok dudes this is my phirst seriers of Anrkey philes on Kat's. Don't you just hate those little pussy's, i sure in the hell do. Anyways, the phile is all How to do it yourself Home Kat abortions. Why the reason for kats, well i hate the goddamn shitheads for specific reasons. That i won't get into. Well enjoy the phile and have phun. SHiT YA'LL NEED Propane torch Koat Hanger Gloves Rope Nails Hammer Drugs & a Kat of kourse GET'N STARTED Ok, now get the above required stuff. Now toke a little, phry or whatever get's ya going. Phirst off take the koat hanger and bend it into a phairly straight wire. Take the koat hanger and make a noose on one end. You need to make sure that the noose is small enuf to phit into da Kat's Kunt. PHUN PART Ok now go out and phind yer victim. Well you have phound a kat, put on the gloves so you don't get scratch to hell and back. Now this is where the optional shit komes in. You kan either Nail the phucker to the ground by hammer'n nails thourgh it's pheet. This technique i phind to be the most effective. Or if your one of those squemish types (why the phuck are you read'n this then??) you kan use the rope. Just spread the phucker's legs to the phour korners. Tie the rope around each paw and tie to something else. Now you have the kat down supplied and bagged. Reach over and grab your nice instrument(koat hanger) and also grab the torch. Now you should be still wear'n the gloves, if not jack'n off will be a little harder phor you to do now. Anywayz, heat up the end of the noose with the oval end or however the phuck you made it. Wait until the shit is shine'n real bright orange or yellow. Some koat hangers will even turn white, now make sure you don't melt the damn noose. duh Insert the heated end of the noose into the kat's kunt, now jam the phucker all around, make sure you get every last one of those bastard kittens outta there. After you have phinished, unnail or untie the kat. Now i doubt it will walk away, but if you know who owns that kat, be a phriendly neighbor and drop it off at their house phor them. Now you really don't know which Kat is or not pregneat so hell try evey one of those pussy's. Now this also works for dogs, and even try this on yer girlphriend if you even knock her up. OTHER SiCK SHiT Now some other phun shit to do while do'n this. Bring along a tape recorder or a kamcorder and record the shit. Go home listen or watch it over and over again. Loads of phun dude. Now for you sick perverts, take a knife and just make the kat's kunt big enuf to slide yer dick in, hell a phree phuck. You kould also bang the phucker up the ass to if ya wanted. The best part about this is that it's like bust'n a virgin everytime and you don't have to wear a kondom either! Oh yea while ya do this phry really hard too. Yo'S & PHUCK oFF'S Yo's to LoL-PHUCK, THG for thier latest kracks, Sam Brown for all his nice back doors to Emulex, METALLiCA, Lutzifer, and all who think that they deserve some yo's (yea right) Phuck off's to PE Give it up, THG got yer ass Kicked, Acid Alliance, QSD lamers, Alto's you need to UPGRADE big phuck'n time, leeches, and all those K-Rad K0de KiDZ who do noth'n but phuck'n leech as hell and get Kaught too. KALL THESE KiCK'N SiSTEMS Insanity Lane..........619.591.4974 -=> IRG HQ <=- Zanaphopia.............404.642.8703 -=> AoA HQ <=- The Corrupt Society....619.630.8450 -=> NHA HQ <=- Demon's Crypt..........516.791.1427 -=> SoC HQ <=- Phreak Accident........404.977.4272 Latur dudes Damaged [--------------------------------- EOF ----------------------------------] 5.07 Disposable Lighter Bombs ----------------------------- ************** * * * Disposable * * Lighter * * Bombs * * * ************** by PSYCHO Written EXCLUSIVELY for The IRG For those of you who are budding anarchists or Mad Bombers, but don't feel comfortable cooking up nitroglycerine in your mom's kitchen or making pipe bombs in the garage, here's a fairly decent alternative that is safe, easily transported, cheap, and effective if used properly. All you need is a good supply of those shitty disposable lighters, like a Bic for instance. These can be bought cheaply (or stolen, if you're so inclined) at every damn convenience store between here and East Camelfuck, Iraq. Prices range from about 39 cents for averaged-sized lighters, up to about $1.79 for the extra-large ones, such as the Cli-Cla (my personal favorite- it is a HUGE disposable, holding about 65% more butane than the large Bic! They're available at fine truck stops everywhere...). Here is a chart to help you decide which lighter is best for your explosive needs: Lighter | Size of Explosion * ---------------------------|---------------------------------- Mini Bic | Small; 4 to 6 inch fireball | Scripto | Medium; 6 to 12 inch fireball | Regular Bic | Large; 12 to 18 inch fireball | Cli-Cla | HUGE; 24 to 30 inch fireball -------------------------------------------------------------- *(NOTE: These sizes are only an APPROXIMATION based on past observances- fireball size and intensity may be affected by such factors as atmospheric pressure, wind speed, humidity, manufacturing defects, etc. Your results will vary.) As you can see by the above chart, some of these lighters can be quite powerful. To give you a better frame of reference, consider the Mini Bic to be as powerful as an average firecracker, the regular Bic as powerful as an M-80 firecracker ( a REAL M-80... You can only get them illegally in this country- they are equal to 1/4 stick of dynamite), and the Cli-Cla as powerful as 1/3 to 1/2 stick of dynamite, under perfect conditions. PREPARATION AND METHODS OF DETONATION To prepare a lighter for use as an explosive device, the only real modification that must be made is the removal of the flame guard. The flame guard is the semi-elliptical piece of metal that is found on top of the lighter which encases the gas jet and flame adjustment mechanism (if present). This is easily removed by using a screwdriver (or even a finger) to pry away one edge of the flame guard, and thus popping the whole thing loose. With the above out of the way, you are ready for the placing of the device. Keep in mind that since the laws of physics declare that a force will always follow the path of least resistance, some forethought should go into the placement of the device for best results. If you just want a purely-for-the- hell-of-it explosion, the lighter can be placed on open ground, but for a specific purpose, such as the destruction of an object, opening of a door, etc., the lighter will need to be wedged as tightly as possible against the target. The only "timing device" you will have, such as it is, is the actual flow of gas from the lighter. Some lighters have no flame adjustment mechanism, and thus you have very little control over when the explosion will take place. On lighters where the control is present, you will be able to approximate the point at which detonation will occur. This is accomplished by turning the adjustment wheel toward the <+> or <->, with the <+> side naturally exploding faster. In some lighters, the maximum <+> setting can be over-ridden to allow the butane to escape very quickly, but keep in mind that the faster the gas escapes, the lower the power of the resulting explosion. You may find some experimentation necessary with different types of lighters you plan to use before you can become familiar with the approximate detonation times. Once you have decided on a target and length of time needed to escape and/or take cover, you are now ready to ignite the lighter. The most important element to keep in mind it that the gas release lever MUST remain depressed for the duration of time until the explosion occurs. There are many methods for assuring this, as pointed out below: A. Wedge the lever in the open position by placing an object between it and the striking wheel. B. Glue the lever down with a glob of Crazy Glue. C. Tape the lever down with aluminum strapping tape (regular tape will not work due to rapid melting). D. Wire the lever down with a few inches of light-gauge copper wire. These methods are not the only absolute choices you have, but I have always had good luck with them. Once the lever has been secured, you need to act as quickly as possible, to ensure as little butane as possible is wasted. Using another lighter, ignite the stream of gas escaping from the one you want to explode. Another factor you might want to consider for timing is the physical direction of the tank of the lighter in relation to the flame- If the flame is above the tank (as in normal operation), it will take much longer for the heat to melt the plastic and cause the detonation than it would if the tank was placed at a 45-or-so degree angle with the flame being BELOW the tank. Here is a chart of approximate times based on positioning of lighter and gas flow: Gas | Lighter Upright | Lighter Inclined Flow | (flame above tank) | (flame below tank) ================================================== MIN. | 5-10 minutes | 3-5 minutes --------|---------------------|------------------- MED. | 3-5 minutes | 1-3 minutes --------|---------------------|------------------- MAX. | 1-3 minutes | 60 seconds or LESS Again, these figures are APPROXIMATE- Times will vary according to many factors including, material used in manufacture, quality of butane, etc. Using the above chart as a guide, plus some experimentation on your own, you should be able to discern timing factors relating to your individual needs in certain situations. Of course, lighting the butane and allowing it to melt the plastic tank casing is not the only method for detonating disposable lighters- other possibilities include: * Affixing a large firecracker or other small explosive device to the tank * Placing the lighter in an open flame (campfire, fireplace, etc.) * Placing the lighter on, in, or near a heat source (engine block, tail pipe, oven, space heater, etc) As you can see, however and wherever you choose to use a lighter as an explosive, it is a cheap and (usually) ample solution. Always use great care and common sense when handling ANY explosive device, and have your escape route or cover picked out well in advance. Also be aware that, due to the materials used in it's construction, an exploding lighter will hurl bits of metal and molten/flaming plastic, sometimes for several yards in all directions. HAPPY BOMBING! Thanks to: Haywire & The MIGHTY IRG! Special Thanks to: The Phantom Fireman for his pyromania expertise. 5.08 Vending Machine Revenge ---------------------------- VENDING MACHINE REVENGE by Psycho Written for the IRG How many of you have ever been ripped off by a vending machine? I would guess that EVERYBODY, at one time or another (and probably MANY times), has met up with a "change eater". This can be frustrating as hell, especially if you're hungry or thirsty and the machine took all the change you had. Worst of all, many times the owner of the machine takes his sweet time getting it fixed- After all, any money you lose is pure profit for him. The following is a collection of various techniques that have been used with great success to extract revenge on these money-grubbing bastards, and can put a few bucks in your pocket as well. I guess some unscrupulous person COULD use this information just to rip off other hapless consumers, but that is their discretion (ha ha!). 1.0 SLUGGING This is one of the most common forms of Vending Machine Revenge (from herein referred to as VMR), and also one of the safest. Basically this involves putting something into the machine that is not a coin, but the machine will think it is. Experimentation of a high degree will be in order here, as all machines have different levels of sensitivity. Some of the more common items used include: metal washers, arcade tokens, foreign coins, plastic discs, etc. I think you get the idea. I have even heard of people using a bench grinder to file pennies down to dime size, but that seems like an awful lot of work for 9 cents, but how you want to spend your time is up to you. Again, you'll have to experiment a lot with this one. If anyone finds some that work particularly well, leave me a message on the IRG/Insanity Lane node, and I'll draw up a chart for a future issue. 2.0 TIPPING Another quite popular method, this is accomplished by physically tipping the machine forward as far as you can get it, hence the name. This works best on those machines that have potato chips and stuff dangling from long metal rods, and also those that use spiral rods to hold the stuff. If you want to use this method of VMR to the fullest, it's best to take along a couple of stout friends. Reason being, you will get the best results by practically putting the front of the machine down to the floor, and some of these bastards can be REAL heavy. So, DON'T try this one alone (unless you look like Arnold Schwarzeneggar), and make sure you do it quietly and in an out of the way area to avoid getting caught. 3.0 ROCKING The Rocking method for VMR is similar to the above, but is seems to work best on coke machines which dispense cans. To get free cokes, you rock the machine back and forth, really banging the hell out of it. This confuses the machine's coin mechanisms, and it will usually start spitting out cokes. This VMR method will also require the assistance of friends, for obvious reasons (coke machines are the heaviest of all vending machines). This one must also be executed in a very deserted place, due to the excessive noise level created. You'll also want to remember to take along some backpacks, pillowcases, etc., to put your free cokes in. I have seen machines completely emptied using this method. 4.0 PLUGGING So far, we've only discussed methods with which you can obtain free snacks- Now, here's one that can net you some good pocket change. Unfortunately, this will only work as described on newer coke machines. Perhaps with experimentation, it can be adapted for use on other machines. Plugging is accomplished by doing just that- you use something which will get hung in the coin slot, such as a penny, slug, etc., but will still fall through when the coin return is pressed. On newer coke machines, the coin return is a long piece of horizontal metal that presses straight down. After inserting your plug, use a flat-blade screwdriver to bend the coin return bar so that it cannot be depressed. Now, take the rest of the day off and do whatever. When you return later that night, use your screwdriver to bend the return lever in the other direction. When you press it down- JACKPOT! You get all the coins that other people have "lost" that day. Rotate among different machines, and don't plug the same one more than once a week to obtain best results. By doing this to enough machines in various locations, it's possible to make around $100 PER DAY (the average take for one machine is usually around $5). Another good place to do this occasionally is coke machines in expensive hotels, since they usually inflate the price of their drinks by 50% over normal machines. Be extremely careful and don't get TOO greedy, and this method is very safe. 5.0 JAMMING-1 This type of VMR is one of the best for getting lots of free stuff. What you do is actually jam the "product chute" (where the goods come out). Any manner of things can be used to do this. For instance, open the little door on a coke machine where the cans come out. Now, take a stick, huge wad of paper, etc., and cram it as far up into the machine as you can comfortably reach. This will block the arrival of anyone's purchase, and you only have to pull out whatever you blocked it with on your return to retrieve the stuff. On cigarette machines, you can even put tape over the side slot where the smokes are dispensed to accomplish this. As in some of the above methods, experimentation will be in order here to learn about the machines in your area. This is a fairly safe method of VMR. 6.0 JAMMING-2 This is the same as the above method, but instead you jam the change return slot. It's not as profitable as screwing up the coin return, but hey- it's FREE money. You may have to use a small wire to accomplish this on machines that have a small door that opens inward on the change slot. Again, if done smartly and not too often to the same machine, this VMR method is safe. 7.0 ZAPPING Personally, I have never been able to get this one to work, but I know people that swear by it and say they use it all the time. Also known as "shorting", this type of VMR involves locating the socket where the machine is plugged in, and rapidly working the plug back and forth, causing the electronics in the machine to screw up. I'm told it only works on machines that have an LED display showing the amount you've dropped in. One person claims to have "maxed-out" the display at $9.99 and got that much OUT of the machine when he hit the coin return! Like I said, I've never been able to do this, but there are lots of people who claim it can be done. Experiment and find out for yourself, and drop me a line if you get it to work. 8.0 KILLING This isn't as drastic as it sounds- It actually means that you unplug the machine, thus "killing" the power to it. Some machines, when unplugged, will simply NOT return any coins. And, you'd be surprised at how many people will go ahead and stick money in a machine, even if it's not lit up... And most people won't look for the plug to check it, either. This is a very safe, quiet method that has been proven to work on certain machine. As before, experiment with machines in your local area. Well, that should be enough ideas to get you started- I'm sure there are many, many more. If you have a particular favorite, leave me e-mail on Insanity Lane and I'll include them in any future updates of this article. In the meantime, just remember not to get too greedy, and you can have a tidy little income from your VMR exploits. Thanks go to: Haywire & the IRG for publishing the newsletter and allowing me to write this article. Special thanks to: The Bubblegum Bandit, H.R. Puffenstuf, & Headhunter for their input in compiling this article. 5.09 The Art Of Scanning by Control-S ------------------------------------- +++++++++++++++++++++++++++++++ ++ ++ ++ The Art Of ++ ++ *->> Scanning <<-* ++ ++ ++ ++ By: Control-S ++ ++ ++ +++++++++++++++++++++++++++++++ This file is written for International Rogues Guild (IRG), and is the second in a series of files aimed towards the begining hacker. If you've been around a while, you will most likely find nothing of use here. Part 1: Scanning, the art of Part 2: Scan-Pages v1.00 Disclaimer: This phile is for informational purposes only, and I cannot be held responsible for the actions of anyone reading it. WARNING: If the words "k-kewl", "d00d", or "k-elyte" are a part of your every day vocabulary, stop reading now, you are to far gone for help. Scanning: Scanning is one of the most legal aspects of hacking, and a lot of fun too. I'm not saying that scanning IS legal, I really doubt you could get anyone to answer that question. If the SS wants to bust you, they will do it for scanning, or anything else they feel like, if theres no law against it, they will make one up! You can't win, so I would just recommend that you watch your step no matter what you do. You can scan many diferent places, like x25 networks such as TymNet and Tele(Sprint)Net or simply telephone exchanges, which is what I'll be going into here: Scanning your local exchanges, I basically view this as 'getting to know your neighborhood' - its good to get an idea of how many modems are in yer area, and just what sort of 'puters are connected to them. You'll more than likely come across a few Unixes, and some VMS', if you're lucky, you'll find a LAN or WAN, and be able to reach a bunch of different systems from one number, some of these even connect to far systems, some with outdials (which you can scan other areas through), or gateways (where you can hook into even more systems and/or psn's). Things You Need: *Personal Computer - (almost any type) (Amiga recommended) *Modem - (any baud) (at least 2400 recommended) *A Wardialer or Scanning program - These are available for just about every type of computer, but if you can't find one, they are easy to write yourself, in either basic or even scripting. (I would highly recommend you write your own, its a good way to get started programming and you can customize it to do exactly what you want it to.) *References - You should have on hand (or commited to memory) some text files or manuals that will help you identify the systems you find, and then give you and idea of how to get in and possibly use them. (You can find detailed 'how to' files on just about any operating system you might find in many Phrack newsletters, if you don't have them all, get them!) - (See appendix A of this file for simple system identification). *A little common sense - sorry, you're on your own with this one. Getting Started: Using that little bit of common sense, you should fire up your computer and modem. (If you can't get by this part, you should stop reading this file immediately, run down to your nearest computer store, and trade your PC in for a nintendo!) For best results, you will want to do some sort of sequential scan, this way you won't miss any carriers. If you are paranoid about leaving a sequential patern, (the SS looks for this sometimes, trying to catch 'c0dez kidz') then you will have to make some part of the dialing random. Making the whole scan random has a few problems; if you wan't to make sure you get all of the numbers, and don't keep going over the same ones, you have to keep track of all the numbers dialed and check it every time before dialing. This is a big waste of time, the best way to do a sequential scan without a patern, is to use a node dialer. Node dialers are common in code hacking programs, and these are easilly modified to just scan. The ideal configuration for a node dialer (the one I use) would be to use 10 nodes, each scanning 1000 numbers in the same exchange, then just randomize which node is dialed. Example: Node 1 Dials 0000->0999 Node 2 Dials 1000->1999 Node 3 Dials 2000->2999 Node 4 Dials 3000->3999 Node 5 Dials 4000->4999 Node 6 Dials 5000->5999 Node 7 Dials 6000->6999 Node 8 Dials 7000->7999 Node 9 Dials 8000->8999 Node10 Dials 9000->9999 ATDT + This method is just as fast as dialing them straight out, you don't miss any numbers, re-dial any numbers, and you aren't using any detectable dialing pattern (other than possibly 300 calls per hour). Now that you've got your dialer configured, you need to find a good time to scan. Again, if you're paranoid, you should stick to scanning between 9AM and 5PM. This is for two reasons; 1) This is the when most buisness calls are made, and in the huge volume, you will be that much harder to detect. 2) If you DO get busted (can you imagine going to court for such a thing? hah!) you will have a good case, as many people dial sequential numbers durring this time, (re: telemarketers, surveys...). This is also probably the time when you'll be at work/school/whatever, so you won't be needing your CPU. (I personally scan while I'm asleep, at night - I'm not that paranoid!) As a rule of thumb, don't watch the dialer. For some reason, no carriers are detected while you watch the scan in process. (I've heard rumors that this is the result of a minor disturbance in the local space-time-continuum caused by invisible emissions from the iris, but have seen no proof to back this theory.) Okay, now you have your dialer ready and a good time to scan. Fire it up and check on the progress every few hours. After you scan out a fair sized list of carrier signals, you should give the dialer a rest, boot your favorite term program, and investigate all your finds. Don't expect to see something like this: "Welcome SysOp!" on the systems you check, in fact, expect nothing. Many systems don't wave any banners or tell you anything, you have to try and coax a responce out of them. Things to try would be: 's, Ctrl-C, or any other Ctrl-'s, (if you send a Ctrl-S, be sure to send a Ctrl-Q after it, because many systems use this as a 'halt-output' switch, and you may discover the right keys to press, but never know it because all output is stopped. Try sending "..." or s, [Esc], and sending a hard break almost always gets some responce, if none of the above work, try any character on the keyboard, and words like "boot, start, run, load, logon, login". If you have an external modem, keep an eye on the "Recieve Data" light, if it flickers and you aren't getting anything echoed to your screen, or possibly a lot of garbage characters, switch to 7E1, or call back at a lower baud rate. (I've found a bunch of systems with modems that will connect you at 2400, but the com ports will only transfer data at 1200 or 300) If you try everything and can't get any responce at all, it could be a company which turns its computers off at night, but leaves the modem on (so call back in the day), a crashed system, or a hacker who got your scan-call at 3am and wistled an unerring 8N1 into his reciever at a steady speed of 2400 bits per second. -heh When(if) you identify the operating system, break out your references, and try all the default accounts. If you get in on a default, but you're unfamiliar with the particular OS, don't mess around, just log off and do a little research, learn how to turn off all the logging and cover your tracks, then go back and have phun to your hearts content. Remember: keep notes on all the systems you find. You never know when some ancient OS might come in handy, or what you might find that relates to any system while trashing at a later date! Apendix A: The following is a short chart to help you identify operating systems. System Prompt Default Accounts/Passwords --------- -------------------- ------------------------------------- Unix login: -or- Login: root,daemon,bin,sync,uucp/(unpassworded) VAX Username: SYSTEM/MANAGER -or- FIELD/SERVICE DEC-10 User ID: 1,2/ ? HP-?000 PLEASE LOG IN: HELLO,MANAGER, Iris ACCOUNT ID? MANAGER VM/CMS IBM VM/370 ONLINE logon (user id) NOS FAMILY: Primos "PRIMENET XX.X.XXX" login SYSTEM/SYSTEM -or- OPERATOR * This hardly all-inclusive, only the ones I know from memory, you should try and compile your own list, and add new systems to it regularly. This has been a phree Speech publication, (C) pSp and IRG 1991 As usual, I can be contacted for whatever on any of the IRG nodes, or IRG e-mailing addresses. Please mark all comments "Attn: Ctrl-S". Control-S, Freelance G-File Artist (for hire) Scan-Pages v.99b: Note: Unfortunately, I will be unable to finish my current scan in time for the next IRG release, so I stuck this partial scan in to fill the spot. Look for a complete scan in v1.00, next IRG. NPA/NUM-BER Baud System/Comments ------------ ----- -------------------------------- 619/259-0038 n/a ?/constant tone 619/270-0017 1200 ?/has echo on 619/270-0038 2400 ?/"Unauthorized User, Call Recorded and Disconnected" 619/753-0006 n/a ?/constant tone (may be loop) 619/753-0013 n/a ?/constant tone 619/753-0171 1200 ?/"D29 System C, Node XX, Line XX" 619/753-0172 1200 ?/"D29 System C, Node XX, Line XX" 619/753-0173 1200 ?/"D29 System C, Node XX, Line XX" 619/753-0174 1200 ?/"D29 System C, Node XX, Line XX" 619/753-0175 1200 ?/"D29 System C, Node XX, Line XX" 619/753-0176 1200 ?/"D29 System C, Node XX, Line XX" 619/753-0243 2400 ?/(sending a hard break makes hangup) 619/753-0287 1200 TRW Dialup 619/753-0288 1200 TRW Dialup 619/753-0548 1200 ?/"D29 System C, Node XX, Line XX" 619/753-0716 1200 ?/"ALPHA BASE, PLEASE LOG IN:" 619/753-0738 1200 ?/(just hangs up, maybe callback security?) 619/753-0911 1200 ?/(response to break ^Z) 619/753-0916 1200 ?/(response to break ^Z) 619/753-0933 1200 ?/(response to break ^Z) 619/753-0962 1200 ?/(response to break ^Z) 619/753-0981 2400 HP-?0000/PLEASE LOG IN: (try 'help') 619/753-1550 2400 PC-Plus Host Mode/ American Bamboo Society 619/753-2614 1200 ?/(absolutely no activity - a modem with no 'puter?) 619/753-2728 2400 "Host Name:" (^C will get "User ID:") (CIS, node ENC) 619/753-1654 2400 ?/Esc will get "ACCOUNT-ID: / PASSWORD:" 619/753-1079 1200 ?/"D29, System C, Node XX, Line XX" This is hardly a complete list, its more or less the result of boredom, and fairly random scanning through an outdial, it does cover about 1/3 of the 619-753 exchanange, but I never finished because of lack of time and other projects taking precedence. I would like to try and organize a concerted effort to map out any/all NPA's, and eventually publish a masterlist of all detectable carrier signals. Its easy to do, and you can usually let yer computer scan while yer gone to school/work, so if you'd be interested in helping out, leave me a note on one of the IRG boards and tell me the NPA and exchanges you'd be able to scan, via local call or some sort of outdial, so we can make sure that different people aren't wasting time scanning the same exchanges! Anyone who helps to build the list will get full credit in IRG News, and be privy to all versions of the pre-released masterlist, including any system logins found on any of the carriers. Until next time... ^S 5.10 Hacking CompuServe ------------------------ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %% %% %% %% A Hacker's Guide to CompuServe %% %% %% %% %% %% By: Control-S %% %% %% %% %% %% %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Re-Edited by Ctrl-S and released to IRG. You may reproduce this file for newsletters or g-files, as long as the credits remain intact. Disclaimer: This phile is meant for informational purposes only. The author takes no responsibility for any uses or missuses of the information disclosed. CompuServe Information Service is one of the largest commercial systems available today, with over 600,000 members, hundreds of Forums(SIGs), access to a managre of data bases globally, and boasts local access in almosy every city in the USA, and quite a few world wide. CS is located in Doublin Ohio, and employs approximately 40+ microcomputers, most of which are DEC KL-10 or chained SC-30 CPU's, running highly customized software, written mostly in BLISS, FORTRAN, MACRO-10 and (more recently) in 'C'. Dialling CS: To find a CS port in your area, you can call Customer Service at (800)/848.8990, tell them you're travelling and need a dialup for the XXX (your area code) area. You may also reach CS through just about any of the Packet Switching Networks. (Telenet, TymNet, DataPac, LATA). For Telenet, the NUA is: 202202, -or- 614227. From a TymNet port, type 'CPS' after the terminal identifier. Note on dialling CS directly: After connecting, hit Ctrl-C, or [RETURN] and then 'CPS' at the 'Host Name:' prompt. Generating Accounts: There are several ways to generate CS accounts, I'll briefly go into each. The only 'default' accounts I've come accross so far are these: User ID: PHONES Password: PHONES ;This one will only let you look up CS access numbers, or report problems. ;which could be useful, if you wanted to vary the numbers you call in to, ;for security reasons. (most places have more than one dialup, in addition ;to whatever PackNets available. User ID: 77770,100 Password: FREE-DEMO ;This isn't to useful, as it only lets you 'ride' along a guided tour ;of the system -- though I'd recommend it for getting used to the ;command structure and just having a looksee. First thing you need is a sign-up User ID, Password and Agreement number. Here is how to get one: Intro-Pac: --------- These are usually included with your modem when you buy it, so you might have one already! - if not, you can purchase one in most computer stores, and some book stores. (or just rip it open in the store and memorize the ID, password and agreement number). The intro-pac is superior to the other methods of obtaining sign-up ID's, because it isn't as limmited. With an account generated by an intro-pac, you can access just about anything a regular CS subscriber can. Intro-Pac note: Try reusing the intro-pacs, it usually won't work, but several times I've gotten two ID's from one pac. Ziff Account: ------------ These are try-out accounts available to subscribers of PC Magazine and ZMac. They are usually VERY limmited, without a second password, you cannot get to CS, you'll be stuck in PC-Magnet. The current PC-Magnet sign-up ID is: User ID: 177000,5000 Password: PC*MAGNET Agreement Number: Z10D9000 Ziff Note: The User ID and Password are permenant, but they periodically change the Agreement number. I've noticed that it usually goes up, in multiples of 10, so if you get a message saying that the agreement number is outdated, try something like: Z10D9110 or similar - or better yet, find someone who subscibes to PC Magazine and just ask them. More Ziff Notes: There is currently a hole in the account limmitations on Ziff accounts; if you choose a European address (see "Billing Info") you will be able to access the CS system, and have the same privs/abilities as a Intro-Pac generated account. I don't expect this hole to remain forever, so have fun while it lasts. - Also, choosing a European billing address might make it difficult to get your seccond password, so this account would only last until that took affect (usually 10 days). Social Engenering: ----------------- You can call up CS at (800)/848.8990 and tell them: * You just saw a commercial or read and ad with the number and are curious about CompuServe - they will ask some questions and will either give you a sign-up id, or try and 'send you more info' - try and get the id and tell them you want to look around first. * Tell them you want to sign up for 'The Source'. CS bought the Source and is trying to convert all former or possible members. (this will work much like the above method). * Tell them you saw it on 'NetWork Earth' and want to try the demo. (NetWork Earth the TV program has a forum (SIG) on CS and is promoting a try-out demo). Social Engenering Note: Do NOT try telling them you lost you password, they never give them out, they just send them in the mail. Also, if you fear ANI on the 800 number, the Columbus number is: (614)/457-8650 Billing Info: After you obtain a sign-up ID, and sign on, it will ask you a lot of silly questions, most of which you can just breeze through and answer in whatever way you want to, however there are two important parts you will need to get right; the billing address, and the CCard number. Billing Address: --------------- If you want a permenent account, or at least a long lasting one, you will need to use an address where you can pick up the second password. You will also need to use a valid CC number, or shortly after you do get that second password, the account will be suspended for charges not authorized anyway. If you only need the account for a little while, just make something up. The account will last about 10 days, which is when the mail-only second password should have arrived. There is a loop-hole here also; if you log on on the 10th day, a little before midnite (not more than 15 minutes before, and definitely NOT after), you can 'GO PASSWORD' to change your password, and hang there at the prompt until after midnite, then enter a new password. If you do this on the exact day, you'll increase the shelf life of the account by about another week, at that time, you will recieve a message upon logon that your charges have been refused and it will prompt you for new billing information before proceding -- just use the same stuff you did the first time, that should last you another 2 to 4 days, depending what day of the week it is. Thats about as far as you can squeeze it, because at that time they will try to call you voice and hassle you. Credit Card Info: ---------------- CompuServe will only accept true card numbers, just making one up is completely out of the question. It does accept cancelled cards however, so feel free to use any old card #'s you may have around (if you only want a temporary account, that is). -- For this reason, you cannot use CS as a way of checking to see if cards are valid or not. Once you're in: If you have the IQ of a small rock, you should have had no problem aquiring an account. Here are some of the things you can now do with your account: Important Commands: ------------------ GO - the go command is what takes you places, you use it to move to differen't areas on the system. (re: "GO IBM" will take you to the IBM subsystem) This command can be shortened to 'G', (re: "G IBM") and case is NOT sensitive anywhere on the system. FIND - very useful, you just type: "FIND subject" and it will give you a list of related sections along with their GO command keyword and page number. (re: FIND modem). HELP - doesn't need any explanation :-) (there are help screens for every area on CS, make use of them). Areas: ----- FORUMS: GO FORUMS Forums or SIGs are like mini-bbs's. They each have a number of message bases, file libraries and a real-time chat or conference area. There are forums for just about everything you can imagine, with PD software, informational text files and a lot of other goodies. I won't go into the special forum command structue, just use the HELP feature and you'll be ok. Some noteworthy forums: DECUNET - a wealth of information to be found here. IBMBBS - ms-dos telecomm stuff ROCKNET - excellent COnferences are held here PRACTICE- you can find info on all other cis commands in this forum's LIBs and many more DATABASES: There are over 1000 databases you can search via CS, ranging from stuff like Colleges and Magazines in print to your up the minute local weather forecast and an AT&T buisness yellow pages. Find data bases with the FIND command. CB Simulator: GO CB This is the online-chat system. CB is just like the COnference areas in the forums, but attracts a much larger crowd. At peak hours, you can find between 200 and 300 or more users on the chat system. Type: "/?" or "/H" for a list of available commands here. Note: all commands are preceded with a slash (/) in COnference or the CB simulator (re: "/GO IBM"). CB Notes: On Band B of the CB Simulator, you may encounter many CS employee accounts (see "Account Numbers") beware them. -- I'd recommend staying on Band A. * This is by far, one of the best chat systems I've ever seen. CompuServe Mail: GO MAIL This is CompuServe's E-Mail system, and is VERY powerful. The docs to this alone are far longer than this entire file. I would suggest that you; GO MAIL, and then type the following: "HELP ..." -- this will print out the mail documentation and all its features. (its about 30-40 pages, make sure you have a capture buffer open, or your printer on!) Some Mail Features Include: * Sending Mail to any other CompuServe member, or CompuServe Mail subscriber. (text or binary mail transfer are available, with or without a transfer protocol). * Sending a hard copy letter anywhere that has an address -- I wouldn't recommend this, for obvious reasons. * Sending to any FAX machine -- GREAT feature. * Sending to any BitNet or InterNet address -- (yea cyberspace!) See the Mail HELP facilities for information on any of the above, and more. Miscelaneous BS: -Account Numbers -Hidden Areas -Special Messages -Nodes -Tips and Tricks Account Numers: -------------- 70000,xxxx - Said to be CS security accounts, but the only ones I've seen using these are CS employed programmers and high level execs. -- This type of account carries the highest privelge level. 70003,xxxx 70004,xxxx - These are CS employee accounts. For the most part, people using these aren't dangerous, they are free of connect charges but usually (not always) without special command templates. 70005,xxxx - A standard demo account. Commonly used by Radio Shack and other computer stores, or even museums. (usually there is no one operating these accounts) 70006,xxxx - Standard WizOp account. Tthese people can kick you offline instantly, or GAG you. People using these accounts are usually product managers, or SysOps of CS owned Forums. Beware these accounts. 70007,xxxx - Complimentary account. These accounts are given to people who write books on CS or other such material. 767xx,xxxx - This account is ambiguous, and carries many different privelige flags. Privately owned forum SysOps may use these accounts, as well as Forum Co-Sysops, Message SysOps, Customer Service, and the CB-Helpers. To be on the safe side, steer clear of these. 7xxxx,xxxx - A regular CS subscriber. 1000xx,xxxx - This is the new account format given to all non-US subscribers. If you sign up with a European or Japanese mailing address, your account will look like this. (Note: using one of these accounts from a US CS port may look suspicious, recommend using a packet network with these.) Account Number Notes: Privilege and FREE flags may be attatched to ANY account numbers, including WizOp flags, so look at every account, even the most common as a possible CS security person. Hidden Areas: ------------ There are many areas on CS which will not show up with the 'FIND' command. These may include; special testing areas, areas closed for one reason or another, or private Forums (SIGs), once in a while you can stumble onto these by more or less 'scaning' GO [keyword]'s. Keep your eyes open, you just might find something interesting. Some of the places I've found are: The SysOp Forum - GO SYSOP CB Bands C and D - GO CB3 and CB4 There are many more, I'm sure, just look. -- Some areas like these aren't accessable directly, if you find one of these, try going to the page beyond them, then hit 'B' for backup, or go to the root page, and from there "GO xxx" where xxx is a number 2-999. Special Messages: ---------------- While in a Forum COnference, or on the CB simulator, you may recieve a message stating that "your language or actions have been deemed unacceptable and any continuance of such will result in account suspension." If this happens, you know you are being monitored, so it would be a good idea to hangup. While logging on, you might get a message stating that your account has been temporarilly suspended. This means they are on to you, don't try usng that account again. While logging on your password may come up invalid. This is OK, it just means you didn't get your second password,a nd they are problably NOT on to you, but if you don't have the second password, this account is history. Nodes: ----- These are a three letter abreviation of the city you're calling from. Usually not useful, but I would watch out for anyone logging on from Doublin Ohio, as these people may very well be logging on via console. For a list of nodes; "FIND nodes" -or- there is a compiled list downloadable from both the PRACTICE and CBFORUM libraries. Tips and Tricks: --------------- Use common sense. Don't look for someone using a CS employee account and send them a "FUCK YOU!" message, don't use a name like "The Ultimate Hacker!", maintain a low profile and enjoy. Notes on calling: vary youre calls, you can usually find at least 3 or 4 different numbers in any city wich you can connect through. If you are really paranoid, do something like this... DIVERTER->TymNet->Outdial->Telenet->Outdial->CS Port --- hehe this will slow down transmitions, but I think you get the idea. Note: I gathered all the information in this file on my own, through trial and error, and talking to friendly CS SysOps, but I thought I'd mention these previously released CIS files, since it was after reading them, and finding them either useless, incorrect and/or out of date that I got the idea to put together this file. Files as follows: "Hacking Compuserve Information Service" - By Shadow Lord Esq. "Compuserve Info" (Phrack #8) - By Morgoth and Lotus Brought to you by... /\ __ (__ __) Greetings to: ArchAngel (202) -- trusted friend and mentor Power -- Hiya :) Sterling -- I got that file, thanks! So76 -- all the words in this file does NOT divide by 7! (grin) -EOF- 5.11 DOS Tips by asteland arrior ---------------------------------------- A lot of times games require you to put them on separate floppies in order to install them. Since floppies are slow and not always available, I decided to write an article that quickly covers some tricks that others might not use to bypass the disk checks. Most programs just look for A:FILENAME.EXE so no matter what subdirectory it may reside in, the program is checking whatever directory A: is currently set to (via CD\). For these use ASSIGN. The format is: ASSIGN x=y where x is the floppy drive and y is the hard drive Example: ASSIGN A=C. Now you can type A: and simply go to the directory the game is in and install it. ASSIGN makes drive x an exact copy of drive y, including directories. To reset all drives, simply type ASSIGN with no parameters. Some programs look for A:\FILENAME.EXE so the files must be in the root directory. You could use ASSIGN but then your root dir gets all messy. In this case use SUBST. The format is: SUBST d: d:path where d: is the drive you will refer to and d:path is the directory that SUBST will refer to. To remove an assignment: SUBST d: /D where d: is the drive to remove Example: SUBST A: C:\SAVAGE Sometimes they get real tricky and check for SUBST or ASSIGN... in order to fool these, you'll need DesqView or some other multitasking program (DesqView being the best). Setup as large a DOS partition as possible with whatever options you think the program will use. Be sure to allow it to be swapped to disk. Right before the program will check for the files, switch to another DOS shell and load ASSIGN or SUBST, then switch back to the install... this may hang some machines but it usually works fine for me. SUBST and ASSIGN are both built into Digital Research DOS 5.0 and the commands should be very similar on IBM DOS if not exactly the same. 5.12 Running The ShadowNet -------------------------- ShadowNet is working, but having problems becuase I only have two members and it is hard to help people who are a few hundred area codez away. I have one new member, Pyscho, who will be a big help and I hope the rest of you people out there will come over and join us... 5.13 VMB's From Hell -------------------- I have found no support for this section of the newsletter so it will no longer be in service...Sorry. 5.14 Hellos And Goodbyes ------------------------ Hello everyone and goodbye everyone...I hope oyu have enjoyed and learned from this IRG news, the next will be even better. Maybe one day all hackers will be one and kick some fedral fuckin' ass! How old are you little kid? Remember: Only the forgotten die.. Also Remember: Big Brother is watching FREEDOM OF SPEECH ------------------------------------------------------------------------------- This Is An Offical IRG/ShadowNet Production All Rights Resevered Copy Write (C) Feb. 2 1991 ------------------------------------------------------------------------------- Call The IRG HeadQuarters: Insanity Lane Home Of IRG 619-591-4974 Running Aftershock 1.21 Call here for the latest in IRG Productions, and invaluable P/H/C/A information found anyware! The CorrupT SocieTy IRG Node 02 619-630-8450 Running AfterShock 1.21 Also Call This Fine IRG/ShadowNet VMB 1-800-999-1380 Box Number: 215 Remember, BIG BROTHER IS WATCHING [6] Tfiles: (1-7,?,Q) :