$$$$ $$ $$$$ $ $ $$ $$ $ $ $ $$ $$ $$ $$ $$$$ $ $$ $$$ $$ $$$ $$$ $$$ $$ $ $$ $$ $$ $ $$ $ $$$$ $ $ $$ $$ $ $ $$ $$ $ $$ $ $$ $$ $ $ $$ $$ $$ $ $$ $$$ $ $$ $ $ $$ $$ $$ $$$$ $$$$$$ $ $$ $$$$ $$ $$ $ $$ $ $$ $$$ $$ $ $$ $ $$$ $$ $$ $ $$ $$ $$ $$ $ $$ $ $$$ $$ $$ $ $$ $$ $$ $$ $ $ $$$ $ $$$ $$ $ $ $$ $$$ $ $ $$ $ $$$$ $ .oO[Issue #7]Oo. .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oO Contents ~~~~~~~~ [1] Acidflux's Story Time Hour [2] Taking Over Fred Meyers by PLA [3] I Call From Sweden You Have Kodez For Me? File List ~~~~~~~~~ lsrv .sh Listserv Unix Script by Acidflux/Bluesman anirvan .gif Anirvan Chatterjee, Violated Sysadmin satan .dic Satanic Password Dictionary E-Mail Address - delirium@cyberspace.org ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -+Dist Sites+- BBS Terminal Drift (510)743-0603 BBS PLA BBS (512)883-7543 BBS Independent Nation (315)656-4179 FTP EnCee's Text Archive ftp.biohazard.com .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oO Once upon a time (around March I think) a local sysop challenged me to crack his friend's password on the local high school (Monte Vista, monte.mvhs.srvusd.k12.ca.us, running Ultrix v4.1). So I get in, get root (sysop access), and look at the password file. Unix passwords are scrambled with a one-way encryption method. Say your password is "fuckchop". It's stored in the password file as "hdVcOLOsIcvLE". When you login to a unix system instead of decrypting the password it encrypts what you type in and matches it with the stored encrypted password. So to crack passwords you need a program such as CrackerJack that will go through a long list of words (a password dictionary). I couldn't crack the guy's password so I deleted his account and told the local sysop there never was one (situation averted). So I make a few accounts, Bluesman gets on the system and we start looking through people's mail (this is where that "Chia Pet" letter from Delirium Issue #4 came from) when suddenly a root account (chatter) starts paging me. Here's a log of the ntalk conversation with "Anirvan Chatterjee" (formatted for the sake of reading): [Connection established] Me: May I help you? An: chan? Elizabeth? Me: Yes? Me: Have we met? An: This is Anirvan, I believe... Me: Anirvan! How are you? An: Oh fine...do you see me listed as "root"? Me: Yes, why? An: oh...I was doing some routine syadmin stuff, when I saw you logged in... Me: 10:00pm on a friday night eh? An: what else is there to do on a friday night?! Me: Yeah, I guess you're right. An: well, i have friends online i talk to, and then tere's other fun stuff to do... Me: Yeah, I'm new to this, you know how that is. An: of course... An: where are you coming in from? An: an online service? a commercial carrier? An: ccnet's probab;ly t Me: Yeah, I have an account on there, why? An: where? I mean, what's your email address? An: there... Me: Scall@ccnet.com An: coolness... An: Geez....hate how those lines keep overlapping (type control-L t Me: Yeah... say, doesn't it bother you in the slightest I have root? An: say what? An: you have root? An: please explain.. Me: Well, I'm going to format your winchesters. Me: Just business, nothing personal. An: errr...who is this? Me: Hehe, I'm just kidding! Internet humor. An: errr, yes. An: Charlie? Me: What? This is Liz. An: I'm sure. Me: y0ur c0mput3r h4s b33n b0rd3d by th 3l33t3st 0f th3 3l33t!!@#$!! An: that's so nice to know. Me: r3sist3nc3 iz futil3!! An: yay. An: I'm so impressed. Me: Wanna see a neat trick? An: not really, so Charlie, [Connection closing. Exiting] # removeuser chatter Enter login name for user to be removed: chatter This is what the entry in /etc/passwd looks like: chatter:.bplovnCwERio:337:15:Anirvan Chatterjee,CPR2,(510)837-7507, :/u/students/chatter:/bin/csh Is this the entry you wish to delete? y Working ... User chatter removed. Do you want to remove chatter's home directory, all subdirectories and files (y/n)? y You should have backed up chatter's files if you do not wish to lose them. Are you sure that you want to remove chatter's files (y/n)? y Deleting /u/students/chatter .oOo. Then I kill all his processes and change the root password. Again, situation averted. 10 minutes later he unmounts the drives. The next morning he tells the computer lab who did it ("Acidflux, Bluesman and Deadlocke [aka Silicon [)ragon]"... like I said, I made a few accounts while I was on) and that we hacked in to use thier link to the Lawerence Livermore Labs (local nuclear facility... anyone read The Cuckoo's Egg?). On top of that Bluesman logged in from a New York system so Anirvan starts talking like MOD was after his ass (This was in the California Bay Area BTW). That afternoon Anirvan gets a call from a Monte Vista freshman named Brett Nelson posing as me. He says "This is Acidflux, you will recieve a call at 9pm tonight" along w/ some veiled threats and whatnot. They recognized his voice and kicked him out of school (I think this story has a moral in it somewhere). A couple months later the system is back up and I find this article on Anirvan's Webpage (http://192.188.37.4/~anirvan): "Beyond Wargames" by Anirvan Chatterjee (`95) Net historians record the sudden increase in destructive net activities after the release of Wargames (the seminal cracker-as-hero movie, the tale of an antisocial nerdy 80s teen equipped with a modem who stumbles onto the secrets of a corrupt military establishment (see also, Sneakers)). Those were the days when cracker and darkside hackers were truly dangerous only to government and corporate America. Well, think again. While corporate network security has increased severalfold since then, the massive growth rate of the Internet won't be able to extend the same degree of protection to newcomers unable to obtain the best protection money can buy. I speak from experience, having gone through two such cases recently, both very close to home. Everybody probably knows about the cracker intrusion into Monte Vista's computer network. (You don't? The Reader's Digest Condensed Book editionI was online at Monte Vista from home on a Friday night when I saw someone else, a friend of mine, logged in too. I tried to "talk" to her online, but she didn't respond. So I was doing some routine system maintenance, when I saw a strange call to talk from someone logged in as the system operator--but I was the system operator. Oh well, I ignored it, until my friend finally agreed to talk to me. She seemed rather confused, didn't understand who I was. I tried asking her what she was planning to do this weekend. Suddenly, she burst into a rant along the lines of "I am elite! I broke into your system! Hahaha!" By this time, I'd realized that "she" was somebody who had broken in under that account, and broken into the system operator's account. We did some online jousting, (by now I had Charlie Hsu, speaking voice, advising me on the fax line) until I managed to remotely shut down the Monte Vista network, but only to find that he'd deleted my account, my email, my projects, my web page--everything. Talk about playing the martyr for my system. (Yes, yes, the proper authorities have been contacted, and they're working hard, trying to catch the evildoers.) Anyway, there's my story. Now you can laugh at it.) But after all that, who to blame? The cracker, certainly, but also the cluelessness of the newbie system administrators (including yours truly) who just didn't know enough to implement current and effective security measures. That, and insecure usage habits on the part of so many equally clueless users ignoring even the most simple warnings about password security (a computer network is only as strong as its weakest password). As long as the Internet keeps expanding at such furious rates and the age, maturity, education, training, and all-around cluefulness of the average user keeps declining, this will keep growing as an issue. Net.access is getting easier and easier to obtain, and security measures from many established, otherwise clueful net.folks are being correspondingly toned down to fit the minimal effort/maximum personal gain philosophy of many coming online for the first time (the same type of people who will break every point of net.courtesy to get information, rather than checking documentation, FAQs (Frequently Asked (and Answered) Question lists), or contacting their local system administrator). (For example, Microsoft Bob's password protection will automatically let you change it if you guess incorrectly three times in a row--even a four-year-old could get past that kind of protection!) I found out very recently that my Internet carrier's security could be easily compromised, not online, but through what crackers call "social engineering"--by breaking in through their customer support. January 31, someone posing as the cracker who broke into Monte Vista called my house and left me a voice message instructing me to wait for a call at 9:00 p.m. if I wanted to recover my password. I tried dialing into my account, and found my password to be invalid--someone had changed it! Of course, I didn't believe that the caller was who he claimed to be for a second--he had pronounced my name correctly. Nobody ever pronounces my name correctly after having only seen the spelling, so I knew it had to be someone who knew me. And who had something against me. I listened to the message again (the idiot had done me a huge favor by leaving a long snippet of his voice digitally recorded for me to listen to again and again) when I realized who it was--an annoying Monte Vistan I'd busted and kicked off the Monte Vista network a few months ago, for some truly unsavory activities he'd gotten into, all the system rules he'd violated. I contacted my Internet carrier's support staff, and hooked up with a rather clueful administrator, who traced the breakin. I was informed that someone calling in from the local dial-in node had accessed my account (when I had been hours away from the nearest modem), and deleted all the files in it. Damn! Damn! Damn! As we retraced the cracker's steps, we found that the [please substitute a handful of your favorite explicit pejoratives here] had unsuccessfully tried to access my account at 11:00 a.m. (why wasn't he at school during 4th period? note network knowledge has little correlation with common sense, intelligence, or academic achievement), then spoke to someone on the support staff between then and 1:00 p.m., convincing them that he was me. Then the "helpful" support staff changed my password for "me," as soon as the intruder was able to pronounce my name correctly, and give them my phone number and address. Once he had BS'ed his way past their safeguards, he then asked them to change "his" password for him, as he had "forgotten" it. Devious little [choose your own again], eh? Then a little before 1:00 p.m., and again at 1:40, p.m. he logged in under my account, with the new (now changed) password. He went through all my files. Then he deleted everything: my saved mail, my notes, my projects, my backups. And as if that wasn't enough, he then proceeded to browse through through my email. By this time in the conversation with the tech admin, I was seething. Luckily for me, the guy was able to restore most of my files and mail from system backups made the Friday before. So I didn't lose too much, but that's beside the point. I felt so violated. Nobody should be able to go through my email and files, reading and deleting at will, invading my privacy; there's a world of difference between system operators doing routine checks, and intruders breaking in as part of some sick revenge fantasy. So I registered several "secure" codewords with the support staff (my mother's maiden name, etc.) that they would have to get from anyone calling for support under my name. And that was that. Yes, yes, the cracker, a (now "former"?) Monte Vista student, has been caught and arrested, for his numerous ugly computer-related crimes (physical theft of computer equipment is a rather silly idea if you want to stay on the good side of the law), and I have the oddest feeling I may have seen the last of him. But it's not the [yet another pejorative here] himself I'm so concerned about, as much as the trend he's running on. Online interaction has become so easy and widespread that it seems as if anybody with something against you could take action against you. And the more business that we conduct online, the more dangerous it is (I've purchased several items directly on the Internet over the course of the last year, using unencrypted credit card numbers--dangerous, I know.) From mailbombings and anonymous flames, canceled postings, forged mail or postings, to outright electronic intrusion, almost anything is possible. Take Kevin Mitnick, the recently captured master cracker who infiltrated sites in the hundreds, from the accounting records of Netcom (the nation's largest Internet Service Provider, and very possibly the least-liked (for its anarchic administration and dumbed-down service)) to the Well, arguably the coolest and most respected Service Provider in America, the home of the Net's "cultural elite" (synonymous with its technical elite). News reports say his breakins weren't "personal." God help anybody who pissed him off. Interestingly enough, at least three movies about the Internet are now filming. One of these is The Net, about someone who's very identity is tampered with when police, credit, and other identity records are all altered. As technically improbable as the plot is, the concept is definitely sound (recall the case of the vengeful phone phreaker who rerouted his parole officer's home phone to a (900) sex number). This stuff doesn't just happen to other people. Let the netizen beware. Tough times lie ahead. An aside: Don't let this article scare you into not getting online. Accessing the Internet is a fabulous experience, and not akin to war as my words might lead you to believe; it just requires some common sense. As long as you have your wits about you, and aren't afraid to turn to manuals or your friendly neighborhood system administrator for help, you'll be OK. Interested in getting online? Do ask me, or someone else with online experience for help. I love helping people, but I'd much rather be able to help someone before s/he actually commits her time and money to problematic, expensive commercial networks. .oOo. Then I find this followup letter: Dear Geek-meister: Enjoyed your latest issue. A couple of philosophical and technical notes you may wish to ponder: (1) Re: Anirvan's tome on Internet security, There's a consistent assumption that the crackers he describes in the article are male. How did the author know? Did "he" write about hunting giraffes? Use locker room humor (actually, I've heard enough qualifying material from females during stints at MV to dispel any such assumption)? How many readers just read along and assumed, along with the author, that the "perp" wears pants (oops), make that Jockeys (nope) boxers? (yikes), buttons left over right (okay, I think). My purpose here is not to pick on AC--indeed, I think his energy, intellectual curiosity and considerable erudition in publishing Paradox are really laudable. I just think we should all ferret out, consider and overcome creeping sexism wherever we find it. .oOo. Sorry if this has been more self-glorifying than informative but after seeing Anirvan's side of the story I had to type this up. I'm going to go have a coke and a smile so I'm ending the story here. Watch out for that creeping sexism. .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oO The Phone Losers Of America Present Taking Over Fred Meyers From The Comfort Of Your Own Home This is a little incident that happened while I was living in Portland, Oregon and a few people said I should write about it so I am so be happy. Most people who don't live in Portland have never heard of a Fred Meyers so I'll tell you what it is first. It's like a big chain of big stores in Portland. I'm not sure exactly where else in the United States they exist but I had never seen or heard about one until I moved to Oregon. Take a Wal-Mart and a very large grocery store and add a few extra things and you've got a Fred Meyers. They've got a huge grocery section, lawn & garden, a huge hardware store built in, electronics, music, software, videos, a deli, sometimes a big built-in eating area and a lot of other things that I'm probably leaving out. All in all it's not a bad store but that didn't stop what I did to them. Keep in mind that at the time all of this happened the employees of Fred Meyers were all on strike and they had a bunch of temporary people working in the stores and nobody there really knew what was going on anyways so that just added even more fun to the whole event. The Discovery: ------------- Me and my girlfriend (Colleen Card) were walking around the Fred Meyers located at Gateway Shopping Center, shopping and eventually got separated. Since I walked all over the store and couldn't find her (not surprising seeing as how the store is the size of a mini-mall) I figured I'd pick up one of the paging phones that are located on posts every few isles for employees and announce all over the store for her to meet me in a certain place. I found the phone and picked it up and looked at the HUGE list of all the different departments they have to choose from and finally found the All Store Page listed at 1800. So I dial 1800 and hear a loud click throughout the store and I annouce, "Colleen Card to the toy isle. Colleen Card!" While I was waiting for her, though, the Matchbox cars got really boring by myself (Justin's dad, the kid I met and was playing with, made him go home) so I wandered back over to the phone and noticed that all the department numbers were in the exact same format as the all store paging number. Electronics was 1296, Hardware was 1693, etc, etc. So I wrote down the two phone numbers listed on the front of that phone and put them in my pocket. Colleen arrived and we went home to a supper of Burger King Whoppers. Yeah. The First Phone Call: -------------------- By now I had this big horrific plan in my head that I was pretty sure wouuldn't work but I knew I wouldn't rest until I tried it so the next morning while Colleen was at school I went back to the same Gateway Fred Meyers to test it out. (Gee, have you figured out what I'm doing yet?) I went to the pay phone that's located in a foyer entrance type thing and boxed a call to the inside of the store. "Fred Meyers customer service, may I help you?" "Yeah, this is Dave in electronics. Could you transfer me to extension 1800? I can't get it to work..." "Okay, just a minute, please!" I hear the funky Fred Meyers hold music for a split second and then total, dead silence. I hit the "*" button and hear it echo inside the store... So I look around the foyer and there's a few people inside with me so I can't really say anything loud. Instead I start playing "Help Me Rhonda" on with the touch tones and my musical masterpiece echos throughout the entire store. I couldn't wait any longer for the people in there to leave so in a low voice I start muttering into the phone, "Fuck you alllll...You're all going to hell. I will kill yoooooou, I am Satan......." Now you'll have to excuse the total lack of creativity with my first Fred Meyers speach but I couldn't talk very loud and besides, I was excited that this actually worked! I decided to go inside and check out the reactions so I hung up. The reactions weren't that great when I first got in. Walking by the photo section I heard a customer exclaim to an employee, "Did you hear that crazy guy??" But the employee wasn't too talkative so that didn't get anywhere. When I got to the Deli, things were considerably more active there. A guy in a suit (didn't look like a manager, but who knows...) was talking to another important looking guy (security?) and the suit was pissed! I went over to the Deli and pretended to look at the menus so I could listen and they were talking about me. I heard a few things to the effect of, "Well, Dan's looking around for him right now." and "If I catch the little fucker..." It turned out that they thought some kid in the store had picked up a paging phone and done it all. Then I noticed a few guys patroling the isles with 2-way radios on their belts. Typical security dudes. So I got bored and went back home, waiting for Colleen to get home. The Twenty Minute Broadcast: --------------------------- Later that evening, around 6:00 I had already told Colleen that I'd succeeded and wanted to try it again so we picked up the phone in her room and called Fred Meyers. Again I got the service desk, asked to be transferred to extension 1800, got hold music and then dead silence. The first thing I yelled into the phone was, "DON'T SHOP FRED MEYERS!" That was the big slogan in town that the employee who were on strike were using so I thought that would liven up the whole strike thing and if nothing, make the local papers. I put on my Good Morning Vietnam CD which starts out with Robin Williams yelling, "Goooooood morning, Vietnam!" and plays the clips of all his best radio stuff, including all the foul language and bad jokes. Then I played a few good clips from The Jerky Boys's first cassette and started paging people to different departments of the store. After about twenty minutes I hung up the phone so I could call back and make sure I was really on the paging system and not just talking to myself like an idiot. So I called back. "Fred Meyers, customer service. May I help you?" "Could I have the shoe department, please?" "Hold please!" After about a minute of waiting, I finally got the shoe department. I told the lady I was Dan from security upstairs and asked her if someone was playing with her phone there on the paging system. "Oh no, sir! That wasn't from this phone. They think it was kids in the food isle. The security guys are looking for them right now..." The Two Hour Broadcast: ---------------------- I thanked her and hung up. Now we knew we were getting through okay so I called them back and once again asked customer service to connect me to extention 1800. By this time I guess she had figured it out because she wouldn't connect me so instead I asked her to connect me to Lawn & Garden. When they answered, I had them connect me to 1800 with no problems. The only thing I can't figure out is why when I was in their system they couldn't somehow get rid of me. Why couldn't they shut off their all store paging system? Why couldn't they disconnect the speakers? Why couldn't they pull the plugs on the phone for a second and then put them back in? Why couldn't they just hang up on line two? Anyway, here's a breakdown of what our two hour broadcast consisted of: 1. Various type of store pages including.... "Customer Service to the sexual toys isle!" "Customer Service to the anal lubrication department!" "Customer Service to Customer Service! We don't know what we're doing!" "Attention K-Mart shoppers! Don't shop Fred Meyers!" "Al, clean up on isle 5. Some stupid bitch just spilled her fucking milk all over the fucking floor, the stupid cunt!" "AT&T, Please deposit 25 cents..." "I need a price check on this vibrating cream." "Security to isle ten. A lady is testing out the douches again." "Security to isle seven. That little boy is stealing Froot Loops..." "Security, monitor register two. BARBARA is working again." "Hi, my name is ROY and if you find a furry watermelon, that's my gerbil!" "Chris Tomkinson is the bestest, coolest guy in the world! Cactus?" 2. Colleen's Story Time Hour. She read a bunch of children's books and changed the wording around to make them quite demented and gross. (This is where PLA024.TXT came from, by the way...) 3. Harmonica Hour! Together on harmonica we didn't sound that great but that didn't stop us...that alone probably got rid of most of the shoppers. 4. Voiced our opinions of political issues. 5. Told very anti-religious and racist jokes. (We're not against religion and not racist people, we were just trying our best to offend everyone.) 6. I played my favorite songs over the store via the local radio station, KUFO. 7. A special announcement by RBCP: "Ladies & Gentlemen, may I have your attention please...At this moment I'd like you all to direct your attention to the individual working in Lawn & Garden. She is the very person who screwed up and allowed us to take over your paging system! Not that bright of an employee if you ask me but hey, we're dealing with Fred Meyers, right? So ma'am, if you haven't been fired yet...Thank You!" 8. Colleen sang "I'm a Little Teapot" while I yelled "Fuck God!", then she started reading off phone sex ads. Then poetry. Transferring The Call Ourselves: ------------------------------- Me & Colleen went to Gateway again. After getting on their paging system so many times, they must have put out a big-time security alert or something because NO department would transfer us anymore so now I HAD to get it just to show them. Here's what we did... 1. We find a phone in Isle 13 and write down the extension number off of it. 2. I stay there and Colleen runs out to the pay phone. 3. Colleen boxes a call to Fred Meyers and asks customer service for extension 1625, which is where I'm standing. 4. My phone begins to ring. I pick it up, dial TRANSFER, 1800 and hang up. 5. I run out to the pay phone and we say a few things into the phone such as "Ha, ha! We got through! Nyah nyah nyah nyah nyah nyah!" and other assorted immature things. 6. We get kind of bored and go home. But it WORKED! Ha! A few days later we called from home and asked to be transferred to extension 1625. A stock boy picked up the phone and we told him exactly what to press and we got on again. They'll never win. Interview With The Security: --------------------------- After that night it got sort of boring. I was a little upset that none of this made the papers and we never got around to doing it much more after that. Once while Colleen & her dad was in another Fred Meyers shopping, I got in and made a few announcements, played a few touch tone songs, etc, but their system was messed up and they couldn't hear me very well. So one day I'm hanging around the Portland PDX airport because I have nothing better to do. One thing has led to another and I'm sitting at a pay phone, using the fingernail clippers that I stole from the gift shop to splice open the wires to the pay phone. (They wires were just shoved up under the pay phone wall and easy to get to. I had access to three different phones, including my own.) I didn't mean to, but instead of just stripping the outer cover off the wires, I cut it totally in half. I quickly learned which phone it was when the Japanesse girl next to me looked distressed, started yelling something urgent in the phone, then hung up and went to find antoher phone. Whoops? So I finally get my phone and the phone next to me successfully hooked together. I called Zak and explained to him what I'd done. Then I patched in the other dial tone and called Fred Meyers in Beaverton. We had no problem getting in to their all store paging. We fucked around for awhile on their system and got bored with it so Zak used HIS three-way to call up the Gateway Fred Meyers. We asked the customer service lady for security. "Security, may I help you?" "Yes, this is Roy from the Orgonian Newspaper. I was calling in regards to your problems that I've been hearing about with your paging system?" "Well, sir, that's a problem that has been taken care of. Is what was happening is some kids were dialing in from the outside..." Blah blah blah, he rattled on for awhile. After he babbled on for awhile and I asked him some more questions, I asked, "Sir, are you aware that you're participating in a four-way phone call and right now as we speak, our voices are echoing throughout the bowels of Fred Meyers in Beaverton? Now, you say that you're security for Gateway Fred Meyers, correct?" The line was totally silent after that, then it clicks and he's hung up, probably franticly calling Gateway to find out if it's true. I then made an announcement, "Yes, shoppers of Fred Meyers, this is the kind of intelligent people that you're dealing with every day, shopping here!" We hung up and Zak called Fred's back to ask the lady if we were really on the system. She verified that we were so we asked to be transferred to 1800 and she told us to please hold. "Security, may I help you?" "No, she must have misunderstood us. We didn't want security, we wanted extension 1800 so we can frollic around your paging system freely!" "Well, sir, I don't think that's going to happen." Another incident with security happened when I called security from Clackamas Town Center, just out of boredom. (The very mall that Tonya Harding likes to skate in, by the way! Boy, do I feel important.) I called Gateway security and had a long conversation with the security lady. I told her I was the one responsible and she said, "I know, I have the same number on my Caller I.D. here." which is bullshit because I'd never called Fred's from that Mall. "Well, ma'am, did you think what I did was funny?" "No, not at all, actually." "I bet you smiled, though..." "Well, yeah, until you started getting vulgar. You really upset quite a few shoppers here." "That was my plan, though." "Why?" "Because I have no life." Afterwards: ---------- I know the story just kind of ended there and didn't really have any kind of point to begin with but I thought I'd write it to see what you think. (Which is probably that we all need to get a life.) Since that day we've been on the paging systems of various stores around Portland, saying pretty much the same things each time. It actually gets old after awhile but it's really fun at first. I severely shocked the shit out of myself trying to hook another pay phone to my original two so don't try that unless you're wearing big rubber yellow gloves! It never did make the paper that I'm aware of and the strike is over and things are pretty much back to normal there. So if you want to call Fred's and try it yourself, feel free! K-Mart uses a similar phone system nationwide but I never have been able to get into their paging system. Actually, I've never been able to get into any other store except for Fred's so please mail me if you get anywhere with other stores. Wal-Mart, perhaps? Phone Numbers: ------------- Gateway Fred Meyers...............................................503-254-7905 Beaverton Fred Meyers.............................................503-690-5823 Rockwood Fred Meyers..............................................503-669-4600 There's a billion others in Portland, but those are just the ones I have listed and I'm too lazy to dial information. The paging code for most of them is 1800, but Rockwood for some reason is 800. If you want Isle 13 at Gateway, the extention is 1625. (Talk to a dumb stock boy!) I don't encourage actually doing this, but think it would be funny as hell. .oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oOo.oO ==== Log to Disk, 05/02/95 at 21:12 ==== ATDT 689-8620 CONNECT 2400 Enter number or name or 'NEW' NN: =HAMBURGLER Unknown user. Enter number or name or 'NEW' NN: NEW ANSI graphics support detected. Use it? NO Special F/X System information Hardware: This system runs on a 8088 XT with a 40 meg hard drive, mono monitor, and an internal 2400 baud modem. Software: MS-DOS v5.0 running 4DOS command interpreter v4.01 World War IV (WWIV) BBS software v4.23 by Wayne Bell WWIVnet software version 33 This BBS has been around for .. a long time, I guess about 3 years. It all starts running together after a while, being a sysop and all. Special F/X BBS new user information Please read this: --- This bulletin board system (BBS) is a privately run system. The system operator (SysOp) can not be held liable for any damages incurred from using this system. Also, be aware that E-Mail on this system is not to be considered private. The SysOp may grant the ability to read e-mail or to see a user's account information to any person he wishes at any time. --- As a new user of Special F/X BBS, here's some basic etiquette guidelines that I (and pretty much any sysop out there) would like you to follow. - Do not attack or "flame on" other users in the public message bases. Keep private arguments to e-mail. - Don't send offensive posts or e-mail through the network. - Don't post in all capital letters. - Don't take jokes too seriously.. smile. Thank you for calling Special F/X BBS. The most important rule here is.. ..enjoy yourself! Your SysOp, Ivan (AKA Stingray) Enter your country (i.e. USA). :SWD Enter your handle/alias or your real name. :HAMBURGLER I'm sorry, you can't use that name. Enter your handle/alias or your real name. :H4MBURG13R Enter your first and last name. :Betty Kregan Enter your VOICE phone no. in the form: ###-###-#### :911-T0-31337 Enter your street address. :31337 Kode Abode Enter your city (i.e Los Angeles). :Krackow Enter your state (i.e. CA). :DK Enter your zipcode as #####-#### :9116734565 Enter your DATA phone no. in the form. ###-###-#### :800-PIRATE-1 What's your favorite radio station? (hit if none) :666 Your gender (M,F) :F Month you were born (1-12) : 01 Day of month you were born (1-31) : 40 Day of month you were born (1-31) : 66 Day of month you were born (1-31) : 2 Year you were born: 1902 Year you were born: 1903 Year you were born: 1904 Year you were born: 1905 Known computer types: 1. IBM PC (8088) 2. IBM AT (80286) 3. IBM 80386/80486 4. IBM PS/2 5. Apple 2 6. Apple Mac 7. Commodore Amiga 8. Commodore 9. Atari 10. Other Enter your computer type, or the closest to it (ie, Compaq -> IBM). :5 How wide is your screen (chars, =80) ? : How tall is your screen (lines, =25) ? : Select a default transfer protocol? YES Enter your default protocol, or 0 for none. Protocol (?=list) : ? Q: Abort Transfer(s) 0: Don't Transfer 1. ASCII 2. Xmodem 3. X)modem-CRC 4. Y)modem 5. B)atch 6. Z)modem Protocol (?=list) : Q Random password: YZQGU9 Do you want a different password (Y/N)? YES Please enter a new password, 3-8 chars. :HACKQR 1. Name : H4MBURG13R 2. Real Name : Betty Kregan 3. Callsign : 666 4. Phone No. : 911-T0-31337 5. Gender : F 6. Birthdate : 01/02/05 7. Computer type : Apple 2 8. Screen size : 80 X 25 9. Password : HACKQR A. Street Address: 31337 Kode Abode B. City : Krackow C. State : DK D. Country : SWD E. Zipcode : 9116734565 F. Dataphone : 800-PIRATE-1 Q. No changes. Which (1-9,A-F,Q) : Q Please wait... Your user number is 295 Your password is HACKQR Please write down this information, and re-enter your password for verification. You will need to know this password to log on to the system. PW: Ivan's here... wow... you're z0 31337 y0y0y0 1 c411 4 d k0dez eye 4m 31337 h4qr fr0m sw33d3n!!! g9v3 m3 d k0dez and d 0 day!!! hahahahahahahahahahahahahahahaha..... wow so are you 14 or 15? 13 b10+chz hmm.. so why are you calling here, hey, do you know steev buttowick? i c4ll t0 asK iF u w4n+ t0 b3 tH3 WHQ 0f d McD0naDlz Cr3w?!!!?? w3 r 31337 hacqerz!!! hmm.. just a sec, let me consult my 31337 hacqerz guidelines 0k c0u1D eYe g3+ 4 c0pY? well it says on page 2158 not to give out copies to lamerz tho eYe 4m 31337 haqer so i c4n g3t iT,,, i r3gis_3r3d iT!!! whoa.. well hmm how do you expect to get validated here? I mean are you cool enough to validate without even knowing who you are?! eYe kn0w wh0 eYe 4m... eYe 4m n0T sTupiD th0ugH eYe giV3 mY info 2 kn0w 1!!! hey could you do me a favor and type regularly? it looks cool but you go REALLY SLOW... anyhow well everyone else here gave me there info, and in fact theres hardly anything illegal to do in the first place here, and few people have access to private info THEREFORE i think you should tell me who you are eYe liV3 iN Sw33den ok .. so i don't know how 2 tyoe regularly... so i just want to hck you k-k00l board... Tue May 02 20:19:12 1995 co Tue May 02 20:19:12 1995 coo Tue May 02 20:19:12 1995 coo Tue May 02 20:19:13 1995 cool! you wanna hack my board huh? did you get that file "wwiv.txt" on how to hack WWIV boards? just gonna wing it? intrinsic knowledge of Bell's code? or are you just going to ask nicely if it'll let you in without me saying it's ok? ok h0ld on _______________________________________________________________________________ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=: May 1994 - * ____ \ / _\._______ BRoTHeRHooD oF WaReZ :: / | \ __* __ || | ______| BRoTHeRHooD oF WaReZ :: The Brotherhood | o / ___| \ / | -++- | |____ BRoTHeRHooD oF WaReZ :: Speaks Yet | \/ \ | | | -++- |____ \ BRoTHeRHooD oF WaReZ :: Again. Phear. | o ) o | .o / || _____) ) BRoTHeRHooD oF WaReZ :: |___/\___/ \/\/ |______/ BRoTHeRHooD oF WaReZ :-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= _______________________________________________________________________________ [the BoW squirt gun of death is coming for your pets!] BoW BoW +-- picture of your BoW BoW BoW / favorite pet here. BoW BoW B/W BoW BoW / BoW BoW BoW / BoW BoW BoW / BoW BoW BoW |/_ BoW BoW +---------BoW---------+ BoW BoW | BoW | BoW BoW | BoW | BoW BoW | BoW | BoW BoW | BoW | BoWBoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW | BoW | BoW BoW | BoW | BoW BoW | BoW | BoW BoW | BoW | BoW BoW +---------BoW---------+ BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW_______________________________________________________ ________________________ Brotherhood of WaReZz -BoW- Brotherhood of WaReZz -BoW- Brotherhood of WaReZz____________________________________________________ ___________________________KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRADWAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZKRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRADWAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD+--------------------------------------+KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD W| Oh No!! We still haven't gone away!! |AD WAREZ KRAD WAREZKRAD WAREZ KRAD WAR| Hold on to your space bar, for here | WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ| comes.... |AREZ KRAD WAREZ KRADWAREZ KRAD WAREZ KR| |Z KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD| 1) Introduction to BoW #5 |KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD W| 2) The BoW Member list |AD WAREZ KRAD WAREZKRAD WAREZ KRAD WAR| 3) How to join the Brotherhood | WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ| 4) Eubercrackers get BoW |AREZ KRAD WAREZ KRADWAREZ KRAD WAREZ KR| 5) The Prophecy of [GLuE] |Z KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD| 6) WaReZz d00dz get a CLuE! |KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD W| 7) The Felis-Mortisikon part I |AD WAREZ KRAD WAREZKRAD WAREZ KRAD WAR| 8) The Felis-Mortisikon part ][ | WAREZ KRAD WAREZ KRD WAREZ KRAD WAREZ | 9) Bong Filter |REZ KRAD WAREZ KRADWAREZ KRAD WAREZ KR| 10) Hacking ATM's |Z KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD| 11) A Song |KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD W| 12) The Official BoW SiTE List |AD WAREZ KRAD WAREZKRAD WAREZ KRAD WAR+--------------------------------------+ WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRADWAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZKRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRADWAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WAREZ KRAD WARE__________________________________________ ____________________________________1111111111111111111111111111111111111111111 11111111111111111111111111111111111____________________________________________ __________________________________BoW BoW BoW BoW BoW Bo* *BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW Bo* + ------------------------------ + *BoW BoW BoW BoW BoWBoW BoW BoW BoW BoW Bo| Introduction to BoW #5 |BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW Bo* + ------------------------------ + *BoW BoW BoW BoW BoWBoW BoW BoW BoW BoW Bo* by: pluvius *BoW BoW BoW BoW BoW Bo============================================================================= = WoW WoW WoW WoW, 'ere be BoW #5. After much hate mail, and narc attempts, ________________________2222222222222222222222222222222222222222222222222222222 22222222222222222222222________________________________________________________ ______________________BoW BoW BoW BoW BoW Bo* *BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW Bo* + ------------------------------ + *BoW BoW BoW BoW BoWBoW BoW BoW BoW BoW Bo| The BoW Member List |BoW BoW BoW BoW BoW BoW BoW BoW BoW BoW Bo* + ------------------------------ + *BoW BoW BoW BoW BoWBoW BoW BoW BoW BoW Bo* by: The BoW Staff *BoW BoW BoW BoW BoW Bo======================================================== ====================== Phearless leader: U4EA Newsletter editor: pluvius Members: Maelstrom, Th3 V3lkr0 K0d3 \/\/aRRi0R, Cars c eYe 4m 31337 h4qer whoa! only an elyt hackkkker couldve got that i mean WELl, i sure am impressed.. i mean.. theres only 10,000 of those on the internet... whoa yer cool. eYe will get u ... ph34r me check out this 31337 nfo i gotz on your system!! <>Begin ascii Upload<> ี001ออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออ001ธ ณ ณ ณ How To Hack The Hell Out Of A WWIV BBS - Written by RedBoxChiliPepper ณ ณ ณ ฦออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออต ณ Written On February 15, 1990 Last Revision on August 29, 1994 ณ ฦออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออต ณ For Informational Purposes Only. We're Not Responsible For Your Stupidity. ณ ิ001ออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออออ001พ Happy Valintines Day! This file is for all of you wanna-be cool system hackers and crackers but don't have the slightest idea what you're doing. Well here's your chance to be a real hacker. In addition to the axe method, I've included some secret WWIV commands that even Wayne Bell might not be aware of. Cactus? Tools You Need: -------------- (1) Ladder (1) Ax (or hedge trimmers if you want to be creative) (1) Sysop you don't really like What To Do: ---------- Log on to your hated WWIV board under a false alias and start chatting up the sysop. Be really nice to him and ask for your own sub and upload a lot of files and offer advice on ways to better his board and just be a really, really nice guy. After you gain his trust, find out through social engineering when him and all the other members of his family are going to be gone for an hour or so. Stake out across the street and wait for him to leave. Now, when they're all gone take your hacking equipment to his house. Use the ladder to climb up to his window and shatter it with your ax. (The window, not the ladder.) Climb into his room. If his room is in the basement, walk downstairs. Of course, you could have just broken into the basement window but that would have been too easy and only a true dedicated hacker would do it this way. Find his computer. If someone is logged on hit F10 to go into chat mode and type, "I'M SORRY BUT I'M GOING TO HAVE TO LOG YOU OFF SO I CAN HACK THIS BOARD." Log the loser, I mean user off and proceed to hack. Hold the ax high over your head and bring it down with as much force as possible on his computer to hack a big gash in the middle of it. Hack all of his WWIV backup disks, his monitor and his keyboard. Oh, and the modem. Hack everything that has to do with WWIV to bits. After you're all done hacking, you could format his C: drive although it's not really neccessary. Now you can brag to all your friends about what a cool hacker you are. Take your ax and go home. Call his board and see if it answers. Trouble Shooting: ---------------- If his board does answer when you call it you've obviously done something seriously wrong here, possibly broken into the wrong house. Go back and finish the job, but be sure to check and make sure you have the correct address. Please contact me and let me know if this method of hacking works on other types of bbses other than WWIV or if you have any problems with this method. I've personally only attempted the "axe" method on WWIV and it's been successful every time but there's a rumor going around that perhaps this will also work on VBBS, Wildcat and Citadel software, but some modifications may have to be made. Secret WWIV Commands: -------------------- We all know what an amazing programmer and hacker I am. While passing a rainy day last week I was looking through the WWIV program and source code and noticed a number of flaws and back doors throughout the program. Perhaps Wayne Bell is trying to pull a fast one just so he can get free access anywhere or destroy computers of sysops he doesn't like or something, I don't know, but there was definately some really odd stuff in there. Here's a breakdown of what I found. Keep in mind that I've called WWIV bbses around the country and all of these "secret" commands seem to work in most every version of WWIV. 1. From the main menu if you hit [CTRL] [R] [O] [Y] and stomp on the floor six times REAL HARD you'll get a DOS prompt. From there you can do anything you want to the victim's hard drive. 2. From the main menu type /OCEAN for a super-secret ansi music menu. This does a lot of really amazing things. This is for real. 3. WWIV has a built-in virus command that can be activated by any user, even with a SL of 10. From the main menu type "//I AM A TOTAL LOSER" with your left hand only. If you use your right hand in any way, the virus will backfire in a very bad way. Oh also, if your nose is pierced, DO NOT ATTEMPT THIS. I won't get into why, though. The virus will turn the outside casing of the sysop's computer bright orange and will kill off any smaller life forms in his house, including dogs, cats, fish and all the house plants. It will also cause the sysop's front doorbell to malfunction for a few weeks and cause the top left drawer in the sysop's desk to stick alot. 4. While transferring any file, repeatedly hit [CTRL] & [C] until the transfer aborts. A split second before it aborts, though, type "booga booga" and flip the computer's power switch on and off quickly fifteen times. If you get a message saying something like, "System failure" don't worry. This is only a part of the back door. This trick allows you to read all the users' private mail. 000hh shit you know!! aahhhhh i fear you uber hacker!!! c eYe 4m 31337... n000 no more... Chat mode over... XXXX‘oึL9๙Fi€ NO CARRIER .oO[ End Of Transmission ]Oo.