:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: :: :: --== The Consortium ==-- :: :: :: :: Issue I :: :: :: :: Dedicated to the free exchange of information :: :: :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: Release Date: September 1, 1994 !sirE liaH :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: "Man can will nothing unless he has first understood that he must count on no one but himself; that he is alone, abandoned on earth in the midst if his infinite responsibilities, without help, with no other aim than the one he sets himself, with no other destiny than the one he forges for himself on this earth." -Jean Paul Sartre :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Table of Contents: 1. Introduction H.M. Celine 2. Basic UNIX password security Two Face 3. The Misrepresentation of Telecom RS-232 4. My Life At The Revival Tent Iesu Christe Dominae 5. Introduction to LOCNet Senator Bail Organa 6. "Boxing" Tone Reference Guide H.M. Celine :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 1. Introduction Welcome to the Consortium. This is the premier issue of a new electronic "newsletter" that was formed with one purpose in mind, the free exchange of information. Over the years, there have been many such publications, Phrack, 2600, cDc, etc. We are in NO way trying to compete or even COMPARE to these publications. We're here to offer information, amusement, knowledge and practical skills to anyone who has the ability to obtain and read this newsletter. The Consortium is not about hacking, phreaking, anarchy, explosives, music, pirating, credit card fraud or any of the other "underground" hobbies, although it is highly likely that you'll find articles on almost all of the above in the months (and hopefully years) to come. Throughout the years, the world of telecommunications has changed drastically. When I first entered the scene back in 1983, things were different. People were using BBS systems and the telecom world as a form of communication, a form of education, and a hobby. It wasn't a lifestyle, it wasn't a medium to give everyone an alternate "fake" personality. It was just there. In the more recent years, it seems the "newbies" have gotten the idea that the whole invention of BBS systems were to allow them to all log on an act like prepubescent assholes and get away with it. Hopefully, we can educate them otherwise, or the entire ideology of telecommuncations as we know it may go down the tubes. Well, you've gotten the introduction, you know what the Consortium is about, and you know what we're attempting to do. You MUST excuse me if the "look and feel" of this publication isn't up to par for the first few issues, we've got to get the writers going, and some ideas flowing and work on our entire appearance. In any case....... -Hagbard M. Celine / Asmodeus Rex ---------- 2. You, UNIX and Password Security UNIX is very possibly the most secure operating system in existance... if the administrators of a UNIX system are educated in the ways of proper UNIX administration and security, that is. When a UNIX system is first set up, there are several different accounts that come stock with the system. It's the responsibility of those setting the system up to change the passwords of those accounts, remove those accounts, or in some other way remove the accounts from public access. There are, however, those uneducated system administrators, who are either unaware of these accounts, ignorant that there are information-seekers who would take particular intrest in the access these accounts would provide, or just plain lazy and are unwilling to bother with disabling access to these accounts. Whatever the case may be, their loss is our gain. And what do we have to gain? Information, education, and knowledge. Here is a listing of typical default accounts on UNIX systems. This listing is bound to change from flavor to flavor. Some may work, none may work, or every one may work. If you've got the patience (or ability to code) then you're BOUND to find a crack or two if you try enough systems. (Username and password are the same, unless specifically noted otherwise.) adm, admin, ann, anon, anonymous, backup, batch, bin, checkfsys, daemon, demo, diag, field, ftp, games, help, install, listen, lp, lpadmin, maint, makefsys, mountfsys, network, news, nobody, nuucp, nuucpa, operator, powerdown, printer, pub, public, reboot, rje, rlogin, root, sa, setup, shutdown, startup, sync, sys, sysadm, sysadmin, sysman, system, tech, test, trouble, tty, umountfsys, user, user1, uucp, uucpa, visitor, guest/guest, guest/anonymous, sysbin/sysbin, sysbin/bin Once inside the system, be it with your own account or with one of the ones listed above, you should probably scan for accounts that lack passwords. The password file is in the /etc directory. The name of the file is passwd. Every user has access to read this file, yet select few have access to write to it. For our purposes, you only need to be able to read it. A typical account entry would look something like the following: two:wfllbtdq:100:100:Two Face:/usr/two:/usr/ucb/csh (1) (2) (3) (4) (4) (5) (6) It may help some to explain exactly what the line above means. To help, each field has been numbered, and will be explained. The first field is the username. The second field is the encrypted password. The third field is the user id (file ownership is based on a user number that is unique to each user, as opposed to the actual username. While it's an impersonal method of file ownership, it's rather effective...) The fourth field is the group id (which works the same way as individual file ownership, except for that it applies to all users in a particular group...) The fifth field is the user's home directory. The sixth field is the startup program. We only need to be concerned with the first two fields, however. As you can see, each field is sepperated by the : symbol. If this account was not password protected, the line would look like this: two::100:100:Two Face:/usr/two:/usr/ucb/csh UNIX comes with a program called grep. What grep does is search any given file(s) for a user-specified string. In this case, we want it to search for any occurance of :: in the passwd file. Once logged into the system, run this command: grep :: /etc/passwd Any line(s) that grep outputs for you are accounts that lack passwords. Some SysAdmins don't allow for null passwords, though it IS worth the effort to at least check to see if any unprotected accounts work. If you know of any other interesting tricks involving password security on UNIX based systems, or happen to have a listing of what function each telnet port serves, please send mail to ed@gnu.ai.mit.edu -Two Face __________ 3. The Misrepresentation of Telecommuncations Enthusiasts. It is not a new thing, nor is it something that will go away anytime soon. For years we have been subject of many "attacks" coming from mainstream media sources. Many major magazines like Time, and many television programs such as Dateline have given telecommunications a bad name. They have done this by allowing small factions of "concerned citizens" to use their shows as a medium for their own over active imaginations. These shows and others are explaining to the already clay-like entities watching them that there are many bad types on large networks, and even some smaller BBSes. These shows have come up with every conceivable person that COULD be accessing a modem from a pedophile to Neo-Nazi's. This is not a joke. These shows always seem to air late at night, when any respectable computer user is hacking away on a new program working out the latest bugs. However, as most computer users find no time to get to their T.V. sets during the day, their parents however, may be glued to it. For it is truly the media of their generation. When an advertisement appears for a show stating something about what THEIR child may be party to, they WILL listen. These shows like all T.V. shows have a captive audience. These shows can tell people whatever it is they wish them to believe, and the uninformed WILL believe it. These programs and articles do not even take the time to allude to the fact that these "bad people" are a very small faction of users. Most users in the BBS world have never been a subject to this. Another annoying article I read in Time Magazine a month ago was called 'Scribes on the Internet'. This explained that with the onslaught of new users making their way to the internet, most of these users were spelling, and grammatically challenged. This is a fact that most Bulletin Board Users have to deal with constantly. The 3l33t3 d00d speak like this that annoys almost all BBS users with a clue, is portrayed as the new way of the virtual world. I am insulted. Whereas I am not the greatest grammar freak, I *NEVER* spoke in the K00L, or KEWL manner. I thought it was completely stupid. If you even tried this on a Bulletin Board in this area you would most likely lose access if you did not and I quote "Get a clue." If I am wrong about this then I am living a sheltered life. I have never used AOL, why WOULD I? I have however used the original AOL, Q-LINK, which was much the same. Neither I nor anyone I know that does access pay on-line services has seen this type of thing happening. Though, with the large on-line services around, I believe it occurs. It does not however occur on any local bulletin boards that I have access to. As you read this article think to yourself, If you are a real user then you probably use on-line services very little. If you do, or do not, have you ever seen or been victim to such acts? Are there any local Neo-Nazi BBSes in YOUR area? The on-line world is NOT a new frontier, it was almost completely plotted when I joined it, and that was 10 years ago. These people do not take the time to see how the real Telecommunications world works. Most of the users on my BBS know who I am, and vice versa. In fact, I hang out with most of the Bulletin Board users I know. We have formed many friendships on-line, and broken many also. If you are a young user, under the age of 18, think about this. If you think I am right, take the time to educate your parents. How can they understand something of this magnitude? NEVER in their lives has anything such as this on this scale happened. I applaud all attempts of the older generation to learn about computers and the on-line world. We should help them to understand it is not a haven for punks, and criminals. However, to quote probably what your parents think, we have to raise them OUR way. We cannot allow them to take their own paths in this new area for them, if they do they will mess up. They will start to form groups such as Prodigy, AOL, CompuServe, things that have no place in the on-line world. I am not against having pay services, and even to make some money off them, but do not take every bit you can get from it. The on-line world is here for one purpose, and one purpose only, "The free exchange of information" -RBBS. This type of show is typical of the news media. They will try to discredit all forms of media that are not in the mainstream media. Bulletin Boards are very much media in many ways. News can be found on-line, along with information on movies, bands, new albums, etc. There are also many, many forms of entertainment that just cannot be equaled by an outside force like media. T.V. ratings dropped when computers started offering games, and other miraculous toys to play with. Why would the media want that? Power, and ratings are the two driving goals of media. With the arrival of the modem, and widespread telecommunications we are now able to get news immediately. Also, who are you more likely to trust? The news that states a movie is the best thing since The Rocky Horror Picture Show? Or, your on-line friends who watched it and told you it sucked beyond belief? You tell me... -RS232 ---------- 4. My Life At The Revival Tent: Safe Sex, Cereal, and Subliminal Islam By Iesu Christe Dominae It was far too early for any soon-to-be high school junior to have to wake up in the foggy midst of summer . Seven O'Clock A.M. was a time that had long since slipped into obscurity by one August 3rd, 1994, the summer in full swing and myself destined at that ungodly hour to shit, shower and shave for Lollapalooza '94, where I would dazzle the masses alongside my poetic con- temporaries in the enigmatic Revival Tent. We had planned it all out: us poetry people would all meet at roughly 8:30-9:00 outside Fellini's cafe on Wickenden St. in East Providence, where we would have a quick strategic conference and cement our general lack of knowledge as to the procedure we would follow once we actually got to 'Palooza. That portion went off almost without a hitch, with the possible exception of our leaving a half hour later than we planned. Things could have been much, much worse. We all broke into our little car pools. I was riding with Dawn Gabriel (a member of the infamous telcom-havoc-wreaking Gabriel clan) and Ray Davey, host of the Providence Poetry Slam Series at AS220 (and accomplished performance poet in his own right,) with local legend Derrick Prosper (veteran of innumerable slam championships) following us to Quonset State Airport in his dilapidated Honda. Also hauling ass into North Kingstown were Worcester hellraisers Otis Galloway, Bill MacMillan (host of the Worcester slams at Eleni's cafe), and Diane "Bucking Hips" Brown: The Virgin Poet, Sean Shea: fellow minors Mary Geisser and Mark Krauss: and some other people whose names I always seemed to miss. Our car arrived at Quonset to be greeted by the most submoronic security staff ever to don blue shirts. After being deftly pointed on our way by R.I.'s finest (a small gaggle of State Troopers whose concentration was rather inefficiently split between shooting the shit and directing traffic) we set out in search of Gate 7, the fabled Vendor's gate. Luckily, the planets were correctly aligned and we found it (with a little help from the white-shirted 'Palooza touring security.) Here's a little hint: if you wanna get into a show like Lolla (with spoken word) for free, ask around about the Vendor's gate and attempt entry by saying "We're poets." They're apparently some kind of magic incantation, because it got us through with nary a question. We created our own parking space some distance from backstage and set out in search of our passes. Saints be praised, we eventually found our contact - after being consistently misguided by the same security guard. (I've advanced the theory that they just hire one or two actual security guards and clone them. The fuckers all look alike.) As Ray went into the exceptionally large Greyhound bus discreetly labeled "Mindfield Production Office", something happened. A woman (about 5'4", with shoulder length brown hair) was making her way toward the bus. As she opened one of the side compartments and began retrieving luggage, I realized who this was - possibly one of my favorite spoken-word performers alive, Maggie Estep. Rather than behaving like a gibbering fanboy, I decided that I would take the quietly respectful approach. As she was dragging a large flight bag across the dew tip'd grass, I worked my way in front of her. "So this is the sex goddess of the 20th century," I said, grossly misquoting a poem of hers. She grinned a half-cocked grin at me. Slowly, I extended a fist toward her. "Po-TA-to," I said. "WHAT?" she replied incredulously. "Po-TA-to," I insisted. "I'm tired. Don't confuse me." I briefly and akwardly illustrated "potato." "Now what?" she inquired. "That's it." I walked away, strangely pleased with myself. We got our neato little patches and rejoined the rest of our caravan, who were already congregated with the Boston people at the enigmatic Revival Tent. We were greeted by the soothing sounds of one of the road poets, Uncle Shappy, doing impromptu Karaoke to to some hideous 70's music playing over the tent's sound system. Meanwhile, the crowds at the gates were swelling like a cancerous tumor on this formerly peaceful airstrip. After a half hour, some tangoing, and more Karaoke than is ordinarily humanly bearable, we had a brief strategic meeting and then went about corraling an audience from the masses now milling about Quonset. To this end, Bill took the cordless microphone and went out into the crowd, promising that "If I get a hundred people in this tent in the next 10 minutes, I will walk from here to the main stage naked!" I must confess, I haven't seen any kind of tent fill up that fast since Guantanamo the last time Castro opened the borders. Liz, a road poet, pulled people out of the audience and asked them "What band are you here to see?", "Can you recite some lyrics from that band?", etc. And while Bill never had an opportunity to make good on his previous promise, an audience member had that same general idea - he walked onto the stage, completely naked, to be interviewed by Liz. Most of the neo-alt preppies there gawked embarassingly as he wandered back out into the crowd, while two security guards laughed their asses off not 30 feet away from him. We didn't see him again. Bill opened a round of "Round Robin" (poets pass the mic, read a poem, pass the mic to someone else). I took that chance to read "My name is Henry" and the infamous Fabio poem to the expectant crowd. Otis followed my porno- graphic tirade with a poem about using a condom, during which I fished some out of the big prop box and passed them out. Eventually, however, the Bore- doms won out over the tent for me, and I went off stageward to groove to their funky Japanese hardcore beat (the three words that they know in English are "Fuck" and "Thank you") under the influence of a free Smart Drink that Dawn, Mary and I coaxed out of a bombed Mindfield employee (who looked un- cannily like Weiland of Stone Temple Pilots fame.) When next I saw the tent, the road poet posse were rocking the mic (verily, fuckin' shit up. (That's a good thing.)) After some wandering the in the pretentious, overpriced "Mindfield," I found my buddy Jubb (in addition to running into an ex-girlfriend - something I can never seem to avoid doing.) We hung out for a long time, and I brought him back to the tent where we watched some more road and local poets jam. By some freakish chance, I was selected to participate in some travesty called a "Dating Game." Well, the unfortunate thing about that is that, though blind- folded, I recognized the voices (and/or clothing/physical accessories) of all the "bachelorettes", and most of them were either complete warthogs or raging morons. I got a free T-shirt, though. The next attraction of notice was a performance artist named Gorby, who did a bizarre act involving a length of rope, a Sprite can, and a story about his ex-girlfriend of seven years. What he did, in effect, was slowly strangle himself with the rope while talking about her obsession with control. When the story hit a lull, he kicked the can into the audience where it spewed warm Sprite in all directions. It was beautiful. Next that I remember, Uncle Shappy did a performance (piece with Sean on flutophone) detailing the harrowing, angsty tale of a nightmarish break- fast of Captain Crunch with John Tesh. One would have to see it to truly understand it. Afterwards, random attractions came onstage, including a staggeringly brilliant urban slam poetry/rap combo from N.Y.C called the Boom Poetic, whose sole source of rhythm (or "Boom", if you prefer) was the man named Razelle, who could make noises with his mouth that no drum machine weighing down the face of the planet could ever duplicate. Finally, it came down to the reason that I was there. The poetry slam. Prize: 100$. Result: Getting completely shafted. First of all, there were only two rounds - one of which had apparently happened while I was with Jubb in the Mindfield or avoiding Nick Cave's horrible mushy renditions of his mediocre volume of album material. Secondly, they would only pick the absolute top score of both rounds, and pit the winners of each against one another. This is not a sound plan with sixteen competitors. I obviously didn't win. After they closed down the tent, I stashed my belongings with some Anti- Woodstock independent publishers, watched some more Boredoms on the second stage, and then shipped off to beat on people during the Beastie Boys. It was endless fun. During the next break, I found Jubb and hung out with him and Gorby to help him sell what Gorby termed "tacky shit." "Come get your tacky shit here!" "Real USDA approved tacky shit!" That type of thing. Come to think of it, Gorby looked almost exactly like Jeff Fahey in The Lawnmower Man. Bizarre. Then: Smashing Pumpkins. The Pumpkins were a wee bit disappointing for a few reasons: playing far too many Siamese Dreams songs far too fast, and far too much apologizing for "sucking." I have to say that "I am one" and "Rhinocerous" were almost redemp- tion. Almost. But I still had a damn good time with some guys who I kept run- ning into there, who always seemed to have pit following on their heels. Next time, Part Two: The Ride Home. -Iesu Christe Dominae ---------- 5. Introduction / LOCNet Application How did LOCnet begin? Nearly 2 years ago, RS-232 and I spoke on the phone plotting our plans to take over the universe as a whole. When we decided that wouldn't work, we turned to the idea of starting a small network to solve some of the activity problems on his board. Neither of us had the slightest clue as to HOW to start a network up. I decided it would be best to ask the resident expert on WWIV and the net related issues involved. His name was Sarik Malthus. Early that afternoon, I logged onto the Imperium, Sarik Malthus's abode. After fruitlessly attempting to chat with the Dark Lord, I decided to leave Feedback. Contained within were words that were much like the following. Hi Alex. Could you tell me how I could set up a net? I waited. A few hours later, I called back and met a most frustrating reply. Read the DOCs. Read the DOCs? I waited all this time for "Read the DOCs"? So, being the stubborn person I am, I replied : Fine. Thanks. I then logged off. Alot of good THAT did. Little did I know that those words were some of the wisest words ever written to me in the BBS world. By now, it was late. I decided to print out the WWIVnet documentation and read it. Hell, why not? It didn't seem like anyone was actually going to come right out and tell me what I needed to know. So I read. I screwed around. I read some more. I screwed around some more. Eventually, I got the LOCnet information files to compile correctly. In the process, I learned more about the net software than I thought possible. I slept. The next day, RS-232 and I decided to attempt to get his board hooked up. He was running VBBS. It was WWIVnet compatible, it just needed a little tweaking. It was also horribly slow. Eventually he figured out how to get it to work and LOCnet was born. 2 nodes, both at 2400 baud. LOCnet has since grown a bit. It's gained and lost boards here and there. There are currently 9 boards that span a decent sized portion of Rhode Island. Following this rather dull article is a short network application for LOCnet. You can E-Mail it to any of the addresses listed at the bottom of the application. If you're interrested in joining LOCnet and you run (or plan to run) a WWIVnet compatible BBS, fill out the follofing application and E-Mail it to one of the sites listed in the end of the application. ------------------------------------------------------------------------------ Board Name : ___________________________ SysOp Name : ___________________________ (Alias) SysOp Name : ___________________________ (Real) Home Address : ___________________________ (Optional) : ___________________________ City : ___________________________ (Required) State : ___________________________ (Required) BBS Phone Number - (___) ___-____ - The board MUST be 24 hours. Voice Phone Number - (___) ___-____ (Optional) Modem Speed : __________ Compression/Error Correction : ____________ (v.32, v.32bis ect...) Do you know of any LOCnet boards local to you? _____ Lastly, how long has your board been functioning? __________ ------------------------------------------------------------------------------ E-Mail this to me, 1@1 - LOCnet, 1@9050 - WWIVnet, !1-9050@inforail.station.mv.com - Internet. ---------- 6. Boxing Tone Reference Guide Red Box, Blue Box, Green Box, Blotto Box... Half of them have turned into telecom novelty items. This is a simple list of the frequencies needed for a few of the more popular boxes that are still workable in areas of the country today. A lot of people out there are not technically inclined enough to make an actual red box out of a Radio Shack dialer or convert a white box to a blue box, yet they have the talent to write a program to generate the same tones. These tones can be recorded and used just as a normal box would be used. However, the actual application of this information is illegal, and we wouldn't want anyone breaking the law. The timing durations used on these tones are as follows. One second is represented as a duration of 18.2. The durations are fractions of this 18.2 cycle second. Red Box: Nickel: 1700Mhz + 2200Mhz Duration 1 on Dime: 1700Mhz + 2200Mhz Duration 1 on, 1 off 2 Repetitions Quarter: 1700Mhz + 2200Mhz Duration .4 on, 1 off 5 Repetitions Blue Box: Digit 1: 900Mhz + 700Mhz Digit 2: 1100Mhz+ 700Mhz Digit 3: 1100Mhz+ 900Mhz Digit 4: 1400Mhz+ 700Mhz Digit 5: 1300Mhz+ 900Mhz Digit 6: 1300Mhz+1100Mhz Digit 7: 1500Mhz+ 700Mhz Digit 8: 1500Mhz+ 900Mhz Digit 9: 1500Mhz+1100Mhz Digit 0: 1300Mhz+1500Mhz KP : 1700Mhz+1100Mhz ST : 1700Mhz+1500Mhz Autovon: Signal A: 697Mhz + 1633Mhz Signal B: 770Mhz + 1633Mhz Signal C: 852Mhz + 1633Mhz Signal D: 941Mhz + 1633Mhz White Box: Digit 1: 1209Mhz+ 697Mhz Digit 2: 1336Mhz+ 697Mhz Digit 3: 1147Mhz+ 697Mhz Digit 4: 1209Mhz+ 770Mhz Digit 5: 1336Mhz+ 770Mhz Digit 6: 1147Mhz+ 770Mhz Digit 7: 1209Mhz+ 852Mhz Digit 8: 1336Mhz+ 852Mhz Digit 9: 1147Mhz+ 852Mhz Digit 0: 941Mhz+1336Mhz Some other misellaneous tones you might like to play with: Busy: 480Mhz + 620Mhz Duration 9.1 on, 9.1 off Ring: 440Mhz + 480Mhz Duration 32 on, 39 off Dial Tone: 350Mhz + 440Mhz Steady Tone Offhook: 1400Mhz+2060Mhz+2450Mhz+2600Mhz Duration 1.82 on, 1.82 off Reorder: 480Mhz + 620Mhz Duration 5.5 on, 3.6 off Congestion: 480Mhz + 620Mhz Duration 3.6 on, 5.5 off Well, that's all I have for you now. Maybe i'll do my own dictionary of what all the box types are. (The worthwhile ones that actually worked at some point in history). Stay tuned. -Hagbard M. Celine / Asmodeus Rex :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Consortium Editor: Hagbard M. Celine :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: The Alcazar .................. Sysop: H.M. Celine ........... 401/782-2617 The New Republic ............................................. 401/683-3218 Auskunfte Einbahnstrasse ..................................... 401/848-7225 The Lair of the Lizard King .................................. 401/295-5949 Death's Doorstep ............................................. 401/423-2964