Tekpihan StudiosTekpihan Studios
What is hacking?
According to popular belief the
term hacker and hacking was founded at mit it comes from the root
of a hack writer,someone who keeps "hacking" at the
typewriter until he finishes the story.a computer hacker would
be hacking at the keyboard or password works.
What you need: To hack you need a computer equipped with a modem (a device that lets you transmit data over phone lines) which should cost you from $100 to $1200.
How do you hack?
Hacking requires two things:
1. The phone number
2. Answer to identity elements
How do you find the phone #?
There are three basic ways to
find a computers phone number.
1. Scanning,
2. Directory
3. Inside info.
What is scanning?
Scanning is the process of having a computer search for a carrier tone. For example,the computer would start at (800) 111-1111 and wait for carrier if there is none it will go on to 111-1112 etc.if there is a carrier it will record it for future use and continue looking for more.
What is directory assictance?
This way can only be used if you know where your target computer is. For this examine say it is in menlo park, CA and the company name is sri.
Dial 411 (or 415-555-1212) or
(114 - philippines)
Say "Menlo park"
Say "Sri"
Write down number
Ask if there are any more numbers
If so write them down.
Hang up on operator
Dial all numbers you were given
Listen fir carrier tone
If you hear carrier tone write down number, call it on your modem
and your set to hack!
Basics to know before doing anything,
essential to your continuing career as one of the elite in the
country... This article, "the introduction to the world of
hacking" is meant to help you by telling you how not to get
caught, what not to do on a computer system, what type of equipment
should I know about now, and just a little on the history, past
present future, of the hacker.
Welcome to the world of hacking!
We, the people who live outside of the normal rules, and have
been scorned and even arrested by those from the 'civilized world',
are becomming scarcer every day. This is due to the greater fear
of what a good hacker (skill wise, no moral judgements here) can
do nowadays, thus causing anti- hacker sentiment in the masses.
Also, few hackers seem to actually
know about the computer systems they hack, or what equipment they
will run into on the front end, or what they could do wrong on
a system to alert the 'higher' authorities who monitor the system.
This article is intended to tell you about some things not to
do, even before you get on the system. I will tell you about the
new wave of front end security devices that are beginning to be
used on computers.
I will attempt to instill in
you a second identity, to be brought up at time of great need,
to pull you out of trouble. And, by the way, I take no, repeat,
no, responcibility for what we say in this and the forthcoming
articles. Enough of the bullshit, on to the fun: after logging
on your favorite bbs, you see on the high access board a phone
number! It says it's a great system to "fuck around with!"
This may be true, but how many other people are going to call
the same number? So: try to avoid calling a number given to the
public. This is because there are at least every other user calling,
and how many other boards will that number spread to?
If you call a number far, far
away, and you plan on going thru an extender or a re-seller, don't
keep calling the same access number (I.E. As you would if you
had a hacker running), this looks very suspicious and can make
life miserable when the phone bill comes in the mail.
Most cities have a variety of
access numbers and services, so use as many as you can. Never
trust a change in the system...
The 414's, the assholes, were
caught for this reason: when one of them connected to the system,
there was nothing good there. The next time, there was a trek
game stuck right in their way! They proceded to play said game
for two, say two and a half hours, while telenet was tracing them!
Nice job, don't you think? If
anything looks suspicious, drop the line immediately!! As in,
yesterday!! The point we're trying to get accross is: if you use
a little common sence, you won't get busted. Let the little kids
who aren't smart enough to recognize a trap get busted, it will
take the heat off of the real hackers. Now, let's say you get
on a computer system... It looks great, checks out, everything
seems fine.
Ok, now is when it gets more dangerous. You have to know the computer
system to know what not to do.
Basically, keep away from any
command something, copy a new file into the account, or whatever!
Always leave the account in the same status you logged in with.
Change *nothing*... If it isn't an account with priv's, then don't
try any commands that require them! All, yes all, systems are
going to be keeping log files of what users are doing, and that
will show up. It is just like dropping a trouble-card in an ESS
system, after sending that nice operator a pretty tone.
Spend no excessive amounts of
time on the account in one stretch. Keep your calling to the very
late night ifpossible, or during business hours (believe it or
not!). It so happens that there are more users on during business
hours, and it is very difficult to read a log file with 60 users
doing many commnds every minute. Try to avoid systems where everyone
knows each other, don't try to bluff.
And above all: never act like
you own the system, or are the best there is. They always grab
the people who's heads swell... There is some very interesting
front end equipment around nowadays, but first let's define terms...
By front end, we mean any device that you must pass thru to get
at the real computer. There are devices that are made to defeat
hacker programs, and just plain old multiplexers.
To defeat hacker programs, there
are now devices that pick up the phone and just sit there... This
means that your device gets no carrier, thus you think there isn't
a computer on the other end. The only way around it is to detect
when it was picked up. If it pickes up after the same number ring,
then you know it is a hacker-defeater. These devices take a multi-digit
code to let you into the system.
Some are, in fact, quite sophisticated
to the point where it will also limit the user name's down, so
only one name or set of names can be valid logins after they input
the code... Other devices input a number code, and then they dial
back a pre-programmed number for that code. These systems are
best to leave alone, because they know someone is playing with
their phone. You may think "but i'll just reprogram the dial-back."
Think again, how stupid that is...
Then they have your number, or
a test loop if you were just a little smarter. If it's your number,
they have your balls (if male...), If its a loop, then you are
screwed again, since those loops are *monitored*. As for multiplexers...
What a plexer is supposed to do is this:
The system can accept multiple
users. We have to time share, so we'll let the front-end processor
do it... Well, this is what a multiplexer does. Usually they will
ask for something like "enter class" or "line:".
Usually it is programmed for a double digit number, or a four
to five letter word. There are usually a few sets of numbers it
accepts, but those numbers also set your 300/1200/2400 baud data
type.
These multiplexers are inconvenient at best, so not to worry.
A little about the history of hacking: hacking, by my definition,
means a great knowledge of some special area. Doctors and lawyers
are hackers of a sort, by this definition. But most often, it
is being used in the computer context, and thus we have a definition
of "anyone who has a great amount of computer or telecommunications
knowledge." You are not a hacker because you have a list
of codes...
Hacking, by my definition, has
then been around only about 15 years. It started, where else but,
mit and colleges where they had computer science or electrical
engineering departments. Hackers have created some of the best
computer languages, the most awesome operating systems, and even
gone on to make millions. Hacking used to have a good name, when
we could honestly say "we know what we are doing". Now
it means (in the public eye): the 414's, ron austin, the nasa
hackers, the arpanet hackers...
All the people who have been
caught, have done damage, and are now going to have to face fines
and sentences. Thus we come past the moralistic crap, and to our
purpose: educate the hacker community, return to the days when
people actually knew something...
In this article you will also
learn how to log in to dec's, logging out, and all the fun stuff
to do in-between. All of this information is based on a standard
dec system.
Since there are dec systems 10 and 20, and I favor, the dec 20,
there will be more info on them in this article. It just so happens
that the dec 20 is also the more common of the two, and is used
by much more interesting people (if you know what I mean...) Ok,
the first thing you want to do when you are receiving carrier
from a dec system is to find out the format of login names. You
can do this by looking at who is on the system.
Dec=> ` (the 'exec' level prompt)
you=> sy
sy is short for sy(stat) and
shows you the system status. You should see the format of login
names...
A systat usually comes up in this form:
job line program user job: the job number (not important unless
you want to log them off later)
line: what line they are on (used to talk to them...) These are
both two or three digit numbers.
Program: what program are they running under? If it says 'exec'
they aren't doing anything at all...
User: ahhhahhhh! This is the user name they are logged in under...
Copy the format, and hack yourself outa working code... Login
format is as such:
dec=> `
you=> login username password
username is the username in the
format you saw above in the systat. After you hit the space after
your username, it will stop echoing characters back to your screen.
This is the password you are typing in... Remember, people usually
use their name, their dog's name, the name of a favorite character
in a book, or something like this. A few clever people have it
set to a key cluster (qwerty or asdfg). Pw's can be from 1 to
8 characters long, anything after that is ignored. You are finally
in...
It would be nice to have a little
help, wouldn't it? Just type a ? Or the word help, and it will
give you a whole list of topics... Some handy characters for you
to know would be the control keys, wouldn't it? Backspace on a
dec 20 is rub which is 255 on your ascii chart. On the dec 10
it is cntrl-h. To abort a long listing or a program, cntrl-c works
fine. Use cntrl-o to stop long output to the terminal.
This is handy when playing a game, but you don't want to cntrl-c
out. Cntrl-t for the time. Cntrl-u will kill the whole line you
are typing at the moment. You may accidently run a program where
the only way out is a cntrl-x, so keep that in reserve. Cntrl-s
to stop listing, cntrl-q to continue on both systems. Is your
terminal having trouble??
Like, it pauses for no reason, or it doesn't backspace right?
This is because both systems support many terminals, and you haven't
told it what yours is yet... You are using a vt05 so you need
to tell it you are one.
Dec=> `
you=> information terminal
or...
You=> info
this shows you what your terminal
is set up as... Dec=>all sorts of shit, then the ` you=>
set ter vt05 this sets your terminal type to vt05. Now let's see
what is in the account (here after abbreviated acct.) that you
have hacked onto... Say
=> dir
short for directory, it shows
you what the user of the code has save to the disk. There should
be a format like this: xxxxx.Oooxxxxx is the file name, from 1
to 20 characters long. Ooo is the file type, one of: exe, txt,
dat, bas, cmd and a few others that are system dependant. Exe
is a compiled program that can be run (just by typing its name
at the `). Txt is a text file, which you can see by
typing=> type xxxxx.Txt
Do not try to
=> type xxxxx.Exe
this is very bad for your terminal
and will tell you absolutly nothing. Dat is data they have saved.
Bas is a basic program, you can have it typed out for you. Cmd
is a command type file, a little too complicated to go into here.
Try
=> take xxxxx.Cmd
By the way, there are other users out there who may have files
you can use (gee, why else am I here?). Type
=> dir <*.*> (Dec 20)
=> dir [*,*] (dec 10)
* is a wildcard, and will allow
you to access the files on other accounts if the user has it set
for public access. If it isn't set for public access, then you
won't see it. To run that program:
dec=> `
you=> username program-name
username is the directory you
saw the file listed under, and file name was what else but the
file name?
** You are not alone ** remember, you said (at the very start)
sy short for systat, and how we said this showed the other users
on the system? Well, you can talk to them, or at least send a
message to anyone you see listed in a systat. You can do this
by:
dec=> the user list (from your systat)
you=> talkusername (dec 20)
send username (dec 10)
talk allows you and them immediate
transmission of whatever you/they type to be sent to the other.
Send only allow you one message to be sent, and send, they will
send back to you, with talk you can just keep going. By the way,
you may be noticing with the talk command that what you type is
still acted upon by the parser (control program). To avoid the
constant error messages type either:
you=> ;your message
you=> rem your message
the semi-colon tells the parser
that what follows is just a comment. Rem is short for 'remark'
and ignores you from then on until you type a cntrl-z or cntrl-c,
at which point it puts you back in the exec mode. To break the
connection from a talk command type:
you=> break priv's:
if you happen to have privs, you can do all sorts of things. First
of all, you have to activate those privs.
You=> enable
this gives you a $ prompt, and allows you to do this: whatever
you can do to your own directory you can now do to any other directory.
To create a new acct. Using your privs, just type
=>build username
if username is old, you can edit it, if it is new, you can define
it to be whatever you wish. Privacy means nothing to a user with
privs. By the way, there are various levels of privs: operator,
wheel, cia. wheel is the most powerful, being that he can log
in from anywhere and have his powers.
Operators have their power because they are at a special terminal
allowing them the privs. Cia is short for 'confidential information
access', which allows you a low level amount of privs. Not to
worry though, since you can read the system log file, which also
has the passwords to all the other accounts. To de-activate your
privs, type
you=> disable
when you have played your greedy heart out, you can finally leave
the system with the command
=> logout
this logs the job you are using off the system (there may be varients
of this such as kjob, or killjob).
So, there are more that I can teach you just say the Magic Word. Hehe.