of passwords on that one account. Be careful, though! This works fine on systems that don't keep track of invalid logins, but on a system like a VMS, someone is going to have a heart attack if they come back and see '600 Bad Login Attempts Since Last Session' on their account. There are also some operating systems that disconnect after 'x' number of invalid login attempts and refuse to allow any more attempts for one hour, or ten minutes, or some- times until the next day. The following list is taken from my own password database plus the data- base of passwords that was used in the Internet UNIX Worm that was running around in November of 1988. For a shorter group, try first names, computer terms, and obvious things like 'secret', 'password', 'open', and the name of the account. Also try the name of the company that owns the computer system (if known), the company initials, and things relating to the products the company makes or deals with. Password List ============= aaa daniel jester rascal academia danny johnny really ada dave joseph rebecca adrian deb joshua remote aerobics debbie judith rick airplane deborah juggle reagan albany december julia robot albatross desperate kathleen robotics albert develop kermit rolex alex diet kernel ronald alexander digital knight rosebud algebra discovery lambda rosemary alias disney larry roses alpha dog lazarus ruben alphabet drought lee rules ama duncan leroy ruth amy easy lewis sal analog eatme light saxon anchor edges lisa scheme andy edwin louis scott andrea egghead lynne scotty animal eileen mac secret answer einstein macintosh sensor anything elephant mack serenity arrow elizabeth maggot sex arthur ellen magic shark asshole emerald malcolm sharon athena engine mark shit atmosphere engineer markus shiva bacchus enterprise marty shuttle badass enzyme marvin simon bailey euclid master simple banana evelyn maurice singer bandit extension merlin single banks fairway mets smile bass felicia michael smiles batman fender michelle smooch beauty fermat mike smother beaver finite minimum snatch beethoven flower minsky snoopy beloved foolproof mogul soap benz football moose socrates beowulf format mozart spit berkeley forsythe nancy spring berlin fourier napoleon subway beta fred network success beverly friend newton summer bob frighten next super brenda fun olivia support brian gabriel oracle surfer bridget garfield orca suzanne broadway gauss orwell tangerine bumbling george osiris tape cardinal gertrude outlaw target carmen gibson oxford taylor carolina ginger pacific telephone caroline gnu painless temptation castle golf pam tiger cat golfer paper toggle celtics gorgeous password tomato change graham pat toyota charles gryphon patricia trivial charming guest penguin unhappy charon guitar pete unicorn chester hacker peter unknown cigar harmony philip urchin classic harold phoenix utility coffee harvey pierre vicky coke heinlein pizza virginia collins hello plover warren comrade help polynomial water computer herbert praise weenie condo honey prelude whatnot condom horse prince whitney cookie imperial protect will cooper include pumpkin william create ingres puppet willie creation innocuous rabbit winston creator irishman rachmaninoff wizard cretin isis rainbow wombat daemon japan raindrop yosemite dancer jessica random zap Part Four: Wrapping it up! ~~~~~~~~~~~~~~~~~~~~~~~~~~ I hope this file has been of some help in getting started. If you're asking yourself the question 'Why hack?', then you've probably wasted a lot of time reading this, as you'll never understand. For those of you who have read this and found it useful, please send a tax-deductible donation of $5.00 (or more!) in the name of the Legion of Doom to: The American Cancer Society 90 Park Avenue New York, NY 10016 ****************************************************************************** References: 1) Introduction to ItaPAC by Blade Runner Telecom Security Bulletin #1 2) The IBM VM/CMS Operating System by Lex Luthor The LOD/H Technical Journal #2 3) Hacking the IRIS Operating System by The Leftist The LOD/H Technical Journal #3 4) Hacking CDC's Cyber by Phrozen Ghost Phrack Inc. Newsletter #18 5) USENET comp.risks digest (various authors, various issues) 6) USENET unix.wizards forum (various authors) 7) USENET info-vax forum (various authors) Recommended Reading: 1) Hackers by Steven Levy 2) Out of the Inner Circle by Bill Landreth 3) Turing's Man by J. David Bolter 4) Soul of a New Machine by Tracy Kidder 5) Neuromancer, Count Zero, Mona Lisa Overdrive, and Burning Chrome, all by William Gibson 6) Reality Hackers Magazine c/o High Frontiers, P.O. Box 40271, Berkeley, California, 94704, 415-995-2606 7) Any of the Phrack Inc. Newsletters & LOD/H Technical Journals you can find. Acknowledgements: Thanks to my wife for putting up with me. Thanks to Lone Wolf for the RSTS & TOPS assistance. Thanks to Android Pope for proofreading, suggestions, and beer. Thanks to The Urvile/Necron 99 for proofreading & Cyber info. Thanks to Eric Bloodaxe for wading through all the trash. Thanks to the users of Phoenix Project for their contributions. Thanks to Altos Computer Systems, Munich, for the chat system. Thanks to the various security personel who were willing to talk to me about how they operate. Boards: I can be reached on the following systems with some regularity- The Phoenix Project: 512/441-3088 300-2400 baud Hacker's Den88: 718/358-9209 300-1200 baud Smash Palace South: 512/478-6747 300-2400 baud Smash Palace North: 612/633-0509 300-2400 baud