How To Decrypt Hotline Passwords with c ******************************************************************* *:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::* *:::This has been Brought to you by...::::::::::::::::::::::::::::* *:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::* *::::____________::::__::__::__::::______:::______:::________:::::* *:::/\ ________ \::/\ \/\ \/\ \::/\ ___\:/\ ___\:/\___ __\::::* *:::\ \ \______/\ \:\ \ \ \ \ \ \:\ \ \__/:\ \ \__/_\/__/\ \_/::::* *::::\ \ \:::_:\ \ \:\ \ \ \ \ \ \:\ \ __\:\ \____ \:::\ \ \:::::* *:::::\ \ \_/\ \\_\ \:\ \ \_\ \_\ \:\ \ \_/__\/___/\ \:::\ \ \::::* *::::::\ \_____ ____\:\ \_________\:\ \_____\ /\_____\:::\ \_\:::* *:::::::\/____/\ \___/::\/_________/::\/_____/:\/_____/::::\/_/:::* *:::::::::::::\ \_\:::::::::::::::::::::::::::::::::::::::::::::::* *::::::::::::::\/_/:::::::::::::::::::::::::LordQwest@yahoo.com:::* *::::::::::::::::::::::::::::::::::::::::::::::[Suck Toe Warts]:::* *:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::* ******************************************************************* 5.8.99 Introduction ~~~~~~~~~~~~ As most of you probably already know, Hotline is this great program that works like the bulletin board systems in the old days. Except this program lets you connect to any Hotline Server anywhere on the net. So you never have to pay the long distance phone fees that you used to pay when connecting to out-of-state BBS's. And this is completely legal, unlike the other methods of getting around those pesky phone bills. Everything is great. We are all having a wonderful time chatting and trading philes and warez, etc. After you get a little bored with that, you might start thinking "HHmmmmm, I wonder if I could HACK into a Hotline Server?!" The answer is yes and it's been done. It's been done a lot. It's so prevalent that your ten-year-old brother has probably already done it. And there are lots of philes that explain how to do it. One way people do it is to trick an admin into opening a Trojan Horse that will allow you to download the admin's UserData file. This file is what contains the admin's password. But it's not all that simple. The password is encrypted. You can relax because the encryption system is VERY simple. I figured it out in under an hour just by guessing. Many other people have figured it out as well and some of them have written programs that will decrypt the password for you. I wrote one called HotDecrypt a few months ago. You can find a URL for it in the references section of this document. I thought you might like to know how it's done. If you do then take a look at the following source code written in ANSI C. If not, then go away and don't bother me. Source Code ~~~~~~~~~~~ //______Includes_____________________________________________________ #include #include //______Function Declarations________________________________________ void PrintSplash( void ); //Decrypts Hotline Passwords found in UserData files void main(void) { char Pass[16] = ""; short counter; PrintSplash(); printf(" Written for Happle on The Second Day Of May,1999\n\n"); printf("Enter the encrypted Hotline password:"); gets( Pass ); for( counter = 0; Pass[counter] != 0 ; ++counter) { Pass[counter] = Pass[counter] - 255; if ( Pass[counter] < 0 ) Pass[counter] = Pass[counter] * (-1); } printf("\n\nThe password is: "); puts( Pass ); } Explanation ~~~~~~~~~~~ #include //This includes the standard I/O (Input/Output) header file. #include //This includes the string header file so that you can //manipulate strings. void PrintSplash( void ); //This declares a routine that prints an ascii drawing on the //screen. //Don't bother looking for it because I didn't include it. void main(void) //If you don't know what this is, then you have probably never //programmed before and should read up on it. { char Pass[16] = ""; //This creates a 16 character array to store the password in. short counter; //This creates a counter that is used in the 'for' loop. PrintSplash(); //This is a routine that prints an ascii drawing to the screen. //It's not important so I didn't include it. printf(" Written for Happle on The Second Day Of May,1999\n\n"); //Writes the text in quotes to the screen. printf("Enter the encrypted Hotline password:"); //Prompts the user for the encrypted password from the UserData //file. gets( Pass ); //Reads the input from the terminal (Screen) and puts it into //the character array called 'Pass'. Anything over 16 characters //will be lost. If you want to decrypt larger strings change the //16 in this line 'char Pass[16] = "";' to the desired //length. for( counter = 0; Pass[counter] != 0 ; ++counter) //This 'for' loop will execute until it reaches a NULL character //('\0') in the character array. { Pass[counter] = Pass[counter] - 255; //Each time the loop executes, this line will decrypt the next //character by subtracting 255 from the ASCII value of the //encrypted character. if ( Pass[counter] < 0 ) Pass[counter] = Pass[counter] * (-1); //If the result of the previous operation is less then zero, //this line will get the absolute value of the result by //multiplying it by -1. } printf("\n\nThe password is: "); //This prints the text that is in quotes to the screen. '\n' //means new line. puts( Pass ); //This prints the decrypted password to the screen. } Conclusion ~~~~~~~~~~ If there is anything you don't understand try buying a book about c programming or renting one from your local library. I recommend "The C Programming Language" by Brian W. Kerrighan & Dennis M. Ritchie. It's written by the creator of C, Dennis Ritchie, so he must know what he's talking about. There are also a lot of philes on hotline and on the net that can teach you the basics of C. I have compiled the program and included it as - "Hotline Password Decrypt" I hope you learned something from this... References ~~~~~~~~~~ Hotline is available at: http://www.hotlinesw.com HotDecrypt is available at: http://www.geocities.com/SiliconValley/Circuit/1924/HotDecrypt1.068k.sit.hqx http://www.geocities.com/SiliconValley/Circuit/1924/HotDecrypt1.0FAT.sit.hqx http://www.geocities.com/SiliconValley/Circuit/1924/HotDecrypt1.0PPC.sit.hqx Or at: http://freaky.staticusers.net/cracking/HotDecrypt1.068k.sit.hqx http://freaky.staticusers.net/cracking/HotDecrypt1.0FAT.sit.hqx http://freaky.staticusers.net/cracking/HotDecrypt1.0PPC.sit.hqx The C Programming Language by Brian W. Kerrighan & Dennis M. Ritchie Published By Prentice-Hall Copyright © 1978 by Bell Telephone Laboratories ISBN 0-13-110163-3 End of File ~~~~~~~~~~~ %%% %%% %% %% %% %% %% %% %% %%% %%%% %% %% %% %% %% %% % %% %% %% %% %% %% %%% %% %% %% %% %% %% %%% %% %% %% %% %% %% %%% %% %% %% %% %% %% % %% %% %% %% % %% %% %%% %% %%%%%%%% %% %%% %%% S O F T W A R E http://www.geocities.com/SiliconValley/Circuit/1924/ http://members.tripod.com/sucktoewarts/