This stuff is totally unsupported. These are various excerpts from posts, text files, other magazines, etc. that I have found in my travels. I have tried to at least give the author credit, but the magazine or text file it originally appeared in is not always easy to find out. (These are unedited for the most part so my apologies for lack of spellng, grammar, etc)
 
How to totally trash files
Have you ever wanted to make a file impossible to open like the Trash? What I mean is that when you save a file or try to open a file you can never access the Trash or save in the Trash because it is enabled. If you want to make a file like the Trash all you need to do is change its file type to "trsh" and change is creator type to "TRSH". You can do this by using a programs such as ResEdit. One Problem you ask? How do I change it back a normal document so I can open it? Well the only way to open this document is to drag it on top of the ResEdit application and then change the creator and file type back to its original.
Another way to disguise a file is to turn it into INIT(Extensions). Change the file type into "INIT". This will turn your file into an extension complete with the dialog box that appears when you double click on it also it has the INIT icon. Change the file back into the original by using ResEdit to set the file type back to the original.
- Sub-Zero†
 
Netscape Preferences
The following hack will show you how to figure out peoples passwords for certain sites.
-Password Finding-
To do this hack you need direct access to your victims computer. Copy the file called "global history" that is in the "Netscape Preferences" folder to a disk. The "Global History" file stores a list of web sites visited by your victim. This is very useful because some forms that are sent to a server send all their infomation through the URL text field. This is also very useful because you can view what this person has been looking at without them knowing.
Take the file home and open the "Global History" file with "Super ResEdit" or with a text editor and you will see a long jumbled list of URL's. Search for site names that you know the victim has membership to and you might find that in these URL's are passwords.
Examples. These are all demos, they aren't real passwords because I have changed them. You have to find your own in other people's "Global History" File.
"727924699" is the password, "894856" is the User Id and 51588 is found at the end of all of the URL's. Don't actually log in like this, just input the URL.
"Nobody" is the User Id, "Cares" is the Password and the email address is
"Nobody@hotmail.com"
- Sub-Zero†
 
How not to get Traced
This document contains tips on covering up your actions on a Macintosh after you hacked it. Some of these are very basic but if they aren't stopped you could get caught.
Topics Covered:
Hacking Tools
Recent Applications and Recent Documents
Undetectable Installations of software
Undetectable Computer Startup
Undetectable Computer Shutdown
Caution with Disks
Sam Activity Log
Being Careful with Windows
Being careful when Searching
Copying Files
-Must Have Tools-
Every time you hack a computer you should always have a disk of tools that will help you erase any knowledge of your presence and to help you in case unforeseen events arise.
These tools are:
ResEdit (Must have for any hacker or Macintosh user)
Burn (Erases files completely so that they are non-recoverable)
A System Boot Disk (This will enable you to get by many security systems)
PassFinder (Allows you to look at their FirstClass Settings Files Passwords)
-Recent Applications and Recent Documents-
Whenever you open an application or document, an alias of the file is put into the "Recent Applications" or "Recent Documents" folder. If you open a file on a computer when you don't want your presence to be known the file name will go to the "Recent Applications" or "Recent Documents" folders. To get rid of these alias' simply open the "Recent Applications" or "Recent Documents" folder and drag the alias of the file to the trash, or if you are really paranoid you can drag it to a file wiper such as "Burn". This will make the alias non-recoverable.
-Secret Installations-
If you decide to install something onto the hacked computer such as a Trojan, Keystroke Recorder, or Hidden File you should be aware of the "Created" and "Last Modified" dates. If the owner of the computer discovers the new files he would be able to find out when it was put on his computer and if he knows who was using the computer at that time he would know by whom the file was installed. To get rid of the "Creator" and "Last Modified" dates open up a copy of ResEdit and select "Get Info" from the "File" menu. When the dialog box appears select the file whose "Created" and "Last Modified" dates you want to change. When the "Get Info" window appears change the "Created" and "Last Modified" dates to new dates. (I suggest changing it to a time that you know the Owner was using the computer or, to a time before the owner owned the computer.)
-Computer Startups-
When you startup the computer you intend to hack you should be very cautious. Some computers keeps records of when the computer was started up and sometimes by which user the computer was turned on. To avoid this you can use a System Boot Disk. Since all startup log applications are extensions or control panels, using a startup disk will stop them from running because you will not be using the extensions that are on the host computer.
If you don't have a Startup Disk be sure to look in the "Control Panels" and "Extensions" folder for startup log applications.
If you find a startup log application you can use "ResEdit" to edit the startup log.
You should also be on the lookout for keystroke recorders. I know this sounds strange but sometimes people keep Keystroke Recorders on their computer to monitor people use of the computer. If you find a Keystroke Recorder just use "ResEdit" to edit the logs. The most commonly used keystroke recorders you should look for are: Keystroke (Extension), InvisibleOasis (Care it is invisible, you will have to search the extensions folder with "ResEdit"), Peeping Tom (Extension), TextTrap (Control Panel. Careful, this stores every bit of text on the screen).
-Computer ShutDowns-
If you are really paranoid, remember to shutdown the computer properly from the menu. If you just turn it off from the back of the monitor the RAM will not be erased. The owner of the computer could use Macsbug to look at the RAM and he could
tell what had been done to his computer.
-Disks-
When you put a disk into the computer watch out for disk cataloguers. These are stored in the extensions and control panel folders. Disk Cataloguers copy the names of the disk put into the computer and all the names of the files on the disk and stores it all in a log. Be sure not to name any of your files obvious things like, Hacker, ResEdit, (Your Name), Hacking Projects. This type of stupid labelling is a dead giveaway. If you do find a disk cataloguer on the computer simply edit the logs with "ResEdit".
-SAM Activity Log-
Remember that if the user has SAM (A anti-virus program) installed on his computer, it will record any attempts to install something, expecially viruses. It is also a Disk Cataloguer (See: Disks). You can't turn SAM off without a password usally. So you simply edit the "Sam Activity Log" with your favorite text editor. It is locked, so be sure to unlock it first. If your victim is very smart, then change the "Date Created" and the "Date Modified". You would do this with ResEdit. Go under the "File" menu in Resedit. Select "Get Info". Change the dates.
-Windows-
Be sure to leave all the windows the way they were when you started up the computer. Example: If you leave the extensions folder window open and the owner doesn't remember opening that window he might get suspicious.
-Searching-
If you use the "Find" command in the "Finder" you should remember, after you have completed the search, to change the text field back to what it was before searched.
-Copying Files-
You should always copy as much as possible from the host computer.
What you should copy:
Preferences (Many passwords are stored in Preferences)
Personal Files (A lot of "interesting" stuff can be found in personal files.)
FirstClass Settings Files (These contain passwords which you can extract with "PassFinder")
Recent Servers (These files contain the last 10 servers visited by the user. It contains phone numbers, passwords and UserId's)
- Sub-Zero†
 
Stuffit Expander Pasword Changer
This is a very simple method of changing the passwords on Stuffit Expander archives.
Steps:
1. Open up a copy of "DropStuff" and stuff any file with the password of your choice.
2. Launch "ResEdit" and open up the archive that you just compressed and the archive whose password you want to change. Copy the "Mkey" resource (The password is stored in the "Mkey" resource) from the archive that you created to the archive whose password you want to change. Close both documents and save changes to the archive.
3. Open the archive you edited and the password should be the same as the archive you copied it from.
- Sub-Zero†
 
The easiest way to crash the Finder without Software
This is the easiest way to crash the Finder without software or Resedit. You use nothing.
Ok, the first step is to go under the Apple menu and open the folder "Recent Applications". Next, you select the first file in the folder and "Get Info" on it. Once you have the "Get Info" window open, simply lock the file. Do this for every file in the folder. Than got to the "Recent Documents", do the same thing for all the files in there.
Now when the victim runs an application, or opens a document, the computer crashes. This because the files in the folder can't be replaced, so the computer can't fill out it's orders, so it crashes.
- Sub-Zero†
 
Free Internet
What you will need is 1 Newspaper (with shit loads of advertising in it) and full access to a fax machine. Look in the Newspaper and find a store selling modems with 1 month free Internet access - let's say the Apple Center and it will probably say the name of the server as well - let's say the server is Alphanet. Ring the Apple Center and ask them to fax you a copy of modem prices and details about the modems. What the Apple Center will usually do it if you buy a modem from them is take down your name and the fax it to Alphanet. So what you do is copy the letter head from the fax the Apple Center sent you then send a fax to Alphanet (with the letterhead) saying John Smith just bought a modem. Then you (John Smith) ring up Alphanet...I will give you an example of the call:
You "I just bought a modem from the Apple Centre and they said I have a month's free internet access with you"
Alphanet "Ok what's your name"
You "John Smith"
Alphanet "What Operating System are you using John?"
You "O.S 8 with Open Transport 1.01"
Alphanet "We've got some setup instructions for that System"
You "Could you send them to my Hotmail address, it's phuck_u@hotmail.com, my friend has the Internet"
Alphanet "Oh ok Sure thing what do you want your login to be?"
You "phyb"
Alphanet "and a password?"
You "byhp"
Alphanet " We should have it set up for you in about an hour or so and I'll have the info out to your Hotmail address in about five minutes."
You "Thanks"
Alphanet "Happy Surfing"
There you go - I've used this method five times and it's worked four times. I must stress however, that you must remain Anonymous at all times. If they ask for your address tell 'em a bullshit one if they ask for a phone number give them the one of the pyhco down the street they are unlikely to ever try contacting you in any way.
- the phyb
 
Anatomy Of An IP Address
OK, it may not be the most useful thing, but I decided to type up a
file on IP addresses, since they, many times, are where you begin
hacking. When I started, I always wondered if those numbers actually meant anything. Well, it turns out they do. Now, knowing this information won't help you hack, but it may give you an idea of what kinda of system you are on when you do go to hack.
An IP address is composed of four groups of numbers seperated by dots. An normal IP address will look like this:
199.213.96.123
The first set of numbers usually goes up to 247, while the final three can go as high as 255. The first set of numbers determines what kind of system you are on. Keep in mind these are just guidelines, occationally you may find an IP that does not fit in the catagory it should. These are few and far between though.
Any IP addresses between 0.0.0.0 to 127.255.255.255 are reserved for very large networks, including government and international systems. They usually have a maximum network of 127 and need over 60,000 hosts on their network. The famous 127.0.0.1 address falls into this catagory.
IPs between 128.0.0.0 to 191.255.255.255 are also large/average sized organiziations, but fall short of the bigger companies. Most
businesses fall into this catagory.
Those addresses between 192.0.0.0 to 239.255.255.255 are for smaller businesses, in- cluding local ISPs- this is why most regular users IP addresses fall into this catagory.
224.0.0.0 to 239.255.255.255 are reserved for multicasting, and any
addresses 240.0.0.0 to 247.255.255.255 are for future expansion.
- Jibblit
 
Windows Bypass
Playin around in the Windows lab at school, I found a way to get
around the fortress our school uses. Now, I'm sure they're all not
the same, but this should work for most. Chances are your school has a bunch of windows terminals lying all over the place. You log on and connect to the server, which usually gives you access to a number of different drives (the C drive is your own HD). Well, it is obvious you cannot access these files the drives without doing some work. This is because they usually password protect the "My Computer" icon on the desktop. Usually, student programs will be on the desktop or on a folder on the desktop. The question is "How do I get around this to gain access to files on other drives, including the C?"
This can be accomplished through Microsoft Word, (there are a few others that work, but Word is the best). This is very easy to just pay attention. Go to the file menu, then open. You'll get a whole list of crap. Now, navigate your way through the drives and folders (you can go most places as long as it isn't password protected. They wouldn't cut off access to your own C drive, this is why you can access it. Find the file or app you want. Right click on it, and a
contextual menu should pop up. Select the "Quick View" option. If
you don't have the Quick View option, you'll have to try method two.
A window will pop up and you'll see the beginning of the data fork. This does no good for you. You can actually launch the application by pressing the little colorful icon in the upper left of the window. The app will open- send it to the task bar, close your "other" windows, and play with it. One of my personal fav's is WinPopUp. If you don't have this on your system, put it on. The closest thing I can compare it to is (gasp) AOL's Instant Messenging Service. If two usess have the program open, you can talk. This works across halls and even across buildings. Just make sure you have previous arrangements, I don't think there is a way to get a list, and DO NOT send it to the domain name, it will broadcast it to all computers, including the teachers. I have a friend who got suspended for this.
I'm working on another way to do this. It's not done yet, but will
actually let you open the C Drive window, allowing you to minimize it and use it whenever you want, saving you the hassle of Word. Drop me a line: jibblit@epix.net.
