I, the GerM, have been in the hacking scene for a long time now. But, when I first started out, no matter what text file I read about hacking, there was never one that answered all of my questions. I was still just a clueless beginner. I wrote this guide because there are many of you, (like I was) that are clueless beginners that want to become a hacker. But before I start this guide, you have to understand that in no way do I take any responsibility for what you do with this information. If you become stupid and try to hack into the Pentagon, and then the FBI (Federal Bureau of Inbreds) arrests you, don't point at me. Remember, reading this text file is not illegal, but using the information is. Now that you have agreed with my rules, I will start the teaching.
Table of Contents
1. What you will need to become a hacker
2. The rules of hacking
3. How to start
4. How to hack a UNIX system
5. How to hack a VAX/VMS system
6. How to hack a Bulletin Board System
7. How to hack a Voice Mail System
1. OK. First of all, there are going to be some things that you need before you start to hack... 1. A computer. (Duh). 2. A modem. You are going to need a modem to connect to the computers that you are trying to hack. 3. A scanner, or "WarDialer". What a wardialer does, is it tells you to type in a prefix (the first 3 numbers in your phone number). Once you have typed in a prefix, it will dial every single phone number within the prefix that it can think of. This is how you find computers to hack. There will be more on this later. 4. A copy of Wizip or Pkzip. These two files unzip the files that you download from the Internet. If a file is zipped, it means that it is compressed. (made smaller). It gets compressed so if it is a big file you can fit it on one disk instead of two or three. Once you have Winzip or Pkzip, you can unzip all the files that you download from the Internet and use them.
5. you need to have some sort of terminal software on your computer. For example, "Hyper Terminal". This will come with your modem if you buy an IBM. I will explain how to use terminal software later.
2. Before you start to hack, there are going to be some rules that you need to follow, to ensure that you become a hacker, but you don't get caught. Here are the rules:
1) Never tell anyone too much info about what you are doing. Some people (like people that I know) will tell there moms and dads, or their moms boyfriends or whatever, and then you could get busted. So when posting on a BBS or just talking, be careful what you say.
2) Never try to hack any computers that are related to the government. The Gov. has a lot more time than most other companies, and will do just about anything to put you in jail
3) Never damage any system. That will just get the owners mad, and then they'll trace you and you will go bye bye!
4) Don't ever alter any system files. The only ones that you should change are the ones that keep track of all log-in attempts, and the ones that you have to change to make sure that you don't get caught, and that you can access the same system in the future
5) Don't leave any information about you or anyone else on the computers.
6) Never be afraid to ask questions. That is how I learned about hacking, and that is hoe you will learn too.
7) You have to read as much as you can. You cant become the best hacker in the world just by reading this text file.
8) You have to hack. You will never know how you really do it unless you try it for yourself.
3. OK. Now to the good stuff. Once you have gotten all the materials needed for hacking, you need to get on your wardialer, type in a prefix, and scan the prefix. What the war dialer will do is it will call a number, and wait for something to pick up. If it hears "Hello?" or anything else that a person says, then it will hang up. The wardialer will keep dialing numbers untill it hears a bunch of beeps and tones. The beeps and tones are called a "Carrier". If a carrier is found, it means that the wardialer has dialed a number which is connected to a computer. It will then tell you that it has found a computer, and it will give you the number that it called. Write the number down on a piece of paper, and exit the wardialer. Then open up your terminal software, such as HyperTerminal. When it asks you for it, type in the number that the wardialer found, and then dial it from the terminal software. You should here a bunch of beeps and tones (like the ones from your wardialer) that are coming from your modem. At the end of the beeps and tones, it should display some text on your screen. This means that you have connected to a computer. Good job. I am proud of you. The text on your screen should say some crap but then it may ask you for either a login or username, and then a password. If it asked you for a login, it means that you have dialed up a computer which is using the UNIX system. If it asks you for a USERNAME, then you have dialed up a computer that is using the VAX/VMS system. Both systems will ask you for a password. Now, UNIX and VAX/VMS are the most commonly used computer systems, and I will be explaining how to hack each one, separately. First I will explain how to hack UNIX.
How to hack a UNIX system
OK. When a company starts using a UNIX system, the system will come with a bunch of default logins and passwords that some of the workers use. Unless they were deleted by the owner of the system, they will still be there. Here is a list of some default logins and passwords. By the way, you should type in all lowercase. Also, you have to remember that on UNIX, and almost all other systems, there are to different access levels for accounts. One has regular access, and the other has "root" access which means that you have total control over the system. Accounts like "guest" or "demo" or "test" will only have regular access. Accounts like "root" and "sysman" will have root access. Always try to get into a root account first. They are much better.
Login Password
root root, system, sysop
sys sys, system
daemon daemon
uucp uucp
tty tty
test test
unix unix, test
bin bin
adm adm, admin
admin adm, admin
sysman sysman, sys, system
sysadmin sysadmin, sys, system, admin, adm
learn learn
uuhost uuhost
guest guest
host host
nuucp nuucp
rje rje
games games, player
sysop sysop, operator
demo demo
sysbin sysbin
OK. Those are the default logins and passwords. Although, on some systems, some logins wont even need passwords. If none of these work, then try typing in "who" or "rwho" or "finger". These might give you a list of all the known users on the system. If you get the list, then try typing in the users login as a password. Some users do this because they want to have a password which is easy to remember. If these don't work, your just going to have to guess some commonly used passwords. Remember, all passwords are usually between 6-8 characters. If you just can't get the password by guessing, I suggest that you download a UNIX password cracker from off the Internet. Once you have broken in to the computer, you need to copy the password file on to your hard drive, or a disk. To get the password file, type in this as a command: /ect/passwd or cat /ect/passwd. Once you get the password file, it will look something like this:
george: 142uyfj: 6457: 18: george smith: /home/dir/george: /bin/george
If you break the file down into parts, this is what it says:
Username: george
Encrypted Password: 142uyfj
User Number: 6457
Group Number: 18
Other Info: george smith
Home Directory: /home/dir/george
Shell: /bin/george
If you didnt get the password file by entering one of those two commands, then it is probably shadowed. If it is shadowed, it means that it wont let you have any access to the password file from typing in the /ect/passwd command. If you think that the password file is shadowed, then type in one of the following commands instead:
/ect/security/passwd
/tcb/auth/files/(first letter of username)/(username)
/tcb/files/auth/*
/ect/master.passwd
/ect/shadpw
/ect/shadow
/ect/passwd[.dir|.pag]
/ect/security/passwd.adjunct
OK. Once you have the password file, you can explore the system! But make sure that you don't leave your name, address, phone #, handle, or any information that could get you busted. Also, do not destroy ANYTHING, unless you have to make sure you don't get caught. Here are some more commands for you to use to get around in the system easily:
Command Description
write Will send message to another user online
wall like write, but sends to ALL users
who displays a list of everyone online
mail send or read your Email
exit Logout of the system
echo Prints text or variables
env displays all variables in your environment
rmdir Delete a directory
mkdir Create a directory
cp Copy a file
man, or help Display commands on system
Those are only some of the commands that you can use in a system, but they are some of the most useful ones. If you want to know all of the commands on a system, just type man or help, (as shown above) and it should give you them. That is about all of the information that you are going to need to hack into a UNIX system, so have fun and dont get caught!
How to Hack the VAX/VMS system
The VAX/VMS system is a lot like the UNIX system except it has different default logins and passwords, and it uses different commands. If you dial up a computer and it asks you for a USERNAME, then it is most likely a VAX/VMS system. You have to be careful when hacking these because it records every bad login attempt! Any way, here are some default usernames and passwords for the VAX/VMS system, and in this system, you type in all capital letters!
USERNAME PASSWORD
SYSTEM OPERATOR
SYSTEM MANAGER
SYSTEM SYSLIB
OPERATOR OPERATOR
SYSTEST UETP
SYSTEST SYSTEST
SYSTEST TEST
SYSMAINT SYSMAINT
SYSMAINT SERVICE
SYSMAINT DIGITAL
FIELD FIELD
FIELD SERVICE
GUEST GUEST (may have no password)
DEMO DEMO (may have no password)
TEST TEST (may have no password)
DECNET DECNET
Those are the VAX/VMS default usernames and passwords. Some of the usernames may not need a password, although if you don't need one, than the username probably doesn't have much access to the computer that your hacking. Once you are in the system, type SYS$SYSTEM: SYSUAF.DAT for the password file. On some VMS's, the password file is not available to regular system users. Sometimes you will have to hack in through a root account to be able to access the password file. After you are in and you have the password file, here are some commands for VAX/VMS to get around on.
COMMAND DESCRIPTION
HELP (H) GIVES HELP AND LIST OF COMMANDS
TYPE (T) VEIW CONTENTS OF A FILE
RENAME (REN) CHANGE NAME OF A FILE
PURGE (PU) DELETES OLD VERSION OF FILE
PRINT (PR) PRINTS A FILE
DIRECTORY (DIR) SHOWS A LIST OF ALL FILES
CREATE (CR) CREATES A FILE
DELETE (DEL) DELETES A FILE
COPY (COP) COPY A FILE TO ANOTHER
CONTINUE ( C ) CONTINUES THE SESSION
Those are the commands for VAX/VMS. If you want all of the commands on a system, just type HELP (H) and it should give them to you. Remember that they monitor what you are doing on VAX/VMS systems, so if you keep putting in the wrong usernames or passwords, I suggest that you sign off and try another day. You don't want to get caught.
How to hack a BBS
A BBS, or a Bulletin Board System is an electronic bulletin board which is on a network. It is a place where people go to post messages and talk to eachother. There are many hacking bulletin board systems around, and if you look on the Internet then you can probably find some. A BBS is run by a "Sysop" or System Operator. There are different levels of access for accounts on a BBS, but the Sysop has the most power. You don't have to use a wardialer to find the dial-up for a BBS because they are easily found on the internet if you just look for one. When you dial up a BBS, the text on the screen will usually say that it is a BBS, and it will tell you what to log in as if you are a first time user (BBS's are mostly publicly owned, and anyone can have an account). Log in as a first time user, and then it will probably give you an option to make your own account for the BBS. Make an account, and then sign back on your account. You may be given an option to see all of the other accounts on the BBS, (just so you know who to leave messages to). It should also give you the screen name of the Sysop. You can try to hack into other peoples accounts, but its totally pointless unless they have more access then you, or if you have to pay money to belong to the BBS. The account that you want to hack into is the Sysop's account because he/she has full power over the BBS. BBS's are probably the funest and the easiest to hack because all you need is a password. This is because they already tell you the screen name of the sysops account. To hack a BBS, all you need to do is dial up the BBS and when it asks you for a username, or a login or whatever, then type in the screen name of the Sysop's account. Now comes the only hard part. You have to crack the password. First try using the screen name of the sysop for a password. If that doesn't work, just try as many commonly used passwords, including the name of the BBS (all BBS's have names).If you just can't crack the password by yourself, then I suggest you download a BBS Password Cracker from off the Internet. That should get it. Once you are in, you can do whatever you want. You don't need to know any commands because the BBS is probably menu driven, which means it will give you a list of options to choose from. A cool thing to do would be change the access level or YOUR account, so that you have just as much power as the sysop! You can do whatever you want to the entire BBS! You could even delete the entire BBS if it is about something that you hate like school, or God, or the government! But make sure the BBS isn't OWNED by the government.
How to hack Voice Mail Systems
A voice Mail System is basically just an answering machine where you can listen to the messages and change the recordings on your phone from a different phone then your own. All voice mail systems have a code that you enter during the recording that ensures that nobody else can screw with your voice mail except for you. The code is usually 3 digits or 2 digits. If its three digits, then there are 1,000 different combinations of numbers that you can enter. If its two digits, then it is only 100. The next time you call someone and their not home, wait for the answering machine to come on, and during the recording, enter these numbers:
1234567898765432135792
46864297314741933669944
88552277539596372582838
49181716151102620304050
6070809001
That string of numbers is all of the possible combinations of two digit numbers. It may take one or three calls to be able to enter the string. You will know when you hit the code when you start to here that messages on that persons answering machine. This string of numbers will crack the code on almost any AT&T answering machine. If you enter this string and nothing happens, then it probably means that the code is a combo of three numbers. Use this table of numbers to find out all of the possible combinations of three different numbers. (you better have been listening to Mrs. Spitzer because this takes some math).
0 1234567890
1 1234567890
2 1234567890
3 1234567890
4 1234567890
5 1234567890
6 1234567890
7 1234567890
8 1234567890
9 1234567890
To use this chart, first type in the first number in the list of each column, and then type in all the other 2 numbers after the first one. For example, the first line can make the numbers 001, 002, 003, 004, 005, 006, 006, 008, 009, and 010-099. I think that you get the point. After typing in all these numbers on your phone into the recording, you will hear the messages, and you can do whatever you want to the answering machine!
Well that is all the hacking info that your going to need for now, but remember that this guide will be upgraded so watch out for the new ones. Also, I would like to thank Revalation and the rest of the LOA and ASH (including Silicon Toad) for helping me because I got a lot of info about default passwords and commands from their guide books. I would also like to thank oleBuzzard for helping me with hacking voice mail. None of the info in this guide was copied from another guide, although I did use other guides as resources to help me make this one.
