home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacks & Cracks
/
Hacks_and_Cracks.iso
/
vol1
/
pirate_4.zip
/
PIRATE-4
Wrap
Text File
|
1993-03-31
|
171KB
|
3,766 lines
*******************************************************
** **
** PPPPP I RRRRR AAAAA TTTTT EEEEE **
** P PP I R RR A A T E **
** PPP I RRR AAAAA T EEEEE **
** P I R R A A T E **
** P I R R A A T EEEEE **
**keepin' the dream alive **
*******************************************************
-=> VOLUME 3, ISSUE 4, February, 1989 <=-
**** WELCOME ****
To the fourth issue of -=* PIRATE *=-!
Special thanks for getting this issue out go to:
Chris Robin
Gene & Roger
Hatchet Molly
Hot Mix #1
Jedi
Knight Lightning
Maxx Cougar
Nicodemus Keezarvexius
Pru Dohn
Taran King
The California Zephyr
Ty Rexx
Any comments, or if you want to contribute, most of us can
be reached at one of the following boards:
BOOTLEGGER'S >>> PIRATE HOME BOARD
RIPCO (Illinois)
SYCAMORE ELITE (815-895-5573)
COMPANY OF WOLVES (301-791-1595)
THE ROACH MOTEL (California)
PACIFIC ALLIANCE (818-280-5710)
+++++++++++++++++++++++++++++++++++++++++++++++++++++
Dedicated to sharing knowledge, gossip, information, and tips
for warez hobbyists.
** CONTENTS THIS ISSUE **
File 1. Introduction and contents issues 1-4
File 2. Editorial: Defense of pirating
File 3. PHRACK BUST
File 4. Zipfile Tips
File 5. Company of Wolves Unprotects
File 6. PTL Cracking Primer
File 7. What Makes a Good Board
File 8. BBS Symbols and Faces
File 9. Gene and Roger at the BBS: *EURO-AMERICAN CONNECTION*
File 10. Some of our favorite numbers
------------------------------------------------
** WHO ARE WE? **
We've been asked "who are you guys?" Well, the guys are not all guys, and
sexism sucks. The people who put out pirate are mostly IBMers with some apple
and ST influences. We're a loose collective, mostly from the midwest, but with
contributors from around the country. Collectively, we're on probably all of
the good national boards, and those listed as "contact points" are not
necessarily those we frequent the most, but those we like a lot and where we
check in at least once every few weeks. Our goal is to try to provide news of
general interest to *all* BBS enthusiasts, share information and gossip, and to
give newcomers tips on how not to be lame. We hope this will improve BBSing for
everybody. We are committed to keeping information free to the people, and we
oppose control of knowledge by an elite few. As warez hobbyits, we believe that
knowledge of current software is of benefit to the software industry despite
their claim that sharing is unethical. We also believe that informed consumers
make for better products, and that sharing information on warez is a patriotic
and democratic duty.
As some may notice, the format of *PIRATE* changes each issue, for the better,
we hope. We have noticed some *PIRATE* files listed as g-philes on some boards,
so we thought it might be helpful to include an index periodically of previous
issues:
PIRATE INDEX (Issues 1-4)
*PIRATE* Index to Issue #1 (June, 1989)
File 1. What's a Pirate?
File 2. Pirate Do's and Don'ts
File 3. Pirate tips
File 4. Why Software ownership is bad for society
File 5. Copyright Law
File 6. Computer laws in Wisconsin
File 7. Editorial: Big Brother in the Computer Room?
File 8. Sysop's corner
File 9. What's hot, what's not
File 10. Wants and Needs
File 11. Board Review of the Month: THE GREAT ESCAPE
File 12. A few decent boards
-=-=-=-=-=-=-
*PIRATE* Index to Issue #2 (September, 1989)
File 1. Introduction, editorial, and general comments
File 2. Whither the World of Pirates?
File 3. How to get things running
File 4. Sysops and the Law -- Sysops' Legal Liability
File 5. Hackers in the News
File 6. Illinois and Texas Computer Laws
File 7. Is Teleconnect Dangerous? They're after our rights!
File 8. Viruses
File 9. BBS NEWS: Review (ATLANTIS) and APPLE #s
-=-=-=-=-=-=-
*PIRATE* Index to Issue #3 (January, 1990)
File #1. Introduction, editorial, and general comments
File #2. News Reprint: Who's the REAL software threat??
File #3. Unprotects and cracking tips (part 1)
File #4. Unprotects and cracking tips (part 2)
File #5. Unprotects and cracking tips (part 3)
File #6. Unprotects and cracking tips (part 4)
File #7. Unprotects and cracking tips (part 5)
File #8. Unprotects and cracking tips (part 6)
File #9. Gene n' Roger's "review of the month" (DEAD ZONE)
-=-=-=-=-=-=-
*PIRATE* Index to Issue 4 (March, 1990)
File 1. Introduction and contents issues 1-4
File 2. Editorial: Defense of pirating
File 3. PHRACK BUST
File 4. Zipfile Tips
File 5. Cult of Wolves Unprotects
File 6. PTL Cracking Primer
File 7. What Makes a Good Board
File 8. BBS Symbols and Faces
File 9. Gene and Roger at the BBS: Euro-American Connection
File 10. Some of our favorite numbers
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 3 of 10 ***
*** PHRACK/LoD bust of January, 1990 ***
***************************************************
As most of you know, PHRACK is down for awhile. It seems that in doing the good
deed of sending out back issues across e-mail lines, some eyebrows were raised.
----
The following newspaper accounts and commentary come from Dr.Ripco.
-----
(From the CHICAGO SUN-TIMES 2/7/90)
Two students with reputations as master computer hackers were
indicted here Tuesday on charges of stealing and publishing highly sensitive
information about the 911 emergency phone system in nine southern states. The
indictment alleges Robert J. Riggs, 20, a student at DeVry Institute in
suburban Atlanta, is a member of "The Legion of Doom," a nationwide group of
hackers said to be involved in illegal activities. His co-defendant is Craig
M. Neidorf, 19, a University of Missouri student who publishes Phrack, a
hacker magazine transmitted by computer. The indictment charges Riggs gained
unauthorized access to computers of the Bell South Telephone Co. in Atlanta in
December, 1988, and obtained the 911 file. It was sent to Neidorf via a
computer bulletin board in Lockport.
* * * * * * * * * * * * * * *
2 STUDENTS CHARGED IN COMPUTER FRAUD
------------------------------------
(from the Chicago Tribune 2/7/90)
Two college students who were members of a nationwide network of
computer hackers called the Legion of Doom were charged Tuesday with
breaking into the BellSouth Corp. 911 emergency system and publishing the
system through a hackers' "bulletin board."
Robert J. Riggs, 20, a DeVry Institute student in Atlanta, and Craig
Neidorf, 19, a University of Missouri student from Chesterfield, Mo., were
charged with wire fraud, interstate transportation of stolen property and
computer fraud and abuse.
The indictment, announced in Chicago by U.S. Atty. Ira Raphealson,
charges that Riggs broke into the BellSouth system in December 1988 "by using
a computer outside the telephone company to break into the telephone company's
computer system in which the computer file was stored."
The computer program for the BellSouth 911 system, valued at $79,449,
controls emergency calls in nine Southern states - Alabama, Mississippi,
Georgia, Tennessee, Kentucky, Louisiana, North Carolina, South Carolina and
Florida.
Riggs then transfered the BellSouth 911 information to the computer
"bulletin board" in Lockport. At this point, Neidorf loaded it into his
computer in Missouri and edited it for publication in a computer hacker
publication known as "Phrack," the indictment charges.
Assistant U.S. Atty. William Cook, who prepared the indictment,
declined to say if the police or fire departments in any of the affected citie
If convicted of all charges, Riggs would face a prison sentence of
32 years and a fine of $220,000. Neidorf faces 31 years in prision and a
fine of $122,000. Riggs faces similar charges in Atlanta, Cook said.
--------------------------------------
Whats interesting about this is what they are charging Craig (Knight Lightning)
with. it appears publishing the information (based on prision time) is nearly
as criminal as breaking in and getting the program. its unlikely that either
one will serve much time if any at all but it does present a crimp into what
can be 'published' and what cannot on bulletin boards.
what the article did not mention or name is the board in Lockport. i take it
they are taking about Lockport Illinios which i'm unfamilar with which board
this could be. although they have indicted 2 people, one who sent the info and
one who took it, does that mean the bbs used for the transfer is out of the
picture so to speak?
much food for thought....
Dr. Ripco
* * * * * *
As of this writing, nobody is completely certain what has happened or what will
happen, but we obtained the following from the major board where the crowd
hangs out.
The names were changed to protect the, uh, innocent.
--------------------
31/53: phrack...
Name: Magnum Guru
Date: Sat Jan 20 02:58:54 1990
Welp, Phrack magazine is dead. Those of you who pay attention to BITNET know
that the phrack accounts at U of M have been shut down. The story is as
follows...
Government agents (not sure of the dept., probably SS) have apparently been
monitoring the e-mail of the Phrack kids (Night Thunder & Prince Tarzan) for
some time now. Apparently, a portion of a file sent to them (and subsequently
published) contained copyrighted information. This is all they needed. They
have now seized the entire Phrack net mailing list (over 500 accounts), plus
every piece of information that Andar & Geric have (and they have a *LOT*) on
real names, addresses and phone numbers. This is evolving directly out of the
busts of three LOD members (Urvile, Leftist & Prophet). The Prophet (who is on
probation) is apparently being threatened with a prison term if he doesn't
cooperate. We don't know for sure if he cooperated or not, but what would you
do in the same position? The same officials are apparently *VERY* interested
in our co-sys, Mr. BA. His net account is being watched, etc. I'll let
him tell the story.
Anyone wishing to communicate with E or myself should do so through the
board only. I will be adding a secure (and I mean fucking secure) encryption
routine into the e-mail in the next 2 weeks - I haven't decided exactly how to
implement it, but it'll let two people exchange mail encrypted by a password
only know to the two of them. Hmmmm... carry this conversation to the
programming board.
Anyway, I do not think I am due to be busted, but then again, I don't do
anything but run a board. Still, there is that possibility. I assume that my
lines are all tapped until proven otherwise.
There is some question to the wisdom of leaving the board up at all, but I have
(have) personally phoned several government investigators and invited them to
join us here on the board. If I begin to feel that the board is putting me in
any kind of danger, I'll pull it down with no notice - I hope everyone
understands.
It looks like it's sweeps-time again for the feds. Let's hope all of us are
still around in 6 months to talk about it.
32/53: hmm
Name: Ashman
Date: Sat Jan 20 07:50:12 1990
this is getting truly annoying..
Phoenix
33/53: Phrack, etc...
Name: Phobos Kutter
Date: Sat Jan 20 09:30:10 1990
RE: phrack...
I sounds to me as though the "SS" was really reaching. I mean, to get them on
"copyright" violations is sort of like that had such a hard on for the
Phrack boys it was as though they went after gangsters with income tax evasion!
What is the legality of them spreading all of this information that they have
obtained throughout the world? I mean, if they got names, etc.., isn't that
private information? Do they or wl they publish all of it to the maniacs out
there?
35/53: Phrack and Pac*Hell
Name: Rip Torn
Date: Sat Jan 20 21:05:55 1990
Well-
A copyright infringement isn't all that major that the SS would bust them for
just that. I'm willing to bet they intercepted something bigger than a simple
copyright piracy case. Although they would be interested since the information
is being transported across state (and quite likly) national boundries.
About the San Jose case, sounds like they just got access to the TAN (Technical
Access Network), and went from there. Along with their other antics, they'll
prob get a prison term, because they are really strict on the wiretap bit. I
don't get the part about the false names and addresses. The courts have said
in the past, you can just pick a name out of the blue and use it, and you can
give any kind of information (like a false address or phone number for
instance) as long as the documentation is not for an official purpose and is
not intended to defraud someone.
I noticed Peter Neumann in there, he's a guy to listen to, and many of you
might reconize him from the Risks forum on the net. He is one of the few
public figures involved in computers that knows which way is up.
Recap-
Phrack will most likly get a slap on the wrist, but will have a sober look at
the world, and won't be inclined to be as high profile as they were.
The San Jose case, I'm betting it'll turn high profile, and there will be alot
of pressure for a nice long lock up.
Most of this is based on my dealings with local, state, and federal law, as
well as experience I gain while working for the County of San Diego.
36/53: phrack
Name: Midnight Star
Date: Sat Jan 20 21:36:56 1990
I would think they knew of dealings between phrack & hackers/phreakers, but
they had to have some real evidence in order to get in, once they did, they
found much info that would make for a good prosecution... As any hacker knows,
its the little things that matter
37/53: The Bottom line.
Name: The Rap Master
Date: Sun Jan 21 10:05:38 1990
The bottom line is..a crackdown. We can now expect a crackdown because of
the shit with the virus,the boys in cali, and the phrack kids.... The phrack
boys were just the start, i'm sure of it.. Unfortunately with all of this in
the news now, they will be able to get more government money to combat hackers.
And thats BAD fucking news for us. I think they are going after all the
"teachers" etc/.. people who educate others into this sort of thing.. (which i
didn't need to say because it's obvious after what happened to Andar & Geric) i
wonder if they think that maybe these remote cases are linked in any way.. The
only way they can probably see is that we are hackers.. And so that is where
their energies will be put.. To stop ALL hackers..and stop people BEFORE they
can become a threat.. After they wipe out the educators that is. Just a
theory.
38/53: Phrack
Name: Phobos Kutter
Date: Sun Jan 21 13:09:20 1990
It's a scary thought... - How did the intercept the information?? -
An information, ok, that's legal.... but how private is electronic mail? Per
haps we need a sub board to discuss some of these LEGAL issues...
39/53: ripper
Name: Magnum Guru
Date: Sun Jan 21 17:12:22 1990
Well, I know PT & NT pretty well, and they've been paranoid about doing
*anything* illegal. I think the SS just had a hard-on to hassle them and this
was the only excuse that they could come up with...
41/53: Phrack
Name: The Mogul
Date: Mon Jan 22 01:19:32 1990
I'm not sure what to make out of the Phrack. I think the SS, FBI, and whoever
has been waiting to bust them so long on ANYTHING that they waiting untill PT
NT crossed the line in any way. I mean, hell..PT and NT were paranoid, and
they suspected everything..so they stopped..and the SS, FBI and whoever had
nothing to go on...
Rap Master was right, PT and NT were "educators"..a lot of hacks/phreaks looked
up to them..maybe the SS and FBI thought that maybe if they couldn't get the
little guys, then to go for "the big guys"..(same philosophy of the drug war,
eh? Get the dealers, not the users?) Oh well..
I dunno..thats just my opinion... Shit, the public doesn't understand us enough
for the government to declare war on us... Maybe if you collect everyones
opinion on this, we can come to ONE conclusion..
42/53: Phrack
Name: Viking Warrior
Date: Mon Jan 22 02:40:13 1990
Geric was very upset when I talked to him a few days ago.
The Secret Service had been to their school and had taken all information off
of their public accounts through the university...this included the ENTIRE
phrack internet mailing list, future files, old issues, various lists of info
on people they knew, etc...
Geric assured me that they didn't go through his room, or even mess with his
pc, but that didn't matter, as they got enough from the system at school.
The problems stem from various articles published through Phrack, most
specifically an article dealing with E911 that was written by The Prophet.
They have said that this was stolen from a computer system, and was accepted
and distributed knowing that it was illegally obtained propriatary information.
(The Prophet was one of the 3 LOD members busted this summer in Atlanta) This
led to various questions dealing with LOD in general and a great deal of hazing
towards Geric.
For the most part, they pulled the same crap: "We know what you did, so if
you're smart you'll talk, or we'll make your life shit." And the other
approach, "Look, we know you're a smart kid with a bright future and we really
wouldn't want to see you fuck things up." Basic cop bullshit.
Geric was visited first by 3 agents, and Andar was supposedly to be visited the
following day. (They are at different schools now)
They were interested in the Telenet Directory, The EFT Files, which by now,
everyone knows that I wrote, since they had been grabbing the boys e-mail.
That pisses me off greatly, as Electronic Mail is supposed to be covered under
the same protection as regular mail now, or so I understood. I thought it was
a felony to interfere with peoples mail. Can you commit a felony, to stop a
suspected one from occurring? I hope not...hell, maybe Noriega is in charge
now...
In any case, I think I'm in for a world of shit...
43/53: MY feelings about this fucked up situation
Name: Viking Warrior
Date: Mon Jan 22 03:31:01 1990
I do not live in a fascist country...or so I thought.
INformation is withheld, people are threatened daily by an elite group of
Government thugs who operate above the law, hell, what do you call that kind of
bullshit?
I'm growing more and more pissed by the minute...if I do get nabbed, which I
semi-expect to, so you SS boys take a good look at this, I am dangerous. Maybe
not in a physical manner, although I'm kinda suicidal, and don't know how I'll
be on any given day, and I've only tried to kill my roommate once with a big
knife, and I've only broken wine bottles over two people...
But, I am dangerous in that I'm quite eloquent and VERY outspoken on topics
about which I feel strongly. Guess what? I kinda have a personal leaning
towards computer crime. Think carefully about reprocussions world-wide when
reporters find out just how insecure your precious Internet is, or think about
the stock fluctuations on Fortune 500 companies when their shareholders find
out just how easily the company could be shut down for a few days with a few
keystrokes, or consider the implications following just a few choice comments
about the lack of security at large banking institutions...hell, How fucking
skilled does someone have to be to sit on a nua and capture every fucking Saudi
Visa? (No offense P) but that shit is totally ridiculous. Security is
pathetic, and the ones who can fix it, or at least point it out are suppressed,
and placed in jail.
Fuck that. If that's what you expect to do to me, then you had better be
prepared to blow my fucking head off when you kick in the door, because I will
be heard.
47/53: well
Name: Ashman
Date: Mon Jan 22 09:21:39 1990
as long as nothing illegal is not posted.. the board is ine.. well... All i
have to say is that i ss/eds/or in my case CIA start playing dirty.. we have
been very nice in general about everything.. In act I cannot think o any time
when i have bought a system down.. But i it comes to it... we can fight ire
with ire.. <add f's where chars are missing.. i gotta get a new keyboard..> coz
i seriously agree with erik.. and when you guys start breaking the law to get
at us... well.. what the hell is the law or... i never liked the damn thing
anyway.. jesus.. as a final note... i will set up some sort of insurance... not
just or myself... but or anyone who needs it... and cant provide it or
themselves.. we can play below board just as much as any authorities can... so
there
49/53: dumb feds
Name: Silver Hawk
Date: Mon Jan 22 14:11:13 1990
Kill 'em all..as I like to say. Seriously, what can they prove if you are a
safe hacker? (hacking via outdials, phreaking with divertors only..no codes
etc. nothing traceable) They can't prove a damn thing. So what do they do,
but nail you on something trivial like copyright violation. All that shows is
that they have such a weak case that there is nothing solid to bust on. Enough
rambling for this paragraph...
What we need to do is set up a hackers network where everyone has their hands
in a few systems. That way, we have this sort of insurance that Phoenix talked
about: if one hacker gets busted 2 systems _die_. 2 hackers get busted 4
systems bite the dust. 3 hackers...9 systems. They need to quit messing with
people who wouldn't otherwise be harmful to the computer world. I know there
are freeloaders around that get their kicks from trashing Apple][ boards and
unixes, but this doesn't represent the majority of the hacker population. It
sure doesn't represent me!
50/53: busts
Name: Midnight Star
Date: Mon Jan 22 15:33:56 1990
I don't think that would be a very wise idea... It would just cause the
"authorities" and the general public to look toward us as destroyers, not
explorers... The ONLY times I have killed a system is when I really get pissed
off that the sysop keeps changing all the operator passwords (well... so maybe
i am a little malicious at times, but not like some people on this board)
51/53: Arg...
Name: Viking Warrior
Date: Mon Jan 22 18:22:55 1990
Wiping out systems as a means of retribution, or vengeance for a fellow
hacker's bust is NOT a good idea. You cannot take a bully approach when
dealing with the world biggest bully (The US Government) you will lose.
You have only one manner of defense, and that is to outsmart your opponent, or
to publicly humiliate him when faced with immediate danger.
Numb ->117 (51u7u2k2-117)
Sub ->busting hackers
From -> (#227)
To ->
Date ->02/08/90 08:58:00 PM
Reading the previous msgs. about the legion of doom and the possible prison
term of 32 years infuriates me. sure, what those dudes did is not right, but
lets keep their crime in perspective. they stole some shit off of a computer
system which was online and available to the public. ok, most of the public
doesn't know how to get stuff like that, but the fact that they did get it
means it could be considered available. the phone company surely knows of
phreakers, and that these people can be quite clever, therefore they knew the
information could be had.
30 years in jail for a fucking program, come on!!! people are killed and the
murderers get less. i realize that they probably won't get 30 years, but just
the possibility of getting it is outrageous.
f/h
Numb ->117 (51u7u2k2-117)
Sub ->Reply to: busting hackers
From -> (#321)
To ->all
Date ->02/09/90 02:59:00 AM
32 years for printing a publication. Hey you guys think there is some
issues of freedon of press or speech here. No probabably not because of the
subject matter but anyway It does seem kind of harsh considering there are alo
of other more important things to bust assholes for like murder and drug
smuggling. Its just another waste of tax payers money just like trying to
eleminate abortion. Who gives a fuck if you can't bring a kid into this world
right then there should be a choice. Too many people in this world anyway.
Numb ->118 (51u7u2k2-118)
Sub ->Reply to: Reply to: busting hackers
From -> (#70)
To ->J CRAZY
Date ->02/09/90 03:12:00 AM
A CLASSIC EXAMPLE OF "NOT COMPLAINING UNLESS YOUR OX IS GORED"! NOW I AGREE
WITH YOU THAT 32 YEARS, OR ANY YEARS FOR PUBLISHING IS RIDICULOUS...PER THE
FIRST AMENDMENT, BUT THEN YOU GO ON ABOUT MURDER AND "DRUG SMUGGLING" IN THE
SAME BREATHE. SINCE WHEN DOES THE GOVERNMENT HAVE THE RIGHT TO TELL US WHAT
WE CAN AND CAN'T DO WITH OUR BODIES IN PRIVATE? SINCE WHEN DOES THAT
PROHIBITION JUSTIFY JAIL? COMPLAIN ABOUT VIOLENT CRIMES PER SE, DON'T BE A
GOVERNMENT CONTROLLED STOOGE AND BUY INTO THEIR LATEST DEMAGOGUERY.
Numb ->119 (51u7u2k2-119)
Sub ->Reply to: busting hackers
From -> (#450)
To ->
Date ->02/09/90 06:58:00 AM
The prison sentence..or the one that they face is quite high! That is more
than they give murderers/rapists and any other hard crime! I'm not saying that
they should go scot free,but lets be realistic and give a sentence that does
fit the crime. Whatever 31 years is way to long.
Numb ->120 (51u7u2k2-120)
Sub ->stuff
From -> (#75)
To ->folks
Date ->02/10/90 03:00:00 AM
I don't think they're actually being PROSECUTED for publishing the information
they just play up the fact that the information was distributed in their cop
press releases to build public antipathy towards the suspects... Generic peopl
tend to think very highly of things like 911 that shouldn't be "monkeyed with"
so when they hear that kids are spreading "confidential" information about
those systems around, they get afraid and are sympathetic to prosecution. The
only charges I can imagine are related to 'breaking and entering' into the
Bellcore computer.
To the best of my knowledge, there is no precedent for a "clear and present
danger" prosecution against publication of information on law enforcement
procedures. A successful one, anyway.
* * * * * * *
The following came across the wires from a member of LoD explaining his view,
which contrasts remarkably from "official" media descriptions. The bottom line
is that it seems like the pheds are engaging in a witch hunt of sorts and
whether they can make charges stick is irrelevant for the Heavy Hasslers with
the power.
--------------------
-< Life, The Universe, & LOD >-
To set the record straight, a member of LOD who is a student in Austin and who
has had his computer account at UT subpoenaed by the DA out of Chicago because
of dealings with the above happenings:
My name is {deleted}, but to the computer world, I am Erik Bloodaxe. I have
been a member of the group known as Legion of Doom since its creation, and
admittedly I have not been the most legitimate computer user around, but when
people start hinting at my supposed Communist-backed actions, and say that I
am involved in a world-wide consipracy to destroy the nations computer and/or
911 network, I have to speak up and hope that people will take what I have to
say seriously.
Frank, Rob and Adam were all definately into really hairy systems. They had
basically total control of a packet-switched network owned by Southern Bell
(SBDN)...through this network they had access to every computer Southern Bell
owned...this ranging from COSMOS terminals up to LMOS front ends. Southern
Bell had not been smart enough to disallow connections from one public pad to
another, thus allowing anyone who desired to do so, the ability to connect to,
and seize information from anyone else who was using the network...thus they
ended up with accounts and passwords to a great deal of systems.
This was where the 911 system came into play. I don't know if this system
actually controlled the whole Southern Bell 911 network, or if it was just a
site where the software was being developed, as I was never on it. In any
case, one of the trio ended up pulling files off of it for them to look at.
This is usually standard proceedure: you get on a system, look around for
interesting text, buffer it, and maybe print it out for posterity. No member
of LOD has ever (to my knowledge) broken into another system and used any
information gained from it for personal gain of any kind...with the exception
of maybe a big boost in his reputation around the underground. Rob took the
documentation to the system and wrote a file about it. There are actually two
files, one is an overview, the other is a glossary. (Ray has the issue of
PHRACK that has the files) The information is hardly something anyone could
possibly gain anything from except knowledge about how a certain aspect of the
telephone company works.
The Legion of Doom used to publish an electronic magazine called the LOD
Technical Journal. This publication was kind of abandoned due to laziness on
our part. PHRACK was another publication of this sort, sent to several
hundred people over the Internet, and distributed widely on bulletin boards
around the US. Rob sent the files to PHRACK for the information to be read.
One of PHRACK's editors, Craig, happened to be the one who received the files.
If Rob had sent the files to one address higher, Randy would have been the one
who would probably be in trouble. In anycase, Craig, although he may have
suspected, really had no way to know that the files were propriatary
information and were stolen from a Southern Bell computer.
The three Atlanta people were busted after having voice and data taps on their
lines for 6 months. The Phrack people were not busted, only questioned, and
Craig was indicted later.
What I don't understand is why Rob and Craig are singled out more often than
any other people. Both of them were on probation for other incidents and will
probably end up in jail due to probation violations now. Frank and Adam still
don't know what is going on with their cases, as of the last time I spoke with
them.
The whole bust stemmed from another person being raided and rolling over on
the biggest names he could think of to lighten his burden. Since that time,
Mr. William Cook, the DA in Chicago, has made it his life's goal to rid the
world of the scourge of LOD. The three Atlanta busts, two more LOD busts in
New York, and now, my Subpoena.
People just can't seem to grasp the fact that a group of 20 year old kids just
might know a little more than they do, and rather than make good use of us,
they would rather just lock us away and keep on letting things pass by them.
I've said this before, you cant stop burglars from robbing you when you leave
the doors unlocked and merely bash them in the head with baseball bats when
they walk in. You need to lock the door. But when you leave the doors open,
but lock up the people who can close them for you another burglar will just
walk right in.
If anyone really wants to know anything about what is going on or just wants
to offer any opinions about all this directly to me, I'm
erikb@walt.cc.utexas.edu
but my account is being monitored so don't ask anything too explicit.
--------------------
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 4 of 10 ***
*** >Zipping and Archiving< ***
***************************************************
Swapping warez requires considerable zipping, unzipping, and rezipping, and we
offer the following tips to help assure that we get the most out of our ZIP
programs and procedures. ALthough most boards will accept any reputable
compression, there's not much disagreement on which compression method is the
best: Phil Katz's PKZIP is the standard. It's fast, tight, and offers many
options. Although some, such as ICE 1.14, may have higher compression ratios,
no other program has the all around power and utility as PKware.
Unfortunately, too many warez hobbyists don't use PKZIP to it's full potential,
and this can result in lost files, confused archives, or incomplete files on
uploading. We offer the following tips to improve zipping procedures.
1. Always zip from the original disks or programs when possible rather then do
a file dump and then rezip. In a file dump, it is easy to forget to include
subdirectories.
2. *ALWAYS* put a zip comment in each zip file so you (or others) know what
that file is. If you are zipping up a program called "LAWRITE" that has 6
disks, with the first being the program disk, type this command:
PKZIP LRT21-1 (for "Law Rite, ver. 2.1, disk 1). Then, type: PKZIP -Z
LRT21-1 (this will allow a zip comment) and type at the prompt something
like: "LAWRITE BY MACON, VER. 2.1, PROGRAM DISK (1/6). This lets you (or
whoever) know what the program is, what the disk is should the installation
procedure ask for the specific disk, and give you the version so it won't
be confused with an upgrade.
3. Experienced hobbyists keep their backup zip files as they come
off the disk, and this means *KEEPING SUBDIRECTORIES INTACT AND SEPARATE FROM
OTHER FILES.** There are two ways to do this. The first is to INSTALL a
complete program, including all options, so a complete program exists on hard
disk. Then, we go into each subdirectory and zip the files. For example, if
LAWRITE has a main directory called LAWRITE and three subdirectories called a)
FILES, b) LAW, and c) DICTNRY, you first go into each of the three
subdirectories and zip the the files with the command: PKZIP -M FILES (or LAW
or DICTNRY). This will zip all the files in that directory and remove them
after zipping. This saves the need to delete files individually. THEN: Go into
the LAWRITE directory and type the command:
PKZIP -m -P -r LRT21 (note lower case m & r and UPPER case P)
This will zip the entire program, Law Rite 2.1. The -m command
removes individual files, the -P switch retains the file's original
path, and the -r recurses the subdirectories. For a helpful article on
this, even for experienced users, see Steven J. Vaughan-Nichols:
"Zippity PKzip" in PC COMPUTING, Feb., 1990 (p. 96-99).
When finished, you should have one main zip file that contains all the files
from the LAWRITE directory and three additional zip files from the three
subdirectories. BE SURE TO ADD A "README.NOW" note and explain that, when
unzipping, these directories and subdirectories should be created, unzipped in
the LAWRITE directory (with the PKUNZIP command). If you have a large program
with several zip files in it (ALWAYS RUN THE PKUNZIP -v *.zip command to see
what's in a zip file before unzipping), you might first create subdirectoriese
named after those zip files just to be safe, and keep your fingers crossed that
whoever zipped it knew what they were doing. That's why it is crucial to name
those other zip files exactly as the subdirectory appears.
The disadvantage of this kind of zipping for hobbyists is that when unzipping,
the files will be from an installed program and not the original disk. This
means that if unzipped on a different computer, some needed files may be
missing. Besides, it's always helpful to have a second backup that
doesn't take much space that is complete. That's why we prefer
to keep zips off the original disks, because you never know what
kind of system it will be unzipped on, and installation programs
rarely copy over all files, but only those needed during the
initial configuration.
We suggest creating a test directory with a few subdirectories and placed some
short, unneeded files in them and then spending an hour practicing with the
PKzip/UNzip commands until you are familiar with them. You might also consider
experimenting with various batch commands, and use wildcards to create an
auto-zip program that saves typing time.
There have been reports that ICE 1.14 is a hacked version of LHarc, but this
does not appear true. A nice summary of other compression programs appeared in
PC COMPUTING (see above):
----------
FOUR OTHER DATA COMPRESSORS PKzip stands above other data-compression shareware
in terms of overall performance. Here are some more very popular utilities:
ARC 5.02. Long the industry standard, Arc 6.02 has deteriorated into a
middle-of-the-road performer in terms of speed and compression ratios. It has
the bad habit of aborting a job and leaving a file half-compressed if it
doesn't have enough disk space to complete the operation....
ICE .14. One of the newest entries in the data-compression arena, Ice (also
known as LHarc) emerged as a popular shareware program in Japan. It has the
highest compression ratio of any program mentioned here, but it's painfully
slow--and very difficult to use, in part because of its limited documentation.
Ice .14 is currently available on GEnie.
PAK 2.1. Though it's been around for a while, Pak has never had the prominence
of either Arc or PKzip, mostly because its performance lags behind that of the
other two programs. Pak excels at handling multiple file specifications and can
create and convert files read by Arc.
Zoo 2.01. Neither the fastest nor the most efficient compression utility
available, Zoo offers some advantages. This shareware program allows you to
selectively extract multiple generations of the same file--a terrific feature
for programmers and writers. It also spans several operating systems, including
Xenix, VAX/VMS, and Amiga DOS, so that you can archive files across platforms.
It's a difficult program to master, and the documentation isn't much help in
figuring it out.
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 5 of 10 ***
*** Cracking Tips by NICODEMUS KEEZARVEXIUS ***
*** (and Company of Wolves) ***
***************************************************
Company of Wolves and ace cracker Nicodemus Keezarvexius will appear here
periodically in their own corner. A few of the following were printed last
issue but we thought we'd reprint them to keep CoW's work in a single file. Any
suggests or requests, you can reach NK at PC-EXEC (414-789-4210) or the CoW
board (301-791-1595).
In this file: Unprotects for
BOP'N WRESTLE
KARATEKA
IMPOSSIBLE MISSION II
MIGHT AND MAGIC
POOL OF RADIANCE
GAUNTLET
FROM:
THE COMPANY OF WOLVES
----------------------------------------------------------------
MINDSCAPES BOP'N WRESTLE
----------------------------------------------------------------
NEEDED:
1. Norton Utilities (or similar program)
2. A copy of the file Bop.exe from your original disk.
3. A bit of your time
----------------------------------------------------------------
1. HOW TO UNPROTECT BOP'N WRESTLE:
First load one of the above file into Norton.
Then search for the string B8 00 19 CD.
Change these bytes to 31 C0 EB 2F.
Save the changes
2. FOR ALL OF YOU DEBUG FANS:
Rename Bop.exe to Bop.try
type E CS:96D [return] 31 [space] C0 [space] EB [space] 2F
[return]
Save the changes with the W command
Exit debug
Rename Bop.try back to Bop.exe
Enjoy the game on any drive you choose to.
The program will now skip the check for copy protection all together. The first
change (31 C0) is an xor ax,ax. The Second (EB 2F) jumps to a return. (just in
case you wanted to know)
If you have any problems with any of the patches above check the date of the
file BOP.EXE on your original disk A for the date 11/06/87. If your file has a
different date then they probably changed the copy protection method and your
out of luck with this patch.
----------------------------------------------------------------
----------------------------------------------------------------
**KARATEKA**
----------------------------------------------------------------
NEEDED:
Norton Utilities (or simular program).
A copy of the file Karateka.exe from your original disk.
A bit of your time.
----------------------------------------------------------------
1. HOW TO UNPROTECT BRODERBUND'S KARATEKA:
First load KARATEKA.EXE into Norton.
Then search for the string E8 81 14.
Change the string to 90 90 90.
Skip ahead 4 bytes to the string 75 2D.
Change the 75 to EB.
Search for the string E8 74 14.
Change the string to 90 90 90.
Once again skip ahead 4 bytes to the string 75 20 and Change the
75 to EB.
Write the changes.
The program will now skip over the part where it looks for the copy protection
but you aren't done yet.
Now search for the string B2 00 B4 0E CD 21.
Change all of these bytes to 90.
Write the changes.
Now the program will play on whatever drive you want.
----------------------------------------------------------------
If you have any problems with any of the patches above check the date of the
file KARATEKA.EXE on your original disk for the date 07-01-87. If your file has
a different date then they proabably changed the copy protection method and
your out of luck with this patch.
---------------------------------------------------------------
MISSION IMPOSSIBLE II
----------------------------------------------------------------
FROM:
THE COMPANY OF WOLVES
----------------------------------------------------------------
NEEDED:
Norton Utilities (or simular program).
A copy of the game file from your original Manhunter disk.
IM2_CGA.EXE if you have CGA graphics,IM2_TAN.EXE for Tandy,
IM2_EGA.EXE for EGA, or IM2_MGGA.EXE for MCGA.
A bit of your time.
----------------------------------------------------------------
1. HOW TO UNPROTECT IMPOSSIBLE MISSION II:
First load the appropiat file into Norton.
Search for the string A2 CA 99 A2 28 9C.
Change these 6 bytes and the next 6 bytes (total of 12) to 90's.
Write the changes.
Then search for the bytes CD 21 B9 01 14.
Change the CD 21 to 90 90.
Write the changes.
Now search for F6 C4 10.
Change the byte immediatly following the 10 (75) to EB.
Write the changes.
Next search for the bytes BB 09 9A 8B CD.
Change the 2 bytes before this string (72 xx (xx is different for
some of the above files)) to 90 90.
Write the changes.
Now search for B9 10 00 F3 A7.
Change the 2 bytes following this string (75 xx) to 90 90.
Write the changes.
Now search for B9 04 00 F3 A7.
Change the 2 bytes following this string (75 xx) to 90 90.
Write the changes.
Now search for B8 09 02 CD 13.
Change the CD 13 to 90 90, and the byte following it (73) to EB.
Write the changes.
Now the check for the copy protection (a bad sector on disk A) is disabled. If
you don't intend to use the game on your hard disk you can now play the game
from and DISKCOPYed disk. If you want to play this game from a single directory
on any fixed disk follow the procedure below.
2. FIXING THE PROGRAM TO PLAY FROM 1 DIRECTORY: Once again load the appropiate
EXE file into Norton. Search for the string CHARSf. Basicly you will type
the file name after the CHARSf over CHARSf. For example if the full string is
CHARSfTHISFILE.A to THISFILE.A(00) (Note. the end of the file name is denoted
by a 00) hex). Be sure to look to see if the . after the file is indeed a . or
a 00 hex because some files have extentions and some don't and make sure that
you end the name you just typed over ends with a 00.
Write the changes.
Repete the prodcedure until you reach the end of the file.
Next do the same thing exept look for the string ROOMSf.
Now when you copy the game just copy all of the files from all directories from
your original disks to the directory on the hard drive you intend to use. You
can now enjoy the game without flipping thru floppy disks.
-------------------------------------------------------------------
MIGHT AND MAGIC
------------------------------------------------------------------
----------------------------------------------------------------
NEEDED:
1. Norton Utilities (or similar program)
2. A copy of the file MM.EXE from your original disk.
3. A bit of your time
----------------------------------------------------------------
1. HOW TO UNPROTECT MIGHT AND MAGIC:
First load the file MM.EXE into Norton.
Then search for the string CD 13 72 EE.
Change these bytes to 90 90 90 90.
Write the changes.
Next search for the string CD 13 72 05.
Change these bytes to 90 90 90 90.
Write the changes.
Next search for the string CD 13 72 05.
Change the CD 13 to 90 90 and the 72 05 to EB 05.
A few bytes after this is a 75 F6, change these bytes to 90 90.
you will have to do this 4 more times here are the jumps to look
for: 75 20, 75 18, 75 10, 75 08. These will all be 7 bytes apart,
change them all to 90's.
Once again their will be another jump 7 bytes after the last one
you changed (74 03), change it to EB 03.
Write the changes.
----------------------------------------------------------------
The program will now skip the check for copy protection all
together.
If you have any problems with any of the patches above check the
date of the file MM.EXE on your original disk 1 for the date
11/18/87. If your file has a different date then they probably
changed the copy protection method and your out of luck with this
patch.
------------------------------------------------------------------
HOW TO FIX COPY PROTECTION FROM
AND SUPERCHARGE CHARACTERS
FOR POOL OF RADIANCE.
----------------------------------------------------------------
NEEDED:
Norton Utilities (or similar program)
A copy of the file start.exe from your pool of radiance disk
A bit of your time
----------------------------------------------------------------
1. HOW TO UNPROTECT POOL OF RADIANCE:
First load START.EXE into Norton
Then search for one of the key words from the code disk
Change the 6 letters of each word to whatever you want (make then
all the same for convince)
Save the changes
11/08/89
I just completed a new fix which will completely skip over the part where the
program asks you for the word from the code disk. For Norton Utilities users
search for the string 9A 25 00 1D 00, change all of these bytes to 90's. For
all of you Debug fans out there rename the file START.EXE to say 123.AAA (or
whatever), then type S cs:100 900 9A 25 00 1D 00. It should show a match at
xxxx:05D7. Change the bytes by typing the following: E 05D7 EenterL, 90 EspaceL
90 EspaceL 90 EspaceL 90 EspaceL 90 EenterL. Then write the file with the W
command and quit Debug. Now rename the file you just fixed to START.EXE and
your done.
01/03/90
I have just been made aware of another version of start.exe dated 12/12/88. To
get around the copy protection for this version with Norton search for the same
string listed above, with this version change the first four bytes to 90's and
leave the 00 alone.
Thanx Karl.
----------------------------------------------------------------
2. SUPERCHARGING YOUR CHARACTERS:
Copy the file CHARFIX.EXE (included in this fix) into the directory where your
saved games reside. Change to that directory. Run the program, it is self
explanatory.
----------------------------------------------------------------
If you have any problems with any of the patches above check the
date of the file START.EXE on your original disk A for the date
10-26-88. If your file has a different date then they probably
changed the copy protection method and your out of luck with this
patch.
-------------------------------------------------------------
MINDSCAPE'S GAUNTLET
------------------------------------------------------------
NEEDED:
1. Norton Utilities (or similar program)
2. A copy of the file's gintro.exe and gprog.exe from your
original disk.
3. A bit of your time
-----------------------------------------------------------------
1. HOW TO UNPROTECT GAUNTLET:
First load one of the above files into Norton.
Then search for the string F3 A7.
Change the byte immediately following (74) to EB.
Continue the search and once again change the 74 to EB.
Save the changes
Repeat the steps above for the other .EXE file.
For you Debug fans rename each of the two files to 1.aaa and 2.aaa
respectivaly. Search (the S command) for F3 A7, you should get at least 3
matches. You will need to unassemble each of the matches, the first copy
protection match should read REPZ CMPSW, JZ 2D96, ect..., and the second REPZ
CMPSW, JZ 2DB1, ect... With the E command using the FULL address of the JZ
commands change the 74's to EB's. Write the files with the W command and
repeat the process for the other file. When finishes erase Gintro.exe and
Gprog.exe and rename 1.aaa gintro.exe and 2.aaa gprog.exe.
In this version of the program will still look for the copy protection (which
is a sector at the end of the hard disk that the install program writes then
marks bad to prevent overwriting to that sector) but will continue the program
as if the comparison (F3 A7) was successful.
-----------------------------------------------------------------
If you have any problems with any of the patches above check the date of the
file GINTRO.EXE on your original disk A for the date 03/25/88. If your file has
a different date then they probably changed the copy protection method and your
out of luck with this patch.
----------------------------------------------------
How to fix copy protection from
Mindscape's Paperboy.
-----------------------------------------------------
1. Norton Utilities (or similar program)
2. A copy of the file's papercga.exe, papercgt.exe, and
papercg2.exe from your original disk.
3. A bit of your time
-----------------------------------------------------------------
1. HOW TO UNPROTECT PAPERBOY:
First load one of the above files (whichever applies to your graphics, papercga
for cga graphics, papercgt for tandy graphics , or papercg2 for ega graphics)
into Norton. Then search for the string 3D 33 00 75 FE. Change the 74 FE to
90 90. Save the changes
The program will still look for the copy protection files DEMAA.COM and
DEMAB.COM but will skip the instruction that locks up the system (74 FE (jump
back two bytes if comparison is not zero)).
If you have any problems with any of the patches above check the date of the
file PAPERxxx.EXE on your original disk A for the date 06/17/88. If your file
has a different date then they probably changed the copy protection method and
your out of luck with this patch.
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 2 of 10 ***
*** Response to a U's Anti-Piracy Policy ***
***************************************************
---------
The following response to a University anti-piracy announcement was downloaded
from a midwest BBS. We reprint it without permission, and it is apparently a
draft. We thought the comments were sufficiently interesting to pass on.
---------
SOFTWARE PIRACY: AN ALTERNATIVE VIEW
Jim Thomas and Gordon Meyer
(February, 1990)
%Jim Thomas is an associate professor in Sociology.
Gordon Meyer received his M.S. in Sociology in
1989. They are currently researching the
computer underground from which the data for this
note are drawn.%
---------------
Draft copy: Uploaded to PC-EXEC for comments. Not to
be cited without permission
----------------
The university policy against computer software piracy has been widely
publicized, including in a recent issue of Computing News (December, 1989).
There is no question that the university must protect itself against actions
of the NIU community for which it could be held legally accountable.
However, based on our current research of the "computer underground" and the
activities of "phreaks, hackers, and pirates," we find no evidence to
support the many value judgments offered in the rationale circulated by the
university.
Our intent here is neither to justify software piracy nor to challenge
University policy. However, because the area of copyright and "computer
abuse" law is so new, and because these laws tend to rely on media and other
depictions of "computer underground" activity as criminally sanctionable, it
is important to counter conceptions of underground activity that seem
unsubstantiated by evidence.
The university's normative justification of the University policy can be
summarized in three broad principles:
1. Software piracy shows disrespect for the intellectual work and property
of others and subverts the mission of higher education.
2. Software piracy deprives authors of a "fair return" for their work.
3. Software piracy is unethical.
The data from our research do not support these judgments for several
reasons.
First, software pirates make a clear distinction between "pirates," persons
who collect and share software as hobbyists akin to stamp collectors,
and "bootleggers." Bootleggers are persons who distribute software for
material gain. Pirates may copy and install programs, but generally their
goal is to collect, and they derive satisfaction from running programs for
which they have no need and that they will rarely, if ever, use.
Second, software pirates, despite the claims of the SPA (Software Publishsers
Association) report spending considerably more money purchasing software than
the average user. Many of these purchases are for trading, and there is a
strong ethos in the pirate world that if one uses a program, one purchases
it. Reasons for purchasing include documents, information and discounts on
updates, and online technical support. It is quite common for pirates to
purchase programs identical to those they have already obtained.
Third, the "no return" policy of most software merchandisers makes it
difficult for potential buyers to assess the ability of a program to meet
their needs or work adequately on their system. Piracy creates an informed
public by assuring that programs are available for pretesting, by providing
a pool of reasonably literate users to publicly discuss whether Word
Perfect is better than XYwrite or WordStar, and to even offer
technical assistance to those who have purchased a program. In this sense,
the "unauthorized" copying of software can be seen as contributing to the
university mission of expanding knowledge, of preventing exploitation of
consumers through education, and above all, for expanding computer literacy
by contributing to the free flow of information.
Fourth, pirates spend a considerable sum on their hobby. One of the most
active topics of discussion among pirates is that of the need to continually
upgrade, the continual purchase of diskettes on which to store programs,
and with the popularity of 9600 baud modems to invest between $600-900 for
telecommunications hardware. Because most pirates exchange software across
telephone lines, piracy has benefitted telephone companies because of the
growth of Bulletin Board Systems (BBSs). Our data indicate that an average
monthly phone bill of $200 or more is common, and active pirates easily
double that cost.
Fifth, there is simply no evidence to corroborate that piracy deprives
authors of revenue. Our data suggest that pirates annually purchase no less
than three times the 1.5 programs the SPA estimates for the "average" user.
Further, few students or faculty could afford the price of Dbase 4 and
other large programs, and few people could afford to spend several thousand
dollars a year on computer games. Programs would simply remain unpurchased.
However, piracy creates an interest, expands consumer literacy, and
contributes to a "user culture" that benefits the industry as a whole. We
suggest that without such a culture, there would be less interest in software
and, consequently, less revenue for authors.
Sixth, the claim that piracy is unethical is usually a glib one made without
a strong rationale. Although we make no metaphysical claims here, we do
suggest that piracy and current attempts to criminalize it are far to serious
to be so glibly stigmatized, and the issues require far more research and
debate.
The rapid growth of computer and telecommunications technology brings with
it new questions of the nature of "private property," free and open access to
information and resources, and definitions of "authorship." Few among us
condone any form of predatory behavior. However, we find equally disturbing
the tendancy to perpetuate claims and definitions that should be brought into
a public forum for debate rather than simply asserted from the position of
authority that leads to criminalization.
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 6/10 ***
*** PTL Cracking tips (reprinted) ***
***************************************************
{This file has been around for awhile, but it's sufficiently good
that it deserves reprinting (eds.)}
IN THIS FILE: Unprotects for:
Title: Case Study: A Colorful CLS
Title: Cracking On the IBM PC Part I
Title: Cracking On the IBM PC Part II
Title: MEAN-18 UnProtect For CGA/EGA Version
Title: Space Station Oblivion Crack
Title: F-15 Unprotect
Title: BATTLEHAWKS-1945 Doc Check Crack
Title: Yeager's Advanced Flight Trainer
Title: Microsoft Flight Simulator 1.00 Unprotect
Version 1.3
By
Specular Vision
Special Thanks to:
Mr. Transistor
Ironman
The Grand Elusion
Banzai Buckaroo
Another fine PTL Production
Call The Myth Inc. BBS
------------------ (Page Numbers will be aprox. until
final version is finished)
i. Table of Contents 2
ii. Introduction 3
I. How to Crack 4
Debugging DOS 4
Cracking on the IBM PC Part 1 7
Cracking on the IBM PC Part 2 11
II. Example Cracks 14
Mean-18 by Accolade 14
Submarine by Eypx 18
Space Station Oblivion by Eypx 22
III. Removing Doc Check Questions 23
F-15 Strike Eagle by MicroProse 23
Battlehawks 1945 by Lucasfilms 25
A - Interrupt Tables 36
(This will be an add-on file)
01 90 FE C5 80 FD 0C
04. After modifying the bytes, write the modified file
E1 90 CD 20
2
Comments Key:
-------------
Comments in the following material will be made by one of the
following and the lines that enclose the comments show who
made the comment.
Specular Vision = -------------
Mr. Transistor = +++++++++++++
Ironman = |||||||||||||
Special thanks to Mr. Transistor, for coming out of "Retire-
ment" to help compose this document.
3
-------------------------------------------------------------
Let's start with a simple introduction to patching a program
using the DOS DEBUG program. The following article will in-
troduce you to the basic ideas and concepts of looking for a
certain area of a program and making a patch to it.
-------------------------------------------------------------
By: Charles Petzold / Specular Vision
Title: Case Study: A Colorful CLS
This article originally appeared in the Oct. 14,1986 Issue
of PC Magazine (Vol 15. Num 17.). Written by Charles Petzold.
The hardest part of patching existing programs is determin-
ing where the patch should go. You really have to make an
intelligent guess about the functioning of the program.
As an example, let's attempt to modify COMMAND.COM so that
is colors the screen on a CLS command. As with any type of
patch try it out on a copy and NOT the original.
First, think about what we should look for. CLS is differ-
ent from all the other DOS internal Commands, It is the only
internal command that does something to the screen other than
just write to it with simple teletype output. CLS blanks the
screen and homes the cursor. Since it can't do this through
DOS Calls (unless ANSI.SYS is loaded), it is probably calling
the BIOS Directly. The BIOS Interrupt 10h call controls the
video, and so the CLS command probably uses several INT 10h
instructions. The machine code for INT 10h is CD 10.
(While this same method will work under any version of
PC-DOS, Version 2.0 and later, the addresses I'll be using
are from PC-DOS 3.1. Other versions of PC-DOS(or MS-DOS) will
have different addresses; you should be absolutely certain
that you're using the correct addresses.)
Load COMMAND.COM into DEBUG:
DEBUG COMMAND.COM
and do an R (Registers) command. The size of COMMAND.COM is
in register CX. For DOS 3.1's COMMAND.COM, this value is
5AAA.
Now do Search command to look for the CD 10 bytes:
S 100 L 5AAA CD 10
You'll get a list of six addresses, all clustered close to-
4
gether. The first one is 261D. You can now pick an address a
little before that (to see what the first call is doing) and
start disassembling:
U 261B
The first INT 10 has AH set to 0F which is a Current Video
State call. The code checks if the returned value of AL
me to get started. Next we'll look at two other articles,
both written by Buckaroo Banzi. These two articles CRACK-1
and CRACK-2 give you an introduction to the different copy
protection schemes used on IBM PC's, and how to find and by-
pass them.
-------------------------------------------------------------
By: Buckaroo Banzai
Title: Cracking On the IBM PC Part I
Introduction
------------
For years, I have seen cracking tutorials for the APPLE
computers, but never have I seen one for the PC. I have de-
cided to try to write this series to help that pirate move up
a level to a crackest.
In this part, I will cover what happens with INT 13 and how
most copy protection schemes will use it. I strongly suggest
a knowledge of Assembler (M/L) and how to use DEBUG. These
will be an important figure in cracking anything.
INT-13 - An overview
--------------------
Many copy protection schemes use the disk interrupt
(INT-13). INT-13 is often use to either try to read in a il-
legally formatted track/sector or to write/format a
track/sector that has been damaged in some way.
INT-13 is called like any normal interrupt with the assem-
bler command INT 13 (CD 13). [AH] is used to select which
command to be used, with most of the other registers used for
data.
INT-13 Cracking College
-----------------------
Although, INT-13 is used in almost all protection schemes,
the easiest to crack is the DOS file. Now the protected pro-
gram might use INT-13 to load some other data from a normal
track/sector on a disk, so it is important to determine which
tracks/sectors are important to the protection scheme. I
have found the best way to do this is to use LOCKSMITH/pc
(what, you don't have LS. Contact your local pirate for it.)
Use LS to analyze the diskette. Write down any track/sector
that seems abnormal. These track are must likely are part of
the protection routine. Now, we must enter debug. Load in
7
the file execute a search for CD 13. Record any address
show.
If no address are picked up, this mean 1 or 2 things, the
program is not copy protected (right...) or that the check is
in an other part of the program not yet loaded. The latter
being a real hassle to find, so I'll cover it in part II.
There is another choice. The CD 13 might be hidden in self
changing code. Here is what a sector of hidden code might
look like
-U CS:0000
1B00:0000 31DB XOR BX,BX
1B00:0002 8EDB MOV DS,BX
1B00:0004 BB0D00 MOV BX,000D
1B00:0007 8A07 MOV AL,[BX]
1B00:0009 3412 XOR AL,12
1B00:000B 8807 MOV [BX],AL
1B00:000D DF13 FIST WORD...
In this section of code, [AL] is set to DF at location
1B00:0007. When you XOR DF and 12, you would get a CD(hex)
for the INT opcode which is placed right next to a 13 ie,
giving you CD13 or INT-13. This type of code can't and will
not be found using debug's [S]earch command.
Finding Hidden INT-13s
----------------------
The way I find best to find hidden INT-13s, is to use a
program called PC-WATCH (TRAP13 works well also). This pro-
gram traps the interrupts and will print where they were
called from. Once running this, you can just disassemble
around the address until you find code that look like it is
setting up the disk interrupt.
An other way to decode the INT-13 is to use debug's [G]o
command. Just set a breakpoint at the address give by
PC-WATCH (both programs give the return address). Ie, -G
CS:000F (see code above). When debug stops, you will have
encoded not only the INT-13 but anything else leading up to
it.
What to do once you find INT-13
-------------------------------
Once you find the INT-13, the hard part for the most part
is over. All that is left to do is to fool the computer in
to thinking the protection has been found. To find out what
the computer is looking for, examine the code right after the
INT-13. Look for any branches having to do with the
8
ny CMP to the AH register. If a JNE or JC
(etc) occurs, then [U]nassembe the address listed with the
jump. If it is a CMP then just read on.
Here you must decide if the program was looking for a pro-
tected track or just a normal track. If it has a CMP AH,0
and it has read in a protected track, it can be assumed that
it was looking to see if the program had successfully com-
plete the READ/FORMAT of that track and that the disk had
been copied thus JMPing back to DOS (usually). If this is
the case, Just NOP the bytes for the CMP and the correspond-
ing JMP.
If the program just checked for the carry flag to be set,
and it isn't, then the program usually assumes that the disk
has been copied. Examine the following code
INT 13 <-- Read in the Sector
JC 1B00 <-- Protection found
INT 19 <-- Reboot
1B00 (rest of program)
The program carries out the INT and find an error (the il-
legally formatted sector) so the carry flag is set. The com-
puter, at the next instruction, see that the carry flag is
set and know that the protection has not been breached. In
this case, to fool the computer, just change the "JC 1B00" to
a "JMP 1B00" thus defeating the protection scheme.
NOTE: the PROTECTION ROUTINE might be found in more than just
1 part of the program
----------------------------
00 - Successful
01 - Bad command given to INT
*02 - Address mark not found
03 - write attempted on write protected disk
*04 - request sector not found
08 - DMA overrun
09 - attempt to cross DMA boundary
*10 - bad CRC on disk read
20 - controller has failed
40 - seek operation failed
80 - attachment failed
(* denotes most used in copy protection)
AH=2 Read Sectors
input
DL = Drive number (0-3)
DH = Head number (0or1)
CH = Track number
CL = Sector number
AL = # of sectors to read
ES:BX = load address
output
AH =error number (see above)
[Carry Flag Set]
AL = # of sectors read
AH=3 Write (params. as above)
AH=4 Verify (params. as above -ES:BX)
AH=5 Format (params. as above -CL,AL
ES:BX points to format
Table)
------------------------------------------------------------
For more information on INT-13 refer to appendix A.
------------------------------------------------------------
END.
10
In part II, Buck cover's Calls to INT-13 and INT-13 that are
located in different overlays of the program. This is a
method that is used often.
-------------------------------------------------------------
Cracking Tutorial II.
By: Buckaroo Banzai
Title: Cracking On the IBM PC Part II
Introduction
------------
OK guys, you now passed out of Copy Class 101 (dos files)
and have this great new game with overlays. How do I crack
this one. You scanned the entire .EXE file for the CD 13 and
it's nowhere. Where can it be you ask yourself.
In part II, I'll cover cracking Overlays and the use of
locksmith in cracking. If you haven't read part I, then I
suggest you do so. The 2 files go together.
Looking for Overlays
--------------------
it can mean
4 things.
1: The .EXE (though it is mostly .COM) file is just a
loader for the main file.
2: The .EXE file loads in an overlay.
3: The CD 13 is encrypted &/or hidden in the .EXE file.
4: Your looking at the WRONG file.
I won't discuss case 1 (or at least no here) because so
many UNP files are devoted to PROLOCK and SOFTGUARD, if you
can't figure it out with them, your stupid.
If you have case 3, use the technique in part I and restart
from the beginning. And if you have case 4, shoot your self.
You know the program uses overlays but don't see and on
disk? Try looking at the disk with good old Norton's. Any
hidden files are probably the overlays. These are the ones
we are after. If you still can't find them, use PC-WATCH
(this program is a must!!! For all crackists. Traps ALL in-
terrupts).
11
Using PC-Watch to Find Overlays
-------------------------------
Start up PC-Watch and EXCLUDE everything in the left Col..
Search the right Col. until you find DOS21 - OpnFile and
select it.
Now run the program to be cracked.
Play the game until the protection is checked.
Examine you PCWatch output to see what file was loaded
right before it.
This probably is the one holding the check.
If not, go through all the files.
You Have Found the Overlays
---------------------------
Great, now just crack the overlay as if it was a DOS file.
You don't need to worry about .EXE file, debug can write an
overlay file. Part I explains the basics of cracking. I
suggest that you keep a backup copy of the overlay so if you
mess up, and you will, you can recover quickly. Ah, and you
I find it useful, before I even start cracking, to analyze
the protected disk to find and id it's protection. This
helps in 2 ways. First, it helps you to know what to do in
order to fake out the protection. Second, it helps you to
find what the program is looking for.
I suggest that you get locksmith if you don't already have
it. Check your local pirate board for the program. I also
suggest getting PC-Watch and Norton Utilities 3.1.(Now 4.1)
All of these program have many uses in the cracking world.
END.
12
-------------------------------------------------------------
OK, now let's put some of this information into practice by
examining a few cracks of some common programs. First we'll
look at a Crack for Mean-18 Golf by Accolade. Accolade has
been one of those companies that has a fervent belief in Copy
Protection.
-------------------------------------------------------------
Title: MEAN-18 UnProtect For CGA/EGA Version
This crack works by eliminating the code that tests for known
bad sectors on the original diskette to see if it is the
genuine article or an illegal copy. The code begins with an
INT 13 (CD 13 HEX), a DOS BIOS disk service routine followed
a few bytes later by another INT 13 instruction. The program
then checks the returned value for the bit configuration that
signifies the bad sectors and, if all is as expected, contin-
ues on with program execution.
The code that needs to be patched is in the GOLF.EXE file and
in the ARCH.EXE file. It is identical in both files and lies
near the end of each file.
In the following steps, you'll locate the start of the test
code and patch it by replacing it with NOP instructions (HEX
90). The method described uses the DOS DEBUG utility but
Norton's Utility (NU) works too.
Copy all of the files from the MEAN-18 disk onto a fresh
floppy using the DOS COPY command and place your original
diskette out of harm's way.
Assuming DEBUG is in the A: drive and the floppy containing
the files to be unlocked is in the B: drive , proceed as fol-
lows:
First REName the GOLF.EXE file so it has a different
EXTension other than .EXE.
REN GOLF.EXE GOLF.DEB
Next load the file GOLF.DEB into DEBUG and displays the "-"
DEBUG prompt.
A:> DEBUG B:GOLF.EXE
13
Search for the beginning of the code to be patched by typing:
- S CS:100 FFFF CD 13
Searches the file for the two byte INT 13 instruction. If
all goes well, two addresses should appear on the screen.
XXXX:019C
XXXX:01A8
XXXX indicates that the numbers preceeding the ":" vary from
system to system but the numbers following the ":" are the
same on all systems.
The next step is to use the "U" command as indicated to
un-assemble a few bytes in order to verify your position in
the file)
- U CS:019C
(Un-assembles 32 bytes of code. Verify the following se-
quence of instructions:
INT 13
JB 01E9
MOV AL,[BX+01FF]
PUSH AX
MOV AX,0201
INT 13
POP AX
JB 01E9
CMP AL,F7
JNZ 01B5
These are the instructions you'll be patching out in the fol-
lowing step)
- A CS:019C
This command assembles the new instructions you enter at the
keyboard into the addresses shown. Beginning at CS:019C, and
for the next 21 bytes, ending with and including CS:01B0, en-
ter the no op command "NOP" (90h) followed by a <return> or
<enter>. Just hit <enter> at address XXXX:01B1 to end the
assemble command.)
XXXX:019C NOP <enter>
XXXX:019D NOP <enter>
.
.
.
XXXX:01AE NOP <enter>
XXXX:01AF NOP <enter>
14
XXXX:01B0 NOP <enter>
XXXX:01B1 <enter>
This just wipes out the section of code containing the INT 13
check.
Now do a HEX dump and verify that bytes 019C through 01B0
have been set to 90 HEX.
- D CS:019C
If they have, write the patched file to the disk as follows)
- W
This writes the patched file back to the
but
now, it can be run from any drive, including the hard
drive)
Now just [Q]uit or exit back to DOS. This command can be ex-
ecuted at any "-" DEBUG prompt if you get lost. No modifica-
tion will be made to the file on the disk until you issue the
"W" command.
- Q
The process is the same for the ARCH.EXE file but because it
is a different length, the segment address, (XXXX part of the
13 instruction at address XXXX:019C and the second one at
XXXX:01A8 as before.
You will again be patching 21 bytes and you will start with
019C and end with 01B0 as before. After doing the HEX dump
starting at address 019C, you again write the file back to
RCS<cr>
16
Debug will prompt you for the new value of CS with:
CS:27FC:
You respond by typing the value of DS you saw when you
dumped the registers the first time. For example, I typed
"12CE<cr>". The value you type will be different. Debug
will again respond with the "-" prompt which means we are
ready to do our search. Type in the following after the "-"
prompt:
S CS:0 FFFF CD 13<cr>
The computer should respond with three lines of information
which are the addresses of the three Interrupt 13 calls built
into the program. The first four digits are the segment ad-
dress and will equal to the value of CS you have just set.
The second four digits following the colon are the offset ad-
dresses which are of primary interest to us. On my machine
they came back as follows:
12CE:4307
12CE:431F
12CE:4335
The segment addresses will be identical and the three off-
set addresses should all be relatively close together. Now
look at the first offset address. (As you can see, mine was
"4307".) Write it down. Now we do a bit of Unassembly.
Type "U4307<cr>" which is the letter "U", followed immedi-
ately (with no blank spaces) by whatever your first offset
address turned out to be, followed by a carriage return. If
you are not familiar with unassembled machine code, it will
look like lines of gibberish as follows:
12CE:4307 CD13 INT 13
12CE:4309 4F DEC DI
12CE:430A 744C JZ 4358
.
.
12CE:431F CD13 INT 13
12CE:4321 4F DEC DI
.
.
12CE:4324 BF0400 MOV DI,0004
12CE:4326 B80102 MOV AX,0201
In my computer, Unassemble will automatically output 16
lines of code to the screen. Yours may differ. Note, in the
(INT 13) correspond to the first two addresses we found in
our search. Now we continue the unassemble, and here comes
17
another tricky part. Just type in "U<cr>" after the "-"
prompt.
You'll get sixteen more lines of code with the third Inter-
rupt 13 on a line which begins with the address (CS):4335 if
you have the same version of Submarine as I do. It's not
terribly important to this exercise, but it will at
least show you that things are proceeding okay. Now type in
"U<cr>" again after the prompt. You are now looking for
three key lines of code. On my program they appear as fol-
lows:
12CE:4335 07 POP ES
12CE:4356 5D POP BP
12CE:4357 CB RETF
The true key is the instruction "POP ES". This instruction
begins the normal return sequence after the program has ex-
ecuted its Interrupt 13 instructions and accompanying checks.
If Debug on your machine prints fewer than 16 lines of code
at a shot, you may have to type in "U" more than twice at the
"-" to find these instructions. (If you haven't found any of
this stuff, either get help on the use of Debug or go back to
A4307<cr>
This first bit tells Debug that new Assembler code will be
inserted at the address of the first Interrupt 13. If your
first Interrupt 13 is at an address other that "4307", use
the correct address, not mine. The computer will prompt you
with the address:
12CE:4307
After which you will immediately type:
JMP 4354<cr>
This instruction jumps the program immediately to the normal
return code instructions. Again, at the risk of being redun-
dant, if your "POP ES" instruction is at a different address,
use that address, not "4354"!
The computer will prompt you with the address of the next in-
18
struction if all went well. MAKE SURE you just hit the
carriage return at this point. Debug will then return the
familiar "-" prompt.
Now it's time to examine your handiwork. Let's do the
unassemble again starting at the address of what had been the
first Interrupt 13 instruction, but which is now the Jump in-
struction. Type in "U4307<cr>" or "U" followed by the appro-
priate address and a carriage return. The first line begin-
ning with the address should appear as follows:
12CE:4307 EB4B JMP 4354
The key here is the four bytes immediately following the ad-
dress. In my example they are "EB4B". Yours may not be.
But, they are VERY IMPORTANT because they represent the ac-
tual machine code which is the Jump instruction. WRITE THESE
FOUR BYTES DOWN AND MAKE SURE THEY ARE CORRECT.
Now if you want to have some fun before we go on, reset
register CS to its original value by first typing "RCS<cr>"
and execute your program. If you have followed my instruc-
tions, it should run fine. Get help if it doesn't. Now, you
should be all set. You can load onto your hard disk, if you
haven't already. You can run it from a RAM disk using a BAT
file if you really want it to hum. Or, if you have the fa-
cilities, you can copy it from 5-1/4" floppy to 3-1/2" dis-
kette and run it on machines which accept that medium if you
upgrade to a new computer.
END.
20
Now let's take a look at a newer crack on the program, Space
Station Oblivion by Eypx. At a first [S]earch with Debug and
Norton's Utility no CD 13's could be found, and yet it was
using them... So a different approach had to be taken...
-------------------------------------------------------------
By: PTL
Title: Space Station Oblivion Crack
First of all, you must determine which file the INT 13's are
in, in this case it had to be the file OBLIVION.EXE since it
was the main program and probably contained the INT 13's. So
then rename it to a different EXTension and load it into De-
bug.
Then do a [S]earch for INT 13's.
-S 100 FFFF CD 13
Which will promptly turned up nothing. Hmmm...
Next you might decide that, maybe, the code was modifying it-
self. So quit from Debug and load up PC-Watch, include all
the INT 13 Calls. For those of you not familiar with
PC-Watch, it is a memory resident program that can be set to
look for any type of BIOS call. When that call is made
PC-Watch prints to the screen the contents of all the regis-
ters and the current memory location that the call was made
from.
After PC-Watch is initialized, then run the OBLIVION.EXE file
from the hard disk, leaving the floppy drive door open, and
sure enough, when the red light comes on in the diskette
drive, PC-Watch will report the address's of some INT 13
calls. Which you should then write down.
From there, quit the game, reboot, (To dump PC-Watch from
memory) and load the OBLIVION.EXE into Debug and issue a [G]o
command with a breakpoint. What address should you use for a
breakpoint? You guessed it, the same address PC-Watch gives
you.
Well, it locked up did'nt it? Which is quite common in this
line of work so don't let that discourage you. So next re-
loaded it into debug and this time [U]nassemble the address
that you got from PC-Watch. But instead of finding the INT
13's you'll find harmless INT 21's.
Hmm... could it be that the program was converting the CD
21's to CD 13's during the run? Well, to test the idea as-
semble an INT 20 (Program Terminate) right after the first
21
INT 21. Then I run the program, and yes immediately after the
red light comes on the drive, the program will terminate nor-
mally.
Then [U]nassemble that same area of memory, and low and be-
hold, some of the INT 21's have magically turned into INT
13's. How clever...
So, then it is just a matter of locating the address of the
routine that it jumped (JMP) to if the correct disk was found
in drive A:. Once you have that address, just go to the
start of all this nonsense and [A]ssemble a JMP XXXX command.
Where XXXX was the address to jump to if the original disk
was in drive A:.
Then just [W]rite the file back out to the disk and [Q]uit
debug, and then REName the file back to OBLIVION.EXE
afterwhich it should work fine.
END.
22
-------------------------------------------------------------
A new fad has recently started up with software vendors, it
involves the use of "Passwords" which are either stored in
the documentation or are actually the documentation itself.
Then when you reach a certain part of the program (Usually
the beginning) the program will ask for the password and you
have to look it up in the Docs before being allowed to con-
tinue. If the wrong password is entered, it will usually
drop you to DOS or take you to a Demo version of the program.
This new form of copy protection is very annoying, but can
usually be cracked without too much effort, and the files
and the disk are usually in the standard DOS format. So now
we'll take a look at cracking the Doc check questions.
First of all we'll crack the startup questions in F-15
Strike Eagle by MicroProse.
-------------------------------------------------------------
By: JP ASP
Title: F-15 Unprotect
Make a copy of the original disk using the DOS DISKCOPY pro-
gram.
>DISKCOPY A: B:
Then insert the copy disk in the A drive and invoke DOS DE-
BUG.
>DEBUG
Now we'll [F]ill an area of memory with nothing (00).
-F CS:100 L FEFF 0
Next we will [L]oad into address CS:0100 the data that is on
the A: disk (0) from sector 0 to sector 80.
-l cs:100 0 0 80
Now lets [S]earch the data we loaded for the area where the
copy protection routine is.
-s cs:100 l feff FA EB FD
Then for each of the occurences listed, use the address DEBUG
returned in the [E]nter command below.
23
-e xxxx 90 90 90
-------------------------------------------------------------
Here's the part we are interested in, it's where you change
all the autorization codes to a space. Notice how you can
use the [S]earch command to look for ASCII text.
-------------------------------------------------------------
-s cs:100 l feff "CHIP"
Then for each occurance of "CHIP" use the address DEBUG re-
turned in the [F]ill command below.
-F XXXX L F 20
Write out the modified data
-W CS:100 1 0 80
Quit DEBUG
-Q
You should now be able to DISKCOPY and boot from all copies
also just press the space bar when it ask for ANY authority
code and then press "ENTER". Now there is no need to remember
(or look up) any codes that are so finely tucked away in the
manual!
END.
24
-------------------------------------------------------------
Here is a similar method that was used break the passwords in
the program BATTLEHAWKS 1945 by Lucasfilms. However Norton
Utilities is used to search for the passwords and change
them.
-------------------------------------------------------------
By: PTL
Title: BATTLEHAWKS-1945 Doc Check Crack
In keeping in line with their previous programs, Lucasfilms
has released yet another program which uses Doc Checks for
its means of copy protection, Battlehawks 1942.
When you run this program, it first goes through a series of
graphic displays, then it goes through a series of questions,
asking what type of mission you want to fly, such as Train-
ing, Active Duty, or which side of the war you want to be on.
Then right before the simulation begins, it shows you a pic-
ture of a Japanese Zero and ask you for a password which you
are then supposed to get by looking up the picture of the
Zero in the User Manual and typing the corresponding password
in. After which it enters the simulation, in the event you
enter the wrong password, it puts you into a training mis-
sion.
Removing the Doc Check in a program like this is usually
pretty easy. The ideal way to do it is to remove the Doc
Check routine itself, but if you don't have all day to debug
and trace around the code this might not be the best way.
For instance if you only have your lunch hour to work on it
(Like I did), then you need to use the standard Q.D.C.R.S.
(Quick Doc Check Removal System).
How do you do a QDCRS? Well first of all, play around with
the program, find out what it will and will NOT accept as a
password. Most programs will accept anything, but a few
(Like Battlehawks) will only accept Alpha characters.
Once you've learned what it likes, make an educated guess as
to what program the Doc Check routine is in. Then load that
program into Norton's Utility (NU).
At this point, take a look at the passwords, and write down
the most unusual one that you can find (I'll explain later).
Now type that password in as the search string, and let NU
search through the file until it finds the password. Now a
couple of things can happen.
1. It only finds one occurrence
2. It finds more than one occurrence
3. It doesn't find any occurrence
In the event of case 2 then YOU have to determine where the
passwords are stored, you can do this by opening your eyes
and looking.
In the event of case 3, go to the kitchen and start a pot of
coffee, then tell you wife to go to bed without you, because
you have a "Special Project" that you have to finish tonight.
And by the way, Good Luck. You'll need it.
Hopefully case 1 will occur, now you have to take a look at
the data and ask yourself 2 questions:
1. Are all the passwords the same length?
2. Is there a set number of spaces between each pass-
word?
3. Does the next password always start a certain number
of characters from the first character of the previ-
ous password?
If you can answer yes to any of the above questions, you in
luck. All you have to do is change the passwords to spaces
(If the program allows that, Battlehawks doesn't) or change
them to you favorite character. The letter X works good, it's
easy to type and easy to remember.
If you can't answer yes to any of the questions then you ei-
ther need to bypass the Doc Check routine itself or you need
to be adventurous and experiment. Battlehawks will not follow
any of the above patterns, and your quickly running out of
time, so you'll have to try something, fast...
So just wiped out all of the data area with X's, all the
passwords and associated "garbage" between them. Then saved
the changes and drop out of NU and into BH. Then when it ask
for the password, just filed the area with X's. Next thing
you know, you'll be escorting a bombing run on a Japanese
carrier.
So, this one turned out to be fairly simple. Where you may
run into trouble is on Doc Checks that use a graphic system,
such as Gunship by MicroProse. When it comes to this type of
Doc Check, you almost have to bypass the routine itself. And
again, a good way to do this is with setting break points and
using the trace option in Debug.
END.
25
-------------------------------------------------------------
That was the easy version Doc Check crack, however there a
"Better" way to crack Doc Checks, is to bypass the routine
completely so the user can just press enter and not worry
about spaces. Let's take a lot at this method by looking at
a crack for the program, Yeager's Advanced Flight Trainer, by
Electronic Arts.
-------------------------------------------------------------
By: PTL
Title: Yeager's Advanced Flight Trainer
26
-------------------------------------------------------------
Now we'll take a look at cracking self booters. A few compa-
nies have found this to be the best copy protection scheme
for them, one of which is DataEast, makers of Ikari Warriors,
Victory Road, Lock-On, Karnov, etc... This posses a special
problem to the Amateur Cracker, since they seldom use stan-
dard DOS formats. So let's jump right in!
-------------------------------------------------------------
This is the area where a "Higher than Normal" knowledge of
Assembly Language and DOS Diskette structures, so first of
all, the Basic's.
The Disk's Physical Structure
Data is recorded on a disk in a series of concentric circles,
called Tracks. Each track if further divided into segments,
called Sectors. The standard double-density drives can
record 40 tracks of data, while the new quad-density drives
can record 80 tracks.
However, the location, size, and number of the sectors within
a track are under software control. This is why the PC's
diskettes are known as soft-sectored. The characteristics of
a diskette's sectors (Their size, and the number per track)
are set when each track is formatted. Disk Formatting can be
done either by the operating system or by the ROM-BIOS format
service. A lot of self booters and almost all forms of copy
protection create unusual formats via the ROM-BIOS diskette
services.
The 5 1/4-inch diskettes supported by the standard PC BIOS
may have sectors that are 128,256,512, or 1,024 bytes in
size. DOS, from versions 1.00 through 4.01 has consistently
used sectors of 512 bytes, and it is quite possible that this
will continue.
Here is a table displaying 6 of the most common disk formats:
_____________________________________________________________
Type Sides Sectors Tracks Size(bytes)
_____________________________________________________________
S-8 1 8 40 160K
D-8 2 8 40 320K
S-9 1 9 40 180K
D-9 2 9 40 360K
QD-9 2 9 80 720K
QD-15 2 15 80 1,200K
_____________________________________________________________
S - Single Density
D - Double Density
QD - Quad Density
Of all these basic formats, only two are in widespread use:
S-8 and D-9. The newer Quad Density formats are for the 3
1/2" and 5 1/4" high density diskettes.
* SIDES.PER.DISK
And here are the formulas for converting sequential sector
numbers to three-dimensional coordinates:
BIOS.SECTOR = 1 + DOS.SECTOR.NUMBER MOD SECTORS.PER.SIDE
BIOS.SIDE = (DOS.SECTOR.NUMBER f SECTORS.PER.SIDE)
MOD SIDE.PER.DISK
BIOS.TRACK = DOS.SECTOR.NUMBER f (SECTORS.PER.SIDE
* SIDES.PER.DISK)
(Note: For double-sided nine-sector diskettes, the PC's
most common disk format, the value of SECTORS.PER.SIDE
is 9 and the value of SIDES.PER.DISK is 2. Also note
that sides and tracks are numbered differently in the
ROM-BIOS numbering system: The sides and tracks are num-
Diskette Space Allocation
The formatting process divides the sectors on a disk into
four sections, for four different uses. The sections, in the
order they are stored, are the boot record, the file alloca-
tion table (FAT), the directory, and the data space. The
size of each section varies between formats, but the struc-
ture and the order of the sections don't vary.
The Boot Record:
This section is always a single sector located at sector
1 of track 0, side 0. The boot record contains, among other
things, a short program to start the process of loading the
operating system on it. All diskettes have the boot record
on them even if they don't have the operating system. Asisde
from the start-up program, the exact contents of the boot
record vary from format to format.
The File Allocation Table:
The FAT follows the boot record, usually starting at
sector 2 of track 0, side 0. The FAT contains the official
record of the disk's format and maps out the location of the
sectors used by the disk files. DOS uses the FAT to keep a
record of the data-space usage. Each entry in the table con-
tains a specific code to indicate what space is being used,
what space is available, and what space is unusable (Due to
defects on the disk).
The File Directory:
The file directory is the next item on the disk. It is
-------------------------------------------------------------
Here is a simple routine to just make a backup copy of the
Flight Simulator Version 1.0 by Microsoft. I know the latest
version is 3.x but this version will serve the purpose of
demonstrating how to access the data and program files of a
selfbooter.
-------------------------------------------------------------
By: PTL
Title: Microsoft Flight Simulator 1.00 Unprotect
This procedure will NOT convert the Flight Simulator disk to
files that can be loaded on a hard drive. But... it will
read off the data from the original and put it onto another
floppy. And this should give you an idea of how to read data
directly from a disk and write it back out to another disk.
First of all take UNFORMATTED disk and place it in drive B:.
This will be the target disk.
Now place your DOS disk (which has Debug) into drive A:, or
just load Debug off you hard disk.
A>DEBUG
Then we are going to enter (manually) a little program to
load the FS files off the disk.
-E CS:0000 B9 01 00 BA 01 00 BB 00
01 0E 07 06 1F 88 E8 53
hexadecimal which is location 17,415 decimal in the
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 7 of 10 ***
*** Good Boards and BBS Ethics ***
***************************************************
What makes a BBS a *GOOD BOARD*? Here's a discussion logged from a good BBS. We
think the *USERS* make a good BBS, and we like Steve King's "BBS ETHICS," so
reprint it here. It appears on most TELEGARD systems, and in case you haven't
read it, you should.
--------------------------------------------------------
Date: 6:19 pm Wed Dec 27, 1989 Public 17/53
From: Sparkplug General Messages
To: Potato Man
Title: Good BBS
A good BBS is not only having all files online (as the phringe used to do) but
also! having a good user base that is helpfull and not worring about petty
problems. There aren't many real good boards among the many boards available
here locally, but a board that comes to mind that you should try to emulate and
exceed is winplace's old board wasteland I, This is just my opinion and I hope
that this board becomes as good as you hope it to be!
Sparky
Date: 1:33 pm Wed Dec 27, 1989 Public 15/53
From: Potato Man General Messages
Title: What makes a BBS a "GOOD" BBS?!
Well I had this chat talk with a user and he referred to few BBSs as the "GOOD"
BBSs and I stopped him to ask him why are those the good BBSs and if there's
anything the matter with this one so the answer to that was that I should'nt
even "DARE" to compare my BBS with those "GOOD" ones! The question is WHY?
What am I missing in this BBS that the others don't or what the A or B bbs is
missing (not mine in particular). So that brings up another very INTERESTING
topic that I expect to hear some views on...WHAT MAKES A BBS TICK???
Is it the users?
Is it the file section?
Is it the Message section?
Is it the mass storage?
etc etc....
If you want my opinion, I think that the users make a BBS tick and thats the
bottom line, a BBS with no users or dorky users or users that are just there
and they just exist without offering anything is just NOT a BBS... This guy
also said that the BIG BBSs (the ones with mass storage, and lots of phone
lines and stuff!) are BAD! he says that "you rich guys! (without even knowing
me or my W2) think you can put 300 or 600 megs online and have a BBS" well I
personally think that a BBS with most of the files being ONLINE and not OFFLINE
has a TREMENDOUS advantage over the BBS that has every file in the world but
all of them are OFFLINE!... What good would it do me if I need a file right now
and I call my supporting BBS to take it down but due to the lack of space the
sysop has it OFFLINE and then I kinda have to beg for the file to be online and
call back till he or she decides to put it up for me (not necessarily the case
always!). I was also reffered to as "a snobish guy"! (again without knowing
me)..Now please really tell me if (and this is your best chance to get back at
me!) I seemed snobish or not willing to help any and all of you outthere... I
wanna make this BBS work and try to make it (if not the BEST in the MIDWEST) at
least one of the best, I want it to have a unique look I want it to have
respect for its users and I want its users to have respect for it..
Please FEEL FREE to respond to this message and I do expect you to FREELY
express your opinions and let us know WHAT MAKES A BBS TICK?!
Date: 12:58 am Sat Dec 30, 1989 Public 22/54
From: Gil Fish General Messages
Title: Good BBS's
Well, I feel what makes a good BBS is a friendly attitude between the users and
the sysop('s). I just logged off the Melting Point and felt verbaly abused.
That board bombards you with demands that you participate in every aspect of
his bbs. This is not an attack on him, as I'm sure he isnt attacking me
personally, but I dont like to have demands thrown at me in mass e-mail. And
this post or die attitude many boards are getting is putting me off too. I dont
know, mabey the majority of us pirates are a bunch of assholes that need to be
screamed at, but I like to think not.
Date: 5:26 pm Sat Dec 30, 1989 Public 24/54
From: Rocky Roccoco General Messages
To: Gil Fish
Title: Melting Point
i think people should contribute to a board,there are those of you who log on a
bbs,look through the board,then log off!.....thats just wasting the time of the
sysop (trying to provide a quality bbs not a library book) and wasting the time
of other user that are probably autodialing like mad to get on and contribute.
i have a few users that do it and i get fed up with it. ....also the sysop go's
out and spends MULTI THOUSANDS OF DOLLARS makeing a bbs buying the equipment
and so forth.....i think the sysop has a right to know who's using his bbs and
what the user has to offer him in exhchange for the privelige of haveing time
on the system......so all you out there that read this and dont abide by "the
way it is" shouldnt bitch about it.....just dont call anymore.....its not good
to lose people on a board but if u look at it this way.......there are alot
more people out there to take your user number! replies are always encouraged
in the constant effort of keeping users happy with the systems they
call........SO LETS SEE SOME POSTS!!!!!!
Ethics for BBS users - By Steve King
The following are a few points of general BBS etiquette. If you wish to
maintain your welcome on whatever system you happen to call, it would be to
your advantage to observe these few rules. (Sysops - feel free to download
this & display it on your BBS)
1. Don't habitually hang up on a system. Every Sysop is aware that
accidental disconnections happen once in a while but we do tend to get
annoyed with people who hang up every single time they call because they are
either too lazy to terminate properly or they labor under the mistaken
assumption that the 10 seconds they save online is going to significantly
alter their phone bill. "Call Waiting" is not an acceptable excuse for
long. If you have it and intend to use the line to call BBS systems, you
should either have it disconnected or find some other way to circumvent
it.
2. Don't do dumb things like leave yourself a message that says "Just
testing to see if this thing works". Where do you think all those other
messages came from if it didn't work? Also, don't leave whiney messages that
say "Please leave me a message". If ever there was a person to ignore, it's
the one who begs someone to leave him a message. If you want to get
messages, start by reading the ones that are already online and getting
involved in the conversations that exist.
3. Don't use the local equivalent of a chat command unless you really have
some clear cut notion of what you want to say and why. Almost any Sysop is
more than happy to answer questions or offer help concerning his system.
Unfortunately, because about 85% of the people who call want to chat and
about 99% of those people have absolutely nothing to say besides "How old are
you?" or something equally irrelevent, fewer Sysops even bother
answering their pagers every day.
4. When you are offered a place to leave comments when exiting a system,
don't try to use this area to ask the Sysop questions. It is very rude to
the other callers to expect the Sysop to carry on a half visible
conversation with someone. If you have a question or statement to make and
expect the Sysop to respond to it, it should always be made in the section
where all the other messages are kept. This allows the Sysop to help many
people with the same problem with the least amount of effort on his part.
5. Before you log on with your favorite psuedonym, make sure that handles
are allowed. Most Sysops don't want people using handles on the system.
There is not enough room for them, they get silly games of one-upmanship
started, it is much nicer to deal with a person on a personal basis, and
last but not least, everyone should be willing to take full responsibility
for his actions or comments instead of slinging mud from behind a phoney
name.
6. Take the time to log on properly. There is no such place as RIV, HB, ANA
or any of a thousand other abbreviations people use instead of their proper
city. You may think that everyone knows what RIV is supposed to mean, but
every BBS has people calling from all around the country and I assure you
that someone from Podunk, Iowa has no idea what you're talking about.
7. Don't go out of your way to make rude observations like "Gee, this system
is slow". Every BBS is a tradeoff of features. You can generally assume
that if someone is running a particular brand of software, that he is
either happy with it or he'll decide to find another system he likes
better. It does nobody any good when you make comments about something that
you perceive to be a flaw when it is running the way the Sysop wants it to.
Constructive criticism is somewhat more welcome. If you have an alternative
method that seems to make good sense then run it up the flagpole.
8. When leaving messages, stop and ask yourself whether it is necessary to
make it private. Unless there is some particular reason that everyone
shouldn't know what you're saying, don't make it private. We don't call
them PUBLIC bulletin boards for nothing, folks. It's very irritating to other
callers when there are huge blank spots in the messages that they can't read
and it stifles interaction between callers.
9. If your favorite BBS has a time limit, observe it. If it doesn't, set
a limit for yourself and abide by it instead. Don't tie up a system until it
finally kicks you off and then call back with another name. This same rule
applies to downloading or playing games. Only one person at a time can be
logged on to a BBS and it isn't fair to everyone else if you overstay
your welcome. Remember, a BBS is best when it can be left wide open. If you
try and cheat the rules you just hurt everybody by forcing the Sysop to adopt
more strigent policies. I can't count the number of systems that are now
locked tighter than a drum because of people who cheat and abuse.
10. Don't call a BBS just to look at the list of other BBS numbers.
Most especially don't call a system as a new user and run right to the other
numbers list. There is probably very little that's more annoying to any
Sysop than to have his board completely passed over by you on your way to
another board.
11. Have the common courtesy to pay attention to what passes in front of
your face. When a BBS displays your name and asks "Is this you?", don't say
yes when you can see perfectly well that it is mispelled. Also, don't start
asking questions about simple operation of a system until you have
thouroghly read all of the instructions that are available to you. I assure
you that it isn't any fun to answer a question for the thousandth time when
the answer is prominently displayed in the system bulletins or instructions.
Use some common sense when you ask your questions. The person who said
"There's no such thing as a stupid question" obviously never operated a BBS.
12. If by some chance you should encounter an error while you are online
(Heaven forbid!), ALWAYS take the time to leave the Sysop a message
describing the circumstances. Don't just say "There was an error". That is
not helpful in the least. Chances are that he knows there was an error. What
he needs to know is what you were doing when the error occurred so that he
can have some chance of finding and correcting it. If the error happened
after you input something, tell him what it was. Remember that a BBS can't
improve unless you're willing to help.
13. Don't be personally abusive. It doesn't matter whether you like a Sysop
or think he's a jerk. The fact remains that he has a large investment in
making his computer available, usually out of the goodness of his heart. If
you don't like a Sysop or his system, just remember that you can change the
channel any time you want. Calling a Sysop names or making uninformed
comments about his lifestyle only shows you for the child you really are.
14. Keep firmly in mind that you are a guest on any BBS you happen to
call. Don't think of logging on as one of your basic human rights. Every
person that has ever put a computer system online for the use of other people
has spent a lot of time and money to do so. While he doesn't expect
nonstop pats on the back, it seems reasonable that he should at least be
able to expect fair treatment from his callers. This includes following any
of the rules for system use he has laid out without grumping about it.
Every Sysop has his own idea of how he wants his system to be run. It is
really none of your business why he wants to run it the way he does. Your
business is to either abide by what he says, or call some other BBS where
you feel that you can obey the rules.
Steve King is Sysop of Commnet-80 Riverside (714 359-3189) as well as the
author of the Commnet-80 Bulletin Board System
***************
We've sen a lot of boards with great potential that don't live up to their
promise because of sysop laziness. So, here's what the contributors to PIRATE
see as a good board:
1. The files are well organized into sections or topics so you don't have to
hunt for everything. TAKE NOTE SYSOPS!! You shouldn't have to search all files
to find the telecom program you're looking for.
2. There is a wildcard function so files can be found between directories and
uploaders can quickly check for duplicates by typing a "S" or "F" and then, if
looking for a program called first choice, the keyword "CHOI*.*" We especially
like TELEGARD.
3. A good board should support 9600 or higher.
4. Users should not be allowed in at 300, and even 1200 should be discouraged.
5. Programs *MUST BE* complete, properly labeled (to include version), and
sorted in some coherent fashion.
6. The users should not be lamerz who upload junk for upload credits and users
should participate regularly in message sections. Most users on good boards
call long distance and can't afford to hang out on message bases for too long.
The way around this is to capture message logs and respond after logging up by
tying out the responses and then uploading the ascii text as a message
response the next time logging on.
6. Sysops *MUST* be friendly, knowledgeable, and willing to put the files in
order, change descriptions, and weed out good/bad users. Sysops should also
be patient and help nurture novices.
7. Batch up/down loading should be available, and so should bimodem.
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 8 of 10 ***
*** BBS Symbols ***
***************************************************
Good users are informed users, and informed users know the symbols that are
used in messages.
The following was sent via BITNET by Ruth Hanschka (RHANSCHK@HARTFORD)
"THE IMFAMOUS SYMBOL LIST" {With Additions}
:-) humorous, joking
:-( sad, this is no joke even though it looks like one
:-') tongue in cheek
:-0 shout
;-) say no more, nudge nudge
=:-0 scares me too
:-! foot in mouth
:-$ put your money where your mouth is
0:-) don't blame me, I'm innocent
%-/ don't blame me, I'm hung over
<:-) don't blame me, I'm a dunce
C:-) don't blame me, I'm an egghead
[:-|] sent by a robot
:-)8 sent by a gentleman
8:-) sent by a little girl
(8-) sent by an owl
(:\/ sent by a duck
:-)=== sent by a giraffe
(-:|:-) sent by siamese twins
d:-) I like to play baseball
q:-) I am a baseball catcher
:-| I play the harmonica
:-8 I just ate a pickle
"In printed communications (in this case bulletin boards), it is tough
to get the idea across that you are being sarcastic etc. Scott Fahlman, with
the help of other participants on FIDONET, might just have the answer..." This
appears at the top of the original. There are probably more of them by this
time, but I do not have them. The original notice asks FIDONET contributors
to send more in. My copy of this came from a photocopy of a printout in the
University of Hartford Computer Resource Library, so blame them :-') not me.
And now the additions. These came from a VAX discussion line.
these really were [:-|].
:-) joking or sarcastic face
:-} fiendish grin
;-) wink
:-( sad or angry face
|-( late night
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 9 of 10 ***
*** Gene and Roger at the BBS ***
***************************************************
----------
REVIEW OF: EURO-AMERICAN CONNECTION (708) 296-0242 (Chicago Suburbs)
----------
GENE: Hey, Rog' -- here's a new board, just started up in December, and I
think it has the potential to be one of the best boards in the country.
You go in at 9600 and get 1550+ CPS, all the warez on on-line, and they
all work. Can't beat that. You've seen the nearly 1 gig of space, and
there's plans to go multi line. The users are a nice mix of
instate/outstate. We've both read the message logs, and even you agree
that there's not a lamer in the bunch. The files are well ad says, it's
sure about the friendliest board I've been on. If you're having
problems, Hot Mix is usually around to help, and he doesn't hide like a
lot of sysops do. And I like the feature that *ALL* users only get 60
minutes a day, not counting upload time, and that time returned for
uploads is a straight one-to-one. Keeps users from hogging or from
uploading garbage just for more time. And don't forget that HST
14,400!! One meg in 10 minutes!
ROGER: I dunno, Gene. I've seen lots of new boards, even good ones, come and
go, and too often they don't live up to their promise. The sysops get
lazy, the good users upload all their stuff, mooch what they can, then
move on. You're NAIVETE amazes me! Yeh, yeh, the messages are good, but
they're mostly about prolems with warez. I personally like the
occasional flame and political discussion, and I didn't see any of that
there. I agree that all the fixin's are there for a super board, but
we'll see what it looks like in a year. But I'll admit that it's one of
the best new ones I've seen, and in just looking a file dates, it looks
like people are putting stuff up consistently.
GENE: You're just jaded because Stealth went down and Berserker is still at
2400. C'mon! You *know* in your heart of hearts this is a darn good
board. And you can't beat the small user's fee--just a couple of bucks
a month--to store backup copies of stuff. And have you ever seen such a
generous u/d-load ratio as five-to-one?
ROGER: Look, I'm not knocking the board. But I've just seen to many fast
starts and quick stumbles. If Hot Mix and the users can keep it up,
I'll eat my words. I hope they do. I'll even call it. I'll bet you
didn't know that the sysop's handle, "hot mix," is from his DJ days as
a hot mixer of records, did you?
-----RATING: -----
GENE: An enthusiastic 10!! THIS IS A GREAT BOARD!
ROGER: Yeh, ok, I'll concede. I give it a 9+ -- but ask me again next year
Here's what you see when you look on, Rog' -- there's lots of different areas
and something for everybody. It's running TELEGARD, and that's about the
hottest sysem around right now, and when 3.0 comes out, nothing will touch
it!!
zddddddddddddddddddddddddddddddddddQ
3 cdQ
3 EuroAmerican Connection BBS 3 3
3 Niles, IL 3 3
cdddddddddddddddddddddddddddddddddd4 3 ATTENTION: ALL NEW USERS !!!
cdddddddddddddddddddddddddddddddddd4 3 > Use 10 for User Number >
cdddddddddddddddddddddddddddddddddd4 3 > Use 1111 for User Phone # >
cdddddddddddddddddddddddddddddddddd4 3
3 SHUTTLE LOGON MENU 3 3
Enter BBS Password:
Telegard BBS Version 2.4 Standard - Copyright 1988,89,90
Eric Oman, Martin Pollard, and Todd Bolitho - All Rights Reserved.
Display ANSI logon? No
;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;
1;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;;;;;;;;;;;;;;;
1;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;;;;;;;;;;;;;;;
1;;;;;;11111111111111111 1;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;1111111111111
1;;;;;; 1;;;;;;111111111111;;;;;; 1;;;;;
1;;;;;; 1;;;;;; 1;;;;;; 1;;;;;
1;;;;;;;;;;;;;;;;;; 1;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;
1;;;;;;;;;;;;;;;;;; 1;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;
1;;;;;;11111111111 1;;;;;;111111111111;;;;;; 1;;;;;
1;;;;;; 1;;;;;; 1;;;;;; 1;;;;;
1;;;;;; 1;;;;;; 1;;;;;; 1;;;;;
1;;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;; 1;;;;;; 1;;;;;;;;;;;;;;;;;;;;;;;
1;;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;; 1;;;;;; 11;;;;;;;;;;;;;;;;;;;;;;
1;;;;;;;;;;;;;;;;;;;;;;;;; 1;;;;;; 1;;;;;; 11;;;;;;;;;;;;;;;;;;;;;
1111111111111111111111111 111111 111111 111111111111111111111
> > > > > ;;;;;;;; ;;;;;;;; ;;;;;;;;;
> hmn hmn ;;FFFFFF;; ;;FFFFFF;; ;;FFFFFFFF;
> >? > ;;;;;;;;F ;;;;;;;;F ;;;;;;;;; F
;;FFFFFF; ;;FFFFFF; FFFFFFF;;
; ; ?FFF?FF;FF ;; F;; ;; F;; ?; F;;
;FFF; FF? ; ;;;;;;;;;;F ;;;;;;;;;;F ;;;;;;;;;;F
; ; F???F ; ;;;;;;;;; ;;;;;;;;; ;;;;;;;;Enter your User # or you
Logon :90
User password :
Complete phone #: ###-###-
Welcome to EuroAmerican Connection BBS,
Please wait .... thank you.
Last few callers:
2511: Sp. Fly #34 from Waukegan, IL
2512: Jay Cepe #63 from Arlington Hts, IL
2513: The Untouchable #53 from Chicago, IL
2514: Captain Sir Henry Morgan #38 from Ann Arbor, MI
3 O | ------------------------------------------------------------ | O 3
3 O | NEWS FLASH from EuroAmerican Connection BBS | O 3
3 O | Sent by HOT MIX on 02/03/90 at 08:30am | O 3
3 O | | O 3
3 O | New News! | O 3
3 O | | O 3
3 O | Well I hope everyone noticed that we now have 660 Megs of | O 3
3 O | very fast ESDI storage! I still have an extra 300 Megs to | O 3
3 O | install and I'm waiting for some answers, (it may not be | O 3
3 O | possible) but I did promise a gigabyte and I keep my | O 3
3 O | promises so the gigabyte is NOT far fetched! | O 3
3 O | Anyway..I would like for everyone to be a total part of | O 3
3 O | this BBS and help it grow in every direction! We do have a | O 3
3 O | great FILE base but we also need a great MESSAGE base and | O 3
3 O | that can only happen with your participation! | O 3
3 O | Please make sure that you DO read your mail (and don't just | O 3
3 O | see it and delete it) and make sure that you delete it | O 3
3 O | after you carefully read it! If it's there it's serves a | O 3
3 O | purpose...Alot of you ask me things that I already | O 3
3 O | mentioned in mail but you didn't take time to read it! | O 3
3 O | Thats all...Enjoy the BBS | O 3
3 O | HOT MIX | O 3
3 O | | O 3
3 O | ------------------------------------------------------------ | O 3
Oooops it seems that it's me and you now! Teddy is out...Let's Party
Now the EuroAmerican Connection supports High Speed Transfers of over 1500 cps
All HST users PLEASE read message in the General Messages area with same title
Always striving to be the BEST (and proving it!)...Coming soon 1.5 GigaBytes!!
You are caller #2515,
Time allowed - 60 minutes
Mail waiting - 1 letter
You have called - 64 times
Last on - 02/24/90
Account limits - 7 calls, using a maximum of 60 minutes, per day.
Read your mail now? Yes
You have no mail waiting:
.----------------------------------------------------.
: AVAILABLE BULLETINS :
: :
: :
: :
: :
: :
: :
`----------------------------------------------------'
The EuroAmerican Connection BBS
SysOp : HOT MIX
Co-Sys : MAD COOK
List of Users by User Name in Ascending Order
Total Number of Users Listed = 147
User Name City & State Last Logon
========= ============ ==========
AGENT 007 Lombard, IL 02/23/90
AMBER Lyons, IL 01/21/90
ANDY COOPER Mcgaw Park, IL 01/15/90
BAD SECTOR Leyden Township, IL 02/15/90
BADGER Gilbert, AZ 02/19/90
BARCLAY Henry, IL 02/11/90
BIG MAN Chicago, IL 01/03/90
BILLY THE KID Elmhurst IL 01/14/90
BLACK KNIGHT Naperville, IL 01/13/90
BLACKHAWK River Grove, IL 01/06/90
BONG HITS River Forest, IL 02/20/90
BOOMER Chgo., IL 01/25/90
BRIAN So.Holland, IL 02/23/90
BRIAN SMITH Wildwood, IL 02/08/90
BRYAN ALLISON Wheaton, IL 02/08/90
CAPT'N JACK Morgantown, WV 02/23/90
CAPTAIN COOK Hoover, AL 02/10/90
CAPTAIN DEATH Columbia, MO 02/18/90
CAPTAIN SIR HENRY MORGAN Ann Arbor, MI 01/31/90
CHLORINE SHARK Chattanooga, TN 01/14/90
CONSOLE COMMANDER Buffalo Grove, IL 02/19/90
COSTA SAPUNTZAKIS Hinsdale, IL 02/04/90
DARKSTORM Lemont, IL 01/03/90
DIRTY HARRY Wheeling, IL 02/21/90
DOCTOR CRACK Richton Park, IL 02/23/90
DOCTOR DOS Naperville, IL 02/11/90
DON JARVIS Chicago, IL 02/08/90
DON RIEB Glenview, IL 02/24/90
DON STIEN Chicago, IL 02/22/90
DOUG TAPP Schaumburg, IL 01/11/90
DR. FEELGOOD Greatlakes Il, IL 01/25/90
EGGHEAD DUDE Sesame Street, HI 01/07/90
ELVIS PRESLEY Elgin, IL 02/09/90
EPEIOS Dekalb, IL 02/13/90
ETHAN GRIGGS Chicago, IL 02/03/90
FAST FREDDIE Glenview, IL 02/04/90
FATSO Schaumburg, IL 02/23/90
FELIX FELLNER Skokie, IL 02/22/90
GANDALF Buffalo Grove, IL 02/23/90
GILGAMESH OF URUK Itasca, IL 02/15/90
GLENN ROSE Westmont, IL 02/09/90
GOLDEN MEDUSA~ Northbrook, IL 01/29/90
GORDON THOMPSON Dekalb, IL 02/21/90
GRAFFIX MAN Lisle, IL 02/11/90
GREG KLIMA Chicago, IL 01/21/90
GUEST USER Your Town 02/17/90
HACKMAN Downers Grove 02/11/90
HI-FI Glenview, IL 01/23/90
HOT MIX Niles, IL 02/24/90
JAEGERMECH Wheeling, IL 02/21/90
JAMMER Oslo Norway, NO 02/22/90
JAY CEPE Arlington Hts, IL 02/21/90
JAY CHEN Chicago, IL 01/20/90
JEDI Chicago, IL 02/24/90
JEFF YANG Wheaton, IL 01/20/90
JERRY CLAXTON Huntley, IL 01/27/90
JIM MCMAHON Baltimore, MD 02/23/90
JIM RICHARDS Sycamore, IL 01/20/90
JIM SHOE Chgo Il, IL 01/28/90
JIM VANATOR Chicago, IL 02/21/90
JOE CHARLIER Elk Grove Il, IL 02/03/90
JOE MARTIN Chicago, IL 02/22/90
JOHNNY Morton Grove, IL 01/06/90
JULIUS CAESAR Skokie, IL 01/25/90
KAT Niles, IL 02/20/90
KEITH DOERING Schaumburg, IL 02/18/90
KENNY JASON Chicago, IL 01/13/90
KING LEECH Chicago, IL 02/23/90
LORD HAVOC Chicago, IL 01/05/90
LORD SHIVA Joliet, IL 02/22/90
LORD X Chicago, IL 02/03/90
MAC Willowbrook, IL 02/07/90
MAD COOK Des Plaines, IL 02/21/90
MADMAN Mount Prospect, IL 02/13/90
MAMOMAN VAKAMAN Rolling Meadows Il, IL 02/15/90
MASTER BLASTER Waukegan, IL 02/10/90
MASTER NINJA Schaumburg, IL 02/24/90
MAVERICK Lincolnwood, IL 02/24/90
MEDIEVAL KNIGHTMARE Chicago Heights, IL 02/21/90
MERLIN Hinsdale, IL 02/23/90
METAL GODS Waukegan, IL 02/22/90
MIKE REED Palatine, IL 02/02/90
MIKE YOUNG Elgin, IL 01/21/90
MISTER MONOCHROME Chicago, IL 02/21/90
MR Z Tulsa, OK 02/23/90
MR. HARDWARE Skokie Il, IL 02/23/90
NICE PERSON Deerfield, IL 02/23/90
NIGHTOWL Wheeling, IL 01/12/90
NUN TUCKET Wheeling IL 01/16/90
OL' YELLER Arlington Hts. IL 02/17/90
OLD GUY Northbrook, IL 02/17/90
OLIVER WENDELL JONES Chicago, IL 02/15/90
PIG KILLER Cicero, IL 01/27/90
PINK PANTHER Chicago, IL 02/21/90
POWER BREAKER Chicago, IL 02/18/90
PUNKY STAR Chicago, IL 02/24/90
QUICK SILVER Mt. Prospect Il, IL 01/28/90
RAINMAN Evanston, IL 01/21/90
RAISTLIN MAJERE Barrington, IL 01/17/90
RAZZMATAZZ CHAZ Oak Park, IL 02/23/90
REEGADE Wheaton, IL 01/18/90
RICHARD STANALAND Tulsa, OK 02/15/90
ROADRUNNER Chicag0, IL 02/03/90
ROBOCOP Des Plaines, IL 01/08/90
ROCCO Park Ridge, IL 02/22/90
ROCKET Chicago, IL 02/24/90
RODNEY CLINGERMAN Maywood, IL 02/23/90
RON EARL Dekalb, IL 02/20/90
RON TOCCO Grayslake Il, IL 01/28/90
RONALD GOLZ Midlothian, IL 01/14/90
RONALDGOLZ Midlothian, IL 01/12/90
SAM HOUSTON Chgo, IL 02/17/90
SCHATTEN Desplaines, IL 02/04/90
SINISTER EXAGGERATOR Chicago, IL 02/24/90
SLADE Grayslake, IL 02/15/90
SP. FLY Waukegan, IL 02/23/90
SPANKY Skokie, IL 02/23/90
SPARKY Schaumburg, IL 01/09/90
SPEED DEMON Brookfield, IL 02/20/90
STARBUCK Sycamore, IL 01/17/90
STARSHIP Glen Ellyn, IL 02/09/90
STASH Park Ridge, IL 02/22/90
STEEL RAT Great Lakes, IL 01/05/90
STEVE Oak Park, IL 01/21/90
SUB ZERO Hinsdale, IL 01/28/90
SWITCH BLADE Chicago Il, IL 02/13/90
TED KOPPEL Chicago, IL 02/24/90
THE COUNSEL Mt. Prospect, IL 02/23/90
THE HEAD ZOOKEEPER Lhfjkl'F, IL 02/19/90
THE MAD CELT Glenview, IL 02/24/90
THE MAN Dekalb, IL 02/20/90
THE MISFIT Wheeling, IL 02/16/90
THE ONE AND ONLY SQUID Marengo, IL 02/18/90
THE REPORTER Niles, IL 02/21/90
THE SEEKER Chicago, IL 02/01/90
THE SPIDER Glenview, IL 02/22/90
THE UNTOUCHABLE Chicago, IL 02/24/90
THUNDER STICK Elgin, IL 02/23/90
TIM CHAPMAN Warrenville, IL 02/22/90
TONY WALLS Hometown, IL 02/05/90
TORA TORA Lombard, IL 02/22/90
TYPHON Glen Ellyn, IL 02/16/90
VIC RODELL Wheeling, IL 01/22/90
WHIZ KID Joliet, IL 02/23/90
WINPLACE Greshaam, OR 01/25/90
ZACH HARRIS Skokie, IL 02/23/90
ZEUS Niles, IL 02/24/90
Listing of Top 20 Downloaders:
Downloads Uploads UL/DL
User name and number Num KB Num KB Ratio
------------------------------------------ --- ----- --- ----- -----
1 Punky Star #30 270 -19012 96 28004 60.
2 Gandalf #137 260 -18393 9 1778 3.
3 Jedi #90 180 -29927 164 24695 69.
4 Mr. Hardware #21 139 14182 133 24610 173.5
5 Felix Fellner #14 130 27041 66 16961 62.7
6 Maverick #40 85 15758 24 7815 49.5
7 Sam Houston #56 76 16566 37 8653 52.2
8 Spanky #3 70 18043 174 -22438 -124
9 Fatso #96 66 14839 23 3735 25.1
10 Mr Z #47 63 13958 31 6288 45.0
11 Zeus #16 60 10023 22 2171 21.6
12 King Leech #15 59 14619 22 4259 29.1
13 Jim Mcmahon #119 55 12777 18 5469 42.8
14 The Untouchable #53 52 6985 73 19360 277.1
15 Golden Medusa~ #72 48 8473 13 1602 18.9
16 Hackman #8 45 7980 82 23054 288.8
17 Nice Person #42 41 6707 8 1643 24.4
18 Merlin #17 36 7657 13 2006 26.1
19 Richard Stanaland #60 29 6934 12 2315 33.3
20 Captain Sir Henry Morgan #38 27 5319 17 4755 89.3
------------------------------------------ --- ----- --- ----- -----
19 Power Breaker #12 20 4671 18 4028 86.2
20 Speed Demon #51 16 5085 18 3843 75.5
------------------------------------------ --- ----- --- ----- -----
EuroAmerican Connection BBS
immmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm<
Thu Feb 23, 1990 >
Wed Feb 22, 1990 >
Tue Feb 21, 1990 >
Mon Feb 20, 1990 >
Sun Feb 19, 1990 >
Sat Feb 18, 1990 >
Fri Feb 17, 1990 >
Thu Feb 16, 1990 >
Wed Feb 15, 1990 >
Tue Feb 14, 1990 >
Mon Feb 13, 1990 >
Sun Feb 12, 1990 >
Sat Feb 11, 1990 >
Fri Feb 10, 1990 >
hmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm#
Average system activity = 62%.
Each block represents 2% of usage.
Date: 3:10 am Sat Feb 24, 1990 Public 4/5
From: Hints and Tips!
Title: 386 and an Epson lq1000
>> This message has 1 reply
Can ANYONE help me on this:
I had an IBM (True Blue) XT with an Epson LQ1000 which worked fine all of the
time. Well now I have upgraded to a 386 and when I plugged in my epson and try
to print anything all I get is alot of $ > mixed into the file and it doesnt
even look like the file I am trying to print. Can anyone help me out to get
this working properly? Is there anything you have to include in the
config.sys/autoexec.bat to get the printer to recognise the files properly?
Thanks alot to anyone for any help.......I will try anything to get it to work
with the 386.
Date: 2:36 pm Sat Feb 24, 1990 Public 5/5
From: Hints and Tips!
To:
Title: well
>> This message is a reply
First of all, is the printer serial or parallel? (or both), if u are using
the parallel setup, the u might want start by checking your cables on a diff
machine (but u said it worked on your xt, so that's not the culprit), second,
if it is parallel setup, u want to try slowing your cpu down (if your computer
allows it.....the computer could be shooting out the data too fast, and
there's not enuf time to do handshaking, so you're getting shit printer
out)...if it's serial, make sure your serial port is set at the same baud rate
as the printer is....if it is, make sure u'r cable has its handshaking signal
enabled (make sure the cable is wired properly).....(the first thing i would
try is slowing the computer down, cuz high speeds usually do cause errors
(especially at 33 MHZ!!!))
|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
| ELITE ACCESS ONLY Message ... |
| I want to remind you that if you 're planning to upload something NEW |
| make sure that you upload it to the ELITE section ! |
| Thank you for your support |
| HOT MIX |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0* PD ONLY UPLOADS 1* ** NEW UPLOADS **
2* Miscellaneous 3* DOCs, Cheats & Solves!
4* Music/MIDI 5* DOS Utilities
6* Hard Disk Utilities 7* Cracking/Unprotect Utilities
8* VGA Graphics etc 9* ANSI/Graphic Programs
10* Telecommunications 11* Printer Utilities
12* Word Processing 13* DeskTop Publishing
14* DataBases 15* Spreadsheets
16* Financial 17* Integrated
18* OCR/SCAN utilities 19* CAD/CAM programs
20* 386 Utilities 21* Programming Languages
22* Operating Systems 23* XENIX/UNIX/VpIX
24* Entertainment 25* Older Games
26* Telegard BBS software! 27* Other BBS software!
28* PD IBM Games 29* PD Utilities
30* ELITEs! 31* FREEWARE <NR>
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue IV / File 10 of 10 ***
*** Numbers to Call ***
***************************************************
Area Code 201 - (NJNEW) Newark
BBS Name Number Sysop Software Baud Comments
Soft Board 228-5862
Realm 335-9586 Forum
Eastern Telecom 402-1772 Dr. Null Ptr.Forum 12/24
Underground II 502-9115 Rambone Emulex/II 12/24
Joe's Garage 661-4327 Joe WWIV 12/24
Al's Cabin 827-7815
Metal AE 879-6668 Emulex/II 12/24
Runaway Train 927-1154 GBBS
Area Code 203 - (CTHAR) Hartford
BBS Name Number Sysop Software Baud Comments
Stairway Heaven 393-0899 Emulex 12/24 Home of PHUCK
DSC Inc. 456-3531 Rengd. Chem. TCS 12/24 Phortune 500
Area Code 205 - Alabama
Byte Me 979-2983 Omega Ohm WWIV 12/24
Firebase Eagle 554-0480 Shamus Power Plus 12/96
Area Code 206 - (WASEA) Seattle
BBS Name Number Sysop Software Baud Comments
The Void 232-4941 1200
Society of Sin 234-2777
Thieves Guild 235-6779 Monarch 1200
Ethernal Dimension 255-1282 Jhereg Monarch 12/24
Alternate Reality 352-4606 Mr. Classic Emulex/II 12/24
Agnostic Front 432-6904 Emulex/II 12/24 Home of WASP
Dark Tangent 454-3552 12/24
Gateway 588-5239
Neutral Zone 839-5865 Emulex/II 12/24
Area Code 212 & 718 - (NYNYO) New York
BBS Name Number Sysop Software Baud Comments
Alternate Universe 326-0720 TCW 12/24 Area Code (718)
Hackers Den 358-9209 Red Knight Emulex/II 12/24 Area Code (718)
Adventure's Guild 591-0925 Realm Keeper Monarch 12/24 (718), TSAN
Area Code 213 - (CALAN) Los Angeles
Best of Both 325-3237 WWIV 12/24 New Users 2400
Mystic Knights 426-6490 The Sniper Emulex/II 12/24 TSAN
The Archives 545-0707 Mac ONLY
Insomnia 833-8309 Emulex/II 12/24
The Manor 865-3826 WWIV 12/24
Freakers Den 941-1534 Black Jack WWIV 12/24
Area Code 214 & 817 - (TXDAL) Dallas
BBS Name Number Sysop Software Baud Comments
Oblivion 221-4638
Far Side 231-7920 The Molester Emulex/II 12/24
Redlight Inn. 393-0156 Emulex/II 12/24
Mentality Distrup. 258-4935 TNW 12/24
Dead Zone 522-5321 12/24
Ice Dimensions 641-7085 Emulex/II 12/24
Pub & Tavern 690-4634 Jolly Bard. Emulex/II 12/24
D.U.N.E. 733-0568 Fred Kruuger WWIV 12/24
Area Code 216 - (OHCLE) Cleveland
BBS Name Number Sysop Software Baud Comments
Rich's BBS 482-6079 Rich Little PCB 12/24
Walden Pond 792-0981 Brooksie Forum 12/24
Area Code 217 - (ILCHA) Champaign
BBS Name Number Sysop Software Baud Comments
Golf City BBS 332-4019 Egghead Dude WWIV 12/24
Realm of Darkness 359-2071 Dark Shadow Emulex/II 12/24
Area Code 301 - Maryland
BBS Name Number Sysop Software Baud Comments
Speakeasy 358-0849 WWIV 12/24
Black Box BBS 360-2018 WWIV 12/24
Gates of Dawn 384-2938 Pho. Apollo Apex 12/24 NAPPA #1
Salsbury Hill 428-3269 Laughing Gas WWIV 12/24
Devil's Courier 437-7017 Lord Omar WWIV 12/96
Anarchy Inter. 464-7023 Anthrax Angel Emulex/II 12/24
The Future World 486-4515 The Killer WWIV 12/24
The Gallows 486-5073 Prank Call WWIV 12/24
Just Another BBS 551-2583 Jack Cassidy Forum 12/96
Ram Free 557-6841 Monarch 12/24
Clendestine Corner 647-6631 WWIV 1200
Courier's Annex 666-2077 Aragon WWIV 12/96
The Free World 668-7657 Major Havoc WWIV 12/24
Jolly Roger BBS 675-2566 Emulex/II 12/24
The First Sector 679-3394 WWIV 12/24
Corner Pocket 823-5710 WWIV 1200
The New Republic 828-8291 The Nark WWIV 12/24
The Iron Curtain 843-5052 Agent Orange WWIV 12/24
Fun House 924-1543 Emulex/II 12/24
Surf Shop 990-1715 Emulex/II 12/96
Area Code 303 - (CODEN) Denver
BBS Name Number Sysop Software Baud Comments
Late Night BBS 399-8811 Emulex/II 12/24
Ace's Place 421-1380 1200
Fajita Republic 431-2931 Cap't Blood Monarch 12/24
Insane Asylum 447-2691 Live Wire Monarch 12/24 CIA Home, Inv.
Altered Plane 526-0801 Monarch 12/24 9pm-6am Mtn.
Vulgar Unicorn 680-8622 One Thumb Monarch 12/24
Most Composers 771-5937 Monarch 12/24
Distillery 797-1330 Monarch 1200
Discordian Society 969-8195 Organ Grinder Monarch 12/24
Radio KAOS 979-9533 British Spectrum 12/24
Area Code 305 -
BBS Name Number Sysop Software Baud Comments
Area code 312 & 815 - (ILCHI) Chicago
BBS Name Number Sysop Software Baud Comments
Dragon's Lair 215-4937 Dirty Harry Monarch 12/24
Custom Software 246-7705 Steve Merenkov PCboard 12/96 Join Conf. 3
Alcatraz 256-0422 Black Guardian Pcboard 12/24
Zoo 350-9346 Zoo Keeper SBBS 12/96
Snarf's Music Std. 351-0288 Snarf Monarch 12/24
Fox River Valley 426-3279 George Krueger PCBoard 12/96 400 MEGZ
Shop 426-8228 Bud PCboard 12/96 NO HANDLES!
Truckstop 478-3045 The Dispatcher Forum 12/96
GGS 530-2209 Pedro Gomez Wild, Form.12/24 open door 15
Bootleggers BBS 535-2761 Megz Diamond PCboard 12/96 400 MEGZ
E.T.'s Home 537-3463 Nightowl Telegard 12/24
Rasputin's Dungeon 653-1765 Rasputin RBBS 12/96 300 MEGZ
Great Cavern 683-3666 Gary Nelson PCboard 12/96 NO HANDLES!
O'hare Oasis 693-2904 Pinball Wiz. Telegard 12/24
New World 749-8137 Virgin Dest. Telegard 12/24 Private
NIU Connection 753-1800 12/24 (815)
Jousting Fields 756-3023 Med. Knight. Spectrum 12/24
M. Lapse of Reason 759-2699 Pink Floyd PC Board 12/24
Defiant Sceptor 885-1237 The Dealer PCB, Telg. 12/24 Ask for Club
Sycamore ELITE 895-5573 12/24 (815)
Aquila BBS 898-5672 898-5806 12/24
Anonymous Wonder 935-4339 Brown Bomber Telegard 12/24
Area Code 313 - (MIDET) Detroit
BBS Name Number Sysop Software Baud Comments
Seitch Tabr 255-2767 12/24
Genesis II 291-2520
The Ballroom 295-7279 T.A.G. 12/24
Mission Compatible 295-7308
007's VIP Lounge 348-8535
Dungeon of Doom 352-3666 12/24
GLBBS 360-0106 WWIV Pwd: POWERUP
The Nuthouse 381-2931 12/24
Spider's Web 381-5244 12/24
PC Playhouse 381-8633
Dude Man Dude HQ 420-4624 12/24
Crash Landing 455-5821 12/24 Private
Unlimited Reality 489-0747 QBBS 12/24
Ariel System 569-3194 T.A.G. 12/24
Slipped Disk 585-8315
Starship Enterprise 843-1581
Get Serious 846-0731
Tin Pan Alley 939-6339 Monarch 12/24 NAPPA #10
Beyond Reality 995-0754 12/24
Area Code 314 - (MOSOL) St. Louis
BBS Name Number Sysop Software Baud Comments
Brewery 394-8259 WWIV 12/24
Parthenon 522-1460 WWIV
Enterprise 664-7148
Hellfire Club 772-3153
Pinball Place 863-2954 WWIV 12/24
Area Code 404 - (GAATL) Atlanta
BBS Name Number Sysop Software Baud Comments
Revo Emag 435-5737 Black Star TCE BBS 12/24 TCE Home
Blueberry MUFF 458-7696 WWIV 12/24
The Pit 487-7829 Dispater WWIV 12/24
Duck Board Elite 564-3592 Mad Gator Pcboard 12/24
923-3870 Mad Gator PcBoard 12/24
Planet X 591-1620 Emuexl/II 12/24
Iron Sheath 594-0086 T.A.G. 12/24
CIA 676-0900 Emulex/II 12/24
Sun Bane Inc. 921-4635 Lord Foul Emulex/II 12/24
New Silicon Guild 985-1321 T.A.G. 12/24
Yellow Jacket 985-8244 Simon Emulex/II 12/24
Tammy Hall 991-6604 Mad Max WWIV 12/24
Area Code 407 -
BBS Name Number Sysop Software Baud Comments
Thrash BBS 631-4601 12/24
Area Code 408 - (CASJO) San Jose
BBS Name Number Sysop Software Baud Comments
The Pubb 251-4689 The Bartender Monarch 12/24
Billion Boys Club 268-6692 Wind Walker PCboard 12/24
Nuclear Wasteland 268-7793 12/24
The BELL Board 297-8383 Gold Finger Emulex/II 12/24
TCH Trading Post 358-3273 12/24
Underground I 426-2576 The Enforcer Monarch 12/24
The Pentagon 426-7228
*.* 429-8312 Baby Eagle WWIV 12/24
Mt. Olympus 438-3349
Atlantis 475-2729
Dragon's Heaven 735-8685 Master Ryu Monarch 12/24
Snake Bytes 997-6399 12/24
Area Code 412 - (PAPIT) Pittsburgh
BBS Name Number Sysop Software Baud Comments
The Eagles Nest 539-1965 Emulex/II 12/24 NAPPA #12
Area Code 415 - (CASFA) San Francisco
BBS Name Number Sysop Software Baud Comments
Vector One 221-5033 WWIV 12/96
Leecher's Paradise 234-4588 12/24
Lunatic Labs 278-7421 Mad Alchem Monarch 12/24
The Skull 341-1362 Forum 12/24
Ojai 341-7564 Matrix 12/24
Strictly Business 583-1673
Mordor 673-8670
U.C.I. 770-0140
Playboy Mansion 851-4368 1200
Camelot 887-0983
House of Solitude 948-4925 Forum 12/24
Wild West 968-4717 Sidewinder Wild West 12/24
Area Code 416 - Toronto, Ontario, CANADA
BBS Name Number Sysop Software Baud Comments
The lost Souls 241-2119 Dark Spirit Matrix 12/24 Matrix Home
The High Command 247-4491 Emulex/II 12/24
Thieve's Guild 267-3938 Master Thief Forum 12/24
Time Tunnel 283-6765 Time Master USSR 12/24
Life After Death 431-9265 Jack Daniels USSR 12/24
Air Academy 439-8374 Top Gun FCP 12/24
Euphoria 467-6387 RJ MacReady Monarch 12/24 FiRM dist.
467-6998
Saucerful/Secrets 756-3467 Angel Heart Monarch 12/24
Warez R Us 769-3189 Capt. Caveman USSR 12/24
Hunting Grounds 823-9439 Huntsman Monarch 12/24
Canadian Tech. 846-7528 Bit Splice Emulex/II 12/24
Swashbucklers II ???-???? Desert Foxx Emulex/II 12/24 Emulex/IIHome/PTL
Area Code 502 -
BBS Name Number Sysop Software Baud Comments
Rasputen's Playgrd 782-0260 12/24
Pirate's Chest 926-2857 12/24
Area Code 503 - (ORPOR) Portland, Oregon
Area Code 504 - (LANOR) New Orleans
BBS Name Number Sysop Software Baud Comments
TMOZ 272-9633 Bulldog Telegard 12/24
Area Code 507 - (MNROC) Rochester
BBS Name Number Sysop Software Baud Comments
Electric Ocean 281-0275 Brand-X 12/24
Didactic Gallery 282-5063 Purl. Illus. Brand-X 12/19.2 Brand-X Home
Area Code 508 - (MAWOR) Worchester
BBS Name Number Sysop Software Baud Comments
Country Morgue 250-8098 Undertaker TBBS 12/24
Eternal War 285-5325 Warlord QBBS 12/24
Inf. Intoxication 750-8035 Invi. Stalker TCS 12/24
Area Code 513 - (OHCIN) Cincinatti
BBS Name Number Sysop Software Baud Comments
Psychedelic Sanct. 451-6188 Emulex/II 12/24
Ultimate Empire 896-4550 Sax Pistol Fcp V3.0 12/24
BBS Name Number Sysop Software Baud Comments
Rock'in Ranch 249-7248 Ranger Rick Emulex/II 12/24 TSAN
Knights Rnd. Tbl. 281-3214 DarkMage Emulex/II 12/24
The Prism 678-1642 Monarch 12/24
Junkyard BBS 932-7394 Junkman Emulex/II 12/24 TSAN
Area 517 - (MILAN) Lancing
BBS Name Number Sysop Software Baud Comments
Hades BBS 259-4641 12/24
Nite Line 477-9315 Black Jack Emulex/II 12/24
Mission Compat. 5 529-4287 Energy Wave Fcp 12/24
The Magick Link 592-2741 Emulex/II 12/24
Area Code 519 - London, Ontario, Canada
BBS Name Number Sysop Software Baud Comments
Bopper Land 660-1960 Big Bopper Monarch 12/24
The Coffee Shop 679-2696 Monarch 12/24
Area Code 602 - (AZPHO) Pheonix
BBS Name Number Sysop Software Baud Comments
Boss BBS 242-3935 Sysop Pokey Emulex/II 12/24
Beta Cygnus 274-8917 Mastermind Forum 12/24 FiRM Dist.
Radio Free Europe 866-7864 12/24
Vahalla Islands 942-0087 Pharigm God Tcs 12/24
ESP Headquarters 942-2111 Mr. Peace Forum 12/24 ESP Club Home
2001 Odyssey 953-1893 ABBS 12/24
Temple of Doom 996-8002 WWIV 12/24
Area Code 606 - Eastern Kentucky
BBS Name Number Sysop Software Baud Comments
The Vortex 331-5133 Terminator Forum 12/96 PTL Dist.
Area Code 607 - (NYBIN) Binghamton
BBS Name Number Sysop Software Baud Comments
Ahab's Abbey 729-7019 12/24
Wizards Workshop 754-2950 Pirate Master Forum 12/96
Area Code 612 - (MNMIN) Minneapolis
BBS Name Number Sysop Software Baud Comments
Avenger's Island 439-9782 Forum
Radio Waves 471-0060 The Sensei Forum 1200
Playdo Land II 522-3959 Heavy Metal Emulex/II 12/24
Playdo Land 557-1489 Emulex/II
The Establishment 559-8289
Area Code 615 -
BBS Name Number Sysop Software Baud Comments
Syd's Place 691-9073 Syd Womack PC Board 12/96
Area Code 617 - (MABOS) Boston
BBS Name Number Sysop Software Baud Comments
Country Morgue 250-8098 12/24
Swift's Ridge 364-3304 Sir Swift Gen. Delux 12/24
Forgotten Dimension421-6755 Monarch 12/24
Player's Guild 455-8154 The Outlaw Spectrum 12/96 FiRM dist.
Spinward Marches 474-0602 12/24
Edge of Insanity 484-4921 12/24
The Realm 527-6567 The Enchanter Emulex/II 12/24
Taster's Choice 868-5731 Emulex/II 12/24
Jabba's PC Hut 884-9498 Genesis 12/24
Lion's Den 889-0777 12/24
Area Code 619 - (CASAD) San Diego
BBS Name Number Sysop Software Baud Comments
Private Sector 353-0970 The Spy WWIV 12/24
Somewarez 436-9861 Jon Emulex/II 12/24
Convent 475-6187 Emulex/II 12/24
Starhelm Greystaff 479-3006
Parallax 486-2858 WWIV 1200
dBORED 748-3644 PCboard
Knavery 942-0408 WWIV 12/24
Area Code 703 - Arlington, Virginia
BBS Name Number Sysop Software Baud Comments
Treasure Island 442-6653 Monarch 12/24
The Daily Exchange 466-2120 12/24
Gathering Gods 641-0190 The Noid Monarch 12/24
Star Pirates II 644-2347 Darkstar Apex 12/24
Pirates Island 759-3979 Monarch 1200
Figment/Imagination759-6579 Monarch 12/24
Cornerstone 971-7874 The Maestro Forum 12/96 FiRM Home
Area Code 713 - (TXHOU) Houston
BBS Name Number Sysop Software Baud Comments
?? 356-2042
Sperical Planes 358-2683 12/24
London at Midnight 373-1769 12/24
General Electric 438-3156 Pheonix 12/24
Crystal Orbe 488-3744 12/24
Alternate Mindlink 489-7779
Ultimate Revolution492-1179 Celtic Phrost Emulex/II 1200 NAPPA #4
Hellfire 497-5547 Damian Emulex/II 12/24
Lighthouse 556-5652 T.A.G. 12/24
Optical Illusion 578-0722 SYS-PC 1200
Killer's Domain 578-1455 12/24
Shadow's Realm 578-1527 12/24
Celestial Woodlands 580-8213 The Ranger SYS-PC 12/24 SYS-PC & BSP Home
Super Dimension 586-9721 SYS-PC
Anarchist's Realm 774-0767 1200
Smash Palace Mac 821-3901 12/24
Anarchist's Under. 890-0561 Shadow Walker SYS-PC 12/24
Fantasy World 933-0062
Round Table 980-3977 Emulex/II 12/24
Area Code 714 - (CAANA) Anaheim
BBS Name Number Sysop Software Baud Comments
CopyWorks Inc. 496-7069 12/24
The Wish List 831-6235 12/24
Zero Gravity 860-5779 Emulex/II 12/24
Focal Point 946-9234 Enforcer Emulex/II 12/24
Area Code 716 - (NYBUF) Buffalo, New York
BBS Name Number Sysop Software Baud Comments
Stoney Man's Farm 439-3269 Emulex/II 12/24 UnderGr. Home
Plutonium Mines 636-4540 Jenetic Bytm. Neuromancer 12/24 PTL dist.
636-5185 Jenetic Byte. Nueromancer 12/24 PTL dist.
Land of Fa 773-7526 WWIV 1200
Heaven or Hell 832-0118 Master Blaster Neuromancer12/96 NAPPA #7
Area Code 719 - Colorado Springs, Colorado
BBS Name Number Sysop Software Baud Comments
The Edge (718) 631-8135 12/24
Playdo Land 260-8472 Mr. Bill Emulex/II 12/24 NAPPA #15
Insane Asylum II 597-3973 12/24
Forbidden Passage 774-0449 Mr. X Monarch 12/24 NAPPA/FiRM Dist.
Area Code 801 - Utah
BBS Name Number Sysop Software Baud Comments
The Kingdom 292-8118 Xavier WWIV 12/24
Plutocrazy 295-7522 WWIV 12/24
Berserker 485-7646 Earl Smith PC Board 12/24
Stealth 521-3837 12/24 Private
Area Code 805 - (CABAK) Bakersfield
BBS Name Number Sysop Software Baud Comments
Sherwood Forest 255-2850 Robin Hood WWIV 12/24
Theebbs 324-9239 12/24
Unknown World 373-0574 The CooZ Monarch 12/24 TSAN
West World 379-1616 Monarch 12/24
Mage's Lair (804) 451-3551 The Mage Monarch 12/24
Area Code 813 - (FLTAM) Tampa
BBS Name Number Sysop Software Baud Comments
The Trading Post 544-2108 WWIV 12/24
Mission Compat. 3 647-2580 Paladin Emulex/II 12/24
Dungeon of Dread 689-2103 12/24
Arabian Knight BBS 871-2189 Sinbad WWIV 12/24
Point Blank 875-5153 Brian Hart Monarch 12/24
Faw or Foad 962-2937 Wendle WindlesWWIV 12/96 TSAN
Sentry's Post 980-2447 The Sentry WWIV 12/24
Area Code 818 - (CAGLE) Glendale
BBS Name Number Sysop Software Baud Comments
Land of Warlord 280-4065 Shogun WWIV 12/24
Night Industries 2 281-4587 Air Wolf WWIV 12/24
Night Undustries 1 284-5946 Space Kid WWIV 12/24
ACC 287-0408 WWIV 12/24
Phantom's Domain 368-2945 Phantom Emulex/II 12/24 Pwd: ZERO GROUND
Roach Motel 369-2083 Black Flag Emulex/II 12/96 WHOA
Stranger Eye 409-9472 Jagged Edge Emulex/II 12/24 TSAN
Land of Illusion 447-9049 Maurader Monarch 12/24
Burial Grounds 571-8389 Emulex/II 1200
Cemetery Gates 575-1887 Holy Grenade WWIV 12/24 FiRM Dist.
Project Genesis 706-8167 One Monarch 12/24
Gotham City 718-8227 Batman WWIV 12/24
Krypton 773-0461 Superman WWIV 12/24
Influx 799-3589 WWIV 12/24 Real names only
Hecker 912-4183 WWIV 12/24
ANI Systems 912-7848 The Tracer Emulex/II 12/24 Home of WHOA
Crys. Strike Force 965-1580 Battlehawk Emulex/II 12/24
Area Code 904 - Northern Florida
BBS Name Number Sysop Software Baud Comment
Pool Hall 757-3578 WWIV 12/24
South East. Coil. 779-9152 Emulex/II 12/24
BBS Name Number Sysop Software Baud Comment
City Limits 357-0316 Tuf Dog Monarch 12/24
Area Code 914 - White Planes, New York
BBS Name Number Sysop Software Baud Comment
Phortress 221-0035 Forum 12/24
Ninja's Place 297-0334 The Ninja Emulex/II 12/24
Time Zone 354-1185 The Watcher Forum 12/24 TSAN
Inner Sanctum 683-6926 Seadough Gen. Delux 12/24
Software Cellar 795-5092 Forum 12/24
Hacker's Hideout 838-2319 Forum 12/24
Area Code 919 - (NCRTP) Research Triangle Park
BBS Name Number Sysop Software Baud Comments
Park Place 460-9441 Joe Isuzu WWIV 12/24
Boinger Board 846-3734 WWIV
>--------=====END=====--------<
