The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / zines / a_m / lol_11.txt < prev next >

Wrap

Text File | 2003-06-11 | 29.7 KB | 612 lines

Legions of Lucifer ('léjen ov lûcifèr) n. 1. Any multitude of followers of the chief evil spirit, Satan. 2. A group of Anarchists and Computer Experts that work together as one to cause havok in the anarchy bound society of this nation. Hacking Primenet An Indepth Guide by: Count_ZER0 Member of £.ô.£ DISCLAIMER : This text phile is for educational purposes only. The author will not be held responisble for the way in which the reader takes this informat- ion, legal or otherwise. This file may be distributed and reproduced in any way as long as it stays in its original format. This may not be sold without the author's permission....ok, enough with this shit.... NOTE: This file assumes that the reader has full ANSI support. If you can't support ANSI then you are fucked. ┌────────────┐ │Introduction│ └────────────┘ Since this is designed to be a fairly indepth guide on hacking primenet, I will start-out with a simple explanation of hacking and what it really is. Most people who have never hacked or are beginers think that hackers are a small community of very knowledgable computer "geniuses" that randomly break into systems for fun and then create havok or steal information. I will speak of my own views on hacking which shouldn't reflect the feelings of the entire hacking community but I would guess a large amount. First of all hacking is getting more and more risky everyday. Because of this, hacking for fun isn't as safe as it used to be (although most of my hacking is for fun ). The reason people (people I know) hack is because we believe in free information exchange. This means that I should be able to freely access any information that is avialable over the modem that I want. There are obvious reasons why this can't be achieved, but if people have information that is that sensative then it should not be put out over the modem. Now the second and biggest misconception about hacking is how the hacker actually "hacks". Most people think that hacking is just basicly getting lucky and guessing a password that lets you into a system. This is *very* untrue. Let us take an example that you have just broken into the CIA's compter system. So suddenly you get a -> prompt. Now what do U do?!? This is the difference between the hacker and some kid that is good at guessing. The kid may be able to guess a password, but if he doesn't know what to do once hes in then he might as well have not even hacked the password at all. So, the main objective of the hacker is to concentrate on learning how to use a system. After he has done that then he can figure out ways to get around certain kinds of security and get to the stuff he wants. So what you should do is read all the manual's and text philes that you can get your hands on. Because before you can defeat a system, you must know how it works (this works for life in general). Ok, now you understand what hacking is and how you should go about learning it. Now to the good shit... ┌──────────┐ │Why Prime?│ └──────────┘ Well, we've all heard of Unix and Vax systems. We hear a little bit now and then about Cyber or Tops systems, but what the fuck is Prime? Well, prime is a system made by Primos which has a set-up something like DOS. Prime is arguably not as powerful as a Vax or Unix system, but it is more user friendly (I feel) than either of them. Now, you may say to yourself "Great, why should I even learn about prime if nobody uses it". Well there are many people who use it (just not as many as Unix of Vax), but the real reason I wrote this is because a good percentage of the systems found on Telenet are prime. Since I have already wrote a telenet G-Phile (which is very good <grin>), I thought I'd follow it up with a primos text phile since there are so many. Also, there are no really good primenet hacking philes (except for a good one in a LOD/H journal and in a Phrack issue which I forget) that cover everything. Lastly, since they are a shitload on telenet it's pretty safe to fuck with them. ┌─────────────────┐ │Where do I start?│ └─────────────────┘ First of all find a prime system. This can be done by going on Telenet and just scanning or picking-up the LOD/H journal #4 which has a great NUA list (or any NUA list for that matter). You can also check at your local university for one. Ok, first I tell you the way to identify a prime system. It should be easy because almost all prime systems have a system header that looks something like... PRIMENET 22.1.1.R27 SWWCR This means that this is a primenet version 22.1.1. If for some reason you get VERY lucky and find a version 18.xx or lower then you're in. See, most version 18's and lower have either no password (So you enter System for the ID which is the sysop), or if they do have a password then all you have to do is hit a few ^C (Control C for the beginner) for the password. Some prime systems just sit still when you connect. On these try typing like 'fuck'. If its a prime you will get a message like... Now, in order to logon to a prime system you must type "Login <UserName>" or just "Login". If you type in "Login" then it will just ask you for your username anyways. Now, here is the hardest part of hacking. You must get a working password. Primes are hard to hack since they dont have any default passwords. Here is a list that I have compiled ..... ╔════════════╦════════════════╗ ║ Username ║ Password ║ ╠════════════╬════════════════╣ ║ Prime ║ Prime ║ ║ System ║ System ║ ║ Primos ║ Primos ║ ║ Admin ║ Admin ║ ║ rje ║ rje ║ ║ Demo ║ Demo ║ ║ Guest ║ Guest ║ ║ Games ║ Games ║ ║ Netman ║ Netman ║ ║ Telenet ║ Telenet ║ ║ Tools ║ Tools ║ ║ Dos ║ Dos ║ ║ Prirun ║ Prirun ║ ║ Help ║ Help ║ ║ Test ║ Test ║ ║ Netlink ║ Netlink ║ ║ ║ ║ ╚════════════╩════════════════╝ Not all these passwords and names are guarenteed to work. If none of them work then try to mix-up the usernames and the passwords. Hopefully you have now gotten into the system and get the "OK," prompt. ┌─────────────────────────┐ │What do I do Once I'm In?│ └─────────────────────────┘ Alright, so now your in. If you have gotten in then that is a big step in itself and I congratulate you. So, now you have the prompt "OK," or something like that. This is the command prompt, if you enter a bad command it may look different such as "ERR," or something like that. This is nothing to worry about just an error message. Ok, first I'm going to run down some basic commands. First of all we must understand how primos is set-up. The primos set-up is very much like MS-DOS There are seperate directories each with files and more directories in them . It is pretty easy to navigate, so i will just give you the commands and then explain what to do with them.... ┌────────────────┬─────────────────────────────────────────────────────────┐ │Command │ Function │ ├────────────────┼─────────────────────────────────────────────────────────┤ │LD ┼ This is to show the contents of the current directory │ │ │ your in. │ │Attach ┼ This is to attach (move) to another directory. │ │Delete ┼ This is to delete a file or directory. │ │ED ┼ This is the text editor to edit/create text. │ │Logout ┼ This is to log-off │ │Netlink ┼ This is to enter the netlink section. │ │Slist ┼ This is to list the contents (text) of a file │ │CPL <filename> ┼ This is to run a .CPL program │ │Users ┼ This is to list the amount of users on the system. │ │Status Users ┼ This is to get the names, numbers and locations of the │ │ │ users on line. │ │ │ │ │Help ┼ This is to get a list of the commands. │ │Help <commands> ┼ This is to get help with a command │ └────────────────┴─────────────────────────────────────────────────────────┘ Ok, those should be enough for the time being. Now, lets start by doing a 'LD' (anything in single quotes means to type it). The name of the directory you're in right now should be the same as your user name. There may be a few files in here so to see the contents of the files type 'SLIST <filename>'. Now, lets do an 'Attach MFD'. This is the "Main File Directory" where most of the major files and directories are found. So now we will do another "LD" and look at all the directories and files. Ok, now to start the hacking. This method works with most primes, but not all so don't be to discouraged if it doesn't work. Ok, first of all you probably noticed that when you first started-out the directory you were in had the same name as your username (id). This is a very important lesson. The reason this is important is beacuse now you can probably figure-out that *The name of every directory is also the name of a user* (NOTE: This is true for all directories, EXCEPT ones with an asteric '*' by their name). This means 2 things, first of all it means that you can basicly find a fair amount of usernames from the mfd directory and the odds are that a few of them will have the same password as the name (This is an important lesson in hacking, whenever you're on any kind of system get a user list and then just go through the list, using the username as the password and you should get a few accounts at least) Secondly it means that you can access a certain users "private" directory. What this means is that a lot of the usernames of actually people may not be in the MFD directory. This means that once you find out a username you can then simply say "attach <username>" and your in their directory. So, now knowing that we will do a 'Status Users'. This will give you a list somewhat like this User Number Device Guest 14 <MDF0> System 1 <MDF0> <MFD1> Hacker 81 <MDF0> Sysmaint 19 <MDD0> (phantom) From this list we can get all the usernames/directories of the users on-line and start snooping. It is usually not good to be on when there are a lot of people on since a Sysop might notice that you shouldn't be on at that time or something. You may notice that the last one (Sysmaint) has the word Phantom by it. This means that it is just a program that is doing house keeping stuff. Its nothing to worry about. The devices are mearly like a tree in other software (UNIX/VAX), if there are 2 devices then it means that the user is either interacting with another system or has logged-off incorrectly. So, now we have some usernames/directories to look at (and to try as passwords for the same username). Now first of all we want to go back to the MFD directory and look for a directory that is something like UTIL, Utilities, CCUTIL or whatever. This part is very site dependant so just try any thing that looks like a util. Now attach to that directory which is 'Attach Util' (asuming the name is Util). Now we get to another important part of Primenet. The different file formats..... FileSuffixHowtoexecute/Description ╔════════════╦═══════════════════════════╗ ║ .CPL ║ CPL<Pathaname>/Language ║ ║ .SAVE ║ SAVE<Pathname> ║ ║ .SEG ║ SEG<pathname> ║ ║ .TXT ║ SLIST<pathname> ║ ╚════════════╩═══════════════════════════╝ This list shows you the different file suffixes you'll see. Every file will be followed by a suffix. If it is not then you can assume its text. The only suffix we want to worry about now is the CPL suffux. CPL (Command Procedure Language) is the primos "programing language". So you can assume that anything with a .CPL suffix is some type of program. Most often you will find simple programs which tell the date, some "menus" that people programmed in CPL to navigate the system easier, and then their own misc CPL files. To run a CPL file you type 'CPL <pathname>' (the pathname is simply the file name). Now, since CPL is a language it's programs must some how be written. This means that by doing a SLIST on a .CPL file will display the contents & source code of the .CPL file. Ok, so back to the hacking. So we're in the Util's library (or whatever the name of the directory is). Ok, now do an 'LD' to see the contents and look for any .CPL files. Lets say theres a CPL file named "CleanUp.CPL". Now you'd type 'SLIST CleanUp.CPL', this will display the source code of the CleanUp program. Now, you will get a lot of trash and bullshit but in it somewhere look for a line that is something like... A UTIL KEWL │ ^Password └─┤ Directory name So, what does this mean you ask?? Well first off we will remember that every Directory (except for ones with stars by them) is a username which you can log-on with. So this means that the password for the username Util is KEWL !!! If you have found a line like this then congratulate yourself..you have SYS1 access. Just in case you don't really understand, lets say that there was a directory's name was COUNT, and the password was ZER0. Now, if you got lucky and were on a system where this works then you'd see a line like... A COUNT ZER0 Another way to find out directory/usernames is by usinf the 'List_Access' command. This shows the different directories that the current directory has access to. This wil look something like... ACL "<current directory": JOHN : ALL SALLY : LUR ADMIN : NONE GAMES : LUR From this you can see the names of directories that you would normally could not access, because if you don't know the name of a directory then you can't access it. You can do this at different directories and sometimes you will find a different set of directory/username names. Ok, so you should pretty much understand what we are looking for. If this doesn't work in one directory then keep checking in other log-on able directories. Remember this technique only works like 70% of the time so if it doesn't work then don't worry. ┌─────────────────────────────┐ │It Doesn't Work, Now What??!!│ └─────────────────────────────┘ Since the above technique of primos hacking is well known, by both hackers and Sysops I expect to have a large percentage of readers still stuckin thier "Guest" acount. I will now tell you how you can both defeat security and how you can secure yourself. First of all, lets boost your acount as much as you can (with your current access ofcourse). To do this we will use the CHAP command. This will edit or priority levels. To do this we will use the 'CHAP UP' command (remember anything in single quotes you type). You can also use 'CHAP DOWN' or 'CHAP X' where X equals the amount of levels you want to jump up to. Each system will have different levels, so do it about 10 times and then stop (unless you get a message that you have reached the limit already). The main reason we want high security is so we can get into other directories and run high-access programs (and access high-access commands). So first I will discuss Directory security. Here is a diagram of the different levels of security that can be put on directories.... ┌───────────┐ │Directories│ └───────────┘ Letter Decription of Access ╔════════╦═════════════════════════════════╗ ║ P ║ To protect the directory ║ ║ D ║ Delete entries to directory ║ ║ A ║ To add entries to a directory ║ ║ L ║ Read contents within a directory║ ║ U ║ Lets you attach to the directory║ ║ R ║ Read contents of file ║ ║ All ║ All of the above ║ ║ None ║ No access to others ║ ╚════════╩═════════════════════════════════╝ So, from this you can see the different options that one can put to protect a library. These letters can also be combined to form a "word" (so to speak), so that you can incorporate different types of access. The most commonly found example of this would be "LUR" access. So, using the chart this means that someone can Read the contents of the directory, Attach to it, and Read the contents of the files in the directory. Basicly this means that you can read all you want but you can't edit, which in some cases can be good. Since this file is is also geared towards the well educated user I will discuss how to change the access on directories, and how to create/delete directories. I would strongly suggest that anyone who has hacked an a count not try to create delete files (unless you want to get back at someone on the system, which will be discussed later), since it will lead to detection and and erasure of the acount (This is a general rule of hacking, read all the info you want, but keep a low profile). By default most directories will be set to ALL access when created. Prime is one of those big network, open systems, and many people never bother or don't know how to make thier acount's more secure. (this will be painfully obviuos (to the users) when U get one <grin>). Because of this you will find *MANY* directories with ALL access. I have found many directories of people who have SYS1 access, with ALL access. Most of the other people will have LUR access. This is still very sufficient for your needs, since U can still read files. Since I want to be slightly kind I will discuss how to change access on directories, for the people who have ligit prime acounts. If you have a hacked acount then there should be no reason for you to change access on a directory, first of all you will be detected in a second, and second of all its not perminent at all and can't be used to thrash the board. First of all the command to create a directory is 'Crea te <dirctory name> [-password] [-access]'. So in other words if I wanted to create a mail directory with the password of FUCK and LUR access then I'd type. Create Mail [-FUCK] [-LUR] The command for changing access on a directory is... Set_Access ALL [-LUR] In this example we are changing a directories access to LUR (you can read but you can't edit) from ALL (everything). Since there is no real reason you would want anyone else changing your files I would suggest atleast LUR access. If you are really worried then I would not even think twice about going to NONE access, its up to you. Although changing access is the most effective way to secure your directory, there are some people who would like others to read, or mabey even edit files in their directory. This is why I usually tell people to just make a password, this command has already been discussed.. That about raps it up for ther directory part of this file. This is the major and most important part. Now we get to the fun little features. ┌───────────────────────────────────┐ │Creating Files and Writing Programs│ └───────────────────────────────────┘ Creating files are a very important part of hacking prime net. The main reason we want to create files is so we can take advantage of the CPL language. I have not learned the CPL language well enough so I really can't explain much about it. I'm still looking for technical manuals. The easiest way to learn it is by just looking at all the .CPL files. Once we learn the CPL language we can simply add commands to creat us new acounts to house keeping programs. The reason we would want ot do this is beacuse when it is run by the admin, or any user with high enough access it will run these embedded commands and we will have a new acount with unlimited access!! The way to create a file is by typing 'ED'. This will get you into the text editor. It should look something like.. INPUT This means you can type in what ever you want. So lets say you are making a file that, when run will type out 'Count_ZER0 is the ruler of heaven and earth', you would type... Type Count_ZER0 is the ruler of heaven and earth Now, you'd type just a <CR> alone and you'll get a line like... COMMAND This line varies a lot from system to system, but you'll get something to that affect. Here you would now type 'Save Count.CPL'. This would then save a program call Count.CPL in the directory and when you ran it (Discussed earlier) it would type 'Count_ZER0 is the rules of heaven and earth' on the screen. The editor can also be used to write Basic, Fortran, C, and pascal files (use the 'Languages' command to see what languages it supports). All you do is write the program in the editor and then save it with the correct suffix. Then you run/compile the program. Since this file is much longer then I thought it would be I won't discuss it, but it can easily be found out about by using the 'HELP' command. ┌──────────────────────────────────────────┐ │Communicating With Other Users And Systems│ └──────────────────────────────────────────┘ To send message to another user On-Line you use the Message command. Lets say using the status command (discussed earlier) you found there was a user named JOE that you wanted to talk to. So you'd type .. Message JOE <CR> Hello, how are you ! This will send a message to him unless you get some message that says something like.. User Joe not accepting messages at this time. This means that he is not accepting messages (fuckin duhhhhhh), so you can try again later. You can also use the TALK command, which is self-explanitory. Just type 'TALK', and then follow the directions. ┌────────────────────────┐ │Accessing Remote Systems│ └────────────────────────┘ The most exciting feature of primos (and this G-Phile), is primenet's ability to access remote systems. See, they call it primenet, beacuse all primes are hooked-up to one big network. This network is much like a "mini-telenet". This can be used with the 'NETLINK' command. At a prompt, you must type 'NETLINK'. Then you will be thrown into the netlink system. There is a good On-Line help file which can be accessed with the 'HELP NETLINK' command. Basicly you type NC xxxxxxx <x's being the NUA>. Now, you can scan this like telelnet and see what you come up with. The most exciting part of all this is that some primos systems on telenet let you enter telenet NUA's in the netlink system. This means that all those "Collect Connection" NUA's you can't call, can be accessed through primos *FOR FREE*. This means that you don't need to fuck with NUI's anymore (see my hacking telenet part 1 file). **************************> ALL NEW KNOWLEDGE <***************************** Now comes the part that will bring me fame in the hacking community, fame to £egions ôf £ucifer, and anyone who knows me............. ------>>>>>> The 'ANET' command Yes, this is the first time this command has every been "published" is a G-phile. The way I came about this command was one day I was hacking around and I saw this lady's directory with LUR access. So I looked at the files, and suprisingly there was a file that was a *BUFFER* of her logging on to remote systmes (yes the password was there!!). I was very surprised to see that she used a command like 'anet -8887613' to access the remote system, instead of netlink. This is a beautiful example of how you can do a lot even if the directory isn't ALL access, anywayz heres the good part...... What the anet command does is dial a phone number out from the primos and connects to it!! Yes, this is like a code (but used for data communications of course). I'm still fucking with the command, but basicly you just type 'anet -<phone number>' and you ahve it. I have only tried it on this one system which is Primos version 22.1. This is a very exciting command, so if you find any more things about it please contact me. ┌──────────┐ │Conclusion│ └──────────┘ This brings me to the end of this G-Phile and my Telenet/Primos hacking series. I hope that you have gotten a good idea of both the telenet and primos system. I'm sure that I will come out with more hacking files, mabey even some updates to these. Please contact me by either sending mail to me or Wave Runner on any of the £.ô.£ dist-sites, or preferably Digital Hackers Network (£.ô.£ homebase). This file only covers the very basics of primenet. They have a very good On-Line help sections, so please use it. Please fuck with the 'anet' command and tell me if you find anything else about it..... - Çôûñ┼ Zε₧φ / £.ô.£ Count_ZER0 10/21/90 ────────────────────────────────────────────────────────────────────────────── Required Reading ──────────────── 1. LoD/H Journal #2, file 5- This was used as the outline for my file, and is the most complete primos hacking file (aside from this one ofcourse <grin>) 2. Mentor's Hacking Journal - Best intro hacking file ever 3. Count_ZER0's Telenet Hacking Part 1 - This is a must if you are read this file, it is part one in the series. 4. ALL Phracks, P/Hun's, or anyother 'zines you find - a must for the educated hacker. 5. Any other G-Philes I write in the future - So you can absorb my genius <laugh> ────────────────────────────────────────────────────────────────────────────── Thanks To.... LoD/H - The best and supreme p/h/a this world will ever know. The Mentor - For a superb hacking intro file, and for introducing me to hackin g telenet and all other systems. Carrier Culprit & Legion of Hackers - For writing the best Primos hacking file (LOD/H Journal #2, file 5) £.ô.£. - For giving me a chance to express my self, and spread education acros s the world. ────────────────────────────────────────────────────────────────────────────── Digital Hackers Network £egions ôf £ucifer HeadQuarters/HOME No Warez! A truely serious Hack/Phreak board Hack, Phreak, Scanning, Phraud, Crashing disscusions Viral Research & Development Sections (500+ Virii!) "Personalized ANSi Bombs" made by request Running AfterShock v1.20 - 2400 Baud PH: 213-274-1333 C▄▄███████████▄▄ C▄▄████▀▀ ▄▄ ▀████▄▄ C▄████▀C▄████▄ ▀▀███▄ C▄████▀C████████C▀███▄ C▄███▀C▄████▀▀████▄C▀███▄ C████▀C████▀ ▀████C▀██▄ C▐███▌C▄████▀C▀████▄C███▄ C████C████▀C▀████C███ █ C▐███C▄████▀C▀████C▐██▌▄█▀ C▄▄▄▄▄▄▄▄▄▄▄▄████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█▀ C█▀▀▀▄▄▄▀▀▀▀▄████▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄▄▀▀▀▀▀▀▄▄▄▀ C▄█▀C███ ████▀C▀████C███ C▀▀C███ ▄████▀C▀████▄ ███ C███████▀C▀████ ████ C▀▄▀▀▀▀C▀███████▀ C▀███▄C▄▄▄████ C▀████▄▄▄C▄▄█████▀████▄ C▀▀▀████████████▀▀ ▀████ C▀▀▀▀ "Anarchy is the base of todays society, without it, we would be in chaos" C- Anarchist ───────────────────────────────────────────────────────────────────────────── Call these £egions ôf £ucifer support boards for information or application inquiries: Digital Hackers Network 213/274+1333 £.ô.£ HeadQuaters/Home Electric Eye ][ 313/776+8928 £.ô.£ Distribution Site #1 Digital Information Exchange 612/356+2209 £.ô.£ Distribution Site #2 ═════════════════════════════════════════════════════════════════════════════ £egions ôf £ucifer High Office Staff Members: Prezident/Founder: Wave Runner! Vice Prezident : Count_Zer0 ───────────────────────────────────────────────────────────────────────────── This text file is (C)Copyrite 1990 £.ô.£ Inc. £.ô.£ is a registered trademark of DHN, All rights reserved Any modifications to this text file is a violation of copyrite. Digital Hackers Network 213/274+1333 -=£.ô.£ Home=- ───────────────────────────────────────────────────────────────────────────── Downloaded From P-80 International Information Systems 304-744-2253 12yrs+