home *** CD-ROM | disk | FTP | other *** search
-
- .:==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==:.
- :: f0rbidden knowledge issue two ::
- `:==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==:'
-
- .:--==--==--==--==--==--==--==-->> Contents of This Issue <<--==--==--==--==:.
- :: ::
- :: -=>Welcome<=- ::
- :: ::
- :: (x) Disclaimer ............................................ The Editor ::
- :: (x) Introduction .......................................... The Editor ::
- :: (x) Weird of the Month .................................... The Editor ::
- :: (x) Feedback and Stuff .................................... The Readers ::
- :: ::
- :: -=>Phreaking Stuff<=- ::
- :: ::
- :: (x) MTN Voicemail Hacking ................................. Wyzewun ::
- :: (x) Microsoft South Africa looses R3500 ................... Wyze1+Satur9 ::
- :: (x) South Africa's answer to ANI .......................... Line Noise ::
- :: (x) Telkom Voicemail Hacking .............................. Marc Satur9 ::
- :: (x) Beigeboxing in South Africa ........................... Wyzewun ::
- :: ::
- :: -=>Hacking Stuff<=- ::
- :: ::
- :: (x) Hacking through Windows 95 Plus! Security ............. Wyzewun ::
- :: (x) Update on the Nedbank Windoze NT Hack ................. Gevil+Wyze1 ::
- :: (x) How to get a unrestricted shell on Nedbank ............ Wyzewun ::
- :: (x) Windows 95/98/NT Backdoor ............................. Marc Satur9 ::
- :: ::
- :: -=>Misc Stuff<=- ::
- :: ::
- :: (x) Ripping off Arcade Machines ........................... Wyzewun ::
- :: (x) Compact Disc Theft .................................... Cyberdave ::
- :: ::
- :: -=>Parting Words and Credits<=- ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==--==--==--==--==--==>> Disclaimer <<--==--==--==--==--==--==--:.
- :: ::
- :: Telkom are solely responsible for this file. This file was at one stage ::
- :: an article on the evils of Masturbation that a 10-year old was attempting::
- :: 2 upload 2 Christian Network BBS. Due to the bad quality of Telkom's ::
- :: lines, the file became corrupted and turned into this. All complaints ::
- :: can be addressed to telkom@telkom.co.za :-) ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==--==--==--==-->> Introduction by the Editor <<--==--==--==--==:.
- :: ::
- :: Greetings Earthling... ::
- :: ::
- :: The response to Issue one of f0rbidden knowledge was very encouraging ::
- :: and we are glad to say that FK is without doubt, a success. The e-zine ::
- :: will be published monthly and distributed at the following sites... ::
- :: ::
- :: www.posthuman.za.net ::
- :: ::
- :: I would like to extend my thanks to Coffee, Alcohol, Columbian Cola, ::
- :: Marilyn Manson, Beck, Pop Will Eat Itself and vast amounts of sugar for ::
- :: helping me so much with the construction of this issue. Oh yes, and I ::
- :: almost forgot - Cache asked me to publically thank him for phoning me ::
- :: at the most awkward times possible - So Cache, thank you for being such ::
- :: a Butthead. :) ::
- :: ::
- :: Well, that's pretty much it from me. Hope you enjoy the zine - The ::
- :: two articles which are this month's highlights are without a doubt our ::
- :: new Nedbank exploit which lets you into an unrestricted shell and our ::
- :: completely original Windows 95/98/NT backdoor. ::
- :: ::
- :: All comments, questions, article submissions and subscription requests ::
- :: can be mailed to the Editor at wyze1@syrex.co.za ::
- :: ::
- :: Cheers ::
- :: Wyzewun ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==--==--==--==->> Weird of the Month <<=--==--==--==--==--==--==:.
- :: ::
- :: We were Neurophobic and Perfect ::
- :: The day we lost our souls ::
- :: Maybe we weren't so human ::
- :: But if we cry, We will rust ::
- :: ::
- :: And I was a hand grenade ::
- :: That never stopped exploding ::
- :: You were automatic ::
- :: And as hollow as the "O" in God ::
- :: - Marilyn Manson, Mechanical Animals ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==--==--==--==--==--==--==--==-->> Feedback <<--==-==--==--==--=:.
- :: ::
- :: Bah, we got about 3 megs of mail, so I figured including it all would be ::
- :: a bad idea, but please, you are still feel free to mail us any comments, ::
- :: questions, suggestions, subscription requests and article submissions. ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- \\..........................................................................//
- ::==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==::
- :: Phreaking Stuff ::
- ::==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==::
- //..........................................................................\\
-
-
- .:--==--==--==--==--==--=>> MTN Voicemail Hacking by Wyzewun <<=--==--==--==:.
- :: ::
- :: Despite the MTN Voicemail system now being relatively free of Software ::
- :: bugs, it is still ridden with security flaws caused by MTN's lack of ::
- :: proper explanation of how exactly the Voicemail system works. The ::
- :: following is quoted from an MTN instruction manual... ::
- :: ::
- :: "You may want to set a password for your mailbox. Make it something easy ::
- :: to remember, like the first 4 digits of your phone number." ::
- :: ::
- :: What they *dont* explain is that anyone who knows this password can axs ::
- :: your vmb and that a default password of "1234" will be present if you ::
- :: neglect to set one. The general security on the MTN Voicemail system is ::
- :: incredibly slack, save the MTN employee VMB's. ::
- :: ::
- :: There are fewer unused VMB's than on the Vodacom system and the VMB's ::
- :: usually have fewer privaleges, but security in general is far inferior ::
- :: to the security on Vodacom VMB's and social engineering is easier too, ::
- :: these guys don't ask why, they just reset the VMB. ;-) ::
- :: ::
- :: Oh, and one last thing, try as *hard* as you can to hack the VMB of any ::
- :: number that starts with (083) 2121 because these are phones with MTN ::
- :: employee privaleges. Find some-one with a really high status and you ::
- :: could take over MTN comlpletely. =) ::
- :: ::
- :: Don't do anything I wouldn't do. (evil fucking grin) ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==-->> Microsoft SA Looses R3500 because of Wyze1 and Marc Satur9 <<==--:.
- :: ::
- :: Oh dear. Looks like Microsoft South Africa ran into a bit of a problem ::
- :: with their phone account. You see, MS are money-grabbing idiots who want ::
- :: to earn as much as possible, whilst still spending as little as possible ::
- :: ::
- :: It is worth noting that they decided to select a cheaper Toll Free ::
- :: service from Telkom in which they would pay per call they recieve. It is ::
- :: also worth noting that they invested in a cheap, bad PBX system. So, ::
- :: what happens when two sick, twisted children (Wyzewun and Marc Satur9) ::
- :: find a way to keep ten public phones billing Microsoft every night for ::
- :: a week, because their stupid, Microsoft Made Answering machine system ::
- :: doesn't know how the fuck to ATH0 ;-) ::
- :: ::
- :: Unfortunately, Microsoft are abandoning their Toll Free Number for ::
- :: reasons which they are not announcing to the public. Ag, yeh, they know ::
- :: it was us... we phoned in responsibility (grin) ::
- :: ::
- :: This article was dedicated to the memory of 0802111104 - Rest in Peace ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:==--==--==--==--==--==--==--==>> Telkom VMB Hackin by Marc Satur9 <<==--==:.
- :: ::
- :: >Note from the Editor: Due to the sensitivity of this system at present ::
- :: it is in our best interests to not release this information until FK3 ::
- :: considering that we are already publishing highly sensitive info on ::
- :: Nedbank in this issue< ::
- :: ::
- `:--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--:'
-
-
- .:==--==--==--==--==-->> South Africa's Answer to ANI by Line Noise <<==--==:.
- :: ::
- :: Well, yeh, Wyzewun is writing this, but it's info I got from Line Noise. ::
- :: Now, if you dial 101999 (Toll Free Call) it will tell you the number of ::
- :: the phone you are dialing from! Unfortunately, this number only has one ::
- :: line, so it's pretty hard 2 get through during the day, but keeping ::
- :: trying coz it is worth it. For those of you with little phreaking ::
- :: experience who don't understand what exactly one would use this number ::
- :: for, you are free to mail any member of the SoS and ask. =) ::
- :: ::
- `:--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--:'
-
-
- .:--==--==--==--==--==>> Beigeboxing in SA according to Wyzewun <<==--==--==:.
- :: ::
- :: Allright, this wont cover the construction of a Beige Box or any of that ::
- :: junk coz f0rbidden knowledge prides itself in its simplicity. This will ::
- :: just cover use of a Beigebox in South Africa Now, take a stroll down to ::
- :: that nice big blue box that says Telkom on it just down the road from ::
- :: your house. yes, the one that looks like this... ::
- :: _____________ ::
- :: (XXXXXXXXXXXXX) ::
- :: |.---------,| ::
- :: || (o| >> ascii art stolen from kokey << ::
- :: || >| ::
- :: ||========(o| ::
- :: || >| ::
- :: || (o| ::
- :: |`---------'| ::
- :: ____________`+---------+'______________ ::
- :: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ::
- :: ::
- :: Right, now there are several methods which Telkom use to keep us out of ::
- :: their precious little boxes... ::
- :: ::
- :: 1) A Handle - Yes, in the rural areas there will be a single handle ::
- :: which will open the door. ::
- :: ::
- :: 2) Three triangular bolts - The most commonly used method, will open ::
- :: with the proper tool ::
- :: ::
- :: 3) Three or One Circular Bolt - This is a wierd system which is also ::
- :: common. Saw a little line in a piece of ::
- :: hollow pipe and use it 2 open these ::
- :: ::
- :: 4) A Lock - Bah! Telkom cheats! I've never been good with lock picking ::
- :: but I've found that bolt cutters also work :) ::
- :: ::
- :: Right, now let's say that you are in the box. What will you see, well, ::
- :: there are two possibilities. You may see a big mess of black and white ::
- :: wires. Find a black and white wire that originate from the same terminal ::
- :: and strip them. Then connect your box. I've often found that Telkom have ::
- :: already stripped quite a lot of the wires on these boxes, which makes ::
- :: things go considerably faster. ::
- :: ::
- :: Alternatively, you may see little black and white terminals like the ::
- :: ones that connect your speakers to your Hi-Fi. Strip your wires, slide ::
- :: them in, and press down to make it snap into a secure connection. ::
- :: ::
- :: Once you've got a line, have fun! Phone your friends overseas, do ::
- :: whatever. And if you want data, I would suggest getting your hands on a ::
- :: Compaq C-Series PDA, tiny and secure, it's the ultimate hacking tool. ::
- :: ::
- :: Later... If you have any trouble with this stuff you can mail me at ::
- :: wyze1@syrex.co.za for a bit more detail ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- \\..........................................................................//
- ::==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==::
- :: Hacking Stuff ::
- ::==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==::
- //..........................................................................\\
-
-
- .:--==--==--==> Win95 Plus! Security package Vulnerability by Wyze1 <<--==--:.
- :: ::
- :: Wow, I want to make my Windows boxes secure with the 31337 Security ::
- :: package by MS for Windows 95 Plus! No-one will be able to get in - look, ::
- :: I have no start button, or desktop, they're helpless! Now, what was the ::
- :: key to re-login again? Was it Ctrl+R? No, that looks like a RUN menu. ::
- :: Damn, What could it have been... ??? ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==->> Update on the SoS Nedbank Windows NT Exploit by Wyze1 & Gevil <<--:.
- :: ::
- :: Yeh, the code doesn't work anymore. :( And yeh, we cracked root on this ::
- :: piece of machinery too now, but we'll share that with you later, or when ::
- :: Nedbank fixes the root exploit included in *this* ish. Gevil and I might ::
- :: also stop publishing this stuff at one point, because very soon, the SoS ::
- :: will have a very bad name with Vodacom, Telkom, MTN and Nedbank ::
- :: ::
- :: We may find some other victims for next month, (Gevil and myself are kind::
- :: of bored of Touch Screen hacking now, and want to try new, but equally ::
- :: supposedly impossible things) Or, we may just continue fucking over our ::
- :: favourite enemies. Bah, who cares? No-one in the SoS has been arrested ::
- :: yet. We're fine... Right?!! =) ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==->> How to get a Rootshell on Nedbank by Wyzewun <<--==--==--=:.
- :: ::
- :: Yes, our old Nedbank hack doesn't work anymore. Bah, I was bored of the ::
- :: employee menu anyway. Unrestricted shell sounds good to me. Yeh, think ::
- :: I'll get myself one of those. =) ::
- :: ::
- :: Allright, y'know those old Nedbank ATM's with the full keyboards? Well ::
- :: go find one! Right, so you found your target - this machine is running ::
- :: Windows 3.11 for Workgroups with TCP/IP ::
- :: ::
- :: Press the second Green Button on the Right and Yes at the same time ::
- :: Press the Help/Tab button ::
- :: ::
- :: Now, you are chucked in2 some lame proggy called Nedshell. It's some ::
- :: sort of a taskmanager-type-thing. Bah, it's boring. Press "e" to end all ::
- :: current tasks and close all Windows. The Screen will go black and then ::
- :: go into a Normal Windows 3.11 Interface for your hacking pleasure. ::
- :: ::
- :: But please guys, don't change anything, lest you get caught. I don't ::
- :: want to be responsible for the arrest of 500 ZA-Hackerz. Just look ::
- :: around, explore the system, cruise the net (yip, some of dem have i-net ::
- :: access) and tinker intelligently, making sure not to break things ::
- :: ::
- :: Most importantly, have phun, but don't do *anything* stupid. The less ::
- :: stupid everyone is, the longer Nedbank will take to fix this bug, and ::
- :: the longer you will all have axs to Nedbank's server and free i-net. ::
- :: ::
- :: Enjoy Kidzzz... ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==--==-->> Windows 95/98/NT Backdoor by Marc Satur9 <<==--==--==:.
- :: ::
- :: Windows 95/98/NT appears to be full of undocumented extras (efg). While ::
- :: running my BSD box on a windows' network, i noticed that all the remote ::
- :: administration was coming from a "user" called ADMIN$. ::
- :: ::
- :: I then experimented a little and found that sharing any folder as ADMIN$ ::
- :: is the equivalent of enabling remote administration, only it's not that ::
- :: easy to find out if the box is "infected". You can share any folder, the ::
- :: best results usually come from a subfolder deep within the "windows" ::
- :: directory, one that they won't look in. The only way the user is likely ::
- :: to detect he is "infected" is to run Netwatcher at the same time that you::
- :: are accessing his box. >Editors Comments: Or by using the netstat program::
- :: in his Windows Directory< ::
- :: ::
- :: The only way he can "clean" it off is to enable and then disable remote ::
- :: administration. If you hide the shared folder well enough, you should ::
- :: not get caught at all - The shared folder will also not show as a share ::
- :: in Netwatcher if it is named ADMIN$ and somewhere within the Windows ::
- :: directory. ::
- :: ::
- :: >Editors Comments: If there is any demand for it, the SoS would be happy ::
- :: to write a program to install this backdoor on a host. Of course, we ::
- :: won't bother if nobody asks< ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- \\..........................................................................//
- ::==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==::
- :: Misc. Stuffenhauzen ::
- ::==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==--::--==::
- //..........................................................................\\
-
-
- .:--==--==--==--==-->> Ripping off Arcade Machines by Wyzewun <<==--==--==--:.
- :: ::
- :: This method was originally thought up by Vortexia, but he is too busy to ::
- :: write a file like this and probably wouldn't admit to thinking this up ::
- :: anyway, having thought up much more amazing stuff than this before, so I ::
- :: wrote it myself. ;) ::
- :: ::
- :: If you've ever been to an arcade that uses a card system, you've ::
- :: probably seen the card thats just a piece of cardboard, with a line of ::
- :: tape in it, a lot like the tape you'll find on an audio casette. ::
- :: ::
- :: Get about 20 of these cards, or however many you'll need before you can ::
- :: spool them inside an audio casette. Then play this sound to your PC, ::
- :: record it in WAV format and loop 90 minutes of this sound onto another ::
- :: audio casette. Then, whenever you need a card, cut a piece off this tape,::
- :: stick it on a piece of card, and you're fully recharged. If you ever ::
- :: play e-nuff games to finish the 90-minute tape, then just make another ::
- :: one with the WAV file you still have on your HD. ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==--==--==--==->> Stealing CD's by Cyberdave <<==--==--==--==--=:.
- :: ::
- :: Yeh, steal some CD's, why not? They're smaller than buses. :) >Comment ::
- :: from Wyze1 - Stealing buses is cool! You can run over ppl who laugh at ::
- :: you for writing articles on bus theft :P> K, wait at a CD shop until ::
- :: some-one buys the CD that you want. Then, walk out with the same CD in ::
- :: your pocket before he does - The alarm won't go off - it only will when ::
- :: he goes out. Ag, yeh, I would explain how it works, but that would take ::
- :: time and if you can't figure out why this works, you suck :) ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==--==--==--==--==--==--==> Thanks and Greets <<=--==--==--==--=:.
- :: ::
- :: Aleph1, Balin, Cache, Caliburn, cDc, Corrupt SYN, CrazyG*y, Cyber Demon ::
- :: Cyclotron, daemon9, Emmanuel Goldstien, Hex Acid, HFG, HNN, Informant-X ::
- :: kokey, Kool4Katz, L0pht, Line Noise, LOU, Mudge, Pavlov, Pri$m, r00t ::
- :: Radix, Sector12, Shaddow Skinhead, Sledge, Snadboy, so1o, Team CodeZero ::
- :: THC, The Guild, Vortexia ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==:'
-
-
- .:--==--==--==--==--==--==--==--==--==--=>> Parting Words <<--==--==--==--==:.
- :: ::
- :: Well, guess I can safely say that the SoS have done it again - We have ::
- :: released more *quality* textware to the public. We were going to wait ::
- :: a bit longer and include more in this issue, but we wanted to release ::
- :: our new Nedbank hack asap coz the old one stopped working and we had ::
- :: told it to a few ppl already anyway. ::
- :: ::
- :: Whatever we include in FK3, you can rest assured that it will be just as ::
- :: groundshattering, if not more so, than FK2. ::
- :: ::
- :: The Sons of Satan / Saviours of Systems are... ::
- :: ::
- :: ::-=-=-=-=-=-=-=-=-=-=::=-=-=-=-=-=-=-=-=-=-=-=-:: ::
- :: :: Wyzewun :: wyze1@syrex.co.za :: ::
- :: :: Marc Satur9 :: satur9@syrex.co.za :: ::
- :: :: SN|PeR :: sniper@noise.co.za :: ::
- :: :: Gevil :: gevil@hotmail.com :: ::
- :: ::=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-:: ::
- :: ::
- `:==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--(EOF)--==-:'
-
-
-