home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
The Hacker Chronicles - A…the Computer Underground
/
The Hacker Chronicles - A Tour of the Computer Underground (P-80 Systems).iso
/
miscpub2
/
ati.53
< prev
next >
Wrap
Text File
|
1992-09-26
|
31KB
|
791 lines
*****
*******
** **
** **
*******
***** activist
times
** incorporated!
**
********
********
**
**
** **
** **
********
********
** ** ...
** ** . .
. 53.
...
Issue #53 December-5-1990
U.S. Mail:
ATI
PO Box 2501
Bloomfield, NJ 07003
U.S.A.
Our net address:
uunet!tronsbox!akcs.groundzero
OR:
akcs.groundzero@tronsbox.xei.com
ATI's Staff:
Ground Zero: publisher, editor, writer
Prime Anarchist: editor, writer
Writing/Research Staff: Sk8 the Skinhead, Fah-Q, MAC???, Happy
Harry Hardon, Stormbringer, Geraldo Riviera, The Happy Hacker, and
other occasional contributors.
Archivist: Llo
Hi! Welcome to ATI53. We have a long one in store for you.
First, a few quick notes. Our ftp sites are the following:
128.95.136.2 blake.acs.washington.edu /tmp/ftp/ati
192.55.239.132 cs.widener.edu pub/cud/ati (use anonymous to login and
your email address as your password).
ATI is uploaded to many boards across the world, but we can only assure
that ATI is uploaded regularly to the following boards:
Ripco...................312-528-5020
Blitzkrieg (TAP)........502-499-8933
Sycamore Elite..........815-895-5573
Cyberspace..............201-916-1943
Atlantis................808-422-2200
You may have noticed Atlantis is back up. Be sure to give it a call and
tell em ATI sent you! Also, another interesting BBS is up. It's called
Face to Face, and is for hackers and anyone who is interested in them
(including security people, academic people, etc, etc). Call it at
713-242-6853.
Also, there is another online newsletter devoted to hacking, telecom,
and other related items. It's called NIA, Network Information Access.
Look for it on the above boards, especially Face to Face, or you may get
on their net distribution list by sending mail to the following address.
Tell em ATI sent you!
elisem@nuchat.sccsi.com
Now for a brief column from Prime Anarchist:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
An Open Letter to 2600 Magazine from Prime Anarchist ---------------->
I was at a phriend's house and was reading some of your back
issues. Something in the Summer '89 issue caught my eye.
You mentioned in this issue that Abbie Hoffman "got arrested so
many times that nobody could keep track".
I like the fact that you don't research it out. Gives the mag that
raw edge. I was gonna give you guys the number, but chose to keep it
that way. I can tell you though, he holds the record, and that's
undisputable among underground people.
2 things I wanna remember about the Abner: He always shared his
yo-yo tricks, and always had a working ITT code.
Please do not say that he did not reach the younger generation. He
reached me. And that's more than enough. Sure, you might see youngsters
saying, "who's this Abbie chick?". But for every one of those, you hear
a, "yeah, I read 'Steal This Book'. Live by it".
"Fuck the System" and "Square Dancing in the Ice Age" are chock full
of youthful ideas and great potent thoughts. Not to mention "Steal This
Urine Test".
Abbie was obnoxious, sometimes annoying. But most of all he was
Abbie. If you bet against his Chicago Bears, you never knew whether
he'd got pissed at you or give you 20-1. But he always paid on time and
never called collect.
So nowadays, not only do I "say hello to Abbie" while playing with
a computer somewhere, I also give him a quick hello while waiting for a
call to go through somewhere. I know he's out there. Skatin' across the
fone lines.
Abbie reached a lot of people. I just sometimes wish they wouldn't
be SO DOGGONED APATHETIC!!
Wake up, Amerikkka. Steal this t-phile.
-prime
-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
* Random Notes from Ground Zero *
"ROGER AND ME" REVISTITED
Those of you who saw the film "Roger and Me" know how the song
"Wouldn't It Be Nice" by the Beach Boys was used in the film. A GM auto
worker, knowing the big layoffs were coming soon, got a panic attack
while working the assembly line. The man left his post and got into his
car to go home. He turned on the radio, and "Wouldn't It Be Nice" was
playing, making the attack worse. After the worker gives his account of
the incident, the film's soundtrack blasts "Wouldn't It Be Nice" and takes
the viewer for a ride down the streets of Flint, showing scores of
boarded-up abandoned houses to show the contrast between the ideal life
portrayed in the song and the reality of the devastated city of Flint.
The other day I got a newspaper, its headline stating that Hudson
County (NJ) was to lose hundreds of blue collar jobs due to two closings.
As I began to read the article sitting in my car, the song "Wouldn't It
Be Nice" began to play on my car radio. What an appropriate tune.
COCOTS FROM HELL
U.S. Communications in White Plains, New York is the owner of many
COCOTs, (customer owned coin operated telephone) which are non-Bell pay
phones. The many phones owned by USC in the New York metro area are not
regulated by the FCC, thus allowing USC to charge whatever rates they
whatever rates they wish.
Two examples of USC's heavily inflated prices were given on WCBS-TV
news. One woman in Long Island was charged $4.82 for a two-minute customer-
dialed calling card call. If she had placed the call on a Bell-owned pay
phone, the charge for the same call would have been only 55 cents. A New
York man was charged $7.39 for a two-minute local collect call, which
would only have cost $1.78 if the call had been placed from a Bell pay
phone.
The USC phones also provided a number to call for rate information,
but this number was only available during business hours.
This is a clear case of how COCOTs and AOSs (alternate operator
service companies, which are also unregulated and can charge whatever they
want) blatantly rip off the public.
By the way, USC uses automation to process collect calls. Those
making collect calls provide a brief recording of their voice. Then the
calling number is automatically dialed, and whoever answers the phone is
given the recording and instructed to dial 1 if they accept the charges.
A PLOT TO KILL BUSH
I wonder why this one didn't get main media attention, but a
attention, but Jamal Warrayat, 32 of Rutherford, NJ was arrested in
a plot to kill President Bush, Secretary of State James Baker III, and
members of Congress. Warrayat and his group also planned to attack US
military installations, and also to blow up the Lincoln and Holland
tunnels, connecting New York city and New Jersey. Warrayat was born in
Kuwait and served four years in the US Army after coming to the US. He
disclosed his plans to an undercover federal agent, resulting in his arrest.
(source: North Jersey Herald & News, 11-30-90)
MADONNA, AGAIN. JUSTIFY THIS.
Everyone's talking about the video to "Justify My Love", her latest
"song". It depicts scenes of sado-masochism, bisexuality, cross-dressing
and multiple partners. MTV banned
it. As a result, Madonna decided to release the video as a video single
for a whipping, er I mean, whopping $10.
I saw Madonna on ABC News' "Nightline", in which she stated that
she had hoped to bend MTV's rules on videos and that they would show it.
This may or may not be true.
In my opinion, she made a rather negative portrayal of herself on
that show. Her speech was rushed, high pitched, repetitive (kept making the
same points over and over again),
and chock full of "you-know's" and other items. She seemed rather
defensive from the way she spoke.
Madonna stated that the video and the song are about two consenting
adults talking about their sexual fantasies. That's fine. But when the ABC
interviewer asked her about the issue of young teenagers or children
watching the video and that the graphic portrayals in the video might
confuse them, Madonna responded that it was good because "parents aren't
doing their jobs" in explaining sex to children, and suggested that her
video might ever spark discussions between chilren and parents. Come on,
Madonna. You're grasping at straws in attempts to legitimize this video.
The interview asked another question which should also be mentioned.
He mentioned Madonna's prior image, which caused her to come under fire
from feminists: her "trashy bimbo" image that she used to go by around
'84-'87, and especially her "boy toy" belt buckle that went with it. The
interviewer also cited other images of Madonna questioned by feminists,
including a shot of Madonna seminude and chained to a bed in the video
of "Express Yourself". Madonna responded by stating that she put herself
in these situations. She decided to dress the way she wanted, and put
herself in chains in the video. Since she is not chained by anyone else,
and no one put the chains on her, it's ok. Madonna further stated that
she alone is in charge of her life, her career and her art, and "isn't
that what being a feminist is all about? Taking control of your life?"
That may sound fine to the ear, but further examination of the above
statements is necessary. No feminist could question whether or not
Madonna is in charge of her career. But it's all too easy to sell music
by using images that are marketable to men and then state that it's all
ok because SHE made the artistic decisions, and not a man. Well, since
the trashy "boy toy" image and even the image of a woman chained is
marketable to men, it might be fine for her to use these images to make
money, but it does nothing to further the cause of womanhood. Selling and
perpetuating these images just puts women back in the Dark Ages. And
since a lot of young teenage girls listen to Madonna, they imitate her
"boy toy" image and think it's the
epitome of attractiveness and femininity. These images give young girls
the message that their worth is in their physical appearance and sexuality
rather than their intelligence, charachter, morals and other personal
aspects. Madonna is no different than those big film and TV producers who
use sex and exploit women to make a profit. The only difference is that
she is using her own body and keeping the profits herself instead of a
big producer. And while it may be good for a woman to make money, I
heartily disapprove with the way she's doing it.
% % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % % %
Now for an informative article on UNIX by Midnite Raider. Have phun!
A Beginner's Guide To Unix
The information contained in this file is by no means new or original.
I was simply asked to compile some basic commands and concepts for the
access and use of Unix systems. I would like to give credit to the many
other files which I have gained this information from, and to the people
who have helped me learn what I know today.
I will not cover any detailed or complicated features of Unix. I am
merely going to provide the means to access low-security systems and
navigate the shell.
Access:
-------
All Unix systems are provided with default accounts. They are used for
system administration and such. Many system operators are too lazy or
naive to remove them. You may find the following accounts on a system,
with no passwords:
daemon
uucp
bin
adm
sysadm
admin
sysadmin
nuucp
sync
Others may have been added, such as:
user
guest
demo
test
public
help
field
system
operator
You can also try common first or last names (john,fred,smith,etc...).
Be sure to use lowercase for the login name. If you enter a capital
letter as the first character, the system will assume that your terminal
is incapable of displaying lowercase. From then on, in order to enter
capital letters you must precede each by a "\". This can become quite
annoying, and you will probably never see an account with a capital
letter as the first character.
Of the above defaults, the uucp or nuucp accounts are often used for Unix
to Unix communications (uucp stands for Unix to Unix CoPy). If this is
the case, the system will give send the uucp identifier, "Shere". In
this case, the account is basically useless unless you can call via
another system through the uucp command.
The sync account is a self-running Unix management account. If present,
it will run a few housekeeping chores and log off. The only reason I
included this is that many systems provide a greeting message or
something of the sort when you log on as sync. Occasionally you can
obtain information which will help you find an account.
If you cannot get in via the above methods, try using "who". If present,
it will display a list of all accounts currently online. You can try
those and hope they have no password.
If you are desperate, just hack blindly. Often the login name and
password are the same. You can also try initials (as in names...rlb,jhs,
etc...).
Once you are in:
----------------
If you make it through the front door, you do not necessarily have
access to the shell. Often accounts have programs run automatically for
specific users, such as system administration programs (useful),
accounting programs, etc... In this case, you can try to break out
of the program (either through a menu option or a loophole). Try various
escape/break related control characters (escape [ascii 27], ctrl-c
[ascii 3], etc...).
When you are in the shell, you will be greeted by one of two prompts.
Either a "$", denoting basic access, or a "#", denoting superuser access.
If you have superuser access, most of your work may be done (depending
on other security measures that have been taken). Either way, the
following will help you get higher access.
First, you'll need some basic commands for moving around:
stty
This command sets your terminal characteristics. Before you attempt
anything else, you should set some important ones. First, your
delete character. Many systems do not use the common ctrl-h [ascii
8]. Also, the delete on your computer may not be the standard ctrl-h.
To set your delete character, type:
stty erase (character)
Do not use the parentheses. Spacing is important. You can replace
(character) by hitting your own delete key, or typing a control key
sequence.
If you would like to enter something a bit more visual to reassure
yourself, you can use:
stty erase \^(character)
To enter a control character without actually hitting control,
replace character with the desired control character. Ex:
stty erase \^h
The above command sets the erase character to ctrl-h. If you make a
mistake doing this, hit return and start over (obviously if the system
does not know your erase character, you cannot edit your mistakes).
Once your control character is set, you will want to set your break
character. This is vital for file editing, which we will cover
shortly. To set the break character, type:
stty intr (character)
The same options as the delete character apply.
To view the current setting, simply enter stty by itself. Often, the
system will already be configured to your liking. Occasionally, the
stty command will not display the erase or break (intr) characters, in
which case you should enter them to be sure. All control characters
will be displayed in the ^(character) format.
ls
This is the list-files command. It will show the names of all non-
hidden files in the current directory. The display will either be a
single list or multi-column display. The command lc toggles between
the two. In either case, the files will be sorted alphabetically
(numbers first, followed by most punctuation symbols, then capital
letters, and finally lowercase letters).
ls has many options, which I will cover later.
pwd
Displays the current directory path from the root directory (/).
cd
Change directory. Those familiar with the MS-DOS environment will
have no trouble with this command. To change directories, simply
supply a path from the root directory. To go to the "lib" directory,
within the "usr" directory, you would enter:
cd /usr/lib
cat
Displays a file. Often it is difficult to differentiate between
text files and data files. If you wish to abort the display, type
your break character.
Cat requires the full pathname to access files outside the current
directory, but for files within the current directory, the filename
will suffice.
Ex:
cat /etc/passwd
The above command will display the passwd file within the etc
directory. This file is present on all systems. It is immensily
useful in gaining higher access (basically, it is necessary
to gain any access).
These commands will help you for now. After setting your terminal
options, enter:
cd /etc
We will be doing most of our work in there for the time being. You
should have had your buffer on long before this on the system, but turn
it on before executing the following command if you haven't:
cat /etc/passwd
Often these files are quite large, so after a while you may want to
abort it. Often what you are looking for will be within the first few
lines.
Each line of the passwd file represents an individual user. There are
seven fields to each entry. A typical entry looks like this:
user:x:100:100:Elmo:/usr/user:/bin/sh
The first field is the login ID. The second is the password field. In
newer versions of Unix, it will contain an "x". Older releases may
contain the actual encrypted password (a string of seemingly random
characters). On new systems the encrypted password are found in the
/etc/shadow file. The third field is the user ID number. Fourth is the
group ID number (more on groups later). Fifth is merely a comment about
this user (often their name, or in an administrative account, its duties).
Sixth is the home directory. The system will place you in your home
directory when you log on. The final field contains the path and file
names for the default shell or program. If this field is empty, the
system defaults to /bin/sh.
You cannot gain a user's password via this file. You may be able to
obtain access through a higher account, however. When looking for
high-level accounts, you will want to examine the fourth field. The lower
numbers often denote administrative accounts. The group "root" belongs
to is most likely what you will want.
To discover more about the groups, view the /etc/group file. This
contains the group names, the encrypted password required to change
into/out of this group (almost always "NONE"), the group ID number (to
compare to the passwd file), and a list of the group's members.
You will want to scan the passwd and group files to find any accounts
that belong to the same group as root, or a group which root is in.
Often root will be the only member of its group, so you will have to
look for other administrative account groups (those containing such
accounts as adm,admin, sysadm,sysadmin and so on).
Once you have found these accounts, you can attempt to gain their access.
The command:
su (login ID)
allows you to essentially "become" that user. Replace (login ID), of
course, with the account you want to assume. If the account has no
password, the process is automatic. Otherwise, you will be prompted for
a password. You can try the login ID as a password, but this may not
work. If it does, make a note of it. Otherwise, you can try other
methods, or go on to another account.
Hopefully, you will find an account with no password. If you have found
an older system, without the /etc/shadow file, an empty password
field (::) will tell you immediately which accounts do not have
passwords. If it is a newer system, it will contain an "x" regardless
of the presence of the password status. If you find yourself in this
dilemna, you may still be able to find a list of those accounts
without passwords.
If you have the superuser ("#") prompt, you may be able to read the
/etc/shadow file. The format for this file is:
login ID:(encoded pw):6480:14:28
The first field is the same as the login ID found in the /etc/passwd
file. Each entry in /etc/passwd should have a corresponding one in
/etc/shadow. The second field will be blank, denoting no password, or
contain the afformentioned "random" characters. Third is a numeric code
describing when the password was last changed. Fourth and fifth are the
minimum and maximum number of days between mandatory password changes.
Often the last two fields are empty, which means users are not required
to change their passwords.
Here, again, you should look for any accounts without passwords, and
examine the group file as mentioned.
Now, hopefully, you will have some decent access. Many of the accounts
with no password are that way for a reason - they do not allow shell
access; but that never stopped anyone.
If you discover an account that runs a program and then logs off, or runs
a program which allows you to interact in a boring way, you can use
this to your advantage. Look in the seventh field of this account's
passwd information. It will contain the path and filename of the
program being run.
At this point, security on most systems is extremely low. Many system
operators are sure that by stopping you from directly getting access,
they have stopped you totally. By "tricking" the system, you can get
access indirectly.
If you find a program being run, go back to the account which gave you
shell access. Then enter the directory where the program was (do not
include the file "/" and the filename). You want to change the
filename of the program. To do this, type:
mv (filename) (backup filename)
To change /usr/prog to /usr/prog.b, you
would enter:
mv /usr/prog /usr/prog.b
Make sure you remember the filename you give it. It is also a good
idea to keep it in the same directory. Now, you have to create a dummy
file to replace it. We will have to use the "ed" file editor to do
this. MAKE SURE YOU HAVE SET YOU BREAK CHARACTER. You cannot use ed
without having a break character. To make the file, type:
ed (filename)
Where (filename) is the name of the file you just renamed. Use the
OLD name (the one in the passwd file)! ed will respond with:
?(filename)
meaning the file does not exist yet.
Some basic ed commands are:
q
Quit. If you attempt to quit after making changes, ed will not quit
until you hit "q" again (this is to remind you to save changes).
w
Write file (saves all the changes you make).
,p
Displays all lines.
/(string)
Searches the buffer for (string), and displays that line.
a
Add lines (starting at the current line).
i
Insert lines at the current line
d
Delete the current line.
h
Turns help on (shows verbose error messages).
Entering a line number will bring you to that line. When editting a file
which already exists, ed will show you the current number of bytes in
the file rather than "?(filename)". If you attempt to write a file, and
ed replies with "?(filename)", you do not have access to write that file.
Now, back to the dummy file. Type "a" to add lines. Enter:
echo "Blah"
/bin/sh
Then, after pressing return on the /bin/sh line, type your break
character. Write the file and quit the editor. You now have your
dummy program set up. The command "echo" is a simple print command. You
can enter as many as you like, or none at all. They are merely to
reassure you that your program is running. The important part of this
is the "/bin/sh", which runs the shell program.
You must now give all users access to your program, so the account
will be able to use your newly created program. Type:
chmod +rwx
This will give read, write, and execute permissions to all users (more
on permissions some other day).
You should now logon again as the account which uses this program.
If you did everything right, you should now have control of the
shell, hopefully with superuser access ("#" prompt). If you still do
not have superuser access, go back and try something else. Be sure to
do the next few steps whether it works or not, to insure your continued
use of the system. Delete your dummy program by typing:
rm (filename)
Be sure to include the directory path in the filename, as before. Now,
rename the old file back to its original name (just reverse the
filenames in the previous rename command).
Now everything is back to normal. If you did not get access, you will
have to go back to your old account to set the files back to normal.
Make sure you do this, or you may cause damage to the system. This will
result in higher security. Also, real hackers never damage systems for
without cause. Laziness is not an excuse.
If you are still without decent access, you will have to consult
another file. I may write another soon on more ways to gain access,
but for now, this should help enough people.
>From now on, I will assume you have achieved superuser access within
an administrative group. You will most likely want an account of your
own now. Use the ed command to edit the /etc/passwd file. Somewhere
in the mid-beginning section (within the first 4-12 lines), add an
account using one of the default account not already present (from the
first list, if possible), or commandeer an unused (be sure it is unused)
default account already there.
Set you ID number and group to those of the root account (usually 0:3).
Set your directory wherever you like, and set the shell filename to
either /bin/sh, or leave it blank. In the password (second) field,
what you enter depends on the system. If it is an older system where
the encrypted passwords are stored in the passwd file, just enter
whatever password you like there. The system will encrypt it for you
when you save it. If it is the newer "x" system, put an "x" there, and
do the following, otherwise skip this.
New system users will have to enter the command:
/etc/pwconv
This command will recreate the /etc/shadow file based on the information
in the passwd file. Just to be sure, ed the shadow file, and leave the
password field blank for your newly created account (use the /(string)
command within ed to jump directly to your login ID).
Now, you can call back as your new
account. You should enter:
passwd
to create a password for your account if it doesn't already have one.
If all has gone well, you now have an account of your own. I will now
give a list of other commands which you can play around with.
Unix commands:
--------------
banner (string)
This is a "fun" command, which will take (string) and expand it into
block letters on your display.
write (user)
Will send a message to another user. After entering the command, the
system will wait for you to type a message and terminate it with your
eof character. Change your eof character by entering:
stty eof (character)
wall
Like write, but sends to all users.
who
Displays a list of everyone online.
mail (user)
Send email to any user in the passwd file. To read your mail, just type
mail.
exit
Logout of the system. I should have mentioned this before, but I forgot.
You can also use your eof character at the shell prompt to logout.
echo
Prints text or variables, as shown before.
env
Display all variables in your environment. More on shell variables soon.
rmdir (directory)
Delete a directory.
mkdir (directory)
Make a directory.
cp (original) (backup)
Copy a file.
grep (string) (filename)
Searches through (filename) until it finds (string), and then
displays the entire line (string) was found on.
date (time & date)
Alone, date displays the time and date. It can also be used to set it.
cal (date)
Alone, cal displays a calendar of the current month. With optional
month and year, it will display any year from 1 to 9999.
There are many more commands, but to explain them all could take
forever. Most systems contain online help files which you can access
by typing either:
man (command)
or:
help (command)
For a list of commands, look in the various "bin" directories. They
contain the actual programs.
Variables:
----------
The shell allows the use of variables. All variables are represented by
capital letters. You can create your own, or view/change standard system
variables. Some standard variables are:
PATH
This will show the order the shell searches in to find commands. You
will most likely find a number of directories ending in "bin". An
example could be:
:/bin:/usr/bin:/usr/lib/bin:/etc
This means that when you type a command, the system checks to
directories in that order before finally giving up and reporting an
error if the command is not found (All commands are files).
PS1
This is the main shell prompt, usually "$" or "#", depending on
your access. You can change this to whatever you like.
TERM
Some systems keep track of what type of terminal you are using, for
use in formatting output (usually through other programs).
LOGNAME
The login ID you are using.
HOME
Your home directory.
TZ
Timezone.
MAIL
The file your mail is sent to.
There are others, but they tend to vary with the account. Enter the
env command to display the variables in use.
Variables you create within shell programs (such as the dummy program
that was discussed before) retain their values for the life of the
program only (they do not affect the other shell variables).
You can change a variable like this:
TERM=ansi
Whenever you want to view a variable, or use it for another purpose,
precede it with a "$". Ex:
echo $LOGNAME
will display your login ID.
I seem to have run out of memory, so that's all for now. Hopefully
I'll write more soon...
- Midnite Raider
" " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " " "
WOW!! That was a long one, eh? Look for ATI54 soon. Take it easy, and
stay out of trouble.
; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;
ATI: part of George Bush's thousand points of light.
Downloaded From P-80 International Information Systems 304-744-2253 12yrs+