[-=:< Phrack Loopback >:=-] By Phrack Staff Phrack Loopback is a forum for you, the reader, to ask questions, air problems, and talk about what ever topic you would like to discuss. This is also the place Phrack Staff will make suggestions to you by reviewing various items of note; magazines, software, catalogs, hardware, etc. ______________________________________________________________________________ Review of 2600 Magazine Autumn 1991 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PO Box 752 Individual Subscription Rates: Middle Island, NY 11953 US : 4 issues (1 year) $21.00 InterNet: 2600@well.sf.ca.us OS : 4 issues (1 year) $30.00 Phone: 516-751-2600 Corporate / Business Rates: Fax: 516-751-2608 : 4 issues (1 year) $50.00 By Dispater 2600 Magazine has been published since 1984 by Emmanuel Goldstein. "The Hacker Quarterly" runs just shy of 50 pages and is printed with nice glossy covers to make a 5.5"x8.25" magazine. In 2600 you will find the usual articles about hacking and phreaking, as well as a few surprises. 2600 often covers topics that do not necessarily pertain to hacking or phreaking, but are quite useful. There is also a "letters to the editor" section and even a place for people to buy/sell goodies. This particular issue contains an article on Simplex locks and how easy it is to open them. Included are pictures of opened Federal Express mail boxes that use Simplex locks. The next most interesting thing I found was an article on those strange little lines on business letters. "Postal Hacking" will not necessarily tell you how to mail letters for free, but will tell you how you can speed up the process of delivery for free. Then there was the the "Protecting Your Social Security Number" article that was recently printed in Phrack Inc Issue 35. There was also an article about the video tape of the Dutch hackers breaking into the military systems. 2600 even offers to sell the videotape that was partially played on the evil Geraldo Show [dick]. There was also a good article written about psychology in the hacker world. The somewhat Freudian analysis of the female security agent fearing "mounting" (of her hard drive), "penetration" (of her system), "infection" (from viri), and "has a headache" (due to hackers) was insiteful as well as very funny. Moving on to the other parts of 2600, you can find scattered tidbits of misc information (ie: lists of COCOTs, NUAs, ANIs, small useful programs, and interesting business/government forms they get from readers, etc) Finally, this is the part that everyone complains about, the price. But, 2600 has a great deal for those poor college hacker out there. If you submit something to 2600 Magazine that is printed, you get a free subscription. That sounds fair to me! Maybe we should try the same thing with Phrack? All in all 2600 Magazine is a GREAT publication and is highly recommended. _______________________________________________________________________________ What's On Your Mind? ~~~~~~~~~~~~~~~~~~~~ :: Some People Never Get The Hint :: Recently Phrack Inc. received a subscription request from an individual who played a key role in Operation Sun-Devil. You may know him from bulletin boards where he often used names like "The Dictator" or "Blind Faith." We know him as Dale Drew. Who would imagine that he would dare to ask us for a subscription? I personally couldn't believe it. Just in case you forgot or have been living in a hole for the past two years, Dale Drew was a paid United States Service informant who secretly enabled government agents to videotape SummerCon '88 in St. Louis, Missouri. The following is an example of a Dale Drew/The Dictator/Blind Faith posting on a bulletin board. He claims to be a cosysop on Lutzifer as well as some other nonsense. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ZDDDDD Packet Switching Networks/PSNs DDDD September 27, 1991 at 8:52 pm DDDDD? 3 Left by Blind Faith (Level 40)Title: Telenet (No Replies)3 3 > <-702-> CoSys on Lutz (Tymnet) Dispater writes: > > I think the joke issue of Phrack (36) will contain a top 10 list of stupid > things the SS likes to take. I am consulting with the defense for an up coming trial and had the opportunity to examine the "evidence" seized in the defendant's home. Notable items: model rocket launcher, local area street maps, about a dozen 2500-style telephones, a typewriter, pre-recorded audio cassettes. An interesting item was left behind: a TSPS console. One wonders what (if anything) goes through the minds of the officers executing the warrant. John _______________________________________________________________________________ :: Fed Proof Your BBS, NOT! :: I'm sure many of you have seen text files on making your BBS more secure. One such file floating around is by Babbs Boy of Midnight Society. One of the members of our Phrack Staff showed this document to EFF's Mike Godwin, who is an attorney. He had the following comments: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - From: Mike Godwin To: Phrack Inc. (In regards to some of the files about how to "fed-proof" your bbs:) > Let's start with the log on screen: If FEDZ want anything from your board, > they are required to provide 100% accurate information. This is false. Ask the legislators who've been convicted in "sting" operations. In fact, so far as I can tell in a brief run-through of this document, absolute no part of the so-called "legal" advice is true. Law enforcement agents who misrepresent their identities (e.g., "undercover agents") produce admissible evidence all the time. --Mike _______________________________________________________________________________ :: Diet Phrack is Good For You :: From: Gordon Meyer To: Dispater Subject: Phrack #36 Thanks for sending over Diet Phrack! It looks like some of the old energy has finally been renewed. I especially liked the introduction, there is intensity, pride, and humor sprinkled thru out. Reminds me a lot of some of the "old" PHRACK issues. Neat! Later, Gordon R. Meyer _______________________________________________________________________________ :: Anonymous Mail :: From: Creeping Death > Hi guys. I was wondering if you could tell me how to send anonymous > mail. I heard that you could but no one here at my university seems to have > a clue. Please help me out > There are many ways to do this. One way is to use the method described below. However, keep in mind there are other ways of doing this. Dispater - - - - - - - - - - - - - - - - - - - - - - - - - - - Anonymous Mail via SMTP Using A Simple Shell Script ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From: The Artful Dodger This file is for those people who like/want to send anonymous mail via the net but don't like the hassle of raw SMTP commands. So, I wrote a simple shell script to take care of this. This program is quite simple but I will give a brief explanation anyway. There are two ways to run this program. Just type the name you save it as or the name you save it as plus the person you want to mail. Either way you will eventually get to the From: prompt. If you just hit return at this prompt it will assign your userid@your hostname. Otherwise you can type whatever you feel like. Next you will get the prompt asking you which host you wish to use for SMTP. If you are using the host you are on, just hit return as this is the default. Otherwise enter any host that allows telnet to port 25. Then you get to pick which editor you wish to use for mailing. It defaults to vi but you can use whatever you like. Basically, that is all there is interactively. After you enter this information, the program creates a file called tmpamail1. To this file it appends four lines of data. The first line is 'helo amail' as some host's SMTP port will not accept commands until one introduces themself to the host. The next line is 'mail from: ' and who the mail is from or who it is supposedly from. The third line contains 'rcpt to: ' and who the mail is going to. And the last line is simply the word 'data'. Now, these commands could all be entered manually but why bother when you have a program to do it for you. Ok, now the program invokes your editor and creates a file called tmpamail2. After you are done making the message and you exit the editor, it asks you if you want to send this message. I believe that is pretty much self explanatory. Then the program appends a '.' and a 'quit' to tmpamail2. Then it appends tmpamail2 to tmpamail1 so you have one file containing all the necessary header info to send a message via SMTP and quit >from SMTP. Then the program sends all this to port 25 of the host that was specified. And if all goes well, the person should have some mail waiting for them. And one last thing. The program deletes both tmpamail files after it is finished. Well, I hope you all enjoy this little script as it makes sending anonymous mail a little easier. The Artful Dodger =============================================================================== #! /bin/csh -fB ### This is a simple shell script for easy use of anonymous mail. To run the ### program just save it and delete everything up until the #! /bin/csh -fB ### line. Then just type the name you save it as or the name and whoever ### you will be mailing. e.g. amail bill@some.university.edu or just amail. ### ### The Artful Dodger if ($1 != "") then set mto=$1 else echo 'To: ' set mto=$< endif echo -n 'From: ' set mfrom=$< echo -n 'Use which host for smtp (return for '`hostname`') ? ' set usehost=$< echo -n 'Use which editor (return for vi)? ' set editor=$< if($editor =="") then set editor=vi endif if ($mfrom == "") then set mfrom=`whoami`'@'`hostname` endif echo 'helo amail' >> tmpamail1 echo 'mail from: '$mfrom >> tmpamail1 echo 'rcpt to: '$mto >> tmpamail1 echo 'data' >> tmpamail1 $editor tmpamail2 clear echo -n 'Are you sure you want to send this? ' set yorn=$< if($yorn == 'y') then echo . >> tmpamail2 echo quit >> tmpamail2 cat tmpamail2 >> tmpamail1 telnet $usehost 25 < tmpamail1 > /dev/null echo 'Mail has been sent to: '$mto echo ' From: '$mfrom endif rm tmpamail1 tmpamail2