AOH :: P11-07.TXT

Hacking Primos I, II, III


                               ==Phrack Inc.==

                   Volume Two, Issue Eleven, Phile #7 of 12

                    -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
                    !                                   !
                    #     Hacking Primos I, II, III     #
                    !                                   !
                    #          (I&II  Revised)          #
                    !                                   !
                    #            By Evil Jay            #
                    !                                   !
                    -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-


    Author Note:

   Ugg! I looked at my first file after it was released and saw a lot of
  misspellings, errors and other screw-ups and was completely embarrassed. I
  did not have time to edit the file and I was also writing the second file
  which dealt with gaining privileges. I threw these two files at Taran King
  who in turn merged them together. So I humbly apologize for all of the
  errors in the last file. In this file I will revise the old file and
  continue with some more methods of gaining access and also list out some
  very basic commands for beginners. As I said before, if you have any
  questions you can reach me on any board I am currently inhabiting. Hope to
  hear from you...


    *** Gaining Access From Scratch ***

   I made a mistake in my last file and stated that FAM was not a default. FAM
  is a default, but it can be taken out by the system administrators.


 To get a listing of every possible account on a system, it is really quite
 easy. They are located in the MFD directories. Type:

A MFD <MFD #> (Without the "<" and ">" signs)

Or just:

A MFD

 Then type LD and hit return. Now, you will see a listing of files and
 underneath should be a listing of directories appropriately named
 Directories. These directories are valid User IDs. However, I believe that
 directories that have an "*" character in them cannot be logged in to.


   *** Getting Higher Access Revised ***

  SYS1 is the highest system level there is. Meaning unless commands have to
 be entered from the supervisors terminal, you can usually do anything with an
 account that has SYS1 access. Also, I should clarify that SYS1 will not
 always be the name of the highest access available. It could be named SYSTEM
 or anything for that matter.

  You are looking for a file with the extension .CPL - look for this file
 under any of the SYS1 directories. When you find one, SLIST it. You are
 looking for a line similar to:

A <DIRECTORY NAME> <PASSWORD>

It could look like:

A LIB XXX

LIB is the directory (user id) name.

XXX is the password to that directory (user id).


 When you have this, log into that account with the directory name and
 password. If your lucky you'll gain access to that account. I have noticed
 that a lot of high access accounts sometimes have the password XXXXXX or X.
 Try these, I am unsure as to whether they are actual defaults or not.


  Ah, the revision is done! Now some more ways to gain access...


   *** The Trojan Horse ***

  Providing you have access, you may or may not be able to edit a file in a
 high access directory. If you can't then try the above technique and try to
 hack a higher level account.


  You will first want to learn the Command Processing Language (CPL). Type
 HELP CPL for a list of commands and then play around and try to write your
 own programs. If you don't have a manual handy, look at other CPL programs in
 other directories you can access. Once you know CPL, all you have to do is
 edit a CPL file in a high access dir. Add your own high level commands to the
 program. Then replace the old file, logoff and wait until the operator(s)
 decide to run your program. Hopefully, if everything goes well your routines
 will help you with whatever you wanted. However it would be a good idea to
 have your TH write a file to your directory telling you whether it has been
 ran or not. I will discuss different Trojan Horses in later issues of Phrack.


  Once on a Prime it is pretty easy to get other accounts so don't worry about
 it. Just worry about getting on in the first place. Patience is definitely
 required since many systems (particularly versions 19 up) tend to hang up
 after the first invalid id/password combo.



     *** Basic Commands For Beginners ***


  This is a list of basic commands you can use once on a Prime system. I will
  not go in-depth on a command, because you can do that for yourself by
  typing:

HELP <COMMAND NAME>



SLIST <FILENAME>

This will list out the contents of a file on a directory. Type in the full
file name (plus extension).


ATTACH <DIRECTORY NAME>

This will attach you to another directory. For a full explanation type HELP
ATTACH.


LD

This will list all the files and subdirectories in a directory.


RLS -ALL

Commands add up on the stack, and eventually after a pre-determined amount of
commands you will get a message telling you that you are "now at command level
XX". This command will release all those pent up commands in the stack.


CPL <FILENAME>

This will run a file with the extension ".CPL".


COMINPUT <FILENAME>

This will run a file with the extension ".COM"


SEG <FILENAME>

This will run a file with the extension ".SEG"


STATUS USERS

This will give you a listing of users and other information currently on the
system.


STATUS

This will give you the status of the system and other information.


EDIT (Or ED)

This is a text editor.


CHANGE_PASSWORD <OLD PASSWORD>

Does just what it says it does.


DELETE <FILENAME>

Deletes a file.


LOGOFF

I think this is pretty obvious.


LOGIN

This will log you out and take you back to the login process, providing there
is no logins-over-logins set by the administrators.


This is a very small list, but will probably help the beginner greatly when
he/she first logs on. Hope you enjoyed this issue...Look for Hacking Primos
Part IV in Phrack, 12. Mebbe'.



                    -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
                    !                                   !
                    #           A Phrack,Inc            #
                    !                                   !
                    #           Presentation            #
                    !                                   !
                    -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
==============================================================================

AOH Site layout & design copyright © 2006 AOH