AOH :: P37-02.TXT

Phrack Loopback

                          [-=:< Phrack Loopback >:=-]

                                By Phrack Staff

     Phrack Loopback is a forum for you, the reader, to ask questions, air
problems, and talk about what ever topic you would like to discuss.  This is
also the place Phrack Staff will make suggestions to you by reviewing various
items of note; magazines, software, catalogs, hardware, etc.

 Review of 2600 Magazine Autumn 1991
 PO Box 752                                     Individual Subscription Rates:
 Middle Island, NY 11953                        US : 4 issues (1 year) $21.00
 InterNet:                   OS : 4 issues (1 year) $30.00
 Phone: 516-751-2600                            Corporate / Business Rates:
 Fax: 516-751-2608                                 : 4 issues (1 year) $50.00

 By Dispater

     2600 Magazine has been published since 1984 by Emmanuel Goldstein.  "The
Hacker Quarterly" runs just shy of 50 pages and is printed with nice glossy
covers to make a 5.5"x8.25" magazine.  In 2600 you will find the usual articles
about hacking and phreaking, as well as a few surprises.  2600 often covers
topics that do not necessarily pertain to hacking or phreaking, but are quite
useful.  There is also a "letters to the editor" section and even a place for
people to buy/sell goodies.

     This particular issue contains an article on Simplex locks and how easy it
is to open them.  Included are pictures of opened Federal Express mail boxes
that use Simplex locks.  The next most interesting thing I found was an
article on those strange little lines on business letters.  "Postal Hacking"
will not necessarily tell you how to mail letters for free, but will tell you
how you can speed up the process of delivery for free.  Then there was the the
"Protecting Your Social Security Number" article that was recently printed in
Phrack Inc Issue 35.

     There was also an article about the video tape of the Dutch hackers
breaking into the military systems.  2600 even offers to sell the videotape
that was partially played on the evil Geraldo Show [dick].  There was also a
good article written about psychology in the hacker world.  The somewhat
Freudian analysis of the female security agent fearing "mounting" (of her hard
drive), "penetration" (of her system), "infection" (from viri), and "has a
headache" (due to hackers) was insiteful as well as very funny.  Moving on to
the other parts of 2600, you can find scattered tidbits of misc information
(ie: lists of COCOTs, NUAs, ANIs, small useful programs, and interesting
business/government forms they get from readers, etc)

     Finally, this is the part that everyone complains about, the price.  But,
2600 has a great deal for those poor college hacker out there.  If you submit
something to 2600 Magazine that is printed, you get a free subscription.  That
sounds fair to me!  Maybe we should try the same thing with Phrack?

     All in all 2600 Magazine is a GREAT publication and is highly recommended.

 What's On Your Mind?

:: Some People Never Get The Hint ::

     Recently Phrack Inc. received a subscription request from an individual
who played a key role in Operation Sun-Devil.  You may know him from bulletin
boards where he often used names like "The Dictator" or "Blind Faith."  We know
him as Dale Drew.  Who would imagine that he would dare to ask us for a
subscription?  I personally couldn't believe it.

     Just in case you forgot or have been living in a hole for the past two
years, Dale Drew was a paid United States Service informant who secretly
enabled government agents to videotape SummerCon '88 in St. Louis, Missouri.

     The following is an example of a Dale Drew/The Dictator/Blind Faith
posting on a bulletin board.  He claims to be a cosysop on Lutzifer as well as
some other nonsense.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

ZDDDDD Packet Switching Networks/PSNs DDDD September 27, 1991 at 8:52 pm DDDDD?
3 Left by  Blind Faith (Level 40)Title: Telenet (No Replies)3
3 > <-702-> CoSys on Lutz (Tymnet) <To: Anyone3

Couple of Things:

Anyone, besides myself, have any experience with Tymnets and/or Telenet
debuggers? (Xray, TDT2, Isis, etc)...  TDT2 on Telenet is great, cus on the
private nets they've got a hard-coded password...always gets you in.  They used
to have it on the public net too, but about two years ago they fixed it.
(maybe nbot all of it, but I cant find any that still do)

sprint is a tymnet nui that goes to telenet

telenet is changing there host format.  they are adding an extra digit (too
many hosts, i guess).  so be on the look out for that.  Im not sure when, but
the customer service rep, was VERY helpful..

"What, me worry?"
[Message menu] Command (?/Help):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

     Dale Drew is currently working for Tymnet security.  For more information
about the activities of Dale Drew, it is highly recommended that you read
Computer Underground Digest (CUD) Issue 3.02.

     Since I knew that Knight Lightning would enjoy (smirk) hearing from his
old pal, I forwarded the mail appropriately to Knight Lightning's email

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

From: ddrew@btnagns.Tymnet.COM (Dale Drew)

I would like to have my name added to the Phrack Mailing List.  In the past, I
have been getting the Phracks from the University of Chicago, but it would be
more convenient to have the Phracks mailed to me.

Also, I was terribly disappointed to see that Phrack had decided to lower its
standards of information by releasing the contents of Phrack issue #36.

Dale Drew
Sr. Information Security Specialist

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

From: Knight Lightning
To: Dale Drew

Dale (DicKtator/Blind Faith) -- I have to admit that you have balls to send a
letter to my friends at Phrack and requesting a subscription.

You are a paid informant for the Secret Service.  You set people up to get
busted.  You take people's trust and turn on them.  You are a liar and a fraud.
You know, Dale, I never imagined such things until a couple of weeks before I
went to trial and I had the opportunity to watch those video tapes of
SummerCon '88.  You and your fascist Secret Service law enforcement friends
definitely put one over on us (even if there isn't anything illegal taking
place on those tapes... Great way to spend the taxpayers' money).

So when you wrote to Phrack the other day, did you really think they would not
know who you were?  Did you expect a warm welcome?

During the time that I was editor of Phrack, I had a policy of inviting law
enforcement and security people on to the Phrack mailing list.  I don't run
Phrack anymore, but my recommendation to the current editors is very simple.
They should not send Phrack to you... not because you are with law
enforcement... because you are the LOWEST FORM OF LIFE and deserve nothing
except our strong dislike.

In short -- I speak on behalf of the modem community in general,
"FUCK OFF GEEK!"  Crawl back under the rock from whence you came and go
straight to hell!

Knight Lightning

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

From: Dale Drew
To: Knight Lightning


Apparently you are not as mature as I was led to believe.  Not being on the
Phrack mailing list is not a concern to me, it was merely a convenience.
Phrack, as I am sure you are aware of, is available all over the net and I will
just continue to receive my copies from there.

I had no idea that you and the newly founded editors of Phrack have decided to
become so childish.  But I suppose things will never change, and that I am sad
to see.


:: Best Evidence ::

From: John Higdon
To: Dispater

> Dispater writes:
> I think the joke issue of Phrack (36) will contain a top 10 list of stupid
> things the SS likes to take.

I am consulting with the defense for an up coming trial and had the opportunity
to examine the "evidence" seized in the defendant's home.  Notable items: model
rocket launcher, local area street maps, about a dozen 2500-style telephones, a
typewriter, pre-recorded audio cassettes.  An interesting item was left behind:
a TSPS console.

One wonders what (if anything) goes through the minds of the officers executing
the warrant.


:: Fed Proof Your BBS, NOT! ::

     I'm sure many of you have seen text files on making your BBS more secure.
One such file floating around is by Babbs Boy of Midnight Society.  One of the
members of our Phrack Staff showed this document to EFF's Mike Godwin, who is
an attorney.  He had the following comments:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

From: Mike Godwin
To: Phrack Inc.

(In regards to some of the files about how to "fed-proof" your bbs:)

>  Let's start with the log on screen:  If FEDZ want anything from your board,
>  they are required to provide 100% accurate information.

This is false.  Ask the legislators who've been convicted in "sting"
operations.  In fact, so far as I can tell in a brief run-through of this
document, absolute no part of the so-called "legal" advice is true.

Law enforcement agents who misrepresent their identities (e.g., "undercover
agents") produce admissible evidence all the time.


:: Diet Phrack is Good For You ::

From: Gordon Meyer
To: Dispater
Subject: Phrack #36

Thanks for sending over Diet Phrack!  It looks like some of the old energy has
finally been renewed.  I especially liked the introduction, there is intensity,
pride, and humor sprinkled thru out.  Reminds me a lot of some of the "old"
PHRACK issues.  Neat!

Gordon R. Meyer

:: Anonymous Mail ::

 From: Creeping Death

>         Hi guys.  I was wondering if you could tell me how to send anonymous
> mail.  I heard that you could but no one here at my university seems to have
> a clue.  Please help me out

     There are many ways to do this.  One way is to use the method described
below.  However, keep in mind there are other ways of doing this.


-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -

 Anonymous Mail via SMTP Using A Simple Shell Script
 From: The Artful Dodger

     This file is for those people who like/want to send anonymous mail via the
net but don't like the hassle of raw SMTP commands.  So, I wrote a simple shell
script to take care of this.  This program is quite simple but I will give a
brief explanation anyway.

     There are two ways to run this program.  Just type the name you save it as
or the name you save it as plus the person you want to mail.  Either way you
will eventually get to the From: prompt.  If you just hit return at this prompt
it will assign your userid@your hostname.  Otherwise you can type whatever you
feel like.

     Next you will get the prompt asking you which host you wish to use for
SMTP.  If you are using the host you are on, just hit return as this is the
default.  Otherwise enter any host that allows telnet to port 25.  Then you get
to pick which editor you wish to use for mailing.  It defaults to vi but you
can use whatever you like.  Basically, that is all there is interactively.
After you enter this information, the program creates a file called tmpamail1.
To this file it appends four lines of data.  The first line is 'helo amail' as
some host's SMTP port will not accept commands until one introduces themself to
the host.  The next line is 'mail from: ' and who the mail is from or who it is
supposedly from.  The third line contains 'rcpt to: ' and who the mail is going
to.  And the last line is simply the word 'data'.

     Now, these commands could all be entered manually but why bother when you
have a program to do it for you.  Ok, now the program invokes your editor and
creates a file called tmpamail2.  After you are done making the message and you
exit the editor, it asks you if you want to send this message.  I believe that
is pretty much self explanatory.  Then the program appends a '.' and a 'quit'
to tmpamail2.  Then it appends tmpamail2 to tmpamail1 so you have one file
containing all the necessary header info to send a message via SMTP and quit
>from SMTP.  Then the program sends all this to port 25 of the host that was
specified.  And if all goes well, the person should have some mail waiting for
them.  And one last thing.  The program deletes both tmpamail files after it is
finished.  Well, I hope you all enjoy this little script as it makes sending
anonymous mail a little easier.

The Artful Dodger


#! /bin/csh -fB
### This is a simple shell script for easy use of anonymous mail.  To run the
### program just save it and delete everything up until the #! /bin/csh -fB
### line.  Then just type the name you save it as or the name and whoever
### you will be mailing.  e.g.  amail or just amail.
###   The Artful Dodger

if ($1 != "") then
   set mto=$1
   echo 'To: '
   set mto=$<

echo -n 'From: '
set mfrom=$<

echo -n 'Use which host for smtp (return for '`hostname`') ? '
set usehost=$<

echo -n 'Use which editor (return for vi)? '
set editor=$<
if($editor =="") then
   set editor=vi

if ($mfrom == "") then
   set mfrom=`whoami`'@'`hostname`

echo 'helo amail' >> tmpamail1
echo 'mail from: '$mfrom >> tmpamail1
echo 'rcpt to: '$mto >> tmpamail1
echo 'data' >> tmpamail1

$editor tmpamail2

echo -n 'Are you sure you want to send this? '
set yorn=$<
if($yorn == 'y') then
   echo . >> tmpamail2
   echo quit >> tmpamail2
   cat tmpamail2 >> tmpamail1
   telnet $usehost  25 < tmpamail1 > /dev/null
   echo 'Mail has been sent to: '$mto
   echo '                 From: '$mfrom
rm tmpamail1 tmpamail2

AOH Site layout & design copyright © 2006 AOH