How to hack WildCat! 4.0
                       One Hacker's experience....
                                 by
                           RoBoTiC HaMSTeR


        Well, first off, I have some good news, and some bad news... The
good news is that, yes, WildCat! is hackable. The bad news is that 
with method explained here, you need to be able to access the sysop menu.
        Now before you walk off and think it's impossible, it's not... 
I've been able to do it more then once... The key is to act like the 
sysop's best buddy... WITHOUT bugging and annoying him. Try checking the 
message bases and reply to any messages left by him. Try to chat with him 
once in a while... Try talking about the latest software... Trade programs...
Be creative! After he thinks he knows you pretty well, ask for co-sysop 
access... (Only say it in a more joking manner. Like you're really not
expecting him to say yes.) 
        Another way is to hack someone's account who has sysop or co-sysop
access. I've found many boards with many users having co-sysop access...
Hack away!


Once you're in:
---------------
        Okay, you have co-sysop access. To be able to drop to DOS, you
will need a batch file which contains the following:

CTTY COM1
COMMAND

(And, of course, COM1 is replaced with the appropriate com port.) Call
the file whatever you want... "BATCH.BAT", "TAKETHIS.SOB", anything your
heart desires. Okay, now upload the file. Then go to the sysop menu
by typing "1" at the menu prompt. Once there, run the "Even management" 
option. You should see something like the following:

  #  Description  Schedule Type  Start      Last Execute       Parameters
--- ------------- -------- ---- ------- --------------------   ----------
  1 Run batch     SMTWTFS  Soft 12:00am Wed 10/12/94 12:00am   WET.BAT
* 2 Run batch     SMTWTFS  Hard 2:00am  Fri 10/28/94 2:00am    MAILRUN.BAT
  3 Run batch     SMTWTFS  Hard 3:00am  Sat 08/27/94 10:07am   TERM.BAT
  4 Run batch     SMTWTFS  Soft 4:00pm  Wed 10/12/94 4:00pm    WET1.BAT
* 5 Reset stats   SMTWTFS  Soft 4:00pm  Thu 10/27/94 4:07pm
  6 Run batch     SMTWTFS  Soft 9:00pm  Wed 10/12/94 9:00pm    WET.BAT
Current time:  Fri 10/28/94 12:23pm
Edit [A]dd, [E]dit, [R]un, [D]elete, [S]chedule, [H]elp, [Q]uit? [ ]

(NOTE: the above is an excerpt from a capture file on a hack I recently
did.) First find out what directory the files for WildCat! are located 
by hitting "E" to edit an event. Take your pick which one you edit...
You'll see something like the following:

[E]nabled       : No
[A]ction        : Run batch
[B]atch file    : C:\WC30\TERM.BAT
S[h]ell type    : Terminate
[T]ype          : Hard
T[i]me          : 03:00
S[c]hedule      : Daily
[D]ay           : Sun Mon Tue Wed Thu Fri Sat
[L]ast executed : 08/27/94 10:07

Edit event [S]ave, [Q]uit? [Q]

        Bingo! The files on this system are located in the directory 
C:\WC30. Now go and create a new event by hitting "A" at the event 
management menu. When it asks for the directory that the batch file 
is located, enter the upload directory. We know that the BBS files are 
kept in the C:\WC30 directory so try C:\WC30\NEW or C:\WC30\UPLOADS. 
(Which is where I found them in this case.) Something that helps sometimes 
is the name of the file directory on the board. If it's called "New files" 
try \WC30\NEW. If it says "Recent uploads" try \WC30\UPLOADS. You get the 
idea. Now, at the even mangament menu, [R]un the event you just created.
You'll know if you entered a nonexistent directory if you get the message:

System Error:
Sysop has been notified, you may continue...

        And then it drops back to the event management menu. One note 
here, if you entered the wrong com port in your batch file and try to
run the batch file, the BBS will lock up until the sysop reboots the BBS. 
        After lots of personal experience, I've found this method a lot
easier then trying to hack out the password with the Shell to DOS
option.(Which you must have sysop access to the best of my knowledge) 
You may prefer to try using that tho... It's up to you.


What to do once you're in:
--------------------------
        Whenever I hack a board, I always make sure there's a copy of
DSZ online and if there's not I upload it. Other programs that will
help are files like File Find(to find certain programs) and Wipe(to
erase your working files, system logs, etc.). 
        Okay, things to look for are the sysop's terminal program. Zip
and download it. Zip the BBS software and download that too! (You may 
not want to go this route tho since WildCat! 4.0 is several megs. <g>
Try just taking the user file.)
        Try finance programs like Quicken... There may be credit card
numbers and the like in the program. Use you imagination!
        Don't format the drive tho unless the guy's a REAL prick...
Personally, I just like to leave little messages and stuff behind...
make the guy know his system is not as secure as he thought. Rename
his hard dive. Edit his autoexec.bat to display a cute little message.
Let him live in fear with the fact that people can hack into his system.
:-)


A word in closing:
------------------
        Well, that basically covers everything I was going to talk about
in this file. If there are any questions, I can be contacted on RIPCO,
PMS, or The Death Legion. The numbers for which are all listed at the 
end of the file.
        Also, any feed back would be greatly apperciated. This is the
first time I've ever written a file on hacking and would like to know
what you think. Positive, or negative... All feedback is welcome. After
seeing some of the trash on boards like RIPCO, it my intent to write
QUALITY text files... Ones you can accually understand. Hey, thanks for 
reading...


Help!!!! Help!!!!
-----------------
        I now have a small request of you, the reader... If you know 
of ANY backdoors to ANY BBS programs, PLEASE let me know. In return for 
any valid backdoors you tell me about, I'll share with you a way to 
hack ViSiON-X /2 (and without having to have co-sysop access!). You 
scratch my back, and I'll scratch yours. 


L8r.
RoBoTiC HaMSTeR  (October 1994)


Report all backdoors to me at the following boards:
RIPCO BBS      1.312.528.5020
PMS            1.908.793.7060
Death Legion   1.315.472.XXXX




             1994 Psychadelic Technologies of America Incorporated        
    Specializing in computer hacking, computer virii, telecommunications,
                       and quality text files.