TUCoPS :: General Information :: hackn101.txt

Hacking 101

HACKING 101 - By Johnny Rotten  - Course #1 - Hacking, Telenet, Life
---------------------------------------------------------------------

Since I have always felt that Baton Rouge was at a loss for *GOOD* hackers,
I have taken it upon myself to educate the masses on this rather elusive of
subjects.

This course will cover a straight jaunt into Telenet, how to get there, what
to do, where to go, and what to do once your in.

The very first thing that you will need to do is to get NUAA from the Sprawl.
This rather nifty utility scans Telenet for valuable, connectable "addresses".
These addresses are a numeric code which is broken down as such:
                508266 - typical Telenet address
                ^^^
                This is basically an area code...
                The 266 part can also go up as high as 9999 (or above)
                That's the unique part of the address

Alright, scan a known area code...you will almost certainly get a large number
of connections, and using NUAA, it doesn't take very long (an hour or so to
scan over 800 possible connections...indeed not very long).

NUAA will produce a logfile, and another file of NUAs (network user addresss,
get the connection?).  Check this NUA file.  All of those addresses are valid
connects.  And, it also gives the first line of text that came across on this
system.

This is where you will begin.  Look through this list for anything that says
Unix.  Once you find a NUA that goes to a Unix, your work shall begin.

The first thing to try and do when trying to access a Unix is to try "default"
accounts.  These are accounts that are built into an initial Unix installation.
However, these accounts are usually changed.  IF they were always changed, then
we would never get in anywhere.

The list of defaults for a Unix that I am aware of are:
        informix, sync, uucp, golden, anonymous, user, login, demo

These accounts usually have the same password as their username.  I.e. account
"informix" will have it's password as "informix".

Dr. Hacker and the Bladerunner have additional information concerning defaults,
and I am sure that they will comment.

What to do when you have gotten into the system
-----------------------------------------------

Watch the logon screen for the last login date.  If it was a day ago, or a
few hours ago, or even a week ago, IMMEDIATELY hang up.  These accounts are
better left for the local pro (Dr. Hacker) or the semi-pros (myself and
Bladerunner).  However, if the last logon date was more than a week ago, or
even a year ago, IMMEDIATELY hang up.

Why?  Well, unused accounts are just as dangerous as used accounts.  You should
call here and alert us to the system that you have found (in E-MAIL, not in the
public forums).  The only way that your further education in this matter can be
attained is if you remain undetected, and the process to determine that is more
complicated than I care to go into.  But once you have determined that you can
get in, let us know.

So, that's the first part of this lesson.  Once you have completed this much of
it, then let me know, and I will go on to the next part, which is - "What kind
of fun things are there here to do".

Any questions...??


JR

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH