From info-rphh@technologist.com Fri Feb 06 18:57:09 1998
Newsgroups: alt.org.royal-phreakers
Subject: alt.org.royal-phreakers & RPHH: Discussions List FAQ v2.2
From: info-rphh@technologist.com
Date: Sat, 07 Feb 1998 02:57:09 GMT


			alt.org.royal-phreakers
				&
			RPHH: Discussions List
				FAQ
			        version 2.2
			   (February 1998)
			written by David Dune
		       info-rphh@?technologist.com




	No major revision to this FAQ has taken place. Only if it
changes from 2.* to 3.* etc. is there another major change.

	This newsgroup was created by me, David Dune, as a discussions
outlet for the monthly Royal Phreakers Household Newsletter.
Membership to the RPHH and the Newsletter is by invitation only.
	This group is not moderated for the members to allow full
access to the flow of ideas. This means that non members can also post
to this newsgroup, naturally a moderated newsgroup hopper would also
be able to post, if they knew the news://alt.dev.null tricks...
	However, by posting in the a.o.r-p, you give the creator
permission to sample your text or reproduce it in the RPHH Newsletter,
the writer will of course be accredited as the writer, this doesn't
always naturally mean the poster of the quoted article.

Index

1 Hacking
	1.1 How do I Hack?
	1.2 How do I become a Hacker?
	1.3 Why don't I see phone numbers posted?
	1.4 How do I hack the internet?
	1.5 Risk factor key. (How much chance?)

2 Phreaking
	2.1 How do I Phreak?
	2.2 How do I become a phreaker?
	2.3 How do I make a <colour> box?
	2.4 Can I get Phreaking phone numbers?
	2.5 Can I Phreak in <country>?

3 Carding
	3.1 What's Carding?
	3.2 What can and can't I do?
	3.3 Could you give me some Credit Card numbers?

4 Cracking
	4.1 How do I Crack this program?
	4.2 What programs do I need to Crack?
	4.3 Could you post a Crack for <program> v<version>?

5 Viruses
	5.1 How do I make a virus?
	5.2 Which languages can I use to make a virus?
	5.3 Which programs can I use to make a virus?
	5.4 How do I get rid of a virus?

6 Protocol
	6.1 A list of Protocol.
		6.1.1 Do's and Don'ts
		6.1.2 Subject
7 Philes
	7.1 Where can I get philes?

8 Credits

1 Hacking

	1.1 How do I hack?

	This is an easy question to answer, if you have to ask the
question, you're not able to hack yet. The RPHH Newsletter gives some
tips, but the best way to learn is by RTFM that you can find if you
search the internet. Try Yahoo, http://www.yahoo.com/ or try Alta
Vista http://www.altavista.com/.
	If you then find a specific question you need answered then
come back and ask that question.

	1.2 How do I become a Hacker?

	By asking this question you show yourself to be totally
stupid, you don't become a Hacker, your either are one or you aren't.
What you see as Hacker is a romantic figure on-screen, but it's the
person others would rather shun in real life.

	I don't know if you know the story behind Java, the name, but
here is the real story (It shows what hacking is about):
	Once upon a time their was a young computer designer and
programmer, who'd started of as a hacker. Being a good designer and
programmer he gladly got exploited by his boss, this would mean he'd
spend all his time behind the computer not knowing whether it was
night or day.
	Now as the official story goes he'd just developed a new
programming language and after a lot of time he still couldn't come up
with a name, he looked out of the window and saw this great oak
standing outside, he named the language Oak.
	That's the popular mith, but it's a lie! He sat in his office
not even having a window, because he worked in the inner parts of the
office complex and only the most important people like janitors and
company executives had windows, he looked up at the screen and down at
his mug which was empty. He really could use a strong cup of coffee,
because he'd been working for over 48 hours behind his computer
figuring out this problem he had. While walking down to the coffee
machine he hoped that it wouldn't be the weak mud he'd come to expect
from this coffee machine, it was. He walked back to the office
contemplating if he should just go home and have a good cup of coffee,
then he suddenly realized "coffee"! He'd name this fabulous
programming language JAVA, just to remind the programmers of this new
language to drink plenty of it when working late.

	The moral to the story is drink coffee!

	1.3 Why don't I see phone numbers posted?

	Because before you know it everybody is going to be calling in
and trying to hack it. Then they'll put a trace on it. I want to be
able to hack in peace.

	1.4 How do hack the internet?

	It's difficult but fun. Decide what part you want to hack,
read the RFC on the subject. RFC stands for Request for Comments, this
is basically the whole file on protocol that surrounds the internet.
These are the thing your program does in the background while you are
using Eudora it's loading SMTP-mail, Netscape's loading a HTML-page
it's using HTTP to get the information, Cute FTP is using the
FTProtocol or even GOPHER, TFTP and USENET. (It's actually a
subliminal message.)
	Here are a list of ports you can log into to use the knowledge
you aquire.

	port	|Interest

---------------------------------------------------------------------------------
	  13	|Daytime Connection
	  19	|Chargen (Character Generator)
	  20	|FTP
	  21	|FTP-control
	  23	|TELNET
	  25	|SMTP
	  53	|DNS (Domain Name Server)
	  69	|TFTP (Trivial FTP)
	  79	|Finger
	  80	|HTTP
	 119	|NNTP (USENET)
	1024+	|Anything higher is possibly not protected by a
		|firewall. Although it probably is.
	8040	|Used by http://anonymizer.com/ for payed anonynimous
		|connections
	8080	|Used by http://anonymizer.com/ for free anonynimous
		|connections

	Naturally ther are thousands if not millions of possibilities
for the internet, but RFCs make sure that there are global
similarities. Otherwise you'd need millions of programs just to serve
the WWW.

	1.5 Risk Factor Key.

High	=	any vulnerability that provides an attacker with
		immediate access into a machine, gains superuser
		access, or bypasses a firewall.  Example:  A
		vulnerable Sendmail 8.6.5 version that allows an
		intruder to execute commands on mail server.

Medium=	any vulnerability that provides information that has a
		high potential of giving access to an intruder.
	Example: 
		A misconfigured TFTP or vulnerable NIS server that
		allows an intruder to get the password file that
		possibly can contain an account with a guessable
		password.

Low	=	any vulnerability that provides information that
		potentially could lead to a compromise.  Example:  A
		finger that allows an intruder to find out who is
		online and potential accounts to attempt to crack
		passwords via brute force.

2 Phreaking

	2.1 How do I Phreak?

	Phreaking is a form of dance made popular in the 1960s and
1970s, but nobody could make free phone calls just by dancing, so they
stopped dancing like that. (Thank God!)
	"Phreaking is the sport of Nobles and peasants alike,"
somebody once said and it's true. The Mob uses phreaking to make free
calls, just like you or I could. Just who the nobles and peasants are?
You can it figure out for yourself.
	Phreaking is also difficult, but not impossible, it's consists
of fooling the phone companies computer into thinking you have the
right to make a phone calls or mess with the computer.

	2.2 How do I become a phreaker?

	You may think that you can become a phreaker just by using a
blue box to make free calls, it isn't that easy. You have to know not
only what you're doing, but you have to have purpose. Just using a
blue box doesn't make you a phreaker! A child can use a blue box!
	You have to have some knowledge of the system, you have to
want to use the system for the right causes. You have to be able to
justify your actions and be able to play and leave without being
noticed.
	Again this isn't a thing you can become, you either are one or
you're not!

	2.3 How do I make a <colour> box?

	You get a file on the subject and read, you absorb the
information and use it. Again the RPHH Newsletter gives some tips, but
the best way to learn is by RTFM that you can find if you search the
internet. Try Yahoo, http://www.yahoo.com/ or try Alta Vista
http://www.altavista.com/.
	This FAQ isn't going to tell you, because their are so many
different boxes that you'd be overwhelmed by the size of the FAQ.

	2.4 Can I get Phreaking phone numbers?

	Yes, if you can get somebody to give them to you. I won't so
don't ask. (see 1.3 for enlightenment)
	You could use a Prefix-dialer or a War dialer, they phone the
numbers and see whether their are in use or not. (Have a look in
http://www.yahoo.com/ you get at least 1000 hits.)

	2.5 Can I Phreak in <country>?

	I don't know about all the countries in the world, but you can
phreak in the UK. Just send a message to
pteknik@djd.ftech.co.uk?subject=UK+Phreaking+FAQ and receive the FAQ.
	And in the Netherlands (news://hacktic.phreak)

3 Carding

	3.1 What's Carding?

	Carding is the illegal and fraudulent use of a credit card or
credit card number to aquire riches and toys. It can also be very
dangerous, please don't forget to give the Mob their tribute! (c;

	3.2 What can and can't I do?

	You can't card! You can't go into a shop with security cameras
to by stuff, unless you're stupid and want to get caught!
	The best way is to mail-order the things you want and get them
send to a un inhabited house. This way you don't get caught.

	3.3 Could you give me some Credit Card numbers?

	No, because that is a felony and I want to max the card on my
own!


4 Cracking

	4.1 How do I Crack this program?

	You learn assembly and play around with the program! It's as
simple as changing a printed statement into something rude or as handy
as making cheat-codes or removing the registering facility.
	However if you are not going to pay for the program don't use
a fake code for registering, that's like taking money out of your own
pocket. If you do that their may not be a 2.2 or higher, because the
programmer can't earn any money of the program. (Unless it's a
Microsoft product, then you can steal away.)

	4.2 What programs do I need to Crack?

	A dis-assembler would be handy and a decompressive tool,
because most programs have stupid integrity saving additions! Just get
a philes on cracking and play around with it.

	4.3 Could you post a Crack for <program> v<version>?

	No, because this isn't a binaries group. If it gets cluttered
up with stupid Cracks and Warez your server may remove it. (That's if
your server already carries it.)
	If you really want a Crack for a program write it yourself!

5 Viruses

	5.1 How do I make a virus?

	Learn a programming language and try to make one.

	5.2 Which languages can I use to make a virus?

	Most languages can be used, I've seen viruses written in
BASIC, C/C++, ASM and more. Just pick out a language and have a play.
If your system gets destroyed then it works, doesn't it...

	5.3 Which programs can I use to make a virus?

	Most programs that are meant for programming, I like Borland's
C++, but I've used TASM, QBASIC and others.

	5.4 How do I get rid of a virus?

	Did you get a virus scanner? If not then you're a bigger fool
than I thought you were. Get one at http://www.mcafee.com,
http://www.esafe.com or http://www.data-fellows.com, or goto a
different AV homepage.


6 Protocol

	6.1 A list of Protocol.

		6.1.1 Do's and Don'ts

		Don't post binaries! Use news://alt.binaries.warez.*
		Don't flame people! Use news://alt.flame
		Don't start or engage in posts concerning peoples ID!
		Don't post SPAM! Unless it's the canned kind.
		Don't ask questions covered by the FAQ!
		Don't ask to be posted personally! (If you want to be
posted personally add "poster" to the "Followup-To:" Field.)
		Don't post other people's addresses! (On-line or not!)
		Don't forget to kill-file people who don't follow
protocol!

		Do have fun!
		Do kill-file people who don't follow protocol!
		Do follow protocol!

		If you feel people have responded enough to the
thread, or shouldn't respond to your post, then paste
news://alt.dev.null in the "Followup-To:" Field. (As I have done.)

		6.1.2 Subject

		To make the reading of post easier I've devised a way
to keep the subject-headers clear.

		code	| Interest
		---------------------------------
		  OT..	| Off Topic
		  PR..	| PRactice
		  TH..	| THeory
		  ..CR	| CRacking
		  ..CC	| Credit Cards
		  ..CH	| CHips (cards)
		  ..HK	| HacKing
		  ..PH	| PHreaking
		  ..VI	| Viruses

		Example 1: Subject: THVI Polymorphic Macro Virus (PMV)

		That would be a post theorizing on the "PMV" theory.

		Example 2: Subject: PRVI was Re: THVI Polymorphic
Macro Virus (PMV)

		That would be a post setting into practice (or
presenting a usable piece of code) for a "PMV" or the reaction to the
"PMV" theory.

	6.2 What's the reason for this protocol?

	It so everybody who reads the newsgroup or the discussion list
knows exactly what lies in their field and what doesn't.
	Anybody who comes across the subject: "Telephone loaders"
could think that it has something exclusively to do with Phreaking, it
doesn't! with the subject: "THCC Telephone loaders" you can instantly
see that it has to do with Credit Card loaders (probably Chip cards)
or the subject: "THCH Telephone loaders" which is certainly Chip card
loaders.

7 Philes

	7.1 Where can I get philes?

	You can get them from http://www.yahoo.com/,
http://www.altavista.com/, etc. The place to get back editions of the
newsletter is http://www.asper.force9.co.uk/. You can also get back
editions of the Newsletter from some mirrors.

8 Credits

	This FAQ was created by David Dune, any similarity to a
different FAQ is to be expected, but no information has been directly
copied from a different FAQ. However these people contributed in the
information given here.



Pyro Teknik <pteknik@?djd.ftech.co.uk>
The UK Phone Phreaking F.A.Q.
Release 1.9 (July 1997)
http://spasm.redcat.org.uk/~pteknik

Phrack Magazine
phrack@?well.sf.ca.us
http://freeside.com/phrack.html
http://www.fc.net/phrack/pftp.html

Death Jester
deathjester@?technologist.com

CERT
cert@cert.org
Phone:	+1 412-268-7090
Fax:	+1 412-268-6989

CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
USA

Anon
Creator of the news://alt.comp.virus.source.code FAQ

Eli the Bearded
Maintainer of the news://alt.dev.null FAQ

Anybody  forgot to mention forgive me my memory is failing

	In any stand alone e-mail addresses please remove the ? after
the @ to reply. If you don't have any hypertext links in your text,
remove everything after .com?, .org?, etc... (Including the ?)