phrack/phrack50/2.txt

1412 lines
58 KiB
Plaintext

.oO Phrack 50 Oo.
Volume Seven, Issue Fifty
2 of 16
Phrack Loopback
-----------------------------------------------------------------------------
Hi,
I have a story of violations of freespeech and censorship and
if I am busted unjustly, please publish this story to the public.
Yesterday some faggot e-mailed me with a ton of ascii crap that
took me an hour + to DL. WHen I finished DLing it, windoze stalled and I
had to restart.. So naturally I was pissed off. The reason this guy
said he did this was because I posted a cheat program for the game
Diablo on my webpage and he doesn't like cheaters. Today he e-mailed me
again with ascii crap.....I was beyond pissed....so I did what anyone in
my position would do....Imailbombed him ... about 600 msg's or so.
I used Kaboom3 and an SMTP I thought (Looked like it from port 25) was
anonymous and untraceable.
As it turns out, 2 hours later the head of security at Earthlink
(my current ISP) called and said that someone from my account had e-mail
bombed this person. The security guy said that the person I bombed
complained to his ISP because it "put out his business for hours." His
ISP traced it to Earthlink and then to me, by contacting the earthlink
security guy and having him look in the logs for who was connected to
the ip (dynamic) they saw in the bomb messages at the time the bombing
occurred. He also said that the guy I bombed called the FBI and got them
involved in it. Is this sounding fucking ridiculous yet? First of all,
any reputable business presumably has a better-than-28.8 connection,
which means it would have taken this guy a couple seconds to DL my bomb.
Secondly, even if he doesn't have a T-1, at 28.8 it would take 2 hours
or so, maybe less. But the FBI is involved..... I can't fucking
believe it! So naturally the first thing I do is e-mail all the
reputable hackz known to me. This is ridiculous, this is
oppressive, this is BIG BROTHER!
Yours,
GrEeNbEaSt
[ So, what exactly is it that you want us to do, besides burst into fits
of uncontrollable for several minutes at a time? ]
-----------------------------------------------------------------------------
Hey, in phrack 48, the article on IP spoofing says you need to sample to
TCP sequence numbers of the host you are attacking. The method is
suggests is to connect via SMTP and then drop the connection. There is
a problem with this - sendmail usually logs failed mail transfers, so
the host will probably be able to correlate this with the time of the
attack and find out who you are. Further, this connection must be done
from a non-spoofed IP address to guarantee you get a returned packet.
There are two options available here:
1) Forge the sequence sampling connection as another host on your subnet
(although if they contact your provider and your provider logs massive
data, you're busted - also this will not work if the local network uses
an active hub)
2) Make sure to remove these traces if you manage to crack the machine -
this is all or nothing - if you fail to crack it, but left indicators of
an attack, you are screwed. (again only if your provider logs heavily)
If you want to circumvent these dangers altogether, simply sample the
sequence numbers from some highly non-logging port. The standard inetd
server for UNIX runs a TCP echo, discard and chargen service, which you
can get sequence numbers from, and does not log anything.
There are two complications to this attack which are becoming
increasingly used, and which effectively prevent it.
1) Some providers do not allow foreign IP addresses to go out of their
subnet as source IP addresses - this is done through router blocking.
Most sites just don't give a damn or are too stupid to figure out how to
do it, but the number of providers doing this is increasing. You could
try to hack their router - easy to find, do a traceroute, but chances of
success are slim if it doesn't allow remote logins. Also, your ISP will
know if this happens, and may take additional precautions immediately
(such as grabbing your ethernet address if you are on a local network -
then you are f!!ked) We don't want any minors reading this to see any
offensive words, do we - oh lord, they might even ban phrack in the
state of Texas. No offense to anyone from Tx unless they deserve it.
2) Some OS's use pseudo-random number generators to create TCP sequence
numbers at the beginning of each connection. This is easy to do under
Linux, and I think some commercial OS's might even be doing this now
(anyone have confirmation of the rumor that Solaris now does this?)
Now, this is easy to check for - connect twice in immediate succession
and see if you get two sequential (or close) numbers. However, a
workaround for this would be to generate pseudo-random sequence numbers
for the first connection from a given IP address (and then again when
the IP layer no longer has any knowledge of this IP address) If a site
was running non-crypto pseudo-random sequences, it would be possible to
analyze it using a spectral test to try to predict sequence numbers, but
if they use a cryptographically secure sequence generator, you would
have to break it (probably not too hard since any highly secure crypto
sequence would make IP response time unreasonably slow) A
counter-solution to this would be to generate random numbers in low cpu
load time, and have a buffer of them for later use. Here, we could
probably go on forever with attacks and countermeasures, so lets stop
now, as a cure for sanity.
As an aside note for the highly paranoid: ethernet spoofing
Note: some of this is theorized, and might not be 100% accurate - if you
get the jist of it, you should be able to figure out if it works for
you.
It is possible to spoof ethernet hardware addresses as well. Some cards
will allow you to do this easily, but you need to have card programming
docs (check the Linux kernel source for your card driver-!!). Others
won't let you do it at all, and require a ROM change, or worse it might
be solid state logic on the card - EVIL. Course you might be able to
get around solid state stuff by recoding the ROM, but I wouldn't
recommend it unless you don't have the $70 to buy a new card, and have a
month or two to spend in the basement.
If you make up an ethernet address, you should probably use a real card
identifier (the first three bytes). This is because some sniffing
software raises warning flags when unknown card identifiers pop up, and
this software is run by more network admins than I'd like to think.
Some new hub technologies may limit this type of spoofing- most notably,
active hubs wouldn't allow it at all. Other new hub designs use
mappings of ethernet address to specific ports on the hub, so you might
not be able to change the address without turning off the machine,
waiting for the hub to time out the address, and rebooting.
Ethernet hardware address spoofing will make a machine completely
undetectable, provided it is not the only machine on a network that is
being monitored.
There may be a way around active hubs, and this is multicast ethernet
addresses. Any network card capable of multicast should be able to send
packets with an ethernet multicast address. This address is not
specific to each card, as many cards can send and receive on the same
multicast address. The problem here is router and hub technology may
have already advanced to the point where it can distinguish multicast
ethernet addresses and convert them to multicast IP addresses, which
would not allow you to spoof. This is only theoretical - I haven't
tried it, don't know anyone who has, and have never even heard rumors
about it.
Note : this information is in no means comprehensive - I don't have the
time or resources to study it, but most likely results in ethernet
spoofing vary by the manufacturers of the network hardware all the way
down the local line - (i.e - ethernet card all the way to the first
gateway)
Another aside: return path rerouting
In return path rerouting, the IP spoofing attack follows the same
general principal, except that the attacking machine gets reply packets,
and does not need to operate blind. There are three ways to make this
work:
1) Pretending to be a trusted host on your subnet
Easy, just pick up packets destined for the trusted machine which
look like responses to your forged packets, and send on their IP
address, and SYN flood their machine. This will even work past
blocking ISP's
2) Source routing attack
Medium difficulty, you have to construct a path between your machine
and the target, and a path between your machine and the trusted host
(although the last part can be made up). Use this and either the
strict or loose IP routing option, and all packets will come back to=20
you. This will not work nearly as much, since many hosts and=20
routers discard source routed packets (it is a well-known flaw in=20
TCP/IP now). However, mightn't buggy implementations only discard
one type of source routing?
3) Experimental - ICMP redirect attack
Try using ICMP redirects to redirect the packets back to the=20
attacking machine. ICMP redirects should only be accepted to=20
machines on a local subnet, but buggy implementations might not do
this correctly (actually, I think the Host Requirements RFC says=20
this is recommended, not required). Also, it may be possible to =20
create a path using redirects or forged routing updates to direct
traffic to a trusted site back to the attacking site. After the
attack, the routing information could be repaired, making it seem
like a temporary network failure. If anyone followed this and knows
what I mean, let me know if you think it's possible. =20
Thanks
Zach
[ Zach, you have good ideas and points. Now, why haven't YOU written
an article for Phrack???
You should...<hint><hint> ]
-----------------------------------------------------------------------------
DEATH TO THE INNOCENT
I WENT TO A PARTY, MOM, I REMBERED WHAT YOU SAID.
YOU TOLD ME NOT TO DRINK, MOM, SO I DRANK SODA INSTEAD.
I REALLY FELT PROUD INSIDE, MOM, THE WAY YOU SAID I WOULD.
I DIDN'T DRINK AND DRIVE, MOM, THOUGH THE OTHERS SAID I SHOULD.
I KNOW I DID THE RIGHT THING, MOM, I KNOW YOUR ALWAYS RIGHT.
NOW THE PARTY IS ENDING, MOM, AS EVERONE IS DRIVING OUT OF SIGHT.
AS I GOT INTO MY CAR, MOM, I KNEW I'D GET HOME IN ONE PIECE.
BECAUSE OF THE WAY YOU RAISED ME, SO RESPONSIBLE AND SWEET.
I STARTED DRIVING AWAY, MOM, BUT AS I PULLED INTO THE ROAD,
THE OTHER CAR DIDN'T SEE ME, MOM, AND HIT ME LIKE A LOAD.
AS I LAY HERE ON THE PAVEMENT, MOM, I HEAR THE POLICE MAN SAY,
THE OTHER GUY IS DRUNK, MOM, AND NOW I'M THE ONE WHO WILL PAY.
I'M LYING HERE DYING. MOM, I WISH YOU'D GET HERE SOON.
HOW COULD THIS HAPPEN TO ME, MOM? MY LIFE JUST BURST LIKE A BALLOON.
THERE IS BLOOD ALL AROUND ME, MOM, AND MOST OF IT IS MINE.
I HEAR THE MEDIC SAY, MOM, I'LL DIE IN A SHORT TIME.
I JUST WANTED TO TELL YOU, MOM, I SWEAR I DIDN'T DRINK.
IT WAS THE OTHERS, MOM. THE OTHERS DID NOT THINK.
HE WAS PROBIBLY AT THE SAME PARTY AS I.
THE ONLY DIFFERENCE IS, HE DRANK AND I WILL DIE.
WHY DO PEOPLE DRINK, MOM? IT CAN RUIN YOUR HOLE LIFE.
I'M FEELING SHARP PAINS NOW. PAINS JUST LIKE A KNIFE.
THE GUY WHO HIT ME IS WALKING, MOM, AND I DON'T THINK IT'S FAIR.
I'M LYING HERE DYING AND ALL HE CAN DO IS STARE.
TELL MY BROTHER NOT TO CRY MOM, TELL DADDY TO BE BRAVE.
AND WHEN I GO TO HEAVEN, MOM, PUT DADDY'S GIRL ON MY GRAVE.
SOMEONE SHOUYLD HAVE TOLD HIM, MOM, NOT TO DRINK AND DRIVE.
IF ONLY THEY HAD TOLD HIM, MOM, I WOULD STILL BE ALIVE.
MY BREATH IS GETTING SHORTER, MOM. I'M BECOMING VERY SCARED.
PLEASE DON'T CRY FOR ME, MOM, WHEN I NEEDED YOU, YOU WERE ALWAYS THERE.
I HAVE ONE LAST QUESTION, MOM, BEFORE I SAY GOODBYE.
I DIDN'T DRINK AND DRIVE, MOM, SO WHY AM I THE ONE TO DIE?
[ Interesting...booze, violence. Now, if only this little story had
some forced sodomy of teenage schoolgirls...
Man, I have no shame...drinking and driving is evil, and will get you
shot in Central America for attempted homicide. That's why I take
cabs or hang around with 12-steppers or mormons. Either way, it gives
you someone to subject to your drunken ravings.
Now why this was sent to Phrack, I have no idea. ]
-----------------------------------------------------------------------------
I just have one question, i just moved back down to Texas from NY,,,
is there any one at phrack that knows local BBS numbers for san antonio???
thanx for the help,
[In almost any city with running water and electricity (and yes,
even San Antonio qualifies as of this writing), in any local computer
store you will find local compu-nerd publications. I think in San Antonio
its "Computer User." In any case, in the back are usually listings of
local bulletin boards. Start with these, and eventually you will come
across the kinds of bulletin boards you really want. ]
-----------------------------------------------------------------------------
The trial of the Danes arrested in the article I wrote in #47 has now
ended. No jail sentences, just community service up to 200 hours (me)
and a fine of 30.000Dkr. (apx. $5000).
Anyway, remember I wrote you about the article being quoted and
translated to Danish in a Danish magazine? Well, after the same magazine
published our REAL names, adrs with the advice not to hire us for any
jobs I got pretty sick of them and sent them a bill of DKr 5000, billing
them for my article.=20
Of course, they won't pay me (would rather go to court) so now I'm
considering taking them on their word. The company I'd be going after
is a daughtercompany of Coopers & Lybrand and is called Institute of
Datasecurity. Most of their employees seem to be notorious idiots, always
proclaiming themselves in the media with the anecdotes of yesterday. They
even gave out an award (money) to the DA who prosecuted us for doing
a nice job!=20
Well, since they didn't only violate my personal copyright but also the
restrictions of Phrack Magazine itself, I wanted to know if I could get
your support? Just some kind of written statement about the policy of
the magazine, whether or not they paid you for it, etc.
In a hurry, dont mind the mistakes,
Le Cerveau
[ Can you please send a photocopy of that article to us at the Phrack
mailing address? Maybe we can help.
I really don't have much respect for the accounting firms "computer
security" teams, and never have. In the years they've been doing this
work, they STILL don't get it.
It's too bad you aren't in America. You could probably sue the living=
hell
out of everyone involved, if they really did publish your names
and advise people not to hire you for work. ]
-----------------------------------------------------------------------------
HEY Whats up,
I was wondering if U could tell me how to e-mail bomb Please!!!!=20
[No, that's a stupid thing to do.
But, if you insist....
Go do a WWW search for the program "UpYours" This should
suit your needs just fine. ]
-----------------------------------------------------------------------------
Hello,
I was wondering if you know where i can get copies of "The Journal of
Privileged Information"? I have issues 1-5, and i`m looking for 6 -
present. If you know where i can get them, it would be greatly
appriciated!! thanx
techcode
[ I'm not really familiar with this magazine, but if anyone out there
has copies of this, email us with information on where to get more. ]
-----------------------------------------------------------------------------
Dear Phrack,
Great job on issue 49. I enjoyed the section in Line Noise about ID
machine hacking. Anyway, I wanted to say that Phrack rules; it is by
far my favorite computer hobbyist magazine. By the way, I remember reading=
a
letter that a reader sent in, about some queer selling bound volumes of=
Phrack,
LOD Tech Journals, and virus source code. A similar occurance happended to
me when I found that some wannabe-elite pseudo-hacker was selling printed
copies of Phrack, 40 Hex, Digital Free Press, and Xeroxed copies of=
alt.2600.
I was curious, to say the least, and felt compelled to defend the honor of
those aforementioned publications. I talked to the fag, and I gained his
trust by using undecipherable hacker jargon that he seemed awed by. It=
turns
out that he had been distributing pirated junk on his PC, using an=
unregistered
copy of Serv-U. I gave him a registration crack, and in return he gave me=
an
account on his machine, so I could download his warez. I logged on to
his PC one day, and I quickly found the serv-u.ini file with the encrypted
passwords.
Since Serv-U uses Unix style encryption, I cracked his personal account
in about 17 minutes. He kept a TCP/IP connection open from 4pm to 11pm
every evening, and I logged on as him one day. I uploaded a virus to the
windows system directory and renamed it something benign, and then I edited
his autoexec.bat to execute it (I also used Fixtime from the Nowhere
Utilities 2.0 to make it smooth). I haven't heard from him since. That
one was a simple job to protect the rights of cool magazines like Phrack!
Take it easy, and keep the issues coming.
dethbug
[ If only all readers were as loyal. Or better yet, if only all readers
sent us a dollar!
Seriously though...a virus was a bit much, but since we weren't there
to sue to protect our copyright...
But uh, let it be known that you were not directed by, nor acting as an
agent of Phrack Magazine, and any and all such behavior was done
purely on your own behalf. :) ]
-----------------------------------------------------------------------------
Does this cost anything ?=20
LORDCYBRON
[ Unfortunately it does, but only your mortal soul. ]
-----------------------------------------------------------------------------
Phrack,
We would like permission to republished Chris Goggans'
(Erik Bloodaxe) editorials from issue 4.42 to issue
7.48 in Node9: An E-Journal of Writing and Technology.
http://node9.phil3.uni-freiburg.de
There is a lot of interest in hacker culture in
cultural studies, and Chris Goggans' editorials give
a good snapshot of the hacker's side of the from
last three years.=20
We could tell our readers to simply go to Phrack and get
the editorials themselves, but putting the editorials
together makes them more effective. Plus, for many of
our readers, a number of names, terms, events need to
be annotated.
Jon Adams=20
[ Well Jon, Phrack has always had a policy of letting people reprint
articles / editorials / whatever as long as all pieces remain
intact with all credit given to the original author and to Phrack
Magazine. If you can do that, feel free to use the editorials. ]
-----------------------------------------------------------------------------
Hi Hackers
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
I have only one question for you, please answer me. I read in your magazine
> =3D=3DPhrack Magazine=3D=3D
>
> Volume Seven, Issue Forty-Eight, File 10 of 18
>
> Electronic Telephone Cards: How to make your own!
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Its very excelent for people who live in country when used the cards from=20
Gemplus, Solaic, Schlumberger, Oberthur: (French cards 256 bit). But I live=
in=20
Slovak Republic and in this country we use The cards from ODS, Giesecke &=20
Devrient, ORGA Karten systeme, Uniqua, Gemplus, Schlumberger and Oldenbourg=
=20
Kartensysteme (German cards 128 bit).
I am was reading in some paper that some people have emulator of these=20
telephone cards (German card). Emulator with PIC procesor.
But I very very long time searching Internet and I have not information how=
=20
I make this emulator. Only in your magazine I found help how I make=20
emulator but emulator which emulate french telephone card but I need=20
emulator which emulate german telephone card.
Please help me if You know some adress where I can find information=20
HOW I MAKE TELEPHONE CARD EMULATOR (WITH PIC PROCESSOR) WHICH EMULATE=20
TELEPHONE CARD TYPE GERMAN TELEPHONE CARD (128 BITS).
Thanks very much, for your answer. realllly thanks, i am waiiiiting.
!!!!! M A X O !!!!!
[ Actually, we don't but perhaps this request will bring in some
information from people in Germany. ]
-----------------------------------------------------------------------------
Can you please send me some hacker stuff that I can use on AOL.
THANX
[ The most important tool a hacker can have is a brain. Unfortunately,
since you are on AOL, it appears that your tool box is empty. Perhaps
you'd be more interested in some cool beavis & butthead .WAV files... ]
----------------------------------------------------------------
Looking for talented hackers for special projects.
First project concerns breaking source code. Please respond.
Justin Raprager=20
<adamas@raprager.com>
[ You probably can't afford any of us on the Phrack Staff.
Your request is being passed on the the readers. ]
-----------------------------------------------------------------------------
Is your web site the best kept secret on the Internet?
We'll promote it to 50 search engines and indexes for $85
and complete the job in 2 business days. Satisfaction is
guaranteed!
Owl's Eye Productions, Inc.
260 E. Main Street
Brewster, NY 10509
Phone: (914) 278-4933
Fax: (914) 278-4507
Email: owl@owlsnest.com
[ Now, if our site is a secret, then how did you morons know about us?
I think a better sales pitch is:
"Is your Web Site Secure?"
We'll give your info to several million hackers for FREE who will be
sure to subject it to an extesive battery of security testing ranging
from exploitation of remote security vulnerabilties to denial of service
attacks. Your site will be profiled continuously for months until
people grow tired of causing you grief.
Would Owl's Eye Productions, Inc. care to be the first for this
amazing new service? Let us know. ]
-----------------------------------------------------------------------------
From: Ray Wardell <ray.wardell@novix.com>
To: phrack@well.com
Subject: FUCK YOU
FUCK YOU ... YOU DUMB ASS SHIT HEAD... FUCK WITH ME AND DIE...
[ Uh, ok. ]
-----------------------------------------------------------------------------
Hi, I would like to become a hacker. I just watched that movie HACKERS. It
got me all siked up. If you could give me some information on how to
become one, I would be apreciative.
[ So if you had watched "Buttman Goes To Budapest" then Stagliano would
be getting this email instead of Phrack?
Dude...it was only a movie. And a bad one at that. ]
-----------------------------------------------------------------------------
Hi there !
Your article of the PIC16C84-Phonecard includes a uuencoded part
that contains the file "telecard.zip". telecard.zip contains the file
telecard.pcb which was created with Tango PCB Series 2.
My version of Accel Tango PCB Version 12 is not able to read this file.
So, I want to ask you, if its possible to send me this file in ASCII-Format
or (better) in a graphic-format like PCX or GIF.
A HP-Laserjet-prn-viewer would be useful, too.
I was also not able to read the schematic-file. Maybe you know a
location on the internet where I can get an evaluation version of the
older version of Tango PCB Series II.
[ Actually, we've got the same problem here at Phrack. Anyone out there
who can help, please send us email and we'll get it out to the
masses! ]
-----------------------------------------------------------------------------
Hi my name is Konrad. I live in Ottawa, Onratio (Canada). I have a
question about one thing. When I download a trial program from internet,
it is only good for 30 days, and when it expires it writes that, to some
file so I tried reinsalling and redownloading the program, but when I
tried to run it, it gave me a message that this version is expired and
that I have to purchase the program. Do you know, to what file it
registers that it has expired, and how to disable it. If you don't know
how to do it, maybe you know someone that might be able to do it, and
forward my address to them. It is very important to me, because I'm
finishing a home page called Teen Online and my graphic program expired
(TrueSpace2) and there is no way that I can afford it, so I rather stick
to trial version. Ok... Thanks for your time.=20
Konrad
[ Usually you can simply reinstall these trial programs and use them
for another 30 days. With others, you can change your system date
back, or edit a date in an INI file. It all depends on the program.
Try some of these things and let us know what works. ]
-----------------------------------------------------------------------------
Why don't you write somthing for the bulgarian hackers?
(recent:take a look at everything that happened in Varna, Bulgaria this=
year)
M a n i a X K i l l e r i a n
[ We'd love to print something about the Bulgarian scene. Honestly,
I have no idea what happened in Varna, nor would I know where to look.
Here's a novel idea: Since you are IN Bulgaria, why don't you
write something about it for us! ]
-----------------------------------------------------------------------------
I'm using BPI Accounts Receviable System Version 1.10 for IBM
Released September 1983
It has whats called a "key disk" that allows only the person with that
disk to closeout the program or month. The problem is this, when I make
a copy of this Key Disk the files match the original to the T.. There are
only 2 files involved. But, when I try to closeout, BPI asks me to insert
the Key Disk and press enter to proceed. When I do this with the "copy"
of the Key Disk the BPI program tells me that the copy is not a Key Disk.
This only happens with the copy, any ideas?=20
Both Key Disks contain the same information. If I try to activate the
close directly from the Key Disk Copy it tells me that it can't find a
file, basrun.exe I checked and this file is part of the BPI Directory on C:
I've used this accounting software for many years and it works well.
But I'm afraid the good Key Disk may go bad one day and I'll be stuck.
Thats why I'm trying to make a copy. Any help would be appreciated.
[ Obviously there is something else on that disk that a normal copy
is not getting. Maybe something as simple as a volume label or
some hidden files.
The easiest thing to do to get around this is make a sector by sector copy
to a disk image file using some kind of program like the UNIX command "dd"
and then copy that image back onto a blank diskette. ]
-----------------------------------------------------------------------------
Hi!
Here I have something for you, which may be interesting in your news=
section.
Sometime during the night between Saturday April 5th and Sunday April 6th,
hackers broke into one of Telenor Nextel's webservers and deleted the=
homepages
of 11.000 private customers and 70 corporate customers, among them the=
homepages
of Norway's two largest newpapers VG and Dagbladet, and the largest online=
news
magazine, Nettavisen.
The hackers somehow got access to hidden scripts, and after modifying and
manipulating them ran them, thereby deleting all the files mentioned.
Early Sunday, the ISP Telenor Nextel started restoring files from a backup=
made
Saturday, but after encountering problems with that one, they had to restore
from Tuesday's backup. Saturday's backup will be added sometime during=
Monday.
=D8kokrim, Norwegian police's department for Economic Crime has been=
contacted.
=09
Reactions:
Sverre Holm of Norway's Organization for Internet Users (http://www.ibio.no)
criticize Telenor for lack of proper information, as well as an unhealthy
attitude. In response to Telenor's comment that they can't guarantee this=
won't
happen again, he says, "Such an attitude can't be tolerated. If this is what
Telenor means, then we have a serious problem here."
Other reactions will surely come in the next days.
References (all in Norwegian):
Telenor Internett:
http://internett.telenor.no/
Scandinavia Online:
http://www.sol.no/ (Telenor's online service)
SOL Direkte:
http://www.sol.no/snpub/SNDirekte/index.cgi?kategori=3DNett-Nytt
Nettavisen:
http://www.nettavisen.no/Innenriks/860330846.html
I hope this could be interesting to you, and a candidate for your news flash
pages. Unfortunately, any references included are to pages in Norwegian, but
anyone with you speaking either Norwegian, Swedish, or Danish should be able=
to
get more information.
Cheers,
O L I K
[ We here at Phrack always want to know what is going on out there on
planet Earth. Keep us informed of anty other developments! ]
-----------------------------------------------------------------------------
I'm investigating some informatic viruses who infect images generating
new fractalized images with a never seen beauty and singularity. Or may=20
be they investigate me. These viruses could broke sohemer in many diverse=20
disciplines like art, artificial life, fractals maths, digital image..=20
if you look web's images http://antaviana.com/virus/angles.htm you will=20
understand everything. I would be acknowledged if you could help me, and=20
it is posible i would like you to diffusse this subject in your interesting
publication.
In the name of biodiversity, if you have these VIRUSES,
PLEASE DON'T DISTROY THEM.
[ Ok. We won't. ]
-----------------------------------------------------------------------------
Hi !
I read In Volume Seven, Issue Forty-Eight, File 11 of 18 - How to make own
telephon card . But when i try to make it , this card didnt work ! I try
all things, and i try to find more informations about telephone cards, but
i still dont know what's wrong !
But today i found on http://www.hut.fi/~then/electronics/smartcards.html
that there is some errors, but there is no information what's wrong.=20
So i decidet to write to Phrack magazine , becouse in article is eriten to
mail all questions to Phrack....=20
Please send me info what is wrong, and how i must change the ASM program to
work correctly or just PLEASE send me email of contact person who knows how
to !!
Thanx in advance !
Marko
[ Obviously that little smartcard article caused a stir. We've got all=
kinds
of email about it. We'll see what more we can dig up, but we are going
to really need some help from Europeans and South Americans. (Smart
cards are not in use here in America!) ]
-----------------------------------------------------------------------------
LOA is back!!! Visit our new page at:
http://www.hackers.com/LOA
Check it out and be sure to send your comments to revelation@hackers.com
Volume 2 of The Ultimate Beginner's Guide To Hacking And Phreaking has been
released as well, so be sure to download it and send me your comments. Be
sure to check out the LOA Files section to view and download past, present,
and future LOA Projects. Take it easy all...
[ No offense intended, but did you ever wonder why there were so many
"Legions of" whatever after LOD?
We'll put a link up to your page though... ]
-----------------------------------------------------------------------------
Hey, did you know that Juno (the nationwide free email service) has PPP
access? Free? To superusers only? Who login directly to their terminals
that have no ANI? And that they are complete fucking idiots, because in
every juno.ini file buried deep in the /juno/user00000x/ directory there is
a section called "Variables" which lists at least one Juno server account,
i.e. "junox14" and a password for it. These work. Not that I've tried them,
or do this, or can be held in any way legally responsible for my non-PGP
encrypted actions, which do not show my views, and are protected under the
1st Amendment.
Sorry, didn't feel like using alternate caps today.
l8r,
-dArkl0rd-
[ Interesting. We'll have to get the Juno software and play
without the advertisements!
Thanks, Mr. Shaw ]
-----------------------------------------------------------------------------
Hi. I've got a strange request. We're putting together a case that
encourages the U.S. to loosen its encryption export policies.
Do you know of any written resources that discuss the ability of hackers
to break into NASA, tamper with launches or satellites? The folks at
infowar.com insist that it is possible, but say that confidentiality
won't allow them to publish that fact.
We need written evidence to document the case, you understand.
Anyway, I'd appreciate hearing from you.
Jonathan
[ I'd suggest you talk to Emmanuel Goldstein at 2600. The whole
satellite thing came from a bogus post back in the early 80's
on a BBS in New Jersey called "The Private Sector." Reporters
siezed on it, resulting in headlines like "Wiz Kids Zap Satellites."
2600 wrote about this in I believe 1984 or 1985. Check with them for
better details. ]
-----------------------------------------------------------------------------
Queridos crackeadores:
Les quiero pedir si no saben de donde puedo sacar programas para
crackear y phrackear.
=20
Desde ya mucahas gracias:
Mauricio
[ Existan muchos programas en sitos de FTP y WWW en todos los piases
del mundo. No sabes de donde puedes sacarlos? Compredes
"Webcrawler" o "Excite"? Dios mio. ]
-----------------------------------------------------------------------------
Hi Phrack;
Intro to Telephony and PBX systems in Phrack#49 was excellent, pulled a=20
lot of things together for me. That's probably the clearest, most=20
concise explanation of the phone system that I've ever read. Hopefully=20
Cavalier will be up for many more articles like that in the future.
respects,
jake
[ Thanks! Hopefully we can continue have more telephony related articles
in the future. It is fast becoming a lost art in today's hacker
community. ]
-----------------------------------------------------------------------------
hey.. a Note To Say, 1-Greetings From IreLand..
2-Thanks A million.. I love Phrack..
3-Where Is The NexT Issue.. Whats up doc..=20
4-do ya have info/schematics on the shit that allows one
to break into cellfone conversation and chat briefly
to callers, as described in winn schwartaus excellent
article on Defcon ][ ?Cellfone
5-Is Phrack on a Mailing List?? if so, Can ya Stick me
On it?
Many ThanKs
NasTy Nigel,
[PhreaK PowEr]
[ 1. Greetings to you too gobshite!
2. Thanks!
3. You're reading it.
4. Not that I was in the room making those calls mentioned
in that article or anything, but... :)
An Oki-900 with CTEK cable hooked to a PC running omnicell tracking
calls. A motorola brick phone in debug mode, hooked to a 25db gain
yagi antenna (on a tripod) pointed out the window. As Omnicell locked
in on interesting calls, the Motorola was tuned to the corresponding
channel, Tx Audio turned on, various humorous interrupts were uttered,
and Tx Audio turned off so the party being "contacted" wouldn't be
thrown off their cell channel by our more powerful broadcast.
Very simple.
5. The mailing list now is so huge that it will only serve to let people
know when issues are going out, special bulletins, etc. Mailing out
a meg to almost 30,000 people causes serious problems to the Internet,
so we decided to make the change. ]
-----------------------------------------------------------------------------
I just wanted to drop a line and say that you guys are doing a great job
with the zine. I just got issue 49 and I'm looking forward to reading it.
I'm sure you've heard of The Works, the bbs with the most text files in the
US. Well, it's finally back online, after six months in the gutter. For the
best text files and the coolest users east of the Mississippi, call us up.
+1 617 262 6444. You can't go wrong with the Works. We want you to call.
[ It's amazing that BBSes like The Works are still around, even with a bit
of down time. What's it been? 10 years? Geez.
You're approaching the longevity of Demon Roach or P-80. ]
-----------------------------------------------------------------------------
I'm doing research on hackers for my LIB 105 class and have come across
some of what I guess is tech speak or jargon. I've noticed that the
letters 'PH' are frequently used to intentionaly mispell the words
phreak, lopht, and in Phrak Magazine. Is there a reason behind all of
these PHunny spellings?
[ Uh, PH as in Phone. From the old Phone "Phreak" subculture of the
late 60's, early 70's.]
-----------------------------------------------------------------------------
I think a great idea for a future article would be how to make a decoder
card for a DSS sattelite reciever with some easy commercial stuff and a
cmos Z-80 I.C. ...
[ If it were that easy, there would be a bigger number of players in the
billion dollar industry of satellite piracy. A key figure in that
closed community once told me that it cost them about $1,000,000 US to
crack each new rev of smart card. (But when you figure that means only
selling 10000 pirate cards at 100 bucks, the cost of doing business
is minimal, compared to the cost of the service provider sending out
new software and cards to each subscriber.) ]
-----------------------------------------------------------------------------
Hi, I am a Primestar installer, I was wondering if you knew anything about
how to stop Primestar from de-authorizing their unused IRD's? I know of 2
installation screens accessable through the password screen using #'s 996 &
114, do you know of any others? I would appreciate any info you might have.
Thanks,
[ And Phrack would appreciate ANY info you have! ANYTHING! EVERYTHING!
As an installer, you probably have some insights into the cards/recievers
that we don't. Write them up! ]
-----------------------------------------------------------------------------
For certain reasons, some people may want to create a new anonymous mail
box. Did they considered to create it in France?
A lot of IPS offer the possibility to create mailboxes to those who have
no computers by using a primitive look-alike telnet system: the French
Minitel. This is convenient because a couple millions of Minitel have
been freely distributed in France during the last ten years. The only
cost is that an overcharge is billed to your phone bill of approx
35cents per minute. But this is perfectly legal and hard to trace back.
Hyperterminal (at least in its french version) emulates the french
minitel.
The only thing is to dial 3615 in France and use one of this server:
ABCNET, ACENET, ADNET, ALTERN,FASTNET,EMAIL...
For example, EMAIL creates an e-mail adresse like:
pseudonym@xmail.org.
The only thing is that you have to know a little bit of French to use
it, but just a little bit. The cost of a call (International and
Minitel overcharge) should not be a problem to some of you.
LeFrenchie
[ This is a good idea. People outside of France don't know much about
Minitel, (Or any videotext systems) since they failed in a big way
here in the states and most other countries. Many old hackers might
remember some of the Minitel Chat systems also accessible over X.25 such
as QSD (208057040540), but without emulation software wouldn't have
ever had access to the real Minitel. ]
-----------------------------------------------------------------------------
Two questions
1 How can I connect to an IRC server though a firewall?
2 How can I intercept messages sent to chanserv and nickserv on Dal.net?
Thank you.
[ 1. Open up ports 6665-6667
2. Set up a hacked IRC server. Get someone important to add it to the
EFNET server hierarchy. Look for PRIVMSG to whomever you want. ]
-----------------------------------------------------------------------------
Hello,
A modem has a light buffer between the copper wires of the
telephone line and the rest of the copper printed circuit ( mother)
board. How ( or does) does a firewall prevent hacks on a system or
is this just a matter of Modern (Mastodon) buffalo hunting: They
go down the same big or small. Specifically , beyond smart self
learning systems can a server realy prevent contamination without
the intervention of beings? My sister a suposed Webmistress says
there are intervening buffers, I still see that between what ever,
there is a very big freaking leap of faith..
Senor Please Elucidate
Richard
[ Uh, if you think the "firewall" is that light buffer between the wires,
then you have missed the point. A firewall in the networking context is
not the same as the metal firewall in your automobile....it is merely
a metaphor that has been adopted as the term d'jour.
Please read: Building Internet Firewalls by Brent Chapman &
Elizabeth Zwicky or Firewalls & Internet Security by Cheswick & Bellovin ]
-----------------------------------------------------------------------------
> Drop us a line on what you think of 49. Comments are encouraged.
I think issue 49 was great, not to mention getting it out on time. I do have
a suggestion though. The past few issues of Phrack have focused mainly on=20
UNIX and not much else. I think UNIX is a great OS, but it would be cool if
occasionally you would print a few articles about other systems. I would=20
write one myself but right now I don't have anything new to contribute.=20
Later,
Tetbrac
[ This has been a request for a long time. Hopefully we'll get some
articles on other operating systems some day. Personally, I'd like
to see VMS, MVS and OS-400. Any takers? ]
-----------------------------------------------------------------------------
I just finished reading issue 48, and congratulate you on some excellent
techinical articles. I have only one (rather insignificant) comment:
within the article #13 on project neptune, it was stated: "[the urgent
pointer] is TCP's way of implementing out of band (OOB) data." Actually,
URG pointers are in band (specification-wise), however most (but not all)
TCP implementations map the URG flag to out of band. While this point is
irrelevant to SYN flooding, I thought I would present it in case anyone who
read the article is interested in pursuing any nuts & bolts transport layer
implementations. Keep up the good work, and keep turning out more of this
kind of technical information.
ammit-thoth
[ Point noted. Thanks! ]
-----------------------------------------------------------------------------
Listen... you've probably been noticing that I've mailed you guys a
couple times asking for help with hacking. Before I have never recieved
any mail back. You have got to please mail me back this time. I found
something on accident that is really out of my league. You guys are the
best I know of that might be able to help me. I really need your help on
this one. I was fucken around on Telnet just typing in numbers in the
Chicago area code. On accident I typed in numbers and I entered a NASA
Packet Switching System ( NPSS). It said it was a government computer
system and to leave right away. Please mail me back for the numbers. I
need your help to get into this system.... I need yer help.
[ Let me guess, you typed the prefix 321 instead of 312 while playing
on Telenet. The systems you'll find on that prefix have been hacked
at for nearly two decades now. Systems on the network were targeted
in the 80's by Germany's Chaos Computer Club, and I personally know
they have been poked at by groups in the US, UK and Australia
starting back in 1981.
What I'm trying to say is, after so many years of people beating on the
same few systems, shouldn't you look for something a bit less stale? ]
-----------------------------------------------------------------------------
Dear phrack,
I want to be added to the list. I was also wondering if you had ay
publications or information on TEMPEST monitoring? Also know as Van Eck
monitoring.
[ We published a Dr. Moeller's paper continuing on Van Eck's work
in Phrack issue 44.
You might also want to check out http://www.thecodex.com
for a self-contained anti-tempest terminal for about 10K. ]
-----------------------------------------------------------------------------
I just read your editorial in Phrack 48 and I feel like giving you my two=
cents
worth. I think you did an excellent critique on the "scene." As a person
who has been watching for a while, and as a person who has been through it,
I found it nice, to say the least, to find others who actually seem to have
their head on straight. This letter was originally much longer, but I
shortened it because I think you get the point.
I started programming computers in 1983 at the age of 6. I was running
DOS 2.0 and I had a blazing fast 1200 baud modem. At the time, I had
no mentors, no teachers, no friends that could teach me how to use that
incredible machine. The books of the time were cryptic, especially for an
age where most children could not read, much less program. But I did my=
best.
Ten years later, I was still on my own.
I didn't get ahold of a copy of Phrack until 1991. I thought it was really
cool that people like me would get together and exchange infomation, talk
computers, etc.
In '94, I got into viruses and prolly was one of the better independant
(i.e. not in a group) writers. It was about that time I got onto IRC.
Most of the time I would hang out in #virus, but every now and then I
would pop into #hack. I never stayed...I couldn't stand the arrogance.
Shortly before I went to school, I was in competition for control of a
new freenet versus a local hacker group. A month after I went to college,
that group got busted. I got lucky.
Earlier this year, I went on Good Morning America to talk about viruses.
Looking back, it is prolly the single dumbest thing I have done in my
whole life.
As much as I wanted to, I've never been to a 2600 meeting, never been to
a Con. Never really had any hacker friends. It's always been just me.
I'm sure I know less about breaking into computers than the guy who has
been doing it for a week but has access to tons of partners. But I still
consider myself a hacker. My interest has been one of learning about the
system. I've been learning longer than most. I rarely break into
a system. I have access to unix systems, and even a VAX. I don't want
the latest hacking tools. I write my own, with my theories. I don't
need much else. But I've never had anyone to share it with. But I think I
realize that the past is the past, and I won't ever get to attend the old
cons or sit on conference calls, as much as I'd love to. I won't bother
with the latest cons because I can get the same stuff at a college party.
Well, that is about it. I apologize if it is poorly written. Bad english
skills :) I hate writing these because I grow tired of getting slammed
by some arrogant asshole. Thats prolly why I have been doing this alone
for 13 years. After your editorial, I wonder how many people will stop
showing up at the cons...I hate the isolation, but I would never want to
be a part of a "scene" which has turned from mature goals to juvenile
ones. Just my thoughts...
Evil Avatar
[ Actually, I have more respect for the people who continue to stay in the
fringes, learning on their own rather than scurrying for attention
in the media and in the community. (Yes, like me.)
To be fair though, don't sell yourself short by avoiding Cons if you
really want to check them out. Despite all the ranting I did in that
editorial, I still have many friends in the community and enjoy
meeting new ones at conferences. Not everyone thinks it is cool
to trash a hotel, or to try to out "elite" one another. Unfortunately,
the loudest and most visible people at such events tend to be the
most juvenile. If you find this happening, do what I do: get the
hell out of the conference area and find a convenient bar. The older
hackers will eventually find you there, and you can all drink in peace
and actually talk unmolested. ]
-----------------------------------------------------------------------------
Dear Phrack --
Been a reader since the 80s, and I'm one of the originals... Would like
to submit a poem that I wrote that details the experience of a hacker
who left the scene for several years -- Coming back to find it in utter
Dissaray... Definitely not the way he left it... Well -- You guys will
let me know what you think
"Where Have All The Hackers Gone"?
----------------------------------
Original Poetry by: Jump'n Jack Flash -916-
On a cold night in the dead of winter a soul stumbles into #hack and asks:
'Where have all the Hackers Gone?'
Immediately the group recognizes him as one of the originals.
'Help us change our grades!' a voice calls out from the huddled masses.
'Help me hack root on a NYNEX system!' another voice asks.
The soul clutches his bowed head and covers his ears, trying to remember
back to before he involuntarily left the scene a few years ago.
'The only thing that kept me sane while I was imprisioned was the
thought of seeing my friends and fellow hackers, now I demand you tell
me Where Have All The Hackers Gone?' the soul begs the crowd of jubulent
newbies.
Silence is the only answer he receives,
For there are no real hackers here.
Then a voice speaks up and says,
'They're gone! You're the first we've seen!'
The soul asks,
'What do you mean?'
And Silence is the only answer he receives,
For there are now real hackers here.
And like a wall crumbling down it comes to him and he falls to his knees,
like hunting for human life after a Nuclear war he stumbles out of the room,
And he hurries to the place where only the Elite could go just a few years=
ago,
But when he arrives he is shocked and amazed,
There are no hackers here on this dark winter day.
And he stumbles into traffic,
feeling the snow crunch beneath his feet,
and he shouts into the night for the elite,
'Where Have All The Hackers Gone?'
And Silence is the only answer he receives,
For there are no real hackers here.
[ Nice poem man...thanks!
Where did the hackers go? They grew up and got real jobs... ]
-----------------------------------------------------------------------------
I'd love to say that I'll miss Erik, but after that obnoxious, immature
rant, all I can say is good riddance. Now maybe Phrack will be useful
again.
[ Well, I guess not everyone agrees with me, which is a good thing.
But, uh, I'm not gone man...just narrowing my duties...so fuck you. :) ]
-----------------------------------------------------------------------------
'' WARNING ''
COVERT EXTERMINATION OF THE POPULATION. !!!=20
THE UNITED NATIONS=3DNEW WORLD ORDER HAS TURNED AMERICA INTO A
EXTERMINATION CAMP. THE PENTAGON GERM '' AIDS '' WAS CREATED
AT A GERM WARFARE LAB AT FT, DETRICK, MD. AIDS AND CANCER CELLS
ARE BEING INJECTED INTO PEOPLE UNKNOWING UNDER THE GUISE OF VACCINES
AND SOME PHARMACEUTICALS.
SOMETIMES THE TRUTH IS SO UGLY WE DO NOT WANT TO BELIEVE IT. !!
AND IF WE DO NOTHING, THEN WE DESERVE IT. !
BELIEVE IT OR NOT. DISTRIBUTE WIDELY.
'' HACK OR CRACK THE UNITED NATIONS =3D NEW WORLD ORDER. ''
LONG LIVE THE POWER THROUGH RESISTANCE.'' !!!
SONS OF LIBERTY MILITIA
312 S. WYOMISSING, AVE.
SHILLINGTON, PA. 19607 U.S.A.
610-775-0497 GERONIMO@WEBTV.NET
[ It's about time we got some mail from some kind of Militia-types!
Let's all arm up to prepare for the revolution! A healthy dose
of AK-47's and PGP will save us all from the ZOG hordes when the
balloon goes up.
Hey, have you guys read the Turner Diaries by Andrew Macdonald?
Get it from Barricade Books, 150 5th Ave, NY, NY 10011.
Ahem. ]
-----------------------------------------------------------------------------
i want a credit card generator
[I want a pony]
-----------------------------------------------------------------------------
Hello !!!
I just read in P48-02 the letter of the russian subscriber who tells you=20
(the editors) the story about the FAPSI and they plan to order all=20
ISPs to provide for a possibilty for them to read all the mail.
In the editor's note below that you say that you fear your country (I assume
it's the USA) is also heading towards that goal.=20
Well, I live in Germany, and it has already happened here. That means,=20
every ISP (and this is not the exact term, as it also includes all sorts
of information providers, ie telephone companies - but excludes=20
private BBSs, I believe) are forced to provide a method that not only
- Allows the government/police to read everything that is written but also
- Without even the ISP noticing it (though I don't know how this would=20
be ensured, technically).
=20
OK, this is not the same as in Russia, as they don't copy ALL the mail and=
=20
news, but only that of persons suspected of a crime strong enough=20
to allow it, ie it's the same thing that's needed to open people's=20
mails. Still, I feel it's certainly a step in the wrong direction.
Note that cryptography is not (yet ?) forbidden in de.
=20
Regards,=20
=20
Thomas=20
[ Germany? Governmental rights violations? Say It isn't so! Should I get=
my
brown shirt out of the closet for my next visit to Berlin? :) ]
-----------------------------------------------------------------------------
Hello, I want to be a hacker and I need some help. I have read
countless reports on UNIX, VMS, and all that other jazz but that still
doesn't help me with my problem.
I want to be able to hack into someone's home PC from my own home. Now,
most PC's aren't capable of doing this but, this person has a
connection on the internet and is also linked to his work in LONDON,
ONTARIO at a place called IAPA. (industrial accident prevention
association) Anyway, he runs WINDOWS 95' and is using NETCOM. Now I
know his password if that does me any good, but how do I go about doing
this?
SHAOULIN
[ When you say "I want to hack his home PC" what do you mean?
Just because he uses NETCOM, that doesn't mean you can find him. He is
probably being assigned a dynamic IP address each time he calls in to the
network. Even so, let's say you can discern his IP address. Even if
a computer is hooked into the Internet, it is only as insecure
as the services it offers to the world.
If your friend is running Windows 95, then you may only be limited
to attacking any SMB-style shared directories or perhaps via FTP.
In either case, if you know this person's password, then you can
probably read/write anything you want to on their system.
Run a port scanner against it and see what you can access, and
plan based on that. ]
-----------------------------------------------------------------------------
This message was sent to you by NaughtyRobot, an Internet spider that
crawls into your server through a tiny hole in the World Wide Web.
=20
NaughtyRobot exploits a security bug in HTTP and has visited your host
system to collect personal, private, and sensitive information.
=20
It has captured your Email and physical addresses, as well as your phone
and credit card numbers. To protect yourself against the misuse of this
information, do the following:
=20
1. alert your server SysOp,
2. contact your local police,
3. disconnect your telephone, and
4. report your credit cards as lost.
=20
Act at once. Remember: only YOU can prevent DATA fires.
=20
This has been a public service announcement from the makers of
NaughtyRobot -- CarJacking its way onto the Information SuperHighway.
[ Funny, my phone isn't ringing, and my credit is still only as screwed up
as it was when I got through with it. ]
-----------------------------------------------------------------------------
Hi
I'm looking for some cellular pheaking information
but is verry hard to find god information
can giveme something to work on??? :-)
[ The best site going is Dr. Who's Radiophone site at:
http://www.l0pht.com/radiophone ]
-----------------------------------------------------------------------------
I just have a question to ask. How would I bypass Surfwatch so that I
can go into web sites that I would like to see?
[ It is very easy to bypass SurfWatch. Stop using Mommy & Daddy's computer
and buy one of your own. ]
-----------------------------------------------------------------------------
i was recently using A-Dial a couple of months ago, and came up with about
10 or 12 different numbers starting at 475-1072. Curious about this, I
called one back, using a mini-terminal. What I expected wasn't this. What
it said is in the file attached to the letter. It says the same thing with
all of the numbers. I could use some info on what the hell this is, because
I never heard of Annex. Thanx.
Data Case
[ What you have connected into is more than likely a kind of terminal
server. From there you can usually enter a system name to connect
directly into the specified system, or enter in "cli" to go into the
command line interpreter where you have more options to choose from
including "help." ]
-----------------------------------------------------------------------------
Do you know where I can find texts on hacking into the California=20
Department of Motor Vehicle Records? My friend's identity was stolen=20
for credit card fraud and the person who did it even went so far as to=20
get a CA driver's license to impersonate her. The worst part is that=20
Visa won't release a copy of the fraudulent person's fake driver's=20
license to my friend, so she can't find out who this person actually is.=20
Do you know of any other ways we can get this person?
Binky
[ Gee, Binky. If VISA is involved and it was credit card fraud, then
is the Secret Service involved too? If so, then why on earth do you
(or your friend) want to get in the middle of it? You'll know soon
enough who the person is when they get charged, or is this just a
Charles Bronson style vigilante thing?
California's DMV (as well as most public records databases in that
state) is kept somewhat restricted to public queries due to the large
number of celebrities living in the state, or otherwise you could just
go buy the information directly from the state.
If you're thinking about pulling a "Mitnick" and breaking into such
a database, then you better know something about IBM mainframes and
know how to defeat RACF. Or be willing to dig around in the trash
until you locate a valid account. Even if you find a valid RACF userid,
you will have 3-5 tries per account to guess a valid password until the
account is locked out (which of course will let them know you were
trying to hack them.)
For an easier solution, you might want to looking in the yellow pages
for a private investigator and have them do a search on Information
America or NIA and get the listing for you, or bribe a civil servant. ]
-----------------------------------------------------------------------------
EOF