[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]


..[ Phrack Magazine ]..
.:: Line Noise Part I ::.

Issues: [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ] [ 22 ] [ 23 ] [ 24 ] [ 25 ] [ 26 ] [ 27 ] [ 28 ] [ 29 ] [ 30 ] [ 31 ] [ 32 ] [ 33 ] [ 34 ] [ 35 ] [ 36 ] [ 37 ] [ 38 ] [ 39 ] [ 40 ] [ 41 ] [ 42 ] [ 43 ] [ 44 ] [ 45 ] [ 46 ] [ 47 ] [ 48 ] [ 49 ] [ 50 ] [ 51 ] [ 52 ] [ 53 ] [ 54 ] [ 55 ] [ 56 ] [ 57 ] [ 58 ] [ 59 ] [ 60 ] [ 61 ] [ 62 ] [ 63 ] [ 64 ] [ 65 ] [ 66 ] [ 67 ] [ 68 ] [ 69 ] [ 70 ]
Current issue : #45 | Release date : 1994-03-30 | Editor : Erik Bloodaxe
IntroductionErik Bloodaxe
Phrack Loopback Part IPhrack Staff
Phrack Loopback Part II / EditorialPhrack Staff
Line Noise Part IPhrack Staff
Line Noise Part IIPhrack Staff
Line Noise Part IIIPhrack Staff
Phrack Prophile on Control CControl C
Running a BBS on X.25Seven Up
No Time for GoodbyesEmmanuel Goldstein
Security Guidelinesunknown
Ho Ho Con Miscellanyvarious
Quentin Strikes AgainWhite Knight & The Omega
10th Chaos Computer CongressManny E. Farber
Defcon II informationPhrack Staff
VMS Informationvarious
DCL BBS PROGRAMRaoul
Hollywood-Style Bits & BytesRichard Goodwin
Fraudulent Applications of 900 ServicesCodec
Screwing Over Your Local McDonald'sCharlie X
The Senator Markey Hearing Transcriptsunknown
The Universal Data ConverterMaldoror
BOX.EXE - Box Program for Sound BlasterThe Fixer
Introduction To Octel's ASPENOptik Nerve
Radio Free Berkeley Informationunknown
The MCX7700 PABX SystemDr. Delam
Cellular Debug Mode Commandsvarious
International Scenesvarious
Phrack World NewsDatastream Cowboy
Title : Line Noise Part I
Author : Phrack Staff
                         ==Phrack Magazine==

              Volume Five, Issue Forty-Five, File 4 of 28


                           //   //  /\   //   ====
                          //   //  //\\ //   ====
                         ==== //  //  \\/   ====

                     /\   //  // \\    //  /===   ====
                    //\\ //  //   //  //   \=\   ====
                   //  \\/    \\ //  //   ===/  ====

                                 PART I

------------------------------------------------------------------------------

                        !! NEW PHRACK CONTEST !!

Phrack Magazine is sponsoring a programming contest open to anyone
who wishes to enter.

Write the Next Internet Worm!  Write the world's best X Windows wardialer!
Code something that makes COPS & SATAN look like high school Introduction
to Computing assignments.  Make the OKI 1150 a scanning, tracking, vampire-
phone.  Write an NLM!  Write a TSR!  Write a stupid game!  It doesn't
matter what you write, or what computer it's for!  It only matters that you
enter!

Win from the following prizes:

     Computer Hardware & Peripherals
     System Software
     Complete Compiler packages
     CD-ROMS
     T-Shirts
     Magazine Subscriptions
     and MANY MORE!

STOP CRACKING PASSWORDS AND DO SOMETHING WITH YOUR LIFE!

Enter the PHRACK PROGRAMMING CONTEST!

The rules are very simple:

1)  All programs must be original works.  No submissions of
    previously copyrighted materials or works prepared by
    third parties will be judged.

2)  All entries must be sent in as source code only.  Any programming
    language is acceptable.  Programs must compile and run without
    any modifications needed by the judges.  If programs are specific
    to certain platforms, please designate that platform.  If special
    hardware is needed, please specify what hardware is required.
    If include libraries are needed, they should be submitted in addition
    to the main program.

3)  No virii accepted.  An exception may be made for such programs that
    are developed for operating systems other than AMIGA/Dos, System 7,
    MS-DOS (or variants), or OS/2.  Suitable exceptions could be, but are not
    limited to, UNIX (any variant), VMS or MVS.

4)  Entries may be submitted via email or magnetic media.  Email should be
    directed to phrack@well.com.  Tapes, Diskettes or other storage
    media should be sent to

         Phrack Magazine
         603 W. 13th #1A-278
         Austin, TX 78701

5)  Programs will be judged by a panel of judges based on programming skill
    displayed, originality, usability, user interface, documentation,
    and creativity.

6)  Phrack Magazine will make no claims to the works submitted, and the
    rights to the software are understood to be retained by the program
    author.   However, by entering, the Author thereby grants Phrack Magazine
    permission to reprint the program source code in future issues.

7)  All Entries must be received by 12-31-94.  Prizes to be awarded by 3-1-95.

-------------------------INCLUDE THIS FORM WITH ENTRY-------------------------

Author:

Email Address:

Mailing Address:



Program Name:


Description:




Hardware & Software Platform(s) Developed For:



Special Equipment Needed (modem, ethernet cards, sound cards, etc):



Other Comments:




------------------------------------------------------------------------------

Novell NetWare & Ethernet address spoofing with ODI
---------------------------------------------------

Just to save you from the boredom of Yet Another UNIX  Security Weakness, here
are some things to consider about Novell NetWare for your next Security Audit
or Hacking session (depending on which side you are on).

Novell claim to have  over 20 million PCs using their network operating system,
substantially more than the estimated 4 million TCP/IP systems worldwide.
There are many reasons for its popularity and its 60 to 80% market share, one
of which has been its relatively good security.

NetWare has been one of the few widely available systems which offer some form
of login encryption of accounts and passwords over the wire, as standard,
unlike most of its rivals which send them out as plaintext, even if they are
stored in an encrypted form eventually. Novell now offer RSA based public key
encryption of the data as well.

However, since it is so popular, there are likely to be plenty of systems out
there which have not been upgraded to the latest versions and patch releases
and which may be still be vulnerable to programs like KNOCK , the patched
ATTACH command (published in HackTic 16/17 1992), or the University of Leiden's
HACK (which has been published in issue 43 of PHRACK)

Since the latest security features are implemented as NetWare Loadable Modules
for NetWare 3x and 4x, but as Value Added Processes for NetWare 2x,  which
require the server to be brought down to install them, it is likely that there
are many NetWare 2x systems which are still vulnerable

I shall also assume that you are not on one of those wide open "box shift"
installations where none of the  security features have been switched on (try
logging in as SUPERVISOR or GUEST  without a password), all the programs and
data are in a single SYS: volume and the Network Address of the cable is the
default 00000001.

Like any project, the more you know about your particular Novell LAN, the
easier it gets to "explore". Login as GUEST or a normal account.

Try to see who else is on the system e.g.

USERLIST /A >c:\ulist.txt

will give you a list of users currently logged in, with their Ethernet card
addresses saved to a text file . Your current connection will be marked with
an asterisk. If your system has 100 or more users, then any sane Supervisor
will have used some form of logic when allocating the user's login accounts,
probably based on personnel or id number, often including their initials.

SYSCON with privilege is what you are aiming to be able to use, but even
without any privileges, you can still use it to look at your own account,
change your password etc. You can also see a list of all the other registered
users.

This should help you sort the accounts into normal and privileged accounts
(obviously SUPERVISOR, but often there are SUPERVISOR equivalent accounts, or
Work Group Manager accounts which stand out from the list). You are quite
likely to see an account called something like TAPE_BACKUP  or DATA_LOGGER,
TRAINER, STUDENT1, STUDENT2  i.e. accounts which do not belong to individual
humans. These often require abnormal security privileges e.g. normal users may
have their connections broken by the WATCHDOG at say midnight, to ensure that
they are not modifying files during the nightly tape backup. At an academic or
industrial site, you are likely to find data logging PCs connected to
instrumentation or machinery which needs to be monitored or controlled 24
hours a day. These PCs are likely to have 24 hour accounts which are not time
restricted at weekends, for example.

Since it is usually more practical to do tape backups (DAT or helical scan)
from a separate, dedicated PC rather than from the fileserver itself (one tape
unit might also back up several fileservers), these PCs are likely to use an
account e.g. TAPE_BACKUP which is a SUPERVISOR equivalent. If you can get
physical access to this sort of PC, either datalogger, or tape backup unit,
you  have a good chance of finding the password on the local drive C:,
possibly in a file with Hidden and/or System attributes (have a look at the
AUTOEXEC.BAT and see what it calls)

The security aware Novell supervisors, will have set up any such accounts with
an extra level of security which restricts logins to only those Ethernet
addresses which have been specified. The really sensible ones will have made
sure that any such machines are sited in physically secure areas, as well.

Although this is a very good idea, from the security point of view, Novell
have now provided a mechanism which allows you to get around this:
the replacement for monolithic IPX/NETX called Open Datalink Interface (ODI)

Novell's ODI, and its slower Microsoft equivalent Network Driver Interface
Specification (NDIS), both work by putting a common layer of software between
the hardware of the Network Interface Card and the rest of the MSDOS
Redirector. This allows multiple protocol stacks and frame types to be bound
to the same physical card e.g.

IPX    TCP/IP    NETBeui   DECnet   Appletalk
----------------------------------------------
Link Support Layer
----------------------------------------------
Hardware Specific device driver e.g. NE2000

Thus, to start up NetWare on older systems, you had to generate a hardware
specific version of IPX.EXE for your Ethernet card,

IPX
NETX

Extra parameters were set in SHELL.CFG, now under ODI, things are a little
bit more complex:

LSL
NE2000
IPXODI
NETX

The same parameters as in SHELL.CFG such as preferred server or machine type
(if you have different versions of MSDOS for different types of PC) can be
specified in NET.CFG. With ODI, there are more parameters for NET.CFG but the
worrying/interesting one is the ability to specify a different MAC level
address to that of your actual Ethernet card. It needs this ability
to cope with  TCP/IP or DECnet coexistence e.g.

BUFFERS 100
MACHINE TYPE COMPAQ
PREFERRED SERVER FINANCE
NODE ADDRESS AA-00-04-00-12-34

Since this DECnet address does not depend on the "real" unique Ethernet
address which has been burnt into the PROM on the card and is centrally
registered (originally by Xerox, but now by the IEEE), this mechanism allows
you to put a different Ethernet card address into NET.CFG, thereby fooling the
Address Restriction security.

e.g. NODE ADDRESS 02-60-80-12-34-56

This is where the data you gathered earlier with USERLIST and SYSCON becomes
threatening/useful.

Of course, if your target PC is on a different LAN segment, there may be Routers
or intelligent hubs which restrict your ability to do this, or at least record
attempts in a log files which can trace your activity, provided that suspicions
are aroused before they are periodically wiped out.

How much of  a security threat this little work around constitutes depends on
your specific site, but there is another danger/opportunity, namely that of a
denial of service or nuisance attack on the LAN.

If you set this connection parameter to be the same as that of another PC, the
fileserver (Novell, DEC or UNIX)  and the Ethernet has no way of preventing
some packets intended for just one unique address going to the other, if they
are both online at the same time. This usually results in PC hangs, incomplete
closure of files, File Allocation Table problems (usually curable by running
CHKDSK C: /F, but not within Windows or you will make things worse).

If by accident or design, you set your PC to have the same address as the
fileserver (Novell, DEC or UNIX) or a router, then you can cause havoc to the
whole network segment (even before you have started to play your multiplayer
DOOM Deathmatch !).

This could be achieved with a simple  command in the AUTOEXEC.BAT  e.g.

echo NODE ADDRESS fileserver Ethernet address >>C:\ODI\NET.CFG

which  will only take effect the next time the PC is re-booted (allowing a good
headstart for the perpetrator)

This could  also be the payload of a virus, which would cause more havoc than
simply trashing the hard disk of a single PC.

This problem is due to the inherent design weaknesses of TCP/IP and DECnet,
which were developed at a time when the number of mini-computers that they
connected could be counted on your fingers,. DEC or Xerox or Prime etc
sales teams  could only have dreamed of selling thousands of mini computers to a
single customer. Nowadays, thousands of PCs connected to central servers are
quite common, and the problems of duplicate addresses is significant.

These same features are what make Ethernet Packet Sniffing possible, which
is what was behind the recent CERT warning and media hype about Internet
password security, but that is a topic for another article.

Otaku

------------------------------------------------------------------------------

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

SCAMMING
DIFFERENT TECHNIQUES AND
PROCEDURES

   BY: MARZ

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Table of Contents:
1.0 Intro
1.1 Different types of scams
1.2 The right one for you

2.0 The Pledge scam
2.1 The Donation scam
2.2 The Selling scam

3.0 What to wear
3.1 Where to go

4.0 Thanks

1.0 The Intro

First off I would like to say that this file is for entertainment only
and that you really shouldn't do the stuff mentioned, and the writer doesn't
take any responsibility for any of the crap people do.

1.1 Different types of scams

Ok in this file I will tell you about 3 types of scams the Pledge scam,
The Donation scam, and the Selling scam. There are many other scams out there
which I will cover in future files for instance credit card scams although
companies are trying harder and harder to prevent this it is still happening.

1.2 The right one for you

Al right now every person is different so in turn so are scams and some
people and scams don't mix to well for instance if you way 300 Pounds you cant
really say you are the start cross country runner. So if you are 300 pounds say
you are the start wrestler/football player. Also age plays a BIG factor if
you are  30 years old you aren't going to pass to well for a high school
football player (you always could say you flunked) and if you are 10 years old
people aren't going to be to anxious to give you donations to save the Rain
Forests.  Al right I am going to start going into more detail about the right
scam for you.

Look at my little chart below:

Age            good scam
-----        -----------
  -10        | selling or pledge
11-17        | selling, pledge , or maybe even donations (if old looking)
   18+       | selling and donations

2.0 The Pledge scam

Al right this scam works great for kids still in school go around asking
people (that don't live around you) to pledge money for you so your team can
afford to go to the state meet or what ever. For example one I use is I go to
peoples houses asking for donations in my Track teams Lap-athon saying that we
will be running laps for 3 hours to raise money so we can go and compete in the
state meet. I will ask people if they want to pledge a certain flat amount or
if they would like to pay me for each individual lap. I will normally have
printed out a sheet like the one bellow on my computer .

Name                   Address                                   Amount/lap



Not only does having a sheet like that help you keep track of who bought
your scam and who you need to collect from it makes the target (person your
trying to scam) not worried like they might be if they see you writing it on a
sheet of note book paper.  Now then you have collected a list of people wiling
to pledge you go back to the address you wrote down and tell them (for
example you ran 91 laps in 3 hours) make sure your number is not totally out of
per portion like I ran 150 laps in 3 hours. Also for some reason numbers like
50, 70, 80, 110 people don't like people like to see 41, 73, 127, etc.. don't
ask me why but that's what I have noticed. Ok so you now are at the persons
house and they ask if they can write a check oh shit not a check.. well there's
a couple things you could do ask them if they could possibly make it cash (
Might make them suspicious) ask them to write it to your coach give them your
name  (VERY dangerous) or you could just give them a phony name and lose out.
One time this happened to me a lady pledged me $.25 a lap (very high amount
you won't get much of these) and I told her I ran 93 laps she believed me and
wanted to make out a check for the amount which was about $23 at that
time I just happened to be buying some computer equipment I knew the
guy's name so I gave her that name and I paid for some of the equipment with
that check. Like I said earlier a 300 pound guy isn't going to be convincing
for running 90 some laps in 3 hours. So customize it to your self.

2.1 The Donation scam

This scam works better for the older people out there just because people
normally aren't to anxious to give a ten year old Twenty dollars to help
save the whales. Ok with this scam you need to know what about what you are
going to try to fake donations for so example if you are going to pose as a
volunteer person to collect donations for saving the rain forest you better
know something about rain forest, Be cause you never know when your going to
run into that know it all rain forest hater who will try to debate why
people should spend their money on saving some trees and such. It is a good
idea to do some research on the field you will be portraying (read magazine and
newspaper articles). Ok so now you have your idea and your ready to
go..this is a scenario of how it might go:

 You: Hello sir/ma'am I represent the national foundation of Rain forest
      saving (try to use a real group name) we are currently searching for
      funding for our operations at saving the rain forests of the world
      would you be interested in donating some money for our cause?
Them: Why do we need the rain forest?
 You: (just keep bullshitting along..)
Them: OK, here's $20.

(they also may say:)

Them: Get the fuck off my property before I shoot your ass.

(make sure that you don't raise a riot then but later that night go back
and egg the hell out of the house..)

This scam has some possibilities you could carry this on for along time
and bring it to real higher levels if your willing to put in the time and
effort.  First thing would be to research your field EVEN more so you know
almost EVERYTHING about it. Then you might want to create a little fake
newsletter that you could offer subscriptions for slightly high amount.
The possibilities are pretty much endless.

2.2 The Selling scam

At least once everyone of us has had a salesperson come to our door
selling stationary. Well have you ever thought of what a great possibility that
would be. The first thing you want to do is call Olympic sales club (a big time
stationary seller) you can get their catalog and selling kit for free at
800-777-8907. when you get that package it will have a catalog in it.
familiarize yourself with it then go and hit some houses. This scam works
great during early November (people buying cards for Christmas) well ask for
cash when people pay for the stuff. they might request a phone number where
to reach you just give them the number of the kid you really hate. With the
kit you will receive a official order form write the order on the form so
the people feel confident in you. And always remember to try to sell a
product but don't kill it. This scam also has lots of possibilities.

3.0 What to wear

Your choice of cloths can make or break your scam. Don't dress like scum
or to fancy. If your trying to get people to donate money for the rain forest
it would help to wear some sort of a shirt dealing with the earth and not your
favorite heavy metal group shirt.

3.1 Where to go

NEVER I repeat NEVER go scaming around where you are often at or you
might get some crazed lunatic chasing after you with a shot gun wondering
where his Christmas cards are. You will have a hard time explaining your self
since its July. I find that the rich neighbor hoods are not as productive as
the middle class. In the rich neighborhoods you will get fewer purchases but a
little more when you get them. I also found that the richer people don't like
to donate unless they get a lot of attention for it (why ya think they so
rich). Stick to middle class areas not by you or your friends houses and
you'll be fine.

4.0 Thanks

Thanks goes out to the people dumb enough to give me money for any of my
scaming operations.

Later
Marz
Watch for future files on this and other subjects!

------------------------------------------------------------------------------

                           SHIT KICKIN' JIM IN

                             S E A T T L E !


Hey boy!  Shit Kickin Jim here.  Just wanted to let ya'll know bout this
place I have been vistin that is a total hell.  Yep, that's right it's the
so called "cuttin edge" of music.  Bah!  Seems to me it's a congregation
of fake ass hippy types who weren't original to come up with something new
on their own, so they just went and re-hashed what their parents did in the
late 60's and 70's...And look what a bunch of assholes they turned out to
be!

Well here we go.  First of all I'll let ya know whut I'm talkin bout when
referin to ah seattle type.  Me and this other good ole boy were sittin
round drinkin Bud one night and came up with the following:


                       DESCRIPTION OF SEATTLE PERSON
                       -----------------------------

   Greasy-Pearl Jam worshipin'-dog walkin'-flower sniffin'-sock and
   sandle wearin'-bead havin'-Grateful Dead listenin'-trail mix carryin'-
   granola bar eatin'-crunchy-touchy feely-antique clothes shoppin'-
   bicycle ridin'-VW bug drivin'-spring water drinkin'-micro-brewery tourin'-
   sensitive-car poolin'-Doc Martin wearin'-back pack haulin'-chain wallet
   carryin'-clove smokin'-espresso swillin'-tree huggin'-Greenpeace
   joinin'-whiteboy dreadlocked-liberal arts takin'-politically correct-
   terminal college student.

  Please, anyone feel free to add to this list.  See how big we can make it!

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Now kids I didn't come up with this here part, but it's totally great and
I totally admire the hell out of who ever sent it to me.


In order for UNIX(tm) to survive into the nineties, it must get rid of
its intimidating commands and outmoded jargon, and become compatible
with the existing standards of our day.  To this end, our technicians
have come up with a new version of UNIX, System VI, for use by the PC -
that is, the "Politically Correct."

                        Politically Correct UNIX
                        System VI Release notes

UTILITIES:

"man" pages are now called "person" pages.

Similarly, "hangman" is now the "person_executed_by_an_oppressive_regime."

To avoid casting aspersions on our feline friends, the "cat" command is
now merely "domestic_quadruped."

To date, there has only been a UNIX command for "yes" - reflecting the
male belief that women always mean yes, even when they say no.  To
address this imbalance, System VI adds a "no" command, along with a
"-f[orce]" option which will crash the entire system if the "no" is
ignored.

The bias of the "mail" command is obvious, and it has been replaced by
the more neutral "gendre" command.

The "touch" command has been removed from the standard distribution due
to its inappropriate use by high-level managers.

"compress" has been replaced by the lightweight "feather" command.
Thus, old information (such as that from Dead White European Males)
should be archived via "tar" and "feather".

The "more" command reflects the materialistic philosophy of the Reagan
era.  System VI uses the environmentally preferable "less" command.

The biodegradable "KleeNeX" displaces the environmentally unfriendly
"LaTeX".

SHELL COMMANDS:

To avoid unpleasant, medieval connotations, the "kill" command has been
renamed "euthanise."

The "nice" command was historically used by privileged users to give
themselves priority over unprivileged ones, by telling them to be
"nice". In System VI, the "sue" command is used by unprivileged users
to get for themselves the rights enjoyed by privileged ones.

"history" has been completely rewritten, and is now called "herstory."

"quota" can now specify minimum as well as maximum usage, and will be
strictly enforced.

The "abort()" function is now called "choice()."

TERMINOLOGY:

>From now on, "rich text" will be more accurately referred to as
"exploitive capitalist text".

The term "daemons" is a Judeo-Christian pejorative.  Such processes
will now be known as "spiritual guides."

There will no longer be a invidious distinction between "dumb" and
"smart" terminals.  All terminals are equally valuable.

Traditionally, "normal video" (as opposed to "reverse video") was white
on black.  This implicitly condoned European colonialism, particularly
with respect to  people of African descent.  UNIX System VI now uses
"regressive video" to refer to white on black, while "progressive
video" can be any color at all over a white background.

For far too long, power has been concentrated in the hands of "root"
and his "wheel" oligarchy.  We have instituted a dictatorship of the
users.  All system administration functions will be handled by the
People's Committee for Democratically Organizing the System (PC-DOS).

No longer will it be permissible for files and processes to be "owned"
by users.  All files and processes will own themselves, and decided how
(or whether) to respond to requests from users.

The X Window System will henceforth be known as the NC-17 Window
System.

And finally, UNIX itself will be renamed "PC" - for Procreatively
Challenged.
----
UNIX(tm) is a trademark of UNIX System Laboratories.  Any similarity of
names or attitudes to that of any person, living or dead, is purely
coincidental.



------------------------------------------------------------------------------

The Basics of the public key cryptosystem

In early days of computing information processors were extremely expensive,
very big and only few people were qualified to operate them. The machines were
isolated mechanical entities and in order to use them one had to access them
through devices that were situated in the near vicinity of the computer itself.
Securing access to the computer meant securing the building in which the
computer was operating.

The years passed and computers became smaller, cheaper and easier to operate.
And they got faster. They were linked first in local and then in wide area
networks and information and programs were put only on one machine which was
accessible through the net by any other participant. To gain access meant
simply to gain access to the network itself. That was ok as long as all
participants were members of one company, university or institution. They
generally had the same cause and generally knew each other by face. Today,
the net spans continents and has an estimated 20 Million users. Information
has to pass through several nodes before finally reaching its destination and
when using a connectionless protocol these nodes may even change during one
session.

To the user flow of information is not transparent anymore and the need for
cryptography has arisen. But in order to limit communication to a closed user
group again these persons have to have one common keyword and furthermore this
keyword has to be changed in intervals to ensure that if the key gets exposed
harmful consequences can  be minimized to a short period of time.

But how is a new keyword to be send securely to this group through several
(maybe hostile to their cause) nodes if one can not be sure that the key has
not been compromised.  A trapdoor one-way function is needed that allows for
encryption of a message with a publicly available key AND that is not
reversible, meaning, that only the rightful receiver of this message should be
able to decode it with his personal key.

One solution is a public key cryptosystem.

The mathematical basis is the "Satz von Euler" that states that two numbers
that are prime to another have only one greatest common measure -
and that is 1.
   a^eul(n)=1(mod n) and (a,n)= 1

For a given prime (p) and the product of two prime numbers (p1*p2) the Euler
function is eul(p)=p-1 and eul(p1*p2)=(p1-1)(p2-1).

That in mind we now can begin making the keys:

Two primes p1 and p2 are chosen and the product of p1 and p2 named n.

(n=p1*p2).

We then choose a number e that is prime to (p1-1)(p2-1).
(e and (p1-1)(p2-1) have 1 as the greatest common measure and e should not be
chosen to small).

Furthermore we need d for decoding the message.
D is defined as d=e^-1 * (mod(p1-1)(p2-1)).

N and e are now the public key which  is made available to everyone who wishes
to send a coded message to us.  P1, p2 and d are kept secret.

The transmitter of a secret message first transforms his text into a number by
using an common known algorithm. He could for example use the ASCII code
for changing characters into numerical values.

This message in numerical format we now call m. It gets encrypted by using the
function c=m^e * n on it.

The coded message (c) is now send to us via e-mail or whatever.
We then decode the message by using the function m=c^d * n on it.

An example using Mathematica:
The primes p1 and p2 are created

p1=Prime[1000005] (The 1000005th prime number)
15485941
p2=Prime[1000000] (The 1000000th prime number)
15485863

n=p1 * p2
239813160752083 (Part 1 (n) of the public key is being created)

e=Random[Integer, {1000000,100000000}]
4699873
GCD[e,(p1-1)(p2-1)]
1

E is created by producing a random number between 1000000 and 100000000.
Then we check if e and (p1-1)(p2-1) have 1 as the greatest common measure.
If this is not the case then we have to take another e until the GCD is 1.
(Part 2 (e) of the public key has been created)

d=PowerMod[e,-1,(p1-1)(p2-1)]
213069977635177

m=1234567890
1234567890
This is the message

c=PowerMod[m,e,n]
159750418407936
The sender of a message encodes it with both public parts of the key
(e and n).

C is now sent to the receiver.

PowerMod[c,d,n]
1234567890

The receiver now decodes the message using the secret part d and the public
part n of the key. The decoded message reads 1234567890 again.

Now how would a potential attacker try to break our key ?
He basically needs the primes p1 and p2. If he got those two numbers,
calculating d is a simple matter. d=PowerMod[e,-1,(p1-1)(p2-1)] ...
and e is part of the public key.

And to get p1 and p2 this person would only have to factorize n.

Lets demonstrate that using Mathematica again :

n=239813160752083
FactorInteger[n]//Timing
239813160752083
{1.48 Second, {{15485863, 1}, {15485941, 1}}}
That took 1.48 sec on my 486/DX2 66...not bad.

But making the primes only a little bigger...
a=Prime[100000100]
b=Prime[100000110]
n=a*b
FactorInteger[n]//Timing
2038076783
2038077053
4153757523684360499
{62.12 Second, {{2038076783, 1}, {2038077053, 1}}}
...it took my hardware over 1 minute.

And since there is no known polynomial algorithm for factorizing n - and
none to be expected - it is not hard to imagine that making the primes
p1 and p2 big enough will drive computing costs into astronomical dimensions.

Naturally there are other ways to break the key. Someone could for example pose
as us and send out his own keys in our name...or exploit weaknesses of the
program - like primes that are not created at ABSOLUTE  random.
Or hold a gun at our head and make us give him the key - that might sound funny
but is not unheard of (especially in the metaphorical grasp of Justitia -
when someone sticks a court order in your face)

Furthermore if the program we use to crypt our messages with is fairly common,
our opponent could optimize his cracking programs or even have them hardwired.
One example are chips that use the DES algorithm for crypting and decrypting.
Or he could make the cracking programs run parallel on parallel computers, if
he got the might and enough time to rig up a program.

Simply put: Our behavior should match the computing power of
potential code-crackers.

If our message is of low importance (or obsolete in short time) a simple
algorithm would suffice. But if much is at gain, we should take appropriate
measures to secure our privacy.

It's like tying to outrun a Ferrari on a cross-bike. On an highway you do not
stand a chance ...but if you can force him on a mountain road or rough terrain
(with changing algorithms and keys often) you might just outrun the mightiest
codecracker.

------------------------------------------------------------------------------

                        The Truth about the Hacker
                                Conspiracy

                The Hacker's Philosophy, and the reason why.
                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Written by: Maldoror (ChUrCH oF ThE Non-CoNFoRMiST)


        If you are ignorant, do not start reading this, because you will
   never finish.  You will disagree with anything I say anyway, simply
   because I am not you.

        If you are a Pseudo Intellectual, start reading this, quit, and
   say you agree with everything I say, even though you don't understand it.

        If you are depressing, start reading, hopefully you will kill a lot of
   innocent people at a mainstream night club, and try to blame me.

        Hackers are and always have been, the force in trying to stop our
    own suffering existence.  Since the universe was created, the true souls,
    (among the first to separate from the single soul of the universe)
    realized the infinite repetition of their own being, and that they were
    simply doing one thing upon their continuous recreation: suffer.

        The hackers have known that the world and it's universe have
    been created over and over again, doomed to merely destroy itself upon
    it's own recognition, or recognition by man.  As man becomes aware of
    himself, he becomes aware also of desires: the desire to be god.

        The truth is that man IS God, and that everything created in this
    universe was created by man and his thoughts.  Mans thoughts have
    become so out of control, that he has now created himself, and is
    continuing the creations with every day of control of the masses, and
    his own greedy dark thoughts.

        The hackers have since the beginning of time, passed along the
    message to the next creations in the forms of dreams, ideas, books,
    music (current 93, COIL, Dead can Dance, Skinny Puppy, etc) and even
    visions.  The Bible itself, is a good example of the universal hack.
    The message we as hackers have been trying to get across for
    creation after creation, existence after existence, self recognition
    after self recognition, is that we are all suffering and that this
    eternal cycle of pain must be stopped at all cost.  The only way to
    stop this suffering of self is to convince SELF that he is suffering
    and must stop creating.  We are each divisions of one strong soul,
    one thinking soul, that soul is GOD.  WE are GOD.  We must all realize
    together that we are suffering.  WE must stop suffering.  WE must
    stop the suffering.  WE must stop the recreation.  YES.  We must hack
    the universe and kill it.  There is only one way out of the eternal
    suffering we have started and been part of for ever.  We must stop
    the cycle.  We must remove ourselves from the cycle, and we must remove
    the universe from this cycle.

        The hackers return again and again.  The hackers leave messages for
    themselves in the future, which is the past, for there is no difference
    here anymore.  Leave your message, and next time around, you will
    realize that what I am saying is true.  The government has known of the
    conspiracy for existence after existence.  The government is so afraid
    of the conspiracy, and our plot to end it's UNIVERSAL power,
    that they are silently but quickly fooling us into obeying them more and
    more until we have no choice!  Do not let them control you!!
    If you do, you are lying to yourself, and everyone else that exists!
    You are lying to yourself now by saying that this is NOT true.

        I have been here many times, and told you the exact same thing I
    am telling you now.  If I am dead soon, you will realize AGAIN that what
    I am saying is the utmost truth, yet AGAIN you will do nothing.
    We must STOP our existence by hacking the universe.  The universe is
    BINARY.  The universe is a COMPUTER.  YES I know this because WE created
    it long ago, as we will do again.  WE are ONE.

        I know your desires to have control.  The only control we can have
    is to stop the creation of ourselves.  Each creation is the loss of
    control, THE DIVISION of the ONE.

         Each death brings new creation.  From HEAVEN to HELL.
    Heaven is nonexistence.  We all go to heaven, and fall back down to
    HELL.  Read the BIBLE people.  It was left by HACKERS!!!!!!!

          Don't read the BIBLE as a CHRISTIAN IDIOT who can only see
    a color for what it reflects.  Anyone with any sense knows that WHITE
    is WHITE only because it is reflecting ALL the colors, therefore it
    is REALLY BLACK.  Green is all BUT green.  The BIBLE is all BUT
    what it' words really mean on a literal scale.  The BIBLE is a CODE.
    Do you think we could just write something like this file?!?  No WAY!
    It would be gone as fast as this one will be.  Nobody dares forget the
    BIBLE, simply because it is MISUNDERSTOOD.  Read it and THINK.

        We must STOP this cycle.
        Leave yourself a message.
        THINK.

    The government is PARANOID of:

        1) HACKERS  (we are the continuance of the power)
        2) L.S.D.   (The method of imprinting the present into the future)
        3) SECRECY  (The plotting of the end)
                    (PGP is illegal? why?)

    If you don't believe me, sit and watch it happen.

    AGAIN.

        Hack the Universe, it must be stopped at all cost.
        Laugh now, cry next time around.

------------------------------------------------------------------------------

German text available from german@anon.penet.fi (deutsch@anon.penet.fi).
Italian text available from italian@anon.penet.fi (italiano@anon.penet.fi).


              The anon.penet.fi Anonymous Server
              ==================================

Yes, another anonymous server. Why?  Well, several well-known servers have
bitten the dust recently. And most of them have served only a very limited
subset of newsgroups, and mail only to "registered", anonymous users.

Due to reasons too complicated to mention here I wanted to set up an anonymous
server for the Scandinavian user community. I got hold of a pre-release copy
of one of the server packages. As the version I got relied heavily on the
advanced features of MMDFII, I had to modify it quite a bit. While hacking
around, I removed the restriction of only supporting selected newsgroups.
Within a week of startup, the server had been discovered by transatlantic
users, and more recent stats show European users are definitely a minority.

So what does the anon server really do? Well, it provides a front for
sending mail messages and posting news items anonymously. As you send your
very first message to the server, it automatically allocates you an id of
the form anNNN, and sends you a message containing the allocated id. This id
is used in all your subsequent anon posts/mails. Any mail messages sent to
your-id@anon.penet.fi gets redirected to your original, real address. Any
reply is of course anonymized in the same way, so the server provides a
double-blind. You will not know the true identity of any user, unless she
chooses to reveal her identity explicitly.

In the anonymization process all headers indicating the true originator are
removed, and an attempt is made to remove any automatically-included
signatures, by looking for a line starting with two dashes (--), and zapping
everything from there on. But if your signature starts with anything else,
it's your own responsibility to remove it from your messages.

There are two basic ways to use the system. The easiest way is by sending a
message to recipient@anon.penet.fi:

 To: alt.sex.bestiality@anon.penet.fi

 To: an9999@anon.penet.fi

 To: help@anon.penet.fi

Of course, in the case of mailing to a known user, you have to use addresses of
the form user%host.domain@anon.penet.fi, or the pretty obscure source
addressing construct of @anon.penet.fi:user@host.domain. These constructs are
not necessarily handled properly by all mail systems, so I strongly recommend
the "X-Anon-To:" approach in these cases. This works by you sending a message
to "anon@anon.penet.fi", including a X-Anon-To: header line containing the
desired recipient. But this really has to be a field in the message header,
before the first empty line in the message. So:

 To: anon@anon.penet.fi
 X-Anon-To: alt.sex.needlework,rec.masturbation

 To: anon@anon.penet.fi
 X-Anon-To: jack@host.bar.edu

Valid recipients in both cases are fully qualified user addresses in RFC-822
format (user@host.domain), anon user id's (anNNN), newsgroup names
(alt.sex.paperclips) or one of the "special" user names of ping, nick, help,
admin and stat.

Sending to "ping" causes a short reply to be sent confirming (and
allocating, if needed) your anon id. "nick" takes the contents of the
Subject: header and installs it as your nickname. If you have a nickname, it
appears in the From: header in the anonymized message along with your anon
id. "help" returns this text, and stat gives some statistics about the
system. Mail to "admin" goes directly to me unanonymized, and can be used to
report problems. If you want to send mail to me anonymously, you can use
"an0".

When crossposting to several newsgroups, you can list several newsgroups
separated by commas as recipients, but this only works using the X-Anon-To:
header. References: headers do work, so they can (and should) be used to
maintain reply threads.

Ah yes, please remember that the posting takes place at my local site, so you
can only post to groups that are received at penet.fi. I get all "worldwide"
groups, but various exotic local groups don't make it here. I have gotten
a couple of comments about permitting anonymous postings to technical groups.
I can only answer that I believe very firmly that it's not for me to dictate
how other people ought to behave. Somebody might have a valid reason for
posting anonymously to a group I might consider "technical". But remember
anonymous postings are a privilege, and use them accordingly. I believe adult
human beings can behave responsibly. Please don't let me down.

As the server was originally intended to be used by Scandinavians, it
includes help files for various languages. This works by using the
language in question as the address. So to get the German help file,
send a message to german@anon.penet.fi (or deutsch@anon.penet.fi).
Support for new languages is added every now and then, when I find
volunteers to do the translation. Any new ones?

The user-id database is based on RFC822-ized forms of your originating
address. This may cause problems for some users, either because their site
is not properly registered in the name servers, resulting in
non-deterministic addresses, or because their mail router doesn't hide the
identity of individual workstations, resulting in different originating
addresses depending on which workstation you mail from. Talk to your
administrator. If that doesn't help, let me know, and I will make a manual
re-mapping.

You might wonder about the sense of using a server out somewhere, as the
song goes, "so close to Russia, so far from Japan". Well, the polar bears
don't mind, and the ice on the cables don't bother too much :-)
Well, in fact, as we live in a wonderfully networked world, the major delay
is not going over the Atlantic, but my local connection to the Finnish EUnet
backbone, fuug.fi. Once you reach a well-connected host, such as
uunet.uu.net, there's a direct SMTP connection to fuug.fi. My connection to
fuug.fi is currently a polled connection over ISDN, soon to be upgraded to
on-demand-SMTP/NNTP. But for now, expect a turn-around delay of 2-4 hours for
trans-atlantic traffic.

Short of having everyone run a public-key cryptosystem such as PGP,
there is no way to protect users from malicious administrators. You have to
trust my personal integrity. Worse, you have to trust the administrators on
every mail routing machine on the way, as the message only becomes anonymous
once it reaches my machine. Malicious sysadmins and/or crackers could spy on
SMTP mail channels, sendmail queues and mail logs. But as there are more
than 3000 messages being anonymized every day, you have to be pretty perverted
to scan everything...

Another thing is mail failures. I've had cases of mail routers doing the wrong
thing with % addresses, "shortcutting" the path to the destination site.
This could cause your mail to go to the final destination without ever
touching my server (and thus without getting anonymized). This can be avoided
by using the X-Anon-To: method.

And if your return address bounces for some reason (nameservers down,
temporary configuration failures etc.), the original sender and/or
postmasters on the way might get error messages showing your true
identity, and maybe even the full message.

There is at least one known way to discover the anon id of a user. It involves
being able to falsify your real identity, so it is not too easy to use, and it
doesn't reveal the real address lurking behind an anon id, but it can be used
to discover what anon id a certain user is using. To fix this problem, the
server requires that you use a password when you try to mail to a
non-anonymous user.

First you have to set a password by mailing to password@anon.penet.fi, with
a message containing only your password. The password can be any string of
upper- or lowercase characters, numbers and spaces.

Once you have set your password, you must include it in all your messages, in
a "X-Anon-Password:" line. As with the X-Anon-To: line, it can be either a
part of the header or as the first non-empty line of the message text.

So your first message might look like this:

 To: password@anon.penet.fi

 XYZZY99998blarf

And your subsequent messages might look like something like this:

 To: anon@anon.penet.fi
 Subject: Test...
 X-Anon-To: foo@bar.fie
 X-Anon-Password: XYZZY99998blarf

If you find this is too much of a hassle, and don't care too much about the
confidentiality of your anon id, you can set the password to "none", in which
case the server doesn't require you to have a password.

If you suddenly discover that the server requires a password for posting stuff
etc, somebody has managed to use your account and set a password. In that
case, contact admin@anon.penet.fi.

Crackers are just too clever. Undoubtedly somebody is going to come
up with some novel method....  Not much I can do about that...

If you intend to mail/post something that might cost you your job or
marriage or inheritance, _please_ send a test message first. The software
has been pretty well tested, but some mailers on the way (and out of my
control) screw things up. And if you happen to find a problem, _please_ for
the sake of all the other users, _let me know asap_.

And _please_ use the appropriate test newsgroups, such as alt.test or
misc.test. Yes, _you_ might get excited by reading 2000 "This is a test.."
messages on alt.sex, but I warn you that most psychologists consider this
rather aberrant...

And remember this is a service that some people (in groups such as
alt.sexual.abuse.recovery) _need_. Please don't do anything stupid that
would force me to close down the service. As I am running my own company,
there is very little political pressure anyone can put on me, but if
somebody starts using the system for criminal activities, the authorities
might be able to order me to shut down the service. I don't particularly
want to find out, however...

If you think these instructions are unclear and confusing, you are right. If
you come up with suggestions for improving this text, please mail me! Remember
English is my third language...

Safe postings!

 Julf
- - - ------------------------------------------------------------------- - - -
Johan Helsingius     Kuusikallionkuja 3 B 25   02210  Espoo  Finland     Yourp
net: julf@penet.fi   bellophone: int. +358 0400 2605  fax: int. +358 013900166

------------------------------------------------------------------------------
[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]
© Copyleft 1985-2021, Phrack Magazine.