the basics of hacking- introduction.txt

黑客培训教程

_______________________________________
_______________________________________
__                                   __
__   THE BASICS OF HACKING:  INTRO   __
__                                   __
_______________________________________
__  Uploaded by Elric of Imrryr      __
_______________________________________
_                                     _
_ THE FIRST OF A SET OF ARTICLES:     _
_ AN INTRODUCTION TO THE WORLD OF THE _
_ HACKER.  BASICS TO KNOW BEFORE DOING_
_ ANYTHING, ESSENTIAL TO YOUR CONTIN- _
_ UING CAREER AS ONE OF THE ELITE IN  _
_ THE COUNTRY...                      _
_______________________________________
_______________________________________
THIS ARTICLE, "THE INTRODUCTION TO THE
WORLD OF HACKING" IS MEANT TO HELP YOU
BY TELLING YOU HOW NOT TO GET CAUGHT,
WHAT NOT TO DO ON A COMPUTER SYSTEM,
WHAT TYPE OF EQUIPMENT SHOULD I KNOW
ABOUT NOW, AND JUST A LITTLE ON THE
HISTORY, PAST PRESENT FUTURE, OF THE
HACKER.
_______________________________________
WELCOME TO THE WORLD OF HACKING!
WE, THE PEOPLE WHO LIVE OUTSIDE OF
THE NORMAL RULES, AND HAVE BEEN SCORNED
AND EVEN ARRESTED BY THOSE FROM THE
'CIVILIZED WORLD', ARE BECOMMING
SCARCER EVERY DAY.  THIS IS DUE TO THE
GREATER FEAR OF WHAT A GOOD HACKER
(SKILL WISE, NO MORAL JUDGEMENTS HERE)
CAN DO NOWADAYS, THUS CAUSING ANTI-
HACKER SENTIMENT IN THE MASSES.
ALSO, FEW HACKERS SEEM TO ACTUALLY KNOW
ABOUT THE COMPUTER SYSTEMS THEY HACK,
OR WHAT EQUIPMENT THEY WILL RUN INTO
ON THE FRONT END, OR WHAT THEY COULD
DO WRONG ON A SYSTEM TO ALERT THE
'HIGHER' AUTHORITIES WHO MONITOR THE
SYSTEM.
THIS ARTICLE IS INTENDED TO TELL YOU
ABOUT SOME THINGS NOT TO DO, EVEN
BEFORE YOU GET ON THE SYSTEM.  WE
WILL TELL YOU ABOUT THE NEW WAVE OF
FRONT END SECURITY DEVICES THAT ARE
BEGINNING TO BE USED ON COMPUTERS.
WE WILL ATTEMPT TO INSTILL IN YOU A
SECOND IDENTITY, TO BE BROUGHT UP AT
TIME OF GREAT NEED, TO PULL YOU OUT
OF TROUBLE.
AND, BY THE WAY, WE TAKE NO, REPEAT,
NO, RESPONCIBILITY FOR WHAT WE SAY IN
THIS AND THE FORTHCOMING ARTICLES.
ENOUGH OF THE BULLSHIT, ON TO THE FUN:
_______________________________________
AFTER LOGGING ON YOUR FAVORITE BBS,
YOU SEE ON THE HIGH ACCESS BOARD A
PHONE NUMBER!  IT SAYS IT'S A GREAT
SYSTEM TO "FUCK AROUND WITH!"
THIS MAY BE TRUE, BUT HOW MANY OTHER
PEOPLE ARE GOING TO CALL THE SAME
NUMBER?  SO:  TRY TO AVOID CALLING A
NUMBER GIVEN TO THE PUBLIC.  THIS IS
BECAUSE THERE ARE AT LEAST EVERY OTHER
USER CALLING, AND HOW MANY OTHER BOARDS
WILL THAT NUMBER SPREAD TO?
IF YOU CALL A NUMBER FAR, FAR AWAY, AND
YOU PLAN ON GOING THRU AN EXTENDER OR
A RE-SELLER, DON'T KEEP CALLING THE
SAME ACCESS NUMBER (I.E. AS YOU WOULD
IF YOU HAD A HACKER RUNNING), THIS
LOOKS VERY SUSPICIOUS AND CAN MAKE
LIFE MISERABLE WHEN THE PHONE BILL
COMES IN THE MAIL.  MOST CITIES HAVE
A VARIETY OF ACCESS NUMBERS AND
SERVICES, SO USE AS MANY AS YOU CAN.
NEVER TRUST A CHANGE IN THE SYSTEM...
THE 414'S, THE ASSHOLES, WERE CAUGHT
FOR THIS REASON:  WHEN ONE OF THEM
CONNECTED TO THE SYSTEM, THERE WAS
NOTHING GOOD THERE.  THE NEXT TIME,
THERE WAS A TREK GAME STUCK RIGHT IN
THEIR WAY!  THEY PROCEDED TO PLAY SAID
GAME FOR TWO, SAY TWO AND A HALF HOURS,
WHILE TELENET WAS TRACING THEM!  NICE
JOB, DON'T YOU THINK?  IF ANYTHING
LOOKS SUSPICIOUS, DROP THE LINE
IMMEDIATELY!!  AS IN, YESTERDAY!!
THE POINT WE'RE TRYING TO GET ACCROSS
IS:  IF YOU USE A LITTLE COMMON SENCE,
YOU WON'T GET BUSTED.  LET THE LITTLE
KIDS WHO AREN'T SMART ENOUGH TO
RECOGNIZE A TRAP GET BUSTED, IT WILL
TAKE THE HEAT OFF OF THE REAL HACKERS.
NOW, LET'S SAY YOU GET ON A COMPUTER
SYSTEM...  IT LOOKS GREAT, CHECKS
OUT, EVERYTHING SEEMS FINE.  OK, NOW
IS WHEN IT GETS MORE DANGEROUS.  YOU
HAVE TO KNOW THE COMPUTER SYSTEM (SEE
FUTURE ISSUES OF THIS ARTICLE FOR INFO
ON SPECIFIC SYSTEMS) TO KNOW WHAT NOT
TO DO.  BASICALLY, KEEP AWAY FROM ANY
COMMAND WHICH LOOKS LIKE IT MIGHT
DELETE SOMETHING, COPY A NEW FILE INTO
THE ACCOUNT, OR WHATEVER!  ALWAYS LEAVE
THE ACCOUNT IN THE SAME STATUS YOU
LOGGED IN WITH.  CHANGE _NOTHING_...
IF IT ISN'T AN ACCOUNT WITH PRIV'S,
THEN DON'T TRY ANY COMMANDS THAT
REQUIRE THEM!  ALL, YES ALL, SYSTEMS
ARE GOING TO BE KEEPING LOG FILES
OF WHAT USERS ARE DOING, AND THAT WILL
SHOW UP.  IT IS JUST LIKE DROPPING A
TROUBLE-CARD IN AN ESS SYSTEM, AFTER
SENDING THAT NICE OPERATOR A PRETTY
TONE.  SPEND NO EXCESSIVE AMOUNTS OF
TIME ON THE ACCOUNT IN ONE STRETCH.
KEEP YOUR CALLING TO THE VERY LATE
NIGHT IF POSSIBLE, OR DURING BUSINESS
HOURS (BELIEVE IT OR NOT!).  IT SO
HAPPENS THAT THERE ARE MORE USERS ON
DURING BUSINESS HOURS, AND IT IS VERY
DIFFICULT TO READ A LOG FILE WITH
60 USERS DOING MANY COMMNDS EVERY
MINUTE.  TRY TO AVOID SYSTEMS WHERE
EVERYONE KNOWS EACH OTHER, DON'T TRY
TO BLUFF.  AND ABOVE ALL:  NEVER ACT
LIKE YOU OWN THE SYSTEM, OR ARE THE
BEST THERE IS.  THEY ALWAYS GRAB THE
PEOPLE WHO'S HEADS SWELL...
THERE IS SOME VERY INTERESTING FRONT
END EQUIPMENT AROUND NOWADAYS, BUT
FIRST LET'S DEFINE TERMS...
BY FRONT END, WE MEAN ANY DEVICE THAT
YOU MUST PASS THRU TO GET AT THE REAL
COMPUTER.  THERE ARE DEVICES THAT ARE
MADE TO DEFEAT HACKER PROGRAMS, AND
JUST PLAIN OLD MULTIPLEXERS.
TO DEFEAT HACKER PROGRAMS, THERE ARE
NOW DEVICES THAT PICK UP THE PHONE
AND JUST SIT THERE...  THIS MEANS
THAT YOUR DEVICE GETS NO CARRIER, THUS
YOU THINK THERE ISN'T A COMPUTER ON
THE OTHER END.  THE ONLY WAY AROUND IT
IS TO DETECT WHEN IT WAS PICKED UP.  IF
IT PICKES UP AFTER THE SAME NUMBER
RING, THEN YOU KNOW IT IS A HACKER-
DEFEATER.  THESE DEVICES TAKE A MULTI-
DIGIT CODE TO LET YOU INTO THE SYSTEM.
SOME ARE, IN FACT, QUITE SOPHISTICATED
TO THE POINT WHERE IT WILL ALSO LIMIT
THE USER NAME'S DOWN, SO ONLY ONE NAME
OR SET OF NAMES CAN BE VALID LOGINS
AFTER THEY INPUT THE CODE...
OTHER DEVICES INPUT A NUMBER CODE, AND
THEN THEY DIAL BACK A PRE-PROGRAMMED
NUMBER FOR THAT CODE.  THESE SYSTEMS
ARE BEST TO LEAVE ALONE, BECAUSE THEY
KNOW SOMEONE IS PLAYING WITH THEIR
PHONE.  YOU MAY THINK "BUT I'LL JUST
REPROGRAM THE DIAL-BACK."  THINK
AGAIN, HOW STUPID THAT IS...  THEN
THEY HAVE YOUR NUMBER, OR A TEST LOOP
IF YOU WERE JUST A LITTLE SMARTER.
IF IT'S YOUR NUMBER, THEY HAVE YOUR
BALLS (IF MALE...), IF ITS A LOOP,
THEN YOU ARE SCREWED AGAIN, SINCE THOSE
LOOPS ARE _MONITORED_.
AS FOR MULTIPLEXERS...  WHAT A PLEXER
IS SUPPOSED TO DO IS THIS:  THE SYSTEM
CAN ACCEPT MULTIPLE USERS.  WE HAVE
TO TIME SHARE, SO WE'LL LET THE FRONT-
END PROCESSOR DO IT...  WELL, THIS IS
WHAT A MULTIPLEXER DOES.  USUALLY THEY
WILL ASK FOR SOMETHING LIKE "ENTER
CLASS" OR "LINE:".  USUALLY IT IS
PROGRAMMED FOR A DOUBLE DIGIT NUMBER,
OR A FOUR TO FIVE LETTER WORD.  THERE
ARE USUALLY A FEW SETS OF NUMBERS IT
ACCEPTS, BUT THOSE NUMBERS ALSO SET
YOUR 300/1200 BAUD DATA TYPE.  THESE
MULTIPLEXERS ARE INCONVENIENT AT BEST,
SO NOT TO WORRY.
A LITTLE ABOUT THE HISTORY OF HACKING:
HACKING, BY OUR DEFINITION, MEANS A
GREAT KNOWLEDGE OF SOME SPECIAL AREA.
DOCTORS AND LAWYERS ARE HACKERS OF A
SORT, BY THIS DEFINITION.  BUT MOST
OFTEN, IT IS BEING USED IN THE COMPUTER
CONTEXT, AND THUS WE HAVE A DEFINITION
OF "ANYONE WHO HAS A GREAT AMOUNT OF
COMPUTER OR TELECOMMUNICATIONS
KNOWLEDGE."  YOU ARE NOT A HACKER
BECAUSE YOU HAVE A LIST OF CODES...
HACKING, BY OUR DEFINITION, HAS THEN
BEEN AROUND ONLY ABOUT 15 YEARS.  IT
STARTED, WHERE ELSE BUT, MIT AND
COLLEGES WHERE THEY HAD COMPUTER
SCIENCE OR ELECTRICAL ENGINEERING
DEPARTMENTS.  HACKERS HAVE CREATED
SOME OF THE BEST COMPUTER LANGUAGES,
THE MOST AWESOME OPERATING SYSTEMS, AND
EVEN GONE ON TO MAKE MILLIONS.  HACKING
USED TO HAVE A GOOD NAME, WHEN WE COULD
HONESTLY SAY "WE KNOW WHAT WE ARE
DOING".  NOW IT MEANS (IN THE PUBLIC
EYE):  THE 414'S, RON AUSTIN, THE NASA
HACKERS, THE ARPANET HACKERS...  ALL
THE PEOPLE WHO HAVE BEEN CAUGHT, HAVE
DONE DAMAGE, AND ARE NOW GOING TO HAVE
TO FACE FINES AND SENTANCES.
THUS WE COME PAST THE MORALISTIC CRAP,
AND TO OUR PURPOSE:  EDUCATE THE HACKER
COMMUNITY, RETURN TO THE DAYS WHEN
PEOPLE ACTUALLY KNEW SOMETHING...
_______________________________________
A PROGRAM GUIDE:
THREE MORE ARTICLES WILL BE WRITTEN IN
THIS SERIES, AT THE PRESENT TIME.
BASICS OF HACKING I:  DEC'S
BASICS OF HACKING II:  VAX'S (UNIX)
BASICS OF HACKING III:  DATA GENERAL
IT IS IMPOSSIBLE TO WRITE AN ARTICLE
ON IBM, SINCE THERE ARE SO MANY SYSTEMS
AND WE ONLY HAVE INFO ON A FEW...
_______________________________________
THIS ARTICLE HAS BEEN WRITTEN BY:
THE KNIGHTS OF SHADOW
_______________________________________





   THE BASICS OF HACKING II: VAX'S
                             UNIX
    UNIX IS A TRADEMARK OF AT&T

    (AND YOU KNOW WHAT _THAT_ MEANS)

Uploaded by Elric of Imrryr
_______________________________________
WELCOME TO THE BASICS OF HACKING II:
VAX'S AND UNIX.  IN THIS ARTICLE, WE
DISCUSS THE UNIX SYSTEM THAT RUNS ON
THE VARIOUS VAX SYSTEMS.  IF YOU ARE
ON ANOTHER UNIX-TYPE SYSTEM, SOME
COMMANDS MAY DIFFER, BUT SINCE IT IS
LICENCED TO BELL, THEY CAN'T MAKE MANY
CHANGES.
_______________________________________
HACKING ONTO A UNIX SYSTEM IS VERY
DIFFICULT, AND IN THIS CASE, WE ADVISE
HAVING AN INSIDE SOURCE, IF POSSIBLE.
THE REASON IT IS DIFFICULT TO HACK A
VAX IS THIS:  MANY VAX, AFTER YOU GET
A CARRIER FROM THEM, RESPOND=>
LOGIN:
THEY GIVE YOU NO CHANCE TO SEE WHAT THE
LOGIN NAME FORMAT IS.  MOST COMMONLY
USED ARE SINGLE WORDS, UNDER 8 DIGITS,
USUALLY THE PERSON'S NAME.  THERE IS
A WAY AROUND THIS:  MOST VAX HAVE AN
ACCT. CALLED 'SUGGEST' FOR PEOPLE TO
USE TO MAKE A SUGGESTION TO THE SYSTEM
ROOT TERMINAL.  THIS IS USUALLY WATCHED
BY THE SYSTEM OPERATOR, BUT AT LATE
HE IS PROBABLY AT HOME SLEEPING OR
SCREWING SOMEONE'S BRAINS OUT.  SO WE
CAN WRITE A PROGRAM TO SEND AT THE
VAX THIS TYPE OF A MESSAGE:
A SCREEN FREEZE (CNTRL-S), SCREEN
CLEAR (SYSTEM DEPENDANT), ABOUT 255
GARBAGE CHARACTERS, AND THEN A COMMAND
TO CREATE A LOGIN ACCT., AFTER WHICH
YOU CLEAR THE SCREEN AGAIN, THEN UN-
FREEZE THE TERMINAL.  WHAT THIS DOES:
WHEN THE TERMINAL IS FROZEN, IT KEEPS
A BUFFER OF WHAT IS SENT.  WELL, THE
BUFFER IS ABOUT 127 CHARACTERS LONG.
SO YOU OVERFLOW IT WITH TRASH, AND THEN
YOU SEND A COMMAND LINE TO CREATE AN
ACCT. (SYSTEM DEPENDANT).  AFTER THIS
YOU CLEAR THE BUFFER AND SCREEN AGAIN,
THEN UNFREEZE THE TERMINAL.  THIS IS
A BAD WAY TO DO IT, AND IT IS MUCH
NICER IF YOU JUST SEND A COMMAND TO
THE TERMINAL TO SHUT THE SYSTEM DOWN,
OR WHATEVER YOU ARE AFTER...
THERE IS ALWAYS, *ALWAYS* AN ACCT.
CALLED ROOT, THE MOST POWERFUL ACCT.
TO BE ON, SINCE IT HAS ALL OF THE
SYSTEM FILES ON IT.  IF YOU HACK YOUR
WAY ONTO THIS ONE, THEN EVERYTHING IS
EASY FROM HERE ON...
ON THE UNIX SYSTEM, THE ABORT KEY IS
THE CNTRL-D KEY.  WATCH HOW MANY TIMES
YOU HIT THIS, SINCE IT IS ALSO A WAY TO
LOG OFF THE SYSTEM!
A LITTLE ABOUT UNIX ARCHITECHTURE:
THE ROOT DIRECTORY, CALLED ROOT, IS
WHERE THE SYSTEM RESIDES.  AFTER THIS
COME A FEW 'SUB' ROOT DIRECTORIES,
USUALLY TO GROUP THINGS (STATS HERE,
PRIV STUFF HERE, THE USER LOG HERE...).
UNDER THIS COMES THE SUPERUSER (THE
OPERATOR OF THE SYSTEM), AND THEN
FINALLY THE NORMAL USERS.  IN THE UNIX
'SHELL' EVERYTHING IS TREATED THE SAME.
BY THIS WE MEAN:  YOU CAN ACCESS A
PROGRAM THE SAME WAY YOU ACCESS A USER
DIRECTORY, AND SO ON.  THE WAY THE UNIX
SYSTEM WAS WRITTEN, EVERYTHING, USERS
INCLUDED, ARE JUST PROGRAMS BELONGING
TO THE ROOT DIRECTORY.  THOSE OF YOU
WHO HACKED ONTO THE ROOT, SMILE, SINCE
YOU CAN SCREW EVERYTHING...
THE MAIN LEVEL (EXEC LEVEL) PROMPT ON
THE UNIX SYSTEM IS THE $, AND IF YOU
ARE ON THE ROOT, YOU HAVE A # (SUPER-
USER PROMPT).
OK, A FEW BASICS FOR THE SYSTEM...
TO SEE WHERE YOU ARE, AND WHAT PATHS
ARE ACTIVE IN REGUARDS TO YOUR USER
ACCOUNT, THEN TYPE => PWD
THIS SHOWS YOUR ACCT. SEPERATED BY
A SLASH WITH ANOTHER PATHNAME (ACCT.),
POSSIBLY MANY TIMES.
TO CONNECT THROUGH TO ANOTHER PATH,
OR MANY PATHS, YOU WOULD TYPE:
YOU=> PATH1/PATH2/PATH3
AND THEN YOU ARE CONNECTED ALL THE
WAY FROM PATH1 TO PATH3.  YOU CAN
RUN THE PROGRAMS ON ALL THE PATHS
YOU ARE CONNECTED TO.  IF IT DOES
NOT ALLOW YOU TO CONNECT TO A PATH,
THEN YOU HAVE INSUFFICIENT PRIVS, OR
THE PATH IS CLOSED AND ARCHIVED ONTO
TAPE.  YOU CAN RUN PROGRAMS THIS WAY
ALSO:
YOU=> PATH1/PATH2/PATH3/PROGRAM-NAME
UNIX TREATS EVERYTHING AS A PROGRAM,
AND THUS THERE A FEW COMMANDS TO
LEARN...
TO SEE WHAT YOU HAVE ACCESS TO IN THE
END PATH, TYPE=>  LS
FOR LIST.  THIS SHOW THE PROGRAMS
YOU CAN RUN.  YOU CAN CONNECT TO
THE ROOT DIRECTORY AND RUN IT'S
PROGRAMS WITH=>