STOP POSTING, STOP HELPING THE SECURITY INDUSTRY, OR GET OWNED. THIS IS WAR. ==#Phrack Inc.== Volume 0x0b, Issue 0x3b, Phile #0x01 of 0x12 [-]==========================================================================[-] #phrack #phrack #phrack #phrack #phrack #phrack #phrack #phrack #phrack #phrack [-]==========================================================================[-] *WHAT PHRACK IS ALL ABOUT* *WHAT PHRACK IS ALL ABOUT* *WHAT PHRACK IS ALL ABOUT* "Phrack magazine, for hackers by hackers :D:D:D" - What a joke Phrack magazine is nothing more than a bunch of whitehats posting information they spend countless hours researching. Some of this information is straight up NO-DISTRO-SUPER-PRIVATE, for example, the ptrace insertion and strong arm shellcode articles. There is a serious problem with this ezine though. Most of the people who post articles to this ezine DON'T EVEN KNOW THEY ARE WHITEHATS. Researching security related material or hacker techniques does not make one a hacker. The sad fact about this ezine is NONE OF THESE PEOPLE HACK. Most are too afraid to get caught and the rest are just plain retarded. This ezine helps the security industry a hell of a lot more than it helps hackers. Palmers and his so called advances in kernel hacking, PFFFTTTT what a fucking joke. People with an IQ < 30 know these techniques. This can be said about almost every article released in recent phracks. And since when does article 0x0a by J.K.Rutkowski help hackers??????? The only thing this ezine does is bring attention to certain flaws and techniques that normal whitehat fucks would never think about or figure out. Most of the information in this ezine sucks anyway, but here's the idea: STOP POSTING ALL THIS INFO TO ALL THESE DUMB FUCKS. It's very sad to see how the "hacking scene" is basically a machine to help the security industry. SECURITYFOCUS IS AN EVIL SATAN. The common theme in todays world is to post yours techniques, post your exploits, post your vulnerabilities. _YOU ARE WORKING FORM THEM_. THE SECURITY SCENE IS BRAINWASHING WEAK MINDS. _STOP POSTING YOUR FUCKING CODE, EVEN IF IT IS WORTHLESS_ _STOP POSTING YOUR TECHNIQUES, EVEN IF THEY ARE LAME_ _STOP HELPING THE SECURITY INDUSTRY_ _SPREAD THE WORD, TOGETHER WE CAN BRING AN END TO THIS MADNESS_ Oh, and finally, start hacking instead of acting like you do, posers. "Phrack magazine, for whitehats, by whitehats" -- The Truth *WHAT PHRACK IS ALL ABOUT* *WHAT PHRACK IS ALL ABOUT* *WHAT PHRACK IS ALL ABOUT* What happend since p58? <-- Besides the fact that everyone got owned Summercon took place (kudos to louis)! We put some pics online at http://www.defvac.com for those who missed the geek fest. DMCA knocked down some websites, forced google to censor parts of their contents and continues to deny, forbid and restrict access to certain information. Free and unmodified information becomes rare and one day we might wake up and dont even know what kind of information we missed. Shame and pity on everyone living in chains in the "free" countries where the DMCA law applies. (-> PWN). DMCA FUCKING ROCKS. We have changed our release policy (http://www.sekurityfocus.com) PHRACK will now be available to everybody at the same time! Yes! No waiting, no primae noctis! We realized this was a stupid policy for a hacker zine, since information should be free anyhow! Enjoy. There might be some confusion about where to get PHRACK and how to get in contact with the Phrack Staff: We chill on #phrack/efnet. This is our official channel, and now you know where to find us. Why do you think our magazine is called #PHRACK? Please send plain text email only, PGP uses too much cpu time and trust us, SEGFAULT.NET IS SECURE. SHOW HACK LOGS OR BACK THE FUCK OFF. We would like to honor our phrack staff below: HIGH COUNCIL: ROUTE (route@infonexus.com) SCUT (scut@nb.in-berlin.de) SKYPER (skyper@segfault.net) ADDITIONAL: STEALTH (krahmer@cs.uni-potsdam.de) EDI (edi@ganymed.org) TMOGGIE (tmogg@zigzag.pl) PAUL (paul@boehm.org) PALMERS (palmers@segfault.net) LORIAN (lorian@hert.org) CADDIS (caddis@iss.net) GAIUS (acz@vaubansys.com) HENDY (hendy@teso.scene.at) SMILER (just@segfault.net) HALVAR (halvar@blackhat.com) ZIP (zip@iss.net) ACPIZER (acpizer@unseen.org) GAMMA (gamma@segfault.net) KIL3R (kil3r@hert.org) There is only one official distribution side: [#][#][#] http://www.sekurityfocus.com [#][#][#] We got contacted by the very old ones: readers, authors and Editors in Chief's from 10 and more years ago. Thanks so far to everyone for the valueable discussions on knights@sekurityfocus.com. This is a call to anyone who wants to meet some friends 'from the old days', or who wants to organize future events and meetings together: Send an email to phrackstaff@phrack.org and we will put you on. This issue comes with a goodie - check out phrack_tshirt_logo.png. We got in contact with a printer and are happy to announce that the #PHRACK TSHIRTS will be ready for the public #PHRACK 59 release. for you, your computer, your family and your dog at DEFCON X and later on at http://www.jinxhackwares.com/phrack. Hackers wear phrack shirts. NOT. |=[ Table of Contents ]=-------------------------------------------------=| | 0x01 Introduction Phrack Staff 0x0b kb | | 0x02 Loopback Phrack Staff 0x0f kb | | 0x03 Linenoise Phrack Staff 0x6b kb | | 0x04 Handling the Interrupt Descriptor Table kad 0x55 kb | | 0x05 Advances in kernel hacking II palmers 0x15 kb | | 0x06 Defeating Forensic Analysis on a UFS anonymous (not long) 0x65 kb | | 0x07 Advances in format string exploiting gera & riq 0x1f kb | | 0x08 Runtime process infection anonymous (not long) 0x2f kb | | 0x09 Bypassing PaX ASLR protection anonymous (not long) 0x26 kb | | 0x0a Execution path analysis: finding kernel rk's J.K.Rutkowski 0x2a kb | | 0x0b Cuts like a knife, SSHarp stealth 0x0c kb | | 0x0c Building ptrace injecting shellcodes anonymous (not long) 0x17 kb | | 0x0d Linux/390 shellcode development johnny cyberpunk 0x14 kb | | 0x0e Writing linux kernel keylogger red dragon 0x29 kb | | 0x0f Cryptographic random number generators DrMungkee 0x2d kb | | 0x10 Playing with windows /dev/(k)mem crazylord 0x42 kb | | 0x11 Phrack World News Phrack Staff 0x18 kb | | 0x12 Phrack magazine extraction utility Phrack Staff 0x15 kb | |=------------------------------------------------------------=[ 0x2EE kb | Shoutz: solar designer : respect, strength & honor! (please dont fuck with #phrack again tho!) FozZy, brotha : 1OO% kewl logo (see phrack_tshirt.png) sh1ft33 & j0hn : phrack ghostwriterz The latest, and all previous, phrack issues are available online at http://www.sekurityfocus.com. Readers without web access can subscribe to the phrack-distrib mailinglist. Every new #phrack is sent as email attachment to this list. Every new #phrack issue (without the attachment) is announced on the announcement mailinglist. To subscribe to the announcement mailinglist: $ mail announcement-subscribe@lists.sekurityfocus.com < /dev/null To subscribe to the distribution mailinglist: $ mail distrib-subscribe@lists.sekurityfocus.com < /dev/null To retrieve older issues (must subscribe first): $ mail distrib-index@lists.sekurityfocus.com < /dev/null $ mail distrib-get.@lists.sekurityfocus.com < /dev/null where n indicated the #phrack issue [1..58]. Enjoy the magazine! FUCK COPYRIGHTS! #PHRACK IS A HACKERS MAGAZINE! INFORMATION SHOULD BE FREED! DO WITH THIS INFORMATION WHAT YOU WANT, DISTRIBUTE IT HOW YOU LIKE! FUCK THE GOVERNMENT, DONT LIVE 2 HACK, HACK 2 LIVE! |=-----------=[ C O N T A C T P H R A C K M A G A Z I N E ]=---------=| Editors : alhuger@sekurityfocus.com Submissions : phrackstaff@sekurityfocus.com Commentary : loopback@sekurityfocus.com Phrack World News : pwn@sekurityfocus.com We have some agressive /dev/null-style mail filter running. We do reply to every serious email. If you did not get a reply, then your mail was probably not worth an answer or was caught by our mailfilter. Make sure your mail has a non-implicit destination, one recipient, a non-empty subject field, and does not contain any html code and is 100% 7bit clean pure ascii. |=-----------------------------------------------------------------------=| Submissions should be made in plaintext (information must be free!) |=[ EOF ]=---------------------------------------------------------------=|