==Phrack Inc.== Volume 0x0b, Issue 0x3e, Phile #0x0c of 0x0f |=-------------------[ THE PROJEKT MAYHEM TOOLKIT ]---------------------=| |=----------------------------------------------------------------------=| |=------------------[ d0ktor m4ngl3r ]--------------------=| |=----------------------------------------------------------------------=| 1. Introduction to the Whitehat Threat 2. Advanced techniques in global removal of the Whitehat Threat 2.1 Recognitition of previous techniques and works 2.1.1 Incinerary devices 2.1.2 PHCpenbomb 2.1.3 ~EL8chainsaw 2.2 DMkamikaze 2.2.1 Design 2.2.2 Implementation 3. Covering your tracks 3.1 Recognitition of previous techniques and works 3.1.1 PHC-switch-a-w00 3.1.2 gayh1tler's ezbakeoven 3.2 DMhellfire 3.2.1 Description 3.2.2 Implementation 4. Further readings --[ 1. Introduction to the Whitehat Threat "It's just like when you've got some coffee that's too black, which means it's too strong. What do you do? You integrate it with cream, you make it weak. But if you pour too much cream in it, you won't even know you ever had coffee. It used to be hot, it becomes cool. It used to be strong, it becomes weak. It used to wake you up, now it puts you to sleep." - Malcolm X, 196, Message to the Grass Roots Whitehats are a plague that is currently infecting our beloved Blackhat Community. More and more idiots are deciding to cash in on their supposed skills and knowledge of computer information systems and networks. These whitehats believe that through full-disclosure that they will gain infamy and eventual recognition for their works and publications. I will do my best to not get into the larger debate at hand of non-disclosure versus full-disclosure, although many of our readers can make the decision for themselves. With the current economic situation in the US and internationally, jobs in information technology and information security more specifically are becoming more and more scarce because companies are stealing opensource developed technologies and putting a price tag on 3rd rate implementations with very little understanding of the inner workings of the systems at hand. If you understand anything about computer systems and/or programming, you will see that 90% of the bullshit that exists on public mailing lists are nothing but propaganda and acronyms. OpenBSD will say its 'secure by default', but yet as many as of us know there bugs and even exploits currently in the wild that exist within their kernel. One friend can even describe OpenBSD as 'NetBSD with a strncpy() except with less ports and even less SMP support. iDefense will pays hundreds of dollars to whitehats to write silly exploits for publicly known vulnerabilities because their developers are too stupid to do it on their own. Enough is enough. Its time now. my fellow blackhats that we stand up and rid ourselves of this Whitehat Threat. Simply put, its time we rm these fuckers from the planet. --[ 2 Advanced Techniques in the global removal of the Whitehat Threat. This section is a basic introduction into the black arts of of murder and mayhem. These techniques are meant for your basic angry blackhats who are so infuriated with the industry that they have decided to take it upon themselves to eliminate the Whitehat Threat and kill everything in sight. These are only but a chosen few who will die for their cause and reap the benefits in the afterlife in heaven. Allah will provide hundreds of beautiful virgins and hashish. Praise be to Allah, the streets will flow with the blood of the infidels and restore glory back to the black arts. --[ 2.1 Recognition of Previous Works. --[ 2.1.1 Incinerary devices These are probably the best way to go when making a strike on Qualys or ISS. A lot of texts such as the Anarchist Cookbook and release from the Cult of the Dead Cow have given excellent examples into constructing homemade explosives. Some of my top recommendations from the d0ktor ma4ngl3r recipe book are as follows: - molotov cocktails 1 glass bottle gasoline motor oil rag soaked in oil directions: this is oldy but goody kids. basically you fill up a good sized bottle with gasoline and cork it. you then stuff the rag into the top of the bottle with a lot of it hanging out. when you use it, light the rag and throw it really hard against lance spitzner's car to ensure that the bottle breaks and the flames consume his car. - pipe bombs 12" threaded end pipe 2 screw on caps Mikata powerdrill glue 12" long fuse gun powder box of nails (optional) duct tape (optional) directions: this one has a five skull rating guys. its fucking fool proof in creating havok. its really simple too. basically, you screw on one of the caps to the pipe and begin to fill it with plenty of black powder. the more, the bigger the bang. before you do this you need to drive a 1/8" hole into the middle of one of the caps and feed the fuse through it. use the glue to hold it in place. NOTE: make sure you leave plenty of fuse to this otherwise its gonna go off with you in the vicinity and thats BAD! screw the cap with the fuse on make sure one end of the fuse is in the black powder. screw on firmly and its ready to go! optionally, you take nails and cover the bomb with them using the duct tape to hold them in place. this creates additional shrapnel to ensure that we take out as many whitehats as possible! leave this is in the iDefense cafeteria. my source tells me it's pretty easy to bypass security! - works bomb bottle of The Works drain cleaner aluminum foil 2 liter pop bottle directions: take some aluminum foil and roll it up into small little balls that can fit through the opening of the 2 liter bottle. Fill the bottle up with a good amount of The Works, about half a bottle should do the trick. when you're ready to blow up CERT's mailbox, shove in the little balls of aluminum and put the cap on. now shove that fucker in there and good and run like hell. the chemical reaction forms hydrochloric acid. this should destroy most security companies mailboxes no problem! Prevent CERT from getting all that kiddy porn! --[ 2.1.2 PHCpenbomb I developed this technique back in my early days when I was a janitor at ISS back in '99. This is probably one of the greatest devices I ever concocted. Basically, working as a janitor allowed me to sabotage many, many ISS employees projects and in some cases even booby trap their desks. I was working my way up on the janitorial staff and slowly gaining more and more respect among my peers. Fuck, that's where d0nny narqo and I originally hooked up. He caught me setting these up and he was 'whoa, thatz EL8' and he showed me some of his tricks that he had been doing for awhile. These penbombs are great. Not only do they inflict pain upon whitehats but they prevent them from typing ever again by blowing off their hand. Tired of isec.pl releasing shit? send them a few dozen penbombs!! make sure them fucks cant ever type again! h4h4h4. Here's how: 1 clicky ball pen gun powder strike anywhere match fine grained sandpaper directions: take the pen apart by unscrewing it in half. cut the tip off the inner part where the ink and shit is. watch out for the ink! shove the match up into the tube to create part of the firing mechanism. take the sandpaper and form a little cone to fit in the external tip of the pen and fill it up with the gun powder. put the pen back together very carefully so you dont ignite the gun powder. now send this puppy out and wait for KF to click his pen and go boom! no more emmanuel lewis. --[ 2.1.3 ~EL8chainsaw Elguapo 'the warez' Gestapo passed this technique onto me early on in my research. They highly recommend this to everyone who likes to make political statements. There are a couple of variations to this technique from what I understand. The basic idea is to cut the person up in many different pieces with the chainsaw and mail each body part to well known whitehats so that they get the fucking picture. Elguapo with his Colombian trafficing background has picked up a few things on what to do with narcs. He suggested to me that the traditional colombian neck tie usually provided more than enough reason for rats to keep their traps shut. here'z a quick list of possible destinations to dispose of body parts: head - ryan russel: needs a new face, really looks like a boar! arms - mark dowd: you need to bulk up bro legs - mike schiffman: he needs to grow up some! so tiny! torso - ofir arkin: he needs somethin to gnaw on o \|/ ==o- o (head) | || (arms) | (torso) / \ || (legs) | 4 suitcases --[ 2.2 DMkamikaze Much like japanese soldiers during World War II, this technique is only left for those completely committed to the destruktion of the information security industry. Like the Koran promises us, all those who die in battle protecting our beliefs and family will reap the benefits of Heaven. Praise be to Allah. --[ 2.2.1 Design Essentially this is a pretty cut and dry set up. I was lucky enough to learn how to fly from my muslim brothers at the Al Qaeda Flying School for Young Terrorizts when I was 12. Make you follow through with your daily prayers to Allah and the holy city of Mecca. --[ 2.2.2 Implementation I've come to the conclusion that the best way to carry out this mission from Allah that I must go entirely craazy on the plane and beat everyone senseless to take over the plane. Make sure to burn copies of divineint's hard drive with all the juarez that optyx/xdr/darkcube have traded him over the years for OS source codez. If you can coerce one of your loyal blackhat friends to do the same, you can ideally take out NAI and ISS headquarters! It may added more effect if you strap about a dozen road flares to your chest and make it appear to look like dynamite. Also, plastic sporks provide excellent weapons in stabbing and scooping out eyeballs of flight attendants! --[ 3.1 Covering your tracks This outline a number of tried and tested techniques in covering your tracks. Whitehats nothing more than useless forensic investigations into how real hackers operate because they're too pussy to do it on their own. There is a really big and broad section in all honesty and I think creating a new identity and related topics are best left up in other articles. Additional readings into forensic sciences and related topics should familiarize yourself with current topics in how law enforcement is able to track down perpertrators. No sloppiness allowed here kids, this is for determined and disciplined muh fuhs only. No BoWzap to save your ass here! Now let class begin.. --[ 3.1.1 PHC-switch-a-w00 This is an idea spawned off many, many hours of television from warez mullah. He suggested that you create a fake identity by creating a paper trail to your whitehat or w00w00 member because they make so much money for selling out. I suggest using someone like Dug Song because I'm sure Arbornet pays him pretty well for writing _shit_. Although I hear Niels Provos author of systrace (most useless and bug ridden security tool EVER) is now employed at Google. I would basically rely on using their credit card information to fund your jihad. So when the police go and track down serial numbers and shit like that. Their cc# connects to the shit you bought. Great for buying illegal hardware to store images monkey.org's user accounts! --[ 3.1.2 gayh1tler'z ezbakeoven gayh1tler first started using an ezbakeoven at the age of 5. his father first taught him how to pile jews into it and burn them up. Then gayh1tler (god rest his soul) got into hacking systems and the darkside of computers. One thing led to another, and gayh1tler thought of a brilliant idea. This idea, would change the course of murdering whitehats for years to come. He began to stick white hats into his ezbakeoven. He noticed that it took a much longer amount of time to cook whitehats in the ezbakeoven as opposed to jews. The amount of fat each whitehat contains amounts to an entire month of electricity. gayh1tler not only revolutionized the ezbakeoven, but he also created an alternative fuel burning system capable of powering the world for years to come. Thanks gayh1tler. Recipes: whitehat burrito: add two cups of whole milk, one heavy set whitehat, hot sauce, cook until golden brown, serve with a lance spitzner piata. whitehat yummy-delish ice cream sunday: combine 5 gallons milk with 36 pints of ice cream (a flavor of your choosing), add two bags of ice, combine solution into 200 gallon swimming pool, blend it with a hydroturbo600 gasoline powered chainsaw, 2 Project Honeynet members and have a delish treat for the whole family. There are an inifinte amount of delicious treats that can be created with the ezbakeoven, eat up! DONT KILL COWS KILL WHITEHATS --[ 3.2 DMhellfire I came up with this idea based off gayh1tler'z ezbakeoven experiments and making homemade kilns ( i make my own glass bongs ). See, kilns provide a reliable method in trying to get rid of bodies. I mean why should we waste a good pine box on some faggot who supports the full disclosure movement? This is a bit advanced. Hopefully you have some masonry experience. You can find a lot of good books library on basic masonry and shit like that at the library. These also help to clean up any possible evidence that may link you to the killing. Just keep in mind that burning flesh smells horrible, get some clothespins to plug your nose. Although it may smell more like a McDonalds or a Wendy's from all the fried shit these fat whitehats eat on a daily basis. I've also included my recipe for Blue Boar ala Flame by popular demand. These DMhellfires are great for Pig roasts and Whitehat sacrifices! --[ 3.2.1 Design shit you need (can get most of this at Home Depot): about 100 or more cinder blocks firebricks mortar shovel 2.2m x 3m piece of sheet metal (8 ga.) firewood possibly some gasoline I would seriously read up on masonry and electrical wiring before trying to build this. it could get nasty and you may end up in the d0ktor m4ngl3r hellfire! --[ 3.2.2 Implementation I originally was going to use an old refrigerator, however most newer refrigerators have plastic inner linings which don't hold up very well in high temperatures. ideally you should have a decent sized back yard for building although a reclusive area in the woods of the park or somethin may work. Dig out a grave except it needs to be only 3m deep. It may help you to dig it an angle so that its easy to roll the fat whitehats such as ryan russel into the incinerator. Also dig an adjoining hole with it so you can fill up a firepit to keep it going. Should look something like this: (top view) _______________ | |_ | whitehat _) <- fire pit |______________| ( side angle ) ______ | _____ | \____/ Build a small wall encircling the grave with the firebricks. It should stand about a foot and a half high from the ground (you need all the clearance you can get with these fat asses). You only need to encircle most of it. Now build a second wall around the firebricks with your cinder blocks to reinforce it. Large security focus mailing list moderators could possibly tumble your set up. You should actually build the cinderblock wall higher than the wall of firebricks. Cut the sheet metal so it fits over the wall of firebricks but within the wall of cinderblocks. Place the sheet metal over the firebricks and take whatever cinderblocks you may have left to hold the sheet metal in place. Also remember that you should've encircled the firepit but you need to cover that with a small removable chimney (i suggest fabricating one out of steel or aluminum) to keep the heat in. To close up the incinerator, you should just take some cinder blocks to put in place and then cover up with dirt. Put some dirt on top of the roof as well, it makes a great insulator. Now let the killing begin!!! Blue Boar au jou: 1 Blue Boar (ex-Bugtraq moderator, freshly killed) 4 gallons of beef broth ~1 lbs. of mushrooms (sliced) 4 diced onions (red, preferably) 1 bottle of Merlot 2 tablespoons of garlic salt 1 table spoon of seasoning salt Directions: Cook the Blue Boar on your brand new DMhellfire for approximately 2-3 hours at 500 degrees Farenheit. While he's cooking you can prepare our au jou in a large pot for about 30 minutes. Make sure you sautee the vegetables up first! Once the vegetables are ready, add in the beef broth, merlot and water and let sit until the BB is a nice pink color. At this point, the BB should be nice and tender and the meat should fall right off the bones, great for serving. This recipe feeds approximately 20-30 of your closest black hat brothers or approximately 2-3 fat Defcon goths. --[ 4. Further Readings Croft, Terrell and Wilford I. Summers. American Electrician's Handbook. McGraw-Hill & TAB Electronics; 14th edition (June 7, 2002). ISBN: 0071377352 Davis, Tenney L. The Chemistry of Powder and Explosives. Angriff Pr; October 1972. ISBN: 0913022004. gayh1tler. Cooking the White Way with your ezbakeoven. PHC Digest; June 2002 Gurstelle, William. Backyard Ballistics. Chicago Review Press; June 1, 2001. ISBN: 1556523750. Genge, Ngaire E. The Forensic Casebook: The Science of Crime Scene Investigation. Ballantine Books; 1st Editions. August 27, 2002. ISBN: 0345452038 Hollenback, George M. Workbench Silencers: The Art of Improvised Designs. Paladin Press; July 1999. ISBN: 0873648951. Uncle Fester. Home Workshop Explosives, Second Edition. Festering Publications; 2nd ed. November 18, 2002. ISBN: 0970148542. Uncle Fester. Silent Death, Second Edition. Festering Publications; 2nd ed. May 1, 1997. ISBN: 0970148534. |=[ EOF ]=---------------------------------------------------------------=|