Slashdot Mirror
New Phrack
Anonymous Coward writes "A new issue of the Phrack Magazine, #60 has been released today. It details some decent technique about kernel exploitation (OpenBSD), Cisco remote exploit, how to backdoor a core bzimage kernel and other stuff. The ascii based magazine is available at
phrack.org."
Wow, a new issue of phrack is out whoopdie friggin doo!
"Sic Semper Tyrannosaurus Rex."
... But isn't micheal going too far?
look at his last couple of articles... they are just plain weird...
i dunno what it is and im not saying its really horrible to get some change but im just curious why these articles have shown up all of a sudden...
unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep
Slow News Day Grips Springfield
But did you ever consider the possibility that michael is a fucking idiot/asshole/nincompoop/[fill in your favorite adjective here]?
Gee, Mikey boy, I wonder how many script kiddies you're filling with this wonderful knowledge, jackass.
Man, they don't make em like they used to. Is F.U.C.K. (fucked up college kids) still around?
If you get an error, type "OVERRIDE" or "SECURITY OVERRIDE" and then try the optimize command again.
I remember reading phrack back in the day. It gave me fun things to do friends and foes before I realized how stupid a lot of it was. Building red, blue, biege etc. boxes and turning off my nieghbors phone. It was mostly juvenile stuff that just turned me into a little delinquent but it got me interested in the tech industry and I apprieciate that.
... wooohooo, this is a Big Numbers NewsDay!
"We will focus on 2 recent vulnerabilities in the OpenBSD kernel as our case studies."
4... 5... 6... 7... 8 seconds without hole in the default install, and counting!
(not that BSD wouldn't be alive and well, however...)
there are more posts in this fp thread than in the rest of the article at the moment...
:-)
well here's another one
So how is Phrack more "ascii-based" than, oh, say, Slashdot?
Well, I think it means there is no layout or formatting information such as in, oh, say, Slashdot.
why run from Vincenzo?
...that the link is to phrack.org but when you actually go there, their current site name is a bit different? =P
I like some of what they stand for (intellectual curiosity, hacking (in the real sense) and freedom) but a lot of what they *do* with those ideas is a bit dissapointing. In this case however, its not only right on target, but funny as well.
The gzipped tarball of Phrack #60 is available at http://www.phrack-dont-give-a-shit-about-dmca.org/ archives/phrack60.tar.gz
root@aio:~# nmap -sX -iR -p1- # Ho, ho, ho! Merry Xmas, everyone!
root@phrack.org:/var/log > grep '\.mil' httpd_access.log | uniq | wc -l
248
root@phrack.org:/var/log > grep '\.gov' httpd_access.log | uniq | wc -l
937
Am I wrong in assuming that httpd_access.log contains a lot more information per line than just the contacting domain(timestamps, commands, etc)? And is httpd_access.log sorted? Is there another version of uniq that I don't know about?
Because Slashdot is in fucking HTML you nimrod.
Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
Wanna be a mster haxor man, read Phrack and 2600 and write cool Password Grabbers in Perl man I wish i could be as leet as everyone else
---
Phrack text files are pure ASCII.
Phrack.Org, as well as Slashdot.Org, are both HTML.
ASCII sucks! In the future, we will all be using AMAZA-COLOR ANSI graphics!
/.ed, you can use my mirror here.
Aside from its dull graphics, phrack is a cool magazine and I recommend that everyone download it. If, by some act beyond our understanding, it gets
You can't judge a book by the way it wears its hair.
Like many others, I don't give a phrack.
After looking at Phrack #1 from 1985 I decided that I just have to run :_)
for i in `seq -w 1 60 | tac`; do wget http://www.phrack.org/archives/phrack$i.tar.gz; done
and spend this day on reading Phrack issues backwards. It's going to be a hellova nostalgic New Year for me...
root@aio:~# nmap -sX -iR -p1- # Ho, ho, ho! Merry Xmas, everyone!
Looks to me like this HTML is encoded as ASCII, smart guy.
It's too bad it took them so long. There are no good ezines left. It was nice back in the day when everyone had ezines. I remember rushing to d/l issues of phrack on my 2400 baud modem and then distributing them back to the local bbses. Hopefully phrack will be around for another hundred years and hopefully they'll produce issues more regularly..
Theres an article about hacking traffic lights. Do you think that now that the information is now open to a wide public, we will see traffic lights doing weird things?
cDc are 31337.
The Power Rangers is back on.
Puberty has been postponed again.
can i subscribe to the 'i wanna be a hacker' club too? aww darn.. well LoL
Ya know....the phrack editor who defrauded AT&T of many $$$$$$$, only it turned out to be $19.95?
Well, I've seen some foreign chars on here, so I'd guess Slashdot is actually ISO-8859-1, which is a superset of ASCII.
As for why they said "ascii" instead of "plain text", I dunno. I guess they think you'll open up the file in a hex editor and read the raw bytes someday, and they just wanted to make sure you knew how to interpret those raw bytes!
Hopefully Phrack will submit their next issue in EBCDIC, and give us all a little excitement in our dreary lives.
È@@@@@ÅÂÃÄÉÃK@èk@¦@\£\@@k@}£@¦o%%
um... well, /. is indeed HTML, and the original question may well have come from a nimrod, but you're not actually providing any useful information. you can do html in ascii, y'know? an earlier reply to the same question managed to answer the question (suggesting that the phrase was meant to imply the lack of html-like formating) without getting overly nasty. /. in fact isn't based on ascii, but can use international characters as well.
of course, a more useful - and more correct - observation would have been that
you nimrod.
i speak for myself and those who like what i say.
I remember back in the day, I was on an internship at a local comp-sci research center. Of course I was only given a lowly user account, actually even worse than that. Anyhow, I had fun exploring Solaris, creating a lot of core dmps mainly, and came about the new issue of phrack.
I had looked through a few issues before after reading about it in Bruce Sterling's "Hacker Crackdown". I had perused the all-time favorites: how to build a bomb, a gun, how to break into cars, and so on. Back then, phrack was already archieved on the www, but the newest issue was only available as tarball. After lunch break, the admin asked me if had been reading phrack, he refered to it as "hacker stuff"---yes, I said, annoyed about him snooping around.
But then I actually read the new issue.
There was an article in it about how to get root on a Solaris workstation, exploiting the availability of FORTH on Sparc machines.
I was sitting in front of a Solaris workstation.
I smiled.
I kept smiling.
Four days and a lot of experimentation later, the administrator found a new file in his personal TODO directory (yes, he had actually called it that). It read
*""""""""""""""""""*
[pHraCK]
MAYBE YOU SHOULD READ IT, TOO.
*""""""""""""""""""*
The link to the phrack article.
Imagine the Creator as a stand up commedian - and at once the world becomes explicable. -Mencken
Phrack is perhaps a good example of the line between black hat and white hat "hackers" being blurry. The articles are informative and well-written, and by intelligent people, not your typical 14 yr old cracker on ecstasy who launches DDOS attacks from haX0r'd machines. I've done a compilers course, but still found a lot to learn about compilers from a phrack article on buffer overflows. Also check out the essays at SANS .
i just glanced over the mailbag section, and while some of the reader letters are indeed pretty lame, do they really have to be that elitest in their replies? ugh... yeah yeah, flamebait, i know- but it had to be said.
This would be stupid
But hacking traffic lights is
mentioned. Traffic lights!
Don't give me none of this "nature theme" business.
Traffic lights hack you
Look at the names. Look at those words. They are the Al Queda!
You know what, the first time some idiot messed with traffic lights and gets a family killed because of it, you'll see the first capital murder case from hacking in the U.S. The only possible 'safe' hacking you could do of traffic lights would be to turn them all red. You better hope you don't accidentally turn them all green, though, or even yellow.
Stick to defacing web sites, kids, especially if you live in Texas. Yeesh.
I recall a story in an old 2600 about someone who managed to get caught hacking not traffic lights but those signs on freeways with giant LEDs telling people there is a traffic jam or whatever. Seems this guy changed the text to read "FUCK YOU ALL." Pretty funny, and relatively harmless, imho. But yeah it's not the same as messing with a traffic light, which could be really dangerous.
Something geeky :D.
we have the hax0rs on one side, and barney rubble on the other side. I had no idea that fred was s uch a l33t ha40xr.!!!!
I love phrack. What an informative digest. It's like Readers Digest for the... well .... poser hacker d00ds.
... fire.
Don't get me wrong, bugtraq and phrack are about the coolest thing since
Gotta love that stuff. Soon you, too, will be using a halmark card to make long distance calls to your own favorite overseas terrorist organization.
EOL
Don't worry, I'll do it myself.
/me pimpslaps himself
if your traffic hack results in someones death, you can be faced with a life sentence under modern U.S. law.
If you don't live in America, we'll just threaten your government until they let us extradite. I firmly believe that hacking is art, but some things should just be left alone. That said, I throughly read and enjoyed it; keep em coming phrack!
You can't judge a book by the way it wears its hair.
Soviet Sad Man is sad traffic lights hack you.
know the difference between "local" and "remote" genius?
obviously not....
Oh, cool: a response hand-crafted out of pure Nerdonium. To anyone with even the vaguest grip of what's going on, PHRACK is in pure text, with no formatting or graphics. Slashdot, well, it has graphics. Simple as that.
I can almost hear the spittle come out of your mouth and onto your screen as you twirl your pale little finger going "but TECHNICALLY the HTML source code is constructed of ASCII so it's technically ASCII itself, can't you see..."
No. A house with modern materials that has a wood floor is not a house made of wood. A house made of wood is a house made of wood.
Nimrod^2.
phreak/hack?
While interesting, the article describes a vulnerability that already has been fixed.
Dear Sir,
That would be MC Paul Barman.
Kickin' it with a shocko-taco.
(first heard the song 2 days ago)
Please fill my piñata with chocolate chip granola bars and bottles of Yuengling Lager.
Cheers
A new issue of the Phrack Magazine, #60 has been released today
And the latest Computer Shopper is on the newstands. Just wanted to make sure no slashdotter let that one get by them.
Slashdot being predictable and boring. Of course somewhere someone else is bitching about how it's changed completely. Go figure.
Have you been to a McDonald's recently? Looks pretty much the same as it did last year, don't it? And the one on one side of town looks pretty much like the one on the other?
Get used to it. The older you get the more predictable everything will become. Buy tomorrow's NYT. Save it. Read it once a week for the rest of your life. You'll pretty much be right up to date with the news just following that stratagy. I'm not kidding.
If you find your hometown is starting to get boring, nothing ever changes, the people are all the same, etc., I have a solution for you.
Go someplace else! Get on a plane to Paris or take a trek to Llhasa or something. Do something *different.*
Take a look in the mirror. Is it Slashdot that's so fucking predeictable, or is it your choice of places to go?
KFG
license. When some people say "free" what they mean is without responsibility or repercussion. I believe in the gedanken that your right to swing your arms about ends at the tip of my nose.
Some people find this "restriction" intollerable. What's interesting is that these people often go on and on about their "rights" if you do anything to them.
Well, a good many of them grow out of that eventually, and the ones that don't we just call assholes.
Power always needs to be tempered with restraint, and the more power the more restraint.
As Ghandi once pointed out nonviolence is not weakness, indeed, the weak cannot be nonviolent. Only the strong, and only in proportion to their strength.
One can only be free in proportion to one's sense of responsibility.
Otherwise you're just some punk kid that a bunch of people with freedom are going to beat the crap out of in a back alley some day in the hopes that it'll jar something loose and you start to "get it."
KFG
plywood, chipboard, MDF, treenails, cellulose glue, paper, etc, is not a house not made out of wood.
KFG
The original version of the famous 'Hacker's Manifesto' was published on some early issue of Phrack. What hacker's manifesto? The one that The Mentor wrote and the same that was used in 'Hackers' -movie.
----
where's my 1200 baud Avatex so I can dial up Demon Roach Underground [cDc] in Amarillo.
pwd=kill.
the world is ever the same, and then recursively noted that everything has been thought of, the trick is to think of it again.
KFG
this, IMHO, is the most valuable information in Phrack 60:
. html e r%201%20-%20Banned%20Edition.doc
Kevin Mitnick wrote a book, "The Art of Deception". The first chapter
has been deleted by the publisher at the last minute. It's available
on the internet:
http://www.wired.com/news/culture/0,1284,56187,00
http://littlegreenguy.fateback.com/chapter1/Chapt
[i linked this Phrack quote because Slash adds a space character to strings that wordwrap - can anyone tell me how to prevent this from happening?]
Patch released August 11, 2002.
Thank you for playing.
It lives!!!!!!
here is a mirror of #phrack magazine in case the main site gets slashdotted: http://phrack.efnet.ru/phrack60/
What's this 'os' thing that you guys keep talking about?
TIA.
They release emagazines like this all the time? Why is this news?
- "sript kiddie" refers to someone with little or no maturity that uses an automated exploit scan program that makes hacks a matter of happenstance if anything else.
Wrong. 'Script Kiddie' refers to someone exceptionally more skillfull at programming, hacking, cracking and everything else that goes beyond VB DB Frontends than the average slashdotter, but also happens to be younger and is thus referred to as 'Script Kiddie' (disaproving frown) to cloak the fact that they are actually intelligent enough to have their computer do stuff they want it to do and that said average slashdotter doesn't know zilch about. While at the same time they're out in the club closing in on some cute girls.
We suffer more in our imagination than in reality. - Seneca
She's old enough to talk? You fucking lamer.
It turns out these guys were predicting the future...
You must be one of the 13 year old script kiddies everyone laughs at. Hey, here's a tip for ya. I heard there are some l33t IRC scripts at www.Imateenageloser.com. Go ahead try them out. And remember, if you parents find out you've dual booted the family PC with Lycoris just tell them its a video game. Oh btw one last thing, if you keep masterbating to pictures of Britney Spears, your going to gum up the keyboard.(Mom won't like that!)
The repairman takes one look at a malfunctioning machine, flips open the control panel, presses a button and immediately the machine quiets down and goes back to functioning normally.
"That'll be $250," he says.
"$250 for that!" the owner shouts. "How can you justify that?"
"Well, I'll break it down for you. Fifty centy for pushing the button; $249.50 for knowing which button to push."
You weren't born knowing how a beige box works, were you?
intollerable isn't it?
At 14, I thought it was slicker than apeshit! Low-tech and simple.
Ahhhhh... Phrack!
I also had a friend that did lots of public service hours for unwisely applying things he learned about in Phrack. I did not think that was slick on his part.
I believe in the gedanken that your right to swing your arms about ends at the tip of my nose.
Don't use foreign language words, if you don't know what they mean. This use of 'Gedanke(n)' is non-sensical. If you want to use a German word which makes sense in this context say 'Idee' instead.
But, d'oh, that's much too close to the English word 'idea', you were trying to replace, so why not just use it in the first place?
wget -r -l1 -p -A*gz phrack-blah/blah.html
idea. Therefore its use would have been incorrect.
KFG
This issue was resolved on Aug 11, 2002.
actually, i used to enjoy going through loopback. but, it somehow didn't have the same zing to it in P-60. maybe, fewer people want to get insulted and have it archived forever! or maybe, phrack staff has grown more tolerant... or maybe, more mails are getting piped to /dev/null!!
All these people were so freaked out by what they thought he could do with a payphone, they denied him his every right.