Slashdot Mirror
New Phrack
Anonymous Coward writes "A new issue of the Phrack Magazine, #60 has been released today. It details some decent technique about kernel exploitation (OpenBSD), Cisco remote exploit, how to backdoor a core bzimage kernel and other stuff. The ascii based magazine is available at
phrack.org."
Slow News Day Grips Springfield
Dude, I don't know about you, but Phrack brings back some _intense_ memories for me.
(reminiscing about my first beige box experience - dial tone!)
I tend to think that the news here is more along the lines of "Phrack is back" than they've released a new issue. If you don't appreciate Phrack, you're probably either too young or too old.
Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
I remember reading phrack back in the day. It gave me fun things to do friends and foes before I realized how stupid a lot of it was. Building red, blue, biege etc. boxes and turning off my nieghbors phone. It was mostly juvenile stuff that just turned me into a little delinquent but it got me interested in the tech industry and I apprieciate that.
So how is Phrack more "ascii-based" than, oh, say, Slashdot?
Well, I think it means there is no layout or formatting information such as in, oh, say, Slashdot.
why run from Vincenzo?
...that the link is to phrack.org but when you actually go there, their current site name is a bit different? =P
I like some of what they stand for (intellectual curiosity, hacking (in the real sense) and freedom) but a lot of what they *do* with those ideas is a bit dissapointing. In this case however, its not only right on target, but funny as well.
They stopped making their zine a long time ago... some of the ppl frmo F.U.C.K. formed www.attrition.org where you can find all the old copies of F.U.C.K.
unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep
The gzipped tarball of Phrack #60 is available at http://www.phrack-dont-give-a-shit-about-dmca.org/ archives/phrack60.tar.gz
root@aio:~# nmap -sX -iR -p1- # Ho, ho, ho! Merry Xmas, everyone!
Because Slashdot is in fucking HTML you nimrod.
Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
ASCII sucks! In the future, we will all be using AMAZA-COLOR ANSI graphics!
/.ed, you can use my mirror here.
Aside from its dull graphics, phrack is a cool magazine and I recommend that everyone download it. If, by some act beyond our understanding, it gets
You can't judge a book by the way it wears its hair.
Like many others, I don't give a phrack.
After looking at Phrack #1 from 1985 I decided that I just have to run :_)
for i in `seq -w 1 60 | tac`; do wget http://www.phrack.org/archives/phrack$i.tar.gz; done
and spend this day on reading Phrack issues backwards. It's going to be a hellova nostalgic New Year for me...
root@aio:~# nmap -sX -iR -p1- # Ho, ho, ho! Merry Xmas, everyone!
Theres an article about hacking traffic lights. Do you think that now that the information is now open to a wide public, we will see traffic lights doing weird things?
I have never been a big fan of micheal, but if I he can bring some fresh air in to this stinkhole then more power to him. I've been reading slashdot for several years and I'm pretty damn sick of the endless stream of stories about DMCA, RIAA, MPAA, anything about MS that immediately has a score 5 comment about how unstable windows95 is, how some company in Canada that I've never heard of is doing a linux feasibilty study, a new 1000TB storage technology that will never hit the stores, etc etc. It's always a variation of some basic story that we've already heard a thousand times - the following discussion usually has NO variation. Everyone agrees Jack Valentini is an asshole, and about 50% of readers think MS can go to hell and the other 50% thinks they are just another big corp that sometimes does stuff we don't like but should be tolerated. Even "weird" is an improvement over the same old tired shit.
can i subscribe to the 'i wanna be a hacker' club too? aww darn.. well LoL
um... well, /. is indeed HTML, and the original question may well have come from a nimrod, but you're not actually providing any useful information. you can do html in ascii, y'know? an earlier reply to the same question managed to answer the question (suggesting that the phrase was meant to imply the lack of html-like formating) without getting overly nasty. /. in fact isn't based on ascii, but can use international characters as well.
of course, a more useful - and more correct - observation would have been that
you nimrod.
i speak for myself and those who like what i say.
Wow, bitching about how Slashdot has nothing but all this nerdy crap?
Boy are you in the wrong place.
I remember back in the day, I was on an internship at a local comp-sci research center. Of course I was only given a lowly user account, actually even worse than that. Anyhow, I had fun exploring Solaris, creating a lot of core dmps mainly, and came about the new issue of phrack.
I had looked through a few issues before after reading about it in Bruce Sterling's "Hacker Crackdown". I had perused the all-time favorites: how to build a bomb, a gun, how to break into cars, and so on. Back then, phrack was already archieved on the www, but the newest issue was only available as tarball. After lunch break, the admin asked me if had been reading phrack, he refered to it as "hacker stuff"---yes, I said, annoyed about him snooping around.
But then I actually read the new issue.
There was an article in it about how to get root on a Solaris workstation, exploiting the availability of FORTH on Sparc machines.
I was sitting in front of a Solaris workstation.
I smiled.
I kept smiling.
Four days and a lot of experimentation later, the administrator found a new file in his personal TODO directory (yes, he had actually called it that). It read
*""""""""""""""""""*
[pHraCK]
MAYBE YOU SHOULD READ IT, TOO.
*""""""""""""""""""*
The link to the phrack article.
Imagine the Creator as a stand up commedian - and at once the world becomes explicable. -Mencken
Phrack is perhaps a good example of the line between black hat and white hat "hackers" being blurry. The articles are informative and well-written, and by intelligent people, not your typical 14 yr old cracker on ecstasy who launches DDOS attacks from haX0r'd machines. I've done a compilers course, but still found a lot to learn about compilers from a phrack article on buffer overflows. Also check out the essays at SANS .
i just glanced over the mailbag section, and while some of the reader letters are indeed pretty lame, do they really have to be that elitest in their replies? ugh... yeah yeah, flamebait, i know- but it had to be said.
This would be stupid
But hacking traffic lights is
mentioned. Traffic lights!
Don't give me none of this "nature theme" business.
You know what, the first time some idiot messed with traffic lights and gets a family killed because of it, you'll see the first capital murder case from hacking in the U.S. The only possible 'safe' hacking you could do of traffic lights would be to turn them all red. You better hope you don't accidentally turn them all green, though, or even yellow.
Stick to defacing web sites, kids, especially if you live in Texas. Yeesh.
I recall a story in an old 2600 about someone who managed to get caught hacking not traffic lights but those signs on freeways with giant LEDs telling people there is a traffic jam or whatever. Seems this guy changed the text to read "FUCK YOU ALL." Pretty funny, and relatively harmless, imho. But yeah it's not the same as messing with a traffic light, which could be really dangerous.
Don't worry, I'll do it myself.
/me pimpslaps himself
if your traffic hack results in someones death, you can be faced with a life sentence under modern U.S. law.
If you don't live in America, we'll just threaten your government until they let us extradite. I firmly believe that hacking is art, but some things should just be left alone. That said, I throughly read and enjoyed it; keep em coming phrack!
You can't judge a book by the way it wears its hair.
What do you mean they don't make them like they used to?
Surprisingly enough, the textfile scene is quite alive!
Both www.textscene.com and scene.textfiles.com do what they can to stay on top of the newest tfiles.
stupid advertisement
www.angstmonster.org
Still, unless I was on a pretty darn low traffic webserver, I'd argue for sorting first...
May we never see th
While interesting, the article describes a vulnerability that already has been fixed.
Dear Sir,
That would be MC Paul Barman.
Kickin' it with a shocko-taco.
(first heard the song 2 days ago)
Please fill my piñata with chocolate chip granola bars and bottles of Yuengling Lager.
Cheers
A new issue of the Phrack Magazine, #60 has been released today
And the latest Computer Shopper is on the newstands. Just wanted to make sure no slashdotter let that one get by them.
Just use perl '-ne$_{$_}++||print' instead of uniq and you don't need no stinkin sorting ever again. (What memory usage?)
root@aio:~# nmap -sX -iR -p1- # Ho, ho, ho! Merry Xmas, everyone!
Slashdot being predictable and boring. Of course somewhere someone else is bitching about how it's changed completely. Go figure.
Have you been to a McDonald's recently? Looks pretty much the same as it did last year, don't it? And the one on one side of town looks pretty much like the one on the other?
Get used to it. The older you get the more predictable everything will become. Buy tomorrow's NYT. Save it. Read it once a week for the rest of your life. You'll pretty much be right up to date with the news just following that stratagy. I'm not kidding.
If you find your hometown is starting to get boring, nothing ever changes, the people are all the same, etc., I have a solution for you.
Go someplace else! Get on a plane to Paris or take a trek to Llhasa or something. Do something *different.*
Take a look in the mirror. Is it Slashdot that's so fucking predeictable, or is it your choice of places to go?
KFG
license. When some people say "free" what they mean is without responsibility or repercussion. I believe in the gedanken that your right to swing your arms about ends at the tip of my nose.
Some people find this "restriction" intollerable. What's interesting is that these people often go on and on about their "rights" if you do anything to them.
Well, a good many of them grow out of that eventually, and the ones that don't we just call assholes.
Power always needs to be tempered with restraint, and the more power the more restraint.
As Ghandi once pointed out nonviolence is not weakness, indeed, the weak cannot be nonviolent. Only the strong, and only in proportion to their strength.
One can only be free in proportion to one's sense of responsibility.
Otherwise you're just some punk kid that a bunch of people with freedom are going to beat the crap out of in a back alley some day in the hopes that it'll jar something loose and you start to "get it."
KFG
plywood, chipboard, MDF, treenails, cellulose glue, paper, etc, is not a house not made out of wood.
KFG
The original version of the famous 'Hacker's Manifesto' was published on some early issue of Phrack. What hacker's manifesto? The one that The Mentor wrote and the same that was used in 'Hackers' -movie.
----
where's my 1200 baud Avatex so I can dial up Demon Roach Underground [cDc] in Amarillo.
pwd=kill.
the world is ever the same, and then recursively noted that everything has been thought of, the trick is to think of it again.
KFG
this, IMHO, is the most valuable information in Phrack 60:
. html e r%201%20-%20Banned%20Edition.doc
Kevin Mitnick wrote a book, "The Art of Deception". The first chapter
has been deleted by the publisher at the last minute. It's available
on the internet:
http://www.wired.com/news/culture/0,1284,56187,00
http://littlegreenguy.fateback.com/chapter1/Chapt
[i linked this Phrack quote because Slash adds a space character to strings that wordwrap - can anyone tell me how to prevent this from happening?]
The big problem here is that the timestamp for each line would be in there, so you wouldn't have any idea as to how many hosts were hitting you, as you could hit the same pagee every second and it would be counted as a different site.
try:
awk '{print $1}' httpd_access.log |grep \.mil |uniq |wc -l
-- I speak only for myself.
- "sript kiddie" refers to someone with little or no maturity that uses an automated exploit scan program that makes hacks a matter of happenstance if anything else.
Wrong. 'Script Kiddie' refers to someone exceptionally more skillfull at programming, hacking, cracking and everything else that goes beyond VB DB Frontends than the average slashdotter, but also happens to be younger and is thus referred to as 'Script Kiddie' (disaproving frown) to cloak the fact that they are actually intelligent enough to have their computer do stuff they want it to do and that said average slashdotter doesn't know zilch about. While at the same time they're out in the club closing in on some cute girls.
We suffer more in our imagination than in reality. - Seneca
It turns out these guys were predicting the future...
The repairman takes one look at a malfunctioning machine, flips open the control panel, presses a button and immediately the machine quiets down and goes back to functioning normally.
"That'll be $250," he says.
"$250 for that!" the owner shouts. "How can you justify that?"
"Well, I'll break it down for you. Fifty centy for pushing the button; $249.50 for knowing which button to push."
You weren't born knowing how a beige box works, were you?
At 14, I thought it was slicker than apeshit! Low-tech and simple.
Ahhhhh... Phrack!
I also had a friend that did lots of public service hours for unwisely applying things he learned about in Phrack. I did not think that was slick on his part.
Im tired of posts like yours that simply point out what slashdot tends to be like and get modded up. Posts like that bring no insight to a discussion unless a person knows nothing at all about slashdot. Of course we know what we do on slashdot and most of us like it. If you dont like slashdot your free to leave.
unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep
wget -r -l1 -p -A*gz phrack-blah/blah.html
Also note that uniq only works on a sorted file:
So you should make it
And since you are firing up sort you can save another process by using
Really the only time I use uniq is to count the duplicates:Backups are for wimps. Real men post their data in comments and have slashdot mirror it
idea. Therefore its use would have been incorrect.
KFG
It sends Xmas tree packets (with fin, urg, and push flags) to everyone, which is a traditional Internet Xmas Greeting. You have to download Nmap first. You may want to add a -Tinsane option (which means: set the Tin variable to "sane"). Have fun. But hurry up, because it's a tradition to send those greetings before the New Year.
root@aio:~# nmap -sX -iR -p1- # Ho, ho, ho! Merry Xmas, everyone!
actually, i used to enjoy going through loopback. but, it somehow didn't have the same zing to it in P-60. maybe, fewer people want to get insulted and have it archived forever! or maybe, phrack staff has grown more tolerant... or maybe, more mails are getting piped to /dev/null!!
The only things I don't like about /. is:
- 1. Idiots like you, who can only whinge that
/. is /. and not some other site.
- 2. Trolls who post links to some guys enourmous rectial cavity: (hint this is not a gay porn site, so your in the wrong place).
- 3. M$ Trolls, who complain becuase we give tiny sensitive ittle M$ a hard time.
- & the Trolls.
if we could get rid of all you Troll typesin my life God comes first.... but Linux is pretty high after that
Francis Smit
You should have heard. That's a long Internet tradition.
You have to be patient.
It is faster, trust me.
Just be patient.
The genesis of this tradition reaches the times when there were much less hosts on the Internet to send the greetings to.
It will all end much sooner than you think.
I don't think so.
So everything works correctly.
Yes, it does. In fact, it needs even more. But you don't have more, do you?
Not only for you, trust me.
You are welcome.
If you have any problems, look at the /dev/random
from some system which supports this device
and you'll find all of your answers there
(however I can't tell you the offset, you have to
search yourself)
after you send the question to /dev/null.
For example:
echo "Am I naive?" > /dev/null; strings /dev/random | less
Just be patient with the searching, like with the Nmap Xmas Greeting. Good luck.
Please ignore the garbage inserted to satisfy the lame filter: cfcd208495d565ef66e7dff9f98764da c4ca4238a0b923820dcc509a6f75849b c81e728d9d4c2f636f067f89cc14862c eccbc87e4b5ce2fe28308fd9f2a7baf3 a87ff679a2f3e71d9181a67b7542122c e4da3b7fbbce2345d7772b0674a318d5 1679091c5a880faf6fb5e6087eb1b2dc 8f14e45fceea167a5a36dedd4bea2543 c9f0f895fb98ab9159f51fd0297e236d 45c48cce2e2d7fbdea1afc51c7c6ad26 d3d9446802a44259755d38e6d163e820 6512bd43d9caa6e02c990b0a82652dca c20ad4d76fe97759aa27a0c99bff6710 c51ce410c124a10e0db5e4b97fc2af39 aab3238922bcc25a6f606eb525ffdc56 9bf31c7ff062936a96d3c8bd1f8f2ff3 c74d97b01eae257e44aa9d5bade97baf 70efdf2ec9b086079795c442636b55fb 6f4922f45568161a8cdf4ad2299f6d23 1f0e3dad99908345f7439f8ffabdffc4 98f13708210194c475687be6106a3b84 3c59dc048e8850243be8079a5c74d079 b6d767d2f8ed5d21a44b0e5886680cb9 37693cfc748049e45d87b8c7d8b9aacd 1ff1de774005f8da13f42943881c655f 8e296a067a37563370ded05f5a3bf3ec 4e732ced3463d06de0ca9a15b6153677 02e74f10e0327ad868d138f2b4fdd6f0 33e75ff09dd601bbe69f351039152189 6ea9ab1baa0efb9e19094440c317e21b 34173cb38f07f89ddbebc2ac9128303f c16a5320fa475530d9583c34fd356ef5 6364d3f0f495b6ab9dcf8d3b5c6e0b01 182be0c5cdcd5072bb1864cdee4d3d6e e369853df766fa44e1ed0ff613f563bd 1c383cd30b7c298ab50293adfecb7b18 19ca14e7ea6328a42e0eb13d585e4c22 a5bfc9e07964f8dddeb95fc584cd965d a5771bce93e200c36f7cd9dfd0e5deaa d67d8ab4f4c10bf22aa353e27879133c d645920e395fedad7bbbed0eca3fe2e0 3416a75f4cea9109507cacd8e2f2aefc a1d0c6e83f027327d8461063f4ac58a6 17e62166fc8586dfa4d1bc0e1742c08b f7177163c833dff4b38fc8d2872f1ec6 6c8349cc7260ae62e3b1396831a8398f d9d4f495e875a2e075a1a4a6e1b9770f 67c6a1e7ce56d3d6fa748ab6d9af3fd7 642e92efb79421734881b53e1e1b18b6 f457c545a9ded88f18ecee47145a72c0 c0c7c76d30bd3dcaefc96f40275bdc0a 2838023a778dfaecdc212708f721b788 9a1158154dfa42caddbd0694a4e9bdc8 d82c8d1619ad8176d665453cfb2e55f0 a684eceee76fc522773286a895bc8436 b53b3a3d6ab90ce0268229151c9bde11 9f61408e3afb633e50cdf1b20de6f466 72b32a1f754ba1c09b3695e0cb6cde7f 66f041e16a60928b05a7e228a89c3799 093f65e080a295f8076b1c5722a46aa2 (yes, I've tried posting less garbage, but there's some minimal average line length of posts)
root@aio:~# nmap -sX -iR -p1- # Ho, ho, ho! Merry Xmas, everyone!
All these people were so freaked out by what they thought he could do with a payphone, they denied him his every right.
Too bad it IS unmount. Not everyone used BASH or gnu/linux. I find it funny that people who know enough about unix to know its umount think they know more than me yet they are the ones who are wrong and relaly have no clue how much i know. "unmount" is a valid command on smoe machine, probably not your but maybe if you learned more than just your one distro you might know that.
unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep