Ever wonder what it would be like to be able to break into any computer network in the world? Well, with today's user-friendly PC's and a million-plus onramps to the information superhighway, anyone can be a hacker. In fact, each year the Pentagon's main computer is the reported target of 250,000 break-in attempts -- 60% of which are successful. So what do you say -- felling lucky, cyberpunk? Then grab your pocket protector and sign up for the wide world of hacking.
The first step is to setup an inexpensive, flat fee Internet account with a local BBS or independent service provider. Avoid mainstream services like America OnLine and Prodigy; hackers find their censorship policies and corporate mentality an affront to all things cyber. Go online with an e-mail address ending in "aol.com" and you'll be made to feel as welcome as Bob Dole at an Ice-T concert.
To start you'll need the tech support you can get from fellow hackers. You'll find them posting on Usenet newsgroups like alt.hacker and alt.2600 and on the popular BBS sites Hackers Haven (303-343-4053) and Wyrm (818-793-2426). On the Internet, hacker communicate via FTP at ftp://ftp.clark.net/pub/jcase and ftp://ftp.fc.net/pub/phrack, or on the Web at http://www.engin.umich.edu/~jgotts/underground/hacker-faq.html and http:/wwwl0pht.com/~veggie/medialist.html -- a site used by the infamous Cult of the Dead Cow.
Each site is a treasure trove of information. If you have a question, need tech support or need to locate special tricks of the trade software, post a message and someone is sure to get back to you with the information. But before you post, make sure you locate and read the "alt.2600 Survival Guide" (ftp://rtfm.mit.edu/pub/usenet-by-group/alt.2600/), the hacker's netiquette guide to message posting. Read, learn and ask intelligent questions: Posting a query that shows you don't know your ASCII from your elbow is the fastest way to get flamed (kicked off). Watch what you post -- everyone else will.
Most of these sites contain instructional files about computer systems, the net and hacking. Download and read as much as possible, making sure they're current (late 1995 or better)! Also, be sure to download any programs you find that are designed to crack passwords, or tot decompress, encrypt or decode files. These are the tools of the hacking trade, tools like PKunzip, which compresses/decompresses files for easier storage and faster downloads, and PGP (Pretty Good Privacy) and UUEncode – which enable you to send encrypted messages and files, and to decode any messages you've downloaded in encrypted/encoded format (a common procedure among hackers). Other files to look for include CopyIIPC, CopyWrite and Zipcrack – a trio of cracking programs that disable the protective devices inside software. Also, try for a "wardialer," which programs your computer to dial random numbers searching for other systems (against the law in some states). Need a password cracker? Try Crack for Unix system passwords; for PC-DOS; try CrackerJack (available via ftp from clark.net/pub/jcase/). To learn to use them, simply read the instructions stored in the "readme" file.
Now all you need is a phone line in. Did you get a wardialer? If not, don't panic. Wardialing can be difficult and risky, and there are other ways to get phone numbers. Sometimes you'll see a number posted. Unfortunately, so will everyone else – which generally leads to a cyber gangbangs of the target computer, and the number gets disconnected. The lesson: Ignore number posts if they're more than a day old
The alernative is to post a request for phone numbers and offer something in trade something you've donwloaded while cruising the net, even if it's just a nude Pamela Anderson .GIF. And when you get a phone number, get as much information as possible. You don't want to find you've unwittingly dialed a sensitive CIA database.
If you're having problems getting a number, ask a friend if you can hack into his computer for practice. Or better yet, hack your local collage computer system. It's usually not difficult to obtain a telephone access number, and being a local call, you won't have a massive phone bill to pay. Besides, college systems are know for their lax security.
Before you make your first call,review the basic safty tips:Maintain a low profile, Be careful who you share infrmtion wit. Once inside the system, do not destroy, delete, or damage anything, and leave if something looks suspicious (like the system keeps asking for the "launch code sequence"). Don't waste time; the best hours for hacking are late at night when no one is online or during peak hours when so many people are on that you won't be noticed. And keep all the instructional text files you've downloaded close by at all times.
Most important of all, be sure to avoid government computers. The government has the manpower, the tax dollars (yours!) and the technology to find you. Remember the news story about that 60% success rate for the 250,000 hack attempts on the Pentagon? What reporters failed to mention was that the computer everyone was so successfully hacking was most certainly a decoy with no real classified information. Try hacking into something the government wants to keep top secret and they'll have your call traced before you can say "Big Brother". Leave those computers to the professionals.
Having a call traced is every hacker's ultimate nightmare. And with Caller ID available nationwide, and Automatic Number Identifier (ANI) incorporated into the networks of most large companies (and all credit reporting agencies), a hacker has to take precautions.
The easiest way to avoid detection is to dial the phone company's Caller ID block code ("*67" in most areas) before you dial the telephone number. To disable ANI, have the phone company install a "circut-nine" block on your line. For an 800-number diverter (when calling 800, 888, 900 or 976 numbers, the recipient will otherwise get your number), look to the various hacker Websites for information and software downloads. Or head to Radio Shack, where you'll find portable ID blockers, phone line surge protectors and digital scramblers (just remember to place the ID blocker after the scrambler when you set them up). And if you're really worried about law enforcement's ability to override any Caller ID blocker, you can buy a laptop, a prepaid calling card (purchased anonymously at a retail store) and a 24.0 bps acoustic coupler and head to the nearest secluded payphone. Only don't use the calling card to make any calls to or from your home or office, and don't recharge it with your credit card.
Or you can simply use the time-honored technique of "outdialing". An outdialer is a modem at a secondary source that protects your anonymity by allowing you to forward your call. You dial it up, then instruct it to dial up and connect with your target. Outdialers are generally linked to networks that are easily accessible because they don't require a password at low levels. Telnet systems are the easiest - hence most popular - outdialers. You'll find scores of them listed on hacker Websites and BBSes.
So, ready to start hacking? If you're smart, your first call will be to an outdialer, where you'll connect - and interact - with one of several different system formats.
If you see the prompt "(!2)GS/1>" appear on your screen, it means you've connected to a GS/1 system through port "(!2)". Some GS/1s will ask for a password. Type "?" to get a list of help commands "?", "H" and "HELP" are universal commands to access a Help menu). This should bring up a list of command words, including "Connect", "Do" and "Listen". To get extended help, type "Show" plus the command word, or type "sho?" to find out what other networks are available, type "sh att" or "sh nmap 1" to get a network map. Try "sh n" or "sh c" for additional systems or servers that might be accessible. Try "sh d" for a list of defaults. But for now, stick with simple commands like "connect" and "echo", which can be used to dial out and make contact with your target.
Telnet system prompts generally read "@" after the terminal command (which is where you should enter your terminal type, such as "vt100"). Telnet is menu driven and quite user friendly (the "connect" command is "c" for example). Use "c mail" upon entering the system and "phones" for general log-in or password prompts. Then look for your local dial-up numbers if you don't have it already. Familiarize yourself with the outdial and "PAD" commands. Just poke around. Type "@c XXX" (XXX = the area code you are scanning) to get some network server addresses. (Here's a handy trick: When you outdial through a network, hit the "redial" key - it will display the last number dialed which will be a computer , of course - giving you a free spare number to work with!).
A Decserver (similar in its command structure to the GS/1 reads "Enter username>". Type "help" for help. Type "sh services" or "sh nodes" to get info on available systems. Type "c" and then the system name to connect to another system. Look for commands like "modem" or "dial" for the outdial menu.
Having reached your target, you need to be able to identify the type of operating system you've encountered. Unix for example, one of the most popular operating systems in use today, can be partially identified by the tell-tale prompt "login:" or "Rlogin". These are the same prompts used by Data General. A VMS or VAX operating system will generally run the prompt: "username". The Dec-10/20 series prompts "." - as to several Hewlett-Packard models. The Primos system contains the word "Primecon" in the prompt.
Many systems will identify themselves with a message similar to "Welcome to the ....... system. Please log in". No matter what the case, once you ID the system, it's a good idea to leave and brush up on its basic commands offline. You can always come back later, but if you fumble around unprepared for too long, you're bound to attract attention.
In order to gain full access to a system, you must first get past the log-in screen, where you'll be asked for your account name and password. Some systems will grant limited account status if you log on as "guest" or "anonymous". If that fails try some of the basic or default account names, like "demo", "games", "account", "admin", "user", "basic" and "main" or "maint" (for maintenance). Try the name of the company you've accessed, its initials or street address, and the things relating to the products the company makes or markets (this rule also applies to passwords). Keep in mind that an account name is generally eight characters or less, and may, as is the case with Unix systems, contain one or more numbers. So try some basic names or name/number combinations, like "steve96", "suzyQ", "jsmith", "mike44" or "linda10". If guessing isn't getting you anywhere, try using a command log-in like "who", or "rwho" or "finger", which will produce a list of users currently online. Set your screen capture so you can keep a permanent record of the account names, then boot off the system and return when the users have signed off.
Getting a password isn't any more difficult. Did you download any software that cracks passwords? If not, give it a shot manually. One former hacker estimates that up to 20% of all passwords are the user's first name, while the owners of many other accounts conveniently use the same word they log in with as their password. Birthdays and birth dates are also typical, as are the passwords "secret", "pass", "password" and "sex". Some of the more common system default passwords are "system", "guest", "manager", "sys", "support", "operator" and "tech".
Remember, it may take a while to come up with the right combination, but don't make too many attempts in one sitting. Most systems keep abort/log-in records, and if a sysop (systems operator) sees "400 failed log-in attempts on 08/14/96 at 2:02 p.m.", he's gonna freak. To avoid suspicion, instead of trying several passwords on one account, try one password on several accounts.
Once inside, you can explore the system using a list of basic commands, including "help", "who", "list", "go", "main", "cat(alog)", "edit", "read", "dir", "start", "mail", "echo", "attrib(ute)", "show", "?", "access", "games", "demo", "connect", "dial", "call", "page", "run", "write", "send", "finger", "exit", "quit", "path", "find", etc. Use the "help" and "who" commands the moment you get online.
If you find yourself on an unresponsive system, try changing the parity, data length, stop bits or baud rate preferences in your communications program. Hit "return" a few times. If that doesn't work, try typing your commands in all upper case or all lower case (the system may be case sensitive). Try adding parameters like "/" or add control keys to commands. Just don't get discouraged; something will eventually work. And remember that the keys to successful hacking are perseverance, common sense, attention to detail and, above all else, the near-obsessive desire to protect your ass!