Hacking Into Computer Systems - Beginners by DigitalDemon - HTML preview

PLEASE NOTE: This is an HTML preview only and some elements such as links or page numbers may be incorrect.
Download the book in PDF, ePub for a complete version.

The strength of this packet-switched network is that most messages will automatically get through despite heavy message traffic congestion and many communications links being out of service. The disadvantage is that messages may simply disappear within the system. It also may be difficult to reach desired computers if too many communications links are unavailable at the time.

However, all these wonderful features are also profoundly hackable. The Internet is robust enough to

survive -- so its inventors claim -- even nuclear war. Yet it is also so weak that with only a little bit of instruction, it is possible to learn how to seriously spoof the system (forged email) or even temporarily put out of commission other people's Internet host computers (flood pinging, for example.)

On the other hand, the headers on the packets that carry hacking commands will give away the account

information from which a hacker is operating. For this reason it is hard to hide perfectly when on the

Internet.

It is this tension between this power and robustness and weakness and potential for confusion that makes the Internet a hacker playground.

For example, HERE IS YOUR HACKER TIP YOU’VE BEEN WAITING FOR THIS ISSUE:

ftp://ftp.secnet.com

This ftp site was posted on the BUGTRAQ list, which is dedicated to discussion of Unix security holes.

Moderator is Aleph One, who is a genuine Uberhacker. If you want to subscribe to the BUGTRAQ, email

LISTSERV@netspace.org with message “subscribe BUGTRAQ.”

Now, back to Internet basics.

History of Internet

As mentioned above, the Internet was born as a US Advanced Research Projects Agency (ARPA) effort in

1969. Its inventors called it ARPANET. But because of its value in scientific research, the US National Science Foundation (NSF) took it over in 1983. But over the years since then it gradually evolved away from any single source of control. In April 1995 NSF cut the last apron strings. Now the Internet is run by no one.

It just happens and grows out of the efforts of those who play with it and struggle with the software and hardware.

Nothing at all like this has ever happened before. We now have a computer system with a life of its own.

We, as hackers, form a big part of the mutation engine that keeps the Internet evolving and growing

stronger. We also form a big part of the immune system of this exotic creature.

The original idea of ARPANET was to design a computer and communications network that would

eventually become so redundant, so robust, and so able to operate without centralized control, that it could even survive nuclear war. What also happened was that ARPANET evolved into a being that has survived

the end of government funding without even a blip in its growth. Thus its anarchic offspring, the Internet, has succeeded beyond the wildest dreams of its original architects.

The Internet has grown explosively, with no end in sight. At its inception as ARPANET it held only 4 hosts.

A quarter of a century later, in 1984, it contained only 1000 hosts. But over the next 5 years this number grew tenfold to 10,000 (1989). Over the following 4 years it grew another tenfold to 1 million (1993). Two years later, at the end of 1995, the Internet was estimated to have at least 6 million host computers. There are probably over 10 million now. There appears to be no end in sight yet to the incredible growth of this mutant child of ARPANET.

In fact, one concern raised by the e xponential growth in the Internet is that demand may eventually far outrace capacity. Because now no entity owns or controls the Internet, if the capacity of the

communications links among nodes is too small, and it were to become seriously bogged down, it might be difficult to fix the problem.

For example, in 1988, Robert Morris, Jr. unleashed a "virus"-type program on the Internet commonly known as the “Morris Worm.” This virus would make copies of itself on whatever computer it was on and then

send copies over communications links to other Internet hosts. (It used a bug in sendmail that allowed

access to root, allowing the virus to act as the superuser).

Quickly the exponential spread of this virus made the Internet collapse from the communications traffic and disk space it tied up.

At the time the Internet was still under some semblance of control by the National Science Foundation and was connected to only a few thousand computers. The Net was shut down and all viruses purged from its

host computers, and then the Net was put back into operation. Morris, meanwhile, was put in jail.

There is some concern that, despite improved security measures (for example, "firewalls"), someone may find a new way to launch a virus that could again shut down the In ternet. Given the loss of centralized control, restarting it could be much more time-consuming if this were to happen again.

But reestablishing a centralized control today like what existed at the time of the “Morris Worm” is likely to be impossible. Even if it were possible, the original ARPANET architects were probably correct in their assessment that the Net would become more susceptible for massive failure rather than less if some

centralized control were in place.

Perhaps the single most significant feature of today's Internet is this lack of centralized control. No person or organization is now able to control the Internet. In fact, the difficulty of control became an issue as early as its first year of operation as ARPANET. In that year email was spontaneously invented by its users. To the surprise of ARPANET's managers, by the second year email accounted for the bulk of the

communication over the system.

Because the Internet had grown to have a fully autonomous, decentralized life of its own, in April 1995, the NSF quit funding NSFNET, the fiber optics communications backbone which at one time had given NSF the

technology to control the system. The proliferation of parallel communications links and hosts had by then completely bypassed any possibility of centralized control.

There are several major features of the Internet:

* World Wide Web -- a hypertext publishing network and now the fastest growing part of the Internet.

* email -- a way to send electronic messages

* Usenet -- forums in which people can post and view public messages

* telnet -- a way to login to remote Internet computers

* file transfer protocol -- a way to download files from remote Internet computers

* Internet relay chat -- real-time text conversations -- used primarily by hackers and other Internet old-timers

* gopher -- a way of cataloging and searching for information. This is rapidly growing obsolete.

As you port surfers know, there are dozens of other interesting but less well known services such as whois, finger, ping etc.

The World Wide Web

The World Wide Web is the newest major feature of the Internet, dating from the spring of 1992. It consists of "Web pages," which are like pages in a book, and links from specially marked words, phrases or symbols on each page to other Web pages. These pages and links together create what is known as "hypertext."

This technique makes it possible to tie together many different documents which may be written by many

people and stored on many different computers around the world into one hypertext document.

This technique is based upon the Universal Resource Locator (URL) standard, which specifies how to hook up with the computer and access the files within it where the data of a Web page may be stored.

A URL is always of the form http://<rest of address>, where <rest of address> includes a domain name which must be registered with an organization called InterNIC in order to make sure that two different Web pages (or email addresses, or computer addresses) don't end up being identical. This registration is one of the few centralized control features of the Internet.

Here's how the hypertext of the World Wide Web works. The reader would come to a statement such as

"our company offers LTL truck service to all major US cities." If this statement on the "Web page" is highlighted, that means that a click of the reader's computer mouse will take him or her to a new Web page with details. These may include complete schedules and a form to fill out to order a pickup and delivery.

Some Web pages even offer ways to make electronic payments, usually through credit cards.

However, the security of money transfers over the Internet is still a major issue. Yet despite concerns with verifiability of financial transactions, electronic commerce over the Web is growing fast. In its second full year of existence, 1994, only some $17.6 million in sales were conducted over the Web. But in 1995, sales reached $400 million. Today, in 1996, the Web is jammed with commercial sites begging for your credit card information.

In addition, the Web is being used as a tool in the distribution of a new form of currency, known as

electronic cash. It is conceivable that, if the hurdle of verifiability may be overcome, that electronic cash (often called ecash) may play a major role in the world economy, simplifying international trade. It may also eventually make national currencies and even taxation as we know it obsolete.

Examples of Web sites where one may obtain ecash include the Mark Twain Bank o f St. Louis, MO

(http://www.marktwain.com) and Digicash of Amsterdam, The Netherlands (http://www.digicash.com).

The almost out-of-control nature of the Internet manifests itself on the World Wide Web. The author of a Web page does not need to get permis sion or make any arrangement with the authors of other Web pages

to which he or she wishes to establish links. Links may be established automatically simply by programming in the URLs of desired Web page links.

Conversely, the only way the author of a Web page can prevent other people from reading it or establishing hypertext links to it is to set up a password protection system (or by not having communications links to the rest of the Internet).

A problem with the World Wide Web is how to find things o n it. Just as anyone may hook a new computer

up to the Internet, so also there is no central authority with control or even knowledge of what is published where on the World Wide Web. No one needs to ask permission of a central authority to put up a Web

page.

Once a user knows the address (URL) of a Web page, or at least the URL of a Web page that links

eventually to the desired page, then it is possible (so long as communications links are available) to almost instantly hook up with this page.

Because of the value of knowing URLs, there now are many companies and academic institutions that offer searchable indexes (located on the Web) to the World Wide Web. Automated programs such as Web

crawlers search the Web and catalog the URLs they encounter as they travel from hypertext link to

hypertext link. But because the Web is constantly growing and changing, there is no way to create a

comprehensive catalog of the entire Web.

Email

Email is the second oldest use of the Internet, dating back to the ARPAnet of 1972. (The first use was to allow people to remotely log in to their choice of one of the four computers on which ARPAnet was

launched in 1971.)

There are two major uses of email: private communications, and broadcasted email. When broadcasted, ema il serves to make announcements (one-way broadcasting), and to carry on discussions among groups of

people such as our Happy Hacker list. In the group discussion mode, every message sent by every member

of the list is broadcasted to all other members.

The two most popular program types used to broadcast to email discussion groups are majordomo and

listserv.

Usenet

Usenet was a natural outgrowth of the broadcasted email group discussion list. One problem with email lists is that there was no easy way for people new to these groups to join them. Another problem is that as the group grows, a member may be deluged with dozens or hundreds of email messages each day.

In 1979 these problems were addressed by the launch of Usenet. Usenet consists of news groups which

carry on discussions in the form of "posts." Unlike an email discussion group, these posts are stored, typically for two weeks or so, awaiting potential readers. As new posts are submitted to a news group, they are broadcast to all Internet hosts that are subscribed to carry the news groups to which these posts

belong.

With many Internet connection programs you can see the similarities between Usenet and email. Both have similar headers, which track their movement across the Net. Some programs such as Pine are sent up to send the same message simultaneously to both email addresses and newsgroups. All Usenet news readers allow

you to email the authors of posts, and many also allow you to email these posts themselves to yourself or other people.

Now, here is a quick overview of the Internet basics we plan to cover in the next several issues of Guide to (mostly) Harmless Hacking:

1. Unix

We discuss “shells” which allow one to write programs (“scripts”) that automate complicated series of Unix commands. The reader is introduced to the concept of scripts which perform hacking functions. We

introduce Perl, which is a shell programming language used for the most elite of hacking scripts such as SATAN.

3. TCP/IP and UUCP

This chapter covers the c ommunications links that bind together the Internet from a hackers' perspective.

Extra attention is given to UUCP since it is so hackable.

4. Internet Addresses, Domain Names and Routers

The reader learns how information is sent to the right places on the Internet, and how hackers can make it go to the wrong places! How to look up UUCP hosts (which are not under the domain name system) is

included.

5. Fundamentals of Elite Hacking: Ports, Packets and File Permissions

This section lets the genie of s erious hacking out of the bottle. It offers a series of exercises in which the reader can enjoy gaining access to almost any randomly chosen Internet host. In fact, by the end of the chapter the reader will have had the chance to practice several dozen techniques for gaining entry to other peoples' computers. Yet these hacks we teach are 100% legal!

GUIDE TO (mostly) HARMLESS HACKING

Vol. 2 Number 2

Linux!

________________________________________

Unix has become the primo operating system of the Internet. In fact, Unix is the most widely used operating system in the world among computers with more power than PCs.

True, Windows NT is coming up fast as a common Internet operating system, and is sooo wonderfully

buggy that it looks like it could become the number one favorite to crack into. But today Unix in all its wonderful flavors still is the operating system to know in order to be a truly elite hacker.

So far we have assumed that you have been hacking using a shell account that you get through your

Internet Service Provider (ISP). A shell account allows you to give Unix commands on one of your ISP's

computers. But you don't need to depend on your ISP for a machine that lets you play with Unix. You can run Unix on your own computer and with a SLIP or PPP connection be directly connected to the Internet.

***********************

Newbie note: Serial Line Internet Protocol (SLIP) and Point-to-Point Protocol (PPP) connections give you a temporary Internet Protocol (IP) address that allows you to be hooked directly to the Internet. You have to use either SLIP or PPP connections to get to use a Web browser that gives you pictures instead on text

only. So if you can see pictures on the Web, you already have one of these available to you.

The advantage of using one of these direct connections for your hacking activities is that you will not leave behind a shell log file for your ISP's sysadmin to pore over. Even if you are not breaking the law, a shell log file that shows you doing lots of hacker stuph can be enough for some sysadmins to summarily close your account.

********************

What is the best kind of computer to run Unix on? Unless you are a wealthy hacker who thinks nothing of buying a Sun SPARC workstation, you'll probably do best with some sort of PC. There are almost countless variants of Unix that run on PCs, and a few for Macs. Most of them are free for download, or inexpensively available on CD-ROMs.

The three most common variations of Unix that run on PCs are Sun's Solaris, FreeBSD and Linux. Solaris

costs around $700. Enough said. FreeBSD is really, really good. But you con't find many manuals or

newsgroups that cover FreeBSD.

Linux, however, has the advantage of being available in many variants (so you can have fun mixing and

matching programs from different Linux offerings). Most importantly, Linux is supported by many manuals, news groups, mail lists and Web sites. If you have hacker friends in your area, most of them probably use Linux and can help you out.

************* ********

Historical note: Linux was created in 1991 by a group led by Linus Torvalds of the University of Helsinki.

Linux is copyrighted under the GNU General Public License. Under this agreement, Linux may be

redistributed to anyone along with the sourc e code. Anyone can sell any variant of Linux and modify it and repackage it. But even if someone modifies the source code he or she may not claim copyright for anything created from Linux. Anyone who sells a modified version of Linux must provide source code to the buyers and allow them to reuse it in their commercial products without charging licensing fees. This arrangement is known as a "copyleft."

Under this arrangement the original creators of Linux receive no licensing or shareware fees. Linus Torvalds and the many others who have contributed to Linux have done so from the joy of programming and a sense

of community with all of us who will hopefully use Linux in the spirit of good guy hacking. Viva Linux! Viva Torvalds!

**********************

Linux consists of the operating system itself (called the "kernel") plus a set of associated programs.

The kernel, like all types of Unix, is a multitasking, multi-user operating system. Although it uses a different file structure, and hence is not directly compatible with DOS and Windows, it is so flexible that many DOS

and Windows programs can be run while in Linux. So a power user will probably want to boot up in Linux

and then be able to run DOS and Windows programs from Linux.

Associated programs that come with most Linux distributions may include:

* a shell program (Bourne Again Shell -- BASH -- is most common);

* compilers for programming languages such as Fortran-77 (my favorite!), C, C++, Pascal, LISP, Modula-2, Ada, Basic (the best language for a beginner), and Smalltalk.;

* X (sometimes called X-windows), a graphical user interface

* utility programs such as the email reader Pine (my favorite) and Elm

Top ten reasons to install Linux on your PC:

1.When Linux is outlawed, only outlaws will own Linux.

2. When installing Linux, it is so much fun to run fdisk without backing up first.

3.The flames you get from asking questions on Linux newsgroups are of a higher quality than the flames

you get for posting to alt.sex.bestiality.

4.No matter what flavor of Linux you install, you'll find out tomorrow there was a far more 3l1te ersion you should have gotten instead.

5.People who use Free BSD or Solaris will not make fun of you. They will offer their sympathy instead.

6.At the next Def Con you'll be able to say stuph like "so then I su -ed to his account and grepped all his files for 'kissyface'." Oops, grepping other people's files is a no-no, forget I ever suggested it.

7.Port surf in privacy.

8.One word: exploits.

9.Installing Linux on your office PC is like being a postal worker and bringing an Uzi to work.

10.But - - if you install Linux on your office computer, you boss won't have a clue what that means.

What types of Linux work best? It depends on what you really want. Redhat Linux is famed for being the easiest to install. The Walnut Creek Linux 3.0 CD-ROM set is also really easy to install -- for Linux, that is!

My approach has been to get lots of Linux versions and mix and match the best from each distribution.

I like the Walnut Creek version best because with my brand X hardware, its autodetection feature was a life-saver.

INSTALLING LINUX is not for the faint of heart! Several tips for surviving installation are:

1) Although you in theory can run Linux on a 286 with 4 MB RAM and two floppy drives, it is *much*

easier with a 486 or above with 8 MB RAM, a CD-ROM, and at least 200 MB free hard disk space.

2) Know as much as possible about what type of mother board, modem, hard disk, CD-ROM, and video card

you have. If you have any documentation for these, have them on hand to reference during installation.

3) It works better to use hardware that is name-brand and somewhat out -of-date on your computer. Because Linux is freeware, it doesn't offer device drivers for all the latest hardware. And if your hardware is like mine -

- lots of Brand X and El Cheapo stuph, you can take a long time experimenting with what drivers will work.

4) Before beginning installation, back up your hard disk(s)! In theory you can install Linux without harming your DOS/Windows files. But we are all human, especially if following the advice of point 7).

5) Get more than one Linux distribution. The first time I successfully installed Linux, I finally hit on something that worked by using the boot disk from one distribution with the CD-ROM for another. In any case, each Linux distribution had different utility programs, operating system emulators, compilers and more.

Add them all to your system and you will be set up to become beyond elite.

6) Buy a book or two or three on Linux. I didn't like any of them! But they are better than nothing. Most books on Linux come with one or two CD-ROMs that can be used to install Linux. But I found that what was in the books did not exactly coincide with what was on the CD-ROMs.

7) I recommend drinking while installing. It may not make debugging go any faster, but at least you won't care how hard it is.

Now I can almost guarantee that even following all these 6 pieces of advice, you will still have problems installing Linux. Oh, do I have 7 advisories up there? Forget number 7. But be of good cheer. Since everyone else also suffers mightily when installing and using Linux, the Internet has an incredible wealth of resources for the Linux -challenged.

If you are allergic to getting flamed, you can start out with Linux support Web sites.

The best I have found is http://sunsite.unc.edu:/pub/Linux/. It includes the Linux Frequently Asked

Questions list (FAQ), available from

sunsite.unc.edu:/pub/Linux/docs/FAQ.

In the directory /pub/Linux/docs on sunsite.unc.edu you'll find a number of other documents about Linux, including the Linux INFO-SHEET and META-FAQ,

The Linux HOWTO archive is on the sunsite.unc.edu Web site at: /pub/Linux/docs/HOWTO. The directory

/pub/Linux/docs/LDP contains the current set of LDP manuals.

You can get ``Linux Installation and Getting Started'' from sunsite.unc.edu in /pub/Linux/docs/LDP/install-guide. The README file there describes how you can order a printed copy of the book of t he same name (about 180 pages).

Now if you don't mind getting flamed, you may want to post questions to the amazing number of Usenet

news groups that cover Linux. These include:

comp.os.linux.advocacy Benefits of Linux compared

comp.os.linux.development.system Linux kernels, device drivers

comp.os.linux.x Linux X Window System servers

comp.os.linux.development.apps Writing Linux applications

comp.os.linux.hardware Hardware compatibility

comp.os.linux.setup Linux installation

comp.os.linux.networking Networking and communications

comp.os.linux.answers FAQs, How-To's, READMEs, etc.

linux.redhat.misc

alt.os.linux Use comp.os.linux.* instead

alt.uu.comp.os.linux.questions Usenet University helps you

comp.os.linux.announce Announcements important to Linux

comp.os.linux.misc Linux-specific topics

Want your Linux free? Tobin Fricke has pointed out that "free copies of Linux CD-ROMs are available the Linux Support & CD Givaway web site at http://emile.math.ucsb.edu:8000/giveaway.html. This is a project where people donate Linux CD's that they don't need any more. The project was seeded by Linux Systems

Labs, who donated 800 Linux CDs initially! Please remember to donate your Linux CD's when you are done with them. If you live near a computer swap meet, Fry's, Microcenter, or other such place, look for Linux CD's there. They are usually under $20, which is an excellent investment. I personally like the Linux Developer's Resource by Infomagic, which is now up to a seven CD set, I believe, which includes all major Linux distributions (Slackware, Redhat, Debian, Linux for DEC Alpha to name a few)plus mirrors of

tsx11.mit.edu and sunsite.unc.edu/pub/linux plus much more. You should also visit the WONDERFUL linux page at

http://sunsite.unc.edu/linux, which has tons of informat