================================================================================================== = = = = WHC = = Basic Hacking = = = = = ================================================================================================= File Written on: 10:59 PM 7/3/98 File Written by: Swift File Version: 1.1 (See why at end of Document) E-Mail: tiger_lilys@pyramid.net URL: http//members.xoom.com/W_H_C/ WHC's Guide to Basic Hacking Now when I say basic, I mean basic. You are going to learn what letters are before you white one word. Well, Hmm lets see. Hacking, Well when someone says hacking they are referring to the Illegal entry into someone or some companies computer system. This can be done from inside, "Ex. Getting higher level clearance to look at classified documents" or breakings in from the outside like from the Internet into the system. If you are wondering, This is the Intro to a series of Tutorials and will go barley past Basic's. When you hack you must have a working knowledge of Computer systems, Security Protocols, Programs and Software, Logins/Passwords etc. The knowledge you know does not have to be extremely extensive, Just a basic or intermediate working knowledge will do. This tutorial series will not teach you all of these things, We will dip a little into some, But not many. Chapter 1 "Starting Point" "Well where do I start hacking from?" You ask. Well one of your best bets are Collages or Universities. Most of em' have Server's that you can dial up to and most of them have Internet access, Good huh? If you know someone that goes to a school where they hand out accounts to the people enrolled, Get his/her account information, "Phone #, Login, Password and any other information nessary" and get into the system. Or say you don't know anyone going to the school in your area and you know they have the service, Well this is what you do you Carrier Scan, Or WarDial in your LATA (Local Access Transport Area). This can be very dangerous, When you WarDial you can be tracked my new Software/hardware in place around you. When the phone companies introduced Caller ID and Call Back units they added new Switching Stations that can now track any calls that are made within your area. If you must WarDial to do this "Bounce" your call at least once. I would say for maximum protection "Bounce" your call three times so that you have enough time to disconnect of you think you are getting traced. If you connect yourself to a Server and do not have an L/P (Login/Password) you must try to get around this somehow. Try to get programs that can brute force the codes. IF you can't do that then you must try to Hack into the system. Try very first logins like: User, Admin, SU, SysOp etc. Sometimes these passwords are factory default and are not taken out when the system is brought on-line. We will get more into breaking security in latter tutorial. Sorry :-(. Chapter 2 "PSN'S" PSN (Packet Switching Networks) Do you know of one? If you don't, You are properly VERY new or beyond hope. The Internet is a PSN. Don't think so? Well here is a small lesson for you. The protocol used on the Internet (TCP/IP) used packets to transfer information back and forth. Also the ammount of other PSN's on the Internet and small Usenet operations are using TCP/IP. That code is for the moment the set standard in the world till newer technology takes over. Other PSN Networks are SprintNet(USA), DataPac(Canada) etc. They are the originals and have thousands of computers and other Networks hooked up to them. Your best bet is to start on SprintNet is you are in the USA and DataPac if you are in Canada, Other countries find your own, They are out there. The reason to start on these is that they run off the X protocols instead of the Internet witch runs off TCP/IP. Here is a brief, "Very brief" explanation on how PSN's work. Ok, You send data to the computer you dialed up to also called a LPAP (Local Public Access Port). The data gets bundled by PAD (Packet Assembler/Dissembler) usually in packs of 128 or 256 bytes. So all of your outgoing data gets bundled and then goes to it's destination by the way of the X protocols, Most of the time X.25 but it has help from other too. When your data reached its destination it gets Disassembled using the PAD again so that the system can understand the data. After is completes the processing it then send a response witch then goes through the PAD and goes back to your LPAP and gets dissembled so your computer can understand it. All of this happens at very high speeds and has lots of thins that can slow down the process like Bandwidth etc. On a PSN there are so meanly users it makes tracing and pinpointing a single offence practly impossible. This is good for you, Our little hacker at large, But you need to exercise a little caution, When you try to tap into certain resources the owner of those resources may log activities or whatever so watch out. Chapter 3 "HTTP, FTP" HTTP (HyperText Transfer Protocol) and FTP (File Transfer Protocol). These are the most used things on the Internet, They are the Internet what am I talking about. You also have CGI Scripts, JavaScript etc. Well lets first see what HTTP links to, It links to HTML (HyperText MarkUp Language) Documents witch are formatted text documents or WebPages. You gain access to these services via the Internet. HTTP links only to HTM, HTML documents for a reason. When you encounter something like "Error 404 File Not Found" The Protocol could not find the files that it has to link to first, "They are: Index.html, Main.html etc.". FTP works totally different, FTP is the File Transfer Protocol, It is used when you "Open" or "download" a file off a remote computer. Well thetas it for this little section. Chapter 4 "IP Addressing" IP, Yes as in "TCP/IP" IP (Internet Protocol), "I think, It's late. If this is wrong just E-mail me with the revision, ok?" Well, IP's are a set of numbers given to a computer when it's connected to the Internet. Think of it like your computer is a house, and the IP is your computers street address, and the data trying to find you is like you relatives driving up and down the street looking for you house. The IP number is so the Internet knows where to send all the little information back to and whom it's coming from. IP's for Internet users are given to you from the ISP (Internet Service Provider) that you use. IP's are also used by the HTTP and FTP protocols. Here is an example IP "152.15.134.1" here is a list of Class IP's Class A IP Address - 0 to 127 Class B IP Address - 128 to 191 Class C IP Address - 192 to 223 All early systems connected to the Internet where of Class A. But now days the most common are Class B and C IP numbers. If you want to Hack on the Internet you should scan IP address to try to connect to one. I really don't like doing this due to its time consuming but it might work and you could find one of the most interesting systems of your life. Chapter 5 "Domain Names" Domain Names are used just for convince more then anything. They are allot easier to remember then IP Adduces. Oh, Yes, Domain Names are for IP Addresses. Ok, A computer connected to the Internet get a IP number but when being used for web pages it is hard to remember those numbers so companies like InterNIC sell you Domain Names for you IP numbers so people can connect. Ok, Here is an example: 1.) Request to connect sent to "http://www.looser.org" 2.) Request transferred to "196.45.156.1:21" 3.) Request confirmed Need Login:" So you see the Domain transferred your request right to the IP address. That's because IP addresses are the remote computers address and cannot be taken over by letters and names. So it just gets transferred or bounced from the Domain name to the IP. In the example above .org was at the end of looser. That is the Top Level, The Top Level is .org, In Liquid.com, It's .com. Here are the top levels. com - Commercial Domains org - Non- Profit Origination Domains edu - Educational Domains net - Networks gov - Government Domains, "Non Military, Ex. NASA" mil - Non Classified Military Domains Along with Top Level Domain names there are Country Codes. For the US it's .us, For Canada its .ca. etc. .AR Argentina .AU Australia .BE Belgium .BR Brazil .CA Canada .CH Switzerland .CL Chile .DE Germany .DK Denmark .ES Spain .GR Greece .HK Hong Kong .IT Italy .MX Mexico .NL Netherlands .NO Norway .NZ New Zealand .SE Sweden .SG Singapore .TO Tonga .UK United Kingdom .US United States Chapter 6 "Disclaimer" By Downloading and reading this file you take full responsibility for any actions that may have been caused by reading this file. Also if you violate any State, Federal and/or Local laws by Download and Reading this file you take full responsibility. This file in it's original for is used as a reference to people new at Soft-Ice and has no relation to Cracking in anyway what so ever. Chapter 7 "Why Version 1.1?" Well that is an easy question. I received over 1000 e-mails because this document did not tell people how to hack all the way. Well this is the Pilot of a Tutorial Series, Do you understand what that means? It means that everything will be explained latter and in detail so no more e-mail regarding this document unless you have information or revision you wish to add to this document. Whets to come? The rest of this damn series!!!! Get information at http://members.xoom.com/W_H_C/