===== Phrack Magazine presents Phrack 15 ===== ===== File 1 of 8 : Phrack 15 Intro ===== 8/7/87 So, did you miss us? Yes, Phrack is back! Phrack Magazine's beloved founders, Taran King and Knight Lightning, have gone off to college, and the recent busts (summarized completely in this month's Phrack World News) have made it difficult to keep the magazine going. TK and KL have put the editorship of Phrack in the hands of Elric of Imrryr and Sir Francis Drake. SFD is primarily responsible for PWN. As of yet we have no 'Official Phrack BBS.' Due to various obstacles, the first issue under the new editorship is rather small. Fortunately, however, the overall quality of the files presented is among the highest ever. We've managed to keep references to Oryan QUEST down to as little as possible and we've resisted the temptation to include some second-rate files as "fillers." Naturally, we're still looking for excellent, unpublished phreak/hack/pyro/anarchy files to publish in Phrack XVI and beyond. If you have an article, we'd like to see it! Get in touch with SFD or Elric when your file is ready for submission. -- Shooting Shark Contributing Editor Note: For now you can contact Phrack Inc. at: Lunatic Labs: 415-278-7421 300/1200 (Sir Francis Drake or Elric of Imrryr) Free World: 301-668-7657 300/1200/2400/9600 (Disk Jockey) Phrack XV Table of Contents =========================== 15-1. Phrack XV Intro by Shooting Shark (2K) 15-2. More Stupid Unix Tricks by Shooting Shark (10K) 15-3. Making Free Local Payfone Calls by Killer Smurf (7K) 15-4. Advanced Carding XIV by The Disk Jockey (12K) 15-5. Gelled Flame Fuels by Elric of Imrryr (12K) 15-6. PWN I: The Scoop on Dan The Operator by KL (19K) 15-7. PWN II: The July Busts by Knight Lightning (21K) 15-8. PWN III: The Affidavit by SFD (6K) ===== Phrack Magazine presents Phrack 15 ===== ===== File 2 of 8 ===== I thought I had written everything there is to write about the Unix operating system until I was recently asked to put out yet another file... so I said "I'll try, but don't publish my file along with an article by The Radical Rocker this time!" These demands having been met, I booted up the PC and threw together... --- ---- ---- ------ ------ -- -- ---- ----- % Yet Even More Stupid Things to Do With Unix! $ --- ---- ---- ------ ------ -- -- ---- ----- By Shooting Shark. Submitted August 26, 1987 These two topics are methods of annoying other users of the system and generally being a pest. But would you want to see a file on *constructive* things to do with Unix? Didn't think so... -- ------- ----- --- --- ------ 1. Keeping Users Off The System -- ------- ----- --- --- ------ Now, we all know by now how to log users off (one way is to redirect an 'stty 0' command to their tty) but unless you have root privs, this will not work when a user has set 'mesg n' and prevented other users from writing to their terminal. But even users who have a 'mesg n' command in their .login (or .profile or .cshrc) file still have a window of vulnerability, the time between login and the locking of their terminal. I designed the following program, block.c, to take advantage of this fact. To get this source running on your favorite Unix system, upload it, call it 'block.c', and type the following at the % or $ prompt: cc -o block block.c once you've compiled it successfully, it is invoked like so: block username [&] The & is optional and recommended - it runs the program in the background, thus letting you do other things while it's at work. If the user specified is logged in at present, it immediately logs them out (if possible) and waits for them to log in. If they aren't logged in, it starts waiting for them. If the user is presently logged in but has their messages off, you'll have to wait until they've logged out to start the thing going. Block is essentially an endless loop : it keeps checking for the occurrence of the username in /etc/utmp. When it finds it, it immediately logs them out and continues. If for some reason the logout attempt fails, the program aborts. Normally this won't happen - the program is very quick when run unmodified. However, to get such performance, it runs in a very tight loop and will eat up a lot of CPU time. Notice that near the end of the program there is the line: /*sleep(SLEEP) */ the /* and */ are comment delimiters - right now the line is commented out. If you remove the comments and re-compile the program, it will then 'go to sleep' for the number of seconds defined in SLEEP (default is 5) at the end of every loop. This will save the system load but will slightly decrease the odds of catching the user during their 'window of vulnerability.' If you have a chance to run this program at a computer lab at a school or somewhere similar, run this program on a friend (or an enemy) and watch the reaction on their face when they repeatedly try to log in and are logged out before they can do *anything*. It is quite humorous. This program is also quite nasty and can make you a lot of enemies! caveat #1: note that if you run the program on yourself, you will be logged out, the program will continue to run (depending on the shell you're under) and you'll have locked yourself out of the system - so don't do this! caveat #2: I wrote this under OSx version 4.0, which is a licensed version of Unix which implements 4.3bsd and AT&T sysV. No guarantees that it will work on your system. caveat #3: If you run this program in background, don't forget to kill it when you're done with it! (when you invoke it with '&', the shell will give you a job number, such as '[2] 90125'. If you want to kill it later in the same login session, type 'kill %2'. If you log in later and want to kill it, type 'kill 90125'. Just read the man page on the kill command if you need any help... ----- cut here ----- /* block.c -- prevent a user from logging in * by Shooting Shark * usage : block username [&] * I suggest you run this in background. */ #include #include #include #include #include #define W_OK2 #define SLEEP5 #define UTMP"/etc/utmp" #define TTY_PRE "/dev/" main(ac,av) int ac; char *av[]; { int target, fp, open(); struct utmpuser; struct termio*opts; char buf[30], buf2[50]; if (ac != 2) { printf("usage : %s username\n",av[0]); exit(-1); } for (;;) { if ((fp = open(UTMP,0)) == -1) { printf("fatal error! cannot open %s.\n",UTMP); exit(-1); } while (read(fp, &user, sizeof user) > 0) { if (isprint(user.ut_name[0])) { if (!(strcmp(user.ut_name,av[1]))) { printf("%s is logging in...",user.ut_name); sprintf(buf,"%s%s",TTY_PRE,user.ut_line); printf("%s\n",buf); if (access(buf,W_OK) == -1) { printf("failed - program aborting.\n"); exit(-1); } else { if ((target = open(buf,O_WRONLY)) != EOF) { sprintf(buf2,"stty 0 > %s",buf); system(buf2); printf("killed.\n"); sleep(10); } } /* else */ } /* if strcmp */ } /* if isprint */ } /* while */ close(fp); /*sleep(SLEEP); */ } /* for */ } ----- cut here ----- -- ------------- ----- ----- ---- ------ --- ------ 2. Impersonating other users with 'write' and 'talk' -- ------------- ----- ----- ---- ------ --- ------ This next trick wasn't exactly a work of stupefying genius, but is a little trick (that anybody can do) that I sometimes use to amuse myself and, as with the above, annoy the hell out of my friends and enemies. Nearly every Unix system has the 'write' program, for conversing with other logged-in users. As a quick summary: If you see that user 'clara' is logged in with the 'who' or 'w' command or whatever, and you wish to talk to her for some reason or another, you'd type 'write clara'. Clara then would see on her screen something like this (given that you are username 'shark'): [3 ^G's] Message from shark on ttyi13 at 23:14 ... You then type away at her, and whatever you type is sent to her terminal line-by-line. If she wanted to make it a conversation rather than a monologue, she'd type 'write shark,' you'd get a message similar to the above on your terminal, and the two of you would type away at each other to your little heart's content. If either one of you wanted to end the conversation, you would type a ^D. They would then see the characters 'EOF' on their screen, but they'd still be 'write'ing to you until they typed a ^D as well. Now, if you're on a bigger installation you'll probably have some sort of full-screen windowing chat program like 'talk'. My version of talk sends the following message: Message from Talk_Daemon@tibsys at 23:14 ... talk: connection requested by shark@tibsys. talk: respond with: talk shark@tibsys Anyway, here's where the fun part begins: It's quite easy to put a sample 'write' or 'talk' message into a file and then edit so that the 'from' is a different person, and the tty is listed differently. If you see that your dorky friend roger is on ttyi10 and the root also happens to be logged on on ttyi01, make the file look something like this: [3 control-G's] Message from root on ttyi01 at [the current time] wackawackawackawackawacka!!! [or a similarly confusing or rude message...] EOF Then, send this file to roger's terminal with: cat filename > /dev/ttyi10 He'll get the message on his terminal and wonder what the hell the superuser is talking about. He might even 'write' back to the superuser with the intent of asking 'what the hell are you talking about?'. For maximum effectiveness, *simultaneously* send a message to root 'from' roger at the appropriate terminal with an equally strange message - they'll then engage in a conversation that will go something like "what did you mean by that?" "what do you mean, what do I mean? What did *you* mean by that?" etc. A splendid time is guaranteed for all! Note that you don't have to make 'root' the perpetrator of the gag, any two currently logged-in users who have their terminals open for messages can join in on the fun. Similarly, you can fake a few 'talk' pages from/to two people...they will then probably start talking...although the conversation will be along the lines of "what do you want?" "you tell me." "you paged me, you tell *me." etcetera, while you laugh yourself silly or something like that. A variation on the theme: As I said, when using 'write' you type a ^D to end the conversation, and the person you're typing at sees an 'EOF' on their screen. But you could also just *type* 'EOF', and they'd think you've quit...but you still have an open line to their terminal. Even if they later turn messages off, you still have the ability to write to their terminal. Keeping this fact in mind, anybody who knows what they're doing can write a program similar to my 'block' program above that doesn't log a user out when they appear on the system, but opens their tty as a device and keeps the file handle in memory so you can redirect to their terminal - to write rude messages or to log them out or whatever - at any time, until they log out. As I said, there was no great amount of genius in the above discourse, but it's a pastime I enjoy occasionally... -- Shooting Shark "the first fact to face is that unix was not developed with security, in any realistic sense, in mind..." -- Dennis M. Ritchie "Oryan QUEST couldn't hack his way out of a UNIX system, let alone into one." -- Tharrys Ridenow ===== Phrack Magazine presents Phrack 15 ===== ===== File 3 of 8 ===== *-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-* * * * How to "Steal" Local Calls from Most Payphones * * * * August 25, 1987 * * * * By Killer Smurf and Pax Daronicus * * * *-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-*-+-* Most of you have seen WarGames, right? Remember the part where David was stranded in Colorado and needed to call his girlfriend in Seattle? We knew you did. If you didn't, what David done was unscrew the mouthpiece on the payphone and make some connection between the mouthpiece and the phone. Well... that was pretty close to reality except for two things... 1> Nowadays, mouthpieces are un-unscrewable, and 2> You cannot make long distance or toll calls using that method. Maybe that DID work on older phones, but you know Ma Bell. She always has a damn cure for every thing us Phreaks do. She glued on the mouthpiece! Now to make free local calls, you need a finishing nail. We highly recommend "6D E.G. FINISH C/H, 2 INCH" nails. These are about 3/32 of an inch in diameter and 2 inches long (of course). You also need a large size paper clip. By large we mean they are about 2 inches long (FOLDED). Then you unfold the paper clip. Unfold it by taking each piece and moving it out 90 degrees. When it is done it should look somewhat like this: /----------\ : : : : : : : : \----- Now, on to the neat stuff. What you do, instead of unscrewing the glued-on mouthpiece, is insert the nail into the center hole of the mouthpiece (where you talk) and push it in with pressure or just hammer it in by hitting the nail on something. Just DON'T KILL THE MOUTHPIECE! You could damage it if you insert the nail too far or at some weird angle. If this happens then the other party won't be able to hear what you say. You now have a hole in the mouthpiece in which you can easily insert the paper clip. So, take out the nail and put in the paper clip. Then take the other end of the paper clip and shove it under the rubber cord protector at the bottom of the handset (you know, the blue guy...). This should end up looking remotely like...like this: /----------\ Mouthpiece : : / Paper clip --> : : / : /---:---\ : : : :------------> ====================\---))): : To earpiece -> ^ ^ \--------------------> : : : : Cord Blue guy (The paper clip is shoved under the blue guy to make a good connection between the inside of the mouthpiece and the metal cord.) Now, dial the number of a local number you wish to call, sayyyy, MCI. If everything goes okay, it should ring and not answer with the "The Call You Have Made Requires a 20 Cent Deposit" recording. After the other end answers the phone, remove the paper clip. It's all that simple, see? There are a couple problems, however. One is, as we mentioned earlier, the mouthpiece not working after you punch it. If this happens to you, simply move on to the next payphone. The one you are now on is lost. Another problem is that the touch tones won't work when the paper clip is in the mouthpiece. There are two ways around this.. A> Dial the first 6 numbers. This should be done without the paper clip making the connection, i.e., one side should not be connected. Then connect the paper clip, hold down the last digit, and slowly pull the paper clip out at the mouthpiece's end. B> Don't use the paper clip at all. Keep the nail in after you punch it. Dial the first 6 digits. Before dialing the last digit, touch the nail head to the plate on the main body of the phone, the money safe thingy..then press the last number. The reason that this method is sometimes called clear boxing is because there is another type of phone which lets you actually make the call and listen to them say "Hello, hello?" but it cuts off the mouthpiece so they can't hear you. The Clear Box is used on that to amplify your voice signals and send it through the earpiece. If you see how this is even slightly similar to the method we just described up there, kindly explain it to US!! Cause WE don't GET IT! Anyways, this DOES work on almost all single slot, Dial Tone First payphones (Pacific Bell for sure). We do it all the time. This is the least, WE STRESS *LEAST*, risky form of Phreaking. And remember. There are other Phreaks like you out there who have read this article and punch payphones, so look before you punch, and save time. If you feel the insane desire to have to contact us to bitch at us for some really stupid mistake in this article, you can reach us at Lunatic Labs Unltd...415/278-7421. It should be up for quite a while.. Also, if you think of any new ideas that can be used in conjunction with this method, such as calling a wrong number on purpose and demanding your quarter back from the 0perator, tell us!! Post it on Looney!! Oh, and if this only works on Pac Bell phones, tell us also! Thanks for your time, upload this to every board you can find. You may use this material in any publication - electronic, written, or otherwise without consent of the authors as long as it is reproduced in whole, with all credit to the authors (us!) and Lunatic Labs. And now, the Bullshit: _________________________________________________________________________ DISCLAIMER: This disclaimer disclaims that this article was written for your information only. Any injuries resulting from this file (punctured hands, sex organs, etc.) is NOT OUR FAULT! And of course if you get really stupidly busted in any way because of this, it ain't our fault either. You're the dumb ass with the nail. So, proceed with care, but... HELL! Have fun. Later... _________________________________________________________________________ DINC! ===== Phrack Magazine presents Phrack 15 ===== ===== File 4 of 8 ===== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~ The Disk Jockey ~ ~ ~ ~ presents: ~ ~ ~ ~ Advanced Carding XIV: ~ ~ Clarification of Many Credit Card Misconceptions ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (A 2af Presentation) Preface: ------- After reading files that have been put out by various groups and individuals concerning carding, credit fraud, and the credit system in general, I am finding more and more that people are basing these files on ideas, rather than knowing how the system actually works. In this article I hope to enlighten you on some of the grey areas that I find most people either do not clarify, or don't know what they are talking about. I can safely say that this will be the most accurate file available dealing with credit fraud. I have worked for and against credit companies, and know how they work from the insiders point of view, and I have yet to meet someone in the modem world that knows it better. This file is dedicated to all the phreaks/hacks that were busted for various reasons in the summer of 1987. Obtaining Cards: --------------- Despite popular belief, there IS a formula for Visa and Mastercard numbers. All credit card account numbers are issued by on issuing company, in this case, Visa or Mastercard. Although the banks are not aware of any type of pattern to the account numbers, there IS one that can be found. I plan to publish programs in the near future that will use the various formulas for Visa, Mastercard and American Express to create valid accounts. Accounts: -------- All that is needed to successfully use a Visa/MC account is the account number itself. I don't know how many times I have gotten into arguments with people over this, but this is the way it is. I'll expand on this. First of all, on all Visa/MC cards, the name means NOTHING. NOTHING AT ALL. You do not need this name and address of the cardholder to successfully use the account, at no time during authorization is the name ever needed, and with over 50,000 banks, credit unions, and various other financial institutions issuing credit cards, and only 5 major credit verification services, it is impossible to keep personal data on each cardholder. Ordering something and having it sent with the real cardholder's name is only going to make things more difficult, at best. There is no way that you can tell if the card is a normal card, or a premium (gold) card merely by looking at the account number. The only thing that can be told by the account number is the bank that issued the card, but this again, is not needed. The expiration date means nothing. Don't believe me? Call up an authorization number and check a card and substitute 12/94, and if the account number is good, the card will pass. The expiration date is only a binary-type check to see if the card is good, (Yes/No), it is NOT a checksum-type check code that has to be matched up to the card account to be valid. Carding Stupid Things: --------------------- Whenever anyone, ANYONE tries to card something for the first time, they ALWAYS want to get something for their computer. This is nice and all, but just think that every person that has ever tried to card has tried to get a hard drive and a new modem. Everyone does it, thus every single computer company out there is aware and watching for that. If I could give every single person who ever tries to card one piece of advice, it would be to NEVER order computer equipment. I know there are a hundred guys that will argue with me about it, but common sense should tell you that the merchants are going to go out of there way to check these cards. Merchant Checking: ----------------- Since I brought up merchants checking the cards, I will review the two basic ways that almost all mail-order merchants use. Keep these in mind when designing your name, address and phone number for your drop. The Directory Assistance Cross-Reference: ---------------------------------------- This method is most popular because it is cheap, yet effective. You can usually tell these types of checks because during the actual order, you are asked questions such as "What is your HOME telephone number" and your billing address. Once they have this information, they can call directory assistance for your area code, say 312, and ask "May I have the phone number for a Larry Jerutis at 342 Stonegate Drive?" Of course, the operator should give a number that matches up with the one that you gave them as your home number. If it doesn't, the merchant knows that something is up. Even if it is an unlisted number, the operator will say that there is a Jerutis at that address, but the telephone number is non-published, which is enough to satisfy the merchant. If a problem is encountered, the order goes to a special pile that is actually called and the merchant will talk to the customer directly. Many merchants have policy to not ship at all if the customer can not provide a home phone number that corresponds with the address. The Call Back: ------------- This deals with the merchant calling you back to verify the order. This does not imply, however, that you can stand by a payphone and wait for them to call back. Waiting by a payphone is one of the stupidest things I have ever heard of, being that few, if any, places other than the pizza place will call back immediately like that. What most places will do is process your order, etc, and then call you, sometimes it's the next day, sometimes that night. It is too difficult to predict when they will call back, but if they don't get a hold of you, or only get a busy, or an answering machine, they won't send the merchandise until they speak with you voice. This method is difficult to defeat, but fortunately, due to the high cost of phone bills, the directory assistance method is preferred. Billing Address: --------------- This should ALWAYS be the address that you are having the stuff sent to. One of the most stupidest things that you could do to botch up a carding job would be to say something like "Well, I don't want it sent to my house, I want it sent to....", or "Well, this is my wife's card, and her name is....". These methods may work, but for the most part, only rouse suspicion on you. If the order sounds pretty straightforward, and there isn't any unusual situations, it will better the chances of the order going through. Drop Houses: ----------- These are getting harder and harder to come by for the reasons that people are more careful then before, and that UPS is smarter, also. Your best bet is to hit somebody that just moved, and I mean JUST moved, being that UPS will not know that there is nobody at the house anymore if it is within, say, a week of their moving. It's getting to the point where in some areas, UPS won't even leave the stuff on the doorstep, due to liability on their part of doing that. The old "Leave the stuff in the shrubs while I am at work" note won't work, most people are smart enough to know that something is odd, and will more than likely leave the packages with the neighbors before they shove that hard drive in the bushes. Many places, such as Cincinnati Microwave (maker of the Escort and Passport radar detectors) require a signature when the package is dropped off, making it that much harder. Best Bet: -------- Here is the method that I use that seems to work well, despite it being a little harder to match up names and phone numbers. Go to an apartment building and go to the top floor. The trashier the place, the better. Knock on the door and ask if "Bill" is there. Of course, or at least hopefully, there will be no Bill at that address. Look surprised, then say "Well, my friend Bill gave me this address as being his." The occupants will again say "Sorry, but there is no Bill here...". Then, say that "I just moved here to go to school, and I had my parents sent me a bunch of stuff for school here, thinking that this was Bill's place." They almost always say "Oh Boy...". Then respond with "Well, if something comes, could you hold on to it for me, and I will come by in a week and see if anything came?" They will always say something to the effect of "Sure, I guess we could do that...". Thank them a million times for helping you out, then leave. A few days after your stuff comes, drop by and say, "Hi, I'm Jim, did anything come for me?". If everything was cool, it should have. The best thing to do with this is only order one or two small things, rather than an AT system with an extra monitor. People feel more comfortable about signing for something small for someone, rather than something big, being that most people naturally think that the bigger it is, the more expensive it is. This is the best method that I know of, the apartment occupants will usually sign for the stuff, and be more than happy to help you out. Advice: ------ The thing that I can never stress enough is to not become greedy. Sure, the first shipment may come in so easy, so risk-free that you feel as if you can do it forever. Well, you can't. Eventually, if you do it frequently enough, you will become the subject of a major investigation by the local authorities if this becomes a real habit. Despite anything that anyone ever tells you about the police being "stupid and ignorant", you better reconsider. The police force is a VERY efficient organization once they have an idea as to who is committing these crimes. They have the time and the money to catch you. Don't do it with friends. Don't even TELL friends that you are doing it. This is the most stupid, dangerous thing that you could do. First of all, I don't care how good of friends anyone may be, but if a time came that you hated each other, this incident could be very bad for you. What could be even worse is a most common scenario: You and a friend get a bunch of stuff, very successfully. You tell a few friends at school, either you or him have to tell only one person and it gets all over. Anyways, there is ALWAYS some type of informant in every high-school. Be it a teacher, son or daughter of a cop, or whatever, there is always a leak in every high school. The police decide to investigate, and find that it is becoming common knowledge that you and/or your friend have ways of getting stuff for "free" via the computer. Upon investigation, they call in your friend, and tell him that they have enough evidence to put out a warrant for his arrest, and that they might be able to make a deal with him. If he gives a complete confession, and be willing to testify against your in court, they will let him off with only paying the restitution (paying for the stuff you got). Of course, just about anyone is going to think about themselves, which is understandable, and you will get the raw end of the deal. Don't let anyone ever tell you that as a minor, you won't get in any trouble, because you can and will. If you are really uncooperative, they may have you tried as an adult, which would really put you up the creek, and even as a juvenile, you are eligible to receive probation, fines, court costs, and just about anything else the judge wants to do with you. All this boils down to is to not tell anyone anything, and try not to do it with anyone. Well, that should about wrap up this file. I hope this clears up some misconceptions about carding. I am on many boards, and am always open to any comments/suggestions/threats that anyone might have. I can always be reached on The Free World II (301-668-7657) or Lunatic Labs (415-278-7421). Good luck. -The Disk Jockey ===== Phrack Magazine presents Phrack 15 ===== ===== File 5 of 8 ===== GELLED FLAME FUELS ------------------ A text phile typed by Elric of Imrryr from the book: Improvised Munitions Handbook (TM 31-210), published by the Dept of the Army, 1969. All information is provided only for information purposes only. Construction and/or use may violate local, state, and/or federal laws. (Unless your name is Ollie North) Gelled or paste type fuels are often preferable to raw gasoline for use in incendiary devices such as fire bottles. This type fuel adheres more readily to the target and produces greater heat concentration. Several methods are shown for gelling gasoline using commonly available materials. The methods are divided into the following categories based on the major ingredient: 1. Lye Systems 2. Lye-Alcohol Systems 3. Soap-Alcohol Systems 4. Egg White Systems 6. Wax Systems Lye Systems Lye (also know as caustic soda or Sodium Hydroxide) can be used in combination with powdered rosin or castor oil to gel gasoline for use as a flame fuel which will adhere to target surfaces. MATERIALS REQUIRED: ------------------ Parts by Volume Ingredient How Used Common Source --------------- ---------- -------- ------------- 60 Gasoline Motor Fuel Gas station or motor vehicle 2 (flake) or Lye Drain cleaner, Food store or Drug store 1 (powder) making of soap 15 Rosin Manufacturing Paint store, chemical supply Paint & Varnish house or Castor Oil Medicine Food and Drug stores PROCEDURE --------- ______________________________________________________________________________ |CAUTION: Make sure that there are no open flames in the area when mixing | |the flame fuel. NO SMOKING! | |----------------------------------------------------------------------------| 1. Pour gasoline into jar, bottle or other container. (DO NOT USE AN ALUMINUM CONTAINER.) 2. IF rosin is in cake form, crush into small pieces. 3. Add rosin or castor oil to the gasoline and stir for about five minutes to mix thoroughly. 4. In a second container (NOT ALUMINUM) add lye to an equal volume of water slowly with stirring. ______________________________________________________________________________ |CAUTION: Lye solution can burn skin and destroy clothing. If any is | |spilled, wash away immediately with large quantities of water. | |----------------------------------------------------------------------------| 5. Add lye solution to the gasoline mix and stir until mixture thickens (about one minute). NOTE: The sample will eventually thicken to a very firm paste. This can be thinned, if desired, by stirring in additional gasoline. Lye-Alcohol Systems Lye (also know as caustic soda or Sodium Hydroxide) can be used in combination with alcohol and any of several fats to gel gasoline for use as a flame fuel. MATERIALS REQUIRED: ------------------ Parts by Volume Ingredient How Used Common Source --------------- ---------- -------- ------------- 60 Gasoline Motor Fuel Gas station or motor vehicle 2 (flake) or Lye Drain cleaner, Food store or Drug store 1 (powder) making of soap 3 Ethyl Alcohol Whiskey Liquor store Medicine Drug store NOTE: Methyl (wood) alcohol or isopropyl (rubbing) alcohol can be substituted for ethyl alcohol, but their use produces softer gels. 14 Tallow Food Fats rendered by cooking the Making of soap meat or suet of animals. NOTE: The following can be substituted for the tallow: (a) Wool grease (Lanolin) (very good) -- Fat extracted from sheep wool (b) Castor Oil (good) (c) Any vegetable oil (corn, cottonseed, peanut, linseed, etc.) (d) Any fish oil (e) Butter or oleo margarine It is necessary when using substitutes (c) to (e) to double the given amount of fat and of lye for satisfactory body. PROCEDURE --------- ______________________________________________________________________________ |CAUTION: Make sure that there are no open flames in the area when mixing | |the flame fuel. NO SMOKING! | |----------------------------------------------------------------------------| 1. Pour gasoline into jar, bottle or other container. (DO NOT USE AN ALUMINUM CONTAINER.) 2. Add tallow (or substitute) to the gasoline and stir for about 1/2 minute to dissolve fat. 3. Add alcohol to the gasoline mixture. Mix thoroughly. 4. In a separate container (NOT ALUMINUM) slowly add lye to an equal volume of water. Mixture should be stirred constantly while adding lye. ______________________________________________________________________________ |CAUTION: Lye solution can burn skin and destroy clothing. If any is | |spilled, wash away immediately with large quantities of water. | |----------------------------------------------------------------------------| 5. Add lye solution to the gasoline mixture and stir occasionally until thickened (about 1/2 hour) NOTE: The sample will eventually (1 to 2 days) thicken to a very firm paste. This can be thinned, if desired, by stirring in additional gasoline. Soap-Alcohol System Common household soap can be used in combination with alcohol to gel gasoline for use as a flame fuel which will adhere to target surfaces. MATERIALS REQUIRED: ------------------ Parts by Volume Ingredient How Used Common Source --------------- ---------- -------- ------------- 36 Gasoline Motor Fuel Gas station or motor vehicle 1 Ethyl Alcohol Whiskey Liquor store Medicine Drug store NOTE: Methyl (wood) alcohol or isopropyl (rubbing) alcohol can be substituted for ethyl alcohol. 20 (powdered) or Laundry soap Washing clothes Stores 28 (flake) NOTE: Unless the word "soap" actually appears somewhere on the container or wrapper, a washing compound is probably a detergent. THESE CAN NOT BE USED. PROCEDURE --------- ______________________________________________________________________________ |CAUTION: Make sure that there are no open flames in the area when mixing | |the flame fuel. NO SMOKING! | |----------------------------------------------------------------------------| 1. If bar soap is used, carve into thin flakes using a knife. 2. Pour Alcohol and gasoline into a jar, bottle or other container and mix thoroughly. 3. Add soap powder or flakes to gasoline-alcohol mix and stir occasionally until thickened (about 15 minutes). Egg System The white of any bird egg can be used to gel gasoline for use as a flame fuel. MATERIALS REQUIRED: ------------------ Parts by Volume Ingredient How Used Common Source --------------- ---------- -------- ------------- 85 Gasoline Motor Fuel Gas station or motor vehicle 14 Egg Whites Food Food store, farms Any one of the following 1 Table Salt Food, industrial Sea Water, Natural brine, processes Food stores 3 Ground Coffee Food Food store 3 Dried Tea Food Food store Leaves 3 Cocoa Food Food store 2 Sugar Food Food store 1 Saltpeter Pyrotechnics Drug store (Niter) Explosives chemical supply store (Potassium Matches Nitrate) Medicine 1 Epsom salts Medicine Drug store, food store industrial processes 2 Washing soda Washing cleaner Food store (Sal soda) Medicine Drug store Photography Photo supply store 1 1/2 Baking soda Baking Food store Manufacturing: Drug store Beverages, Mineral waters, and Medicine 1 1/2 Aspirin Medicine Drug store Food store PROCEDURE --------- ______________________________________________________________________________ |CAUTION: Make sure that there are no open flames in the area when mixing | |the flame fuel. NO SMOKING! | |----------------------------------------------------------------------------| 1. Separate egg white from yolk. This can be done by breaking the egg into a dish and carefully removing the yolk with a spoon. ______________________________________________________________________________ |NOTE: DO NOT GET THE YELLOW EGG YOLK MIXED INTO THE EGG WHITE. If egg yolk| |gets into the egg white, discard the egg. | |----------------------------------------------------------------------------| 2. Pour egg white into a jar, bottle, or other container and add gasoline. 3. Add the salt (or other additive) to the mixture and stir occasionally until gel forms (about 5 to 10 minutes). NOTE: A thicker flame fuel can be obtained by putting the capped jar in hot (65 C) water for about 1/2 hour and then letting them cool to room temperature. (DO NOT HEAT THE GELLED FUEL CONTAINING COFFEE). Wax System Any of several common waxes can be used to gel gasoline for use as a flame fuel. MATERIALS REQUIRED: ------------------ Parts by Volume Ingredient How Used Common Source --------------- ---------- -------- ------------- 80 Gasoline Motor Fuel Gas station or motor vehicle 20 Wax Leather polish, Food store, drug store, (Ozocerite, sealing wax, department store Mineral wax, candles, fossil wax, waxed paper, ceresin wax furniture & beeswax) floor waxes, lithographing. PROCEDURE --------- 1. Melt the wax and pour into jar or bottle which has been placed in a hot water bath. 2. Add gasoline to the bottle. 3. When wax has completely dissolved in the gasoline, allow the water bath to cool slowly to room temperature. NOTE: If a gel does not form, add additional wax (up to 40% by volume) and repeat the above steps. If no gel forms with 40% wax, make a Lye solution by dissolving a small amount of Lye (Sodium Hydroxide) in an equal amount of water. Add this solution (1/2% by volume) to the gasoline wax mix and shake bottle until a gel forms. Well, that's it, I omitted a few things because they where either redundant, or more aimed toward battle field conditions. Be careful, don't get caught, and have fun... Elric of Imrryr PWN ^*^ PWN ^*^ PWN { Final Issue } PWN ^*^ PWN ^*^ PWN ^*^ ^*^ PWN Phrack World News PWN ^*^ Issue XV: Part One ^*^ PWN PWN ^*^ Created, Written, and Edited ^*^ PWN by Knight Lightning PWN ^*^ ^*^ PWN ^*^ PWN ^*^ PWN { Final Issue } PWN ^*^ PWN ^*^ PWN Welcome to my final issue of Phrack World News. Many people are wondering why I am giving it up. There are several reasons, but the most important is that I will be going to college and will have little (if any) time for the phreak/hack world or PWN. I doubt I will even be calling any bulletin boards, but I may make an occasional call to a few of my friends in the community. The Phrack Inc. VMS is no longer in service and messages will not be received there by anyone. Phrack Inc. is now in the hands of Sir Francis Drake, Elric Of Imrryr, and Shooting Shark. :Knight Lightning ______________________________________________________________________________ Dan The Operator; Informant July 27, 1986 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ I'm going to assume that all of you have read PWN 14/2 and the details surrounding SummerCon '87. This article will feature information collected from our investigation and quotes from the Noah Tape. The tape actually has two parts. The front side has part of an Alliance Teleconference in which Noah attempted to gather information by engineering hackers. Side B contains 45 minutes of a conversation between Noah and John Maxfield of BoardScan, in which Noah tried to engineer Maxfield into giving him information on certain hackers by trading him information on other hackers. All of this has been going on for a long time although we are unsure as to how long and Noah was not exactly an informant for Maxfield, it was the FBI. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Part One: Noah Engineers his "friends" The Alliance teleconference recording has about 7 people on it, but the only people I recognized were Dan The Operator, Il Duce (Fiber Optic), Johnny Rotten, and The Ninja. The topics discussed (mostly by Noah) included; Bill From RNOC / Catch-22 / Doom Prophet / Force Hackers / John Maxfield Karl Marx / Legion of Doom / Lord Rebel / Neba / Phantom Phreaker Phucked Agent 04 / Silver Spy / SummerCon '87 / The Rebel / The Videosmith Here is a look at some of the conversation; [Il Duce=Mark] ------------------------------------------------------------------------------ Noah: SILVER SPY, you know him? Mark: Yeah, what about him? Noah: Yeah, Paul. [This was done to make it look like Noah knew him and was his buddy.-KL] ------------------------------------------------------------------------------ Noah: Anyway, is LORD REBEL part of LOD? Mark: He's not really. Noah: I didn't think so. Mark: Well, he is, he is sort of. Noah: Ah, well what does he know. Mark: Not much. Noah: Why do they care about him, he's just a pirate. [Look at this dork! First he tries to act like he knows everything and then when he realizes he screwed up, he tries to insult LORD REBEL's abilities.-KL] ------------------------------------------------------------------------------ Noah: Who else is part of LOD that I missed? Mark: I don't know who you would have heard of. Noah: I've pretty much heard of everyone, I just can't think of anyone else. [Yeah Noah, you are a regular best friend with everyone in LOD.-KL] ------------------------------------------------------------------------------ Noah: Want to give out LORD REBEL's number? Mark: Everybody knows it already. Noah: What is it? Mark: Which one? Noah: Both, all. Mark: Want do you want to know for, don't you have it? Noah: Never bothered getting them. What do you got? Mark! Mark: Yeah. Noah: Do you have his number? Mark: Yeah. Noah: Well, what is it!? Mark: Why should I say? Noah: I dunno, you say everyone's got it. Mark: Yeah, so. Noah: So if everyone has it, you might as well give it to everybody. Mark: Not really, I wouldn't want to be the one to tell him that I gave out his number. Noah: Ok Mark, fine, it's no problem for me to get anyone's number. I got VIDEOSMITH's and SILVER SPY's, no problem. [Yeah right, see the other conversation with John Maxfield.-KL] ------------------------------------------------------------------------------ Noah: CATCH-22 is supposed to be the most elite BBS in the United States. What do you think about that Mark? Mark: What? Noah: What do you think about that Mark? Mark: About what? Noah: About CATCH-22. Mark: What about it? Noah: (pause) Well. Mark: Its not the greatest board because it's not really that active. Noah: Right, but what do you think about it? Alright, first off here, first off, first off, do you have KARL MARX's number? Mark: What? Noah: I doubt you have KARL MARX's phone number. Mark: Ask me if I really care. Noah: I'm just wondering if YOU DO. Mark: It's one thing to have all these people's numbers, it's another if you are welcome to call them. Noah: Yeah (pause), well are you? Mark: Why should I say? Noah: I dunno, I dunno. I'm probably going to ask him anyways. [I don't think my ragging is even necessary in this excerpt.-KL] ------------------------------------------------------------------------------ Noah: Here is what MAXFIELD says, "You got the hackers, and then you got the people who want to make money off the hackers." Information shouldn't be free, you should find out things on your own. [Give me a break Noah, you are the BIGGEST leach I have ever seen -KL] ------------------------------------------------------------------------------ One final note to make about the Alliance conversations is that halfway through, IL DUCE and DAN THE OPERATOR gave out BILL FROM RNOC's full name, phone number, address, etc. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Part Two: Noah Engineers John Maxfield The list of topics discussed in this conversation is much longer; Arthur Dent / Ben Casey / Big Brother / Bill From RNOC / BoardScan Captain Crunch / Celtic Phrost / Cheshire Catalyst / Doc Holiday / Easywriter Genghis Khan / Jenny Jaguar / Jester Sluggo / Karl Marx / Kerrang Khan Kloey Detect / Max Files / Noah Espert / Legion Of Doom / Legion of Hackers Lord Digital / Lord Rebel / Mark Tabas / Oryan QUEST / Phucked Agent 04 Phrack Inc. / Pirate's Hangout / Septic Tank / Sigmund Fraud / The Disk Jockey The Executioner / The Federation / The *414* Wizard / The Hobbit The Marauder The Safecracker / The Telecom Security Group / The Videosmith The Weasel / Tommy Hawk / Torture Chamber / Twilight Zone / Tuc Violet Boregard / Zepplin The following are the highlights of the conversation between DAN THE OPERATOR and JOHN MAXFIELD. [John Maxfield = John] ------------------------------------------------------------------------------ Noah: Did you ever find VIDEOSMITH's number? John: No, matter of fact. You know what it is, I've been on boards he's been on in the 215 NPA [possibly Atlantis], but well. Noah: But you don't have his number? John: Should I? Noah: He's fairly big, he knows his stuff. I would think he'd be worth getting a number for. John: Doesn't do anything for me because you know, just having his number doesn't get him in trouble or anything. Noah: Oh, well I don't want him to get in trouble...he's a nice person. So do you have LORD REBEL's phone number? John: What do you know about him? Noah: I think he's up in New York. John: 914? Noah: Possibly 718, 212, possibly even 201. [Excuse me you dork. The 201 NPA is in the state of New Jersey not New York. What a loser Noah is. -KL] John: If you don't have a number on him I'll have to do an alphabetical search for him. It takes a while. Noah: Well we could talk while it's going. I think you're pretty interesting, you're not boring like I am. John: Well you're not boring to me as long as I keep getting people's phone numbers. Bahahahahahahahahah Har har har. Noah: (Pause)(Pause)(Pause) Bahahahahahahaha. Sheesh. John: Well let's see what it finds, there's a lot of Lords in there. Noah: He's part of LOD. John: Oh he's part of LOD!? Noah: Yeah. John: Well I might have him and I might not [What a profound statement -KL]. Noah: He's not very active in LOD. [The search for LORD REBEL's information was a failure -KL] ------------------------------------------------------------------------------ Noah: I got a question, I'm still trying to figure this out. Are there people like me who just call you up like this? John: Yes there are. Noah: A lot? John: Enough. You know it's funny, there's people that call up and there assholes and I'll just hang up on them. There is other people that call up and well you know they try to feed me bullshit, but at least they aren't being jerks about it. Noah: You think I'm feeding you bullshit? John: I dunno, maybe you are or maybe you aren't. What I'm saying is that there are people that behave like humans. So there are a few that call in. You know when you're working with informants, you got different categories. You got informants you can trust and you got informants that well hold on a second. There are some informants, that they could tell me anything and I'd believe them. Ok, because I know them. Met them personally maybe or known the guy for 3 or 4 years, his information is always correct that sort of thing. Then there is somebody like you that umm is kinda maybe a "Class 2 Informant." Gives valid phone numbers and information out, but is not really a true informant. Then there is a "Class 3 Informant" that's like, ahh somebody like ORYAN QUEST who calls up and turns in somebody he doesn't like, but that's all he ever does. I don't know if you can call them Class 1, Class 2, Class 3 exactly but that's how I look at it. [Shortly after this, Maxfield gave out JESTER SLUGGO's information -KL] ------------------------------------------------------------------------------ Noah: How about Phucked Agent 04? John: Oh him, his name is XXXXX and he's out in XXXXXXX. Noah: Something like that. John: He's one of the jerks that made death threats against me. I kinda would like to get him. Noah: You want his number? John: Yeah. Noah: Lemme see if I can catch up with him, I know a few people in LOD. ------------------------------------------------------------------------------ [Noah tried to get information on KERRANG KHAN for a while and then started asking about KARL MARX -KL] Noah: Ok, KARL MARX. John: Oh, he got busted along with MARK TABAS you know, I told you all about that. Noah: Yeah yeah. John: He lives out in NPA XXX, but he was going to college in XXXXXXXXXX and I don't have a number for him there. Noah: He's probably back home now. John: Yeah, but I probably shouldn't give out his number. He did get popped. Noah: Aw come on. John: Nah. Noah: Come on. John: Nah. Noah: Please. John: Nah. I probably don't have a correct number anyway. Noah: Dude. Well if you don't have a correct number then give me the old number. John: Nah. Noah: C'mon dude. John: Nah. Noah: Dude! John: Nah nah. Besides I have a feeling that he wouldn't appreciate being called up by hackers anyway. Noah: He's still around though! John: Is he!? Noah: Yes. John: Oh really. Noah: Yes sir. Because he was talking with THE MARAUDER, you know, Todd. John: Yeah? Noah: Yeah. John: That's interesting. [They went on to discuss THE SAFECRAKER, THE SEPTIC TANK, THE TWILIGHT ZONE, TORTURE CHAMBER, and THE FEDERATION. Maxfield reveled that he had been on TWILIGHT ZONE back when THE MARAUDER used to run it. -KL] ------------------------------------------------------------------------------ Noah: THE MARAUDER is still home, he didn't go to college. John: Yeah, MARAUDER, now he is heavy duty. Noah: Yeah, he knows his snit (not a typo). However, he doesn't brag about it. John: Well the thing is, you know is what the hell is he trying to accomplish? I sometimes kinda wonder what motivates somebody like that. Noah: What do you mean? John: Well he wants to screw around with all this stuff, but what's the point? ------------------------------------------------------------------------------ SIGMUND FRAUD, MAX FILES, TOMMY HAWK, TUC, PHRACK INC., MARK TABAS, were next to be discussed. After which MAXFIELD went on to retell a story about a district attorney in California that referred to him as a legend in his own time. Noah then started asking about CAPTAIN CRUNCH and Easywriter, and Maxfield told him the story of CAPTAIN CRUNCH's latest bust. ------------------------------------------------------------------------------ THE DISK JOCKEY, DOC HOLIDAY, THE MARAUDER, BIG BROTHER, ARTHUR DENT, THE WEASEL, BILL FROM RNOC, THE 414 WIZARD, THE EXECUTIONER, and LORD DIGITAL were next. Then it was Noah's turn to unload (although Noah had already given out information on many of the previously mentioned people). TUC, THE TELECOM SECURITY GROUP, CELTIC PHROST, ZEPPLIN, and GENGHIS KHAN had their information handed out freely. John: I guess I'm going to have the goons come over and pay you a visit. Noah: Who me? John: Take your computer, clean your room for you. Noah: No, no, please... don't... you can't do that. I'll be an informant dammit. I'll give you all my files, I'll send them immediately... Federal Express. John: Sounds good. Noah: Has anyone ever really done that? John: Well not by Federal Express. Noah: I'll send you all my manuals, everything. I'll even tell you my favorite Sprint code. John: Sprint would appreciate that. You know, it's interesting that you know MARAUDER. Noah: Todd and I, yeah, well we're on a first name basis. [Yeah you know his first name but that's as far as it goes, isn't it Noah. -KL] ------------------------------------------------------------------------------ Noah gave out more people's information and the conversation ran on for another 20 minutes. The problem is that this is when the tape ran out, but the conversation was going strong. Noah was giving out numbers alphabetically and he was still in the C-G area when the tape ran out. There is no telling as to what was discussed next. All of the people mentioned at the beginning were discussed in depth and the excerpts shown here do not necessarily show the extent of the discussion. I didn't transcript the entire conversation because in doing so would publicly release information that would be unproductive to our society. So, many of you are probably still asking yourself, where did we get the FBI connection from? Well, some time ago, DAN THE OPERATOR used to hang out with THE TRADER and they were into some kind of stock fraud using Bank Americard or something along those lines. Something went wrong and Noah was visited by the FBI. As it turns out, Noah became their informant and they dropped the charges. Sometime later, Noah tried to set up TERMINUS (see the current Phrack Pro-Phile) to meet (unknowingly) with the FBI and give them a tour of his board, TERMINUS realized what was going on and Noah's plans were ruined. I hope you learned from this story, don't let yourself be maneuvered by people like Noah. There are more informants out there than you think. Written by Knight Lightning For more information about DAN THE OPERATOR, you should read THE SYNDICATE REPORTS Transmittal No. 13 by THE SENSEI. Available on finer BBSes/AEs everywhere. ______________________________________________________________________________ PartyCon '87 July 24-26, 1987 ~~~~~~~~~~~~ This article is not meant to be as in depth as the SummerCon issue, but I think you'll enjoy it. Before we begin, here is a list of the total phreak/hack attendees; Cheap Shades / Control C / Forest Ranger / Knight Lightning / Loki Lucifer 666 / Mad Hatter / Sir William / Synthetic Slug / Taran King The Cutthroat / The Disk Jockey / The Mad Hacker Other people who attended that should be made a note of include; Dan and Jeff (Two of Control C's roommates that were pretty cool), Dennis (The Menace); one of Control C's neighbors, Connie; The Mad Hacker's girlfriend (at the time anyway), and the United States Secret Service; they weren't actually at PartyCon, but they kept a close watch from a distance. For me, it started Friday morning when Cheap Shades and I met Forest Ranger and Taran King at Taran's house. Our trip took us through Illinois, and we stopped off at a Burger King in Normal, Illinois (close to Illinois State University). Would you believe that the majority of the population there had no teeth? Anyway, our next stop was to see Lucifer 666 in his small one-horse town. He would follow us later (with Synthetic Slug). We arrived at Control C's apartment around 4 PM and found Mad Hatter alone. The first thing he made a note of was some sheets of paper he discovered (while searching ^C's apartment). I won't go into what was on the paper. Although we didn't know it at the time, he copied the papers and hid them in his bag. It is believed that he intended to plant this and other information inside the apartment so that ^C would get busted. Basically, it was a major party with a few mishaps like Forest Ranger and Cheap Shades driving into Grand Rapids, Michigan on Friday night and not getting back till 4 AM Saturday. We hit Lake Shore Drive, the beach, a few shopping malls, Chicago's Hard Rock Cafe, and Rush Street. It was a lot of fun and we may do it again sometime soon. If you missed PartyCon '87, you missed out. For those who wanted to go, but couldn't find us, we're sorry. Hotel cancellations and loss of phone lists due to current problems made it impossible for us to contact everyone. Written by Knight Lightning ______________________________________________________________________________ #### PHRACK PRESENTS ISSUE 15 #### ^*^*^*^Phrack World News, Part 1^*^*^*^ **** File 8 of 10 **** SEARCH WARRANT ON WRITTEN AFFIDAVIT DATE: 7/17/87 TO: Special Agent Lewis F. Jackson II, U.S. Secret Service or any agent d use of access devices, and Title 18 USC 1030 - Computer related fraud. WHEN: On or before (10 days) at any time day or night ------------ AFFIDAVIT "I, Lewis F. Jackson II, first being duly sworn, do depose and state:..." [Here he goes on and on about his position in the San Jose Secret Service, classes he has taken (none of them having to do with computers)] "Other individuals involved in the investigation: Detective J. McMullen - Stanford Public Safety/Specialist in computers Steve Daugherty - Pacific Bell Telephone (sic)/ Specialist in fraud Stephen Hansen - Stanford Electrical Eng./ Director Brian Bales - Sprint Telecom./ Security Investigator M. Locker - ITT Communications/ Security Investigator Jerry Slaughter - MCI Communications/Security Investigator 4. On 11/14/86, I met with Detective Sgt. John McMullen, who related the following: a. Beginning on or about 9/1/86, an unknown suspect or group of suspects using the code name Pink Floyd repeatedly accessed the Unix and Portia computer systems at Stanford University without authorization. b. The suspects initially managed to decode the password of a computer user called "Laurent" and used the account without the permission or knowledge of the account holder. The true account holder was given a new account and a program was set up to print out all activity on the "Laurent" account. c & d. Mentions the systems that were accessed illegally, the most 'dangerous' being Arpanet (geeeee). e. Damage was estimated at $10,000 by Director of Stanford Computers. g. On 1/13/87, the suspect(s) resumed regular break-ins to the "Laurent" account, however traps and traces were initially unsuccessful in identifying the suspect(s) because the suspect(s) dialed into the Stanford Computer System via Sprint or MCI lines, which did not have immediate trap and trace capabilities. 6. On 2/19/87 I forwarded the details of my investigation and a request for collateral investigation to the New York Field Office of The U.S. Secret Service. (The USSS [I could say something dumb about USSR here]). SA Walter Burns was assigned the investigation. 7. SA Burns reported telephonically that comparison of the times at which Stanford suffered break ins [aahhh, poor Stanford] with that of DNR's on suspects in New York, Pennsylvania, Massachusetts, Maryland and California showed a correlation. 8. [Some stuff about Oryan QUEST engineering Cosmos numbers]. 9. On 4/2/87, I was telephoned again by Mr. Daugherty who reported that on 4/1/87, while checking a trouble signal on the above DNR's [on Oryan's lines], he overheard a call between the central figure in the New York investigation and [Oryan Quest's real name.] Mr. Daughtery was able to identify and distinguish between the three suspects because they addressed each other by there first name. During the conversation, [Oryan Quest] acknowledged being a member of L.O.D. (Legion Of Doom), a very private and exclusive group of computer hackers. [Oryan QUEST never was a member.] 10. [Mr. Daughtery continued to listen while QUEST tried to engineer some stuff. Gee what a coincidence that a security investigator was investigating a technical problem at the same time a conversation with 2 of the suspects was happening, and perhaps he just COULDN'T disconnect and so had to listen in for 20 minutes or so. What luck.] 11. SA Burns reported that the suspects in New York regularly called the suspects in California. 14. From 4/30/87 to 6/15/87 DNR's were on both California suspects and were monitored by me. [The data from the DNR's was 'analyzed' and sent to Sprint, MCI, and ITT to check on codes. Damages claimed by the various LDX's were: SPRINT : Oryan QUEST : 3 codes for losses totaling $4,694.72 Mark Of CA : 2 codes for losses totaling $1,912.57 ITT : Mark Of CA : 4 codes for losses totaling $639 MCI : Mark Of CA : 1 code for losses totaling $1,813.62 And the winner is....Oryan QUEST at $4,694.72 against Mark with $4,365.19.] 20. Through my training and investigation I have learned that people who break into computers ("hackers") and people who fraudulently obtain telecommunications services ("freakers") are a highly sophisticated and close knit group. They routinely communicate with each other directly or through electronic bulletin boards. [Note: When a Phrack reporter called Lewis Jackson and asked why after his no doubt extensive training he didn't spell "freakers" correctly with a 'ph' he reacted rather rudely.] 21. 22. [Jackson's in depth analysis of what hackers have ("Blue Boxes are 23. normally made from pocket calculators...") and their behavior] 24. 26. Through my training and investigations, I have learned that evidence stored in computers, floppy disks, and speed dialers is very fragile and can be destroyed in a matter of seconds by several methods including but not limited to: striking one or more keys on the computer keyboard to trigger a preset computer program to delete information stored within, passing a strong magnetic source in close proximity to a computer, throwing a light switch designed to either trigger a preset program or cut power in order to delete information stored in a computer or speed dialer or computer; or simply delivering a sharp blow to the computer. [Blunt blows don't cut it.] 27. Because of the ease with which evidence stored in computers can be destroyed or transferred, it is essential that search warrants be executed at a time when the suspect is least likely to be physically operating the target computer system and least likely to have access to methods of destroying or transferring evidence stored within the system. Because of the rapidity of modern communications and the ability to destroy or transfer evidence remotely by one computer to another, it is also essential that in cases involving multiple suspects, all search warrants must be executed simultaneously.