ShadowSpawn BBS Presents... \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\ \\\ \\\ HACKING THE RSTS/E SYSTEM \\\ \\\ \\\ \\\ >>> VOLUME I <<< \\\ \\\ \\\ \\\ BY THE WHITE GUARDIAN \\\ \\\ \\\ \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ PREFACE ------- SO, ALL OF YOU PEOPLE WHO HAVE GROWN USED TO USEING THE DEC PDP-11 COMPUTER IN YOUR SCHOOL OR OFFICE, HERE IS AN INDEPTH LOOK AT THE SYSTEM AND WHAT CAN BE DONE WITH IT. THE AUTHOR OF THIS ARTICLE TAKES NO RESPONSABILATY FOR ANY OF THE ACTS THAT MAY FOLLOW TE READING OF THESE ARTICLES. THEY ARE STRICTLY WRITTEN IN A INFORMITVE MODE TO TEACH THE DEC USER MORE ABUT THE SYSTEM HE IS ON. ACCOUNTS ------------ TO START THIS ARTICLE BASICLY, WE WILL BEGIN BY DISCUSSING ACCOUNT. THERE ARE TWO BASIC TYPES OF ACCOUNTS THAT ARE ACTIVE ON THE SYSTEM. THERE IS THE USER ACCOUNTS AND THE SYSTEM MANAGER ACCOUNTS. [1,*] ----- THESE ARE THE SPECIAL ACCOUNTS THAT HAVE ALL OF THE OFFICIAL POWER ON THE SYSTEM. THEY ARE ABLE TO GET ONTO ANY ACCOUNT, GET AT ANY FILES, AND DO ANYTHING THEY WANT TO. THESE ACCOUNTS ARE LIMITED TO THE SYSTEM OPERATERS. MORE ON THESE POWERS WILL BE DISCUSSED LATER. [0,1] ----- THIS IS THE ACCOUNT THAT IS WERE MANY MAJOR SYSTEM FILES ARE STORED. YOU CAN FIND THE ERRORS STORED HERE AND THE DCL PROGRAM. THERE ARE ALSO A FEW OTHER FILES THAT HOLD LITTLE VALUE TO THE SERIOUS SYSTEM HACKER. ALL OTHERS ---------- THESE ARE JUST BORING ACCOUNTS ON THE SYSTEM THAT CONTAIN NO POWER AND CANNOT BE GIVEN POWER UNLESS BY WAY OF SOFTWARE THAT YOU CAN WRITE. I WILL ALSO DISCUSS THAT LATER. PROGRAM EXAMINATION #1 - $LOGIN.BAC LOGIN.BAC WAS A PROGRAM WRITTEN BY DIGITAL EQUIPTMENT CORPORATION. IT IS USED TO LOG A USER ON TO THE SYSTEM AND WATCH FOR SECURITY VIOLATIONS. WHEN YOU FIRST GET ONTO THE SYSTEM YOU WILL SEE SOMETHING LIKE THIS: RSTS/E VERSION 8.1 [SCHOOL NAME] LOCAL JOB X [DATE] [TIME] ENTER USER #: AT THIS PROMPT THE LOGIN PROGRAM IS EXPECTING TWO NUMBERS DIVIDED BY A COMMA. IT MAY BE INTERESTING TO NOTE THAT THESE NUMBERS ARE NOT REALLY TWO NUMBERS BUT A STRING. ANYWAY, THE NUMBERS RANGE FROM 0 TO 255 ON BOTH SIDES OF THE COMMA. THE COMMA CAN ALSO BE REPLACED BY A SLASH. NEXT, AFTER YOU HAVE ENTERED YOUR ACCOUNT NUMBER, YOU WILL COME APON A PROMPT SAYING: PASSWORD : A PASSWORD CAN BE BETWEEN 1 TO 6 CHARACTORS AND THESE CHARACTORS MAY BE ONLY LETTERS OR NUMBERS. THAT MEANS THAT THERE IS A TOTAL OF 36 DIFFERENT CHARACTORS THAT COULD BE IN EACH POSSITION OF THE PASSWORD. PASSWORDS DO NOT HAVE TO BEGIN WITH A CHARACTOR. BY THE WAY, ANY ACCOUNT THAT HAS A PASSWORD OF ?????? IN UNACCESSABLE TO ANYONE ON THE SYSTEM BUT A SYSTEM OPERATOR. FOR THOSE OF YOU DARING PEOPLE WHO WOULD LIKE TO GET INTO A 1 ACCOUNT, YOU WILL RECIEVE A FURTHER PROMPT. YOU WILL SEE: AUXILARARY PASSWORD : THIS IS A FUNNY PASSWORD. THEIR IS ONLY ONE AUX PASWRD FOR ALL OF THE ONE ACCOUNTS. IT IS WRITTEN INTO THE MAIN PROGRAM AND ASSUMES THE VARIABLE NAME L.PASS. IF YOU ARE TO GET AHOLD OF A LISTING OF THE LOGIN PROGRAM YOU WILL FIND IT SOME WHERE NEAR THE END OF THE PROGRAM. THE REASON FOR THIS PASWRD IS NOT ONLY BECAUSE OF THE ADDED SECURITY IN HACKERS, BUT BECAUSE WHEN A SYSOP RUNS A PROGRAM CALLED MONEY(TO BE DISCUSSED LATER) HE CAN PRINT OUT A LIST OF TH PASSWORDS. THIS SHEET WILL HAVE THE ACCOUNTS,AND ALL OF THE OTHER INFORMATION ABOUT THESE ACCOUNTS INCLUDING THE PASWRDS. THE AUX PASWRD IS NEVER ON THESE LISTINGS. POINTS ABOUT LOGIN ------------------ IT IS POSSABLE TO PUT SECURITY INTO THIS PROGRAM WITH ONLY SMALL AMOUNTS OF MODIFCATIONS. THE LOGIN PROGRAM HAS A PART OF IT THAT WILL SEND A PACKAGE OF DATA TO ANOTHER PROGRAM FOR PROCESSING. IT SENDS STUFF LIKE TIME, ACCOUNT LAST ON,ACCOUNT THE PERSON WAS TRYING TO LOG ONTO, PASWRD USED AND A WHOLE BUNCH OF OTHER STUFF. NEVER LOG ONTO TO ANOTHER ACCOUNT DIRECTLY FROM YOUR OWN. I KNOW A GUY WHO WAS BUSTED BECAUSE HE LOGGED DIRECTLY FROM HIS ACCOUNT TO A TEACHERS ACCOUNT, AND THEN BACK TO HIS ACCOUNT AGAIN. THE SYS-OP CAME UP TO HIM AND SHOWED HIM HOW THERE WAS A COMPLETE RECORD OF ALL ACTIVITY ON THE SYSTEM. MOST PEOPLE DO NOT HAVE TOWORRY ABOUT THIS SITUATION... IT IS ONLY THE ONES WITH PARANIOD SYS-MANG THAT HAVE TO WATCH OUT. A PROGRAM YOU SHOULD ALL WATCH OUT FOR IS LOGLOG. IT IS FOUND IN THE MESSAGE RECIEVERS OF THE SYSTAT LISTING. MORE ON SYSTAT AND WHAT XOU CAN DO WITH IT LATER. ANYWAY, ALWAYS MAKE A POINT OF CHECKING THE SYSTAT BEFORE YOU LOG ON EACH TIME. IF ANY OPRS ARE PRESENT AND THEY ARE ACTIVE, DON'T LOG ON. OTHER LOGIN COMMANDS -------------------- HERE ARE A FEW OTHER THING THAT CAN BE DONE WITHOUT LOGGING ONTO A SYSTEM SYSTAT - ON MOST SYSTEMS, IT IS POSSABLE TO TYPE THIS AND GET A LISTING OF WHO IS ON THE SYSTEM. IT WILL GIVE YOU HINTS ABOUT ACCOUNTS THAT ARE ACTIVE AND OTHER NOTABLE DATA ABOUT THE SYSTEM I TYPE DIR/S OR PIP/DI:S LOOK AT YOUR RUN TIME SYSTEM.... \\\\\\\\\\\\\\\\\\\\\\\\\\\8\\\\\\\\ \\\ \\\ \\\ UNTIL NEXT TIME... \\\ \\\ \\\ \\\ IT WAS THE BEST OF TIMES, \\\ \\\ IT WAS THE WORST OF TIMES... \\\ \\\ \\\ \\\ THE WHITE GUARDIAN \\\ \\\ H. O. T. K. \\\ \\\ \\\ \\\ TO CONTACT: CATS DEN I,II,IV\\\ \\\ 4TH REICH,POISON \\\ \\\ DAGGER, AND MANY \\\ \\\ OTHERS.......... \\\ \\\ \\\ \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\