***********************************************************

*********************************************************************************
Hacker's Bible*************************
***********************************************************
**********************By:Phoenix_Phreak*********************
*************************Version1.5**************************
***********************************************************
***********************************************************
***********************************************************DISCLAIMER:Use this
information at your own risk. I Phoenix_Phreak, nor the persons providing this
file, will NOT assume ANY responsibility for the use, misuse, or abuse, of the
information provided herein. The following information is provided for educational
purposes ONLY. The informaion is NOT to be used for illegal purposes. By reading
this file you ARE AGREEING to the following terms:I understand that using this
information is illegal. I agree to, and understand, that I am responsible for my
own actions. If I get into trouble using this information for the wrong reasons, I
promise not to place the blame on Phoenix_Phreak, or anyone that provided this
file. I understand that this information is for educational purposes only. This
file is basically a compilation of known hacking information and some information
gathered from my own experience as a hacker/phreaker. I have tried to make sure
that everything excerpted from other documents was put in quotes and labeled with
the documents name, and if known, who wrote it. I am sorry if any mistakes were
made with quoted information. NOTE: This is a file that contais Hacking information
ONLY; if you would like to learn about phreaking you can email me at:
[email protected] to receive more information of some excellents files
(recopilations/compilations, I have or I can give you some usefull links i have).
Also this file is for what we often call: n00bs,so if you already know about this
stuff you may find this a little elementary but, again I want to help the young
people out there that tries to be a hacker and want to learn about computers.YOU
MAY FREELY DISTRIBUTE THIS FILE AS LONG AS IT REMAINS UNCHANGED AND GIVING ME THE
CREDIT FOR THE WORK I HAVE DONE. IF YOU ARE GOING TO USE IT FOR OTHER TYPES OF
FILES/DOCUMENTS OR WHATEVER YOU WANT TO DO WITH IT DON'T ALTER THIS DOCUMENT IN ANY
WAY OR FORM.Table of contents: I.Hacking:
A.What is a hacker? B.Kind/types of hackers.
C.Why hack?
D.Hack/Hacking rules E.Where do i start?
F.What do i do next? II.Social Engineering:
A.What is social engineering? B. How can i
use social engineering? III.Protection:
A. What makes a system secure? B. What would
be the ideal proteccion of a system? C.
Keyloggers a)What is a keylogger?
b)How can i know if I am being "logged"?
D.What is a anti-virus {virus security}/virus scanner?
E. What is a firewall? F. Kinds of Viruses
a) Viruses b) Trojans
c) Worms G. How do Viruses works?
a) Stealth Viruses b) Polymorphic
Viruses c) Slow infector
d) Fast infector e) Sparse
infector f) Boot Sector Infector
(BSI) g) Companion Virus
h) Armored Virus H. Top five viruses of all
times. a) The Brain virus
b) The Internet Worm c) The
Michelangelo Media Fiasco d)
Melissa f) I Love You, Love Bug
I. Top five recent viruses/worms
a) WORM_LOVGATE.F b)
PE_FUNLOVE.4099 c) PE_ELKERN.D
d) WORM_KLEZ.H e) PE_NIMDA.A-O
IV. Command prompt (MS-DOS) A. What is a
command (MS-DOS) prompt? B. Commands for the
command (MS-DOS) prompt. V. Special thanks/used files for
this file VI. Links to usefull websites
VII. Related terms/glossary VIII. ConclusionSection I.
Hacking. A.What is hacker?Well, to start, a hacker
is a person that wants to know EVERYTHING about the field of Computer science
(Hacking), they are very very curious people that wants to know how computers
{including-> Hardware and software} works. They are not afraid to make mistakes (at
the beginning in the process of learning only) and people that wont give up easily.
Hackers don't destroy or harm (in any way computers) so if you want to find
anything about how to hack my ex-girlfriend computer so you can know if she's
cheating on you then i guess you are looking in the wrong place i suggest that you
DELETE this file and look in other place because I dont support that kind of
actions nor the endorsers of this file. We {Hackers} are "separated"/"banned" from
society because we demand ALL the information inside a computer and complete access
to it. Like Revelation said: "There are only two ways to get rid of hackers and
phreakers. One is to get rid of computers and telephones, in which case we would
find other means of getting what we want.(Like that is really going to happen.) The
other way is to give us what we want, which is free access to ALL information.
Until one of those two things happen, we are not going anywhere." He is right. We
demand access to ALL information and we will NEVER give up. We will always be
prepared for the new technological advances out there and like The Mentor said:"You
may stop this individual, but you can't stop us all... after all, we're all alike.
So I think know you know a litle about us the often called Hackers.
B.Kind/types of hackers.There are different kinds/types of hackers. "Inside" the
term hacker there are differents categories and differences between them those are:
1) White hat hacker-> This kind of hacker is the one that have a nice job at a
respectable company {not always} loves computers, he/she wants to try to
help the SysOps or SecMan's for some company/website in any aspect or way. They DO
NOT make viruses nor promote them and is the rarest kind {i like to say "species"}
there is today they are lawfull people {inside the computer world} they don't hack
websites {commercial, personal, nor a goverment one}. They just want to help other
people and "clean" or change the "bad" reputation of hackers.2) Gray hat hacker->
This is what I call "border line" hackers. They are computer-wise people, and if
they have a reason they can hack, make, viruses, "crack" computers and the worst
things that you can imagine. They also tend to be more a black hat hacker than a
white hat hacker, some times {when they act stupid they give the "bad" reputation
to us the white hat hackers}.3) Black hat hacker(Crackers) -> This person {Hacker
more/most likely to be called Crackers) Likes to do harm to computers {with
apparently no reason at all} they love and live for computer destruction, and makes
viruses {i.e. Melissa virus}, harm other's people computers, damage {or destroy
websites}, use other people social-security numbers, and credit cards numbers to
steal their money, they are the most "evil" form of hacker there could be. Most of
the people think that ALL the hackers are bad persons, that make bad things and
harm other people and that why they "exclude" us from society.
C. Why Hack?You may want to hack just to learn more about computers how they work
and you want to study something "computer related", other may want to learn how to
hack because they want to do harm to others computers and want to destroy
everything, (i dont recomend this last option) but they are one of the "key
elements in today's technology. If they didnt "hack"or create computer viruses the
technollogy today would be very "primitive". Why?, because they "prove" security
systems and make the administrators/SecMan, pass a lot of work so that they can
"perfectionate" their securities. D.Hack/hacking
rules.1. Never damage any system. This will get your ass into trouble(dont blame
anyone
for your sorry ass).2. Never alter/damge {or destroy} any of the systems files,
exceptfor those needed to insure that you are not detected{or probably get caught},
and those to insure that you have access into that computer in the future.3. Do not
share or give any information about your hacking plans withanyone {not your
mom/dad, family, friends}. This is something very privateand personal (not
mentioning dangerous).4. When posting on Message boeards (or BBS) {Bulletin Board
System}be as vague aspossible when describing your current hacking projects.BBS's
CANbe monitered by law enforcement and you WILL get caught.5. Never use anyone's
real name or real phone number when postingon a BBS.6. Never leave your handle{name
that u use in BBS or in Cyberspace}on any systems that you hack in to you may think
tha this is a cool way tohack but this not only looks silly, its stupid just
leaving your "name" in a computer{Believe me you WILL get caught}.7. DO NOT hack
government computers {FROM YOUR COUNTRY NOR FOREING ONE}.8. Never speak about
hacking projects over your home telephone line, its just plain stupid.9. Be very
very carefull where you put all your Important files/and projects. (i suggest that
you download a good encryptor, or maybe better build one yourself).10. If you want
to be a good "admirable" hacker YOU MUST read as much as possible, read booksnews
articles, magazines {like 2600, and phreak mag.}, E-books, may-b even seeing movies
just try to readeverything you van get into your hands.11) Visit popular search
engines (i.e. www.google.com) they are one of the mostusefull resources you can use
on the net (from downloading files, books, antiviruses, related software,and
EVERYTHING you need to hack.12) Don't go directly to a BBS or chat room to ask
something. Try to find it yourself{again www.google.com),this doesn't only make
more "responsible" you will be satisfied that you found what you werelooking for,
{and most probably it will answer your question more precisely/accuratly}.
E. Where do I start?You are probably very excited to start hacking, and you should
know that being a hacker is an adrenaline rush as well as fullfilling. To begin
hacking, you need to learn a programming language such as(c/c++/perl/php/java) and
study certain operating systems such as(windows NT,2000/Linux/Unix). Ask other
hackers what they use and why, then choose one and stick to it. It can take several
months to learn the basics of one of these technologies, and years to master. If
you can't spend at least a half hour a day to advance your computer skills, then
hacking may not be for you. As i've already mentioned before you can start
reading, reading, and, reading; never gorw tired of reading, cuz you will never
know enough there will always be new technological advances and new, viruses,anti-
viruses,firewalls,specs (for computers), hacking programs, etc etc etc. Try to
"know" your computer, analyze how it works {its functions, how they work and why
they do "it", what they exactly do}. Learn the basic of command prompt UNDERSTAND
them and try to use them in "everyday life" try to make them as a part of your
"computer life". F. What do I do next?Assuming
that you already "know" your computer, you have already read lots of magazines and
you know the basics of computer, you can continue learning, work in your OWN
PROGRAMS and creations. Try to make them work, "update" them try to keep them
"upgraded" and with new additions". Learn about publishing, social engineering (We
will disscus that later on}, and make your own business and/o r webpage. Now you
are earning money and doing what you love most in your life.Section II. Social
engineering. A. What is social engineering?Social
Engineering---> Is a term used among crackers and samurai for cracking techniques
that rely on weaknesses in wetware rather than software; the aimis to trick people
into revealing passwords or other information that compromises a target system's
security. Classic scams include phoning up amark who has the required information
and posing as a field service tech or a fellow employee with an urgent access
problem. This is true. Social engineering, from a narrow point of view,
is basically phone scams which pit your knowledge and wits against another human.
This technique is used for a lot of things, such as gaining passwords, keycards and
basic information on a system or organization. Social Engineering has
existed in some form or another since the beginning of time, primarily because most
of us are helpful and trusting people. It?s human nature. Take the "Love Bug" virus
for instance, it played on the psychological need and/or want of human beings to be
loved. Only after the person opened the e-mail did they discover that they were
loved in a way they would hopefully never be loved again. Some Social Engineering
methods include telephone ? the method described above, e-mail ? the I Love You
virus, "Dumpster Diving" ? hired guns for Oracle digging into Microsoft?s trash, in
person ? walking into a building and checking out all the post-it-notes with
passwords on them that are stuck to monitors (come on, you know you do it), and
snail mail ? dropping a bogus survey in the mail offering a cash award for
completion and asking some delicate questions. B.
How can I use social engineering?Well, now that you know what social engineering
is, we can learn what/how could we use it. Social engineering, as i stated before,
can be usedto get/gain access to: a network, computer passwords{also websites login
screens}, credit cards, social scurity numbers, among others, you may use "voice
changers", make some ID cards {in case of a person-to-person meeting}, get your own
P.O.box adress among others. This could be used in everyday life {not just in
hacking}. Social engineering is an "art". It must be mastered, lots of people know
what is it and how to use it, but a little percent of persons know "really" how to
use social engineering, they have mastered and {it aint easy, it takes practice and
more practice}"perfected it to the "MAX". So don't try to learn and master the fine
art of social engineeering in just a few weeks.Section III. Proteccion.
A. What makes a system secure?"The only system which is truly secure is one which
is switched offand unplugged, locked in a titanium lined safe, buried in a concrete
bunker, and is surrounded by nerve gas and very highly paid armedguards. Even then
I wouldn't stake my life on it." - originally
from Gene Spafford B. What would be the ideal
proteccion of a system?Password Access- Get rid of simple passwords; routinely
change all passwords; regular review/monitoring of password
files, dont leave passwords (with sticky notes under your keyboard etc)Physical
Access- Lock up terminals, personal computers, disks when not in
use; eliminate unnecessary access lines; disconnect modems when not
in useOther measures- Know who you are talking to; shred all documents;
avoid public domain software; report suspicious activity
(especially non-working hours access) What this all means is that hackers
must now rely on the ineptitude and laziness of the users of the system rather than
the ignoranceof SysOps. The SysOps (System Operators) and SecMans (Security
Managers) are getting smarter and keeping up to date. Not only that, but they are
monitoring the hack/phreak BBSes and publications. So the bottom line is reveal
nothing to overinquisitive newbies...they may be working for the wrongside.
C. Keyloggers a) What is a keylogger?A
key logger is a device (hardware or software) that records every keystroke made
when you press a letter or symbol on your keyboard.Their purpose is to bring
protection to companies or homes by "saving or "recording" every keystroke into a
file for later view. As you may already figured out sometimes (if not mostly),
keyloggers are used to have, gain or bring usefull information to the keylogger
"administrator"for evil purposes. It may be for having or gaining an email
account's passwords or other "none of your business " information. I like
keyloggers, right now I have one, first it was to gain all data accessed into my
beloved computer but now, I have noticed that keyloggers are usefulls tools because
they save ALL the information typed., it has saved me lost of work typing
information, long files so even if you dont have a business company nor a wife or
family it is good to have one to recover all your lost data just remember to check
often. They may be password protected, be in invisible mode or "ghost: mode", also
it may encript the data before saving it, sometimes they send the log files with
the information to a predetermind email. There are alot of sites claiming that they
have invisible keyloggers and they aren't. You must be very carefull when deciding
to buy/download a keylogger. Now that you know what a keylogger is you can "browse"
through the net for some keyloggers (Try find some for free on the links provided
here). Remember not all the keyloggers are what I call "good material" some may be
totally visible (hardware even software) nor have ALL the functions provided here.
Keyloggers are usefull tools while dealing with other people you don't trust (i.e.
large business) even with family, it has helped
 in lots of legally cases you just need to use them and how to use them correctly,
just give them a try. b) How can I know if
I am being "logged"?If you suspect that you are in fact being "logged" you may want
to check www.google.com for free "scaning" to see if you are being logged. If you
don't fing nothing( no place to scan free), then you may want to buy a program like
Spy monitoring software (again www.google.com), search in the add/remove progrmas,
mostly are present there because you need to remove the program in a specified dtae
(some keyloggers auto deletes in the choosen date). loook for suspicious files in
the programs, look eveywhere taskbars, desktops, programs, log files, hard disk,
etc. The last option is to bring a bottle of wine to bed and ask nicely ;), (It may
work). D. What is a anti-virus {virus
security}/virus scanner? Virus security starts with a good virus scanner
and never ends. There are many ways to prevent viruses. Thousands of new viruses
are created each week and scanners are constantly being updated. The best way to be
secured from them is to only download files from trusted sites/people and to keep a
good updated scanner. Virus Scanners Virus scanners are the number one way
to keep viruses off your system. There are hundreds of different scanners
available. There are a few companies who keep up with them. (we all know who they
are) So here is what you should do to keep them updated and working properly.
Always watch their website, they often have info on the latest bad viruses out and
updates for your scanner. Also keep up monthly/weekly with your updates of your
scanner. This will drastically reduce your vulnerability towards most the common
viruses out. Another tip is when you hear of another big virus out, manualy update
your scanner. Most the good scanners available have auto and manual update programs
on your computer, they also protect against most of worms, and trojans out there.
E. What is a firewall? (from the
comp.security.misc FAQ) A (Internet) firewall is a machine which is
attached (usually)between your site and a Wide Area Network (WAN). It provides
controllable filtering of network traffic, allowing restricted access to certain
Internet port numbers and blocks access to pretty well everything else.Firewalls
are very good protection for personal computers. Some of them will block against
viruses and most will, or have the ability, to block trojan viruses. As with
scanners there are many to choose from. It is the users personal preference on what
they want to use. Firewalls provide good protection towards more than
viruses/trojans as well. They will protect your whole computer from many kinds of
other "cracking" attacks. They watch over your computer and watch open ports on
your system for incoming data and either let it pass or block it depending on what
the user wants. They work as nets, allowing what the user wants to go thru and
blocking what the user does not want to go thru. F.
Kinds of Viruses Kinds of Viruses There are many kinds of
viruses. These include Trojan horses and Worms as well. New viruses are released
upon the world every day. I will talk about the different kinds of viruses how they
work and ill givr some examples of the most "popular" viruses, trojans and worms
out there. a) Viruses---> A virus is a
program that infects a computers files and copies itself to them. Thus damaging the
file. Most common viruses infect .COM or .EXE file extensions and corrupts them,
rendering the program useless and/or infecting other files when run. Viruses are
commonly recieved thru email and downloaded programs. Email viruses (depending on
what you use for your mail) can access your address book and forward itself on to
the people on the list, without the users knowledge.
b) Trojans---> Trojans are programs that do something which the writer means it to
do that the user does not know about. These programs can be attached to another
program so when the original program (that which may be any common good program
people will use) is run the trojan virus will be installed. These range in the way
of invisible keyloggers to the common trojans like NetBus, Sub7, and Back Orfice.
There are amny kinds of trojans out there. Some can damage your computer, some will
allow others access to your files, and some are there but dont do to much. But at
any rate these can be malicious and are in many cases can be as bad as a virus that
can destroy your computer. The common names for these viruses unattached from
another program is "patch" and "server" alltho they may have other names as well
depending on what it has been changed to.
c) Worms---> Worms are programs that replicate over and over using up system
resources and/or clowing down the computer. These include "resource hoggers" and
"HDD fillers" (hard drive fillers). These programs may produce thousands of smaller
files in a folder deep in the hard drive and keep making them until the hard drive
is full. As well as using up resources of the computer. These little programs are
hard to find. Due to having to find the original virus to stop the damage being
done. There are other kinds of worms as well. Different ones depending on the
writers needs. G. How do Viruses works?a) Stealth
Viruses---> A stealth virus is one which hides the modifications it has made in the
file or boot record, usually by monitoring the system functions used by programs to
read files or physical blocks from storage media, and forging the results of such
system functions so that programs which try to read these areas see the original
uninfected form of the file instead of the actual infected form. Thus the viral
modifications go undetected by anti-viral programs. However, in order to do this,
the virus must be resident in memory when the anti-viral program is executed.b)
Polymorphic Viruses---> A polymorphic virus is one which produces varied (yet fully
operational) copies of itself, in the hope that virus scanners will not be able to
detect all instances of the virus.These viruses are hard to detect because of their
constant change. Most viruses scanners will detect the original but not the newer
versions of the virus all the time.c) Slow infector---> A slow infector is a virus
that which runs in the memory and infects programs that are modified or created.
This is to fool many programs that check for modifications in programs for the
virus hides what it has done.d) Fast infector---> A fast infector is a virus which,
when it is active in memory, infects not only programs which are executed, but
eventhose which. are merely opened. The result is that if such a virus is in
memory, running a scanner can result in all (or at least many) programs becoming
infected all at once.e) Sparse infector---> A sparse infector virus will only
infect a file occasionaly. These will count however many programs it was designed
to count then infect and so on. Making it harder to track down the orginal source
of the virus. These are hard to find due to the originaly has to be found thru many
infected files that could be the original.f) Boot Sector Infector (BSI)---> A BSI
is a virus that attacks the computer on boot. Sometimes halting the boot procedure
alltogether and/or damaging boot files making the system either unstable and crash
on startup or not able to start at all. These are some of the worst viruses to get
because once infected you are unable to run system virus scans thru the OS.g)
Companion Virus---> A companion virus modifies a file so that when it is run it
runs a seperate program as well. (Many trojans work as this kind of virus) When the
original file is run the virus is run instead of the original program. Once the
virus is done, which is commonly fast enough to go unnoticed, the original program
will start. The user will normaly have no clue as to anything was happening they
did not know about.h) Armored Virus---> An armored virus will use different things
to stop the user from deleting, editing, tracing, and more. These can sometimes be
deleted by virus scanners but not always. H. Top five
viruses of all times. a) The Brain Virus
Most historians agree that the first virus to replicate from PC to PC was Brain.
(Viruses had been passing between other computer platforms such as VAXs and Apple
IIs for years.) The story goes that Basit and Amjaad Farooq Alvi, owners of a store
called Brain Computer Services, wrote the boot sector virus to stealthily leave
their contact information on infected computers. Basit and Amjaad claimed they
wrote the code to ascertain the extent of software piracy in Pakistan (they were,
after all, software vendors). But Brain soon leaked through the Pakistani borders
and quite harmlessly infected computers worldwide.
b) The Internet WormDespite the intention of its author, the infamous Internet Worm
wasn't as benign as Brain. Written by Cornell University Ph.D. student Robert
Morris in 1988, the Internet Worm quickly writhed its way onto VAX and Sun systems
throughout the country. Though Morris had intended for his creation to spread from
computer to computer without causing any damage or leaving a trace, his code was
flawed. The Internet Worm replicated so many times and sucked up so many CPU cycles
that
it rendered its computer hosts useless, effectively bringing the Internet to its
knees. Though the worm left no scars on its hosts after it was removed, the United
States General Accounting Office predicted that somewhere between $100,000 and
$10,000,000 was lost in terms of cumulative productivity between all of the 6,000
systems infected nationwide.When Morris realized how much havoc his worm was
wreaking, he tried to send anonymous messages on how to disinfect the beast over
the same network on which he unleashed the worm. Unfortunately, machines were so
catatonic that the remedy never went anywhere. The Internet Worm attracted a great
deal of media attention and Morris was eventually sentenced to three years of
probation and 400 hours of community service, and fined $10,050. (By the way,
Morris was the son of the chief scientist at the National Security Center -- part
of the NSA.). c) The Michelangelo Media
FiascoIn 1992, hysteria swept over the planet as newspapers, magazines, and
television networks proclaimed that on March 6, the birth date of Renaissance
artist Michelangelo, up to one quarter of American hard drives would be completely
erased.The media frenzy started through a coincidence. In January of 1992 one
computer manufacturer claimed it had inadvertently distributed 500 PCs carrying the
virus while another computer company issued a press release stating that from that
point on it would bundle antivirus software with every PC it sold. The two events
were completely unrelated, but apparently it was a slow news day and reporters
tried to make a story out of it. By the time March 5 rolled around, the fever pitch
had reached Y2K proportions. Even the respectable Wall Street Journal carried the
headline "Deadly Virus Set to Wreak Havoc Tomorrow."Why did the media go nuts? For
one thing, John McAfee, the man behind McAfee Anti-Virus, told reporters that an
estimated five million computers worldwide could lose their hard drives on account
of the Michelangelo virus. (Take note that there were a lot of other ballooned
predictions from other people.) As you can imagine, McAfee's prediction boosted his
company's sales significantly. When March 6 came, the virus struck only about
10,000 computers. Many members of the media claimed it would have affected far more
if not for their reporting. d) The Melissa
VirusAnother virus that fired up the media was Melissa, a Word macro virus. When
people received the host Word document via email and opened it, the virus sent a
copy of itself to the first 50 people in the victim's address book.Named after a
topless dancer in Florida, the Melissa virus crashed the email servers of
corporations and governments in different spots around the world. The Computer
Emergency Response Team, set up after Robert Morris mucked up the Internet with his
worm in 1988, estimated that the virus hit 100,000 computers in its first weekend.
David L. Smith posted the infected file to an alt.sex usenet group using a stolen
AOL account. Initially he entered a plea of innocence, but after being confronted
with a maximum sentence of 40 years in prison, he eventually pled guilty and
received a much-reduced sentence. e) I Love
You, Love BugBy almost any measure, the so-called Love Bug was the most damaging
and costly virus ever. I don't know who comes up with these whack figures, but
according to Reuters the bug cost the world $15 billion in lost productivity.The
Love Bug spread far faster than Melissa. Unlike Melissa, it would mail itself to
everyone in your Outlook address book -- most of whom would probably be delighted
to read about how you love them -- not just the first fifty. Moreover, it would
gobble up certain media files stored on your hard drive. One German newspaper
tragically lost 2,000 pictures from its archive.
The perpetrator turned out to be a 23-year-old Filipino computer science
student who more or less plagiarized all of his code. Because of a lack of laws in
the Philippines covering computer crimes, he pretty much got away with his crime.
I. Top five recent viruses.a) WORM_LOVGATE.FVirus type: WormDestructive: NoAliases:
W32/Lovgate.F@m, W32.HLLW.Lovgate.G@mm, Win32/Lovgate.F.WormPattern file needed:
494Scan engine needed: 5.200Overall risk rating: Low
--------------------------------------------------------------------------------
Reported infections: LowDamage Potential: HighDistribution Potential: High
--------------------------------------------------------------------------------
Description:This memory-resident worm propagates through network shares by dropping
copies of itself to shared folders with read/write access. The files that it drops
can have any of the following file names:Are you looking for Love.doc.exe
autoexec.batThe world of lovers.txt.exeHow To Hack Websites.exePanda Titanium
Crack.zip.exeMafia Trainer!!!.exe100 free essays school.pifAN-YOU-SUCK-IT.txt.pif
Sex_For_You_Life.JPG.pifCloneCD + crack.exeAge of empires 2 crack.exe
MoviezChannelsInstaler.exeStar Wars II Movie Full Downloader.exeWinrar + crack.exe
SIMS FullDownloader.zip.exeMSN Password Hacker and Stealer.exeThis worm also
propagates via email by replying to all new messages received in Microsoft Outlook
and Outlook Express. The email message has the following characteristics:From:
<Infected User?s Name>To: <Original Sender>Subject: RE: <Original Subject>Message
body:''?<Infected User?s Name>? wrote:====><Original Body>>====<Original Sender?s
SMTP account> account auto-reply:If you can keep your head when all about youAre
losing theirs and blaming it on you;If you can trust yourself when all men doubt
you,But make allowance for their doubting too;If you can wait and not be tired by
waiting,Or, being lied about,don't deal in lies,Or, being hated, don't give way to
hating,And yet don't look too good, nor talk too wise;... ... more look to the
attachment.>Get your FREE <Original Sender?s SMTP account> account now! <
Attachment: (Randomly selected from any of the following)I am For u.doc.exeBritney
spears nude.exe.txt.exejoke.pifDSL Modem Uncapper.rar.exeIndustry Giant II.exe
StarWars2 - CloneAttack.rm.scrdreamweaver MX (crack).exeShakira.zip.exeSETUP.EXE
Macromedia Flash.scrHow to Crack all gamez.exeMe_nude.AVI.pifs3msong.MP3.pifDeutsch
BloodPatch!.exeSex in Office.rm.scrthe hardcore game-.pifThis worm also gathers
target email addresses from HTML files that it finds in the current, Windows, and
My Documents folders and sends an email message with itself as attachment to all
the said email addresses. The email message it sends out may be any of the
following:Subject: Reply to this!Message Body: For further assistance, please
contact!Attachment: About_Me.txt.pifSubject: Let's LaughMessage Body: Copy of your
message, including all the headers is attached.Attachment: driver.exeSubject: Last
UpdateMessage Body: This is the last cumulative update.Attachment: Doom3
Preview!!!.exeSubject: for youMessage Body: Tiger Woods had two eagles Friday
during his victory over Stephen Leaney. (AP Photo/Denis Poroy)Attachment: enjoy.exe
Subject: GreatMessage Body: Send reply if you want to be official beta tester.
Attachment: YOU_are_FAT!.TXT.pifSubject: HelpMessage Body: This message was created
automatically by mail delivery software (Exim).Attachment: Source.exeSubject:
Attached one Gift for u..Message Body: It's the long-awaited film version of the
Broadway hit. Set in the roaring 20's, this is the story of Chicago chorus girl
Roxie Hart (Zellweger), who shoots her unfaithful lover (West).Attachment:
Interesting.exeSubject: HiMessage Body: Adult content!!! Use with parental
advisory.Attachment: README.TXT.pifSubject: Hi DearMessage Body: Patrick Ewing will
give Knick fans something to cheer about Friday night.Attachment: images.pif
Subject: See the attachementMessage Body: Send me your comments...Attachment:
Pics.ZIP.scrThe worm also has backdoor functions, opening ports, obtaining
information about the system, and enabling the remote user to execute commands on
the compromised system.This Aspack-compressed worm runs on Windows NT, 2000, and
XP.b) PE_FUNLOVE.4099Virus type: File InfectorDestructive: NoAliases:
W32/FunLove.dr, Win32/Funlove.dr, Win32/Funlove.4099.Flcss, Win32.FunLove.4608,
Win32:FunLove-4099, W32.FunLove.4099, Win32.FunLove.4070, W32/Flcss, Win32/Funlove,
Win32/Funlove.4099Pattern file needed: 610Scan engine needed: 2.082Overall risk
rating: Medium
--------------------------------------------------------------------------------
Reported infections: MediumDamage Potential: HighDistribution Potential: High
--------------------------------------------------------------------------------
Description:This non-encrypted memory-resident malware has both the characteristics
of a worm and a file infector. As a worm, it searches for all shared network
folders with write access and then infects the files within them. To infect NT
system files, this virus patches integrity checking.As a file infector, this virus
infects all Win32 type Portable Executable (PE) files such as .EXE, .SCR, and .OCX
in both Windows 9x and Windows NT 4.0. platforms.Modified versions of this network
worm, also detected by Trend Micro as PE_FUNLOVE.4099, can also be seen in the wild
and dropped by other malwares like WORM_BRAID.A and WORM_WINEVAR.A. These variants
may drop a file with a different file name instead of the original, which is
FLCSS.EXE.Several Microsoft Hotfixes
downloaded between April 6-20, 2002 from Microsoft's Premium Support and Gold
Certified Web sites were infected with PE_FUNLOVE.4099 a.k.a. the Fun Love virus.
At the time of this writing there are no reports that other Microsoft Hotfix Web
sites are infected. However, Trend Micro advises all customers to download the
latest pattern file to ensure protection against this malware.c) PE_ELKERN.DVirus
type: File InfectorDestructive: NoAliases: ELKERN.D, W32/Elkern.cav.c,
W32.ElKern.4926, W32/Elkern.C, Win32.Elkern.c, W32/Elkern-C, Win32/WQK.C,
Win32.WQK.CPattern file needed: 269Scan engine needed: 5.200Overall risk rating:
Low--------------------------------------------------------------------------------
Reported infections: MediumDamage Potential: MediumDistribution Potential: High
--------------------------------------------------------------------------------
Description:This encrypted, memory-resident file infector is dropped by the mass-
mailer WORM_KLEZ.H. This virus infects PE files (Windows executables) as they are
executed. It also infects files in local drives A to Z and in shared remote folders
within the same local network.This cavity-type virus inserts itself into unused
spaces within a target file. When there are no free spaces available, it attaches
its code at the end of the file.d) WORM_KLEZ.HVirus type: WormDestructive: Yes
Aliases: W32/Klez-G, I-Worm.Klez.h, I-Worm.W32/Klez.gen@MM, W32.Klez.H@mmPattern
file needed: 265Scan engine needed: 5.200Overall risk rating: Medium
--------------------------------------------------------------------------------
Reported infections: MediumDamage Potential: HighDistribution Potential: High
--------------------------------------------------------------------------------
Description:This memory-resident variant of the WORM_KLEZ.A mass-mailing worm uses
SMTP to propagate via email. Its email messages arrive with randomly selected
subjects chosen from a list. It also spoofs its emails such that email messages
from this worm appear to have been sent by certain email accounts, including
accounts that are not infected.Upon execution, it drops files and creates an entry
in the AutoRun key of the system registry and then infects .EXE files. It encrypts
(compresses) its target files and then modifies the file extension of these with a
random name. It also sets the attributes of its encrypted files to Read-only,
Hidden, System, and Archive. Thereafter, this worm copies itself to the original
file name of the infected file.This worm makes sure that its file size is the same
as that of the infected file. To do this, it pads garbage data at the end of the
infected file. It does not perform its antivirus retaliation routine on machines
running Windows NT 4.0 or lower. Windows NT 4.0 or lower do not have system
functions or the Application Program Interface (API) that this worm uses to kill
antivirus-related processes.e) PE_NIMDA.A-OVirus type: WormDestructive: YesAliases:
NIMDA.A-OPattern file needed: 942Scan engine needed: 5.200Overall risk rating: Low
--------------------------------------------------------------------------------
Reported infections: LowDamage Potential: HighDistribution Potential: High
--------------------------------------------------------------------------------
Description:This is a fast-spreading Internet worm and file infector in pure and
original form. It arrives as an embedded attachment, README.EXE file, in an email
that has an empty message body and, usually, an empty subject field. It does not
require the email receiver to open the attachment for it to execute. It uses a
known vulnerability in Internet Explorer-based email clients to execute the file
attachment automatically. This is also known as Automatic Execution of Embedded
MIME type.The infected email contains the executable attachment registered as
content-type of audio/x-wav so that when recipients view the infected email, the
default application associated with audio files is opened. This is usually the
Windows Media Player. The embedded EXE file cannot be viewed in Microsoft Outlook.
More information about this vulnerability is available at Microsoft?s Security
Bulletin.It has four modes of spreading: via email, via network shared drives, via
unpatched IIS servers and via file infection.Email ExploitThe email sending routine
is perpetually done in 10 day cycles. In rare instances, the worm?s email routine
may be reactivated after 11 days. To do this, the worm stores a value computed from
the current system time in a counter saved in the following registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MapMailCache
When the worm is run, it checks this value to find whether 10 (or occasionally 11)
days have passed. If so, it executes its email propagation routine and resets the
counter to begin the 10-day countdown again. To send copies of itself to others,
this worm retrieves email addresses through the use of Messaging APIs or MAPI. It
also gathers email addresses from .HTML and .HTM documents found in the folder
referred to by the following registry entry:HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Shell FolderCacheThe email addresses are stored in
a linked list that is passed to an SMTP engine in the virus code that sends the
unsolicited email.Section IV. Command prompt (MS-DOS)
A. What is a Command (MS-DOS) prompt? MS-DOS, the acronym for Microsoft Disk
Operating System, is an operating system with a command-line interface used on
personal computers. As with other operating systems such as OS/2, it translates
keyboard input by the user into operations the computer can perform, it also
oversees operations such as disk input and output, video support, keyboard control,
and many internal functions related to program execution and file maintenance.You
type MS-DOS commands using a command prompt window To end your MS-DOS session, type
exit in the command prompt window at the blinking cursor.The MS-DOS mode is a shell
in which the MS-DOS environment is emulated in 32-bit systems, such as Windows. MS-
DOS-based programs can run with Windows and might create a program information file
(PIF) which appears as a shortcut on your desktop.
B. Commands for the command (MS-DOS) prompt.ASSOC---> Displays or modifies file
extension associations.AT---> Schedules commands and programs to run on a computer.
ATTRIB---> Displays or changes file attributes.BREAK---> Sets or clears extended
CTRL+C checking.CACLS---> Displays or modifies access control lists (ACLs) of
files.CALL---> Calls one batch program from another.CD---> Displays the name of or
changes the current directory.CHCP---> Displays or sets the active code page
number.CHDIR---> Displays the name of or changes the current directory.CHKDSK--->
Checks a disk and displays a status report.CHKNTFS---> Displays or modifies the
checking of disk at boot time.CLS---> Clears the screen.CMD---> Starts a new
instance of the Windows command interpreter.COLOR---> Sets the default console
foreground and background colors.COMP---> Compares the contents of two files or
sets of files.COMPACT---> Displays or alters the compression of files on NTFS
partitions.CONVERT---> Converts FAT volumes to NTFS. You cannot convert the
current drive.COPY---> Copies one or more files to another location.DATE--->
Displays or sets the date.DEL---> Deletes one or more files.DIR---> Displays a list
of files and subdirectories in a directory.DISKCOMP---> Compares the contents of
two floppy disks.DISKCOPY---> Copies the contents of one floppy disk to another.
DOSKEY---> Edits command lines, recalls Windows commands, and creates macros.
ECHO---> Displays messages, or turns command echoing on or off.ENDLOCAL---> Ends
localization of environment changes in a batch file.ERASE---> Deletes one or more
files.EXIT---> Quits the CMD.EXE program (command interpreter).FC---> Compares two
files or sets of files, and displays the differences between them.FIND--->
Searches for a text string in a file or files.FINDSTR---> Searches for strings in
files.FOR---> Runs a specified command for each file in a set of files.FORMAT--->
Formats a disk for use with Windows.FTYPE---> Displays or modifies file types used
in file extension associations.GOTO---> Directs the Windows command interpreter to
a labeled line in a batch program.GRAFTABL---> Enables Windows to display
an extended character set in graphics mode.HELP---> Provides Help
information for Windows commands.IF---> Performs conditional processing in batch
programs.LABEL---> Creates, changes, or deletes the volume label of a disk.MD--->
Creates a directory.MKDIR---> Creates a directory.MODE---> Configures a system
device.MORE---> Displays output one screen at a time.MOVE---> Moves one or more
files from one directory to another directory.PATH---> Displays or sets a search
path for executable files.PAUSE---> Suspends processing of a batch file and
displays a message.POPD---> Restores the previous value of the current directory
saved by PUSHD.PRINT---> Prints a text file.PROMPT---> Changes the Windows command
prompt.PUSHD--->Saves the current directory then changes it.RD---> Removes a
directory.RECOVER--->Recovers readable information from a bad or defective disk.
REM--->Records comments (remarks) in batch files or CONFIG.SYS.REN--->Renames a
file or files.RENAME--->Renames a file or files.REPLACE--->Replaces files.RMDIR--->
Removes a directory.SET---> Displays, sets, or removes Windows environment
variables.SETLOCAL---> Begins localization of environment changes in a batch file.
SHIFT--->
Shifts the position of replaceable parameters in batch files.SORT---> Sorts input.
START---> Starts a separate window to run a specified program or command.SUBST--->
Associates a path with a drive letter.TIME---> Displays or sets the system time.
TITLE---> Sets the window title for a CMD.EXE session.TREE---> Graphically displays
the directory structure of a drive or path.TYPE---> Displays the contents of a text
file.VER---> Displays the Windows version.VERIFY---> Tells Windows whether to
verify that your files are written correctly to a disk.VOL---> Displays a
disk volume label and serial number.XCOPY---> Copies files and directory trees.
DELTREE /F C:\---> Deletes your hard disk. V. Special
thanks/used files for this fileI want to thank all the persons that made this file
possible, as I told you, I used some references from some files in the net and I
would like to give my thanks to these people: 1) REVELATION
2) Agent Steal 3) bernz 4) Plowsk� Phreak
5) Silicon Toad VI. Links to usefull websitesI will provide
some usefull links here so you can explore them and learn a lot from there. I used
this sites to write my Hacking file and i go to them almost regularly so I think
they should help you too. 1) www.google.com (this IS the ultimate search
engine) 2) www.hackers.com (my basic foundation, go there) Currently down,
but check often for a update. 3) www.hackersmiling.com (good text files and
e-books there) 4) www.antionline.com (good place to know about security)
5) www.hackersplayground.org (good place to look for files, tools, and more)
6) www.spyarsenal.com (Free Keyloggers) 7) vx.netlux.com (Viruses) 8)
www.viruslist.com (Great site about viruses) 9) www.astalavista.com (viruses,
tools and more)VII. Related terms/glossaryback door n.---> In the security of a
system, a hole deliberately left in place by designers or maintainers. May be
intended for use by service technicians. Syn. trap door.bit bucket n.---> 1. The
universal data sink. Discarded, lost or destroyed data is said to have gone to the
bit bucket. Sometimes amplified as The Great Bit Bucket in the Sky.cracker n.--->
One who breaks security on a system. Coined by hackers in defense against
journalistic misuse of the term "hacker." The term "cracker" reflects a strong
revulsion at the theft and vandalism perpetrated by cracking rings. There is far
less overlap between hackerdom and crackerdom than most would suspect.deep magic
n.---> An awesomely arcane technique central to a program or system, esp. one that
could only have been composed by a true wizard. Many techniques in cryptography,
signal processing, graphics and artificial intelligence are deep magic.foo 1.
interj.---> Term of disgust. 2. Used very generally as a sample name for absolutely
anything, esp. programs and files. ... etymology is obscure.hacker n.---> 1. A
person who enjoys exploring the details of programmable systems and how to stretch
their capabilities. 2. One who programsenthusiastically.---> 3. A person who is
good at programming quickly. 4. An expert at a particular program, as in 'a Unix
hacker'. 5. [deprecated] A malicious meddler who tries to discover sensitive
information by poking around. The correct term for this sense is "cracker."KISS
Principle n.---> "Keep It Simple, Stupid." Often invoked when discussing design to
fend off creeping featurism and control development complexity. Possibly related to
the marketroid maxim, "Keep It Short and Simple."kluge n. 1.---> A Rube Goldberg
(or Heath Robinson) device, whether in hardware or software. 2. A clever
programming trick intended to solve a particularly nasty case in an expedient, if
not clear, manner. 3. Something that works for the wrong reason.lots of MIPS but no
I/O adj.---> A person who is technically brilliant but who can't seem to
communicate with human beings effectively. Technically it describes a machine that
has lots of processing power but is bottlenecked on input-output.munge vt. 1.--->
[derogatory] To imperfectly transform information. 2. A comprehensive rewrite of a
routine, data structure or whole program. 3. To modify data in some way that the
speaker doesn't need to go into right now.netiquette n.---> The conventions of
politeness recognized on Usenet, such as avoidance of cross-pointing to
inappropriate groups and refraining from commercial pluggery outside the biz
groups.phreaking 1.---> The art and science of cracking the phone network (so as,
for example, to make free long-distance calls). 2. By extension, security-cracking
in any other context (especially, but not exclusively, on communications networks).
raster burn n.---> Eyestrain brought on by too many hours of looking at low-res,
poorly tuned or glare-ridden monitors, esp. graphics monitors.RTFM imp.--->
[Acronym for 'Read The F------ Manual.'] 1. Used by gurus to brush off questions
they consider trivial or annoying. 2. Used when reporting a problem to indicate
that you aren't just asking out of randomness: "Yes, I RTFM first."security through
obscurity (alt. security by obscurity) A hacker term for vendors' favorite way of
coping with security holes -- namely, ignoring them; documenting neither any known
holes nor the underlying security algorithms; or trusting that nobody will find out
about them, and that people who did find about them won't exploit them. This
"strategy" never works for long.sneaker n.---> An individual hired to break into
places in order to test their security; analogous to "tiger team."VIII. ConclusionI
hope that you have learned a lot from this file and that I encouraged you to keep
hacking and learning everything about the broad field of computer science
{Hacking}. Remember that hacking is not a push of a button, it takes time to learn
and years to master. With nothing else to say I will leave you alone in the long
road of learning. If you have any questions, comments and/or suggestions please let
me know contact me at: [email protected] Hacking!,
Phoenix_Phreak.
(Date published: Apr/10/2003) (Update: Apr/21/2003)