-=ð=--=ð=- þ How to Hack þ þ Your Favorite BBS Systems þ -=ð=--=ð=- A BOM Squad Tutorial By Raven úúúú WARNING: Not to bore you or anything, BUT, remeber that this is strictly for informational purposes! I strongly disadvise you NOT to use any of the information given here to cause chaos, damage or destruction to any one else! And, if you do decide to, than good luck, but remember, if you get caught, ITS BECAUSE OF YOUR OWN DAMN STUPIDITY! Now that that's over with...Let's get own with the show!!! PART I The Basic Shit First, you need some essentials: A computer, a modem, a clue, a terminal program, and a bbs. Now that you have all that, set up a fake account on the board you wish to bring down. I highly suggest that you use a fake account. If the schmuck INSISTS on voice validating you, do to things: Kiss his ass badly! Your going to need some good access anyhow! Second...ask him to pick up the phone...I mean, you already are connected, so you can prove you are legit that way. You can even have your friends help you out in this part. Anyhow, we will asume you got validated. If not, oh well. Keep trying, or find a sysop who is as clueless as you are. Anyhow, if you even suspect he's got caller ID, I would suggest you try somewhere else, unless you have a box or something, which negates it. (Note: There is a command that stops caller ID. Something like *64. I'll look into it.) Next thing to do, is, when you think the sysop isn't home, start searching for passwords. Chat with the loser constantly, and if he's not a liar, he'll say he has to go, and he actually will. Never under-estimate him though. I would guess most of the time when a sysop says he's got to go, he sits at the terminal for another five or ten minutes. Anyhow, go for the gold, first. Sysops are generally stupid and lazy. Most of them never change the default password most bbs's give them (generally SYSOP). If that doesn't work, try the egotistical approach. A lot of sysops think that GOD is a really clever password. HA! Anyhow, if those two don't work, try some of these, or make up your own: SEX, LOVE, I LOVE YOU, his first/last name, something to do with his handle, QWERTY, you get the gist. If none of these work, try them on the sysop's pet (co-sysop)...If you still have no luck, go for some suck up users with good access. Also, you need your security, also. It looks really suspicious if Hacker X logs on at 12:00 pm, and then at 12:01.01 pm there are several attempts for the sysop's password. Alright...now that you either have an account, or some one elses password, flip to another section. Your work as a bbs hacker/crasher has only begun! PART 2 Hacking that Cheese System, WWiV First, I'd just like to say, if a dude is running WWiV, he deserves to get crashed. Okay, what you are going to do is this. Make a file called PKUNZIP.BAT. Have the first (and only) line read COMMAND. Zip it up, and upload it in the name of a cool file (so its not TOO obvious). Okay, call up the board, and upload it. Next, hit E off the file menu. It will ask you which file, and you should at this point punch in the file name you uploaded. This will extract the file in to a directory called TEMP. Now, after it's extracted, do it again. Congradulations! You are in DOS now...If you are two lame to figure out how, its because the computer jumped to pkunzip.bat file, and command puts you into DOS. First thing to do: delete *.log and laston.txt in the gfiles directory. This way, you're keeping him in the dark. Alright, now that all incriminatin' evidence is gone, its time for the fun to begin! First, I'd advise you goto his data directory (usually C:\WWIV\DATA), and typing up USER.LST...The first things you should see are the sysop's handle, name, phone number, address, etc. After that, follows the rest of the scrubs which call the board. You probally wanna capture that file, cuz it could be useful in the future. Oh, another thing to capture is the STATUS.DAT file in the main WWiV directory...In there, you can find all sorts of good stuff, like the system passwords (write those suckers down!). Alright, now that that stuff is down, type EXIT to return to the BBS. Now, you can do lots of phun stuff, like give yourself sl and dsl of 255, or whatever. If you are really in a destructive mood, there is a lot more to be had. First, you could stick a virus in the file which your uploading, and run the virus in the PKUNZIP.BAT file. Poor sap will never know what hit him. Or, if no destructive viruses/trojans are available, goto his DOS directory, and DEL *.*...Repeat it in all of his BBS directories. Then, when you goto exit, you'll get like a run-time error or something, and will be logged off. WWiV is probally the easyest bbs software to phuck around with. PART III Hacking TeleGard Haha...If the sysop is living life without a clue, TeleGard is almost as easy to hack as WWiV. If not, well, its tougher. First of all, your going to want to establish a fake account there. KISS THE SYSOP'S ASS! That is rule number 1. Upload him some new warez, donate a buck, whatever it takes! If the sysop if stupid, you don't even have to do that. If he does have a clue, though, then YOU MUST do what I said above. On the other hand, if you can find out his password, FUCK all that ass kissing, and start hacking! Hey, before I forget, another way to find out passwords of TG sysops is to read the USER.LST file you got off that lamer WWiV board, and check out what his password is there. He might just have his password the same on several board. If this happens, don't even feel bad about screwing over his board! He deserves it! Anyhow, once you have a good account goin for ya, upload the same type of file you gave the loose WWIV board. Okay, if you have good enough access, you should have access the Archives Menu, off the file menu...Enter that menu, and extract the file you uploaded, and it will do the same thing it does to WWiV. PART IV Hacking Forum Clones Okay...What's a forum clone? A forum clone is one of the loser BBS systems which all look the same. Still lost? LSD, Emulex, Extreme, Oblivion/2, Celerity, Monarch, Havok and others are considered forum clones. To bash a forum clone, your either going to need the sysop's or the co-sysop's password. You can use the ways I mentioned to get their passwords, or you can use your own ways. Anyhow, once you get their passwords, log on as one of them. Goto the doors menu (P from main), and use the sysop commands to open a new door (%). Make up a batch file with the following commands: 1) CTTY COM1...2) COMMAND. If you know the sysop is using COM2, then change COM1 to COM2. Alright...Run the door! You will be transported to DOS, and Wa-Lah! If you don't have sysop's access, try this. Upload a file called USERS. with the following DSZ commands. DSZ sz -fs \\. What this does, is uploads a new users data file, which you program yourself, to his data directory. The trick is, you have to know where his USERS. file is, so yours over rights his. Once ya got that, log on under the password you assigned him, and crash, crash, crash! Another thing that does, is wipes out all his user records! PART V Hanging Boards Haha...A child could hang a board with EASE! Alright, so you pick your target...A simple way to do it is just drop carrier while a door is opening or closing, or when a data file is being writen. There are better ways, though. For example, to hang a WWiV for a long time, //UPLOAD a text message in the message areas. Make it a normal thing, but at the end, stick an escape code in there which is invalid. Example: ESC [349857m. WWiV will have no idea how to take it, and will hang until the sysop comes and reset it. You really want to hang a board?? This way's a jem! Upload a file under the following names - COMx.* (x= a number from 1-4) AUX.* PRN.* CON.* CLOCK$.* x:.* (x = a letter drive) LPTx.* Okay, upload yer file, and the board will try to access one of those things....Great, huh? Anyhow, you HAVE to use XModem, and if you try to create an archive of that name on your own computer, it will lock YOU up, so watch out. Hanging a board can be more powerful than crashing it...How? For example, if you hang the local site of a large net for a week while the sysop is on vacation, no one can get their mail, and in that area, the net is paralyzed. Have phun trying out these techniques! You can contact me at Garden of Souls, or most other Elite/HPA boards in North NJ! Cya, and good luck! (Special NOTE!!!!!!!!!!!!!!!!!!!!!!!!! The file we put out called BOMCOP.ZIP which told about the flaw in a cop car is no longer any good. The flaw has been fixed so please DON'T try it! Later!