|[z1] [z2] [z3] [z4] [z5] [z6] [z7] [z8] [z9]|
The Cyberarmy Webboard FAQ ver .1
It's rather obvious that if one runs a high-quality website, word about the site will spread fast. If that site deals with Internet security, word spreads even faster. Such is the case with CyberArmy. Add in a Discussion Forum and you are flirting with hell. Fortunately, the administrator of the site not only can maintain a server, but is able to script in Perl, modifying a normal WWWboard script into something to be reckoned with.
But no scripting will ever make a WWWboard impervious to idiots, newbies, and just the average free-loader looking to get a quick answer to a complicated problem. Enter this short FAQ, something to give those of you who know very little less incentive to post questions that have already been asked or simply cannot be answered. I must warn you that if (after the release of this FAQ) you decide to post a question directly corresponding to something explained in this FAQ, you will most likely not have your question answered at all, or get flamed for failing to read this.
There may be things I fail to go over here completely, and for that I apologize ahead of time. The intent of this FAQ is mainly to answer any simple questions that would have been posted to the Discussion forum that didn't need to be. If you know something that I don't, please email me at the address above and let me know what I can add to this. Any additional info will be added at a later date.
Note: I am assuming that all users reading this are using a Windows computer and don't know about Linux, I'd simply say "get linux", but you all want quick solutions to your problems for an OS that you already understand.
"How do I change my IP?"
This question is asked a lot by users from IRC, and is actually worded wrong. The answer is, you really can't change your IP address, at least, the method of doing so is not within the scope of this document, and most likely, if you are asking this question, you wouldn't be able to comprehend the method anyway. The reason why you cannot hide, change, or fake your IP is because that is the way that you send data to and from a server. If you have a different IP, you would have to be in a different place at a different address when you clearly are not, so you wouldn't receive any data back.
And yet you are certain there is a way to change or "hide" your IP because your friend on IRC just did it. Actually, he/she didn't. Most likely their IP is actually another computer running something that you can take advantage of as well. It's called a Wingate.
Wingate is a program made by Deerfield that allows cable modem and other users to share one IP address for several computers across a LAN (Local Area Network). Its popularity has risen due to its ease of use. By IP masquerading, a user can allow numerous computers to share one IP address and therefore surf the net, check email, and do several of the most simple Internet functions.
The problem with earlier versions of Wingate was that certain ports that were meant to be only accessible by the LAN were actually available to anyone on the Internet. And not logging access to the ports by default added to the abuse. A user could have a Wingate running and not even know they were being abused. The exploitable ports were located at 23 and 1080, the telnet and SOCKS port.
By telneting to port 23 and entering in a minimal amount of info, a hacker could travel to practically anywhere and would be assumed to be from a different IP address. Without logging the individuals who abused Wingates, there was no way that individual could be found. More recent versions have addressed this issue and have virtually no problems so older versions of Wingate are hard to find.
You can do a search for a Wingate of your own by downloading the latest version of wGateScan, a program created by Pixel and Edena. It can be found at http://web.avo.fr/pixel/progs, or other places on the net, go to a search engine and type in "wingate scanner" and see what you get. Version 3.0 is the latest, but most people use 2.2 and get along fine. I like the logging functions of the 3.0 release, but aside from that, they are basically the same.
Get on IRC and find someone's IP address by typing "/dns <nick>". Don't worry, they won't know you did it. This is usually one of the better ways to get a good IP to start a search. A lot of people just type in 24.X.X.X, filling the X in with whatever number between 1 and 255. With wGateScan, you can search Class B and C subnets for a wingate IP address, but if I were you, I'd fill in as much as possible and just search the Class C for now. If you have a better connection than analog modem, you can try searching more.
It's pretty self-explanatory if you have a minimal amount of IP knowledge. Just use the default settings to look for a computer that gives you a "WinGate>" prompt. If you need help, feel free to email me and I'll do what I can. Click scan and off it goes, looking for Wingate after Wingate, and when it's done it will notify you if it found anything.
Remember, Wingates are slowly being upgraded or removed, and you most likely won't find any your first time. If that fails, there are helpful people at CyberArmy who provide valid working Wingates from time to time on the Wingate database. Some of them may not work, but if you have their IP address, you can put it in the scanner and search a whole subnet for possible others that may be working.
After you have a good list of Wingate IPs, load up mIRC (Most likely you are using this) and type "/server <wingate> 23" placing in one of your Wingate's IP numbers. It will look like this:
*** Connecting to 18.104.22.168 (23)
Local host: gitch.foobar.net (22.214.171.124)
Connecting to host NICK...Host name lookup for 'NICK' failed
USER Isefe "gitch.foobar.net" "126.96.36.199" none
Connecting to host USER Isefe "gitch.foobar.net" "188.8.131.52" ...Host name lookup for 'USER Isefe "gitch.foobar.net" "184.108.40.206" ' failed
Then the computer will just idle right there waiting for you to send it info. Type "/raw <server> <port>" substituting in the name of the IRC server and port. You will then be notified of your connection:
-> Server: or.enterthegame.com 6667
Connecting to host or.enterthegame.com...Connected
-Tx.EnterTheGame.Com- *** Looking up your hostname...
-Tx.EnterTheGame.Com- *** Checking ident...
-Tx.EnterTheGame.Com- *** No ident response; username prefixed with ~
-Tx.EnterTheGame.Com- *** Found your hostname
You are about halfway done at this point. You must then type "/raw NICK <nick>" with your nickname and then immediately follow with "/raw USER hi ho hi ho" or just 4 separate words after the USER. You need to hurry when you do this as you will most likely be timed out. If everything works right, you will get the following:
-> Server: NICK raize
-220.127.116.11- *** If you are having problems connecting due to ping timeouts, please type /notice 226740C0 nospoof now.
-Tx.EnterTheGame.Com- *** If you need assistance with a connection problem, please email email@example.com with the name and version of the client you are using, and the server you tried to connect to: Tx.EnterTheGame.Com
-> Server: USER hi ho hi ho
Local host: gitch.foobar.net (18.104.22.168)
Welcome to the ETG IRC Network firstname.lastname@example.org
Your host is Tx.EnterTheGame.Com, running version dal4.6.7b.DreamForge
This server was created Tue Feb 5 2002 at 02:28:07 CST
Tx.EnterTheGame.Com dal4.6.7b.DreamForge oiwsghOkcfrRaAb biklmnopstvR
NOQUIT TOKEN WATCH=128 SAFELIST are available on this server
From there you are pretty much good to go, type "/dns <nick>" and check your nick to see your new IP address. You don't really have a new one, you will have the same IP address when you web browse and check email, but in IRC, everyone will think you are from the computer that has the Wingate. Don't abuse the Wingate by getting yourself banned from a network, you will run into plenty of Wingates that already have been banned. Some IRC networks automatically check to see if you are on a Wingate and kick accordingly.
What about the SOCKS server? Well, it is self-explanatory, you go to the options and setup the firewall connection to the server at port 1080 instead and then your nickname and etc. This is a lot simpler, but if you ask me, I like seeing what is going on as I work, that way I know what is going on. The choice is up to you.
"How do I
I don't condone nuking people. It's really lame and it doesn't even work anymore, but a good place to start is to download a nuker off the net. These things are a dime a dozen, I prefer getting one called Voob that will let you specify a port to nuke. Other people suggest getting nukes that will attack entire subnets, but why do that? Most likely you are mad at one person on IRC and not his whole domain.
DOS (Denial of Service) attacks are meant to cripple a computer so it no longer functions in one way or another. With Voob, you must be attacking a Windows 95 computer with absolutely no upgrades and the ISP has to not be filtering any attacks. You won't be able to find a situation where this works. And if you do, it will probably be a Thailand user on a wierd ISP, and most likely they won't be pissing you off. If you want to try anyway, the port # is 139. Every now and then you can find a port with a port scanner that you can try nuking elsewhere, but most likely it won't work.
So in short, you can't nuke just anyone. I hate to put it this bluntly, but you can't. If the user is running Windows 98, about the only thing you can do is a smurf attack with a *nix OS. In fact, there are several DOS attacks for other operating systems that work quite well. Because of the way that Windows is written, there is only so much that can be compiled for the operating system programming-wise.
But there is a program that you can use called Click, included with the 7th Spere IRC program, that takes advantage of Winsock 2.0 features. You will have to upgrade if you still have Windows 95, I suggest going to tucows.com and getting any Win95 updates that you can. The way the program works is you put in the user's IP address, and then type "/whois <nick>" and get the name of the server they are on. What this program does is attempt to temporarily fake the server or the client into thinking you are the client or server, respectively. Then it proceeds to tell the computer it closed the socket and their connection is gone.
This program is working less and less too. Plus you never know what port the user is connected to the server as. And, since you are dealing with a server, you have to be careful that you don't get caught by them and turned in. Try nuking the client side when you do so and just pretend to be the server. Most often the server is patched against this kind of attack anyway.
Smurfing is also an easy way to do a DOS attack against someone, but you will need Linux to do so. What happens is that your IP address is temporarily spoofed like with Click, but instead of sending a nuke, it sends a fake "ping" requesting a reply from a server that will actually broadcast your IP to many servers, all replying at once. You will then be flooded with too much bandwidth and no doubt be disconnected.
There are other programs like Land, Pepsi, Hanson and more, but most of them are outdated or only work in an operating system other than Windows. I cannot stress enough how important getting another OS is. It is like opening another world, and you can get more out of it, too.
"How do I
hack my school?"
Although this is a good way to seriously screw yourself over, I'd rather tell you what little you can do here, and then require you NOT to ask this question on the Discussion Forum. A lot of times you'll run into a school network with PCs, and something like FoolProof preventing you from doing anything, like installing a game to play. Or maybe you want to impress your friends. Don't look here (or to the Web Board for that matter) for information on how to change your grades, however.
The first thing that you should immediately do on an IBM is hit "Ctrl-Alt-Del" (3-finger salute) and see what you can close down. A lot of times programs will prevent you from doing so, but if you can, see what you find. Most likely if you can shut down whatever is preventing you from running different services, you will be fine.
Also, open up a web brower and put in "file:///c|/windows/command.com" You should then get a DOS prompt and you can proceed to edit the C:\windows\win.ini and system.ini files to your liking, (ie. Get rid of FoolProof). If the program isn't loaded from there, check the C:\autoexec.bat and config.sys files for anything funny. If you don't know what I'm talking about when I say edit these files, please read up elsewhere a tad bit more, Cyberarmy posters should be well beyond simple batch and .ini file editing.
If the system has screen savers, you can edit the C:\windows\control.ini file and change the PWprotected line from 1 to 0. Also don't forget to delete any info that falls after "Pasword=" in the same file. You should be able to bypass their screensaver password now. I suppose that this doesn't occur much at school, so it is more of something you'd run into at work.
Also, if you can't boot from a floppy and know a tad bit about BIOS configuration, download a file called killcmos.zip. It can be found on FTPsearch at Lycos. All you have to do is run it and it sets the BIOS back to when the computer was first bought, which most likely will mean you can now boot from floppy. Stick your boot floppy in and go.
Open up notepad or wordpad and look for "command.com" in the main directory. Save it as something else on the desktop with ".com" and run it. Also use notepad or wordpad to make a .bat file that simple does a "call command.com" and you're set. Or, just right-click on a normal desktop and add a shortcut. You'll find that sometimes you can shortcut to command.com. Depends on how secure the computer is.
I realize that none of these items will actually be hacking your school, but then again, you all know how to use trojans and virii, or goto C:\windows\command\fdisk.exe" and get rid of whatever. The computer will be gone for a while. I guess nothing is really all that great to hack a school computer with.
For the schools that have Mac's, you can try rebooting the computer and holding down the Shift key as it boots up. If the computer has MacAdmin, try using Deliver file to mount someone's folder and you'll find that sometimes you will have access to the entire server setup. If you delete the whole thing, the sys admin will be screwed for quite some time.
Also, if the computer uses RevRdist, you can goto My Computer:System Folder:Startup: and remove anything you find in there. If you can't get into the System folder, look for some programs on the Internet that will let you. Also remember that hitting OpenApple, Option and Esc will Force Quit problem applications in case there is something running in the foreground to prevent you from having fun. The Extensions folder has a lot of goodies in it that can be ditched as well. Or if you have access to the Control Panel, shut off whatever you can with the numerous items located there.
"How do I
hack a webpage?"
You absolutely will need Linux or something other than Windows to do this efficiently. There is a program called FrontPage, made by Microsoft, that is very foolish in it's security and saves a password file right out in the open so anyone can read it. I won't provide any programs to help you, but you will need FrontPage, a Unix password cracker, and a program called Grinder from Rhino9 Security. You can find exploitable servers with Grinder by looking for /vti_pvt/service.pwd on a server.
Download the file, and edit it so it goes from this:
Then run a simple cracking program on it overnight and in the morning you'll have the username and password to get into the server. Or maybe they will have it so login can only be done locally and never remotely, then you did all that work for nothing, but still check to see if you can telnet in and give a username and password at port 23. Who knows, you might get lucky and find a shell, then use Linux and other exploits to get root.
If you have linux, run imap, mountd, or named, and get exploitable servers. It really doesn't take much to be a script kiddy. Remember, you did ask a VERY general question of how to hack a webpage, so you can't me to tell you everything. You will *never* find someone who is willing to hold your * while you hack. I blotted that out for good reason. You simply must learn to do everything on your own. There are no ifs, ands, or buts to it, either. I'm sorry if I wasn't much help, but then again, you will most likely give up within 3 days so it's no skin of my back.
Additional Questions that may soon be addressed are listed below. Don't ask these on the WWWboard either.
do I hack Hotmail, Geocities, etc?
Okay, so I was in an odd way wrong about the fact that free email and free webspace providers can no longer be exploited. But when you are resorting to brute force cracking, it's a good sign they really don't have any actual bugs in their software, hence the term "cracking".
I was referred to a program by "4m4ZeD", who has apparently been cracking hotmail accounts here and there via this method. The name of the program is HotHack+, and sadly, I can safely guarantee it no longer works. Well, it does, but the user has to have a premium account, and you have to have a fairly nifty computer to have several socket connections open at once. If you don't have a good computer/connection, you aren't going to get too far.
The other problem is much more severe in nature, because most likely, the person you are trying to hack is using Hotmail for free service and hasn't paid for POP3 access (Premium Account). Which means that even if you send the correct username and password to the POP3 server, it will say wrong password and you won't know the difference.
So, POP3 email hacking does *not* work. Brute force can be done via another method, however. If someone setup a simple server to run a CGI script, it could attempt to login to Hotmail and brute force that way. But this is time consuming, and since less people will be hacking this way, Hotmail will definitely notice and may just set their router to deny any access from your subnet, or worse yet, the subnet which is hosting the CGI. This can get you in big trouble, I don't recommend it.
As for Geocities, Yahoo, and Rocketmail, they most likely have a similar system worked out and even if they are crackable, they won't be for long. You'll have to try POP3 email crackers on their servers and find out yourself.
I won't spend my time on this. I don't believe that these programs even work. I haven't ever seen one work, and you have to install like a 30 meg archive of ActiveX objects and nonsense to even get some of them to run. Sounds pretty pointless to me. If you want to waste your time though, head to www.warforge.com.
Itís called a trojan. Once again, this is something I donít even want to mess with. You can go to www.warforge.com or www.cultdeadcow.com if you feel a need to learn more. Iíd have to say to be very careful when using trojans, even if you have permission, some states have laws against the use of such software.
If you have the bandwidth, I'd suggest heading to www.slackware.com/zipslack and looking at what is offered there. You can download a zip file that can be expanded into a fully functional version of Linux that you can boot from DOS, without having to partition your computer. It's a neat idea and I'd like to see more distributions do the same.
Use www.altavista.com :P)
Can I put html tags anywhere in my posts?
Usually No. You can not use HTML tags in any field, while I a few security issues are resolved. We have the option of allowing or disallowing any HTML in the Message part of your posting. Don't waste your time adding <IMG SRC="my 133t banner"> tags to your post, because it just takes the page longer to load when this server has to pull your 133t banner off the GeoCities 0-daY WaReZ site you are about to have deleted for content violations.
Why is my post killed because of a 'CYRYL lamesness warning'?
Our board is protected by a script routine that reads all posts before they go on the board. If you are trying to posts something, for example, like 'teach me how to hack' or 'how do I hack Geocities pages?' your post will not get through. At least, 90% of the time. Get a life and post somewhere else.
Why do I get that rude message when I use the <blink> tag, any <*script> tag, or a <meta> tag?
Because those tags suck and we don't like them.
Why do I sometimes get "ERROR: XX Minute Post Rule" error messages?
We have hard-coded some "anti-spam" features into the cgi scripts to prevent people from spamming the WWWBoard. If you see the error message when posting or replying to a post, then simply hit the browser "Back" button, wait the given time and try again. It might be frustrating, but the spam prevention code has been added to allow users to enjoy the freedom the original WWWBoard gives, with the added security of the "anti-spam cgi code" to prevent abuse.
Why do I get an "Access Denied" Message when I try to post something?
Because either you, someone using the IP address you currently have, or someone from your class B or C IP block is a stupid lamer and you are currently banned indefinitely. If you think there is a mistake, then contact us, and we will consider your request for removing the ban. To check and see if you are banned, check the current ban list.
Why hasn't anybody answered my question(s)?
Probably because you asked some stupid questions. Be more creative, and if you ask a dumb enough question, then maybe you'll at least get flamed. It never hurts to RTFM either. Try a search engine first if you think your question just *might* be stupid.
Why are there colons in the message when I try to post a followup?
Colons appear in the message dialog box when you try to follow up on a message to indicate that those lines are quoting the previous document. Leave them there if you want people to know who is saying what.
Why didn't my post show up?
Your post most likely did not show up, because your browser did not reload the page, it simply pulled it out of cache. Please reload your browser and it should then appear, j3w cl00less GIMP!@#$^!!!
Where can I get the scripts for this program?
This script is an improved version of Matt Wright's Script. That script had heaps of security holes, bugs, etc. This board is a complete open source fix made by people like www.cyberarmy.com, Epicurus, and Ken Williams. It is codenamed 'The Mr.Fong Device'. You will find the source for this improved script at cyberarmy.