The Anarchist Cookbook (37 page)

a computer on the network called "UMCVMB", you would issue the following subcommand:

FTP UMCVMB.MISSOURI.EDU

Host "UMCVMB" will prompt you for an account name and password. If your login is

correct, FTP will tell you so, otherwise it will say "login incorrect." Try again or abort the

FTP program. (This is usually done by typing a special control character such as

CONTROL-C. The "program abort" character varies from system to system.)

Next you will see the FTP prompt, which is:

Ftp>

There are a number of subcommands of FTP. The subcommand "?" will list these

commands and a brief description of each one.

You can initiate a file transfer in either direction with FTP, either from the remote host

or to the remote host. The "get" subcommand initiates a file transfer from the remote

host (i.e. Tells the remote computer to send the file to the local computer [the one on

which you issued the "ftp" command]). Simply enter "get" and FTP will prompt you for the

remote host's file name and the (new) local host's file name. Example:

Ftp> get

Remote file name?

theirfile

local file name?

myfile

You can abbreviate this by typing both file names on the same line as the "get"

subcommand. If you do not specify a local file name, the new local file will be called the

same thing as the remote file. Valid FTP subcommands to get a file include the following:

get theirfile myfile

get doc.x25

The "put" subcommand works in a similar fashion and is used to send a file from the local

computer to the remote computer. Enter the command "put" and FTP will prompt you for

the local file name and then the remote file name. If the transfer cannot be done because

the file doesn't exist or for some other reason, FTP will print an error message.

There are a number of other subcommands in FTP that allow you to do many more things.

Not all of these are standard so consult your local documentation or type a question mark

at the FTP prompt. Some functions often built into FTP include the ability to look at files

before getting or putting them, the ability to change directories, the ability to delete files

on the remote computer, and the ability to list the directory on the remote host.

An intriguing capability of many FTP implementations is "third party transfers." For

example, if you are logged on computer A and you want to cause computer B to send a file

to computer C, you can use FTP to connect to computer B and use the "rmtsend" command.

Of course, you have to know usernames and passwords on all three computers, since FTP

never allows you to peek into someone's directory and files unless you know their username

and password.

The "cd" subcommand changes your working directory on the remote host. The "lcd"

subcommand changes the directory on the local host. For UNIX systems, the meaning of

these subcommands is obvious. Other systems, especially those that do not have directory-

structured file system, may not implement these commands or may implement them in a

different manner.

The "dir" and "ls" subcommands do the same thing, namely list the files in the working

directory of the remote host.

The "list" subcommand shows the contents of a file without actually putting it into a file

on the local computer. This would be helpful if you just wanted to inspect a file. You could

interrupt it before it reached the end of the file by typing CONTROL-C or some other

special character. This is dependent on your FTP implementation.

The "delete" command can delete files on the remote host. You can also make and remove

directories on the remote host with "mkdir" and "rmdir". The "status" subcommand will

tell you if you are connected and with whom and what the state of all your options are.

If you are transferring binary files or files with any non-printable characters, turn binary

mode on by entering the "binary" subcommand:

binary

To resume non-binary transfers, enter the "ascii" subcommand.

Transferring a number of files can be done easily by using "mput" (multiple put) and "mget"

(multiple get). For example, to get every file in a particular directory, first issue a "cd"

command to change to that directory and then a "mget" command with an asterisk to

indicate every file:

cd somedirectory

mget *

When you are done, use the "close" subcommand to break the communications link. You will

still be in FTP, so you must use the "bye" subcommand to exit FTP and return to the

command level. The "quit" subcommand will close the connection and exit from FTP at the

same time.

Mail

Mail is the simplest network facility to use in many ways. All you have to do is to create

your message, which can be done with a file editor or on the spur of the moment, and then

send it. Unlike FTP and Telnet, you do not need to know the password of the username on

the remote computer. This is so because you cannot change or access the files of the

remote user nor can you use their account to run programs. All you can do is to send a

message.

There is probably a program on your local computer which does mail between users on that

computer. Such a program is called a mailer. This may or may not be the way to send or

receive mail from other computers on the network, although integrated mailers are more

and more common. UNIX mailers will be used as an example in this discussion.

Note that the protocol which is used to send and receive mail over a TCP/IP network is

called SMTP, the "Simple Mail Transfer Protocol." Typically, you will not use any program

called SMTP, but rather your local mail program.

UNIX mailers are usually used by invoking a program named "mail". To receive new mail,

simply type "mail". There are several varieties of UNIX mailers in existence. Consult your

local documentation for details. For example, the command "man mail" prints out the

manual pages for the mail program on your computer.

To send mail, you usually specify the address of the recipient on the mail command. For

example: "mail [email protected]" will send the following message to username

"knight" on host "umcvmb".

You can usually type in your message one line at a time, pressing RETURN after each line

and typing CONTROL-D to end the message. Other facilities to include already-existing

files sometimes exist. For example, Berkeley UNIX's allow you to enter commands similar

to the following to include a file in your current mail message:

r myfile

In this example, the contents of "myfile" are inserted into the message at this point.

Most UNIX systems allow you to send a file through the mail by using input redirection.

For example:

mail [email protected] < myfile

In this example, the contents of "myfile" are sent as a message to "knight" on "umcvmb."

Note that in many UNIX systems the only distinction between mail bound for another user

on the same computer and another user on a remote computer is simply the address

specified. That is, there is no hostname for local recipients. Otherwise, mail functions in

exactly the same way. This is common for integrated mail packages. The system knows

whether to send the mail locally or through the network based on the address and the user

is shielded from any other details.

"The Quest For Knowledge Is Without End..."

123.Phrack Magazine - Vol. 3, Issue 27 by Knight Lightning

DECnet is the network for DEC machines, in most cases you can say VAX's. DECnet allows

you to do:



e-mail



file transfer



remote login



remote command



remote job entry



PHONE

PHONE is an interactive communication between users and is equal to TALK on UNIX or a

"deluxe"-CHAT on VM/CMS.

BELWUE, the university network of the state Baden-Wuerttemberg in West Germany

contains (besides other networks) a DECnet with about 400 VAX's. On every VAX there is

standard-account called DECNET with pw:= DECNET, which is not reachable via remote

login. This account is provided for several DECnet-Utilities and as a pseudo-guest-account.

The DECNET-account has very restricted privileges: You cannot edit a file or make

another remote login.

The HELP is equipped by the system and is similar to the MAN command on UNIX.

More information on DECnet can be found in "Looking Around In DECnet" by Deep Thought

in this very issue of Phrack Inc.

Here, at the University of Ulm, we have an *incredibly* ignorant computer center staff,

with an even bigger lack of system-literature (besides the 80kg of VAX/VMS-manuals).

The active may search for information by himself, which is over the level of "run,"

"FORTRAN," or "logout." My good luck that I have other accounts in the BELWUE-

DECnet, where more information is offered for the users. I am a regular student in Ulm

and all my accounts are completely legal and corresponding to the German laws. I don't

call myself a "hacker," I feel more like a "user" (. .it's more a defining-problem).

In the HELP-menu in a host in Tuebingen I found the file netdcl.com and the corresponding

explanation, which sends commands to the DECNET-Account of other VAX's and executes

them there (remote command). The explanation in the HELP-menu was idiot-proof --

therefore for me, too :-)

With the command "$ mcr ncp show known nodes" you can obtain a list of all netwide

active VAX's, as is generally known, and so I pinged all these VAX's to look for more

information for a knowledge-thirsty user. With "help", "dir" and other similar commands I

look around on those DECnet accounts, always watching for topics related to the BELWUE-

network. It's a pity, that 2/3 of all VAX's have locked the DECNET-Account for

NETDCL.COM. Their system managers are probably afraid of unauthorized access, but I

cannot imagine how there could be such an unauthorized access, because you cannot log on

this account -- no chance for trojan horses, etc.

Some system managers called me back after I visited their VAX to chat with me about the

network and asked me if they could help me in any way. One sysop from Stuttgart even

sent me a version of NETDCL.COM for the ULTRIX operation system.

Then, after a month, the HORROR came over me in shape of a the following mail:

--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---

From: TUEBINGEN::SYSTEM 31-MAY-1989 15:31:11.38

To: FRAMSTAG

CC:

Subj: don't make any crap, or you'll be kicked out!

From: ITTGPX::SYSTEM 29-MAY-1989 16:46

To: TUEBINGEN::SYSTEM

Subj: System-breaking-in 01-May-1989

To the system manager of the Computer TUEBINGEN,

On May 1st 1989 we had a System-breaking-in in our DECNET-account, which started from

your machine. By help of our accounting we ascertained your user FRAMSTAG to have

emulated an interactive log-on on our backbone-node and on every machine of our VAX-

cluster with the "trojan horse" NETDCL.COM. Give us this user's name and address and

dear up the occurrence completely. We point out that the user is punishable. In case of

repetition we would be forced to take corresponding measures. We will check whether our

system got injured. If not, this time we will disregard any measure. Inform us via DECnet

about your investigation results -- we are attainable by the nodenumber 1084::system

Dipl.-Ing. Michael Hager

--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---

My system manager threatened me with the deleting of my account, if I would not

immediately enlighten the affair. *Gulp*! I was conscious about my innocence, but how to

tell it to the others? I explained, step by step, everything to my system manager. He then

understood after a while, but the criminal procedure still hovered over me... so, I took

quickly to my keyboard, to compose file of explanations and to send it to that angry

system manager in Stuttgart (node 1084 is an institute there). But no way out: He had run

out of disk quota and my explanation-mail sailed into the nirwana:

--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---

$ mail explanation

To: 1084::system

%MAIL-E, error sending to user SYSTEM at 1084

%MAIL-E-OPENOUT, error opening

SYS$SYSROOT:[SYSMGR]MAIL$00040092594FD194.MAI;

as output

-RMS-E-CRE, ACP file create failed

-SYSTEM-F-EXDISKQUOTA, disk quota exceeded

--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---

Also the attempt of a connection with the PHONE-facility failed: In his borderless

hacker-paranoia, he cut off his PHONE... and nowhere is a list with the REAL-addresses of

the virtual DECnet-addresses available (to prevent hacking). Now I stood there with the