==Phrack Inc.==Volume 0x0c, Issue 0x41, Phile #0x01 of 0x0f|=-----------------------------------------------------------------------=||=--------------------------=[ Introduction ]=---------------------------=||=-----------------------------------------------------------------------=||=-------------------=[ By The Circle of Lost Hackers ]=-----------------=||=-----------------------------------------------------------------------=|Welcome back. Another year has passed, another PHRACK issue is out, PHRACK65.Every time somebody gives me a present I end up thinking to the story of that gift. Where did it come from ? Who worked on it ? Did who worked on it ever thought that his work would have end up in my hands ? What about a PHRACK issue ? PHRACK comes from the underground, the underground worked on it, submittingpapers, sending feedback, commenting, spending long night chatting,reading, BREATHING. Does the underground still breath ? Things change, panta rei. As hackers, we have fun. We want fun. Hacking isfun. You know it because you did it, because you spent nights and nights onthis fucking fun, going to sleep at 6 a.m. and waking up three hours laterto present your face at school or work, with your brain still back home onyour encrypted work. Are you still having fun ? Please, don't take it personally, don't over-react. It's just a question.A question that everybody should pose to themselves every single day, nomatter what he is doing. FUN is not only PAYBACK. We are human, we lovereceiving congrats, who doesn't ? We LOVE seeing our little work spreadaround. We love the clap-clap-clap sound. But does it really boil down onlyto that ? When you lose fun and start doing things only for the payback, you're dead.Everyone of you who experienced a bad job or a bad exam topic knows thefeeling of "wasting time on useless things" that pops out in those moments.But, most of the time, you _HAVE TO_ do it. Well, nobody _HAS TO DO_ hacking. Nobody.If you are only doing that for a payback, than you are a DEAD hacker.If you are only doing that to present a paper to a conference, to see your name somewhere, than you are a DEAD hacker.It will work. You don't need fun to be skilled, you don't even need to beskilled to post or to go to a conference, there are so many around thateverybody has some hole to fix. But your touch with the underground isgone. Your responsibility towards friends, ideas, codes will slowly fadeaway. HACKING is also responsibility and FUN is the only way to not feel its pressureYou might disagree, just post on your idea. Maybe it is a too dark scenario, maybe it is just a spring blues, maybe I am just pessimistic, butthis is the feeling. This is money taking over everywhere, this is seeingmore and more things done only for the payback.This is seeing the underground heart beating slower and slower. PHRACK is just an example of what the underground has been able to do. Ofwhat we can do. But so many hackers out there are capable of disrupting thesystem without having to read or write a magazine like we do. We are entering into a period where Government and Politics are trying to control technology with supposed-anti-terrorism laws. And they don't lack money or good congrats.So please, please, help this fucking heart beating faster, pushing bloodaround. Please HAVE FUN. This is the 65th edition of Phrack and we are still alive. Despite thatsome people say they don't learn anything when reading phrack we still think that Phrack is one of the best underground communication methods. Ohwell, for sure, there are other and even better ways. But Phrack is one wayand probably not the worse. We have tried to release this issue earlier butediting a magazine (and especially Phrack) is not easy. We have received alot of positive comments after Phrack release #64 and a lot of people saidthey will contribute. However we did not see anything coming. Almost allarticles from this release are coming from our first circle of friends.Again.This release, despite that it is not the perfect one, tries to bringa good mix between technical articles and what we call spirit articles. Ourintroducing and concluding articles (Phrack Prophile and The UndergroundMyth) bring two opposite visions of the hacking underground. Contradiction? No. Freedom of speech.We have kept with our regular columns Phrack World News and International Scenes. We also have decided to publish less exploit articles. However, low-level hackers should find their way easily into this new release.[-]=====================================================================[-]For this issue, we are bringing you the following :0x01 Introduction TCLH0x02 Phrack Prophile of The UNIX Terrorist TCLH0x03 Phrack World News TCLH0x04 Stealth Hooking: another way to subvert the Windows kernel mxatone ivanlefou0x05 Clawing holes in NAT with UPnP felinemenace0x06 The only laws on Internet are assembly and RFCs Julia0x07 Hacking the System Management Mode BSDaemon, coideloko, d0nand0n0x08 Mystifying the debugger for ultimate stealthness halfdead0x09 Australian Restricted Defense Networks and FISSO The Finn0x0a Phook - The PEB Hooker shearer & dreg0x0b Hacking the $49 Wifi Finder openschemes0x0c The art of exploitation: Samba WINS stack overflow max_packetz0x0d The Underground Myth anonymous0x0e Hacking your brain: Artificial Conciousness -C0x0f International scenes variousWindows stealth hooking article brings a deep analysis of the XP kernel internals by presenting two sophisticated backdooring techniques. It is generally hard to find valuable reverse engineering articles covering*new* topics and satisfying our standards, but these guys have made a greatjob. Make sure also to check out the PEB Hooker and the full published source code if M$ software reversing is your thing. Both of those articleswill bring you a very good read.Felinemenace is featured again and brings you one of their latest hacks on more recent network protocols. Our second network article digs into FISSOby introducing not-so-public information about australian restrictednetworks. As we continue to care about cryptography, Phrack #65 includes a useful cryptographic concept of deniable encryption, a particulary relevant topic for hackers. Check out Julia's article for all details.As mentioned, we have tried to bring you the best low-level hacking around.Articles such as Hacking the System Management Mode, Hacking the $49 Wifi Finder, Mystifying the debugger, are not really 0day for those of youalready in the underground, but aim to bring you sufficiently material todevelop your creativity on that matter.Finally, we could not release Phrack without at least one exploitationarticle. Max Packets has done the job of describing step by step hisSamba WINS exploit. The information contained herein will certainly beenough for those of you guys who want to develop their own.Scene Shoutz:-------------Again, Phrack #65 could not have happened without so many people. Thanksto the admins, coders, hackers, scripterz.Shouts : mauro, sysk, leandro, assad, kiwicon for an amazing conference with a lot of original topics. As long as you stay a non profit event Phrack will support you! We are also looking forward to the next BACon in september 2008. Shouts to all south american hackers & expats.No shouts: All supposed "Underground people" who asked us million times when Phrack will be out but never contribute to the magazine. If you guys were a little more productive perhaps Phrack would be released more often. Also, we will -not- help poor indonesians bypassing government's p0rn websites filters. Sorry taufiks1428@gmail.com.Lames:* cucamonga (xt@docking.gaykansascity.com) has joined #phrack why hasnt phrack65 been leaked yet probably coz i don't have it probably cause nobody wants to read itPhrack has not been leaked this time...sorry for that... probably becauseshiftee needs to sharpen his hacking skills instead of posing on IRC. Hecould also read Phrack, we will not deny his IP address. Any questions,send us an email.Flames: vegas (insecure wannabe), HDM (pwnie coward)Enjoy the magazine![-]=====================================================================[-]Nothing may be reproduced in whole or in part without the prior writtenpermission from the editors. Phrack Magazine is made available to thepublic, as often as possible, free of charge.|=-----------=[ C O N T A C T P H R A C K M A G A Z I N E ]=---------=|Editors : circle[at]phrack{dot}orgSubmissions : circle[at]phrack{dot}orgCommentary : loopback[@]phrack{dot}orgPhrack World News : pwn[at]phrack{dot}org|=-----------------------------------------------------------------------=|Submissions may be encrypted with the following PGP key:(Hint: Always use the PGP key from the latest issue)-----BEGIN PGP PUBLIC KEY BLOCK-----Version: GnuPG v1.4.5 (GNU/Linux)mQGiBEYfRF0RBADcVdkdzGcuHTx/r3ymypC622BkkAa4tYEsVXkOBFwvGLy5+ILnM1nfwx1hfs1ZHQS53e8lxrs4j8qFSFuCTCQTCZuVFHaS9JDt+RfEyWwtmTTPfuhLTYj1RON33t7OGEuyAF9oIca0Uj0PSREyT0mwbAOBVTZfWEC2yBZao+c3iwCghHaQfRShZoA5iTfRNP+qnUyyyJ0EAIxix1TB2ImygXn+mPoPFxIOYh71eXsi2LXPPYU5Q2/snVork1wkGVjwB7Bn2cHEeyUVb8sHjXY18lGpXcx0jFjq7ZMFcBtevI4I1YJLkfFkxQvXb8jjA8UY0IJfvhQ86O7OCsg0LnuCpHtnQAX8bljxZA27RO8cHLWfwOBX4HhnBACZS4YrTKf5yC6HEVfB4j822a3hbmvuwSC9FVqJZzuW6agfeQjUMSi3TLigSW721aMesY2ZWsGCmD3OhapqWoDssb4qN+udlqzDj3urrlxsU2BthYyZkPyECf8qq5CzBOa7CZVj46XuNr0NebfKt8zJUahXUwXJ8WUG9Mq02IpCzrQxbG1iZHdyIChQaHJhY2sgcGVyc29ubmFsIGtleSkgPGxtYmR3ckBwaHJhY2sub3JnPoheBBMRAgAeBQJGH0RdAhsDBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEMA5IJciKhVsCjEAmwTYy0PGxRDutAz4AAidWnXLVTfwAJ9z0lNQtQNSVs6/NVR7QlYPA8b5RLkBDQRGH0RdEAQAvTWMbq05s05rQNPOGKngGbGnNunicDIPg4OfTieXXOa3HFDb3sGTCYpAUv4H7IPnei7jGCdsdrco1xmtQmQ+xVWoklb44G0wmmjVvnuIZ2DGhf6d3ijxGKZfL0oieBia/X68IIc+prAypwm7URlOAHVJnoHKCZG8MNcbD+5AyOsAAwUD/1JkpKjSXR48SzW+G6GVxh2N0bmDAFBTaNzVPn4Hpv0MQgdU5EAYc+Py+E3ehFVPdaoasTUA+Bzxx4qXeFGaQI0xvkBfHART3ai6k3boY6e29OMdprBNyRlCGvFmhYT98bKK1hyoD9kmm5zcHoyzr26RSEG1CcJhlp+i5E6o42qgiEkEGBECAAkFAkYfRF0CGwwACgkQwDkglyIqFWxBXQCfbL9co8kDl32Ri0iNcoQi+HF5YC0An16AqMNGoNZ0zOkN8avUCWe3zAAYmQGiBEZtVVQRBADK+AnxFD0Qg/kHQxo8ieAcypqBvSxl+O0YPwGTHhoxz7SapCKi68Tm9Dpe62RXgMqi72+JbzYXQW5SXrziE4cO4bIHv1oG+SVM5EnCj6N9gcH5xf+3ljE5URjIvuaOzwq+hp4o1736WVTzykJ/plItRx/91kciFLNdGfVjho109wCgz4OAjOFg66jw3iuaWlf1xyYhH+8D/R4gCTHwoHxhR5ndg/oBH5umPZ/o8r3YFKbm1DHTBKIipnq6Sisu6vYr80zR3MNYqT7//u27bDPXCtGaO68qHgZNYJ+Pl0g7mYTr7htFE+t0O+sn26P7Za/yKHzQpUMJi4EfRv1/7CW0JAG18DbWQDSZo0bcr95MuVVQQ+x2QYPkA/9/VrKDFjBWSPuHbowvyKCFOZ+rtlqQZBiV1vYx1cZX6uZCPiI9njfsvn1G+GNswTfruzngee/hPRimYayz4O6HmT7LBygz1MVMX0ViKrz4JHJzrH0EKm/+5+EvrdWYZfmYHj5RJp+E5vrbGfkqxrpRwWK2wE5hs8vVBSozBjScqbRhUGhyYWNrIHN0YWZmIDIwMDcgKFlldCBhbm90aGVyIGtleSwgdGhhdCBkb2VzbnQgZXhwaXJlIGFmdGVyIDEgZGF5IHRoaXMgdGltZSkgPGNpcmNsZUBwaHJhY2sub3JnPoheBBMRAgAeBQJGbVVUAhsDBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEDAEn2IWRoZwbQkAoIYvSaNwugFczTyUqpGiCHzb6KUZAKDAWIr2t7xSbQJnf/z80tvKmw88MIheBBMRAgAeBQJGbVVUAhsDBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEDAEn2IWRoZwbQkAn35TYBcJaUISdIV1iiFgoGYihlN9AKCzUmK7ynXAhta7GhOJpzkQdKDmabkBDQRGbVVUEAQAiNT5dMH5g6Yf+CSBjSnqb+B4sxDsb+kn2RezHGsq6JKpwQl3S5yBgPnW8h2G6VOU/u8OVINBmGNzBnv4EabAwTIoKnVrOI0yu4F1n0ZZt35Jk2omh9h1JzpEQ96gG4TSx2QJ4tf7qfP7By0brOiVtGKJ1CLaQAX27M9NqwH43M8AAwUD/RoIKIdjgfTAabtd4CdvnvAeLBmsZzGKGpzSqcwPyWhvj3ElCvkLL5JAK3dnIgTbmrpv2ep5KGeqkm/cbSNeHU8l9IaCX5Hd8QXWOKnf+zrbpJ90L3ZxSDZ1ZkSjMD4Ls6QxnRsJ4jqzt6GSAOPD5urYjpErjZDkvYZ4S4ynB6G9iEkEGBECAAkFAkZtVVQCGwwACgkQMASfYhZGhnAGQACdGlRjo7TYmHm7XMUOwhwSZ0hN43kAoIkhgLBdHfaOnskxc5YZX8CVYa2m=yjXZ-----END PGP PUBLIC KEY BLOCK-----phrack:~# head -22 /usr/include/std-disclaimer.h/* * All information in Phrack Magazine is, to the best of the ability of * the editors and contributors, truthful and accurate. When possible, * all facts are checked, all code is compiled. However, we are not * omniscient (hell, we don't even get paid). It is entirely possible * something contained within this publication is incorrect in some way. * If this is the case, please drop us some email so that we can correct * it in a future issue. * * * Also, keep in mind that Phrack Magazine accepts no responsibility for * the entirely stupid (or illegal) things people may do with the * information contained herein. Phrack is a compendium of knowledge, * wisdom, wit, and sass. We neither advocate, condone nor participate * in any sort of illicit behavior. But we will sit back and watch. * * * Lastly, it bears mentioning that the opinions that may be expressed in * the articles of Phrack Magazine are intellectual property of their * authors. * These opinions do not necessarily represent those of the Phrack Staff. */-EOF-