Hackers Handbook.doc

(956 KB) Pobierz
- T H E -

- T H E -

- H A C K E R ' S -

- H A N D B O O K -

Copyright (c) Hugo Cornwall

All rights reserved

 

First published in Great Britain in 1985 by Century Communications Ltd

Portland House, 12-13 Greek Street, London W1V 5LE.

Reprinted 1985 (four times)

ISBN 0 7126 0650 5

Printed and bound in Great Britain by Billing & Sons Limited, Worcester.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CONTENTS

 

 

 

Introduction                                                     vii

First Principles

2 Computer-to-computer communications                             7

3 Hackers' Equipment                                             15

4 Targets: What you can find on mainframes                       30

5 Hackers' Intelligence                                          42

6 Hackers' Techniques                                            57

7 Networks                                                       69

8 Viewdata systems                                               86

9 Radio computer data                                            99

10 Hacking: the future                                          108

 

Appendices

 

 

 

I troubleshooting                                               112

 

II Glossary                                                     117

 

III CCITT and related standards                                 130

 

IV Standard computer alphabets                                  132

 

V Modems                                                        141

 

VI Radio Spectrum                                               144

 

VII Port-finder flow chart                                      148

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

INTRODUCTION

 

 

 

   The word 'hacker' is used in two different but associated

 

ways: for some, a hacker is merely a computer enthusiast of any kind,

 

who loves working with the beasties for their own sake, as opposed to

 

operating them in order to enrich a company or research project --or

 

to play games.

 

 

 

   This book uses the word in a more restricted sense: hacking is a

 

recreational and educational sport. It consists of attempting to make

 

unauthorised entry into computers and to explore what is there. The

 

sport's aims and purposes have been widely misunderstood; most

 

hackers are not interested in perpetrating massive frauds, modifying

 

their personal banking, taxation and employee records, or inducing

 

one world super-power into inadvertently commencing Armageddon in the

 

mistaken belief that another super-power is about to attack it. Every

 

hacker I have ever come across has been quite clear about where the

 

fun lies: it is in developing an understanding of a system and

 

finally producing the skills and tools to defeat it. In the vast

 

majority of cases, the process of 'getting in' is much more

 

satisfying than what is discovered in the protected computer files.

 

 

 

   In this respect, the hacker is the direct descendant of the phone

 

phreaks of fifteen years ago. Phone phreaking became interesting as

 

intra-nation and international subscriber trunk dialling was

 

introduced, but when the London-based phreak finally chained his way

 

through to Hawaii, he usually had no one there to speak to except the

 

local weather service or American Express office, to confirm that the

 

desired target had indeed been hit. One of the earliest of the

 

present generation of hackers, Susan Headley, only 17 when she began

 

her exploits in California in 1977, chose as her target the local

 

phone company and, with the information extracted from her hacks, ran

 

all over the telephone network. She 'retired' four years later, when

 

friends started developing schemes to shut down part of the phone

 

system.

 

 

 

   There is also a strong affinity with program copy-protection

 

crunchers. Most commercial software for micros is sold in a form to

 

prevent obvious casual copying, say by loading a cassette, cartridge

 

or disk into memory and then executing a 'save' on to a

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

** Page VII

 

 

 

blank cassette or disk.  Copy-protection devices vary greatly in

 

their methodology and sophistication and there are those who, without

 

any commercial motive, enjoy nothing so much as defeating them. Every

 

computer buff has met at least one cruncher with a vast store of

 

commercial programs, all of which have somehow had the protection

 

removed--and perhaps the main title subtly altered to show the

 

cruncher's technical skills--but which are then never actually used

 

at all.

 

 

 

   Perhaps I should tell you what you can reasonably expect from this

 

handbook.  Hacking is an activity like few others: it is semi-legal,

 

seldom encouraged, and in its full extent so vast that no individual

 

or group, short of an organisation like GCHQ or NSA, could hope to

 

grasp a fraction of the possibilities. So this is not one of those

 

books with titles like Games Programming with the 6502 where, if the

 

book is any good and if you are any good, you will emerge with some

 

mastery of the subject-matter. The aim of this book is merely to give

 

you some grasp of methodology, help you develop the appropriate

 

attitudes and skills, provide essential background and some

 

referencing material--and point you in the right directions for more

 

knowledge. Up to a point, each chapter may be read by itself; I have

 

compiled extensive appendices, containing material which will be of

 

use long after the main body of the text has been absorbed.

 

 

 

   It is one of the characteristics of hacking anecdotes, like those

 

relating to espionage exploits, that almost no one closely involved

 

has much stake in the truth; victims want to describe damage as

 

minimal, and perpetrators like to paint themselves as heroes while

 

carefully disguising sources and methods. In addition, journalists

 

who cover such stories are not always sufficiently competent to write

 

accurately, or even to know when they are being hoodwink- ed. (A note

 

for journalists: any hacker who offers to break into a system on

 

demand is conning you--the most you can expect is a repeat

 

performance for your benefit of what a hacker has previously

 

succeeded in doing. Getting to the 'front page' of a service or

 

network need not imply that everything within that service can be

 

accessed. Being able to retrieve confidential information, perhaps

 

credit ratings, does not mean that the hacker would also be able to

 

alter that data. Remember the first rule of good reporting: be

 

sceptical.) So far as possible, I have tried to verify each story

 

that appears in these pages, but hackers work in isolated groups and

 

my sources on some of the important hacks of recent years are more

 

remote than I would have liked. In these

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

** Page VIII

 

 

 

cases, my accounts are of events and methods which, in all the

 

circumstances, I believe are true. I welcome notes of correction.

 

 

 

   Experienced hackers may identify one or two curious gaps in the

 

range of coverage, or less than full explanations; you can chose any

 

combination of the following explanations without causing me any

 

worry: first, I may be ignorant and incompetent; second, much of the

 

fun of hacking is making your own discoveries and I wouldn't want to

 

spoil that; third, maybe there are a few areas which are really best

 

left alone.

 

 

 

   Nearly all of the material is applicable to readers in all

 

countries; however, the author is British and so are most of his

 

experiences.

 

 

 

   The pleasures of hacking are possible at almost any level of

 

computer competence beyond rank beginner and with quite minimal

 

equipment. It is quite difficult to describe the joy of using the

 

world's cheapest micro, some clever firmware, a home-brew acoustic

 

coupler and find that, courtesy of a friendly remote PDP11/70, you

 

can be playing with Unix, the fashionable multitasking operating

 

system.

 

 

 

   The assumptions I have made about you as a reader are that you own a

 

modest personal computer, a modem and some communications software

 

which you know, roughly, how to use. (If you are not confident yet,

 

practise logging on to a few hobbyist bulletin boards.) For more

 

advanced hacking, better equipment helps; but, just as very tasty

...

Zgłoś jeśli naruszono regulamin