Trying 129.24.96.10...
Connected to callisto.unm.edu.
Escape character is '^]'.
220 callisto.unm.edu Smail3.1.28.1 #41 ready at Fri, 12
Jul 96 12:17 MDT
Hey, get a look at this! It didn't ask us to log in. It just
says...ready!
Notice it is running Smail3.1.28.1, a program used to compose
and send email.
Ohmigosh, what do we do now? Well, if you really want to look
sophisticated, the next thing you do is ask callisto.unm.edu
to tell you what commands you can use. In general, when you get
on a strange computer, at least one of three commands will get
you information: "help," "?", or "man."
In this case I type in:
help
... and this is what I get
250 The following SMTP commands are recognized:
250
250 HELO hostname
startup and give your hostname
250 MAIL FROM:<sender address>
start transaction from sender
250 RCPT TO:<recipient address>
name recipient for message
250 VRFY <address>
verify deliverability of address
250 EXPN <address>
expand mailing list address
250 DATA
start text of mail message
250 RSET
reset state, drop transaction
250 NOOP
do nothing
250 DEBUG [level]
set debugging level,default 1
250 HELP
produce this help message
250 QUIT
close SMTP connection
250
250 The normal sequence of events in sending a message is to
state the
250 sender address with a MAIL FROM command, give the recipients
with
250 as many RCPT TO commands as are required (one address per
command)
250 and then to specify the mail message text after the DATA
command.
250 Multiple messages may be specified. End the last one
with a QUIT.
Getting this list of commands is pretty nifty. It makes you
look really kewl because you know how to get the computer to
tell you how to hack it. And it means that all you have to memorize
is the "telnet <hostname> 25 " and "help"
commands. For the rest, you can simply check up on the commands
while on-line. So even if your memory is as bad as mine, you
really can learn and memorize this hack in only half an hour.
Heck, maybe half a minute.
OK, so what do we do with these commands? Yup, you figured
it out, this is a very, very primitive email program. And guess
why you can get on it without logging in? Guess why it was the
point of vulnerability that allowed Robert Morris to crash the
Internet?
Port 25 moves email from one node to the next across the Internet.
It automatically takes incoming email and if the email doesn't
belong to someone with an email address on that computer, it
sends it on to the next computer on the net, eventually to wend
its way to the person to who this email belongs.
Sometimes email will go directly from sender to recipient,
but if you email to someone far away, email may go through several
computers.
There are millions of computers on the Internet that forward
email. And you can get access to almost any one of these computers
without a password! Furthermore, as you will soon learn, it is
easy to get the Internet addresses of these millions of computers.
More how to forge email -->>
