Sept. 7, 1998
URL of the day: http://www.geek-girl.com/unix.html the
UNIX Reference Desk
See back issues of the Happy Hacker Digest and Guides to (mostly)
Harmless Hacking at http://www.Happyhacker.org.
GTMHH en espanol: http://underhack.islatortuga.com
TABLE OF CONTENTS
**This week's posts**
* RE: How to download Real Audio files
* Your own BO scanner
* Back Orifice detection and removal
* Re: Juno gold
* Tutorial on Hacking Into Linux boxes
* IE can read local files
**This week's Questions**
* Whats an osh shell?
* How to decrypt a win95 password?
**Answers to previous Questions**
* Response to "Virii Question" in 8/31 HHD...
*** RE: How to download Real Audio files
From: Dmitry Markushevich <Dmitry@Home.Com>
You are not necessarily right here. Any real audio files that
hosted on a HTTP server can be downloaded like you described.
More serious users actually use RealAudio server with it you
can access the
actual file without the real player, because the directory structure
described in the url does not correspond to the one that http
For example, a ram file I downloaded contained this string:
Obviously this is not something IE would be able to access.
From: milenko <email@example.com>
I really wish this worked - but it doesn't. Most real
are stored on special real audio servers using special real audioprotocol.
These servers can't be accessed by your browser - even if you
correct port. You need to use your realaudio player.
This sucks because the real player has all kinds of restrictions.
For example, if the realaudio server tells your client that a
copyrighted the client doesn't let you save it. It would
be kinda cool if
someone made an unrestricted "pirate" realplayer.
If anyone knows how to save from a realaudio server please
*** Your own BO scanner
This is for people who are paranoid about downloading Anti
Orifice programs like AntiGen (www.arez.com/fs) or Back Orifice
Eliminator (www.bardon.com), fearing that they're laced with
BoSniffer.zip, I forget the URL it can be found in) then you
write a simple batch file to detect and delete Back Orifice's
Here's what mine looks like:
8< --- Cut here ---
rem Change \Windows to \Win95 or \Win98 if that's what you have
rem throughout the code.
if not exist C:\Windows\System\exe~1 goto End
if not exist C:\Windows\System\windll.dll goto End
echo WARNING! Back Orifice is in your system!
echo Restart in DOS and run this again to delete it.
echo 1. Exit and restart?
echo 2. Clean (already in DOS)
choice /C:12 /N
if errorlevel 2 goto Clean
if errorlevel 1 goto End
attrib -h -r -s -a C:\Windows\System\exe~1
attrib -h -r -s -a C:\Windows\System\windll.dll
echo Back Orifice files have been deleted.
8< --- Cut here ---
Save it with a .BAT extension and put it in your StartUp folder
you want it to run everytime you start Windows.
You still have to edit the Registry to get rid of the (.exe)
(Default) found in:
But BO won't run without windll.dll and exe~1.
Oh yeah, I'm not responsible if the info here damages your
It worked fine on my Win95 and Win98. You're taking the risk
in using it.
Any corrections are always welcome.
- Moonlit Angel
*** Back Orifice detection and removal
(Reprinted from the Bugtraq list. To subscribe to Bugtraq, email
LISTSERV@NETSPACE.ORG with message "subscribe bugtraq".)
From: The Late Ian Angles <ia@ST-ANDREWS.AC.UK>
I'm just back on the bugtraq list so apologies if anyone's already
this and we don't know about it....
One of my colleagues, Simon Smith, has written a Back Orifice
and removal program called B.O.R.E.D (which stands for something
obscene than the working title...) and can be obtained from:
with a few explanations.
Any (uh, most :-) comments and criticism will be appreciated
deleted, restored from backup, printed off and recycled as firelighters)
*** Re: Juno gold
From: firstname.lastname@example.org (Graham J Pearce)
DISCLAIMER: I am in no way associated with Juno Online Services,
except that I heavily use their free service.
Juno Gold is Juno's new file-attachments service. Yes, they
this because most people don't know how to UUen/decode, and don't
time to bother. But easy file attachments is NOT *all* that you
$2.95/month (well, you do have to pay $35.40 for a whole year
at a time...)
You get the ability to SEND file attachments, which you didn't
but besides that:
With the free Juno service, you get a 1MB mailbox, and a 2MB
send/receive quota. With Juno Gold, you get a 5MB mailbox, and
send/receive daily quota. (You also have a 50MB annual
But more to the point, the free service can only accept mails
under 64K -
and that includes the headers, the text of the message, and all
Anything bigger than that gets bounced back to the sender. Juno
you 1 Meg per message, including headers, message, and attachments.
Juno Gold also gets rid of that tagline that says "You don't
need to buy
internet access..." but you can get rid of it with the free
Juno by cc'ing
the message to a Juno address (can even be your own.)
There are other benefits of Juno gold that are not relevant
here; for more
info on the differences between and limits of Juno Gold/Juno
Web (Juno Web
gives you the same e-mail limits as Gold, plus web access, for
a blank e-mail to email@example.com.
Besides that, there are much better encoders/decoders than
Winzip. Winzip is
not free; Wincode is an excellent freeware en/decoder. Look for
freeware/shareware coders on Simtel.Net under:
Windows 9x/NT: ftp://ftp.simtel.net/pub/simtelnet/win95/decode
Windows 3.x: ftp://ftp.simtel.net/pub/simtelnet/win3/decode
Sorry, you'll have to find your own Linux programs for now...
And by the
way, your attachments that show up at the bottom of your message
likely NOT uuencoded. Most file attachments these days use MIME/BASE64,
which has been known to get corrupted 3 out of 5 times after
UUencoding, however, works reliably w/Juno. Personally, I
don't use Gold.
Sure, it places some limits on you, most of which _can_
be worked around,
BTW. If you would like more information about Juno, or how you
the entire Internet through free Juno, please e-mail me at firstname.lastname@example.org.
*** Tutorial on Hacking Into Linux boxes
From: "admin" <email@example.com>
I have written a Tutorial on Hacking Into Linux boxes and
have got a very
good responce from newbies and beginners although I have got
threats from "top-gun?" hackers.
The reason why I am telling you this is I heard you seem to
go through that
type of thing alot and I was wondering if you may have any tips
on this type
The 2nd reason I am posting this to you is because I would
like to give
newbies and learners alike the ability to start hacking... I
hear too often
these words " I have linux, now what??"
My tutorial and web site is at www.hack.co.za
May this post be sent to the list "as is"?
Thanking you very much for your time...
darkmetal ( www.hack.co.za )
"hack into them as they hack into us"
Ps. keep up the great work..
*** IE can read local files
From: Georgi Guninski <guninski@USA.NET>
There is a bug in Internet Explorer 3, 4.0, 4.01 (for version
see Microsoft's info below), which allows a specially designed
web page to
read text or HTML files from the user's computer and send their
an arbitrary host, even if the user is behind firewall. The bug
Another way to exploit this bug is to send a specially designed
an Outlook Express/IE4 user.
Demonstration of this is available at:
Microsoft has released a patch at:
The source of the page:
<TITLE>Read text/HTML file with Internet Explorer 4.01></TITLE>
<BODY>This demonstrates a bug in IE 4.01 under Windows
95 (don't know for
other versions), which allows reading text or HTML file on the
<B>Create the file c:\test.txt</B> and its contents
are shown in a message
box. The file may be sent to an arbitrary server even if behind
This file is created by <A
alert("This page demonstrates reading the file C:\\test.txt
(you may need to
create a short file to view it)");
*** Whats an osh shell?
Whats an osh shell? My shell account server is doing some
instead of a bash shell it's an osh shell, it doesn't have near
commands or even pine or elm or sendmail.
I'm curios to know what exactly an osh shell is.
*** How to decrypt a win95 password?
From: "Steven kok" <firstname.lastname@example.org>
I was wondering if any one knows how to decrypt a win95 password.
Please email me if you know how to do it, and tell me how it's
*** Response to "Virii Question" in 8/31 HHD...
From: FiReWaLL <email@example.com>
In the August 31 edition of the HHD, Dmitry Markushevich wondered
if it was
possible to PHYSICALLY damage your computer's hardware.
As any good gamer
kows, it IS possible to destroy variable clock-speed 3D accelerators
3Dfx VooDoo chipset based cards by overclocking them too high.
virus specifically targeting these devices could quite easily
fry your 3Dfx
However, as far as I know (and I have occasionally been messing
with these things...), it is not possible to PERMANENTLY damage
a hard drive,
although it is likely possible to render it unsalvageable by
format programs. If this is the case, the drive manufacturer
may have to
"reinitialize" the drive.
Hope this helps!!
From: Mach5 <firstname.lastname@example.org>
There is no way any one could 'blow up' your hard drive or
like that, the one you probably heard was the Good Times Virus
hoax (if you
wanna know about it search yahoo, its pretty funny to read) which
supposedly caused a whole bunch of crap.
The worst virus that I know of is win98_CIH, which attemps
to send some
garbage to overwrite flash bios, causing your computer to not
causing you to go buy a new BIOS chip for 5 bucks, also, this
work if your BIOS is write protected, and not on all machines
attacks the 26th of every month, too). CIH (AND BACK ORIFICE,
by the way)
can be easily cleaned with AVP (www.avp.com).
Later dood, don't worry about that s&#$ unless your a
warez feind or like to
DL canned h4x0r proggiez.
[Dale: Ever try to buy a new BIOS chip? Call AMI and ask them
for one, see
what they tell ya... Sometimes the simplest thing can be a BIG
pain in the butt!
Also - I think it's "outie", not "audi"...]
This is a list devoted to *legal* hacking! If you plan to
information in this Digest or at our Web site to commit crime,
Foo on you! Happy Hacker is a 501 (c) (3) tax deductible organization
in the United States operating under Shepherd's Fold Ministries.
This is all a plot to save your immortal souls!
For Windows questions, please write Roger Prata<email@example.com>
firstname.lastname@example.org; for Macs, write Strider <Strider@clarityconnect.com>.
Happy Hacker Digest editor: Dale Holmes <email@example.com>
Happy Hacker Grand Pooh-bah: Carolyn Meinel <>