The Newbies Handbook- ' How to beging in the World of Hacking.txt

  **************************************************************************
  **************************************************************************
  *********************** NEWBIES HANDBOOK ******************************
  ************** HOW TO BEGIN IN THE WORLD OF H/P ************************
  ********************** BY : Plowsk� Phreak ***********************************
  ***************************************************************************
  ***************************************************************************
Disclaimer-
 I am not responsible for any of the information in this document, if it is
 used for any other purpose than educational reading. Some of the 
information on this page can be used illegally if the reader does not act 
responsible. The reader is responsible for his own actions.
You can copy anything from this file to any other file as long as you quote,
 dont change it up, and give me the proper credit...like:
NEWBIES HANDBOOK
HOW TO BEGIN IN THE WORLD OF H/P
BY : Plowsk� Phreak
Into:
  
When I got into hacking, i realized that there wasnt many text philes for  
newbies. so, i decided to write one. i dont really care about misspelled 
werds or puncuation so, please ignore the mistakes. In this document i will
refer you to other documents a lot. (because why should i waste my time 
rewriting something that has already been writen?) If at anytime while 
reading this document you ask yourself "So...How do I hack?", then go away 
now and save yourself the frustration because you'll never learn. To   
hack you must understand everything about a system, and then you can get  
ideas and try them out. 
 
I tried to keep this phile as short as possible, when you read this you 
should just get an idea about how to hack and why we hack. If you read this
document and the philes that i have listed, you should have a good idea
on what to do, how to do it, and why. Remember every 'project' is different.
You have to use your brain and adjust to each different one. 
Tools:
 
There are a few things you need to have to be a hacker/phreaker. 
'puter - computer (duh)
terminal software - a program like, hyper terminal or ordinary terminal 
that allows you to dial out to another system.
blue box  - (exerpted from 2600faq)Blue boxes use a 2600hz tone to size 
control of telephone switches that use in-band signalling. The caller may 
then access special switch functions, with the usual purpose of making 
free long distance phone calls, using the tones provided by the Blue Box.

scanner - a scanner is a program that dials out every number in your area 
and listens for tones that are comming from other modems. (helps you locate
your local targets) a good scanner is Toneloc. Find it!
Fone (phone) line - I hope you know whut this is...
It also helps to know a computer language ex: C, C++ ect.

Info resources:
I dont know many good boards anymore because almost all of their sysops 
(system operators) have been busted.  But I suggest you get a server that 
uses netscape and get unlimited access to the www(World wide web). And visit
 these good homepages by entering their name in the webcrawler search 
engine (http://webcrawler.com)
 
Silicon Toads Hacking Resources
Flamestrike Enterprises
The Plowsk� Page (mine, you can reach me from there)
Matervas Hideout
Burns Lair
Cold fire
  From these pages you will find a wealth of information on h/p 
                                                        (hacking/phreaking)

getting started: 
 the first thing you must do is get on your computer, open your terminal 
software and connect to a board. (bulletin board, bbs).  This is a must!
(its also a VERY basic thing). (You can usually find a bbs number on a 
homepage or enter bbs in a search engine.) Now that you can do that, start 
reading. Read as many text philes as possible. 
Required reading: 
Hackers Manifesto (at bottom)
Hackers Code of ethics
Any old issues of Phrack
any old issues of 2600
2600faq
any text documents on systems (unix, iris, dec)
DOD (department of defense) standards
Any philes on boxes (blue(one at bottom), red, beige)
 
For beginners, which most of you probably are, I suggest you find some of 
the following systems that exist in your area and work on them first. (they 
are the easiest and least risky)
This next segment is excerpted from:
A Novice's Guide to Hacking- 1989 edition 
                by            
            The Mentor                              
    Legion of Doom/Legion of Hackers

IRIS-      IRIS stands for Interactive Real Time Information System.  It orig-inally ran on PDP-11's, but now runs on many other minis.  You can
           spot an IRIS by the 'Welcome to "IRIS" R9.1.4 Timesharing' banner,
           and the ACCOUNT ID? prompt.  IRIS allows unlimited tries at hacking
           in, and keeps no logs of bad attempts.  I don't know any default
           passwords, so just try the common ones from the password database
           below.
           Common Accounts:
           MANAGER
           BOSS
           SOFTWARE
           DEMO
           PDP8
           PDP11
           ACCOUNTING
DEC-10-    An earlier line of DEC computer equipment, running the TOPS-10
           operating system.  These machines are recognized by their
           '.' prompt.  The DEC-10/20 series are remarkably hacker-friendly,
           allowing you to enter several important commands without ever
           logging into the system.  Accounts are in the format [xxx,yyy] where
           xxx and yyy are integers.  You can get a listing of the accounts and
           the process names of everyone on the system before logging in with
           the command .systat (for SYstem STATus).  If you seen an account
           that reads [234,1001]   BOB JONES, it might be wise to try BOB or
           JONES or both for a password on this account.  To login, you type
           .login xxx,yyy  and then type the password when prompted for it.
           The system will allow you unlimited tries at an account, and does
           not keep records of bad login attempts.  It will also inform you
           if the UIC you're trying (UIC = User Identification Code, 1,2 for
           example) is bad.
           Common Accounts/Defaults:
           1,2:        SYSLIB or OPERATOR or MANAGER
           2,7:        MAINTAIN
           5,30:       GAMES

UNIX-      There are dozens of different machines out there that run UNIX.
           While some might argue it isn't the best operating system in the
           world, it is certainly the most widely used.  A UNIX system will
           usually have a prompt like 'login:' in lower case.  UNIX also
           will give you unlimited shots at logging in (in most cases), and
           there is usually no log kept of bad attempts.
           Common Accounts/Defaults: (note that some systems are case
           sensitive, so use lower case as a general rule.  Also, many times
           the accounts will be unpassworded, you'll just drop right in!)
           root:       root
           admin:      admin
           sysadmin:   sysadmin or admin
           unix:       unix
           uucp:       uucp
           rje:        rje
           guest:      guest
           demo:       demo
           daemon:     daemon
           sysbin:     sysbin
Code of ethics:
 
Once you get in a system, do not manipulate anything but the log file 
(erase the record of your bad logins) and anywhere you might have left your
 handle. (name, a.k.a.) You dont want to leave your handle anywhere because
 they WILL be able to track you down by your handle alone.
Its ok to be paranoid!
Dont think for one minute that you are undetectable, if you make any 
mistakes, you could get caught. Here is a list of things you could do to 
help yourself from getting in trouble.
 
* Encrypt your entire hard drive
* hide your files in a very safe spot.
* dont tell anyone that you dont know very well about your hacking. Good 
  hackers never reveal specific details to anyone about their current project.
  They give only very vague hints of what they are doing. 
* dont openly give out your real name or address
* dont join any major hacking groups, be an individual.
* Dont hack government computers, ESPECIALLY YOUR OWN GOVERNMENTS! Foreign 
  computers can sometimes be phun, but dont say i didnt warn you!
* Make sure that you dont leave any evidence that you have been in a system 
  and any evidence of who it was.
* Use your brain.
If you follow most of these guidelines, you should be safe. The last thing 
you want is to end up in a one room apartment located in the third floor of
the state prision with your cellmate Bruno, the ax murderer,  whose doing 
life.
Getting in:
The hardest thing about hacking is getting the numbers for a system. You 
can do this by using a scanning program. Then, once you connect to a system
you must first recognise what kind of system you have connected to. (by the
way, for you real brainiacs, you have to use your terminal software to call
another system.) You can usually do this by looking at the prompt you get,
if you get one. (check the Unresponsive section) Sometimes a system will 
tell you as soon as you connect by saying some thing like "hello, welcome 
to Anycompany using anysystem v 1.0" When you determine what system you have
connected to, this is when you start trying your logins. You can try typing
in demo and as your userid and see if you can find any users names to try.
If you enter a name and you are allowed in without a password you usually, 
but not always, have entered a name that you cant do a whole lot with but, 
it can still be phun and you can probably find clues on how to get in on 
another name.
While your in:
There are usually many interesting files you can read in all of these 
systems. You can read files about the system. You might want to try a help 
command. They will usually tell you a lot. Sometimes, if your lucky, you can
man...