home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacker's Arsenal - The Cutting Edge of Hacking
/
Hacker's Arsenal - The Cutting Edge of Hacking.iso
/
texts
/
hack-pcb.txt
< prev
next >
Wrap
Text File
|
2001-07-11
|
4KB
|
71 lines
═══════╣∞╠════════════════════════════════════════════════╣∞╠══════
·- ────────── a sIMPLE wAY tO hACK pCBOARD aND sUCCEED ─────────── -·
An eMC TeXT SPReaD By Sniper
┤▌ In the past few months many sysops have turned away from FORUM ▐├
│▌ HACKS to Pcboard. Why you might ask? Well it is a very simple ▐│
│▌ question to answer. Pcboard is 100% more configurable than any ▐│
│▌ FORUM HACK out there. Anybody with a little programing backround▐│
┤▌ can write their own PPE's. Many of the authors have included ▐├
backdoors in their own PPE's to prevent sysop's to get away
· with not registering. Now here where I come in. I am running ·
· a board of my own (PCboard of Course) and I go into PWAFV where ·
│ it asks for a file name, so I just tried to type any file from │
│ there. (Ex. %C:\SHIT.TXT) To my surprise THe file was typed!!! │
│ to the screen, but that's nothing. I Logged onto The Deep, A │
│ 305 Phoenix board, And paged Great White the sysop. So I told │
│ him about that little BUG(?) in PWAFV and at the time he was │
│ setting up Slogon 2.0 from ViGilante, I told him he could put │
│ it in a Script file so that the board would run it. That's where │
│ it came together, Slogon writes a textfile for the AUTOMESSAGE. │
│ If you plug in %C:\PCB\MAIN\USERS in the AUTOMESSAGE when you │
│ Logoff, you can call back and when you get to see the │
│ AUTOMESSAGE what you see is the USERLIST with all the users │
│ PASSWORDS including the first one the sysop's account. From there│
│ you hang up, call back, and logon as the sysop and when your at │
│ the main menu run 9 and go to DOORWAY from there do what you │
│ think would be nice. Another way is to run a PPE from the AUTO- │
│ MESSAGE. Instead of the % you enter !C:\PCB\PPL\EXAMPLE.PPE │
│ you could run a USER EDITOR, or whatever tickles your dick. │
│ │
│ To the Sysops that run Pcboard, Well any PPE that lets a user │
│ input text and then display it is a risk. Just go through your │
· PPE's and check them out. As for Slogon 2.0 Just edit LINE 2 ·
· of SLOGOFF.CNF so that it doesn't include the AUTOMESSAGE as a ·
choice to the users. I already tried to execute and display files
from the DIR.LST file and it didn't work and I also tried it from
PWA's AUTOSIG Utility, And a few other PPE's and it didn't work.
But there are plenty more PPE's that have this fault.
If anybody finds any other BACKDOORS please write to me at
sniper@cybernet.cse.fau.edu
Greets go out to Fatal Error = Your the best Courier around
keep up the good work. ;-)
Great White = Thanks
Lost Rider = What happened to PNX ??
WiLDCHiLD = Fix it fast!!
The Speed Racer = What's Next?
The Untimed = Cant we all just get along?
BASiLiSK = Thanx for the release.
July 15, 1994 (c) eMC.
══════════════ THe eLiTe MaFia oF CRaCKeRZ ═════════════
Wana Be A Disto Site
Fill out the application EMC-APP.EXE Damnit!@
█████ ▄▄▄▀██ ██████
██ █▄▄▄▄▄ ██ ██ ██ ██ ██
▄▄▄▄▄▄ ██ ██ ██ ▄▄▄▄▄█
▀▀
... texts ...
