New Phrack

Anonymous Coward writes "A new issue of the Phrack Magazine, #60 has been released today. It details some decent technique about kernel exploitation (OpenBSD), Cisco remote exploit, how to backdoor a core bzimage kernel and other stuff. The ascii based magazine is available at phrack.org."

Wow...

[JPhule]

I remember reading phrack back in the day. It gave me fun things to do friends and foes before I realized how stupid a lot of it was. Building red, blue, biege etc. boxes and turning off my nieghbors phone. It was mostly juvenile stuff that just turned me into a little delinquent but it got me interested in the tech industry and I apprieciate that.

Cool domain

[alfaiomega]

The gzipped tarball of Phrack #60 is available at http://www.phrack-dont-give-a-shit-about-dmca.org/ archives/phrack60.tar.gz [phrack-don...t-dmca.org]

Nostalgia...

[alfaiomega]

After looking at Phrack #1 [phrack.org] from 1985 I decided that I just have to run
for i in `seq -w 1 60 | tac`; do wget http://www.phrack.org/archives/phrack$i.tar.gz; done
and spend this day on reading Phrack issues backwards. It's going to be a hellova nostalgic New Year for me... :_)

Traffic Lights

[sharph]

Theres an article about hacking traffic lights. Do you think that now that the information is now open to a wide public, we will see traffic lights doing weird things?

And fond memories they are!

[murky.waters]

I remember back in the day, I was on an internship at a local comp-sci research center. Of course I was only given a lowly user account, actually even worse than that. Anyhow, I had fun exploring Solaris, creating a lot of core dmps mainly, and came about the new issue of phrack.

I had looked through a few issues before after reading about it in Bruce Sterling's "Hacker Crackdown". I had perused the all-time favorites: how to build a bomb, a gun, how to break into cars, and so on. Back then, phrack was already archieved on the www, but the newest issue was only available as tarball. After lunch break, the admin asked me if had been reading phrack, he refered to it as "hacker stuff"---yes, I said, annoyed about him snooping around.

But then I actually read the new issue.

There was an article in it about how to get root on a Solaris workstation, exploiting the availability of FORTH on Sparc machines.

I was sitting in front of a Solaris workstation.

I smiled.

I kept smiling.

Four days and a lot of experimentation later, the administrator found a new file in his personal TODO directory (yes, he had actually called it that). It read


*""""""""""""""""""*
[pHraCK]

MAYBE YOU SHOULD READ IT, TOO.
*""""""""""""""""""*

The link to the phrack article [phrack-don...t-dmca.org].

Gray hat?

[arvindn]

Phrack is perhaps a good example of the line between black hat and white hat "hackers" being blurry. The articles are informative and well-written, and by intelligent people, not your typical 14 yr old cracker on ecstasy who launches DDOS attacks from haX0r'd machines. I've done a compilers course, but still found a lot to learn about compilers from a phrack article on buffer overflows. Also check out the essays at SANS [sans.org].

Re:And fond memories they are!

[The Tyro]

Yep, Phrack has come to my rescue too.

Was talking to a systems guy where I was working (where they still use VMS), and inquired why we hadn't migrated to something else... His reply was that VMS had never been hacked.

Never been hacked?? That piqued my curiousity... fortunately, I knew just where to look (from my misspent youth). A short search of the Phrack archives turned up not one but several VMS hacks. They were mostly social engineering hacks rather than code expoits, but they were legitimate hacks.

Rather than getting annoyed at an amateur (which I was, and still remain), the systems guy actually read the articles with some interest. The ability to learn something from someone who's clearly your tech inferior, without any ego getting in the way... gotta admire that.