Plateforme de Hacking est une communauté faisant évoluer un système de services vulnérables.

Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet d'améliorer les technologies que nous utilisons et/ou de mieux comprendre l'ingénierie social.

Nous défendons les valeurs de l'entraide, du challenge personnel et contribuons modestement à rendre l'expérience des utilisateurs finaux la plus agréable possible.

Vous pouvez nous rencontrer via notre salon irc.
Le forum est en cours de remplacement par une version plus moderne, et tout aussi faillible que l'ancien ^^.
A ce jours nous enregistrons plusieurs dizaines de hack réussi contre notre site, et ce chiffre est en constante évolution. Merci a tous les contributeurs!

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.
Flux RSS

flux RSS d'HackBBS Abonnez-vous. Soyez prévenu des tournois, challenges, actualités, ...
Recevez nos dernières actualités sur notre flux RSS.

Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: sysf14.txt

            ..>> jesus didn't dance, but the beat goes on.

                ,mM    Mm,        ,mM    Mm,        ,mM'~ `MmM`~ 'Mm,
       ,mM'~ `Mm`""""^%mmmmM'~ `MmmmM.,g#&&#mM'~ `Mmmmm:   &&&:   &&&
       `""""^%ggggg.` ``""""""^%aaaa#'   `"""'    &&&&&:   &&&:  ,&&&
      .aaa.   &&&&&:  .aaaaa.   &&&&&:  .aaaaa    &7'      '"'   `&&&
      `&&&:   &&&&&:   &&&&&:   &&&&&:   &&&&&:   b systemFAILURE l&&
       &&&:   &&&&&:   &&&&&:   &&&&&:   &&&&&:   &a,      .,.   ,&&&
       &&&:   &&&&&:   &&&&&:   &&&&&:   &&&&&:   &&&&&:   &&&:  `&&&
.  ... &&&.. .&&&&&... &&&&&.. .&&&&&.. .&&&&&... &&&&&. ..&&&.. .&&& .. .  .
:  ::: &&&:: :&&&&&::: &&&&&:: :&&&&&:: :&&&&&::: &&&&&: ::&&&:: :&&& :: :  :
   &&& &&&&& &&&&& &&&&& &&&&& &&&&& &&& &&&    
       &&&:   &&&&&:   &&&&&:   &&&&&:` ``""""""""""""'' ' `"'    &&&
       &&&:   `'`"%%"'`'    `'`"%%"''` ' .gg&..>>issue#14 "'
      r    r rrrape the system failureee.
|                         System Failure: Issue #14                          |
Yeah yeah, I know it's been a long time since we've released an issue. We've
been recovering from DefCon, and when you add to that the fact that I'm a
flake, well, you get a late issue. :)  I think I am going to start aiming for
a new issue every two months from now on, to ensure a quality zine and to give
myself more time to prepare the issue. Anyway, I hope everyone finds this
issue educational. Much of it consists of DefCon reviews and quotes, but I
threw a few other articles in as well. Thanks to Anarchist for the opening
ascii as usual, and to Inubus for sending us the neat ansi file included in
this issue's archive.

Thanks to Gwonk, Level6, IIRG, and everyone else who donated prizes and helped
out with the scavenger hunt and other System Failure events at DefCon 6. And
congratulations to Dexter and friends for winning the scavenger hunt.
                                                        --Logic Box [9/11/98]
|                                           |
|                            []                            |
                     how are you flying to DefCon?
                     on an airplane.
|                                  CONTENTS                                  |
| SysInfoTrade                                              by SysFail Staff |
| ARP Part II: Hijacking Situations and DoS Attacks               by BarKode |
| Cryptography for Dummies                                          by Pesto |
| UNIX Security Primer, Part I                                   by Velocity |
| DefCon 6 Review                                               by Logic Box |
| DefCon 6 Review                                                by Pinguino |
| DefCon 6 Review                                               by Mr. Sonik |
| DefCon 6 Review                                  by Saint skullY the Dazed |
| DefCon 6 Review                                                 by BarKode |
| DefCon 6 Quotes                                           by SysFail Staff |
| SysFail Mailbox                                           by SysFail Staff |

        | SysInfoTrade

- New System Failure stickers arrived yesterday. I reordered the "Thank You
for Abusing AT&T" stickers, which were black vinyl with white text. I also 
made a simple "OWNED" sticker, which is black vinyl with white text. For my
new comic book, I took the kicking penguin from one of the System Failure VGAs
and put the Tori Do logo on it. That one is white vinyl with black text. All 
stickers are $1.00 each plus a stamp.
- Thanks to everyone who stopped by our booth at DefCon!
- Order Tori Do: The Epic from Penguin Palace. Art/Story by pinguino. $24.00
TORI DO: The Epic- A young penguin martial artist goes on a quest, stepping 
outside his castle's gates for the first time. He is the Red Avenger, and he 
is joined by a sarcastic mage, a tag-a-long imp, and a dream, on his journey 
across the Antarctic terrain. The Red Avenger has been chosen as the protector 
of the penguins... but can he make it past an evil wizard to claim his title? 

This enhanced CD contains a soundtrack with jungle/dark ambient songs from 
RE:, Miguel Q, Solo Jr., and Nick B. It is playable in newer CD players (such 
as one in your stereo or car). Once you put the CD in your computer, you can 
use a web browser and fully experience Tori Do: The Epic. 
- Cupertino, CA. Aug 19,1998, Symantek announces that they have located the 
first JAVA virus. Although this one is not malicious, it is a parasite, and
latches onto .class files. The virus's name is Strange Brew. There is worry
that more malicious JAVA virii may be in the works.
- The House of Representatives passed the Digital Millennium Copyright Act,
which strengthens copyright protection on intellectual property and 
discourages piracy. It also protects databases. The bill is scheduled for the
Senate this month.
- The FCC is restructuring Ham Radio liscense requirements. In fact, they're 
trying to make it easier to obtain a liscense, and writing the tests to be 
more practical. They're also putting way less emphasis on knowing morse code.
If you ever thought of getting a ham liscense, follow up on the debates at: 
- Check out the new design at It's a free news service that
anyone can post to. Current news categories are Art, Warez, Demo, Other
- 2600's new project is a Kevin Mitnik documentary. The film crew is hitting 
2600 meetings and asking hackers how the saga has affected the hacker world.
Email to find out more.
 ARP Part II: Hypothetical Hijacking Situations and Denial of Service Attacks
                       by BarKode (
This issue we'll delve into ProxyARP, and Gratuitous ARP, and also dig a bit
into some hypothetical local ethernet TCP session hijacking situations. I'll
be assuming you've read part one, or already know the premise of ARP while you
read this article.

For this article, let's use the following network map (I suck at ascii
drawings). Assume the machines on the top are using a Class C netmask of, and that the machines on the bottom are on an 8-IP subnet in
the same class C network, using a netmask of
____________	  ____________	  _____________
|	   |	  |	     |	  |	      |
| illusion |	  | oblivion |	  |  abyss    |
|__________|	  |__________|	  |___________|
     |			|		|			ethernet
					|  Cisco 2514	|
					|     cube	|
					|	|
						| <-- serial dial-up
				       	  	| has ip
					  |           |
					  |  cirrus   |
	ethernet	      	 		|
		|          |      
		|  pulsar  |     

I) Proxy ARP

Proxy ARP is an implementation of ARP on a machine that allows it to answer
ARP requests on one network for machines on another one of it's networks.

We'll start off like this. Wayne wants to dial in to his corporate network and
have access to all of the machines. Wayne has a few machines at home, so he
sets himself up an 8-IP netblock ( at work, then goes home
and dials into work. The modem at work picks up and establishes a connection,
giving an IP address to his machine, we'll say

The router at work has been configured to route requests for Wayne's network
to Wayne via his dial-up interface. But the other machines on the network
don't know that his machine isn't on the local network. As far as the other
machines are concerned, his subnet is still covered by their netmask, hence on
their local network.

So if Illusion needs to send a packet to Pulsar, Illusion is going to look at
Pulsar's IP address and consider Pulsar to be on the local network, and make
an ARP request.

Pulsar doesn't get that ARP request. This is where Proxy ARP comes in. The
Cisco router (Cube) is going to get that ARP request, and notice that the IP
in question is an IP connected to one of its serial ports. Cube is going to
respond and say that Pulsar is located at its own hardware address. Illusion
will then start sending packets to Cube, and Cube will forward them to Pulsar.
This operation is totally transparent to Illusion. As far as its concerned,
Pulsar is sitting next to it on the wire talking back and forth.

Gory details? No problem.

Illusion sends an ARP request looking for Pulsar.

0:0:b4:03:F2:02 FF:FF:FF:FF:FF:FF ARP 60:
arp who-has tell

Cube gets the ARP request and responds with its own HW address.

0:0:0c:3b:a3:4e 0:0:b4:03:F2:02 ARP 60:
arp reply is-at 0:0:0c:3b:a3:4e

Then Illusion starts sending packets to Cube, and Cube forwards them to

If you were to then view the ARP table on illusion, you would find that Pulsar
and Cube both share the same hardware address.

2) Gratuitous Arp

A very important feature of ARP is Gratuitous ARP. Seemingly minor, Gratuitous
ARP is essential for several reasons.

It happens when a machine asks the network for its own IP address, hence:

0:0:B4:03:F2:02 FF:FF:FF:FF:FF:FF ARP 60:
arp who-has tell

This accomplishes several things. One being that if there is another machine
on the network that has the same IP, it will respond back saying so, and alert
the user that there is a duplicate IP on the network.

There is another situation. One feature of ARP is that it will automatically
update its ARP cache if it recieves a broadcast ARP request from a machine
that already has an entry in it's ARP table. More specifically, say you down
one interface on a machine, put your ethernet cable into another card, and up
that interface. When that interface comes up, the first ARP broadcast it sends
will automatically update the arp caches of the machines on the local network
with its new hardware address. Same IP, different Hardware address, because
it's a different ethernet card. Now, the rest of the machines will start
sending data to that hardware address instead of the previous one.

That's kind of neat, now isn't it? If you send an ARP request with an IP
attached to it in the "tell" field, the rest of the machines on the network
will automatically assume you are that IP and send you packets. But of course
they will! That's what ARP does! Resolves IP addresses to hardware addresses.

Now we get to the part where ARP starts to cause trouble.

3) Denial of service attacks

How you ask? Well, the last paragraph back there should give you some ideas.
Here's some questions:

* What would happen if you wrote a program that replied to every ARP broadcast
  with its own hardware address?

A few things. If you wrote a program that replied to every ARP broadcast with
your IP, you'd have machines on the network (especially Windows machines, whoo
boy) confused about who's the Real McCoy. If your entry was the latest in a
machine's ARP cache, you would get packets destined for machine whose identity
you have assumed. Considering this is local ethernet, you'd get the packets
anyway, but they'd have the other machine's IP plastered onto your ethernet
address. This would cause all sorts of problems as the machines fought about
who's who. This is one style of a Denial of Service attack, however it's not
very efficient.

* How can I use ARP to hijack someone's TCP/IP session?

Say Illusion was talking to Abyss with a telnet session, and you wanted to
assume Illusion's place in the conversation. You are currently using Oblivion.
You could write a program to hijack the connection by somehow (network
congestion, crashing Illusion somehow, unplugging it, whatever) getting
Illusion off of the network, and assuming its identity by using ARP to tell
Abyss that Illusion's IP is now located on Oblivion's hardware address. Abyss
can pick up right where it left off and send the next waiting packet, which
your program has already been ready to recieve. You are now talking to Abyss
via telnet, and the upper-layer protocols never missed a beat.

This is not a very technical description of session hijacking. I'm aiming this
article at people that aren't extremely familiar with the concept.

* How can I use ARP as a Denial of Service attack?

One way to use ARP as a DoS attack is to respond to gratuitous ARP requests
with any hardware address. Since gratuitous ARP is often sent at bootstrap
time, attacking this can cause a variety of problems. Windows NT machines have
been known to pop up a dialog box saying "Windows has detected a duplicate IP
address at HW address: #:#:#:#:#:#. The interface has been disabled.". NT then
proceeds to down the interface until it is brought back up by hand, and the
interface sometimes can not be brought back up as long as there is another
machine on the network with the same IP. This has happened to me personally
before, however since it was years ago I'm not sure what version of NT besides
that it was 4.0 that this occured on (Service Packs, etc). Try giving your
UNIX machine an IP that's the same as your NT machine, boot your NT machine
and check what happens.

* How secure is ARP?

ARP is about as secure as crotchless underwear on a glass floor. There is no
security involved with ARP directly besides ethernet switching (or "Smart
Hubs"), which helps prevent sniffing and other problems by knowing what
hardware address is coming in on what port on the switch. If you have access
to broadcast ARP, you can cause damage to your local ethernet.

ARP wasn't designed to be secure. It's a trusted protocol, stateless in
design. There is no connected status, it's just broadcast packets and
one-packet replies. There's no authentication involved.


This is just an introduction to ARP. ARP is a fundamental protocol on networks
today. Mapping logical addresses to physical addresses is essential with the
protocols we use. As more and more people get onto the internet, and we start
to lean towards IPv6, we should be seeing some changes come along in major
protocols, ARP included.

Steps have been taken to keep ARP in check, such as switching. These steps are
nescessary to keep co-locations facilities, ISPs, and businesses'
communications a bit more secure. If everyone at a co-location facility was on
a big hub, colissions, sniffing and IP spoofing would be a bigger problem.
Plugging everyone into a different interface on a router would get expensive,
so switching is the way to go.

So you've learned about ARP, proxy ARP and Gratuitous ARP, as well as security
issues involved with the protocol itself. I hope that these two articles have
been informative, and any questions can be sent to
                           Cryptography for Dummies
                           by Pesto (
Cryptography. n 1. the art of writing or deciphering messages in code 2. the
system used in a code or cipher.

(Webster's New World Dictionary)

Hi! This article is a basic guide to cryptography. For further info, check out
one of the many books out there available on the subject. Many people,
including me, like Bruce Schneir's "Applied Cryptography". Writing an article
about "cryptography" is about as absurd as writing one on "computers". The
subject is so broad that one probably won't learn much. However, this may
serve to peak your interest in cryptography.

Enough babble. Here goes.

Cryptography is basically the science (or art, depending on your point of
view) of taking a perfectly good piece of data and fucking it up beyond all
comprehension so that it can later be unfucked by whoever is supposed to see
it. This keeps bad guys from checking out your data. Some common places where
John L. User can see crytography is in PGP-signed e-mail, and passwd files.

The Basics
So I've got all of this info I want you to see, but there are bad guys on our
network. What to do? Well, first, I'll need some plaintext. Plaintext is
normal information. Suppose my e-mail says:

Our foreman is looking for trouble. That son of a bitch is gonna pay!!!

A nice bit of plaintext. Now, I want to fuck it up so that if the foreman
picks up this e-mail on it's way to your computer, he can't read it. How do I
fuck it up? Well, I could punch it... but instead I'll encrypt it. Now it

Pvs gpsfnbm jt mppljoh gps usnvcmf.

There's some ciphertext for ya. Ciphertext is encrypted plaintext. 

Now that's all fine and dandy, but how the hell are you gonna know what that
means? Well, you could just look at the sentence and for each letter, use the
letter before it...or you could have your computer do it. Either way, you are
decrypting the information.
          encryption             decryption
plaintext ---------> ciphertext ------------> plaintext

Isn't that a lovely diagram? This basically shows how data is passed securely
from one person to the next via encryption. Now you know what plaintext,
ciphertext, encryption and decryption are.

Now, most cryptography is a bit harder than that.

The three main types of cryptographic functions are Secret Key, Public Key,
and my personal favorite, Hash Algorithms. Generally, a cryptographic scheme
consists of an Algorithm and a Key. One computer takes the key, plugs it into
the algorithm, shuffles some bits with the new algorithm, and sends the bits
on to the next computer.

Secret Key Cryptography
Secret Key Cryptography, such as DES, can be used for many things, including
transmitting data over an insecure network, and storing data on a disk without
worrying about someone picking it up and snooping.

Basically, the idea behind secret key cryptography is that My computer has
some data that needs to be transmitted, or stored, via insecure media. So, I
take my Secret Key, encrypt the data, tell your computer what my secret key
is, and your computer decrypts it using the same key. Complicated, huh?

                          Secret Key Cryptography
plaintext -----------> ciphertext                     pheer
              ^                                        the
              |                                      diagram
ciphertext ----------> plaintext

Another neat thing about Secret Key Cryptography is the way it can help
authenticate identity using Strong Authentication. Check out another elite

My computer                            Your computer
challenge ------------------------>
<--------------------------------challenge encrypted with the secret key
<--------------------------------a different challenge
different challenge encrypted with secret key------>
A Challenge is just a random number picked by each computer. Using this
method, both computers can verify that they are who they say they are WITHOUT
revealing the secret key.

Public Key Cryptography
Public Key Cryptography, such as RSA, works the same way Private Key
Cryptography does, except that instead of using a shared Secret Key, I'll use
two keys, one Private Key and one Public Key. Using my private key, I encrypt
my message to send to you. Then, you take the Public Key to decrypt the
message, and voila.

                               Public Key Crpytography
plaintext -----------> ciphertext
           private key
           public key
ciphertext ----------> plaintext
One of the most common uses for Public Key Cryptography is for e-mail
authentication, a "signed" message. PGP uses Public Key Cryptography.

Hash Algorithms
Hash algorithms are mainly used for password verification. Any UNIX person
knows all about hashes. For those Windows kiddies among us, I'll go ahead with
this section.

Okay, so you type your password at a login prompt. The system you're trying to
log in to has to have some way to verify that your password is correct. It
would be pretty lame if it just kept a long list of passwords and checked what
you typed against what was in that list. Someone could just come in and swipe
all of the passwords and root that sucker in 30 seconds. So instead of keeping
a long list of passwords, UNIX boxes keep a long list of hashes, or encrypted
passwords. When you type in your password, UNIX encrypts it, checks the
encrypted password with the encrypted password in /etc/passwd (yeah yeah,
shadow/passwd for most boxes).

Breaking an Encryption Scheme
No encyption scheme is perfect. There are ways to get to the data you want.
Cryptanlysts (people paid to break encryption schemes) have defined the three
main ways of cracking an encrypted method as Ciphertext Only Attack, Known
Plaintext Attack, and Chosen Plaintext Attack.

Ciphertext Only Attack
You've picked up part of an encrypted message, and you really want at it.
Ever seen those crypto games in the newspaper? This is a great example of a
Ciphertext Only Attack. Let's take the encrypted data:


Now let's stare at it a long time. We've determined beforehand, of course,
that this is a monoaplphabetic cipher, or a cryptographic scheme in which the
ciphertext is the same length as the plaintext, and each ciphertext character
represents the same plaintext character everytime it is used.

Now, how many one letter words are out there? Just two. A and I. Let's try I
first, since A is the ciphertext.


Now, how many words out there have five letters of which the third one is i?

Blink, think, clink, gripe, etc. I'll be damed if I go through this whole
thing. you get the idea.

Of course, if all cryptographic schemes were monoalphabetic, there wouldn't be
much point to cryptography. Another Ciphertext Only Attack would be to snag
that ciphertext and try all keys used by that specific algorithm until you see
something recognizable, like:

I think that this is cool.

Known Plaintext Attack
Remember, I didn't seperate these categories. People a lot smarter than me
did. A Known Plaintext Attack is when you happen to snag some plaintext,
ciphertext pairs, for instance

I=a, H=t, F=h

How can this info be found? No practical way. An example would be that you
know that either you (Bob) or your co-worker (Alexander) are going to get
fired. You find an e-mail with only one word in it, the word of the soon to be
ex-worker, and it looks like:


You're fucked. The good news is that you can get revenge, because you now know
that F=b, and F=o, a good start for breaking any further transmissions you
happen to chance by. Again, this is assuming a monoalphabetic cipher. In real
life, you'd have to go through a shitload of work to bust a cryptographic
scheme using any attack.

Chosen Plaintext Attack
Payday. In a chosen plaintext attack, the user asks the computer what the
encrypted value of A is, B, C, can happen. A good example is that
some large newspaper company which will remain namless thinks they have secure
e-mail because whatever passes through is encrypted
and forwarded to the appropriate person, who then decrypts it using an
in-house application. However, by sending the e-mails
a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z to and asking it to forward it to you, you know have each
letter of the alphabet's encrypted value.

Erm. Hope you found this at least a little informative. Play nice!
                         UNIX Security Primer, Part I
                      by Velocity (
UNIX security is such a vast subject that no single document can cover the
subject in its entirety. Anyone who says they can are socially inept,
pathological liars. Look, I've wrote about five lines and the content is
already general and non-specific. The title for example. Am I talking about
System V, Linux, *BSD, who knows? This isn't meant to be your security bible,
it's a short, general, security primer. It may not even be accurate, but I
never asked you to read it, so don't bother me with your objections. In this
first part of a continuing series of security texts I will briefly describe
some system software, third-party software, and general security practices. If
there is a program that wasn't mentioned that you think should have been
mentioned, don't e-mail me until this series of security texts is done,
because there is a 99% chance that the program that you noticed was missing
this time around, it will be mentioned in a forthcoming text.

Section 1: Programs To Help You On Your Quest For Adequate Security
ssh - In lamen(r)s terms this is simply an encrypted telnet program. The ssh
package comes with both a client (ssh) and server (sshd). The package compiles
cleanly on every flavor of UNIX I've ever used, and both the server and client
are easy to invoke. The client allows you to choose between different
encryption algorithms you may way to use, the only ones I can remember right
now are blowfish and DES, but they're are a few more. Nearly all shell servers
have sshd running these days.

[[Quick Reference]]
To start sshd, all you need to do is type sshd at your command prompt, not too
difficult. It is best to add sshd to your rc scripts so that sshd is started
at boot time. Most systems have a routine in their rc scripts that look for
sshd, and upon successs, run the program. The basic syntax of the ssh program
itself is as follows: ssh -l loginname That is all the
average user needs to know to connect to a remote host using ssh.

SATAN, COPS, ISS, and other types - These are system scanning programs. I've
never used any of these programs, but from what I understand they basically
just scan your system for well-known security flaws. If you run a tight ship
and keep up to date, you will probably never need to use one of these

tripwire - I'm not sure if this is a very popular program, but I think it's
pretty spiffy. Basically, what is does is keeps a database of all your files
and their md5 checksums, which is basically the size and timestamp of the
file. So you can set up a cron job to periodically run tripwire, and then
tripwire checks your files up against the database and alerts you to any
discrepencies. So if an unwanted intruder has modified your rc files or group
file or something, you'll know, as long as you follow up on the report
tripwire generates. You can't just run it and hope tripwire fixes the problems
for you. You really only need to keep a database of the md5 checksums of
sensetive files, like those located in /etc and /var.

password shadowing suite - We should all know what password shadowing is, so I
won't go into great depths about it. It isn't a very hard concept to
understand. Password shadowing moves the real password file (the one with the
encrypted password) to a file called /etc/master.passwd or something to that
degree. It then replaces /etc/passwd with a near identical copy of the real
password file. Except for the fact that the password field of the file is now
simply marked with a '*' or an 'x', for all users. You may ask yourself why
you would want to replace your real password file with a decoy, with a blank
password field. Well you see, in a UNIX enviroment /etc/passwd NEEDS to be
readable by all users. Programs use /etc/passwd to determine a users GID,
name, and whatnot. Now the bad part about needing /etc/passwd to be readable
is that, although the passwords are DES encrypted, any twit armed with a
password cracking program and a dictionary file may be able to reveal
guessable passwords in your passwd file. So with a password shadowing package,
not only do the programs that need /etc/passwd to determine information, get
that information, but the real password file can be kept readable to root
only, so crackers can't flex their password cracking technique on your
password file. If your running a *BSD system or a fairly recent distribution
of Linux, password shadowing is implemented by default.
PGP - I'm not going to go into a lot of detail on PGP, because the PGP
package comes with possibly the best documentation of any program I've ever
used. PGP is used primarily for e-mail encryption, but it is also used for
encrypting text documents and such. It allows you to choose the level of
encryption you wish to use. The levels range from light, to military grade.
Once again, it has excellent documentation. Many people only use PGP for
e-mail. The way privacy is achieved in e-mail through PGP is as follows. When
you first install PGP, you create a public key file. This is loosely a special
crypto alogorithm that PGP uses to encode whatever files you wish to be
encrypted. You then send this key to friends or other people that e-mail you.
They then add your key to their 'keyring'. This is a collection of keys. When
they email you, they first encrypt the text using your public key which is
located in their keyring, then when you receive it, you decrypt it with the
special passphrase you selected while creating your public ring.

icmpinfo - A great little program that monitors ICMP activity on the computer
it is executed on, it then forks ICMP information to syslog. Which basically
means if a suspicious packet is sent to your machine, icmpinfo will place the
information regarding this packet in syslog.

[[Quick Reference]]
For all practical uses, the only icmpinfo command line you should need to use
is 'icmpinfo -vvvl'. This will run icmpinfo is the backround as a daemon
(specified by the -l argument) and it will fork a maximum amount of
information about packets to syslog (specified by the -vvv argument).

TCP Wrappers - TCP wrappers are included with some UNIX distributions, some
don't include them, so I guess I'll just label them as third-party. You don't
have any excuse for not installing and using TCP wrappers. TCP wrappers are
used by editing /etc/inetd.conf and  making desired services point to the tcp
wrapping program. The IP of the machine requesting said services along with
other information, such as the service requested, is forked to syslog. The TCP
wrapping program then allows the client access to the service it has
requested, assuming of course the specified service is installed, and allowed,
on the machine running TCP wrappers. TCP wrappers are incredibly easy to
install, and the output forked to syslog is very easy to read.

[[Quick Reference]]
This is a sample portion of an inetd.conf file that is using TCP wrappers on
the ftp and telnet services, but NOT on the ident service. This should give
you a pretty good idea of how to set up TCP wrappers. This is assuming your
TCP wrapper program is /usr/local/libexec/tcpd, your telnetd and ftpd programs
are in /usr/libexec, and your identd program is in /usr/local/sbin.

## unf unf unf unf unf unf unf unf
## inetd.conf 31.31
ftp      stream tcp nowait root /usr/local/libexec/tcpd /usr/libexec/ftpd -l
telnet   stream tcp nowait root /usr/local/libexec/tcpd /usr/libexec/telnetd
ident    stream tcp nowait root /usr/local/sbin/identd /usr/local/sbin/identd

firewalls - Packet filtering software comes with a lot of UNIX variants. It
seems that they have a reputation of being hard to configure, but its an
undeserved reputation. Basically, all a firewall does is filter the packets
coming in from the interface you set it up to listen on. It will then allow,
reject, or re-route packets. How a firewall deals with a packet is determined
by a rules file, which you should write. This file is /etc/rc.firewall on
FreeBSD, /etc/ipf.rules on OpenBSD, and /etc/rc.d/rc.firewall on Linux.
OpenBSD systems have firewall examples in /usr/share/examples/ipf, and FreeBSD
has examples in /etc/rc.firewall. IP Filter support is built into the OpenBSD
kernel by default. On *BSD's you will need to modify your /etc/rc.conf file;
look for the lines pertaining to firewalls and edit them as needed. They are
well-described so it won't be hard to decide which to edit and what to change.
This will start your packet filtering software at boot time. Firewalls are
great for tons of things, primarily stopping ICMP attacks and spoofing.

Section 2: General Practices To Maintain Security
Make a point to ask your users to use random password. Perhaps psuedo-random
is good enough though, but as random as possible, although that really doesn't
help with a brute force attack. Also make the password expiry about a month or
so. Don't forget about password shadowing.

Keep proper file permissions. Chmod is simple to use, and it is very helpful.
Chmod helps you to specifiy who and who doesn't have access to certain files
and directories. If you have a chatscript in /etc/ppp/ you probably wouldn't
want it to be world readable (unless the idea of having everyone with an
account on your machine knowing your username/password to your ISP turns you
on). You SHOULD know how to use chmod, 'man chmod' if you don't.

There are tons of /tmp problems. Temporary files used by programs are stored
in /tmp. The problem with the /tmp directory is that the directory has to be
world writable so that all the users can have the programs they run write
temporary files to /tmp. This is bad because many programs have temporary
files that happily follow symlinks. Let's say that we have a program called
'plop', And this program creates a temporary file called /tmp/plop.poop. Now
here is where things can take a few different paths. If the temporary created
is writable only to the person who ran plop, then the worst case scenerio is a
DoS. But this is still pretty damn bad. Let's just say that root runs 'plop',
and some evil person has linked /kernel or /vmlinuz to /tmp/plop.poop. Well,
when the temporary file is created, it follows the symlink and writes to
/kernel or /vmlinuz. This obviously isn't good.

Now let's go to scenario number two. The temporary file is created world
writable. Now, if the person who creates the symlink knows that the temporary
file is going to be world writable, he would probably link /tmp/plop.poop to
/etc/passwd or something else like that. This is because if the temporary file
ends up being world writable, then whoever made the symlink can now open up
whatever file /tmp/plop.poop is linked to, because that file will now be world
writable. This will allow the mad symlinker to modify whatever file
/etc/plop.poop is linked to and edit it as he wishes. There are several ways
to stop this. The first way to do this is create a directory like ~/madtemp or
something. And then set your $TMPDIR enviroment to this temporoary directory
you have created. Several programs accept $TMPDIR, but some still don't. This
is good because you can use chmod to disallow people other then you into that
directory. For programs that don't accept $TMPDIR, you can just add a function
to check to see if the temporary files exists, and if it does exist, have the
program exit with an error code. If you don't wanna write the code yourself,
you could probably just rip it from a similar function from another program
you know has this feature. The last way (I can think of) is that sometimes in
a program's rc files (.pinerc and .elmrc and stuff like that), you can specify
where a tmp directory goes.

Don't run any services that you don't need too. This serves no purpose except
to open up possible vulnerabilities. This also goes for daemons. Do you really
need sendmail running on a machine that has a dynamic IP? I doubt it. But if
you do, try to use qmail instead of sendmail.

Keep on top of whats going on. Mailing lists such as BUGTRAQ make this very
easy. You will know about vulnerabilities as soon as the rest of the world
does. Also, most operating systems have their own mailing lists; most have
several. Also, USENET provides numerous groups on the subject. If you have a
freshly installed UNIX system, you may want to review the BUGTRAQ archives for
the last year so you can keep your system up to date.

It's really helpful if you have a complete source tree of your operating
system. That way if a vulnerability ever does ever threaten your system, you
can easily apply the patch that is hopefully soon to follow the exploit, or
tinker with the code and fix it yourself. Programs such as CVS make keeping up
with your OS's current source code easy. CVS is a program used by OpenBSD to
check your local source code tree against that of the current OpenBSD source
tree, and makes appropriate changes, so then all that is left for you to do is
recompile your updated source tree.

I think the most important aspect of having a secure machine is not to be
lazy. You must keep up with mailing lists and newsgroups to see what's going
on. You must apply patches, and upgrade software regularly. Also, don't be
afraid to take a look at source code before you compile it. This is an
ESPECIALLY good idea if it's the source code of a daemon or server program, or
any program that is SUID (Set User ID) root. Definitely look for any unsafe
function calls. This is an important subject that deserves a lot of content,
which I will go into in more detail in Part 2 of this primer.
                               DefCon 6 Review
                       by Logic Box (
This is my DefCon 6 review. Read it and like it.

Wednesday, July 29, 1998
BarKode drove to my house from Sacramento. We played Nintendo. We beat River
City Ransom. We went to sleep. Word.

Thursday, July 30, 1998
Me and BarKode woke up at 8:00 AM, got ready, and headed to the airport. Other
than the attempted hijacking and the guy on the wing of the plane, our flight
to Las Vegas was rather uneventful. We decided to catch a shuttle to the Plaza
and check out the con, and noticed limo rides costed roughly the same as
shuttles. Fuck shuttles. We rode to the Plaza in style.

After arriving at the Plaza, we decided we were hungry and headed over to a
buffet to eat. After lunch, we went up to the con floor to see if anybody was
around. All the while, we were waiting for Saint skullY and Mr. Sonik to page
us and announce their arrival.

We got to the con floor and talked to Noid and a few other people (mostly
DefCon staff, I believe), then we met up with a couple of guys from Idaho
whose handles escape me. We chatted with them for a while, then we spotted
Lefty walking down the hall. We caught up with him and headed up to the 16th
floor, where Vect0r, Joker, paiNe, Mr. YoYo, and Lil' Matt were. We all went
to a ham radio store and fucked around for a couple hours and went to
Jack-in-the-Box to eat.

All this time, skullY had still not paged me. After figuring out that my pager
didn't work in Vegas (which it was supposed to, according to my broke-ass
pager service), we called the front desk of the Golden Nugget (where skullY
was staying) and paged him. He was there. We went up to their room. Word.

We hung out for awhile and made fun of some idiot who was trying to sell a
266MHz P-II computer on the channel, after which we headed
back to the airport to pick up Phear at around 9:00 PM. He arrived on time,
and we accompanied him to the Plaza to check out his room. Corro arrived
shortly after we did. We called Pinguino, made sure her flight was getting in
on time, hung around, then went to dinner.

Several people were drunk during the meal, and made this quite apparent to the
waitress. She was still pretty cool and talked with us a bit, so we left her a
big tip and took some pictures of her holding one of our ham radios ("DefCon
Waitress of the Year, 1998"). After this, we all went to our rooms and went to
sleep. DefCon was tomorrow.

Friday, July 31, 1998
Me, BarKode, Sonik, and skullY woke up and drove to the airport to pick up
Pinguino. BarKode isn't exactly the best person when it comes to getting up
early, so we were a bit late to the airport. But that didn't matter, since
Pinguino's flight was late as well.

After greeting Pinguino and introducing her to the rest of System Failure, we
went to the baggage claim area and waited around a bit for her luggage, during
which time I checked out some of the booth plans, contests, and art that
Pinguino had brought. After a while, Pinguino's luggage had still not shown
up. It was becoming apparent that something was wrong.

We found the baggage claim services office and bitched at them a bit, and they
told us that Ping's luggage was in New Mexico. They told us it would be
delivered to the front desk at the Golden Nugget by noon, so we headed back
there and gave the nice lady at the front desk $20 to pay for our express
luggage-shuttling fees. That being done, we headed over to the Plaza. DefCon.

We got to DefCon slightly before noon. I got my DefCon badge (from my good
friend Boogah 187, who was manning the counter), and we ran into XBS on our
way in. We found an empty table and set up a makeshift booth; we had Blow Pops
to sell, and we set our second annual scavenger hunt into motion.

PBX Phreak and Darkcube showed up while we were setting up the booth. PBX
offered to help us with stuff; Asphyxia also showed up, and we let him sell
some of his neat telco junk at our booth. Meanwhile, BarKode was running
around looking for power supplies and network cable so we could set up our
streming RealVideo feed.

Throughout the day, I met several people who I knew from IRC, including Xx25,
Level 6, Teeleton, Sloth, Foneman, Dev Null, DDay, Toilet Duk (who I knew from
DefCon 5), Phreak of Nature, and Calimar (EvilCal). Teklord and Insight showed
up a little later, as did Fonephuk.

We got a lot of cool shit for the scavenger hunt this year. Throughout the
day, we got two payphones (one rotary), a satellite dish, 100 porn fliers,
a pair of slot machine handles tied together to make nunchucks, the infamous
GTE van door, and a stripper. The stripper was actually a DefCon attendee who
just wanted to get points for her group on the scavenger hunt. Me and Asphyxia
thought it was cool, dammit.

The majority of the day was uneventful, except for meeting people and getting
weird stuff. A bunch of us (me, Pinguino, BarKode, skullY, Sonik, Vect0r, and
PBX Phreak) all went to eat dinner at some restaurant. The waiter was a complete
idiot, and fucked up several different orders, in addition to giving us a lot
of snide remarks. PBX Phreak went berserker and refused to pay for some stuff
they charged us for (which we didn't order), and the waiter called the
manager. She in turn called security, and we left the restaurant after paying
for our food and watching PBX yell at her a lot. We also formally welcomed
BarKode to the group here. :)

Some drunk southerners stopped us on our way back to the Plaza to ask us if we
were hackers. BarKode (or "James Bond," as they called him) had them convinced
that his digital camera's flash card was top secret microfilm, and they kept
saying all sorts of amusing things. We learned that they had just started
using ICQ, and they kept asking us if we could hack their ICQ accounts. We
took a couple of pictures with them, then we continued on to the Plaza.

At some point during the night, me, Ping, skullY, Sonik, and PBX drove back to
the airport to look for Pinguino's stuff, after several wasted calls to the
incompetent baggage claim officials. We found her luggage sitting in the
middle of the baggage claim area, and regulated on security when they tried to
stop us from leaving without checking our baggage with baggage claim. We had
our stuff. Word.

I think we split into two groups here, because BarKode and Phear wanted to see
Hacker Jeopardy. The rest of us went back to Lefty's room and got drunk or
something (except for me), then me, skullY, Sonik, and XBS all headed to the
Golden Nugget and went to sleep.

Saturday, August 1, 1998
I woke up early, woke Sonik and skullY up, and gave Pinguino a wake-up call.
We got ready and headed to Pinguino's room, where we were instructed to carry
the booth stuff down to the con room and wait for Pinguino. Me, Sonik, and
skullY took the booth set up down, and Dark Tangent let us in early (it was
about 8:30 AM at this point). Pinguino arrived, we were told to pick any table
we wanted, and we picked a good spot and set up our booth.

Our booth setup this year completely rocked. We had a nifty flashing LED sign,
blacklights, and some nice Penguin Palace art. Pinguino really came through
for us with the booth. We also had shirts, stickers, Blow Pops, and CDs to

We sat around for a few hours, and me and Sonik made occasional food runs for
people. Calimar stopped by to say hi, and BarKode arrived eventually. Dave G.
and Window (who me and BarKode haven't seen since they moved out of
California) came by to say hi to us a little later, and BarKode left to hang
out with them for a while. Somewhere around this time, FoneMan stuck an
amusing sticker on Carolyn Meinel's back. Too bad I can't remember what it

Pinguino, PBX, and I left to eat while Sonik and skullY watched the booth, and
we met up with Mr. YoYo and paiNe again at the restaurant. Ping decided to go
to the ham radio store with Lefty and a few other people so she could figure
out what the hell was wrong with her malfunctioning radio, so me, PBX, and
Sonik watched over thigns while they were gone.

While we were at the booth, we noticed that the people at the booth across the
room were selling hard drives, cellphones, and other neat hardware for very
low prices, and Asphyxia and BarKode managed to get some nice stuff for almost

Pinguino returned eventually, and we decided to take the booth down, get some
dinner, and head to the Star Trek Experience. Apok0lyps came by to say hi
while we were taking things apart, after which we lugged it all back to
Pinguino's room and went to eat.

After eating at some random restaurant in the Plaza and losing a bunch of
people, we split into two groups and drove to the Hilton, where the Star Trek
Experience was. This part of our DefCon experience made the whole trip worth

About fifteen of us went to the Star Trek Experience, including me, Pinguino,
Sonik, skullY, Phear, Corro, Teklord, Insight, Mr. YoYo, paiNe, Lil' Matt,
Vect0r, PBX Phreak, Lefty, and XBS. We were being very obnoxious through the
entire thing, and we tried our hardest to try to make the actors on the
Experience laugh.

Making the cast members laugh proved difficult, especially with the Klingons.
Pinguino gave one of them a Blow Pop, and they acted like they didn't know
what it was. PBX made a few hand gestures at them (which Pinguino explained as
being "human mating calls"), and we said a bunch of stupid stuff to them. They
never even smiled.

The ride was pretty neat. The first part sonsisted of a ride down a shaky
elevator, during which the lights flickered a lot. At the bottom of the
elevator, a uniformed woman came in and asked "is everyone okay?"  Lefty (who
only has one hand) held up his arm and screamed "I LOST MY HAND!@" The
actress lost it.

After the ride, we played with a couple of touch-screen chat kiosks. Pinguino
managed to get one of them to spawn an IE web browser through a clickable URL
in the About screen, and we browsed their internal network for a while. This
didn't sit well with Hilton security, and they threw us out after about ten
minutes (are they on the ball or what?).

We broke into two groups and drove back to the Plaza once again, where several
people got drunk. Pinguino and the others in Mr. YoYo's van didn't show up, so
I started to get worried. After about an hour of not hearing from them, Phear
called to tell us they went to the Stratosphere. Fucking kids. They showed up,
and Pinguino wasn't feeling too good. After she got to feeling better, we all
sat around in Phear's room, where lots more drinking took place. Several of
BarKode's friends showed up, as did Gwonk and Succomb. After a while, we all
decided to go to Gwonk's room.

We all went to Gwonk's room and had a party. BarKode got pretty drunk, and he
was saying a lot of stupid things (several of which got into our DefCon quote
file). I met a pretty cool guy from Bakersfield named KaiDream, and he took me
to his room and introduced me to Mindriot, who I've known from IRC for a long
time. After waking Mindriot up and saying "hi," I went back to Gwonk's room.

After a while, skullY and Sonik went back to our room to go to sleep. PBX and
I both decided we were tired, so we said goodnight to Pinguino, went back to
our rooms, and went to sleep.

Sunday, August 2, 1998
We woke up late and headed to the con. We decided that there wasn't enough
action to warrant setting the booth up (coupled with the fact that Pinguino
was leaving early), so we just walked around and chilled for a bit. At about
11:30 AM, we went to Pinguino's room to help her pack her stuff. We said
goodbye to her and Level 6, and headed back down to the con room.

Phear, skullY, Corro, and a couple other people decided to go see a movie,
while Sonik, BarKode, FoneMan, and I stayed to be con whores. We met up with
Prophet, and walked around the con rooms a bit. I bought some cool shirts and
Sonik bought an old laptop. I can't remember what all we did, but Phear and
the others showed up a little while later to tell us the next showing of Mafia
wasn't for a couple hours, so we all decided to go see it.

Mafia was an okay movie. Could have been a bit better. After the movie, we
went to the big Coca-Cola building, where Corro impressed a couple of the
employees with his yo-yo technique. After spending a few minutes here, we took
Corro to the airport so he could catch his flight home. We then headed over to
the GameWorks arcade.

We got nifty two-hour passes for $15 and played lots of games at the arcade.
We played lots of racing games, lots of shooting games, and some dumbass
baseball game that consists of a batting cage and a bat. I wanted to take the
bat, but skullY didn't think that was a good idea.

At around 2:00 AM, skullY, Sonik, BarKode, XBS, and I said goodbye to everyone
else and went back to our room at the Golden Nugget. After laughing at the network for a bit, we went to sleep.

Monday, August 3, 1998
Sonik woke me up early, and we all got ready and left. Sonik and skullY drove
me and BarKode tothe airport, we said our goodbyes, and then we caught our
flight back to San Jose right in the nick of time.

Time to start planning for DefCon 7. :)
                               DefCon 6 Review
                      by Pinguino (
Clothes seemed to randomly fly across the room. Airlines went wacky. Hotel
security frequencies were overrun with odd martian-like babbling. Even the
time continuum wasn't safe. System Failure wreaked havok in Vegas, gathering
together for DefCon 6.

My adventure started at 5:30am Friday morning, as I was sitting on IRC
wondering where nfin8zero was. Someone had gotten me a plane ticket on
Southwest airlines that left from Dallas Love Field like, at some indecent
time of day when EVERYONE is asleep. So.. fifteen minutes after I was supposed
to be gone, I'm on the phone with cab companies and nfin8zero knocks at the
door. By the time we print him some stickers, pet the cat, drag luggage to the
car, and do a final check on the room to see if I forgot anything, it was
probably 6am.

By the time we got to the airport, got lost through the employee roads, and
checked luggage, my plane had been gone for 5 minutes. Panic set in.. so I
called a conf. DH, Hamster, and some other people who were missing the con
were on it, and they entertained me til I could catch the next flight.

The flight to Albequerque was boring. I didn't get any sleep or really get
anything done. When I got off the plane, I had about 5 minutes before I had to
turn around and get back on.

I sat next to an older couple who were really cool. They were really
enthusiastic about everything. The guy worked at a neon sign shop, and knew a
lot about electronics. He knew nothing about computers. He was going to a
Vegas electronics con.. amazingly he had heard about DefCon. He also knew who
Milw0rm were. Weird.

As the plane thudded to a stop in Vegas, my grin widened. Mountains smiled
back, as if they remembered me. The first thing I saw when I got off the plane
was Logic Box, with a group of people I soon grew to love as the System
Failure crew: BarKode, skullY, and Mr. Sonik. It was also at that time that we
realized System Failure was comprised of a group of midgets.

Like in the Wizard of Oz, we managed to make it to the baggage claim. We sat
around... waiting to claim.. um.. sat around some more.. passed out blow pops
and sat around some more. Clearly, we were missing something important. The
people I sat by on the plane were missing a piece of luggage, so we followed
them into an office and filed for missing luggage. The clerks offered special
rush delivery service for $21 COD, so we left the airport with the expectation
that our luggage would be in our hands at 1pm.

The highway ribboned toward our weekend residence, and I was suprised to see
that our hotels were not the ghetto dumps that I had expected. There was this
weird curved net stuff with lights on it that covered a few streets.. it's too
hard to explain. More like a giant canpoy of lights that went from one side of
buildings to the other, protecting the street. We parked, and went up to the
SysFail suite at the Golden Nugget.

After everyone beautified themselves, we walked to the Plaza (admiring the
"PLA" sign which was missing the Z and A) and got our badges. Turning around,
I spotted XBS. I was under the assumption that he wasn't going to be there.
According to Secret Squirrel, I ran as if I were going to attack him and
tackle him to the ground. Right after that, Secret Squirrel joined us, and
gave me a beanie baby penguin named Waddle. I pulled a fuzzy squirrel keychain
out of Pedestrian's (my penguin backpack's) back and let it hop over to Secret
Squirrel. I also got the room key to his room.

We met up with some other people: Foneman and his cute spikey hair, Darkcube,
Mr. YoYo, paiNe, Joker, PBX Phreak and more. As I walked into the convention
hall, I couldn't help but notice how much more organized DefCon was this year
compared to the last. When I got there, the line for a badge and entry was
non-existent. The exhibits had a large room of their own, as did the speaking
hall, and there was a large antechamber that led into these two rooms. The
setup was sweet; I hope DefCon is at the Plaza again next year.

Have you seen the covers on the Sandman comics? You can see something, but
it's all broken apart and blurred, and there are other wacky things in the
pic.. that's how my day was. Describing Friday is difficult.

The first thing I did when I walked into the con room was to look for Iron
Feather Journal. I met them through the rave scene in Colorado last year, and
got interviewed by them for a zine they were working on. I had also given them
art for a CD called Choons and Warez (get that CD, it rawks). When I found
them, I got a copy of the CD.. and then got dragged off by someone. Then,
Teeleton found me and told me that Level6 was upstairs (got there early), so
we ran up there and I gave him lots of hugs and smooches cuz I missed him. =)
Then we went down to the con; Level6 got his badge and I got my table.

We took the last table at the con, in a tiny corner of the room. Emptying the
contents of my backpack onto the table revealed a stack of scavenger hunt
rules, stickers, and sticker sheets, and some other stuff. Asphyxia set up
some of his equiptment to sell on one end of the table, and BarKode started
setting up his RealVideo cam on the other side. Unfortunately, we had NO power
(my extension cords were in my suitcase.. on a plane in some unknown location).
We really didn't have much the first day.. reminiscent of our sad little
DefCon booth last year. At least last year, we had RED DUCT TAPE!

At some point, when the excitement was dying down, me and Mr. YoYo went up to
Secret Squirrel's room. He was in there with Phear and some other people, and
I played with Waddle the penguin. Phear made some wacky pink stuff with
whipped cream. My response to that was hopping around and yelling "it's
neeeeatttt," which Phear thought was funny (I'm not sure why) and made me say
over and over. Come to think of it.. the people in the room below prolly got
really fed up with all that bouncing. I wonder who was down there.

Secret Squirrel taught me how to use an SWR meter. My radio was whacked out..
turns out the battery was messed up and I didn't have enough power to
transmit. The radio I had was an FT530 that I picked up during APE at Berkeley
earlier this year, and I didn't really play with it til DefCon. It also
couldn't communicate with the two-way radios that skullY brought.

When we walked back down to the SysFail table, there was a GTE van door that
someone brought in for the scavenger hunt. It was from the people who kept it
last year (they live in Vegas). We then hooked up with Rev. Krusty and some of
the TDYC people and went to lunch at a diner downstairs. Some of the SysFail
booth staff who went were PBX Phreak, paiNe, Mr. YoYo, and Lil' Matt. I don't
remember who else went. I ordered fries and a Dr. Pepper and PBX got the same
thing, and he paid for my food. Mr. YoYo got mass amounts of ice cream treats
and proceeded to eat not very much of it. Girls walked up to him asking for a
lick of his ice cream.

We got back, and people at the booth were like, "Where were you!#@$" At 1:00
we went to the Golden Nugget to check on the luggage, but it wasn't there yet.
We got back and BarKode got on the phone with the airline people.. went off on
the manager. After an hour, we found out that my stuff was in Albequerque and
the manager arranged for it to get on a plane to Vegas at 7:30pm. That was
fine with us.

The guys who brought the GTE van door brought us a rotary payphone. I don't
remember ever seeing a rotary payphone in my life; I must have when I was
little, but I don't remember them. Later, Adrian came to us asking about
points for strippers. Because we didn't want the security guards to catch us,
we set a chair up in the very corner of the room, behind the table, and made
his fiancee stand on it. She started stripping. I saw flesh and I really
couldn't watch anymore, but we got lots of pictures of it. Logic Box and
Asphyxia kept talking about it for a full half hour after the event.

We did booth duty for a while.. mainly explaining the scavenger hunt to
people.. not sure what else happened.. and we took the booth down at around
7pm. The entire day, we were making plans to see the Star Trek Experience (me
and BarKode are a couple of trekkies. William Riker has a copy of the original
Tori Do, that I had given him personally at a Creation Con in San Diego,
1994ish). We also wanted to hit up a rave that was being held at a club by the
MGM Grand. None of that happened because some of us wanted to see Hacker
Jeopardy. We made plans to meet at the SysFail booth at 9pm. Squirrel, Phear,
and I went up to work on the frequency hunt.. then everyone followed us up.
We kicked them out and worked on it a lot. We also went out onto the scary
unstable-looking ledge of a balcony and took pictures of Las Vegas at dusk.

At around 9, I started to get really worried about my stuff at the airport,
and I hadn't heard from Logic and the rest of the group for quite some time.
They stopped responding to the radio (Squirrel's radio, an FT50, could
transmit to them). I called the airport and got a VMB. I went out to regroup
and skullY, Sonik, Logic, PBX Phreak, and I ended up at the airport. The
entire ride up (long ride), I was fuming and saying how I wish I would have
gotten my ticket when I was going to, instead of letting someone else take
care of my travel arrangemewnts. Last minute, I had a weird feeling about the
flight and wanted to get a ride to DefCon.. the only reason I didn't do that
was because my stuff would get there at noon isntead of 9am. I had no idea I
would get my stuff at 10pm. I was expecting to go yell at some ditzy airline
chick, but when we walked into the luggage claim area, all of my stuff was in
the middle of the floor. Relief swept across my face.

We carried the luggage out, and were stopped by a hunched over man who wanted
our claim ticket. I had Albequerque tickets and me and Logic started going off
about how I was supposed to get this shit at 9:30am .. he waved us along. I
guess if you ever want to get out of an airport in a hurry with your friend's
bags or something, just bitch a lot. The attendants have better things to do
than argue with you.

On the way back, PBX Phreak gave me a backrub. We got back to the hotel and I
took out some of the goodies: mass amounts of OCI books and folders,
programmable LED sign, blacklights (put them in a safe place cuz they were
breakable), various signs, blowpops, and SysFail shirts!@

If you looked at the SysFail shirts and didn't know what was on the front,
I'll explain here. When I was bored at school (Palomar College), sometime in
1997, I was tutoring a 9-year girl named Sarah in art. That inspired me to be
a little more experimental in my own artistic ventures. Between astronomy and
college algebra, I sat down in the science area and drew a Celtic-looking
picture of a dog. I scanned it, and put it over a photoshopped background.. I
redid the image in 1998 and put it on the front of the shirts.

We had been waiting FOREVER to go eat dinner.. so that's what we did. Phear
and Squirrel already ate, but me and Logic, PBX, skullY, Sonik, BarKode, and
Vect0r were famished. We walked down to the Fremont Street area (the part with
the overhang) and found a place that served food. It was late, so all of the
buffets we walked by were closed.

Our server messed up on ALL of our orders. It was amazing. Me and PBX Phreak
thought we got off lucky, but the server apparently brought us the wrong kind
of soup. We all ordered Coke. We were almost done eating by the time Logic's
food came. The soup we ordered was wonton soup (the resteraunt had a
late-night Chinese food menu) and there were flaky white thingy floating in
the broth, along with disgusting looking vegetables and pasty green-tinted
wontons. The fried rice was so greasy that you could almost see reflections in
it. We hardly ate. That was also when we made BarKode a member of System

When the bill came, PBX Phreak totally went off on the waiter, insulted him a
few times, and then yelled at the manager. In turn, the manager called a
security guard. We paid and left the building.

On our way to the hotel, our group got stopped by some pedestrians (not
pedestrian the penguin; he was on my back). A middle-aged couple was sitting
on a bench, drunk, asking us if we were hackers. They saw it on the news. The
girl was from Texas and the guy from Lousiana. They were obnoxious hicks who
just installed ICQ!

BarKode convinced them that his digicam had microfilm in it, and they thought
he was James Bond. They kept calling skullY "Agent skullY." They kept asking
us if what they saw on TV was right, and if we were the "good" hackers.

We then split back to our separate hotel rooms. We caught up with Secret
Squirrel, and me, him, BarKode, and Vect0r went down to the Plaza snack bar
and had a gigglefest because we were suffering from sleep deprivation.

Riiiiiing Riiiiiing.. Logic Box called my hotel room at 8:30am to wake me up.
A minute later, the hotel wake-up call rang. Groggily, I stumbled around the
room getting convention stuff together. I suprised that Vect0r didn't wake up,
cuz I kept landing right by his head.

PBX Phreak came first, and Squirrel let him in. PBX hovered in corners as I
re-braided my hair, hunted for various things in the dark, and did other
pre-convention type things. Another knock at the door let the rest of System
Failure in, and I loaded them up with various pieces of the booth.

When I got down to the convention floor, I tracked down Dark Tangent and asked
him where I should set up the table. "Just find one not in use and take it,"
he replied. Only a few people were there early setting up, so I nabbed a spot
by my friends at Iron Feather Journal.

It took me an hour and a half to set up the System Failure booth. It was
designed and constructed by Level 6. This was one of my dreams--a fully
portable, lightweight, customized, and practical convention backdrop. Saftey
pins and wires held the exhibit together, with blacklights and a flashy LED
sign giving the structure its personality. A flourescent green Penguin Palace
logo hung in the center of the booth, below an LED sign. Various drawings were
pinned along the sides, under blacklight, with a black flannel canopy casting
shadows along the interior. Our products and informational papers were laid
out across a table and a half. SysFail members, proudly wearing their shirts,
manned the table.

Our shirts began selling, and within five hours we ran out of merchandise. We
sold a bunch of Systems Failure CDs given to me by my friend Jason from
Scattered Comics, and all the stickers. People came up to us asking if they
could run through DefCon naked, so I raised the points on that for the
scavenger hunt to 100. After I did that, ThePublic said that I just wanted to
see him naked.

Mr. YoYo, paiNe, and Lil' Matt wanted me to go eat with them, but I had to go
with Phear and get people to sign up for the frequency hunt, which was
starting at 2pm. We had 30 minutes to get people to join. Logic Box and PBX
Phreak were freaking out because I kept "disappearing," running off and
talking to people 20 feet away from them. PBX followed me into the bathroom
(I was at this point getting tired of being followed around), and then we went
downstairs to catch some food.

I saw Mr. YoYo down there and he was really hurt that I didn't go down there
with him. 2:00 rolled around, and just as I was about to dash upstairs to
check on the hunt, our food came. I ate half a tuna sandwich and fries, and
gulped down a Dr. Pepper, then went up to check on the hunt. Nobody had showed
up, so Squirrel and Phear moved it to 2pm the next day; at the same time, the
scavenger hunt ended.

Me and Mr. YoYo started to mess around with our ham radios. We went upstairs
looking for Level 6 and Squirrel, so that they could mod YoYo's radio. They
did it, and it ruled, and we decided that going to the ham radio store in
Vegas to get me a radio battery would be a good idea. By the time we rounded
everyone up, Level 6 wandered off, so we went downstairs. I ran into the con
room to tell Logic that I'd be gone for a while, and ran out to the group. We
loaded into Mr. YoYo's car and went to the radio place, but it was closed.

Mr. YoYo's van had no seats in the back, making the ride really interesting.
We couldn't think of any other places to get radio batteries, so we headed
back to DefCon.

Mr. YoYo and I hung out with Squirrel some more, and then stopped in his room
to get something. Lil' Matt was supposed to be resting in there, but he wasn't
there. We started looking under pillows and stuff for him, and found that the
bathroom door was locked with he lights off. Panic set in and we pounded on
the door. Matt was only 15; you may remember him as the person with
shoulder-length green hair and big pants. He walked in about 5 minutes later,
to our relief. Mr. YoYo then proceeded to hunt for his radio manual, and we
decided that the maid carried it off or something.

Logic radioed that we should break the booth apart, so I had everyone there
shove what was left into a duffel bag and leave the pipe structure. Me, YoYo,
and Lil' Matt went to the con room, where Foneman was guarding our backdrop.
Logic and PBX Phreak came back, and we took the backdrop apart. Apok0lyps
stopped by and gave us compliments. I wrapped the black sheet that covered our
table around Lil' Matt, like a black toga. We carried everything up to
Squirrel's room. About twenty people were in the room, and we decided to split
apart. The people who wanted to see Hacker Jeopardy stayed at the con (BarKode
and some people), and everyone who wanted to have fun playing in Vegas went
with me.

Food was a priority, so we went to the diner downstairs. Not all of us fit in
the elevator, so we lost about 15 people. I ran ALL OVER the hotel, the
perimeter of the casino, the con table, speaking hall.. and found everyone (at
one of the elevators? I don't remember). We made it to the diner, and the
server said that there was NO way that we could all eat together. We walked to
Burger King, on Fremont street. We looked like a mini-parade--noisy, bouncy,
and obnoxious. We spotted someone wearing an "I Spotted the FED" shirt.

We stopped so the alcoholics could get booze, and Insight grabbed me and Phear
and tried to shove a margarita down my throat. I did a breakaway and got away
from Insight, and we sparred a little. He grabbed my wrist and we goofed
around a little more, and my watch flew off. It didn't break or anything, but
that ended our little fight. =)

We got in line for Burger King. It was situated above the casino. I felt like
someone watching ice skaters at the mall, except I was watching gamblers waste
time and money. I ordered a Dr. Pepper.. it was the first time PBX Phreak got
something different than me (he got food). I was too hyper to eat, though. We
put 5 tables together, ate, and walked to the garages where our cars were. We
split into two groups; one in skullY's car and one in Mr. YoYo's.

Logic Box, paiNe, Mr. YoYo, Insight, and Lil' Matt were all in YoYo's car with
me. paiNe was driving and I was up next to her, giving her shampoo/conditioner
tips or something. Phear, Mr. Sonik, Secret Squirrel, Corro, PBX Phreak, XBS,
and Vect0r went with skullY in his van. A VW Bug followed skullY's van, and in
it were Teklord and some guy whose name nobody remembers.

Our van got lost on the strip. None of us knew where the Las Vegas Hilton was,
where the Star Trek Experience was. I leaned out of the car and talked to a
limo driver, and got directions. As we turned left off the strip, someone in
the back rolled a joint. Everyone smoked it but me and Logic. When it was
passed to paiNe, Logic Box flipped out (he's paranoid about drygs and stuff).
We made it to the Hilton, and drove around and around and around in the
parking garage. On the radio, the other van reported that they got hassled by
security for standing on the grass. We ran down to the group and I pounced on
XBS, pushing us onto the grass. Everyone screamed.

We walked into the building and followed the signs to the Star Trek ride.
After I got my ticket, I noticed the Klingons guarding the entryway. "Let's
get a picture with the Klingons!" I yelled. Our entire group posed with one of
the Klingons, who growled when I leaned back against him. We walked up the
ramp into a Star Trek museum. I pulled a blow pop from Pedestrian's back, and
handed the penguin to Squirrel. I ran back to the Klingon and said "Want a
Blow Pop?"

I hold the candy out to him for a few minutes, and he says, "What is this
thing, this Blow Pop?" I reply, "It's candy. You chew it. It makes
your mouth muscles stronger so that you can bite your enemy."

"Ahh," he responded. "It is for trade." He accepted my gift, and as someone in
line called my name, I pounced away. The Klingon stood in place, holding the
Blow Pop upsidedown.

Moments later, someone tapped my back. I turned, and saw the Klingon moving
toward us at a rapid pace. A voice commented that he did not look pleased. The
Klingon caught up to us and started to give us a personal tour of the Star
Trek museum.

Of course, we couldn't help picking on the poor Klingon. We even agreed to
give $50 to whoever could get the Klingon to break out of character. We told
him some crazy stuff, like that Bill Gates was our leader, and that he was
like a Ferengi crossed with a Tribble (Klingons hate Tribbles). Corro tried to
grab the Klingon's gun, and the Klingon looked at him as if he wanted to rip
Corro's spine out of his body. The Klingon said something to the effect of,
"It is because of fools such as him that the Klingons have developed magnetic
technology that welds a weapon to a specific DNA pattern."

Talking to the Klingon with everyone was the best part of DefCon, and I can't
even remember a lot of what was said. I was laughing hysterically the entire
time. Maybe it was the kind of thing you had to experience to really

I do recall at one point, PBX Phreak was making faces at the Klingon. I leaned
over the railing and whispered to the Klingon that PBX Phreak was doing a
human mating call at him. The Klingon then commented in a loud voice, "I have
heard that humans can be unsure about their gender."

There was a display with female Klingons, and me, Phear, and Teklord started
like, uNFing and whistling and yelling sexually-oriented comments about them.

We finally were led into a prep area. If you've ever been on Star Tours at
Disneyland, it's like the part where you have to look up at a TV screen that
briefs you on your "mission." The Star Trek theme played, and Teklord sang
along with it.

The screen fuzzed out and we got sent to the future. The year changed to 2023.
Our guides rushed us into a turbolift and left. I wobbled around, as if the
ship were under attack, and smacked into Insight. Me and Insight started
moshing, and everyone jumped in. The lights dimmed, and when the turbolift
stopped, our guides and an ensign ran over.

"Are you all okay?" screamed one of the guides.

Secret Squirrel lifted up his arm, and yelled out, "I lost my hand!" Everyone
doubled over in laughter and tears as the girl started laughing. She was the
first person who couldn't stay in character.

We got led into the actual ride, and the captian said that I should be dragged
off to sickbay for a mental health examination. We sat down, with Logic,
Phear, and I in the very back. The captain came out and briefed us, and after
Teklord yelled something out at him, I told the captain that Teklord was his
great-great-great grandpa. The concept of the ride was a spacefight; the 3D
graphics were pretty convincing.

"When we were being seated in the `shuttlecraft,' after Teklord said, 'We're
the best of the best of the best SIR!,' maybe 15 seconds later the screen just
came on, and he ripped it out," explained Phear. "It's running Windows 95,
we're all going to die!!"

We left the ride and wandered towards Quark's bar. Me and Insight were up
front, turned and saw everyone clustered around some information kisoks. The
Star Trek Experience's webpage was up on a touch-screen. We started running
the VRML pages and kicking towards the computer below. I found a chat room for
Logic Box, then an idea flickered when I saw "Instructions on Internet Relay
Chat." I clicked on a few more things and clicked on an IRC program, which
saves to the hard drive. That got us into the actual machine and we were able
to navigate through the NT network. We went into the main server and started
moving files into different folders. A security officer came from behind me
and said, "Step back from that computer."

There were two kisoks. At the time, Phear was poking at the reset button on
the other system with a long straw. I got rid of the screen I was in and
backed away, and the guard told us to leave the hotel.

We left in somewhat of a hurry, but lost paiNe. I dashed out to the grass and
flung myself onto it, rolling. Some other people from our group were doing the
same. The feeling of rolling on forbidden grass made me giddy.

By the Stratosphere, a fireworks display was starting up. It was the most
impressive commercial display I've seen in a long time. Hotel guests were
sitting on the grass over by a hill, so we all laid down to enjoy the display.
paiNe made her way back to us, and Teklord left with his friend in the VW Bug.

We left, this time Mr. YoYo's van ended up with him, me, Phear, Lil' Matt,
Insight, paiNe, and XBS. In traffic, the passengers played Chinese firedrill.
YoYo turns the music up and me and XBS started grooving in the backseat. We
drove near the Stratosphere, and Mr. YoYo yells, "Rollercoaster!" We drove
through the taxi-drop off area of the hotel and got stuck in traffic, so I
opened the van door, jumped out, and started dancing. When the traffic started
letting up, I got back in and we parked.

"I thought it was funny when you were dancing in the van and that lady beside
us stared laughing," said Lil' Matt. "She had that look where she was trying
not to laugh but she couldn't hold it."

We followed a wacky maze to get up to the top, but we made it. Phear stayed by
the ticket counter with the parents of all the kids who wanted to go on the
rollercoaster. Me and Lil' Matt had second thoughts about the ride; both of us
were afraid of heights. Lil' Matt was afraid of rollercoasters, though. His
courage to go on the ride inspired me to go on, as well as when Mr. YoYo said
something to the effect of, "You aren't going to get to do anything like this

The line was long, and it took us at least 30 minutes to get to the ride. The
wind whipped past my face when I stepped out to the coaster cars. The
Stratosphere was the highest point in all of Las Vegas, and going up there
made me feel weak and dizzy. The rollercoaster was horrible at first, but as
soon as I realized that it wasn't going to shift sideways, and that it was
kinda of a roundandroundandroundandround ride, I started to not get scared,
and opened my eyes.

When we got off the ride and made our way out, we split up. paiNe and Insight
went to gamble. Mr. YoYo, Phear and I went to McDonald's. Mr. YoYo had a
flurry and I tried some of it. I got a soda and was filling it with water,
like 5 times.. then with caffeine-rich Dr. Pepper!@$!

We walked around the mall area for a while. The stores were separated into
geographic region themes. We meandered down to the casino to catch up with
paiNe and Insight, who didn't win us $10,000. Fifteen minutes later, Phear
heard something on one of the radios and called the hotel room. The other van
had freaked out after we hadn't shown up, and people were getting really

We realized that we lost XBS, so we searched for him. When we quit our search
(he's a big boy), we went to the car and found a note that said he went with a
friend somewhere. As quickly as we could, we drove back to the Plaza. I holed
up in Phear's room for a while and talked to Level6, and then went to have a
talk with Logic Box. We heard that security was going to check on our rooms,
so we all scattered, and most of us headed to Gwonk's room to have a party.

I gave Teklord a really super good backrub, since I had owed him one for over
a year. Then I ran around getting donations for I holed myself
up in the closet and made a general announcement that it was my office. Joker
made an appointment.

First, I had a serious talk with Teklord that lasted forever. Then, PBX Phreak
and Logic Box pulled me out to talk, and PBX said goodbye, cuz he didn't think
he'd see me the next day (and Joker missed his appointment).

paiNe took me over to Mr. YoYo's room, and there we found Joker, BarKode, and
Lil' Matt (I think). Joker had a video camera, so me and Mr. YoYo stripped for
it. We took off our shoes, socks, hats, jewelery, and DefCon badges, and gave
the camera seductive looks. Joker pulled his pants down and showed off his
pooh bear boxers. I took the camera and taped him doing a slow-motion olympic
star run down the hallway in his boxers. It was getting daylight and cold, so
I crawled into YoYo's bed and accidently fell asleep.

I woke up at 11:30am thinking, "where am I!?@#" I woke BarKode up and we
dashed upstairs. I started packing. Soon, SysFail people wandered up into the
room, and Level6 came looking for me. By 1pm, I was done packing and
everything was in the car. Level6 and I went searching for Xx25, so that we
could leave. We found him at a blackjack table, and he gave me one of his
chips. We stopped at Wendy's, and then left Vegas.

We went through the Hoover Dam area, and I hung out the child-safe windows to
get pictures. The rest of the trip was like any other road trip, but it was
special. We brought rain back with us, to a state suffering from a month-long
heat wave.
                               DefCon 6 Review
                       by Mr. Sonik (
10:30 AM, Wednesday morning - I was awakened by the sound of skullY ringing my
doorbell so that I could finish packing my things so that we could hit the
road on our way to DefCon 6. This is actually when the excitment of all the
things I would be doing and the thoughts of meeting new people were accually
getting me really ready to go, despite only having four hours of sleep the
night before.

Once we were all loaded up and on the road, I was pretty excited and couldn't
wait until we got to Las Vegas and the the real fun started. There isn't a
whole lot for me to say about the trip down there. It was pretty boring for
the most part... just monotonous driving in the van all the way to Reno, where
we stayed for the first night and got all rested up and ready to go the rest
of the 600 or so miles to Vegas.

Once we arrived in Vegas, I saw that it was a lot different than I expected it
to be. First of all, people in Nevada can't drive worth shit. Second, the town
was bigger than Hell and it was very easy for us to get lost. We arrived at
the Golden Nugget Hotel and skullY went to check us in at about 6:30 PM or so.
Once the room was ours, skullY came and got me and the rest of the stuff from
the van and we walked up to our room and scoped it out. When we got there, the
room phone was blinking, alerting us to a message that was waiting for us. The
message was from Logic, who was already whining at us for being an hour late
getting to Vegas. After about a minute or two of trying to page Logic, who
thought his pager would work in Vegas, we got a knock at our door. It was
Logic and BarKode, who were bitching at us again for being late.

Once we all got settled into our rooms, we went over to the Plaza Hotel, where
the con was yet to start. We hung around for a little while around the third
floor and spoke to a few other DefCon visitors. The first people I remember
meeting from IRC, besides Logic and BarKode, was Joker and Phreak of Nature.
We kinda hung out for a while and decided that we should watch the Fremont
Experience. After the neato light show, we piled into skullY's van and headed
to the airport to pick up Phear. Once we all got back to the hotel, Corro
showed up and we all decided that getting drunk would be cool. That night we
went to Molly's Resturant inside the Fitzgerald and had prime rib dinners.
After dinner we all went back to Phear's room for a little while, and then
BarKode, Logic, skullY and I went to our room at the Golden Nugget to get some
sleep so that we could head to the airport to pick up Pinguino in the morning.

The next morning, Pinguino's flight arrived late and we met her, talked for a
bit at the terminal, and headed to the baggage claim so that we could get her
stuff. We ended up waiting for about 20 minutes before checking with the
airline office before we found out what happened to her things. During the
entire ordeal Logic kept bitching about the SysFail t-shirts and our lost
booth (which was in Pinguino's luggage, in some other state). The rest of that
day was pretty cool, even though we had a makeshift booth and shitty network
connection that decided to go down about 10 minutes after it was up. After we
kept checking up on the hotel's front desk for Ping's luggage, we went back to
the airport to see if it had arrived there yet. We found her stuff sitting
inside the terminal, apparently forgotten by the staff. I think we drank some
more alcohol that night too. Who knows.

Saturday morning we got up super early so that we could go set up the DefCon
booth and start selling our stuff. The day seemed to go really slow for me for
some reason. We tore down the booth at about 7:30. I thought it was like ten
at night. Anyway, the big exciting thing for the night was going to the Star
Trek Experience at the Hilton. It was a pretty kick ass ride; the Klingons
were cool too. After the ride, Pinguino owned the Star Trek Experience just by
using a touch screen. I had no idea that she was so eleet. :)

The next day was kind of a blurr, but that's understandable, being drunk at
night and starved of sleep during the day. But we did make it out to see Mafia
and hung out on the strip. We also went to the GameWorks arcade and got two
hours of play for $15. It was a pretty cool arcade.

Monday we got up really early and packed all our shit, and skullY and I took
Logic and BarKode back to the airport and we headed home the same way we got
there. We had a lot of time to make up so that I could get my sorry ass back
to work on time on Tuesday.
                               DefCon 6 Review
                by Saint skullY the Dazed (
Ok, here's my nifty DefCon 6 review. To make the long story short, we hung
out, got drunk, got stoned, were con whores, and all sorts of other cool
things. If you want a longer review, keep reading.

First, Sonik and I drove through Oregon and California and Nevada to DefCon.
It took two days, and really sucked. Don't ever drive to DefCon if you live
farther then 500 miles away. We then checked in and met Logic Box and BarKode.
After he bashed my face apart for being late and I kicked his in teeth in for
that, we went downstairs and met Joker and Phreak of Nature. We decided we
wanted to watch the Fremont Experience, so we walked out and waited and waited
and watched an ambulance pick up some fat lady who fell off her barstool or
something then waited some more and finally the light show started.

After watching it, we drove to the airport to pick up Phear. We drove Phear
back to the  hotel and he checked in. Somewhere between checking in and
getting booze, Corro showed up. So anyway, we got booze, and BarKode, Sonik,
Phear, Corro, Secret Squirrel and myself all drank. We decided afterward that it'd be a  good idea to get something to eat. Since it was 12:30 at this point, there
wasn't much open, at least by Vegas standards. We ended up at Molly's inside

At Molly's, they had to make up a table for us since we had like 10 people
with us. Once we got our table, we had to decide what to eat. Most of us had
the $4.99 prime rib. The waitress was really cool and let us take pictures of
her with our radios. After that, we hung out in Phear's suite for a while,
then went back to our room for a quick couple hours of sleep.

Friday morning we had to get up at 7:00 so we could meet Pinguino at the
airport. After waiting for 45 minutes, her plane finally landed and we went to
get her bags. Another 20 minutes of waiting and we realized they weren't
there. We went over to the Southwest Airline's counter and found out the bags
didn't make it onto the connecting flight. We told them to rush them over to
the room (they had all the stuff for the table and the prizes in them), and
left for DefCon. We got to the con, grabbed a table and set up a makeshift
booth. Basically it was just us, a sign made from a piece of notebook paper,
and some miscellaneous stuff others had brought. Luckily we did have the
scavenger hunt list, so we got that started. Within a short while we had a
door, a pay phone, and tons of porn fliers.

We started getting things set up, including the video feed, and things were
rocking until the network went down. That's when we had to stop Logic from
killing himself because he couldn't IRC anymore. It was during the outage that
some group got a girl to strip for us. Logic and Asphyxia will prolly ramble
on about it for hours, but as far as I was conceded it was cool, but not worth
talking about for more then two sentences.

Throughout the day, we were basically con whores. We did keep checking on
Pinguino's luggage, which the idiots at Southwest never sent. We finally went
down to the airport about 8:00 and found it waiting at the baggage check area.
We lugged it back to the hotel and left it in Secret Squirrel's room. Then
Ping needed to take a shower, so Logic and I read some nifty OCI docs that
Pinguino and Pesto had scored. Those are fucked up, and will be released soon.
After that, I'm not real sure what happened, but I think we all ate and then
drank some more.

Saturday. Biggest day of the con. We got up early and got to the convention
hall to get set up; we managed to get in an hour early. After spending 1.5
hours setting up and having people get let in 30 minutes early, we were in
full swing. We sold all of the cool SysFail shirts we had (Pinguino is having
more made, so go order them! (shameless plug)), some weird industrial
Christian CDs ping had gotten called Systems Failure, and a buncha stickers. I
also met PBXphreak, Calimar, Carolyn Meinel (yet another sticker on her back
(yes Carolyn, that was us again)), random people, and someone who does weekly
broadcasts and said he'd link to SysFail's page. I'm sorry, I lost the flier
you gave me, please e-mail me so I can put a recursive link back to you. When
the con was winding down as far as tables went, we took down the SysFail booth
and then went to watch Emmanuel Goldstein rip on Takedown. Watch for the movie
to come out, it'll be the next 'Hackers!' Sometime after that, I got stoned
with Mr. YoYo and paiNe, then everyone went to the Star Trek Experience at the

To get there, we took two vans. Secret Squirrel, Phear, Corro, Sonik, other
people, and myself took my van, while Logic, Pinguino, Mr. YoYo, paiNe, and
Lil' Matt took YoYo's van. We beat them there, and were waiting at the bottom
of the parking structure. Three of us were sitting/laying on the grass, and
the rest were playing with the spongy sidewalk. While we were waiting,
security came by and acted like assholes because we were on the grass. We got
off the grass and made sure not to walk on the sacred ground. Next year that
grass will be gone. Finally, YoYo rolled up, and we went inside the hotel to
the Star Trek Experience.

The ride was pretty cool. We tried to get the Klingons to laugh, but were
unsuccessful at that. We did manage to get one lady to crack by screaming
mosh pit after a particularly bumpy section. After the ride, we hung out in
the promenade until we were kicked out.

The reason we got kicked out is their informational kiosks. It's basically a
Windows NT4 machine with a touch screen rather then a mouse. What happened, is
that Pinguino found some chat thing and clicked the About button. After that,
it popped up a new browser window that gave us access to the file menu. From
there, we were able to see what was on the machine, and browse their network.
They weren't happy about that, hence we got kicked out. Everyone e-mail Dark
Tangent and tell him to get the Las Vegas Hilton, as we need to root the
kiosks more and steal all their grass. After that, we all went to dinner at
some crappy restaurant that fucked everything up, and they ended up calling
security to make sure we made it out of the hotel. We then hung out a while,
drank some more, and fell into bed for a glorious six hours of sleep.

Sunday we all slept in, so there was no SysFail table that day. For the
morning, we all just hung out, and then Secret Squirrel, Corro, Phear, and
myself decided to go see a movie. Logic Box, Sonik, and BarKode all decided
they'd rather be con whores. We went to the MGM Grand, which was the closest
theater. Well, on the way, Secret Squirrel broke my window, so when we stopped
Phear and I fixed it while Squirrel and Corro went to check on movie
showtimes. Seeing that we missed the show and the next would start in time for
everyone from the con to go, we decided to just hang out at the MGM. We played
some video games and I kicked ass at Cruisin' World. We then visited the Coca
Cola store and found they had a robot to greet people. We found the frequency
(127 something), but no one had a radio that could broadcast there. Next year,
baby. Anyway, we went back to the con, and YoYo, paiNe, and I got stoned
again, then we went and watched Mafia. The movie was ok, coulda been better.
We then went down to the GameWorks arcade and played for two hours ($15 for
unlimited play from midnight until 2am). After that, we hung out in Phear's
suite and finally got to bed about 4am.

Monday, we got up, I kicked Logic's and BarKode's ass to get out in time, and
Sonik and I dropped them off at the airport. From there, we headed back home,
again two days of driving.

I'm sure there are tons of holes there, but I wasn't sober most the time, so
you can get the gaps from the other four reviews. E-mail
and tell him to hold next year's con at the Las Vegas Hilton (not the
Flamingo). Hey, it might happen! Fnord!
                               DefCon 6 Review
                       by BarKode (
Pinguino shows us her stuff, BarKode passes out on the floor, Record amounts
of alcohol are consumed, Tickle-Me-Elmo terrorizes Plaza security, and the
Hilton gets owned. Yes, these events and many more occured at this year's
DefCon 6, as System Failure decends upon Vegas taking no prisoners.


My journey began Wednesday before DefCon; I had errands to run and things to
do before driving to Logic Box's house in Sunnyvale from Sacramento.

So, in about 5 hours I bought a digital camera from Fry's, exchanged a pair of
shoes, and ran around Sacramento trying to take care of everything so I could
get out of town.

Around 6:49 I turned off of Howe Avenue onto Highway 50 on my way to
Sunnyvale, arriving a bit after 8:30. We needed to be up at 8am, but we didn't
get to sleep until 4am, because we had to beat River City Ransom and watch
Clerks *and* Student Bodies before we went to sleep.

Darkcactus was there when I arrived, and ran over to Arby's on the way to drop
him off at his place. The Arby's in Sunnyvale has an ANSI character
touch-screen menu ordering system, much to Logic Box's enjoyment. We ended up
achieving all of the above goals before catching some sleep around 3 or 4am.


Waking up from the noise, we ended up at the airport around 9:30, and our
flight was late. Ooooh, I was surprised. Regardless, we arrived at McCarran
airport a bit after noon, me having slept through a good deal of the flight.

Catching a limo to the Golden Nugget, we ended up riding with an FBI guy who
was there on vacation, who had heard a little about DefCon. He proceeded to
tell us of the government agencies he had worked for previously, neglecting to
mention a large amount of specifics, but was a nice enough guy.

Anyway, after checking our bags at the Golden Nugget, we went to the Plaza to
find the con room, and ran into Swift, Noid, and associates, had a brief
conversation. Hanging out in the hall outside the conference room, we were
talking to a couple guys from Idaho when I noticed a some people from 303 walk
by, while at the same time Logic Box saw Lefty/Secret Squirrel walk by. We
both were like, "Hey, look who's over there." We were both looking at
different people, and I thought he was talking about the same people Logic was
talking about. I ran after Lefty and got him to tag along with Logic Box and
myself. Regardless, we ended up going up to someone's room and meeting up with
Joker, Vect0r, Mr. YoYo, and friends. We decided to head off to the Ham Radio
place, and piled into a van with the seats removed.

It was hot in the desert, and we drive a good 30 minutes to get to the Ham
place, a worthwhile trip as the place was awesome. YoYo picked up a nice Yaesu
and we took off to Wendy's.

Returning to the Plaza, we sat around for a while in Lefty's room before going
back to the Golden Nugget to try and find skullY and Sonik, who were two hours
late (this involved some harassing of a lady in an elevator, but we won't get
into that becuase I didn't approve).

Watching the Fremont Show en route, we found them at the Golden Nugget. We
wondered around for a while before having to pick up Phear at the airport.
Getting back to the Plaza, we made our booze run. I got the biggest wine
cooler I've ever seen, and drank it all on an empty stomach. More pointless
wandering around after this led us to the room at the Golden Nugget, where I
started to write this. :) Lefty and Joker were here and they wanted to program
their radios.


I woke up this morning to Logic Box screaming at me, trying to get me to get
up so we could get to the Airport to pick up Pinguino. Of course, her luggage
was still in New Mexico when she arrived, and we had to pay $21.00 to get it
express shipped to the hotel. She had all the shirts and etc. for the booth,
so our arrival to DefCon was without bounty. The con was getting underway by
the time we got there, and we ran into Corro, Joker, and Phear right outside
the con. Upon getting in the door I talked to Richard Thieme for a while, then
broswed around for a while before setting up our table in the corner. We had
no network access. Neither did the rest of the "rave" room.

Well never fear, BarKode's here to run a bunch of cable. I ended up spending
the next hour or so borrowing parts and cables to run about 100' of Cat 5
cable from the rave room to the network tables across the floor. Nobody else
was going to do it, they just wanted to sit around and complain for hours.

Still without power, my next quest was to get juice to the equipment so
everybody could plug in their machines and hubs. Once I had this done everyone
was happy to have network access, and I got the streaming video feed set up
off of my laptop. I was streaming RealVideo back to a Brooks Fiber co-location
facility in Sacramento, to be rebroadcast to the internet from there.

Not surprisingly, the ADSL line was having problems, hence the intermittant
feed from the con. When it was up, we were probably streaming, and the
RealEncoder software I was using was barely making it on the laptop with the

StripCon happened later that day when some girl stripped on our table behind
the backs of distracted security guards for points in the scavenger hunt.
Logic Box and Asphyxia wouldn't shut up about this for the next hour, even the
next day. I was more concerned with getting her away from the booth
immediately following the show to avoid any potential trouble.

Walking around during the day, I ran into Courtnee, who told us of her run in
with security guards and a van. It seems she had gotten extremely intoxicated
the previous evening and had hidden from security guards under a van, due to
her not being of legal age to drink at the time. They found her and hauled her
out from under the van, scraping up her hands. Doesn't this happen to her
every year?

DrekHead decided to write a network scanning tool for some purpose, but ended
up accepting the challenge to write a functional ethernet sniffer in less than
20 minutes. I told him I'd give him a dollar if he wrote it in Fortran, but he

Ok, this is where it starts to get less accurate, because I'm writing this
part at 5:30 Saturday Evening. Hacker Jeopardy started around at 10:00, which
proved to be not that interesting. DrekHead, Corro, and I were going to go up
to play, however our team didn't get drawn, which was actually a good thing
considering Corro was not present at the time. I didn't stick around, I ended
up taking off to clean up the SysFail booth. Sonik and I picked up the GTE van
door which had been brought to us earlier in the day and began to take it up
to the hotel room at the Plaza for temporary storage. This lead to a funny
incident. The elevator door opened, someone looked at us, the doors began to
close, and the guy looks over at the door, and says, "What the fuck?" as the
doors shut.

We deposited the door, and made our way back to the Con. We met up with the
group and made our way to dinner at some cafe on Fremont. This place sucked,
and the waitress, er, waiter even, was a jerk. He messed up the orders and we
ended up paying too much. PBX Phreak threw a big fit and security got called.
We were kind of escorted out of the restaurant.

On the way back some pedestrians (drunk, southerners) started to talk to us
and ended up holding us up for 20 minutes. We kind of messed with them and we
took a picture of them with us. I convinced him my digital camera contained
secret government microfilm, and the guy swore up and down that I was James
Bond. He told us of stories in which he had shot his neighbor's dogs because
they were being too loud. Louisiana...hmmm....

Finally we get back to the Plaza, where I started mixing strange drinks and
became intoxicated. Ping, Vect0r, Lefty, and I all headed to the snack bar on
the first floor. This became a circus quickly because I was a bit liquored up
and the rest had traveled great distances and were suffering from sleep
deprevation. People gave us funny looks as we had a gigglefest (co: Ping) for
about half an hour, and then jammed back up to the room for some sleep. I'm
not quite sure what happened between then and when Pinguino and I passed out
in Secret Squirrel's room, with SS taking the other bed, and Vect0r hitting
the floor.


Saturday I woke up around noon and was late getting to the con, where our
booth was up and running and kicking serious ass. We sold almost everything,
including all of our shirts. We took some cool group pictures.

We finally got the quickcam up and running properly, as I ran into Teklord
today and we downloaded RealEncoder and started streaming video from his
machine. I hung out and watched some con stuff for a while, a few talks,
wandered around and talked to people and hung out at the System Failure booth.

I ran into quite a few people today, including Garbage Heap and Rosie the
Riveter, some friends who recently moved away. We ended up hitting the Star
Trek Experience, which was awesome, and ate at Quark's. It took like over an
hour to get back, and I missed the majority of the TCP/IP drinking game, ack
(no pun intended).

I couldn't find Pinguino, who supposedly had my room key. So I ran into TRC,
KC, and Squishy! Squishy was the guy who walked me back from the Monte Carlo
to the Excalibur at DefCon 4. Squishy is always drunk, and he was absolutely
plastered tonight. I went up to their room where KC introduced me to some neat
drinks and neat shot glasses with built-in chasers (I'm not that into chasers,
however). Some guy comes into the room and starts pulling out some crazy stuff
from his backpack, including a nice magstripe decoder I wanted to get, but he
didn't want to give it away.

Well, Squishy ended up using the bathtub as a restroom, much to my dismay as I
was the next person into the bathroom, but Squishy was way too drunk to even
talk about it, he just wanted to get into a wrestling match with that guy that
had the magstripe decoder, and proceeded to do so. TRC, Casey, and I were
rather annoyed and decided to head back up to Squirrel's room for booze. We
grabbed what was left in TRC's room and split, only to find Squishy hot on
the trail. This wasn't a problem, we just needed him to chill out.

We all went to Secret Squirrel's room to continue our alcohol escapade.
Squirrel decided to go on a booze run due to lack of product, so he taook some
orders. As he took off, Sloth and Asphyxia (Sloth being wasted) came running
down the hall yelling about "I didn't do it!" Everyone started coming out of
their rooms looking around, and Sloth fell through the doorway drunk. At this
point I was already annoyed at Sloth and now I was just pissed off, and I
wasn't too pleased with Asphyxia. This was the general concensus, and Squirrel
said "Get that guy out of my room." I was in agreement with that, and Asphyxia
and Sloth took off. Asphyxia wasn't being bad or anything, but Sloth was and
Asphyxia had to escort his drunk ass back to his room.

Well what had happened is Squishy had jumped up into the air and broken a tile
in the ceiling in the elevator room. This wasn't as bad as everyone made it
look like, and security never showed up. Nevertheless we had already moved all
the beverages to another room, and now moved it back.

At some point I met up with Teklord and he joined the party, as Teklord and I
have known each other for a while and have had yet to sit down and have a
drink. We recitified this quickly, and posed for a cool picture.

XBS and I were dubbed "The Booze Brothers" as we were taking shots of whatever
would fit in the glass. I became rather drunk and the rest of the night we all
moved from room to room hanging out. Arriving in Gwonk's room, we continued to
drink, and I ran into a guy named Kaidream from Bakersfield, and posed for a
picture with him and XBS. I left my shot glass in there as well, argh. Teklord
and I had some drinks for a while after a brief ClosetCon with Pinguino, and
caught up on things.

The rest of the night was parties with friends and meeting new people. DefCon
folk were particularly friendly and open this year, and that made the con even
that much better.

I ended up with Pinguino and Joker in YoYo's room, where we hopped around and
played. Pinguino and Mr. YoYo gave us a good strip show (socks, shoes, hats,
and DefCon badges), and Joker ran down the hall in his underwear in
slow-motion on camera. Ping, Joker, and myself all hopped into bed for the
now-infamous threesome picture (fully dressed, I might add). I ended up
passing out cold on the floor, and Pinguino followed suit soon after. Ping
woke me up in the morning (morning, pshaw. It was like a few hours after we
went to sleep around 5 or 6) and we had to jam.


Turns out that the previous day at the Star Trek Experience, Pinguino had
broken into one of the Internet Explorer stations they have sitting around for
people to browse an internal Star Trek site with (I believe
was actually the majority of the site). Somehow she got out of the browser and
was moving files around the network when she was accosted by Hilton security.
They ended up just walking away, and broke into two groups. We couldn't find
them for hours, but Phear, Pinguino, and the rest of the people with them
wandered into the hotel room a few hours later. We were rather distressed at
their absence and were pissed to find out that they had just been hanging out
at the Stratosphere.

Sunday was primarily a relaxation day. Idling around the con and just talking
and meeting people, introducing friends to friends and exchanging e-mail
addresses. We walked around and just talked to everyone. As the con came to a
close, people said their goodbyes and took off. It was at this point that the
harassment of the Plaza security stopped, as for some reason someone had been
broadcasting Tickle-Me-Elmo over their security frequency throughout the
entire con.

However, that afternoon, Phon-E was approached by some military authority and
escorted from the con. Mixed reports lead to believe that the person was a
member of some detention/corrections department, however this could be wrong.
Either way, the team went into damage control mode in about 30
seconds. The escapade supposedly had them following the car Phon-E was in for
a while, but I'm not sure how it ended out.

We ended up seeing a movie (Mafia!, which sucked) and hanging out down the
strip later that evening. We visited that big Coca-Cola bottle building and
ran around causing mayhem for several hours. Corro took off around midnight.


Monday we awoke to be driven to the airport by skullY and Sonik, and we got on
our plane literally seconds before departing the gate.

DefCon 6 was nice, much better than I expected considering last year was a
downfall from DefCon 4, and I'm glad there's not a downward trend starting
here. I hope everyone had fun, and I hope to see you all again next year.

        | DefCon 6 Quotes

 Don't fondle the plastic bread.

 Anything else to drink?
 We're already drunk.

 It's 2:30? It was 9:45 a minute ago.

 How would you like that cooked?
 Like McDonald's does it.

 This van door is ruining my shoe.

 I wrote a telnet client in perl on my placemat.

 Oh, did I just stab you?

 It's neeeeeeeaaat!@#

 You're like James Bond.

 Whose fucking leg is this?

 IRC is fucking life!#@%$!@^%!#@$^!#$%@#!^!#$^@#$^#!$%!@#

 It's never too early to get fucked up!

 You shit marijuana?

 Why are there footprints on the ceiling?

 I wanna steal that bottle cap.
 What the hell would you do with a 20 ft. bottle cap?

 Pong you fat bitch!

 What the fuck? (As Sonik and BarKode tote the GTE van
door upstairs)

 XBS, I killed your pudding.

 Is it me or is the Statue of Liberty stacked?

 Me and Linux, we get along.

 I'm not drunk.
 I'm a little bit drunk.
 I'm FUCKING drunk.

 I look high.

 It's fucking RED.

 This fucking toilet seat sucks.

 Logic, you can buy 50 cent pieces at the bank.
 Really? How much are they?

 This elevator smells like ass.

 Are you implying that you're dead?

 Did you guys bring any fruits or vegtables with you today?
 *points at sonik* Just him.

 Four big ass Dr. Peppers, please.
 What size?

 I owned them without even touching a keyboard.

 Is everyone alright?
 I LOST MY HAND(*&&*(!#&*(!$#*(&(&@*#

 There's something wrong with me.


 You almost dropped her off a mountain?

 Things that go BEWM@^&*#@^&*$

        | SysFail Mailbox

Oh boy, here's a couple more neato e-mails we've gotten from people lately.

From: Sarin
Subject: good site but...

i like the new look of your site,
but now i cannot find a certain phile...

it described the process to hack the NCIC
just one prob with it, the password is asterisked over...

where can i find it?
thank you.
(dont mention my name, i know it isnt safe)

# Um.
# 1. That article was just a joke. Retard.
# 2. You obviously know nothing about any type of UNIX operating system.
# 3. We took that article (and several others) off the site because we're
# being more selective about which ones we HTMLize. Search back issues for it
# if you really want to see it.


From: Gryzor
Subject: Hello

hello i am french and i want to creat an good site
with an search motor inside, for that i search some zine underground
i can't localized Total control Mag you have some information on it or
you can send me these filez ??

# I'll let you know, just as soon as I figure out what the hell you're asking.


From: Jokers Wild
Subject: joining

I am j0k3rs WiLd. I would like to join your group. I am an experienced
hacker who lives in Georgia. I have been into "Security" for 3 years.
I would be willing to contribute "k-rad" graphics to your web page.
I use Photoshop. If you are interested email me back.

# I'm sure you're one of the best security guys out there, but I don't think
# we're ready for someone of your obvious skill level. I'll get back to you
# when hell freezes over.
That's it for issue 14. You can probably expect our next issue sometime in
early November (I hope).

Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox

Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.