CONNEXION ✔ Connexion INSCRIPTION ✔ Inscription Un Bug ? ✐ Un Bug?



Plateforme de Hacking

HackBBS.org est une communauté faisant évoluer un système de services vulnérables.
Nous apprenons à exploiter de manière collaborative des solutions permettant de détourner les systèmes d'informations.
Cet apprentissage nous permet alors d'améliorer la technologie, les relations humaines et les intérêts.
Nous défendons les valeurs de l'entraide et du challenge et contribuons
modestement à rendre l'expérience des utilisateurs finaux
la plus agréable possible.

L'irc est assez actif. Le forum doit être remplacé par une version plus moderne.
Il rentre donc à son tour dans la liste des cibles disponible.

La refonte est en version alpha. Cette nouvelle plateforme permet de pentester à distance sans avoir son matériel à disposition.
Via l'exécution de scripts python connecté en websocket à l'ihm web, nous pouvons piloter le chargement de scénario
d'attaque/défense en "multijoueur" ^^.
Le système permet de charger des scripts de bibliothèques partagées et de chiffrer les échanges selon les modules déployés.
Vous trouverez dans la rubrique article de nombreux tutoriels afin de mieux comprendre la sécurité informatique,
ainsi que différents articles plus poussés.
Hacker
  • Sniffing
  • Cracking
  • Buffer overflow
  • Créations d'exploits
  • Social engineering
  • L'anonymat sur le web, spoofing
  • Bypass-proxy, Bypass-firewall
  • Injection de code SSI, SQL, etc...
  • Utilisation d'exploits, création de scripts(php, irc, perl)
  • Cours en ligne
We make porn
Donate Button
Loading

Please Donate To Bitcoin Address: [[address]]

Donation of [[value]] BTC Received. Thank You.
[[error]]
Nous vous recommandons de sniffer votre réseau lors de votre navigation sur le site. La refonte vous fournira un outillage pour réaliser vos attaques/défenses.
Flux RSS

flux RSS d'HackBBS Abonnez-vous. Soyez prévenu des tournois, challenges, actualités, ...
Recevez nos dernières actualités sur notre flux RSS.


Dernières mises à jour
Déploiement du vpn en mode TUN pour supporter les devices mobile Android.
Publication officielle de l'existence du FTP de hackBBS
Mise en place d'un nouveau système de publication d'article. Désormais, les contributeurs pourront aisément publier du contenu.
Implémentation d'un nouveau service vulnérable sur le dédié. (source du service dispo dans /usr/local/src/)
Création de 2 nouveaux comptes sur le dédié.
Mise en ligne de nouveaux articles sur les réseaux de neurones.
Premier tournois Battle-bot sur irc.hackint.eu.
Mise en production du flux rss.
Lancement du projet battle-bot. Ce projet est l'organisation et le développement d'un tournoi de bot sur #hackbbs-battle. Pour plus d'informations se référer à la section tournois dans le menu de gauche.
Mise en production de l'outil turtle search. Cet outil permet de chercher dans notre base de donnée les liens, documents, programmes, qui ont été utiles à la communauté.
Mise en place outil RSS. Nebojsa est nommé "responsable news". Cette responsabilité touche les nouvelles du site et les m-a-j effectué sur le flux rss.
M-a-j du syst. de ban anti-scan. Rien n'est fini, et scan autorisé ! C'est juste un challenge de plus, et le ban n'est que temporaire
M-a-j pages toolbox, merci à the-death pour sa contribution

Challenges
Vous pourrez également participer à de nombreux challenges en constant renouvellement (si possible :p)
Dernièrement, les missions relativent aux derniers produits open sources marchent bien :)

Votre ultime challenge sera de défacer HackBBS. De nombreuses failles sont présentes. A vous de les trouver et de les exploiter.

Cet ultime test permettra de constater votre réactions face à une faille.
Black ou White? ^^

Ezine du moment: pchack.txt

                     ==------------------==
                       The PC Hacking FAQ
                     ==------------------==

                      Version 2.0 7/10/96

----------------------------------------------------------------
           Written By Olcay Cirit, <olcay@libtech.com>
----------------------------------------------------------------
DISCLAIMER: The author of  this  text  disclaims  all  liability 
whatsoever  regarding  the use and/or misuse of  the  techniques
outlined  here  or any damages incurred directly  or  indirectly
thereof. 


                       Table of Contents
                     -=-=-=-=-=-=-=-=-=-=-
                  X. Introduction
                  1. Hardware and Firmware
                      a. The BIOS
                           Passwords
                           Resetting the CMOS
                      b. Floppy Locks
                           Picking Them
                           Buying them
                      c. Last Resorts
                           Hard Disk Extraction
                  2. DOS, Windows, and Netware
                      a. Getting access to DOS
                           Boot from a floppy disk
                           Bypass startup files
                           Bypass DriveSpace
                           Break out of Autoexec.bat
                      b. Getting to DOS from Windows
                           Password Protection
                              Windows Login
                              Third-Party Passwords
                              Screensavers
                           Windows-Based Security
                              DOS Through OLE
                              DOS Using Write 
                              DOS Using Word
                              DOS through MODE
                              DOS through Windows Login
                      c. Getting Past Netware
                           Common Account Names
                           Resetting Netware
                  3. Building a SECURE system
                      a. Understanding the Issues
                           Potential "Hackers"
                           Physical Security
                           Software Security
                           Passwords

----------------------------------------------------------------

X. Introduction

This FAQ describes how to break-in to a PC (IBM-Compatible) 
from the outside in, and how to bypass some common software-based
security measures. The last section details how to secure your
PC against most of such attacks.

If you would like to receive updates to this FAQ as soon as
they come out, send me a message (olcay@libtech.com) and ask
to be added to the mailing list.

Contributors to this FAQ: 

	KORO the Great  ksahin@scruznet.com
	Neil Chou       Neil_Chou@ilanet.org
	John Lundgren   jlundgre@deltanet.com
	Bob             rsh@inforamp.net
	Scorpion        favata@epix.net

Special Thanks to those really cool Netware Hackers! [Part 2c 
is based on parts of the Netware Hacking FAQ]               

Why did I write this? Because there were just so many questions 
on alt.2600 concerning 'How do I get past XXXXX security?' that 
I got tired of answering each one individually. I'm also shocked
at the fact that some people consider Windows 95/DOS to be
secure. Expect to see this FAQ expand as I find more bugs and
holes in security software. 

Many of these solutions assume you have physical access to the 
PC. For example, you can't extract the hard disk or reset the 
CMOS over a network, but you can do it if you have access to the 
computer.

This FAQ was NOT written to help computer thieves, but rather to 
increase awareness of backdoors and inefficiencies in security 
programs. Another thing is 'the doofus factor': If you should 
accidentally lock yourself out of your computer, you might find
this FAQ to be a great help. I do *not* condone screwing up other
people's computers.

I would like to note that few of these tricks are new. I simply 
rounded up everything that I could find and what I could glean 
from personal experience into an organized file.

If you have any questions or comments, feel free to contact me.

	Have Fun,

	Olcay Cirit, olcay@libtech.com
	a.k.a, Deep Thought

----------------------------------------------------------------

1. Hardware and Firmware

1a. The BIOS

Passwords
=========
The BIOS, short for Basic Input/Output Services, is the control 
program of the PC. It is responsible for starting up your computer, 
transferring control of the system to the operating system, and 
for handling other low-level functions, such as disk access.

NOTE that the BIOS is not a software program, insofar as it is
not purged from memory when you turn off the computer. It's 
firmware, meaning it is permanently and unchangeably stored in
the machine. FLASH BIOS Systems, such as those from Phoenix and
AMI, allow you update the BIOS through software, but that's
another FAQ.

A convenient little feature that most BIOS manufacturers include
is a startup password. This prevents access to the system until
you enter the correct password. 

If you can get access to the system after the password has been
entered, then there is a software-based BIOS password extractor
available from:

ftp://oak.oakland.edu/simtel/msdos/sysutil/amis2990.zip


Resetting the CMOS
==================
There is only one other way to get past the BIOS password. 
It involves discharging the static memory (CMOS) used to store the 
password and other system information. Once it is discharged, 
however, you have to reset all the system settings by hand.

****Follow these steps:

	 1. Start up the computer
		a. If the system allows it, enter the Setup Screen
			(Usually by pressing F1, DEL or INS during 
			the memory check)
		b. Record all the Setup Information. Double Check.
	 2. Turn off the computer
	 3. Remove the casing, and put the computer on the ground in
		such a way that you can see and access the side of 
		the motherboard with the processor on it.
	 4. Look at the motherboard
		a. If you can see a round, disc-like battery, then
			remove it, and let the computer sit without 
			the battery for 15-30 minutes. Put the battery 
			back in.
		b. If you have access to the circuit diagrams for the
                        motherboard, look in there for the password or
			CMOS jumper. Flip it on and off.
		c. Look for a blue, soldered-in battery with a jumper
			running off of it. This jumper is for connecting
			an external battery. Pull it out for 15-30 min. 
			to reset the CMOS.
	 5. Replace the computer casing.
	 6. Enter the Setup Screen, and set the Setup Information
		back to the original values that you (hopefully)
		recorded. 

If you were unable to record the setup info, then you'll just have 
to set it up manually. Some newer Plug & Play BIOSes have an 
autodetect feature that automatically sets-up the hard disk and 
other items.

Again, I would like to mention that there are numerous password
extractors available for free off the internet and on BBSes. Try 
those first: they are much cleaner and easier-to-use.

----------------------------------------------------------------

1b. Floppy Locks

Floppy Locks are generally cheap plastic inserts that hook on 
to the inside of the drive and lock it, thereby preventing you from
using the floppy drive. The locks used are usually those little
swivel locks used in computer casings to lock the keyboard.

There ARE some very secure locks, with *unique* keys. Such locks
are not sold at your local computer store, and must be obtained
directly from a factory in Nice, France (didn't get the name,
though.). There is a distributor in Canada by the name of "Kappa
Micro".

If the lock is of the swivel type, you can either pick it, or
buy a key (they're all the same).

To pick it, you'll need a *thin* flathead screwdriver
or a paperclip. To pick the lock, take the paperclip and insert it 
into the little notch on the inside of the swivel lock. Now, pull to 
the opposite side of the lock until the swivel is in the unlocked 
position.

If you choose to buy a key, you can:

	A. Go to your local computer service center, and buy
		one of these keys. (Very cheap. Often less than
		$0.75)
	B. Buy the same brand of floppy lock, and use the key
		that comes with it.

----------------------------------------------------------------

1c. Last Resorts

If you are *REALLY* desperate to access this PC, then the following 
*might* work:

	1. Remove the PC Casing
	2. Extract the hard disk (By unscrewing and disconnecting)
	3. Transfer it to another computer. (Make sure that it is
		NOT set as the boot drive.)
	4. Start up this computer, and access the
		hard disk from there.

This will probably not work if an encrypted file system is in
use. The only way to access such disks is to enter the password, 
or figure out a way to decrypt it, so if you forget your password,
you're hosed. :(

----------------------------------------------------------------

2. DOS, Windows, and Netware

2a. Getting access to DOS

Some systems, are set up to boot directly to some sort of
shell/security program, like Windows, or Windows 95. If you
want to get access to a DOS prompt, you have some choices:

	A. Boot from a floppy disk
	B. Bypass startup files
	C. Bypassing DriveSpace
	D. Break out of Autoexec.bat

***Booting from a floppy requires you to create a system disk. 
You can do this using the DOS command FORMAT A: /S which will 
format a disk and place system files on it. Also, the Windows 
format (In File Manager or Explorer) has an option allowing you 
to create a system floppy.

Before you create a system disk, you must determine which
floppy drive is used to boot. If the system has both a
1.2MB (5.25") Floppy Drive and a 1.44MB (3.5") Drive, it is likely
that the boot drive is the 1.2 MB floppy drive. If the computer
has only one floppy drive, it is quite safe to assume that it is
the boot drive.

However, if you are unsure as to which drive is the boot drive,
you can either find out by entering System Setup (as described
in section 1) or by observing which floppy drive is read right
before the operating system loads.

If the system is set to boot only from the hard disk, then you
can refer to Section 1 on how to reset the CMOS.

Once you have a system disk, you place it in the floppy drive,
and turn on or reset the computer. If you have done everything
right, the computer will boot from the floppy drive and you will
have access to a DOS prompt.

This technique, of course, can be prevented through the use of a
floppy lock, and by setting the BIOS to boot only from the hard
disk.

***Bypassing startup files is quite simple, but only works on 
versions of DOS 6.0 or better and Windows 95. When you turn on 
the computer and you see the text:

	Starting MS-DOS ...

or
	Starting PC-DOS ...

or 
	Starting Windows 95 ...

Press and hold the SHIFT or F5 key IMMEDIATELY. This will bypass 
the startup files (CONFIG.SYS and AUTOEXEC.BAT) as long as the 
system administrator has not disabled this feature.

Additionally, you can press and hold F8 when the startup 
text shows to enter the Boot menu. This lets you selectively
disable certain commands, or bypass the startup files totally,
among other things.

***Bypassing DriveSpace works if compression software such as
DriveSpace or DoubleSpace has been installed. If so, when
the startup text displays, press and hold Ctrl+F5 or Ctrl+F8.
This will load the system without loading the compression
driver, which means you can't access the files on disk. 

HOWEVER, you *can* decompress the disk (DriveSpace only), as
long as you have sufficient disk space or enough floppies. 

If all else fails, you can format it or take it to a Specialized
Data Recovery service. They can probably recover the files by
moving them to a larger hard disk and decompressing. 

***Breaking out of AUTOEXEC.BAT is rather simple also. When the 
computer starts up and the operating system starts loading, press 
Ctrl+Break (Or Ctrl+C) repeatedly. When the AUTOEXEC.BAT executes, 
this will terminate it and drop you to DOS. This will work unless
the keyboard has been disabled, or is inactive during 
initialization (Drivers can be loaded in CONFIG.SYS which
temporarily disable the keyboard, and then re-enable it with a
command at the end of AUTOEXEC.BAT)

----------------------------------------------------------------

2b. Getting to DOS from Windows

If the above tactics fail, and the machine automatically loads
Windows, then you still have a very good chance of getting to DOS. 
Since Windows by default gives you free access to DOS, there are 
special security programs made specifically to prevent the user 
from accessing it, among other things. Most of these programs
can be bypassed.

Password Protection
===================
If when Windows starts up you are presented with yet another 
password dialog box, analyze the situation:

Windows Login
-------------
If this is the Primary Windows Login or a Network login,
then you can get past it by pressing the Cancel button (No
Joke!) to log on as the Default user. This is because the Login
information is used primarily for desktop preferences and
remote file sharing.

Login passwords are stored in .PWL files in the Windows
directory. You can reset all accounts to no password by
using the .PWL renaming technique described below. 

The filename of the .PWL file corresponds to the login name of
that user. For example, Olcay.pwl contains the encrypted 
passwords for the account "Olcay".

The password protection in Windows 95 uses a much stronger
algorithm, but you can still bypass it by *carefully* moving 
or renaming all .PWL files in the C:\Windows directory. The
password filenames are also stored in the SYSTEM.INI file.

So, to disable passwords:

        CD \WINDOWS
        REN *.PWL *.PW_

Similarly, to re-enable passwords:

        CD \WINDOWS
        REN *.PW_ *.PWL



Third-Party Password
--------------------
If this is a third-party security program, such as the one 
built-in to After Dark, try pressing Ctrl+Alt+Del when the 
dialog is presented to you. Most security programs go out of 
their way to be secure, and Windows 3.1 interprets this as not
responding to the system, and thus will allow you close it.
Windows 95 pops up a neat little dialog box that lets you
terminate any running application. How convenient. :) Once you 
subvert this, you can prevent it from bothering you again by 
editing the LOAD= and RUN= sections in C:\WINDOWS\WIN.INI.


Screensavers
------------
The password protection built-in to the Windows 3.1 
screensavers is extremely weak. You can bypass it by editing 
CONTROL.INI and searching for the Password field. Delete the 
junk that appears after the equal sign (This is an encrypted 
password).

To disable Windows 95 passwords, right-click on the desktop
and select Properties, choose the Screen Saver tab, and uncheck
"Password protected".




Windows-Based Security
======================
If Windows starts up, and Program Manager loads, but the File 
menu is disabled, and access to DOS has been cut off, or some 
other oppressive security measures are in place, fear not. There 
are ways around such programs, as shall be explained below:


DOS through OLE
---------------
OLE, for Object Linking and Embedding, was hailed as a great advance
in the Windows Operating System by letting you embed or link objects
(this includes Executables) in documents.

Scorpion pointed out that Object Packager, which lets you package
embedded files with icons, could be used to access DOS (or run any
program) from most OLE-enabled applications (Like Write, WordPad,
Word, etc.) Based on this information, I found a similar hole that
doesn't require Object Packager but still exploits OLE. Both of
these work in Windows 3.x and up.

Using Object Packager:

	1. Start up Write or WordPad
	2. Select "Object" from the "Insert" menu
		a. The location of the Insert Object command
			may vary. Look Around.
	3. Choose Package from the list, and click OK
	4. Select "Import" from the "File" menu
	5. Enter C:\COMMAND.COM, and select OK
	6. Select "Update" Under the "File" menu
	7. Go back to your document, and double click
		on the COMMAND.COM icon

Using Insert:

	1. Start up Write or WordPad
	2. Select "Object" from the "Insert" menu
		a. Again, the location of the Insert Object command
			may vary. Look Around.
	3. Select "Create from File"
	4. Enter C:\COMMAND.COM as the filename
	5. Click OK, go back to your document, and double click
		on the COMMAND.COM icon
	

DOS through Write
-----------------
This works by saving COMMAND.COM, the DOS executable, over WINHELP.EXE,
the Windows Help program. Unfortunately, this tactic will not work with
Windows 95. WordPad, the Word Processing Applet that comes with Windows
95, prevents the user from loading executable files.


	1. Go into Accessories, and start up Write (*NOT* NOTEPAD!!)
	2. Open C:\COMMAND.COM
	3. A dialog box will pop up. Select "NO CONVERSION"
	4. Select Save As...
	5. Save it as C:\WINDOWS\WINHELP.EXE
	6. If it asks if you want to overwrite WINHELP.EXE, choose
		YES
	7. Press F1. Normally, this loads Windows Help, but now it
		will create a DOS prompt window.





DOS through Word
----------------
Microsoft Word versions 6.0 and above have a built-in macro
language called WordBasic. This example works by instructing
WordBasic to open up a DOS window.

Most of the Macro languages of popular applications let you
do something similar to this technique. Look around in the
online help files.

	1. If Microsoft Word is installed, start it up.
	2. From the Tools Menu, select Macro.
	3. Type in a Macro name, and click "Create"
	4. When the Macro window comes up, type in one of the
		following depending on which Windows you are using:

		  For Windows 3.1: Shell Environ$("COMSPEC") 
		  For Windows  95: Shell Environ$("COMMAND") 
		  For Windows  NT: Shell Environ$("CMD")

		If all else fails: Shell "C:\COMMAND.COM"

	5. Run the macro by pressing the little play button on the
		macro toolbar. This will launch a DOS prompt.





DOS through MODE
----------------
When Windows 95 Shuts Down and shows that dumb graphic, it's
really just sitting on top of DOS. You can actually issue DOS
commands (although the graphic will cover them) on the system 
after shutdown!!!

A simple way to do this is to type:

        CLS

After the shutdown graphic shows. However, the text will be in 
40-column mode, which is hard to read, and incompatible with 
some programs.

If you want to get a nice, clean DOS prompt, you can type:

	MODE CO80

This will reset the screen display to the normal (80-column, 
16 color) DOS display mode.

*MOST* Windows Security programs are based on a VxD (Virtual Device),
which gives them unprecented power over the system while Windows
is running. After shutdown, all Windows-based programs will be
unloaded, leaving you free to explore using DOS.

For some unknown reason, this doesn't seem to work on some systems.




DOS through Windows Login
-------------------------
When Windows 95 Starts up, some systems are set up to show
a Windows/Network Login dialog box. You can press either

	Ctrl+Alt+Del

Which will let you Shut down the system (and apply the DOS
THROUGH MODE technique), End any running tasks, etc. Or:

	Ctrl+Esc

Which, since the taskbar hasn't loaded, will launch Task 
Manager. From this window you can end tasks, run programs,
and shutdown the system (again, the DOS THROUGH MODE technique
is applicable here). *All* programs are accessible from the run 
menu, so you can run C:\COMMAND.COM to get access to DOS.

----------------------------------------------------------------



2c. Getting past NetWare

This section is based on excerpts from the Netware Hacking FAQ.
Although Netware has met a general decline in use over the years,
I still thought it would be proper to include this.

Common Account Names
====================
Novell Netware has the following default accounts: SUPERVISOR, GUEST, 
and Netware 4.x has ADMIN and USER_TEMPLATE as well. All of these have 
no password set. Don't be a dummy, password protect SUPERVISOR and
ADMIN immediately. Below is a listing of common default and built-in
accounts that might be in your best interest to secure.

Account         Purpose
-------         ---------------------------------------------------
POST            Attaching to a second server for email
MAIL

PRINT           Attaching to a second server for printing
LASER
HPLASER
PRINTER
LASERWRITER

ROUTER          Attaching an email router to the server

BACKUP          May have password/station restrictions (see below), 
WANGTEK		used for backing up the server to a tape unit
		attached to the workstation. For complete backups, 
		Supervisor equivalence is required.

TEST            A test user account for temp use

ARCHIVIST       Palindrome default account for backup

CHEY_ARCHSVR    An account for Arcserve to login to the server from    
		from the console for tape backup. Version 5.01g's
		password was WONDERLAND.

GATEWAY         Attaching a gateway machine to the server
GATE

FAX             Attaching a dedicated fax modem unit to the network
FAXUSER         
FAXWORKS        

WINDOWS_PASSTHRU Although not required, per the Microsoft Win95
		Resource Kit, Ch. 9 pg. 292 and Ch. 11 pg. 401 you
		need this for resource sharing without a password.



Resetting Netware
=================
When NetWare is first installed, the account SUPERVISOR and GUEST
are left unprotected, that is, with no password. SUPERVISOR has
free run of the system. You can do anything you want.

But how can you make the server think it has just been installed 
without actually reinstalling the server and losing all data on 
the disk? Simple. You just delete the files that contain the 
security system! 

In Netware 2.x, all security information is stored in two files 
(NET$BIND.SYS and NET$BVAL.SYS). Netware 3.x stores that information 
in three files (NET$OBJ.SYS, NET$VAL.SYS and NET$PROP.SYS). The all 
new Netware 4.x system stores all login names and passwords in five 
different files (PARTITIO.NDS, BLOCK.NDS, ENTRY.NDS, VALUE.NDS 
and UNINSTAL.NDS [This last file may not be there, don't worry]).

Although Novell did a very good job encrypting passwords, they left all 
directory information easy to find and change if you can access the 
server's disk directly, using common utilities like Norton's Disk Edit. 

Using this utility as an example, I'll give a step-by-step procedure 
to make these files vanish. All you need is a bootable DOS disk,  
Norton Utilities' Emergency Disk containing the DiskEdit program and 
some time near the server.

1. Boot the server and go to the DOS prompt. To do this, just let the 
   network boot normally and then use the DOWN and EXIT commands. This 
   procedure does not work on old Netware 2.x servers and in some 
   installations where DOS has been removed from memory. In those cases, 
   you'll have to use a DOS bootable disk.

2. Run Norton's DiskEdit utility from drive A:

3. Select "Tools" in the main menu and then select "Configuration". 
   At the configuration window, uncheck the "Read-Only" checkbox. And 
   be very careful with everything you type after this point.

4. Select "Object" and then "Drive". At the window, select the C: drive 
   and make sure you check the button "physical drive". After that, 
   you'll be looking at your physical disk and you be able to see 
   (and change) everything on it.

5. Select "Tools" and then "Find". Here, you'll enter the name of the 
   file you are trying to find. Use "NET$BIND" for Netware 2, 
   "NET$PROP.SYS" for Netware 3 and "PARTITIO.NDS" for Netware 4. It is 
   possible that you find these strings in a place that is not the 
   Netware directory. If the file names are not all near each other and 
   proportionaly separated by some unreadable codes (at least 32 bytes
   between them), then you it's not the place we are looking for. In 
   that case, you'll have to keep searching by selecting "Tools" and 
   then "Find again". [In Netware 3.x, you can change all occurences of 
   the bindery files and it should still work okay])

6. You found the directory and you are ready to change it. Instead of 
   deleting the files, you'll be renaming them. This will avoid problems 
   with the directory structure (like lost FAT chains). Just type "OLD" 
   over the existing "SYS" or "NDS" extension. Be extremely careful and 
   don't change anything else.

7. Select "Tools" and then "Find again". Since Netware store the 
   directory information in two different places, you have to find the 
   other copy and change it the same way. This will again prevent 
   directory structure problems.

8. Exit Norton Disk Edit and boot the server again. If you're running 
   Netware 2 or 3, your server would be already accessible. Just go to
   any station and log in  as user Supervisor. No password will be asked. 
   If you're running Netware 4, there is one last step.

9. Load Netware 4 install utility (just type LOAD INSTALL at the console 
   prompt) and select the options to install the Directory Services. You 
   be prompted for the Admin password while doing this. After that, you 
   may go to any station and log in as user Admin, using the password 
   that you have selected.

**NOTE: If Disk Edit is unavailable, any Disk Editing utility with 
 searching capabilities will suffice.

----------------------------------------------------------------


3. Building a SECURE System

3a. Understanding the Issues

Potential "Hackers"
===================
After reading this FAQ, you've probably revised your idea of a
secure PC quite a bit. Truth be told, IBM didn't design the Personal 
Computer with security in mind. Back in 1980, their main objective was 
to get _something_ to market before Apple gobbled up all the market 
share.

After awhile, security programs started to emerge that attempted
to bridge this gap. These were quite popular, and were put into use
by many companies to prevent 'curious' employees from messing with
the computers.

However, ways to bypass these security programs were quickly found.
As long as computers are designed for convenience, and with humans
in mind, this will almost always happen.

So, who are potential "Hackers"? The answer is: Anyone. Experienced
users especially, but even newbies sometimes find weak spots. This
is not to say that everyone *is* a "hacker". (Note that I use quotes 
because I don't believe in the popular usage of the term "Hacker". 
The media is out of control: their usage of the word has conflated 
Computer Gurus with Criminals in the minds of the people.)

As always, prevention is the best medicine. The following sections
deal with how to secure your system, both through physical and
software-based means.



Physical Security
=================
In the old days, back when computers filled multiple rooms, the 
security of a system was basically all physical: Locks, security
guards, etc. Now the emphasis has shifted away from physical security,
and is leaning more towards software-based methods. However, 
in some cases, a certain degree of physical security is in order.

***If you want to prevent people from resetting your CMOS and 
accessing the floppy drives, etc. you have to secure the system 
itself. This can be done by having the computer in a locked room, 
leaving only the screen and keyboard accessible. There are many 
products which let you extend the reach of screen and keyboard cables. 
Even some that let you control many different computers using one 
screen. 

***There are also security devices available made by companies such as
Anchor Pad, Lucasey, and others that completely enclose the PC.  
These are devices such as lockdown pads, cables for monitors, and 
metal boxes. There are also devices that cover and lock the floppy 
and CD-ROM slots.  

***Computer locks which bind your computer to a desk are good for
discouraging theft.

***To protect your hard disk data, I would suggest investing in a
removable media system that lets you "hot-swap" and lock hard disks. 
The hard disk could then be easily removed (with the *unique* key)
and stored in a safe to prevent theft of data. Drives such as
the Zip (100MB), Ditto (800MB), and Jaz (1GB) are removable as well,
but do not lock. 

Make sure that you test the computer immediately after these
lockdown devices are installed. In some instances the stress induced
on the casing by the devices can cause certain parts to malfunction.

***You can buy devices that prevent the PC electrical cord from 
being unplugged or turned on without a key.

***Investing in a UPS (Uninterruptable Power Supply) System is worth
the cost. These protect against power fluxes which can damage your
system. In the case of a power out (or if someone trips over the cord),
UPS systems give you 5 minutes of rechargeable battery power to save 
work and perform an emergency shutdown.

***As one last measure of security, it's always nice to invest in
some insurance for your computer. It won't get your data back,
but it *will* give you some peace of mind.



Software-Based Security
=======================
Below is a list of measures you can take to secure your system using
software/firmware based methods. They are listed in order of 
increasing security, so minimum security would be only implementing
option #1, maximum security would be implementing #1-8. Keep in
mind that implementing any of these without implementing every item 
below it leaves possible entry points open.

	1. Set up a BIOS password for both the Setup screen *and*
	   access to the system.
		a. Make sure the password is not easily guessable
			(i.e., birthdate, name backwards, etc. are
			 easily guessed) See next section.
		b. Make sure that the password is the maximum possible
			number of characters supported by the BIOS.
	2. Disable floppy booting from within the BIOS
	3. Disable Bypass of startup files
		a. This is done by adding the line:
			SWITCHES=/F /N
		   to the CONFIG.SYS file.
		b. Additionally, you might want to precede
			all statements in the Autoexec.bat
			with CTTY NUL, and then have CTTY CON
			as the last line. This prevents breaking
			out of autoexec.bat
		c. If you use DriveSpace compression, add the
			following line to your DRVSPACE.INI file:
			SWITCHES=/F /N
		d. Add the line:
			BREAK OFF
		   This reduces the number of chances you have to
		   break out of AUTOEXEC.BAT, all though it doesn't
		   switch it off entirely
	4. Set up a DOS-based Security TSR
		a. Make sure you cannot access the floppy drive
			without a password, and that it allows
			for write-protection.
		b. Make sure it allows for password protection.
	5. Set up a Windows-Based Security program
		a. Make sure you can control which features of
			Windows you can limit or disable.
		b. Make sure it allows for password protection.
        6. Instate Windows Security Policies using Policy Editor
                (Described Later)
        7. Install an encrypted filesystem program. (i.e., CryptDisk)
		a. This will prevent access to the computer and
			files on the hard disk unless the password
			is entered. It will render your data 
			unaccessible even if the hard disk is 
			extracted from the system.
        8. Delete the following DOS programs (or move them to
            a floppy):
		FORMAT
		DELTREE
		SUBST
		JOIN
		BACKUP
		RESTORE
		ATTRIB
		MODE


Passwords
=========
Passwords are generally the weakest link in the security chain.
When choosing a password, remember these tips:

Do NOT choose something obvious: Swear words, your birthdate,
topics pertaining to what you do and/or your interests are are
examples of BAD passwords.

A Good Password is one that is totally random. To pick a password,
try this: Grab a dictionary. Close your eyes, and flip to a 
random page. With your eyes still closed, put your finger on a 
random spot on this page. Remember the word, and do this again. 
Combine the two words, and append a three-digit number to the end. 
You also might want to intersperse non-alphanumeric characters 
into the password in random ways, such as an odd dash or 
apostrophe here and there.

Also, NEVER write your password down. Always keep it in your head.
A simple Post-It note on your monitor can bring down all the
security that you so meticulously set up!

A good password system hides the passwords from everyone, 
including the system administrators. This means that the sys 
admins cannot tell if the users are putting in weak passwords.

One final note: When designing a security system, be sure to take
the user into account. If a system is of such high-grade security
that it is a nuisance to use, people will always find the lazy 
way to do it. (Post-it Notes...)
                   
----------------------------------------------------------------

Manifest
Le but de ce site est de mieux comprendre la sécurité informatique.
Un hacker par définition est une personne qui cherche à améliorer les systèmes d'information dans le seul et unique but de contribuer à la stabilité de ces systèmes!
La croyance populaire laisse entendre que les hackers sont des pirates.
C'est vrai. Mais il y a différents types de pirate.
Tout comme il y a différents types de personnes.
Les bavures courantes auxquelles on pense lorsqu'on évoque le terme de pirate informatique
seraient les hacks de compte msn, ordinateurs lâchement trojantés avec des exploits déjà tous faits
et encore peut-on classifier en tant que hack le fait de spammer
alors que depuis plus de 15 ans des scripts tous faits le font extrêmement bien?

Ce ne sont pas des hackers qui font ça!!!
Nous appelons ces gens des lammers! Quand ils sont mauvais,
ou des black hat lorsqu'ils sont doués dans la mise en application de leurs méfaits.
Aucun amour propre - Aucune dignité
Agissent par dégout, vengeance ou simple plaisir.
Les raisons peuvent être nombreuses et je ne prétends pas devoir juger qui que ce soit.
Je pense juste que l'on ne doit pas utiliser l'épée de fly pour commettre des injustices.
Il est 100 fois plus profitable d'améliorer un système que de marcher sur un château de sable... même si marcher sur un château de sable est rigolo :P
A vous de trouver votre amusement. ;)

Tu peux réagir sur la shootbox


Disclaimer Veuillez lire obligatoirement les règles ci-dessous avant de consulter ce site.
Conformément aux dispositions des différentes lois en vigueur, intrusions et maintenances frauduleuses sur un site, vol et / ou falsification de données.
Vous ne devez en aucun cas mettre en application les stratagèmes mis en place par ce site, qui sont présentés uniquement à titre d’éducation et de recherche dans le domaine de la protection de données.
Vous ne devez en aucun cas utiliser ce que vous aurez découvert, sauf si vous avez une autorisation écrite de l’administrateur d’un site ou que celui-ci vous ai ouvert un compte uniquement pour la recherche de failles.
Tout cela est interdit et illégal ne faites pas n'importe quoi.
Vous acceptez donc que l'administrateur de ce site n'est en aucun cas responsable d'aucun de vos actes. Sinon quittez ce site.
Vous êtes soumis à ce disclaimer.
ET À CE TITRE, NI LA COMMUNAUTÉ, NI L'ADMINISTRATEUR, NI L'HÉBERGEUR, NE POURRONT, NI NE SERONT RESPONSABLE DE VOS ACTES.