                        *********  *    *     ****
                            *      *    *    *
                            *      ******   *  
                            *      *    *    *
                            *      *    *     ****
   
                            The Hacker's Choice
                         Part I - The Login Hacker
                    (c) 1996 by van Hauser/THC of L.o.r.E.
-----------------------------------------------------------------------------
                
                                                            
                    
                                  
                                                   
                                        
                                             
                                             
                                        
                                                   
                              
                
                             The Hacker's Choice            
                
--------------------------------------------------------------------------------



                  *****     *****   ******  **  **
                   ** ***  **   **  *******  **  **
                    **  **  **   **  **       **  **
                     **  **  **   **  **       **  **
                      **  **   **   **  **       ** **
                       ** ***   **   **  *******  *****
                        *****     *****    ******  ****


                              LOGIN HACKER v1.00

                             PUBLIC FINAL RELEASE







     Introduction
----------------------
This is a fine program for hacking systems. 
You can use up to 3 dictionary files PLUS 3 Brute Force Generators to 
penetrate the target system.
Please note : This tool is for Sysops & SysAdmins only to check it on their
own system. Don't do anything illegal with this! 
If this software formats your harddisk, crashes your computer, lets the monitor
explode, fucks your girlfriend and kills your dog - sorry, i don't intended 
this program to do THIS, but you do everything on your own risk ... ;-)

If you write a good script and/or a successful one then send it to me!
                       Email : vh@campus.de
            If you need more commands etc. tell me too!





     SENSE & SENSELESS existance of a Login Hacker
-------------------------------------------------------
Sure this hack utility is neat, flexible etc. but you may ask why someone
should need and use it. It seems that it's only a program for "lamers" or
newcomers who think about using this program to hack governement computer
is the way to all successful hacking. 
Of course most systems are surveilled and when many failed login attempts
are encountered security functions and alarms are triggered. 
So this could be a one-way-ticket for novice hacker to jail.
Sure that may happen - and sure that will happen.
Of course thats the same for BBS hacking, after 10 tries the sysop will be
alarmed and know whats going on. 
But for unix there are possiblities to check for correct passwords
without triggering logs & alarms but you can do this too with a script
and a nohup + & command to run them while you are offline.
So these AREN'T the thing to use this Login Hacker for.

I needed this 2 times in life : 
First : An old telekom computer system, which allows you to do unlimited
        password attempts.
Second: A unix system which could only be reached from a telnet platfrom
        where i couldn't use the rare known possibilty to hack without alarms,
        so i dared to do it with triggering alarms.

Not very much for writing such a big and flexible program.
But while searching for an already written one, i never found one, and many
guys i asked told me they searched too for this shit.
I think everyone who's into hacking tried once to find such a program.
And every toll free scanner or carrier scanner can image at least one phone
number where he could use this program.

Or maybe you want to use it with the risk of triggering alarms in your mind
to get into a closed system because you haven't got another chance
(a bank etc.) - BUT if you do THIS make your call untracable!
Either bei using other outdials, blueboxing, etc. or they'll get ya ass.
Keep this in mind and read on.





     What to hack - and what NOT!
----------------------------------------------
For what do you need a login hacker? - Sure to get in.
Either if you just want one account for access to the system -  thats OK,
or your goal is SysAdmin access on the target system - if so *NEVER* try
to hack the SysAdmin account directly with this tool!
First their passwords are usally much much stronger then those of the
average user, second on many systems their are special security functions
to prevent a login hacking on the Administration Account.
(On Unix this is an error message with level CRITICAL (auth.crit),
on others, like novell, the option might be turned on to disable the
Sysop account after 3 bad logins. AND nearly every software has got a
special security feature to only allow Sysop/Admin login from the console only!
So *NEVER* try to hack ROOT, OPERATOR, SYSADM, MANAGER, etc. directly)

The important part is to get in - remember that.
Once you are in, the system is much more vulnerable to your attacks.
Try to get the text of the update's description, then you know most time
where the usually security problems of this particular software lie ...
or try to contact some hacker and ask them.

How to know which users to hack : In my experiences femalse users often got 
easy to guess passwords. But of course males often too ;-) Try to get to know
how the login names are given out (forenamen, Nickname, Familyname, 1st Forname
Character + Familyname, Fantasyname etc.).
Usual passwords for those accounts are the Loginname, Forename, Familyname,
Forename+Familyname and 1st Forename Character + Familyname ...
and try "bad" passwords like girlnames, football things, "123", "secret", etc.
On Unix systems ya can easily get to know the login names by a) probing with
finger  or b) telnet to the smtp port and expand ALL ... and verify them to get
their full names.

Other possiblities to use the Login Hacker:
Modem Dialups protected with a system password (You just get a "PASSWORD:"
prompt. Or sometimes you get one which sends NOTHING to your modem).
Note:It is very easy to program a script which can hack those "Silent Carriers"
     with the Login Hacker ... use your brain and try it out ... those are
     the best to deal with ...





     The WHO IS WHO in this great package
----------------------------------------------
There are 2 EXE File in this BETA Package :
LOGINH.EXE    This one is the main program to hack everyting
LH-COMP.EXE   This is the compiler for hack scripts if you want to use them
X00.EXE       Fossil Driver. Use if you use EXECUTE. Load with :   X00.EXE E 2

other files included in this package :
FILE_ID.DIZ   whats that? how has that gone into this package ??
HISTORY.DOC   take a look how this program evolved out an idea.
LOGINH.DOC    you are reading me (unless you are blind)
SCRIPT.DOC    The DOC file for the script language - PRINT IT OUT !
RESULT.DOC    The meaning of the result codes reported from Login Hacker
UPDATE.DOC    how to update from an old version
VH_BASE.DIC   my own basic dictionary!
LH&SCAVE.TXT  Example script to use the LOGIN HACKER with the SCAVENGER DIALER
THC&SCAV.SCR  SCAVENGER example script you'll need it for LH&SCAVE.TXT script
REBREAK.SCR   SCAVENGER example script you may need it for LH&SCAVE.TXT script
HANGUP.SCR    SCAVENGER example script you may need it for LH&SCAVE.TXT script
PICKUP.SCR    SCAVENGER example script you may need it for LH&SCAVE.TXT script
THC-LH_1.TXT  An example of using the script language
THC-LH_2.TXT  The second example of using this script language
DEC-SERV.TXT  One successful script which got through! (by Tron X)
PASSCODE.TXT  Another script (by MindManiac) ;-)
THC.NFO       VERY important! Everything about our group ;)
LORE.COM      neat intro for LORE BBS, written by Plasmoid (only 2 kb!)

and after some time of using you'll also find LOGINH.CFG (the config file for
LOGIN HACKER) plus file with the following endings :
 .LOG These are the logfiles created. If a logfile already exists, all data
      will be appended. The logfilename is either specified in the script or
      in the online hacking setup.
 .SCR These are the script files created with LH-COMP.EXE. Only these files can
      be loaded into LOGIN HACKER be and used.
 .HCK If you abort a hacking attempt, or something goes wrong, files with these
      endings are created. These are the datafiles which point to the actual
      dictionary/bruteforce settings when this datafile was created. If you
      hack this system again, LOGIN HACKER will asks you if you want to use
      the data from this file. So you can abort a hack session and continue
      later. IMPORTANT : The Forename of this file is NOT the 
      scriptfile-forename but the logfile-forename ! So if you write the hack
      data of another hack to the same logfile it will ask you to use the (old
      and false) data! so keep it in mind.





     How to handle this
-------------------------------
It's very much self explaining so there's not much of a docu this time ...
You must write a script to hack hack your targets - and this is the most 
powerful tool ever written to help you. You can do (nearly) everything. 
But of course it's not that easy ofr novice guys or hackers who never
programmed even with a Basic language.

On Information about programming those scripts consult the file SCRIPT.DOC
and the two examples THC-LH_1.TXT and THC-LH_2.TXT ... 
and two actual scripts : PASSCODE.TXT and DEC-SERV.TXT
You must compile the scripts then with LH-COMP.EXE, before you can use them 
with the main program. The script must be compiled to check for any errors
so you can be 99% sure that no programming syntax error will occur during 
hacking! (if you put in endless loops thats your fault ;)





     Command line Parameters
----------------------------------

LOGINH.EXE [scriptfile]/[anything] [-Auto] [-Shh:mm] [Ehh:mm]

[scriptfile] - loads automatically this compiled script file and just waits
               for a key from you to start.
[anything]   - if the parameter ISN'T an existing file, the hacker starts
               without that fucking delay scrolling ;-)
[-Auto]      - this parameter starts the script immediately without waiting
               for a key.
[-Shh:mm]    - Starttime - when the program will start scanning if specified.
               Military time format -> 15:30 etc.
[-Ehh:mm]    - Endtime - when the program will end scanning if specified.
               Military time format -> 15:30 etc.
[-T]         - Runt script in TEST mode which means that NO ouput is send
               to the modem
[-D]         - Turns debug mode on, which shows you the next executing command
               and the option to either skip or exec it.



LH-COMP.EXE [scriptfile]

[scriptfile] - you must specify a non-compiled script






Using LOGINH.EXE
----------------
There are 5 options after you started it : 

   L - Load compiled Script
   S - Setup
   T - Terminal
   I - Information
   Q - Quit

Option 1 loads a compiled script and executes it (hacks).
In Option 2 you can setup your modem and some basic hacking limits.
In Option 3 is a small terminal program implemented. have fun with it.
Options 4 ... select it.
Options 5 ... uh i forgot why i put this in ... I think I'll remove it in
          the future ... ;-)





     THE SCREEN WHILE IN ONLINE HACKING MODE
-----------------------------------------------
(after loading & running a script)
Everything from the modem is sent is displayed in normal white.
Everything written to the LOGfile will be written in Dark Blue if you enabled
the Option "Print Logoutput to Screen too" 
Every SYSTEM Message, like CONNECT, ALARM, HANGUPs, ERRORs etc. will be 
displayed in HIGHLIGHTED BLUE.





     KEYS WHILE ONLINE HACKING MODE
----------------------------------------

Press ESCAPE to Pause/Quit Menu
        F1   For a HELP Screen
      ALT-B  Bosskey (Hides the screen and pauses)
      ALT-C  to clear the screen
      ALT-D  Turns Debug Mode on/off
      ALT-H  HangUp Menu
      ALT-I  Information/Statistic Display
      ALT-J  to jump to DOS        (BETA! DOESN't WORK BY NOW!)
      ALT-L  Special LOGing Menu.

      ALT-T -> ENTER TERMINAL MODE
in this mode the screen is paused and the system is under your control.
you may do verything you wish, use any of the keys above (except ESC).
to EXIT TERMINAL MODE you may either press ALT-T again or press ALT-X
you get then a menu where you can choose what to do now (restart, quit, contin)

------------------------------------------------------------------------------
Okay thats all ... HAVE PHUN !

-------------------------------------------------------------------------------
Remember : * Read SCRIPT.DOC and the examples. This is the most powerful thing
             and should be used anytime, cause you can make it more flexible
             and secure then the internal procedures from LOGINH.EXE
           * If you like you may send any good script to vh@campus.de
           * If you encounter ANY bug or need a special function - tell me!
           * Please send all flames & police warrants to null@localhost
-------------------------------------------------------------------------------

 For suggestions or bug report, call L.o.r.E. BBS  ++49-(0)69-823282
 Login : THC     Password : THC 
 to write a comment to sysop, leech any THC release or get one of the
 things this board is distributor, for example the SCAVENGER DIALER, VLAD
 magazine etc.

 e@mail : vh@campus.com

 on ARRESTED DEVELOPMENT BBS send mail to  van Hauser  (No. in THC.NFO)


Ciao...
             -> van Hauser <-

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.1

mQCNAzB6PNQAAAEEALx5p2jI/2rNF9tYandxctI6jP+ZJUcGPTs7QTFtF2c+zK9H
ElFfvsC0QkaaUJjyTq7TyII18Na1IuGj2duIHTtG1DTDOnbnZzIRsXndfjCIz5p+
Dt6UYhotbJhCQKkxuIT5F8EZpLTAL88WqaMZJ155uvSTb9uk58pv3AI7GIx9AAUT
tBp2YW4gSGF1c2VyL1RIQyBvZiBMT1JFIEJCUw==
=6UhL
-----END PGP PUBLIC KEY BLOCK-----

--------------------------------------------------------------------------------

                
                                                            
                    
                                  
                                                   
                                        
                                             
                                             
                                        
                                                   
                              
                
                             The Hacker's Choice            
                


!! REMEMBER !!! REMEMBER !!! REMEMBER !!! REMEMBER !!! REMEMBER !!! REMEMBER !!
         This file is for informational purpose only!
 The Sysop-Team is NOT RESPONSIBLE for anything you do after reading this text!
!! REMEMBER !!! REMEMBER !!! REMEMBER !!! REMEMBER !!! REMEMBER !!! REMEMBER !!

         [Sysop : van Hauser]Ŀ
                                                             
                                                         
                                    
                      ޲   ۰             
                      ۱     ۱            
                 ް  ް   ۲ް ۲ ް           
                               
                                                        
                                                             
                 3000 H/P/A/V/C/M Files                      
                 Biggest Hpavcm Board In Germany             
                 BIG Message Base !                          
                 Experts Only! Lamer Protection!             
                                                             
                        [ ++49-69-823282 ]Ŀ               
         Ĵ  NUP : <ask4it!>   
                         [ ++49-69-PRIVAT ]

!!! ACHTUNG !!! ACHTUNG !!! ACHTUNG !!! ACHTUNG !!! ACHTUNG !!! ACHTUNG !!!
            Dieses File dient nur zur Information und Aufklaerung!
                Die Sysops erklaeren sich NICHT VERANTWORTLICH
        fr Rechtsverstoesse, die durch diese Informationen entstehen.
!!! ACHTUNG !!! ACHTUNG !!! ACHTUNG !!! ACHTUNG !!! ACHTUNG !!! ACHTUNG !!!

                        H/P/A/V/M/C/I/D/P/!/L/F/O/!
--------------------------------------------------------------------------------
