THE #BRSF INCIDENT


This is what happened yesterday on the IRC channel #bsrf

I broke into the box of one of them and I stole the log.

Akanu


Session Start: Tue Mar 21 22:37:36 2000
*** Now talking in #bsrf
*** Topic is 'The channel is secure now (unless chanserv restarts again). If you still manage to break in and get op, please Email me at barakirs@netvision.net.il and explain exactly what you did and how to fix it if you know how. Please do not change anything else'
*** Set by Raven on Sat Mar 18 09:32:38
<tokeweed> hello
<MANOWAR^> but it always says that there is some osrt of error
<Caboom> hi
<ElfQrin> and you have to switch disks *twice* when booting Floppix!
<Caboom> elf - first disk is too boot up and set ramdisc
<Caboom> second is a kernel image with bash
<ElfQrin> tokeweed: but what's worst is that the Canadian gov interfered with the inverse feedback capacity of my system
<Caboom> kernel itself usualy ahs about 700KB
<Self-Destruct-Sequence> wow
<ElfQrin> Caboom: I know, but they could optimize it so that you had to swap disks only once at the boot
<ElfQrin> tokeweed: but I exploited that wide-area noiseless signal and they could do nothing
<Caboom> elf - well with mini linux you swap discs only one
<Caboom> firs you poot boot
<Caboom> then root
<tokeweed> damn eh
<Caboom> and voila!
<ElfQrin> I'll try mini linux
<Self-Destruct-Sequence> ha
<tokeweed> that almost happend to me to when i rooted the nasa report database
<Caboom> you can get it as a setup tool for all linux distros
<Self-Destruct-Sequence> you have mini linux
<Caboom> you just ahve to copy images to two 1.44 discs
<ElfQrin> ask SDS, he knows how to treat those guys
<ElfQrin> however it could be worst, but they were clueless about the random rendering encryption I used
<ElfQrin> I was almost untraceablr
<ElfQrin> untraceable I mean
<Self-Destruct-Sequence> ya i konw bout them
<Self-Destruct-Sequence> y whats wrong
<tokeweed> ElfQrin: i had to unencrypte the reports i found! It was a bitch but i managed to crack the code with a program i wrote in Qbasic, using the encryption key "lam0r"
<ElfQrin> hehe
<Self-Destruct-Sequence> cool
<tokeweed> good old fasioned Qbasic !
<ElfQrin> No matter what, it always do its duty!
<tokeweed> u got that right
<Self-Destruct-Sequence> yup
<ElfQrin> SDS: keep this information as confidential: tokeweed is still working on it
*** LoneWolf has quit IRC (IL.Quit: [x]chat)
<tokeweed> yeah
<Self-Destruct-Sequence> no one can say that Qbasic sucks cause if they do they better not see my name again cause they wont see it for much longer
<Self-Destruct-Sequence> k
<ElfQrin> right!
<tokeweed> uh huh
<ElfQrin> SDS: we were discussing about what firewall would be better to prevent ping checks from the feds
<Self-Destruct-Sequence> l5 the code name for this firewall is 5vr67g
<Self-Destruct-Sequence> level5
<Self-Destruct-Sequence> LEVEL5
<ElfQrin> are you sure a lev5 is enough against those guys?
<tokeweed> thats what i use!
<Self-Destruct-Sequence> no this is a specal LEVEL 5 firewall
<Self-Destruct-Sequence> feds can't do shit to it
<ElfQrin> I hope you know what are you talking about... hell, I had problems with a lev7 once!
<ElfQrin> they almost got me!
<tokeweed> i checked my logs and they had been trying to DoS me off the net, probably to then phone me and trace the call
<MANOWAR^> http://www.opensec.net/trinux/related.html#mini
<tokeweed> they got my Phone # from my stupid ISP
<Self-Destruct-Sequence> they can't do that
<tokeweed> yes they can
<Self-Destruct-Sequence> nope the call would have to be from you
<ElfQrin> Thanks Manowar, but I'll try it later. I hope you understand we are into a VERY serious stuff now!
<tokeweed> not if they do a lock and trace and then disconnect me from the line!
<MANOWAR^> ok
<tokeweed> then my phone would phone back and theyd have me!
*** Caboom has quit IRC (Ping timeout)
<ElfQrin> Hell, hope they didn't busted Caboom!
<tokeweed> u think?
<Self-Destruct-Sequence> the fire wall is decized as a LEVEL 5 but it is new tec we call it a suprem L5
<ElfQrin> it's a possibility: I know Cab was trying to do something with the NORAD
<tokeweed> I HEARD ABOUT THAT!
<tokeweed> its sounded very cool
<ElfQrin> SDS: but does it addresses TCP packets in hex or bin?
<tokeweed> binary i think...
<ElfQrin> mmm... I'm preparing some FREE CABOOM bumper stickers, just in case ;)
<tokeweed> :)
<Self-Destruct-Sequence> bin
<tokeweed> thats what i thought
<tokeweed> i heard the other day tah
<tokeweed> *that*
<tokeweed> a fed followed RaveN home
<tokeweed> was this rue?
<tokeweed> *true?*
<Self-Destruct-Sequence> code name rember the code name 5vr67g
<ElfQrin> Did you read his message on the board?
<ElfQrin> He told Mossad was after him
<tokeweed> Mossad?
*** Caboom has joined #bsrf
<Self-Destruct-Sequence> ya
<Self-Destruct-Sequence> Mossad you don't know who he is
<Caboom> disconected by level-132 firewall
<ElfQrin> I'll have to do some extra configuration for binary TCPs, but it worths it: they are almost unpredictable
<Caboom> specialy constructed for me
<tokeweed> thats a pain in the ass :)
<ElfQrin> <ElfQrin> Hell, hope they didn't busted Caboom!
<ElfQrin> <tokeweed> u think?
<tokeweed> who's Mossad?
<ElfQrin> <ElfQrin> it's a possibility: I know Cab was trying to do something with the NORAD
<ElfQrin> <ElfQrin> mmm... I'm preparing some FREE CABOOM bumper stickers, just in case ;)
<Self-Destruct-Sequence> haha
<MANOWAR^> hahaha
<ElfQrin> Mossad is the powerful Israeli secret service
<MANOWAR^> mossad can kiss my ass ;))
<Caboom> well some aliens caught me phreaking their brainwawes
<Caboom> but thos NORAD fuckers, nah
<ElfQrin> Caboom: I told you... Area51 is WAY too risky!
<Caboom> yep but area 49 was piece of cake
<Caboom> but i'll manage it
<ElfQrin> yes, but they don't keep aliens on area 49
<tokeweed> I read a report on aliens after i hacked gov://reports.ex
<Self-Destruct-Sequence> no i had a fed with 3 unmarked police cars follow me home 5 days ago i spoted them and then i took off and hid
<ElfQrin> tokew: so is that true? the whole alien thing I mean???
<tokeweed> partially
<Self-Destruct-Sequence> cool
<tokeweed> even the feds are confused
<Caboom> i told you they caught me, and bruttaly tortured me
<tokeweed> supossebdly JFK had been abducted as a child!
<Caboom> but i said not a thing
<Self-Destruct-Sequence> i had my lad top with me that is y they where following me
<ElfQrin> like, they found some simple lifeforms in space?
<Caboom> not even size of my shoes
<tokeweed> and there was bacteria on mars
<Caboom> yep, thats true
<Caboom> but those are very primitive lifeforms
<ElfQrin> tokew: any idea why they still hide it? what are the risks for the mankind?
<Self-Destruct-Sequence> hahaha ya i know
<tokeweed> they're unsure and they dont want to cause panik
<ElfQrin> Everybody here please keep this conversation CONFIDENTIAL. Encrypt or wipe tonight's logs.
<tokeweed> yes
<tokeweed> my elite h4x0r friend "Poopie" is coming here soon
<ElfQrin> 2048-bit encryption in case you decide to keep it
*** MegaDeath has joined #bsrf
<tokeweed> he broke into BC Tells main computer and found some restricted phone numbers
<Self-Destruct-Sequence> ok i will get raven to wipe it cause he has the chanserv
<tokeweed> there he is
<Self-Destruct-Sequence> shhhhhhhhh
<Caboom> hi
<tokeweed> MegaDeath tell them about breaking into BC Tell
<Self-Destruct-Sequence> lets talk this to priveet chat
<Caboom> 2048 bit is nor enough
<Self-Destruct-Sequence> take
<Self-Destruct-Sequence> ok nevermind
<ElfQrin> SDS: as long as we stay here we are safe. this channel is AGD encoded. Only beware from strangers. I already checked everyone's identity.
<tokeweed> oh shit... a fed just pinged me
<tokeweed> checking if im online i suppose
<ElfQrin> tokew: spoof your IP, or they could find out about all of us.
<tokeweed> hold on ill check the IP
<tokeweed> its 127.0.0.1... fuck... SDS can you crack it?
<ElfQrin> Caboom is already in trouble because of his last months "hacks"
<Self-Destruct-Sequence> yes hold on
<Self-Destruct-Sequence> i got it
<tokeweed> what is it?
<Self-Destruct-Sequence> 261.675.666.63
<ElfQrin> SDS: Hurry up!!!!
<ElfQrin> My God! They are using overIP addresses!
<ElfQrin> they are attacking from an overnet
<tokeweed> shit!!
<Self-Destruct-Sequence> hold on
<MANOWAR^> dab
<Self-Destruct-Sequence> be right there
<tokeweed> your our only hope!
<Self-Destruct-Sequence> hold on don't rush me i have a very very big blast comming up for them
<Self-Destruct-Sequence> hahahaha
<Self-Destruct-Sequence> i just singed there asses
<tokeweed> aright!
<Self-Destruct-Sequence> senged
<tokeweed> im running a DoS attack on the IP
<Self-Destruct-Sequence> elf you there
<tokeweed> i think they have a lev7 firewall up though
<Self-Destruct-Sequence> thats nothing i could go through that in bout 2 min
<Self-Destruct-Sequence> me senge can go through a L23
<Self-Destruct-Sequence> my
<ElfQrin> SDS: I'm still here. I just noticed some strange activity on port 8080
<tokeweed> what is it?
<Self-Destruct-Sequence> hold on
<Self-Destruct-Sequence> let me check it out
<ElfQrin> SDS: QUICK!
<ElfQrin> SDS: Here lights on my modem are flashing like crazy!!!
<tokeweed> why is port 8080 open?
<Self-Destruct-Sequence> ya that was me
<Self-Destruct-Sequence> hold on
<MANOWAR^> yeah elf; why the hell are 8080 open??????????
<tokeweed> they must have used a AFopener on it
<ElfQrin> I don't know: I'm pretty sure I left it CLOSED!!!
<tokeweed> forced it open by editiing the .conf files
<Caboom> SDS - I actualy heard that al ports are one port, but feds dividet them and parted it all up for easyer control of human brain waves because brainwaves have resonance on 65335HZ!!!!! is that true?
<Self-Destruct-Sequence> nope
<Caboom> huh... i feel better now!
<Self-Destruct-Sequence> i can't find anything
<tokeweed> shit... my 8080 opened to
<ElfQrin> I'm getting to close it. Someone please help me. Send an ICMAAP to 261.675.666.63 . Don't do that if you aren't sure that your IP is spoofed or they'll get you too!
<MANOWAR^> ill try
<tokeweed> im trying to divert it to my port 80 STMP daemon so they'll run into that
<tokeweed> im on it Elf!
<ElfQrin> tokew: they have a hardware AFopener!
<Self-Destruct-Sequence> hey what are they using
<tokeweed> me stupid
<tokeweed> i cant do it
<MANOWAR^> tokeweed ---> yeah u stupid
<Self-Destruct-Sequence> ok i guess it is my turn
<ElfQrin> OK. We are the hackers, we are smarter then them. Right? Let's cooperate. They never got us and they are not going to bust us tonight.
<Caboom> don't get depressed toke, once you'll get port 8080 throgu level-31 firewall one day
<ElfQrin> As long as they can't figure out where packets come from they can't discover our identities
<Self-Destruct-Sequence> don't coopperate
<Self-Destruct-Sequence> yes they can
<ElfQrin> they are trying to get into open ports to find the MAC address.
<Caboom> wait, I redirected the whole stream! They got lost!
<tokeweed> attacks are ceased!
<Caboom> i'm safe nom
<Caboom> i'm safe now
<Caboom> brb - going to get something strong for my nerves
<ElfQrin> it's all over
<Self-Destruct-Sequence> caboom i got your ass cvered
<tokeweed> few
<Self-Destruct-Sequence> covered
<tokeweed> port 8080 stopped
<Caboom> oooohhhhh thaaaaaaaaanks!!!!!!!!!! i feel so secure when you're there for me
<ElfQrin> they are getting closer every day
<tokeweed> jeez
<tokeweed> im getting off the net now
<ElfQrin> everybody needs a rest
<tokeweed> and everything towards my IP is being logged
<Self-Destruct-Sequence> hahahaha
<tokeweed> yup
<tokeweed> goodbye
<ElfQrin> tomorrow I'll write a new tool against their attacks
<tokeweed> kool
<tokeweed> in qbasic of course :)
<Self-Destruct-Sequence> ya
<Self-Destruct-Sequence> cya man
<tokeweed> gbye all
*** tokeweed has quit IRC (IL.Quit: Leaving)
*** MegaDeath has left #bsrf
Session Close: Tue Mar 21 23:56:56 2000