Olaf.Punted.Net

Found an old website from Olaf through Archive.Org a lot of the data is gone but most of the news stories are still available.

Website URL:  http://olaf.punted.net

Wednesday/July/18/2001 – – puntme 

hi mom.

 


Wednesday/July/18/2001 – now you die. – puntme 
i updated the funny section, you go now


Monday/July/16/2001 – 16496 25366 – puntme 
hey, i think i updated something.. but its hard to tell anymore. but really ive been surfing the web and ive found some really funny/disturbing sites.

the parking lot is full is a very funny and dark comic. it deals with many subjects normal people wouldnt touch. sock puppets and necrophilicas for example.
weenies are a very special kind of plush animal, just goto the site and see what i mean you.
fish-zine is a hilarious site and web magazine.
hyakugojyuuichi is uh.. just watch it
and jesus dress up give you a chance to dress up your savior in funky clothes and stuff. well thats it.. heh

damn you blog sites!! ahhh!!


Sunday/July/15/2001 – back in the day – puntme 
heh i updated the flash page and changed the poll (thanks becka). also i tried out dance dance revolution at gameworks and i realize now that my dancing skill blows ass. even some japanese kid was laughing at me.. im so dissolusioned right now


Wednesday/July/11/2001 – ahh jesus – puntme 
good lord people im telling this to you now, do not hit your mouse in anger, i did and the buttons are all warped and the middle wheel doesn’t work anymore, god have mercy!!


Tuesday/July/10/2001 – hootle – puntme 
i finished the network page.. go there now!
network page


Tuesday/July/10/2001 – damn you justice legue!! – puntme 
what would i be with out my typos? anyway i updated the site. i wouldnt call it a major update but its kinda sorta big maybe. i updated the wallpaper section and added 3 more papers. i put 1 flash movie in the flash section. and i added a funny mp3 in the funny section. i also wrote a manual on how to build a blog site. its kinda lengthy though.
(more…)

Read More

Sub 7 2.1.5 [Read Me]

..::MAXIMIZE & TURN ON WORD WRAP::..

========================
– Sub 7 2.1.5 –
– coded by mobman –
_ ReaDMe/Tutorial _
– by FuX0reD –
[ http://www.sub7.net ]
========================

Intro:
In this tutorial I, FuX0reD, will try to do as much hand-holding and will
try to be as THOROUGH as possible, AND IT WILL BE IN PLAIN ENGLISH (for
those people who dont know, or dislike to speak in english). As easy as it
is to figure out, some people still end up screwin up somehow, and infecting
their own asses and end up being 0wned by some other llahmas, so try to
understand these features as well as possible If you have anything to add to
this tutorial or you find something I’ve missed, please email me at
{ [email protected] }
Everyone’s Favorite Llahma and #SubSeven whore,
– FuX0reD
This tutorial will include:
1) Contents of the SubSeven 2.1.5 Package
2) Explanation of the files
3) How to configure a server.exe properly using Editserver.exe
4) The features of SubSeven 2.1.5 and what they do

=======================================================================

1) This package includes:

1) SubSeven.exe (CLIENT)
2) server.exe (SERVER)
3) EditServer.exe
4) ICQMAPI.DLL*

=======================================================================

2) Explanation of the package files you will use:

1) SubSeven.EXE – is the file you open and use to control your server (VICTIM)

2) server.EXE – is the file you send to your victim to control him

3) EditServer.EXE – is the file you will use to configure the server you
chose to use (edit the server)

4) ICQMAPI.DLL – is not necessary to know about but it lets you use the ICQ
functions with the client/server
=======================================================================

3) How to properly configure a server using EditServer:

1) Click “browse” and find the server.exe file you are going to edit
(named server.exe in the local directory) then click “Read Current
Settings”

2) StartUp Methods: you basically check one or MORE boxes to choose
how the server will restart itself everytime the computer is booted.
key name: the registry key name that will go with the startup method

3) Notification Options: Victim Name: the name of your server that
you want to come up in your ICQ notify, Enable ICQ notify to UIN: is
the ICQ number you want the notify to go to, Enable IRC notify: will
send a bot to the IRC server you specify and will notify you of the
IP, port, password etc. Email notify seldom works, so lets not bover
with it here..

4) Installation: a)Check the box and set the port number you want the
server to start on in the victim’s pc, if you want a random port,
then you click the checkbox underneath that. b)You can set a server
password which will protect your victim from others who try to conn.
c)You can protect the server port and password, d)and enable a bot
that logs on whenever your vic connects to the internet, e)you
choose your server name that you want the server thats installed in
your Windows directory to be named. f)Choose to melt the server after
the install(deletes server after its double clicked but still installs
into windows directory g)Configure an Error message to be displayed
when the server is clicked so as to lead the victim away from thinkin
its a virus 😉 h)Hint: Avoid Using this Binder, use an external one
instead 🙂 i would recommend Stan’s OblivionJoiner at
[ http://www.oblivionrat.com ] or Blades “The Joiner”

4) Protect server: you can set a password so that if your server is
found, the person cannot get it into the editserver to find out the
embedded info inside it

5) Now you can either save the settings to the server you opened,
overwriting the old settings, or you can save a new server with the
settins you just provided, still retaining the old server aswell.

6) You can also change the server icon by clicking the button in the
top right corner 🙂

=======================================================================

4) The Features of SubSeven 2.1.5
**) New Feature: under “Local Options – Advanced” section of the
client theres a button “Test on Local Machine” which runs the server
with special restrictions (accepts localhost connections only)
1) Connection:

A) IP Scanner – Scans for IPs with an open port you specify
B) Get PC Info – All PC info, including Disk Size, Space, User etc
C) Get Home Info – Gets all Home Info the vic specifies for their
Windows Registration ( not always availible)
D) Server Options – Options pertaining to removing, changing port,
updating server, etc.
E) IP Notify – Adds a new notify method or changes the current
method on the current server

2) Keys/Messages:

A) Keyboard – Open Keylogger, get offline keys, disable keyb. etc
B) Chat – Chat with the Victim
C) Matrix – Chat with the vic matrix style (black & green design)
D) Message Manager – Sends a popup message to the vic
E) Spy – ICQ, AIM, MSN, YAHOO Instant Messenger Spies
F) ICQ Takeover – displays all installed UINs on the pc, and u can
take each one over at the click of a button

3) Advanced:

A) FTP/HTTP – turns the vic into an FTP server, ready for files to
be downloaded via ur FTP client or browser
B) Find Files – searches for a specified file type or file in the
vics pc
C) Passwords – retrieves Cached, Recorded, RAS, and ICQ/AIM Passes
D) RegEdit – Opens the vics Registry so u can fuck with it >:)
E) App Redirect – Lets you run a DOS command on the vic and shows
you the output
F) Port Redirect – adds an open port to the vic so you can “bounce”
from it using the vics host as your own, E.G.: proxy type of
contraption via IRC

4) Miscellaneous:

A) File Manager – Upload, Download, Run, and do alotta other cool
shit via this client
B) Windows Manager – Displays open windows which you can close,
disable, etc.
C) Process Manager – Shows all processes you can kill, disable,
prioritize etc.
D) Text-2-Speech – Messes with the Text2Speech engine on the vics
pc, you type, it talks
E) Clipboard Manager – View, change, empty the vics clipboard
F) IRC Bot – Connects an IRC bot from the vic to an IRC server of
choice

5) Fun Manager:

A) Desktop/Webcam – Views Webcam continuous capture, a desktop
continuous preview and full screen capture
B) Flip Screen – Flips victims screen upside down, and sideways
C) Print – Prints on victims screen
D) Browser – Opens victims browser with the webpage you specify
E) Resolution – Changes victims pc resolution
F) Win Colors – Changes the victims computer colors

6) Extra Fun:

A) Screen Saver – Changes the Vics Screensaver
B) Restart Win – Shuts down, reboots, or logs off the victim
C) Mouse – Set Mouse trails, reverse buttons, hide curson etc
D) Sound – Record from vics mic, change volume settings
E) Time/Date – Changes system time
F) Extra – A whole buncha extra shit like hide desktop, hide start
button, hide taskbar, open cd-rom etc.

7) Local Options:

A) Quality – Adjusts the quality of the Webcam/Desktop
B) Local Folder – Changes the Sub7 Local Folder
C) Skins – Skin manager for Sub7
D) Misc Options – Misc shit like toggling animation of windows etc
E) Advanced – Messes with ports used for some Sub7 Functions Dont
bother messing around
F) Run EditServer – Hmm..i wonder what this does…

=======================================================================
EOF


CHARTREUSE BOX

 

—————————————————————–
– The Marshals of Dynamic Discord –
– Present –
—————————————————————–
– The Chartreuse Box (or any other obnoxious color) –
—————————————————————–
– By: Wonko The Sane –
—————————————————————–

Intro
—–

The Chartreuse Box, so named because this is an obnoxious box
and chartreuse is an obnoxious color, is designed to take
advantage of the thousands of dollars Ma Bell pays to the electric
company each day. As you know, your telephone line is a constant
power source. The chart box is designed to allow you to tap that
power source for whatever sicko purposes you might have in mind.

(more…)

Read More

The Internet In 1996

internet96

In 1996, the Internet Archive began archiving the web for a service called the Wayback Machine. They’ve now archived 55 billion web pages. That’s enough web pages that if you were to print them all out using your roommate’s printer while he was at class and tape them end-to-end, you could reach the moon and back 28 trillion times.

I decided to peruse the Wayback Machine’s earliest archives to see what the internet looked like in 1996, when I was 14 and evidently had much less free time than I do now. Much to my chagrin, few websites from these early years have been successfully archived, and many of the best preserved ones were created by fast food and soft drink corporations because they were some of the earliest adapters of the internet. They viewed the medium as a chance for inexpensive advertising and invested dozens upon dozens of dollars into it. The results are tremendously humiliating. (more…)

Read More

Exploring Historical & Emerging Phishing Techniques

International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.4, July 2013
DOI : 10.5121/ijnsa.2013.5402 23

Marc A. Rader1 and Syed (Shawon) M. Rahman2, *
1CapellaUniversity, Minneapolis, MN, USA and Associate Faculty, Cochise CollegeAZ, USA
[email protected]
Associate Professor of Computer Science at the University of Hawaii-Hilo, Hawaii,
USA and Part-time Faculty at Capella University, Minneapolis, USA
*[email protected]
ABSTRACT
Organizations invest heavily in technical controls for their Information Assurance (IA) infrastructure.
These technical controls mitigate and reduce the risk of damage caused by outsider attacks. Most
organizations rely on training to mitigate and reduce risk of non-technical attacks such as social
engineering. Organizations lump IA training into small modules that personnel typically rush through
because the training programs lack enough depth and creativity to keep a trainee engaged. The key to
retaining knowledge is making the information memorable. This paper describes common and emerging
attack vectors and how to lower and mitigate the associated risks.
KEY WORDS
Security Risks, Phishing, Social Engineering, Cross Site Scripting, Emerging Attack Vectors, DNS poising.
1. INTRODUCTION
Phishing is a social engineering technique that is used to bypass technical controls implemented
to mitigate security risks in information systems. People are the weakest link in any security
program. Phishing capitalizes on this weakness and exploits human nature in order to gain access
to a system or to defraud a person of their assets.

(more…)

Read More

Adrian Lamo and FBI Cyber Squad computer scientist Russell Handorf

10/18/12 Update: 2006 posting at forum – where Russell Handorf still contributes using his “grey hat hacker” handle “satanklawz” – suggests he has been working for FBI three years earlier than his resume claims; Adrian Lamo admits being “friends” with Handorf but still won’t answer any real questions; Chet Uber offers to have Lamo “interview” me – Neal Rauhauser, who claims he has nothing to do with Project Vigilant, suggests I should accept offer – which I will, after they start giving serious answers to my serious questions first; Project Vigilant submitted bid for Voice Stress Analyzer request by BoP to detect if inmates are lying.

Highlights: At college, Russell Handorf used to illegally “sniff” networks for free web access; Decade ago, hosted Adrian Lamo website where he used to be known as “satanklawz”; Defended Lamo online in web forum postings; In 2003, wrote that fugitive Lamo’s enemies might DoS the NY Times, attack investigators; Provided details on web on how to access potential Comcast customers’ private info; Wrote “Fear Not: Hacks, Attacks and Cracks” column; After Philadelphia InfraGard Board of Directors gig, former “grey hat hacker” joined FBI in September of 2009.

[Editor’s Note: Before publishing this article I emailed both Russell Handorf and Adrian Lamo to ask them questions about their past and possibly present relationship, but neither one got back to me. I’ll gladly correct any errors or add comments if they change their minds. My last two articles provide more background on Adrian Lamo, Neal Rauhauser, Project Vigilant and the Bradley Manning case: Bradley Manning Facebook friend was a security and risk management expert and More members from secretive, oddball Project Vigilant group revealed. Article by Ron Brynaert]

The following screenshot was the front page for a website owned by a “Grey Hat hacker” who the FBI hired to be a computer scientist for its Philadelphia Cyber Squad in 2009:

shtcmarchive

(more…)

Read More

Kids Only Channel Policies [Doc]

The following is a summary of AOL’s “Kids Only Channel Policies.” The AAC is obligated to follow these policies at all times. (from “Document Version 2.32”). All items are direct quotes, commentary is in brackets. The original document is 16 pages long. Grammar and spelling are as found in the original document. This document was prepared bu AAC Coord based on policies in effect in July, 1998.

Introduction

AOL developed The the Kids Only Channel Policies (“Policies”) to ensure a uniform consistent set of standards and practices throughout all programming and advertising areas (Rainman or web-based) targeted to kids children 12 and under on America Online, and particularly including through the Kids Only channel. AOL reserves the right to modify these Policies as necessary. Additionally, AOL expects all Partners to abide by the Children’s Advertising Review Board Unit (“CARU”) guidelines for Interactive Electronic Media (see also http://www.bbb.org/advertising/caruguid.html)

Policy PrincipleObjectivesGoals
~Provide a safe, age appropriate environment for kids in a manner appealing to both kids and parents, addressing primary industry and consumer concerns:
~Providing age appropriate content
~Protecting youth privacy, including protection from online predators
~Creating an age-appropriate marketing environment.
~Create a viable programming and business model for youth-targeted areas and partners on AOL.
~Provide a safe, age appropriate environment for kids in a manner appealing to both kids and parents;
~Create a viable programming and business model for youth targeted channels and partners on AOL.

(more…)

Read More

Netcat 1.10

Netcat 1.10
===========

Netcat is a simple Unix utility which reads and writes data
across network connections, using TCP or UDP protocol.
It is designed to be a reliable “back-end” tool that can
be used directly or easily driven by other programs and
scripts. At the same time, it is a feature-rich network
debugging and exploration tool, since it can create almost
any kind of connection you would need and has several
interesting built-in capabilities. Netcat, or “nc” as the
actual program is named, should have been supplied long ago
as another one of those cryptic but standard Unix tools.

(more…)

Read More

sdbot 0.5b

sdbot 0.5b (test release) by [sd]
===================================

web site: http://sdbot.n3.net/
e-mail: [email protected]
sonork id: 100.2600
icq: 21381594
irc: irc.lcirc.net, #sdbot
how to edit the source file
—————————–

extract the files from the zip into a folder, and
look for a file called ‘sdbot05b.c’ (LCC/mingw) or
‘sdbot05b.cpp’ (MSVC++). these are source files for
sdbot. the contents of both files are exactly the
same, they are seperate files mainly for the sake
of convenience.

near the beginning of the source file, you’ll see a
section with the title ‘// bot configuration’ at the
top of it. simply edit the strings in this section to
whatever you want. if you’re not compiling with LCC,
mingw or MS Visual C++, you may have to insert numbers
into the brackets that correspond to the string
length. make sure that the number in brackets is at
least the length of the string plus 1. for example, i
might change:

const char botid[] = “sdbot2”; // bot id

to:

const char botid[9] = “sdbot123”; // bot id
^-changed to 9 (length of string
plus 1)

the section directly above that one has a few sample
aliases in it, modify those however you want, making
sure that there’s a ‘\’ at the end of all the aliases
except the last one, and that maxaliases is set to a
number greater than the number of aliases.

there are a bunch of #define lines with ‘//’ in front
of them. removing the ‘//’ from the beginning of one
will cause a particular function to be disabled. for
example, NO_SYSINFO controls whether or not the system
info command is included in the compiled exe.
how to compile with lcc
————————-

first of all, you’ll need LCC (which you can get from
http://www.q-software-solutions.com/lccwin32/) installed
on your system. edit the make-lcc.bat file, changing
‘c:\lcc’ to point to the location of your lcc folder, then
run it. an exe file should appear in the folder that you
extracted the sdbot files into.
how to compile with mingw
—————————

first off, you’ll need mingw (which you can get from
http://www.mingw.org/) installed on your system. now
edit the make-mingw.bat file, changing ‘c:\mingw’ so
that it points to the location of mingw on your system.
now just run mingw-make.bat, and an exe file should appear
in the folder that you extracted the sdbot files into.
how to compile with MS Visual C++
———————————–

simply open the included project file in MSVC++, and
press Build -> Rebuild All. Ignore the warnings, MSVC can
be stupid sometimes =P

note: sdbot has not been thoroughly tested when compiled
with MSVC++
how to pack the exe
———————

if you want to pack the exe (to make it smaller) i would
recommend that you use UPX, which is available at
http://upx.sourceforge.net/. just put upx in the folder
with your sdbot exe, then run: upx –best sdbot05b.exe
changes since last release
—————————-

now compiles with mingw (which also means that you can now compile it with dev-c++)
dynamic loading of a few more functions, should be more compatible with older systems now
fixed 3 letter nick bug in spy
fixed c_privmsg and c_action
fixed clone acting like spy bug
fixed random nick generator (now includes the letter ‘z’)
fixed login/logout issues with private messages
fixed sending udp/ping to IPs that don’t resolve
fixed VERSION request to channel bug
fixed a few other minor issues
system info now displays service packs (if installed)
bot no longer messages the channel when a logged in user quits
improved dns (can now resolve both IPs and hostnames)
spy now relays mode changes
addded visit command (for simulating site visits)
added the ability to use variables in normal commands
added delay command
added notice (-n) parameter
you can now specify a backup channel for the backup server
bot now responds to notices with notices instead of privmsgs
should now run on NT (as long as IE 4 or higher is installed)
improved stability (hopefully)
various other improvements