Philly2600.net

2014-10-23 23_09_03-Philadelphia 2600_More Information

The Philadelphia 2600 was set up to gather people with a common intrest to represent a stereotyped culture, share knowledge, and have a good time. Everybody at the meetings has something to teach, no matter how new to computers, and everybody has something to learn, no matter how experienced. We ask everyone to keep an open mind at the meetings because even within our group there is diversity. The Philadelphia 2600 was set up for anybody with any electronic and computer intrest, not just “Hackers”. If you’re a graphic artist, come on down. If you’re a cable repair guy, come on down. If you’re a 10 year old midget with a 2X4 for a leg, come on down. If you’re a police officer or government official, you’re welcome too. As for everyone else, you’ll always find someone who’s willing to teach new members and this is the perfect place to do it.

This site was one of Russell Handorf’s old websites from 2001.  He went by satanklawz.

The Philadelphia 2600 will not be held responsible for the actions of others whom may or may not use the information and software available on this site for inappropriate and/or illegal activities. All information contained within is strictly meant for educational purposes. No person(s) may duplicate or use any original content without express permission from the owners.

Furthermore; Philly2600.net, its members, and all direct associates do not condone or endorse unauthorized access to computer systems, defacement of web pages, or any other illegal actions.

Philly2600.Net does not condone or endorse authority figures including, but not limited to members of the following organizations (1) FBI ; (2) CIA ; (3) Police Officers ; (4) NSA (5) KGB ; (6) Firefighters.

Any attempts to gain unauthorized access to the philly2600.netserver, or any direct associates of the philly2600.net server will be managed using actions appropriate to the situation.

Hacking 101- Part 1
by: Satanklawz 

DISCLAMER: This is for educational purposes only... yadda yadda yadda. I do not condone
hacking illegally... yadaa yadda yadda... If you get caught it's your own damn fault, etc etc
etc. Don't be stupid or hold me liable.

INTRO: People consistently ask for my advice or just let alone, 'Satan, how do you hack?'
Well, I'm finally fed up with being asked this question and am going to spill out some trade
secrets (well, not all of them) in a multi part series. Within this series I'll discuss sites
that you are legally allowed to play on as well as systems on my personal network that you
can use to hone your abilities.

Step 1: Profiling: Macrocosm.

	This may sound silly, but the more you know about the target the better. Consider
this, would you want to walk into a void of light cave that is known as a rattlesnake
bin? No, you'd probably prefer a light, let alone avoiding it (unless you're that crazy ass
motherfucker of an Australian Steve 'The "I'm not dead yet from being a dumb ass" Crocodile
Hunter.' That is why it is essential to profile your target before going all balls out
against it. Find out who the people are who run the system (Finger Dameons on their end are
great for this), send them an email about a general question and see who responds
(webmaster@target.com: "Do you like to eat cheese?"). The DNS TLD Whois Database is another
great place to start, find out their IP range and take that knowledge to
http://www.arin.net/whois to find out more information. Hell, if there is a support/help
desk, give them a call and ask if anyone ordered a pizza or something. Knowledge IS power,
the more you know the better off you are. Then there is the database of them all,
Google. Yes, google has all the answers to your questions; you just have to ask the right
question.
	Don't do all of the profiling in one night because people will notice this. Also, if
you can, try to keep as many of the queries from being on the same host (ie. go to the
library and do a search). You don't want the webadmin looking at the logs and say 'Hey. There
is something fishy going on here.'
	So now you know the company/individual, who they are, what they do, and quite
possibly when they expect to have the largest amount of traffic. Use this knowledge to assist
you in hiding your Internet identity, ie, blending in with the legitimate customers and users
of the system.

Step 2: Being Anonymous.

	Yes, this is very important. You don't want you ISP to be also catching onto the fact
that you may be up to something as well. Even if there is no complaint made against your
account, if your ISP suspects you of illegal activities they'll pull the plug on your account
(and have every right to also). So, you also want your traffic to look legitimate to them as
well. How does one accomplish this? PROXIES PROXIES PROXIES. Use a program called 'Proxy
Hunter' to look across the Internet for public proxy servers that you can bounce your traffic
off of (Available in http://www.philly2600.net/satanklawz). Also, for those pesky telnet
sessions, use a program called 'Cisco Scanner' to automate the grueling process of looking
for open routers to bounce telnet sessions off of (Unix and Windows version available at the
same location). You may also want to look across the Internet for ftp clients and other
clients that let you use a proxy server.
	Why do you want to use a proxy server/cisco router to bounce? This is why; if you
attack the target directly in the stack of the TCP/IP packets (The reason why we can send
data over the internet) your MAC Address and IP Address are listed there for routing
reasons. IE- you'll be traceable. Why doesn't the mythical IP Spoofing work? Well, it does,
but not in this way. The common myth about IP Spoofing is that you can change you IP Address
while keeping the original and still be able to route on the Internet. Why doesn't it work
like that? IP Spoofing replaces the original source information with the fake, and when the
attacked computer gets that information it's going to reply to the faked IP because that is
whom it thinks sent the request. Proxy servers, on the other hand, do reroute the traffic to
the original source. For a better and full detailed explanation as to how proxy servers work,
ask me when I'm sober or search on google.

Step 3: Profiling: Microcosm.

	Ok, so far your arsenal includes the following: IP Ranges, Server DNS Names, DNS
Records, Human Contacts, etc etc, proxy servers, and routers. Time wise, you probably should
be in Day 4 or 5 of the initial query. Anyways, now is the time to start scanning. Popular
tools in this arena consist of SATAN, Nmap, NESSUS, and friends. Use your proxy server(s) to
bounce the scans off of, and only perform 'Half-Connect' scans. Final note on scans; make
them as slow as possible so that IDS's (Intrusion Detection System) don't flag the traffic as
millicious.

<More to come as soon as my hands get their feelings back from typing all of this out>

Thanks to DJ DeSSoN for helping me check for mistakes. If you find any, IM me at
'satanklawz.'

These are pictures from some of the meetings, there was also images tagged from a hackathon.

MVC-040S MVC-041S MVC-434F MVC-435F MVC-022S MVC-023S MVC-027S MVC-029S MVC-031S MVC-036S MVC-039S

This website is actually still online and judging by the files from 2013/2014 the site is still ran by Russell Handorf aka Santaklawz.

 

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply