Up Yours!
root (root@GKoS.com)
5 July 1996 01:43:55 MDT
A mailbombing package entitled UpYours is being circulated and used. It
pulls the same shit as REAL hackers were doing with small scripts back in
1988. The only interesting twist is the use of lame Smail-based SMTP relay
servers to cover the originator's tracks, not a new trick but this makes
it automatic. Subjects and some headers also seem randomly generated to
make defensive filtering more difficult.
Here are the text files and other interesting parts extracted from the 2
or 3 megabytes of Visual Basic crap. Enjoy.
------------------------------<readme.txt>------------------------------
----------------------------------------------------
Up Yours V2.0 (c)1996 Global Kos
----------------------------------------------------
Special thanks to Wicked Alliance
Must have a 32-bit winsock connection and Windows 95 in order
for this program to work properly on your system.
Here is the long awaited Up Yours v2.0 a fully anonymous
e-mail bomber and mass mailing list subscriber. In addition
to this file please read the "how to add to the database.doc"
file which will show you how to customize the database to
your own servers etc..
I decided about half way through this project to make a
seperate application for the newsgroup spamming, it will
be coming out sometime this summer and will be called
"Up Yours Usenet" .. look forward to it...
INSTALLATION
-------------
guess what? It's freeware
Any problems running this program see the troubleshooting
text file I added to the .zip
Just run Setup and place the files in the default location
or if you want in any directory..
the files in the database are;
maillist.mdb
and
servers.mdb
they are both access databases, so if you have access you can
open them up and look at them in access, but won't need to
because you can manage the databases right from within the
program.
There is also some info on Global kOS in the kosnfo.zip file
including a member application, you cannot apply to be in the
main group but we do have a CC (cabon copy) mail list for
people interested in learning things..
ONLY APPLY IF YOU HAVE ^VERY GOOD^ SKILL WORKING WITH
COMPUTERS (especially the internet, UNIX etc..) and know
some programming etc...
--------------
The most important part is the .doc file on how to add to the
database, it is VERY important you only use servers that have
passed the tests to see if they will not do reverse lookup on
you, otherwise this program could get you in a world of shit.
The mailing list bomber also uses stealth methods to ensure
you are not going to get caught red-handed screwing someone
over (in a royal way)
---------------
At the last minute I added four more servers because I felt nice
so now you have 8 fully anonymous servers to start with..
Mailbombing is 100% anonymous if you follow the directions and
use servers that have passed the test. The mailing-list
subscriber field for information (not address) is used for
both subject and body in the message you send, so in case they
get wise and try to change things around it will still work
I think my most wicked creation is the mailing-list subscriber
given the proper input into the database, you could have
someone subscribed to 100's or 1000's of mailing-lists in a very
short amount of time... (mailing-lists do all the work for you)
----------------
As always be careful using this program!!!
I don't guarantee anything.
to cover your ass, mailbomb yourself first and look at the
headers in the mail so you can verify that the servers are
indeed anonymous, this is very important...
if mailbombing someone with an autoresponder use their e-mail
in the from field.. (tip)
-----------------------------<troubles.txt>-----------------------------
---------------------------------------------
Trouble with the program
---------------------------------------------
If you get a run time error about a server,
here is what the VB4 help file says..
Source of Server Not Found message
When Crystal Reports searches for the program file CRPE.DLL, it will look
first in the current directory, then in the Windows directory, then in the
Windows system directory, and finally in the path. Since the installation
procedure automatically installs the program in the VB\REPORT directory and
updates the path statement in the AUTOEXEC.BAT file (unless you have
selected different options), the program should have no problem finding the
CRPE.DLL file under normal circumstances.
If you have installed Crystal Reports to a directory other than the default
directory, and if you have not modified the path statement to include the
new directory, you may get a Server Not Found message.
How to solve this problem
To recover from a Server Not Found message, modify the path to point to the
directory that holds CRPE.DLL, or move the program to the Windows directory,
the Windows system directory, or a directory in the current path.
-----------------------------------------------
If you accidentally delete one of the anonymous
servers here is the list that I ship the program with..
sun2.iafrica.com
pilot02.cl.msu.edu
perch.iserver.com
emerald.oz.net
sojourn1.sojourn.com
bham.net
mis01.micron.net
smtp.1eagle1.com
These are only a small fraction of the servers that are
availiable on the internet..
I would suggest finding your own and using them vs.
using these all the time...
because once this program starts to get heavily used...
these will probably not be around anymore..
------------------------------------------------
If the program tells you that you need a file and
if you cannot find any of these files go to the following www page
http://ftpsearch.unit.no/ftpsearch
This is FTP search 95' enter in the name of the file you need and
when it gives you the list, right click on one and save it right into your
windows\system directory..
------------------------------------------------
if you have any questions about finding new servers
I have included a file to show you how to find them..
-----------------------------<disclaim.txt>-----------------------------
--------------------------------------------
Disclaimer
--------------------------------------------
Global kOS, AcidAngel or all parties involved
cannot be held liable for any misuse or damages caused
by the use of this program, This program is meant to
be an example of what can be made using a little ingenuity.
Any damages resulting in the misuse of this program are the
sole responsiblity of the offending parties and not of the
authors or associates of the authors.
Dolphins systems cannot be held liable for the use of their
custom controls in the program.
this is a beta release and is not meant for general distibution
if this program is distributed via the WWW it is not endorsed
by me.
This program in it's present form is mean't for release to a
few of my friends to do with as they wish.
I cannot be held liable for any indirect or direct damages
this program may cause to network or workstation servers.
This program is a tool and as such a tool should only be used
with extreme caution.
By using this program in a malicious manner a user is commiting
harassment against another user.
This program is not used by the author and cannot be held as
evidence of such..
-------------------<strings from database files *.MDB>------------------
maillists
BBB6******(
MSysRelationships
22222222220
MSysQueries
,,,,,,,,,,*
MSysACEs
))))))))))'
MSysObjects
,,,,,,,,,,*
MSysDb
''''''''''%
Relationships
.........,
Databases
**********(
Tables
''''''''''%
MSysRelationships
22222222220
MSysQueries
,,,,,,,,,,*
MSysACEs
))))))))))'
VC
mailhost
subscriber info
LVAL
<)
maillists
**********(
MSysRelationships
22222222220
MSysQueries
,,,,,,,,,,*
MSysACEs
))))))))))'
MSysObjects
,,,,,,,,,,*
KKD
AllowZeroLength
Required&
mailhost
subscriber info
KKD
AllowZeroLength
Required&
mailhost
subscriber info
LVAL
D)
mailhost
subscriber info
listp
listproc@inquiry.comsubscribe javascript)
majordomo@obscure.orgsubscribe javascript +
listserv@busop.cit.wayne.edusubscribe cranes-
majordomo@lists.best.comsubscribe"
aclark-request@tfbbs.tvinet.comsubscribe)
then-request@lysator.liu.sesubscribe%
tracy-chapman-request@julie.vf.pond.comsubscribe tracy-chapman @(
majordomo@southwind.netsubscribe mariah-news-
boo@downton.demon.co.uksubscribe boo%
majordomo@tcp.comsubscribe lullaby#
OBEN@boingo.comSubscribe OBEN
Majordomo@lists.best.comsubscribe netfobs*
white-house-request@wupper.desubscribe'
BLOODeMAIL@aol.comSUBSCRIBE
bc-request@specklec.mpifr-bonn.mpg.desubscribe/&
majordomo@phoenix.oulu.fisubscribe beloved+
basia-request@jane.tiac.netsubscribe%
majordomo@hers.comSUBSCRIBE BANGLES$
Leadheads-Announce-request@apocalypse.orgsubscribe3*
Standard Jet DB
VC
Id
ParentId
Name
Type
DateCreate
DateUpdate
Owner
Flags
Database
Connect
ForeignName
RmtInfoShort
RmtInfoLong
Lv
LvProp
LvModule
LvExtra
Id
ParentIdName
VC
ObjectId
SID
ACM
FInheritable
ObjectId
VC
ObjectId
Attribute
Order
Name1
Name2
Expression
Flag
ObjectIdAttribute
VC
szRelationship
grbit
ccolumn
icolumn
szObject
szColumn
szReferencedObject
szReferencedColumn
szObject
szReferencedObject
szRelationship
d`w`a`vfv
ufm`wjrpvijsv
w`amfv
ov}v`bfv
ov}vrakfbwv
ov}vtxfujfv
ov}vufm`wjrpvijsv
vfuzfu
ov}vda
server
???3''''''%
MSysRelationships
22222222220
MSysQueries
,,,,,,,,,,*
MSysACEs
))))))))))'
MSysObjects
,,,,,,,,,,*
MSysDb
''''''''''%
Relationships
.........,
Databases
**********(
Tables
''''''''''%
MSysRelationships
22222222220
MSysQueries
,,,,,,,,,,*
MSysACEs
))))))))))'
VC
server
LVAL
server
''''''''''%
MSysRelationships
22222222220
MSysQueries
,,,,,,,,,,*
MSysACEs
))))))))))'
MSysObjects
,,,,,,,,,,*
MSysDb
''''''''''%
Relationships
.KKD
AllowZeroLength
Required$
serveKKD
AllowZeroLength
Required$
server
LVAL
server
clover.cleaf.com
dfw-ix7
clover.cleaf.com
clover.cleaf.com
dfw-ix7.
clover.cleaf.com
clover.cleaf.com
clover.
mis01.micron.net
bham.n
smtp.1eagle1.com
mis01.micron.net
bham.net
sojourn1.sojourn.com
emerald.oz.net
perch.iserver.com
pilot02.cl.msu.edu
sun2.iafrica.com
----------------------------<how-to-add.doc>-----------------------------
Up Yours V2.0
How to add to the anonymous server database.
Hello, and welcome to the latest release of the dreaded Up Yours 2.0 by Global
kOS. This file will cover some of the aspects of finding anonymous servers
and using them within Up Yours 2.0.
The mailservers I have supplied (only 8 of them) will last for awhile, but
will probably go down after a time (because of overuse) so save all of those
messages in your trash (in eudora or whatever) and keep a listing of all of
them somewhere.. The info you will need out of each one is as follows..
You may recieve a message like this (this is shown with the headers, headers
can be viewed in eudora by pressing the "Bla Bla" button in the top of the
message window.
--------------------------------------------------------
Received: from ns1.footnet.com (FOOTNET.COM [206.170.160.2]) by angel.com (8.6.1
2/8.6.12) with ESMTP id LAA04916 for <acid@angel.com>; Mon, 27 May 1996 11:23:49
-0700
Received: from some1.footnet.com ([206.170.160.75]) by some1.footnet.com
(post.office MTA v1.9.3 evaluation license) with SMTP id AAA144;
Mon, 27 May 1996 11:38:42 -0700
To: acid@angel.com
From: some1@footnet.com (Ryan Wahle)
Subject: >>> Electronic Magazine - May <<<
Date: Mon, 27 May 1996 11:38:42 -0700
Message-ID: <19960527183511122.AAA144@some1.footnet.com>
Message body would be here
-----------------------------------------------------------------------------
the part in red is the part you would be interested in, copy this and paste
it into a blank text document and keep track of them, many do not work but 1
or 2 in 10 or 20 will... Copy this and paste it into the server field in the
program, then click the random check box so that it is not checked and send
yourself one e-mail and repeat with however many servers you have.. Then go
and look at the headers in your mail program. The majority of the time you
will get something that looks llike this.. (sections in blue by me..)
-----------------------------------------------------------------------------
Received: from p13.lb0.angel.com (p13.lb0.angel.com [205.215.110.46])
<= this is how they find you, all your info is right here..
by franklin.cris.com (8.7.5/(96/05/31 2.38))
id SAA20516; Sun, 2 Jun 1996 18:23:02 -0400 (EDT)
[1-800-745-2747 The Concentric Network]
From: <vystjaovaqeui>
Message-Id: <199606022223.SAA20516@franklin.cris.com>
Errors-To: vystjaovaqeui
X-Authentication-Warning: franklin.cris.com: Host p13.lb0.angel.com [205.215.110
.46] didn't use HELO protocol <=spoof didn't work on this one
DATE: 02 Jun 96 3:22:59 PM
TO: acid@angel.com
SUBJECT: i chphswou
Place your message here
----------------------------------------------------------------------------
Everything in red in the preceeding example is BAD so do not use this
particular host, move onto the next one and keep trying... I have done
hundreds of these, there are really quite a few servers out there.. sometimes
you will get several in a row... seems that the ones that start with smtp.*.*
usually work and the relay#.*.* do not in general.. The mail. ones are 50-50
Here is an example of a good one!!
----------------------------------------------------------------------------
Received: from mis01.micron.net (mis01.micron.net [198.60.253.51]) by angel.com
(8.6.12/8.6.12) with SMTP id PAA27340 for <acid@angel.com>; Sun, 2 Jun 1996 15:2
2:57 -0700
From: hnngfoie@micron.net
Received: by mis01.micron.net (Smail3.1.29.1 #5) <= this is the part that is
what makes it anon..
id m0uQLXt-000TTxC; Sun, 2 Jun 96 16:22 MDT
Message-Id: <m0uQLXt-000TTxC@mis01.micron.net>
DATE: 02 Jun 96 3:22:46 PM
TO: acid@angel.com <=this only states that it has been recieved by your server
for you
SUBJECT: ogbc
Place your message here
-----------------------------------------------------------------------------
The sections in blue show that your server has recieved it for you if you send
this same message to another person their info is in the blue sections.. (this
happens to be a server I am giving you in the database)
this is what you want so this server is a good one (the grey one on the first
line) and will provide you with anonymity when mailbombing someone.. This is
how you find the new servers to use with the program..
Using servers not checked will comprimise your anonymity and you will be
busted for the mailbombing, so make sure to check every one that you place in
the database, and check them frequently to make sure that they are still 100%
anonymous I would recommend checking every server before you ever start a
large transaction.. Sometimes it is quicker to send 100 or so through only
one server at a time.. You can advance to the next server by the random check
box. When only using one server you can send mail at the rate of 20 messages
in 1.8 seconds.. (with a 28.8 and a fast server)... I am working on making
the spoofing better so that all servers can be used. when this happens shit
is really gonna go crazy.. But I have a feeling shit is gonna go crazy over
this version anyway.. }
-------------------<strings from application .EXE file>------------------
This program requires a VGA/MCGA card.
kos.pcx
GkOS GENERAL APPLICATION
.__ ___. .__ __
____ | | ____\_ |__ _____ | | | | ______ ______
/ ___\| | / _ \| __ \\__ \ | | | |/ / _ \/ ___/
/ /_/ > |_( <_> ) \_\ \/ __ \| |__ | < <_> )___ \
\___ /|____/\____/|___ (____ /____/ |__|_ \____/____ >
/_____/ \/ \/ \/ 1996\/
GkOS GENERAL APPLICATION
"We work in the dark - We do what we can
We give what we have
Our doubt is our passion, and our passion is our task
The rest is the madness of art"
- Henry James
http://www.nacho.com/kos globlkos@pixelstorm.com
PResS <EnTeR> To gO To NeXT liNe, <eSc> To coNtiNue
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Handle/Alias:
Email Address:
Do You Maintain A Web Site? (Y/N)
Is It H/P/A/C Related?
URL:
Page Title:
Computer Type (Platform):
Modem Speed:
Current Affilations:
Past Affilations:
Do You Have An FTP Site? (Y/N)
Connection Speed:
Hard Drive {Free} Space:
Hard Drive {Total} Space:
Is It Up 24/7 ?
Will You Distribute GkOS Software? (Y/N/Maybe)
How Did You Hear About Us?
Are You Familiar With Our First Software Release:
Upyours! The Email Bomber? (Y/N)
What Languages?
Visual Basic
C/C++
Perl/CGI
HTML
Assembly
Other
Pick Another Language? (Y/N)
Ever Reverse-Engineer or Decompile a Program?
What Can You Offer The Group?
Programming
ArtWork
Cracks
Warez
Connections
Other
Can You Offer More? (Y/N)
Ever Read The Hacker's Manifesto by Mentor? (Y/N)
Do You Read 2600 - The Hacker's Quarterly? (Y/N)
Identify The Following:
NSA:
FBI:
GkOS:
NAM:
ESN:
MIN:
127.0.0.1:
Are You Familiar With PGP? (Y/N)
Do You Use It?
Are You Familiar With Puffer - Email Encryption Software?
Would You Be Willing To Use It?
Do You Own A UNIX Shell Acount? (Y/N)
Do You Use IRC? (Y/N)
Which Channels Are You On Most:
List Nick(s):
Do You Read Newsgroups? (Y/N)
Which Ones Do You Frequently Visit:
Any Last Words? (Y/N)
By submitting this application you are requesting to be a
part of the Global kOS Hack Group as a CC: Member, meaning
you will be copied on all email correspondence and will be
able to participate in our activities, although you will
not be considered as one of the original ten (10) founding
members. In order to submit this application to GkOS, please
email it to Global kOS at <globlkos@pixelstorm.com>.
Understand that we are a new group, and it will take some
time for all of us to review and process your application.
We are only accepting KNOWLEDGEABLE and DEDICATED people,
No Lamers Por Favor!
http://www.nacho.com/kos globlkos@pixelstorm.com
Copyright 1996
Global kOS
- coded by That Guy