UnderGround Information







           %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
           %%                                                        %%
           %%    What's Hacking?                                     %%
           %%                          A series by David Lightman    %%
           %%                                                        %%
           %%%%%%%%%%%%%%%%%%%%%%-SPECIAL ISSUE-%%%%%%%%%%%%%%%%%%%%%%%
           %%                                                        %%
           %%                  VAX COMPUTER SYSTEMS                  %%
           %%                                                        %%
           %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

           This  is  a requested discussion from Jolly Bardsman's  Pub  &
        Tavern at (XXX) XXX-XXXX.  If you have any requests, send me mail
        at any address listed below:

        USENET:  [email protected]
                 ... or ...
                 {texsun..texbell..}!attctc!bdunn

        TELEMAIL: csupport/a755.cc3556/tech.services/credit.data/isg/trw

        BBS's:
                 Elm Street           Jolly Bardsman's Pub & Tavern
                 Channel Z            Spyder's Web
                 Dead Zone            Abyssal Plane

                 Oblivion (if AO gets the damn thing off the ground)

           By  03/06/90, you may connect to a beta Twilight Zone at  XXX-
        XXX-XXXX.   You may also reach me voice at  214-660-6054.   Limit
        the calls to an EXTREME minimum!

           If I get multiple requests about a topic (as I did with  VAX),
        I will put something online the WHAT'S HACKING? subboards and the
        beta system Twilight Zone ]I[.


        -----------------------------------------------------------------

        VAX:  The VAX acronym is derived from Virtual Address  eXtension.
              The VAX computer is designed to use memory addresses beyond
              the  hardware's actual limits, enabling it to  handle  pro-
              grams that are too large to fit into physical memory.   The
              VAX  computer system is a member of the  Digital  Equipment
              Corporation  (DEC)  computer  family.   Currently  the  VAX
              series includes models spanning the desktop VAX station  to
              mainframe class multi-CPU VAX processors.  These vary  from
              the superminis, like MicroVAX, to the older, moderate sized
              11/7XX  series, to the newer 6000 series.   These  computer
              systems commonly use an operating system known as VMS.

        VMS:  The VMS acronym is for Virtual Memory System.  The operands
              of  VMS are very similar to other operating systems.   Back
              in  the days of stand-alone computer systems, DEC  had  the
              idea for streamlining the operation of their computers  for
              business  and  engineering.  It conceived VMS as a  way  of
              allowing the basic computer management to be done by a user
              familiar with any of the multiple systems it made.

        DCL:  The DCL acronym is for Digital Command Language.  It is the
              fundamental language of the VMS.  Those of you who have  an
              IBM  system,  you can think of a DCL program like  a  batch
              file.  You can do a lot with it (much more than a PC-DOS or
              MS-DOS  batch)  but it work basically the  same  way.   One
              difference is that when you want to execute anything as  if
              you were typing it in at the command prompt, you first must
              put a "$" in front of the command in the DCL program.   DCL
              programs  are commonly called COM files as well.  When  you
              are not executing a COM or DCL program file, you are almost
              always typing things into the DCL processor.

Subject:   What's Hacking VAX Special - 2
From:      David Lightman (Level 30) [A dude who wanted access]
To:        ALL
Sent:      3/1/90 at 2:49 pm



        WHAT DOES A VAX LOOK LIKE:   (quickly)
        =========================

           When you log into a VAX, you will see something similar to the
        following:

        :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
                                     WELCOME

                                     TO THE

                             AT&T MICROVAX II SYSTEM

        Username: (username here)
        Password: (password here... does not echo)

        $  (<-- this is your prompt)
        :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

           You  will  know if you have a VAX type system if you  get  the
        "Username:" and "Password:" prompts.  Anything is just extra that
        helps you guess passwords.

        GETTING IN A VAX BY ERROR:
        =========================

           I  will only tell you one thing here.  VMS 4.X and  especially
        VMS4.4  are  goldmines.  I am not going to go into this  at  all,
        because it is a lengthy explanation that doesn't fit in the scope
        of  this  message.  You can find this discussion on  ARPANET  and
        USENET.   You  can  also  get  this  information  on   CompuServe
        Information  Service,  BYTE  Information  Exchange,  and  Digital
        Electronics Corporation's VAX BBS.   There is also a big  problem
        with VMS 5.1, but that doesn't involve getting in.  If there  are
        enough  requests, I will cover this information in  another  mes-
        sage.

        GETTING IN A VAX BY DEFAULT:
        ===========================

           There  are  several default accounts that were put in  by  DEC
        when  testing and installing the VAX.  These accounts have  pass-
        words which don't change from system to system.  The SYSOP should
        have  removed these accounts or changed the passwords, but it  is
        not done a lot of times.  Below, I have listed several defaults:

                       USERNAME              PASSWORD
                       --------              --------
                       DECNET                DECNET
                  *    SYSTEST               UETP
                                             SYSTEST
                       SYSTEM                SYSTEM
                       DEFAULT               DEFAULT
                  *    FIELD                 FIELD
                       OPERATIONS            OPERATIONS
                  *    SUPPORT               SUPPORT
                                             DEC
                       SYSTEST_CLIG          CLIG
                                             SYSTEST
                                             TEST

           Where  I have listed several passwords, I have found  the  re-
        spective  usernames  passworded that way as much as  the  default
        password.   The accounts with asterisks beside them are  powerful
        accounts by default.

Subject:   What's Hacking VAX Special - 3
From:      David Lightman (Level 30) [A dude who wanted access]
To:        ALL
Sent:      3/1/90 at 2:51 pm



        VAX VMS COMMANDS:
        ================

           Once  you  get your "$" prompt, you will be able  to  type  in
        hundreds of commands of course.  I will go over a few basic  ones
        here:

        @                -  Execute procedure.  When you want to run  any
                            DCL  batch or *.COM;* file, you must  include
                            this "@" before the filename.
                            EX: @LOGIN.COM;3

        ACCOUNTING       -  This will run the accounting program.  If you
                            log  out of a system and you see charges  put
                            on  your account for the amount of  time  you
                            are on, the system is using account.  Actual-
                            ly every system uses accounting somewhat, but
                            it  can be made virtually invisible.  If  you
                            are  desperate,  or you are  having  troubles
                            with the system operators of the VAX  (SYSOPS
                            from  now  on), you can use this  program  to
                            your advantage.

        CREATE           -  This will create just about anything.  If you
                            have a  program that you have written on your
                            PC's Pascal interpreter, you can Ascii upload
                            the file to the VAX using the CREATE command.
                            EX: CREATE program.pas;1

        CREATE/DIR       -  This will simply create a SUB directory for
                            you.  I will explain how to get around a  VAX
                            in a minute.  See the SET command.
                            EX: CREATE/DIR NameOfDir

        DELETE           -  Just used to delete a file or  EMPTY,  UNPRO-
                            TECTED  DIRECTORY.   To delete a  file,  just
                            type  "DEL filename.ext;x."  To delete a  sub
                            directory,  first delete all of the files  in
                            the  directory:  "DEL/LOG *.*;*"   Next,  you
                            will    need   to   SET   PROTECTION:    "SET
                            PROTECTION=OWNER:D dirname.DIR"  Next, delete
                            the directory: "DEL dirname.DIR"
                            EX: DEL DAVID.TXT;4

        DIRECTORY        -  This will show you  what files are  contained
                            in  the current directory.   Adding  "/BRIEF"
                            will  give  you a short  listing  and  adding
                            "/FULL" will give you a full listing  includ-
                            ing  security information on each file.   You
                            can  shorten the command to DIR and  you  may
                            use wildcards.  The "*" means anything of any
                            length.  The "%" means anything one character
                            length.
                            EX: DIR/FULL DAVID-%%.*;%

        EDIT             -  This command will  bring up the editor.  Some
                            VAX  systems use a type of editor similar  to
                            MS-DOS/PC-DOS's  EDLIN.   HOWEVER,  some  VAX
                            systems  use EDT/EVE editing which is a  full
                            screen  editor (usually).  With this  editor,
                            you  can do a lot quickly, but only  if  your
                            terminal will support cursor control.  VT-100
                            is very clumsy.  Try getting VT-220 when you
                            use the EDT/EVE editor.



Subject:   What's Hacking VAX Special - 4
From:      David Lightman (Level 30) [A dude who wanted access]
To:        ALL
Sent:      3/1/90 at 2:53 pm



        HELP             -  This command will bring up  the HELP program.
                            This  is just a clumsy imitation of what  you
                            are reading.  (heh heh)

        LIBRARY          -  Used for  archive purposes.  You will  proba-
                            bly not use this command much if you are new.
                            I am mentioning it now because I will type up
                            a  more in depth discussion of VAX  later  on
                            the "What's Hacking?" sub boards.

        LOGOUT           -  Logs you out.

        MAIL             -  Loads the mail program.  Used to send mail to
                            others users and CAN (YES, IT CAN) be used to
                            send mail (or other) to (OR FROM) the network
                            if the VAX is connected to a network.  It CAN
                            (YES,  CAN) also send data to (OR  FROM)  the
                            computers on the DECNET (if used).

        $PASSWORD        -  Changes your password.
                            EX: $PASSWORD mynewpass

        PHONE            -  Used to talk to  another user.  This  command
                            is pretty nice compared to other means.  Your
                            "$" prompt will be replaced with a "%" prompt
                            once phone is executed.  If you want to  talk
                            to  someone, type his username.  If you  want
                            to talk to someone on a different node,  type
                            his nodename, two colons, and then his  user-
                            name.  A lot of times you will find this  one
                            disabled     (especially    on     University
                            computers),  but there are alternate ways  to
                            communication  online  other  than  MAIL  and
                            PHONE.  See below.
                            EX: PHONE
                                % node13::dlight

        PHOTO            -  Records session.

        RUN              -  Executes executables.  (simple?)

        SET              -  Wow...  this is a lot.  See below.

        SHOW             -  This involves a  lot too, but not as  much as
                            SET.  With SHOW, you can look at a lot.  I am
                            just  going to list a lot of things  you  can
                            view and what it will show you.
                            EX: SHOW USERS DAV

                            CLUSTER    - VAX cluster if any
                            DEFAULT    - Directory path and device
                            DEVICES    - The system devices (drives,
                                         etc.)
                            INTRUSION - If any accounts are being
                                         hacked
                            MEMORY     - Memory of course
                            NETWORK    - Network and the VAX's location
                                         within
                            PROCESS    - PROCESS ProcessName shows
                                         status
                            PROTECTION - Protection on files
                            QUOTA      - Shows disk space allowed for
                                         your account
                            SYSTEM     - Miscellaneous system info
                            DAY        - Day & date
                            TIME       - Time
                            USERS      - Users online all systems


Subject:   What's Hacking VAX Special - 5
From:      David Lightman (Level 30) [A dude who wanted access]
To:        ALL
Sent:      3/1/90 at 2:56 pm



        TYPE             -  Shows the contents of a file by sending it to
                            the terminal.
                            EX: TYPE DAVID.TXT;3
        THE SET COMMAND:
        ===============

           The  SET command is one of the most widely used and  versatile
        commands on the VMS 5 series DCL.

        SET FILE/PROTECTION:
        ===================

           I suppose the most frequent use of SET involved the PROTECTION
        option.  These protections, known as SOGW or UIC protections, can
        be  put  on any file or directory that you have WRITE  &  EXECUTE
        privileges on.  Setting the protection involves allowing  differ-
        ent users on the VAX to read, write, execute, or delete your file
        or  directory.   The FILE /PROTECTION option of SET  is  used  to
        accomplish this.  An example is:

        SET FILE/PROTECTION=OWNER:E david.exe;4

        If  you  typed  this  command in the DCL  for  a  program  called
        DAVID.EXE;4  (4 is the version number), then the owner (or  crea-
        tor)  of  the  file can do nothing to the file  but  execute  it.
        However, in another example:

        SET FILE/PROTECTION=OWNER:RWED david.exe;4

        you  are  going  to be able to "R"ead,  "W"rite,  "E"xecute,  and
        "D"elete  the  program.  The same applies to a  directory.   Just
        substitute  the  directory  name for the  filename  above.   When
        creating a directory, the SET  is set so that you may not  delete
        it.   As  discussed  previously, you will have to  issue  a  "SET
        PROTECTION  OWNER:D  dirname.dir;1" and  "DEL  dirname.dir;1"  to
        delete the directory.

           Other than the owner, UIC file protection can be placed on any
        of the following:

        WORLD - Any user on the system.
        GROUP - Any user in your group.
        OWNER - Only your account or matching UIC.
        SYSTEM - Anyone that has SYSPRV privileges or the octal UIC
                 groups.

        SET TERMINAL:
        ============

           This  is  VERY important to all of us who call  into  the  VAX
        system.  If you have a VT100 (not just ANSI), you can use:

        SET TERMINAL/DEVICE_TYPE=VT100

           Additional terminal settings are possible, for example:

        SET TERMINAL/WIDTH=80 - Sets width to 80 columns
        SET TERMINAL/ADVANCED_VIDEO = Sets 124 X 24 lines
        SET TERMINAL/ANSI_CRT = ANSI escape sequences
        SET TERMINAL/AUTOBAUD = Possibly gets higher baud rate
        SET TERMINAL/BROADCAST = Enable messages from SEND, MAIL & PHONE
        SET TERMINAL/DEVICE_TYPE=VT220 - Sets terminal type to VT220
        SET TERMINAL/ECHO = Enables echoing from DCL command line
        SET TERMINAL/FULLDUP = Enables full duplex
        SET TERMINAL/HANGUP = Causes account to log off if no carrier
        SET TERMINAL/INQUIRE - Shows device_type of terminal
        SET TERMINAL/PAGE=43 - Sets display length to 43 lines
        SET TERMINAL/TYPE_AHEAD = Sets type ahead function on
        SET TERMINAL/UNKNOWN - Used for ASCII device types
        SET TERMINAL/WRAP = Used to set wrap around feature

        All  of  the above denoted with a "=" rather than a  "-"  can  be
        changed  to  the opposite setting by placing a "NO"  directly  in
        front of the qualifiers.  EX: SET TERMINAL/NOECHO



Subject:   What's Hacking VAX Special - 6
From:      David Lightman (Level 30) [A dude who wanted access]
To:        ALL
Sent:      3/1/90 at 2:58 pm



        SET DEFAULT (or... MOVING AROUND A VAX):
        =======================================

           To move around the VAX DCL, in and out of directories, I  need
        to  tell you about the SET DEFAULT command.  It is just like  the
        CD command on UNIX and MS-DOS/PC-DOS, except it follows a format.
        The format is "SET DEFAULT [.subdir]" to go down to a sub  direc-
        tory and "SET DEFAULT [-]" to go to the parent directory.  I will
        explain more involved uses like changing disks, if asked, to keep
        you  out of trouble for now.  First, I will show by  example  and
        then explain my example to those out there who lack a brain.

        $ DIR                                                 (step 1)
        PROGRAM.EXE;2   PROGRAM.EXE;1
        $ CREATE/DIR example                                  (step 2)
        $ DIR                                                 (step 3)
        EXAMPLE.DIR;1   PROGRAM.EXE;2   PROGRAM.EXE;1
        $ SET DEFAULT [.example]                              (step 4)
        $ DIR                                                 (step 5)
        no files, animals, vegetables, nor minerals error
        $ SET DEF [-]                                         (step 6)
        $ COPY PROGRAM.EXE;2 [.example]                       (step 7)
        $ SET DEF [.example]                                  (step 8)
        $ DIR                                                 (step 9)
        PROGRAM.EXE;2
        $

        Here's what I did...

           STEP 1:  I asked to see the contents of the current directory.
                    I  found that I have the program PROGRAM.EXE  is  the
                    1st and 2st versions in the directory.

           STEP 2:  I  created a  directory called "EXAMPLE."  This  name
                    can be anything of course.

           STEP 3:  I again asked for the contents of the directory.   It
                    now   shows   me  that  I  have   a   "file"   called
                    "EXAMPLE.DIR;1."   That is just the directory.   Any-
                    thing with an extension of "DIR" will be a directory.
                    For more on extensions, see below.

           STEP 4:  I  changed directories  by use  of  the  SET  DEFAULT
                    command.   You  must  always follow  this  format  to
                    change into a SUB directory.

           STEP 5:  I AGAIN (!) looked into the directory.  This time, my
                    directory  was  EXAMPLE so I of course  saw  nothing.
                    You  will get an error I believe when you try to  DIR
                    an empty directory.

           STEP 6:  This command is used to rise up to the parent  direc-
                    tory.   The  parent directory contains  the  filename
                    "EXAMPLE.DIR;1," remember?  The DEFAULT option can be
                    shortened to DEF.

           STEP 7:  Here I am illustrating how to move programs around  a
                    little.  I just copied the program PROGRAM.EXE;2 into
                    the subdirectory EXAMPLE.

           STEP 8:  See step 3.   (a lazy, tired Dave)

           STEP 9:  I  >ONCE MORE<  issued the DIR command to  reveal the
                    contents  of the directory.  I now find  the  program
                    PROGRAM.EXE;2  in  my  directory listing  of  my  sub
                    directory EXAMPLE.

           If  you don't understand the basics of moving around a VAX  by
        now, push "OFF".


Subject:   What's Hacking VAX Special - 7
From:      David Lightman (Level 30) [A dude who wanted access]
To:        ALL
Sent:      3/1/90 at 3:00 pm



        FILENAME EXTENSIONS:
        ===================

           Occasionally  you will run across a BIG directory.  This  will
        hopefully  not  happen until you read more on VAX  on  my  WHAT'S
        HACKING sub boards, but if it does, this list will hopefully help
        you avoid making too big a mistake or wasting a lot of time.

        ADA    Ada compiler source code file
        BAS    BASIC compiler source code file
        B32    BLISS-32 compiler source code file
        C      C compiler source code file
        COB    COBAL compiler source code file
        FOR    FORTRAN compiler source code file
        MAR    MACRO compiler source code file
        PAS    Pascal compiler source code file
        PLI    PL/I compiler source code file

        CLD    DCL command description file
        COM    DCL batch or command procedure file
        DAT    Data file
        DIS    Distribution file (as in mail)
        DIR    Directory file (as in a subdirectory)
        EDT    Command file for the EDT editing program
        EXE    Executable program
        HLP    Text for help libraries
        JOU    EDT editor journal when problems occur
        LIS    System listing file (as in TYPE, PRINT, & PHOTO)
        LOG    Batch job output file
        MAI    Mail message file
        MEM    DSR output file
        OBJ    Object code created by compiler before LINKing
        RNO    Source file for DSR
        SIXEL  Files for Sixel graphics
        SYS    System image file
        TJL    Journal created when the unusual occurs (DECNET a lot)
        TMP    Temporary file (sometimes valuable)
        TPU    Editor command file
        TXT    Text library input file (also MAIL output file)
        UAF    USER AUTHORIZATION FILE

           I will comment extensively on UAF files if I decide to type up
        another VAX tutorial.


        ================================================================