Selected Blacksun Tutorials by GabrielRev
Some of the tutorials included below might not be
viewed correctly with basic Windows text editors, such as Notepad. This is
because they have the Unix 'end of paragraph character' (LF - Line Feed) instead
of the usual two DOS/Windows 'end of paragraph characters' (CR - Carriage Return
and then LF). While Unix can read DOS/Windows end of paragraph characters,
DOS/Windows cannot correctly interpret these characters. However, Internet
browsers and advanced editors (such as Microsoft Word) can display these
characters correctly, so if you're experiencing any unusual problems, use any of
these two to read our files.
Note: some of the tutorials have been translated into other languages. However, they might not be updated due to changes that might occur after the translated version has been created, and it's hard to keep up with things. We're sorry for any inconvinience.
Note: this file is NOT infected with a virus! Click.exe, a file that
comes with irc.zip, is infected with a virus, and it will only infect you if you
run the program (duh), so don''t. Happy99.exe is infected because it is a virus.
It comes together with the happy99 tutorial to teach you about this virus - how
it works, what it does, how to get rid of it etc', not to damage your
system.
Note for new readers: usually the first few tutorials in every topic suffer from a low
technical level and some mistakes. It's all on purpose. Mistakes and lack of
technical information are corrected later. This is all done in order to make
them easier to understand for newbies who read the first few tutorials (and will
hopefully read the more advanced ones later on).
Networking and Network
Security
Note: we
strongly recommend reading the FTP tutorial and the Sendmail tutorial first.
Since these were BSRF's first two security tutorials, they explain a lot of
terms and basic tricks that you'll need to know. Then, a lot of newbies would
probably want to know how Windows boxes can be broken into, so we strongly
recommend the trojans tutorial and the file and print sharing
tutorial.
Important Note: yes, I know they're not very accurate,
and some of the first tutorials even contain mistakes. It's okay, I did them in
purpose, just to make things a bit simpler. Everything is cleared later on, when
the reader reaches the more advanced levels.
* How
servers are cracked (version 1.0) - teaches you how most server cracks
occur. You need to read either the FTP security tutorial or the Sendmail
security tutorial first, though.
* FTP Tutorial (version
2.2 
) - covers FTP
hacking, FTP commands, what the hell is FTP and tons of tips and tricks (not all
FTP-related) in the newbies corner.
* RM Networks Tutorial
(version 1.22) - yes, RM Networks. You know, those local networks, not Internet
networks... RM Networks are so stupid that they rely on the fact that the user
is even dumber. Stumbled across one in your school/university/college/working
place? Want maximum priviledges on it? Then try this tutorial.
* Ad Blocking Tutorial (version
1.8) - are you tired of seeing stupid commercials and popups popping on your
screen and chewing up your bandwidth? Then read this!.
*
Anonymity Tutorial (version
1.5) - tired of people getting your IP over ICQ or IRC? Tired of website owners
knowing EVERYTHING about you? Tired of people tracing you by your Email address?
Read this one and learn how to anonymize yourself!
* Proxy/WinGate/SOCKS Tutorial
(version 1.0) - don't know what a Proxy is? Don't know what a WinGate is?
Don't know what a SOCKS firewall is? Wanna learn how to increase your anonymity
by using them to "bounce" your connection? Then read this one.
* ICQ
Security (version 1.9 NEW) - learn about
ICQ's security flaws, how to exploit them and
how to protect yourself from malicious users who use these flaws against you.
Stealing passwords, reading someone's entire hard drive, flooding, spoofing,
DoSsing, utilizing the ICQ protocol and what not. It even teaches how to crack
the ICQ password by yourself.
* Exploits Explained: The
javasCript hole in Hotmail (version 1.0) - this excellent tutorial by Little
V is the first tutorial in our Exploits Explained series. Each tutorial in this
series will explain about a certain hole. This one explains about the JavaCript
hole in Hotmail, which allows you to read messages from someone's inbox, send
messages from his Hotmail account, get his password etc'. Although this exploit
doesn't work today, it's still an excellent example for what a webmail exploit
looks like, for those of you who have been asking "how to hack
Hotmail".
* Mailing Lists Security (version 1.0)
- how to improve your mailing list's security, how to hack other mailing lists
and what is a mailing list anyway (plus different kinds of mailing lists, where
and how to get them etc').
*
Exploits Explained II: The #2,000
"Bug" (version 1.1) - learn about the #2,000 "bug" in IRC, which in certain
cases let's you screw up reeeeal bad with people and channels, and play cool
jokes on people.
* IP Masquerading Tutorial
(version 1.1) - learn what IP Masquerading is, and what is it good for
anyway.
* Speeding Up Your Internet Connection
Using DNS Caching Under Unix and Windows (version 1.0) - what the name
says...
* Trojans (version 1.0) - what are
trojans (covers both Unix trojans and Windows trojans)? Different types of
trojans, how to detect and defeat them etc'.
* The POP
Protocol (version 1.0) - learn more on how Email works. Learn to check your
Email by hand from anywhere around the world without the need of any programs at
all besides telnet. Learn how to delete mailbombs in seconds. Utilize the POP3
protocol by yourself with this tutorial.
* Exploits Explained III : Getting Rid
of the NetZero Banner (version 1.0) - do you use NetZero, the free ISP? Don't you just hate
those ads? Now you can remove them and block all traffic from the ads server so
it won't slow down your connetion! NetZero users - read this one.
* Uploading/Downloading Files From/To
Usenet Networks (version 1.0) - do it by yourself, instead of using a
program, and learn just a bit more about MIME encoding.
* HTTP Torn
Apart - the inner workings of the http protocol, showing you what your
browser does automatically, giving you greater control over what you send out
and take in from the world.
* Cracking File and
Print Sharing (version 1.3 ) - learn about this method to crack into Windows box that has file and
print sharing enabled (even if the shares are password-protected), how to
protect yourself against it, and how to secure your shares (if you have
any).
* FTP Exploits (version 1.0) -
Just what it says really, what more can i tell ya, shows how FTP daemons and the
flaws in the FTP service in general are exploited with example
code.
* Net Tools Explained (version 2.0)
- a complete revamp of the tutorial which shows how windoze can still be useful,
this is an absolutely great tutorial for the newbie covering most aspects of
using free tools as reconnaissance and hacking. There is also a version with
notes from R a v e N here
* The Structure of an IP
Address (version 1.0) - explains what's behind the numbers in an IP address,
and some interesting or special IP ranges that you should know
about.
* DoS Attacks Tutorial - we've wanted to
do a tutorial about DoS attacks, but then we've found this CERT paper, so we've
decided that instead we should rather put it up in here and do some updates to
it later on (mostly information about new attacks and making things easier to
understand for newbies). Anyway we recommend reading the TCP/IP tutorial first
(it's the next one on the list).
* TCP/IP for Newbies
(version 1.1) - an excellent beginner's guide on the basics of TCP/IP and a bit
more. Great for every newbie, but also good for more advanced people, to check
and clarify some things, see if you missed anything etc'.
* HTTP-Based Authentication
(version 1.0) - learn what HTTP-based authentication is all about, what kind of
encryption is used in it's password files and how to break it.
* Why Are There Such a
Few Viruses and Remote Administration Trojans for Unix/Linux? (version 1.0)
- learn exactly why, and how you can defend yourself against the few ones that
exist without the need for any anti-virus software, nor without having to avoid
running untrusted software.
* Exploiting Cisco Systems (version
1.0) - mess with those nifty routers, and learn a few lessons about the Internet
itself. Worth reading even if you're not interested in routers (although
breaking into one could be VEEERY interesting). Everything that this guide
explains can be done even from Windows.
* Input Validation Attacks (version
1.0) - learn what the name means, how such attacks work, how they can be carried
out and exploited and how to prevent such attacks.
* Mail Bombing and List Linking
(version 1.0) - in contradiction with other "tutorials" about this subject that
you might have seen around, this one is a professional article, and it also
lists a few countermeasures against such attacks.
* Gathering Info on a Host: The Essential
Ingredient for getting root / admin (version 1.0) - Covers the first step in
a successful attack: gathering information about your target. "Know Your
Enemy".
* How Does Traceroute Works
(version 1.0) - explains how the traceroute utility works, and a few of it's
uses.
* Buffer Overflows for Newbies
(version 1.0) - explains what a buffer overflow is to the average newbie.
* Default Passwords (version
1.0) - a short tutorial and a very long list of default passwords. Make sure
you're not using any of those!
* Using Netstat to Get
IPs (version 1.0) - a guide dedicated to all those people who have been
asking how to get someone's IP over ICQ without the cracks (programs such as isoaq).
*
Reverse Telnet (coming soon).
* Trust Relationships (coming soon).
Humor
* How to
Ask Questions Without Getting Flamed (version 1.0) - a lot of people I know
need to read this guide. Not only that it will help you get flamed much less
often, but it will also help you figure your way out of flame wars and clear up
your name after you get flamed. In addition to being quite useful to many
people, it is also a humoristically-written tutorial that is fun and interesting
to read.
Unix / Linux
* Beginners Guide to Linux + Easy
Installation Guide (version 1.1) - a tutorial dedicated to all these people
who want to install a relatively simple Linux distribution easily and
painlessly.
* Basic Local/Remote Unix Security
(version 1.2) - change default configurations, basic packet filtering, how to
secure your system's networking services (or completely remove them or some of
them, in case you don't need them, in order to increate your computer's
security), how to use, how to avoid trojans, what are sniffers, how to maintain
local security between different users in your system (if you're not the only
one using this system, whether it's locally or remotely), some stuff about SSH,
how to protect yourself against computer viruses under the Unix system, what are
security scanners and how to use them, why you should encrypt your important
data and how etc'. The ultimate tutorial for a Unix newbie or semi-newbie who is
interested in computer security and/or networking.
* The
Shell Accounts Tutorial (version 1.0) - teaches a newbie everything he needs
to know about getting a shell account and it's limitations.
* The Definitive Guide for Linux
Gamers (version 1.0) - this guide will teach all those Linux users that
simply feel bored while on Linux due to the lack of games where to go and what
to do to get all of their favorite games running on Linux.
* Tweaking Your Hard Drive
(version 1.0) - this will make your hard drive go A LOT
faster!
* LAG (Linux
Administrators Guide) - just what the name says. Excellent for Linux newbies
who are concerned about security. Episode one is here, and hereis a log from an IRC lecture
that was held on the same topic by Kript0n, who also happens to be the writer of
the LAG series. Here is a version
of the same paper by Elad, which has changed a few things to make it
Unix-compatible (it's not just a Linux guide anymore). Episode two will be
released shortly, and Here is episode two. LAG's
homepage - void.box.sk.
* Winmodems (version 1.0) - what
are Winmodems, and why do they suck so much? And also, how do I get online with
a Winmodem from Linux/Unix?
Windows (95, 98, 2,000 and NT 4.0 and
5.0)
* Windows Registry Tutorial
(version 1.0) - learn more about the Windows registry. How does it work, what
does it do and what happened to the old .ini files?
* Yet
Another Windows Registry Tutorial (version 1.1) - this one contains some
information that was not included in the previous one. We really like writing
those Windows registry tutorials, do we? :-)
* Cracking File and Print
Sharing (version 1.3) - learn about this method to crack into Windows box
that has file and print sharing on (even if the shares are password-protected),
how to protect yourself against it, and how to secure your shares (if you have
any).
* Cryptic Windows Errors Explained
(version 1.0) - just what the name says.
* Windows 95/98 Local Hacking -
teaches you all you ever wanted to know about getting to the registry, command
prompt, display settings, control panel etc' etc' in a restricted Windows 95/98
environment.
* Service Packs
(coming soon) - what are service packs? Why install them? Why are they so
important to your NT box's security? What do they contain? What are the problems
with service packs?
* Untold Windows Secrets (version
1.0) - some cool things you can do with Windows.
* Exploiting The IPC Share (version 1.0)
- a continuation to the file and print sharing tutorial.
Fun!!
* Is Foolproof Really Foolproof?
(version 1.0) - how foolproof is the local security program 'Foolproof'? Find
out here.
* More Ways to Defeat Foolproof
(version 1.0) - just what the name says.
* NT
Security (version 1.0) - the logs from a non-BSRF IRC lecture held in our IRC channel.
* Installing Windows 2,000
(version 1.0) - just what the name says!
* Getting More Control Over The Win9x /
DOS 7.x Startup (version 1.0) - comes with samples. Harmless fun, and it
makes your winbox start up faster too!
*
Fun With Debug (version 1.0) -
learn more about debug, a very useful DOS program.
Novell
* Novell
Security for Complete Newbies (version 1.0) - just what the name
says!
* Another Novell Security Guide for
Complete Beginners (version 1.0) - again... just what the name
says! :-)
IRC
* IRC
Warfare Tutorial (version 1.0) - ever wanted to know how those lamers keep
taking over your channel and/or kicking you off IRC? Learn to protect yourself
here! WARNING: an attached file, flood.exe, which is
an example program to many script-kiddie IRC flooders out there, is infected
with a trojan. DO NOT run it!
* Eggdrop Bots Tutorial
(version 1.0) - learn how to set up your own Eggdrop bot on IRC, and how to send
commands to it, make it execute automated processes or commands when certain
credentials are met etc'.
*
IRC Services + Hiding/Faking Your IP
in IRC (version 1.0) - an excellent IRC lecture that starts with the
standard IRC services (chanserv, nickserv, memoserv...) and then goes into
describing an unstandard service called botserv and all sorts of really cool
settings and combinations that a lot of people don't know about, and later
explains how to hide or fake your IP in IRC in many different ways. There's also
a cool bonus at the end. ;-)
* The
proper way to fserv - explains what fserv is, how it works, proper behavior,
how to set up your own fserv etc'.
Local Security
* Standalone Security (this
tutorials wasn't written by a BSRF member. Read about what exactly happened here).
* How I hacked my local library
(version 1.0) - no, I'm not talking about gaining access to control panel and
the registry. I'm talking about gaining access into a nation-wide library
database from home, plus using some kewl tricks in the process.
* How To Recover Deleted Files
(version 1.0) - a spontaneous IRC lecture that I held. It explains how to
recover files that were deleted by reading raw data from your hard drive, and of
course, explains how to overcome this and completely wipe out a
file.
Hardware
* Overclocking Tutorial
(version 1.6) - tired of your old CPU? Your outdated 3D accelerator? Your X-type
hardware? Then do some overclocking! Get more speed from your hardware for free!
This tutorial covers overclocking plus lots of explanations about various pieces
of hardware like the CMOS chip, the Cache chip, your RAM, BUS connections
etc'.
* Interesting Things You Didn't Know
About Your Computer's Hardware (version 1.0) - read Njan's amazing tutorial
about all those things you always wanted to know about PC hardware but never had
the guts to ask. HTML version
here.
* How to Build Your Own Computer
(version 1.0) - save endless amounts of money and gain endless amounts of fun by
buying parts and building your own computer by yourself.
* Memory
Upgrading Guide (version 1.0) - just what the name says!
* Hard Drive
Installation Guide (version 1.0) - learn how to install new hard drives by
yourself and save costs!
* CD-Rom Installation Guide (version
1.0) - learn how to install CD-Roms by yourself and save costs!
* Device Drivers (coming soon).
* The Cellular Phones tutorial
(version 1.0) - learn some cool tricks you can play with
cellphones.
* Aqua and Beige Boxing
(version 1.0) - a non-BSRF (not held by a BSRF member) that took place in our IRC channel. If you want to hold
a lecture too, mail R a v e N
with the exact time and date in GMT (Greenwich Mean Time). Please note that
during the lecture, the aqua box was mistakenly called a black
box.
Cracking
* Cracking, Part I (version 1.0) -
learn how to crack programs by yourself, and what the hell cracking means
anyway.
* Cracking, Part II (version 1.0)
- make your first steps in cracking, while cracking an example
program!
* Cracking Opera 3.61 (version 1.0) -
learn more about cracking through the process of cracking the Opera browser
(version 3.61).
* Hex Editing Explorer.exe (version
1.0) - mess around with Windows' Interface program!
* Different Numbers Systems (version
2.0) - octal? Binary? Hex? And how to convert between them.
* Register Modfying (version 1.0) -
a must read for every cracking newbie.
* Cracking 3D Mark 99 Max (version
1.0) - another cracking-by-example tutorial.
* Cracking Hex Workshop 2.54
(version 1.0) - another cracking-by-example, only this time it also teaches you
how to create patches!
Programming
* HTML (version 1.0) - learn how
to build your own HTML pages. Fonts, colors, links, pictures, backgrounds,
frames, image maps and what not. Note: http://www.htmlgoodies.com/ has lots of
HTML and Javascript tutorials, and it's a good overall source for web
designers.
* The PERL
(Practical Extraction and Report Language) (not-so-)weekly journal - Volume I - Volume II - Volume III, Volume IV. More volumes will be
coming soon (hopefully in a week, as the name says). Unix/Linux users should
already have a Perl interpreter installed (if not, head to perl.org), and as for Windows users, Volume I explains how to get an
interpreter for your OS.
* DOS Batch File Programming (version
1.0) - yes, I know it's probably the lamest scripting language ever, but it does
have some uses, especially for DOS/Windows users.
* JavaScript (coming soon).
* Encryption and Programming -
how to program efficient, structured encryption programs.
* C for complete beginners (version
1.0) - build your first C program with this simple guide!
* Assembly for complete
beginners (version 1.0) - guides you through the basics of assembly and
things you'll need to know as an assembly newbie, and takes you through the
process of building your first assembly program!
* C
Socket Programming For Complete Newbies (version 1.0) - just what the name
says! Comes with sample code and everything that is necessary to make it
newbie-friendly.
* Buffer Overflows for Newbies
(version 1.0) - explains what a buffer overflow is to the average newbie.
* Device Drivers (coming soon).
Encryption
* The
Basics of Cryptography (version 1.0) - a short, easy and simple primer to
encryption. Different types of encryption, breaking it etc'.
* PGP Encryption for Beginners (version
1.0) - learn how PGP works, what is it good for, why would you want to use it,
how to use it and why it can be so hard to break (and what the hell is PGP, what
it stands for etc').
* Quantum Encryption (version 1.0) -
learn just how quantum encryption works.
* DESbreak (version 1.0) - a sample
program written in Perl (yes, we know the drawbacks... read the attached text
file) that is meant to show people how bruteforce password-cracking works behind
the scenes, and how to make your own bruteforcer. It can also be used to break
passwords often found in wwwboard password files and other
scripts.
*
Encryption and Programming
(version 1.0) - how to program efficient, structured encryption
programs.
* SSL 3.0 (version 1.0) -
learn everything about the encryption that so many shopping websites
use.
* Algorithms
Explained (version 1.0) - a step-by-step explanation of a few algorithms,
just to get you going and to show you what's behind the word
"Algorithm".
Viruses
* The
Happy 99 Virus (version 1.0) - learn all about this Internet worm (how
it works, how to remove it etc'). Note: this tutorial comes in a zip file,
together with the virus (no, you won't get infected unless you run it! What kind
of a question is that?), and some anti viruses will warn you that you are
downloading a virus. If you can't turn your antivirus software off, you can
still view the tutorial itself here.
* The
Melissa Virus (version 1.0) - the virus that once drove the world crazy,
explained and analyzed (virus source code included).
* Explorer.zip (version 1.0) -
learn all about the explorer.zip virus, which has got a lot of people extremely
annoyed and it's time.
* The Bubble Boy Virus (version 1.0)
- the name says it all... :-)
* Pretty Park Worm - The
virus with somee very clever features.
* VBS/Freelink (version 1.0) - learn all
about this virus.
* I Love You (version 1.0) - *smooch*,
*smooch*. The virus that took the world apart, wrecking havoc among thousands of
e-businesses and networks and causing enormous damage worth tens of billions of
dollars.
History
* History of
Dos (version 1.0) - this tutorial would teach you all about how Microsoft
started up and a little about DOS, the OS that once almost completely ruled the
home and office PC OS market.
* The History of the Internet (coming soon).
Misc
* Seti@Home Speedup (version 1.0)
- learn how to speed things up with Seti@Home.
* True
Meaning of the word 'Hacker' - a log from BSRF's IRC channel, from a discussion
that we held about the true and original meaning of the word
'Hacker'.
* Being a Hacker - more about
the media's perception of hackers, and what it's really like to be a real
one.
*
Happy Hacker.org - Huge archive of tech resources
*
Hotfiles.com -Scores of free programs, upgrades, games and more!
*
Dialpad - Unlimited free IDD calls to and from North America
Anonymity Resources
*Alex's online privacy and anonymity tips - the helpful information and tips about online privacy and security. Protect yourself from any information (data) leak from your computer and any possible damaged caused by viruses and Trojan Horses.
*Anonymizer - free anonymous web proxy server
*Anonymous Mail - via somebody.net free service
*Anonymouse - the free and anonymous proxy access
*cavency - online tool which finds out how anonymous the proxy you're using is
*Crowds - prevents web server knowing closer information about your web client and yourself
*Internet Privacy Coalition - promoting strong encryption to the public
*Janus - a free anonymous web-proxy
*junkbusters - anonymous browsing and banner-ad/cookie filtering proxy software
*Lists of public proxy servers - as the title say
*LPWA - The Lucent Personalized Web Assistant - usingpersonalized Web services while providing privacy, convenience and account security... combating junk emails
*MagusNet Public Proxy Server - free anonymous proxy service
*MyWebProxy - both free and commercial anonymous web proxy with URL encryption, SSL encryption, FTP access
*NetSpy - big list of accessible tested free public proxys for WWW, HTTP, HTTPS, FTP.
*Novelsoft: Free Anonymous Proxies - as the title says
*Privacy Killer - send an anonymous mail, surf through free and anonymous proxy server
*proxy.nikto.net - Anonymous proxy list and home of MultiProxy -- anonymizing proxy server
*Proxys 4 All - great and up-to-date list of accessible tested proxys for HTTP, FTP, TELNET, SOCKS, GOPHER, SECURITY & WAIS.
*Proxys List Generator - List of accessible autotested free public proxys for web, http, https & ftp
*Remail - anonymous remailer via WWW interface
*SiegeSoft - anonymous surfing service
*Somebody.net services - commercial web, http, irc, icq anonymous proxy
*TAMOS Proxy Info - Will tell you whether or not your proxy shows an X-Forwarded IP. Also lets you do a quick IP lookup of your proxy IP.
*Whois.com.au - Australian free of charge anonymous proxy service
*Zero-Knowledge Systems - software for anonymity on internet
Privacy / Law / Free speech
*#Computer Law & Crime articles - related articles
*Center For Democracy and Technology - a non-profit public interest organization working for public policies that advance civil liberties and democratic values in new computer and communications technologies
*Cyberspace Law - Well-organized subject index from John Marshall Law School. Includes links to cases and law review articles in a variety of CyberSpace Law subtopics.
*Cyberspace Law News - legal news mainly about Internet related issues
*EFF - Electronic Frontier Foundation - encrypting, sifrovanie, bezpecnost, zachovanie sukromia
*FindLaw guides for Cyberspace Law - law portal
*Information Liberation Front - sharing and exchanging information dealing with H/P/A/V/C
*Internet Privacy Law - articles on US law, privacy, security, anonymity, defamation, liability and jurisdiction
*Computer Crime Research Resources - the research papers
*Computer Law Association - a non-profit international association
*Cybercrime Defense Lawyer - free confidential legal consultation if you are accused of committing a computer-related criminal offense, such ashacking, cracking, or phreaking
*DigiCrime - a full service computer security organization
*Efforts to Ban Encryption - recent news, documents, legislation
*Electronic Frontier Canada - founded to ensure that the principles embodied in the Canadian Charter of Rights and Freedoms remain protected as new computing, communications, and information technologies are introduced into Canadian society.
*EPIC.ORG - informational center
*FindLaw guides for Communications Law -
FindLaw guides for Intellectual Property -
*Mike's Privacy Page - Information on using PGP - news, links, PGP using guide, remailers list
*Paranoia.com -
*Phunc - Organization supporting Freedom of Information/Speech, providing network security information, software, and advice to the public at large.
*POLICE SCANNER - US police channels monitoring
*PoliceGuide - Free FBI records search, security updates for law enforcement.
*S. G. R. MacMillan - a defence lawyer frequently engaged in leading edge computer crime and hacking cases
*The Official Kevin Mitnick Web Site -
*UCLA - Online Institute for Cyberspace Law and Policy
