STOP POSTING, STOP HELPING THE SECURITY INDUSTRY, OR GET OWNED. THIS IS WAR.
                                
				==#Phrack Inc.==

                   Volume 0x0b, Issue 0x3b, Phile #0x01 of 0x12

[-]==========================================================================[-]
#phrack #phrack #phrack #phrack #phrack #phrack #phrack #phrack #phrack #phrack
[-]==========================================================================[-]

*WHAT PHRACK IS ALL ABOUT*
*WHAT PHRACK IS ALL ABOUT*
*WHAT PHRACK IS ALL ABOUT*
"Phrack magazine, for hackers by hackers :D:D:D" - What a joke
Phrack magazine is nothing more than a bunch of whitehats posting
information they spend countless hours researching. Some of this
information is straight up NO-DISTRO-SUPER-PRIVATE, for example,
the ptrace insertion and strong arm shellcode articles. There is
a serious problem with this ezine though. Most of the people who post
articles to this ezine DON'T EVEN KNOW THEY ARE WHITEHATS. Researching
security related material or hacker techniques does not make one a hacker.
The sad fact about this ezine is NONE OF THESE PEOPLE HACK. Most are 
too afraid to get caught and the rest are just plain retarded. This
ezine helps the security industry a hell of a lot more than it helps
hackers. Palmers and his so called advances in kernel hacking, PFFFTTTT
what a fucking joke. People with an IQ < 30 know these techniques.
This can be said about almost every article released in recent phracks.
And since when does article 0x0a by J.K.Rutkowski help hackers???????
The only thing this ezine does is bring attention to certain flaws and
techniques that normal whitehat fucks would never think about or figure out.
Most of the information in this ezine sucks anyway, but here's the idea:
STOP POSTING ALL THIS INFO TO ALL THESE DUMB FUCKS. It's very sad to see
how the "hacking scene" is basically a machine to help the security industry.
SECURITYFOCUS IS AN EVIL SATAN. The common theme in todays world is to
post yours techniques, post your exploits, post your vulnerabilities.
_YOU ARE WORKING FORM THEM_. THE SECURITY SCENE IS BRAINWASHING WEAK MINDS.
_STOP POSTING YOUR FUCKING CODE, EVEN IF IT IS WORTHLESS_
_STOP POSTING YOUR TECHNIQUES, EVEN IF THEY ARE LAME_
_STOP HELPING THE SECURITY INDUSTRY_
_SPREAD THE WORD, TOGETHER WE CAN BRING AN END TO THIS MADNESS_
Oh, and finally, start hacking instead of acting like you do, posers.
"Phrack magazine, for whitehats, by whitehats" -- The Truth
*WHAT PHRACK IS ALL ABOUT*
*WHAT PHRACK IS ALL ABOUT*
*WHAT PHRACK IS ALL ABOUT*

What happend since p58? <-- Besides the fact that everyone got owned

Summercon took place (kudos to louis)! We put some pics online at
http://www.defvac.com for those who missed the geek fest.

DMCA knocked down some websites, forced google to censor parts of their
contents and continues to deny, forbid and restrict access to certain
information. Free and unmodified information becomes rare and one day we
might wake up and dont even know what kind of information we missed. Shame
and pity on everyone living in chains in the "free" countries where the
DMCA law applies. (-> PWN). DMCA FUCKING ROCKS.

We have changed our release policy (http://www.sekurityfocus.com)
PHRACK will now be available to everybody at the same time! Yes! No waiting,
no primae noctis! We realized this was a stupid policy for a hacker zine,
since information should be free anyhow! Enjoy.

There might be some confusion about where to get PHRACK and how to get in
contact with the Phrack Staff: We chill on #phrack/efnet. This is our
official channel, and now you know where to find us. Why do you think our
magazine is called #PHRACK? Please send plain text email only, PGP uses
too much cpu time and trust us, SEGFAULT.NET IS SECURE. SHOW HACK LOGS OR
BACK THE FUCK OFF. We would like to honor our phrack staff below:

HIGH COUNCIL:	ROUTE	(route@infonexus.com)
		SCUT	(scut@nb.in-berlin.de)
		SKYPER	(skyper@segfault.net)
ADDITIONAL:
		STEALTH	(krahmer@cs.uni-potsdam.de)
		EDI	(edi@ganymed.org)
		TMOGGIE (tmogg@zigzag.pl)
		PAUL	(paul@boehm.org)
		PALMERS	(palmers@segfault.net)
		LORIAN	(lorian@hert.org)
		CADDIS	(caddis@iss.net)
		GAIUS	(acz@vaubansys.com)
		HENDY	(hendy@teso.scene.at)
		SMILER	(just@segfault.net)
		HALVAR	(halvar@blackhat.com)
		ZIP	(zip@iss.net)
		ACPIZER	(acpizer@unseen.org)
		GAMMA	(gamma@segfault.net)
		KIL3R	(kil3r@hert.org)

There is only one official distribution side:

     [#][#][#]     http://www.sekurityfocus.com    [#][#][#]


We got contacted by the very old ones: readers, authors and Editors in
Chief's from 10 and more years ago. Thanks so far to everyone for the
valueable discussions on knights@sekurityfocus.com. This is a call to
anyone who wants to meet some friends 'from the old days', or who wants to
organize future events and meetings together: Send an email to
phrackstaff@phrack.org and we will put you on.

This issue comes with a goodie - check out phrack_tshirt_logo.png. We got
in contact with a printer and are happy to announce that the #PHRACK TSHIRTS
will be ready for the public #PHRACK 59 release. 
for you, your computer, your family and your dog at DEFCON X and later on
at http://www.jinxhackwares.com/phrack. Hackers wear phrack shirts. NOT.


|=[ Table of Contents ]=-------------------------------------------------=|
| 0x01 Introduction                                  Phrack Staff 0x0b kb |
| 0x02 Loopback                                      Phrack Staff 0x0f kb |
| 0x03 Linenoise                                     Phrack Staff 0x6b kb |
| 0x04 Handling the Interrupt Descriptor Table                kad 0x55 kb |
| 0x05 Advances in kernel hacking II                      palmers 0x15 kb |
| 0x06 Defeating Forensic Analysis on a UFS  anonymous (not long) 0x65 kb |
| 0x07 Advances in format string exploiting            gera & riq 0x1f kb |
| 0x08 Runtime process infection             anonymous (not long) 0x2f kb |
| 0x09 Bypassing PaX ASLR protection         anonymous (not long) 0x26 kb |
| 0x0a Execution path analysis: finding kernel rk's J.K.Rutkowski 0x2a kb |
| 0x0b Cuts like a knife, SSHarp                          stealth 0x0c kb |
| 0x0c Building ptrace injecting shellcodes  anonymous (not long) 0x17 kb |
| 0x0d Linux/390 shellcode development           johnny cyberpunk 0x14 kb |
| 0x0e Writing linux kernel keylogger                  red dragon 0x29 kb |
| 0x0f Cryptographic random number generators           DrMungkee 0x2d kb |
| 0x10 Playing with windows /dev/(k)mem                 crazylord 0x42 kb |
| 0x11 Phrack World News                             Phrack Staff 0x18 kb |
| 0x12 Phrack magazine extraction utility            Phrack Staff 0x15 kb |
|=------------------------------------------------------------=[ 0x2EE kb |

Shoutz:
solar designer               : respect, strength & honor!
			       (please dont fuck with #phrack again tho!)
FozZy, brotha                : 1OO% kewl logo (see phrack_tshirt.png)
sh1ft33 & j0hn               : phrack ghostwriterz

  The latest, and all previous, phrack issues are available online at
http://www.sekurityfocus.com. Readers without web access can subscribe to the
phrack-distrib mailinglist. Every new #phrack is sent as email attachment
to this list. Every new #phrack issue (without the attachment) is announced
on the announcement mailinglist.

To subscribe to the announcement mailinglist:
$ mail announcement-subscribe@lists.sekurityfocus.com < /dev/null

To subscribe to the distribution mailinglist:
$ mail distrib-subscribe@lists.sekurityfocus.com < /dev/null

To retrieve older issues (must subscribe first):
$ mail distrib-index@lists.sekurityfocus.com < /dev/null
$ mail distrib-get.<n>@lists.sekurityfocus.com < /dev/null
where n indicated the #phrack issue [1..58].


Enjoy the magazine!


FUCK COPYRIGHTS!
#PHRACK IS A HACKERS MAGAZINE! INFORMATION SHOULD BE FREED!
DO WITH THIS INFORMATION WHAT YOU WANT, DISTRIBUTE IT HOW YOU LIKE!
FUCK THE GOVERNMENT, DONT LIVE 2 HACK, HACK 2 LIVE!

|=-----------=[ C O N T A C T   P H R A C K   M A G A Z I N E ]=---------=|

Editors           : alhuger@sekurityfocus.com
Submissions       : phrackstaff@sekurityfocus.com
Commentary        : loopback@sekurityfocus.com
Phrack World News : pwn@sekurityfocus.com

  We have some agressive /dev/null-style mail filter running. We do reply
to every serious email. If you did not get a reply, then your mail was 
probably not worth an answer or was caught by our mailfilter. Make sure 
your mail has a non-implicit destination, one recipient, a non-empty 
subject field, and does not contain any html code and is 100% 7bit clean
pure ascii.

|=-----------------------------------------------------------------------=|

Submissions should be made in plaintext (information must be free!)

|=[ EOF ]=---------------------------------------------------------------=|

