_________ SWAT MAGAZINE ISSUE SEVENTEEN: MAY 1999 __________ / \___________________________________________/ \ / A small exploit or two \ / By mist350 \ ----------------------------------------------------------------------- Netbus. If you decide to use netbus (1.7 or less) on someone, then there is a fair chance that they will be running netbuster, because its now fairly common. Now, how do you tell if they are running netbuster, or you really have connected to the client? Well, when people have been connected to, they like to send the messages straight away. If you dont get 1000 messages flashing up on screen, then thats good, because it gives you time to run this little exploit to crash the netbuster program. You should also try the sound record. If the volume controls go crazy, then they're using netbuster. When you are connected, you just have to run a scan. Then scan any range, (I use localhost - 127.0.0.1). If you get disconnected, then they were running netbuster, and you crashed it. If not, then you are connected to the client. Now, if you got disconneted, you should run netbus again on the same IP address. They might still have the netbus server in memory, and you can connect. If you cant connect this time, then you were hoaxed. I'm guessing that the fact that netbuster users load the program to emulate the netbus program, is technically entrapement. Whatever evidence they gain of you doing dodgy things to their computer is null, because it was gained unfairly/unlawfully (or whatever word describes this..) Ænemia e-mail express ICQ If you have bombed someone's e-mail address to the stage that they dont use it anymore, you might like to employ Ænemia to do the same to his ICQ account. If you know his ICQ number, then set up Ænemia to bomb.... @pager.mirabilis.com then send about 10000, using clones and things. You could set up an oroborous e-mail account to forward all mail to this guys pager (SWAT issue 9 - www.swateam.org). Then sign the account up to receive loads of offers and porn subscriptions each day, then you could sit back and watch, as the guy gets flooded with paged e-mail every day, until you decide to stop them. Which of course, you wont. ever. If you dont have the luxury of ICQ, then you can talk to your target on his ICQ homepage. Everyones got one. You can swear at him from there, and mabye even social engineer some passwords off him. Go to - http://wwp.mirabilis.com/ and its definetley wwp, *not* www. *remember, mailbombing is considered lame, so dont tell anyone that you did it, and keep up your image as an 31337 H4X0R* Here's some numbers to bomb if you're stuck. Vampyre95 - 35404406 (if he thought my 500 were bad, just wait till he gets yours....) vampyre95@yahoo.com - oroborise the prick vampyre95@hotmail.com not that I want you to bomb the guy, or anything. Not the best text document, I know, but it is my first.....