From: dtk@all.net
Reply-to: dtk@all.net
Organization: Deception ToolKit Mailing List
Subject: DTK Mailing List 980318
<pre>---------------------------------------------
From fred at all.net@all.net  Wed Mar 18 08:07:55 1998
Return-Path: fc
Received: (from fc@localhost) by all.net (8.7.5/8.7.3) id IAA25913 for fc; Wed, 18 Mar 1998 08:07:55 -0800
Date: Wed, 18 Mar 1998 08:07:55 -0800
From: Fred Cohen <fred at all.net>.
Reply-to: Fred Cohen <fred at all.net>.
Message-Id: <199803181607.IAA25913@all.net>
To: fred at all.net

>From POPmail Sat Mar 14 16:35:06 1998
Status: R

>From POPmail Sat Mar 14 16:35:06 1998
 with Netcom Interactive Netcom POP3 (version 2.01  Mon Oct 20 16:14:44 CDT 1997) Sat Mar 14 18:31:52 1998
X-From_: jericho@dimensional.com  Sat Mar 14 18:19:14 1998
Received: from blackhole.dimensional.com (0@blackhole.dimensional.com [208.206.176.10]) by multi33.netcomi.com (8.8.5/8.7.3) with ESMTP id SAA00846 for <fred at all.net>; Sat, 14 Mar 1998 18:19:14 -0600
From: jericho@dimensional.com
Received: from flatland.dimensional.com (jericho@flatland.dimensional.com [208.206.176.24])
	by blackhole.dimensional.com (8.8.8/8.8.nospam) with SMTP id RAA04239
	for <fred at all.net>; Sat, 14 Mar 1998 17:19:59 -0700 (MST)
Date: Sat, 14 Mar 1998 17:19:58 -0700 (MST)
To: Fred Cohen <fred at all.net>
Subject: Forwarded mail....
Message-ID: <Pine.SUN.3.96.980314171915.14801D-100000@flatland.dimensional.com>
X-NoSpam: Pursuant to US Code; Title 47; Chapter 5; Subchapter II; 227
X-NoSpam: any and all nonsolicited commercial E-mail sent to this address
X-NoSpam: is subject to a download and archival fee in the amount of $500 US.
X-NoSpam: E-mailing to this address denotes acceptance of these terms.
X-Copyright: The content of this message may not be reproduced in any form
X-Copyright: (including Commercial use) unless specifically permitted by
X-Copyright: the author of the message. Requests must be in writing.
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


"in.quaked"

This one provided a chance for user input, and was popular for people
trying buffer overflows on.


#!/bin/bash
trap 1,2,3,4,5,6,7,8,9
LOG="/root/admin/misc/quaked.log"
rand=$(($RANDOM%11))
echo "in.quaked v2.7 by sam-i-nam (running CTF v4.0 mod)

Welcome to the quake daemon. I have ported linux svga lib quake to a
daemon. This is for people on our network who don't have good enough
computers to run quake. With this it will run quake on this machine, and
thread everything to your monitor. Please do not abuse this service.

There are currently $rand out of 10 gaymers using this service.
"
if [ $rand -eq 10 ]; then
echo "I am sorry but this service is full, try again later.
"
exit 1
fi
echo "We will need to ask a few questions before we can start quake.
"
echo -n "quake name> "
read qname
echo -n "server IP address> "
read qip
echo "`date`: $qname   $qip" >> $LOG
echo "
Thank you, we will now launch quake and thread it to your screen.
NOTE: You MUST have a monitor capable of doing 320x300 VGA. 
      it doesn't matter if you have sound or not as we will not be 
      threading sound. 

This may take awhile deaping on how many people are using this.
"
echo -n "Loading."
sleeper=9
while [ $sleeper -gt 0 ]; do
sleep $((60/(11-$rand)))
echo -n "."
sleeper=$(($sleeper-1))
done
echo "

DOH! There was a problem threading quake to your machine. Rapidly unplug
and replug the power to your computer until it doesn't work any longer.
After that goto a local arms dealer and ask them about the suicide
backdoor. This is dedicated to our friend who plays waaaay too much 
quake... ALL of them.

PS: We are logging the quake name and IP address you entered just for fun.
"
exit 1


>From POPmail Sat Mar 14 16:35:07 1998
Status: R

>From POPmail Sat Mar 14 16:35:07 1998
 with Netcom Interactive Netcom POP3 (version 2.01  Mon Oct 20 16:14:44 CDT 1997) Sat Mar 14 18:31:53 1998
X-From_: jericho@dimensional.com  Sat Mar 14 18:19:38 1998
Received: from blackhole.dimensional.com (0@blackhole.dimensional.com [208.206.176.10]) by multi33.netcomi.com (8.8.5/8.7.3) with ESMTP id SAA00857 for <fred at all.net>; Sat, 14 Mar 1998 18:19:38 -0600
From: jericho@dimensional.com
Received: from flatland.dimensional.com (jericho@flatland.dimensional.com [208.206.176.24])
	by blackhole.dimensional.com (8.8.8/8.8.nospam) with SMTP id RAA04290
	for <fred at all.net>; Sat, 14 Mar 1998 17:20:23 -0700 (MST)
Date: Sat, 14 Mar 1998 17:20:22 -0700 (MST)
To: Fred Cohen <fred at all.net>
Subject: Forwarded mail....
Message-ID: <Pine.SUN.3.96.980314172001.14801E-100000@flatland.dimensional.com>
X-NoSpam: Pursuant to US Code; Title 47; Chapter 5; Subchapter II; 227
X-NoSpam: any and all nonsolicited commercial E-mail sent to this address
X-NoSpam: is subject to a download and archival fee in the amount of $500 US.
X-NoSpam: E-mailing to this address denotes acceptance of these terms.
X-Copyright: The content of this message may not be reproduced in any form
X-Copyright: (including Commercial use) unless specifically permitted by
X-Copyright: the author of the message. Requests must be in writing.
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


quit shell script to catch portscanners.


#!/bin/sh
TERM=vt100
trap 1,2,3,4,5,6,7,8,9

clear
echo "in.portscand v1.0.0 by: Mad Haxor"
sleep 1
echo " "
echo "Checking the ports of this box eh? Kinda like checking doorknobs"
echo "they say. Well, in my state there is the make my day law. Your IP"
echo "has been logged. Time to make my day!#@$!@#$!@#$$!"
echo " "
sleep 1
exit 1
---------------------------------------------