The Treacherous Den BBS was a particularly sweet target for hackers to try and infiltrate. It was a large system, with many users (many of whom were sysops of other BBSs), and it had dozens of games and digitized pornographic pictures that could be downloaded. The system was run off a pirated copy of a popular BBS software package, but DR dendryte had altered it so that it appeared to have been officially registered in his name. Once a long-time user of the system asked DR dendryte an innocuous but technical question about the BBS, over the phone. DR dendryte told him to hold on a minute, he would look up the answer in the manual.
"Oh, you bought it?" the user asked, apparently referring to the BBS software.
"Yeah," DR dendryte replied, referring to the in-struction manual, which he had found ait a used book store for a quarter.
DR dendryte answered the user's question, chatted awhile longer and then hung up. He didn't think any more of the conversation until the follow-ing month, when a cardboard envelope arrived in the mail. It was a disk envelope, with a corn-puterprinted return address label affixed that gave the address of the company that
produced the BBS software. DR dendryte opened the envelope. Inside was a letter addressed to DR dendryte's real name, and signed by the author of the BBS software, the man who also owned and had started the com-pany.
The letter read:
Dear Mr. L__ H__:
K__ Software has adopted a new software upgrade policy. All customers who have purchased nonentertainment packages from be-fore July 1986 are entitled to a yearly free up-grade.
This new version of your software is fay compatible with all previous ones. To upgrade, simply insert the enclosed diskette and type START.
Thank you for purchasing fine quality K__ Software. We hope to have you again as our customer in the future.
Very Truly Yours
(Signature)
P__ I. B__
Not only did DR dendryte know immediately that this was a total crock, but he knew who had had the gall to send it to him. At once he reduced login access for that user he had spoken with on the phone, down to one-time visitor status. Then he wrote a nasty note and e-mailed it to him. That particular user was the only
person, aside from myself, who knew about the manual. But of course, I already knew that DR dendryte had not bought the software, but had obtained the manual through alternate means. The user had assumed incorrectly that because DR dendryte had the book, he must have bought the BBS.
Upon examination of the disk that had been mailed to him, we found that the disk contained eight files:
There was a text file which explained all the "wonderful and exciting features you will enjoy having on your new version of L BBS Software." There was an instruction file called START, which read the contents of that text file. START would then "update" the old version of the software with its "new" version.
There were four files on the disk that exactly matched ones found in the actual BBS software (apparently these were there to misdirect our at-tention), and a fifth progFam that matched closely but not exactly! (It is possible to compare two files by using the "comp" command under MS-DOS, or by using a relevant feature of a Norton or Norton-type program.) Finally, there was a blank file called T on the disk, which served no purpose at all.
It took us hours to figure out what the user had programmed his "new" version to do. As it turned out there were two things different. A copy of the user information file was programmed to be e-mailed to a user the first time he logged on; a trap door had also been inserted that would give tem-porary operating system access to anyone who typed control-E, control-X, control-1, control-T, con-trol-! at the username prompt.
You won't be able to pull a stunt like this unless you can gain access to the source code for the soft-ware, as he must have been able to do (unless you want to recreate from scratch an entire bulletin board system).
Once again, another of those pesky hacker attacks was thwarted!
