Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
history:hack93 [2014/12/27 01:19] – created (more gold found in an backup of Vert) digital man | history:hack93 [2014/12/27 03:01] – [Synchronet/DSZ Hack of 1993] digital man | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Synchronet/ | ====== Synchronet/ | ||
- | In August of 1992, I began to hear rumors that there was a known vulnerability in Synchronet and some Synchronet BBSes were suspected to have been " | + | In August of 1992, I began to hear rumors that there was a known vulnerability in Synchronet and some Synchronet BBSes were suspected to have been " |
===== The Vulnerability ===== | ===== The Vulnerability ===== | ||
Line 36: | Line 36: | ||
KD and I conducted some investigation into the attack and tried to determine who were the most likely culprits. Apparently some word of our investigation got out and motivated the attacker to send me an " | KD and I conducted some investigation into the attack and tried to determine who were the most likely culprits. Apparently some word of our investigation got out and motivated the attacker to send me an " | ||
+ | |||
+ | ===== The Disclosure ===== | ||
+ | |||
+ | On January 28, 1993, I posted this vulnerability disclosure to all Synchronet sysops (with a more detailed analysis/ | ||
+ | |||
+ | < | ||
+ | Subject: DSZ restrict parameter | ||
+ | |||
+ | Due to an unfortunate feature in DSZ, ALL Synchronet sysop must add the | ||
+ | ' | ||
+ | |||
+ | Example command lines for versions before v1b r1: | ||
+ | |||
+ | You temp directory for each node should be set to " | ||
+ | Placing the temp directory on another drive will not work. | ||
+ | |||
+ | DSZ Ymodem Batch UL: %!dsz portx %u,%i est 0 %e re rb %g | ||
+ | DSZ Zmodem Batch UL: %!dsz portx %u,%i est 0 %e re rz %g | ||
+ | DSZ Ymodem-G Batch UL: %!dsz portx %u,%i est 0 %e re rb -g %g | ||
+ | |||
+ | Example command lines for Version v1b rev 1 (no %g): | ||
+ | |||
+ | Temp directly can be on any drive or directory. | ||
+ | |||
+ | DSZ Ymodem Batch UL: %!dsz portx %u,%i est 0 %e re rb | ||
+ | DSZ Zmodem Batch UL: %!dsz portx %u,%i est 0 %e re rz | ||
+ | DSZ Ymodem-G Batch UL: %!dsz portx %u,%i est 0 %e re rb -g | ||
+ | |||
+ | Quite unfortunately, | ||
+ | and have kept it a secret so they could hack other Synchronet systems. What's | ||
+ | more sad is that they didn't even know the solution to protect their own BBSs. | ||
+ | |||
+ | If you suspect that your board has been hacked, call me voice and I'll help | ||
+ | you find out if it has or hasn' | ||
+ | |||
+ | DM | ||
+ | </ | ||
===== The Admission ===== | ===== The Admission ===== | ||
- | An anonymous user created an account on [[bbs: | + | Sometime later, an anonymous user created an account on [[bbs: |
< | < |