July 24th, 2001, 08:55 PM
Just to let you know that i tried back orifice and it works really well.
I also found something of interest to any BO users, which i just sent to
cDc. i couldnt attach it so here it is pasted....
How to get rid of that ugly picture at the side of the Back Orifice GUI
1. Download a HEX Editor
2. Open up BOGUI.EXE
3. Search for the string "DISPLAY" (in the same case)
4. The first match you come accross should be
4449 5350 4C41 5900
5. Write over all these numbers with 0's so it will now look like
0000 0000 0000 0000
6. Save the file, load it up, et voila, no crap picture on the side
by Lord of the Crackers
Haha, no one seems to like that "Back Orifice" logo.
(What I'm about to say is my personal opinion only, it does not
represent anybody/anything else)
Regarding the East Timor protest masshacking recently, they said:
"We hacked about 45 servers.. we only modified their webpages
and deleted the files necessary to our own protection."
I'm the webmaster (but not the technical person) of one of the servers hacked,
and as far as I know, the hackers deleted ALL the content of our website.
Moreover, our homepage is about Linux, it's got ABSOLUTELY NOTHING to do
with politics, Indonesian Government or any kind of anti East Timor organizations.
What kind of protection do they need that they had to delete ALL of the
website content? (the entire /htdocs actually)
And some of the webmasters from the other servers hacked, they said
the same thing; that their entire website had been deleted.
I just feel that you need to say a little something about this
on your report. To let people know that what the hackers said
is not totally true.
If they hack/delete/do whatever to government website, I don't
care. If they claim that they were protesting, who are they protesting
exactly, the government or just any Indonesian? I think they
are using a good cause (demanding East Timor freedom) as
an excuse for their malicious behavior.
I will be very grateful if you could mention this somewhere on
Well, it very often seems to be the case that hackers will attack a system, then come up
with a grand reasoning to do so after the fact. We reported this group's actions mainly because we felt that they
were truly attempting to raise attention to an important issue. Perhaps we were wrong? Who knows...
The domain name issue (on which you must have recieved
enough e-mail to clog a T3) is going to be a heated one
as time goes on.
Legally speaking, the name Micros0ft (or Micr0soft,
Microsopht etc.) is similar enough to warrant a victory
in court. Those are obvious attempts at using a similar
name to get a rise out of Microsoft(C) (notice snappy (C))
The battle, however, can be waged on the following grounds.
We have Sony, and Sanyo, Kenwood and Sherwood and many other
coporate examples where a noticeable similarity exists. These
comapnies intended by thier names to live off the notariety
of the, "well-known," to attract more business. Micros0ft is
just a play on a word, not intended to make money off the
similarity, but to draw attention to the big business
foolishness 83 billion buys you.
All the power to them. If Microsoft(C) was so concerned
about customers gettig lost:
a.) perhaps they should have either spent the 100$ to
register or given th kid his 100$
b.) perhaps they need to realize that anyone who thinks
Micros0ft is the same as Microsoft(C) just shouldn't have
a PC to begin with.
Being someone who has been online since Gates was in college
and playing with his Altair...perhaps he needs to leave
the management of the net to us, and just keep playing on
just my opinion,
I think you've raised some very good points. I think it'd be
worth the $100 for Microsoft simply to avoid the bad publicity. But then again,
I'm not a Microsoft spin doctor
I'm not entirely surprised that the mainstream press has
missed the point on this, but I'm fairly surprised you did:
this app DOES NOT have to be run by the target to be installed
it could be put on an unpassworded share surreptitously (though
this again depends on the stupidity of the target), it
could be installed via a buffer overrun, it could be installed
from a trusted machine on your same subnet by an attacker using
another copy of BO. The real issue is that there is NOTHING
a Windows user can do to limit the free rein an application,
hostile or not, has over their system, and that's why so many
people, smart or stupid, are going to be affected by Back Orifice.
Chief Ninja for Cult of the Dead Cow
Very good points of course. There are several ways to gain access to a remote '95/'98 box.
This program would then allow the intruder to have controll over the system, instead of simply access to files.
BO isn't an exploit or security concern,
it's like a virus that allows remote access of your computer.
Why don't we put every virus that is made on CNN or Wired then **** on
microsoft for bad security and call it a major threat? I could go send
someone a copy of a mutated beast virus and give it a name of lots-o-pr0n.exe.
I think the only reason it got this much attention is the cDc slapped on their logo
and people said "oh it's from the cDc it must be good". Their is nothing exciting
about how it was coded the client sends a sendto the server recvfrom which
converts the line and runs a function like WinExec or RegSetValue. BO is a
mini-laplink like virus that becomes a pain in the ass and hides itself on the
victims computer. And I would gladly give code to show how it is done.
Well, I'm not sure if this was supposed to be a critical, technical response of Back Orifice,
or a jealous flame against the CDC? At anyrate, he was so "not worried" about this bug, he didn't bother to
leave his name or e-mail addy.
The CdC putting out a trojan? I don't know wether to be
impressed or dissapointed with it. It looks like a damn
good remote administration tool, but it's kind of a no
brainer when it comes to hacking. Hell, if I was sure they
weren't tracking who installs it, I would probably use
it legitimately. It's a good idea, but maybe not the
We got a LOT of mail about BO (Back Orifice). People seems to be
pretty split down the middle about this one...
Yes, Back Oriface is a great program,
not only as a back door but also a tool used to control
another computer at work, or if a friend of yours who
doesn't know crap about computers, you could just install
back oriface on his/her PC and fix **** without talking... etc.
Its nice and small, and comes real handy dandy when you
don't want to get off your ass to another computer to do
whatever... I kinda like this program!
And Bill can take it up the oriface for all I care
Haha, if I had a dollar for every letter we got with suggestions for what Bill Gates can do
to himself, I'd be a very wealthy man right now.