ulTRAX'S ARCHIVE

TOOLS & UTILITIES



INTRODUCTION TO THE AUTOHACKER

Updated: 9-10-2000. Page design and Entire Site ulTRAX@webtv.net.


~ TOOLS & UTILITIES INDEX ~

INTRODUCTION TO AUTOHACKER: Before reading any further click here and watch the show. If the codes you see are NOT from the page itself, where do they come from?

The AutoHacker has been legendary in select circles. But its also somewhat of a misnomer. In its original form it's not really "automatic". Nor does it "hack". It may be more accurately described as a "cache reader". But, by whatever name it goes by, it's proved to be an invaluable tool over the past year.

The AutoHack takes advantof a Sidebar bug in the browser. It seems to randomly snag snippets of code from the browser's cache. This code need not be page code, though it can be. Often the snippets of data revealed are from in Browser activity we normally would never see. For the first time the AutoHacker allows us to peer into these hidden processes.

The AutoHacker has been responsible for many of the more interesting discoveries this past year. For example:

  • WTV-LOGS
  • DataDownload
  • Account Disabled
  • Login Sequence codes
  • Upload/Download codes
  • Upgrade Codes
  • WTV-SETUP:/GET-FROM-SERVER
  • Cookie Codes

    The AutoHacker even brings up activity from other users accounts on our box! Often you'll get to see part of letters written or read. It can also bring up what appears to be Alt-Key gibberish. Usually this is merely a gif's code made visible. Often you'll get the thumbnail gif code for the AutoHacker itself.

    Just what code the AutoHack will dig up is pretty much random chance. In fact, at times you may get nothing! At other times you may get repeats of data. Whether this repeat cycle matches the limit found on browser history tools has not ben studied.

    The only consistant feature is that the codes you get were involved in some recent Browser activity. Otherwise the results are not just random, they may be jumbled with snippets of other codes. For example, the WTV-SETUP:/GET-FROM-SERVER code, was first found using the AutoHacker... but it had to be assembled like a jigsaw puzzle over time from several sources. Now we know we can just access this list at WTV-SETUP:/GET

    USING THE AUTOHACKER: For a quick visit to an AutoHacker please visit here. Reload to get new results.

    Once you have an AutoHacker successfully loaded onto your HP, it's best to have it on an F-KEY. In this way you can instantly access it should you think there's some process you want to study. Say you want to look into the Login Sequence codes... you might want to do so as soon as you get to your WTV homepage. This is NOT to say the AutoHacker will be able to look back at a complete record of the Login-In Sequence... nor that any codes you get will be complete. Sometimes trying to make sense of what you get will be time-consuming and frustrating. A quick look at some of my old posts Login Sequence demonstrates how tenous making deductive connections can be.

    Another problem with the AutoHacker is that the results can NOT be C&Ped.... at least not yet. If someone can find a way to accomplish this, great! In the meantime, have a notepad handy or keep your VCR running. If you use a VCR be sure to set the recording speed for SP and have the TEXT settings set for large. In this way you will be able to send high-quality Vid-caps of code.

    While the AutoHacker can be addicting in its own right, there are techniques to maximize your chances of finding something new and interesting. I jokingly call it "stressing the box". This can involve trying a download, using poweroff codes, changing dialups, some unusual activity just to see if it brings up anything new.

    EVENTS SEQUENCE: As was stated, the code you get is random. But there is at least one clue as to its sequence. If you look at many URLs there will be something added: XX.text. The XX is a HEX code which seems to indicate the order in which events occured. The first would be 1.text, 2.text etc... until it went HEX.... a.text, b.text on to f.text. At that point it'd be 11.text... or whatever. Thumbnails also seem to be assigned a sequence code.

    AUTOHACK CODE: Mattman&Shahram/January '99
    Back in late '98 someone's (Possibly Prof. Frink's) miscoded webpage revealed some tiny bits of code that just should not have shown up on the page. Exploiting this Sidebar Bug gave birth to the AutoHacker.

    For reasons unknown, this code is both deceptively simple yet difficult to use. In the first category there seems so little to the AutoHack code it's difficult to imagine it does anything! As for being difficult, there are some spaces at the end of the code that are crucial to its operation. Why? Who knows.

    To grab the code just activate the cursor in the form box below and C&P whatever's inside. Then transfer that to your own HP.



    Otherwise you can directly transload the AutoHacker code to your site from here.

    CHAT AUTOHACKER: ?/April '99
    Sorry I don't have any details about this just yet... but there was another method that used CHAT to snag bits of code. It never seemed as efficient as the AutoHacker and it was much more difficult to use. It also only seemed to work on Classics. One advantage this method did have was the results could be C&Ped.

    METAHACKER: ulTRAX/MAY 99
    The MetaHack works like the AutoHack with a crucial difference: it works entirely WITHIN the box's cache while the AutoHack is reloaded from a HP.
    USING THE METAHACKER: The MetaHack is ideal for studying box processes while they are happening... say to peek into the TV LOG upload/TV LISTINGS download process.

    What I had done was set the Time for the downloads from the early morning to a time when I was awake. Once that time was actually established, just before then I logged on and let the box time out and disconnect. When the Box automatically dialed in for the daily listings, I found I was on-line as the box was up/downloading.

    In cases like this the AutoHack would have to be reloaded each time from your Site. This constant reloading caused the box to disconnect. Even if it didn't, it has to compete with the up/downloading and refreshes were extremly slow.

    Using the MetaHack (with a VCR) will allow you to get some of the codes and URLs used at this time. You just sit back as the MetaHack automatically refreshes the screen bringing up new codes.



    form>

    Otherwise you can directly transload the MetaHacker code to your site from here. Just remember to change the refresh URL to your own page.

    MANUAL CACHEHACKER: ulTRAX/June '99
    While the MetaHacker works from cache, its disadvantage is its Automatic Refresh. Unless you use it with a VCR, there's no way to stop a frame to write down its code.

    CacheHacking is really more of a technique than anything else. It uses TWO (or more) AutoHackers. One simply visits both in sequence. At this point they'll both be in RECENTS. For a demonstration, please visit BOTH here AND here. Now hit RECENTS.

    All one does is simply use Recents to manually alternate back and forth between the two AutoHackers. Like the MetaHack, this works entirely from Cache... no page reloading is required. The added advantage is that YOU control the pace of the page refreshes. At some point you'll get a sense of just what codes you've seen before and which are worth stopping to write down... or record.

    Another trick is simply to allow this alternating between AutoHacks to go on until there's quite a collection built up in cache, then simply keep hitting BACK. When you reach the end, simple go back to alternating AutoHacks in RECENTS.

    THE FUTURE: While Shahram and Mattman were able to create the AutoHack from the the original Bug in the Browser... it's not really been improved since them. It still does not seem to be able to snag more code, nor has anyone found a way to allow C&Ping of that page code.

    Elements of the Plus's pre-caching have been found on the Plus Hard Drive.... but it's mostly images. At some point, a more ambitious exploration of the Plus HD may allow direct access to ALL the cache functions. Till that day, enjoy!