display | more...
Canonically this expression almost always has nothing to do with telco MCI - except when used by phreakers making use of the onetime vagaries in the protocols observed by MCI and its equipment to do Things That They Are Not Supposed To, At Least Not Without Paying For It.

In the vernacular of the common BBS denizen, MCI here stood for Message Command Interpreter - though most bulletin board system users (and prolly most SysOps) never had an inkling of what the acronym expanded to.

What did these codes do? Considering that all the vital stats of all users of any given BBS could be considered little bits of data in a database, what these codes would do is list the appropriately-queried stat for whichever user happened to be online at the time. This way SysOps could hide the disconcerting little codes in menus to personalise them: --Hello, The Happy Flower Man! You have 01:25:13 minutes remaining for this call!

Different BBS softwares used different standards of MCI codes - PCBoard and Wildcat! nested them in @s (Hello, @NAME@!), while Renegade had two-letter codes after a percent sign and Telegard (later versions of which boasted more rare and exotic MCI code options - display of max timebank withdrawl (~RW) and date of first connection (~UK) for instance - than any BBS software then or since) similarly, but following a tilde.

Cute as they were, allowing for customization to provide the illusion of automated omniscience produced some problems when combined with the perverse and tricksy userbase of the average underground 0-3 day wareZ board, inevitably making clumsy attempts to use these features in ways they were not originally intended for fun, profit and evil. For instance, a not-uncommon exchange on a median Renegade board would be for some loser to post a message like this:

Hey, you guys! I just hacked into %UNs account and you'll never believe what his password is - %PW1! What a lamer!!!! What's more, he lives at %AD and his birthday is on %UB! We control the horizontal, we control the vertical - nothing is safe from the UndErgROunD iNForMAtIoN kREw '92%^&#!
The experienced users would sagely nod at the setup and resist replying, knowing better - and any benevolent SysOp worth his or her salt would nuke the post on sight, assuming they'd made the mistake of enabling MCI code use for nonsuperusers in the first place - but once in a while some naive reactionary would unfortunately come across the message first and get worked up into a froth about it:
I dont know who you phucking lamerz are or how you ever figured out that my password is "69DUDE" but If I ever find one of you in a back alley Im goin to puind you're face in with a 2x4!!!2
The inevitable response to which, of course, would go along the lines of "Dont You know about MCI codes you Ankie?? We didnt Actualy know that was you're password - but you Just gave it to us!!! And it also worked on all the other boards you call!! Dont you have Different passwordz you LAMER!! YOUR THROUGH IN THIS AREA CODE!!!" Account deletion would ensue - sometimes of the violators, sometimes of the victim, sometimes of both - violators now taking free license with accounts of the victim here and elsewhere 8)

After witnessing this one or twice, observers would become inoculated to the disease of indiscrete and hasty reply in uncertain company 8)

I will beneath recount another, less-common MCI code exploit quoting directly from Issue 9, Volume 2 of the esteemed underground h/p/a/v/c e-zine...

* * * T H E   A B U S E R * * *



While i think Renegade is the best BBS software out there, there are still lots of bugs. Most of these bugs that i have found have to do with MCI Code Support. Cott Lang is pretty stupid to allow MCI access all over the board... Anyway, i will show you an example of how to crash a RG board with MCI codes.


Logon as a Newuser and put your handle as "HA%UN". Then fill out any info you want for the other questions. Now after you answer all the questions and enter your new password, it will go to the NEWINFO.MNU which on most boards will display an ansi file that shows your stats just in case you typed in the wrong thing. Now when Renegade displays your Handle it will scroll


all over the screen. You probably know why by now, but i will explain anyway. It's because after renegade displays "Ha" for your handle, it will then display the MCI Code for Handle and will be in an infinite loop. The SysOp can't just hang up on you, he must Reboot the computer completely (and if you're lucky, maybe he'll get some lost clusters).

Now you can do this same method with any of the other questions. They all have MCI codes of their own.

And remember to do this late at night or early in the morning when the sysop isn't around so he doesn't know how you did it. He will see from the sysop logs that there was a newuser logon, but since you didn't actually save the information, it won't write what handle you entered in. He might put in an NUP after a while, buy hey, it's gets a little old after entering it on the same board all the time...

* Now how the fuck do i prevent lamers from doing this to _MY_ board?

That's simple. Just edit the ansi that you have for the NEWINFO.MNU that displays the person's info and take out all the MCIs. Just write the options to change the info, but don't show the info that they wrote in. That ansi should be the only place it displays the person's handle in the new user process, unless you give the user access to your board right when they apply. Then you're fucked... It is pretty annoying for the users, but it's the only thing to do, and is worth it when you wake up at noon and find that your computer was scrolling "Cafbl Rules" all over the screen since 5 in the morning.

Another method to keep your board from being crashed is the TRASHCAN.TXT file. This is an option for Renegade that Cott Lang didn't write in the Doc files. You see, if you make a file called TRASHCAN.TXT and put it in the Renegade MISC directory, then you can specify what user names you don't want. This is also helpful to find out if someone tried this method of crashing on your board, because it will write the following in the Sysop.Log if a name on the list was entered -

* New User Logon
Unacceptable Name: HA%UN

You can't just write "%" in this file, because it only checks that the whole Handle isn't blacklisted. (maybe cott _did_ make it for blacklisting, but didn't want warez pups to know about it). You can plainly see when you hex edit the RENEGADE.OVR file that under the question "Enter your New Handle", it says TRASHCAN.TXT.

1 Actually, I couldn't dig up the authentic RG password code, so that one is a fudge. *update* - as it turns out, it seems to have been an authentic fudge!

2 Even if the user wasn't so tremendously stupid, as in my example, to restate their own password, often it would be supplied indirectly in automatic quotation of the text from the message to which they were replying - particularly the text which contained the MCI code output to them, full user information in plain text and all.

It's been a long time since I last thought of MCI codes, but assuming that the example at the bottom of the E2 FAQ: Chatterbox doesn't explicitly name me, it seems that they're still with us in different forms. Perhaps we will find new and unplanned uses for their contemporary application also 8)

A list of Renegade BBS MCI codes (because really, why would you be interested in hacking the userbase of a board running any other software? 8) follows, taken from DaS (Digital Anarchist's Society) InfoFile #007 (viewable in full at http://members.tripod.lycos.nl/deltasitez/text/das-007.txt, and thanks yam for digging it up 8):

         Account balance                        %AB
         User's address                         %AD
         Aborting off                           %AO
         Baud rate                              %BD
         BBS Name                               %BN
         BBS Phone                              %BP
         Clear screen                           %CL
         Current Message Number                 %CM
         Current Conference Name                %CN
         Credits                                %CR
         Current Conference Tag                 %CT
         User defined answer #1                 %D1
         User defined answer #2                 %D2
         User defined answer #3                 %D3
         Date                                   %DA
         Debits                                 %DB
         Daily download limit                   %DD
         Delay                                  %DE
         User's kbytes downloaded               %DK
         User's number of files downloaded      %DL
         User's Download Security Level         %DS
         Date of subscription expiration        %ED
         Days left until expiration             %EX
         Current File base number               %F#
         Current File base name                 %FB
         Free Kbytes in current file area       %FK
         User's first name                      %FN
         Mr. or Ms. by gender                   %GN
         Highest Message Number Available       %HM
         Kbyte daily download limit             %KD
         U/D k ratio                            %KR
         User's last call date                  %LC
         Line Feed                              %LF
         User's last name                       %LN
         User's Location (City/State)           %LO
         Current Message base number            %M#
         Current Message base name              %MB
         Time left in minutes                   %ML
         Minutes online so far                  %MO
         Messages remaining left to read        %MR
         Node Number                            %ND
         U/D ratio                              %NR
         User's terminal emulation              %O1
         User's screen size                     %O2
         User's screen clearing toggle          %O3
         User's f/s editor toggle               %O4
         User's screen pausing toggle           %O5
         User's hotkey toggle                   %O6
         Pause                                  %PA
         Post/Call Ratio                        %PC
         User's phone number                    %PN
         Pausing off                            %PO
         User's number of posts                 %PS
         User's password                        %PW
         Batch Queue - Download #               %QD
         Batch Queue - Upload #                 %QU
         User's Real Name                       %RN
         SysOp defined category #1              %S1
         SysOp defined category #2              %S2
         SysOp defined category #3              %S3
         Total system callers                   %SC
         User's Security Level                  %SL
         SysOp Name                             %SN
         User's sex (Male/Female)               %SX
         User's total calls                     %TC
         User's number of downloads today       %TD
         Time                                   %TI
         User's kbytes of downloads today       %TK
         User's Time left                       %TL
         User's age                             %UA
         User's birthdate                       %UB
         User's calls today                     %UC
         User's kbytes uploaded                 %UK
         User's number of files uploaded        %UL
         User's Handle                          %UN
         User number                            %UU
         Renegade version                       %VR
         User's Zip Code                        %ZP

Log in or register to write something here or to contact authors.