💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › CITRO › citro-2.phk captured on 2022-06-12 at 10:40:01.

View Raw

More Information

-=-=-=-=-=-=-

        ,--------.
        |        |  __                                   __
        |   ,----' |__| ,--.                            |__|
        |   |           |  |_
        |   |      ,--. |    |  ,--.--. ,-----. ,-----. ,--. ,-----.
        |   |      |  | |  ,-'  |   __, | ,-. | | ,-. | |  | | ,---'
        |   `----. |  | |  |    |  |    | | | | | | | | |  | | |
        |        | |  | |  +--. |  |    | `-' | | | | | |  | | +---.
        `--------' `--' `-----' `--'    `-----' `-' `-' `--' `-----'
                               October '94

        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      XXXXXXXXXXX  XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    XXXXXXXXXXXXX  XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX  XXXXXXX
   XXXXXXXXXXXXXX  XX      XX  XX  XX X   XX      XX       XX  XXXXXXXX
   XXXXXXXXXXXXXX  XX  XX  XX  XX  XX  XXXXX  XX  XX  XXX  XX  XXXXXXXX
    XXXXXXXXXXXXX  XX  XX  XX  XX  XX  XXXXX  XX  XX  XXX  XX  XXXXXXX
      XXXXXX      XXX      XX      XX  XXXXX  XX  XX        X     XXX
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
                                Number Two

               Citronic Journal is a 'Cyberpunk' Free Zone
          Citronic Journal holds the British Standards Kite Mark

  ?i?r0?i? - Citronic - ?i?r0?i? - Citronic - ?i?r0?i? - Citronic - ?i?r0?i?
   
              ---->     |-|ar|)c0r3 T3cH|\|0pHi11iAcZ     <----

        +--------------------------Contents-------------------------+
        |                                                           |
        | 1) Messages from Dah Krew                                 |
        | 2) Rumourz n' Info                                        |
        | 3) Red Boxing - The Canadian Way    **** by SparHawk ***  |
        | 4) JANET <--> Telnet Gatewayz                             |
        | 5) Notes on Beige Boxing                                  |
        | 6) Inwardly Boxable UK Chatline     **** by SaintHalo *** |
        | 7) Prosecution Security                                   |
        | 8) Hacking Answering Machines                             |
        | 9) Dah Last Bit                                           |
        |                                                           |
        +-----------------------------------------------------------+


                    "Switch On - Jack In - Phreak Out"

   "The FBI can do nothing in cases of oral-genital intimacy unless it
              affects interstate commerce" - J. Edgar Hoover

  ?i?r0?i? - Citronic - ?i?r0?i? - Citronic - ?i?r0?i? - Citronic - ?i?r0?i?

an119774@anon.penet.fi   an119774@anon.penet.fi   an119774@anon.penet.fi 

                                 |)izc1aim3r
                                 ~~~~~~~~~~~
        If anyone does any of the stuff mentioned in this file there is 
a possibility of getting busted and being put in jail forever. If this 
happens don't come whining to us 'cos we'll deny everything and act real 
innocent. Also any meteorite hits on planet Earth are nothing to do with 
us. Everything in here is for informational purposes only and anything 
carried out is entirely at your own risk.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                          Messages from Dah Krew
                          ~~~~~~~~~~~~~~~~~~~~~~

First of all Citronic iz:

HarLeQuin       - Dah G0DfaTher
Grim Reefer     - Dah N0vEl NeT SurFeR
Pulse           - Dah Cellular hItDeWd
Nosferatu       - Dah MiDniGhT f0x
SparHawk        - Dah Inf0 WhIrlwiNd
SaintHalo       - Dah DaTa FlAsHfL00d
CyberSpacePyr8  - Dah RAMrAideR pHr0m hELl

HarLeQuin sayz:

        Well here we are again with the second issue of Citronic
Journal. And once more it's time for my bitch-at-the-computer-
underground.
        The computer underground is supposedly based on freedom of
information. This is crap. The computer underground, like the rest of the
world is based on money and status. For example, h/p BBS's that only
allow you to connect at 9600bps or above. An excellent example of
information elitism. 9600bps modems can be bought second hand in the UK
for about 50 pounds, which I admit is not particularly expensive.
However, for your average 16 year old phreak/hack this IS expensive,
very expensive. So the BBS's represent freedom of information for rich
boys and girls who get money from their parents. Also all this crap
about 'machine elitism', like 'Amigas are shit, I have a Pentium,
they're eleet' - again bullshit. Since most hacking is done on a
terminal, a 8088 with a mono monitor is sufficient, but of course unless
you've got money - your a lAm3r right ?
        Then there is status. How many times have you heard on IRC 'Fuq 
0fF s00pErHaq U R lAm3 !' This hypocrisy is exactly what the computer 
underground is *supposedly* against. Keeping information to your close 
ring of friends, only the people you think are 'eleet'. Hmmmm, isn't 
this what Corps and Governments do all the time. Only giving information 
to those deemed privilidged enough to have it. If information is for 
everyone then regardless of what you think of a particular person, they 
have a right to have that information. Then again, if you deny that you 
are for 'freedom of information' you are no more than a common thief, 
stealing net access, online time, and credit. If you are happy with 
doing this, fine. But please, don't spout this bullshit about 
'information is for everyone', we know you're talking shit.
        I do not like nor condone the 'eleet', this does not mean I do
not respect peoples technical ability. If they are a great hacker or
phreak, this is due to their hardwork, talent and dedication. I respect
this and I am in awe of their ability. However, being banned from BBS's
and IRC channels just because you're not with the 'in' crowd is
hypocrisy we could all do without. In my experience all the great
hackers and phreaks I know (and I do NOT count myself among them) do not
shoot their mouths off, do not slag other people off, and are always
prepared to help the hack or phreak who is a begginer or who does not
understand a particular concept. 
        For example, on the #hack channel, someone came on and said 'Hey 
I've found a way to fake mail from root on my unix net !!!'. The reply
they got was to be kicked and banned. 0K, so its very simple, this does
not mean they are lame, it means they have some learning to do. The
people who think they can prove how 'eleet' they are by shitting on the
newbies are doing nothing except proving they are wankers and stiffling
the future of the underground.

        On a lighter note, I have had alot of positive support both for
Citronic and the Citronic Journal. Thanks guyz and galz. We do
appreciate it ! 

        At the moment many of the articles are UK based. This is mainly 
because I write nearly all of them. Hopefully the info will still be 
useful to ya or if not, an insight into the UK scene. So, if ya want 
some articles specific to your either
a) Write one or
b) Get some-one you know to write one.
I would appreciate a wide variety of articles, so get round to writing
them. We'll clean up the grammar/english/whatever. So get tapping.
Although I am happy to keep writing articles my knowledge and
creativeness are not endless, so the journals will either become very
short or very repetative. Anything will be appreciated !

        Sadly Pr0d1gY has left us. On a friendly note though, he's been
busted one too many timez and feels he can do without the hassle. Not
that I can blame him. However, we welcome SaintHalo and CyberSpacePyr8
who are both serious h4rDc0rE h/p hItdEwdZ...

        I have now joined the ranks of the CyberTrendies and have 
aqcuired a cellfone (not connected mind you). A Nokia 101, I have the 
access code and can change the NAMs and stuff, but if any1 has any 
programming software or programming leads for it... give me a mail ! 

My Helloz for this issue are as follows:-

  BadS - Meeko - Phantasm - AlfiWalf - Mini-Master - Maelstrom - BooYaa
                            "Dah UK H/P Mafia"

                     CyntaxEra - cF - Radikahl- Lapse
                    "International DewdZ - H/P Mafia"

                    King_Dan - Aladar - Xalopp - Ruede
                        "Virii Dewdz in Yer Face"
                          "(and in yer c0de !)"
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                             Rumourz n' Info
                             ~~~~~~~~~~~~~~~

        This is a new and I hope regular feature of the Citronic 
Journal. Basically rumours are part and parcel of the computer 
underground. 50% are usually true and 50% are usually completly false. 
But if we publish all that we hear it'll give you something to work on ! 

o There is a way to box global from the UK
This is not a rumour. This is actually true. But the people who know are 
keeping their mouths shut. The rumours on this subject are as follows : 
         The breaks are non-standard. It uses R2. It uses CCITT5.
Well, non-standard breaks seem feasable. But I have heard two different 
things about the signalling system. I called Yugoslavia direct (Yugo 
uses R2) and said "I am a BT engineer etc etc. We have had trouble with 
some of our lines have you had anyone phone up and as soon as you 
answered have the line go dead on you, possibly after a short tone... ?" 
Basically the operator answered, "Yes, we have had lots of 'kids' 
phoning up for a joke recently and then putting the phone down". Also I 
know of a Mexican guy who uses R2 to box global of Yugoslavia... Hmmmm, 
anyone cracking this one gets a big pat on the back from me. I've tried 
and am still trying with no bloody luck !

o Most PBX's have a direct dial number that gives you a dial tone 
instantly and lets you simply dial an extension without all the 'Welcome 
to Super Corp' messages... Also on most of them you can dial 9 (after 
getting the direct line) and get an outside line, letting you dial out. 
This was told to me by a person who works for a private 
telecommunications company and writes software for VMBs/PBXs

o HarLeQuin is stunning in bed and is wanted by women around the world.
Again, this is not rumour, it is 100% true. I swear. Honest :-)

o There is a bug in a version of linux that lets you log in as -froot or 
as -fguest and logs you in as root or guest respectively (no passwd 
needed). I haven't really tried this much, only on about two systems, so 
whether these were patched or not I don't know. I am inclined to think 
this is false, but if anyone knows otherwise....

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
                @    ReD BoXiNG -                        @
                @              THe CaNaDiaN WaY          @
                @                          BY SPaRHaWK   @
                @                                        @
                @     Oh yeah... That Canadian guy...    @
                @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

        y0y0y0! Spar's here with his phreaking tips from up north! 
Today's topic boys and girls, is red boxing the welfare way. Since 
Hallmark Inc. is too 31337 to produce their digitally recordable 
greeting cards in Canada, and I'm basically too lazy and too dangerous 
with a soldering iron, and I'm not even going to THINK about handling 3. 
xxxxxxxxxxxx crystalz, I do all MY red boxing with a sturdy 5 year old 
Sony Walkman.

        And if you're from the USofA and you're reading this, the tonez 
aren't fer you... I've heard from everybody on #phreak that it doesn't 
work there anymore, kiddies! Too bad. If you find out how to do it there 
mail me- sparhawk@aladar.pmmf.hu.

        Anyway, basically what you need is a walkman, a cassette (the 
higher quality the better, although it probably doesn't matter too 
much), a tape recorder that you can record the tonez with, a sound card, 
and a brain size _slighty_ larger than Stimpy.

        The basic theory of red boxing is this: When you drop a quarter 
in the slot, on some phones you can hear a tone being made... Its a 
series of high pitched beeps. This signals to the Telco that the person 
at the phone has just dropped a quarter in. Hence, what a red box does 
is produce that tone.

        The tone for 5 cents is 3900MHz played for 35 milliseconds. So 
if we want a quarter, we make five of those tonez at 35 millisecond 
intervals. So what it looks like is this:

         BEEP____BEEP____BEEP____BEEP____BEEP
         <35><35><35><35><35><35><35><35><35>

        But it sounds more like bebebebebe. The human brain receives 
this information very fast, so when Zircon and I made it for the first 
time, we were going to do it over because we thought we only heard 4 
beeps. Trust me, there are five. I will include a TP program to do this 
over a PC Speaker at the end of this... Look in Phrack XX for a 
REDBOX.EXE for Adlib.

        Make sure to record about $7 or $10 worth. Remember that the 
more you record the less you have to rewind.

        Once we have this on tape, we stroll along to the nearest 
payphone and dial 1-902-YOU-WISH. We wait for the operator to come on 
saying: Please deposit $2552.46 for the first minute. Then we put the 
earphone of the walkman right on the speaker, have the volume up to 
full, and press play. We count the quarters until we have enough, and if 
the operator says something like "I asked for $4.56 and you deposited $4.
75. Do you want your money back to start over?" just say something like 
no, you're in a hurry, just put me through... And then your call should 
be put through.

        One major drawback of this method that we discovered is that you 
have to make the call operator assisted or it doesn't work. The variance 
in the walkman is too great to fool the machine. You _can_ do local 
calls but you have to dial the operator and say something like the 
keypad is a bit sticky, could you please dial the call for me. That's my 
line, so try and think of something original. =)

        You could probably do one that produces the tonez exactly by 
building an actual red box with the crystals and whatever, but I'm too 
lazy and non-inclined with a soldering iron to do it. =) 

( u 0n #P|-||234/<  !!!!!

REDBOX.PAS:
----------------------------Cut-Here-----------------------------------------

uses crt;
var i:integer;
begin
 for i:=1 to 5 do begin
  sound (3900);
  delay (35);
  nosound;
  delay(35);
 end;
end.

----------------------------Cut-Here-----------------------------------------

        I haven't tried it yet, but the tonez will brobably work if you
produce them with a PC Speaker because that is what the speaker is made for:
Producing accurate tones. If you try this and it works, mail me at the
address above.


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                         JANET to telnet gateway
                         ~~~~~~~~~~~~~~~~~~~~~~~
+------+
| NOTE |
+------+

        The menu system has been upgraded at this site. However, the bug
has not been fixed, so the same menu options still apply and this bug
will still drop you to a telnet> prompt as of 1.00pm 27th Sept '94.

History and Dialups
-------------------
        JANET is an acronym for the Joint Academic NETwork. It was the
original internetesqe network that has been around for many years
linking british 'higher education establishments'. The original JANET
runs at 9600bps (ack) although the introduction of SuperJANET means
massive increases in speed to near Novel data transfer speeds. However,
not all .ac.uk sites have SuperJANET installed...
        The advantage of using JANET as opposed to telnet is that after 
going through a certain number of JANET gateways, the call cannot be 
traced to the originating site. Also many British universities have 
JANET dialups where you can dial-in anonymously and get JANET access.
        Almost every university that has JANET access has a dialup
number, there are lots of them, but I'll list a few below.

Heriot-Watt University (in Edinburgh)                   0314 495941
Strathclyde University (in Glasgow)                     0415 228467
Bath Uni                                                0225 448898
Durham Uni                                              0913 742832
Leeds                                                   0532 461514

NOTE: Not all dialups will allow you to call JANET sites by name, or
they may only allow restricted access. The dialup I usually use only
allow 40 or so named servers to be called. However calling them with
there JANET X29 address usually bypasses this. If you don't know the X29
address of a site calling nott.info or on inter telnetting to 
info.nott.ac.uk will give you a lookup facility, so you can enter the
site name and it will provide you with its X29 address...

Gateways
--------
        There are other ways to get telnet from JANET.... Calling the
NISS service will provide you with a guest telnet prompt. However,
everything going thru here *is* logged. I know this for a fact. Also it
prevents you from calling .uk telnet sites. Although it will permit you
to call some them if you use only the IP number rather than the host
name.
        The Birmingham site also provides a guest telnet service (log in
as telgate) but this is undoubtably logged. Part of the JANET
regulations state that all gateways must have the *ability* to log all
data going thru them or not. It would be safe to assume this happens at
bham.acsis
        The Birmingham site however has a bug in its software that drops
the user to a telnet prompt when it fails to connect to a gopher site.
The log below is the process of how to get the prompt. All lines
starting with /* and ending with */ are my comments....
        To get to JANET from the internet, you can telnet to 
acsis.bham.ac.uk and log in as x29gate. Although almost all universities
are internet connected, JANET is still phun to play with :)

/* to call via JANET either use its site name or PAD> address...*/

PAD>call bham.acsis

/* or ...*/

PAD>call n000020060300

/* or you can telnet to acsis.bham.ac.uk */

Calling Name Server 
Connecting...
Connected


/* Note the amount of useful stuff on the menu :)) */


      Connecting to the Gopher System

        at The University of Birmingham, UK.





You will need to specify which Gopher Server you wish to connect to.
[Hit RETURN for the Birmingham Gopher Server; Q to quit.]

Please enter IP Name of Gopher Server: 

/* Press [RETURN] for the default server */

Receiving Directory...         

Internet Gopher Information Client v1.03

University of Birmingham Academic Computing Service

-->  1.  About the Birmingham University Gopher.
     2.  Campus Information Service at Birmingham University/
     3.  Usenet News Reader/
     4.  Other Birmingham Information Sources/
     5.  UK Gopher Servers/
     6.  Some World Wide Gopher Servers/
     7.  Koos Van Den Hout's Interesting Gopher Links/
     8.  University of Minnesota (World Wide Root Server)/
     9.  Swedish University Computer Network (European Root Server)/
     10. Finding Gopher Resources/
     11. Gopher Searching Facilities/
     12. Campus Wide Information Servers & Library OPACS/
     13. Internet Finger Servers/
     14. Other Internet Facilities/
     15. All the World's Gopher Servers/
     16. School Gophers/
     17. BTs Electronic Yellow Pages <TEL>
     18. X.500 Gopher Gateway/

Press ? for Help, q to Quit,u to go up a menu 

/* At this point choose menu option 14 */

Move To Line:14
   
Other Internet Facilities

-->  1.  Hytelnet Server [Login as hytelnet] <TEL>
     2.  InterNIC/
     3.  Internet Chess Server <TEL>
     4.  NetFind Service <TEL>
     5.  UK Archie Server <TEL>
     6.  WAIS Based Information/
     7.  World-Wide Web [Login as lynx] <TEL>

Press ? for Help, q to Quit,u to go up a menu 

/* At this point choose menu option 3 */

Move To Line:3


Warning!!!!!, you are about to leave the Internet
Gopher program and connect to another host.
If you get stuck press the control key and the ] key,
and then type quit

Now connecting to valkyries.andrew.cmu.edu
Press return to connect, q to cancel:

telnet: Unknown host valkyries.andrew.cmu.edu
telnet> 

/* Boom, you are dropped to a telnet prompt. */

        I have used this for several months with no problems. 90% of the
time it works, sometimes it will hang at the 
Press return to connect, q to cancel:
prompt after you have pressed return. But usually waiting a while will
result in a telnet prompt.

        0K ? Good, have phun with this and remember. I didn't say traffic
isn't logged through here, it's just less likely to be...  But they 'aint
got me yet :-))) Mwuahahahaha

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                          Notes on Beige Boxing
                          ~~~~~~~~~~~~~~~~~~~~~
        I've been messing around with beige boxing and the like recently
so here's just a few notes that might help ya out. The best file/s I have
found on beige boxing were in CoTNO, so check out Field Phreaking I & II
in CoTNO Issue #1 it's excellent.

Beige Boxing off BT Payphones
-----------------------------
        Most lines coming out of telephone boxes go underground
(especially the newer steel and glass phoneboxes) however with the older
red phoneboxes the line often leaves as a cable, perhaps leading up a
telegraph pole. This is especially true in small villages and more rural
areas. This is what you want to clip your modified phone onto.
        After attaching your phone to the line, it ceases to have the
same restrictions on it as dialing from the payphone would have. For
example, you can call the BT test numbers, such as 174, 176.
        I would recommend hanging the payphone up while beiging off its
line, as lifting the reciever causes a nasty buzz on the line. Also the
payphone ceases to function, although you can hear the conversation you
cannot speak thru the payphone handset speaker.
        I have built a gold box (a diverter, sometimes called a Cheese
box) which I have yet to try, but I'll report on if it worked probably
in the next issue if I get round to it...

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                       INWARDLY BOXABLE UK CHATLINE
                       ~~~~~~~~ ~~~~~~~ ~~ ~~~~~~~~


   There is a new chatline fer aLL u cuNtz who st!LL dont know, hehe. It
   is sited in Trinidad, Jamaica. Here :


                     [0800 899 843]  KP2-59211010-ST
   

   Unfortunately it is *total* crap as there are no real phreaks using it
   and u wiLL get kicked off every 10 mins, but weLL its nice 2 know it's
   there... 

   [ N.B. !F w3 caN GeT sUm PhrEAkz 0n iT, tHeN iT w0n'T b3 cRaP !!
     s0 AlL y00 UK PhrEaKz - geT b0xIn' AnD taLkinG !!  - Harl     ]

   I wiLL be setting up an InterNet H+P site in the UK in the next month 
   or so, if u are interested in helping me out then mail 
   an107853@anon.penet.fi. 

   Ta.

   .sainthalo. 
 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                           Prosecution Security
                           ~~~~~~~~~~~~~~~~~~~~

        After talking about the recent busts with various hacks and
phreaks it seems to me that if the police or feds did make a casual
visit to your trusty hard-disk you would be buggered. The only way the
police can prosecute you is if they have *evidence* which most h/p dewdz
leave liberally scattered around there hard-drive and floppies. The
simple answer to this is:
a) Completely destroy unwanted files
b) All dodgy files that are stored must be PGPed with a 1024bit key and
   a long pass phrase.
This effectiveley means if your data is visited by the cops, you will 
have no trace of anything dodgy and everything else will be PGPed (and 
you won't tell them the pass phrase - 'cos you've forgotten it). This 
means, when you get some new h/p WaReZ and unpack the archive, shred the 
unpacked files afterwards and store the archive as a PGPed file. When I 
mean shred I mean completely overwritten (at least 3 times) and the file 
renamed to something like XYXYXYX.XYX, then deleted.
        To this end I have included a very simple file shredder I 
knocked up (for MS-DOS). It only took me 10 mins or so and therefore is 
quite basic but will serve its purpose. Any half decent k0der with a 
half hour or so should be able to come up with something more effecient 
and effective. 
        I personally use SHRED.EXE that is packaged (or used to be 
packaged with) Dr. Solomon's Anti-Virus Toolkit. Norton also do very 
good utilities that can shred disks as well as files. 

                             -*- REMEMBER -*-
                     'If you can't be good be careful
    If you can't be careful - develop a liking for bars and 7x4 rooms'


------------------- CUT HERE -----------------
section 1 of uuencode 5.15 of file shred.exe    by R.E.M.

begin 644 shred.exe
M35I%`0H````'`(H$1J0U`0`


gemini - kennedy.gemi.dev




````?#_4`````4!4$M,251%($-O<'(N(#$Y
M.3$@4$M705)%($EN8RX@06QL(%)I9VAT<R!297-E<G9E9`#0``T`8@`;`$8$
M1J2X`0!```"(!0``'````````````+BX!;HN`8S;`]@['@(`<QV#ZR#ZCM.\
M``+[@^L9CL-3N<,`,_]7OD@!_/.ER[0)NC8!S2'-($YO="!E;F]U9V@@;65M
M;W)Y)/V,VU.#PRT#VHS-B\*`Y`^Q!(ORT^:+SM'I3DZ+_BOH*]B.Q8[;\Z7\
MCMT'!K\``3/VK96Z


gemini - kennedy.gemi.dev




#K+)"ME;(0ZS6ME;(0ZS:ME;(0ZSNME;(0ZUVME;(0
MZUZME;(0ZU^ME;(0<@BDT>U*=/1S^#/),]O1[4ITQ='3T>U*=,31TX7;=!?1
M[4ITO]'3@/L&<@O1[4IU!*V5LA#1TRZ*CUX!@/D*='0SVX/Y`G0JT>U*=)UR
M(]'M2G2<T=/1[4ITF]'3T>U*=02ME;(0T=.`^P)S%2Z*OVX!K(K85HOW*_/Z
M\R:D^U[K@='M2G4$K96R$-'3@/L(<MO1[4IU!*V5LA#1TX#[%W++T>U*=02M
ME;(0T=.!X]\`AM_KO:P"R(#5`#S_=8);B^N#PQ`SP*R1XPZM`\..P*V7)@$=
MXOGK[*T#P_J.T*V+X/NM`]A3K5".Q8[=,\"+V(O(B]"+Z(OPB_C+`P`""@0%
M````````!@<("0$"```#!`4&```````````'"`D*"PP-```````E4TA2140@
M+2!!(&9I;&4`"2!S:')E9&1E<A)7:&%0`'0@96QS%3\>*&,I(#


gemini - kennedy.gemi.dev




`#DY-"!(
M87),95%U:6X@;V8`H"!#:71R;VYI8R]4;R!CX{body}lt;)=&%C=!0@;6%!05`@86XQ
M-S<W-


gemini - kennedy.gemi.dev




5H`D5+G!E;F5T+@"<:!A54T%'12`Z("8`?5MZ;F%M95U5B>4Q`*#`
MFGP"S0"_8`,>5YKG!7B!"II&#[\```Y7:B*[$;8&%@4;)MYU#QL&*D4?*AW0
M=1DJQ@9(`@#)PY#8.T?^N``!%*C_@>P)C;X`_Q:!(BD180EW2`%WBJ)H_W4.
M!PV`/@`Z#@!U!>C/_NM4"[I'#?0!#REM`1C5`D#0``P@3D]4($9/54Z9WM8A
MF0*9PDD)QD;_@W1941ND_OZDG;\7!4`"6II[`%P`7P<F@#TYYZ`I<1R-#G&_
M&`()?>L3OVX&1``IFI2**E1@`8H$A@`'#T%B;W5T('1OH*A0(!8@80<@>122
M`!!U"3\@*'DO3BF3C2"?,@"?@^PR4^]VG0!J`SHW@JT!@@L&@IK`+@\#:P"(
M1M,[>@A(TU":Z7-0*/T'5`,H&SQ9=`/<4.E


gemini - kennedy.gemi.dev




5J-?M06$B2Z`/J#/DH"`!LI
M&S<!TYH)`SJ+``!&[HM6\(E&SHE6T+@!`#'2!0H["']#?`4[$G<\!5"C2HD6
M1@'K"H,&I%T*`8,+`#]=R5H'@J$ABR!413YU0SQUS3]`J%D:7@.C#PY[&T`H
M]61E;&5T941DEC8@<B`.`H`!#$%"0T1%1D=(+DE*2\6'K0[2#@(.D@1(HPP.
MK@00#O^+&@[_{body}amp;\X#AL\674C*/'#Q5":$@EN>MOJ^P@.ZM,*`.X,9E4_&`5Z
M!P``%NCM^^B#_`C`=`;H&X"4_>@F_^C-_\D;Z3\**@%5B^SF4!X``,5V#(U^
ML!8'_*P\3W("L$\`@)B1\Z0RP*K%5@:T&LTAC58""AL?BTX*M$X,'\0%F'Y/
M(`"+Y5W*"F[4/AXD'[1/!:0*'`0`&@1R':``@\<>'@8?1;D``?SRK@`%]M&*
MP4^+]T[]6*H?,S`5P*-*`L,]_'D&0"&LBM@R_P/>/`Y'5A4VB0H0R#+M?T\4
M";@`0U\.0EY><@9@0O?!&`!T)2<[\W0=%5!$JSMT!ZJ*X(`"#G7T@/PZ=,(%
M7'2]L"!17*KKN(O')RO'2$4/:XP(``(!


gemini - kennedy.gemi.dev




`>Z"A+`AY7#FQ<Z"(#"9H


gemini - kennedy.gemi.dev




R@.
M7A,/`PP!9WI=R[0/``7HV`4\!W0*/`.HN`,`"@KH5@.A`+0(L.C``!0%BL0D
M?Z)<`J)2`HRBI0!-"%T#7@)`HDP"`("X0`".P+]L`":*!28Z!73[I!0(N?\R
M0!DW``H`D??0,]+W\:-8>`X?($FZ+0&X&R7>P[HS0"+")H`FAP#^;P8\!(`"
MA0-0M&Y9!5@*0`'D="VX$A&S#4P%N#`1%*"W`+(*0@6`^BIU%E05,@XR1`.Y
M`)``!N@N!;02LR#H)P7#>!6W(050+!9#L4`!``K2=0BR&,=W`K$!BE``\HK4
M_LI=@/X8=@*T`0"`HU`"B19:`H@.3P+&!DX"`8`$GE025@+#4`"A'KAM`8[8
M@#Y,JJ"6!1W?`1]8SPJF#P@`=0'#


gemini - kennedy.gemi.dev




"BJC_-%K!,```&Z_2P7N@=`[!#Z!@#
MZ`X`%`/-(XO<-HM'!.@C^FX65/^@*,HPHB@5BE<*!'<(!`J`3P8$;P0ZT7<G
M.O5W(P*@DG@?_LYX&_[).@X`I8YW$_[-.BY;"`M2E8J.#H[T`T"AS.P&BCXH
MB4J+#A6+H^@Y!"K`!POH)@/+Z!L#RP0=RHH;'@3+N!1@`0?K%@{body}amp;4.C^`EA*
M)AN*.(KN.CI`[>YU`C+`Z/DYDZ0DBW<$@P)-<I)"%SH@=Q&-`C95014."3HV
M5P[3PT$*`M?HMC_"*D4I!B7^P'&J#&7.Q@Q5#$0"H.RH\'0$)`\,@(`F\!=J
M<`@&\1HD,-T'L032X!B/$XH8#/?+@`X&",L#$QY%BU>P2`0+TG040C/_L!0Y
MZ5C*!DB%`$IU]C2[@4MU_2`F5.'UPRU?```$N-TTNA(`.]-S&O?SB]CD``!A
MJ`-U"`P#YF&PMN9#BL/F5!9"BL<$.1DD503\%6X^70P`N@BTL`!T`K!5)`%Z
M{body}lt;8&%0I0B<!U$C+D%P@*B"9"$!$*Y'6!Z!,)*/Z5'C;%?P3'11`%"M<%!(``
MC84$B44H``R,70X/$%P#C$T2QD4$;C``'QTK`$"XE`.[<@2+RX%]`K'7=`I"
M*3JRU[A!$=@V!044+A:)71@&&HE-A1D<!AXSP#@:"@DY)HM55`$2DH&H";$
M?0PS&P#;F`[H7/^Y`0`\"'0``#0\$W0P/`1T1$D\&W0G/`


gemini - kennedy.gemi.dev




`'0C/`9T-SP:
M=$8\#71//"```'+/.]ITRR:(`4/HF``[WG8``,"+\^N\"]MTN+`(Z(<`L""J
M`.B"!0I]`$OBZNL%$J0@=*`FB@$VF>@`@FH`0^+OZY&`/DTF`.6*0>L*Z$X`
M)L<!#62I"D-#F:4FNBHVE;@*7>4V54K$Y*=-$BDQ2P3C&:T\3D``6`NOZ!P`
MJ`!'XO?K`^B<`.C6_#K<*#$%L`WH(A!$L`I345*,<@!8B)3E*M4M`#"\,SP*
M=#6T"8H>4@(R`8/L4NAE`5K^P@@"A'8@BI#K%[0.Z*@"40'K$Q,-=`W^RG8I
MZPD790AE`(,M``=:65O#_L90P:9V&/[.8O`F"@,C%D]9PPH2M`-=Z0P!M&3I
M!085`1YAV!Y0(%,`'XO:B_>YD2&:R9$LC94Y1XUB@CSH;V6@_T,J<2SH8P!?
M!XX*;,,`4^L<Z%0`DXD"$Y,/Z{body}lt;H>/_K!TQ5Z#\`+4=6X)1:XJ;H,0!LB0!0
M;(K&]B9*`#+V`\*+R`5%?$RP#N[K%<5"8BH&2K`/#,$,H``?PSOW=&-G5QX&
MB\\K!9;.3$\"BC9280-4V(K'0?\#P]'@,@&+^+I%@\(&N`"X``"`/DD`!W4"
MM+`&'X[`_`K;PH%T%E;LJ`%U^_H


gemini - kennedy.gemi.dev




`9T^XO#J_OB[.L&BN=``*RKXOP''U\3
M5E<`S54&S1`'75]>PP"%`B"Z\=J,!C@``%`S[8O$!1,`L033Z(S2`$JRHPH`
MHPP``P8$!PXIA0,8`QP#)``FH@""`@#;(`#'!BH`


gemini - kennedy.gemi.dev




ZI`(P.+$@$ONX*``&Y
M.I#\+JRT-<TAB1V`88Q%`H/'!.+O0L/RW\(H4_*ZY@@C"*Z9R@@D"-<(/W#A
M"KA*9)%0`KCJ*"I0#N@$!NAP_+Q3D@`4\`$(%@1A`LM7>_L``(/$!EB#YQ^!
MQY8`@/PY<P.@`+___U>T5$B+[(!.%@


gemini - kennedy.gemi.dev




D%A;65I>7UT?!\^XT`!A`"L,R`!9
M6^L'N(4-_^#),]OM^Z,R````B\$+PW0?H1``"\!T$8[`%``F.QX+=`8FH10`
MZ^V,*%##*QXX/NL0B0XT0$GL'C8`Q!XNZL`QX443*@NC,,F"`SS.EU`&4\M=
MSL"A%;6B`0D,`@01)1YR@,45YQ#PH:(`4`L&4'0INP$"Z)0B*@"AB.@#NQ"L
M"KH,%^A`4$4`L#KH50LFZ#45DQ=2Z`<CM$R"$3\NB@<*"TC6ET/K\\.Q9!I"
M`+$*8>L$,N3V\20H!#!00EB*Q,-0!$H8Z`$*4'SHB@+H`PDD#QP\.G("H``$
M!XK0M`9(PP`"&R$C```D-#4V-S@Y.CL\/3X_=5)U1`9N=&DK97)R;X@&<B``
M('T`+@U4`0H`4`X8;VYS($-`'6]P>7)I9V@8#5"..#,L.3$@0B(#'VQI,\"'
M!CRH"`#+@SX%%``CRZ


Z8[^B_0VCD0"@$(F.U4"?P=\%`@%<@^B"@T&?`@/
M"$4$1:%W*+C)*&;^!0!`CW(-*\1S"??8.P8Z`'(JAAC*&$[^`4)8Q'\(-L5W
M!*&04ZNXL-<$@`"K!9(+`8U%=*N,%*L#DB`'R!.Y#@#SJY)(Q79?$L5('V&I
M.;@*$4*2I93.!`@&"`RA/`C:10Y*).1%"M9`P;JQU^L(NK(%`[JSUV,(G44"
M/:-0SA(]%W0-/4@@@G00Q^EF`.LD4@829C<E`%I#O43B1[L0'%RO1#Y,.3FP
MA=\L<H>;3QP8:2H(40A,9R`H!!A0NQ0W%0!84/3>#+L<"PH``


gemini - kennedy.gemi.dev




J!&<")O\9
M!7&B`W!?!\,YX&\SR8D-N``]!%E2#;`"_P4+@`*X=`*T/(!],(,)C54P@.3-
M(7)/B06XARV+V40I*BF+'39{body}amp;0#8N-P$B\B,R_;"@'41@+TY=0/H)@"XMRO\
M<KRW4/A-&(E=&A{body}lt;_`2<++DSTB5'D0$"H2V``(/:`*5@<S;`%8O*B]`FI5X7
MC948N8H2`PZT/PUS&9`I,]L[V'0@@`H0%!K(0^ORB],KT/F>'48$#T^T0)F`
M\/,$)L55#&OPS6]!<A!`H%MI(L^'UH)4]`H*"NON`3`B_$0FAYV$XDER!RO!
M:+AE"]V@"R4"^3C/VQW`F8/[!'8&M#X:!QT9SPB@)+9U#2)=.U7##0K[PR@1
MNVB"ZT10?@53^*HHN_Q&*.@]3P5TT!1U[+`:^<,!0-TOL@!`!$!I1TA`>40W
ME@%`458>1G">=PB`#_I=%$=^XX*`D4?7@X66<-9*>A`1%'_=13H</\:@*(-
M0SP-=?3H9`P*=3)#73=,?3%+77.5""YC+@J`6YV`_[`*Z'O_)!&_*@$DT":,
M?(-]&O7:[LL-D1B1#O``?-7^=0[H]/YR4FQN7<O_Z_0?J0`*'_8?$XM.!DE^
M$8


D`W_XOF*1G+?;05V2@)S'BL,*XO^Q78("1&Y:Q7HI/XDH)$.T`I#04:(
M!#N`,T%UZROQB`PWJJ[B!@$XDV0"8R4Z9ORL,N0KE23(%6NB_FM$A6C_$(O(
MXV0'X^B2


gemini - kennedy.gemi.dev




$^_(O<C(]RVF*LJBAY-X[:D):{body}amp;A8*'@8VBT\"NAXZP78"BL


gemini - kennedy.gemi.dev





M)`J'U#:*!5]?DC(1##8(BK`$D#8&"\E_$0$#V@/Q*\%R$[-`0$@2?0(SR3M!
M4$T&B\'K9:IMO9I/"`2-%`!6#6BL)@`%<P@FQ@4%Z/]Y]M`#^4>*R`#FF9\>
M:(


gemini - kennedy.gemi.dev




!2OC*4>L/`%R(Q.L\JZ00'4<3^L?]-$KT'(10H)*8:9T#BO(A4(4`$IU
M\'3K""OXB\<V*T?^NP0?>$U($G.*)6<ZS.W,"B1XR70&[J9U`CK$!S"C$+`!
MJHH(VZJO-(BU"D{body}amp;[%UDT(C9FXT",2^-Q@@'#E"+1B(0!D@>T/[=,*A`TBT(
M_R'^(?\Z56S_)!2W%K'^!.[^%`AB]`QO_EZ*=PQ4@WY??D-NT@=:"%IV_E,Y
M`5$4`W%0I?-57%695;0=$1E6"`40OU<$@\(PM


!X*-SV\%CE/`-(@;-D2(#
M7<56"LF4,QRT5C8%((8VZQ0>C78S1(EE@\<P,JK*F5?Z'V:(BD^+5@;E!>A)
MJC`I:YS1(#RY`'(ECI("=B8%+``S_Z,7_#@'!H48\J[K]$,#B_<8"D8,D?8Q
M%-!35@AB"/RJH`J+O`*#P,3XD\L\OX``(H@%1S/;XPD%44(@=P/JM(P[#78!
M.`W'*\9T!$-*==[#&@"8/&%R!CQZ=P(LV4L@3`X!AP#O#2$!!$C_7```E@"@
M`*4`M@"[`,``T0#6`-L`Y0#J`/L```$%`0\!%`$E`2H!+P$Y`3X!E0&F`;,!
MR0'.`=\!Y`'I`?H!_P$`@X"$P(N`E(":P)W`GP"@0*2`LT"X0+M`OD"_@(#
M`P@#&0,A`R8#*P,T`TP#8`-E`Z,#J`.M`_P#`00&!%4$6@1?!'H$?P2)!(X$
MVP3O!/L$!P4,!1$%%@4G!2\%-`4Y!4(%505:!60%:05S!7@%A`6+!9`%F@6U
<!0-K`!<`*@`P`0/-``


gemini - kennedy.gemi.dev




[@",!0"X`0!```"(!0"(
`
end
sum -r/size 12744/6826 section (from "begin" to "end")
sum -r/size 65037/4933 entire input file

------------------- CUT HERE -----------------


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                        Hacking Answering Machines
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~
Ring
Ring
Click
"Hi, unfortunately I can't come to the phone right now. So, don't be 
scared and leave a message after the tone with your name and number and 
I'll call you back. Thanks !!"
Bip
Bip
Beeeeeep
[11]
[12]
[13]
[14]
Beep Beep Beep
[8]
"ermm, oh, Hi Jamie, just calling to remind you about mum's birthday.
See you Thursday"
Beep.
"Hello Jamie, its Nichola here, d'ya wanna catch a movie monday ? Gimme
a call when you get back, bye"
Beep.
"I got the couple of ounces you wanted. I've left them in your toolbox
round the back. By the way, if you still want that stereo drop me a
line. See ya round"


Boom. Paydirt !!


        Just about all the answering machines you can buy these days are
'remote controllable'. That is by use of DTMF tones you can playback
messages left on the machine, delete messages, record memos and in some
cases even re-record the OGM (out going message).

        Answering machines are rediculously easy to hack. To show just
how easy I quote from the Dialatron Designer 2500M manual:-

   "When you first install and set up your Designer 2500M, its security
 code is set to 12; you have a choice of five codes - 11,12,13,14 or 15."

FIVE CODES ?!?!?!?!?! I nearly died laughing. 

Accessing the machine
---------------------
        I have never come across an answering machine with more than a 
two digit code. This is the main security shortfall of common answering 
machines. To 'access' the answering machine the code must be entered 
either: a) While the OGM (the welcome message) is being played or b) 
During the period when the caller is supposed to leave their message.

Personally I always try codes in this order:
11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 22, 33, 44, 55, 66, 77, 88, 99, 00

        Why ? Well most codes are still set as the default often only 
one digit. So running thru 11 - 20 goes thru all the single digit kodez 
as well as some common defaults. Also 11,22, 33 etc are also very 
common. 90% of the time this well get you the all important 'beeeep' to 
tell you you have access. If this still fails to work try the usual 
common numbers e.g. 10, 20, 30 etc etc
        
        Getting BlueBeep, BlueDial or another dialler to do the work is 
usally a good idea. But don't set the DTMF tone duration too short, as 
the answering machine may not recognise it, 70ms is usually sufficient.

        If you have physical access to a machine this is even better. 
There is always a way to get the current 'security' code. On the 
Dialtron Designer 2500M simply hold down the STOP button for 2 seconds, 
on the BT Response 400 press the CODE key and then either FF or REW. 
These two methods are pretty standard. It works for most answering 
machines. The best way is to get hold of the manual, and the best way to 
do that is go to your local answering machine supplier and say "I have 
lost the manual to my S00perAnswer 8000" at which point the rep will
either give you a manual or an address to get one.

        0K? You have access the next thing to do is to mess with it !
Below are the tones for controlling the BT Response 400 and the
Dialatron Designer 2500M as these work for 90% of answering machine si
have found....

Dialtron Designer 2500M
-----------------------


22      Clear Messages (press key twice)
3       Record Memo
4       Rewind (during message playback)
5       Stop
6       Fast Forward (during message playback)
7       Answer On
8       Play
99      Answer Off (press key twice)

If you have any problems call the Dialatron help line !
081 903 5224   9.00am  to 5.00pm Mon to Fri


BT Response 400
---------------

0 - Stop current operation/Remote switch off
1 - Rewind
2 - Play/Pause messages
3 - Fast Forward
4 - Save
5 - Erase
6 - Reset a message or memo
7 - Stop/Start announcement recording
8 - Stop/Start memo recording
9 - Play/Pause memo
# - Start remote interrogation


Dangers
-------
        Make sure the answering machine you are calling is capable of
remote operation, or is switched into 'Remote' mode. This is usually a
risk you have to take. If you came home, checked your ansafone to hear a
couple of messages which were nothing but tones most people with half a
brain will guess that some-one is trying to remotely hack their machine !
        Make sure that no-one is in when you try you hack an ansafone.
A lot of people too lazy to answer the phone simply let the answer
machine get the call. Which means they will be happily sitting in their
armchair watching TV when they hear their answering machine go thru all
the left messages and have the welcome message changed to "I am sorry I
am out having assorted continental vegetables inserted into my rectum.
Please leave a message after the tone."

Finally
-------
        Hacking answering machines is *very* easy and has limited uses,
but its a laugh and you can come across a few little nuggets of
information. It is also completely anonymous, and unless you change
something you can listen to left messages undetected ! If you are really
serious about intruding on a target machine. Find out what make/model it
is and get the manual.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                                 Dah Last Bit
                                 ~~~~~~~~~~~~

        For the next issue we'd kinda like submissions on the following 
subjects:-

                        Cellular Hacking/Phreaking
                             Comment/Opinion
                                 Hacking
                                Phreaking
                    Interesting ways of Imbibing Dope
                          Things that go KaBoom!
                           Amusing Pranks/Gags
                             kEwL Koding trix
                   Errmmmm, same as last time really !

You know what we're after, anything will be considered (and probably 
published) so get tapping.

I have been using two FTP sites recently that you may find interesting...

corrupt.sekurity.com
H/P WaReZ in yEr face - h/p stuff and more

hyperreal.com
THE psychdelic server, has info on everything from smartdrugs to dope to 
psychedelics also rave info and some WeIrD visual madness !! 

also a bot on IRC called   lamerbot  usually on the #virus channel has
loads of hack/phreak/virus stuff on it aswell as
anti-feds-good-ole-in-yer-face-underground-rebellion type stuff so check
it out !! Especially a demo for the PC called TIMELESS.ZIP on there
somewhere (can't remember where exactly in some /demo directory). The
usual  /msg lamerbot help  gets you started.

Drop us a line. Even if ya just wanna say Hi or ask a question. As you
may of guessed we're not the sort of ppl who flame others because of our
elitist fantasies. H/P is about communicating ! (and writing articles
for CiTR0NiC !!!)

In case you are terminally stupid our e-mail address is once again...

an119774@anon.penet.fi an119774@anon.penet.fi an119774@anon.penet.fi
an119774@anon.penet.fi an119774@anon.penet.fi an119774@anon.penet.fi
an119774@anon.penet.fi an119774@anon.penet.fi an119774@anon.penet.fi

[EOF]