💾 Archived View for aphrack.org › issues › phrack7 › 4.gmi captured on 2021-12-04 at 18:04:22. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
==Phrack Inc.== Volume One, Issue 7, Phile 4 of 10 -=:><:=--=:><:=--=:><:=--=:><:=--=:>\|/<:=--=:><:=--=:><:=--=:><:=--=:><:=- -=:> Hacking The <:=- -=:> Chilton Corporation Credimatic <:=- -=:] By: Ryche [:=- -=:} Written on June 24, 1986 {:=- -=:><:=--=:><:=--=:><:=--=:><:=--=:>\|/<:=--=:><:=--=:><:=--=:><:=--=:><:=- This is the complete version of Hacking Chilton. There is another one that is floating around that's not as complete. If you see it anywhere please ask the sysop to kill it and put this one in its place. The Chilton Corp. is a major credit firm located on Greenville Ave. in Dallas, Texas. This is where a lot of the companies that you apply for credit, check you and your neighbors credit records. Unlike other credit systems such as TRW and CBI, this one contains the records for people with good credit and doesn't wipe out some of the numbers of the cards themselves. All information is complete and includes full numbers as well as the bank that issued it, limit, payments due, payments late, their SSN, current & former address, and also their current and former employer. All you need to know to access this info is the full name, and address of your "victim". Now, how to hack the Chilton. Well, the Chilton system is located in Dallas and the direct dialup (300/1200) is 214-783-6868. Be in half duplex and hit return about 10 times until it starts to echo your returns. There is a command to connect with E-mail that you can put in before echoing return. By echoing the return key your signifying that you want the credit system. I wont go into E-mail since there is nothing of special interest there in the first place. If you are interested in it, try variations of /x** (x=A,B,C,etc.). All input is in upper case mind you. Back to the credit part, once you echo return, you can type: DTS Ctrl-s if you really need to see the date and time or you can simply start hacking. By this, I mean: SIP/4char. Ctrl-s This is the Sign In Password command followed by a 4 character alpha numeric password, all caps as I said before. You can safely attempt this twice without anyone knowing your there. After the third failed attempt the company printer activates itself by printing "Login Attempt Failed". This is not a wise thing to have printed out while your trying to hack into it since there is always someone there. If you try twice and fail, hit Ctrl-d, call back, echo, and try again. You can keep doing this as long as you wish since there is no other monitoring device than that printer I mentioned before. Since this only activates when you fail to login correct you can safely say there is little if no danger of your discovery. I would suggest going through an extender though since Chilton does have access to tracing equipment. About the passwords, as far as I know, there are 3 different classes of them with varying privileges, these are: 1-User/Employee 2-Permanent/Secretary 3-Input Output The first one is just to look and pull credit reports. These passwords go dead every Sunday night at 11:00pm or so. The new ones are good from Monday to Sunday night. Even though your pass is good for one week, there are limited times you can use this. The credit system is only accessible at these times: Mon-Fri: 8:00am to 11:00pm, Sat: 8:00am to 9:00pm, and Sun: 8:00am to 6:00pm The second class is the same as the first except that these only change whenever someone leaves the company. These were originally supposed to be set up for the secretaries so that if they ever need quick access they could w/o having to go down to the Credit Dept. every week for a new password. The third is one I have never gotten..yet. It has the ability to alter a persons credit reports for one month. At the first of the month the system updates all reports and changes your alterations to the credit reports. Doing this though would warrant going through a diverter since your fucking with someone's life now. Once you have hacked a pass and it accepts the entry it will display the warning: ****WARNING! UNAUTHORIZED ACCESS OF THIS SYSTEM IS A FEDERAL CRIME!**** Or something along the same lines. After this you should be left to input something. This is where you enter either In House Mode, System Mode, or Reporting Mode. In House Mode will give you the reports for the people living in Dallas/Fort Worth and surrounding counties. System Mode is good for surrounding states that include: Massachusets, Illinois, Louisiana, Missouri, Arkansas, New Mexico, Colorado, Arizona, some of New Jersey, and a few others I cant remember. There are 11 states it covers. Reporting is a mode used for getting transcripts of a persons reports and would require you to input a companies authorization number. So for this file lets stick to In House and System. Get your victims stats ready and enter a mode: In House: I/NH Ctrl-s (Dallas/Ft. Worth 214) System: I/S Ctrl-s (All other NPA's) After that its time to pull records. Type in: I/N-Last Name/F-First Name/L-Street Name/Z-Zip Code/** Ctrl-s If you don't know his street name, use 'A' and it will go into a global search routine until it finds name that match or are at least 80% similar to the one you used. Although the Zip Code is not needed and can be left out, it does narrow the search field down considerably. Once it finds the name, it will show you his Name, SSN, Current Address, Employer, and former ones if there are any. Right after his name you will see a ID number. Sorta like: 100-xxxxx Write this down as it is your key to getting his reports. After it finishes listing what it has on him its time to see the full story. Type: N/100-xxxxx/M/D Ctrl-s What it will display now is his whole credit history. When you first pulled his ID number you might have seen he had two names but with a variance like middle name or a misspelled address. Pull both of them as they are just an error in whoever put the reports in. I would suggest capturing this so that you can refer back to it w/o having to access the system every time. There is another way to get into Chilton through Tymnet but I have no idea of the address for this and its a waste of time. If you happen to get the name and address of an employee of the company forget the idea of pulling his stats, Chilton doesnt allow employee records to be in there. One very good point made not too long ago is the prospect of going through the phone book and picking names at random. Although Credit Card numbers are displayed credit card fraud is thwarted by the small fact that it does not show expiration dates. No company making an actual inquisition on a person would need that information and to prevent the fraudulent or misuse of the information they were left out. There is an interesting note that at one time in the companies history they did have a small that signified a drug record. This was taken out as it wasn't pertinent to the computers purpose and was only there because Borg Warner, the company that owns Chilton wanted to pry into peoples lives. The computer has a 10 line rotary, so unless there are 11 people using it at the same time your chances of getting a busy signal are almost if not next to nil. Disclaimer: The information provided in this file is a tutorial and is provided for the purpose of teaching others about this system and how it operates. It is not provided to promote the fraudulent use of credit cards or any other such action(s) that could be considered illegal or immoral. Myself, and the editors/publishers/distributors of this newsletter are in no way responsible for the actions or intentions of the reader(s) of this file. <>>>> Ryche <<<<> _______________________________________________________________________________