💾 Archived View for gemini.spam.works › mirrors › textfiles › hacking › aspen1.txt captured on 2021-12-04 at 18:04:22.
-=-=-=-=-=-=-
[R.A.W Productions] [01.13.92] [A Complete Guide To Hacking and Use of ASpEN Voice Mail Systems] [Written by: Caveman] [Introduction] ASpEN, or "Automated Speech Exchange Network," is a voice mail system used by small businesses for individual employees' when away from their desks. It is, in my opinion, by far the easiest system to use. There are other vms's to hack on, but many can be difficult, including systems that require a "box/password" number to be entered (which any stupid shit knows is as difficult as a GOOD meal with spam in it; close to impossible of course.) I will be discussing the basics and commands of the ASpEN systems, If you need information on voice mail systems in general, or info on another specific type of voice mail system, I highly suggest the LoL article on hacking voice mail boxes, as well as the article on hacking voice mail boxes by Night Ranger in Phrack #34, both are good sources of information. [Finding An ASpEN System] In order to find an ASpEN system, you will need to get some form of wardialer. I've heard a lot of shit about what's the best, I don't give a fuck, they all do the same damn thing. The easiest way to find a voice mail system is set up a wardialer, connect a spare phone to the second phone slot on your modem, and set up the wardialer to an exchange that is known to carry voice mail systems (i.e. 1-800-666-XXXX) After a shitload of ringings, stanky operators, and fax machine ringings, you will come across something that sounds like an answering machine. If you are extremely lucky, you will come across the generic message that comes with the ASpEN system. You will hear: "Hello, this is ASpEN, the Automated Speech Exchange Network. Please enter the number of the person you are calling. If you have a mailbox on this system, please press pound." Otherwise you will get a recording from the company itself, in which case you need to press the star key to enter the voice messaging system. If you get a message saying, "Mailbox number please" you have found a voice mail system. It is not necessarily an ASpEN system, it could be one of a number of systems. In order to know absolutely that the system you have found is ASpEN, you will need to recognize the ASpEN computer voice. If you need a sample of the voice, call 1-800-852-MAIL and press pound (#). You will get a sample of the ASpEN voice from this system. After determining that you have indeed found an ASpEN system, you are ready to go to work. You have already done the hardest part, finding an ASpEN system. [The 800 Exchange Problem] 1-800 voice mail systems are by far the most useful, for obvious reason of low cost calling from around the country, so that phreaks and hackers from coast- to-coast are able to contact you. However, there has been a problem with attempting to hack an 800 exchange. It is the simple fact the each time you call the 800 system, the system itself gets billed for the call. Even if you are lucky enough to find a local 800 voice mail system, the system will still be billed for the call. If you are calling a long distance 800 exchange, the system will be billed for the LONG DISTANCE bill. Thus, if you call the system many times in search of a box, then the System Administrator will be notified of irregular patterns in the bill at the end of the month, including multiple long distance calls from the same source in a short period of time. The System Administrator, if competent, will check the system for hackers, and will eventually find your box. The risk of the System Administrator sighting the irregular phone bill, or practicing "Preventive Maintanence Excercises," all depends on the size of the system, the size of the company paying for its use, as well as if the system regularly receives many long distance calls. [3-Digit Error] The reason that ASpEN is the easiest is some "errors" in the programming of the automated system. Among the most useful is the 3-digit error. If you enter three numbers SLOWLY, such as 1-5-2, taking your time with each number you enter, then at the end of the THIRD number, the ASpEN computer-generated voice will tell you: "Box 1-5-2 is not a recognized mailbox, please try again. Please re- enter your mailbox number." By not allowing the user to enter the fourth number, the ASpEN system has, in effect, told you that there are NO mailboxes in the 152 exchange, in other words, no 1520, 1521, 1522, 1523, etc... up to 1529. Instead of having to check all ten of these boxes, you only need enter the first three numbers slowly and wait for the system to tell you that they are invalid. If the 1-5-2 exchange is invalid, then try the next exchange, 1-5-3. However, if you enter 1-5-2 and the system pauses and waits for another number, then BINGO, orgasm, you have found a valid exchange, meaning that there is a valid mailbox between 1520 and 1529. In the pause between the 1-5-2 you entered and the computer voice not coming on, you then enter another number between 1-9. If you get the invalid box voice again, try another number between 1-9, if the system paused with this exchange, there is definately a box there. It may take you a while to find an exchange that the system will pause on, but I suggest looking in the range of 2400-6000, this is where I personally had the most success. Once you have found a mailbox, don't spooge in your pants yet, you must begin the next step, finding a box not in use. [Finding YOUR Box] First, I will stress NEVER FUCKING TAKE A BOX THAT IS ALREADY IN USE BY SOMEONE. I can tell you, all that this accomplishs is that you get a VMB and you feel good for a couple of days, but as soon as the owner checks their box, but finds that some little shit took it over, they will report directly to the System Administrator, who will make a complete system check, and destroy any other box that WASN'T origionally in use, that some hacker obtained through hard work. By finding a box that isn't already in use, you are insuring that other hackers on the system will not be caught, as well as guaranteeing the safety of your own box. So how DO you find a box not in use on an ASpEN system? Any box that is not in use is NOT going to have a recorded name (a feature discussed later in the text.) While trying to find a box in the 3-digit method described above, you will enter a box number and come up with the normal ASpEN voice stating the following: "Hello. This system can enable you to receive messages while you are away from your desk... [After a lot more shit, the voice will say] Your System Administrator has assigned you a temporary password. Please enter that password now." When you have come upon this generic message, you have found an activated mailbox that is not in use, but rather reserved for a future user of the system. NOW HOW CAN I PUT THIS KNOWLEDGE TO WORK FOR ME? At this time, you begin to try the defaults for the ASpEN systems as named in Night Ranger's article in Phrack #34. The defaults that I have had the most success with is 1111, the box number itself, and 1234. But before you give up, expend ALL of the defaults. [Once In The Box] Once you have entered the correct default password for the box that of course was NOT IN USE, the computer voice will say: "Thank you. You should now change the default password. Make it a number that will be easy for you to remember but hard for others to guess..." At this point, the ASpEN will also ask you to change your recorded name and recorded message (discussed later, and I'm sure, really difficult to figure out.) Now, you have complete control of the mailbox. Once you have a mailbox, post the number on your local board, so that others may share in your joy, and posting the default is helpful as well as the number range of the boxes. [Commands] When in your box, there will be a number of commands available to you. Once you are in your mailbox, the mailbox will tell you "No messages. Send, press two, check receipts press three.) The option that it does not tell you on some systems (the most important option) is "Personal Options," which menu you can enter by pressing 4 on your numeric telephone pad. The following is an outline of the options available from each menu that can be entered on the ASpEN system (all quoted options are taken from the "rapid prompts;" which is what I suggest you set your prompt level to when taking over the box): [MAIN MENU] "Send, press 2" - to send a message from YOUR mailbox to a fellow hacker on the system. It will record your message, then ask which box to send the message to. You can enter multiple box numbers, which serves as a multi-mail service. "Check receipts, press 3" - Once you have sent a message, and want to check whether the person has received the message, or if the message you have sent is still in their mailbox, you use this option. It will ask which box to check, once you have entered this, it will play their recorded name, and say either "One message from you in that mailbox" and play the message over to you, or say "All messages have been received." "Personal options, press 4" - This is basically command central of your box, a number of options are contained (see PERSONAL OPTIONS SUBMENU) "Restart, press 5" - This will bring you to the origional logon message of your particular voice messaging system. "Disconnect, press *" - If you cannot figure this out, you do not need a box. [PERSONAL OPTIONS SUBMENU] "Notification on or off, press 1" - This is an option that you NEVER WANT TO ACTIVATE. This is an option that will call your house whenever you receive an "urgent" message. Of course, if you activate this, and give your home phone number, then if the System Administrator is not a shit-for-brains (as many of them are) they will be able to contact you at your home and cause you more trouble than this option is worth. "Administrative options, press 2" - This is another submenu (see ADMINISTRATIVE OPTIONS SUBMENU) that contains the maintanence options. "Greetings, press 3" - This contains another submenu full of options for your greetings. (see GREETINGS SUBMENU) "Notification schedule" - This is the option to set the time that the system should call your house with "urgent" messages. As I said before, you've got to be fucked up to activiate this, it's a deathwish. [ADMINISTRATIVE OPTIONS SUBMENU] "Passwords, press 1" - Simply the passwords of your system. (see PASSWORDS SUBMENU) "Prompt level, press 3" - The level of explanation the ASpEN system gives you when reciting your options. Prompt level 1 is set for morons, level 2 is for a user just getting used to the commands of the ASpEN system, and level 3 is rapid prompts, the briefest ASpEN messages the system allows. "Date and time options, press 4" - This allows you to enable or disable the date and time option, which stamps each incoming message with the date and time of receipt. "To exit, press *" - Whenever you are in a submenu, and want to exit to the menu you were in prior to the submenu, press the star key. You will be transfered to the previous menu, or if you are in the main menu, you will disconnect. [GREETINGS SUBMENU] "Personal greeting, press 1" - Your personal greeting is what the caller will hear when calling your box. "Extended absence greeting, press 2" - This is used by companies when their employees take vacations, and there is no need for them to receive messages. With this option on, you will not be able to receive messages until the extended absence greeting is deleted. This is useful when you are switching mailboxes, and want to convey to the caller your new system and box number, and make it impossible for the caller to leave a message. "Recorded name, press 3" - This is the name that will played when you call your box to check your messages. Upon calling your box, the ASpEN system will say: "Hello, [recorded name played,] please enter your password." [PASSWORD SUBMENU] "Guest 1 password, press 1" - This is the password for a friend that you can leave messages to. This friend will have his own password, as well as message section, but will not have access to your messages, or personal options. "Guest 2 password, press 2" - This is the same as guest 1, but for another friend (if you have that many friends.) "Home password, press 3" - This password enables the user to access private messages, and send messages, and disconnect. No other options are available to the user with this password. "Secretary password, press 4" - This is of course for your secretary. The user of this password will have access only to hear message summaries, in other words, they will hear who the message is from, what time and date it was sent, and how long it is, but not the message itself. This was obviously designed with the thought that the secretary can use this to notify her boss that messages are waiting in his mailbox. "Your personal password, press 5" - This is the master password, the password that gives you access to ALL options of the box. You will be using this one, so change it from the default. [Avoiding Deletion] On all of the systems that I have been on, I have found that the System Administrators only check for hackers on the first of the month, every month. Some stupid System Administrators, such as the one in charge of the system I am on right now, will send a multi-mail to ALL users of the system, stating that they plan on shutting down the system for an hour on the first of the month for what they call "Preventive Maintanence Excercises." This means that the System Administrator on your ASpEN system will be checking all boxes for validity. Some systems will check at the first of the month WITHOUT sending such a helpful message. My suggestion is to change your recorded name as well as your message to say something like: "Hello, this is Joe Blow, I'm not in the office at the present time, if you leave me a message, I will get back to you as soon as possible. Thank you." Don't sound too fluent either, most users have no idea what the fuck they are doing. After the first of the month change your message back to normal, and you should be set until the next month. [Disclamer] I could say that I don't want anyone to do anything contained in this file, and that it is strictly for informational purposes, but I know that people are going to go out and do this shit. So, Mr. Law Enforcement Agent, cram it, you can't find me, for all you know, I could be your father (and knowing your mother, I probably am.) AMF. [Bullshit] If you have suggestions, comments, or have nothing better to do, you can reach me (Caveman) at [Legion 1]: 202.337.2844 [12/24/96/14.4] [PEACE] Peace to Mr. Black, my partner in crime. Peace to Tomellicas, Legion creator. Peace to G-Spot, for finding the systems to hack on. Peace to Night Ranger, for his article. [The Boards] Legion 1 [202] Powerdome, INC. [703] Midian Private [703] School For Scandal [301] Copyright 1992 R.A.W Productions. All Rights Reserved. {PEACE OUT} Downloaded From P-80 International Information Systems 304-744-2253