💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › CRITICAL › critical.8th captured on 2022-06-12 at 10:43:42.
-=-=-=-=-=-=-
"Ah, the cold air..... Tis the season to be p/hacking...."
_____________________________________________________________________________
\~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/
\ Critical Issue # 08 A Technical Text /
\ Mass ~~~~~~~~~~~ File Newsletter. /
\________________________________|____________________________________/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
__________________________
__________ l___________ | ___________l
// \ _______ _____ l|l _____ ______ ___
// /~~~~~~~\_\ l \ l l l|l l l // \ _ l l
// / l [] / ~l l~ l|l ~l l~ // /~~~\_\ / \ l l
<<<< ritical l / l l l|l l l // / / \ l l
\\ \ l < l l l|l l l <<<< / ___ \ l l
\\ \_______/~/ l l\ \ l l l|l l l \\ \____/~/ / / \ \ l l_____
\__________/ l__l \_\ l___l l_l l___l \_______/ /_/ \_\ l_______l
==--> ==-->
____ __ ____ ==--> <12/23/92>
l \ / l ass ==-->
l \ / l __ ______ ______
l \ / l / \ / \ / \ A Technical
l l\ \ / /l l / \ / /~~~~~~ / /~~~~~~ text file newsletter
l l\\ / l l / ____ \ \ ~~~~~~/ \ ~~~~~~/ ~~~~~~~~~~~~~~~~~~~~
l l \\____/ l l / / \ \ ~~~~/ / ~~~~/ / Issue: 8
l l l l /_/ \_\ /~~~~ / /~~~~ /
~~~~ ~~~~ ~~~~~~ ~~~~~~
_____________________________________________________________________________
l Writters l Special thanks to.... l
l__________________________l________________________________________________l
l l l
l The Beaver l Shadow Hacker, Altos, Section 8, l
l Altos l Abigail, D.M., Black Knight, Number Cruncher l
l Black Knight l and many other that I forgot l
l l to include. l
l__________________________l________________________________________________l
Critical Mass Technical Newsletter is free to those who wish
to gain in further knowledge of topics of Telecommunications,
Datacommunications, Computer and Phone Security, Software and other
forms of piracy, explosives, and other forms of not widely known or
talked about topics.
All articles are totally original, unless stated otherwise.
We will not except unoriginal, plagiarized articles, or articles
that contain false information. We except articles from anyone who
is willing to follow these criteria, and as long the editors, writters
and S.A.O.O. members feel that the article is worthy to print.
We encourage all to download these files and pass them on
freely to others as long as credits of the editors, writer or
S.A.O.O. is not modified in any way.
There is no set date for release issues, but we attempt to
put them out as frequently as possible.
We now also offer BBS's outside the Tallahassee area to get
on our BBS listing. If you decide to get on this list, we will send
you issues as soon as they are produced.
We also now sponser a total legit network called, "UnRegNet".
The converstions included general hacking, basic and advanced hacking,
hacking Unix, hacking VMS, pyro <Explosives and fire>, anarchy <killing>,
pirate, and much more... Come and check it out.........
If you wish to become a part of UnRegNet, please leave mail on
UnRegNet in the HGENERAL to either The Beaver or Black Knight at one of the
following UnRegNet BBS's.....
Tower Of Power
<904>668-6745
The Speed Shop <TSS>
<904>PRI-VATE - Mail The Beaver for the number.
Silicon Nightmare
<904>PRI-VATE
If you have any questions pertaining to a article, please
leave E-Mail to the author of the article. If you cannot get in
contact with the author, please leave "The Beaver" mail at the
one of the BBS's above and he will try to put you in touch with the
author, and/or try to answer your questions.
SAOO Support Boards
The Speed Shop
<New SAOO Main!>
<904>PRI-VATE
Silicon NightMare
<904>PRI-VATE
To gain access to one of the following BBS's, please contact
the sysop of the board or a member of the SAOO.
If you wish to become a member of the S.A.O.O. please leave
The Beaver E-Mail, where he will send you an application for you to
fill out. From there, local S.A.O.O. members in your area will
consider you and take a vote on if at that date you can become a
member.
We are always looking for experienced and even
non-experienced p/hackers to join. Only after a back-ground check and
the vote, will you be let in. If you fail to get in, do not be mad,
we have turned down many people. Simply wait, improve the reasons
that you where not let in, if possible, and in the mean time, learn.
We are also looking into other remote S.A.O.O. support
boards to net with and share information with. In the event that
you would like to support a S.A.O.O. chapter in your area, please
contact a member of the Tallahassee S.A.O.O. Benefits do come.
Head Chief And Writer - The Beaver
Editor - Altos
Members - <S>ilicon <A>luminum <O>xidation <O>rganization.
If you wish to become a distribution point for Critical Mass, please
E-Mail the Beaver, and I will add you to the list. You will get your
copy of Critical Mass as soon as they are produced.
This Issues Articles Include:
I. - Editorial
By The Beaver
II. - How To Bust Into Systems <TimeBanks That Is!>
By Black Knight
III. - Hacking Florida DMV
By The Beaver
IV. - Basic Telenet <With NUA's>
By Altos
V. - CitiCorp/CitiBanks Telenet NUA's
By The Beaver and Altos
VI. - SAOO Telenet Scan <The "Thousand" Scan>
By The Beaver
VII. - Basic Anarchy For The Youngsters.
By Penial Implant
VIII. - Finnal Notes
________________________
Editorial
By The Beaver
________________
Yes, Yes, Yes.... Welcome one, welcome all to yet another Critical
Mass.... What do you say that we stop and take a look around us for a
moment..........
God... It seems that we have come upon yet another Xmas. We all
knows what this means... More public mail like "HI, MY NAME IS TIM. tHIS
iS MY FIRST TIME ON A bBS!". Which will lead to, "wheres the k-k00l killer
kean warez!"... Ahh, well.. we all have to start somewhere.
To thoughs whom do not know, UnRegNet IS underway! Yes, thats right
Tallahassees first echo on the topics of P/Hacking, Piracy, Explosives,
drugs, and just general all American chaos is discussed. I want to get a
little something straight here, before some people start posting "killer
k0dez" and stuff on the echo.... The echo is legit... Yes, it is total
legal, which basicly means that you cannot post information that is
of a illegal nature....<I.E. - Credit card numbers, hack accounts/codes,
etc>..... However, since we do live in a country where we can all yell at
any given point in time, "I plead the 5th", and along with the great
tradition of, "Its information, thats all.... You have heard of the first
amendment you S.S. commie swine you?", you can discuss the method of general
hacking......
We also invite other people to get involved in the echo, such as
Computer Security Specialist, and people whom are against p/hacking in
general.... We <Well most of us> love to hear the imorals of hacking.
If you even got a gripe about the whole thing, please do tell... Let me
state again, however, that this is a legal net, and not a flame echo...
Keep it within reason...... If you do have a gripe, please leave it in the
Anti-Hacker area only...
In other local news, the local community has lost some great BBS's
in our local area. One of which was Section 8's old BBS along with the
viral collector king, Dr. Strangelove.
I found this out the other day.... Seems that ole Centel is trying
to pull a fast one on there ANI <Automatic Number Identifiers> dialups.
DM and I embarked on a 3 digit scan to find Centel's new ANI's. Low and
behold, after scanning over 700 numbers, they move the damn ANI to a
4 digit exchange!
Welp, considering that there is no need for you to do the work <and
besides the fact, I got the new ANI while looking over a Centel linemans
shoulder!>, here it is.... Dial 7118. What is ANI you ask? Well, I will let
you dial it and decide... Basicly, this will tell you any fone number <Within
Leon County> that you are dialing from....
Heres some other information that was not enough to make it to
actual articles. Actually, some of them I heard/read about, but I will
share with you anyway.
Fact: FDLE's <Florida Dept or Law Enforcement> database is ONLY 2 gig!
Every want a credit card number <Visa, Mastercard, Etc>, but just
just could not find the means? Welp, here is what you do. Pull the following
social engineer........ First go to a fortress/loop/whatever!
Mark - "Hello."
You - "Yes, This is Dave at CitiBank Security. We have seem to
have had a computer break-down and there is a problem with
your VISA and you will not be able to make anymore trans-
actions until it is re-entered. Can you give me you VISA
number?"
Mark - "Ahhhh, I don't know, this sounds a little fishy, buddy.
I got a idea, how about I call you...."
You - "I understand that you are reluctant. Here you go, this is
my office number. <Give him the Fortress/loop/whatever
number>"
Mark - "Okay, bye."
You - "Goodbye."
<Wait a little while>
RING!
You - "Citibank Security, This is Dave, how may I help you?"
Mark - "Ahh, okay.... I thought this might be a scam or something.
Anyrate, my VISA number is blah, blah, blah....."
Easy as that.
I don't know about you, but if you want LD codes/extenders, VMB
passcodes, etc, there is one really neat way to do it. I was
reading a few days ago in Phrack, or maybe it was Phun. Anyrate,
They had a article on using scanners to intercept fone <Cellular,
Portable and Airline> conversation, along with other freq's,
such as bugs, FBI, etc, etc. Now, lets say you hooked up a tape
recorder to you scanner via the earfone jack and recorded stuff.
Lets say, you drop into Airline fones. You are gonna get codes!
The same with cellular and maybe even portable fones. I know what
I want for Xmas!
Centel looks like it will be finally bought out by US Sprint! Centel
has been quoted as saying that they would not upgrade Leon County
telefone equipment until they where sure that US Sprint was indeed
going to buy them out. This explains alot of the trouble with our
local telefone system here.
Speaking of trouble, in the 385 trunk, some of you that are in it
may experience trouble in that your calls will seem to be "diverted"
<The remote fone rings then you get a dialtone before the remote
party answers> or get other peoples conversations. I called Centel
and talked to a tech there, this is what he has to say.....
"Yeah, on the 385 trunk, in some areas, when it get moist out
the lines cross over, thus shorting out."
"When will it be fixed?"
"Thats hard to say, seems that it is a tough problem to fix. Tall-
ahassee only has on prefix in town that has fiber optics. There
is really no telling."
I believe the prefix he was refering to was the 942, though I
am not sure at this time.
According to Tallahassee local news, DMV <Dept. Of Motor Vec.> is
changing its format used on there local computer systems. It seems
that more people will have access to your driving records. The new
system will give information pretaining to tickets, DUI, expired
tags, etc, etc. The majority of the users look like they will be
people like Budge Rent'a Car, and other car rentals.
The system will also work alot easier than it currently does.
All one must know is the Name. Currently <See hacking DMV in this
issue of Critical Mass>, one needs a alot of information such as
VIN's, Tag numbers, specific dates, etc. What this will allow the
curious hacker is a more than easy way to find out the same
information.
Strange NUA:
If you can, connect to the following NUA from your local Telenet/
Whatever dialup...........
224206 < its in the 3110 Telenet DNIC >
This will give you a list of Hong-Kong flight schedules. Just
fun to show you friends!
___________________________________
How To Bust Into Systems
(Time Bank Systems, That Is!)
By Black Knight (Of Course!)
____________________________
I'd first like to let everyone know that I did not find all of these
by myself. I was given how to do two of these by other people, but I'm just
showing them so that you can do them yourself; I am NOT taking credit for
them. Anyway, here they are:
1) How To Get Extra Time With Searchlight
With one of the older versions of Searchlight, it came with a time bank
that was EXTREMELY faulty. The only things you could do was withdraw,
deposit, and quit. Unfortunatly, since most people don't use Searchlight
and don't have that old version, this will usually not work. But, it's
worth a shot.
What you need to start out with is to use all but three minutes of your
on-line time. Then go to the Time Bank. In there, you will want to
deposit your time. It will say how much time you have available to
deposit and ask you how much you wish to deposit. You will want to
deposit as much time as it says you can, probably about two or three
minutes. So type in "2" or "3". BUT, don't press enter. You know have
to wait. How long? Well, how about two or three minutes? After you
think you're time would've run out, press enter. It will exit you back to
the main menu of the Time Bank and say you have about 16000 minutes left.
Good job!
This Time Bank scam works on the fact the the Searchlight Time Bank works
on a cycle theory. When you're waiting for the two or three minutes, the
time bank is still clicking it's time away. So after waiting, your time
remaining is actually zero or less. So after depositing two or three
minutes, which you don't have, you will definitly have a negative value
for your time remaining. This is where the cycle comes in. The Time
Bank essentially "thinks" that you have negative time. and since that is
obviously impossible, it just wraps your time around to the maximum value.
Although this is a great trick, you are only allowed to deposit 2000
minutes or so. Oh well!
2) How To Get Extra Time With HamBank
This is a proven trick you can pull with HamBank version 1.2. This is
extremely easy to do and takes virtually no effort. A user of mine
suddenly had 500 minutes remaining one day. I said "How in the HELL did
you do that?". Of course, he wouldn't say, so I watched him and
eventually figured out the trick. Of course, I drop his time down to
nothing after he does it, but it's worth a shot, isn't it?
You first need to find a board that uses HamBank; usually an RA, QBBS or
XBBS. As soon as you log on, feel free to go right to the Time Bank. If
you already have some time in there, withdraw all of it. Then exit back
to the BBS. Now go back to the Time Bank. Now you'll have around 100
minutes or so... doesn't really matter, but the more the better. Either
way, once in the Time Bank the second time, deposit all but five minutes
of your time. It will say something like "Do you wish to deposit this
amount? (y/N)". Of course, you press "Y" and then hit enter. As soon as
you hit enter, drop carrier. Then call the BBS back. You will have the
same amount of time that you had when you return from the time bank after
withdrawing all you time, about 100 minutes or so.
This works on the fact that HamBank is stupid. Really! After you deposit
your time, HamBank ASSUMES that you've done nothing while in the program.
So of course, it reports back to RA, QBBS, whatever that you've done
nothing and to maintain the same amount of time as when you shelled out.
BUT, HamBank was even more stupid because it saved your HamBank banking
account before you hung up. Therefore, you have your 100 minutes or so in
both RA AND HamBank. But as I suggest that after doing this, you do not
log right back on. Wait an hour or two and then log on so that the SysOp
doesn't notice anything. Give this a shot, it works great!
3) How To Get Extra Time With Remote Access Timebank Service
This is another scam, but I figured this one out on my own. This is a lot
like the Hambank scam, but goes the opposite direction. Although most
boards these days don't use Remote Access Timebank Service (hereon
mentioned by RATS), this is still a good thing to do.
First you need to find a board that carries this Time Bank (usually an RA
board <GRIN>). Anyway, once on, you need to start with about 30 minutes
or so. Enter the bank and deposit around 30 minutes. Now, exit back to
RA. After returning to RA, go BACK to RATS. Now, this time withdraw your
deposited time. After it "says" that it saved your account, hang up.
Call back the board. RA says that you have all your time back again.
Enter RATS and you'll see that all your time is still in there. All you
need to do is keep calling back the board, withdrawing time, and hanging
up. Lot's oh phun.
This works by two facts. First, RATS is old as a mother-fucker. Second,
RATS is more stupid than HamBank. When you deposit your 30 minutes into it,
it is just saving your account in EXITINFO.BBS, not the actual RATS
account. But when you exit back to RA, that's when it saves. And when
you withdraw your time, all it's doing is editing the EXITINFO.BBS and
when you hang up, it assumes you've done nothing and it goes ahead and
exits without saving your account. But of course, when RA sees that you
have some extra time, it will save your account and then hang up.
Try all of these out, they are great phun. In the meanwhile, I'll be writing
my own Time Bank <GRIN>. Really though, if you figure out how to bust another
Time Bank, please let me know. You can contact me on my board, The Tower of
Power, via (9o4) 668-6745, FidoNet 1:36o5/256, or UnRegNet 222:13oo/4.
laTeR...
- Black Knight
- Member of UnRegNet
- Sysop Of Tower Of Power
<904>668-6745
_____________________________
Hacking DMV
By The Beaver
_________________
This articles focus is on DMV <The Dept. Of Motor Vec.>, and
the security around there machines..... It is fairly straight
forward, and though I cannot say that all DMV machines are
the same, most servers probably are...... The machines discussed
here are in the local <Tallahassee> area.
--------------------------------------------------------------
Ok, first off, you will want to find a DMV server, correct?
Well, As much as I would like to, I cannot give the number,
because everone would hack'em and that would be a major
hassle, plus the fact that someone would get busted....
However I will tell you that one machine is located in the upper
487 prefix. <Above the 5000 exchange>. The rest is up to you.
DMV servers run under Unix, and it is unreal how easy to defeat
there security is.... It is simply a matter of knowing what
username to type in. On the DMV servers I have played with,
there is NO passwords on ANY of the accounts... This includes
root, sysadmin, who, uucp... You name it! Now, upon calling a
DMV machine, here what should happen.. When you call it, you will
have to wait a minute for the login prompt... Which should be
look something to this......
Northwoo
2400 login:
At which point, the first thing to do is login as root. Since DMV
machines hold no password, you should become superuser quite
easily. After that, do a "who" <Shows all users online>, you will
probaly see some non-interactive accounts on..... For saftey
reasons, do not login during working hours! I prefer sometime at
night.... Ok, after you look around a bit and see that you are
getting nowhere, go ahead and "cat" <sorta like the "type" command
on DOS and VMS machines> and capture the passwd file... This
will be in the etc directory... For example, here is what you
would do....
$ cd /etc
$ cat passwd
This will dump all the usernames on the system and along with
there encrypted password <this holds true with all Unix based
systems>.... Don't worry about the encrypted passwords, because
as I said, they don't use passwords at DMV! Here something
what you should get.....<BTW This is off a DMV machine>
root:x:0:3:0000-Admin(0000):/:
sa:x:0:0:SA Menus Login:/sa:/sa/sa.exec
sarem:x:0:0:SA Menus Remote Execution:/sa:/bin/sh
startup:x:0:0: Start Multi-User Mode:/:/etc/startup
shutdown:x:0:0: Multi-Single-Halt Mode:/:/etc/shutdown
reboot:x:0:0: System Reboot :/:/etc/reboot
halt:x:0:0: System Halt :/:/etc/halt
daemon:x:1:1:0000-Admin(0000):/:
bin:x:2:2:0000-Admin(0000):/bin:
sys:x:3:3:0000-Admin(0000):/usr/src:
adm:x:4:4:0000-Admin(0000):/usr/adm:
uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp:
nuucp:x:10:10:0000-uucp(0000):/usr/spool/uucppublic:/usr/lib/uucp/uucico
sync:x:20:1:0000-Admin(0000):/:/bin/sync
who:x:21:1:0000 Admin(0000):/:/bin/who
diag:x:22:1:User Diagnostic Tests:/tst:/bin/sh
lp:x:71:2:0000-lp(0000):/usr/spool/lp:
listen:x:81:4:0000-listen(0000):/:
setup:x:0:0:general system administration:/usr/admin:/bin/rsh
sysadm:x:0:0:general system administration:/usr/admin:/bin/rsh
checkfsys:x:0:0:check file system:/usr/admin:/bin/rsh
makefsys:x:0:0:make file system:/usr/admin:/bin/rsh
mountfsys:x:0:0:mount file system:/usr/admin:/bin/rsh
umountfsys:x:0:0:unmount file system:/usr/admin:/bin/rsh
frvis:x:201:201:frvis:/FRVIS:/bin/sh
help:x:0:0:frvis-help:/FRVIS:/FRVIS/help
sta0:x:100:201:Station Number 0:/FRVIS/OBJ:/FRVIS/OBJ/go
sta1:x:101:201:Station Number 1:/FRVIS/OBJ:/FRVIS/OBJ/go
sta2:x:102:201:Station Number 2:/FRVIS/OBJ:/FRVIS/OBJ/go
sta3:x:103:201:Station Number 3:/FRVIS/OBJ:/FRVIS/OBJ/go
sta4:x:104:201:Station Number 4:/FRVIS/OBJ:/FRVIS/OBJ/go
sta5:x:105:201:Station Number 5:/FRVIS/OBJ:/FRVIS/OBJ/go
sta6:x:106:201:Station Number 6:/FRVIS/OBJ:/FRVIS/OBJ/go
sta7:x:107:201:Station Number 7:/FRVIS/OBJ:/FRVIS/OBJ/go
sta8:x:108:201:Station Number 8:/FRVIS/OBJ:/FRVIS/OBJ/go
sta9:x:109:201:Station Number 9:/FRVIS/OBJ:/FRVIS/OBJ/go
sta10:x:110:201:Station Number 10:/FRVIS/OBJ:/FRVIS/OBJ/go
sta11:x:111:201:Station Number 11:/FRVIS/OBJ:/FRVIS/OBJ/go
sta12:x:112:201:Station Number 12:/FRVIS/OBJ:/FRVIS/OBJ/go
sta13:x:113:201:Station Number 13:/FRVIS/OBJ:/FRVIS/OBJ/go
sta14:x:114:201:Station Number 34:/FRVIS/OBH:/FRVIS/OBJ/go
Actually for the articles sake, this is a bit edited so that
it is not as long..... Now, lets take one of these guys and
examine it....
sarem:x:0:0:SA Menus Remote Execution:/sa:/bin/sh
^ ^ ^ ^
Username Password<none> Brief Discrition Shell
Now, look at the Shell field.... There are several types of
shells, such as sh <Standard Shell>, csh, and ksh <Kernal Shell>.
What does this mean? Shell are nothing more than work areas.
That is, if you are one of those three shells, you can work
at a Unix based level, meaning you are actually dealing with
the operating system itself, similar to when you login under
the root account.... You are working with Unix itself. Now
lets look at another......
sta10:x:110:201:Station Number 10:/FRVIS/OBJ:/FRVIS/OBJ/go
^ ^ ^ ^
Username Password Brief Discription Whats This!?!?
Hmmmm, look at where are shell should be.. there is no sh, csh or
ksh shell but rather "go" in the "/FRIVIS/OBJ" directory?!?
Actually it is rather simple... It is a program that is executed
at login, and this account has NO shell access. Look at it this
way, at DMV they had a choice to make everyone learn Unix or
create a simple menu system so that any idiot could us it <No
offense to any DMV people, but it is the truth>. Before we
go executing this menu system, would it not be nice to look like
everyone else that logs in other than standing out as the root
superuser? Heres what you do.... Logout and call back, this time
login under "sysadm", with, of course, no password. Just follow
instructions and make a new account, and call it sta50 or
something like that, so you won't stand out. Make it just like
the other sta accounts <See the passwd file above>, BUT when
it talks about a shell, tell it you want a "/bin/sh" shell, or
what ever you desire. Once you have made your new account, quit
and login under "sta50" with no password, and boom, you fit
right in, if someone looks at ya! But wait, with a "sh" shell you
are no longer superuser right? Wrong. If you hit any files that
are out of your access to touch, type "su" <For superuser>, and
of course, you will not be prompted for a password. Ok, thats
out of the way.... You fit right in... Now, lets go back to
this "go" thingy that we were discussing above.
<BTW I am aware of the fact that you can create logins using>
<vi editor, but for the articles sake, we will keep it simple>
Remember that the program was in the FRIVIS/OBJ directory, so
simply type.....
# cd /FRVIS/OBJ
^
Note: I am SuperUser
The cap's DOES matter.... When you see something in cap's, type
it that way! Ok, now we are in this directory where the program
"go" is.... We are a bit curious to see what this "go" thang
does.. So type.......
# exec go
Here is what you should get.....
M61L10- --------------------- LOG ON -------------------- CLERK:
ENTER OPERATOR NAME (__________)
ENTER YOUR ALLOWED_FUNCTIONS ( ) 1. TITLE ONLY
2. REGIS ONLY
3. REGIS/TITLE
4. CASHIER ONLY
5. TITLE/CASHIER
6. REGIS/CASHIER
7. REGIS/CASHIER/TITLE
NOTE: ENTER OPERATOR NAME AND ALLOWED FUNCTIONS AND PRESS RETURN.
IF CORRECT, YOU WILL BE PROMPTED FOR YOUR PASSWORD.
Oh, great! We have to login AGAIN! Never fear! Remember, we are
SUPERUSERS! So get out of this crap and re-login under your
fake account... Now, considering that the above is actually a
program that is asking for a password, we know that the program
must store the Usernames/Access levels/Passwords in a file.
So re-login, at go to the following directory like this....
# cd /FRVIS/DATA
In this directory, you can get a file called OPERATER, that contains
all the accounts that the people at DMV use...Once in this
directory, type......
# cat OPERATOR
Now, cat the file called "OPERATOR", it should look like this..
00000100NAME00 PASS00070000
00000101DIEFENDORF050967030000
00000102THOMAS 090265030000
00000103MOODY M 011538070000
00000104NAME04 PASS04030000
00000105NAME05 PASS05030000
00000106JACKSON C 050543030000
00000107HASLE BO 041449030000
00000108SHOUPE PAM081262030000
00000109CHAMBERS 042637070000
00000110RABONR 111152070000
00000111FRIERSON 031944070000
00000112MEDLEY D 021659030000
00000113MERRITT L 042159070000
00000114REED T 082160030000
00000115HILTON J ADASST070000
00000116MIDDLETOND041033040000
00000117CARPENTER 030868030000
00000118HENDERSONA123058030000
00000119FABIAN P 040538030000
00000120JACKSON A 061164030000
00000121HODGES S 092957070000
00000122CONE V 092731070000
00000123WILLIAMS R082757070000
00000124DRINKWATER112957030000
00000125STRUMSKI V043036030000
00000126KITTRELL 013063030000
00000127WILLIAMS S073170030000
00000128SHARPE B 051451070000
00000129FOUNTAIN 062834070000
00000130NAME01 PASS1 070000
00000131NAME1 PASS1 070000
00000132JORDAN MAGGOT070000
00000133CLERK20 AUTOAP060000
00000134CLERK27 AUTONM060000
00000135NAME35 PASS35070000
00000136NAME36 PASS36070000
00000137NAME37 PASS37070000
00000138NAME38 PASS38070000
00000139NAME39 PASS39070000
00000140NAME40 PASS40070000
00000199MAGGOT-1 MAGGOT070000
00000151UNISYS UNISYS070000
Now, to decipher this crap... Lets look at one.....
00000199MAGGOT-1 MAGGOT070000
^ ^ ^
Username Passwd Access Level
Ok, their username is Maggot-1, their password is Maggot and
their access level is 7000. Let me explain a little more about
how you came to this.... Go to the beginning of the string, now
count 8 places out... You will land on the M... From here you
can see how I got maggot-1. Now, move to the second maggot, and
go up to the first 0 you hit. Now anything past the zero is
the level... The lower the better..... Use levels 3000 preferably.
Here, let look at another......
00000135NAME35 PASS35070000
^ ^ ^
User Passwd Level
So the username is....... NAME35, Password35 at level 7000
<or what ever they call it>.
Now we can use DMV as it is supposed to be used. So go back to
the directory FRVIS/OBJ and execute go. Now when it asks you for
a operator name and password, you will know exactly what to do!
Before I leave you off hack'in DMV, let me state that DMV is
NOT in anyway fun to use. You must supply VIN's, Registration
dates, and it just a pain in the ass... The advanages are that
you can find out where people live, fone numbers <Private/
Non-Private line>, driving records, tag numbers, police cars
tag numbers....... Alot of shit! Chow!
---==<Beaver>==---
Moderator Hack! UnRegNet
Moderator Hacker! UnRegNet
Moderator VAX/VMS UnRegNet
Member SAOO
==================================
-+| Hacking the Telenet Network |+-
==================================
= Constructed by, =
= Altos =
+========+========+
============================|========|========|===================================
Some things to do while online with Telenet and Tymnet. While at the @ on
the Telenet system type "mail" or "C mail" or "telemail" or even "c telemail"
this access's telenets mail system simple entitled "Telemail" from there it
will ask "user name" or something like that type "phones" next it will prompt
you "password" enter "phones". The phones service has alot of worthy
information it will give you a menu to choose from the rest should be self
explanatory. Along with the other information on the phones service there
is a complete updated list of all Telenet access numbers which is conveinent.
Once you have tried the phones service also on telemail enter
"Intl/Associates" as the user name and "Intl" for the international access
numbers. If you are calling from overseas somewhere connect with an telenet
access number then type this Nua at the telenet @ prompt "311020200142" and
enter the username and password.
You might want to pick up a sort of a reference booklet on Telenet simply
again call the customer service number and ask them for "How to use Telenet's
Asychronus Dial Service" and give them your address which is self
explanatory. Another tidbit of info you would like to know if you already
didnt know that Telenet is owned by Us Sprint long distance service.
another way to obtain access to this network from your home or apartment
even a phone booth, you first need to know a number to connect to.
The international number is as follows: 1-800-424-9494, And the local
access number for telenet is 561-8830 E71 You need to
have your modem settings at E71 and your terminal at VT100, after you
connect you will see 'TERMINAL=' at this prompt you need to enter a
'@' and then press enter, you should then get a '@' at this prompt
enter your telenet address let's say we tried '655321'
EX: @ 655321
blah blah blah CONNECTED!
Virgin Island Coast Guard
Login> hack it!
Password> hack it!
After you have tried unsucessfully a few times, it will proceed to
bump you off so do not be alarmed by it, disconnection will (should)
occur after the incorrect password, not during entering a user or such
after you get booted it will send you back to the telenet prompt '@'
where you can again enter another address.
The first thing your going to have to have is your Access number it is
very easy to get your local access number. Simply call telenet at
1-800-TELENET that is thier customer service number and ask for your
dialup the operator will ask for your area code and prefix of your phone
number he/she will also ask your baud rate. There are many telenet
ports across the country and internationly with varying baud rates
from 110 bps (yuck) to 9600 (i wish i had) so you will want your
maximum baud port most locations have atleast 1200 many have 2400 and
not alot have 9600 ports like for big cities like Detroit and Los
Angeles at the end of the file i will list some useful numbers.
I. HOW TO USE THIS NETWORK
How to use this network was explain in short detail above, however ther
is more to the explainations on how to use this network, if you try to
enter just shit at the telent prompt '@' it will not recognize it, it
will come up with a '?' write under your telenet prompt, all the prompt
will except is address. Also not explained already is the format of
address, all address are not in the format of xxxxxx (6 digits) you
can have address like 123456.7, and so on, This is a clever little way
to find a back door to a system, let's give another example.
EX: 123456
REJECTING CONNECTIONS, TRY BACK LATER
Well yeah, it's true telenet address 123456 is rejecting, but
possibly 123456.5 isn't, and that is your way into a system
however, this doesn't always work. So you may end up logging
off and trying back later. Error messages are always going to
be learking around just waiting to get in the way of your hack
so I put together a few to watch for, and a brief explanation to
them in topic III
II. - TELENET TERMS
Not Available
Not Operating
Not Responding - Your net feed can't accept your request, and try it back
later.
Not Connected - You have entered a telenet command thats is only able to
be used while in a connection type 'cont' to get back in
a connection.
Not Reachable - A temporary probelm or condition keeps you from using the
network.
Password - This is the prompt which appears after you have entered an
NUI (Network User Idenifaction).
Invalid User ID
or Password - The NUI you used is not valid.