💾 Archived View for gemini.spam.works › mirrors › textfiles › hacking › hackunlm.hu1 captured on 2023-01-29 at 07:46:47.
⬅️ Previous capture (2021-12-04)
-=-=-=-=-=-=-
The Mickey Mouse Club Presents... __ __ ____ __ __ __ ______ _____ ______ __ __ __ __ __ __ __ __ __ __ __ __ ______ ________ __ ___ ____ _____ ______ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ ______ __ __ ______ Hackers Unlimited __ __ __ __ __ ______ __ __ ______ ______ ______ ____ __ __ ___ __ __ __ ___ ___ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ ____ __ __ __ __ __ ___ __ __ __ __ __ __ __ __ __ ____ __ __ ______ ______ __ __ ______ __ ______ ____ Magazine Volume 1 Issue 1 Released 10/02/89 Editors The Dark Lord Cardiac Arrest -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Hackers Unlimited Volume 1, Issue 1 Table Of Contents # Title Author ------==========================================------------------------------- 1 Information about The Mickey Mouse Club Editors 2 Artical Submission Policies Editors 3 Introduction Editors 4 How Ma Bell Crushed The Blue Box Cardiac Arrest 5 Beige Boxing Cardiac Arrest 6 Basic Information About Credit Cards Midnight Caller 7 MMC Guide To Hacking, Phreaking, Carding The Dark Lord 8 A Novice's Guide To Hacking - 1989 Ed. The Mentor 9 Cable Piracy Psycho Bear 10 Pyro File 1 Fallen Angel 11 Pyro File 2 Fallen Angel 12 Pyro File 3 Fallen Angel 13 Social Engineering Fallen Angel 14 Listings Compilations 15 Closing Notes Editors ------==========================================------------------------------- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- What is The Mickey Mouse Club? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The Mickey Mouse Club was founded by Cardiac Arrest and The Dark Lord. The name MMC came about because we couldn't think of a better one. We are basically a cracking club. Aside from cracking, we write instructional text files, and an electronic magazine called Hackers Unlimited Magazine, designed to help beginning hackers and phreakers. We are also the authors of programs such as Data Protect, a file that, as the name implies, provides features such as data ecnryption/decryption, file hiding, file clearing, and several other functions. MMC Membership ~~~~~~~~~~~~~~ Since we are still a comparitively new group, we are looking for members of the underground BBS community who can do one or more of the following : * Crack games (or other programs) * Draw crack screens * Write instructional text files about phreaking, hacking, carding, etc * Contribute to Hackers Unlimited Magazine in other ways than files * Write programs beneficial to the hacking community (ie code hackers, etc) If you are interested in applying for the MMC, contact either Cardiac Arrest or The Dark Lord. If you fit into the above specifications, we will give you permission to fill out our application. After completion, upload your application to the BBS you downloaded it from. Your membership will be considered ONLY if you received the application with permission. It will be based entirely on the application (ie, your truthfullness and knowledge). Hackers Unlimited Magazine ~~~~~~~~~~~~~~~~~~~~~~~~~~ The Mickey Mouse Club puts out an electronic newsletter/magazine called Hackers Unlimited Magazine. This magazine is devoted to informing the hacking community about hacking, phreaking, carding, or anything else or interest. It is geared towards beginners, but we hope some experienced hackers will benefit from it also. The editors of the magazine are the founders of the MMC, Cardiac Arrest and The Dark Lord. ANYONE may write for HU magazine, and we would like to encourage readers to submit any articles they have written to a HU Support Board. We would also like to encourage comments, complaints or suggestions. Where You Can Contact Us ~~~~~~~~~~~~~~~~~~~~~~~~ Cardiac Arrest and The Dark Lord can be contacted on most pirate boards in Denver (303/CODEN), as well as various BBSes around the country. At the time of this writing, we also have a Voice Mail Box: X-XXX-XXX-XXXX Box XXXX -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ___________________________ ___________________________ ___ ___ ___ Submission Policy ___ ___________________________ ___________________________ Hackers Unlimited Magazine is an ongoing newsletter, and we will release issues as regularly as possible. To do this we will need readers to contribute articles for the magazine as often as possible. We ask that if you feel you have something good to write about that will fall within the guidelines for Hackers Unlimited, please submit it. However, we do take pride in the magazine, and we will only accept articles up to our standards. Do not be discouraged if your article is turned down. Although this is not a thing that is expected to happen, if we feel the article is not good, then we do reserve the right to turn down your article. Please don't let that stop you from writing your article. Ninty percent of the articles will NOT be turned down, and by having this policy, we are not wanting to scare off the good writers. We ask that you keep the topic within the guidelines, and make it to the best of your ability. If your article IS turned down, the editors may make suggestions, or, if the changes are minor, permission to edit the file. One thing to keep in mind, we do not base our decisions on the type of computer you own, reputation that you have, age or anything else unrelated to the magazine. The decision whether the article stays or goes is based STRICKLY on the quality of the article itself. To submit an article just find some way of getting in touch with one of the writers of Hackers Unlimited, or even better, one of the editors, The Dark Lord, or Cardiac Arrest. If you do get in touch with one of the writers, you must make sure it is relayed to one or both of the editors, because it will do little or no good if we don't know you're out there. There will be ways listed through out this magazine on how you can get in touch with us, either through support boards, Colorado boards, Vmb's etc. Hope to see an article from you soon and enjoy.........Hackers Unlimited!!! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Introduction : Welcome to the premier issue of Hackers Unlimited Magazine, a magazine designed for the sole purpose of helping hackers, beginning and advanced alike. The editors of this magazine are Cardiac Arrest and The Dark Lord (both from 303). You will undoubtedly notice that several of the articles were written by us. In future issues, we hope to have more articles written by readers, and less written by the editors. Anyways, on with the magazine.... Cardiac Arrest & The Dark Lord Editors, Hackers Unlimited Magazine VMB X-XXX-XXX-XXXX Box XXXX NOTE : This VMB is valid as of the release of this magazine, but may change without notice. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "The Blue Box And Ma Bell" Herb Friedman, Communications Editor Radio Electroncs Magazine November 1987 Typed By : Cardiac Arrest 06/89 Before the breakup of AT&T, Ma Bell was everyone's favorite enemy. So it was not surprising that so many people worked so hard and so successfully at perfecting various means of making free and untracable telephone calls. Whether it was a "Red Box" used by Joe and Jane College to call home, or a "Blue Box" used by organized crime to lay off untracable bets, the technology that provided the finest telephone system in the world contained the seeds of it's own destruction. The fact of the matter is that the Blue Box was so effective at making untracable calls that there is no estimate as to how many calls were made or who made them. No one knows for certain whether Ma Bell lost revenues of $100, $100-million, or $1-billion on the Blue Box. Blue Boxes were so effective at making free, untracable calls that Ma Bell didn't want anyone to know about them, and for many years denied their existence. They even went as far as strong-arming a major consumer science magazine into killing an article that had already been prepared on the Blue and Red boxes. Further, the police records of a major city contain a report concerning a break-in at the residence of the author of that article. The only item missing following the break-in was the folder containing copies of the earliest Blue-Box designs and a Bell-System booklet that described how subscriber billing was done by the AMA machine--a booklet that Ma Bell denied ever existed [article includes picture proving otherwise - Cardiac]. Since the AMA (Automatic Message Accounting) machine was the means whereby Ma Bell eventually tracked down both the Blue and Red Boxes, we'll take time out to explain it. Besides, knowing how the AMA machine works will help you to better understand "phone phreaking." WHO MADE THE CALL Back in the early days of the telephone, a customer's billing was originated in a mechanical counting device, which was usually called a "register" or a "meter." Each subscriber's line was connected to a meter that was part of a wall of meters. The meter clicked off the message units, and once a month someone simply wrote down the meter's reading, which was later interpolated into message-unit billing for those subscriber's who were charged by the message unit. (Flat rate subscriber's could make unlimited calls only within a designated geographic area. The meter clicked off message units for calls outside that area.) Because eventually there were too many meters to read individually, and because more subscribers started questioning their monthly bills, the local telephone companies turned to photography. A photograph of a large number of meters served as an incontestable record of their reading at a given date and time, and was much easier to convert to customer billing by the accounting department. As you might imagine, even with photographs billing was cumbersome and did not reflect the latest technical developments. A meter didn't provide any indication of what the subscriber was doing with the telephone, nor did it indicate how the average subscriber made calls or the efficiency of the information service (how fast the operators could handle requests). So the meters were replaced by the AMA machine. One machine handled up to 20,000 subscribers. It produced a punched tape for a 24-hour period that showed, among other things, the time a phone was picked up (went off-hook), the number dialed, the time the called party answered, and the time the originating phone was hung up (placed on-hook). One other point, which will answer some questions that you're certain to think of as we discuss the Red and Blue boxes: Ma Bell did not want persons outside their system to know about the AMA machine. The reason? Almost everyone had complaints--usually unjustified--about their billing. Had the public been aware of the AMA machine they would have asked for a monthly list of their telephone calls. It wasn't that Ma Bell feared errors in billing; rather, they were fearful of being buried under an avalanche of paperwork and customer complaints. Also, the public beleived their telephone calls were personal and untraceable, and Ma Bell didn't want to admit that they knew about the who, when, and where of every call. And so Ma Bellalways insisted that billing was based on a meter unit that simply "clicked" for each message unit; thatthere was no record, other than for long-distance calls, as to who called whom. Long distance was handled by, and the billing information was done by and operator, so there was a written record Ma Bell could not deny. The secrecy surrounding the AMA machine was so pervasive that local, state, and even federal police were told that local calls made by criminals were untraceable, and that people who made obscene telephone calls could not be tracked down unless the person receiving the cals could keep the caller on the line for some 30 to 50 minutes so the connections could be physically traced by technicians. Imagine asking a woman or child to put up with almost an hours worth of the most horrendous obscenities in the hope someone could trace the line. Yet in areas where the AMA machine had replaced meters, it would have been a simple, though perhaps time-consuming task, to track down the numbers called by any telephone during a 24-hour period. But Ma Bell wanted the AMA machince kept as secret as possible, and so many a criminal was not caught, and many a woman was harried by the obscene calls of a potential rapist, because existence of the AMA machine was denied. As a sidelight as to the secrecy surrounding the AMA machine, someone at Ma Bell or the local operating company decided to put the squeeze on the author of the article on Blue Boxes, and reported to the treasury Department that he was, in fact, manufacturing them for organized crime--the going rate in the mid 1960's was supposedly $20,000 a box. (Perhaps Ma Bell figured the author would get the obvious message: Forget about the Blue Box and the AMA machine or you'll spend lots of time, and much money on lawyer's fees to get out of the hassles it will cause.) The author was suddenly visited ay his place of employment by a Treasury agent. Fortunately, it took just a few minutes to convince the agent that the author was really just that, and the a technical wizard working for the mob. But one conversation led to another, and the Treasury agent was astounded to learn about the AMA machine. (Wow! Can an author whose story is squelched spill his guts.) According to the treasury agent, his department had been told that it was impossible to get a record of local calls made by gangsters: The Treasury department had never been informed of the existence of automatic message accounting. Needless to say, the agent left with his own copy of the Bell System publication about the AMA machine, and the author had an appointment with the local Treasury-Bureau director to fill him in on the AMA Machine. That information eventually ended up with Senator Dodd, who was conducting a congressional investigation into, among other things, telephone company surveillance of subscriber lines--which was a common practice for which there was detailed instructions, Ma Bell's own switching equipment ("crossbar") manual. THE BLUE BOX The Blue Box permitted free telephone calls because it used Ma Bell's own internal frequency-sensitive circuits. When direct long-distance dialing was introduced, the crossbar equipment knew a long-distance call was being dialed by the three-digit area code. The crossbar then converted the dial pulses the the CCITT tone groups, shown in Table 1 [I'll put the table in at the end of the file - Cardiac], that are used for international and truckline signalling. (Not that those do not correspond to Touch-Tone frequencies.) As you can see in that table, the tone groups represent more than just numbers; among other things there are tone groups indentified as KP (prime) and ST (start)--keep them in mind. When a subscriber dialed an area code and a telephone number on a rotary-dial telephone, the crossbar automatically conneceted the subscriber's telephone to a long-distance truck, converted the dial pulses to CCITT tones sent out on the long-distance trunk that set up or selected the routing and caused electro-mechanical equipment in the target city to dial the called telephone. Operator-assisted long-distance calls worked the same way. The operator simply logged into a long-distance trunk and pushed the appropriate buttons, which generated the same tones as direct-dial equipment. The button sequence was KP (which activated the long-distance equipment), then the complete area code and telephone number. At the target city, the connection was made to the called number but ringing did not occur until the operator there pressed the ST button. The sequence of events of early Blue Boxes went like this: The caller dialed information in a distant city, which caused his AMA machine to record a free call to information. When the information operator answered, he pressed the KP key on the Blue Box, which disconnected the operator and gave him access to a long-distance trunk. He then dialed the desired number and ended with an ST, which caused the target phone to ring. For as long as the conversation took place, the AMA machine indicated a free call to an information operator. The technique required a long-distance information operator because the local operator, not being on a long-distance trunk, was accessed through local wire switching, not the CCITT tones. CALL ANYWHERE Now imagine the possibilities. Assume the Blue Box user was in Philadelphia. He would call Chicago information, disconnect from the operator with a KP tone, and then dial anywhere that was on direct-dialing service: Los Angeles, Dallas, or anywhere in the world in the Blue Boxer could get the internatioal codes. The legend often told of one Blue Boxer who, in the 1960's, lived in New York and had a girlfriend at a college near Boston. Now back in the 1960's, making a telephone call to a college town on the weekend was even more difficult than it is today to make a call from New York to Florida on a reduced-rate holiday using one of the cut-rate long-distance carriers. So our Blue Boxer got on an international operator's circuit to Rome, Blue Boxed through to a Hamburg operator, and asked Hamburg to patch through to Boston. The Hamburg operator thought the call originated in Rome and inquired as to the "operator's" good English, to which the Blue Boxer replied that he was an expatriate hired to handle calls by American tourists back to their homeland. Every weekend, while the Northeast was strangled by reduced-rate long-distance calls, our Blue Boxer had no trouble sending his voice almost 7,000 miles for free. VACUUM TUBES Assembly plans for Blue Boxes were sold through classified advertisements in the electronic-hobbyist magazines. One of the earliest designs was a two-tube poertable model that used a 1.5-volt "A" battery for the filaments and a 125-volt "B" battery for the high-voltage (B+) power supply. The portable Blue Box's functional circuit in shown in Fig. 2 [It's nothing you can't find in any good Blue Box g-file, so I won't try to draw it - Cardiac]. it consisted of two phase-shift oscillators sharing a common speaker that mixed the tones from both oscillators. Switches S1 and S2 each represent 12 switching circuits used to generate the tones. (No, we will not supply a working circuit, so please don't write in and ask--Editor)[That's the real editor, not me - Cardiac] The user placed the speaker over the telephone handset's transmitter and simply pressed the buttons that corresponded to the disired CCITT tones. It was just that simple. Actually, it was even easier then it reads because Blue Boxers dicovered they did not need the operator. If they dialed an active telephone located in certain nearby, but different, area codes, they could Blue Box just as if they had Blue Boxed through an information operator's circuit. The subscriber whose line was blue Box conversatio was short, the "dead" phone suddenly came to life the next time it was picked up. Using a list of "distant" numbers, a Blue Boxer would never hassle plain to the telephone company. The difference between Blue Boxing off a subscriber rather than an informatio operator was that the Blue Boxer's AMA tape indicated a real long-distance telephone call--perhaps costing 15 or 25 cents--instead of a freebie. Of course, that is the reason why when Ma Bell finally decided to go public with "assisted" newspaper articles about the Blue Box users they had apprehended, it was usually about some college kid or "phone phreak." One never read of a mobster being caught. Greed and stupidity were the reasons why the kid's were caught. It was the transistor that led to Ma Bell going public with the Blue Box. By using transistors and RC phase-shift networks for the oscillators, a portable Blue Box could be made inexpensively, and small enough to be used unobstrusively from a public telephone. The college crowdin the many technical schools went crazy with the partable Blue Box; they could call the folks back home, their friends, or get a free network (the Alberta and Carolina connections--which could be a topic for a whole separate article) and never pay a dime to Ma Bell. Unlike the mobsters who were willing to pay a small long-distance charge when Blue Boxing, the kids wanted it, wanted it all free, and so they used the information operator routing, and would often talk "free-of-charge" for hours on end. Ma Bell finally realized that Blue Boxing was costing them big bucks, and decided a few articles on the criminal penalties might scare the Blue Boxers enough to cease and desist. But who did Ma Bell catch? The college kids and the greedies. When Ma Bell decided to catch the Blue Boxers she simply examined the AMA tapes for calls to an information operator that were excessively long. No one talked to an operator for 5, 10, 30 minutes, or several hours. Once a long call to an operator appeared several times on an AMA tape, Ma Bell simply monitored the line and the Blue Boxer was caught. (Now do you understand why we opened with an explanation of the AMA machince?) If the Blue Boxer worked from a telephone boothk, Ma Bell simply monitored the booth. Ma Bell might not have known who originated the call, but she did know who got the call, and getting that party to spill their guts was no problem. The mob and a few Blue Box hobbyists (maybe even thousands) knew of the AMA machine, and so they used a real telephone number for the KP skip. Their AMA tapes looked perfectly legitimate. Even if Ma Bell had told the authorities they could provide a list of direct-dialed calls made by local mobsters, the AMA tapes would never show who was called through a Blue Box. For example, if a bookmaker in New York wanted to lay off some action in Chicago, he could make a legitimate call to a phone in New Jersey and then Blue Box to Chicago. Of course, automatic tone monitoring, computerized billing, and ESS (Electronic Switchin Systems) now make that all virtually impossible. but that's the way it was. You might wonder how Ma Bell discovered the tricks of the Blue Boxers. Simple, they hired the perpetrators as consultants. While the initial newspaper articles detailed the potential jail penalties for apprehended Blue Boxers, except for Ma Bell employees who assisted a Blue Boxer, it is almost impossible to find an article on the resolution of the cases because most hobbyist Blue Boxers got suspended sentences and/or probation if they assisted Ma Bell in developing anti-Blue Box techniques. It is asserted, although it can't be easily proven, that cooperating ex-Blue Boxers were paid as consultants. (If you can't beat them, hire them to work for you.) Should you get any ideas about Blue Boxing, keep in mind that modern switching equipment has the capacity to recognize unauthorized tones. It's the reason why a local office can leave their subscriber Touch-Tone circuits actives, almost inviting you to use the Touch-Tone service. A few days after you use an unauthorized Touch-Tone service, the business office will call and inquire whether you'd like to pay for the service or have it disconnected. The very same central-office equipment that knows you're using Touch-Tone frequencies knows if your line is originating CCITT signals. THE RED BOX The Red Box was primarily used by the college crowd to avoid charges when fequent calls were made between two particular locations, say the college and a student's home. Unlike the somewhat complex circuitry of the Blue Box, a Red Box was nothing more than a modified telephone; in some instances nothing more than a capacitor, a momentary switch, and a battery. As you recall from our discussion of the Blue Box, a telephone circuit is really established before the target phone ever rings, and the circuit is capable of carrying an AC signal in either direction. When the caller hears the ringing in his or her handset, nothing is happening at the receiving end because the ringing signal he hears is really a tone generator at his local telephone office. The target (called) telephone actually gets it 20 pulses-per-second ringing voltage when the person who dialed hears nothing--in the "dead" spaces between hearing the ringing tone. When the called phone is answered and taken off hook, the telephone completes a local-office DC loop that is the signal to stop the ringing voltage. About three seconds later the DC loop results in a signal being sent all the way back to the caller's AMA machine that the called telephone was answered. Keep that three-second AMA delay in mind. (By now you should have a pretty good idea of what's coming!) [I'm skipping a paragraph talking about how a telephone circuit works. It is referring to a simple phone schematic that isn't worth drawing, so I ommited the whole paragraph - Cardiac] Now as we said earlier, the circuit can actually carry AC before the DC loop is closed. The Red Box is simply a device that provides a telephone with a local battery so that the phone can generate an AC signal without having a DC connection to the telephone line. The earliest of the Red Boxes was the surplus military field telephone, of which there were thousands upon thousands in the marketplace during the 1950's and 1960's. The field telephone was a portable telephone unit having a manual ringer worked by a crank--just like the telephone Grandpa used on the farm--and two D-cells. A selector switch set up the unit so that it could be connected to a combat switchboard, with the DC power supplied by the switchboard. But if a combat unit wasn't connected to a switchboard, and the Lieutenant yelled "Take a wire," the signalman threw a switch on his field telephone that switched in the local batteries. To prevent the possibility of having both ends of the circuit feeding battery current into the line in opposite polarity--thereby resulting in silence--the output from the field telephone when running from its internal batteries was only the AC representing the voice input, not modulated DC. [I ommited the next two paragraphs, which talk about how to make one. It too has a complicated schematic, so I wont draw it. It's the same stuff you get from any Red Box g-file - Cardiac] PRESS ONCE TO TALK The Red Box was used at the receiving end; let's assume it's the old homestead. The call was originated by Junior (or Sis) at their college 1000 miles away from home. Joe gave the family one ring and then hung up, which told them that he's calling. Pop set up the Red Box. Then Junior redialed the old homestead. Pop lifted the handset when the phone rang. Then Pop closed a momentary-switch for about a half-second, which caused the local telephone office to silence the ringing signal. When Pop released the switch, the folks cantalk to Junior without Junior getting charged because his AMA tape did not show his call was answered--the DC loop must be closed for at least three-seconds for the AMA tape to show Junior's call was answered. All the AMA tape showed is that Junior let the phone ring at the old homestead for almost 30 minutes; a length of time that no Bell Operating Company is likely to believe twice! A modern Red Box is simpy a conventional telephone that's been modified to emulate the vintage 1940 military field telephone. Aside from the fact that the operating companies can now nail every Red Box user because all modern billing equipment shows the AMA information concerning the length of time a caller let the target phone ring, it's use has often put severe psychological strain on the users. [I ommited another paragraph here. It was just some closing stuff. Nothing special - Cardiac] There are no hard facts concerning how many Red Boxes were in use, or how much money Ma Bell lost, but one thing is known: she had little difficulty in closing down Red Boxes in virtually all instances where the old folks were involved because Mom and Pop usually would not tolerate what to them was stealing. If you as a reader have any ideas about using a Red Box, bear in mind that the AMA machine (or it's equivilent) will get you every time, even if you use a phone booth, because the record will show the number being called, and as with the Blue Box, the people on the receiving end will spill their guts to the cops. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Mickey Mouse Club's Guide To -+ Beige Boxing +- Written By : Cardiac Arrest [09/26/89] Introduction : Well, I KNOW that nearly everybody and their brother knows how ~~~~~~~~~~~~ to beige box, but what magazine is complete without a file as basic as that. Anyways, if you know how to beige box, and consider yourself master beiger, skip this and go on to the next file. Otherwise, I'll try to help beginners and maybe give some experienced boxers food for thought. What IS Beige Boxing : If you've ever payed any attention to the phone ~~~~~~~~~~~~~~~~~~~~ company, you've definately seen a guy in funny Ma Bell overalls running around with a funny-looking telephone with gator clips coming out the bottom. That's the Ma Bell version of the "beige box", called a Lineman's Handset. There are literally TONS of uses for a beige boxes, and they are simple to make, so it's usually a good introduction to the phreaking world. The Purpose Of This File : If even one person reads this file and learns ~~~~~~~~~~~~~~~~~~~~~~~~ something, I've accomplished what I set out to do (how cliche, right?). But seriously, I'm going to attempt to provide several easy methods of beige boxing. Some experienced beigers will definately see some familiar designs, but they might also see a new twist or two. I'll also include (hopefully) easy but complete directions of some of the possibilities for use. Back To Reality : Ok, on with the file. There are about as many beige box ~~~~~~~~~~~~~~~ designs as there are uses, and with both, new ideas are always popping up. The designs in this file are by no means the best designs. I HOPE that they're some of the easiest, but who am I to say. Method #1 (Generic, Phone Destroying, Design) Required Materials 1 Telephone that you wont miss (it'll be a permanent beige box) 2 Gator clips 1 Telephone cord 1 Screwdriver 1 Pair of wire cutters 1 Soldering iron Solder Construction 1. Open up the telephone with the screwdriver. I can't give exact directions, because different models vary, but if you can't find the screws, try checking under the plastic plate that holds the phone number of the location. 2. Look at the modular jack (the thingy the phone cord plugs into). Find the red and green wires. These are the ones you want. Trace these wires with your finger to the screw that holds them down. Connect your phone cord to these screws, either by soldering them, or by wrapping them around the screw and tightening it down. 3. Run the telephone cord out the modular jack's hole. If you can't squeeze it through the jack, take the wire cutters the cut the wires leading to it, and yank it out. That should leave planty of room. 4. Re-assemble your phone. 5. At the end of the telephone cord hanging out of the phone, connect the gator clips to the same wires hooked up to the screws inside the housing of the phone. You can connect them either by soldering, or by splicing the wire to them (twisting them around the hole and praying that it holds). Method #2 (A spin-off of #1, but less permanent) Required Materials 1 Telephone (Don't worry, you wont wreck this one) 1 Telephone cord (You can use one of the springy ones that you always tangle up when you're on the phone) 2 Gator clips 1 Pair of wire cutters 1 Soldering iron Solder Construction 1. Cut the modular plug (the thing that plugs into the wall or telephone set) off ONE end of the telephone cord. 2. Find the red and green wires and connect the gator clips to these by soldering or splicing them. 3. Connect the other end (the that still has a plug) to a telephone. Method #3 (Similar to #2, but using a wall jack instead of a cord) Required Materials 1 Telephone (This wont get wrecked, either) 1 Modular telephone wall jack (This WILL get wrecked) 2 Gator clips 1 Pair of wire cutters 1 Soldering iron Solder Construction 1. Look on the back of the wall jack. You should see the typical red and green wires going into the back of the jack. Leave the end going into the jack alone, but trace them to where the go into the plate holding the jack. Cut them here (being sure, as I said, to leave the jack end alone). 2. Hook the gator clips up to the red/green wires. 3. Plug the phone into the wall jack. Testing Your Box : Ok, now that you've got one of the boxes described above ~~~~~~~~~~~~~~~~ (or a different one...I really don't care), you ready to go. Go outside, and on the side of your house, you should be able to find a small, approximately 3" X 3", puke-green box, with a bolt in the middle of it. Take a wrench (I'm not sure what the size is, but a 10mm wrench works for me, and that's all I really care about. But be careful, since it's not exact, you might strip it) and take off the bolt. You'll probably have to clear out some cobwebs, since it hasn't been used in a while. Inside the box, you should see four screws (one on each corner) with the typical red/green wires connected to them. (If you have two phone lines, the bottom screws will have black/yellow wires, if you have one phone line, the bottom wont have any). You can probably guess what happens from here--Hook the gator clips up to the screws. You should get a dial tone. If you didn't, make sure the connection is clean, that you're hooked up to the right terminals(screws), etc. If you still don't get one, you're screwed. That means there's something wrong with your box. If you do get a dial tone, you're probably guessing what you can do from here. Where Can You Use The Beige Box : You can use the beige box on several pieces ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ of equipment. You can go to you're best friend's house and use it like I described. You can open up one of those ugly green boxes about 3' high in the back yard of every couple houses. Inside you'll see pretty much the same thing as at individual houses, only there's several houses running through the box, not just yours. I have heard that you can use a beige inside a Ma Bell manhole, but I crawled down one (not fun) and there was a huge plastic tube. You can see the telephone wires inside, but I have no idea how to get to them. There are definately more uses, but these are the ones I've been exposed to. The Box Of Many Uses : As I've mentioned, there are TONS of uses for beige ~~~~~~~~~~~~~~~~~~~~ boxes, and the ones I explain are merely the ones I've had some fun with. It's all basically the same, but there are some interesting twists. Conferences : Definately one of the funnest. It's easier to do than explain, ~~~~~~~~~~~ but I'll give it a shot. First, call up a conference service (I'll list them in a second). From here, you'll pretty much get instructions (at least on the ones I've used). Basically, you call up your buddies, tell them what's going on, and hit a key (usually *) and they get put into the conference. From there, you and all your friends can all talk to each other, trade codes, etc. Get the idea? (You can even call foreign numbers. On our conference, we voiced a user from Italy and called a hotel in Madrid for someone to practice Spanish....) Conference Services : 0-700-456-1000 0-700-456-1001 0-700-456-1002 0-700-456-1003 0-700-456-1004 0-700-456-2000 0-700-456-2001 0-700-456-2002 0-700-456-2003 0-700-456-2004 Tapping : If you hook up your beige box, and hear voices, the rightful owner ~~~~~~~ of the line is obviously using it. Well, that's about all there is to phone tapping. Just shut up and listen. L/D Calling : Hey, it's not YOUR bill, so go ahead and call your pal in ~~~~~~~~~~~ France. Maybe voice verify some users on your BBS.... Dial-A-Porn : Hey, wait!! How'd that get in here? ~~~~~~~~~~~ Conclusion : That's about it. I wont pretend to be an expert on beige boxes, ~~~~~~~~~~ so I wont say that these are the limits, or that these are the best methods. I'm just trying to provide a non-technical introduction to phreaking. Well, if anyone has any comments, questions, or come up with any new ideas, let me know. MMC [09/26/89] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =============================================================================== Basic Information About Credit Cards =============================================================================== There are at least three types of security devices on credit cards that you aren't supposed to know about. They are the account number, the signature panel, and the magnetic strip. The Account Number ------------------ A Social Security card has nine digits. So do two-part Zip codes. A domestic phone number, including area code, has ten digits. Yet a complete MasterCard number has twenty digits. Why so many? It is not mathematically necessary for any credit-card account number to have more than eight digits. Each cardholder must, of course, have a unique number. Visa and MasterCard are estimated to have about sixty-five million cardholders each. Thus their numbering systems must have at least sixty-five million available numbers. There are one hundred million possible conbinations of eight digits-- 00000000, 00000001, 00000002, 00000003, all the way up to 99999999. So eight digits would be enough. To allow for future growth, an issuer the size of Visa of MaserCard could opt for nine digits---enough for a billion differnt numbers. In fact, a Visa card has thirteen digits and sometimes more. An American Express card has fifteen digits. Diners Club cards have fourteen. Carte Blanche has ten. Obviously, the card issuers are not projecting that they will have billions and billions of cardholders and need those digits to ensure a different number for each. The extra digits are actually a security device. Say your Visa number is 4211 503 417 268. Each purchase must be entered into a computer from a sales slip. The account number tags the purchase to your account. The persons who enter account numbers into computers get bored and sometimes make mistakes. They might enter 4211 503 471 268 or 4211 703 417 268 instead. The advantage of the thirteen-digit numbering system is that it is unlikely any Visa cardholder has 4211 503 471 268 or 4211 703 417 268 for an account number. There are 10 trillion possible thirteen-digit Visa numbers (0000 000 000 000;0000 000 000 0001;... 9999 999 999 999). Only about sixty-five million of those numbers are numbers of actual active accounts. The odds that an incorrectly entered number would correspond to a real number are something like sixty-five million in ten trillion, or about one in one hundred and fifty thousand. Those are slim odds. You could fill up a book the size of this one {note, book is 228 pgs long} with random thirteen-digit numbers such as these: 3901 160 943 791 1090 734 231 410 1783 205 995 561 9542 425 195 969 2358 862 307 845 9940 880 814 778 8421 456 150 662 9910 441 036 483 3167 186 869 267 6081 132 670 781 1228 190 300 350 4563 351 105 207 Still you would not duplicate a Visa account number. Whenever an account number is entered incorrectly, iw will almose certainly fail to match up with any of the other account nubmers in the computer's memory. The computer can then request that the number be entered again. Other card-numbering systems are even more secure. Of the quadrillion possible fifteen-digit American Express card numbers, only about 11 million are assigned. The chance of a random number happening to correspond to an existing account number is about one in ninety million. Taking into account all twenty digits on a MasterCard, there are one hundred quintillion (100,000,000,000,000,000,000) possible numvers for sixy-five million card- holders. The chance of a random string of digits matching a real MasterCard number is about one in one and a half trillion. Among other things, this makes possible those television ads inviting holders of credit cards to phone in to order merchandise. The operators who take the calls never see the callers' cards nor their signatures. How can they be sure the callers even have credit cards? They base their confidence on the security of the credit-card numbering systems. If someone calls in and makes up a creditcard number--even being careful to get the right number of digits--the number surely will not be an existing real credit-card number. The deception can be spotted instantly by plugging into the credit-card company's computers. For all practical purposes, the only way to come up with a genuine credit-card number is to read it off a credit card. The number, not the piece of plastic, is enough. Neiman-Marcus' Garbage Can -------------------------- The converse of this is the fact that anyone who knows someone else's card number can charge to that person's account. Police sources say this is a major problem, but card issuers, by and large, do their best to keep these crimes a secret. The fear is that publicizing the crimes may tempt more people to commit them. Worse yet, there is alomost nothing the average person can do to prevent being victimized {muhaha} -- short of giving up credit cards entirely. Lots of strangers know your credit-card numbers. Everyone you hand a card to--waiters, sales clerks, ticket agents, hairdressers, gas station attendants, hotel cashiers--sees the account number. Every time a card is put in an imprinter, three copies are made, and two are left with the clerk. If you charge anything by phone or mail order, someone somewhere sees the number. Crooks don't have to be in a job with normal access to creditcard numbers. Occasional operations have discovered that the garbage cans outside prestige department or specialty stores are sources of high-credit-limit account numbers. The crooks look for the discarded carbon paper from sales slips. The account number is usually legible--as are the expiration date, name, and signature. (A 1981 operation used carbons from Koontz Hardware, a West Hollywood, California, store frequented by many celebrities.) Converting a number into cash is less risky than using a stolen credit card. The crook need only call an airline, posing as the cardholder, and make a reservation on a heavily traveled flight. He usually requests that tickets be issued in someone else's name for pickup at the airport (airlines don't always ask for ID on ticket pickups, but the crook has it if needed) and is set. The tickets can be sold at a discount on the hot- ticket market operating in every major airport. There are other methods as well. Anyone with a Visa or MasterCard merchant account can fill out invoices for nonexistent sales and submit them to the bank. As long as the account numbers and names are genuine, the bank will pay the merchant immediately. For an investment of about a thousand dollars, an organized criminal operation can get the pressing machines needed to make counterfeit credit cards. Counterfeiting credit cards in relatively simple. There are no fancy scrolls and filigree work, just blocky logos in primary colors. From the criminal's standpoint, the main advantage of a counterfeit card is that it allows him to get cash advances. For maximum plundering of a line of credit, the crook must know the credit limit as well as the account number. To learn both, he often calls an intended victim, posing as the victim's bank: CROOK: This is Bank of America. We're calling to tell you that the credit limit on your Visa card has been raised to twelve hundred dollars. VICTIM: But my limit has always been ten thousand dollars. CROOK: There must be some problem with the computers. Do you have your card handy? Could you read off the embossed number? On a smaller scale, many struggling rock groups have discovered the knack of using someone else's telephone company credit card. When a cardholder wants to make a long-distance call from a hotel or pay phone, he or she reads the card number to the operator. The call is then billed to the cardholder's home phone. Musicians on tour sometimes wait by the special credit-card-and-collect-calls-only booths at airports and jot down a few credit card numbers. In this way, unsuspecting businesspeople finance a touring act's calls to friends at home. If the musicians call from public phones, use a given card number only once, and don't stay in one city long, the phone company seems helpless to stop them. What makes all of these scams so hard to combat is the lead time afforded the criminal. Theft of a credit card--a crime that card issuers will talk about--is generally reported immediately. Within twenty-four hours, a stolen card's number is on the issuer's "hot list" and can no longer be used. But when only a card number is being used illicitly, the crime is not discovered until the cardholder recieves his first inflated bill. That's at least two weeks later; it could be as much as six weeks later. As long as the illicit user isn't too greedy, he has at least two weeks to tap into a credit line with little risk. The Signature Panel ------------------- You're now supposed to erase the signature panel, of course. Card issuers fear that crooks might erase the signature on a stolen credit card and replace it with their own. To make alteration more difficult, many card signature panels have a background design that rubs off if anyone tries to erase. There's the "fingerprint" design on the American Express panel, repeated Visa or MasterCard logos on some bank cards, and the "Safesig" desgn on others. The principle is the same as with the security paper used for checks. If you try to earse a check on security paper, the wavy-line pattern erases, leaving a white area-- and it is obvious that the check has been altered. Rumors hint of a more elaborate gimmick in credit-card panels. It is said that if you erase the panel, a secret word--VOID--appears to prevent use of the card. To test this rumor, fifteen common credit cards were sacrificed. An ordinary pen eraser will erase credit-card signature panels, if slowly. The panels are more easily removed with a cloth and a dry-cleaning fluid such as Energine. This method dissolves the panels cleanly. Of the fifteen cards tested, six had nothing under the panel(other than a continuation of the card back design, where there was one). Nine cards tested had the word "VOID" under the panel. In all cases, the VOIDs were printeed small and repeated many times under the panel. The breakdown: Void Device Nothing -------------------------------------- Bloomingdale's American Express Gold Card Bonwit Teller Broadway Bullock's MasterCard(Citibank) Chase Convenience B.C. Neiman-Marcus I. Magnin Robinson's Joseph Magnin Saks Fifth Avenue First Interstate B.C. Montgomery Ward Visa (Chase Manhattan) When held to a strond light, the VOIDs were visible through the Blooming- dales's card even without removing the panel. The VOID device isn't foolproof. Any crimianl who learns the secret will simply refrain from trying to earse the signature. Most salesclerks don't bother to check signatures anyway. Moreover, it is possible to paint the signature panel back in, over the VOIDs--at least on those cards that do not have a design on the panel. (Saks' panel is a greenish-tan khaki coler that would be difficult to match with paint.) The panel is first removed with dry-cleaning fluid. The back of the card is covered with masking tape, leaving a window where the replacement panel is to go. A thin coat of flat white spray paint simulates the original panel. The Magnetic Strip ------------------ The other security device on the back of the card, the brown magnetic strip, is more difficult to analyze. Some people think there are sundry personal details about the cardholder stored in the strip. But the strip has no more information capacitythan a similar snippet of recording tape. For the most part banks are reticent about the strip. The strip need not contain any information other than the account number or similar indentification. Any futher information needed to complete an automatic-teller transaction-- such as current account balances--can be called up from bank computers and need not be encoded in the strip. Evidently, the card expiration date is in the strip. Expired cards are "eaten" by automatic-teller machines even when the expired card has the same account number and name as its valid replacement card. Credit limit, address, phone number, employer, etc, must not be indicated in this strip, for banks do not issue new cards just because this info changes. It is not clear if the personal identification number is in the strip or called up from the bank computer. Many automatic-teller machines have a secret limit of three attempts for provideing the correct personal identification nubmer. After three wround attempts, the "customer" is assumed to be a crook with a stolen card, going through all possible permutations--and the card is eaten. It is possible to scramble the information in the strip by rubbing a pocket magnet over it. Workers in hspitals or research facilites with large electromagnets sometimes find that their cards no longer work in automatic-teller machines. (If you try to use a magnetically doctored card, you usually get a message to the effect, "Your card may be inserted incorrectly. Please remove and insert according to the diagram.") The Bloomingdale's Color Code ----------------------------- Only in a few cases does the color of a credit card mean anything. There are, of course, the American Express, Visa, and MasterCard gold cards for preferred customers. The Air Travel Card comes in red and green, of which green is better. (With red, you can charge tickets for travel within North America only.) The most elaborate color scheme, and a source of some confusion to status-conscious queues, is that of Bloomingdale's credit department, here is how it works: Low color in the pecking order is blue, issued to Bloomingdale employees as a perk in their compensation packages. The basic Bloomingdale card is yellow. Like most department store cards, it can be used to spread payments over several months with the payment of a finance charge. The red card gives holders three months' free interest and is issued to customers who regularly make large purchases. The silver card is good for unlimited spending, but as with a travel and entertainment card, all charges must be paid in thirty days. The gold card offers the same payment options as the yellow card but is reserved for the store's biggest spenders. The End --------------------------------------------------------------------------- Comments and Acknowledgements- The above has been copied from "Big Secrets" WITHOUT permission. Big Secrets is written by Willian Poundstone. This is a great book that tells you hundreds of things you weren't suppose to find out about. The above artical, was only 5 pages out of a book 288 pages long! He also has a new book out called "Bigger Secrets", which is also good. You can find both at almost anybook store, they should be able to special order it. Well it's now midnight, and i'm getting tried... so I hope you have enjoyed this artical, if you wanna talk to me I'm on many boards all over the country. Well later, i'm gonna go watch Star Trek the Next Generation... The above was written by The /\/\idnight Caller a.k.a. Pizzia Man 08/19/89 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Mickey Mouse Club Presents....... The M.M.C. Guide to Hacking, Phreaking, Carding By: The Dark Lord Introduction: ~~~~~~~~~~~~~~ This is a text file is made by The Mickey Mouse Club and we ask that it would be distibuted to others for their use. This file is going to go into depth on how to hack, phreak, and card. There will be information that should help everyone, hopefully!! Hacking: ~~~~~~~~~~ Hacking is a long hard process, unless you get lucky. There are many programs and aids out to make the job a lot easier, but the concept is the same no matter how you use it. First, at least on most things that you hack, you need to get some type of account or vacancy, etc... This is done by randomly entering numbers and or letters until you come up with the proper combination to find the account. Knowing the size of the account number makes this job one-hundred times easier. Thats why I suggest you find out from someone who allready has one or card one. By carding the account, it will die quickly but at least it will give you the length of the account numbers (More on that topic will be expained in the carding section). The accound numbers, do not always just contain numbers or have numbers at all in it. If it has a mix, it makes it a hell of a lot harder to get. You will just have to experiment to find out what charactors are contained in the account. Some Examples of ones that do have mixes of numbers and letters would be Pc Persuit accounts. The forms of them are usuall as such: Account: Pgp014764g Password: 23632k It looks from these that you are pretty much screw because of the way letters are mixed with numbers, thats what makes having a program so much easier. In a lot of circumstances, getting the account is the hardest part that is why having a good background of the system is a major plus in your favor. Once you have got the account, it is time to get the password for this account. Once again having the length and such makes this process not only easier, but faster. just keep entering random passwords of the length or the thought length in until you get a stoke of luck and get it. You MUST remember that 99.5 out of 100 times, this is a long process, and you have to have patience. If you don't you might as well forget ever getting on to the system or have someone else do it for you. Once you have gotten the password, look it over long and hard. Write it down and keep it, examine it. 99% of the time there is a pattern to all the account passwords. Things to look at is the password in reference to the account number. check to see if things have been added to the end or beginning like 00 or 01 or 99 of 0010 thing like that. If you see no relations, the only other way to really find out the pattern in to get another one. Look at both of them together, see if there the same or it account 400's password is 3456 and 402's password is 3458 (they go in order) then just those as a reference to other passwords, take away so much from accounts with a lower number and add the required amounts to accounts with a higher number, etc.... But bassicly, LOOK FOR A PATTERN! Once you have got the password and the account, you have got yourself a passage way in. Although this is what you do to succeed, you have to take many precautions. They do NOT like us messing with the system and they obviously want you to pay just like the others, so they will take necessary means to nail you. They trace like you wouldn't belive. They will trace right as you get on, if you happen to be unlucky, you will never know when they are doing it either, you must ALWAYS be aware of the dangers and take precautions!!! Even on things that you wouldn't think that they would trace you but, be carfull. Whether they trace depends on a couple of things, here are a few major ones: 1. There bank balance 2. There desire to catch you 3. The amount of infestation in there system There are things that you can do to protect yourself, these are not all of them and none of them are sure fire ways, but hey, cutting down your chances of getting caught makes a world of difference, because remember, All the fun is taken away if you caught. Some things to do to protect yourself is: 1. Use a diverter 2. Use false information about you 3. Never stay On-line too long 4. Call during late or early hours, were there is most likely no one monitoring the system 5. Don't call frequently or during the same hours, regulate it Once again these are not all of them but these are some of the "More" helpfull things. If you follow all the step, you can reduce the change of getting caught by about 40%. If you do get caught there is not a whole lot that you can do, but some tips are, first, don't reveal any information on what you have done. Deny all charges. Sencond, plea bargin with knowladge of things, like hacked sytems etc.. But never admit that you did it. Three, and most important, get a GOOD LAWYER!!!!!!! DIFFERENT TYPES OF SYSTEMS: Pc Persuit Cp\m Trw Unix Vmb Vms These are just a few systems, if I made a complete list There would be pratically no end to it, there are millions. Phreaking: ~~~~~~~~~~~~ Phreaking, Ahhhwwww, the wonderfull world of phreaking. Well to start with Phreaking is "The use of Telecommunications to others besides people of the Phone Company". Well thats my version of the definition at least. Using codes is wuit easy, there are different parts to it, the Dial-up, the code, and the number. First you will have to dial in the dial-up and on most dial ups you will get a tone or a buzz or click or something to that effect. Once you hear this, and you will know when you hear it you dial in the code. Sometime you will get another tone or beep etc. and when you do that is when you dial in the number. If you do not get another tone or whatever you just dial in the number right after you enter the code. You might have to have a test dial up to see how the tones go. In dialing the number once agian the nubers differ. You must enter the area code and then the nuber. Some require that you have a one before the area code but most that I have used do not. You can tell if the code worked right after the number has been put in not just by the error recording that you get but if right off the bat the phone begins to ring, it doesn't work. A code can also be busy. If it is busy it could mean that the code is dead or that too many people are using it at once. You might experiance this often. There are numbers that make phreaking much safer, they are called diverters. What the do is when the number that you have dial is being traced it diverts it to that number. Unless this is virgin or nobody else uses it, you will find that with in a couple of days after it is out, it will be busy, that is the annoyance about diverters, and they are also hard to get. Hacking is also put into play in phreaking by using programs to get dial ups and the codes. Getting these are done in the same way you hack anything else. Just get a program like code thief or code hacker, or make one yourself, it is quite easy. There is a danger with useing the codes. If you hack a code yourself, not just the code but the dial up amd no one else has it you can pretty well bet that it is safe. A newly hacked dial-up/code is considered "Virgin". those Ma bell is not having the problem with people phreaking off of it so they don't bother doing anything with it. But after a while, it will either Die (No Longer work) or they will start tracing off of it. The whole pain about it is, is you will never positively no when they started doing traces or things like that. The codes might be being traced but you are getting the luck of the draw. On most codes they don't trace on every call, they just file it away and watch for like the 50th or 100th caller and then that person gets nailed. You might think if they do trace every 100 calls, that means you have a 1 in 100 chance of getting caught and those are really good odds. Well the odd is 100 to 1 but the is a lot of people that live in areas that they can call with that code. If you figure about 10 million people could use it then about 100,000 of them are. 100,000, hummmmmmm, how odes your odds look now. In a couple minute time spand 99 peoplecould have used it, and lucky you might be the 100th caller. A lot of times the take like every hundered calls and then when they get the 100th caller, that don't just trace one, they trace 100, 101, 102, 103, 104 200, 201, 202 etc. So you chances of getting caught when the heat is on the code is pretty good. There are a couple different types of codes and the two major ones are 1-800's and 950's. 800's can pretty much be dialed from anywhere in the states, but 950's stay in certain areas. Some 950 dial ups are: 9501001 9500266 9500355 9501388 And there are others, but like take me for example, where I live you cannot use 9500266. It will tell you that you cannot use that number from your dialing range or it just won't work. You might get to the point where the dial-up works but not the code. If this is the case it will say: "Invalid authorization Code" Some examples of 1-800's are as follows: 1-800-255-2255 1-800-759-2345 1-800-959-8255 There are many others but those are just a few, very few. There are also 1-800's and others that will send you directly to the operator, you must tell her the code and the number you are dialing. These are NEVER safe to use. but in one case they are alot better. I am out of town a lot so I have to use pay phones right? Well, you are safe with anything with pay phones, so that is a good way to call people. The real good thing them though, is since you must go throught th operator, the codes stay valid for up to 10 times as long as the others. But thenm again another draw back is it is not a line that you want to give real names or numbers over. Because these are often tapped, since the operator know that you used the code, they will listen in quite often, and you will never even notice. Another problem experianced with them is if you are what MMC calls "Petite Flowers", our home made word for, someone that sounds like a little kid, then they really give you a hastle about using the code. I have had a lot of people ask me if the person you are calling with the codes can get busted. The answer is "No". They cannot do anything to the person, just ask him who is calling him with the codes, and they rarely do that. Just let the person you are talking to, if they don't already know, not to tell anyone that you are calling with the codes. The phone companies do have to option of setting up a trace on that persons line and bust you when you do call him with a code. I have never seen this done but do be aware that the phone companies are made up of intellegent adults and they are very smart and can and will nail you in many ways. I am a firm beliver that you should share a the information that you other phreakers and hackers as they should do the same with you. I also see an execption, inexperianced people. They can run it for everyone be not have the knowladge and screwing up. I realize that they need someway to build themselves up to a good phreaker but be cautions in what you give to them. Codes die really often and you really have to keep up with the phone company. Its kinda of a pain to keep up with it on your own as quickly as they work but thats why there is phreaking communities and groups such as Fhp and MMC, the gives the edge to the phreakers in the way that, you have help in keeping up with the phone companies, and in most cases if the groups or communities are working well together, you can eve stay one step ahead of good 'ole Ma bell and others. You really need to find ways of getting codes either from getting acess to the phreaking sections on the pirate boards you call or throught friends, Vmb's Loops, Confrences, etc., just try to find a good connection to people that are into phreaking too. Carding: ~~~~~~~~~~ Although everything talked about in the text file to this point is illegal, and you will get busted if you get caught, this is one one the one that you can get in some major shit over. About the only thing I have talked about that this falls short of is hacking a government compter, and thats one of the Grand daddies of them all. Well, although it is a major crime, it is really cool!!!! This is the process in which you find the card number of someone and use it to purchase things. In order to card, there are a few things that you must have or it will not work. You will need to have........ 1. The Card Number 2. The Experation date 3. Card type (Master Card, Visa, etc...) Those are the main things tha you will need. Having the name of the owner is very helpfull but it is not a must. You can get by without it. You have to order everything you want by mail. A couple of "Beginner" carder that I talked to didn't understand how you would do it, but thats when they had the misconception that you actually go to the store and purchase things. That is a complete No, no. You do everything from a phone ordering service. When you call make sure that you are a t a pay phone. Don't do it your house or anywhere where it can come back to you. When you order the merchandice, once again do send it to anywhere that it can come back to you like your home, work, etc. Find a vacant house or building or anywhere else that you can send it to. Also, don't send it to a P.O. box that you have, just as dangerous. When you do order it and you think its around the time that you will be reciving it, check the mailbox frequently. But do it during odd hours. I mean, hows it going to look you taking a package from a vacant house? Most bills are sent at the end of the month or at the biginning, so try to time it to where the bill won't come to the person untill a couple of days after you have recived the package. Ok heres how to figure it. I have found out that the bills are sent out up around the 26-30th of the month, so they will actually recive the bill around the 31-4th. Have it sent right after you think the bill has been sent. Find what you want, but try to order it from the place that guarentees the fastest delivery. When you order the item, make sure they have it in stock and don't have to get the item in first. Order the highest class of delivery but not COD or next day service. Thats cutting it too close. It should take around 2-4 weeks before you get it and if you timed it right, then it sound get there right before the person gets the bill. You need to have it in your possesion before the bill gets to the person because if they complain, they can keep it from being sent, or watch who actually gets it even while its going throught the mail process. Don't order more than a couple of things or overcharge the card, if the people at the Credit card office, see irregular charging on the card, they will follow up on it. To actually order the item you will call up the place that you will be ordering from, and when the operator answers let her know what you need to as far as what you are purchasing, etc. When she ask how you will be paying just tell her "Charge" and the the type of card like Master Card, Visa, ect. Then Tell them your name, if you don't know the name of the actuall owner of the card, Make up a false name that has NO relation to your name, not the same first, last middle what ever, nothing relating to your real name. Then continue answering all the operators questions, address (Not your own remember!) state, area code etc. They will also ask for your phone number. Make one up, not your own. If something happens to go wrong as far as delivery or if they are checking if you are who you say, then your screwed, unless of course, hehehe, the number is ALWAYS busy. Find the busiest number there is and leave them that. When they ask for the card number and experation, just tell them and do what all else you need. Wish them a good day, and hope you get it. Ok heres how you check if the card is good, and how much money can be charged on the card....... 1. Dail 1-800-554-2265 2. it will ask for the type of the card. you must put in 10 for Master Card and 20 for Visa, I am not sure about the others. 3. Next it will ask for the Identification. You will need to enter 1067 4. After all that you will have to enter the Mecrchant number, which you will either need to put in 24 or 52. One of them should work. 5. You will then have to enter (When Prompted) the card number itself. 6. Next, the experation date of the card. 7. Last but not least the amount you want to try to get on the card. The procedure for this is enter dollars, astricks, then cents. (Example:) 100*30 = One hundred dollars and thirty cents. One thing I do need to mention, after you type in everything you must press pound (#). Like when it asks you for the type of card, if you had a Master Card you would put: 10#. when it asked for identification you would enter 1067#. If it says invalid, that either means that the card is no good or you can't charge that amount on the card. Try it again, but try a lower amount. If you get down to $1 and it still doesn't work, hehehe, you can probably guess that the card is no good. You might not be ordering just merchandice you might be ordering accounts and things like that and if you are, fine, but you have to remember, the accounts do not stay good for very long, the owner of the card gets the bill, complains and its no longer any good. And when you card and account, Nine out of ten times, they won't kill the account, they will trace in and that is when you butts really in a sling. So carding accounts and things, isn't the safest way to go, of course. nothing we have talked about it, right? Conclusion: ~~~~~~~~~~~~~~ Well thats about it for now, there should be a BIG newsletter by The Mickey Mouse Club comming out soon that you have to be sure NOT to miss. I sincerely hope that you have gotten alot out of this file and I would like to ask for suggestions and ideas to make MMC a better orginazation. At this time myself and Cardiac Arresst have a VMB at: 1-800-444-7207 [Ext] 4001. All ideas and suggestions, please bring there. Also, since your making the trip anyways, bring along some phreaking codes and all and any types of accounts. I would be greatly appreciated by: The Mickey Mouse Club. 09/89 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- +++++++++++++++++++++++++++++++++++++++++++++++++ | The LOD/H Presents | ++++++++++++++++ ++++++++++++++++ \ A Novice's Guide to Hacking- 1989 edition / \ ========================================= / \ by / \ The Mentor / \ Legion of Doom/Legion of Hackers / \ / \ December, 1988 / \ Merry Christmas Everyone! / \+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++/ ********************************************************************** | The author hereby grants permission to reproduce, redistribute, | | or include this file in your g-file section, electronic or print | | newletter, or any other form of transmission that you choose, as | | long as it is kept intact and whole, with no ommissions, delet- | | ions, or changes. (C) The Mentor- Phoenix Project Productions | | 1988,1989 XXX/XXX-XXXX | ********************************************************************** Introduction: The State of the Hack ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ After surveying a rather large g-file collection, my attention was drawn to the fact that there hasn't been a good introductory file written for absolute beginners since back when Mark Tabas was cranking them out (and almost