💾 Archived View for spam.works › mirrors › textfiles › hacking › hackunlm.hu1 captured on 2023-06-14 at 16:51:26.
-=-=-=-=-=-=-
The Mickey Mouse Club Presents...
__ __ ____ __ __ __ ______ _____ ______
__ __ __ __ __ __ __ __ __ __ __ __
______ ________ __ ___ ____ _____ ______
__ __ __ __ __ __ __ __ __ __ __ __
__ __ __ __ __ __ __ ______ __ __ ______
Hackers
Unlimited
__ __ __ __ __ ______ __ __ ______ ______ ______ ____
__ __ ___ __ __ __ ___ ___ __ __ __ __ __
__ __ __ __ __ __ __ __ __ __ __ __ ____ __ __
__ __ __ ___ __ __ __ __ __ __ __ __ __
____ __ __ ______ ______ __ __ ______ __ ______ ____
Magazine
Volume 1
Issue 1
Released 10/02/89
Editors The Dark Lord
Cardiac Arrest
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Hackers Unlimited
Volume 1, Issue 1
Table Of Contents
# Title Author
------==========================================-------------------------------
1 Information about The Mickey Mouse Club Editors
2 Artical Submission Policies Editors
3 Introduction Editors
4 How Ma Bell Crushed The Blue Box Cardiac Arrest
5 Beige Boxing Cardiac Arrest
6 Basic Information About Credit Cards Midnight Caller
7 MMC Guide To Hacking, Phreaking, Carding The Dark Lord
8 A Novice's Guide To Hacking - 1989 Ed. The Mentor
9 Cable Piracy Psycho Bear
10 Pyro File 1 Fallen Angel
11 Pyro File 2 Fallen Angel
12 Pyro File 3 Fallen Angel
13 Social Engineering Fallen Angel
14 Listings Compilations
15 Closing Notes Editors
------==========================================-------------------------------
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
What is The Mickey Mouse Club?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Mickey Mouse Club was founded by Cardiac Arrest and The Dark Lord.
The name MMC came about because we couldn't think of a better one. We are
basically a cracking club. Aside from cracking, we write instructional text
files, and an electronic magazine called Hackers Unlimited Magazine, designed
to help beginning hackers and phreakers. We are also the authors of programs
such as Data Protect, a file that, as the name implies, provides features such
as data ecnryption/decryption, file hiding, file clearing, and several other
functions.
MMC Membership
~~~~~~~~~~~~~~
Since we are still a comparitively new group, we are looking for members
of the underground BBS community who can do one or more of the following :
* Crack games (or other programs)
* Draw crack screens
* Write instructional text files about phreaking, hacking, carding, etc
* Contribute to Hackers Unlimited Magazine in other ways than files
* Write programs beneficial to the hacking community (ie code hackers,
etc)
If you are interested in applying for the MMC, contact either Cardiac
Arrest or The Dark Lord. If you fit into the above specifications, we will
give you permission to fill out our application. After completion, upload
your application to the BBS you downloaded it from. Your membership will be
considered ONLY if you received the application with permission. It will be
based entirely on the application (ie, your truthfullness and knowledge).
Hackers Unlimited Magazine
~~~~~~~~~~~~~~~~~~~~~~~~~~
The Mickey Mouse Club puts out an electronic newsletter/magazine called
Hackers Unlimited Magazine. This magazine is devoted to informing the hacking
community about hacking, phreaking, carding, or anything else or interest. It
is geared towards beginners, but we hope some experienced hackers will benefit
from it also. The editors of the magazine are the founders of the MMC, Cardiac
Arrest and The Dark Lord. ANYONE may write for HU magazine, and we would like
to encourage readers to submit any articles they have written to a HU Support
Board. We would also like to encourage comments, complaints or suggestions.
Where You Can Contact Us
~~~~~~~~~~~~~~~~~~~~~~~~
Cardiac Arrest and The Dark Lord can be contacted on most pirate boards in
Denver (303/CODEN), as well as various BBSes around the country. At the time
of this writing, we also have a Voice Mail Box:
X-XXX-XXX-XXXX Box XXXX
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
___________________________
___________________________
___ ___
___ Submission Policy ___
___________________________
___________________________
Hackers Unlimited Magazine is an ongoing newsletter, and we will release
issues as regularly as possible. To do this we will need readers to contribute
articles for the magazine as often as possible. We ask that if you feel you
have something good to write about that will fall within the guidelines for
Hackers Unlimited, please submit it. However, we do take pride in the magazine,
and we will only accept articles up to our standards. Do not be discouraged if
your article is turned down. Although this is not a thing that is expected to
happen, if we feel the article is not good, then we do reserve the right to
turn down your article. Please don't let that stop you from writing your
article. Ninty percent of the articles will NOT be turned down, and by having
this policy, we are not wanting to scare off the good writers. We ask that you
keep the topic within the guidelines, and make it to the best of your ability.
If your article IS turned down, the editors may make suggestions, or, if the
changes are minor, permission to edit the file.
One thing to keep in mind, we do not base our decisions on the
type of computer you own, reputation that you have, age or anything else
unrelated to the magazine. The decision whether the article stays or goes is
based STRICKLY on the quality of the article itself. To submit an article just
find some way of getting in touch with one of the writers of Hackers
Unlimited, or even better, one of the editors, The Dark Lord, or Cardiac
Arrest. If you do get in touch with one of the writers, you must make sure it
is relayed to one or both of the editors, because it will do little or no good
if we don't know you're out there. There will be ways listed through out this
magazine on how you can get in touch with us, either through support boards,
Colorado boards, Vmb's etc. Hope to see an article from you soon and
enjoy.........Hackers Unlimited!!!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Introduction : Welcome to the premier issue of Hackers Unlimited Magazine, a
magazine designed for the sole purpose of helping hackers, beginning and
advanced alike. The editors of this magazine are Cardiac Arrest and The Dark
Lord (both from 303). You will undoubtedly notice that several of the
articles were written by us. In future issues, we hope to have more articles
written by readers, and less written by the editors.
Anyways, on with the magazine....
Cardiac Arrest & The Dark Lord
Editors, Hackers Unlimited Magazine
VMB X-XXX-XXX-XXXX
Box XXXX
NOTE : This VMB is valid as of the release of this magazine, but may change
without notice.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
"The Blue Box And Ma Bell"
Herb Friedman, Communications Editor
Radio Electroncs Magazine
November 1987
Typed By :
Cardiac Arrest
06/89
Before the breakup of AT&T, Ma Bell was everyone's favorite enemy. So it was
not surprising that so many people worked so hard and so successfully at
perfecting various means of making free and untracable telephone calls.
Whether it was a "Red Box" used by Joe and Jane College to call home, or a
"Blue Box" used by organized crime to lay off untracable bets, the technology
that provided the finest telephone system in the world contained the seeds of
it's own destruction.
The fact of the matter is that the Blue Box was so effective at making
untracable calls that there is no estimate as to how many calls were made or
who made them. No one knows for certain whether Ma Bell lost revenues of $100,
$100-million, or $1-billion on the Blue Box. Blue Boxes were so effective at
making free, untracable calls that Ma Bell didn't want anyone to know about
them, and for many years denied their existence. They even went as far as
strong-arming a major consumer science magazine into killing an article that
had already been prepared on the Blue and Red boxes. Further, the police
records of a major city contain a report concerning a break-in at the residence
of the author of that article. The only item missing following the break-in
was the folder containing copies of the earliest Blue-Box designs and a
Bell-System booklet that described how subscriber billing was done by the AMA
machine--a booklet that Ma Bell denied ever existed [article includes picture
proving otherwise - Cardiac]. Since the AMA (Automatic Message Accounting)
machine was the means whereby Ma Bell eventually tracked down both the Blue
and Red Boxes, we'll take time out to explain it. Besides, knowing how the AMA
machine works will help you to better understand "phone phreaking."
WHO MADE THE CALL
Back in the early days of the telephone, a customer's billing was
originated in a mechanical counting device, which was usually called a
"register" or a "meter." Each subscriber's line was connected to a meter that
was part of a wall of meters. The meter clicked off the message units, and
once a month someone simply wrote down the meter's reading, which was later
interpolated into message-unit billing for those subscriber's who were charged
by the message unit. (Flat rate subscriber's could make unlimited calls only
within a designated geographic area. The meter clicked off message units for
calls outside that area.) Because eventually there were too many meters to
read individually, and because more subscribers started questioning their
monthly bills, the local telephone companies turned to photography. A
photograph of a large number of meters served as an incontestable record of
their reading at a given date and time, and was much easier to convert to
customer billing by the accounting department.
As you might imagine, even with photographs billing was cumbersome and
did not reflect the latest technical developments. A meter didn't provide any
indication of what the subscriber was doing with the telephone, nor did it
indicate how the average subscriber made calls or the efficiency of the
information service (how fast the operators could handle requests). So the
meters were replaced by the AMA machine. One machine handled up to 20,000
subscribers. It produced a punched tape for a 24-hour period that showed,
among other things, the time a phone was picked up (went off-hook), the number
dialed, the time the called party answered, and the time the originating phone
was hung up (placed on-hook).
One other point, which will answer some questions that you're certain
to think of as we discuss the Red and Blue boxes: Ma Bell did not want persons
outside their system to know about the AMA machine. The reason? Almost
everyone had complaints--usually unjustified--about their billing. Had the
public been aware of the AMA machine they would have asked for a monthly list
of their telephone calls. It wasn't that Ma Bell feared errors in billing;
rather, they were fearful of being buried under an avalanche of paperwork and
customer complaints. Also, the public beleived their telephone calls were
personal and untraceable, and Ma Bell didn't want to admit that they knew about
the who, when, and where of every call. And so Ma Bellalways insisted that
billing was based on a meter unit that simply "clicked" for each message unit;
thatthere was no record, other than for long-distance calls, as to who called
whom. Long distance was handled by, and the billing information was done by
and operator, so there was a written record Ma Bell could not deny.
The secrecy surrounding the AMA machine was so pervasive that local,
state, and even federal police were told that local calls made by criminals
were untraceable, and that people who made obscene telephone calls could not be
tracked down unless the person receiving the cals could keep the caller on the
line for some 30 to 50 minutes so the connections could be physically traced by
technicians. Imagine asking a woman or child to put up with almost an hours
worth of the most horrendous obscenities in the hope someone could trace the
line. Yet in areas where the AMA machine had replaced meters, it would have
been a simple, though perhaps time-consuming task, to track down the numbers
called by any telephone during a 24-hour period. But Ma Bell wanted the AMA
machince kept as secret as possible, and so many a criminal was not caught, and
many a woman was harried by the obscene calls of a potential rapist, because
existence of the AMA machine was denied.
As a sidelight as to the secrecy surrounding the AMA machine, someone
at Ma Bell or the local operating company decided to put the squeeze on the
author of the article on Blue Boxes, and reported to the treasury Department
that he was, in fact, manufacturing them for organized crime--the going rate in
the mid 1960's was supposedly $20,000 a box. (Perhaps Ma Bell figured the
author would get the obvious message: Forget about the Blue Box and the AMA
machine or you'll spend lots of time, and much money on lawyer's fees to get
out of the hassles it will cause.) The author was suddenly visited ay his
place of employment by a Treasury agent. Fortunately, it took just a few
minutes to convince the agent that the author was really just that, and
the a technical wizard working for the mob. But one conversation led to
another, and the Treasury agent was astounded to learn about the AMA machine.
(Wow! Can an author whose story is squelched spill his guts.) According to
the treasury agent, his department had been told that it was impossible to get
a record of local calls made by gangsters: The Treasury department had never
been informed of the existence of automatic message accounting. Needless to
say, the agent left with his own copy of the Bell System publication about the
AMA machine, and the author had an appointment with the local Treasury-Bureau
director to fill him in on the AMA Machine. That information eventually ended
up with Senator Dodd, who was conducting a congressional investigation into,
among other things, telephone company surveillance of subscriber lines--which
was a common practice for which there was detailed instructions, Ma Bell's own
switching equipment ("crossbar") manual.
THE BLUE BOX
The Blue Box permitted free telephone calls because it used Ma Bell's
own internal frequency-sensitive circuits. When direct long-distance dialing
was introduced, the crossbar equipment knew a long-distance call was being
dialed by the three-digit area code. The crossbar then converted the dial
pulses the the CCITT tone groups, shown in Table 1 [I'll put the table in at
the end of the file - Cardiac], that are used for international and truckline
signalling. (Not that those do not correspond to Touch-Tone frequencies.) As
you can see in that table, the tone groups represent more than just numbers;
among other things there are tone groups indentified as KP (prime) and ST
(start)--keep them in mind. When a subscriber dialed an area code and a
telephone number on a rotary-dial telephone, the crossbar automatically
conneceted the subscriber's telephone to a long-distance truck, converted the
dial pulses to CCITT tones sent out on the long-distance trunk that set up or
selected the routing and caused electro-mechanical equipment in the target city
to dial the called telephone.
Operator-assisted long-distance calls worked the same way. The
operator simply logged into a long-distance trunk and pushed the appropriate
buttons, which generated the same tones as direct-dial equipment. The button
sequence was KP (which activated the long-distance equipment), then the
complete area code and telephone number. At the target city, the connection
was made to the called number but ringing did not occur until the operator
there pressed the ST button. The sequence of events of early Blue Boxes went
like this: The caller dialed information in a distant city, which
caused his AMA machine to record a free call to information. When the
information operator answered, he pressed the KP key on the Blue Box, which
disconnected the operator and gave him access to a long-distance trunk. He
then dialed the desired number and ended with an ST, which caused the target
phone to ring. For as long as the conversation took place, the AMA machine
indicated a free call to an information operator. The technique required a
long-distance information operator because the local operator, not being on a
long-distance trunk, was accessed through local wire switching, not the CCITT
tones.
CALL ANYWHERE
Now imagine the possibilities. Assume the Blue Box user was in
Philadelphia. He would call Chicago information, disconnect from the operator
with a KP tone, and then dial anywhere that was on direct-dialing service: Los
Angeles, Dallas, or anywhere in the world in the Blue Boxer could get the
internatioal codes.
The legend often told of one Blue Boxer who, in the 1960's, lived in
New York and had a girlfriend at a college near Boston. Now back in the
1960's, making a telephone call to a college town on the weekend was even more
difficult than it is today to make a call from New York to Florida on a
reduced-rate holiday using one of the cut-rate long-distance carriers. So our
Blue Boxer got on an international operator's circuit to Rome, Blue Boxed
through to a Hamburg operator, and asked Hamburg to patch through to Boston.
The Hamburg operator thought the call originated in Rome and inquired as to the
"operator's" good English, to which the Blue Boxer replied that he was an
expatriate hired to handle calls by American tourists back to their homeland.
Every weekend, while the Northeast was strangled by reduced-rate long-distance
calls, our Blue Boxer had no trouble sending his voice almost 7,000 miles for
free.
VACUUM TUBES
Assembly plans for Blue Boxes were sold through classified
advertisements in the electronic-hobbyist magazines. One of the earliest
designs was a two-tube poertable model that used a 1.5-volt "A" battery for the
filaments and a 125-volt "B" battery for the high-voltage (B+) power supply.
The portable Blue Box's functional circuit in shown in Fig. 2 [It's nothing you
can't find in any good Blue Box g-file, so I won't try to draw it - Cardiac].
it consisted of two phase-shift oscillators sharing a common speaker that mixed
the tones from both oscillators. Switches S1 and S2 each represent 12
switching circuits used to generate the tones. (No, we will not supply a
working circuit, so please don't write in and ask--Editor)[That's the real
editor, not me - Cardiac] The user placed the speaker over the telephone
handset's transmitter and simply pressed the buttons that corresponded to the
disired CCITT tones. It was just that simple.
Actually, it was even easier then it reads because Blue Boxers
dicovered they did not need the operator. If they dialed an active telephone
located in certain nearby, but different, area codes, they could Blue Box just
as if they had Blue Boxed through an information operator's circuit. The
subscriber whose line was blue Box conversatio was short, the "dead" phone
suddenly came to life the next time it was picked up. Using a list of
"distant" numbers, a Blue Boxer would never hassle plain to the telephone
company. The difference between Blue Boxing off a subscriber rather
than an informatio operator was that the Blue Boxer's AMA tape indicated a real
long-distance telephone call--perhaps costing 15 or 25 cents--instead of a
freebie. Of course, that is the reason why when Ma Bell finally decided to go
public with "assisted" newspaper articles about the Blue Box users they had
apprehended, it was usually about some college kid or "phone phreak." One
never read of a mobster being caught. Greed and stupidity were the reasons why
the kid's were caught. It was the transistor that led to Ma Bell going public
with the Blue Box. By using transistors and RC phase-shift networks for the
oscillators, a portable Blue Box could be made inexpensively, and small enough
to be used unobstrusively from a public telephone. The college crowdin the
many technical schools went crazy with the partable Blue Box; they could call
the folks back home, their friends, or get a free network (the Alberta and
Carolina connections--which could be a topic for a whole separate article) and
never pay a dime to Ma Bell. Unlike the mobsters who were willing to pay a
small long-distance charge when Blue Boxing, the kids wanted it, wanted it all
free, and so they used the information operator routing, and would often talk
"free-of-charge" for hours on end.
Ma Bell finally realized that Blue Boxing was costing them big bucks,
and decided a few articles on the criminal penalties might scare the Blue
Boxers enough to cease and desist. But who did Ma Bell catch? The college
kids and the greedies. When Ma Bell decided to catch the Blue Boxers she
simply examined the AMA tapes for calls to an information operator that were
excessively long. No one talked to an operator for 5, 10, 30 minutes, or
several hours. Once a long call to an operator appeared several times on an
AMA tape, Ma Bell simply monitored the line and the Blue Boxer was caught.
(Now do you understand why we opened with an explanation of the AMA machince?)
If the Blue Boxer worked from a telephone boothk, Ma Bell simply monitored the
booth. Ma Bell might not have known who originated the call, but she did know
who got the call, and getting that party to spill their guts was no problem.
The mob and a few Blue Box hobbyists (maybe even thousands) knew of the AMA
machine, and so they used a real telephone number for the KP skip. Their AMA
tapes looked perfectly legitimate. Even if Ma Bell had told the authorities
they could provide a list of direct-dialed calls made by local mobsters, the
AMA tapes would never show who was called through a Blue Box. For example, if
a bookmaker in New York wanted to lay off some action in Chicago, he could make
a legitimate call to a phone in New Jersey and then Blue Box to Chicago. Of
course, automatic tone monitoring, computerized billing, and ESS (Electronic
Switchin Systems) now make that all virtually impossible. but that's the way it
was.
You might wonder how Ma Bell discovered the tricks of the Blue Boxers.
Simple, they hired the perpetrators as consultants. While the initial
newspaper articles detailed the potential jail penalties for apprehended Blue
Boxers, except for Ma Bell employees who assisted a Blue Boxer, it is almost
impossible to find an article on the resolution of the cases because most
hobbyist Blue Boxers got suspended sentences and/or probation if they assisted
Ma Bell in developing anti-Blue Box techniques. It is asserted, although it
can't be easily proven, that cooperating ex-Blue Boxers were paid as
consultants. (If you can't beat them, hire them to work for you.)
Should you get any ideas about Blue Boxing, keep in mind that modern
switching equipment has the capacity to recognize unauthorized tones. It's the
reason why a local office can leave their subscriber Touch-Tone circuits
actives, almost inviting you to use the Touch-Tone service. A few days after
you use an unauthorized Touch-Tone service, the business office will call and
inquire whether you'd like to pay for the service or have it disconnected. The
very same central-office equipment that knows you're using Touch-Tone
frequencies knows if your line is originating CCITT signals.
THE RED BOX
The Red Box was primarily used by the college crowd to avoid charges
when fequent calls were made between two particular locations, say the college
and a student's home. Unlike the somewhat complex circuitry of the Blue Box, a
Red Box was nothing more than a modified telephone; in some instances nothing
more than a capacitor, a momentary switch, and a battery. As you recall from
our discussion of the Blue Box, a telephone circuit is really
established before the target phone ever rings, and the circuit is capable of
carrying an AC signal in either direction. When the caller hears the ringing
in his or her handset, nothing is happening at the receiving end because the
ringing signal he hears is really a tone generator at his local telephone
office. The target (called) telephone actually gets it 20 pulses-per-second
ringing voltage when the person who dialed hears nothing--in the "dead" spaces
between hearing the ringing tone. When the called phone is answered and taken
off hook, the telephone completes a local-office DC loop that is the signal to
stop the ringing voltage. About three seconds later the DC loop results in a
signal being sent all the way back to the caller's AMA machine that the called
telephone was answered. Keep that three-second AMA delay in mind. (By now you
should have a pretty good idea of what's coming!) [I'm skipping a paragraph
talking about how a telephone circuit works. It is referring to a
simple phone schematic that isn't worth drawing, so I ommited the whole
paragraph - Cardiac] Now as we said earlier, the circuit can actually carry AC
before the DC loop is closed. The Red Box is simply a device that
provides a telephone with a local battery so that the phone can generate an AC
signal without having a DC connection to the telephone line. The earliest of
the Red Boxes was the surplus military field telephone, of which there were
thousands upon thousands in the marketplace during the 1950's and 1960's. The
field telephone was a portable telephone unit having a manual ringer worked by
a crank--just like the telephone Grandpa used on the farm--and two D-cells. A
selector switch set up the unit so that it could be connected to a combat
switchboard, with the DC power supplied by the switchboard. But if a combat
unit wasn't connected to a switchboard, and the Lieutenant yelled "Take a
wire," the signalman threw a switch on his field telephone that switched in the
local batteries. To prevent the possibility of having both ends of the
circuit feeding battery current into the line in opposite polarity--thereby
resulting in silence--the output from the field telephone when running from its
internal batteries was only the AC representing the voice input, not modulated
DC. [I ommited the next two paragraphs, which talk about how to make one. It
too has a complicated schematic, so I wont draw it. It's the same stuff you
get from any Red Box g-file - Cardiac]
PRESS ONCE TO TALK
The Red Box was used at the receiving end; let's assume it's the old
homestead. The call was originated by Junior (or Sis) at their college 1000
miles away from home. Joe gave the family one ring and then hung up, which
told them that he's calling. Pop set up the Red Box. Then Junior redialed the
old homestead. Pop lifted the handset when the phone rang. Then Pop closed a
momentary-switch for about a half-second, which caused the local telephone
office to silence the ringing signal. When Pop released the switch, the folks
cantalk to Junior without Junior getting charged because his AMA tape did not
show his call was answered--the DC loop must be closed for at least
three-seconds for the AMA tape to show Junior's call was answered. All the AMA
tape showed is that Junior let the phone ring at the old homestead for almost
30 minutes; a length of time that no Bell Operating Company is likely to
believe twice!
A modern Red Box is simpy a conventional telephone that's been modified to
emulate the vintage 1940 military field telephone. Aside from the fact that
the operating companies can now nail every Red Box user because all modern
billing equipment shows the AMA information concerning the length of time a
caller let the target phone ring, it's use has often put severe psychological
strain on the users.
[I ommited another paragraph here. It was just some closing stuff.
Nothing special - Cardiac]
There are no hard facts concerning how many Red Boxes were in use, or
how much money Ma Bell lost, but one thing is known: she had little difficulty
in closing down Red Boxes in virtually all instances where the old folks were
involved because Mom and Pop usually would not tolerate what to them was
stealing. If you as a reader have any ideas about using a Red Box, bear in
mind that the AMA machine (or it's equivilent) will get you every time, even if
you use a phone booth, because the record will show the number being called,
and as with the Blue Box, the people on the receiving end will spill their guts
to the cops.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
The Mickey Mouse Club's Guide To
-+ Beige Boxing +-
Written By :
Cardiac Arrest
[09/26/89]
Introduction : Well, I KNOW that nearly everybody and their brother knows how
~~~~~~~~~~~~ to beige box, but what magazine is complete without a file as
basic as that. Anyways, if you know how to beige box, and consider yourself
master beiger, skip this and go on to the next file. Otherwise, I'll try to
help beginners and maybe give some experienced boxers food for thought.
What IS Beige Boxing : If you've ever payed any attention to the phone
~~~~~~~~~~~~~~~~~~~~ company, you've definately seen a guy in funny Ma Bell
overalls running around with a funny-looking telephone with gator clips coming
out the bottom. That's the Ma Bell version of the "beige box", called a
Lineman's Handset. There are literally TONS of uses for a beige boxes, and
they are simple to make, so it's usually a good introduction to the phreaking
world.
The Purpose Of This File : If even one person reads this file and learns
~~~~~~~~~~~~~~~~~~~~~~~~ something, I've accomplished what I set out to do
(how cliche, right?). But seriously, I'm going to attempt to provide several
easy methods of beige boxing. Some experienced beigers will definately see
some familiar designs, but they might also see a new twist or two. I'll also
include (hopefully) easy but complete directions of some of the possibilities
for use.
Back To Reality : Ok, on with the file. There are about as many beige box
~~~~~~~~~~~~~~~ designs as there are uses, and with both, new ideas are
always popping up. The designs in this file are by no means the best designs.
I HOPE that they're some of the easiest, but who am I to say.
Method #1 (Generic, Phone Destroying, Design)
Required Materials
1 Telephone that you wont miss (it'll be a permanent beige box)
2 Gator clips
1 Telephone cord
1 Screwdriver
1 Pair of wire cutters
1 Soldering iron
Solder
Construction
1. Open up the telephone with the screwdriver. I can't give exact
directions, because different models vary, but if you can't find
the screws, try checking under the plastic plate that holds the
phone number of the location.
2. Look at the modular jack (the thingy the phone cord plugs into).
Find the red and green wires. These are the ones you want.
Trace these wires with your finger to the screw that holds them
down. Connect your phone cord to these screws, either by
soldering them, or by wrapping them around the screw and
tightening it down.
3. Run the telephone cord out the modular jack's hole. If you can't
squeeze it through the jack, take the wire cutters the cut the
wires leading to it, and yank it out. That should leave planty
of room.
4. Re-assemble your phone.
5. At the end of the telephone cord hanging out of the phone,
connect the gator clips to the same wires hooked up to the screws
inside the housing of the phone. You can connect them either by
soldering, or by splicing the wire to them (twisting them around
the hole and praying that it holds).
Method #2 (A spin-off of #1, but less permanent)
Required Materials
1 Telephone (Don't worry, you wont wreck this one)
1 Telephone cord (You can use one of the springy ones that you
always tangle up when you're on the phone)
2 Gator clips
1 Pair of wire cutters
1 Soldering iron
Solder
Construction
1. Cut the modular plug (the thing that plugs into the wall or
telephone set) off ONE end of the telephone cord.
2. Find the red and green wires and connect the gator clips to
these by soldering or splicing them.
3. Connect the other end (the that still has a plug) to a telephone.
Method #3 (Similar to #2, but using a wall jack instead of a cord)
Required Materials
1 Telephone (This wont get wrecked, either)
1 Modular telephone wall jack (This WILL get wrecked)
2 Gator clips
1 Pair of wire cutters
1 Soldering iron
Solder
Construction
1. Look on the back of the wall jack. You should see the typical
red and green wires going into the back of the jack. Leave the
end going into the jack alone, but trace them to where the go
into the plate holding the jack. Cut them here (being sure, as I
said, to leave the jack end alone).
2. Hook the gator clips up to the red/green wires.
3. Plug the phone into the wall jack.
Testing Your Box : Ok, now that you've got one of the boxes described above
~~~~~~~~~~~~~~~~ (or a different one...I really don't care), you ready to
go. Go outside, and on the side of your house, you should be able to find a
small, approximately 3" X 3", puke-green box, with a bolt in the middle of it.
Take a wrench (I'm not sure what the size is, but a 10mm wrench works for me,
and that's all I really care about. But be careful, since it's not exact, you
might strip it) and take off the bolt. You'll probably have to clear out some
cobwebs, since it hasn't been used in a while. Inside the box, you should see
four screws (one on each corner) with the typical red/green wires connected to
them. (If you have two phone lines, the bottom screws will have black/yellow
wires, if you have one phone line, the bottom wont have any). You can probably
guess what happens from here--Hook the gator clips up to the screws. You
should get a dial tone. If you didn't, make sure the connection is clean, that
you're hooked up to the right terminals(screws), etc. If you still don't get
one, you're screwed. That means there's something wrong with your box. If you
do get a dial tone, you're probably guessing what you can do from here.
Where Can You Use The Beige Box : You can use the beige box on several pieces
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ of equipment. You can go to you're best
friend's house and use it like I described. You can open up one of those ugly
green boxes about 3' high in the back yard of every couple houses. Inside
you'll see pretty much the same thing as at individual houses, only there's
several houses running through the box, not just yours. I have heard that you
can use a beige inside a Ma Bell manhole, but I crawled down one (not fun) and
there was a huge plastic tube. You can see the telephone wires inside, but I
have no idea how to get to them. There are definately more uses, but these are
the ones I've been exposed to.
The Box Of Many Uses : As I've mentioned, there are TONS of uses for beige
~~~~~~~~~~~~~~~~~~~~ boxes, and the ones I explain are merely the ones I've
had some fun with. It's all basically the same, but there are some interesting
twists.
Conferences : Definately one of the funnest. It's easier to do than explain,
~~~~~~~~~~~ but I'll give it a shot. First, call up a conference service
(I'll list them in a second). From here, you'll pretty much get instructions
(at least on the ones I've used). Basically, you call up your buddies, tell
them what's going on, and hit a key (usually *) and they get put into the
conference. From there, you and all your friends can all talk to each other,
trade codes, etc. Get the idea? (You can even call foreign numbers. On our
conference, we voiced a user from Italy and called a hotel in Madrid for
someone to practice Spanish....)
Conference Services :
0-700-456-1000
0-700-456-1001
0-700-456-1002
0-700-456-1003
0-700-456-1004
0-700-456-2000
0-700-456-2001
0-700-456-2002
0-700-456-2003
0-700-456-2004
Tapping : If you hook up your beige box, and hear voices, the rightful owner
~~~~~~~ of the line is obviously using it. Well, that's about all there is
to phone tapping. Just shut up and listen.
L/D Calling : Hey, it's not YOUR bill, so go ahead and call your pal in
~~~~~~~~~~~ France. Maybe voice verify some users on your BBS....
Dial-A-Porn : Hey, wait!! How'd that get in here?
~~~~~~~~~~~
Conclusion : That's about it. I wont pretend to be an expert on beige boxes,
~~~~~~~~~~ so I wont say that these are the limits, or that these are the
best methods. I'm just trying to provide a non-technical introduction to
phreaking. Well, if anyone has any comments, questions, or come up with any
new ideas, let me know.
MMC [09/26/89]
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
===============================================================================
Basic Information About Credit Cards
===============================================================================
There are at least three types of security devices on credit cards that
you aren't supposed to know about. They are the account number, the signature
panel, and the magnetic strip.
The Account Number
------------------
A Social Security card has nine digits. So do two-part Zip codes.
A domestic phone number, including area code, has ten digits. Yet a
complete MasterCard number has twenty digits. Why so many?
It is not mathematically necessary for any credit-card account number
to have more than eight digits. Each cardholder must, of course, have a
unique number. Visa and MasterCard are estimated to have about sixty-five
million cardholders each. Thus their numbering systems must have at least
sixty-five million available numbers.
There are one hundred million possible conbinations of eight digits--
00000000, 00000001, 00000002, 00000003, all the way up to 99999999. So
eight digits would be enough. To allow for future growth, an issuer the
size of Visa of MaserCard could opt for nine digits---enough for a billion
differnt numbers.
In fact, a Visa card has thirteen digits and sometimes more. An
American Express card has fifteen digits. Diners Club cards have fourteen.
Carte Blanche has ten. Obviously, the card issuers are not projecting
that they will have billions and billions of cardholders and need those
digits to ensure a different number for each. The extra digits are actually
a security device.
Say your Visa number is 4211 503 417 268. Each purchase must be
entered into a computer from a sales slip. The account number tags the
purchase to your account. The persons who enter account numbers into
computers get bored and sometimes make mistakes. They might enter
4211 503 471 268 or 4211 703 417 268 instead.
The advantage of the thirteen-digit numbering system is that it is
unlikely any Visa cardholder has 4211 503 471 268 or 4211 703 417 268
for an account number. There are 10 trillion possible thirteen-digit
Visa numbers (0000 000 000 000;0000 000 000 0001;... 9999 999 999 999).
Only about sixty-five million of those numbers are numbers of actual
active accounts. The odds that an incorrectly entered number would
correspond to a real number are something like sixty-five million in
ten trillion, or about one in one hundred and fifty thousand.
Those are slim odds. You could fill up a book the size of this one
{note, book is 228 pgs long} with random thirteen-digit numbers such as
these:
3901 160 943 791
1090 734 231 410
1783 205 995 561
9542 425 195 969
2358 862 307 845
9940 880 814 778
8421 456 150 662
9910 441 036 483
3167 186 869 267
6081 132 670 781
1228 190 300 350
4563 351 105 207
Still you would not duplicate a Visa account number. Whenever an account
number is entered incorrectly, iw will almose certainly fail to match up
with any of the other account nubmers in the computer's memory. The
computer can then request that the number be entered again.
Other card-numbering systems are even more secure. Of the quadrillion
possible fifteen-digit American Express card numbers, only about 11 million
are assigned. The chance of a random number happening to correspond to an
existing account number is about one in ninety million. Taking into account
all twenty digits on a MasterCard, there are one hundred quintillion
(100,000,000,000,000,000,000) possible numvers for sixy-five million card-
holders. The chance of a random string of digits matching a real MasterCard
number is about one in one and a half trillion.
Among other things, this makes possible those television ads inviting
holders of credit cards to phone in to order merchandise. The operators
who take the calls never see the callers' cards nor their signatures.
How can they be sure the callers even have credit cards?
They base their confidence on the security of the credit-card numbering
systems. If someone calls in and makes up a creditcard number--even being
careful to get the right number of digits--the number surely will not be
an existing real credit-card number. The deception can be spotted instantly
by plugging into the credit-card company's computers. For all practical
purposes, the only way to come up with a genuine credit-card number is to
read it off a credit card. The number, not the piece of plastic, is
enough.
Neiman-Marcus' Garbage Can
--------------------------
The converse of this is the fact that anyone who knows someone else's card
number can charge to that person's account. Police sources say this is a
major problem, but card issuers, by and large, do their best to keep these
crimes a secret. The fear is that publicizing the crimes may tempt more
people to commit them. Worse yet, there is alomost nothing the average
person can do to prevent being victimized {muhaha} -- short of giving up
credit cards entirely.
Lots of strangers know your credit-card numbers. Everyone you hand
a card to--waiters, sales clerks, ticket agents, hairdressers, gas station
attendants, hotel cashiers--sees the account number. Every time a card is
put in an imprinter, three copies are made, and two are left with the clerk.
If you charge anything by phone or mail order, someone somewhere sees the
number.
Crooks don't have to be in a job with normal access to creditcard numbers.
Occasional operations have discovered that the garbage cans outside prestige
department or specialty stores are sources of high-credit-limit account
numbers. The crooks look for the discarded carbon paper from sales slips.
The account number is usually legible--as are the expiration date, name,
and signature. (A 1981 operation used carbons from Koontz Hardware, a
West Hollywood, California, store frequented by many celebrities.)
Converting a number into cash is less risky than using a stolen
credit card. The crook need only call an airline, posing as the cardholder,
and make a reservation on a heavily traveled flight. He usually requests
that tickets be issued in someone else's name for pickup at the airport
(airlines don't always ask for ID on ticket pickups, but the crook has it
if needed) and is set. The tickets can be sold at a discount on the hot-
ticket market operating in every major airport.
There are other methods as well. Anyone with a Visa or MasterCard
merchant account can fill out invoices for nonexistent sales and submit
them to the bank. As long as the account numbers and names are genuine,
the bank will pay the merchant immediately.
For an investment of about a thousand dollars, an organized criminal
operation can get the pressing machines needed to make counterfeit credit
cards. Counterfeiting credit cards in relatively simple. There are no
fancy scrolls and filigree work, just blocky logos in primary colors.
From the criminal's standpoint, the main advantage of a counterfeit card
is that it allows him to get cash advances. For maximum plundering of a
line of credit, the crook must know the credit limit as well as the account
number. To learn both, he often calls an intended victim, posing as the
victim's bank:
CROOK: This is Bank of America. We're calling to tell you that the
credit limit on your Visa card has been raised to twelve
hundred dollars.
VICTIM: But my limit has always been ten thousand dollars.
CROOK: There must be some problem with the computers. Do you have
your card handy? Could you read off the embossed number?
On a smaller scale, many struggling rock groups have discovered the
knack of using someone else's telephone company credit card. When a
cardholder wants to make a long-distance call from a hotel or pay phone,
he or she reads the card number to the operator. The call is then billed
to the cardholder's home phone. Musicians on tour sometimes wait by the
special credit-card-and-collect-calls-only booths at airports and jot
down a few credit card numbers. In this way, unsuspecting businesspeople
finance a touring act's calls to friends at home. If the musicians call
from public phones, use a given card number only once, and don't stay
in one city long, the phone company seems helpless to stop them.
What makes all of these scams so hard to combat is the lead
time afforded the criminal. Theft of a credit card--a crime that
card issuers will talk about--is generally reported immediately.
Within twenty-four hours, a stolen card's number is on the issuer's
"hot list" and can no longer be used. But when only a card number is
being used illicitly, the crime is not discovered until the
cardholder recieves his first inflated bill. That's at least two
weeks later; it could be as much as six weeks later. As long as the
illicit user isn't too greedy, he has at least two weeks to tap into
a credit line with little risk.
The Signature Panel
-------------------
You're now supposed to erase the signature panel, of course. Card
issuers fear that crooks might erase the signature on a stolen credit
card and replace it with their own. To make alteration more difficult,
many card signature panels have a background design that rubs off if
anyone tries to erase. There's the "fingerprint" design on the American
Express panel, repeated Visa or MasterCard logos on some bank cards, and the
"Safesig" desgn on others. The principle is the same as with the security
paper used for checks. If you try to earse a check on security paper, the
wavy-line pattern erases, leaving a white area-- and it is obvious that the
check has been altered.
Rumors hint of a more elaborate gimmick in credit-card panels.
It is said that if you erase the panel, a secret word--VOID--appears
to prevent use of the card. To test this rumor, fifteen common credit
cards were sacrificed.
An ordinary pen eraser will erase credit-card signature panels, if
slowly. The panels are more easily removed with a cloth and a dry-cleaning
fluid such as Energine. This method dissolves the panels cleanly. Of the
fifteen cards tested, six had nothing under the panel(other than a
continuation of the card back design, where there was one). Nine cards
tested had the word "VOID" under the panel. In all cases, the VOIDs
were printeed small and repeated many times under the panel. The breakdown:
Void Device Nothing
--------------------------------------
Bloomingdale's American Express Gold Card
Bonwit Teller Broadway
Bullock's MasterCard(Citibank)
Chase Convenience B.C. Neiman-Marcus
I. Magnin Robinson's
Joseph Magnin Saks Fifth Avenue
First Interstate B.C.
Montgomery Ward
Visa (Chase Manhattan)
When held to a strond light, the VOIDs were visible through the Blooming-
dales's card even without removing the panel.
The VOID device isn't foolproof. Any crimianl who learns the secret
will simply refrain from trying to earse the signature. Most salesclerks
don't bother to check signatures anyway.
Moreover, it is possible to paint the signature panel back in, over
the VOIDs--at least on those cards that do not have a design on the
panel. (Saks' panel is a greenish-tan khaki coler that would be difficult
to match with paint.) The panel is first removed with dry-cleaning fluid.
The back of the card is covered with masking tape, leaving a window where
the replacement panel is to go. A thin coat of flat white spray paint
simulates the original panel.
The Magnetic Strip
------------------
The other security device on the back of the card, the brown magnetic
strip, is more difficult to analyze. Some people think there are sundry
personal details about the cardholder stored in the strip. But the
strip has no more information capacitythan a similar snippet of recording tape.
For the most part banks are reticent about the strip.
The strip need not contain any information other than the account
number or similar indentification. Any futher information needed to
complete an automatic-teller transaction-- such as current account
balances--can be called up from bank computers and need not be encoded
in the strip.
Evidently, the card expiration date is in the strip. Expired cards
are "eaten" by automatic-teller machines even when the expired card has
the same account number and name as its valid replacement card. Credit
limit, address, phone number, employer, etc, must not be indicated in
this strip, for banks do not issue new cards just because this info changes.
It is not clear if the personal identification number is in the strip
or called up from the bank computer. Many automatic-teller machines have
a secret limit of three attempts for provideing the correct personal
identification nubmer. After three wround attempts, the "customer" is
assumed to be a crook with a stolen card, going through all possible
permutations--and the card is eaten.
It is possible to scramble the information in the strip by rubbing
a pocket magnet over it. Workers in hspitals or research facilites with
large electromagnets sometimes find that their cards no longer work in
automatic-teller machines. (If you try to use a magnetically doctored
card, you usually get a message to the effect, "Your card may be inserted
incorrectly. Please remove and insert according to the diagram.")
The Bloomingdale's Color Code
-----------------------------
Only in a few cases does the color of a credit card mean anything.
There are, of course, the American Express, Visa, and MasterCard gold
cards for preferred customers. The Air Travel Card comes in red and green, of
which green is better. (With red, you can charge tickets for travel within
North America only.) The most elaborate color scheme, and a source of some
confusion to status-conscious queues, is that of Bloomingdale's credit
department, here is how it works: Low color in the pecking order is blue,
issued to Bloomingdale employees as a perk in their compensation packages. The
basic Bloomingdale card is yellow. Like most department store cards, it can be
used to spread payments over several months with the payment of a finance
charge. The red card gives holders three months' free interest and is issued
to customers who regularly make large purchases. The silver card is good for
unlimited spending, but as with a travel and entertainment card, all charges
must be paid in thirty days. The gold card offers the same payment options as
the yellow card but is reserved for the store's biggest spenders.
The End
---------------------------------------------------------------------------
Comments and Acknowledgements-
The above has been copied from "Big Secrets" WITHOUT permission.
Big Secrets is written by Willian Poundstone. This is a great
book that tells you hundreds of things you weren't suppose to
find out about. The above artical, was only 5 pages out of
a book 288 pages long! He also has a new book out called
"Bigger Secrets", which is also good. You can find both at
almost anybook store, they should be able to special order it.
Well it's now midnight, and i'm getting tried... so I hope
you have enjoyed this artical, if you wanna talk to me I'm
on many boards all over the country. Well later, i'm gonna go
watch Star Trek the Next Generation...
The above was written by
The
/\/\idnight
Caller
a.k.a.
Pizzia Man
08/19/89
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
The Mickey Mouse Club
Presents.......
The M.M.C. Guide to Hacking, Phreaking, Carding
By: The Dark Lord
Introduction:
~~~~~~~~~~~~~~
This is a text file is made by The Mickey Mouse Club and we ask
that it would be distibuted to others for their use. This file is going to
go into depth on how to hack, phreak, and card. There will be information
that should help everyone, hopefully!!
Hacking:
~~~~~~~~~~
Hacking is a long hard process, unless you get lucky. There are many
programs and aids out to make the job a lot easier, but the concept is
the same no matter how you use it. First, at least on most things that you
hack, you need to get some type of account or vacancy, etc... This is done
by randomly entering numbers and or letters until you come up with the
proper combination to find the account. Knowing the size of the account
number makes this job one-hundred times easier. Thats why I suggest you
find out from someone who allready has one or card one. By carding the
account, it will die quickly but at least it will give you the length
of the account numbers (More on that topic will be expained in the carding
section). The accound numbers, do not always just contain numbers or have
numbers at all in it. If it has a mix, it makes it a hell of a lot harder
to get. You will just have to experiment to find out what charactors are
contained in the account. Some Examples of ones that do have mixes of
numbers and letters would be Pc Persuit accounts. The forms of them are
usuall as such:
Account: Pgp014764g
Password: 23632k
It looks from these that you are pretty much screw because of the way
letters are mixed with numbers, thats what makes having a program so much
easier. In a lot of circumstances, getting the account is the hardest part
that is why having a good background of the system is a major plus in your
favor.
Once you have got the account, it is time to get the password for this
account. Once again having the length and such makes this process not only
easier, but faster. just keep entering random passwords of the length or
the thought length in until you get a stoke of luck and get it. You MUST
remember that 99.5 out of 100 times, this is a long process, and you have
to have patience. If you don't you might as well forget ever getting on
to the system or have someone else do it for you. Once you have gotten
the password, look it over long and hard. Write it down and keep it,
examine it. 99% of the time there is a pattern to all the account
passwords. Things to look at is the password in reference to the account
number. check to see if things have been added to the end or beginning
like 00 or 01 or 99 of 0010 thing like that. If you see no relations,
the only other way to really find out the pattern in to get another one.
Look at both of them together, see if there the same or it account 400's
password is 3456 and 402's password is 3458 (they go in order) then just
those as a reference to other passwords, take away so much from accounts
with a lower number and add the required amounts to accounts with a higher
number, etc.... But bassicly, LOOK FOR A PATTERN! Once you have got the
password and the account, you have got yourself a passage way in.
Although this is what you do to succeed, you have to take
many precautions. They do NOT like us messing with the system and they
obviously want you to pay just like the others, so they will take necessary
means to nail you. They trace like you wouldn't belive. They will trace
right as you get on, if you happen to be unlucky, you will never know when
they are doing it either, you must ALWAYS be aware of the dangers and take
precautions!!! Even on things that you wouldn't think that they would trace
you but, be carfull. Whether they trace depends on a couple of things, here
are a few major ones:
1. There bank balance
2. There desire to catch you
3. The amount of infestation in there system
There are things that you can do to protect yourself, these are not all
of them and none of them are sure fire ways, but hey, cutting down your
chances of getting caught makes a world of difference, because remember,
All the fun is taken away if you caught. Some things to do to protect
yourself is:
1. Use a diverter
2. Use false information about you
3. Never stay On-line too long
4. Call during late or early hours, were there is most likely no one
monitoring the system
5. Don't call frequently or during the same hours, regulate it
Once again these are not all of them but these are some of the "More"
helpfull things. If you follow all the step, you can reduce the change of
getting caught by about 40%.
If you do get caught there is not a whole lot that you can do, but some
tips are, first, don't reveal any information on what you have done. Deny
all charges. Sencond, plea bargin with knowladge of things, like hacked
sytems etc.. But never admit that you did it. Three, and most important,
get a GOOD LAWYER!!!!!!!
DIFFERENT TYPES OF SYSTEMS:
Pc Persuit Cp\m
Trw
Unix
Vmb
Vms
These are just a few systems, if I made a complete list There would
be pratically no end to it, there are millions.
Phreaking:
~~~~~~~~~~~~
Phreaking, Ahhhwwww, the wonderfull world of phreaking. Well to start
with Phreaking is "The use of Telecommunications to others besides people
of the Phone Company". Well thats my version of the definition at least.
Using codes is wuit easy, there are different parts to it, the Dial-up,
the code, and the number. First you will have to dial in the dial-up and
on most dial ups you will get a tone or a buzz or click or something to
that effect. Once you hear this, and you will know when you hear it you
dial in the code. Sometime you will get another tone or beep etc. and when
you do that is when you dial in the number. If you do not get another tone
or whatever you just dial in the number right after you enter the code.
You might have to have a test dial up to see how the tones go.
In dialing the number once agian the nubers differ. You must enter the
area code and then the nuber. Some require that you have a one before the
area code but most that I have used do not. You can tell if the code worked
right after the number has been put in not just by the error recording that
you get but if right off the bat the phone begins to ring, it doesn't work.
A code can also be busy. If it is busy it could mean that the code is
dead or that too many people are using it at once. You might experiance
this often.
There are numbers that make phreaking much safer, they are called
diverters. What the do is when the number that you have dial is being
traced it diverts it to that number. Unless this is virgin or nobody else
uses it, you will find that with in a couple of days after it is out, it
will be busy, that is the annoyance about diverters, and they are also hard
to get.
Hacking is also put into play in phreaking by using programs to get
dial ups and the codes. Getting these are done in the same way you hack
anything else. Just get a program like code thief or code hacker, or make
one yourself, it is quite easy.
There is a danger with useing the codes. If you hack a code yourself,
not just the code but the dial up amd no one else has it you can pretty well
bet that it is safe. A newly hacked dial-up/code is considered "Virgin".
those Ma bell is not having the problem with people phreaking off of it
so they don't bother doing anything with it. But after a while, it will
either Die (No Longer work) or they will start tracing off of it. The
whole pain about it is, is you will never positively no when they started
doing traces or things like that. The codes might be being traced but you
are getting the luck of the draw. On most codes they don't trace on every
call, they just file it away and watch for like the 50th or 100th caller
and then that person gets nailed. You might think if they do trace every
100 calls, that means you have a 1 in 100 chance of getting caught and those
are really good odds. Well the odd is 100 to 1 but the is a lot of people
that live in areas that they can call with that code. If you figure about
10 million people could use it then about 100,000 of them are. 100,000,
hummmmmmm, how odes your odds look now. In a couple minute time spand
99 peoplecould have used it, and lucky you might be the 100th caller. A
lot of times the take like every hundered calls and then when they get the
100th caller, that don't just trace one, they trace 100, 101, 102, 103, 104
200, 201, 202 etc. So you chances of getting caught when the heat is on
the code is pretty good. There are a couple different types of codes and
the two major ones are 1-800's and 950's. 800's can pretty much be dialed
from anywhere in the states, but 950's stay in certain areas. Some 950
dial ups are:
9501001
9500266
9500355
9501388
And there are others, but like take me for example, where I live you
cannot use 9500266. It will tell you that you cannot use that number from
your dialing range or it just won't work. You might get to the point where
the dial-up works but not the code. If this is the case it will say:
"Invalid authorization Code"
Some examples of 1-800's are as follows:
1-800-255-2255
1-800-759-2345
1-800-959-8255
There are many others but those are just a few, very few. There are
also 1-800's and others that will send you directly to the operator, you
must tell her the code and the number you are dialing. These are NEVER
safe to use. but in one case they are alot better. I am out of town a lot
so I have to use pay phones right? Well, you are safe with anything with
pay phones, so that is a good way to call people. The real good thing
them though, is since you must go throught th operator, the codes stay valid
for up to 10 times as long as the others. But thenm again another draw back
is it is not a line that you want to give real names or numbers over.
Because these are often tapped, since the operator know that you used the
code, they will listen in quite often, and you will never even notice.
Another problem experianced with them is if you are what MMC calls
"Petite Flowers",
our home made word for, someone that sounds like a little kid, then they
really give you a hastle about using the code.
I have had a lot of people ask me if the person you are calling with the
codes can get busted. The answer is "No". They cannot do anything to the
person, just ask him who is calling him with the codes, and they rarely do
that. Just let the person you are talking to, if they don't already know,
not to tell anyone that you are calling with the codes. The phone
companies do have to option of setting up a trace on that persons line and
bust you when you do call him with a code. I have never seen this done but
do be aware that the phone companies are made up of intellegent adults and
they are very smart and can and will nail you in many ways.
I am a firm beliver that you should share a the information that you
other phreakers and hackers as they should do the same with you. I also
see an execption, inexperianced people. They can run it for everyone be not
have the knowladge and screwing up. I realize that they need someway to
build themselves up to a good phreaker but be cautions in what you give to
them.
Codes die really often and you really have to keep up with the phone
company. Its kinda of a pain to keep up with it on your own as quickly as
they work but thats why there is phreaking communities and groups such
as Fhp and MMC, the gives the edge to the phreakers in the way that, you
have help in keeping up with the phone companies, and in most cases if
the groups or communities are working well together, you can eve stay
one step ahead of good 'ole Ma bell and others. You really need to find
ways of getting codes either from getting acess to the phreaking sections
on the pirate boards you call or throught friends, Vmb's Loops, Confrences,
etc., just try to find a good connection to people that are into phreaking
too.
Carding:
~~~~~~~~~~
Although everything talked about in the text file to this point is
illegal, and you will get busted if you get caught, this is one one the
one that you can get in some major shit over. About the only thing I have
talked about that this falls short of is hacking a government compter, and
thats one of the Grand daddies of them all. Well, although it is a major
crime, it is really cool!!!! This is the process in which you find the card
number of someone and use it to purchase things. In order to card, there
are a few things that you must have or it will not work. You will need to
have........
1. The Card Number
2. The Experation date
3. Card type (Master Card, Visa, etc...)
Those are the main things tha you will need. Having the name of the owner
is very helpfull but it is not a must. You can get by without it.
You have to order everything you want by mail. A couple of "Beginner"
carder that I talked to didn't understand how you would do it, but thats
when they had the misconception that you actually go to the store and
purchase things. That is a complete No, no. You do everything from a
phone ordering service.
When you call make sure that you are a t a pay phone. Don't do it
your house or anywhere where it can come back to you. When you order
the merchandice, once again do send it to anywhere that it can come back to
you like your home, work, etc. Find a vacant house or building or anywhere
else that you can send it to. Also, don't send it to a P.O. box that you
have, just as dangerous. When you do order it and you think its around the
time that you will be reciving it, check the mailbox frequently. But do it
during odd hours. I mean, hows it going to look you taking a package from a
vacant house?
Most bills are sent at the end of the month or at the biginning, so
try to time it to where the bill won't come to the person untill a couple of
days after you have recived the package. Ok heres how to figure it. I
have found out that the bills are sent out up around the 26-30th of the
month, so they will actually recive the bill around the 31-4th. Have it
sent right after you think the bill has been sent. Find what you want, but
try to order it from the place that guarentees the fastest delivery. When
you order the item, make sure they have it in stock and don't have to get
the item in first. Order the highest class of delivery but not COD or
next day service. Thats cutting it too close. It should take around 2-4
weeks before you get it and if you timed it right, then it sound get there
right before the person gets the bill. You need to have it in your
possesion before the bill gets to the person because if they complain, they
can keep it from being sent, or watch who actually gets it even while its
going throught the mail process. Don't order more than a couple of things
or overcharge the card, if the people at the Credit card office, see
irregular charging on the card, they will follow up on it.
To actually order the item you will call up the place that you will
be ordering from, and when the operator answers let her know what you need
to as far as what you are purchasing, etc. When she ask how you will be
paying just tell her "Charge" and the the type of card like Master Card,
Visa, ect. Then Tell them your name, if you don't know the name of the
actuall owner of the card, Make up a false name that has NO relation to
your name, not the same first, last middle what ever, nothing relating to
your real name. Then continue answering all the operators questions,
address (Not your own remember!) state, area code etc. They will also ask
for your phone number. Make one up, not your own. If something happens
to go wrong as far as delivery or if they are checking if you are who you
say, then your screwed, unless of course, hehehe, the number is ALWAYS
busy. Find the busiest number there is and leave them that. When they
ask for the card number and experation, just tell them and do what all
else you need. Wish them a good day, and hope you get it.
Ok heres how you check if the card is good, and how much money
can be charged on the card.......
1. Dail 1-800-554-2265
2. it will ask for the type of the card. you must put in 10 for Master
Card and 20 for Visa, I am not sure about the others.
3. Next it will ask for the Identification. You will need to enter
1067
4. After all that you will have to enter the Mecrchant number, which
you will either need to put in 24 or 52. One of them should work.
5. You will then have to enter (When Prompted) the card number itself.
6. Next, the experation date of the card.
7. Last but not least the amount you want to try to get on the card.
The procedure for this is enter dollars, astricks, then cents.
(Example:)
100*30 = One hundred dollars and thirty cents.
One thing I do need to mention, after you type in everything you must press
pound (#). Like when it asks you for the type of card, if you had a Master
Card you would put: 10#. when it asked for identification you would enter
1067#. If it says invalid, that either means that the card is no good or
you can't charge that amount on the card. Try it again, but try a lower
amount. If you get down to $1 and it still doesn't work, hehehe, you can
probably guess that the card is no good.
You might not be ordering just merchandice you might be ordering
accounts and things like that and if you are, fine, but you have to
remember, the accounts do not stay good for very long, the owner of the
card gets the bill, complains and its no longer any good. And when you
card and account, Nine out of ten times, they won't kill the account, they
will trace in and that is when you butts really in a sling. So carding
accounts and things, isn't the safest way to go, of course. nothing we
have talked about it, right?
Conclusion:
~~~~~~~~~~~~~~
Well thats about it for now, there should be a BIG newsletter by
The Mickey Mouse Club comming out soon that you have to be sure NOT to miss.
I sincerely hope that you have gotten alot out of this file and I would like
to ask for suggestions and ideas to make MMC a better orginazation. At this
time myself and Cardiac Arresst have a VMB at:
1-800-444-7207 [Ext] 4001.
All ideas and suggestions, please bring there. Also, since your making
the trip anyways, bring along some phreaking codes and all and any types
of accounts. I would be greatly appreciated by:
The Mickey Mouse Club.
09/89
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+++++++++++++++++++++++++++++++++++++++++++++++++
| The LOD/H Presents |
++++++++++++++++ ++++++++++++++++
\ A Novice's Guide to Hacking- 1989 edition /
\ ========================================= /
\ by /
\ The Mentor /
\ Legion of Doom/Legion of Hackers /
\ /
\ December, 1988 /
\ Merry Christmas Everyone! /
\+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++/
**********************************************************************
| The author hereby grants permission to reproduce, redistribute, |
| or include this file in your g-file section, electronic or print |
| newletter, or any other form of transmission that you choose, as |
| long as it is kept intact and whole, with no ommissions, delet- |
| ions, or changes. (C) The Mentor- Phoenix Project Productions |
| 1988,1989 XXX/XXX-XXXX |
**********************************************************************
Introduction: The State of the Hack
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
After surveying a rather large g-file collection, my attention was drawn to
the fact that there hasn't been a good introductory file written for absolute
beginners since back when Mark Tabas was cranking them out (and almost