💾 Archived View for spam.works › mirrors › textfiles › phreak › thief35.txt captured on 2023-11-14 at 11:28:18.
⬅️ Previous capture (2023-06-16)
-=-=-=-=-=-=-
======================================================================= C o d e T h i e f D e l u x e R e v i s i o n 3 . 5 D o c u m e n t a t i o n B y B r e w A s s o c i a t e s A N O F F I C I A L P H O R T U N E 5 0 0 P R O D U C T ======================================================================= -> Introduction To Code Thief Deluxe 3.5 <- Well, here it finally is. Code Thief Deluxe 3.5. If you are new to Code Thief, this is the file to read. If you are already familiar with Code ?Thief, ?especially if you have Code Thief 3.0 ?already, ?you ?can check ?out just the new additions and updates to Code Thief ?Deluxe ?by reading DELUXE.DOC, included in your Code Thief Deluxe ZIPfile. As an incentive to read the documentation, ?I ?have tried to lay out all ?of the 'little things' ?about the program and its behavior. ?This will ?help you understand more. ?Also notice that Code Thief does ?not make any direct screen writes. ?All screen access is done through ?the BIOS. ?Its fast enough as it is, and shouldn't a hacker be able to run in ?the BACKGROUND so you can do something else? ?As I am writing this documentation I am in DesqView, with Code Thief running concurrently in another window. -> Disclaimer <- There ?is ?no disclaimer. ?Code Thief was written with ?the ?intent purpose of committing the crime of 'theft of services'. ?Of course you don't have to use it, ?but then again, ?do you have all of the money in the ?world ?at your disposal to pay for calling out of ?state ?bulletin boards plus the mainframes/mini computers that you are trying to hack? -> From The Author <- A LOT of work has gone into the Code Thief project, especially revision 2.x/3.x of the program. ?If you support the program then be sure to upload it to any and all of your favorite boards. It's a great way ?to increase your file points and ratio while helping ?your ?fellow long distance 'users'. -> An Official Phortune 500 Product <- My thanks to the Phortune 500 ?Board of Directors, ?and the Phortune 500 membership. The Phortune 500 Board of Directors as of now consists of: ??Brew Associates (author of Code Thief), ?Renegade Chemist, ?Aahz, Quinton J. ?Miranda, The Spiker, Striker, Red Knight, Major Havoc, ?and Lord Lawless. -> Starting The Program <- To start the program normally, enter THIEF from DOS. You can also enter THIEF xx:xx from DOS (substitute a valid time for xx:xx) and Code Thief will automatically hack the flagged multiple extenders with multiple targets until the time specified, then drop back out to DOS. This is great for a BBS's batch file. For instance, you can have your BBS invoke a batch file at a certain time. This batch file could say something like THIEF 5:30. This will invoke multiple target/multiple extender hacking until 5:30 am. Note that all times are in 24 hour mode. Also, if no multiple targets are found the defaults are automatically used. This modification is on the request of an Opus BBS sysop. Hope it comes in handy. IF THE PROGRAM IS STARTED NORMALLY When you first start the program you will see the main option menu. At this and any menu you can use the up and down arrow keys to move the highlight over an option and press RETURN or the SPACEBAR to finally choose the option. I will try to move you through the running of the program to get it working on your machine so it is suggested that you print this documentation out and work the actual program as you read it. -> Setting Your Modem Paramaters <- The first thing you will probably want to do is set your modem paramaters. Use the up and down arrow keys to move the highlight over option "H" on the main option menu then hit CR or RETURN, or just hit "H" then CR or RETURN. You will be greeted with three more options. First choose "Modem Specifics". This is where you can set the paramaters for your particular modem. If a default doesn't match your configuration then use the up and down arrow keys to move the highlight over the option then hit RETURN or SPACE. The highlight will disappear and ?you ?can make an entry. ?If it is a number or some ?other ?field, enter the new value to use. ?If it is some kind of a toggle, ?use your left ?and right arrow keys until what you want comes into view. ?Press RETURN when you are satisfied with your choice. MODEM SPECIFICS COM Port - This can be eighter COM1: COM2:, COM3: Or COM4:. ?Use the left and right arrow keys to select Port 1, ?Port 2, Port 3, Port 4. Then hit RETURN. Baud ?Rate - Enter the baud rate to open the ?modem ?at ?whenever hacking ?or ?scanning is performed. ?Your choices are 300 ?Baud, ?1200 Baud, ?and 2400 ?Baud. ?The left and right ?arrow keys move you through the choices. ??Hit RETURN when you are satisfied. PBX Mode - Choices are Yes and No. The left and right arrow keys moves you ?through the choices and RETURN selects. If you ?are ?in ?a ?building with a PBX then you have ?to enter Yes for this option. PBX Digit - This ?is the PBX digit. ?When you are in a ?building with ?a PBX installed a certain digit has to be dialed to receive an outside line. ?If PBX mode is No, ?then N/A will appear for Not Applicable. ?Trying to change this with PBX mode to No will cause it to beep at you. PBX Delay - This ?is the number of seconds after entering the ?PBX digit ?to wait for the outside line. ?N/A if PBX Mode is No. Local Dialing - Not everyone has Touchtone (tm) ??dialing ?from ?their home. If you don't change this to Pulse. Just select it with the highlight, ?hit return, ?then use the left or ?right ?arrow ?key ?to select the ?new ?option ?and another return will make it permanent. Speaker On - Choose ?Yes to keep the speaker on during hacking ?and scanning or No to keep it off. Dial Tone Wait - This ?is ?the number of seconds the modem is ?to ?wait after picking up the line until starting to dial. ?It does this through the Hayes (and compatibles) ?command registers. Carrier Detect - This is the number of 1/10 seconds that a carrier must be present for the modem to detect it as valid. ?This defeats some LD ?service's ?fake-carrier routines that send ?a ?fake ?carrier ?for a short ?period ?of ?time. Remember ?that ?REAL carriers are ?sent for ?a ?longer period ?of time than fake carriers. ?Experiment ?with this one. Dialing Speed - This is the speed of the touchtone dialer. This is in 1/100 of a second. ?This number can range from 50-255 (at least with the modem I use). User String - If there is something entered here then it is sent out to the modem. If you have an advanced modem, then set it to "ATX6" ?to enable your extended result codes for such ?things ?as VOICE, ?etc. ?You can over-ride ?the "Speaker ?On" ??setting by making this "ATM1". ??That would be stupid, but it's just an example. MODEM RESULT CODES In this section you enter the result codes that your modem uses when in non-verbose mode. Note that the defaults should suffice. If you have ?a ?strange ?modem configuration you can change ?these. ??Numbers aren't the only thing allowed here, ?you can enter symbols like ";" ?or ":", or etc. Someone had a strange "Hayes Compatible" modem and wanted this capability. I aim to please. -> Edit Extender Configurations <- The next thing you will want to do is create configurations for the different extenders you wish to hack. Choose "Edit Extender Configurations" ??after you exit back to the main options menu. ?If no EXTENDER.DAT ?file ?exists, ?one will be created for you with ?a ?dummy initial record (you will want to change this of course, ?1-800-000-0000 is ?not ?a valid extender). ?If you haven't screwed anything up, ??you should ?now see the first record of the sample EXTENDER.DAT I ?included in the Code Thief archive file. ?These are just some 800 ?extenders to get you started. Note that you might want to change some delays, ?etc, to work for you. As they are now they work for ME. Your case might be different. Experiment. ?Hitting [A] will ADD AN EXTENDER to the file. Hitting ?[E] ?will ?EDIT the current extender (there's ?that ?highlight again!). ?Hitting ?[D] ?will ?prompt you to confirm the ?DELETE of the extender ?record. ??Hitting [Q] will quit the ?extender ?editor. ??To understand ?all ?of the fields for the individual extender, ??let's ?go through ?the process of ADDING an extender. ?You will notice that Code Thief is an extremely complex code hacker. But also note that there is so ?much flexibility that you will be able to hack just about ?anything that is out there, no matter what kind of format it is. ADD AN EXTENDER When you choose to ADD an extender you will be given the opportunity to enter ?the ?complete ?configuration for the extender. ??The ?first thing is the telephone number of the extender. ?After that is a short note ?used ?to identify the extender. ?Note ?that ?throughout ?the program ?in ?various ?sections extenders are refered to by ?this ?short note, so make sure it is something you can easily recall. ?You can make ?it the number of the extender if you wish. ?Anything goes ?here, but the program will beep at you if you try to leave it blank. Next is the length of the codes. ?For METRO it is 6, ?MCI calling cards it ?is 14, ?etc. ?No code lengths of ?0 are allowed (it will beep). Next is the code template. ?This idea is borrowed from Fuckin' ?Hacker ?from 2af because I think it ?is ?a very powerfull feature. ?If this is used it completely over-rides the code length, hacking mode, ?starting code, and sequential increment in your configuration. Anyway, here you are to construct a "template" for your codes. For instance, entering "444XXX" will make every code 6 digits and starting in 444. Entering "0X1X2X" ?will make set the first, ?third, ?and fifth numbers in every code ?to 0,1, ?and 2 respectively and the second, ?fourth, ??and ?sixth number in each code will be totally random. Commas are also allowed in the code template and will cause the modem to pause for 2 seconds. For instance, XXXX,9 will cause a random 4 number code to be sent, a pause for 2 seconds, then a 9 will be sent. This is good for hacking PBX's that require a code be sent then need a number for an outside line. Leave ?the code template blank if you don't wish to use it. ??Next ?you will ?enter the code delay. ?This is the number of seconds to ?delay before sending the code. Then you will enter the target delay. ?This is ?the ?number ?of seconds to wait until entering the ?target ?number. Notice that also in the config is an option to put the code first or not. If the code is sent first then the Code Delay should be the number of seconds to wait after dialing the extender until the code is sent after the extender answers and provides a dial tone. If the code is not sent first then the target number will be sent first. The target delay should be the number of seconds to wait after dialing the extender until the target is sent at the extender's dialtone. Then the code delay is the number of seconds to wait until sending the code AFTER the target number is sent. The timeout is next. This is the number of seconds to wait for your TARGET number to answer. If it doesn't ?answer ?within ?this time the code ?is ?considered ?invalid. Basically, the target delay tells the modem how long to wait. When the modem times out it tells Code Thief, and Code Thief moves on. Now enter a default Target number. ?This is a number that always answers with ?a modem ?(is ?never busy). ?Telenet is perfect for this (so ?enter ?your local ?Telenet ?number). ??Note that Code Thief can ?also ?use ?random multiple ?targets ?- this is covered in the MULTIPLE TARGET ?CONVERSION UTILITIES ?that has been included as a Code Thief companion program ?in your ?Code ?Thief ?ARChive. ?Read CONVERT.DOC ?for ?information ?about targets and multiple ?targets ?at that. ?Next is the hacking mode. Use your ?left and right arrow keys to move through the selections and ?hit RETURN when you are satisfied. ?You can have Random codes, ?Sequential codes, ?or Both ?- ?sequential ?codes ?with a random increment. If you choose ?Sequential or Both you are now prompted for the starting ?code, otherwise this value is set to N/A. ?Next ?you enter the sequential increment only if Sequential hacking is chosen. ?If sequential hacking is chosen then this is the number to increment ?each code by. ?If Both is ?chosen, ??then this number is random in the range ?of ?1-100 ??when hacking. ??If ?Both or Random hacking is your chosen method ?then ?the Sequential ?Increment is N/A. Note that the sequential increment is an integer, therefore any value from 1 to 32767 is valid. If "Sequential" hacking or "Both" ?hacking is chosen and the increment ever exceeds the code length, ?only the length of the code up to the code length will be used. ??For example, ?with a code length of 4 and an starting code ?of 9999, ?if an increment of 1 is made your next code will be 1000. ??Now you ?will be prompted as to if ?the code should be entered first. ?Use the left and right arrow keys to select Yes or No. ?If you choose Yes, then ?the code will be sent first. ?Choose No and the target ?will ?be sent first. Next is the target prefix digit. ?This is a number to add to the beginning of the target number. ?For example, ?for the MCI calling card service ?you ?enter the target first and prefix it with ?a "0". ITT requires that the target be sent first and be prefixed by a ?"1". ??Other ?services require that the CODE is sent first and ?the target ?has NO prefix. Next is the multiple extender flag. ?If Yes then the extender will ?be ?flagged immediately as one to be used when Multiple Extender hacking is chosen. If you choose No, ?then this extender will be put on reserve. More on this comes later. Next is multiple port mode. ??Say the ?extender number is 950-1000 ?and the extender ?has ?multiple ?port hunt groups from 950-1000 ??to ?950-2000. Choosing Yes to multiple ?port mode will prompt you for the ending hunt number (in ?my example it's 2000). ?Now Code Thief will randomly ?pick 950-1000 ??to ?950-2000 ?whenever it dials the extender. ??Ending ?Hunt numbers ?MUST be four digits ?long ?(that should be ?self-explanatory). Note ?that ?if ?your extender ?is 1-800-555-0000 ?and your Ending ?Hunt Number is 0099 ?Code Thief ?won't ?screw up by dialing 1-800-555-99 ?or whatever number is chosen. It will properly dial 1-800-555-0099 (or 1- 800-555-0050 or 1-800-555-0026, ?etc, ?etc, ?etc). Next you will enter the filename to place valid codes in. ?Valid codes are logged with the time and date for convienence. ?All valid code ?files ?end with the ".COD" extention. ?When finished ?entering all extender information it is saved to the EXTENDER.DAT file. OTHER EXTENDER EDITOR COMMANDS To ?navigate through the configurations use the LEFT and RIGHT ?arrow keys. ??To ?flag ?an extender for deletion enter "D". ??You ?will ?be prompted to enter "Y" ?if you are sure or "N" if you are not. ?Once an extender has been flagged for deletion it will be skipped over ?when you ?use ?the left and right arrow keys. ?Hit "Q" ?to quit ?this section. When you hit "Q" all extenders flagged for deletion are physically deleted. Another nice feature in this section is the ability to edit extenders. Hit "E" to choose edit. The highlight will appear. You can use the left, right, up, and down arrow keys to navigate the hightlight over the option you wish to change. Then hit RETURN or SPACE to enter a new value. When finished entering a new value (either by the keyboard or left and right arrow keys) ?hit RETURN and ?the ?highlight will re-appear so that you may move it over ?new things to edit. ?When finished editing hit "Q" ?when the highlight is present. Note that everything in the configuration is described in the ?previous paragraph. ?To choose a particular ?extender ?by ?record number, ?just enter the number. ?You can't ?see ?extenders flagged for deletion (it will not go to them). One ?more thing on deletion extender configurations. ?If in the course of ?using this section you delete ALL of your extender ?configurations, the program will not have any configurations left to go to and it ?will automatically ?quit this section deleting the entire EXTENDER.DAT file. When ?choosing ?this section again, ?a ?new EXTENDER.DAT with ?a ?dummy record will be created. -> Edit The Multiple Target File <- Navigate back to the main menu. Choose "Edit The Multiple Target File". You will then be shown the current multiple target file. Now you can either hit "1" to add to it, "2" to delete entries from it or "3" to quit. Everything here is self-explanatory. A multiple target file is provided with the program. It is kept in ASCII file format for easy editing with your word processor, ?if you wish. ?Use the MULTIPLE TARGET CONVERSION UTILITIES in your Code Thief ARChive to get quick and painless ?updates of your multiple target MTARG.DAT file off Telenet or even ??Tymnet ?at ?regular ?intervals. ??Code ?Thief ?is ?a ??complete professional system that will solve all your hacking needs. -> Flag Extenders For Hacking Mode <- Exit ?to the main menu and choose "Flag Extenders For Hacking Mode". This is the option to choose to change the flags on extenders. If it is flagged then it will be one of the extenders used when multiple extender hacking is chosen. The extenders will be shown, ?eight to a page. A "+" in front of the extender means it will be included when multiple extender hacking is chosen, otherwise it will not. This option is included because some people don't want to hack all of the extenders they have configurations for. Editing an extender and changing the multiple extender flag does the same thing, but this is easier. If there are more than eight extenders then they will take up more than one page. You can flip through the pages by choosing "Jump To Next Page" and "Jump To Previous Page". Hitting RETURN or SPACE when the highlight is over an extener toggles the flag. -> Deluxe Exchange Scanner <- Navigate ?back ?to the main menu and choose "Deluxe ?Exchange Scanner". ??The ?Code Thief Deluxe exchange scanner is a ?full ?screen exchange ?scanner that can scan multiple exchanges from a database that you ?can ?configure. ?When you choose this option if no exchanges ?are defined, a dummy first record will be created for you. ?Now hit [R] to replace this record and enter an exchange to scan, ?the starting number in the exchange, then the ending number. To flag the exchange just hit [+] ?next. ?Unflagging is done by hitting [-]. ?Note that to scan you must ?have at lease one flagged exchange. ?You can't scan nothing ?can you? ???The ?exchange ?editor ?is ?a ?lot ?like ?the ?"Edit ??Extender Configurations" section. To jump to a particular exchange, ?just enter the ?number. ?To move through the exchanges record by record ?use ?the left and right arrow keys coresponding to the direction in the file you wish ?to ?move. ?Use [A] to add an exchange. ?Use [D] ?to ?delete ?an exchange ?from the database. ?Use the [SPACEBAR] to toggle weather ?or not a particular exchange is in the toll free 1-800 area. ?Hitting [Q] will quit the exchange scanner section, ?but to start scanning hit ?[G] for ?Go. ?You will be asked the timeout (number of seconds a ?computer should ?answer ?in). ??Then ?Code Thief will check ?to ?see ?how ?many exchanges are flagged. When scanning and Code Thief reaches the ending number ?in ?an ?exchange, ?the exchange will be unflagged. ??When ?all flagged ?exchanges ?are changed to unflagged (all ?exchanges ?are ?done being ?scanned in the limits you specified in the configuration) ??Code Thief will quit the exchange scanner. THE ACTUAL EXCHANGE SCANNER This ?is ?a ?full screen exchange scanner ala the movie ?WarGames ?(the movie ?sucked ?by the way) ?and it will show each of the ?numbers dialed. ??Numbers where computers are detected are shown BLINKING. If the modem does not detect ?a dial tone when trying to dial (receives the no ?dial ?tone result code) it retrys the line. After 5 retries it exits the exchange scanner. If the modem sends a BUSY result code that is ?logged ?to the CARRIERS.TXT ?disk ?file along with ?numbers ?that produced a CONNECT result code of any baud. It will specifically log it as ?a BUSY number or a number that the modem CONNECTed to. ?You can then ?consult ?the log and dial these numbers back manually if you wish to ensure that the numbers listed as busy aren't important. When the screen fills up, Code Thief goes back to the beginning. -> View/Delete Code Files <- When you choose this option from the main option menu the disk will be searched for files with a .COD extention. If there are any they will be displayed. If there are no files with a .COD extention that will be displayed also. You have the option of viewing one of these files or deleting one. If you view one it will be one screen at a time so nothing scrolls past you. Note that the time and date the code was found is logged for your convienence. -> View/Delete Carrier File <- This option is also on the main option menu. All carriers found when using the exchange scanner are logged to a file called CARRIERS.TXT, as well as BUSY numbers if the modem sends a BUSY result code. When viewing the file it will be showed one screen at a time so nothing scrolls past you. You can also delete the file. Note that the time and date the number was found is logged for your convienence. -> Start Hacking <- After you choose this option you will be prompted as to weather you want to do Single Extender/Single Target Hacking, Single Extender/Multiple Target Hacking, Multiple Extender/Single Target Hacking, Or Multiple Extender/Multiple Target Hacking. ?If you choose multiple target hacking of any kind the targets will be read into memory before hacking begins to cut down greatly on disk access time. If single extender hacking is chosen you will be prompted for the extender to hack. Use the arrow keys to highlight the extender you want then press RETURN or SPACE. If there is more than one page of extenders then highlight "Jump To Previous Page" and "Jump To Next Page" to navigate around the list. WHEN HACKING BEGINS You will be shown the complete statistics for every extender. Also shown ?is the number of codes found, ?the last code found as ?well ?as the number of codes found for that extender plus other statistics for the current hacking run for each extender. The number of extenders you ?can have at any time is limited only to disk space, ?of ?course. Multiple ?targets are limited to 500. ?This is, ?I ?think, ?more than enough. If you chose to quit hacking at a certain time, that time will be displayed on the screen as a reminder. ?Hit ESCape to quit ?hacking at any time. If you forgot to configure your modem and it is connected to ?COM2 ??(the default is COM1) ?then Code ?Thief ?will ?automatically recognize that ?something is wrong and exit the exchange scanner. ?You can ?also ?hit the SPACEBAR to skip to the next ?code. ?If you have ?a picky modem like mine, only use the ESCape key or the SPACEbar when the modem is not sending any DTMF to the line. ?But if you DO screw up the modem Code Thief will know and will make the attempt to recover. POSIBILITIES DURING HACKING Many things can happen during hacking. For instance, if the modem connects the code and extender is logged to it's respective disk file. If the modem sends an ERROR result code the current attempt is retryed again. If NO DIAL TONE is detected by the modem the current attempt is retryed. ??If NO CARRIER or VOICE is detected by the modem the program moves on. ?The maximum number of retrys that can ever be done in a row ?is five. ?Oh, ?if the modem sends a RINGING result code that ?is also ?shown ?to the user while the modem waits to timeout or ?connect. Ringing ?does ?nothing ?but just display "Ringing...". ?If ?the ?modem receives a busy signal it goes on to another attempt. I origionally planned ?on ?making ?it ?retry ?the code but ?I ?remembered ?that ?some extenders ?send ?a re-order which is a fast busy signal that ?can ?be detected by the modem and send a BUSY result code. -> Closing Notes <- I hope you understood this new documentation. Im not really a good writer, ?so if you have any questions leave me a note on any board I happen to be on ?and ?I ?will ?try to answer it. ?I hope you like Code Thief and find it usefull as I put a LOT of hours and hard work into it until I was satisfied. If anything goes wrong with the program on your machine, or anything else in general then leave me a note. I will try to diagnose the problem and stamp it out. COMMUNICATIONS ADDRESSES AND INTERRUPTS Here ?are the communications address and interrupts that Code ?Thief uses to access the communications ports. ?COM1: and COM2: ?are correct for ?100% ??of the applications. ?COM3: ?and COM4: ?as defined by ?the program will be correct 99% of the time. If you have a COM3: modem and Code Thief set at Port 3 doesn't work with it then change your modem to COM1: ??or COM2: ?if possible. ?If you really need YOUR communications addresses and interrupts for COM3: ?and COM4: ?leave me a note with the correct ?information on any board I am on and I will try to get ?you ?a new ?THIEF.COM ?and ?THIEF.000. ??But ?note ?that ?the ?addresses ?and interrupts ?used for COM3: and COM4: are going to be correct more times than not. Address Interrupt Address Interrupt ------- --------- ------- --------- COM1: 3F8 IRQ4 COM3: 3E8 IRQ4 COM2: 2F8 IRQ3 COM4: 2E8 IRQ3 F i l e s S u p p l i e d W i t h C o d e T h i e f 3 . 5 Make ?sure that these are the files you received in your ZIPfile ?of Code Thief revision 3.5. If these are not the files then what you got is ?something that someone else re-ZIPed and forgot ?to ?include something in. I ask that you only distribute the origional ZIPfile because people have confused themselves in the past. THIEF35.DOC - Code Thief Deluxe v3.5 documentation DELUXE.DOC - What's new since Code Thief 3.0? THIEF.COM - Code Thief 3.5 - The actual program THIEF.000 - Primary ?Code ?Thief ?overlay. ??Must be ?in ?the ?same directory ?as ?THIEF.COM and you must be logged to ?that directory MTARG.DAT - Code ?Thief ?multiple target file - use Multiple ?Target Conversion Utilities to make your own also EXTENDER.DAT - Sample 1-800 extender file to get you started MULTIPLE TARGET CONVERSION UTILITIES A CODE THIEF 3.5 COMPANION PROGRAM (be sure to read CONVERT.DOC to understand this) CONVERT.COM - Multiple Target Conversion Utilities - The program CONVERT.DOC - Multiple Target Conversion Utilities - The documentation TELENET.LST - Sample file off Telenet to get you started TYMNET.LST - Sample file off Tymnet to get you started TYMFIX.COM - You must run TYMFIX to make TYMNET.LST into ?TYMNET.FIX. Only TYMNET.FIX ?will ?work ?with ?the ?Multiple ?Target Conversion ?Utilities. ??Also use TYMFIX.COM to fix the listings you ascii-download off Tymnet.