****************************************************************************** * * * * * // USING AND ABUSING C.B.I. // * * * * by * * * * the GHOST * * * ****************************************************************************** CBI is a credit referral service, similar to TRW (though rather inferior). Basically, with the advent of large-scale credit use for high-end purchases, a need arose for a service which various businesses, banks, lending agents etc. could quickly and easily get a complete credit history on a potential customer. Thus, these establishments can have at their beck and call your entire credit history: all your credit cards, their limits, any mortgages you have and their current status, as well as various other tidbits such as loans, car reposses- sion defaulted extensions of credit, and the like. Some peoples credit files are quite extensive, while others are surprisingly incomplete. This, I sup- pose, reflects the ammount of credit usage the individual in question has employed. To make these credit referral services quickly and easily accessi- ble, these companies have been kind enough to place all their records in an online databasewhich can be called and referenced by a legitimate account- holder via modem. Forutunately for us, the hacker community, this wonderful database can also be called and accessed illegally. THAT is where the phun begins. PART 3: Okay, how do I get on? To make the lives of the various legal users of their system easier, CBI has established numerous access points to their database. Unfortunately, at the timeof the writing of this phile, I only have two working dialup for CBI. They are: 1-713-591-8100 Houston, Texas 1-804-466-1619 Norfolk, Virginia Also, the voiceline for CBI's 'Equifax Credit Information Services' is 1-201-842-7500. Call it and social engineer yourself a dialup or six. Once you're ready to call, TAKE PRECAUTIONS. NEVER call a CBI dialup directly, or just through a code. ESPECIALLY if you're trying to hack out an account. Rather, use an outdial, or better yet, use several outdials. Make it HARD for them to track you down. ATTHEVERY LEAST, use a diverter. I usually use a single outdial, which seems to be safe enough for simply accessing the system. As I said, for hacking, a more 'layered' approach is advisable. Okay, so now you've dialed the number from your cheesy outdial. The system connects. But, nothing appears on your screen. CBI does not recognize the standard 'carriage return' generated by your 'return' key. Rather, CBI accepts [cntrl-s] (^s) as a return. So, to awaken the system, hit cntrl-s (you may need to follow this with a return sometimes). Wait a few seconds and you'll see:(LA)PLEASE SIGN-ON: The system has no echo, so you may want to call with half duplex for some visualre-assurance. You now enter your account. Accounts appear in two formats: 613bb2114-c2 OR 613bb2114-c2,az,p. The system will accept either one (ie, the 'az,p.' is not necessary). After you finish typing in the account, hit [cntrl-s] again. There will be a few seconds brief wait, and if the account you entered is valid, the system will say: Blammo. You're in. PART 4: How to pull files Once you're in, there are 2 BASIC commands that you need to know to pull peoples files. There are various other commands for more powerful accounts, but as a low end user, you need not worry about these, and if you area a more experienced user, then you don't need ME to tell them to you! The files in the CBI database are referenced by either name and address or social security number. If you know either of these for your prospective target,you're in business. First, the easy one: To pull a persons credit file with their SS number, enter this command: id-sss-###-##-####.[cntrl-s] Where #'s are the digits of the SS #. Do not forget the period at the end of thecommand, it IS necessary. Also, remember to enter the command with controls, NOT return. Next, the more useful method of pulling a file. Enter the following: nm-first,last.ca-house #,streetname,streettype,town,state,zipcode.[cntrl-s] As for the name, you MUST have the full last name, but you only need to enter the first initial or a partial name. For the address, spelling the streetname and town correctly are important. Also, the zipcode is NOT NECESSARY. You can just put the period after the state and hit ^s. Streettype refers to blvd, st, rd, ln, ct...etc, you get the idea...you can either spell it out or use the common abbreviation. For towns or streets with 2 words, ie 'Seaside Heights' enter it exactly as is, for example: nm-lamer,joe.ca-666,wanker,ln,seaside heights,nj.^s PART 5: What's this weird number shit? When you successfully pull a file, you'll see something like this: *WAD,DICK SINCE 08/24/85 FAD 07/09/90 FN-300 72B,WOMBAT,BV,SCROTUM,SD,01010,TAPE RPTD 07/85 223,DERF,DR,TESTICLE,TX,43524,TAPE RPTD 09/87 BDS-09/14/58,SSS-121-32-1234 01 ES-,DERFLINK INC,HOSEHEAD,CA 02 EF-,SELF EMPLOYED,SCROTUM,SD 03 E2-,ADMIN,BEVCO ELECTR.,NJ So what the hell does this shit mean? Well, obviously, it begins with the person's name. 'SINCE' refers to the first time Equifax generated a file on thisperson, while FAD is the last time the file was updated. Next is listed the person's places of residence, both present and past. (RPTD is the last date thatthey were still listed as being at that address). The 'BDS-' line contains the person's birthdate and social security number, and sometimes their age as well. The following '01 ES' type lines concern the person's employers, again both present and past, with addresses for them. Next, you'll see the following: *SUM-08/85-07/90,PR/OI-NO,FB-NO, ACCTS:3,HC$0-25000, 2-ONES, 1-FOUR. *INQS-OCEAN NATL 444bb952 11/23/90 Okay, this is a little more complex. The SUM indicates the period during which this person has had credit of any kind. I do not know what PR/OI and FB indica te ACCTS: is the number of entries on the list about to follow, ie, the amount of credit extensions this person has ever had. HC$ is the span on the values of these credit extensions. That is, he has been extended as much as $25,000 at onetime. The 'ONES, FOURS, FIVES, NINES, ZEROS' etc indicate the TYPE of credit accounts the person has. I am still in the process of deciphering what each one means. INQS is self explanatory. Listed are all the firms which have recently pulled this person's file, and the date they did so. Next comes the good part: * FIRM/ID CODE RPTD OPND H/C TRM BAL P/D CS MR ECOA ACCOUNT NUMBER SEARS *906DC29 08/90 07/85 0 523 R4 01 J 8764-5648374612846 CITIBK-MC *906BB40 08/90 11/88 5000 1234 R1 34 S 542412345678 GMAC *906FA34 07/90 10/87 25K 10Y 10K I1 17 A 192-123456789 END OFREPORT CBI AND AFFILIATES - 11/26/90 Okay, broken down, this shit means: FIRM/ID CODE: The creditor and its CBI account code. RPTD: Last time that entry was updated, either due to purchase or change in credit extension. OPND: Date the account was first opened. H/C: Ammount of credit. In the case of actual credit cards, this is the card limit. TRM: Length of time the credit is extend- ed for, in weeks. If followed by a 'M', it is in months, and if followed by a 'Y' it is in years. BAL: Ammount still owed on the card as of the last update. P/D, CS, MR, ECOA: beats the shit outta me!!! ACCOUNT NUMBER: Self-explanatory. VISAS begin with a 4, MASTERCARDS begin with a 5, DISCOVER with a 6, etc. If you are uncertain as to whether an account is a card or not, run it thru your friendly credit checker to check. Many entries will have helpful explanatory footnotes like: CLOSED ACCOUNT, CARD STOLENORLOST, REDEEMED REPOSESSION REALESTATE MORTGAGE, AUTOLOAN, ACCOUNTCLOSEDBYCONSUMER PART 7: Safe use/abuse of CBI Okay, so you have an account and you know how to use it, right? So, what next?Well, firstly, you'd better cover your ass. As I said earlier, be sure to call CBI through some sort of number-diverting system. To preserve the life of your account and protect your ass, you should also take the following precau- tions. First, try to call CBI dialups only during normal business hours LOCALTOTHE DIALUP (based on whatever time zone it's in). That is, Monday- Friday from 9:00amto 6:00pm if at all possible. Try NOT to call ATALL after 12:00 midnight, as this is extremely suspicious. Secondly, never pull files sequentially from your phone book (more on this later). Skip around as far as last names go. Thirdly, don't be greedy...don't pull 100 files per call...stick to 10-20, no more that 30. Lastly, don't bother pulling the file of the President. We already tried pulling ole' George's file, but all we got was his social security # and a message stating that that file was 'not available'. PART 8: Who do I pull? It's essential that you never waste time on CBI, as accounts are valuable and not to be trifled away. So, don't spend all your time pulling your friends filesor your neighbor's. Go for the BIGBUCKS. Get out your local phone book and run through it looking for names with 'attorney', 'MD', 'DDS' and such after them. Then pull THOSE files. Also, its not a good idea to only pull files from your local area...so...run down to your local library. All libraries have phone directories for major cities nationwide. (Don't bother with the Manhattan guide, as none of those addresses are residential ones, all offices and such). Again, try to pull the files of affluent folks. When you take an address from a phone book, always try to make sure it isn't an office address. Many directories will list both office and 'res' ie residential numbers and addresses. You must have the person's BILLING address to pull his/her file. There are various other ways to get peoples names and addresses, so be creative and have fun. PART 9: Getting an account This is the REAL hard part. Most people simply trade away their hard-earned info for a CBI account. Frankly, the fact that few people know how to get new ones is the reason why there are so few in circulation. SO, its time for all youhacks to start getting them YOURSELF. How, you may ask? There are two ways. The most commonly used way is to social-engineer them. Flip thru your local phone book and find a small car dealership. Call them up. Pretend you are a CBI or Equifax employee. Again, be creative. If you sound like a 14yr old, or if you can't lie to save your ass, don't try this. You'll only phuck things up for the rest of us. Design your own scams. Be convincing. Leave them a number to call you back at...a loop, or a BBS #, or better yet, find a number thats always busy. Or, if you have one, set up a VMB to issue a greeting as the office of the person who you are impersonating. In short, be devious. After all, you're a hacker! Method two is a bit more tough. All CBI accounts that I've ever run into so far take on a simple format, presented above. Now, you'll notice that the beginning of an account (613bb2114) looks remarkably like the IDNUMBER presented in the files you pull (ie 906dc29). The reason for this is that they are ONEINTHESAME. Yes, thats right, CBI is nice enough to give you an extensive listing of partial accounts for all of its subscribers. All accounts take on this format: [3 DIGITS][2 LETTERS][2-5 DIGITS][a dash][2 CHARACTERS, EITHER NUMBER ORLETTER] Quaint, yes? Now, since the company codes provide parts one thru three, all you need to figure out is the 2-character code after the dash. In all cases I've seen so far, this has been a letter followed by a number, but I am not certain that this is ALWAYS the case. So, in short: HACK AWAY. PART 10: Company Codes COMPANY CODE COMPANY CODE COMPANY CODE A & S 426dc33 ALLSTATE 465ig14 AMERIFEDRL 444bb7072 AMEX 906on259 AMEX 906on267 AMEXOPTIMA 906bb5130 AM EXPRESS 458on2792 BANCAMER-V 906bb206 BENF BNCHG 444fp289 BEN SMITH 882an137 BERKLY MTG 444fs1399 BK OF MDSN 843bb342 BK OF NY 404bb539 BLOMNGDALE 404dc21 BNY DE GLD 496on747 BNY DE STD 496bb82 BONWIT TEL 404cg94 BRADLEE'S 426dc1577 C & S 401bb4880 C & S COMM 872bb213 CARTSVBKFA 444fs1381 CHASE EDUC 728bb10420 CHASE(USA) 905bb587 CHASE VISA 496on598 CHASE VISA 426bb756 CHEM BK,DE 426bb3859 CHEM BK,NJ 444bb3469 CHEM BK,NJ 444bb3626 CHEM BK,NJ 444bb5605 CHRYS 1ST 444fp2137 CHRYSLER 906fa26 CITIBANK 906bb115 CITIBK-MC 906bb40 CITICORP 906fm6418 CITICORPSA 447fs844 CITI PRVS 906bb289 CNB USA 496on291 COMMERCE 901bb5101 COMMONWELT 906fm6335 CORESTATES 496on218 CORESTATES 458on3022 CRESENT 402re30375 CRSI-CHARM 426cg544 CS NATNL 872bb31 CS OTC 872bb205 CTL JER MC 444bb143 CTL JER SI 444bb6173 CTY FD MTG 444fm11838 DE TR 458on3014 DISCOVER 155on44 DISCOVR CD 905on1497 EFX-SML042 444zb361 EQUIBANK 496on648 FFB NEWJER 444bb5654 FIDELITY NA 496bb587 FIELD BROS 906cg2913 FJNB/SO MC 444bb5704 FLEET FUND 416fm2092 FNB TRV IL 444bb465 FNB TRV MC 444bb52C62 FNB TRV OD 444bb5308 FNB TRV VS 444bb5290 GE CAPITAL 404ff262 GE CAPITAL 906ff278 GE CAPITAL 906ff260 GECAP-TOPS 404ff1039 GECAP-CALD 404ff825 GECC 906ff252 GIMBELS 426dc561 GLENDALE 181fs320 GMAC 444fa483 GMAC 906fa34 GOTTSHALKS 163dc2280 GRDN ST OC 444bb2719 HBNA VISA 163bb17526 HMDEPOT 404hz141 HUGHES CHV 444an1082 IAR EQUITA 444zb00577 �3ڐ3  �JC PENNEY 906dc185 JC PENNEY 444dc10639 JC PENNEY 906dc193 LITTMANS 444ja591 LORD & TAY 906dc151 MACYS 444dc49 MARINE MID 405bb280 MBNA AMER 801on119 MBNA AMER 801bb2942 MELLON BK 496bb74 MERIDN MTG 496fm271 MH/MC 426bb2380 MHT/MC 426bb541 MH/VISA 426bb1895 MH/VISA 426bb2406 MIDLTIC IL 444bb804 MIDLTIC OD 444bb3253 MNB/N IL 444bb9466 MOBIL OIL 906oc99 MONGRM-USA 404bb3483 NATL STATE 444bb1315 NATWST MTG 444fm12285 NCNB 805bb2492 NEIMAN-M 906dc656 NISSAN MTR 444fa848 NJNB 444bb6173 NJNB 444bb1869 NWB 444yc1311 NWB 444bb6363 NWB 444bb6496 NWB 444bb564 NWB 444bb3436 OCEAN NATL 444bb952 PNB IL 891bb186 PRIMERICA 496on44 RICE&HLMAN 444an2452 ROOTS 444cs315 SEARS 906dc29 SEARS 444dc510 SEARS 905dc3081 SEC PAC BK 180bb19097 SHOP CHARG 444cg377 SLMA-LSCP 496fz45 SNAPPER 404tz19 SNSONE TOY 444an4177 SPIEGELS 906dm10 STEINBACH 403dc1426 STERNS 496dc319 STRAWBRIDG 496dc20 STRD ROOF 444ki54 SUN RF MKT 606oc10587 SVGSBK SOC 414bb917 TOYOTA MTR 906fa67 TYOTA MOTR 444fa814 UCT RIKEL 444bb5035 UJB MC GLD 444bb9466 UJB-MID ST 444bb978 UJB/SO IL 444bb2248 UJB VISA 444bb1182 UJB VISA 444bb4491 UNIVRSL BK 444on366 UNIVRSL BK 444on200 UNIVRSL BK 444on358 UNIVRSL BK 444on341 WCI-HUFKOO 404hf375 YEGEN ASSO 444an449 1 VALLY BK 496fs380 1ST CARD 404bb182 1ST CARD 155on85 1STDEPOSIT 163bb19418 1ST JER CR 444zb668 1ST OMNI 801on1182 1ST STATE 444bb2958 ?????????? 444bb1331 ?????????? 465zb134 PART 11: THE END Well, thats all for now. With this info, you neophytes should be quite capable of using those CBI accounts you've been gleefully trading for so long. And, with luck, a few more of you will start hacking out accounts. If any one has other CBI dialups, or just other company codes for a possible 'UPDATE PHILE'...'CBI=The Revenge', please send them to me. I can be contacted via feedback at: CYBERNETIK LIMBO (908)269-7042 Or at: SOCIAL DISTORTION (908)303-0927, user #4. Also, you can mail me on QSD chat at TymNet NUA 208057040540. My box is 'ghost [pm]'. Feel free to contact me if you have any questions about the info presented in this phile, or if you're interested in becoming a Panther Modern. Finally, a few brief greets and thanks to: Neuromancer, Midnite Raider, Cyber- Sage, RatFink, Digital-Demon, and particularly to Sir Hairy Legg, who got me on to CBI in the first place. Oh, one other thing. The information presented in this phile is for informa- tional purposes only, to shed a glimmer of light on the inner workings of the arcane electronic world. In no way does this file condone or encourage credit fraud, illegal system access, or any other crimes. Equally, the author dis- claims ALL RESPONSIBILITY for any misuse of the information presented above, or any crimes committed thereby. But that never stopped ya before, now did it? Muahahahahah! ******************************************************************************* * This Phile Brought To You By * * * * the Panther Modernz * * the GHOST * * (C)Nov. 26, 1990 * * * *******************************************************************************