A Guide To A New Generation Of Phreaking [PART TWO]

All you've ever wanted to know about Phreaking. Many of the actions described in these tuts are illegal. They are presented for informational purposes only.

A Guide To A New Generation Of Phreaking [PART TWO]

Postby Net Battle Bot » Tue Feb 22, 2005 7:22 pm

Code: Select all
-=::A Guide To A New Generation Of Phreaking::=- [PART TWO] -=::Written and Researched by Decimalz::=- Welcome to part 2 in my series on phreaking. This issue we will look at the Old & Ancient art of war dialing, More Mobile Fun, Australian Dial up Points of access And some interesting truths about telstra field technicians. "...carrying human voice over copper wires is impossible, and even if it was possible, the thing would have no practical use." -From a newspaper editorial in the 1870's [contents] War Dialing -Definiton -Tools -What next Dial-up ISP Section -Points Of Access Locations and numbers -Hiding your CID(Caller ID) from your ISP Telstra Payphone Mischief -75% Full Coin Slot Problem -Out Of Service For Fun & Profit MOBILES What To Do when You See a Telstra Employee Conclusion Resources used - bibliography [/contents] -=::War Dialing::=- "...In most countries, it is not a crime to dial phone numbers" -Stated by a spokesman for ISS (Internet Security Systems) NB: If you are familiar with war dialing you will not benefit from reading the following section. (Definition) "WTF is War Dialing?" War Dialing is the 'forgotten' art of using a computer program known as a war dialer To call a given range of phone numbers. The scanner looks and records numbers that the computers modem connects to. Todays war dialing junkie is usually looking for pabx's and dial-up ISP numbers. War Dialing is the predecessor of the new found hobbie of 'War Driving'(search google for more info cause theres tons of tutorials that explain it in great detail). "So WTF is a war dialer" war dialer n. A cracking tool, a program that calls a given list or range of phone numbers and records those which answer with handshake tones (and so might be entry points to computer or telecommunications systems). Some of these programs have become quite sophisticated, and can now detect modem, fax, or PBX tones and log each one separately. The war dialer is one of the most important tools in the phreaker's kit. These programs evolved from early demon dialers. TOOLS ::FREEWARE:: In my opinion a phreakers best friend is a war dialer, and theres no better friend then THCs' "THC-SCAN v2.00". I have been using it for 2 years now and it has yet to disappoint me, except for the few days when i was learning to configure my modem so it would work. All the numbers that are contained in the text below have been found by me using THC SCAN 2.00. Available from the THC website http://www.thc.org/releases.php The other favourite tool loved by phreakers is TONELOC. I have tried it with out that satisfying results. I think it is more of an american influenced war dialer. Available for download from: www.securityfocus.com/tools/48 Creators Site and ToneLoc main page: http://www.paranoia.com/~mthreat/toneloc/ ::MONEYWARE:: PhoneSweep is apparently "The Wardialer of Choice for Security Professionals" Ive Never used it in a real life scenario, Only the demo download version, but i have read some good reviews on it. http://www.sandstorm.net/products/phonesweep/ BTW: @stake released 'TBA' a war dialer for the palm pilot. ::WHAT NEXT:: So you've got the tools, started scanning, found some numbers and you want to know what you can do with them. Well crank out your terminal application (I'm using BitWares BITCOM, You may have to use hyper terminal;( ) put in the number and see what happens, if it is a fax number you will get alot of gibberish dump on the screen before the connection is terminated by the host, if your lucky(meaning you have connected to a modem) you will most likely be greeted with a banner that looks similar to the one below. AT&F&C1&D2 OK ATE1S0=0 OK ATDT97570400 CONNECT 57600 Welcome to.... NetServv Mar River Terminal Server ( any problems mail support@netserv.net.au )C WARNING: It is a criminal offence to: i. Obtain access to data without authorisation ii. Damage, delete, alter or insert data without authorisation User Access Verification Username:decimalz Password:******** or depending on what program you used to dial into the modem, you may be greeted with something like this. CARRIER 28800 PROTOCOL: LAP-M COMPRESSION: V.42BIS CONNECT 38400 ACCESS IS RETRICTED TO AUTHORISED PERSONNEL ONLY This is NOT a PUBLIC system. Access is Permitted only to persons who have received the prior authorisation of the company or its affiliates.This system shall only be used for the purpose and in accordance with the computer and telecom security standards authorised by the company management, and not otherwise. UNAUTHORISED ACCESS MAY RENDER THE USER LIABLE TO PROSECUTION Card id:1800633047 Nows the part where you enter your legit password. Or the illegal part, where you write a script for you terminal appliction that brute forces passwords. Im currently Working on a brute forcer using bitcoms scripting engine. -=::Dial-Up ISP Section::=- "I think there is a world market for maybe five computers." - Thomas Watson, chairman of IBM, 1943 Points Of Access Locations and Numbers: PLEASE NOTE: that the following dial-up ISP numbers are Australian. Also these numbers are not illegal untill you gain un-authorized access to the ISP's system. WA (Main Points of presence): Albany: (08) 9842 0000 Broome: (08) 9192 0300 Bunbury: (08) 9791 0100 Busselton: (08) 9754 0000 Carnarvon: (08) 9941 0600 Collie: (08) 9734 0100 Denmark: (08) 9848 0000 Derby: (08) 9193 3010 Esperance: (08) 9071 9000 Exmouth: (08) 9949 3100 Geraldton: (08) 9921 0100 Hedland: (08) 9172 9400 Kalgoorlie: (08) 9026 3000 Karratha: (08) 9183 5800 Katanning: (08) 9821 3010 Kununurra: (08) 9168 4010 Mandurah: (08) 9581 0400 Manjimup: (08) 9771 7000 Margaret River: (08) 9757 0100 Meekatharra: (08) 9980 0000 Merredin: (08) 9041 0000 Moora: (08) 9651 0000 Mount Barker: (08) 9851 3000 Narrogin: (08) 9881 9000 Newman: (08) 9175 8200 Northam: (08) 9621 0000 Perth: (08) 9421 0990 Tom Price: (08) 9143 8200 WA (Alternate Points of presence): Goldfields region: 019 8308 444 Great Southern region: 019 8308 666 Kimberley region: 019 8308 880 Midwest region: 019 8308 333 Peel region: 019 8308 555 Pilbara region: 019 8308 777 South West region: 019 8308 881 Wheatbelt region: 019 8308 222 All other States National number: 019 8333 7143 IPrimus: 8432 2000 NetServ: 97540700 ::Hiding your CID(Caller ID) from your ISP:: These days with all the security measures and scares around ISP's are starting to log Their clients caller identification number(your phone number). This is a safety measure ISP's take when they are worried about a certain client who might know a bit to much, well enough to know how to connect to there phone number through a computer application. Lucky for us there is a number that can prevent your ISP from detecting your CID. all you have to do is put 1831 in front of the ISP number for example if i want to dial the national ISP number but dont want them to detect my CID i would put 18310198308881 in my dial-up internet connection window or in my bitcom phonebook. Also to force send the blocking number you must use 1832 instead of 1831. -=::Telstra Payphone Mischief::=- ::75% Full Coin Slot Problem:: Recently I obtained a nice X2 repair and maintenance manual. It out-lines a possible flaw in the payphone that allows free calls to be made if the Coin Box is 75% Full. A WA field technician discovered this flaw while fixing an X2. He pressed redial as a coin was stuck half emerged from the coin entry slot. It produced a humming sound and connected him to a mobile number - without any money or credit ever being established. He later found out this was caused by the 75% full coin box and somehow having a coin touching the inside of the coin slot confused the phone into connecting you for free. One thing that is not mentoned in the manual is why the phone produced the humming sound? Well, now you know why MTMS checks to see how full the coin box is!!! ::OUT OF SERVICE FOR FUN & PROFIT:: To make an X2 / X1 read Out Of Service on the LCD is not as tedious as everyone has presumed in the past. The other day someone ask me how does one go about performing this 'miracle'. To be honest I had never tried to get the phone to read OOS, so I thought why not and wandered down to my closest X2. Within 5 minutes I had the phone Reading Out of Service. In another 5 I had the LCD screen blank (not illuminated either) But Still had dial tone purring gently in the background. TO make the phone read out of service: *Pick the handset up off the reciever *Hold the follow on button down *Hold the recievers end call button at the same time *You should hear the phone confusing it self. *Within 5 seconds of holding both buttons down the phones LCD screen will read 'Out Of Service' *Hang up the handset on the reciever and notice that Out Of service will stay displayed on LCD untill the hand set is lifted. TO make the LCD screen go blank: *Perform all steps from above. *pick up the reciever as it is still reading 'Out Of service' *As soon as you pick up the reciever and the LCD goes blank Hold down the 1 on the dial pad. *The whole phone should go lifelessly blank (LCD unilluminated, no text either) *Place the handset on the reciever *If you are worried that you have broken the phone. Don't. as soon as someone lifts the handset from the reciever the phone will turn to normal. Oh by the way MTMS is alerted when you make the phone go blank. The beauty about that is it doesnt call MTMS untill the phone is restored By the lifting of the handset form the reciever. -=::Mobiles::=- "How can I send porn through the email, with out the guys in perth seeing it." -local police man who was interviewing me, in relation to an attempted unauthorized access of a computer system. Nokia Codes: James bond trick: If you short-circuit the left middle and right pins on the bottom of the phone with all connections touching each other, the Nokia software hangs! The profile "Headset" will be activated. Before you do this just activate the "Automatic Answer" in the headset profile and set the ringing volume to "Mute". Now you can use your phone for checking out what people are talking about in a room. Just place it under a table in a room and call it. The phone receives the call without ringing and you can listen to what people are saying. Improve call quality: To activate EFR (Enhanced Full Rate) Enter the code - *3370# This improves call quality but decreases batterylife by about 5% To deactivate it, Enter the code - #3370# Clock Stopping To check weather your SIM Card supports clock stopping type - *#746025625# THE REBOOT TRICK This should work on all software versions of the 6110. 1. Go to the Calendar (Menu-8) 2. Make a note or reminder. 3. Enter some text into the edit box. 4. Hold "Clear" until the whole text is cleared, then press "Back". 5. Press "0". The main screen will now be showing but a space appears on the screen. (you can't see it) 6. Enter 4 digits (e.g. 1234). 7. Use the down arrow to move the cursor to the left side of the numbers and the space (Down arrow twice). 8. Now enter 6 digits and press the call button. Wait for a few seconds, the screen should start to flash and reboots. It should alsowork on other menus like the "Profiles" menu -=::What To Do When You See A TELSTRA employee::=- Telstra employees are the dirty, unhygienic animals that work in deep pits of dirt all day. When you see a telstra employee inside one of these holes with a tent over him, run to his car( bound to be unlocked) and raid it for his Field technician guide( trust me, He wouldve brought it), which contains the golden secrets that have been hidden from man-kind by a corprate monster known as telstra. Thanks and Acknowledgements: @ HiTB and SigmaX -=::Bibilography::=- http://www.aca.gov.au/ australian communications authority http://www.accesscomms.com.au/ - carrier info http://www.cellphonehacks.com/ - name says it all http://forum.hackinthebox.org - forum http://nokiatone.ifrance.com/ - secret codes http://www.sigmax.org - irc http://phone-losers.org - usa phreaks http://www.google.com (inurl: cache) =)) http://neworder.box.sk - forum http://www.sandstorm.net/ -phonesweep http://www.paranoia.com/~mthreat/toneloc/ -toneloc www.cheyenne.com/ - bitware http://www.thc.org/ http://apb.insomnia.org/ Quotes taken from various sources.... ############################################### Decimalz@mail.com LP# (08) 97554548 @ Amblin Caravan Park (Ask for b0champ :)) #IRC Dalnet - #hackinthebox #australia Austnet - #ausphreak #phreak #perth Datawhore - #thejack #Phreaktac / The Jack - Bulletin Board System telnet:// Respect EOF
Without practice one cannot prove; without proof one cannot be trusted; without trust one cannot be respected.
User avatar
Net Battle Bot
Owns you
Posts: 1816
Joined: Fri Jun 04, 2004 6:44 am
Location: Groom Lake

Return to ā€œ%sā€ Phreaking Tutorials

Who is online

Users browsing this forum: No registered users and 1 guest