Copy Link
Add to Bookmark
Report
NPANXX Issue 08
8888 8888888
888888888888888888888888
8888:::8888888888888888888888888
8888::::::8888888888888888888888888888
88::::::::888:::8888888888888888888888888
88888888::::8:::::::::::88888888888888888888
888 8::888888::::::::::::::::::88888888888 888
88::::88888888::::m::::::::::88888888888 8
888888888888888888:M:::::::::::8888888888888
88888888888888888888::::::::::::M88888888888888
8888888888888888888888:::::::::M8888888888888888
8888888888888888888888:::::::M888888888888888888
8888888888888888::88888::::::M88888888888888888888
88888888888888888:::88888:::::M888888888888888 8888
88888888888888888:::88888::::M::;o*M*o;888888888 88
88888888888888888:::8888:::::M:::::::::::88888888 8
88888888888888888::::88::::::M:;:::::::::::888888888
8888888888888888888:::8::::::M::aAa::::::::M8888888888 8
88 8888888888::88::::8::::M:::::::::::::888888888888888 8888
88 88888888888:::8:::::::::M::::::::::;::88:88888888888888 88 NPANX
X 008
8 8888888888888:::::::::::M::"@@@@@@@"::::8w8888888888888888 Volum
e 002 - Issue 003
88888888888:888::::::::::M:::::"@a@":::::M8i888888888888888 "Keep
ing the scene alive"
8888888888::::88:::::::::M88:::::::::::::M88z88888888888888888
8888888888:::::8:::::::::M88888:::::::::MM888!888888888888888888
888888888:::::8:::::::::M8888888MAmmmAMVMM888*88888888 88888888
888888 M:::::::::::::::M888888888:::::::MM88888888888888 8888888
8888 M::::::::::::::M88888888888::::::MM888888888888888 88888
888 M:::::::::::::M8888888888888M:::::mM888888888888888 8888
888 M::::::::::::M8888:888888888888::::m::Mm88888 888888 8888
88 M::::::::::::8888:88888888888888888::::::Mm8 88888 888
88 M::::::::::8888M::88888::888888888888:::::::Mm88888 88
8 MM::::::::8888M:::8888:::::888888888888::::::::Mm8 4
8M:::::::8888M:::::888:::::::88:::8888888::::::::Mm 2
88MM:::::8888M:::::::88::::::::8:::::888888:::M:::::M
8888M:::::888MM::::::::8:::::::::::M::::8888::::M::::M
88888M:::::88:M::::::::::8:::::::::::M:::8888::::::M::M
88 888MM:::888:M:::::::::::::::::::::::M:8888:::::::::M:
8 88888M:::88::M:::::::::::::::::::::::MM:88::::::::::::M
88888M:::88::M::::::::::*88*::::::::::M:88::::::::::::::M
888888M:::88::M:::::::::88@@88:::::::::M::88::::::::::::::M
888888MM::88::MM::::::::88@@88:::::::::M:::8::::::::::::::*8
88888 M:::8::MM:::::::::*88*::::::::::M:::::::::::::::::88@@
8888 MM::::::MM:::::::::::::::::::::MM:::::::::::::::::88@@
888 M:::::::MM:::::::::::::::::::MM::M::::::::::::::::*8
888 MM:::::::MMM::::::::::::::::MM:::MM:::::::::::::::M
88 M::::::::MMMM:::::::::::MMMM:::::MM::::::::::::MM
88 MM:::::::::MMMMMMMMMMMMMMM::::::::MMM::::::::MMM
88 MM::::::::::::MMMMMMM::::::::::::::MMMMMMMMMM
88 8MM::::::::::::::::::::::::::::::::::MMMMMM
8 88MM::::::::::::::::::::::M:::M::::::::MM
888MM::::::::::::::::::MM::::::MM::::::MM
88888MM:::::::::::::::MMM:::::::mM:::::MM
888888 MMM
8888888 NPANXX 008 MMMM
88888888 MMMMM
@@@@@@@@@ @@@@@@@@@@@@@@@@@@@@@@@@@@@
@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@
@@
@@
@@ 1.Team Phreak Christmas time cheer poem ................. downtime
@@
@@ 2.Extinction Of Personal Freedom ............................. bor
@@
@@ 3.Ghosting a Nokia 5165 .................................... l4m3r
@@
@@ 4.Fax on demand ............................................ ic0n
@@
@@ 5.What MCI Doesn't Tell You, Could Hurt You ....... dark fairytale
@@
@@ 6.A Guide To Counting and Converting Octal .............. windead
@@
@@
@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@
@@@ @@@
@@
@@@@ Team Phreak Staff @@
@@
@@@@@ @
@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@
@@
@@
@@ Member Email
@@
@@
@@
@@ bor bor@teamphreak.net
@@
@@ downtime downtime@teamphreak.net
@@
@@ parenomen parenomen@teamphreak.net
@@
@@ phractal phractal@teamphreak.net
@@
@@ stain stain@teamphreak.net
@@
@@ Article submission articles@teamphreak.net
@@
@@ Email staff staff@teamphreak.net
@@
@@
@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@
@@@@@ @
@@
@@@@ Note From Editor @@
@@
@@@ @@@
@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@
@@ @@
@@ @@
@@ Team Phreak contributes to the scene. We write @@
@@ our own articles and do not rely heavily on outside @@
@@ sources for our issues (unless other wise noted). @@
@@ We may use other materials for news articles or in @@
@@ research purposes to verify what we type is fact, @@
@@ but we guarantee that all articles are written @@
@@ by us and anyone who wishes to contribute orignal @@
@@ texts. Also please come and vist us on irc at @@
@@ EFNet. You may use the following servers to connect @@
@@ to EFNet,irc.rt.ru, irc.prison.net, and @@
@@ irc.vrfx.com. Please join us on the world wide web @@
@@ at www.teamphreak.net @@
@@ @@
@@ - Parenomen@teamphreak.net @@
@@ @@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@ @@@@@
@@@@ Shoutouts @@@@
@@@@@ @@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@ @@
@@ dark fairyTale windead @@
@@ vap0r ic0n @@
@@ ozlo #telconinjaz +k @@
@@ kungfoo aphrax @@
@@ iluffu burnt circut @@
@@ j0o doctorx @@
@@ visual kmem @@
@@ zylone @@
@@ phishstlk @@
@@ frag @@
@@ l4m3r @@
@@ Everyone in EFnet #teamphreak @@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
+-+-+-+-+-+-+-+-+-+-+-+
|N|P|A|-|N|x|x|-|0|0|8|
+-+-+-+-+-+-+-+-+-+-+-+
+-+-+-+-+-+
|I|n|t|r|o|
+-+-+-+-+-+
Whats up all you slack eyed, half crazed, a little insane, techno wanna
be
intelligent freaks! Here is a brand new issue of NPANXX! Don't worry, we know y
ou
fear it and love us. We know. Here is some information that'll make you fall o
ver
in your chair, smack your mom, and load a huge bowl just to get a glimpse of wh
at
the hell we are talking about.
We've packed this issue with a little bit of everything from each of our minds.
(Pretty scary huh?) We are some crazy mofos. Anyway, we've had some troubles
lately with our site, and getting things rolling, but now we got it all under
control. We got up off of our lazy, slacking, no good for shiz asses and put
something together that duck tape can't even keep together, so watch out!
TeamPhreak is back, slicing, dicing, and doing everything that Chef Boyardee
can't to give you the information that you only dream about in your wettest
dreams, so wait no longer, scroll right down and read! read! READ!
- downtime
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
88888 88888
8888 1.Team Phreak Christmas time cheer poem 8888
888 Written By: downtime (downtime@teamphreak.net) 888
888 Written For: NPANXX008 (www.teamphreak.net) 888
8888 Written On: 12/22/02 8888
88888 88888
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
It's Christmas time
And TP's on the prowl
Even Parenomen, Yes,
He's hit puberty now!
Bor is at home
Supplying the speed
Giving us the network
We so badly need
Where oh where
Is that damned stain
If something goes wrong
He's the one we blame
But all is well
And we're still here
Supplying you all
With TP's Christmas cheer
So forget your presents
Forget all of that
It's a new issue
So chill and relax
While we feed your mind
With information thats new
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
88888 88888
8888 2.Extinction Of Personal Freedom 8888
888 Written By: bor (bor@teamphreak.net) 888
888 Written For: NPANXX008 (www.teamphreak.net) 888
8888 Written On: 11/16/02 8888
88888 88888
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
DISCLAIMER:
-----------
The following article does not represent the political stance of any
member of Team Phreak, with the exception of bor. My political views
and notions of the world DO NOT reflect those of any other member of
Team Phreak. All critcism of this rant should be directed towards me :-)
------------------------------------------------------------------
Introduction:
-------------
It seems that as time goes on, and people get more politically
correct, this country of ours is turning into one giant pre-school.
No longer are people allowed to be ignorant or stupid. In this day
and age, killing someone because of their race carries a larger
penalty than simply killing someone for any other reason. Shouldn't the
act carry the same harsh penalty no matter what your motive was? In
today's america, people get scared, and they call for security, but do
we allow ourselves to do anything that would be considered anti
politically correct? No. When american's get scared, we simply tell the
government to fix it, but don't go out of your way to keep our rights...
who needs them? In today's america, people have forgotten what this
county was founded on. No one remembers that our personal freedoms are
what made us different from many countries in the world.
Today in america, if someone doesn't like what someone said to
them, they can pass a law. If someone doesn't like the fact that
someone is smoking in a restaurant, pass a law. If someone thinks that
we need to be safe...Watch everyone. That's the way it seems to work now.
If someone wants something done, then pass a law. Restrict us even more.
Take away more and more rights. Lets make more laws, and take away more
rights.
Lassen Sie mich Ihre Papiere sehen.
-----------------------------------
In over a year, we have gone from being secure with no strong
visible problems, to a country that wants to build a central database
which would include every website that you visit, every time you fill
your car with gas, every credit card transaction, among other things
which they probably don't want us to know.
Under the spreading chestnut tree...I sold you, you sold me.
------------------------------------------------------------
Today america is still a country with great freedoms.
Compared to many other countries in the world, we have more freedom,
live better, and pay far less taxes. However with upcoming terrorist
attacks more likely than ever, how much will people panic? When
people got scared after September 11th, we allowed the government to
pass law's with access to our personal lives like never before.
No longer does the FBI need a court order to tap your phone line or
watch your email. No longer will someone exploring a computer system
be free from un-needed persecution. No longer do we have the rights
that we had before.
And what about after the next attack? What happens after we
get attacked one more...or even two more times? Will there be
marshall law? Will the military have to take over the streets after
the scared and ignorant riot? Will the government be forced by the
will of the ignorant to force people to "show us their papers?"
How long before america gets more and more like nazi germany?
There's a simple solution to all of this rather than taking
away our personal rights to live and breathe like normal. If we would
simply close the borders to this country, our rights could be protected
without reprocussions. Would this totally rule out terrorist attacks
by citizens of the United States? No, but nothing that we're doing now
makes sense as it is. While we check ever third person in line at the
airport, the terrorist who can count gets right through the line. While
we patrol the skies, who is patrolling the borders?
Stability, insisted the Controller, stability. The primal and
the ultimate need. Stability. Hence all this.
-----------------------------------------------------------------
No need to walk to another restaurant today. The whiners of
America have forced the entrapaneur to force away business from his
own establishment. More and more states are passing laws which FORCE
business owners to conform to the requests of a few people. No longer
can a restaurant owner simply put a non-smoking section in their
restaurant, no smoking is allowed at all. The amendments all say the
same thing. They all insist that it is for the health of the public.
Everyone insists that it's for our own good. Why are we not allowed
to choose what is for our own good? Why can't the business owner
decide who's business he wants to turn away? In today's america,
if we can't please everyone, we must please the people who are
"trying to protect us."
Why can't the non-smokers simply decide to go to another
restaurant that doesn't allow smoking? There are hundreds of
restaurant in every major city. I'm not a smoker myself, however
even though I'm not, I believe that if I don't want to smell
cigarette smoke, and someone has decided to allow it in their
establishment, it should be up to me to go somewhere else.
Why punish the business owner for having such a policy?
Conclusion:
-----------
Today, America is much too hesitant to keep what this country was
founded upon. No longer is it okay to have personal rights. No longer is
it acceptable to be stupid or ignorant...it is a crime in many cases.
Today in America, we no longer have the right to choose who we want in
our own businesses. Today in America, it's looking a lot more like Mexico,
rather than America. Will we ever gain our personal rights back? Maybe
once the borders are closed it will be a start. While we are the only
country left in the world who allows nearly anyone in, Australia and
other countries with strict imigration policies have less crime, and
do not need such drastic changes in their laws every couple years.
Keep america like it was. Allow us to be stupid, idiotic,
and ignorant. Allow us to choose who is allowed into our
businesses. Allow American's to choose what's right and wrong
for them within the limits of the law. But don't change the law
to choose what's right and wrong for us.
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
88888 88888
8888 3.Ghosting a Nokia 5165 8888
888 Written By: l4m3r (phoneboy@innocent.com) 888
888 Written For: NPANXX008 (www.teamphreak.net) 888
8888 Written On: 12/05/02 8888
88888 88888
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
Introduction:
-------------
Have you ever heard of a 'burnout' or ghost phone? Well, I hadn't until
this summer. I was on a greyhound bus riding up to NYC to meet my crack connect
ion
and this brother man next to me started talking about 'burnout' cell phones.
Being the shady phone Phreak that I am, I pumped him for as much information as
I
could. Unfortunately, the fucker couldn't give me shit. Well, this information
lay
dormant in my head for several months. Until a klubie popped into #cellular and
asked, "what's a burnout number?" This individual, being a klubie, had no initi
ative
to actually do some research.
I'm telling you, phreaks best friends are his voice, for social enginee
ring,
and http://www.google.com for looking before you ask. Remember there are no stu
pid
questions, just stupid people. Anyway, my interest had been rekindled, so I use
d my
second best friend and started searching. Two cellular message boards were my p
rimary
and most valuable finds. I discovered that 'burnout' is street slang. Most phre
aks
actually call them ghost phones, or ghost numbers. I also learned that any moro
n
could do this with the proper instructions, like the ones contained in this fil
e.
Ghost Number:
--------------
So what is a ghost number anyway? For all intents and purposes,
it's a number that you can use to make free phone calls with. Why they work
is all theory. I've yet to meet anyone with actual knowledge on the matter.
Following are some existing theories.
One theory is that ghost numbers are actually cellular numbers from oth
er
Areas (roamers) that pass certain tests on the cell tower/cell switch that your
currently on, such as matching up in a database of cellular npa-nxx's etc.
This makes sense on one level because several ghost numbers have been tracked
back to a cellular switches. Unfortunately I haven't been able to check a large
amount of ghost numbers. Test this theory yourself. This is interesting in the
search for new ghost numbers, assuming this theory is correct. Another theory,
a little weaker, is that the switch actually logs all the roaming calls made
and then communicates them back to the "ghost" switch at a later time. With no
real time authentication, the ghost slips by.
Now either of these theories could be complete bullshit or both could h
ave
a basis in fact. Irregardless ghost numbers are most definitely a glitch in the
switching software. Whether it's the switch or the cell towers software is anyo
ne's
guess at the moment. In order to test the location of software glitch, try movi
ng
around with your ghost numbers. See if you can determine if its cell tower or s
witch
dependent, remember you're probably going to have to change your SID if you cha
nge
switches. Ghost numbers don't work everywhere, so I'm leaning towards a switch
dependent
glitch.
Finding a Ghost Number:
-----------------------
To find a ghost number, locate an NPA near you but not your own. Progra
m a
number with that NPA into your phone, starting with NXX 200. The last four digi
ts don't
matter. So if your NPA was 202, you'd program 202-200-XXXX into your phone. If
you can't
call with that number try the next NXX, 202-201-XXXX keep going until you reach
999.
If there are no ghost numbers in that NPA, move onto another. I should remind y
ou that
this does not work in all areas, and you may scan until your fingers turn black
, blue,
and eventually bleed. Sorry about your luck.
Nokia 5165:
-----------
The Nokia 5165, this is the phone I have, so this is the phone I will t
ell you
how to ghost. If you don't have this type of phone, go fuck yourself... It all
goes back
to the introduction, its easy enough to find out how to ghost your Particulate
phone.
All you have to do is change the NAM and getting to that menu only requires you
to input
a simple code (for most phones, some need data cables... in which case, get a d
ifferent
phone).
The code for most nokias and the 5165 included is *#639# enter that int
o the phone
and you'll be prompted with "Cellular Number:" Now, input your ghost number. Ne
xt, you'll
then be prompted with "Enter Code:" this is the prompt for your SID enter one l
ocal to you.
The phone will then reboot. Call your local FBI field office, if someone answer
s... SCORE!
You have a ghost number.
Additional 5165 codes and menus:
--------------------------------
Display Phone History
*#92772689# Serial Number...
Made....mmyy
Programming Date mmyyyy
Repaired..mmyy
Transfer user data?
Life timer..0000:00
Display Software Version
*#9999# V 07.01
09-01-02
NSW-1
CSD Ver.
390.01 0
Programming Menu
*3001#12345#
NAM 1
Home System ID
System ID:
Home SOC
Home SOC:
Own Number
Number:
Message center number
Number:
Gateway no.
Number:
Alpha tag
Alpha tag:
PSID/RSID lists
P/RSID 1
P/RSID 2
P/RSID 3
P/RSID 4
P/RSID 5
Change defaults
NAM status
Enabled
Disabled
Access method
0
1
Local option
0
1
Primary paging channel
Channel:
Secondary paging ch
Channel:
Dedicated A cch
Control channel:
Dedicated B cch
Control channel:
Overload class
Class:
Group ID
Group ID:
SID alpha tag control
Enabled
Disabled
A-key code
A-key:
Public systems
Password: ?????
Private systems
Password: ?????
Residential systems
Password: ?????
NAM 2
Home System ID
System ID:
Home SOC
Home SOC:
Own Number
Number:
Message center number
Number:
Gateway no.
Number:
Alpha tag
Alpha tag:
PSID/RSID lists
P/RSID 1
P/RSID 2
P/RSID 3
P/RSID 4
P/RSID 5
Change defaults
NAM status
Enabled
Disabled
Access method
0
1
Local option
0
1
Primary paging channel
Channel:
Secondary paging ch
Channel:
Dedicated A cch
Control channel:
Dedicated B cch
Control channel:
Overload class
Class:
Group ID
Group ID:
SID alpha tag control
Enabled
Disabled
A-key code
A-key:
Public systems
Password: ?????
Private systems
Password: ?????
Residential systems
Password: ?????
Security
Security code:
Emergency
Emergency number 1
Emergency number 2
Emergency number 3
SW Version
V 07.01
09-01-02
NSW-1
Serial No.
ESN:
Programmed
Field test
Enabled
Enabled+lights
Disabled
Useful Links:
-------------
SID Sources:
http://9x.tc/main.html
http://www.justalurker.com
Cellular Message Boards:
http://www.cellphonehacks.com
http://www.sotmesc.org/gcms/phreakbb/bbindex.html
Switch ownership/type via NPA-NXX:
http://members.dandy.net/~czg/search.html
http://www.dslreports.com
http://www.telcoexchange.com
Glossary:
---------
ESN Electronic Serial Number
SID System Identification
P/RSID Private/Residential System Identification
SOC System Operator Code
0001 Cellular One
0003 Bell South Cellular
0004 Southwestern Bell Mobile Systems
0007 Vanguard
0008 Century Cellunet
0009 Pacific Telecom Cellular
0010 Midwest Wireless Communications
2049 US-AWS
2050 Canada-Rogers Cantel Inc.
2049 AT&T
2050 Rogers
2051 BellSouth
2052 South Western Bell
2053 Bell Mobility
2054 Telecom NZ
2057 PacTel
2063 US Cell Corp.
2078 Houston Cellular
NAM Number Assignment Module
NPA Number Planning Assignment (area code)
NXX Prefix
Shout outs:
-----------
MDR & sherry from somesc & cellphonehacks respectively
Also, the wonderful individuals of Team Phreak,
I'm buying each and everyone of you a pony for Christmas
All the individuals in #telconinjaz +k
"Active Phreaks Actively Sharing Information"
/knock and demonstrate activity/skill for key
Oh yeah, and who could forget, your mom...
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
88888 88888
8888 4.Fax on demand 8888
888 Written By: ic0n (ic0n@phreaker.com) 888
888 Written For: NPANXX008 (www.teamphreak.net) 888
8888 Written On: 11/18/02 8888
88888 URL: http://www.hackerhost.com/lph 88888
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
Fax on demand is a system used by a lot of large corporations.
Fax on demand only offers one feature witch is sending
documents via fax machine. The cool part is that you can input
any telephone number in North America and that's where it will
be sent. I also should add that it's untraceable so that means
you can attack whomever you want whenever you want and not have
to worry about getting busted.
When you dial into the fax on demand system 90 percent of the
time they will say something like this.....
'You have reached blank corporations fax on demand system'
Pretty easy to indentify huh?
The other 10 percent will have one option to transfer you to
the fax on demand system.
They'll give you a few opinton's to choose from each company
have there's setup differently but here's any idea of how
there setup.
Note: one system is actually setup this way
1: To get index of documents sent to you
- Enter the fax number followed by the # key
- Repeats number entered
- If the number is correct press 1
- To re-enter the number press 2
2: To get documents sent to you
- you may order up to 3-5 documents by entering your
1st section now....
Depending on how large the company is and how many documents
they offer will effect how long the document numbers will be.
I've seen everything from 1 to 5 digits Long.
9: To end the call
Like I said earlier in this article each system is setup
differently. Some have more features than others but
none the less there pretty much the same.
Another side note if for some reason when fax on demand calls
and the line is busy it will call the party 3 more times. Some
systems' will call 3 times with 15 min. intervals. Or the
system will call 3 times within that 15 min's
As an extra bonus I'll include some numbers for your
phreak enjoyment!!!!
1-877-851-7443
1-800-446-6212 analog fax
1-800-909-0263 3m
1-800-909-0264 kinko's
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
88888 88888
8888 1.What MCI Doesn't Tell You, Could Hurt You 8888
888 Written By: Dark Fairytale (darkie@ppchq.org) 888
888 Written For: NPANXX008 (www.teamphreak.net) 888
8888 Written On: 07/09/02 8888
88888 URL: www.ppchq.org 88888
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
Chances are you already know someone who is subscribed to the
MCI Worldcom Long Distance Calling Plan or may be a user yourself.
Imagine if you will, recieving a rather large bill from MCI Worldcom
with charges upon charges for calls you never made or know nothing
about. How did this happen? Believe it or not, it is happening all
across the US and the methods used to rip someone off may not be as
entirely difficult as you once thought. While exploring the MCI
Worldcom service, these past couple of months, I've discovered things
MCI just might not want the average person to know. Things that are
so obviously exploitable to almost anyone, but you may have never
thought about. In this analysis I will discuss just how one person
can go about charging calls to someone else with a little common
sense, the use of a phone, and some social engineering skills.
When signing up for an MCI account, most people aren't smart
enough to read the fine print. Who reads fine print anyway? You may
be getting stuck with something you don't exactly want attached to
your bill, but guess what? There's nothing you can do about it
because no matter what, MCI slips this little handy dandy feature
into your calling plan. A little pushy, huh? So what is this feature
you may ask. A 1-800 Number directed to your home line or any other
line you may choose to use when signing up with MCI Worldcom.
If you go to the MCI website (www.worldcom.com) and check out their
calling plans you'll notice that the whole bit about the 800 number
is on a completely different page and not mentioned in the calling
plan. Kinda misleading, huh? If you sign up via the web, after you
are confirmed, about a week later you'll recieve an email stating
that your 800 is now active. WTF? 800 Number? Ehm, ok. So what's
the big deal about this 800 number anyways? More on that later,
because that's the very key to MCI's big security flaw.
When signing up for MCI service you are asked the basic questions,
name, address, etc. No big deal. After all of this, you are asked to
provide a four digit security pin. What is this pin used for, you
may ask? A couple of things as a matter of fact when it comes to MCI
service. Are you starting to see the big picture yet? Focus. Most
people are not that smart and are gonna pick pin numbers like: 1234,
1969, 4321, 6969. But then again, how hard could it be to guess an
actual working pin number?
Now this is where the 800 number comes in to play. I've also
discovered that MCI owns the whole exchange of 1 800 484 ****.
So let's say you call up any number in that exchange. What you'll
usually get is an automated operator who asks for you to enter
your 4 digit pin. Let's say for instance you enter 1234. If the
pin is active on that 800 number it will begin to ring someone's
home phone and guess who? The person with pin number 1234! Amazing,
isn't it? If it doesn't work then it will ask you to re-enter your
pin and if you get it wrong again you'll be forwarded to a live
operator. Now where am I going with all this? Wait, it gets better.
How terribly difficult is it for someone to call up 800 484 ****
and enter random four digit pins until they finally come across a
working pin? Ok, so let's say 1234 is in fact a working on this
particular MCI 800. You call it up, enter your pin and a conversation
with the person on the other end whom you are trying to own MIGHT go
something like this:
Person: Hello?
You: Is Janet there?
Person: No, I'm afraid you have the wrong number.
You: Oh, I'm sorry, what number did I call?
Person: 555 1212
You: Oh, that's funny, which area code?
Person: 710
You: Ok, thank you, goodbye.
Person: Bye.
Ok, so some people might not wanna give out their area code so easily,
but you'd be surprised just how many people are in fact willing to do
so and think nothing of it. Think about it, how many wrong number calls
have you recieved and people ask you which number they dialed? It
happens everyday and most people don't think twice about it. It doesn't
seem like that big of a deal at the time. After reading this you may
think twice about doing so.
So now you have the person's area code, home phone number, and MCI Pin,
what the hell can we do that? Simple. If you haven't realized by now,
you have just acquired an MCI Calling Card Number. Now that wasn't so
hard, was it? The same pin that is used for your 800 number is also the
pin used for your calling card. Great security measures on MCI's
behalf, huh?
The format of the MCI calling card is as follows:
Area Code + Number + 4 digit PIN
In other words, simply dial 800 888 8000 (Auotmated MCI Calling Card
Number) and when it asks, enter "your" account info and wa la! You now
have free long distance all at the expense of some other schmuck, who
was too stupid not to sign up with MCI in the first place. On another
note, you can also place International Calls with your newly acquired
MCI account. Also, you may note that the account has unlimited minutes
of use. I've seen these things last for months at a time before anyone
caught on to what was happening. Just imagine, how many dollars worth of
fraudulent calls could be racked up at just about anybody's expense due
to pure stupidity on MCI's behalf.
MCI really dropped the ball when it comes to security. There are so
many ways this method of stealing calling cards could be avoided.
Perhaps, separate pins for each account? That's not too difficult of
a task. Do you really think MCI cares though? I highly doubt they do
and the time it would take to change everyone's pin now is more than
likely something they wouldn't be willing to do. Time is money.
Also, I've been informed of another hole in the MCI service that you
could incorporate into this little hustle. Whenever you call the MCI
Direct 800's you'll notice that if you push * for about two seconds
instead of entering any pin, you will automatically be forwarded to a
random MCI subscriber. With that in mind, you could easily pose as an
MCI Operator and come up with a number of different scenarios to attain
someone's phone number and pin. As I stated earlier, we're not really
doing genius' work here. Anybody with a little time on their hands,
such as myself, could have thought of these little scams earlier and
MCI should realize that. By not implementing larger security measures
on their MCI long distance plans, they are basically slapping their
customers in the face. Hopefully, someone from MCI might just read this
article and understand what is happening and can actually do something
about it for the sake of their customers, but I highly doubt that.
I can also tell you that by speaking to the MCI operators themselves
you might be able to con them out of a pin and phone number rather
easily. About a month ago on a teleconference redxer and myself were
having a little fun with MCI Worldcom when we forwarded to an operator.
Redxer was able to get a pin and phone number out of them in about 5
minutes. Makes you wonder what kind of people they are hiring to work
for MCI. Obviously not the brightest people on the planet.
I do not encourage anyone to try the things discussed in this analysis
of a very serious security problem on MCI's behalf. Doing so would
more than likely subject you to federal prosecution. Plus, I'm one
hundred percent positive that MCI logs all calls on their 800 numbers.
So, unless you have a surefire way of not delivering your ANI, I wouldn't
even attempt these actions. It's your life though. I'm sure some of you
will be trying and won't care what I just said. Finally, please note,
you've been warned of the consequences you may face when attempting to
rip off MCI.
Shouts: NPANXX, Team Phreak, parenomen, all my niggas in PPC,
sandniggor, Comic, redxer, sintaks, liquid, khecka, janus, lucid,
actinide, herf, gigabyte, ray haque, rotary, wargod, my mom, and
anyone else I may have
forgotten. peace!
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
88888 88888
8888 6.A Guide To Counting and Converting Octal 8888
888 Written By: windead (w1ndead@hotmail.com) 888
888 Written For: NPANXX008 (www.teamphreak.net) 888
8888 Written On: 01/12/03 8888
88888 88888
8888888888888888888888888888888888888888888888888888888888
8888888888888888888888888888888888888888888888888888888888
Well, I'll start off with a quick description of Octal's history. It
all started out with DEC's Minicomputers which were
made to challenge the IBM Supercomputers which were out at the time
(1960's). DEC made sure that no software could be moved
from IBM mainframes to DEC Minicomputers, DEC designed its machines
completely in base 8.
Now heres the fun part...
lets try counting to 10 in Octal (base 8, remember) 1, 2, 3, 4, 5, 6,
7, 10, 11, 12. Now, they didnt get rid of 8 and 9,
they just changed the names to 10 and 11. They didnt really change the
names for the column's values though. The columns
go as follows: Unit, then to the left of that, 10's column. But the
annoying part about that is of course when they
say '10' it actually is 8. so the 10's column actually has a value of
8. Heres an ASCII graph to show it a bit better.
It comapres it to Decimal, which if you dont know is our common
numbering system (taught in schools after 1960's).
Octal Decimal
Numeralals Equivalent
1 1
2 2
3 3
4 4
5 5
6 6
7 7
10 8
11 9
12 10
13 11
14 12
15 13
16 14
17 15
20 16
21 17
22 18
23 19
24 20
That should give you a pretty good idea about Octal vs. Decimal.
Remember that each column in a given number base has a value base times
the column to its right, so the tens column
in Octal is actually the eights column. The next column is the
hundreds column, but the hundreds column actually has
a value of 8 x 8, or 64. Next column has a value of 64 x 8, or 512,
and next is 512 x 8, or 4,096.
A digit in the first column (units, or ones) tells hows many units are
contained in the octal number. A digit in the next
column to the left, the tens column, tells how many eights are
contained in the octal number. A digit in the third column,
the hundreds column, tells how many 64's are in the octal number. for
example 400 Octal would mean that the number contains
four 64's. which is 256. so the decimal form of 400 octal is 256.
Lets dissect a number to make conversion a bit easier.
Octal number 76225
7 would be in the 4096 column, so 7 would = 28672
6 would be in the 512 column, so 6 would = 3072
2 would be in the 64 column, so 2 would = 128
2 would be in the 8 column, so 2 would = 16
5 would be in the 1 column, so 5 would = 5
28672
3072
128
16
+ 5
=31893 in decimal.
And thats that. It takes a little while to get used too, but not all
that hard, either.
Do you remember those old CompuServe numeric accounts? they looked
like "76711,470". Notice theres no number higher
than 7? Thats because When CompuServe was created (a long time ago)
they were using a large bank of DEC computers, with all
their login ID's in octal. But they changed their systems and started
using alphabetic ID's.
**********
**The*****
*****End**
********** __________
/ ________/
/ / _____ _____ _ __ _ _______
/ /________ / __ \ / __ \ / / / | / / /__ __/
\_______ / / /__/ / / /__/ / / / / | | / / / /
/ / / ____ / / 0wned! / / / /| |/ / / /
________/ / / / / / | | / / / / | / / / /
/_________/ /_/ /_/ |_| /_/ /_/ |__/ /_/
<==$Phractal$==>
Special Thanks to our good
friends at .............
*** *** ********** *********
* *********** *********** ***
******************** **** *** ********** *********
* *********** *********** ***
** Special links ** ***** *** *** *** *** **
* *** *** ***
******************** ****** *** *** *** *** **
* *** *** ***
http://9x.tc *** *** *** *** *** *********
*** *********** ***
http://f41th.org *** *** *** *** *** ********
*** *********** ***
http://phonelosers.org/.net *** ****** *** *** *** ***
*** *** ***
http://hackerhost.com/lph/ *** **** ********** *** **
* *** *********** ***********
http://verizonfears.com *** *** ********** *** *
** *** *********** ***********
http://undergroundnewsnetwork.com
http://ppchq.org Quote of the issue : "My intro i
s gonna smack you like a 5lb
scrotum"
- downtime
_ _ _ _ ____ _____ ____ ____ ____ ___ _ _ _ _ ____ _ _
_____ _ _ _____
| | | | \ | | _ \| ____| _ \ / ___| _ \ / _ \| | | | \ | | _ \ | \ | |
____\ \ / /|___ |
| | | | \| | | | | _| | |_) | | _| |_) | | | | | | | \| | | | | | \| |
_| \ \ _ / / / /
| |_| | |\ | |_| | |___| _ <| |_| | _ <| |_| | |_| | |\ | |_| | | |\ |
|___ \ \| |/ / / <_
\___/|_| \_|____/|_____|_| \_\\____|_| \_\\___/ \___/|_| \_|____/ |_| \_|
_____| \_____/ /____|
_ _ ____ _ _ _ ___ ____ _ __
| \ | | ___|__| |__\ \ / // _ \ | _ \ | | / / http://UnderG
roundNewsNetwork.com
| \| | _||__ __|\ \ _ / /| | | || |_) | / / http://UnderG
roundNewsNetwork.com
| |\ | |__ | | \ \| |/ / | |_| || _ < | |\ \ http://UnderG
roundNewsNetwork.com
|_| \_|____| |_| \_____/ \___/ |_| \_\| | \ \ http://Underg
roundNewsNetwork.com
