Copy Link
Add to Bookmark
Report
k-1ine_36
__ _____ __ ___ _ ______ __ _ _
__ ___ / _ __ ____ _ ( )
___)\ /______ ______
_________ \ / ___ _____ ___)\ ___ __.
_____ | /_ \ | /_ / |
___\ | (/ || // _ | | _ __ __ _
_ _\\ | | _______ |:(/ ( ) | | ( ) ) \/_ \ /( )\
( ) \\| | /_ ____ ||\\ | | | | | | ) ) / ___)
\\ | //__ || \\ | | | | | | | | \ (___ __ _
\) | // || \\_ __| |__| |__| | | |_ \_______ __
| |// ____ __/ | \___ ____ _ _ _ _ _
__ ______) | (/ / __ __ )/
\ \| | / /
\ \ (\_____/ /___ _ ___ _
____ \ ) \____ _____ __ __ Pasta Yo _ _
( 36 ) | |
c/a 2.2003.
_________________________________________________________________________________
» .- Words from the Editor -. « |
*: [-] Introduction ............................................ The Clone :*
*: (-) Contact Information ..................................... The Clone :*
*: (-) Link of the Month ....................................... STC CREW :*
*: (-) K-1ine Mirrors .......................................... The Clone :*
*: (-) Protest the War In Iraq ................................. Nettwerked :*
_________________________________________________________________________________
» .- Documents -. « |
*: (x) 'The Great Canadian Mobile SID Compilation' .............. The Clone :*
*: (x) 'The One-Time Pad: What is it?' .......................... DdUcation :*
*: (x) 'An Overview of WebServices @ Union Station: Toronto' .... M / P / S :*
*: (x) 'Social Engineering Pointers From The Inside Perspective'. Treephrog :*
*: (x) 'Text files: your window to a catch-free website!' ....... Axion :*
*: (x) 'phlux0rs ph34ky ph0ne tr1xX0rz' ........................ Phlux :*
*: (x) 'EM/HERF Weapons - Part 1' ............................... Caesium :*
_________________________________________________________________________________
» .- Conclusion -. « |
*: [-] Credits ................................................. The Clone :*
*: [-] Shouts .................................................. The Clone :*
_________________________________________________________________________________
Welcome to the latest issue of K-1ine #36 'Pasta Yo'. I would like to thank
everyone who submitted articles to me - you sent me so many! Enjoy this issue
of K-1ine zine, and if you forget to send me more articles in the future, I'll
walk around the city kissing hands and shaking babies (whilst sucking my thumb)!
-`
-->
Contact Information;
Comments/Questions/Submissions: theclone@hackcanada.com
Check out my site: (Nettwerked) http://www.nettwerked.net
-
-----------------------------------------------------------------------
--=[ LINK OF THE MONTH ]=--
Every month I post one really great "link of the month" on every issue
of K-1ine magazine. The link can be anything in the technology industry,
music scene, rave scene, punk scene, or even a good article you read on
a news site. I'll be taking submissions via e-mail or IRC right away; so
get your links in and maybe you'll see it in the next issue of K-1ine!
For the month of February, the link of the month is:
http://www.StealThisComputer.Org/
"Steal This Computer 'zine in affiliation with nettwerked.net's k-1ine,
hopes to release a paper and online magazine aimed at those who want to
learn more about the world around them. This site will make up a
repository for any files they received for the zine so far. They've got
a few files in there, and are looking to have a lot more for the zine.
So, if you've got a plaintext article on some cool exploit or a piece
of valuable or interesting information, please send it their way."
[submitted by: Steal This Computer Crew; Colt45, The Clone, Wizbone]
--
--
K-1ine Mirrors:
http://www.mirrors.wiretapped.net/security/info/textfiles/k1ine/
(Now mirrored in two places, one in Belgium and another in Sydney)
"Wiretapped.net is an archive of open source software, informational
textfiles and radio/conference broadcasts covering the areas of network
and information security, network operations, host integrity, cryptography
and privacy, among others. We believe we are now the largest archive of
this type of software & information, hosting in excess of 20 gigabytes of
information mirrored from around the world."
--
http://www.hackcanada.com/canadian/zines/index.html#K-1ine
Hack Canada - Canadian H/P - E-Zines
--
http://www.stealthiscomputer.org/k-1ine.html
Steal This Computer - K-1ine Archive
---
Protest the War In Iraq
Nettwerked has always been about communication and about dialogue. We're
against any war and violence, as long as talk is still possible. On the 15th
of February, millions of people around the world will take part in anti-war
protests. More than half a million people are expected to take part in an
anti-war march in London, England alone to protest the war against Iraq. Be
one of them. See the Wage-Peace.org website to find out about protests in
Nettwerked headquarters of Edmonton and across Alberta. For more information
on other protests across the world, be sure and visit IndyMedia.org.
O O
\ /
\ /
\______/
_____________/______\_____________
| __________________________ ___ |
| | || ||
| | | / /| | |\ | (36) ||ooo||
| | |/ _ | | | \ | __ ||O O||
| | |\ | | | \| /__\ ||O O||
| | | \ _|_ | | \ \__ ||___||
| | | |
| | .: coming to a cable :. | === |
| | .: network near you :. |=====|
| |__________________________| === |
|__________________________________|
\./ \./
- Wizbone `03
-->
The Great Canadian Mobile SID Compilation
Date: Sunday January 19, 2003
By: The Clone (theclone@hackcanada.com)
URL: http://www.nettwerked.net/
--
[ What's a SID? ]
Cibernet Corporation's definition of a SID (System IDentification) is:
"The SID is a 15-bit binary number that translates into a five-digit decimal number.
In all ANSI-41-based systems, the SID is used to notify wireless users as to whether
they are in their home area or roaming. When operating, the mobile handset compares
the SID initially programmed into the handset to the SID broadcast by the serving
system.s cell sites. If the SID broadcast by the cell site matches the SID programmed
into the handset, then the 'home' indicator on the mobile handset will be illuminated.
If the SID broadcast by the cell site does not match the SID programmed into the mobile
station, then the 'roam' indicator on the mobile handset will be illuminated. The intent
of the 'roam' indicator is to notify the wireless user that additional roaming-based
charges may be applied for usage on the serving system.
Because each SID is unique to a particular operator, the SID is also used to properly
route roaming call records for billing among roaming partners."
Credit -- caesium for the additional SID HEX conversion
Note -- If you find any outdated SID's on this list,
or you want to contribute more valid SID's,
please contact me at the e-mail address above.
_________________________________________________________
Carrier Name | SID HEX | SID DECIMAL
---------------------------------------------------------
Bell Mobility (Ont.) 4024 16420
TB Tel Mobility 4022 16418
Bell Mobility (Queb) 4024 16420
QuebecTelM 404A 16458
BCTEL Mobility (Telus) 4026 16422
MT Mobility 402C 16428
MT&T Mobility 4006 16390
BCTel Mobility (Telus) 4018 16408
NewTel Mobility 401E 16414
Island TelM 402E 16430
SaskTel Mobility 401A 16410
TELUS Mobility 4000 16384
TELUS Mobility 4004 16388
TELUS Mobility 445C 17500
Rogers AT&T 4007 16391
--
All known Rogers AT&T SID's in Canada:
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
ALBERTA;
Calgary 4003 16387
Edmonton 4007 16391
Lethbridge 4059 16473
Medicine Hat 40BD 16573
Red Deer 403D 16445
-----------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
BRITISH COLUMBIA;
Abbotsford 4029 16425
Campbell River 4111 16657
Chilliwack 404D 16461
Courtenay 4115 16661
Kamloops 408F 16527
Kelowna 4089 16521
Nanaimo 403F 16447
Parksville 4113 16659
Penticton 408D 16525
Port Alberni 415F 16735
Powell River 41A5 16805
Vancouver 4029 16425
Victoria 402B 16427
Whistler 404F 16463
-----------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
MANITOBA;
Brandon 4057 16471
Steinbach 4051 16465
Winnipeg 402F 16431
------------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
NEW BRUNSWICK;
Bathurst 40DF 16607
Bristol 4123 16675
Chatham 40E1 16609
Dorchester 4063 16483
Edmunston 40EB 16619
Florenceville 4123 16675
Fredricton 4055 16469
Grand Falls 41B3 16819
Moncton 4053 16467
Newcastle 40E1 16609
Richibucto 421B 16923
Saint John 401B 16411
St. George 4219 16921
St. Louis De Kent 421B 16923
St. Stephen 41C3 16835
Sussex 4075 16501
Woodstock 40DB 16603
------------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
NEWFOUNDLAND;
Clarenville 4133 16691
Saint Johns 4021 16417
------------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
NOVA SCOTIA;
Amherst 405F 16479
Antigonish 410D 16653
Barrington 41F3 16883
Berwick 40E9 16617
Bridgewater 40D7 16599
Chester 406F 16495
Digby 4197 16791
Greenwood 40E9 16617
Halifax 4009 16393
Kingston 40E9 16617
Kentville 40E9 16617
Liverpool 419B 16795
Musquodoboit 41F5 16885
New Glasgow 4097 16535
Port Hawkesbury 40CF 16591
Saulnierville 421F 16927
Shelburne 4223 16931
Shubenacadie 405B 16475
Sydney 4189 16777
Truro 405B 16475
Windsor 40E9 16617
Yarmouth 4199 16793
------------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
ONTARIO;
Barrie 4033 16435
Belleville 4041 16449
Brantford 4035 16437
Chatham 4049 16457
Cobourg 4065 16485
Collingwood 405D 16477
Cornwall 4043 16451
Hamilton 400B 16395
Hespeler 400D 16397
Kingston 403B 16443
Kitchener 400D 16397
Leamington 40C3 16579
London 400F 16399
Newmarket 4027 16423
Orilla 407D 16509
Oshawa 4013 16403
Ottawa 4015 16405
Peterborough 4039 16441
Sarnia 404B 16459
St. Catharines 401F 16415
Sudbury 4023 16419
Toronto 4027 16423
Windsor 40C3 16579
------------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
PRINCE EDWARD ISLAND;
Charlottetown 40D3 16595
Summerside 411B 16667
------------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
QUEBEC;
Chicoutimi 4005 16389
Joliette 411D 16669
Montreal 4011 16401
Quebec City 4017 16407
Sherbrooke 4037 16439
Ste. Marie 4061 16481
Trois Rivieres 4031 16433
------------------------------------------------------
______________________________________________________
City Name | SID HEX | SID DECIMAL
------------------------------------------------------
SASKATCHEWAN;
Regina 4019 16409
Saskatoon 401D 16413
- -
---
<dec0de> I only realized that "coodies" is a fake disease last week
---
The One-Time Pad: What is it?
By DdUcation
<dducation@to2600.org>
http://www.to2600.org
1.1 "Introduction"
1.2 "How Does It Work?"
1.3 "The Random Number Problem"
1.4 "The 'Delivery of Pad' Problem"
1.5 "Public-Key Encryption And The One-Time Pad"
1.6 "Who Uses it?"
1.7 "Conclusion"
1.8 "Shoutouts!"
1.1 "Introduction":
It has been called the "perfect encryption scheme" by more then
one cryptography expert, but (as we will soon see) nothing is perfect.
Invented in 1917 by Major Joseph Mauborgne and AT&T's Gilbert Vernam
(notice: unlike many other papers I have read, I have NOT cited the
Russians or the Soviet Union as the original authors!) the One-Time
Pad is a simple and unbreakable encryption scheme. Simple enough
to be used by an elementary-school graduate, and supposedly unbreakable
by any of today's current technologies. The One-Time Pad gets its name
from the fact that it was originally a key, written down on a pad of
paper, used to encrypt and decrypt messages sent back and forth between
military personnel.
1.2 "How Does It Work?"
The One-Time Pad is a surprisingly simple "Substitution Cipher"
in its functionality. First, write your message. Then write down a
series of characters from the alphabet which are completely random and
as long, if not longer, then your message. This series of characters
is now your key. Now assign numbers to each letter in the alphabet
(i.e. 1 to 26) Now the cryptographer uses one letter from the key, for
every letter in the message, with the formula:
K = Key character, M = Message character, C = ciphered character
M + K mod 26 = C
So the cipher text is the message text + the Key text modulo 26. "What
the hell is 'Modulo'" you ask? Modulo is concept used in Number Theory.
Let me give you an example. If we have the number 8, then we say "8
mod 26 = K", then K = 8-26 = -18 = 1*-18 = 2*-9 etc. Where 8 mod 26 is
always equal to the second number in the multiplication (i.e. -18,-9).
And so 8 mod 26 = -18 or -9.
In the examples here we will say that 8 mod 26 = -18. If you still don't
understand then I suggest you google search for "modulo", or simply goto
http://www.cacr.math.uwaterloo.ca/hac/ and download the chapter 2, which
talks about the Mathematical Background. Back to how all this junk works:
So if we assign the number 1 to 26 to all the letters in the alphabet
(where A=1...Z=26) and then take the message:
ONETIMEPAD
and the Key:
TBFRGFARFM
And M+Kmod26
=O+Tmod26
=15+20mod26
=15+(20-26)
=9
=I
Therefore C = I
Following this formula for each and every letter we get C=
IPKLPSFHGQ
to decode we simply reverse the process:
as M + Key mod 26 = C
Then as C - Key mod 26 = M
"But wait a second. This is just a simple Substitution cipher, what
happens if someone finds out what key I'm using?"
They can't, because after you're done encrypting and decrypting the message,
you destroy the portion of the Pad from which you've taken the key. Thus
you never reuse the same key twice (that's the idea anyway) and there are no
patterns or correlations which can be made from one letter to the next. So
even if an individual were somehow able to find a copy of the message and the
cipher text, there would be no way for them to decrypt future intercepted msgs
which were encrypted. The most amazing thing about this is that for different
keys and cipher text combinations, come different decrypted messages!
For example, taking the ciphertext which we got from the message "ONETIMEPAD",
and decrypting it with a different Key, we get a phrase which makes sense, but
is not the original message:
C = IPKLPSFHGQ
K = POYYAEAAZX
which decrypts to : "SALMONEGGS" NOT "ONETIMEPAD".
And so even when supposedly logical data is extracted from the ciphertext,
the one-time pad still keeps it's original message secret.
1.3 "The Random Number Problem"
Despite the appearance of complete security and perfect cryptology,
there are some essential problems with One-Time Pads, the least of which is the
user's ability to access a reliable source of random characters from which to
construct the Pad. If there is ANY pattern held within the key which (after
several attempts and examinations of separate messages back and forth between
individuals) can be revealed by a cryptologist, then the jig is up. After
discovering any kind of pattern in the supposed random pad, a good cryptologist
can then exploit that to decrypt a series of messages wherein this pattern lays.
While I acknowledge the strictly theoretical stance I am taking, it must also
be noted that as we advance further and further technologically, the
possibility of the theoretical occurring comes closer and closer. In any case,
it should be noted that a proper One-Time Pad is completely random, and that
anything less then that would be potentially crackable.
1.4 "The Delivery Of The Pad Problem"
Another inherent difficulty lies in the delivery of the pad itself.
While several supposedly secure protocols have been established for the
transferring of keys and passwords (i.e. Neuman-Stublebine, Multiple-Public
Key protocols etc.) they are slow, tedious, and exploitable. The difficulty
with the one-time pad is that if at any point a large section of it should
become accessible to outsiders (without the user's notice) then the entire
system's privacy is immediately compromised.
1.5 "Public-Key Encryption And The One-Time Pad"
Currently the most widespread protocol in transferring keys for
cryptography is through Public-Key Cryptography Protocols. Public-Key
Cryptography, while being essentially secure, can be compromised should an
individual gain access to the KDC, or load key-logging programs onto the
computers of individuals who use it. In addition it could be suggested that
those parties who use One-Time Pads are most probably utilizing Public-Key
Cryptography in order to transfer those Pad files. And so we see how it may
be possible to access the One-Time Pad files which are essential to the
secure transmission of data across such a network.
1.6 "Who Uses It?"
It has been suggested, and there is a great deal of evidence, that
the military is a primary user of One-Time Pad cryptography. One-Time Pad's
are NOT practical in any sense of the word. They require extremely tight
protocols and the mathematical know-it-all to pull off a completely random
key generator which will go forever. I suggest that only government would
bother with such large expense for secrecy.
1.7 "Conclusion"
In conclusion, when dealing with one-Time Pad use, special attention
MUST be paid to randomization, and ESPECIALLY to the protocols and security
measures put in place to keep the Pad a secret. One-Time Pad's are
completely impractical unless the most extreme cases of privacy are necessary.
If you're interested in learning more about cryptography I would strongly
suggest "Applied cryptography" by Bruce Schneier as it's where I got the
Keys and Messages which I used in the example. PEACE!
1.8 "Shoutouts!" <dec0de> and add shouts. because shouts are fun
I'd like to give shoutouts to dec0de, theclone, Kris, caesium,
grinthock, HiMY, to2600, barrie2600, my Dad (because I love him and he's
in the hospital after suffering a heart-attack)
edited by dec0de
<dec0de@to2600.org>
---
An Overview of WebServices @ Union Station: Toronto
Discovered and Explored by: Magma / p1asm1c / shadow
Written by: Magma (magma@ghu.ca)
Down on the first floor of Union Station in downtown Toronto you'll
find a few pico like computers (remember pico, the Sega learning toy
from a few years ago?). These computers have been dubbed "web
terminals" which are said to be fancied by digital lifestyle users and
miata-driving-pumpkin-pie-hair-cutted-freaks. In short, tech geeks,
business folk and likely students will find these interesting.
Here is a picture.
http://www.nettwerked.net/union_webterm.jpg
They are produced by a company called King Canada, you can visit their
site at www.kingcanada.com. You'll notice that the terminals in Union
are not part of their standard product line. These custom build terminals
are named cc100. Which interestingly enough share the same name as a chicken
control unit. The cc100 terminals are very similar to your computer at home,
only these are rubberized and are Smokey the Bear approved. The OS of choice
is Windows 2000 and have a modified version of IE running. Most users will
likely use them for e-mail and reading the latest on cnn.com. I know I do.
If you're smarter than the average bear you'll be able to use these for more
then that such as ssh or whatever other protocol that floats your boat. One
thing that could lead to major problems for Bell is if someone were to use
these terminals as a launching pad for something unfriendly and stupid. My
guess is that they are hoping that won't happen since there isn't anything
preventing such actions. A recent incident in the UK has come to light where
someone is harvesting online banking information from kiosks similar to the
ones found at union and other locations. If I were to use e-mail off of one
of these kiosks it would be off of some hotmail account and not include
anything important.
Here are the Ip and Phone numbers for two of the web terminals found in union
station.
Downstairs:
IP - 64.229.52.178
Phone # - 416.861.9462
Upstairs:
IP - 64.229.58.77
Phone # - 416.861.1730
Note: there are more than two web terminals found. This is just a sample.
Here is the spec sheet for the Web Terminals found:
15-inch active matrix liquid crystal display,
XVGA (1024 x 768 pixels)
Ruggedized touch screen
Intel Celeron 533 megahertz processor or higher
128 Megabytes RAM standard
6 Gigabytes hard disk standard
128 bit graphic controller
MPEG 2 hardware assist
Camera option for video mail or conferencing
Stereo sound, with volume control
Hardware watchdog
AC power supply
Locking mechanism
Windows 2000 Professional operating system
KINGnet. Terminal client software option
Numerous network interface types:
ADSL, analog, ISDN, voice/data, Ethernet, etc.
Optional keyboard and pointing device
Optional card reader
Optional telephone handset and hook switch
Available options include:
Additional RAM
Card Reader (various types)
Bill Acceptor (various types)
Coin Safe
Payment Management Software
Video Conferencing
Voice over IP
Free Bell Canada wireless access.
Back on December 10th, 2002 there was a press release indicating that
Bell will be piloting a test project that brings several free 802.11b
access points to the Ontario corridor. Two of these access points are
located in union station in downtown Toronto. These two will be the
main focus of this article.
http://www.nettwerked.net/union_ap2.jpg
The above picture shows the oversize access point. I think it looks
like something out of Apple = ). The large size over the access point
serves two purposes. Firstly, the wireless "box" contains an access
point, a DSL modem which plugs into an existing Cat III voice and DSL
line that is there for payphone services. Secondly, the large size
should get the attention of most Bay Street types who like everything
big. I'm sure over time as these access points (perhaps using a different
protocol) become common place and the technology improves the size will
go down. You'll notice that it doesn't have any ports, card readers or
coin slots leading me and others to believe that when the system goes
active as a pay-for-use product it'll require a credit card to use. If,
however, there is a subscription option those users could pay by other
methods. In either case, users would likely be tracked by a their MAC
address, a user/pass login or both. You'll also notice that some people
have crammed coins between the molding of the access point and the pro-
tective plastic. Perhaps to wish good luck upon wireless technology = ).
http://www.netttwerked.net/union_ap.jpg
Bell is being very vague about what security measures they are going
to be using or are using. WEP isn't enabled for obvious reasons (WEP
is pointless if the service is to be given out). As with Bell's Wire-
less Access points these products could be used for something under-
handed, something devious, something as the french would say; bartesque.
There is talk that Bell will be one of the first companies to roll out
with access points that implement Wi-Fi Protected Access (WPA). Wi-Fi
Protected Access uses temporal key integrity protocol (TKIP) that
generates new keys every 10k that is sent across the network. Where as
WEP only generates one static key.
Here is the IP for one of the access points found.
IP - 67.69.0.58
You'll also notice that on 67.69.0.58 8080 there is a webserver happily
chugging along.
Here is also a snip from a kismet scan from shadow's laptop.
The Simple Service Discovery Protocol (SSDP) discovery service:
This service discovers Universal Plug and Play devices on your home network.
Source: 192.168.1.1 00:40:05:bd:c9:01 --> Router
Destination: 239.255.255.250 ff:ff:ff:ff:ff:ff --> Broadcast
Here's the info from the Kismet logs:
Network 2: "BELL-ACCESSZONE" BSSID: "00:0B:46:AA:A1:62"
Type : infrastructure
Info : "None"
Channel :
WEP : "No"
Maxrate : 11.0
LLC : 8751
Data : 799
Crypt : 0
Weak : 0
Total : 9550
*** Note: the date and time has been removed since
I don't wanna be made from security cameras.
Address found via DHCP 192.168.0.100
To conclude, I'd like to say i'm very happy about such products coming
into the public domain. The services they offer are rather cheap when
compared to a phone call considering the resources used and such. The
upside or downside, depending on which side of the fence your on, is
that terminals and access points that are in such busy areas and do not
require ID may lead to some silly antics. Having said that, I'm not gonna
say anything like "terrorist could use these to take over the world ..."
I'm just saying that with a little luck and a keen eye for cameras and
security goons one could pull off a pretty decent dog and pony show.
EOF
........................... Here are some links.
http://www.ghu.ca/
http://www.packetninja.ca/
http://www.nettwerked.net/
http://www.to2600.org/
----
<dec0de> what ever happened to iop?
<dec0de> did he die?
<dec0de> he was good material
<caesium> fuck iop in his little lame cornhole
<caesium> he isnt important
<xcham> I think he might've realized that he was the 2600
equivalent of the "village idiot".
---
Social Engineering Pointers From The Inside Perspective
by Treephrog
Feb. 6/03
Disclaimer:
All information contained in this text file is for edu-tainment puposes only.
Any and all resemblences to any real persons or acts is strictly coincidental
and/or fictional. I do not condone breaking the law, and you cannot hold me or
anyone else besides yourself responsible for the consequences if you choose to
act upon anything you read here. By reading beyond this point, you agree to this.
If not, don't read anymore. Go back to the construct.
There.
With that said, I'll start with a quote:
"Life is short; pray hard." - Treephrog (No apologies to Reebok; deal with it.)
Ahh, hell, I'm feeling generous, have another:
"Life is about three things; attitude, knowledge and perception." - Treephrog
Shouts & Greetz:
Cyb0rg/asm (Many Thanks)
The Clone (Many Thanks)
H410g3n (Inspiration & info)
Grease (Mah blood, keepin' me real)
The P0pe (what's up?)
Untoward (u still there?)
The Hack Canada, Nettwerked and All 902's, if there are any besides me... :/
Essential Linkage:
http://www.hackcanada.com
http://www.nettwerked.net
http://www.h410g3n.com
http://www3.ns.sympatico.ca/grease/
/Start file
Social Engineering takes on a whole new light when seen from the other side, i.e.
when you are one of those people who are being engineered. I know this first hand,
because I've spent the last few years in one of those positions, and being around
others in those positions. So before you say, "Ahhh, shit, I just downloaded/opened
yet ANOTHER social engineering how-to!", listen up. Because you probably haven't
seen it from the vantage point I'm about to show you.
Some simple guidelines
Social engineering falls into 2 classes; visible and invisible. I will deal with
the invisible first, since it's the easiest of the 2.
Invisible Social Engineering
This is a caper where you are never seen by the person/people you are interacting
with, i.e. over the phone or through e-mail, snail mail, etc. This is the far and
away easier of the 2, as there is no physical side to it, only the mental side. Here
are some things to keep in the frontal lobe when dealing in this area:
- Relax. Not relaxed, go to jail.
- Okay, no really, I mean it this time, relax. The first thing that's going to get
you busted is tipping off the other party that you are not comfortable with what
you're doing or talking about. Not relaxed, go to jail.
- Study. Yes, boys and girls, 'fraid all your teachers were right. There's no sub-
stitute for homework. You want this scheme to work, be prepared. Prepared to read,
watch, learn, and wait. Patience is key. Know as much about your mark as possible.
When you think you know enough, you don't. Explore all possible avenues of intell-
igence gathering. Only when you are uber-confident in your knowledge can you proceed.
No patience, go to jail.
- It's 90% likely that the person(s) you're going to be dealing with do not give a
shit. About their job. About you. About your questions. About anything. They, like
everyone who is underpaid and punches a clock, and just want to go home. It's just
another day in paradise for them. You are but a minor annoyance/distraction in their
schedule. The key is to treat the situation like you're dealing with the other 10%
that do give a shit. Get slack, go to jail.
- For arguments' sake, let's assume that you are pulling a caper involving a phone
conversation. This is good, because it's common. The first thing you need to do is
figure out who's going to answer on the other end. Is it a secretary? Is an op
(sysop? voice operator?) of some sort? You need to figure this out for a number of
reasons, the primary reason being this: you need to figure out who you need that
person to think you are to make them do/say what you want. Don't study, go to jail.
DO NOT GO OVERBOARD! This is so important I could have cardiac arrest stressing it,
and still not get my point across. It is crucial when you identify yourself that
you are only 1 or 2 levels above that person. Why? Any higher, and why would you be
calling them? Why would the CEO of ACME Insurance call the front desk secretary to
transfer him to the 10th floor boardroom? He wouldn't. But, 'Forgetful Frank' the
network admin who's remote admin'ing from home because he's sick might call in and
ask for the fax number to the 6th floor managers' office because he needs to get his
weekly audit in right now, oh, and by the way, could you give me one of the numbers
for the dial-in to the LAN? I left all my paperwork in the cubicle... go overboard,
go to jail...
... which raises another good point.
- It's always better to ask for 2 or more pieces of information. If you're looking
for info, the best way to get it is to ask for it in 2 stages. First ask for 1 or 2
pieces of information that you know the person is definiely allowed to give you. Keep
it simple and straightforward, but let them give you the information, don't finish the
sentence for them or correct them, let them feed it to you. This is valuable because it
subconsciencely makes you trustworthy in the marks' mind. Don't ask me why, I'm not a
headshrinker, but once the person gives you a couple of essentially useless pieces of
information, then in their mind it's okay to give you more. See the example in the above
paragraph. Trust me, I've used this, it works. There's no end to the phun you can have
if you're relaxed, prepared, and know what you want.
Example:
Operator: Hello, Operator.
You: Hi there, this is Joe with (Local Telco Name). Did someone change the ANI for the
555 exchange, because the one I've got written down here, 555-6666, isn't working.
Operator: No, I have it listed as 555-7777.
You: (muttering under your breath like you're writing it down)... 7 ...7 ...7 ...7 great,
thanks a lot, and by the way, can you put me through to (777)222-3333? This customer
says is his long distance isn't working, he's been trying to get through for 3 or 4
days now.
Operator: No problem, one moment please...
You: Thank you...
Congrats on engineering your first long distance call. Of course, be careful where you call
from and what number you call to. *grinz*
Now, one last tip before we move on, and this is a biggie: be firm, yet polite. Manners,
manners, manners. It will surprise you how much smoother everything will go with a few well
placed "thank you"'s... but be firm. Make it sound like you know exactly what you need, you're
in the tiniest bit of a rush, and you'd appreciate no hassle. Be rude, go to jail.
Visible Social Engineering
This is the more difficult of the 2, and may involve some cash flow, but it should be minimal.
The scenario is that you want access to a place that normal people can't/aren't allowed to go.
The telco room of a very large apartment building, say. Bet you'd just love to spend an hour in
there with your digital camera and/or camcorder.
Here's how...
- Remember the first rule? Relax.
- Now learn. Watch your local telco guys in action. Look at what they're wearing. Pay attention,
take notes if you must. You're going to have look reasonably close to how they look. Do they wear
coveralls or kahkis? Around here, coveralls or blue jeans and a t-shirt means CATV, kahkis means
telco. Of course, you should already know this because you watched them get out of the van. I'm
not going to go into detail as to how get your hands on the appropriate clothing, other than to
say a friend of a friend of a friend tailed one guy back to his home, watched to see when his wife
did laundry, and snagged the coveralls off the line. Free coveralls, and lemony fresh to boot.
Bonus points. No research, go to jail.
- Footwear must be workboots. Non-negotiable. If people see you wearing workboots, they take you a
lot more seriously. Once again, I'm not a head-shrinker, don't ask me to explain, but it's true.
Seems wearing workboots means you're going to be phucking with some heavy-duty shit that they don't
know phuck all about, so it seems prudent to ask less questions and give more answers. Which is what
we want. Inappropriate footwear, go to jail.
- A tool belt. Once again, mission critical. This is a must have. Populate it with your favourite
flavours and colors of screwdrivers, wrenches, a highly visible multi-meter is total bonus points.
No props for the act, go to jail.
- None of this stuff can look new, including you. For the overalls/jeans/t-shirt, that's not too
hard. Roll 'em in the dirt, wash and repeat as necessary. Workboots, well, believe it or not, the
best thing I have found is running over them with a car. Don't laugh, it works. The toolbelt is
going to be a bastard, I can tell you from experience, those phuckers take FOREVER and a day to
break in. Try the car, see if that works. Grow some scruff on your face, make sure you've got some
hair out of place. Want to test it all out? Ask a friend to meet you in a semi-busy place, wear
your outfit but don't tell him, and see how long it takes him to pick you out. The longer, unless
your bud has great peeps, the better your outfit is. If your outfit doesn't look like you've worn
it everyday for the past year, go to jail.
- ID tags and such can be a real pain in the ass. Either be prepared to make some really convincing
home-made ones,or be prepared to have a really good cover story. Either way, in our secenario of the
large apartment building, it's probably a non-issue, but be ready to deal with it anyway. No ID or
no cover story, go to jail.
- A cell phone would be almost mandatory. Doesn't even have to be activated, just make noise when
you press the buttons. This comes into play later.
So, you're all dressed up like your average, everyday telco guy. What now?
Stroll into the building like nobody's business. Check out the intercom. Find the superintendant
on the panel. For the love of God, make sure he doesn't KNOW you! Buzz him, remember he may be
watching on you on closed circuit.
Conversation follows:
Super: Hells Gates Apartments, Frank speaking. (If he's a total knob, you get, "Hello?")
You: Hi there, it's Mike from (local telco). We've got a trouble call on the street feed in the
main telco room, and a couple of tenents with no incoming phone service. Could you meet me
in the lobby and let me in the telco room?"
*Conversation goes one of two ways here.
1. Super: Sure, hang on.
You: Thanks...
(Buzzes door to let you in, or hangs up and lets you in when he gets to the lobby.)
OR
2. Super: You guys have keys, just let yourself in and do what you gotta do.
You: We do have keys, but I don't have them, this is a trouble call and the keys are on
another truck. They were supposed to call ahead and let know.
(If you managed to get a real prick)
Super: No one called me.
You: They must not have called yet. Look, can you let me in? You've got tenents with phone
problems, and I've got to get it fixed in case of an emergency.
Super: (grumbling) Okay, hang on...
You: Thanks...
Now, when he gets to the lobby, have your shovel ready. You were up a pole on the other side of
own, and you got the call, no paperwork for the job, not even sure what you're looking for, FIRST
TIME IN THIS BUILDING, hope it's something simple, has he had any tenents complain about phone
problems, etc. blah, yadda, blah. The main point is to let him know in a subtle way that you've
never been in this building before. When he first comes down to the lobby, after he's started
gabbing a bit, he probably start heading for the telco room.
Follow him, walk and talk. Supers are busy people (or tend to think they are), so he'll want to
get this overwith quickly. When you get inside the telco room, become all business. Inspect this,
fiddle with that, mumble to yourself a lot, trace wires from one place to another. He'll probably
just let you in and say something to the effect of, "Lock it up when you're done," or, "Let me
know when you're done so I can lock it up." Then he'll rush off to plunge a toilet or something.
If he looks like he's sticking around, pull out the cell phone. As you're pulling it out, and
making a big deal of dialing it, tell him the job could take 10 minutes or 2 hours, you're going
to have to phone this one in. That will probably make him run for the hills. If he's an uber-knob,
and is still hanging around, your one sided phone conversation will go like this:
You: Hello, central office? Can you put me through to provsioning? Thanks. (4 second pause) Hello,
provisioning? This is Mike and I'm at (address) on a trouble ticket. Got it? Great. How many
pairs coming into this building? 750? Okay, where do you want me to start the count? Pair 62?
Okay, hang on...
At this point go to the biggest bundle of telco wires you can find, and make a big show off counting
them. If this doesn't make him leave, congratulations, you've found a certified crazy for a super.
Pretend to get cut off, and tell him you have to call them back from outside, and bail...
Anywho, I'm confident he'll leave well before any of this stuff takes place, so you're in the joint,
you've got the place to yourself, have phun, explore, and tell us all about it.
By the way, relax.
Tha 'Phr0g
---
<xcham> http://freshmeat.net/projects/moron/?topic_id=100%2C893
<xcham> haha
<xcham> I love free software acronyms.
<xcham> "Moron"
<dec0de> I can't wait till I have fuckover access again
---
.._____________________________..
./=============================\.
(( Text files: your window ))
|| to a catch-free website! ||
|| by Axion ||
|| axionrising@hotmail.com ||
(( http://axiontel.tk ))
`\=============================/'
``~~~~~~~~~~~~~~~~~~~~~~~~~~~~~''
Introduction:
~~~~~~~~~~~~
I've noticed over the last few years that as the web gets more
and more commercial, you're seeing far fewer "free" webspace
providers out there; and the ones that still exist are often
very annoying to use - what with the growing number of forced
pop-ups & hotlinking restrictions for image files...
Being the cheap bastard that I am, I've never been able to
just give up and PAY for web-hosting services, so I've been
stuck having to settle for 3'rd rate hosts like 0catch.com
and Geocities.com for my websites. Sadly, my penny-pinching
ways have meant that my website has been littered with ads
for webcams and online casinos. On top of this frustration,
most of these free providers have filters to prevent people
from hotlinking to images hosted on their servers. Now, I
don't know about you, but my idea of a good time on a Friday
night consists of hanging out at message boards and posting
photoshopped pictures of George Bush with a penis in his
ear. So obviously, this whole hotlinking issue is an ongoing
battle for me.
Well, it just so happens that I've found a solution to both
of these problems, and the key lies within the most basic
of all computer files, the unformatted .txt file...
Problem 1 - Hotlinking:
~~~~~~~~~~~~~~~~~~~~~~
As I've said, I have a real penchant for going to message
boards and posting animated gifs of Optimus Prime trans-
forming. Using your average free webspace provider (Geo-
cities in this example), their servers' software would
detect that you were hotlinking to an image file, and
you'd just end up seeing an error message rather than
the intended image. As a message board moderator, I've
noticed that the most popular avatar among most posters
is a tiny white square with a tiny red "x" in the center.
After the usual self-righteous teasing on my part, I'll
explain the same process I'm about to describe here:
Step One: Using Internet Explorer (or whatever web browser
you use), open up whatever image it was that you wanted
to store online.
Step Two: Click on "File", then "Save As". Select an easy
to remember location to save your file, like Desktop. On
the bottom of that window, you'll see two options: the one
on the top is for altering the file name, and the one below
it is for choosing a file format. Just disregard that last
one: we can force a format upon a file simply by typing
the file extension after the filename. (Note: If this
doesn't work for some reason, just select "All Files" and
proceed with my instructions.) For the image's file name,
type in "example.txt", then click "Save". If you look at
your Desktop now, you should see the example.txt file,
complete with a .txt file icon. If you try to open the
file by double-clicking on it, you'll just get a bunch
of nonsense hex code - don't worry about that. Just leave
the file alone and move on to Step #3.
Step Three: Assuming you've already got an account at a
free webspace provider, go to that site and log into your
account. Go to your file manager, and upload the .txt
file from your desktop.
Step Four: Sit back and drink a cup of coffee, then type
the address of your newly uploaded .txt file into the
address bar of your web browser. Be careful not to spill
your coffee all over when you excitedly notice that you're
viewing your image in all it's glory - even though it's
technically a .txt file.
Step Five: Go to your favorite message board, and create
a post with your new image embedded. The formatting codes
differ from board to board, but your post should probably
be something like this:
[IMG]http://geoshitties.com/me/example.txt[/IMG]
Now, you might be left wondering: 1) Why would the .txt
file show up as an image, 2) Why doesn't it get picked
up by the hotlinking filters, and 3) "Why the hell didn't
I think of that?!?"
The reason for the image showing up properly is because
by saving your image as a .txt file, the image's hex
remains completely unformated, and can be converted back
to an image format later on without damaging the file at
all. When you open that .txt file using your web browser,
the browser software identifies the hex as being an image
file, and will automatically convert it into a viewable
form. (This is the same reason that your web browser will
display a web page in HTML format, rather than just
opening up the source code in a raw text format.)
And since webspace providers are only really worried about
people hotlinking to image files - since it eats up your
bandwidth quickly; they could care less about someone
linking to a measly little .txt file. So far, I've yet to
find a free provider that wouldn't let you hotlink to a
.txt format image file, not even geocities or angelfire.
Problem Two - Those Pesky Ads:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
It's almost impossible these days to find a free webhost
that provides a half-decent amount of storage space,
without littering your website with pop-ups and banner
ads. The webspace provider will definately force ads upon
any HTML files you store on your account, but they usually
won't force ads on regular .txt files. Why not? Because
in order to include an ad in one of your files, they have
to alter the format to HTML and include the link to the
ad in the source code. This creates an obvious problem,
since converting a .txt file to a .html file will really
mess up the formatting, and the text won't show up properly.
You'll already know this if you've ever tried including some
of your mad ASCII art in one of your site's pages.
I'm sure by now most of you have already figured out what
I'm getting to, but I'll explain it anyways...
Write the source for your webpage as per usual, but instead
of saving it as an HTML file, save it in .txt format. Upload
it to your website's account, and reopen it using your
browser. As you'll see, your page is now completely ad-free,
but it diplays as a proper HTML file. This works for the
same reason the image trick works - the source remains intact,
and your browser displays it in all it's glory. The only real
problem with this is that you can't display images on your
webpage... However, if your website is an H/P site, you most
likely have no real need to be embedding images into your
website anyways, unless it's to show off your wikkid logo
on your index page. If it's that important, then just get
off j00r lazy ass and code yourself an ASCII logo. Besides,
that'll just make you look more 1337. If you really need to
use an image for something, there's no reason why you can't
just link to the file using the "A HREF" tag.
Problem Three - Your Awkward Domain Name:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Now that you have a great new website, you might want to
get yourself a new domain name. There are two reasons for
this: First, using http://geoshitties.com/me/index.txt
as your website address will mean that nobody will ever
bother remembering the address. Secondly, and more import-
antly, when you type in a website address (i.e. 2600.com),
your browser will by default search for the index.html page
at that domain. And since we're using text files, you'll
just get a 404 message if you type in http://freepage.com/me
To solve this, just get yourself a new domain name, and
redirect everything from there to your index.txt page at
the free webhost. From that point onward, you can just give
your new domain name to people, and your page will launch
from the index.txt page.
But what if you don't want to pay for a .com address???
Worry not, there are actually a few domains out there
that will let you register a domain name of your choice
for free. For example, my page can be reached at
http://AxionTel.tk ...To register a .tk domain for free,
just go to http://dot.tk and fill out the required fields.
Note: If it turns out that the redirect doesn't work for
you, your webhost is probably a nazi & won't allow you to
hotlink to text files. Don't worry - there are oodles of
webspace providers out there that will let you hotlink
to .txt files; as of the date this article was written,
Geocities was just fine with it.
Conclusion:
~~~~~~~~~~
I don't think this would technically violate the Terms
of Service at your webspace provider, since none of
these providers would have thought of these exploits
yet. But just to be on the safe side, you might want
to create a fake index.html page just so that your
account doesn't get flagged. Aside from that, you should
be able to have an ad-free hotlink-able webpage for
months or years to come. Enjoy!
01.31.03
---
its time for another edition of:
phlux0rs ph34ky ph0ne tr1xX0rz
__________________________
for this chronicle we need;
-A phone book from a payphone, one of those big tough metal and
plastic ones
-A laptop smaller than the phone book
-essence of the time
we are going to make an eleeto burrito security minded
laptop case.
i will be doing this when i get my laptop so if you think it
is queer i will fucking club you down with it and take pictures
_________________________
blessed be, a laptops glee!
give him love, and thus cherish...
thou wilt not flee.
because it is christs wish.
-phlux's phone book 13:37(page 666(ironically it is the yellow pages
first page listing for 'cellular telephones'
if you count every preceeding page in the
april 2001 your source camrose edition of the
telus directory. UNF)
it is 6:06am and i have 60 minutes left until it is 7:06am
666 (6th hour, 60 minutes & another 6 minutes is three sixs'(!))
555+111=666!
13*37=481
481+185=666!
i am listening to 666-Devil.mp3
(mark of the beast=666(!))
____________________________________
3d ascii(stfu it makes sense to me):
X<-bad ass security chain(&shoulder strap)
x
X _____________________________________
x | _________________________________ |
X | | | |
x | | xXXXXXXXXXXXXXXXXXXXXXXXXXXXx | |
X | | X loose pages here X | |
X | | X (cushioning) X <-----the actual phone book
x | | X ....maybe you could X | |
X | | X write notes in them X | |
x | | X or stash diskettes & X | |
X | | X your g/fs pic X | |
x | | xXXXXXXXXXXXXXXXXXXXXXXXXXXXx | |<-plastic cover
X | |_________________________________| |
x |_|_________________________________|_|
X | | | |
x|=|=============spine===============|=|<-metal binding
|_|_________________________________|_|
| |_________________________________| |
| | xXXXXXXXXXXXXXXXXXXXXXXXXXXXx | |
| |# X X# | |
| | X hole cut in phone book X | |
ComboLock>& |# X (lappies new home) X# | &<-another comination
| | X X | | lock(locks the covers tighter
| |# X X | | then a tuna cheese melt
| | X X | | sandwhich)
| | X X | |
| | xXXXXXXXXXXXXXXXXXXXXXXXXXXXx | |
| |_________________________________| |
|_________________ _ _________________|
|&|<-hinged cover key lock
the explanation:
# = rerouted parallel/serial/modem/a/c adapter ports and such.
(hidden from view); the swivel attached to the
metal spine and the actual booth needs to be removed.
in its place(by the hole left from the swivel) another hole
should be drilled beside it, this way you can use another key lock
and attach a big ass chain, so you can chain the
whole fucking thing somewhere, or just hang it
from your neck/shoulder like one of those hippie note book
cases. Idealy it should be concealed by a trenchcoat.
or you chould just wrap the chain around the
book itself and use the front hinged cover key lock
marked in the ascii and strap it to your body or something.
or you could just use the locks already inplace for the
shoulder strap, but 2 combos and 2 key locks would be
moresecure in some situations.
______________________________________
considerations: measure twice cut once.
your going to need to need to reroute the laptops fan duct,
i/o, floppy drive, etc. Therefore this project is best suited
for a field phreaking hax0r laptough book arrangement of the sorts
and not for playing counter strike on. oh a track ball set in to the
glued pages would be sexy
If the hole cut into the one half of the phone book is
offset to the right, and the plastic phone book cover is met
with a hot knife, the PCMCIA slut should still be accessible.
a tunnel may need to be had, and long fingers to access
the floppy drive shoould it not be able to be expanded out
of its bay.
The phone book pages need to be cut clean, use a vice/clamps and a jig
saw with a fine blade, go slow. Use epoxy on the inside of the
hole. slop that shit all around, make it look cool.
(but dont glue the fucking covers so they cant open)
maybe weldbond could help somewhere here?
you will want to make sure the hole is just perfect, so your
laptop can rest in the hole flush, if your lazy you will want
to keep the laptop removable. or if your a real tinker fuck
make the hole bigger, and silicone the fuckin laptop in there
to absorb shock and trauma.
The other (ideal)route expressed is to make the pay phone book
assembly one with the laptop. Therefore only part of the phone
book hole hack job will be epoxy'ed and the bottom portion
of the phone book will be loose pages, so you can lift up
the middle solid pages, and access the battery, bottoms up.
The i/o ports, modem, floppy drive, pcmcia will need their
own holes/rerouting/cosmetic surgery and all that to make
things usable, but i think the effort would pay off in the
end. atleast it would look fucking cool, and you could
swing it around your head and club people with it
other ideas: embed a trauma sensor and a pay as you go (disposable?)
cellphone so if you chain link your laptop to a fence and someone
tries to kick it or something your pager will go off with 911 or
something. get one of those 130db personal alarms to embed if there
is room.
oh man i would find room for a fuckin acoustic coupler too
this concludes phlux0rs ph34ky ph0n3 tr1xx0rz.
-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.
._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-
.----------------. -=[ EM/HERF Weapons ]=-
/__________________\
||\ ________ /| _ | Part 1
|| |: :| |o(_)| "Putting that old Microwave Oven to use!"
|| |;-""""-;| |o(_)|
|| |________| | __ | Author: caesium <caesium@to2600.org>
||/__________\|[__]|
"------------------"
hjw
NOTE: This article is best viewed in TERMINAL font! I use high ASCII which
is standard and works perfectly fine in lynx. If you find the schematics are
fucked up. Just paste this bitch in notepad.exe (haha) and select font type
Terminal! (and if your reading this in a *nix term you should have no problems)
-=[ Disclaimer ]=-
Nor I or my affiliates will take ANY responsibility for (mis)use of the
device mentioned in this article. The device in this article is plain out
fucking lethal. If you do not respect the construction or use of this device,
it will kill your stupid ass in a flash (literally).
This device, when built will contain HIGH VOLTAGE at HIGH AMPERAGE, which
means if you touch or otherwise come into contact with a part which is
energized it will cook your ass like that cat from national lampoons christmas
vacation.
This device also and obviously will emit HIGH RF ENERGY. If your in the way
of said RF energy it will cook you. This means deep thermal burns and
cataracts. It can blind you within 2 seconds or less and if you have any
plans to have children you best be keeping your twig and giggle berries well
out of harms way.
This device contains capacitor(s) which can hold lethal charges for days even
weeks. So keep that in mind. This will be further explained down the article.
Let's recap. High Voltage, High RF Energy, High Amperage. All of which speak
for themselves.
*** Your first mistake will be your last mistake. ***
-=[ Introduction ]=-
I know the disclaimer is unseasonably long. However it is very important
to convey the inherent dangers of fucking around with microwave parts.
EM/HERF weapons and/or devices have been of great curiosity it seems to many
people ive discussed it with in the scene. Perhaps this is because of the
nature of the device, or the fact that most people in the scene are depraved
maniacal fucks. Anyhow, I digress. I will in this article discuss, layout and
illustrate how one can turn a microwave and some cheap easy to get
components into a homebrew "LOOK WHAT I DID MOM!" EM/HERF Weapon. Personally,
I don't like to call this device a weapon because I do not condone its use
against personnel and the fact it makes a shitty impractical weapon. Its main
theme and idea is to destroy/jam/fuck-up electronic devices.
To construct this device you will need to have some skills as it pertains to
building housing and wiring. If you lack these skills I suggest you not even
attempt to construct this device because it will most likely end up killing you
or fucking your shit up. Please read this article several times and MAKE SURE
you have a solid idea of what I'm talking about, because forgetting to do
something or connecting something wrong or etc. will be bad news.
This EM/HERF "weapon" will emit HIGH ENERGY RF @ 2.4GHz which means it's very
very very bad for biological things... so, don't aim it at people or animals.
Remember, Alley Cats and Squirrels have feelings too.. Seriously.!
The items you will need to construct this device are:
1) Old (Working!) Microwave oven.
2) Aluminum/Tin Foil
3) Aluminum/Tin Tape & Duct Tape (come on man, next to the WD-40)
4) Parts for Triggering Circuit! *read below*
5) Wood, of suitable size (1x1) to make a frame.
6) Wire (house wire, or extension cord.)
7) Parabolic Dish. (Or a Metal Salad Bowl!)
8) A will to die.
-=[ Safety ]=-
*PLEASE READ THIS SECTION*
Without safety, you only have injury. Now lets cover some safety issues
which will be key if you decide on building this crazy ass device.
The big heavy transformer that the Magnetron needs to be powered by will make
a lot of amperes at around 4.5kV (4500 volts). This is bad news if you touch
any live wires from it. Because at this voltage and at that amperage it will in
all likely hood kill you, and I'm being totally serious here. So, if you work on
this device make sure it's unplugged, the capacitor is drained, you have one
hand in your pocket and your wearing shoes. If you do all that, even if you get
shocked it should hopefully not be enough to stop your heart.
With that said, the other danger is the capacitor. Most all microwave caps have
a bleed resistor internally which shorts them out causing a slow drain. That
way they wont hold a charge for more than 5 minutes. This can be confirmed by
looking at the capacitor. Most contain a little schematic on the side showing
this. Here is a leet ascii schematic of a cap with a bleed resistor..
Ú/\/\¿ To explain. the -/\/\- is the resistor.
³ ³ and the Ä´ÃÄ is the capacitor. The resistor will
HV ÄÁÄ´ÃÄÁÄ HV be shorting out the cap... guess what HV means?!
Now, to manually drain the cap you can take a 1 or 2 W (watt) resistor of about
10kOhms and short the terminals out. That is the safe, non-shit-your-pants way
of draining it. You could just be lazy and short it out with a screw driver but
if mr. capacitor has some juice in him, he will send your screwdriver to
screwdriver heaven and probably cause you to lay some cable. It's been my
experience that most all microwave caps have bleeders on them, so if you do see
the bleeder schematic as illustrated above, just go ahead and short the fucker
out with a screwdriver..
Now, onto RF Energy safety. RF or Radio Frequency Energy is a very very weird
mystical thing to try to explain to people because it does at times do some
really whacked shit. It's unpredictable to the layman and is invisible; and very
dangerous whe
n strong. You wont see yourself getting burnt from it, you'll only
feel pain and go "OH FUCK!!! AAAHHHHH".. RF Burns hurt, and can give you cancer
or blind you, and sooo much more. I will explain down in the article how to
avoid becoming a statistic and where you should be in relation to the emitter
of the magnetron.
RF Energy will bounce off of many items. If metal is not grounded RF energy
will usually bounce right the fuck off it and reflect back at you.. Which as
you can gather is not a good thing. Grounded metal usually will absorb and
ground the RF energy, so try to keep this thing pointed at grounded metal only.
Side with caution, use common sense (although you probably dont have any as your
reading this silly ass shit). BUT BE SAFE!! Cause we don't want clone to lose
any valued k-line readers now do we.
-=[ Theory ]=-
This device operates on the concept that the strong RF energy will be
absorbed into the framework/chassis of the target device causing very high
voltage energy spikes into its electronics/components causing said target
device to fry or just plain break. Computer IC's (integrated circuits) are
very susceptible to this brand of attack. CMOS devices dont like static
electricity, so you can just guess how they will appreciate this..
-=[ The Magnetron ]=-
No, I did not make this name up or some dumb shit like that. The heart of
this article is this cool little diode type electron tube.
Magnetron
n : a diode vacuum tube in which the flow of electrons from a central cathode
to a cylindrical anode is controlled by crossed magnetic and electric fields;
used mainly in microwave oscillators.
The magnetron itself requires 3 connections to function:
1) Filament Heater & Cathode (one and the same, 2 connections)
2) Ground (the metal casing itself)
The basic idea is that we power the Magnetron, then bounce the radiation it
will produce off a really half-ass RF Mirror causing whatever is in front of
this device to receive the RF energy. Hence zappin' it.
Here is more leet ascii on what a magnetron looks like (side view):
ÖÄÄÄ·
º***º <- this cap thingy is the antenna
ÇÄÄĶ RF is emitted 180 degree's round
º º
º º
ÄÄÄÒÄÄÄÄÄÄÄÄÐÄÄÄÐÄÄÄÄÄÄÄÄÒÄÄÄ
ÌÍ###################͹
ÇÄ\/\/\/\/\/\/\/\/\/\Ķ ^
ÇÄ/\/\/\/\/\/\/\/\/\/Ķ |---- This flap is a
ÇÄ\/\/\/\/\/\/\/\/\/\Ķ mounting bracket.
that wavy shit -> ÇÄ/\/\/\/\/\/\/\/\/\/Ķ
is the heat sink ÇÄ\/\/\/\/\/\/\/\/\/\Ķ
ÌÍ###################͹ <- those #### is a big
ÓÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄĽ strong ring magnet!
ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» (both above and below)
º º
this base contains -> º ÚÄÄÄÄÄÄÄÄ¿ º
chokes and a lot of º ³ @ @ ³ º <<-- the @ @ are the two
empty space... º ÀÄÄÄÄÄÄÄÄÙ º cathode/filament terminals
º º
ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ
ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ
Also, goto google and do an image search for "Magnetron" you'll get several
links and images to more info and the many different varieties these things
come in.
ANTENNA: The magnetrons antenna is a metal cap mounted ontop of a ceramic
insulator. RF Energy is emitted just as if it were a light bulb. IN ALL
POSSIBLE DIRECTIONS!!! So. If you can SEE the cap, then your in an area
which will be nailed by RF once this mofo is energized.
Here is the ascii schematic of the Magnetron:
/-----\
/ \
ÄÄ|Ä¿ ³ |
| ³* ÃÄ|ÄÄÄðð
ÄÄ|ÄÙ ³ | GND
\ /
\-----/
As you can see it only really has 2 terminals (leads.).. This is unusual to
most people who are not firmiliar with vacuum tubes and such. Basically, we
need to run 3v (yes, 3 volts) at like 1-2 amps through the 2 leads (this
will warm up that direct short as you can see the filament its called). And
while the 3v @ 1-2 A is running thru it we run 4.5kV @ (fucked if i know) A
thru the filament to the ground (which is the framework of the tube).
So we are doing 2 things here, we are running (on its own circuit) power to
heat the filament/cathode AND running high voltage/high amperage from the
filament/cathode to the ground (the framework). This may seem stupid to
most and its been designed like this for a reason, just connect everything
as i illustrate and it will work fine. really!
-=[ Basic Device Layout ]=-
Here is a schematic of how this device will be wired.
F2
Ú/\/\¿
T1 F1 ³ ³ D1 GND
³³(ÄÄÄÄÄÄÄÄÄ/\/\ÄÄÄÄÄÁÄ´ÃÄÁÄÂÄÄÄÃÄÁÄÂÁÄÂÁ
³³( C1 ³
ÄÄÄÄÄÄ)³³( HIGH ³
)³³( VOLTAGE! ÚÄÄÄÄÄÄÄÄÄÙ
AC ~ )³³( Secondary ³
120v )³³( GND ³ /-----\
)³³(ÄÄÄÄÄÄÄÄÄÄð ³ / \
ÄÄÄÄÄÄ)³³ ÃÄÄ|Ä¿ ³ |
³³(ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ | ³* ÃÄ|ÄÄÄðð
³³(ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ|ÄÙ ³ | GND
filament \ /
heater \-----/
loop M1
PARTS LIST:
F1) 0.6A HV Fuse. (should look white)
F2) 1W 100kOhm Resistor (this is usually in the cap, so, forget it)
C1) 0.01 -> 1.15 uF HV Capacitor
D1) HV Diode
M1) Magnetron
T1) HV Transformer
All of the parts listed WILL be inside your microwave. The fuse will be
white usually. The Capacitor will be this large metal tube, it will be
quite obvious, and should have the bleeder inside, so you can ignore the
F2. The diode will be this black rectangular object about the size of ..
hrm,.. 3cm X 1cm .. and the magnetron is obvious... The transformer will
be this big ass heavy block of metal, if you don't know what a transformer
looks like, you should DEFINITELY NOT be building this device.
Once you scoop all this awesome shit outta the microwave you can set it
aside.
-=[ Construction ]=-
Ok, here is the deal... First take that microwave apart so you have all
the basic components. You can disconnect all the wires and shit, thats
perfectly cool, because I will tell you how to wire them back up and shit.
Once thats all done, youll need to figure out what you want to use as a
reflector.. I suggest a metal salad bowl... Why? well, because its cheap,
common, cheap, and did i say cheap?.. Get your ass to a Crappy Tire, buy
a salad bowl and drill a hole which will accommodate the antenna spout that
is sticking out of the top of the magnetron.. Dont make the hole too big.
You'll notice there is the golden mesh on the top of the magnetron, that
shit is called a RF Gasket.. Obviously, with that being said, youll want
the hole not to be larger than the gasket.
If a salad bowl doesnt tickle your fancy use something like a salad bowl
or almost as deep as one. This is very important.. DO NOT use a stupid
fucking DirecTV dish or something, thats just clown shoes man. Even the
bottom 1' of a tin trash can or something like that will work. Ever see
those big fucking things on antenna towers which look like drums?? bingo.
Those are microwave antenna's and we want something like it. So keep that
in mind. This is mostly important because of the way magnetrons radiate
RF Energy. If you choose to use that DirecTV dish, I suggest you go fuck
yourself for not listening to me.
Ok, once the dish is selected, you need to construct a box which will
house the electronics and magnetron and probably support the dish. I am not
going to help you too much with this portion, mainly because its highly
dependant on what you have available to use. I suggest hitting home depot
and looking around. I would personally use wood for a frame.
The magnetron has mounting holes in the top part. You should design your
case to use these brackets. Give all the components room. You dont want
to jam everything together because of the high voltage.
Here is a cheap illustration of a case:
---\
\
\ ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
\³ ÉÍÍÍÍÍ» ³
³³ ºCAP º ³
³³ÉÍÍÍ»ÄÄÈÍÍÍÍͼ ³
*Ä´³ºMAGº ³ ³
³³ÈÍÍͼÄÄÉÍÍÍÍÍÍÍ»³
³³ ºXFRMR º³
/³ ÈÍÍÍÍÍÍͼ³
/ ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
/
---/
You can of course build a tripod base or whatever you want onto this...
Use your imagination, be original.. Im merely telling you how to wire this
bitch up so it works and such. A great deal of its ability to function
will be in the dish/drum and the quality of the components.
Steps.:
A) Get Parts
B) Build chassis
C) Mount Magnetron
D) Mount Dish/Drum
E) Sheild!
Onto shielding!.. Now.. shielding is fairly simple.. You basically wrap
the entire chassis in tin foil and tape it up like Red Green with that
aluminum tape. Once this is done ensure that the foil around the box is
in direct electrical contact with the magnetron casing (which if you
remember is connected to that isolated ground circuit). This will sheild
the device from itself. Just dont touch it while its on.
Note: make a panel which you can remove easy just incase you need to play
with the internal components, or incase your stupid ass wired it wrong.
Lots of people prefer to use sheet metal with a wooden frame. If you have
access to and/or can afford to buy sheet metal, It is obviously the best
solution as then you wont have to fuck with stupid aluminum foil or etc.
Just as in the previous paragraph, ensure the sheet metal is fixed to the
frame of the magnetron for proper "grounding".
I originally built my unit pretty much as I have/am describing to you at
this very moment. My device actually worked/works. I did however do it
from scratch as at the time I didnt think to check the web for it. I have
disabled several electronic devices with it. This was about 3-4 years ago
however.
I have since read several HERF/EM articles from several sources. That
being said I have seen shit wired in ways which will do nothing to ways
which will blow out your breakers or even cause the need for the fire
department. I highly recommend you use the fuses which I have in the ascii
schematics and side with caution and safety.. if you think its dangerous
to be near this thing while its on.. YOUR RIGHT!.. also, dont touch the
drum or dish or whatever you used as the reflector. It is hooked up to the
ground and touching it may prove to be somewhat hazardous to say the
least. It may do nothing, or it may kill you. I dont personally know cause
I didnt go near this fucker while it was on. My ass was hiding around the
corner of a brick house.. This is where I had the power switch.
In my design (this design) I used the big dangerous transformer out of the
microwave for a few reasons.. A) it was there.. B) you need AMPERAGE to
power the hungry magnetron C) neon sign transformers WONT WORK!
So, if you read any article where some schmuck used a NST (neon sign
transformer) with a magnetron, laugh. Cause all it is, is bullshit.
NST's supply 4kV->15kV+, sure they supply way more voltage. However they
supply a piddly 30->50mA.. Thats milliamperes.. Not NEARLY enough amps to
power the fucker.. So, This leads me to think that the vast majority of
people who wrote EMP/HERF articles have never even tested or used them.
What a bunch of fucking posers eh..
So, Once all this is mounted in a box and nice and clean. Then its time
to move onto wiring the internal components up. Before I go into that I
am going to explain how we are going to trigger this device.
Diagram of Overall System.
ÚÄÄÄÄÄ¿ ÚÄÄÄÄÄÄÄ¿ ÚÄÄÄÄÄÄÄ¿
³Wall ³------->³Trigger³--------->³EM/HERF³
³Power³ ³ w/fuse³ ³DEVICE ³
ÀÄÄÄÄÄÙ ÀÄÄÄÄÄÄÄÙ ÀÄÄÄÄÄÄÄÙ
With this being said, We have not yet covered triggering mechanisms. I
find myself at a loss on what to say for this, as there are several things
one can use to accomplish this task. A simple house light switch, a relay,
... the list goes on.
Whichever triggering solution you choose, make sure you put a fucking fuse
on it, seriously.. If you want, you could go real slick and throw in a
line filter, cause I assure you that this device will probably make some
decent noise on your AC mains. However, its no worse than the fucking crap
Ontario hydro pumps into my place anyways...
Also, keep in mind to keep the power cables out of the way of the
dish/drum because you dont want to inject RF into the mains directly, as
that is just asking for trouble. There are other reasons for this, but
whatever.
This device has been designed so far, to run for very short periods of
time. I wouldnt run this thing for more than 2 seconds.. If you do, may
god have mercy on whatever is front of it.
Running it for more than just a few seconds will probably ruin/destroy the
magnetron. They are meant for duty cycling and that means pulsed or non
continuous operation. If you do use this device a lot, I suggest running
air over the heat sinks of the magnetron. I will not go into discussion
on that, as running this thing for not even a mere second will have
already destroyed most all electronics in front of the dish/drum.
About triggers, I suggest a simple switch. In my next issue of EM/HERF
'Weapons' I will have some interesting triggering devices displayed in
which one can use for the purposes of triggering this device. They will
be exceedingly more complex than just 3 wires and some bubble gum.
I would hate to give a full A-Z tell all. For a few reasons: I want ppl
to learn, explore, and innovate. Put your own ideas together and have
some fun. If your too lazy for this, use a fucking switch and leave me
the hell alone.
Now lets discuss wiring the primary components together. This is pretty
easy as there is only a transformer, diode, cap and magnetron.
The transformer will be weird to most ppl. Some ppl will go "gee, this is
one fucking stupid ass transformer". And for the most part, your correct!
The transformer has been designed for a microwave, not to suit your mad
hobby needs. Most of the transformers ive come across only have 1 HV out
and have the other HV lead directly connected to the frame/block of the
transformer itself. If that is the case with your transformer, fear not.
You'll need to isolate all the different connections on the transformer.
The connections:
1) Primary (two wires connected to a smaller winding, AC mains)
2) Secondary (one wire which is probably just a terminal, and the
transformer block itself.)
3) Filament Heater Coil (two wires which are apparent as this fucker
only wraps around the core like 3-6 times.)
Now, if you look at the schematic above which illustrates how this device
is wired you'll see that its designed with that Secondary which has a lead
connected to its frame, in mind.
If you keep in mind the transformer has 3 coils, and try not to confuse
yourself you should have no troubles wiring this up.
As for the GND (Ground) in the schematic, you'll have to come up with a
method of connecting all the GND's together. Then ensure the cases frame,
shielding, etc. is all grounded to the ground. You can even attach this
ground to the ground on your AC mains, and I suggest you do just that. If
you do connect that ground to the AC mains ground (your house ground) the
device should be safe to touch while running (however I would leave this
testing up to a friend you dont all that much care for.)... NOT..
(dude's gotta cover his ass,)
-=[ Operation ]=-
Operation is fairly simple.
PLUG IN
STAND BACK
SWITCH ON
COUNT TO 1 or 2
SHUT OFF
LAUGH MANIACALLY
Thats about it. Keep in mind to stand well away from the emitter. Make
sure that any metal or etc, in the way of this thing doesnt mirror to you
or the RF will bounce back and fuck you up. Just becareful!
Suggested targets are:
* Old 286 computer.
* Yappy neighbors dog.
* Cheap calculators
* Cars for scrap (which have `puters).
* Something you dont like!
Note: If you fire this at a modern car, It will *KILL IT*. I mean, it
will seriously and absolutely fuck the cars computer in the ass like an
episode of Oz. Ever had your sheesh pushed in dog? Huh essay!?
Also, keep in mind cars are not grounded and will probably bounce 3/4 if
not more of that RF right back at you.. So, just remember that.
This device will emit a lot of Watts @ 2.4GHz .. Oh, doesnt 802.11
wireless networking run on 2.4GHz ?... NO DONT GET THOSE IDEAS!!!
-=[ Conclusion ]=-
I believe I have polluted enough minds. Just be smart and play safe.
Respect ppl, animals and property. Be intelligent and use this for
educational purposes and not to be a fucking cock sucker.
Its a fun hobby with neat interesting results. You can do cool stuff
with RF Energy, goto google and look up RF Energy and Magnetrons and
get yourself some decent edumacation. This device makes a great lab piece
just so long as you are smart about it.
-=[ Credits ]=-
Author: caesium <caesium@to2600.org>
Knowledge is power, Understanding is wisdom.
-=Toronto 2600=- http://www.to2600.org
Shouts: theclone, dec0de, kris, grinthock, jimmiejaz, and the to2600 crew.
-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.
._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-
<caesium> i have a self catheter kit..
<caesium> its sweet
-- Credits
Without the following contributions, this zine issue would be
fairly delayed or not released. So thank you to the following people:
Axion, Caesium, Cyb0rg/asm, DdUcation, Magma,
Phlux, P1asm1c, Shadow, The Clone, Treephrog, Wizbone
-- Shouts:
CYB0RG/ASM, Wildman, H410g3n, warVamp, The Question, plappy, Phlux,
rt, Magma, Hack Canada, The Grasshopper Unit, Flippersmack, soapie,
Breanne, Flopik, dec0de, caesium, oz0n3, Kris, to2600.org, and lastly
to everyone and anyone who contributes to the Canadian H/P scene.
;. .;.. ; ;. ;..
;.. .;..; .;.; .;; ;..
.;..;. .;..; .;.;...; ;..;..
.;. A .;. .;.
;.. N E T T W E R K E D ;..
;..;.. P R O D U C T ;..;..
.;..; ;..;..
; .;..;.;.. .; . .;. ..;..
.;.. . .; ..;..;..;.. .;
;..;. .;.. . .;.. .;.;.
..;. ..;.. .;. ;.;..;;..;.;
;.;;..;.. ;.;.; .; .
;.;..;. .;. ;.;:.;.
,;....;.
.;.;. .;.;
.;.;.;
.;.;
;..;.
.;.;;.; .;. ..; ;. > > > .................>>>>>>> Fuck You Telus for messing
up my ADSL service. Now I
don't feel so damn bad for
wardialing and hand scanning
from my residential phone
line you filthy pieces of poo.
- Anonymous Hero
