Copy Link
Add to Bookmark
Report
Tolmes News Service 17
#######################################
# #
# #
# ======== =\ = ====== #
# == = \ = = #
# == = \ = ====== #
# == = \ = = #
# == = \= ====== #
# #
# #
# <Tolmes News Service> #
# ''''''''''''''''''''' #
# #
# #
# > Written by Dr. Hugo P. Tolmes < #
# #
# #
#######################################
Issue Number: 17
Release Date: December 24, 1987
On certain bulletin boards there has been alot of discussion on the security
measures at ITT. Here are just a few messages from certain boards.
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Msg#:30056 *Chronicle Msgs*
12/04/87 10:38:39 (Read 21 Times)
From: THE FALCON
To: SINGLE SIDEBAND (Rcvd)
Subj: ITT
I have heard through a very respectable grapevine that ITT will be changing
it's format to 13 digits. My guess would be NPA+PRE+SUF+ 3 digit PIN, however
we will just have to wait and see. If my guess is correct its not that big of
a deal to us, just a matter of scanning 7 digits instead of 6.
The Falcon
Msg#:30060 *Chronicle Msgs*
12/04/87 22:08:22 (Read 20 Times)
From: THE FALCON
To: ALL
Subj: ITT
Everyone pay heed! It seems our trusty favorite, ITT is changing it's format
as of the 13th or something. They will be going to 13 digits. Seems everyone
is doing that these days. If they do as I expect they will, they will change
to the standard NPA+PRE+SUF+3 digit PIN of the person who owns the code. I.E.
Someone living in California (805) may have a code like: 8055265421234 where
8055265421 is the person's phone number and 234 is their PIN (Personal
Identification Number). If they do this, all it will mean for us hackers of
ITT is just change from hacking 6 digits to 7 digits. (We can template the NPA
and the PREFIX and just hack the last 7 digits) Difficult, yes, but not
impossible. What does everyone think is the safest company? Also, Scan Man,
could you post the TMC locations that you think are the safest and whether you
think TMC's 800 number is safe? Thanks for your time in reading this.
The Falcon
Message #: 12 of 45.
Title : ITT's
From : Cbolt
Date : TUE DEC 1 11:55:06 AM
I've heard from a few ppl who own legit itt numbers that the company is trying
to change to a 9 or possibly even a 13 digit number. I don't know how true
this is but those ppl I talked to have no reason to lie to me.
Message #: 13 of 45.
Title : ITT 9d
From : The Trader
Date : TUE DEC 1 12:18:05 PM
Well, they already have 9 digit codes, but I haven't heard anything yet
about 13 digit ones. I think I'll check into that.
TRADER
Message #: 14 of 45.
Title : itt 14digies?
From : Codebreaker
Date : TUE DEC 1 1:23:19 PM
If itt goes 14 digthen there is no
reason for them not to have a phiber
optic installation put in..So if they
go 14 then it could make ITT much
clearer and better results : 16 of 45.
Title : ITT...
From : High Tech Ii
Date : TUE DEC 1 6:18:05 PM
There is no doubt that they are changing code format... I already posted that
(maybe it was on anothe sub... oh well, any way, officials say so, so I am
pretty sure of it.)
High Tech II
Message #: 18 of 45.
Title : ITT*
From : Master Cracker
Date : TUE DEC 1 10:44:14 PM
IF ITT GOES 13 OR 14 DIGITS. ITS GOING
TO BE VERY DIFFICULT TO HACK ON
ITT. BUT I DON'T KNOW BECAUSE THEY HAVE
9 DIGIT CODES THAT ARE WORKING. A SMALL
COMPANIE, WHICH I DON'T THINK IS
AVAILABLE TO THE WHOLE COUNTRY IS
MICROTEL. THEY 5 OR 6 DIGITS. AND WOULD
BE FAIRLY EASY TO HACK.MOST OTHERS ARE
PRETTY DANGEROUS.
MASTER CRACKER
Message #: 23 of 45.
Title : itt. ..
From : Wharf Ratt
Date : WED DEC 2 9:33:29 PM
I have heard from a source that they are going to go to 14 digits but they
are arguing over how to convert the old members. Also the $$ to reprogram their
system to accept that input. Will keep u posted...
Message #: 24 of 45.
Title : Well...
From : Apple Core
Date : WED DEC 2 11:10:18 PM
They already accept some 9 digit codes (Executive's Accounts) but most of them
are still 7 so you have something to use for the time being. Hmmm, a 14 digit
code.... I think that WOULD be a little bit difficult to say the least. But it
would cost money to convert the computer relays and all the customers who need
to flip over to 14 digits. And ITT doesn't even have Fiber-optics yet! I have a
feeling that they can't afford tracing, so they go to 14 digits to reduce the
hackers with less money spent. Oh, well. Maybe this executive code won't go bad
too soon....I hope.
/
)(
Message #: 32 of 45.
Title : ITT-New Uprisals
From : Al Capone
Date : TUE DEC 8 3:51:31 PM
While trying some things on ITT, I have found that when I get a code that is
incorrect I will get a ringing, followed by a carrier and then the error
message. They obviously notice that we are there.
Al Capone
Message #: 33 of 45.
Title : Metro-New Uprisals
From : The Trader
Date : TUE DEC 8 10:31:36 PM
Metrophone (MTR) has been doing the same thing for years - just hack for
a non-carrier or busy if your modem can differentiate.
TRADER
Message #: 34 of 45.
Title : They Are Aware of Us
From : The Traxster
Date : WED DEC 9 9:55:51 AM
Well guys beings they are putting false carriers in the error messages that
must mean we have a new chalange. I mean they are oviously looking for
hacker's modems to connect to that carrier. Though Why Metro Phone ever
started doing it first I will never figur out. They must have the worsed
connections of any long-distance service ever in business. That is if you are
refering to Metro Phone not Metro Meedia.\
Message #: 35 of 45.
Title : Ok...
From : High Tech Ii
Date : WED DEC 9 5:19:42 PM
Someone said that the false carriers are a "new" challenge.... Well... in my
area, they have been lurking fonow... and as for beating it...
try this:
1) Not all carriers are created equal.... hack at 1200 and it is easier
or
2) Try changing the set up on your modem so that it waits for a longer
carrier... I doubt that it last for 5 min. [_or so...
High Tech II
Message #: 36 of 45.
Title : No...do this...
From : The Ronz
Date : WED DEC 9 6:34:47 PM
Write your modem program so that it marks good codes that DON't HAVE A CARRIER.
Be sure that the number you're dialing to doesn't give a carrier, like a
time/weather info line, or shorten the amount of time your modem hangs on after
it doesn't detect a carrier...no problem.
Gee, thanks ITT for making it easier to hack you with an Apple-cat modem and
some programming...
Laterness...
Ronz
Message #: 37 of 45.
Title : yepp
From : The Leftist
Date : WED DEC 9 7:40:12 PM
hacking for no carrier is much faster anyway...
Message #: 40 of 45.
Title : A Tiny Flaw in That
From : Al Capone
Date : THU DEC 10 6:47:22 PM
There is a tiny flaw in the method that Ronz tells of when applied to ITT.
Correct me if I am wrong but as far as I know the carriers are in random. Why
not program the modem to listen for line noise. Usually when a code is good it
takes some time for the call to be completed, therefore if you programmed your
modem to search for line noise regardless of what they put in your way you
could weed out the good codes from the bad.
Al Capone
Message #: 41 of 45.
Title : You see....
From : The Ronz
Date : THU DEC 10 8:42:44 PM
With the apple-cat modem, you can program it to detect carrier noises, or voice
range noises. In other words there is a byte you set to tell it the frequency
range to "listen" for, and when it gets that, another location in the modem
changes to indicate that that frequency is present on the line. When there is
no noise, or a different freq than what you tell the modem to look for, the
location gives another number, not the one you're looking for.
ANYWAYYY....Is it true that the 800-ITT # does not ALWAYS give a carrier when
you put in a bad code? It is my experience that it does. The local dialup to
me does not give the carrier though, so the program would only work with the
800 dialup, and ONLY if it ALWAYS gives the carrier noise for bad codes.
Writing code-hack programs is fun.....
Laterness...
Ronz
Message #: 42 of 45.
Title : me and ITT
From : Druidic Death
Date : FRI DEC 11 6:36:05 AM
I have never been given a carrier with a bad code on ITT, I always get a
message telling me that "service restrictions are in effect".
Dru'
Message #: 43 of 45.
Title : try....
From : The Ronz
Date : FRI DEC 11 9:18:18 AM
Try -1800-327-9488 for ITT and see what happens when you put in a bad
code...it should either ring and ring and ring and never answer or
it will answer with its tone and you do your thing, then if the codes bad
then it will beep with a carrier noise then a lady will come on sayinnd something about Atlanta....
And then it might have a carrier noise again...
-Ronz
Message #: 44 of 45.
Title : ITT Software Changes
From : The Traxster
Date : FRI DEC 11 10:40:27 AM
I know ITT has changed their sofftware, but is the longer codes the only thing
that is going to change or is there going to be some others? ITT hasn't done
much in the way of security but it is going to be interesting to see hhow they
plan to take any steps. As for the carrier I've only had it happen on one
executive code.
Message #38 of 65
Subject: ITT
From : Sgt. Pepper [Level 50]
To: ALL
Time: 12/14/87 at 6:20 am
I did not mean to imply that ITT
going 13 digits is the end of the
world... I am melancholy about it..
It gets rid of the leeches, but
I have to actually concentrate to
phreak... Sorry if anyone thought
I worshipped ITT or something, but
I will admit that ITT is the primary
service which I use, just out of
laziness.....Sgt. Pepper..
Message #44 of 65
Subject: ITT 9 digits
From : The Ranger [Level 50]
To: ALL
Time: 12/15/87 at 2:56 pm
On the ITT 9 digits...
Since ITT has switched to 13 digits what about the 'Executive Codes' that are 9
digits? Does anybody know if they are going uto 13, or higher, or staying the
same?
' Ranger
Message #64 of 65
Subject: R) Well
From : Dr. Doomsday [Level 60]
To: Argos
Time: 12/21/87 at 8:49 am
Wait a MINUTE! Whats the HELL is going on?!?!?!??!
Is ITT officialy 11 or 13 DIGITS? Cause for me ITT is GREAT....Perfect 9600
Baud CONNECTIONS (with my HST), so I want to start hacking them babes again, (I
have been using 9500963, XXXXXX).....So PLEASE either give me a VALID 11 or 13
DIGIT code so I can startt from there.....
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
13 or 14 digit codes will be nearly impossible to hack. It's just too
difficult and would take too long. The change in the code format will make
things so difficult that switching to another alternate carrier would make
more sense.
On the subject of a fake carrier:
Metro has had a fake carrier on their ports (950-FGB ports) for some time. If
people would like to hack around ITT's fake carrier, I will provide some info
on the various ways to do it. Allnet recently also introduced a fake carrier
and then took it off for a while. It is unknown whether or not Allnet's fake
carrier is only being used in certain areas.
Hacking around a fake carrier:
With the increased interest in the fake carrier and getting around it, here are
a few ways to hack around it. You should remember that some code-hacking
programs have options for systems with fake carriers.
1) Most good code-hacking programs have a way to stop hacking and continue with
the next code attempt during hacking. This is usually just a button pressed
when the code-hacker is listening on the phone. To get around the fake
carrier, a hacker could just listen on the phone and when he hears the ringing
(that will mean an error mesust continue on the next code.
This requires that the code hacker be present when hacking (and listening on
the phone).
2) Another way to get around the fake carrier is to set your hacker to dial
for a phone that will not produce a carrier (payphone, constant busy, or even
your own phone). Set the hacker to record whenever no carrier is received.
When you don't get a carrier, you'll know that you have a code.
3) I suppose you could set up your hacker to hack sequentially and then go
through the list of good codes. When you find a number missing, that's a
good code. Providing you hack with a destination that gives no carrier.
4) The fake carrier is usually 300 baud, set your program to get around the
fake carrier by listening for only a 1200 baud carrier.
5) Fake carriers on AC's (Alternate Carriers) only last for a few seconds
because the error message has to be stated in the recording. Set the hacker
to receive any carrier that lasts atleast 20 seconds.
6) The fake carrier also come on quickly after you dial since it is the
alternate carrier's recording. Set up a hacking program that will only record
codes when the carrier is received after 15 seconds. Dial for a long distance
Compuserve port (so that it takes a while to connect the call) and if the
carrier comes on after 5 seconds, the program should reject the code.
7) One other way to get around the fake carrier is to set up a simple delay in
your program so that you wait 15 seconds before listening for a carrier. The
fake carrier would be gone and the message would be speaking by the time that
the program would start listening for a carrier. A real carrier would atleast
last for 30 seconds.
I hope that these ways will be helpful to hackers in their attempts to put
down the increasing security of long-distance services.
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
@ Capt. Zap's Defense @
-----------------------
The following are a series of messages and responses from Phreak Klass Room
2600. They involve Capt. Zap and his defense to an article written in the WSJ
(Wall Street Journal). The information on Capt. Zap is in TNS Issue #13.
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Numb: 2
Subj: Wall Street Journal
From: CAPT ZAP
Date: THU NOV 5 11:30:11 AM
Well as one of the older members of this board and hobby, I have taken my
so-called talents and now put them to work. The job, Hacking systems for people
and testing the security of the machines. Now there is a lot of money out there
and the systems owners are paranoid from the insiders than from the outsiders!
Now there is a good possibility of taking all the combined talents of us and
marketing them to the different owners and make some good money doing what we
all love to do in the first place!
\/ Capt. Zap \/
** --------- **
Numb: 5
Subj: Whats up?
From: CAPT ZAP
Date: FRI NOV 6 11:19:51 PM
Well it seems to very quiet these days with all the hoopl
article written about me in the Wall Street Journal. Does anyone read out
there?
CZ
Numb: 6
Subj: WSJ
From: THE STRYPER
Date: SAT NOV 7 7:37:06 PM
Must be quite an honor (a dubious one, perhaps?) to be in the Wall St.
Journal. What's the date on the article, I'd like to read it....
-+The Stryper+-
Numb: 7
Subj: The Date!
From: CAPT ZAP
Date: SUN NOV 8 5:06:18 PM
For all of those interested in the article and the date, it is tuesday Nov 3.
All in all it was a good article with the exception of pointing out that I
am not the best housekeeper in town and the wife and I fight all the time. But
a least it states that I am not a fed or turn anyone in for anything!
After all, we are all entitled to read what we want and pocess information that
some would consider to be of a dangerous subject. But what is education for?
\/ Capt. Zap \/
** --------- **
Numb: 9
Subj: Zap
From: THE CHAMELION
Date: SUN NOV 8 8:38:14 PM
Zap:
Regardless of what the Journal says (yes, I read it, and do almost every
day), most people are calling you a nark, a fed, and ssomething I can't quite
remember, but it did contain the word "shit". There seems to be a general
consordium against you and your presence, but I'm not passing judgements on
anyone.
Numb: 12
Subj: My response to it all!
From: CAPT ZAP
Date: TUE NOV 10 1:46:47 AM
Well as far as I am concerned, the article was good and bad! The one major
point that was made clear at all times is that I am not a fed or whatever. Yes
there have been a number of different responses from the community and it has
be going 60/40 in favor of the story. The people who know me around the country
and have called and said their piece about the whole thing! If any are in other
places I inhabit, you will see what I mean. There have been threats and
counter-threats since it came out and others with reps that are considered to
be realiable in the community have stood with me on my credentials! Since I
have Class 3 Felony already against me and it keeps me from doing alot of
things it also keeps me from working with law enforcement due to my crimminal
stature and conviction! AS far as I am concerned, I feel that I have nothing to
dto the facts presented in black and white. I also do not have the ability to
perform such services as Mr. Maxfield does. I perform security evaluations and
rviews! That entails the testing of a areas of security protective bubbles.
It is a good job when you work, and thats not much! But all in all, I am happy
whit the article and the response. To those who do not know me, you can kiss my
s! To those who do and see the idea behind the firm, Thank you for your
support!
\/ Capt. Zap \/
** --------- **
Numb: 13
Subj: Zap
From: THE CHAMELION
Date: WED NOV 11 1:24:10 PM
Althought you are not an immediate threat to hackers, and you, as the article
explains, will not help catch others; there is one problem. If you keep
plugging holoing to be able to get a drink. Understand what
I'm saying, dutch boy?
Numb: 16
Subj: Zap
From: THE STRYPER
Date: SAT NOV 14 1:38:38 AM
Zap, I believe, does security consulting for individual companies, so the holes
are just gone on those companies. Zap: Are most of the holes you plug to
prevent outside (us) hacking, or inside jobs?
-+The Stryper+-
Numb: 18
Subj: Systems Protection!
From: CAPT ZAP
Date: SUN NOV 22 11:18:53 PM
The holes as you put them are for the internal stuff. Most of the internal
stuff by reason of wwhole design protects the outside more and does the inside
by reason of default. If you have any questions, you coulld call me at
215-634-5749. That is all!
\/ Capt. Zap \/
** --------- **
Damm, for no messages, it was very busy for hours at times. Is there something
wrong with the BBS or is it the phone company?
Numb: 20
Subj: Wow, Zap...you man.
From: FRANKEN GIBE
Date: THU NOV 26 6:03:57 PM
I was still away at school when a friend phoned and mentioned that Zap had made
the journal...so I scurried down to the library, and there he was. Black and
white.
Zap a nark? I don't think so...I hope not. From my conversations with him.,
I think the government would be in far more jeopardy with him working WITH
them. Alack. Too much suspicion. Sigh.
What's the story behind PK's resident fed? More rumor, or is there something to
this one? I'm kinda behind on things...
I have to admit, PWN 14 confused me. Were you guys aware that Dan was recording
and stuff b'fore the damn con? I mean, did you have some suspicion? And why
didn't you ever just confront him? Or did you?
But, Zap, congratulations. I'm impressed, I gotta admit. Phone sometime.
Numb: 21
Subj: Wow...
From: THE ALCHEMIST
Date: FRI NOV 27 12:18:27 PM
A lot has happened since I was away. I'm going to have to pick up a copy of
the Journal to find out what all this is about.
Yeah, it does look like the board is dying. Only 35 messages in almost a
month. Oh well, that's life I guess...
The Alchemist
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
I thought his defense should be printed. As stated in Issue #13, Capt. Zap
is NOT a fed/nark/informant/whatever. Atleast that is the common consensus. I
highly doubt that he is and no action should be taken against him. All the
details on the events surrounding the WSJ article are in TNS Issue #13.
