__ _____ __ ___ _ ______ __ _ _ __ ___ / _ __ ____ _ ( ) ___)\ /______ ______ _________ \ / ___ _____ ___)\ ___ __. _____ | /_ \ | /_ / | ___\ | (/ || // _ | | _ __ __ _ _ _\\ | | _______ |:(/ ( ) | | ( ) ) \/_ \ /( )\ ( ) \\| | /_ ____ ||\\ | | | | | | ) ) / ___) \\ | //__ || \\ | | | | | | | | \ (___ __ _ \) | // || \\_ __| |__| |__| | | |_ \_______ __ | |// ____ __/ | \___ ____ _ _ _ _ _ __ ______) | (/ / __ __ )/ \ \| | / / \ \ (\_____/ /___ _ ___ _ ____ \ ) \____ _____ __ __ Pasta Yo _ _ ( 36 ) | | c/a 2.2003. _________________________________________________________________________________ » .- Words from the Editor -. « | *: [-] Introduction ............................................ The Clone :* *: (-) Contact Information ..................................... The Clone :* *: (-) Link of the Month ....................................... STC CREW :* *: (-) K-1ine Mirrors .......................................... The Clone :* *: (-) Protest the War In Iraq ................................. Nettwerked :* _________________________________________________________________________________ » .- Documents -. « | *: (x) 'The Great Canadian Mobile SID Compilation' .............. The Clone :* *: (x) 'The One-Time Pad: What is it?' .......................... DdUcation :* *: (x) 'An Overview of WebServices @ Union Station: Toronto' .... M / P / S :* *: (x) 'Social Engineering Pointers From The Inside Perspective'. Treephrog :* *: (x) 'Text files: your window to a catch-free website!' ....... Axion :* *: (x) 'phlux0rs ph34ky ph0ne tr1xX0rz' ........................ Phlux :* *: (x) 'EM/HERF Weapons - Part 1' ............................... Caesium :* _________________________________________________________________________________ » .- Conclusion -. « | *: [-] Credits ................................................. The Clone :* *: [-] Shouts .................................................. The Clone :* _________________________________________________________________________________ Welcome to the latest issue of K-1ine #36 'Pasta Yo'. I would like to thank everyone who submitted articles to me - you sent me so many! Enjoy this issue of K-1ine zine, and if you forget to send me more articles in the future, I'll walk around the city kissing hands and shaking babies (whilst sucking my thumb)! -` --> Contact Information; Comments/Questions/Submissions: theclone@hackcanada.com Check out my site: (Nettwerked) http://www.nettwerked.net - ----------------------------------------------------------------------- --=[ LINK OF THE MONTH ]=-- Every month I post one really great "link of the month" on every issue of K-1ine magazine. The link can be anything in the technology industry, music scene, rave scene, punk scene, or even a good article you read on a news site. I'll be taking submissions via e-mail or IRC right away; so get your links in and maybe you'll see it in the next issue of K-1ine! For the month of February, the link of the month is: http://www.StealThisComputer.Org/ "Steal This Computer 'zine in affiliation with nettwerked.net's k-1ine, hopes to release a paper and online magazine aimed at those who want to learn more about the world around them. This site will make up a repository for any files they received for the zine so far. They've got a few files in there, and are looking to have a lot more for the zine. So, if you've got a plaintext article on some cool exploit or a piece of valuable or interesting information, please send it their way." [submitted by: Steal This Computer Crew; Colt45, The Clone, Wizbone] -- -- K-1ine Mirrors: http://www.mirrors.wiretapped.net/security/info/textfiles/k1ine/ (Now mirrored in two places, one in Belgium and another in Sydney) "Wiretapped.net is an archive of open source software, informational textfiles and radio/conference broadcasts covering the areas of network and information security, network operations, host integrity, cryptography and privacy, among others. We believe we are now the largest archive of this type of software & information, hosting in excess of 20 gigabytes of information mirrored from around the world." -- http://www.hackcanada.com/canadian/zines/index.html#K-1ine Hack Canada - Canadian H/P - E-Zines -- http://www.stealthiscomputer.org/k-1ine.html Steal This Computer - K-1ine Archive --- Protest the War In Iraq Nettwerked has always been about communication and about dialogue. We're against any war and violence, as long as talk is still possible. On the 15th of February, millions of people around the world will take part in anti-war protests. More than half a million people are expected to take part in an anti-war march in London, England alone to protest the war against Iraq. Be one of them. See the Wage-Peace.org website to find out about protests in Nettwerked headquarters of Edmonton and across Alberta. For more information on other protests across the world, be sure and visit IndyMedia.org. O O \ / \ / \______/ _____________/______\_____________ | __________________________ ___ | | | || || | | | / /| | |\ | (36) ||ooo|| | | |/ _ | | | \ | __ ||O O|| | | |\ | | | \| /__\ ||O O|| | | | \ _|_ | | \ \__ ||___|| | | | | | | .: coming to a cable :. | === | | | .: network near you :. |=====| | |__________________________| === | |__________________________________| \./ \./ - Wizbone `03 --> The Great Canadian Mobile SID Compilation Date: Sunday January 19, 2003 By: The Clone (theclone@hackcanada.com) URL: http://www.nettwerked.net/ -- [ What's a SID? ] Cibernet Corporation's definition of a SID (System IDentification) is: "The SID is a 15-bit binary number that translates into a five-digit decimal number. In all ANSI-41-based systems, the SID is used to notify wireless users as to whether they are in their home area or roaming. When operating, the mobile handset compares the SID initially programmed into the handset to the SID broadcast by the serving system.s cell sites. If the SID broadcast by the cell site matches the SID programmed into the handset, then the 'home' indicator on the mobile handset will be illuminated. If the SID broadcast by the cell site does not match the SID programmed into the mobile station, then the 'roam' indicator on the mobile handset will be illuminated. The intent of the 'roam' indicator is to notify the wireless user that additional roaming-based charges may be applied for usage on the serving system. Because each SID is unique to a particular operator, the SID is also used to properly route roaming call records for billing among roaming partners." Credit -- caesium for the additional SID HEX conversion Note -- If you find any outdated SID's on this list, or you want to contribute more valid SID's, please contact me at the e-mail address above. _________________________________________________________ Carrier Name | SID HEX | SID DECIMAL --------------------------------------------------------- Bell Mobility (Ont.) 4024 16420 TB Tel Mobility 4022 16418 Bell Mobility (Queb) 4024 16420 QuebecTelM 404A 16458 BCTEL Mobility (Telus) 4026 16422 MT Mobility 402C 16428 MT&T Mobility 4006 16390 BCTel Mobility (Telus) 4018 16408 NewTel Mobility 401E 16414 Island TelM 402E 16430 SaskTel Mobility 401A 16410 TELUS Mobility 4000 16384 TELUS Mobility 4004 16388 TELUS Mobility 445C 17500 Rogers AT&T 4007 16391 -- All known Rogers AT&T SID's in Canada: ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ ALBERTA; Calgary 4003 16387 Edmonton 4007 16391 Lethbridge 4059 16473 Medicine Hat 40BD 16573 Red Deer 403D 16445 ----------------------------------------------------- ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ BRITISH COLUMBIA; Abbotsford 4029 16425 Campbell River 4111 16657 Chilliwack 404D 16461 Courtenay 4115 16661 Kamloops 408F 16527 Kelowna 4089 16521 Nanaimo 403F 16447 Parksville 4113 16659 Penticton 408D 16525 Port Alberni 415F 16735 Powell River 41A5 16805 Vancouver 4029 16425 Victoria 402B 16427 Whistler 404F 16463 ----------------------------------------------------- ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ MANITOBA; Brandon 4057 16471 Steinbach 4051 16465 Winnipeg 402F 16431 ------------------------------------------------------ ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ NEW BRUNSWICK; Bathurst 40DF 16607 Bristol 4123 16675 Chatham 40E1 16609 Dorchester 4063 16483 Edmunston 40EB 16619 Florenceville 4123 16675 Fredricton 4055 16469 Grand Falls 41B3 16819 Moncton 4053 16467 Newcastle 40E1 16609 Richibucto 421B 16923 Saint John 401B 16411 St. George 4219 16921 St. Louis De Kent 421B 16923 St. Stephen 41C3 16835 Sussex 4075 16501 Woodstock 40DB 16603 ------------------------------------------------------ ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ NEWFOUNDLAND; Clarenville 4133 16691 Saint Johns 4021 16417 ------------------------------------------------------ ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ NOVA SCOTIA; Amherst 405F 16479 Antigonish 410D 16653 Barrington 41F3 16883 Berwick 40E9 16617 Bridgewater 40D7 16599 Chester 406F 16495 Digby 4197 16791 Greenwood 40E9 16617 Halifax 4009 16393 Kingston 40E9 16617 Kentville 40E9 16617 Liverpool 419B 16795 Musquodoboit 41F5 16885 New Glasgow 4097 16535 Port Hawkesbury 40CF 16591 Saulnierville 421F 16927 Shelburne 4223 16931 Shubenacadie 405B 16475 Sydney 4189 16777 Truro 405B 16475 Windsor 40E9 16617 Yarmouth 4199 16793 ------------------------------------------------------ ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ ONTARIO; Barrie 4033 16435 Belleville 4041 16449 Brantford 4035 16437 Chatham 4049 16457 Cobourg 4065 16485 Collingwood 405D 16477 Cornwall 4043 16451 Hamilton 400B 16395 Hespeler 400D 16397 Kingston 403B 16443 Kitchener 400D 16397 Leamington 40C3 16579 London 400F 16399 Newmarket 4027 16423 Orilla 407D 16509 Oshawa 4013 16403 Ottawa 4015 16405 Peterborough 4039 16441 Sarnia 404B 16459 St. Catharines 401F 16415 Sudbury 4023 16419 Toronto 4027 16423 Windsor 40C3 16579 ------------------------------------------------------ ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ PRINCE EDWARD ISLAND; Charlottetown 40D3 16595 Summerside 411B 16667 ------------------------------------------------------ ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ QUEBEC; Chicoutimi 4005 16389 Joliette 411D 16669 Montreal 4011 16401 Quebec City 4017 16407 Sherbrooke 4037 16439 Ste. Marie 4061 16481 Trois Rivieres 4031 16433 ------------------------------------------------------ ______________________________________________________ City Name | SID HEX | SID DECIMAL ------------------------------------------------------ SASKATCHEWAN; Regina 4019 16409 Saskatoon 401D 16413 - - --- I only realized that "coodies" is a fake disease last week --- The One-Time Pad: What is it? By DdUcation http://www.to2600.org 1.1 "Introduction" 1.2 "How Does It Work?" 1.3 "The Random Number Problem" 1.4 "The 'Delivery of Pad' Problem" 1.5 "Public-Key Encryption And The One-Time Pad" 1.6 "Who Uses it?" 1.7 "Conclusion" 1.8 "Shoutouts!" 1.1 "Introduction": It has been called the "perfect encryption scheme" by more then one cryptography expert, but (as we will soon see) nothing is perfect. Invented in 1917 by Major Joseph Mauborgne and AT&T's Gilbert Vernam (notice: unlike many other papers I have read, I have NOT cited the Russians or the Soviet Union as the original authors!) the One-Time Pad is a simple and unbreakable encryption scheme. Simple enough to be used by an elementary-school graduate, and supposedly unbreakable by any of today's current technologies. The One-Time Pad gets its name from the fact that it was originally a key, written down on a pad of paper, used to encrypt and decrypt messages sent back and forth between military personnel. 1.2 "How Does It Work?" The One-Time Pad is a surprisingly simple "Substitution Cipher" in its functionality. First, write your message. Then write down a series of characters from the alphabet which are completely random and as long, if not longer, then your message. This series of characters is now your key. Now assign numbers to each letter in the alphabet (i.e. 1 to 26) Now the cryptographer uses one letter from the key, for every letter in the message, with the formula: K = Key character, M = Message character, C = ciphered character M + K mod 26 = C So the cipher text is the message text + the Key text modulo 26. "What the hell is 'Modulo'" you ask? Modulo is concept used in Number Theory. Let me give you an example. If we have the number 8, then we say "8 mod 26 = K", then K = 8-26 = -18 = 1*-18 = 2*-9 etc. Where 8 mod 26 is always equal to the second number in the multiplication (i.e. -18,-9). And so 8 mod 26 = -18 or -9. In the examples here we will say that 8 mod 26 = -18. If you still don't understand then I suggest you google search for "modulo", or simply goto http://www.cacr.math.uwaterloo.ca/hac/ and download the chapter 2, which talks about the Mathematical Background. Back to how all this junk works: So if we assign the number 1 to 26 to all the letters in the alphabet (where A=1...Z=26) and then take the message: ONETIMEPAD and the Key: TBFRGFARFM And M+Kmod26 =O+Tmod26 =15+20mod26 =15+(20-26) =9 =I Therefore C = I Following this formula for each and every letter we get C= IPKLPSFHGQ to decode we simply reverse the process: as M + Key mod 26 = C Then as C - Key mod 26 = M "But wait a second. This is just a simple Substitution cipher, what happens if someone finds out what key I'm using?" They can't, because after you're done encrypting and decrypting the message, you destroy the portion of the Pad from which you've taken the key. Thus you never reuse the same key twice (that's the idea anyway) and there are no patterns or correlations which can be made from one letter to the next. So even if an individual were somehow able to find a copy of the message and the cipher text, there would be no way for them to decrypt future intercepted msgs which were encrypted. The most amazing thing about this is that for different keys and cipher text combinations, come different decrypted messages! For example, taking the ciphertext which we got from the message "ONETIMEPAD", and decrypting it with a different Key, we get a phrase which makes sense, but is not the original message: C = IPKLPSFHGQ K = POYYAEAAZX which decrypts to : "SALMONEGGS" NOT "ONETIMEPAD". And so even when supposedly logical data is extracted from the ciphertext, the one-time pad still keeps it's original message secret. 1.3 "The Random Number Problem" Despite the appearance of complete security and perfect cryptology, there are some essential problems with One-Time Pads, the least of which is the user's ability to access a reliable source of random characters from which to construct the Pad. If there is ANY pattern held within the key which (after several attempts and examinations of separate messages back and forth between individuals) can be revealed by a cryptologist, then the jig is up. After discovering any kind of pattern in the supposed random pad, a good cryptologist can then exploit that to decrypt a series of messages wherein this pattern lays. While I acknowledge the strictly theoretical stance I am taking, it must also be noted that as we advance further and further technologically, the possibility of the theoretical occurring comes closer and closer. In any case, it should be noted that a proper One-Time Pad is completely random, and that anything less then that would be potentially crackable. 1.4 "The Delivery Of The Pad Problem" Another inherent difficulty lies in the delivery of the pad itself. While several supposedly secure protocols have been established for the transferring of keys and passwords (i.e. Neuman-Stublebine, Multiple-Public Key protocols etc.) they are slow, tedious, and exploitable. The difficulty with the one-time pad is that if at any point a large section of it should become accessible to outsiders (without the user's notice) then the entire system's privacy is immediately compromised. 1.5 "Public-Key Encryption And The One-Time Pad" Currently the most widespread protocol in transferring keys for cryptography is through Public-Key Cryptography Protocols. Public-Key Cryptography, while being essentially secure, can be compromised should an individual gain access to the KDC, or load key-logging programs onto the computers of individuals who use it. In addition it could be suggested that those parties who use One-Time Pads are most probably utilizing Public-Key Cryptography in order to transfer those Pad files. And so we see how it may be possible to access the One-Time Pad files which are essential to the secure transmission of data across such a network. 1.6 "Who Uses It?" It has been suggested, and there is a great deal of evidence, that the military is a primary user of One-Time Pad cryptography. One-Time Pad's are NOT practical in any sense of the word. They require extremely tight protocols and the mathematical know-it-all to pull off a completely random key generator which will go forever. I suggest that only government would bother with such large expense for secrecy. 1.7 "Conclusion" In conclusion, when dealing with one-Time Pad use, special attention MUST be paid to randomization, and ESPECIALLY to the protocols and security measures put in place to keep the Pad a secret. One-Time Pad's are completely impractical unless the most extreme cases of privacy are necessary. If you're interested in learning more about cryptography I would strongly suggest "Applied cryptography" by Bruce Schneier as it's where I got the Keys and Messages which I used in the example. PEACE! 1.8 "Shoutouts!" and add shouts. because shouts are fun I'd like to give shoutouts to dec0de, theclone, Kris, caesium, grinthock, HiMY, to2600, barrie2600, my Dad (because I love him and he's in the hospital after suffering a heart-attack) edited by dec0de --- An Overview of WebServices @ Union Station: Toronto Discovered and Explored by: Magma / p1asm1c / shadow Written by: Magma (magma@ghu.ca) Down on the first floor of Union Station in downtown Toronto you'll find a few pico like computers (remember pico, the Sega learning toy from a few years ago?). These computers have been dubbed "web terminals" which are said to be fancied by digital lifestyle users and miata-driving-pumpkin-pie-hair-cutted-freaks. In short, tech geeks, business folk and likely students will find these interesting. Here is a picture. http://www.nettwerked.net/union_webterm.jpg They are produced by a company called King Canada, you can visit their site at www.kingcanada.com. You'll notice that the terminals in Union are not part of their standard product line. These custom build terminals are named cc100. Which interestingly enough share the same name as a chicken control unit. The cc100 terminals are very similar to your computer at home, only these are rubberized and are Smokey the Bear approved. The OS of choice is Windows 2000 and have a modified version of IE running. Most users will likely use them for e-mail and reading the latest on cnn.com. I know I do. If you're smarter than the average bear you'll be able to use these for more then that such as ssh or whatever other protocol that floats your boat. One thing that could lead to major problems for Bell is if someone were to use these terminals as a launching pad for something unfriendly and stupid. My guess is that they are hoping that won't happen since there isn't anything preventing such actions. A recent incident in the UK has come to light where someone is harvesting online banking information from kiosks similar to the ones found at union and other locations. If I were to use e-mail off of one of these kiosks it would be off of some hotmail account and not include anything important. Here are the Ip and Phone numbers for two of the web terminals found in union station. Downstairs: IP - 64.229.52.178 Phone # - 416.861.9462 Upstairs: IP - 64.229.58.77 Phone # - 416.861.1730 Note: there are more than two web terminals found. This is just a sample. Here is the spec sheet for the Web Terminals found: 15-inch active matrix liquid crystal display, XVGA (1024 x 768 pixels) Ruggedized touch screen Intel Celeron 533 megahertz processor or higher 128 Megabytes RAM standard 6 Gigabytes hard disk standard 128 bit graphic controller MPEG 2 hardware assist Camera option for video mail or conferencing Stereo sound, with volume control Hardware watchdog AC power supply Locking mechanism Windows 2000 Professional operating system KINGnet. Terminal client software option Numerous network interface types: ADSL, analog, ISDN, voice/data, Ethernet, etc. Optional keyboard and pointing device Optional card reader Optional telephone handset and hook switch Available options include: Additional RAM Card Reader (various types) Bill Acceptor (various types) Coin Safe Payment Management Software Video Conferencing Voice over IP Free Bell Canada wireless access. Back on December 10th, 2002 there was a press release indicating that Bell will be piloting a test project that brings several free 802.11b access points to the Ontario corridor. Two of these access points are located in union station in downtown Toronto. These two will be the main focus of this article. http://www.nettwerked.net/union_ap2.jpg The above picture shows the oversize access point. I think it looks like something out of Apple = ). The large size over the access point serves two purposes. Firstly, the wireless "box" contains an access point, a DSL modem which plugs into an existing Cat III voice and DSL line that is there for payphone services. Secondly, the large size should get the attention of most Bay Street types who like everything big. I'm sure over time as these access points (perhaps using a different protocol) become common place and the technology improves the size will go down. You'll notice that it doesn't have any ports, card readers or coin slots leading me and others to believe that when the system goes active as a pay-for-use product it'll require a credit card to use. If, however, there is a subscription option those users could pay by other methods. In either case, users would likely be tracked by a their MAC address, a user/pass login or both. You'll also notice that some people have crammed coins between the molding of the access point and the pro- tective plastic. Perhaps to wish good luck upon wireless technology = ). http://www.netttwerked.net/union_ap.jpg Bell is being very vague about what security measures they are going to be using or are using. WEP isn't enabled for obvious reasons (WEP is pointless if the service is to be given out). As with Bell's Wire- less Access points these products could be used for something under- handed, something devious, something as the french would say; bartesque. There is talk that Bell will be one of the first companies to roll out with access points that implement Wi-Fi Protected Access (WPA). Wi-Fi Protected Access uses temporal key integrity protocol (TKIP) that generates new keys every 10k that is sent across the network. Where as WEP only generates one static key. Here is the IP for one of the access points found. IP - 67.69.0.58 You'll also notice that on 67.69.0.58 8080 there is a webserver happily chugging along. Here is also a snip from a kismet scan from shadow's laptop. The Simple Service Discovery Protocol (SSDP) discovery service: This service discovers Universal Plug and Play devices on your home network. Source: 192.168.1.1 00:40:05:bd:c9:01 --> Router Destination: 239.255.255.250 ff:ff:ff:ff:ff:ff --> Broadcast Here's the info from the Kismet logs: Network 2: "BELL-ACCESSZONE" BSSID: "00:0B:46:AA:A1:62" Type : infrastructure Info : "None" Channel : WEP : "No" Maxrate : 11.0 LLC : 8751 Data : 799 Crypt : 0 Weak : 0 Total : 9550 *** Note: the date and time has been removed since I don't wanna be made from security cameras. Address found via DHCP 192.168.0.100 To conclude, I'd like to say i'm very happy about such products coming into the public domain. The services they offer are rather cheap when compared to a phone call considering the resources used and such. The upside or downside, depending on which side of the fence your on, is that terminals and access points that are in such busy areas and do not require ID may lead to some silly antics. Having said that, I'm not gonna say anything like "terrorist could use these to take over the world ..." I'm just saying that with a little luck and a keen eye for cameras and security goons one could pull off a pretty decent dog and pony show. EOF ........................... Here are some links. http://www.ghu.ca/ http://www.packetninja.ca/ http://www.nettwerked.net/ http://www.to2600.org/ ---- what ever happened to iop? did he die? he was good material fuck iop in his little lame cornhole he isnt important I think he might've realized that he was the 2600 equivalent of the "village idiot". --- Social Engineering Pointers From The Inside Perspective by Treephrog Feb. 6/03 Disclaimer: All information contained in this text file is for edu-tainment puposes only. Any and all resemblences to any real persons or acts is strictly coincidental and/or fictional. I do not condone breaking the law, and you cannot hold me or anyone else besides yourself responsible for the consequences if you choose to act upon anything you read here. By reading beyond this point, you agree to this. If not, don't read anymore. Go back to the construct. There. With that said, I'll start with a quote: "Life is short; pray hard." - Treephrog (No apologies to Reebok; deal with it.) Ahh, hell, I'm feeling generous, have another: "Life is about three things; attitude, knowledge and perception." - Treephrog Shouts & Greetz: Cyb0rg/asm (Many Thanks) The Clone (Many Thanks) H410g3n (Inspiration & info) Grease (Mah blood, keepin' me real) The P0pe (what's up?) Untoward (u still there?) The Hack Canada, Nettwerked and All 902's, if there are any besides me... :/ Essential Linkage: http://www.hackcanada.com http://www.nettwerked.net http://www.h410g3n.com http://www3.ns.sympatico.ca/grease/ /Start file Social Engineering takes on a whole new light when seen from the other side, i.e. when you are one of those people who are being engineered. I know this first hand, because I've spent the last few years in one of those positions, and being around others in those positions. So before you say, "Ahhh, shit, I just downloaded/opened yet ANOTHER social engineering how-to!", listen up. Because you probably haven't seen it from the vantage point I'm about to show you. Some simple guidelines Social engineering falls into 2 classes; visible and invisible. I will deal with the invisible first, since it's the easiest of the 2. Invisible Social Engineering This is a caper where you are never seen by the person/people you are interacting with, i.e. over the phone or through e-mail, snail mail, etc. This is the far and away easier of the 2, as there is no physical side to it, only the mental side. Here are some things to keep in the frontal lobe when dealing in this area: - Relax. Not relaxed, go to jail. - Okay, no really, I mean it this time, relax. The first thing that's going to get you busted is tipping off the other party that you are not comfortable with what you're doing or talking about. Not relaxed, go to jail. - Study. Yes, boys and girls, 'fraid all your teachers were right. There's no sub- stitute for homework. You want this scheme to work, be prepared. Prepared to read, watch, learn, and wait. Patience is key. Know as much about your mark as possible. When you think you know enough, you don't. Explore all possible avenues of intell- igence gathering. Only when you are uber-confident in your knowledge can you proceed. No patience, go to jail. - It's 90% likely that the person(s) you're going to be dealing with do not give a shit. About their job. About you. About your questions. About anything. They, like everyone who is underpaid and punches a clock, and just want to go home. It's just another day in paradise for them. You are but a minor annoyance/distraction in their schedule. The key is to treat the situation like you're dealing with the other 10% that do give a shit. Get slack, go to jail. - For arguments' sake, let's assume that you are pulling a caper involving a phone conversation. This is good, because it's common. The first thing you need to do is figure out who's going to answer on the other end. Is it a secretary? Is an op (sysop? voice operator?) of some sort? You need to figure this out for a number of reasons, the primary reason being this: you need to figure out who you need that person to think you are to make them do/say what you want. Don't study, go to jail. DO NOT GO OVERBOARD! This is so important I could have cardiac arrest stressing it, and still not get my point across. It is crucial when you identify yourself that you are only 1 or 2 levels above that person. Why? Any higher, and why would you be calling them? Why would the CEO of ACME Insurance call the front desk secretary to transfer him to the 10th floor boardroom? He wouldn't. But, 'Forgetful Frank' the network admin who's remote admin'ing from home because he's sick might call in and ask for the fax number to the 6th floor managers' office because he needs to get his weekly audit in right now, oh, and by the way, could you give me one of the numbers for the dial-in to the LAN? I left all my paperwork in the cubicle... go overboard, go to jail... ... which raises another good point. - It's always better to ask for 2 or more pieces of information. If you're looking for info, the best way to get it is to ask for it in 2 stages. First ask for 1 or 2 pieces of information that you know the person is definiely allowed to give you. Keep it simple and straightforward, but let them give you the information, don't finish the sentence for them or correct them, let them feed it to you. This is valuable because it subconsciencely makes you trustworthy in the marks' mind. Don't ask me why, I'm not a headshrinker, but once the person gives you a couple of essentially useless pieces of information, then in their mind it's okay to give you more. See the example in the above paragraph. Trust me, I've used this, it works. There's no end to the phun you can have if you're relaxed, prepared, and know what you want. Example: Operator: Hello, Operator. You: Hi there, this is Joe with (Local Telco Name). Did someone change the ANI for the 555 exchange, because the one I've got written down here, 555-6666, isn't working. Operator: No, I have it listed as 555-7777. You: (muttering under your breath like you're writing it down)... 7 ...7 ...7 ...7 great, thanks a lot, and by the way, can you put me through to (777)222-3333? This customer says is his long distance isn't working, he's been trying to get through for 3 or 4 days now. Operator: No problem, one moment please... You: Thank you... Congrats on engineering your first long distance call. Of course, be careful where you call from and what number you call to. *grinz* Now, one last tip before we move on, and this is a biggie: be firm, yet polite. Manners, manners, manners. It will surprise you how much smoother everything will go with a few well placed "thank you"'s... but be firm. Make it sound like you know exactly what you need, you're in the tiniest bit of a rush, and you'd appreciate no hassle. Be rude, go to jail. Visible Social Engineering This is the more difficult of the 2, and may involve some cash flow, but it should be minimal. The scenario is that you want access to a place that normal people can't/aren't allowed to go. The telco room of a very large apartment building, say. Bet you'd just love to spend an hour in there with your digital camera and/or camcorder. Here's how... - Remember the first rule? Relax. - Now learn. Watch your local telco guys in action. Look at what they're wearing. Pay attention, take notes if you must. You're going to have look reasonably close to how they look. Do they wear coveralls or kahkis? Around here, coveralls or blue jeans and a t-shirt means CATV, kahkis means telco. Of course, you should already know this because you watched them get out of the van. I'm not going to go into detail as to how get your hands on the appropriate clothing, other than to say a friend of a friend of a friend tailed one guy back to his home, watched to see when his wife did laundry, and snagged the coveralls off the line. Free coveralls, and lemony fresh to boot. Bonus points. No research, go to jail. - Footwear must be workboots. Non-negotiable. If people see you wearing workboots, they take you a lot more seriously. Once again, I'm not a head-shrinker, don't ask me to explain, but it's true. Seems wearing workboots means you're going to be phucking with some heavy-duty shit that they don't know phuck all about, so it seems prudent to ask less questions and give more answers. Which is what we want. Inappropriate footwear, go to jail. - A tool belt. Once again, mission critical. This is a must have. Populate it with your favourite flavours and colors of screwdrivers, wrenches, a highly visible multi-meter is total bonus points. No props for the act, go to jail. - None of this stuff can look new, including you. For the overalls/jeans/t-shirt, that's not too hard. Roll 'em in the dirt, wash and repeat as necessary. Workboots, well, believe it or not, the best thing I have found is running over them with a car. Don't laugh, it works. The toolbelt is going to be a bastard, I can tell you from experience, those phuckers take FOREVER and a day to break in. Try the car, see if that works. Grow some scruff on your face, make sure you've got some hair out of place. Want to test it all out? Ask a friend to meet you in a semi-busy place, wear your outfit but don't tell him, and see how long it takes him to pick you out. The longer, unless your bud has great peeps, the better your outfit is. If your outfit doesn't look like you've worn it everyday for the past year, go to jail. - ID tags and such can be a real pain in the ass. Either be prepared to make some really convincing home-made ones,or be prepared to have a really good cover story. Either way, in our secenario of the large apartment building, it's probably a non-issue, but be ready to deal with it anyway. No ID or no cover story, go to jail. - A cell phone would be almost mandatory. Doesn't even have to be activated, just make noise when you press the buttons. This comes into play later. So, you're all dressed up like your average, everyday telco guy. What now? Stroll into the building like nobody's business. Check out the intercom. Find the superintendant on the panel. For the love of God, make sure he doesn't KNOW you! Buzz him, remember he may be watching on you on closed circuit. Conversation follows: Super: Hells Gates Apartments, Frank speaking. (If he's a total knob, you get, "Hello?") You: Hi there, it's Mike from (local telco). We've got a trouble call on the street feed in the main telco room, and a couple of tenents with no incoming phone service. Could you meet me in the lobby and let me in the telco room?" *Conversation goes one of two ways here. 1. Super: Sure, hang on. You: Thanks... (Buzzes door to let you in, or hangs up and lets you in when he gets to the lobby.) OR 2. Super: You guys have keys, just let yourself in and do what you gotta do. You: We do have keys, but I don't have them, this is a trouble call and the keys are on another truck. They were supposed to call ahead and let know. (If you managed to get a real prick) Super: No one called me. You: They must not have called yet. Look, can you let me in? You've got tenents with phone problems, and I've got to get it fixed in case of an emergency. Super: (grumbling) Okay, hang on... You: Thanks... Now, when he gets to the lobby, have your shovel ready. You were up a pole on the other side of own, and you got the call, no paperwork for the job, not even sure what you're looking for, FIRST TIME IN THIS BUILDING, hope it's something simple, has he had any tenents complain about phone problems, etc. blah, yadda, blah. The main point is to let him know in a subtle way that you've never been in this building before. When he first comes down to the lobby, after he's started gabbing a bit, he probably start heading for the telco room. Follow him, walk and talk. Supers are busy people (or tend to think they are), so he'll want to get this overwith quickly. When you get inside the telco room, become all business. Inspect this, fiddle with that, mumble to yourself a lot, trace wires from one place to another. He'll probably just let you in and say something to the effect of, "Lock it up when you're done," or, "Let me know when you're done so I can lock it up." Then he'll rush off to plunge a toilet or something. If he looks like he's sticking around, pull out the cell phone. As you're pulling it out, and making a big deal of dialing it, tell him the job could take 10 minutes or 2 hours, you're going to have to phone this one in. That will probably make him run for the hills. If he's an uber-knob, and is still hanging around, your one sided phone conversation will go like this: You: Hello, central office? Can you put me through to provsioning? Thanks. (4 second pause) Hello, provisioning? This is Mike and I'm at (address) on a trouble ticket. Got it? Great. How many pairs coming into this building? 750? Okay, where do you want me to start the count? Pair 62? Okay, hang on... At this point go to the biggest bundle of telco wires you can find, and make a big show off counting them. If this doesn't make him leave, congratulations, you've found a certified crazy for a super. Pretend to get cut off, and tell him you have to call them back from outside, and bail... Anywho, I'm confident he'll leave well before any of this stuff takes place, so you're in the joint, you've got the place to yourself, have phun, explore, and tell us all about it. By the way, relax. Tha 'Phr0g --- http://freshmeat.net/projects/moron/?topic_id=100%2C893 haha I love free software acronyms. "Moron" I can't wait till I have fuckover access again --- .._____________________________.. ./=============================\. (( Text files: your window )) || to a catch-free website! || || by Axion || || axionrising@hotmail.com || (( http://axiontel.tk )) `\=============================/' ``~~~~~~~~~~~~~~~~~~~~~~~~~~~~~'' Introduction: ~~~~~~~~~~~~ I've noticed over the last few years that as the web gets more and more commercial, you're seeing far fewer "free" webspace providers out there; and the ones that still exist are often very annoying to use - what with the growing number of forced pop-ups & hotlinking restrictions for image files... Being the cheap bastard that I am, I've never been able to just give up and PAY for web-hosting services, so I've been stuck having to settle for 3'rd rate hosts like 0catch.com and Geocities.com for my websites. Sadly, my penny-pinching ways have meant that my website has been littered with ads for webcams and online casinos. On top of this frustration, most of these free providers have filters to prevent people from hotlinking to images hosted on their servers. Now, I don't know about you, but my idea of a good time on a Friday night consists of hanging out at message boards and posting photoshopped pictures of George Bush with a penis in his ear. So obviously, this whole hotlinking issue is an ongoing battle for me. Well, it just so happens that I've found a solution to both of these problems, and the key lies within the most basic of all computer files, the unformatted .txt file... Problem 1 - Hotlinking: ~~~~~~~~~~~~~~~~~~~~~~ As I've said, I have a real penchant for going to message boards and posting animated gifs of Optimus Prime trans- forming. Using your average free webspace provider (Geo- cities in this example), their servers' software would detect that you were hotlinking to an image file, and you'd just end up seeing an error message rather than the intended image. As a message board moderator, I've noticed that the most popular avatar among most posters is a tiny white square with a tiny red "x" in the center. After the usual self-righteous teasing on my part, I'll explain the same process I'm about to describe here: Step One: Using Internet Explorer (or whatever web browser you use), open up whatever image it was that you wanted to store online. Step Two: Click on "File", then "Save As". Select an easy to remember location to save your file, like Desktop. On the bottom of that window, you'll see two options: the one on the top is for altering the file name, and the one below it is for choosing a file format. Just disregard that last one: we can force a format upon a file simply by typing the file extension after the filename. (Note: If this doesn't work for some reason, just select "All Files" and proceed with my instructions.) For the image's file name, type in "example.txt", then click "Save". If you look at your Desktop now, you should see the example.txt file, complete with a .txt file icon. If you try to open the file by double-clicking on it, you'll just get a bunch of nonsense hex code - don't worry about that. Just leave the file alone and move on to Step #3. Step Three: Assuming you've already got an account at a free webspace provider, go to that site and log into your account. Go to your file manager, and upload the .txt file from your desktop. Step Four: Sit back and drink a cup of coffee, then type the address of your newly uploaded .txt file into the address bar of your web browser. Be careful not to spill your coffee all over when you excitedly notice that you're viewing your image in all it's glory - even though it's technically a .txt file. Step Five: Go to your favorite message board, and create a post with your new image embedded. The formatting codes differ from board to board, but your post should probably be something like this: [IMG]http://geoshitties.com/me/example.txt[/IMG] Now, you might be left wondering: 1) Why would the .txt file show up as an image, 2) Why doesn't it get picked up by the hotlinking filters, and 3) "Why the hell didn't I think of that?!?" The reason for the image showing up properly is because by saving your image as a .txt file, the image's hex remains completely unformated, and can be converted back to an image format later on without damaging the file at all. When you open that .txt file using your web browser, the browser software identifies the hex as being an image file, and will automatically convert it into a viewable form. (This is the same reason that your web browser will display a web page in HTML format, rather than just opening up the source code in a raw text format.) And since webspace providers are only really worried about people hotlinking to image files - since it eats up your bandwidth quickly; they could care less about someone linking to a measly little .txt file. So far, I've yet to find a free provider that wouldn't let you hotlink to a .txt format image file, not even geocities or angelfire. Problem Two - Those Pesky Ads: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ It's almost impossible these days to find a free webhost that provides a half-decent amount of storage space, without littering your website with pop-ups and banner ads. The webspace provider will definately force ads upon any HTML files you store on your account, but they usually won't force ads on regular .txt files. Why not? Because in order to include an ad in one of your files, they have to alter the format to HTML and include the link to the ad in the source code. This creates an obvious problem, since converting a .txt file to a .html file will really mess up the formatting, and the text won't show up properly. You'll already know this if you've ever tried including some of your mad ASCII art in one of your site's pages. I'm sure by now most of you have already figured out what I'm getting to, but I'll explain it anyways... Write the source for your webpage as per usual, but instead of saving it as an HTML file, save it in .txt format. Upload it to your website's account, and reopen it using your browser. As you'll see, your page is now completely ad-free, but it diplays as a proper HTML file. This works for the same reason the image trick works - the source remains intact, and your browser displays it in all it's glory. The only real problem with this is that you can't display images on your webpage... However, if your website is an H/P site, you most likely have no real need to be embedding images into your website anyways, unless it's to show off your wikkid logo on your index page. If it's that important, then just get off j00r lazy ass and code yourself an ASCII logo. Besides, that'll just make you look more 1337. If you really need to use an image for something, there's no reason why you can't just link to the file using the "A HREF" tag. Problem Three - Your Awkward Domain Name: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Now that you have a great new website, you might want to get yourself a new domain name. There are two reasons for this: First, using http://geoshitties.com/me/index.txt as your website address will mean that nobody will ever bother remembering the address. Secondly, and more import- antly, when you type in a website address (i.e. 2600.com), your browser will by default search for the index.html page at that domain. And since we're using text files, you'll just get a 404 message if you type in http://freepage.com/me To solve this, just get yourself a new domain name, and redirect everything from there to your index.txt page at the free webhost. From that point onward, you can just give your new domain name to people, and your page will launch from the index.txt page. But what if you don't want to pay for a .com address??? Worry not, there are actually a few domains out there that will let you register a domain name of your choice for free. For example, my page can be reached at http://AxionTel.tk ...To register a .tk domain for free, just go to http://dot.tk and fill out the required fields. Note: If it turns out that the redirect doesn't work for you, your webhost is probably a nazi & won't allow you to hotlink to text files. Don't worry - there are oodles of webspace providers out there that will let you hotlink to .txt files; as of the date this article was written, Geocities was just fine with it. Conclusion: ~~~~~~~~~~ I don't think this would technically violate the Terms of Service at your webspace provider, since none of these providers would have thought of these exploits yet. But just to be on the safe side, you might want to create a fake index.html page just so that your account doesn't get flagged. Aside from that, you should be able to have an ad-free hotlink-able webpage for months or years to come. Enjoy! 01.31.03 --- its time for another edition of: phlux0rs ph34ky ph0ne tr1xX0rz __________________________ for this chronicle we need; -A phone book from a payphone, one of those big tough metal and plastic ones -A laptop smaller than the phone book -essence of the time we are going to make an eleeto burrito security minded laptop case. i will be doing this when i get my laptop so if you think it is queer i will fucking club you down with it and take pictures _________________________ blessed be, a laptops glee! give him love, and thus cherish... thou wilt not flee. because it is christs wish. -phlux's phone book 13:37(page 666(ironically it is the yellow pages first page listing for 'cellular telephones' if you count every preceeding page in the april 2001 your source camrose edition of the telus directory. UNF) it is 6:06am and i have 60 minutes left until it is 7:06am 666 (6th hour, 60 minutes & another 6 minutes is three sixs'(!)) 555+111=666! 13*37=481 481+185=666! i am listening to 666-Devil.mp3 (mark of the beast=666(!)) ____________________________________ 3d ascii(stfu it makes sense to me): X<-bad ass security chain(&shoulder strap) x X _____________________________________ x | _________________________________ | X | | | | x | | xXXXXXXXXXXXXXXXXXXXXXXXXXXXx | | X | | X loose pages here X | | X | | X (cushioning) X <-----the actual phone book x | | X ....maybe you could X | | X | | X write notes in them X | | x | | X or stash diskettes & X | | X | | X your g/fs pic X | | x | | xXXXXXXXXXXXXXXXXXXXXXXXXXXXx | |<-plastic cover X | |_________________________________| | x |_|_________________________________|_| X | | | | x|=|=============spine===============|=|<-metal binding |_|_________________________________|_| | |_________________________________| | | | xXXXXXXXXXXXXXXXXXXXXXXXXXXXx | | | |# X X# | | | | X hole cut in phone book X | | ComboLock>& |# X (lappies new home) X# | &<-another comination | | X X | | lock(locks the covers tighter | |# X X | | then a tuna cheese melt | | X X | | sandwhich) | | X X | | | | xXXXXXXXXXXXXXXXXXXXXXXXXXXXx | | | |_________________________________| | |_________________ _ _________________| |&|<-hinged cover key lock the explanation: # = rerouted parallel/serial/modem/a/c adapter ports and such. (hidden from view); the swivel attached to the metal spine and the actual booth needs to be removed. in its place(by the hole left from the swivel) another hole should be drilled beside it, this way you can use another key lock and attach a big ass chain, so you can chain the whole fucking thing somewhere, or just hang it from your neck/shoulder like one of those hippie note book cases. Idealy it should be concealed by a trenchcoat. or you chould just wrap the chain around the book itself and use the front hinged cover key lock marked in the ascii and strap it to your body or something. or you could just use the locks already inplace for the shoulder strap, but 2 combos and 2 key locks would be moresecure in some situations. ______________________________________ considerations: measure twice cut once. your going to need to need to reroute the laptops fan duct, i/o, floppy drive, etc. Therefore this project is best suited for a field phreaking hax0r laptough book arrangement of the sorts and not for playing counter strike on. oh a track ball set in to the glued pages would be sexy If the hole cut into the one half of the phone book is offset to the right, and the plastic phone book cover is met with a hot knife, the PCMCIA slut should still be accessible. a tunnel may need to be had, and long fingers to access the floppy drive shoould it not be able to be expanded out of its bay. The phone book pages need to be cut clean, use a vice/clamps and a jig saw with a fine blade, go slow. Use epoxy on the inside of the hole. slop that shit all around, make it look cool. (but dont glue the fucking covers so they cant open) maybe weldbond could help somewhere here? you will want to make sure the hole is just perfect, so your laptop can rest in the hole flush, if your lazy you will want to keep the laptop removable. or if your a real tinker fuck make the hole bigger, and silicone the fuckin laptop in there to absorb shock and trauma. The other (ideal)route expressed is to make the pay phone book assembly one with the laptop. Therefore only part of the phone book hole hack job will be epoxy'ed and the bottom portion of the phone book will be loose pages, so you can lift up the middle solid pages, and access the battery, bottoms up. The i/o ports, modem, floppy drive, pcmcia will need their own holes/rerouting/cosmetic surgery and all that to make things usable, but i think the effort would pay off in the end. atleast it would look fucking cool, and you could swing it around your head and club people with it other ideas: embed a trauma sensor and a pay as you go (disposable?) cellphone so if you chain link your laptop to a fence and someone tries to kick it or something your pager will go off with 911 or something. get one of those 130db personal alarms to embed if there is room. oh man i would find room for a fuckin acoustic coupler too this concludes phlux0rs ph34ky ph0n3 tr1xx0rz. -._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._. ._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.- .----------------. -=[ EM/HERF Weapons ]=- /__________________\ ||\ ________ /| _ | Part 1 || |: :| |o(_)| "Putting that old Microwave Oven to use!" || |;-""""-;| |o(_)| || |________| | __ | Author: caesium ||/__________\|[__]| "------------------" hjw NOTE: This article is best viewed in TERMINAL font! I use high ASCII which is standard and works perfectly fine in lynx. If you find the schematics are fucked up. Just paste this bitch in notepad.exe (haha) and select font type Terminal! (and if your reading this in a *nix term you should have no problems) -=[ Disclaimer ]=- Nor I or my affiliates will take ANY responsibility for (mis)use of the device mentioned in this article. The device in this article is plain out fucking lethal. If you do not respect the construction or use of this device, it will kill your stupid ass in a flash (literally). This device, when built will contain HIGH VOLTAGE at HIGH AMPERAGE, which means if you touch or otherwise come into contact with a part which is energized it will cook your ass like that cat from national lampoons christmas vacation. This device also and obviously will emit HIGH RF ENERGY. If your in the way of said RF energy it will cook you. This means deep thermal burns and cataracts. It can blind you within 2 seconds or less and if you have any plans to have children you best be keeping your twig and giggle berries well out of harms way. This device contains capacitor(s) which can hold lethal charges for days even weeks. So keep that in mind. This will be further explained down the article. Let's recap. High Voltage, High RF Energy, High Amperage. All of which speak for themselves. *** Your first mistake will be your last mistake. *** -=[ Introduction ]=- I know the disclaimer is unseasonably long. However it is very important to convey the inherent dangers of fucking around with microwave parts. EM/HERF weapons and/or devices have been of great curiosity it seems to many people ive discussed it with in the scene. Perhaps this is because of the nature of the device, or the fact that most people in the scene are depraved maniacal fucks. Anyhow, I digress. I will in this article discuss, layout and illustrate how one can turn a microwave and some cheap easy to get components into a homebrew "LOOK WHAT I DID MOM!" EM/HERF Weapon. Personally, I don't like to call this device a weapon because I do not condone its use against personnel and the fact it makes a shitty impractical weapon. Its main theme and idea is to destroy/jam/fuck-up electronic devices. To construct this device you will need to have some skills as it pertains to building housing and wiring. If you lack these skills I suggest you not even attempt to construct this device because it will most likely end up killing you or fucking your shit up. Please read this article several times and MAKE SURE you have a solid idea of what I'm talking about, because forgetting to do something or connecting something wrong or etc. will be bad news. This EM/HERF "weapon" will emit HIGH ENERGY RF @ 2.4GHz which means it's very very very bad for biological things... so, don't aim it at people or animals. Remember, Alley Cats and Squirrels have feelings too.. Seriously.! The items you will need to construct this device are: 1) Old (Working!) Microwave oven. 2) Aluminum/Tin Foil 3) Aluminum/Tin Tape & Duct Tape (come on man, next to the WD-40) 4) Parts for Triggering Circuit! *read below* 5) Wood, of suitable size (1x1) to make a frame. 6) Wire (house wire, or extension cord.) 7) Parabolic Dish. (Or a Metal Salad Bowl!) 8) A will to die. -=[ Safety ]=- *PLEASE READ THIS SECTION* Without safety, you only have injury. Now lets cover some safety issues which will be key if you decide on building this crazy ass device. The big heavy transformer that the Magnetron needs to be powered by will make a lot of amperes at around 4.5kV (4500 volts). This is bad news if you touch any live wires from it. Because at this voltage and at that amperage it will in all likely hood kill you, and I'm being totally serious here. So, if you work on this device make sure it's unplugged, the capacitor is drained, you have one hand in your pocket and your wearing shoes. If you do all that, even if you get shocked it should hopefully not be enough to stop your heart. With that said, the other danger is the capacitor. Most all microwave caps have a bleed resistor internally which shorts them out causing a slow drain. That way they wont hold a charge for more than 5 minutes. This can be confirmed by looking at the capacitor. Most contain a little schematic on the side showing this. Here is a leet ascii schematic of a cap with a bleed resistor.. Ú/\/\¿ To explain. the -/\/\- is the resistor. ³ ³ and the Ä´ÃÄ is the capacitor. The resistor will HV ÄÁÄ´ÃÄÁÄ HV be shorting out the cap... guess what HV means?! Now, to manually drain the cap you can take a 1 or 2 W (watt) resistor of about 10kOhms and short the terminals out. That is the safe, non-shit-your-pants way of draining it. You could just be lazy and short it out with a screw driver but if mr. capacitor has some juice in him, he will send your screwdriver to screwdriver heaven and probably cause you to lay some cable. It's been my experience that most all microwave caps have bleeders on them, so if you do see the bleeder schematic as illustrated above, just go ahead and short the fucker out with a screwdriver.. Now, onto RF Energy safety. RF or Radio Frequency Energy is a very very weird mystical thing to try to explain to people because it does at times do some really whacked shit. It's unpredictable to the layman and is invisible; and very dangerous when strong. You wont see yourself getting burnt from it, you'll only feel pain and go "OH FUCK!!! AAAHHHHH".. RF Burns hurt, and can give you cancer or blind you, and sooo much more. I will explain down in the article how to avoid becoming a statistic and where you should be in relation to the emitter of the magnetron. RF Energy will bounce off of many items. If metal is not grounded RF energy will usually bounce right the fuck off it and reflect back at you.. Which as you can gather is not a good thing. Grounded metal usually will absorb and ground the RF energy, so try to keep this thing pointed at grounded metal only. Side with caution, use common sense (although you probably dont have any as your reading this silly ass shit). BUT BE SAFE!! Cause we don't want clone to lose any valued k-line readers now do we. -=[ Theory ]=- This device operates on the concept that the strong RF energy will be absorbed into the framework/chassis of the target device causing very high voltage energy spikes into its electronics/components causing said target device to fry or just plain break. Computer IC's (integrated circuits) are very susceptible to this brand of attack. CMOS devices dont like static electricity, so you can just guess how they will appreciate this.. -=[ The Magnetron ]=- No, I did not make this name up or some dumb shit like that. The heart of this article is this cool little diode type electron tube. Magnetron n : a diode vacuum tube in which the flow of electrons from a central cathode to a cylindrical anode is controlled by crossed magnetic and electric fields; used mainly in microwave oscillators. The magnetron itself requires 3 connections to function: 1) Filament Heater & Cathode (one and the same, 2 connections) 2) Ground (the metal casing itself) The basic idea is that we power the Magnetron, then bounce the radiation it will produce off a really half-ass RF Mirror causing whatever is in front of this device to receive the RF energy. Hence zappin' it. Here is more leet ascii on what a magnetron looks like (side view): ÖÄÄÄ· º***º <- this cap thingy is the antenna ÇÄÄĶ RF is emitted 180 degree's round º º º º ÄÄÄÒÄÄÄÄÄÄÄÄÐÄÄÄÐÄÄÄÄÄÄÄÄÒÄÄÄ ÌÍ###################͹ ÇÄ\/\/\/\/\/\/\/\/\/\Ķ ^ ÇÄ/\/\/\/\/\/\/\/\/\/Ķ |---- This flap is a ÇÄ\/\/\/\/\/\/\/\/\/\Ķ mounting bracket. that wavy shit -> ÇÄ/\/\/\/\/\/\/\/\/\/Ķ is the heat sink ÇÄ\/\/\/\/\/\/\/\/\/\Ķ ÌÍ###################͹ <- those #### is a big ÓÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄĽ strong ring magnet! ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» (both above and below) º º this base contains -> º ÚÄÄÄÄÄÄÄÄ¿ º chokes and a lot of º ³ @ @ ³ º <<-- the @ @ are the two empty space... º ÀÄÄÄÄÄÄÄÄÙ º cathode/filament terminals º º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ Also, goto google and do an image search for "Magnetron" you'll get several links and images to more info and the many different varieties these things come in. ANTENNA: The magnetrons antenna is a metal cap mounted ontop of a ceramic insulator. RF Energy is emitted just as if it were a light bulb. IN ALL POSSIBLE DIRECTIONS!!! So. If you can SEE the cap, then your in an area which will be nailed by RF once this mofo is energized. Here is the ascii schematic of the Magnetron: /-----\ / \ ÄÄ|Ä¿ ³ | | ³* ÃÄ|ÄÄÄðð ÄÄ|ÄÙ ³ | GND \ / \-----/ As you can see it only really has 2 terminals (leads.).. This is unusual to most people who are not firmiliar with vacuum tubes and such. Basically, we need to run 3v (yes, 3 volts) at like 1-2 amps through the 2 leads (this will warm up that direct short as you can see the filament its called). And while the 3v @ 1-2 A is running thru it we run 4.5kV @ (fucked if i know) A thru the filament to the ground (which is the framework of the tube). So we are doing 2 things here, we are running (on its own circuit) power to heat the filament/cathode AND running high voltage/high amperage from the filament/cathode to the ground (the framework). This may seem stupid to most and its been designed like this for a reason, just connect everything as i illustrate and it will work fine. really! -=[ Basic Device Layout ]=- Here is a schematic of how this device will be wired. F2 Ú/\/\¿ T1 F1 ³ ³ D1 GND ³³(ÄÄÄÄÄÄÄÄÄ/\/\ÄÄÄÄÄÁÄ´ÃÄÁÄÂÄÄÄÃÄÁÄÂÁÄÂÁ ³³( C1 ³ ÄÄÄÄÄÄ)³³( HIGH ³ )³³( VOLTAGE! ÚÄÄÄÄÄÄÄÄÄÙ AC ~ )³³( Secondary ³ 120v )³³( GND ³ /-----\ )³³(ÄÄÄÄÄÄÄÄÄÄð ³ / \ ÄÄÄÄÄÄ)³³ ÃÄÄ|Ä¿ ³ | ³³(ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ | ³* ÃÄ|ÄÄÄðð ³³(ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ|ÄÙ ³ | GND filament \ / heater \-----/ loop M1 PARTS LIST: F1) 0.6A HV Fuse. (should look white) F2) 1W 100kOhm Resistor (this is usually in the cap, so, forget it) C1) 0.01 -> 1.15 uF HV Capacitor D1) HV Diode M1) Magnetron T1) HV Transformer All of the parts listed WILL be inside your microwave. The fuse will be white usually. The Capacitor will be this large metal tube, it will be quite obvious, and should have the bleeder inside, so you can ignore the F2. The diode will be this black rectangular object about the size of .. hrm,.. 3cm X 1cm .. and the magnetron is obvious... The transformer will be this big ass heavy block of metal, if you don't know what a transformer looks like, you should DEFINITELY NOT be building this device. Once you scoop all this awesome shit outta the microwave you can set it aside. -=[ Construction ]=- Ok, here is the deal... First take that microwave apart so you have all the basic components. You can disconnect all the wires and shit, thats perfectly cool, because I will tell you how to wire them back up and shit. Once thats all done, youll need to figure out what you want to use as a reflector.. I suggest a metal salad bowl... Why? well, because its cheap, common, cheap, and did i say cheap?.. Get your ass to a Crappy Tire, buy a salad bowl and drill a hole which will accommodate the antenna spout that is sticking out of the top of the magnetron.. Dont make the hole too big. You'll notice there is the golden mesh on the top of the magnetron, that shit is called a RF Gasket.. Obviously, with that being said, youll want the hole not to be larger than the gasket. If a salad bowl doesnt tickle your fancy use something like a salad bowl or almost as deep as one. This is very important.. DO NOT use a stupid fucking DirecTV dish or something, thats just clown shoes man. Even the bottom 1' of a tin trash can or something like that will work. Ever see those big fucking things on antenna towers which look like drums?? bingo. Those are microwave antenna's and we want something like it. So keep that in mind. This is mostly important because of the way magnetrons radiate RF Energy. If you choose to use that DirecTV dish, I suggest you go fuck yourself for not listening to me. Ok, once the dish is selected, you need to construct a box which will house the electronics and magnetron and probably support the dish. I am not going to help you too much with this portion, mainly because its highly dependant on what you have available to use. I suggest hitting home depot and looking around. I would personally use wood for a frame. The magnetron has mounting holes in the top part. You should design your case to use these brackets. Give all the components room. You dont want to jam everything together because of the high voltage. Here is a cheap illustration of a case: ---\ \ \ ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ \³ ÉÍÍÍÍÍ» ³ ³³ ºCAP º ³ ³³ÉÍÍÍ»ÄÄÈÍÍÍÍͼ ³ *Ä´³ºMAGº ³ ³ ³³ÈÍÍͼÄÄÉÍÍÍÍÍÍÍ»³ ³³ ºXFRMR º³ /³ ÈÍÍÍÍÍÍͼ³ / ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ / ---/ You can of course build a tripod base or whatever you want onto this... Use your imagination, be original.. Im merely telling you how to wire this bitch up so it works and such. A great deal of its ability to function will be in the dish/drum and the quality of the components. Steps.: A) Get Parts B) Build chassis C) Mount Magnetron D) Mount Dish/Drum E) Sheild! Onto shielding!.. Now.. shielding is fairly simple.. You basically wrap the entire chassis in tin foil and tape it up like Red Green with that aluminum tape. Once this is done ensure that the foil around the box is in direct electrical contact with the magnetron casing (which if you remember is connected to that isolated ground circuit). This will sheild the device from itself. Just dont touch it while its on. Note: make a panel which you can remove easy just incase you need to play with the internal components, or incase your stupid ass wired it wrong. Lots of people prefer to use sheet metal with a wooden frame. If you have access to and/or can afford to buy sheet metal, It is obviously the best solution as then you wont have to fuck with stupid aluminum foil or etc. Just as in the previous paragraph, ensure the sheet metal is fixed to the frame of the magnetron for proper "grounding". I originally built my unit pretty much as I have/am describing to you at this very moment. My device actually worked/works. I did however do it from scratch as at the time I didnt think to check the web for it. I have disabled several electronic devices with it. This was about 3-4 years ago however. I have since read several HERF/EM articles from several sources. That being said I have seen shit wired in ways which will do nothing to ways which will blow out your breakers or even cause the need for the fire department. I highly recommend you use the fuses which I have in the ascii schematics and side with caution and safety.. if you think its dangerous to be near this thing while its on.. YOUR RIGHT!.. also, dont touch the drum or dish or whatever you used as the reflector. It is hooked up to the ground and touching it may prove to be somewhat hazardous to say the least. It may do nothing, or it may kill you. I dont personally know cause I didnt go near this fucker while it was on. My ass was hiding around the corner of a brick house.. This is where I had the power switch. In my design (this design) I used the big dangerous transformer out of the microwave for a few reasons.. A) it was there.. B) you need AMPERAGE to power the hungry magnetron C) neon sign transformers WONT WORK! So, if you read any article where some schmuck used a NST (neon sign transformer) with a magnetron, laugh. Cause all it is, is bullshit. NST's supply 4kV->15kV+, sure they supply way more voltage. However they supply a piddly 30->50mA.. Thats milliamperes.. Not NEARLY enough amps to power the fucker.. So, This leads me to think that the vast majority of people who wrote EMP/HERF articles have never even tested or used them. What a bunch of fucking posers eh.. So, Once all this is mounted in a box and nice and clean. Then its time to move onto wiring the internal components up. Before I go into that I am going to explain how we are going to trigger this device. Diagram of Overall System. ÚÄÄÄÄÄ¿ ÚÄÄÄÄÄÄÄ¿ ÚÄÄÄÄÄÄÄ¿ ³Wall ³------->³Trigger³--------->³EM/HERF³ ³Power³ ³ w/fuse³ ³DEVICE ³ ÀÄÄÄÄÄÙ ÀÄÄÄÄÄÄÄÙ ÀÄÄÄÄÄÄÄÙ With this being said, We have not yet covered triggering mechanisms. I find myself at a loss on what to say for this, as there are several things one can use to accomplish this task. A simple house light switch, a relay, ... the list goes on. Whichever triggering solution you choose, make sure you put a fucking fuse on it, seriously.. If you want, you could go real slick and throw in a line filter, cause I assure you that this device will probably make some decent noise on your AC mains. However, its no worse than the fucking crap Ontario hydro pumps into my place anyways... Also, keep in mind to keep the power cables out of the way of the dish/drum because you dont want to inject RF into the mains directly, as that is just asking for trouble. There are other reasons for this, but whatever. This device has been designed so far, to run for very short periods of time. I wouldnt run this thing for more than 2 seconds.. If you do, may god have mercy on whatever is front of it. Running it for more than just a few seconds will probably ruin/destroy the magnetron. They are meant for duty cycling and that means pulsed or non continuous operation. If you do use this device a lot, I suggest running air over the heat sinks of the magnetron. I will not go into discussion on that, as running this thing for not even a mere second will have already destroyed most all electronics in front of the dish/drum. About triggers, I suggest a simple switch. In my next issue of EM/HERF 'Weapons' I will have some interesting triggering devices displayed in which one can use for the purposes of triggering this device. They will be exceedingly more complex than just 3 wires and some bubble gum. I would hate to give a full A-Z tell all. For a few reasons: I want ppl to learn, explore, and innovate. Put your own ideas together and have some fun. If your too lazy for this, use a fucking switch and leave me the hell alone. Now lets discuss wiring the primary components together. This is pretty easy as there is only a transformer, diode, cap and magnetron. The transformer will be weird to most ppl. Some ppl will go "gee, this is one fucking stupid ass transformer". And for the most part, your correct! The transformer has been designed for a microwave, not to suit your mad hobby needs. Most of the transformers ive come across only have 1 HV out and have the other HV lead directly connected to the frame/block of the transformer itself. If that is the case with your transformer, fear not. You'll need to isolate all the different connections on the transformer. The connections: 1) Primary (two wires connected to a smaller winding, AC mains) 2) Secondary (one wire which is probably just a terminal, and the transformer block itself.) 3) Filament Heater Coil (two wires which are apparent as this fucker only wraps around the core like 3-6 times.) Now, if you look at the schematic above which illustrates how this device is wired you'll see that its designed with that Secondary which has a lead connected to its frame, in mind. If you keep in mind the transformer has 3 coils, and try not to confuse yourself you should have no troubles wiring this up. As for the GND (Ground) in the schematic, you'll have to come up with a method of connecting all the GND's together. Then ensure the cases frame, shielding, etc. is all grounded to the ground. You can even attach this ground to the ground on your AC mains, and I suggest you do just that. If you do connect that ground to the AC mains ground (your house ground) the device should be safe to touch while running (however I would leave this testing up to a friend you dont all that much care for.)... NOT.. (dude's gotta cover his ass,) -=[ Operation ]=- Operation is fairly simple. PLUG IN STAND BACK SWITCH ON COUNT TO 1 or 2 SHUT OFF LAUGH MANIACALLY Thats about it. Keep in mind to stand well away from the emitter. Make sure that any metal or etc, in the way of this thing doesnt mirror to you or the RF will bounce back and fuck you up. Just becareful! Suggested targets are: * Old 286 computer. * Yappy neighbors dog. * Cheap calculators * Cars for scrap (which have `puters). * Something you dont like! Note: If you fire this at a modern car, It will *KILL IT*. I mean, it will seriously and absolutely fuck the cars computer in the ass like an episode of Oz. Ever had your sheesh pushed in dog? Huh essay!? Also, keep in mind cars are not grounded and will probably bounce 3/4 if not more of that RF right back at you.. So, just remember that. This device will emit a lot of Watts @ 2.4GHz .. Oh, doesnt 802.11 wireless networking run on 2.4GHz ?... NO DONT GET THOSE IDEAS!!! -=[ Conclusion ]=- I believe I have polluted enough minds. Just be smart and play safe. Respect ppl, animals and property. Be intelligent and use this for educational purposes and not to be a fucking cock sucker. Its a fun hobby with neat interesting results. You can do cool stuff with RF Energy, goto google and look up RF Energy and Magnetrons and get yourself some decent edumacation. This device makes a great lab piece just so long as you are smart about it. -=[ Credits ]=- Author: caesium Knowledge is power, Understanding is wisdom. -=Toronto 2600=- http://www.to2600.org Shouts: theclone, dec0de, kris, grinthock, jimmiejaz, and the to2600 crew. -._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._. ._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.- i have a self catheter kit.. its sweet -- Credits Without the following contributions, this zine issue would be fairly delayed or not released. So thank you to the following people: Axion, Caesium, Cyb0rg/asm, DdUcation, Magma, Phlux, P1asm1c, Shadow, The Clone, Treephrog, Wizbone -- Shouts: CYB0RG/ASM, Wildman, H410g3n, warVamp, The Question, plappy, Phlux, rt, Magma, Hack Canada, The Grasshopper Unit, Flippersmack, soapie, Breanne, Flopik, dec0de, caesium, oz0n3, Kris, to2600.org, and lastly to everyone and anyone who contributes to the Canadian H/P scene. ;. .;.. ; ;. ;.. ;.. .;..; .;.; .;; ;.. .;..;. .;..; .;.;...; ;..;.. .;. A .;. .;. ;.. N E T T W E R K E D ;.. ;..;.. P R O D U C T ;..;.. .;..; ;..;.. ; .;..;.;.. .; . .;. ..;.. .;.. . .; ..;..;..;.. .; ;..;. .;.. . .;.. .;.;. ..;. ..;.. .;. ;.;..;;..;.; ;.;;..;.. ;.;.; .; . ;.;..;. .;. ;.;:.;. ,;....;. .;.;. .;.; .;.;.; .;.; ;..;. .;.;;.; .;. ..; ;. > > > .................>>>>>>> Fuck You Telus for messing up my ADSL service. Now I don't feel so damn bad for wardialing and hand scanning from my residential phone line you filthy pieces of poo. - Anonymous Hero