.--- ---- ---- ---- ---- ---- ---- ---- --- - ---- ---- --- . / dms d dmsdm d m s dms d d d d d / / m d m m s m d m d m m m m m / / s m s sdmsd sdmsm s m s s s / / d sd d d s s sd d d d d / / m m m m d m m m s m s / .--- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --- . "NPANXX upholding the Bell tradition of quality text files an d exploits" outh.bellsouth.bellsouth. outh.bellsouth.bellsouth. outh.bellsouth.bellsouth. bellsouth.bellsouth.bells bells.--------------.outh bells.--------------.outh bells| TeamPhreak |outh Volume 1 Issue 2 - 11/05/01 bells| TeamPhreak |outh bells| |outh "Ghost busters underground crackhou se" bells| |outh bells| .----------. |outh bells| .----------. |outh bells| | NPANXX | |outh bells| | NPANXX | |outh bells| .----------. |outh bells| .----------. |outh bells| *** |outh bells| *** |outh bells| *** |outh NPANXX bells| *** |outh bells| *** |outh (In Pee Ay. In Ex Ex) bells| *** |outh bells| _ |outh bells| _ |outh bells| | ||outh bells| | ||outh bells| |_||outh bells| |_||outh bells.--------------.outh bells.--------------.outh bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. 01010101010101010101010 bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. www.musicforhackers.com bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. 10101010101010101010101 bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. [Soundscapes for Compromising a remote host] bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. bellsouth.bells| |outh.bellsouth. bellsouth.bel| |lsouth.bells. bellsouth.bel| |lsouth.bells. bellsouth.bel|__Sucks__|lsouth.bells. bellsouth.bel|__Sucks__|lsouth.bells. bellsouth.bellsouth.bellsouth.bellso. bellsouth.bellsouth.bellsouth.bellso. NPANXX - Volume 1 Issue 2 - 11/05/01 November 5, 2001 NPANXX - Volume 1 Issue 2 - 11/05/01 ==== || ====== === ==== || \\ // \\ // || \\ || || || // \\ || \\ || \\ // \\ // || \\ || ||===|| //===\\ || \\ || \\ // \\// || \\|| || // \\ || \\|| // \\ //\\ || \|| || // \\ || \|| // \\ // \\ .------------------------------------------------------------------ ---------------------------------------. | Contents | . .------------------------------------------------------------- ----------------------------------. . | | | | | | Introduction | | | | | | | | 1. How long before the tide turns on C?................... .................by overlord DDRP | | | | 2. Bellsouth Security Advisory (be afraid very afraid).... .....................by mcphearson| | | | 3. Basics of running an apache server..................... ...........................by bor | | | | 4. Scans - 1800 222 99xx.................................. .....................by op divert | | | | 5. Brief history of the Phone Masters..................... ...........................by CNN | | | | 6. The iDEN System (part 1)............................... .....................by mcphearson| | | | 7. Basics on Smart Cards.................................. .....................by fantacmet | | | | | | | | | | | | Links and More Advertisements | | | | | | | | Staff Email : | | | | teamphreak@telcobox.net | | | | If you have a email to one of the staff mem bers just include | | | | his name in the subject and it will be deli vered to his | | | | personal email. Thanks! | | | | | | | | | | . .------------------------------------------------------------- ----------------------------------. . | "Ghost busters underground crackhouse " | .------------------------------------------------------------------ ---------------------------------------. npan.STAFF.npan | Shoutouts | Shoutouts | Shoutsouts ------- | ------- | ------- | -------- npanp.bor.anpan | op divert | iluffu | And all those np.phractal.anp | the MFH crew | 9x and d4rkcyde | dumb fucks th at np.rebitBusy.an | Overlord ddrp | Original TP members | work at bell labs np.parenomen.an | Setient | fortyaight | and sprint. npa.tekk250.npa | Crew of Teamvirus | jenna jameson | **lucky225** ------- | ------- | ------- | =========================================================== _ _ ___ _ _ _ _ ___ _ _ _ ======== | | \ | | | ) | | | \ | | / | | | | | \ | ======== | | \| | | \ |_| |_/ |_| \_ | | |_| | \| ======== =========================================================== We knew you liked the first issue so much that we decided to put out an action-packed second issue. It is full of goodies to keep you reading instead of going to lurk on the PSTN and harrass the telco people. We have a bit of everything in here. We got around to getting some computer related material dealing with security-minded programming ethics, and a little about running an apache server. We have some more BellSouth inph0! We have some c0dez for you brought to you by a scan, some iDEN info (Nextel phones) and a little history about one of the most knowledgable groups of recent times, the PhoneMasters. It is becoming rarer and rarer to see true phreaks around, with all this hoopala about the internet. Catch you on the f0ne! - Phractal of Team Phreak ============================================================== 1. How long before the tide turns on C?======================= ============================================================== In this day of security awareness, C has entered a time very different from which it was intended. Whenever we hear of a buffer overflow in some networked application or program whichs runs with root privillege we know that C was probally the problem. Some people, who favour other languages such as PERL or Java have used this fact to attack C. We know that C has many vulnerabilities but in reality these are programmers' responsibilities, we do not need a language to hold our hand as we program. C has a long way to live and to ensure it's survival we must start to develop tools to spot our mistakes (like lint) and we need to educate our future programmers in new books and web guides not to use the old functions like gets(), strtok(), strcpy() etc. and to only use their thread safe and bounds checking equivillants... fgets(), strtok_r(), strncpy(). One of the other dangers apart from buffer overruns is the possibillity of making use of race conditions. A race is when two threads access the same data at the same time and one of them is updating the data. The data could be read incorrectly or could be corrupted. This is extremely hard to predict and I don't know if somebody has managed to use this as a security hole yet or if they did, how repeatable it is. It is difficult to manage access to data in a defined order in a large program, there is always the possibillity of a thread not aquiring a lock befor e using global data. I think that there is a strong case to go the way of Java here and use a keyword which would indicate to the compiler that synchronisatio n to a variable must be serially managed. In the commercial world, the drive for new technologies is always there and C might go if it looks insecure. With most code these days still written in C and often by people who don't have that much experience we could be causing the death of our own language. How long before buisiness starts to look on C as the problem, when part of the problem is the commercial world, which wants to push software out quickly, before it's debugged. If we want to force C to survive as our language of choice, it may be wise to build tools such as lint into compilers to force new programmers to understand potential errors, inappropriate use of sprintf() being one of the nastier ones. String handling in C should probally be simplified and this can be done with add on libraries rather than change the C language. If anything changes and we find that C gets used less, let us go with C++ and not with the fly by night languages. The trendy web languages, here today, gone tomorrow. Let's stick with real, proven code and improve on it. - David Duncan Ross Palmer ******* **END** ******* ============================================================== 2. Bellsouth Secuirty Advisory================================ ============================================================== Hey all you kiddies out there reading this Zine i have something freshly (more like a couple of months ago heh) trashed for you! ohh im sure you are so excited you can hardly wait to see the file. Well hold your horses this article wont tell you anything but i thought it would be a nice little article to add on to this most wonderfull zine, well kids here it is. Carolina Lines _______________________________________________________________________________ __________ Employee Bulletin For All 1600 Williams Street and 400 Laurel Street BellSouth Employees _______________________________________________________________________________ __________ May 14, 2001 Carolina Lines Bullet in NO.114 _______________________________________________________________________________ __________ SECURITY ADVISORY _______________________________________________________________________________ __________ ZERO TOLERANCE------ BellSouth prohibits abusive and/or profane language,verbal threats,gesturin g and/or physical fighting by any employee. Workplace violence is defined as any comment(s) or behavior(s) that could b e interpreted by a reasonable person as indicating the probability of physical vi olence. No employee should ever feel he or she has to tolerate any threatening or a busive behavior. If you have experienecd a Situation that you feel is threatening, or suspet that a threatening situation may develop, please contact your supervisor or the bellsouth secuirty department at 803-401-2172. EMPLOYEE IDENTIFICATION------ All BellSouth employees must display a valid BellSouth identification badge while in the building. These badges must be visible at all times. Obscuring or defacing the badges, such as by covering with stickers or lapel pins, is prohibited. Employees who inadvertently leave their ID at home must obtain a temporary i dentifica- tion, valid for oneday, at the gaurd station. Diligent use of the ID system will help insure that all those in the buildin g have an appropriate business reason for their presence. VISITORS------ All visitors are required to sign in at the gaurg station and wear a visitor 's badge while in the building. Delivery services or couriers must also sigh in at the guard station and obt ain a visitor's pass, even if they plan to be in the building for only a short time. ******* **END** ******* ============================================================== 3. Basics of running an apache server========================= ============================================================== Written For: NPANXX by: bor (bor@telcobox.net) --------------------- A short introduction: --------------------- As many of you may know, I'm not considered the "smart one" in Team Phreak. Wel l, I wouldn't actually say that. Hell, I do whore out my webspace to the group, so the bastar ds better not put me down too much. Anyways; the following article explains the basics of setting up, running, and keeping an apache webserver secure. It's a pretty large article, but it does go over all of the b asics. After reading this, you should have a pretty good idea on how to run one, while keepi ng it secure. --------------------------------- Step One: Choosing the correct OS --------------------------------- My personal choice for an operating system is the slackware operating system. S lackware is a distribution of linux, and my personal favorite. Why do I choose this? Well, wh ile bing easy to use for anyone who is familar with a linux based operating system, it also o ffers a wide variety of features, along with being pretty secure as long as you keep up on t he latest bugs and what not. However it is not the most secure option that you could choose. Personally; I'm not too scared about security issues. I do keep my box as secure as I can (when i'm not being lazy) but if I was to get rooted, it wouldn't be the end of the world. If you are a security freak, and want to keep things as secure as humanly possi ble, you'd probably want to select a BSD (FreeBSD, OpenBSD) operating system. BSD is direc tly derived from UNIX, while linux is based on GNU and what not. BSD is meant almost specificly for servers, and tends to be more secure than linux. However like I said before, it's all a pers onal choice. I also realize that there are many of you out there who would even consider run ning your server off of windows. Hey, I have nothing wrong with that, but if you do, this is not the article for you. You should probably use Windows2000 with the IIS server (All patched of co urse). However remember, by gaining the ease of use of Microsoft products, you are giving up t he security, reliability, and scalability of linux/unix servers. -------------------------------- Step Two: Downloading the server -------------------------------- I realize that on some applications, it would be wise to install an earlier ver sion. A great example of this would be Microsoft Windows. You would much rather install 98SE than ME for obvious reasons (hell, just get 2k please). With apache, this actually doesn't matter too much. Apache is an extremely secure webserver in itself, and the only thing that you' re getting in the new versions are new features and what not. Not really any security fixes t o think of. However, just to be certain that you do have any security fixes that they may h ave issued, and to make sure that you do have the most up to date features, you will want to do wnload the most up to date version (As of now: 1.3.22) You'll want to goto the apache website, and simply click on where it says "down load" on the right side of the front page. Download it to a dir and thats about it. The rest is al l installation. --------------------------------- Step Three: Installing the server --------------------------------- Installation of apache is extremely simple. It's amazing that this webserver is something that any linux newbie can start out with, yet it is also what major corporations use to run their websites. Kinda boggles the nerds mind. Well, anyways, the following instructio ns will be in list form for your viewing pleasure. 1.) After downloading apache_x.x.x.tar.gz, do a "tar -zxvf apache* /dir/you/wan t/apache/in" This won't install apache into this directory of course, but simply extract all of the file into this directory. 2.) After extracting all of the files, installing apache is just as simple as i nstalling any other piece of code into linux. Follow these simple steps. a.) type "./configure" into console, and procede to follow any instructions on the screen. This will configure apache so it can be installed on to your system. b.) after configuration is done, type "make". If you have ever installed a p iece of source before, you understand that you don't really need to read any of this, unless t here is an error or something. In which case; you're on your own pal. c.) Do a "make install" and this will procede to install apache into the dir ectory which you selected through configuration. Most likely, it will install apache into the "/ usr/local/apache" directory. This is the default directory for installation. --------------------------------- Step Four: Configuring the server --------------------------------- This is where it gets a little difficult if you're trying to run a ton of featu res. Because I don't run a ton of things like php, and front-ends to applications, I don't hav e a ton of experience in configuring the conf file for that stuff, but I will get you thro ugh the basics. The configuration file really is more or less self-explanitory, but I will expl ain the basic things to get you through it, and to get your server up and running: 1.) Goto the "/conf" directory in your apache dir, and find the "httpd.conf" fi le. This is the file that controls the entire webserver. It is more or less telling the server what to allow, what not to allow, and what in the hell it's supposed to do. 2.) With your favorite text editor (i'm an idiot, so i use pico) open the httpd .conf file, and you'll notice a ton of shit that you can't figure out. It took me awhile to fig ure out most of the stuff that I had to do with the conf too. 3.) If you are running your apache server off of a cable connection, and your p rovider does not support, or fully disables the use of port 80 so you don't run a server, there is a way to get around it. One of the first things you'll have to do is set the Port to a diffe rent setting. I use port 81 for my http because its simple. The port setting is on line 236 o f the conf. file. 4.) The next thing that you're going to want to do, is change the settings for who runs the server, and what group they are under. You should change both to "www". You can add a user and a group by the name of "www" by the adduser and addgroup feature of root. These settings are on lines 250 and 251. These are really the only things that I could help you out on in terms of confi guration in one file. There are a lot of other things in the conf. file, however they are very specialized with permission options, and whatever you want that specific function to do. This is where the authors of apache are very good in describing the ins and outs of the server, and how t o do different things. ----------------------------- Step Five: Running the server ----------------------------- Running the server is very simple. All you have to do is run the command as fol lows: "/usr/local/apache/bin/apachectl start". I know it seems like a large command, but remember, you are just running the "apachectl" program in the "bin" directory of your apache dir. And by saying "start" you're precisley telling it to do that. In the event that you want to s top your server, you can always give the command "/usr/local/apache/bin/apachectl stop". Or simp ly kill the PID of the server. If you should come upon an error message when you start the server, it will tel l you where you f'd up the configuration file. Just take a look around the file, and it's a goo d bet that you'll be able to figure out what you did wrong. -------------------- Security Precausions -------------------- The best thing that I could tell you about running your server securily is to r outinely check the newest security bullitens at BugTraq and check the changelog of your linux distro. The URLs for these sources of info can be found at the bottom of the article. Remember, when a bulliten is issued for your specific distro/kernel version, im medately attempt to find the fix, install it, and you'll be fine. Also, try not to make any ene mies that would attempt to exploit your server. You're just asking for trouble. ------------- In Conclusion ------------- Apache is probably the best choice that you could make for a webserver. It has ease of use, security, flexibility, and works on a wide array of operating systems. If you d on't use apache, then you really are missing out on your full potential for running the correct server with the number of features available for you. --------------------------- Various links & Information --------------------------- The Apache Software Foundation - http://www.apache.org Security Focus (Home of BugTraq) - http://www.securityfocus.com The Slackware Linux Distribution - http://www.slackware.com The FreeBSD Operating System - http://www.freebsd.com The OpenBSD Operating System - http://www.openbsd.com The Redhat Linux Distribution (yuck) - http://www.redhat.com The Mandrake Linux Distribution (yuck) - http://www.linux-mandrake.com/en/ SceneWhore Inc. - http://scenewhore.trance.nu ******* **END** ******* ============================================================== 4. Scans - 1800 222 99xx====================================== ============================================================== Well here it is another pointless to scan to make us look l33t0rz here you are my bitches. 1800 222 99xx Areacodes 912,478 WarnerRobins,Georgia Brought to you by Opdivert * = no answer 00 - German autoparts 01 - Cannot connect 02 - answering machine 03 - Opticle Products 04 - talk hotline 05 - answering machine 06 - answering machine 07 - Answering machine 08 - connot be completed as dialed 09 - Training Resource corporation 10 - fast busy 11 - Cannot complete call 12 - "Nonworking tollphree number" 13 - Silent 14 - answering service (these people are assholes) 15 - Motel, in cali 16- japco rice class 17- meridian vmb 18- northen concreate pipe 19- jimy miller 20- fast busy 21- Disconnected 22- alarm center 23 - hilton reservations 24 - sheral cop 25 - not in service 26 - disconnected 27 - talk hotline 28 - lake mason 29 - picks up and hangs up 30 - no answer 31 - first class international 32 - DR gibcat 33 - talk hotline 34 - customer service 35 - Americas Feasco?? 36 - answering machine 37 - no answer 38 - fast busy 39 - terika ? 40 - promac leasing 41 - no answer 42 - fast busy 43 - custom printing products 44 - Last prevention and work review department 45 - disconnected 46 - SMI 47 - answering machine 48 - wellingman associates 49 - not availible in my calling area 50 - talk hotline 51 - * 52 - busy 53 - busy 54 - talley machinery 55 - ?? 56 - * 57 - superior components 58 - regit group insurance office 59 - * 60 - deerpark 61 - * 62 - * 63 - message 64 - ?? 65 - 800400talk 66 - enter extension of party 67 - * 68 - first price international 69 - if youd like to leave a message in [language], press [#] 70 - busy 71 - * 72 - 800400talk 73 - 800400talk 74 - * 75 - travel montana 76 - * 77 - premier customer service, jennys voice mail 78 - insured assistance 79 - Carolina fabrics/printworks 80 - * 81 - tone 82 - 800400talk 83 - * 84 - duke office of continuing medical education; www2.mc.duke.edu/docme 85 - ?? 86 - narthcos electric 87 - customer service call center, Saratoga, fleetwood credit core, mainframe s upport 88 - 800400talk 89 - busy 90 - hangup 91 - * 92 - * 93 - * 94 - get it hot and wet with the naughtiest girls around 95 - busy 96 - 800400talk 97 - * 98 - * 99 - * ******* **END** ******* ============================================================== 5. The Phone Masters========================================== ============================================================== ***Note*** This article is really fucking old hence the date December 14,1999 i just put it up here because it was very interesting. Large-scale phone invasion goes unnoticed by all but FBI December 14, 1999 By D. Ian Hopper, CNN Interactive Technology Editor and Richard Stenger, CNN In teractive Writer (CNN) - Where have all the hackers gone? That's an understandable question considering the actions that currently pass f or a news-making "hack." One might think that the days of Kevin Mitnick's phone hijinks or Robert Morris's c omputer worm, which disrupted the operations of over 6,000 computers nationwide in 1988, are gone. Sure, ther e's malignant code like the Melissa virus which struck computers earlier this year, but so many viruses rely on use rs to knowingly or unknowingly pass them on until they finally strike. When they do strike, they usually just wipe out the user's hard drive - not so horrible, on a global scale. But how about stories of intelligent hackers who d ownload calling card numbers straight out of the data banks of giant phone companies in order to use or rese ll them, download and resell credit reports or have the ability to reroute or even take down entire telephone netwo rks at will? Those guys are gone, right? Not so fast. They're far from done; they've just gone out of fashion. Calling card numbers, credit reports, and more A group of crackers called the Phonemasters, for example, stole tens of thousan ds of phone card numbers, found and called private White House telephone lines and rooted around in high-security F BI computer files in the mid-1990s. But the gang behind ones of the largest hacks ever failed to see their names on one FBI list, a request to tap their lines. Some four years after U.S. agents busted the group, the last of three ri ngleaders now awaits sentencing in federal court. Jonathon Bosanac pleaded guilty to two counts of computer-relate d fraud in a U.S. court in San Diego last week. The self-proclaimed "Gatsby" faces sentencing on March 2. Two other reputed ringleaders were sentenced in September. Corey "Tabbas" Lindsley received a prison term of 41 months; Calvin "Zibby" Cantrell was given 24 months. The hacker gang downloaded thousands of calling cards from AT&T, Sprint and MCI to sell on the black market, according to federal prosecutors. Some of the reported retail customers included the Sici lian Mafia. "One of the most valuable skills is to be a phone phreaker. If you 'own' the phone system, you have the k eys to the kingdom: you can listen to anyone you want to, call forward, switch numbers and route calls," said Matthew Yarbrough, the assistant U.S. attorney in Dallas who served as lead prosecutor in the case. The scope of their activit ies was astounding. They could listen in on phone calls, alter secure databases and penetrate computer systems of cre dit report company Equifax and the FBI's National Crime Information Center. Giving the FBI the "pager treatment" The ringleaders even contemplated downloading every calling card in the United States, according to prosecutors. A federal judge estimated that the group caused $1.85 million in business losse s over three months. The Phonemasters reportedly performed high-tech pranks, forwarding an FBI phone number to a sex chat line that left the bureau with a $200,000 tab. Some victims -- including a Pennsylvania police dep artment that gave one Phonemaster a ticket -- received the "pager treatment," in which their phone numbers were each sent to thousands of pagers. The Phonemasters, a name coined by authorities, even sold for hundreds of dolla rs copies of personal credit reports, state motor-vehicle records and addresses or phone numbers of celebrities like Madonna and Danny Bonaduce. "The information, because of the confidential nature, had a lot of value," Yarb rough said. Looking through confidential databases, they warned targets of FBI surveillance that their phones were being tapped. But they never checked to see if their own phones were under surveillance. The Phonemasters went to great measures to avoid detection during their long-di stance conference calls, never using their real names and speaking in code, referring to the calling card numbers as "tortillas," prosecutors said. FBI agents turn the tables But they were often aware of the risk. In the transcript of one 1995 conversati on, Bosanac hears a strange noise on the line. "What the hell happened?" he asked. "That was the FBI tapping in," Cantrell joked. "You know how ironic that's going to be when they play those tapes in court?" L indsley said. The FBI was listening, using a unique $70,000 prototype device that recorded ev ery word and keystroke that moved along the phone line in Cantrell's home in Grand Prairie, Texas. It marked the first time the FBI successfully eavesdropped on computer data traveling through telephone lines, federal prosecutors said. In February 1995 a hacker friend told Cantrell his number was on a database of phone numbers under FBI watch. Soon FBI agents raided Cantrell's home, Lindsley's dorm room at the University of Pennsylvania in Philadelphia, and Bosanac's bedroom in his parents' house in Rancho Santa Fe, California. It took more than four years before the three pleaded guilty to counts related to theft and possession of unauthori zed calling-card numbers and unauthorized access to computer systems. Lindsley who received one of the longe st prison sentences in hacking history, refused to identify the voices of other hackers on tape. Bosanac faces a maximum sentence of 15 years. His attorney Peter Hughes said that Bosanac will likely receive around 20 month s in prison, in part because of his plea. After the 1995 raid, Bosanac worked for a San Diego Internet company owned by A T&T, a Phonemaster victim. The company fired him after learning he had had hacked into their system, a federal prosecu tor said. Bosanac, who remains free on a $25,000 bond, now works for a San Francisco firm that is aware of his case, Hughes said. Not as sexy, but more dangerous It's understandable if you haven't heard of the Phonemasters. With the exceptio n of local newspapers reporting on hometown criminals or the so-called hacker media reports, the national media ha s largely ignored the Phonemasters and others like them. "Lately the media has been caught up in Web defacement," said Yarbrough, who also leads the FBI's cyber crimes task force in Dallas. The actions of Web defacers are typically confined to replacing the "home pages ," or index files of a Web site with text and images that either - in the case of "hacktivism" - reflect a political or social viewpoint, or simply boast that the hacker had access to the site. Frequently, in an attempt to show no ac tual malice toward the site administrators, the hacker saves a copy of the original home page on the server or even leaves a text file containing a blueprint of how the hacker got access. In its most common form, Web site defacement causes very little actual damage w hen compared to a large-scale intrusion like the ones made by the Phonemasters. But the site that has "I own you" scraw led on it is a lot more obvious and brash than illegal charges made on thousands of calling cards. Hence, the graff iti artist gets what many of them want most: publicity. That's not only a shame, say some computer crime observers, bu t it's also very dangerous. "The web graffiti kids really affect public perception," says Brian Martin, adm inistrator of the Attrition.org site, which logs and comments on computer hacks. "Because of vague wording and unfoun ded comments, journalists often imply that because a Web page was defaced, an entire network was compromised. That is hard ly the truth. Most of the time these kids couldn't touch the internal network." Phonemasters' skills gave them a 'power trip' To Martin, the public should be more worried about people with the skills of th e Phonemasters. "The level of knowledge they possess about computer systems, phone systems in p articular, is amazing. In many cases they know more than highly paid and specialized technical operators of the syst ems they are into." Martin suggests the Phonemasters were driven by two quests common to hackers: " learning and exploration." Then the just as common third purpose, a power trip. "They liked having access to any an d all kinds of information." Martin has written several essays urging "script-kiddies," a demeaning term for hackers who use ready-made programs written by others for breaking into systems, to cease defacing Web sites. He wr ites that it's not worth the almost inevitable discovery and punishment by authorities for such little accomplishme nt as inconveniencing a site administrator for a few hours and scaring some customers. "It disgusts me to see media attention being given to kids with scripts," Marti n says. "Their annoying kiddie messages are a waste of time for all involved. Their weak justifications for hacking are only there to make them feel better about their activities and give it some sense of righteousness. The media dutif ully inflates their egos when they get lucky and find some big corporate or military server vulnerable to the latest s cript they got." Larger hacks slip under radar Space Rogue is an employee of Boston-based L0pht Heavy Industries, a hacker thi nk tank, and is the editor of Hacker News Network. He suggests that the Phonemasters have slipped under the national medi a radar because their intrusions are phone-based, and don't specifically involve the Internet. "The Internet is the hot technology topic at the moment and has been for some t ime. If it does not involve the Internet, people don't want to report on it. But this is a major crime and should be repo rted on. I just don't understand it," he says. Like Martin, Space Rogue thinks the skills of the Phonemasters go far beyond the abilities of the Web graffiti artists. "The Phonemasters can not be compared to script-kiddies in any way. Th e first are knowledgeable people who have learned systems inside and out. Script-kiddies can click a mouse on a button th at says 'run'. There is absolutely no comparison." Those "script-kiddies" shouldn't feel like their acts are being ig nored by authorities, though. As the Internet continues being a vehicle for commerce, Web site defacements are incre asingly having economic consequences. Attacks against electronic business and government sites "both carry big proble ms. It's not the equivalent anymore to spray painting billboards on the highway," U.S. Attorney Yarbrough warns. If e-commerce sites have to be closed to repair defacements, those companies ca n lost tens of millions a day in lost revenue, he said. Martin, who mentions that the Phonemasters taught him some tr icks as well, praises the Phonemasters for their restraint. "They had the power to destroy entire companies, crash pho ne networks and more. Yet they didn't." "The real evil is guys with the Phonemasters' skillset, but a lot less ethics," Martin says. ******* **END** ******* ============================================================== 1. The iDEN system (part 1)=================================== ============================================================== The iDEN System There will be 2 parts to this article so watch out in future issues f or the follow up!, If anyone has any questions feel free to email the teamphreak email a nd ask for mcphearson. 1. iDEN System Diagram 2. Network components 3. What iDen really is iDen System Diagram [OMC] {PSTN} / | \ ( ) ( ) \ / | \ /\ /\ |MSC| | |DAP| / \ / \ / | | | / \ / \ [MMS] [IWF] | [MPS] ________ ( ) ( ) | / | (Ebts) (Ebts) | / | ( ) ( ) |BSC|________| / / / |Signal Recievers| |Signal Recievers| Network components 1. DAP ( Dispatch Application Processor ) 2. MSC ( Mobile Switching Center ) 3. MMS ( Message Mail Service ) 4. MPS ( Metro Packet Switch ) 5. EBTS ( Enhanced BAse Transceiver System ) 6. BSC ( None ) 1. DAP is responsible for the coordinaion and control of dispatch communications. The iDen system allows users to send and recieve dispatch calls without having to be in a certain area. The Dap will Track your unit when it is turned on, the MINs an location are automatically registerd at the DAP and tracked untill the unit is turned off. The DAP provides site allocation which intelligently illuminates only those sites which are required to complete Dispatch calls reducing RF channel usage. 2. MSC is the telephone switching office for all calls that are sent or recieved by the units. It is also the interface between the PSTN and the iDEN network. The MSC controls the call set-up and routing by functioning like a land network switching office. To Protect against Fraud, the MSC operates an advanced security system which controls access to the radio channels, ensuring that critical identification paremeters are never transmitted over the air. 3. MMS encompasses all the software and hardware required to store and deliver alphanumeric text messages. The MMS is like a pager and can hold up to 16 messages and 140 characters each. 4. MPS provides one to many switching between the EBTS and the DAP for dispatch voice and control. The MPS enables wide area dispatch communications services also including affliatted subscriber units and dynamic replication and distribution of voice packets for rapid set up of networking routing, resiliency, redunancy and cost effectiveness 5. ETBS is the cell site that links the mobile subscribers to the fixed network.It is the main element for phone and data services. The EBTS makes it possible for subscribers to access any of the 4 services in the iDEN network; telephone,dispatch,text messaging, and data. The main radios at the EBTS sites actually perform the communications with the units, sending the control information and the conpressien speech uing TDMA tecnology. Each main radio handels one 25kHz, 800MHz channel with up to 6 time slots. Each time a unit in a iDEN system want to place a call or anything of the sort, that transmission is controlled by the BSC. 6. BSC it is the controlling unit between the cell site aka EBTS, and the MSC that processes each type of transmission. The transmission system compresses and encodes the data channel allowing a single T1/E1 link to carry 4 times the number of traffic channels! The BSC also transcodes the digital VSELP phone call to PCM (Pulse Code Modulation) to enable communication with the PSTN. What iDen really is: Iden Stands for Integrated Digital Enhanced Network it provides several feature s (listed below) *Phone *Two-way Dispatch (Radio) *One-to-one (Private) *One-to-many (Group) *Short Messaging Services (SMS) *Packet Data *Circuit Data ******* **END** ******* ============================================================== 1. Basics On Smart Cards ==================================== ============================================================== Basics on Sart Cards with a little extra info and possible uses. First of all I am rewriting this after writing an article for 2600 maga zine that may or may not be published. This text will be more in depth hopefully. Now for a standard disclaimer, I kn ow it sucks but gotta cover ones ass. This text is for informatinal purposes only, any damages you may incure from yo ur own criminal or stupid idiotic retarded ass activities is strictly 100% YOUR FAULT NOT MINE!!!!!!!!! Now that having been said, on to the info. These cards are used in var ious manners, and for various things. One of the easiest ways to get started is if you have satelite TV such as the d ish network or the DSS system. I have also seen these things for cellphones where there are large perforations around the contact pad where you punch it out and install it into the phone and this holds things like the s erial number, telephone number etc. There are various sources for the hardware, and such. You can get readers, wri ters, reader/writers, and unloopers. Most come with some pretty self explanetory software thats pretty basic and com es on a floppy. For the purposes of this text I will discuss the DSS satelite cards. Ho wever it shouldn't be too different or too hard to figure out any of the others. Basically how information is writ ten to these cards is an image. The software will interface with the hardware (which connects to the serial por t with no drivers to speak of, and also are available in USB) and take an image and load it into the software in w hat first appears to be raw data. This data is written in hex. You have a couple of options at this point, you can decipher the hex co de and how the system works then edit it as need be, you can save it, and then load it onto other cards, or you can wipe it and load a different image, such as one to get all the channels for free. If you are going to play around with this and your own satelite system I recommend saving the original image on the card, so you have a backup, and yo u will definately want an unlooper in case the card locks up and won't allow you to load any more images into it, as these things for the DSS system have a limit on how many times they can be writen too which is where the unlooper co mes in, it allows you to start writing to the card again. To play around with it take a look at what might be some relevant infor mation and change some values, and then write it to the card, then give it a test and see if it worked or what the effe ct was. There is no need to get an external hex editor because one the software has one built in and for another I am not s o sure you can use an external one, that it would save in the right format or anything like that. I didn't have but an hou r or two to experiment with this, but I fully intend on getting some of this stuff and experimenting more. You might b e saying, this isn't enough information for me to go hacking into shit, and your right it's not. Part of hacking is LE ARNING for yourself. This text is to get you started and give you a basic understanding of h ow these things work, the rest you have to figure out for yourself and if you have a little money, and know how to use a s earch engine you can definately learn. I am not going to hand you everything on a silver platter, because I would be d oing absolutely nothing for your intelect. If you still want to bitch look at it this way, I could have given you even LES S information making it much harder. So for now Happy hacking. FANTACMET ====_==_============_===================== | | | \ | | / /====================== | | | \ | |_/ |====================== |__ | | \| | \ _/====================== ========================================== http://musicforhackers.com http://ppchq.org http://phreakbc.com http://9x.tc http://f41th.com http://phonelosers.org/.net http://blacksun.box.sk http://scenewhore.trance.nu http://verizonfears.com Special Thanks to our good friends at ............. *** *** ********** ********** *********** *********** *** **** *** ********** ********** *********** *********** *** ***** *** *** *** *** *** *** *** *** ****** *** *** *** *** *** *** *** *** *** *** *** *** *** ********* *** *********** *** *** *** *** *** *** ******** *** *********** *** *** ****** *** *** *** *** *** *** *** *** **** ********** *** *** *** *********** **** ******* *** *** ********** *** *** *** *********** **** ******* "Go kill someone or better yet go download some more porn." - mcphearson outh.bellsouth.bellsouth. bellsouth.bellsouth.bells bells.--------------.outh bells| |outh bells| |outh bells| .----------. |outh bells| | END | |outh bells| .----------. |outh bells| *** |outh bells| END |outh bells| *** |outh bells| _ |outh bells| | ||outh bells| |_||outh bells.--------------.outh bellsouth.bells| end |outh.bellsouth. bellsouth.bells| end |outh.bellsouth. bellsouth.bells| end |outh.bellsouth. bellsouth.bells| end |outh.bellsouth. bellsouth.bells| end |outh.bellsouth. bellsouth.bells| end |outh.bellsouth. bellsouth.bells| end |outh.bellsouth. bellsouth.bells| end |outh.bellsouth. bellsouth.bel| END |lsouth.bells. bellsouth.bel|__Sucks__|lsouth.bells. bellsouth.bellsouth.bellsouth.bellso. NPANXX - Volume 1 Issue 2 - 11/05/01 "Ghost Busters Underground Crack House" Proud Sponsers of the ..... | | | | \ | | _ \| ____| _ \ / ___| _ \ / _ \| | | | \ | | _ \ | | | | \| | | | | _| | |_) | | _| |_) | | | | | | | \| | | | | | |_| | |\ | |_| | |___| _ <| |_| | _ <| |_| | |_| | |\ | |_| | \___/|_| \_|____/|_____|_| \_\\____|_| \_\\___/ \___/|_| \_|____/