8888 8888888 888888888888888888888888 8888:::8888888888888888888888888 8888::::::8888888888888888888888888888 88::::::::888:::8888888888888888888888888 88888888::::8:::::::::::88888888888888888888 888 8::888888::::::::::::::::::88888888888 888 88::::88888888::::m::::::::::88888888888 8 888888888888888888:M:::::::::::8888888888888 88888888888888888888::::::::::::M88888888888888 8888888888888888888888:::::::::M8888888888888888 8888888888888888888888:::::::M888888888888888888 8888888888888888::88888::::::M88888888888888888888 88888888888888888:::88888:::::M888888888888888 8888 88888888888888888:::88888::::M::;o*M*o;888888888 88 88888888888888888:::8888:::::M:::::::::::88888888 8 88888888888888888::::88::::::M:;:::::::::::888888888 8888888888888888888:::8::::::M::aAa::::::::M8888888888 8 88 8888888888::88::::8::::M:::::::::::::888888888888888 8888 88 88888888888:::8:::::::::M::::::::::;::88:88888888888888 88 NPANX X 008 8 8888888888888:::::::::::M::"@@@@@@@"::::8w8888888888888888 Volum e 002 - Issue 003 88888888888:888::::::::::M:::::"@a@":::::M8i888888888888888 "Keep ing the scene alive" 8888888888::::88:::::::::M88:::::::::::::M88z88888888888888888 8888888888:::::8:::::::::M88888:::::::::MM888!888888888888888888 888888888:::::8:::::::::M8888888MAmmmAMVMM888*88888888 88888888 888888 M:::::::::::::::M888888888:::::::MM88888888888888 8888888 8888 M::::::::::::::M88888888888::::::MM888888888888888 88888 888 M:::::::::::::M8888888888888M:::::mM888888888888888 8888 888 M::::::::::::M8888:888888888888::::m::Mm88888 888888 8888 88 M::::::::::::8888:88888888888888888::::::Mm8 88888 888 88 M::::::::::8888M::88888::888888888888:::::::Mm88888 88 8 MM::::::::8888M:::8888:::::888888888888::::::::Mm8 4 8M:::::::8888M:::::888:::::::88:::8888888::::::::Mm 2 88MM:::::8888M:::::::88::::::::8:::::888888:::M:::::M 8888M:::::888MM::::::::8:::::::::::M::::8888::::M::::M 88888M:::::88:M::::::::::8:::::::::::M:::8888::::::M::M 88 888MM:::888:M:::::::::::::::::::::::M:8888:::::::::M: 8 88888M:::88::M:::::::::::::::::::::::MM:88::::::::::::M 88888M:::88::M::::::::::*88*::::::::::M:88::::::::::::::M 888888M:::88::M:::::::::88@@88:::::::::M::88::::::::::::::M 888888MM::88::MM::::::::88@@88:::::::::M:::8::::::::::::::*8 88888 M:::8::MM:::::::::*88*::::::::::M:::::::::::::::::88@@ 8888 MM::::::MM:::::::::::::::::::::MM:::::::::::::::::88@@ 888 M:::::::MM:::::::::::::::::::MM::M::::::::::::::::*8 888 MM:::::::MMM::::::::::::::::MM:::MM:::::::::::::::M 88 M::::::::MMMM:::::::::::MMMM:::::MM::::::::::::MM 88 MM:::::::::MMMMMMMMMMMMMMM::::::::MMM::::::::MMM 88 MM::::::::::::MMMMMMM::::::::::::::MMMMMMMMMM 88 8MM::::::::::::::::::::::::::::::::::MMMMMM 8 88MM::::::::::::::::::::::M:::M::::::::MM 888MM::::::::::::::::::MM::::::MM::::::MM 88888MM:::::::::::::::MMM:::::::mM:::::MM 888888 MMM 8888888 NPANXX 008 MMMM 88888888 MMMMM @@@@@@@@@ @@@@@@@@@@@@@@@@@@@@@@@@@@@ @@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@ @@ @@ @@ 1.Team Phreak Christmas time cheer poem ................. downtime @@ @@ 2.Extinction Of Personal Freedom ............................. bor @@ @@ 3.Ghosting a Nokia 5165 .................................... l4m3r @@ @@ 4.Fax on demand ............................................ ic0n @@ @@ 5.What MCI Doesn't Tell You, Could Hurt You ....... dark fairytale @@ @@ 6.A Guide To Counting and Converting Octal .............. windead @@ @@ @@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@ @@@ @@@ @@ @@@@ Team Phreak Staff @@ @@ @@@@@ @ @@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@ @@ @@ @@ Member Email @@ @@ @@ @@ bor bor@teamphreak.net @@ @@ downtime downtime@teamphreak.net @@ @@ parenomen parenomen@teamphreak.net @@ @@ phractal phractal@teamphreak.net @@ @@ stain stain@teamphreak.net @@ @@ Article submission articles@teamphreak.net @@ @@ Email staff staff@teamphreak.net @@ @@ @@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@ @@@@@ @ @@ @@@@ Note From Editor @@ @@ @@@ @@@ @@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@ @@ @@ @@ @@ @@ Team Phreak contributes to the scene. We write @@ @@ our own articles and do not rely heavily on outside @@ @@ sources for our issues (unless other wise noted). @@ @@ We may use other materials for news articles or in @@ @@ research purposes to verify what we type is fact, @@ @@ but we guarantee that all articles are written @@ @@ by us and anyone who wishes to contribute orignal @@ @@ texts. Also please come and vist us on irc at @@ @@ EFNet. You may use the following servers to connect @@ @@ to EFNet,irc.rt.ru, irc.prison.net, and @@ @@ irc.vrfx.com. Please join us on the world wide web @@ @@ at www.teamphreak.net @@ @@ @@ @@ - Parenomen@teamphreak.net @@ @@ @@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@ @@@@@ @@@@ Shoutouts @@@@ @@@@@ @@@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@ @@ @@ dark fairyTale windead @@ @@ vap0r ic0n @@ @@ ozlo #telconinjaz +k @@ @@ kungfoo aphrax @@ @@ iluffu burnt circut @@ @@ j0o doctorx @@ @@ visual kmem @@ @@ zylone @@ @@ phishstlk @@ @@ frag @@ @@ l4m3r @@ @@ Everyone in EFnet #teamphreak @@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +-+-+-+-+-+-+-+-+-+-+-+ |N|P|A|-|N|x|x|-|0|0|8| +-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+ |I|n|t|r|o| +-+-+-+-+-+ Whats up all you slack eyed, half crazed, a little insane, techno wanna be intelligent freaks! Here is a brand new issue of NPANXX! Don't worry, we know y ou fear it and love us. We know. Here is some information that'll make you fall o ver in your chair, smack your mom, and load a huge bowl just to get a glimpse of wh at the hell we are talking about. We've packed this issue with a little bit of everything from each of our minds. (Pretty scary huh?) We are some crazy mofos. Anyway, we've had some troubles lately with our site, and getting things rolling, but now we got it all under control. We got up off of our lazy, slacking, no good for shiz asses and put something together that duck tape can't even keep together, so watch out! TeamPhreak is back, slicing, dicing, and doing everything that Chef Boyardee can't to give you the information that you only dream about in your wettest dreams, so wait no longer, scroll right down and read! read! READ! - downtime 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 88888 88888 8888 1.Team Phreak Christmas time cheer poem 8888 888 Written By: downtime (downtime@teamphreak.net) 888 888 Written For: NPANXX008 (www.teamphreak.net) 888 8888 Written On: 12/22/02 8888 88888 88888 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 It's Christmas time And TP's on the prowl Even Parenomen, Yes, He's hit puberty now! Bor is at home Supplying the speed Giving us the network We so badly need Where oh where Is that damned stain If something goes wrong He's the one we blame But all is well And we're still here Supplying you all With TP's Christmas cheer So forget your presents Forget all of that It's a new issue So chill and relax While we feed your mind With information thats new 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 88888 88888 8888 2.Extinction Of Personal Freedom 8888 888 Written By: bor (bor@teamphreak.net) 888 888 Written For: NPANXX008 (www.teamphreak.net) 888 8888 Written On: 11/16/02 8888 88888 88888 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 DISCLAIMER: ----------- The following article does not represent the political stance of any member of Team Phreak, with the exception of bor. My political views and notions of the world DO NOT reflect those of any other member of Team Phreak. All critcism of this rant should be directed towards me :-) ------------------------------------------------------------------ Introduction: ------------- It seems that as time goes on, and people get more politically correct, this country of ours is turning into one giant pre-school. No longer are people allowed to be ignorant or stupid. In this day and age, killing someone because of their race carries a larger penalty than simply killing someone for any other reason. Shouldn't the act carry the same harsh penalty no matter what your motive was? In today's america, people get scared, and they call for security, but do we allow ourselves to do anything that would be considered anti politically correct? No. When american's get scared, we simply tell the government to fix it, but don't go out of your way to keep our rights... who needs them? In today's america, people have forgotten what this county was founded on. No one remembers that our personal freedoms are what made us different from many countries in the world. Today in america, if someone doesn't like what someone said to them, they can pass a law. If someone doesn't like the fact that someone is smoking in a restaurant, pass a law. If someone thinks that we need to be safe...Watch everyone. That's the way it seems to work now. If someone wants something done, then pass a law. Restrict us even more. Take away more and more rights. Lets make more laws, and take away more rights. Lassen Sie mich Ihre Papiere sehen. ----------------------------------- In over a year, we have gone from being secure with no strong visible problems, to a country that wants to build a central database which would include every website that you visit, every time you fill your car with gas, every credit card transaction, among other things which they probably don't want us to know. Under the spreading chestnut tree...I sold you, you sold me. ------------------------------------------------------------ Today america is still a country with great freedoms. Compared to many other countries in the world, we have more freedom, live better, and pay far less taxes. However with upcoming terrorist attacks more likely than ever, how much will people panic? When people got scared after September 11th, we allowed the government to pass law's with access to our personal lives like never before. No longer does the FBI need a court order to tap your phone line or watch your email. No longer will someone exploring a computer system be free from un-needed persecution. No longer do we have the rights that we had before. And what about after the next attack? What happens after we get attacked one more...or even two more times? Will there be marshall law? Will the military have to take over the streets after the scared and ignorant riot? Will the government be forced by the will of the ignorant to force people to "show us their papers?" How long before america gets more and more like nazi germany? There's a simple solution to all of this rather than taking away our personal rights to live and breathe like normal. If we would simply close the borders to this country, our rights could be protected without reprocussions. Would this totally rule out terrorist attacks by citizens of the United States? No, but nothing that we're doing now makes sense as it is. While we check ever third person in line at the airport, the terrorist who can count gets right through the line. While we patrol the skies, who is patrolling the borders? Stability, insisted the Controller, stability. The primal and the ultimate need. Stability. Hence all this. ----------------------------------------------------------------- No need to walk to another restaurant today. The whiners of America have forced the entrapaneur to force away business from his own establishment. More and more states are passing laws which FORCE business owners to conform to the requests of a few people. No longer can a restaurant owner simply put a non-smoking section in their restaurant, no smoking is allowed at all. The amendments all say the same thing. They all insist that it is for the health of the public. Everyone insists that it's for our own good. Why are we not allowed to choose what is for our own good? Why can't the business owner decide who's business he wants to turn away? In today's america, if we can't please everyone, we must please the people who are "trying to protect us." Why can't the non-smokers simply decide to go to another restaurant that doesn't allow smoking? There are hundreds of restaurant in every major city. I'm not a smoker myself, however even though I'm not, I believe that if I don't want to smell cigarette smoke, and someone has decided to allow it in their establishment, it should be up to me to go somewhere else. Why punish the business owner for having such a policy? Conclusion: ----------- Today, America is much too hesitant to keep what this country was founded upon. No longer is it okay to have personal rights. No longer is it acceptable to be stupid or ignorant...it is a crime in many cases. Today in America, we no longer have the right to choose who we want in our own businesses. Today in America, it's looking a lot more like Mexico, rather than America. Will we ever gain our personal rights back? Maybe once the borders are closed it will be a start. While we are the only country left in the world who allows nearly anyone in, Australia and other countries with strict imigration policies have less crime, and do not need such drastic changes in their laws every couple years. Keep america like it was. Allow us to be stupid, idiotic, and ignorant. Allow us to choose who is allowed into our businesses. Allow American's to choose what's right and wrong for them within the limits of the law. But don't change the law to choose what's right and wrong for us. 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 88888 88888 8888 3.Ghosting a Nokia 5165 8888 888 Written By: l4m3r (phoneboy@innocent.com) 888 888 Written For: NPANXX008 (www.teamphreak.net) 888 8888 Written On: 12/05/02 8888 88888 88888 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 Introduction: ------------- Have you ever heard of a 'burnout' or ghost phone? Well, I hadn't until this summer. I was on a greyhound bus riding up to NYC to meet my crack connect ion and this brother man next to me started talking about 'burnout' cell phones. Being the shady phone Phreak that I am, I pumped him for as much information as I could. Unfortunately, the fucker couldn't give me shit. Well, this information lay dormant in my head for several months. Until a klubie popped into #cellular and asked, "what's a burnout number?" This individual, being a klubie, had no initi ative to actually do some research. I'm telling you, phreaks best friends are his voice, for social enginee ring, and http://www.google.com for looking before you ask. Remember there are no stu pid questions, just stupid people. Anyway, my interest had been rekindled, so I use d my second best friend and started searching. Two cellular message boards were my p rimary and most valuable finds. I discovered that 'burnout' is street slang. Most phre aks actually call them ghost phones, or ghost numbers. I also learned that any moro n could do this with the proper instructions, like the ones contained in this fil e. Ghost Number: -------------- So what is a ghost number anyway? For all intents and purposes, it's a number that you can use to make free phone calls with. Why they work is all theory. I've yet to meet anyone with actual knowledge on the matter. Following are some existing theories. One theory is that ghost numbers are actually cellular numbers from oth er Areas (roamers) that pass certain tests on the cell tower/cell switch that your currently on, such as matching up in a database of cellular npa-nxx's etc. This makes sense on one level because several ghost numbers have been tracked back to a cellular switches. Unfortunately I haven't been able to check a large amount of ghost numbers. Test this theory yourself. This is interesting in the search for new ghost numbers, assuming this theory is correct. Another theory, a little weaker, is that the switch actually logs all the roaming calls made and then communicates them back to the "ghost" switch at a later time. With no real time authentication, the ghost slips by. Now either of these theories could be complete bullshit or both could h ave a basis in fact. Irregardless ghost numbers are most definitely a glitch in the switching software. Whether it's the switch or the cell towers software is anyo ne's guess at the moment. In order to test the location of software glitch, try movi ng around with your ghost numbers. See if you can determine if its cell tower or s witch dependent, remember you're probably going to have to change your SID if you cha nge switches. Ghost numbers don't work everywhere, so I'm leaning towards a switch dependent glitch. Finding a Ghost Number: ----------------------- To find a ghost number, locate an NPA near you but not your own. Progra m a number with that NPA into your phone, starting with NXX 200. The last four digi ts don't matter. So if your NPA was 202, you'd program 202-200-XXXX into your phone. If you can't call with that number try the next NXX, 202-201-XXXX keep going until you reach 999. If there are no ghost numbers in that NPA, move onto another. I should remind y ou that this does not work in all areas, and you may scan until your fingers turn black , blue, and eventually bleed. Sorry about your luck. Nokia 5165: ----------- The Nokia 5165, this is the phone I have, so this is the phone I will t ell you how to ghost. If you don't have this type of phone, go fuck yourself... It all goes back to the introduction, its easy enough to find out how to ghost your Particulate phone. All you have to do is change the NAM and getting to that menu only requires you to input a simple code (for most phones, some need data cables... in which case, get a d ifferent phone). The code for most nokias and the 5165 included is *#639# enter that int o the phone and you'll be prompted with "Cellular Number:" Now, input your ghost number. Ne xt, you'll then be prompted with "Enter Code:" this is the prompt for your SID enter one l ocal to you. The phone will then reboot. Call your local FBI field office, if someone answer s... SCORE! You have a ghost number. Additional 5165 codes and menus: -------------------------------- Display Phone History *#92772689# Serial Number... Made....mmyy Programming Date mmyyyy Repaired..mmyy Transfer user data? Life timer..0000:00 Display Software Version *#9999# V 07.01 09-01-02 NSW-1 CSD Ver. 390.01 0 Programming Menu *3001#12345# NAM 1 Home System ID System ID: Home SOC Home SOC: Own Number Number: Message center number Number: Gateway no. Number: Alpha tag Alpha tag: PSID/RSID lists P/RSID 1 P/RSID 2 P/RSID 3 P/RSID 4 P/RSID 5 Change defaults NAM status Enabled Disabled Access method 0 1 Local option 0 1 Primary paging channel Channel: Secondary paging ch Channel: Dedicated A cch Control channel: Dedicated B cch Control channel: Overload class Class: Group ID Group ID: SID alpha tag control Enabled Disabled A-key code A-key: Public systems Password: ????? Private systems Password: ????? Residential systems Password: ????? NAM 2 Home System ID System ID: Home SOC Home SOC: Own Number Number: Message center number Number: Gateway no. Number: Alpha tag Alpha tag: PSID/RSID lists P/RSID 1 P/RSID 2 P/RSID 3 P/RSID 4 P/RSID 5 Change defaults NAM status Enabled Disabled Access method 0 1 Local option 0 1 Primary paging channel Channel: Secondary paging ch Channel: Dedicated A cch Control channel: Dedicated B cch Control channel: Overload class Class: Group ID Group ID: SID alpha tag control Enabled Disabled A-key code A-key: Public systems Password: ????? Private systems Password: ????? Residential systems Password: ????? Security Security code: Emergency Emergency number 1 Emergency number 2 Emergency number 3 SW Version V 07.01 09-01-02 NSW-1 Serial No. ESN: Programmed Field test Enabled Enabled+lights Disabled Useful Links: ------------- SID Sources: http://9x.tc/main.html http://www.justalurker.com Cellular Message Boards: http://www.cellphonehacks.com http://www.sotmesc.org/gcms/phreakbb/bbindex.html Switch ownership/type via NPA-NXX: http://members.dandy.net/~czg/search.html http://www.dslreports.com http://www.telcoexchange.com Glossary: --------- ESN Electronic Serial Number SID System Identification P/RSID Private/Residential System Identification SOC System Operator Code 0001 Cellular One 0003 Bell South Cellular 0004 Southwestern Bell Mobile Systems 0007 Vanguard 0008 Century Cellunet 0009 Pacific Telecom Cellular 0010 Midwest Wireless Communications 2049 US-AWS 2050 Canada-Rogers Cantel Inc. 2049 AT&T 2050 Rogers 2051 BellSouth 2052 South Western Bell 2053 Bell Mobility 2054 Telecom NZ 2057 PacTel 2063 US Cell Corp. 2078 Houston Cellular NAM Number Assignment Module NPA Number Planning Assignment (area code) NXX Prefix Shout outs: ----------- MDR & sherry from somesc & cellphonehacks respectively Also, the wonderful individuals of Team Phreak, I'm buying each and everyone of you a pony for Christmas All the individuals in #telconinjaz +k "Active Phreaks Actively Sharing Information" /knock and demonstrate activity/skill for key Oh yeah, and who could forget, your mom... 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 88888 88888 8888 4.Fax on demand 8888 888 Written By: ic0n (ic0n@phreaker.com) 888 888 Written For: NPANXX008 (www.teamphreak.net) 888 8888 Written On: 11/18/02 8888 88888 URL: http://www.hackerhost.com/lph 88888 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 Fax on demand is a system used by a lot of large corporations. Fax on demand only offers one feature witch is sending documents via fax machine. The cool part is that you can input any telephone number in North America and that's where it will be sent. I also should add that it's untraceable so that means you can attack whomever you want whenever you want and not have to worry about getting busted. When you dial into the fax on demand system 90 percent of the time they will say something like this..... 'You have reached blank corporations fax on demand system' Pretty easy to indentify huh? The other 10 percent will have one option to transfer you to the fax on demand system. They'll give you a few opinton's to choose from each company have there's setup differently but here's any idea of how there setup. Note: one system is actually setup this way 1: To get index of documents sent to you - Enter the fax number followed by the # key - Repeats number entered - If the number is correct press 1 - To re-enter the number press 2 2: To get documents sent to you - you may order up to 3-5 documents by entering your 1st section now.... Depending on how large the company is and how many documents they offer will effect how long the document numbers will be. I've seen everything from 1 to 5 digits Long. 9: To end the call Like I said earlier in this article each system is setup differently. Some have more features than others but none the less there pretty much the same. Another side note if for some reason when fax on demand calls and the line is busy it will call the party 3 more times. Some systems' will call 3 times with 15 min. intervals. Or the system will call 3 times within that 15 min's As an extra bonus I'll include some numbers for your phreak enjoyment!!!! 1-877-851-7443 1-800-446-6212 analog fax 1-800-909-0263 3m 1-800-909-0264 kinko's 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 88888 88888 8888 1.What MCI Doesn't Tell You, Could Hurt You 8888 888 Written By: Dark Fairytale (darkie@ppchq.org) 888 888 Written For: NPANXX008 (www.teamphreak.net) 888 8888 Written On: 07/09/02 8888 88888 URL: www.ppchq.org 88888 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 Chances are you already know someone who is subscribed to the MCI Worldcom Long Distance Calling Plan or may be a user yourself. Imagine if you will, recieving a rather large bill from MCI Worldcom with charges upon charges for calls you never made or know nothing about. How did this happen? Believe it or not, it is happening all across the US and the methods used to rip someone off may not be as entirely difficult as you once thought. While exploring the MCI Worldcom service, these past couple of months, I've discovered things MCI just might not want the average person to know. Things that are so obviously exploitable to almost anyone, but you may have never thought about. In this analysis I will discuss just how one person can go about charging calls to someone else with a little common sense, the use of a phone, and some social engineering skills. When signing up for an MCI account, most people aren't smart enough to read the fine print. Who reads fine print anyway? You may be getting stuck with something you don't exactly want attached to your bill, but guess what? There's nothing you can do about it because no matter what, MCI slips this little handy dandy feature into your calling plan. A little pushy, huh? So what is this feature you may ask. A 1-800 Number directed to your home line or any other line you may choose to use when signing up with MCI Worldcom. If you go to the MCI website (www.worldcom.com) and check out their calling plans you'll notice that the whole bit about the 800 number is on a completely different page and not mentioned in the calling plan. Kinda misleading, huh? If you sign up via the web, after you are confirmed, about a week later you'll recieve an email stating that your 800 is now active. WTF? 800 Number? Ehm, ok. So what's the big deal about this 800 number anyways? More on that later, because that's the very key to MCI's big security flaw. When signing up for MCI service you are asked the basic questions, name, address, etc. No big deal. After all of this, you are asked to provide a four digit security pin. What is this pin used for, you may ask? A couple of things as a matter of fact when it comes to MCI service. Are you starting to see the big picture yet? Focus. Most people are not that smart and are gonna pick pin numbers like: 1234, 1969, 4321, 6969. But then again, how hard could it be to guess an actual working pin number? Now this is where the 800 number comes in to play. I've also discovered that MCI owns the whole exchange of 1 800 484 ****. So let's say you call up any number in that exchange. What you'll usually get is an automated operator who asks for you to enter your 4 digit pin. Let's say for instance you enter 1234. If the pin is active on that 800 number it will begin to ring someone's home phone and guess who? The person with pin number 1234! Amazing, isn't it? If it doesn't work then it will ask you to re-enter your pin and if you get it wrong again you'll be forwarded to a live operator. Now where am I going with all this? Wait, it gets better. How terribly difficult is it for someone to call up 800 484 **** and enter random four digit pins until they finally come across a working pin? Ok, so let's say 1234 is in fact a working on this particular MCI 800. You call it up, enter your pin and a conversation with the person on the other end whom you are trying to own MIGHT go something like this: Person: Hello? You: Is Janet there? Person: No, I'm afraid you have the wrong number. You: Oh, I'm sorry, what number did I call? Person: 555 1212 You: Oh, that's funny, which area code? Person: 710 You: Ok, thank you, goodbye. Person: Bye. Ok, so some people might not wanna give out their area code so easily, but you'd be surprised just how many people are in fact willing to do so and think nothing of it. Think about it, how many wrong number calls have you recieved and people ask you which number they dialed? It happens everyday and most people don't think twice about it. It doesn't seem like that big of a deal at the time. After reading this you may think twice about doing so. So now you have the person's area code, home phone number, and MCI Pin, what the hell can we do that? Simple. If you haven't realized by now, you have just acquired an MCI Calling Card Number. Now that wasn't so hard, was it? The same pin that is used for your 800 number is also the pin used for your calling card. Great security measures on MCI's behalf, huh? The format of the MCI calling card is as follows: Area Code + Number + 4 digit PIN In other words, simply dial 800 888 8000 (Auotmated MCI Calling Card Number) and when it asks, enter "your" account info and wa la! You now have free long distance all at the expense of some other schmuck, who was too stupid not to sign up with MCI in the first place. On another note, you can also place International Calls with your newly acquired MCI account. Also, you may note that the account has unlimited minutes of use. I've seen these things last for months at a time before anyone caught on to what was happening. Just imagine, how many dollars worth of fraudulent calls could be racked up at just about anybody's expense due to pure stupidity on MCI's behalf. MCI really dropped the ball when it comes to security. There are so many ways this method of stealing calling cards could be avoided. Perhaps, separate pins for each account? That's not too difficult of a task. Do you really think MCI cares though? I highly doubt they do and the time it would take to change everyone's pin now is more than likely something they wouldn't be willing to do. Time is money. Also, I've been informed of another hole in the MCI service that you could incorporate into this little hustle. Whenever you call the MCI Direct 800's you'll notice that if you push * for about two seconds instead of entering any pin, you will automatically be forwarded to a random MCI subscriber. With that in mind, you could easily pose as an MCI Operator and come up with a number of different scenarios to attain someone's phone number and pin. As I stated earlier, we're not really doing genius' work here. Anybody with a little time on their hands, such as myself, could have thought of these little scams earlier and MCI should realize that. By not implementing larger security measures on their MCI long distance plans, they are basically slapping their customers in the face. Hopefully, someone from MCI might just read this article and understand what is happening and can actually do something about it for the sake of their customers, but I highly doubt that. I can also tell you that by speaking to the MCI operators themselves you might be able to con them out of a pin and phone number rather easily. About a month ago on a teleconference redxer and myself were having a little fun with MCI Worldcom when we forwarded to an operator. Redxer was able to get a pin and phone number out of them in about 5 minutes. Makes you wonder what kind of people they are hiring to work for MCI. Obviously not the brightest people on the planet. I do not encourage anyone to try the things discussed in this analysis of a very serious security problem on MCI's behalf. Doing so would more than likely subject you to federal prosecution. Plus, I'm one hundred percent positive that MCI logs all calls on their 800 numbers. So, unless you have a surefire way of not delivering your ANI, I wouldn't even attempt these actions. It's your life though. I'm sure some of you will be trying and won't care what I just said. Finally, please note, you've been warned of the consequences you may face when attempting to rip off MCI. Shouts: NPANXX, Team Phreak, parenomen, all my niggas in PPC, sandniggor, Comic, redxer, sintaks, liquid, khecka, janus, lucid, actinide, herf, gigabyte, ray haque, rotary, wargod, my mom, and anyone else I may have forgotten. peace! 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 88888 88888 8888 6.A Guide To Counting and Converting Octal 8888 888 Written By: windead (w1ndead@hotmail.com) 888 888 Written For: NPANXX008 (www.teamphreak.net) 888 8888 Written On: 01/12/03 8888 88888 88888 8888888888888888888888888888888888888888888888888888888888 8888888888888888888888888888888888888888888888888888888888 Well, I'll start off with a quick description of Octal's history. It all started out with DEC's Minicomputers which were made to challenge the IBM Supercomputers which were out at the time (1960's). DEC made sure that no software could be moved from IBM mainframes to DEC Minicomputers, DEC designed its machines completely in base 8. Now heres the fun part... lets try counting to 10 in Octal (base 8, remember) 1, 2, 3, 4, 5, 6, 7, 10, 11, 12. Now, they didnt get rid of 8 and 9, they just changed the names to 10 and 11. They didnt really change the names for the column's values though. The columns go as follows: Unit, then to the left of that, 10's column. But the annoying part about that is of course when they say '10' it actually is 8. so the 10's column actually has a value of 8. Heres an ASCII graph to show it a bit better. It comapres it to Decimal, which if you dont know is our common numbering system (taught in schools after 1960's). Octal Decimal Numeralals Equivalent 1 1 2 2 3 3 4 4 5 5 6 6 7 7 10 8 11 9 12 10 13 11 14 12 15 13 16 14 17 15 20 16 21 17 22 18 23 19 24 20 That should give you a pretty good idea about Octal vs. Decimal. Remember that each column in a given number base has a value base times the column to its right, so the tens column in Octal is actually the eights column. The next column is the hundreds column, but the hundreds column actually has a value of 8 x 8, or 64. Next column has a value of 64 x 8, or 512, and next is 512 x 8, or 4,096. A digit in the first column (units, or ones) tells hows many units are contained in the octal number. A digit in the next column to the left, the tens column, tells how many eights are contained in the octal number. A digit in the third column, the hundreds column, tells how many 64's are in the octal number. for example 400 Octal would mean that the number contains four 64's. which is 256. so the decimal form of 400 octal is 256. Lets dissect a number to make conversion a bit easier. Octal number 76225 7 would be in the 4096 column, so 7 would = 28672 6 would be in the 512 column, so 6 would = 3072 2 would be in the 64 column, so 2 would = 128 2 would be in the 8 column, so 2 would = 16 5 would be in the 1 column, so 5 would = 5 28672 3072 128 16 + 5 =31893 in decimal. And thats that. It takes a little while to get used too, but not all that hard, either. Do you remember those old CompuServe numeric accounts? they looked like "76711,470". Notice theres no number higher than 7? Thats because When CompuServe was created (a long time ago) they were using a large bank of DEC computers, with all their login ID's in octal. But they changed their systems and started using alphabetic ID's. ********** **The***** *****End** ********** __________ / ________/ / / _____ _____ _ __ _ _______ / /________ / __ \ / __ \ / / / | / / /__ __/ \_______ / / /__/ / / /__/ / / / / | | / / / / / / / ____ / / 0wned! / / / /| |/ / / / ________/ / / / / / | | / / / / | / / / / /_________/ /_/ /_/ |_| /_/ /_/ |__/ /_/ <==$Phractal$==> Special Thanks to our good friends at ............. *** *** ********** ********* * *********** *********** *** ******************** **** *** ********** ********* * *********** *********** *** ** Special links ** ***** *** *** *** *** ** * *** *** *** ******************** ****** *** *** *** *** ** * *** *** *** http://9x.tc *** *** *** *** *** ********* *** *********** *** http://f41th.org *** *** *** *** *** ******** *** *********** *** http://phonelosers.org/.net *** ****** *** *** *** *** *** *** *** http://hackerhost.com/lph/ *** **** ********** *** ** * *** *********** *********** http://verizonfears.com *** *** ********** *** * ** *** *********** *********** http://undergroundnewsnetwork.com http://ppchq.org Quote of the issue : "My intro i s gonna smack you like a 5lb scrotum" - downtime _ _ _ _ ____ _____ ____ ____ ____ ___ _ _ _ _ ____ _ _ _____ _ _ _____ | | | | \ | | _ \| ____| _ \ / ___| _ \ / _ \| | | | \ | | _ \ | \ | | ____\ \ / /|___ | | | | | \| | | | | _| | |_) | | _| |_) | | | | | | | \| | | | | | \| | _| \ \ _ / / / / | |_| | |\ | |_| | |___| _ <| |_| | _ <| |_| | |_| | |\ | |_| | | |\ | |___ \ \| |/ / / <_ \___/|_| \_|____/|_____|_| \_\\____|_| \_\\___/ \___/|_| \_|____/ |_| \_| _____| \_____/ /____| _ _ ____ _ _ _ ___ ____ _ __ | \ | | ___|__| |__\ \ / // _ \ | _ \ | | / / http://UnderG roundNewsNetwork.com | \| | _||__ __|\ \ _ / /| | | || |_) | / / http://UnderG roundNewsNetwork.com | |\ | |__ | | \ \| |/ / | |_| || _ < | |\ \ http://UnderG roundNewsNetwork.com |_| \_|____| |_| \_____/ \___/ |_| \_\| | \ \ http://Underg roundNewsNetwork.com