^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^ ^^
^^ Technical Hacking: Volume One ^^
^^ ^^
^^ Written by:The Warelock ^^
^^ SABRE elite ^^
^^ and Lords of Darkness ^^
^^ presentation ^^
^^ ^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In technical hacking, I will mainly talk about the moret
technicly oriented methods of hacking, phreaking, and other fun stuff... In
this issue I plan to discuss the various protection devices ( filters,
encription devices, and call-back modems ) that large corporations and networks
use to 'protect' their computers, I will talk about and describe the various
types of computer (hardware) protection, the way they work, how to surcomvent
them, and other sources of information that may be available on the devices...
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Filters
----------
A filter, a box like contraption that hooks in between the computer and the
phone-line, is used, instead of a password program, toID each user and to
verify his password... Why the companies decided to make a hardware version of
a verification program, I don't know. For no matter what kind of password
system you use, there are still Users with passwords that make it a pleasure to
hack (love, password, access, sex )...
Sircumventing a Filter: Filters are no harder to get around thatn a good,
secure password system... There are still several default passwords in most
( the usuall "demo" or "test" account) and usuall hacks ( the hack-hack, data
base hack, circumvent hack, call-back hack, etc. All to be discussed in further
volumes) also work... A filter device, though, posseses several interesting
features and failings.. First of all, each filter system is geared for a
sertain number of computers... Thus several computer networks using filters
arent completely protected by the sole device on which they place all their
trust in ' protecting ' them... For example, several computer networks use a
sertain filter geared toward 4 on-line computer systems, but unfortinately for
them, they needed a fifth on-line computer...oops, there goes the whole syste!
Although they thought that since only a library computer, which doesnt require
security, was on-line (giving out no secret information) it wouldnt compromise
the rest of the system...They were wrong! For from the library computer (which
is already in the operating system, bypassing the filter) one could force the
operating system for the entire mainframe to place you in any of the other
terminals!!!
Finaly, an interesting feature of a filter system: ALL THE PASSWORDS ARE
STORES INSIDE THE MEMORY OF THE FILTER UNIT... therefore, once you are inside
the data base, you could set up a worm program that would slowly but surely
read all of the systems passwords from the filter FROM THE INSIDE!!!
Notes (names of filters, further readings, Aknolodgements):
EnterCept (filter) : USES : a six character ID of any ASCII variables
ComputerSentry : USES : (this one's a bitch... if you don't need to get into
the system badly, forget it...) a voice synthesiser thats asks for a touch-tone
ID of a variable number of digits...
DataFlo : USES : a six character ID that both identifies and is used as a Pass
Bay MultiPlex : USES : either a four or six letter/number ID code standar (no
individual ID's!!! It's usually this default: 524E )
For further Reading: try Bill Landreths 'Out of The Inner Circle', Basic
Telephone Security by an Annonomous author, or you can order specs. and
manuals directly from the company...(see end of text for company names)
----------------------------------------------------------------------------
Encription/Decryption Devices:
These are instaled directly inside terminals from which a system using this
type of device is called... These are mothers to hack, yet it is not impossible
many people say that once you see an encrypted carier, forget it... Not So!
A lot of times, an appearant encrypted carier is actually a standar modem
using a diffrent parity than your terminal... so fool around with that,
adjusting parity (and make sure you have a good connection, sometimes static
can cause some funny stuff to appear on the screen)and stop bits... besides
that, there's very little you can do... although if you know the make of
encryption device that the system is using, you may be able to adjust your
term program to correctly modify each character recieved... (for example:
a while back, there was an encryption device that simply added two points to
the ASCII value of each character and then sent it as that character, the
decription device on the other end took each value and subtracted two points
and printed the character! That simple! All I had to do was change my AE
to evaluate each character, subtract the two points, and print the character...
It was incredibly slow, but it worked...)
Notes:
Sherlock Information Systems: USES : An AuthentiKey, it is usually a standard
based on the serial number of the unit... Unless you can find that, it's a lost
cause...
Super Encryptor II: USES : nearly impossible, a key of about 40-50 characters..
almost impossible to break...
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Call Back Modems:
How these little beuties work is quite simple and was quite effective untill
a quite successfull method was descovered at breaking in... They work in
the following manner: A user calls a modem line, enters an account and ID, the
modem hangs up the line and then, using another line, calls back the authorised
number belonging to the code & ID in it's memory...
Circumvention: Actually, when you think about it, it turns out quite simply...
The modem usesone line to recieve calls and another to send them out...
the number is usually 1 or digit above the suffix of the number...EX:
(xxx) xxx-0001 <ingoing and (xxx) xxx-0002 <outgoing ) Now all you have
to do to get into the system is call it's OUTGOING line and wait... since the
modem is not designed to pick up on in-coming calls on its outgoing line, it
wont answer... but as soon as a valid user calls, it will pick up it's outgoing
line (which you are on... by the way, it is helpfull to simulate a dial tone
with a tape recorder as soon as the line is picked up...for several types
of call-back modems check for it) and dial the correct users number... andyou
are in!!!
Notes:
Sleuth: USES : name and password
Defender II: USES : A touch tone code
Data Sentry: USES : You enter a number and THEN after it calls you, you enter
the password... on this, you have to try different methods...
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
COMPANY NAMES:
ComputerSentry : TACT Technology (800) 523-0103
EnterCept : Sutton Designs Inc. (607) 277-4301
DataFlo : Bussness Security (800) 354-7330
Bay NetWokx : Bay Technical Assosiates (800) 523-2702
Sherlock Info. Security System : Analytics Comm. Systems (703) 471-0892
Super Encryptor II : Obsidian Computer Systems (408) 395-7900
Sleuth : C.H. Systems, Inc. (213) 854-3536
Data Sentry : Lockheed GETEX (404) 951-0878
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In future volumes: Password Program Surcomvention
E.S.S. Innards
Multi-Frequency In's and Out's
And other incredible stuff...
Look for future issues coming out about once a month... if you want to see
something specific, or would like to share info. for future publications,
contact The Warelock at any of the following boards...
St.Elsewhere...........(213) 273-8489
Norse Wanderer.........(213) 454-5427
The Reactor............(901) 373-3442
Master World...........(213) 478-5478
Shadow Land............(303) 939-9614
Later...
-/->The Warelock<-\-
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
