TUCoPS :: Dialup BBSes :: callver.txt

CBV: A File on how to beat those nasty call back verifiers. Never use your real number again and still get validated

              How to hack CBVs (Call-back Verification Systems)

                               a TC production


    Many BBSs today use "Call Back Verification Systems" to verify new users,
as opposed to having to voice verify all the new users.  Most of the BBSs
running the CVBSs are the mainstream boards, and are often run by shitheads
on a power trip, but sometimes it is useful to have accounts on these types
of system, and I'll tell you how to go about doing this...

    All of the verifiers I've seen worked like this:

1) User logs on / CBV is called

2) CBV displays text telling the user what to do

3) CBV hangs up

4) CBV dials users number

5) User answers phone with an ATA

6) BBS usually has a delay, then asks for the user's password

7) User enters his/her password

8) BBS upgrades user

The way the hacker tricks the CBV is by calling the BBS before the BBS dials
out.  This is accomplished in different ways... depending on the remote setup.

1) If the BBS's modem is set to answer the phone automatically, then all you
have to do is call before the CBV dials out... you should get a CONNECT
string, and you're on... (note: this doesn't always work, you may need to try
a few times)

2) If the BBS program answers the phone manually, (ie the modem is set to S0=0)
you'll need to do it a little differenty.  If the BBS's modem is not set to
look for a dialtone, you can dial like this:
wait a little bit and you should hear the remote modem try and dial
then send an ATA after it's done dialing, and it will think you answered.

3) The last method is the one you need if the BBS is set up with X2 or X4 (or
X6 or X7 on an HST).  You need to have a second phone line.  You proceed just
like you would under method 2, except the remote modem will never dial, it
will just picking up and returning, because there it gets no dial tone.  So,
all you need to do is use your call confrence button (if you don't have one,
make one) while the other line is on hook...   that will send the remote
modem a dial tone, and it'll dial.  Answer the phone like you would in #2.


   This is a really simple procedure, and it shows that the CBV are almost
totally worthless.  But, if you ever want access on a board running one, and
don't want to give your real phone number, this is the way to go.  If you
know of any ways of preventing this, please tell us... There's an antidote
for every cure.  <grin>

To contact TC (The Omega Company) for submissions/comments/etc,
The Magna of Illusion
201/579/6927 HST/V32bis
NUP: Hypnos

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH