|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^ ^^ ^^ Technical Hacking: Volume One ^^ ^^ ^^ ^^ Written by:The Warelock ^^ ^^ SABRE elite ^^ ^^ and Lords of Darkness ^^ ^^ presentation ^^ ^^ ^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ In technical hacking, I will mainly talk about the moret technicly oriented methods of hacking, phreaking, and other fun stuff... In this issue I plan to discuss the various protection devices ( filters, encription devices, and call-back modems ) that large corporations and networks use to 'protect' their computers, I will talk about and describe the various types of computer (hardware) protection, the way they work, how to surcomvent them, and other sources of information that may be available on the devices... ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Filters ---------- A filter, a box like contraption that hooks in between the computer and the phone-line, is used, instead of a password program, toID each user and to verify his password... Why the companies decided to make a hardware version of a verification program, I don't know. For no matter what kind of password system you use, there are still Users with passwords that make it a pleasure to hack (love, password, access, sex )... Sircumventing a Filter: Filters are no harder to get around thatn a good, secure password system... There are still several default passwords in most ( the usuall "demo" or "test" account) and usuall hacks ( the hack-hack, data base hack, circumvent hack, call-back hack, etc. All to be discussed in further volumes) also work... A filter device, though, posseses several interesting features and failings.. First of all, each filter system is geared for a sertain number of computers... Thus several computer networks using filters arent completely protected by the sole device on which they place all their trust in ' protecting ' them... For example, several computer networks use a sertain filter geared toward 4 on-line computer systems, but unfortinately for them, they needed a fifth on-line computer...oops, there goes the whole syste! Although they thought that since only a library computer, which doesnt require security, was on-line (giving out no secret information) it wouldnt compromise the rest of the system...They were wrong! For from the library computer (which is already in the operating system, bypassing the filter) one could force the operating system for the entire mainframe to place you in any of the other terminals!!! Finaly, an interesting feature of a filter system: ALL THE PASSWORDS ARE STORES INSIDE THE MEMORY OF THE FILTER UNIT... therefore, once you are inside the data base, you could set up a worm program that would slowly but surely read all of the systems passwords from the filter FROM THE INSIDE!!! Notes (names of filters, further readings, Aknolodgements): EnterCept (filter) : USES : a six character ID of any ASCII variables ComputerSentry : USES : (this one's a bitch... if you don't need to get into the system badly, forget it...) a voice synthesiser thats asks for a touch-tone ID of a variable number of digits... DataFlo : USES : a six character ID that both identifies and is used as a Pass Bay MultiPlex : USES : either a four or six letter/number ID code standar (no individual ID's!!! It's usually this default: 524E ) For further Reading: try Bill Landreths 'Out of The Inner Circle', Basic Telephone Security by an Annonomous author, or you can order specs. and manuals directly from the company...(see end of text for company names) ---------------------------------------------------------------------------- Encription/Decryption Devices: These are instaled directly inside terminals from which a system using this type of device is called... These are mothers to hack, yet it is not impossible many people say that once you see an encrypted carier, forget it... Not So! A lot of times, an appearant encrypted carier is actually a standar modem using a diffrent parity than your terminal... so fool around with that, adjusting parity (and make sure you have a good connection, sometimes static can cause some funny stuff to appear on the screen)and stop bits... besides that, there's very little you can do... although if you know the make of encryption device that the system is using, you may be able to adjust your term program to correctly modify each character recieved... (for example: a while back, there was an encryption device that simply added two points to the ASCII value of each character and then sent it as that character, the decription device on the other end took each value and subtracted two points and printed the character! That simple! All I had to do was change my AE to evaluate each character, subtract the two points, and print the character... It was incredibly slow, but it worked...) Notes: Sherlock Information Systems: USES : An AuthentiKey, it is usually a standard based on the serial number of the unit... Unless you can find that, it's a lost cause... Super Encryptor II: USES : nearly impossible, a key of about 40-50 characters.. almost impossible to break... ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Call Back Modems: How these little beuties work is quite simple and was quite effective untill a quite successfull method was descovered at breaking in... They work in the following manner: A user calls a modem line, enters an account and ID, the modem hangs up the line and then, using another line, calls back the authorised number belonging to the code & ID in it's memory... Circumvention: Actually, when you think about it, it turns out quite simply... The modem usesone line to recieve calls and another to send them out... the number is usually 1 or digit above the suffix of the number...EX: (xxx) xxx-0001 <ingoing and (xxx) xxx-0002 <outgoing ) Now all you have to do to get into the system is call it's OUTGOING line and wait... since the modem is not designed to pick up on in-coming calls on its outgoing line, it wont answer... but as soon as a valid user calls, it will pick up it's outgoing line (which you are on... by the way, it is helpfull to simulate a dial tone with a tape recorder as soon as the line is picked up...for several types of call-back modems check for it) and dial the correct users number... andyou are in!!! Notes: Sleuth: USES : name and password Defender II: USES : A touch tone code Data Sentry: USES : You enter a number and THEN after it calls you, you enter the password... on this, you have to try different methods... ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ COMPANY NAMES: ComputerSentry : TACT Technology (800) 523-0103 EnterCept : Sutton Designs Inc. (607) 277-4301 DataFlo : Bussness Security (800) 354-7330 Bay NetWokx : Bay Technical Assosiates (800) 523-2702 Sherlock Info. Security System : Analytics Comm. Systems (703) 471-0892 Super Encryptor II : Obsidian Computer Systems (408) 395-7900 Sleuth : C.H. Systems, Inc. (213) 854-3536 Data Sentry : Lockheed GETEX (404) 951-0878 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ In future volumes: Password Program Surcomvention E.S.S. Innards Multi-Frequency In's and Out's And other incredible stuff... Look for future issues coming out about once a month... if you want to see something specific, or would like to share info. for future publications, contact The Warelock at any of the following boards... St.Elsewhere...........(213) 273-8489 Norse Wanderer.........(213) 454-5427 The Reactor............(901) 373-3442 Master World...........(213) 478-5478 Shadow Land............(303) 939-9614 Later... -/->The Warelock<-\-