TUCoPS :: Phreaking General Information :: ph05.txt

Falken's Code Hacking Security


   <()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>
   /\\                                                                    \\|
   |\\                   P R O F E S S O R   F A L K E N ' S              \\/
   /\\                                                                    \\|
   |\\                               GUIDE TO                             \\/
   /\\                                                                    \\|
   |\\                      *****  *****  ****   *****                    \\/
   /\\                      *   *  *   *  *   *  *                        \\|
   |\\                      *      *   *  *   *  *****                    \\/
   /\\                      *   *  *   *  *   *  *                        \\|
   |\\                      *****  *****  ****   *****                    \\/
   /\\                                                                    \\|
   |\\                                                                    \\/
   /\\                           HACKING  SECURITY                        \\|
   |\\                                                             (C)1988\\/
   <()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>-<()>


   First I'd like to thank the following people for thier contributions to this
file and to my knowledge about this fucking world--=->  Frye Guy, Laser,
David Lightman, HackerSoft in it's entirety, The Rebel, Digital Logic,
L.E. Pirate, Brain Tumor, Boris Crack, Mad Max, Sike III, The Blade,
Spartac}.       eEagle, Iceman/TOPGUN, Spam Master, & Codebuster.


   This file is meant for the beginner/novice/amateur code hacker.  Anyone
have been hacking for over 2 years you probably don't need to read.

   The first thing I would like to point out is the major LD companies security
systems. A couple years ago MCI and SPRINT installed a NEW type of ESS
which makes it easier to catch code hacks.  This system is able to detect
patterns on it's ports, such as one target number being repeated many times or
invalid codes repeating every x number of minutes.  They thought they were
smart, but we just have to be a step smarter.


MULTIPLE PORTS-->

   By having a code hacker that uses multiple port hacking ( that is one that
can hack many ports in one session ) you can lower the odds of being caught
tremendously.  By entering many ports into the hackers database and being able
to access them all in one session reduces the LD Co's ability to catch a
pattern on one of their port/s. With this feature you are able to throw the LD
company off WHERE and WHEN you will strike next. ALSO SEE TIMING PATTERNS.


MULTIPLE TARGETS-->

   The first of the (IBM) programs to have multiple targets was Terminus's
Codebuster, it was then implemented into The Brew Associate's Code Thief.  By
utilizing a program's multiple target option, the chances you being caught by
their system's pattern detection is almost NIL. Code Thief's multiple target
file contains 369 targets.  If you cannot get this target list I suggest you
compile a list of TELENET,COMPUSERVE, etc. dial ups and use them for targets.
At least you'll have a better chance...


PORT PATTERNS & TIMING PATTERNS-->

   Long distance companies like SPRINT/MCI usually have more than 1 port in
large cities/areacodes, thus you can hack on many of their ports.  Increasing
the number of ports you hack on gives you an edge. The LD's system will get
suspicious if it finds many invalid codes attempts on one of its port.  Each
port is allotted a certain amount of invalid codes attempts. If this number is
exceeded an error flag will go on and the security division will be alerted to
the port. So in other words by increasing the ports you can decrease your odds
of being alerted to and ANI'ed.

   As mentioned before the LD companies also have timing pattern recognition.
This means they can tell if they are getting an invalid code attempt every
x minutes. This really is the most deadly features of their system ( next to
ANI of course ) because almost every hacker I know of runs on a set amount of
time for each thing to happen. Carrier timeout,seconds to wait till code &
target are entered, all of these are on a fixed amount of time. Every so many
number of seconds the hacker repeats its invalid code timeout & retry time
almost exactly.  To get rid of this deadly feature is QUITE simple.
What I suggest is to add another port or two to your list.  However, this port
is special because its not a port at all.  It's a friend you hate or a
disconnected number or some business.  That way your timing for the LD's ports
will not stay predictable.  Also vary the carrier timeout value ( a.k.a.
timeout value ) for the fake port numbers.  Doing this will make you about as
unpredictable as nitroglycerine made from a T-File.


TIMES TO HACK-->

   When I first started code hacking 84' I thought the best time to hack was
at 2 a.m. because there wouldn't be anybody at the L.D. company then.  Well
maybe back then there wasn't because there wasn't any customer service after
6pm. But the times have changed.  There is security and customer service and
maintenance there 24 hours a day 7 days a week- Even Holidays.  So the best
time to hack would be when normal customers are using it.  Most customers are
either business's or households.  So your best bet would be hacking when they
would use it- M-F 8am to 7pm.  This is when most people accidently fuck-up on
their code and thus it is the best time to hack.  I would suggest hacking in
the morning since the LD's system is counting the number of invalid attempts
if you do a lot in the morning then the subscribers in the afternoon will get
get evil eye, not you.  Usually the LD companies system RESETS its value at
12:00 midnight so that the invalid attempt numbers don't keep adding on the
the previous days.  Also hacking on holidays such as Christmas is excellent
because the amount of people calling everyone all over the fucking place is
magnanimous.


IBM HACK PROGRAMS-->

   I have an IBM and I use Code Thief Version 2.2 which can be found on almost
any good phreak/pirate BBS around.  Most of the code hacker's I have run into
either didn't work on my system because 1> The programmer didn't BETA test the
program totally. 2> The programmer didn't know what the fuck he was doing.
3> The program had so little features that you're bound to be caught using it.
The best program I've found was Code Thief Version 2.2 I have looked over:

Fuckin Hacker 2.0- It didn't work properly on IBM PC (Possibly fucked ARC)
All-In-One Hacker- Not enough features/Parts of program fucked up.
Codebuster- Couldn't get it to work with my modem ( HAYES 1200B )
AutoHack- Not enough features.


NEW PRODUCTS-->

Be on the look out for INTEL-Hack. This hacker is somewhat secret right now,
but I'll tell you it will have all the features of Code Thief but it will take
advantage of the 80386's multitasking capabilities.  Lookout it should be
killer, release date: Not yet planned, 89' sometime.

Later, and I hope this shed some insight on how to keep yourself safe...



- Professor Falken

                                                                      (C)1988

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH