Gaining physical access to PBX's, fibre, etc.
~Wizbone '99
----------------------------------------------------------------
+-=[ Introduction ]=-+
Ever wonder what the network backbone of a hospital looked like? Have you
ever wanted to poke around in a company's telephone closet? Well, believe
it or not, it's probably the easiest thing you could do, provided you're
prepared with the right knowledge and equipment.
+-=[ The run down ]=-+
Unfortunately, in this day and age, there is still no way to effectively
make groups of people work together efficiently.
eg. Engineering and marketing departments.
This includes security guards with contractors. There is no way to
coordinate an effort between these two groups of people to form an
effective, standard procedure to allow the contractors to do their work as
well as keep the location under a sure-fire blanket of security. Mainly,
this is because contractors are stubborn grunts, and security guards are
stupid grunts.
The main people who access communications closets are Telco guys. In other
words, communications technicians -- in a sense, a type of those contractor
thingies I was talking about. These guys have to access these telco rooms
when they're installing fibre optics, telephone lines, switches, etc.
That's alot of power. Neat, eh?
When working in a large skyscraper-like building, or what-not, a technician
will contact security for passes, keys, swipecards, or even just to let
them know that there's work to be done in the building. Oftentimes,
security does not ask for ID, a work order, or anything of the nature. That
is, provided the technician appears to be a legitimate outfit.
In a situation such as this, security seems to be more help than anything
=]
/\/\/\/\/Wizbone's tip at a glance - Telco guys are often, but not always,
hired by a separate construction outfit which is doing renovations in the
building. If you can, find out if this is the case. If it is, you'll wanna
avoid employees from XYZ Construction like the plague, and if you run
across security, you work for XYZ.
+-=[ What you need ]=-+
You need to know of a telephone or networking company, probably other than
the major telephone provider for your location, unless you've got the
uniform, persona, etc. The nice thing about living in a large urban area
(you do, don't you?) is that there are more communications companies out
there than you can shake a category 5 enhanced 4-pair twisted cable at. So,
either assume the identity of an employee at one of these, or invent your
own. Datacom or something to that nature is rather generic. See if you
can't go down to one of those $15 embroidery shops to have a shirt made if
you want, or make yourself a clip-on ID. But remember, try and make it look
like you're wearing a company issue uniform. Wallet chains, baggy pants,
shorts, etc will not pass.
/\/\/\/\/Wizbone's tip at a glance - Don't carrry your tools in a backpack.
To some, this a no-brainer. To others (even some witless telco guys) it's
beyond comprehension that anything less than a tool case is NOT
professional. Get a cheap aluminum toolbox, or if you have one of those
sexy, expensive, indestructible Jelco boxes, that's even better. Just try
not to look like a phreak... No pun intended.
+-=[ Know the site ]=-+
See what the security is like at the building. If it's not a public office
building and you can't even get in to survey it, I recommend you avoid it
unless you REALLY want to get in for some reason.
The easiest way to wander around, looking suspicious without attracting too
much attention is pretend you're a bicycle courier. These guys dress like a
cross between a hardcore mountainbiker, and a gay kid who shops at k-mart.
Helmet, sunglasses, hoodie, sneakers, spandex pants, with cutoffs over top.
Just dress like this, carry a box, and pretend you're making a delivery.
+-=[ Things to look for ]=-+
Look for things like freight elevators (which can often allow you access to
floors which would otherwise be blocked off by card-access or other
measures), these are basically elevators that are grungy, and not easily
found by the public. Lots of immigrant janitors will be using these too,
but don't ph33r, they won't be bothering you, just smile. Find out if there
are cameras, and if there are indeed some, keep track of where they are.
Know where stairwells are, and how many. What security is like - are there
scads of patrols walking around? Does the building have an on-site
maintenance crew? If they do, do they wander around alot? Do you think
they'd harass you at all? Find the telco closets. Are they all stacked
one-on-top of the other on each floor? This makes things gravy since
they're way easy to find on each floor.
/\/\/\/\/Wizbone's tip at a glance - Keep an eye out for doors marked
"Unauthorized access prohibited", as well as doors marked "Alarm sounds
when door opened". Once you're inside under the ruse that you're there to
do work, these doors will be usable at your leisure. However, do watch that
they aren't REALLY alarmed. It's rarely impossible to tell whether they are
or not.
+-=[ Know what you want ]=-+
Know your goals when you get there. Do you want access to a switch? Any
switch, or a specific one? Do you wanna take down a network? Whatever it
is, make sure you know where it is, and what you're doing. Is it a lucent
switch? NorStar? Know the difference if you have to. The following are
things you can expect to find your average telco closet in a large office
building:
Almost for sure:
* voice and data panels
* lots of cat5, maybe cat3 cable
* 25+ pair cables
* A switch or two
Almost as for sure:
* fibre optic cables (pronounced "fih-bree op-teek cah-blays" --
Really... that's how it's said)
* Data rack with hubs, routers, etc
* Manuals
Rarely:
* Candy
* Emmanuel Goldstein =]
+-=[ What you do ]=-+
Basically, it can be as simple as walking into a building, and just doing
whatever you want or as complicated as having to go through multiple
security checks.
Here's a run-through of your average situation:
*Step one: Enter building. This is a tough one. Find the appropriate
entrance into the main floor of the building. Once you find it, follow the
instructions on the door as to whether you PUSH or PULL. You may luck out
and find automatic doors.
*Step two: v1) Go straight to work. That's right, make a bee-line to your
telco closet and start the fun. OR, v2) go to security, pretend you're
legit, sign in, get keys, cards, etc... See v1.
*Step three: Uh... I guess that's it. Look legit, get out fast.
/\/\/\/\Wizbone's tip at a glance - One more thing to watch out for is nosy
employees. I've encountered situations where I'll be working away, and some
chick will walk in on me, "who are you? And what are you doing in our
telephone closet?" Well, in this situation, the building had all of it's
comm closets stacked upon one another so fibre, etc could be run straight
up through them to all the floors. I just told her I was feeding fibre down
the building. That was good enough for her.
+-=[ Wrapping up ]=-+
Leave your area clean. It might be a good idea to check out of the building
too. Yes, as tantalizing as it may be to keep those keys, and that pass,
just remember, it's always at that desk waiting for you. While if you keep
it, a picture/description of you may be waiting there instead.
Remember, just because it sounds easy in text, doesn't mean it will be. To
be successful, it will take luck, some confidence, social engineering
skill, but most of all it will take preparation. This file is the best I
can do, but probably the best you could ask for as far as guides for this
sort of thing go.
----------------------------------------------------------------
Endz.
10/28/1999
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
