=========================================
Ultimate beginners guide to phreaking
v3.2
=========================================
Written
by Squiler
Friday October 24, 1999 http://blacksun.box.sk/
-------------------------------------------------------------
-A Partner (once again optional but useful. You should always have a partner for field phreaking "missions", but generally, you should have about 2-3 other "phreaking buddies".)
Step 1:
__________________________ | | | Phone | |_________________________| Modular Jack-> ||| Phone wire----->|-----------------
Step 2:
Strip Wire Around Here ____ __________________________________________________| | Phone wire->--------------------------------------------------|___| Cut here--------^ ^ Modular Jack---------^
Step 3:
it [the wire] should look (somewhat) like this: ___________________________________ |_ - ^------|Wires to concentrate on _ <----| - __________________________________|
All in all, it should look like this:Now that you've built your beige box, let's see what you can use it for.
_________________ | | | Phone | |_______________| ||| |______________________|---|<> <- |---|<> | Alligator clips---^--|
It should look (somewhat) like this:This may be hard to follow, but try, reading schematics is something you'll have to do if you want to build boxes in the future.
_____________________________________ | | | | <----Phone Box | ** <-----Screws--> **>=<| | | Alligator clip^ | | | | | | Red Wire (sometimes green-->| | | | | | | | | |____|______________ | Screws--> ** | ^ | | |Modular Jack cut from here------^ | | | | | | | | | | | Green Wire (sometimes red)-->| | | | | | | | | | |<--Phone Wire | ** <----Screws--> **>=<| | | | ^ | | | Alligator Clip^ | | | | | ------------------------------------- | | | _____________________________________ | | | | | | | | Phone |______________| | | | | ^Phone Wire -------------------------------------
Recently, a telephone
fanatic in the northwest made an interesting discovery. He was exploring the 804
area code (Virginia) and found out that the 840 exchange did something strange.
In the vast majority of cases, in fact in all of the cases except one,
he would get a recording as if the exchange didn't exist. However, if he dialed
804-840 and four rather predictable numbers, he got a ring!
After one or
two rings, somebody picked up. Being experienced at this kind of thing, he could
tell that the call didn't "supe", that is, no charges were being incurred for
calling this number. (Calls that get you to an error message, or a special
operator, generally don't supervise.) A female voice, with a hint of a Southern
accent said,
"Operator, can I help you?"
"Yes," he said, "What
number have I reached?"
"What number did you dial, sir?"
He made
up a number that was similar.
"I'm sorry that is not the number you
reached." Click.
He was fascinated. What in the world was this? He knew
he was going to call back, but before he did, he tried some more experiments. He
tried the 840 exchange in several other area codes. In some, it came up as a
valid exchange.
In others, exactly the same thing happened -- the same
last four digits, the same Southern belle. Oddly enough, he later noticed, the
areas worked in seemed to travel in a beeline from Washington DC to Pittsburgh,
PA.
He called back from a payphone. "Operator, can I help you?"
"Yes, this is the phone company. I'm testing this line and we don't seem
to have an identification on your circuit. What office is this, please?"
"What number are you trying to reach?"
"I'm not trying to reach
any number. I'm trying to identify this circuit."
"I'm sorry, I can't
help you."
"Ma'am, if I don't get an ID on this line, I'll have to
disconnect it. We show no record of it here."
"Hold on a moment, sir."
After about a minute, she came back. "Sir, I can have someone speak to
you. Would you give me your number, please?"
He had anticipated this and
he had the payphone number ready. After he gave it, she said, "Mr. XXX will get
right back to you."
"Thanks." He hung up the phone. It rang. INSTANTLY!
"Oh my God," he thought, "They weren't asking for my number -- they were
confirming it!"
"Hello," he said, trying to sound authoritative.
"This is Mr. XXX. Did you just make an inquiry to my office concerning a
phone number?"
"Yes. I need an identi--"
"What you need is
advice. Don't ever call that number again. Forget you ever knew it."
At
this point our friend got so nervous he just hung up. He expected to hear the
phone ring again but it didn't.
Over the next few days he racked his
brains trying to figure out what the number was. He knew it was something big --
that was pretty certain at this point. It was so big that the number was
programmed into every central office in the country. He knew this because if he
tried to dial any other number in that exchange, he'd get a local error message
from his CO, as if the exchange didn't exist.
It finally came to him. He
had an uncle who worked in a federal agency. He had a feeling that this was
government related and if it was, his uncle could probably find out what it was.
He asked the next day and his uncle promised to look into the matter.
The next time he saw his uncle, he noticed a big change in his manner.
He was trembling. "Where did you get that number?!" he shouted. "Do you know I
almost got fired for asking about it?!? They kept wanting to know where I got
it."
Our friend couldn't contain his excitement. "What is it?" he
pleaded.
"What's the number?!"
"IT'S THE PRESIDENT'S BOMB
SHELTER!"
He never called the number after that. He knew that he could
probably cause quite a bit of excitement by calling the number and saying
something like, "The weather's not good in Washington. We're coming over for a
visit." But our friend was smart. he knew that there were some things that were
better off unsaid and undone.
From @UICVM.uic.edu:TK0JUT2@NIU Tue Jun 12
06:40:26 1990
Taken from "The Official Phreaker's Manual".
[BBAS]
Well I've
putting it off long enough, and if you've accomplished everything, you are ready
to build the BBAS.
Let me take back something I just said. You see,
sometimes us phreakers are pressed for time. We can't just build things from
scratch. So now instead of building the BBAS from nothing, we're going to modify
the beige box we already have. Although we're only going to make some small
changes, these are very important changes. The main improvement on the BBAS is
that is has features to prevent you from getting discovered and caught. And if I
must, once again-- there is no sure way to prevent getting caught. But don't get
discovered, and don't do anything that's bad.
Well since we're only
going to be modifying the beige box, we won't need many parts. Here is a list of
things you'll need for the BBAS:
It should look (somewhat) like this:Now lets how to explain how to use it.
________________ | | | Phone |------====*|||||*===--------===== |_______________| ^ ^ ^ ^ ^ ^ Wire stripped here--^ ^ ^ ^ ^ ^ Red and green wires----^ ^ ^ ^ ^_____ | Screws--^ ^--Switch ^ | |________^ ^ |________________________________^
_ _
black-> {-} {-} <-yellow
_ _
green-> {-} {-} <- red
^ ^-|
| Red: clip the red one right here.
Green: clip the alligator clip that is connected to the
green wire here.
Ya see? they're
right next to eachother on the bottom, its easy. then you just put your phone to
your ear. Area Code: ANAC Number: 201 958 202 811 203 970 205 300-222-2222 205 300-555-5555 205 300-648-1111 205 300-765-4321 205 300-798-1111 205 300-833-3333 205 557-2311 205 811 205 841-1111 205 908-222-2222 206 411 207 958 209 830-2121 209 211-9779 210 830 212 958 213 114 213 1223 213 211-2345 213 211-2346 213 760-2??? 213 61056 214 570 214 790 214 970-222-2222 214 970-611-1111 215 410-???? 215 511 215 958 216 200-???? 216 331 216 959-9968 217 200-???-???? 219 550 219 559 301 958-9968 310 114 310 1223 310 211-2345 310 211-2346 312 200 312 290 312 1-200-8825 312 1-200-555-1212 313 200-200-2002 313 200-222-2222 313 200-???-???? 313 200200200200200 314 410-???? 315 953 315 958 315 998 317 310-222-2222 317 559-222-2222 317 743-1218 334 5572411 334 5572311 401 200-200-4444 401 222-2222 402 311 404 311 404 940-???-???? 404 940 405 890-7777777 405 897 407 200-222-2222 408 300-???-???? 408 760 408 940 409 951 409 970-???? 410 200-6969 410 200-555-1212 410 811 412 711-6633 412 711-4411 412 999-???? 413 958 413 200-555-5555 414 330-2234 415 200-555-1212 415 211-2111 415 2222 415 640 415 760-2878 415 7600-2222 419 311 502 200-2222222 502 997-555-1212 503 611 503 999 504 99882233 504 201-269-1111 504 998 504 99851-0000000000 508 958 508 200-222-1234 508 200-222-2222 508 26011 509 560 510 760-1111 512 830 512 970-???? 515 5463 515 811 516 958 516 968 517 200-222-2222 517 200200200200200 518 511 518 997 518 998 603 200-222-2222 606 997-555-1212 606 711 607 993 609 958 610 958 610 958-4100 612 511 614 200 614 517 615 200200200200200 615 2002222222 615 830 616 200-222-2222 617 200-222-1234 617 200-222-2222 617 200-444-4444 617 220-2622 617 958 618 200-???-???? 618 930 619 211-2001 619 211-2121 703 811 704 311 707 211-2222 708 1-200-555-1212 708 1-200-8825 708 200-6153 708 724-9951 708 356-9646 713 380 713 970-???? 713 811 714 114 714 211-2121 714 211-2222 716 511 716 990 717 958 718 958 802 2-222-222-2222 802 200-222-2222 802 1-700-222-2222 802 111-2222 804 990 805 114 805 211-2345 805 211-2346 805 830 806 970-???? 810 200200200200200 812 410-555-1212 813 311 815 200-???-???? 817 290 817 211 818 970-611-1111 818 1223 818 211-2345 903 211-2346 904 970-611-1111 906 200-222-222 907 1-200-222-2222 907 811 908 958 910 200 910 311 910 988 914 990-1111 915 970-???? 916 211-2222 916 461 919 200 919 711
Now the second rule is never
to get caught. If you call someone from someone else's line, tell that person
that you might get disconnected suddenly.
If you hear someone pick up
the phone, while you are on it, use the switch to disconnect your call. Unhook
your BBAS, and run like hell.
Also, you should be very cautious. Before
you go phreaking, think of an alibi of why you were snooping around in someone's
yard.
NEVER, and I stress NEVER, use the BBAS on someone's house more
than twice. You WILL get caught.
Also I said before that if you hear
someone on the line when you hook up the BBAS that you should immediately hang
up, if you want to make a call. This is not entirely true. What if you didn't
want to make a call. Got my drift? If you didn't, I'm talking about
eavesdropping!
That's what the clip on the mute button is for.
Although it might not seem like it, eavesdropping is probably the most
serious part of beige boxing. You might get lucky and listen in on a really good
call, well use your imagination.
Anyway, they key to beige boxing-- the
one thing you must always remember is--
Nothing will end up on your
phone bill! (hehehe.....) Be creative.
So far, you have made some killer
prank calls, made a machine to use anyone's phone for free, and gotten free
payphone calls. This document is for begginers only, and you are way past that.
If you didn't understand something, read it over. But whatever you do, like I
said before--don't get caught!!
You have accomplished a lot. But what
you have done so far is "traditional" phreaking (boxing, pranking, etc.). In the
next section we will cover newer types of phreaking. The point of the next
section is not to teach new phreaking techniques (oh well), it is to teach you
about "how shit works". If you're saying "dammit, i just finished all that and
now thers more", take a break and read some more phreak literature.
at once. Here's the
clincher...the turning point....the real problem with the system. If a switch
records that its neighboring switch just went back up, it cannot do many other
things at the same time. So if the switch is hit with more calls than it can
handle, (keep in mind its taking its calls, and its neighboring switch's calls)
it will go down too. Ultimately setting off a chain reaction. And the more
switches that go down, the more calls the other switches have to take, giving
them a bigger chance of going down.
This is roughly what happened on
January 15, 1990.
All it took was one switch to go down, which caused
more and more to go down. And in the end, crashing the system. AT&T sure
learned a lesson, no matter how great, how amazing, how flawless a new
technology is, it will always have it's drawbacks, and there will always be
something that can and will go wrong.
i got most of this info from the
book, "The Hacker Crackdown", by Bruce Sterling. It's a cool book, you should
read it.
[Scanners]
You've probably heard of a device called scanner
before. However you might not know what it is or what it does.
What is it?
Think of
a scanner as a really advanced walkie-talkie.
Huh?
A scanner is a
machine that sends and receives transmissions, just like a walkie-talkie. A
scanner is hand held, (well most of them are) thus easy to carry around, just
like a walkie-talkie. Here's the clincher- A scanner is much more powerful than
walkie-talkie. An average walkie-talkie (1) can only transmit and receive at a
distance of up too and around 180 feet. Also walkie- talkies can only transmit
at one frequency.
(1)-There are walkie-talkies you can get which will
transmit and receive at a distance of up to and around 2 miles (you know, those
funky lookin' Motorola ones?). In a way, these are scanners.
Scanners on
the other hand, can transmit and receive on multiple frequencies. Plus they're
not limited to 180 feet, they're range can go for miles.
Scanners can be
thought of as hi-tech beige box. They can be used to tap phones. However they
can't tap just any phones. Only cordless phones. And only analog cordless
phones. 900mhz phones cannot be tapped.
Scanners are capable of tapping
cordless phones because the sound does not go directly from the line to the
receiver of a cordless phone. The deck where you hold the phone and where it is
recharged is used as a medium between the line and the receiver. The scanner
intercepts the signal being sent from the medium to the receiver. All you have
to do is find the frequency that the cordless phone is on, and set your scanner
to that frequency. This will require some trial and error, but it is well worth
the effort.
There is a lot of fun you can have with a scanner. Like you
can listen in on your neighbor while talking to his girlfriend. Find out her
name, then call him back and say, "Don't ever touch [insert girl's name here]
again!"
Or another time while he's on the phone with his girlfriend, you
could come in with (remember, scanners can receive as well as transmit) "You
lying, cheating, scumbag, bad excuse for a human being! You told me that you
were a one-woman man! And now I hear you talking to this other bitch as if
you're God's gift to women! Well, you can say good-bye to this relationship!"
(Then stomp on the floor so it sounds like you're slamming down a phone)
But it doesn't end at cordless phones. There is much more you can with
scanners. Anytime you want to mess with something, just find it's frequency and
set the scanner to it. Here are a few ideas:
*Security
Guards
Transmit a bomb threat to the guard's radio. Pretend to be a fellow
Security guard gone bad. If he doesn't believe, you, say "Oh yea, well than how
did I get on your radio?"
*Fast food drive-ins
Hide in the bushes
until a car pulls up to the drive through. Listen in with you're scanner. As
soon as the employee says, "May I take you're order", immediately start talking
before the person in the car can. Act like a real asshole to the employee. Be
creative. This also works in reverse. You can pretend to be the fast food joint
employee and act like an ass to the person in the car.
Don't get too
excited, you don't have your scanner yet. A hand-held scanner can go for 60-1000
bucks USD. You can do a search for scanners on the Internet, and you will find
many companies that sell them. You can also get one from rat shack, but you'll
have to order it by phone because stores rarely carry them. You're best bet is
to get one at a pawnshop or at eBay, because you can get a good one for cheap.
Or if you're not into spending much cash, you can make you're own very
easily. The downside of this is that it won't be too powerful. Also you won't be
able to tune it. And you'll only be able to use it on cordless phones (I think).
If you still want to make one, here are the directions:
Supplies
-$8
USD (if you live outside the US, it could be sufficiently more)
Tools
-A screwdriver
-Electric tape
That's all?! Wow this
has to be easy!
Directions 1. Go to rat shack and pick up a single
walkie-talkie.
Its only 4 bucks USD.
2. Get the biggest antenna you
can get. The biggest one is probably about 24", and should be more than $3 USD.
3. Unscrew the back of the walkie-talkie.
4. Now take out the
original antenna (it's a piece of shit). Sell it to your little brother for 5
bucks and tell him that it can be used to contact aliens.
5. Put in the
antenna you just bought from rat shack.
There, you have a homemade
scanner.
[Cell Phones]
Being a phreaker, when you see a piece of cool
technology, even if it is used in everyday life, you probably think about it
more deeply than the average guy. Because once you know how something works, you
know how to mess around with it, and use it for things that the average guy
wouldn't. That's why you've probably been wondering how a cell phone works.
I bet you know who invented the telephone right? Alexander Graham Bell.
Easy. He gets so much praise, and he deserves it, because he invented one of the
most useful inventions in modern history. There is also another guy who invented
something useful. Except this guy doesn't get as much praise as he deserves. His
name is??, and he invented the cellular phone.
The reason he deserves so
much praise is because he didn't just simply improve on Bell's idea, he
completely reinvented it. You see, the cell phone system is totally different
than the system of a regular phone.
A cellular phone is not a phone at
all. By raw definition, it's radio. A really k-rad one, thought it's still a
radio. In fact, the thing that it's most closely related too is a scanner or a
walkie-talkie. Except a cell phone can transmit and receive over a much further
distance than a regular scanner because it works with "cells". But we'll get to
that after.
You know when you're playing "walkie-talkie" with you're
little brother and he always screams at you because you're talking? Even though
you are talking, except you're genius of a brother is holding down the "talk"
button, so he can't receive and of your transmissions? This is because walkie-
talkies only use one frequency, so you can only send OR receive at one time, not
both.
A cell phone on the other hand uses two frequencies, one for
transmitting, and one for receiving. So you can talk and hear at the same time.
Remember that shitty walkie- talkie you got from rat shack for 4 bucks? That
only has about 40 channels you can set the frequency too. A cell phone has
around 1,664.
The FCC (::grunt::) standard (who the hell do they think
they are?) for cell phone frequencies is from 824mhz to 894mhz (that's under the
UHF-ultra high frequency category for all you newbies). Around a city there are
jurisdictions for cell phone antenna towers called "cells". Each one uses a
certain amount of frequencies. There are a few in each city, so that's why no
matter where you are in the city, you're phone will get good reception. It's
also why the antenna on the cell phone doesn't have to be so big. A cell phone
will always be in range of an antenna tower.
Now that you know a little
bit about the system, let's have some fun.
As you have seen in earlier
sections, phreaking is taking a turn for the worst. Anytime a new technology for
a communications product comes out, it is made to be phreak proof. There is not
much you can do with phreaking in the area of cellular phones.
Cloning
cellular phones is now almost impossible. And all that's left is scanning
cellular phones. However you can't use a regular scanner that you learned about
earlier. Why? Cellular phones are on an ultra high frequency (remember?). You
need a device that picks up ultra high frequencies.
Remember when you
went on that trip and everyone called you stupid for bringing a portable TV?
Then you felt stupid because the TV sucked? Well watching programs is not the
only thing that you can do with a portable TV.
There should be 2
settings on your portable TV, VhF and UhF. You want to set it to UhF. You want a
high channel, somewhere between 80-85. You should now be able to pick up
cellular phone conversations.
::phew:: Do you feel smarter? You've just
learned a lot. I'm not going to end with a sincere goodbye, as this is in no way
the last of my tutorials. For further reading, i suggest you http://blacksun.box.sk/, for some of the best
tutorials around. Besides mine, there is only one tutorial on phreaking. But I
suggest you check it out anyway.