Hackers Desk Reference
.pdfstudents and what there major is. So what you ask? You know how much information you can get from someone's legal full name? Chameleon will teach you how much later on in this document. So yes this finger was good because it got us personal information about a few account holders at purdue.edu even an administrators number but, what are the user names to these accounts? Well most universities issues there students accounts in the same way. They usually make the username for a students account first letter of first name and then full last name. So if your name is Kevin Hall your user name would be khall@purdue.edu. Now we could then try and finger that user. So we would do the following:
InterCore:/home/chameleon/ $finger khall@purdue.edu
[purdue.edu]
Output of your query: khall
Name |
Dept/School |
Phone |
Status |
|
|
|
-----------------------------------------------------------------------------------
Kevin G. Hall |
computing center +1 213 463-6694 student |
khall@purdue.edu |
|
-----------------------------------------------------------------------------------
For a more detailed response, finger "query_khall@directory.purdue.edu".
For help, finger "help@directory.purdue.edu".
InterCore:/home/chameleon/ $
We see that the finger dameon says for a more detailed response to do
finger query_khall@direcroty.purdue.edu So we type in the command
InterCore:/home/chameleon/ $finger query_khall@directory.purdue.edu
[scribe.cc.purdue.edu]
Output of your query: query_khall
----------------------------------------
name: Kevin G. Hall
campus: west lafayette
title: sen syst anlyst/sen pace tech cons
department: computing center
building: potr
office_phone: +1 765 49-68285
email: khall@purdue.edu
----------------------------------------
For help, finger "help@directory.purdue.edu".
InterCore:/home/chameleon/ $
Now this is interesting. We have a user name, khall, we have the users full name, Kevin G. Hall and we know his title and department. So from this information you will learn later you can get his home phone number and address. If we were to give the student a call at their house or dorm etc... It wouldn't be too hard for anyone with a little bit of social engineering skills to talk this user out of his password.
There is a basic example of how to get information about a logged on user.
[16.1.2] Mental Hacking, once you know a username.
Note: This is mostly going to work for systems that provide users with accounts and not company servers.
If you (the (cracker/hacker) are a Male then you would want to try to finger and get a username of a woman. You could then do 2 things. You will probably get there full name but if not read my (chameleons) later paper about getting people's information. For simplicities sake say you already have the users phone number which might sound hard to do but isn't. So say you have their phone number and it's a woman. Call the lady up. A true social engineer will know right away what kind of woman it is. On you can push over and mow down or one that has a strong head on her shoulders. If she answers and sounds lame then go for the approach of a stern voice saying its imperative etc... that you verify her user name and password. If the lady seems to have a strong head on her shoulders then you would want to talk nicer and flirt a bit. If you are a woman (cracker/hacker) then you will want to find a males account. Women let me tell you this. The best hackers and crackers out there are women. If you are a woman then you will want to try to get into a male's account. Once you have a male account holders phone number call him up. Women you got it easier see you don't need to know what type of guy it is. All guys are horny. So talk with your sexy voice. Flirt with them etc... It is easier for women to talk people out of passwords. If you are a guy (cracker/hacker) and are trying to get a guys password then have a girlfriend of yours try to do it. Remember this most of all, KNOW the person you are calling. You could call them up and tell them you are from the local high school and are doing a survey and then ask them a bunch of questions to get to know what they like and then when you later call to get there password you use this information to get on there better side and win there trust. This is called mental hacking and it is not that hard at all. One thing that the hackers of today have lost is there social skills. Some systems don't have software exploits. Sometimes you have to go the extra mile. Note: Don't get me wrong and think I am some weirdo about the way I talked about men and women but, I do know people well.
[17.0.0] Making a DDI from a Motorola Brick phone
By Virtual of Cybrids CSE
www.cybrids.org
OK, here it is, i'm not gonna talk about it a whole lot, just tell you what i've done, and what i want to see done. As of this point I have
found the Clock, Data, and the spot where you would feed your audio input from your scanner that has WBFM.
First you will need to locate the chip that has the clock and data pins.
This will be labeled SC3800xxFN, or something close to that, xx being some numbers. Having trouble already, then i'll tell ya another way, its the
biggest PLCC (square) chip in the phone. Now look at the chip, there is a notch on the front of it which means pin 1. Now look at the opposite side of that dot, to the pins on the bottom, count over from the left, pins 8
and 9 from the left side are the ones you want. I have included a picture of the inside of a brick phone. The red arrow points to the side of the chip that I am talking about. Pin 8 is the data and Pin 9 is the clock. Those are the pins that will be fed to your computer for decoding.
The receiver chip is what you need to modify next. It's on the circuit board with the big white rectangle thing, and the big peices of metal, its the only square chip you can see. Its got a few numbers on it and i'll put em here to help you find it, 185, X94R01, something to that effect, but just look for the only PLCC chip visible. I have marked this chip with a blue circle. With the phone oriented like in the picture, cut the trace coming
from the bottom pin on the right of the chip. Connect your scanner's OUTPUT to the other side of that trace (not the one conecting to the chip).
Cut it in the center so you will have room to solder to either side
of the wire trace. The pin coming off the chip is what the cellular phone is receiving, the other side of the wire trace that you cut is where its being sent.
That about sums up what you need to know, if you have any other non-bonehead questions, i'm in #cellular on EFnet most all the time and #Cybrids on Undernet.
Now here is what I want to see happen, for all the smart guys out there. Scanners are cool, but why use it, the phone is capable of receiving the RECC without a scanner, I am working on makin this happen right now, but with others help, i'm sure this could get done a lot faster, and would
benefit everyone greatly.
Cable connections to the computer
DDI |
Parallel Port |
Clock 10
Data 15
Ground 18
Special Note: The graphic that is referenced in this portion can be obtained at the rhino9 website or directly from Virtual. Find him in #cybrids on Undernet.
(Beware of new technology coming out from companies such as Cellular One, technologies such as FPF Protection which requires you to enter an access code to make out going calls on your cellphones.)
[18.0.0] Pager Programmer
By Virtual of Cybrids CSE
In order to build a pager programmer, you are going to need a few things. A soldering Iron, the pager you are going to program, and a few brain cells. You will also need the software that is used to program your specific pager which can be found on my web page at the bottom of the text. The diagram I have included should be self explanatory but I will say a few things about it just incase. The only chip needed is the Max233 which will convert the serial port voltage down to TTL level so the pager can understand it. Normally a serial port communicates with +15 volts being a logic high and -15 being a logic low. The chip converts this down to TTL which is 0 - 5 volts where 0 is low and 5 is high. The chip is shown inside the plastic hood that covers the connector. Make sure your hood is plastic and not metalized as this is real metal coating and will short the pins. This side will plug into your serial port. The 4 pin connector shown will go to the pager. Where it says +5 volts is where you supply the chip with 5 volts, its not a 5 volt output. A circuit like this could be used to generate the +5 volts using the very common 7805 voltage regulator. _________
| |
| 7805 |
|_______|
| | |
Vin ________| | |_________Vout
|
-----
--- gnd
-
Vin = Voltage in, 6-12 volt wall adaptor, + goes to Vin, - goes to gnd
Vout = +5 volts out
gnd = ground, could be thought of as minus
You will also have to supply your pager with power, which is probably 1.5 volts. Then you will have to find the transmit and receive pins on your pager and hook it up to the programmer accordingly. The only way to do this is to open up your pager and look around for something that might look like a programming connector or pad with 3 or 4 wires, don't confuse this with the connector that connects the processor and receiver boards in Motorola Bravo pagers. I can't give exact instructions here because unfortunately I do not own every pager in the world. If they aren't hooked up correctly when you run the pager programming software it will just give you an error but won't affect the pager, so just switch the wires around. Make sure you hooked the ground to the pager too, or else nothing will work. The gnd wire should be connected to the minus terminal on the pagers battery connector.
The chip, hood, and connector can be bought at DigiKey. This is by far the simplest and easiest to build design I've seen on the net. Motorola's web page shows all of their pager designs so you can figure out what type of pager you have, and can then get the software for it.
Programming Software: |
http://www.cybrids.org/virtual/ |
Motorola: http://www.mot.com/MIMS/MSPG/cgi-bin/prodcat.cgi
Special Note: The graphic that is referenced in this portion can be obtained at the rhino9 website or directly from Virtual. Find him in #cybrids on Undernet.
[19.0.0] The End
Rhino9 and the other people that attributed to this document have enjoyed passing on their knowledge and will continue to do so. Be on the look out next year for The MHD version 2.0.
Stop persecuting and criminalizing the curious.
Peace.