The Technical Book of Phreaking

aus dem Wiki des Entropia e.V., CCC Karlsruhe
Wechseln zu: Navigation, Suche
From: (W40k88)
Subject: INFORMATION:The Technical Book Of Phreaking
Date: 1998/05/17
Message-ID: <>
Organization: AOL
Newsgroups: alt.2600

				  		  -=> MICRO WORLD INC <=-		  
				  			 The Technical Book			  
				  				 Of Phreaking				  
				  		 For The Master Phreak to		  
				  			Those Just Learning			  
				  			  Some Definitions				

						 Created during January and Febuary 1989

Introdution to the Article

File One (of four)

This file was just to be a short set of definitions for those of you who don't know all the phreaking terms. This was requested by a few people on a small 312 board called The Magnetic Field Elite (312-966-0708, call, board has potential) like The Don. But I have decided against making this small file that is common in many places but instead to make something that I have never seen before. Not just a common file but one of high technical use. With a printout of this you will never need to mis sout on a definition again. But that's not all. The file will discuss, indepth, the working of each of these operations below. If you are viewing this file simply for the sake of finding one meaning I suggest that you get the entire thing and then never need to call and view phreak files again.

Topic 1: The Phone/Modem

Scince phreaking is impossible without a phone or modem you I will start with the most important and most complex part of phreaking: The Phone. Now, the phone is a device that transfer sounds as sound enters a receiver, is transfered to an amount of voltage, sent through the telephone lines and decode back to sound. A modem is based on a universal language of sounds transfered through the modem. Modem stands for the work Modulator/Demodulator. This is like receiveing and sending. Now, with most modems, before connecting, tones just are just the same as the tones that a common phone can make.

But the phone can make many tones and some have purposes that are very useful, tones that are reserved for At&t, and thus dangerous. To go through all the tone would be senseless and a book on tones alone could be written (Hmm...maybe I could...) so I will not go into that. But, assuming that you know what a box is I will explain what the odd types of modems can do.

If you own an Apple Cat modem you may use it to generate any tone. This is very useful. Some people are against the Cat for various. I will remain neutral on the topic but if you have no understand then phreak the way you see easiest and safest.

The other way is by using an acoustic modem. You may modify a phone to make certain tones and you may make then send these tones through the acoustic modem by placing the headset of the phone on the acoustic's couplers.

You may also attempt to make the box modfications directly to the modem but if you error and damage the modem alot of money is wasted while you could have used an acoustic and messed up a twenty dollar phone. Basicaly the common phone can make 18 tones. For example, when you press a number on the phone two tones are made together and make the signal for the number or charater you hit. This is the entire phone to line explantion of the phone. Now the actual internal working of the phone is very complex and can be best under stood by getting a book from the library on it.

Topic 2: The Calling of Numbers

When you call a local number as soon as you hit a number other than one you the phone knows that you are calling localy. Once seven digits are entered the numbers are sent to the nearest switching station and you call goes out. The station determines the units per minute and start billing as soon as the called phone answers. All calls are automaticaly one minute long. If you hit a one as the first digit you dial the phone recignizes this as a long distance call and sends you to either the At&t switching station or to another long distance service if you have chose to use other than At&t.

If you are using a At&t the call goes through the long distance switching station where unit per minute is determined and then it is refured to the number you called. The call may be slowed down depending on how many times the switching station changes between you and the place you are calling. If it changes between ESS and X-Bar (described below) one it would go through fast. If it changed between them 50 times it would be a very slow call going through. Plus the sound quality may decrease but that is not a fact, just an understanding I have come to when callign long distance with At&t.

If you are calling through any other service, such as MCI, Alnet, Teleco, US Sprint or any of the other endless companies, then things are not the same for long distance calls.

You call first goes to the company you call through and price of call is determined by any of the ways a company determines price. The call then goes out through the lines to the long distance companie's station nearest to the number you dialed and tres to go though. If the number is too far away from a station you may get a "The number you have dialed cannot be reached from your calling area."

Thus, you have the basic information of how call goes out. Now to get to phreaking and the real reson you read this file.

Topic 3: The Long Distance Company and Codes.

The way of using a different long distance company or not paying a quarter when calling from a payphone. Using the phone card or the code. Names for these numbers: 950's 800's Extenders. PBX's 950 ports Port Code port (Company name) port

The above mentioned names are the phreaks lifeline. They are places where you call and enter a code, then the area code of the place you want to call and finally the number for the place you want to call. When the code is entered it is checked if it is valid and then the person how owns the code pays for the call. If the code is not valid you normaly get a message saying that the code you entered is not valid.

When a call goes through it is the same as a normal long distance call except that it is charged to the owner of the card.

Some places may require that you enter a nine or a one before you enter the code. Now, the phreak uses these places by calling them over and over again until they get a code. But they do this with a computer and a program such as Hack-a-Matic, Hacking Construction Set (often called HCS), Hack This Buddy, Intellihacker (Old), Cat-(and then a name, for the Apple Cat. Has to many names to list), and some others. These are all Apple programs but there are also code hackers for the Commodor 64, 128, Amiga, IBM (of course) and so on. Most computers have them.

One thing I have found useful is to use a Radio Shack portable computer with a built in modem and hack from other houses, this is much safer. Security in these companies run from really tough (MCI) to sad (like the places that try to scare off hackers with tape recordings). 950 ports in the ESS area are set up to trace and could do so very easily but for some reson they are against it. Possibly the time and modey to check the calls and pay for tracing. Places have gotton tougher though, if three people get busted off a number in one week and this has never happened before then you can almost be sure that they have stepped up security and that it is time to use a new port.

Now I will discuss some of the things used by the Phreak.

Topic 4: The Loop

Loops, although they may seem fun they are really rather useless. They work as follows.

Two numbers are looped together. Usually they are almost the same just a digit different from one another. If you call the lower number you will wait a few secounds and then hear a 1000mhz. tone. If you call the higher number you will hear nothing. If you can one number (dosen't matter which) and someone else calls the other number you will be able to talk to each other. The purpose of these is to test trunk lines. This way they could make sure there was no break in each trunk. Now the old purpose for loops was that they where free to call so one person would call one and another would call the other and they would get to talk for free. Also, one person might call one number and just wait and talk to whoever called the other number. Like a two line bridge.

Today you cannot call these without being charged because the phone company caught on. But you can split a phone call with these so if there is a loop between you and a person you want to talk to you can only pay for half by calling the loop. And the phone company dosen't care because either way they get their money.

The billing service for a loop is one all by itself, not like normal local calling and for this reson I might almost belive the rumor that Blue Box tones can be used to call loops.

The loops billing service didn't exist awhile back so a call to one was free. Now, if you call this new billing system picks it up. But the loops billing system is just something that At&t scraped together and there are most likly some holes in the system (like not recording blue box tone generation numbers).

Topic 5: The Diverter

The diverter has been a very simple, yet incredibly usefulthing through the years. To use one you must call, after hours and let someone answer the phone, don't answer them, let them hang up and get a faint dialtone. Then you dial again and call from the diverter.

Before, you could use a diverter and call through it. The you would only be charged for the call to the diverter, not the one after it. That bill went to the diverter itself. But they fix this problem easily and now you still get charged if you are in the ESS area.

Also before, you could use a diverter to call a number that traces and instead of being traced to your number it is traced to the diverter. But ESS eliminated that too.

But you can still use a diverter to call hard to reach numbers. Like if you called a place and it gave you a "The number you have dial cannot be reach from your calling area" then if you knew of a diverter in the area of the number you could call through it to the unreachable number and get through. The way a diverter works is after hours when you call a place the call is forwarded to another place. Then, when you don't answer the person at the other place hangs up and your call tries to disconnect from the forwared number and you end up at the diverter with it's dialtone.

Hope this file was of some use to you all. If you want to see more like it leave me E-mail on these great boards!

 - Ripco -						(312)-528-5020							 	  -
 - TFBII -						(xxx)-xxx-xxxx							 	  -
 - The Blue Fire BBS		  (xxx)-xxx-????  sysop: The Micro Master -
 - The Metal AE				 (xxx)-xxx-xxxx  entry: Kill				 -