a change in wording requires a new revision. It seems they waste more paper than they can
read!
It took quite a while for Hollywood Cal traffic manager to figure out how all of the local
phone phreaks constantly discovered the switchroom test numbers.
Whenever someone wanted to use the testboard, they found the local phone phreaks on
the lines talking to all points all over the world. It got to the point where the local garbage
buffs knew more about the office operations than the employees themselves. One phreak
went so far as to call in and tell a switchman what his next daily assignment would be. This,
however, proved to be too much. The switchman traced the call and one phone phreak was
denied the tool of his trade.
In another rather humorous incident, a fellow phreak was rummaging through the trash bin
when he heard someone approaching. He pressed up against the side of the bin and silently
waited for the goodies to come. You can imagine his surprise when the garbage from the
lunchroom landed on his head. Most people find evenings best for checking out their local
Telco trash piles. The only thing necessary is a flashlight and, in the case mentioned above,
possibly a rain coat. A word of warning though, before you rush out and dive into the trash
heap. It is probably illegal, but no matter where you live, you certainly won't get the local
policeman to hold your flashlight for you.
105.Canadian WATS Phonebook by The Jolly Roger
800-227-4004 ROLM Collagen Corp.
800-227-8933 ROLM Collagen Corp.
800-268-4500 Voice Mail
800-268-4501 ROLM Texaco
800-268-4505 Voice Mail
800-268-6364 National Data Credit
800-268-7800 Voice Mail
800-268-7808 Voice Mail
800-328-9632 Voice Mail
800-387-2097 Voice Mail
800-387-2098 Voice Mail
800-387-8803 ROLM Canadian Tire
800-387-8861 ROLM Canadian Tire
800-387-8862 ROLM Canadian Tire
800-387-8863 ROLM Canadian Tire
800-387-8864 ROLM Canadian Tire
800-387-8870 ROLM Halifax Life
800-387-8871 ROLM Halifax Life
800-387-9115 ASPEN Sunsweep
800-387-9116 ASPEN Sunsweep
800-387-9175 PBX [Hold Music = CHUM FM]
800-387-9218 Voice Messenger
800-387-9644 Carrier
800-426-2638 Carrier
800-524-2133 Aspen
800-663-5000 PBX/Voice Mail [Hold Music = CFMI FM]
800-663-5996 Voice Mail (5 rings)
800-847-6181 Voice Mail
NOTES: Each and every one of these numbers is available to the 604 (British Columbia)
Area Code. Most are available Canada Wide and some are located in the United States.
Numbers designated ROLM have been identified as being connected to a ROLM Phonemail
system. Numbers designated ASPEN are connected to an ASPEN voice message system.
Numbers designated VOICE MAIL have not been identified as to equipment in use on that
line. Numbers designated carrier are answered by a modem or data set. Most Voice
Message systems, and ALL Rolms, sound like an answering machine. Press 0 during the
recording when in a rolm, * or # or other DTMF in other systems, and be propelled into
another world...
106.Hacking TRW by The Jolly Roger
When you call TRW, the dial up will identify itself with the message
"TRW". It will then wait for you to type the appropriate answer back (such as CTRL-G)
Once This has been done, the system will say "CIRCUIT BUILDING IN PROGRESS" Along
with a few numbers. After this, it clears the screen (CTRL L) followed by a CTRL-Q.
After the system sends the CTRL-Q, It is ready for the request. You first type the 4
character identifier for the geographical area of the account..
(For Example) TCA1 - for certain Calif. & Vicinity subscribers.
TCA2 - A second CALF. TRW System.
TNJ1 - Their NJ Database.
TGA1 - Their Georgia Database.
The user then types A
Most Requests use the RTS option. OPX, RTX, and a few others exist. (NOTE) TRW will
accept an A, C, or S as the 'X' in the options above.) Then finally, the user types his 7 digit
subscriber code. He appends his 3-4 character password after it. It seems that if you
manage to get hold of a TRW Printout (Trashing at Sears, Saks, ETC. or from getting your
credit printout from them) Their subscriber code will be on it leaving only a 3-4 character
p/w up to you.
For Example,
(Call the DialUp)
TRW System Types, (ST) CTRL-G
(You type, YT) Circuit building in progress 1234
(ST) CTRL-L CRTL-Q (TCA1 CYT) BTS 3000000AAA
Note: This system is in Half Duplex, Even Parity, 7 Bits per word and 2 Stop Bits.
CAUTION: It is a very stressed rumor that after typing in the TRW password Three (3)
times.. It sets an Automatic Number Identification on your ass, so be careful. And forget
who told you how to do this..
107.Hacking Vax's & Unix by The Jolly Roger
Unix is a trademark of AT&T (and you know what that means)
In this article, we discuss the unix system that runs on the various vax systems. If you
are on another unix-type system, some commands may differ, but since it is licensed to
bell, they can't make many changes.
Hacking onto a unix system is very difficult, and in this case, we advise having an inside
source, if possible. The reason it is difficult to hack a vax is this: Many vax, after you get
a carrier from them, respond=>
Login:
They give you no chance to see what the login name format is. Most commonly used are
single words, under 8 digits, usually the person's name. There is a way around this: Most
vax have an acct. called 'suggest' for people to use to make a suggestion to the system
root terminal. This is usually watched by the system operator, but at late he is probably at
home sleeping or screwing someone's brains out. So we can write a program to send at the
vax this type of a message: A screen freeze (Cntl-S), screen clear (system dependant),
about 255 garbage characters, and then a command to create a login acct., after which
you clear the screen again, then unfreeze the terminal. What this does: When the terminal
is frozen, it keeps a buffer of what is sent. Well, the buffer is about 127 characters long.
so you overflow it with trash, and then you send a command line to create an acct. (System
dependant). After this you clear the buffer and screen again, then unfreeze the terminal.
This is a bad way to do it, and it is much nicer if you just send a command to the terminal
to shut the system down, or whatever you are after... There is always, *Always* an acct.
called root, the most powerful acct. to be on, since it has all of the system files on it. If
you hack your way onto this one, then everything is easy from here on... On the unix
system, the abort key is the Cntl-D key. Watch how many times you hit this, since it is also
a way to log off the system! A little about unix architecture: The root directory, called
root, is where the system resides. After this come a few 'sub' root directories, usually to
group things (stats here, priv stuff here, the user log here...). Under this comes the
superuser (the operator of the system), and then finally the normal users. In the unix
'Shell' everything is treated the same.
By this we mean: You can access a program the same way you access a user directory, and
so on. The way the unix system was written, everything, users included, are just programs
belonging to the root directory. Those of you who hacked onto the root, smile, since you
can screw everything...the main level (exec level) prompt on the unix system is the $, and if
you are on the root, you have a # (superuser prompt). Ok, a few basics for the system... To
see where you are, and what paths are active in regards to your user account, then type
=> pwd
This shows your acct. separated by a slash with another pathname (acct.), possibly many
times. To connect through to another path, or many paths, you would type:
You=> path1/path2/path3
And then you are connected all the way from path1 to path3. You can
run the programs on all the paths you are connected to. If it does
not allow you to connect to a path, then you have insufficient privs, or
the path is closed and archived onto tape. You can run programs this way
also:
you=> path1/path2/path3/program-name
Unix treats everything as a program, and thus there a few commands to learn...
To see what you have access to in the end path, type:
ls
for list. This show the programs you can run. You can connect to the root directory and run
it's programs with=>
/root
By the way, most unix systems have their log file on the root, so you can set up a watch on
the file, waiting for people to log in and snatch their password as it passes thru the file.
To connect to a directory, use the command:
=> cd pathname
This allows you to do what you want with that directory. You may be asked for a password,
but this is a good way of finding other user names to hack onto. The wildcard character in
unix, if you want to search down a path for a game or such, is the *.
=> ls /*
Should show you what you can access. The file types are the same as they are on a dec, so
refer to that section when examining file. To see what is in a file, use the
=> pr
filename command, for print file. We advise playing with pathnames to get the hang of the
concept. There is on-line help available on most systems with a 'help' or a '?'. We advise
you look thru the help files and pay attention to anything they give you on pathnames, or
the commands for the system. You can, as a user, create or destroy directories on the
tree beneath you. This means that root can kill everything but root, and you can kill any
that are below you. These are the
=> mkdir pathname
=> rmdir pathname
commands. Once again, you are not alone on the system... type=>
who
to see what other users are logged in to the system at the time. If you
want to talk to them=>
write username
Will allow you to chat at the same time, without having to worry about the parser. To send
mail to a user, say
=> mail
And enter the mail sub-system. To send a message to all the users on the system, say
=> wall
Which stands for 'write all'. By the way, on a few systems, all you have to do is hit the
single message to a user, say
=> write username
this is very handy again! If you send the sequence of characters discussed at the very
beginning of this article, you can have the super-user terminal do tricks for you again.
Privs:
If you want superuser privs, you can either log in as root, or edit your acct. so it can say
=> su
this now gives you the # prompt, and allows you to completely by-pass the protection. The
wonderful security conscious developers at bell made it very difficult to do much without
privs, but once you have them, there is absolutely nothing stopping you from doing anything
you want to. To bring down a unix system:
=> chdir /bin
=> rm *
this wipes out the pathname bin, where all the system maintenance files are. Or try:
=> r -r
This recursively removes everything from the system except the remove command itself.
Or try:
=> kill -1,1
=> sync
This wipes out the system devices from operation. When you are finally sick and tired from
hacking on the vax systems, just hit your cntl-d and repeat key, and you will eventually be
logged out.
The reason this file seems to be very sketchy is the fact that bell has 7 licensed versions
of unix out in the public domain, and these commands are those common to all of them. I
recommend you hack onto the root or bin directory, since they have the highest levels of
privs, and there is really not much you can do (except develop software) without them.
108.Verification Circuits by The Jolly Roger
One busy verification conference circuit is always provided. The circuit is a three-way
conference bridge that enables an operator to verify the busy/idle condition of a
subscriber line. Upon request of a party attempting to reach a specified directory
number, the operator dials the called line number to determine if the line is in use, if
the receiver is off the hook, or if the line is in lockout due to a fault condition. The
operator then returns to the party trying to reach the directory number and states
the condition of the line. Lines with data security can not be accessed for busy
verification when the line is in use.(Refer also to data security.)
Three ports are assigned to each busy verification conference circuit. One port is for
operator access and two ports are used to split an existing connection. To verify the
busy/idle condition of a line, the operator established a connection to the operator
access port and dials the directory number of the line to be verified. If the line is in