tssci security

Phrack a Day -- Issue 1

Here's our first "Phrack a Day" posting. We first mentioned this segment here. We won't be able to comment on every phile as we did this one, but we'll do our best to keep them short, informative, and entertaining. We also won't pretend like we know wtf an article is talking about when it's way over our heads, so we're counting on you guys to fill in the blanks for us. There are also some philes that are self-explanatory, [now] common knowledge, etc. that we may just end up skipping. Post any feedback or comments -- we'd love to hear them! Also don't forget to post in the Phrack's comments section as well.

Phrack Issue One -- Released 11/17/1985

Hacking SAM - A Description Of The Dial-Up Security System by Spitfire Hacker

I honestly have no idea what SAM is. A Google search returned many results back to this phile, but also turned up this pdf on Global DataComm Modem Security.

THE PHONE PHREAK'S FRY-UM GUIDE by Iron Soldier

We love pranks, especially getting your friends. This one takes the cake, totally ruining someone's day. Call up the phone company and cancel the guy's phone, order a stack of phone books, The modern day equivalent would be calling up the local pizza shops and Chinese restaurants and ordering delivery to some loser's address.

Or how about that time we called Poison Control:

> Can you help me? My router has a poisioned arp cache. >> Say what?? > It swallowed a TCP packet with a malformed header.

bahaha... good times :)

How to Pick Master Locks by Ninja NYC

This trick was just cool. Remember your classmates would try and listen to the clicks like they do in the movies and end up failing at opening the lock? Well, this trick did work. Masterlock has since made it harder to break, but look no further, WikiHow shows you how to crack the combo. Hack A Day also had a post back in 2005 with video and a link showing how to recover a lost combo. In gym class, most of us would just give up and take a folding chair and slam the backrest against the handle. Don't forget the Bic pen trick with Kryptonite U-locks.

Acetylene Balloon Bomb by The Clashmaster & Gin Fizz

Step 1, Fill a bathtub with water. Step 2, Submerge balloon in water and remove all oxygen. Step 3, Fill balloon up with acetylene. Step 4, Take balloon out, twist the opening shut. Let dry. Step 5, Open balloon and insert a rock with a fun-snap.

I read this thinking, there's no way this works the way it's constructed. How would a fun-snap pop on impact when it's inside the balloon? This is just one of those projects you'd sit back and say, "eh, I'll let someone else try this one." If anyone has gotten it to work the way it's described, let me know.

Schools and University Numbers by Phantom Phreaker

Several years ago our university had a 56k modem bank for remote access service (RAS). We found that the numbers were listed for students to access the intranet homepage. One day, I dialed in to access our online classroom and realized it put me on the same subnet as the student workstations located in the common area. I began screwing around with various settings for gateways and proxies, and found one proxy that would allow me out of the network. I then set up a router in my apartment and shared the 56k dialup Internet connection with some shady dude who lived across the hall. Our university eventually took the modem bank offline and we had to get our own connection. :/

***

Well, that's it for this issue. This issue was relatively short and not as technical or security oriented. Future posts may end up being broken up across the week depending on how technical and lengthy the philes get. Hope you enjoyed reading this; subscribe to the RSS feed so you don't miss any future updates. :)

Posted by Marcin on Thursday, August 2, 2007 in Phrack a day.

blog comments powered by Disqus
blog comments powered by Disqus