• Content count

  • Joined

  • Last visited

Community Reputation

-1 Noobie

About flarn2006

  • Rank
    Gibson Hacker
  • Birthday 07/28/1993

Profile Information

  • Gender
  • Interests
    kiosk hacking
    4-2-3-1 coke machine hack
    video games

Contact Methods

  • ICQ
  1. Well I finally figured it out. I noticed my FiOS telephone service recently got an upgrade that logs calls and lets me view them on the TV. So I did a comm test and looked at the logs. The number it dialed was (800) 752-6437. I called it and heard some weird noises, but it didn't sound like a standard modem. Anyone recognize the sounds it makes as a certain type of connection?
  2. What exactly do you mean by "pop the cap off the jack"? How do those recording devices work without having an electrical connection? And if it seizes the line, wouldn't that prevent it from recording from another phone? Good idea, but I don't have a VOIP adapter, and even if I did, I probably couldn't connect the alarm (with the wider plug I mentioned) to the adapter. get yourself another phone jack... open the cover for this one and connect the green/red terminals for your new jack to the green/red terminals for this jack... then you can connect a DTMF decoder to the jack that you just added... if for some reason the jack might be wired backwards, then the blue/white terminals inside this jack would go to your green/red on your new jack I don't think my parents would let me remove the cover. :-\ Anyway, would that suction cup thing work if it seizes the line?
  3. What exactly do you mean by "pop the cap off the jack"? How do those recording devices work without having an electrical connection? And if it seizes the line, wouldn't that prevent it from recording from another phone? Good idea, but I don't have a VOIP adapter, and even if I did, I probably couldn't connect the alarm (with the wider plug I mentioned) to the adapter.
  4. I'm trying to figure out what number my alarm system dials. Problem is, when I run the comm test and pick up the phone, it seizes the line (presumably so a burglar can't pick up the phone and prevent it from communicating.) I figured I'd open the alarm panel and connect a splitter to that same jack, or use an extension cable to connect it to a regular jack, but the plug is wider than a normal one so I can't plug it into any other jack. I know it's a phone jack, since I've plugged a phone into that jack before and successfully called an ANAC, but the plug that's normally in there can't be plugged into a normal phone jack. Any ideas on what I can try? Any ideas on measures I can take to prevent it from seizing the line so I can listen to the DTMF tones? Or anything like *69 for outgoing calls?
  5. Just the one hop to the server, just like any other device on my network.
  6. I've tried to sniff Internet traffic from my cable boxes using Wireshark, but my computer doesn't receive the packets whether I use a wired or wireless connection. The cable boxes aren't wireless, so I'm not surprised about that, but they don't provide any options for specifying a proxy or anything like that, nor do they have an Ethernet port (wait, do they? Let me check...nope.) None of my computers have any kind of MoCA adapter either. Does anyone know any way I can configure my FiOS router so it logs traffic from my cable boxes, or forwards it to another IP address? I have an old cable modem from when I used Cox; could I use that for anything? This is something I've been wanting to do for a while. The boxes seem to require an Internet connection in order to use On Demand or the TV guide, and I'm interested in examining that traffic. Anyone know any DNS names they use that I can override on the router? One thing I'm interested in in particular is port 8082 on the STB. When connected to with HTTP, it gives me a generic HTTP username/password prompt, but I can't seem to figure out what the password is. I tried brute-forcing it once with dictionary words, but the box just crashed.
  7. It is always possible that they had it connected to Ethernet but still had the Wi-Fi connected, and the netboot server isn't accessible over Wi-Fi. This is unlikely however, as why would they connect it to their Wi-Fi if it was already connected to Ethernet? Also, I know it wasn't already set up to connect to their Wi-Fi from another time I had my laptop there, as it's at the end of the list of known networks. In case it'll be helpful, you can find all of the screenshots at http://imgur.com/a/o2AuZ. In case you're concerned about it, this "apple" user who's logged in is just a temporary account I had set up for them, not some kind of backdoor they have. The reason they went into the Users & Groups preference pane was to remove my script from the login items, but they hadn't actually terminated the process. They hadn't booted it again either, as /var/log/secure.log says that user only logged in three times, two of which had actually been me logging in. Also, I'm just curious: how would someone develop exploits from this?
  8. I recently took my MacBook Pro to the Apple store for repair, but I had a script running in the background that took screenshots to monitor what they were doing. This screenshot was among them, and it shows System Preferences open with a list of netboot volumes. I'm interested in obtaining the Apple Service Toolkit. I know it is tightly controlled by Apple, and I would like advice with how exactly to go about downloading all the related files (TFTP files, boot image, etc.) to be able to leak this. I know for a fact this server is accessible on their unsecured "Apple Demo" wireless network, as another screenshot shows my laptop connected to it, so this means I will be able to connect without necessarily even entering the Apple store (where employees can see what I'm doing), let alone SE-ing an employee to plug the Ethernet cable into my computer. But when I'm connected, I'm unsure exactly how to actually download the files used by this. I assume it involves using TFTP to connect to, but since TFTP doesn't support directory listings, I don't know the names of the files I would need to download. Can anyone please help me out? If I get it, I'll post it here.
  9. I heard this was confidential, but I found it without much effort through Google. At first I thought it must be a different document, but then I saw this: Here it is: http://read.pudn.com/downloads13/ebook/53509/SD/Part3-v1.0-%20Security%20spec.pdf And in case it's taken down, here's a mirror: http://www.filedropper.com/part3-v10-securityspec Not surprisingly, this PDF file has usage restrictions on it. Not a problem; it's not encrypted. Thanks to PDFpirate, those usage restrictions are removed. You can find an unlocked version of the PDF here: http://www.filedropper.com/pdfpirateorgunlocked Share this! I know this DRM measure is hardly if ever used, but I'm sure spreading this around will make it even less likely to be used in the future.
  10. nyphonejacks, I was doing some research on Wikipedia (http://en.wikipedia.org/wiki/Subscriber_Identity_Module) and I think what he was talking about may have been the Ki. The guy at RadioShack said it's stored on the phone, but he just meant as opposed to only being on the "satellites." I don't know if it can make free calls however; he may have been mistaken or maybe I misunderstood. But the only reason it's inaccessible seems to be to protect the owner from other people cloning their SIM. What if the owner wants to clone their own SIM, so they can have multiple cell phones on one account for instance?
  11. I talked to a guy at RadioShack earlier today about how cell phones work, and he says there's a code stored in the cell phone, to which the user has no access, which it sends to the "satellite" (he probably meant cell tower/network) to identify it as an activated cell phone. It's not the IMEI number, nor is it an unlock/subsidy code (the latter isn't used for that purpose anyway) but from what he said it seems to be hidden for a reason. IIRC, he said if you found out that code (which he says is a very complicated process) you could potentially make free calls. (I have no intention to commit fraud, I just want to learn more about it.) What I'm confused about is why it would be illegal (he said it was) to hack your cell phone to find out that code even if you don't use it to commit fraud, which confuses me because if it's stored in my own cell phone, I believe I have a right to know it. Does anybody here know what that code is called? BTW, does anybody here know how GSM and CDMA work? I mean have any specifications on exactly what data is sent. Would this information be public knowledge, or would it have to be leaked somehow? Are there any "sniffer" devices that can figure out exactly what data is sent/received, and whether or not these are legal to use as long as you don't use them to invade others' privacy? Are there any cell phones that aren't programmed to try to keep secrets from its owner, or restrict its owner in any way with how he uses it? Sorry if I'm asking too many questions.
  12. What I mean is can someone else on this forum with a Broadview security system do it in their own home for me, and then post the number? I would do it myself, but my parents don't want me messing around with our phone connection or security system.
  13. For a while I have been wondering what number my Broadview home security system dials. Today I used the communications test feature with the phone off the hook and against my computer's microphone. However, when I started the test, the dial tone just stopped and I didn't hear any dialing, though it still indicated the test was successful. It's probably connected to the phone line in a different way than the regular telephone. If I lift the cover on the system's control box, I can see the phone cord plugged into a phone jack. Probably if this is unplugged and instead plugged into a regular phone jack (using a telephone extension cord) I will be able to hear it dialing. Unfortunately, however, my mom won't let me do that. Would somebody else please do it for me, so I can find out what number it dials, but not get in trouble? If you could record the entire call that would be great. Thanks to whoever does it! (By the way, if you know the number the Brinks people sometimes call that says "You've reached the Central Station" and asks for a user ID and password, please post that too.)
  14. I'm sorry for three things: I bumped an old thread (really the same as #2--you may think it's good or bad) It was a long time until I did visit this topic again and post (see above) I can't post the stuff online, as my parents won't let me. :-( I would if they let me though.
  15. Thank you very much! That worked; I got all the contents.