Sign in to follow this  
Followers 0
unknown_entity

Something Old School

20 posts in this topic

i know a little bit about phreaking but not much. Ive read some files about 4 years and thought that using Colored Boxes was dead. But now some of the stuff im reading im not so sure. i know some things like cheating cocots will be around for a while but what about Blue and Red boxes do they still work?

I am an EE major my local college so i can build pretty much any tone emitting box. It's just a question of if the tones still work today?

0

Share this post


Link to post
Share on other sites

one place you could check out is 2600 magazine's article by Lucky225, "the end of on era" in the summer 2002 issue, you could also check out :

www.phonelosers.org/red_box.html

0

Share this post


Link to post
Share on other sites

Do you know of a url that would have "the end of an era"

.

.

.

(EDIT)

Never mind i found it, it was only about 2 pages long.

If i have the right one?

But that answers part of my question. If i were to go send tones thru a line today blue or red tones will it do anything. Besides waste an evening constructing and tuning a tone emitter? Or is it all now useless knowedge?

0

Share this post


Link to post
Share on other sites

On modern switching equipment a blue box won't do anything. The trunks don't respond to 2600hz anymore because all the signaling is out-of-band.

Red boxes still work in places. Not sure how worth it it is to build one nowadays though. At least around me I'd have to search pretty hard to find a payphone that worked with it.

The only tone emitting colored box that I know of that still works is the orange box. Unfortunately all of them are done in software because it's a lot more than just a few simple tones. It's essentially a Bell 202 (correct me if I'm wrong here) modem-ish device to spoof caller ID. It's probably better left to software so you don't have to create a real world interface for it.

If you really wanted to try blue boxing you could go to Nantes, Quebec though. They still have an old crossbar or step switch. But I think it's the last in North America. Check out Evan Doorbell's recordings to see what he says about Nantes. He's a famous phone phreak and has lots of recordings of what he calls "phone trips". They're definitely a must listen if you're a phreak.

0

Share this post


Link to post
Share on other sites

unknown_entity, i replyed to your private message you sent. If i would of seen this i would of copy pasted it here.

0

Share this post


Link to post
Share on other sites

im just checking out the Nantes recordings, this is some beautiful stuff.

0

Share this post


Link to post
Share on other sites

Cool. Glad you like them. Personally my favorite is part 1 of "How I Became a Phone Phreak". He hasn't released the rest of it yet but it's just so well done I can't hold it against him.

Evan Doorbell is really well spoken and so damned funny. If you have the time listen to all of his recordings and you won't be sorry. You'll also get to hear all of the tricks they used to blue box (guard banding, juicing, etc). It's an amazing piece of history.

0

Share this post


Link to post
Share on other sites

i've gotten through a good portion of them, they're really amazing. and that bit about the operators voice enticing him onto the phone, :lol:

defenetly entertaining.

0

Share this post


Link to post
Share on other sites

ok one last thing. DTMF tones are

1=700+900

2=700+1100

3=900+1100

4=700+1300

5=900+1300

6=1100+1300

7=700+1500

8=900+1500

9=1100+1500

0=1300+1500

and so on... (or maybe these are old tones.)

But then why does The Spec sheet of this DTMF encoder list a different combination of Freqs for the same digits?

Encoder: DTMF Chip

Spec sheet

Decoder chip

0

Share this post


Link to post
Share on other sites

The DTMF freqs are specified in rows and columns with row numbers increasing from top to bottom and column numbers increasing left to right. They are as follows:

Column 1 = 1209

Column 2 = 1336

Column 3 = 1477

Column 4 = 1633

Row 1 = 697

Row 2 = 770

Row 3 = 852

Row 4 = 941

So if you're looking for digit 1 you use column 1 and row 1 frequencies yielding 1209 + 697, 2 yields 1336 + 697, etc.

The data sheet looks good. Your tones might be blue box tones or something but I haven't looked them up.

0

Share this post


Link to post
Share on other sites

yes those tones i posted were from an old text on blue boxes. But i thought the 0-9 * # tones that a normal phone put out and the 0-9 * # that a blue box put out were the same freqs. And the only diff was the addition of KP, ST, ST2p, ST3p, and STp.

So it's a 4x4 grid.

............1...1...1...1

............2...3...4...2

............0...3...7...0

............9...6...7...9

............h...h...h...h

............z...z...z...z

--------------------

697hz..1...2...3...A

770hz..4...5...6...B

852hz..7...8...9...C

941hz..*...0...#...D

But the blue box only works if u live in the middle of nowhere so i guess its of no use.

But actually what im planning to do is use that encoder/decoder chip set to turn on and off lights in my house from the phone. Just leave a message of a few digits and that will trigger whatever i hook up to it.

0

Share this post


Link to post
Share on other sites

Yep, that's exactly the layout.

Make sure you throw some kind of 4 or 5 digit password on it otherwise you'll end up with wise asses like me trying to turn on and off all your stuff. :P

Blue boxing works on old equipment that uses in-band signalling. The phone company tried valiantly to stop people by installing filters on subscribers lines to block pure 2600Hz (since this should never be coming from the subscribers equipment).

This, of course, didn't work. The problem was that both the switches and the filters looked for pure 2600Hz. Sending 2600Hz and a higher freq (I forget the exact frequency) was called guard banding and defeated the first type of filters. How? Here's how...

The filters were between the subscribers line and the switching equipment. They had a pretty clear channel to the subscriber so both frequencies would reach them. The filters would not engage because they weren't seeing pure 2600Hz and they'd just pass both frequencies down the line. That second frequency was just high enough so that it didn't really pass through the rest of the phone system very well. By the time it had arrived at a switch that could be reset by 2600Hz the higher frequency was attenuated so much that it was so low that the switch wouldn't hear it. Now the switch sees pure 2600Hz and resets. Finally you can blast it with blue box tones.

Unfortunately electronic switches don't really care about 2600Hz anymore so you can't do this coll stuff anymore in most places. :-/

BTW, this information is all from a combination of lots of reading, Evan Doorbell recordings, and other assorted stories from over the years. If anything looks fishy or outright wrong please post and let me know.

0

Share this post


Link to post
Share on other sites

thats why i plan on running a seperate single digit decoder seperate from the chip to use as an enable, kinda like a send button. Prbably easier to make it single freq, so it's not something on the standard dtmf keypad.

Ex type "8421" the chip decoder sees it but does not pass it to the final output. Send "8421" and the enable tone. It sees "8421" and cause of the enable it acts upon the 8421.

So whats the difference between the blue box tones 0-9 i posted and the tones made by a regualr phone. Does this mean that the 0-9 tones used on customer loops differ from the 0-9 ones that control trunk lines?

0

Share this post


Link to post
Share on other sites

Yes, different freq. for different uses.. although now adays everything newer has detecters for blue boxes, although I also hear that a 3000hz tone , sent down the line at the same time as the master, may allow you to throw them off.. never tried it myself though, so its just hypothetical to me.

0

Share this post


Link to post
Share on other sites

apparently the nantes exchange was recently(2002 )switched over to dms

0

Share this post


Link to post
Share on other sites

So I guess that leaves Mexico as the last place to possibly find an electromechanical switch in North America. Anyone know of any down there?

0

Share this post


Link to post
Share on other sites
But actually what im planning to do is use that encoder/decoder chip set to turn on and off lights in my house from the phone. Just leave a message of a few digits and that will trigger whatever i hook up to it.

Just got back from the bookstore and noticed that the May 2003 Circuit Cellar (#24 I think) has a DTMF decoder project in it (page 36). It looked like it had support for a password and everything. If you're still interested in doing this project I'd check it out.

Good luck!

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0