Sign in to follow this  
Followers 0
CrAzYPiLoT

Help?

12 posts in this topic

Hi, I'm new to all of this, not just phreaking, but hacking in general. So my question is: Where can I learn about the telecommunications systems discussed in this forum and all the acronyms, symbols etc.? Hope this belongs here, if not close this :)

0

Share this post


Link to post
Share on other sites

Here are the direct links to the original audio files, because fuck Soundcloud (Twitter). Protocol is http://

download.evan-doorbell.com/production/HowBPhreak01.mp3
download.evan-doorbell.com/production/HowBPhreak02.mp3
download.evan-doorbell.com/production/HowBPhreak03.mp3
download.evan-doorbell.com/production/HowBPhreak04.mp3
download.evan-doorbell.com/production/HowBPhreak05.mp3
download.evan-doorbell.com/production/HowBPhreak06.mp3
download.evan-doorbell.com/production/HowBPhreak07-rough.mp3
download.evan-doorbell.com/production/HowBPhreak08.mp3

In fact it may do any beginner well to peruse ALL the production tapes on http://evan-doorbell.com/ as it contains much knowledge about the way Our Lady of the Dial Tone once worked. In addition to the above you may also want to pay specific attention to "Network Sounds of the 70's" and the "Sounds of Long Distance" series for the time being.

There were also several earlier (early 90s) "Off the Hook" episodes that I will link to at a later time (when I find them), where Eric goes over a lot of the stuff in detail about how things work, what it does etc. in terms more relevant to the present tech. Unfortunately even some of that information is becoming obsolete as IP telephony increasingly creeps into the background of the PSTN.

Acronyms: see "The Telephony Acronyms and Abbreviations List from Hell"; Phrack #43, http://textfiles.com/magazines/PHRACK/PHRACK43

0

Share this post


Link to post
Share on other sites

Thanks for the replies. One more question, what is POTS used for these days, is it important if I want to phreak, and how can I get that in my country(Serbia)?

Edited by CrAzYPiLoT
0

Share this post


Link to post
Share on other sites

Well, let's see, POTS is the basic wireline dial tone telephone network/system/service (whatever you want to call it) (Plain Old Telephone Service). Basically any time you lift the handset of a telephone and get a central office dial tone, unless the fone is connected to an IP network or a private branch exchange (sometimes), you're probably using POTS.

What's it used for? Where do I start...

0

Share this post


Link to post
Share on other sites

BTW, I have a rotary dial phone with a completely different connection system apart from my landline. Completely different dial tone. Which of this is POTS? I don't know what is the central office dial tone or anything about my phone company. In Serbia there isn't a phreaking community as all Payphones now use cards instead of money and the company has an antifraud system so I really don't have any resources from which to learn :( Advice?

EDIT: I managed to find some stuff and codes for phreaking in Serbia, and the guy says that most towns use AXE10 centrals, but there are still some analogue ones. I actually do not know what this means for me. Explanation?

Edited by CrAzYPiLoT
0

Share this post


Link to post
Share on other sites

I managed to find some stuff and codes for phreaking in Serbia, and the guy says that most towns use AXE10 centrals, but there are still some analogue ones. I actually do not know what this means for me. Explanation?

 

 

An AXE-10 is a fully digital switch - quite a common one in Europe from my understanding. We have a few of them here in the US too, but I've never got to use a line on one up close. The one thing I can tell you is the error recordings tend to be a bit uniform sounding; unlike a lot of switch manufacturers, Ericsson provided an easy way to directly upload recordings to their hardware. In most places, the switch techs have to play recordings into a telephone line in some manner, and they tend to not be very good at it. As a result, it becomes easy to tell switches apart by the noises on the recordings. This generally isn't possible with AXE-10s (some of them have IDs though, like in Australia) since the announcement hardware is being given the exact same file as all the other switches.

 

Anyway, getting back to what your friend was saying, he means there's central offices with analog switching hardware - like the ones you hear in the Evan Doorbell recordings. You'll get to hear loud clicks from the equipment, possibly some crosstalk, and in general, just different behavior from the AXE-10s.

 

 

If you have some time, sit down and listen to "How Evan Doorbell Became a Phone Phreak". You'll get a pretty good overview of the history, and there's sound involved too!

 

 

This. Very much this. Though the crossbar switching equipment Evan talks about has long since been replaced by digital switches, most of the basic techniques - like listening for different sounds between switches and finding test numbers are still used to this day. To oversimplify it, a lot of what we do (or at least what I do; I don't want to speak for anyone) is apart from understanding the network, reaching out to as much equpiment as possible, and giving it unorthodox input based on what we know. The things you can do with nothing other then the phone on your desk tend to get interesting pretty fast.

 

One thing you'll learn pretty quickly though is you have to enjoy the sounds of the network. The more you do, the faster and better you'll become at finding interesting things. You'll occasionally find a few things that get monotonous really fast - and when you do, that's a perfect time to ask for help or simply stop, but if you find everything is that way, you might have to consider whether or not phreaking is for you.

 

EDIT: Sorry, didn't catch this one:

 

 

 

BTW, I have a rotary dial phone with a completely different connection system apart from my landline. Completely different dial tone. Which of this is POTS? I don't know what is the central office dial tone or anything about my phone company.

 

The POTS line is most likely the one coming from the national phone company that operates all the payphones. Sorry, I know this isn't a lot to go on. Can you give us a bit more information about your situation?

Edited by ThoughtPhreaker
0

Share this post


Link to post
Share on other sites

Well, the text I read about the exchanges was pretty dated - more than 10 years. I have contacted the writer and even though he doesn't phreak anymore, he confirmed that AXE-10s are used to this day. There are few different recordings I found dialing cell phone numbers. One of them is cracking in the background. As in Serbia we have 6+ different cell phone prefixes (061, 062, 063, 064, 065, 066, 060, and in some cases 068), I suppose that is the consequence. I haven't had much chance to play with the POTS. I have been keeping myself busy by dialing interesting US numbers via Hangouts, examining our Payphones (pictures coming soon!) and dual booting Linux for WarVox. I will update with new info after I reinstall my OS the day after tomorrow. BTW, don't think I have gone away if I don't post for some number of days, it's just school (Yes, I would love to have been born in the 70s to get in on the phreaking, but oh well :) Anyway, pics of Payphones coming tomorrow (both wall mounted and street.) I will try to get some resources for making a beige box (please tell me if it's outdated) as I think I have found a company box. TNI's are apparently not a thing in Serbia, if I don't break through walls to get to them :P Listened to the whole Evan Doorbell series (Fascinating)

EDIT: So, I was fiddling around my phone line and I discovered that an ADSL splitter is hooked up into my (probably) TNI in the wall. Out of the ADSL splitter go two lines: phone and modem. The phone line (as expected) goes into the base of my cordless phone. The modem line goes into a 6Mb/s connection internet modem, and from there, two lines, one for each of the TV routers. All of this equipment was installed by the only Telcom in my town (and the main Telcom in Serbia): Telekom Srbija. The phone brand is Panasonic. I can provide pics of any part of the line. My question is: POTS or ISDN?

BTW, I am not sure if any stores sell the 'Halo' calling cards anymore, as Payphones are rarely used these days. The card basically works like a card with which you get message units (yes, we are that far behind :P), when you do not have any more of the MUs it will disconnect you, and is rechargeable. Info on payphones:http://img.pathfinder.gr/clubs/files/25970/1.pdf

Will update with pics from all angles tomorrow. The exact model is the blue one shown on the first page.

EDIT2: I found some things which may be TNIs. Pics:

http://imgur.com/DbXNHtw

http://imgur.com/Nbw94Ej

I have one open, but my battery was dead, I will get the pic tomorrow, it looks like it could be an TNI.

I got a pic: http://imgur.com/tnfivku

I also got some boxes which show up every 3 houses or so, and are almost always numbered: http://imgur.com/xZ2ydyn

It says "GMB Automatik" next to the "Telekom Srbija IRO" text. On the supposed TNIs, there is an engraved SP- and then a number in paint, in my town I have seen 6 and 2 so far. These TNIs are on every house, in the yard, and next to apartment buildings are almost always the "IRO" boxes.

Found some info on both of these:

IRO: http://www.gmb.co.rs/e0103.php

TNI?: http://www.gmb.co.rs/e0106.php

Edited by CrAzYPiLoT
0

Share this post


Link to post
Share on other sites

Not that I know anything about Serbian telecommunications specifically, but maybe try and see if the jacks provided in these supposed TNI boxes can connect a phone. If they have ANACs there (numbers which read back which number you're calling from) you can find out the call back numbers for starters.. From there maybe scan for interesting exchanges, or find old/interesting error messages (if they still exist on the system).

Edited by phonetrovert
0

Share this post


Link to post
Share on other sites
I will try to get some resources for making a beige box (please tell me if it's outdated) as I think I have found a company box.

 

I wouldn't say it's outdated really, but unless you have a really good reason for it, like trying to hear the phone line an interesting piece of equipment lives on or calling from a switch you otherwise had no way of using, it's not all that interesting. It requires minimal skill, most line cabinets or whatever they're called (at least here) are in plain enough view to make it a bad idea, and if you're doing it simply to leave some random idiot with a huge bill, er, congrats I guess? I dunno exactly what that accomplishes.

 

One thing I've found from watching others is that most phone companies tend to turn a blind eye to any sort of abnormal usage a lot more when it doesn't involve fraud. Not costing anyone money is pretty much the rule of thumb for doing whatever you feel like.

 

I can provide pics of any part of the line. My question is: POTS or ISDN?

 

If you want to give me the model number of the cordless phone, I can check. I took a quick look at the Telekom Srbija website (or as best I could anyway. Google Translate didn't exactly help), but it seems like they're pushing for ISDN more than US telcos are. Imho, you're pretty lucky to have that; ISDN is a cool protocol. If you have it, you're very likely served out of either the same switch that provides POTS service, or a very similar one.

 

Anyway, the most obvious place to start would probably be payphones. As the PDF mentions, it uses a 1200 baud modem to phone home to the operating company's reporting number. The payphone number in and of itself would be a good place to start too.

 

So if I were you, here's what I'd do:

 

1) Find the number to the payphone. If it's not marked, my first bet would be to call the customer service number for Telekom Srbija. At least here in the US, a lot of phone company customer service lines will read back the number you're calling from.

 

2) Find a way to make the payphone call out to the polling computer. Sometimes this is as simple as getting a rate quote; they don't always have the rates for unusual destinations stored in them. A sure fire way to do this would probably be to find a calling card - or some sort of card it'll accept to use. It doesn't necessarily have to even be a working one with a balance, but keep in mind it might check for that. If you happen to find a way to access the programming menu (all the ones with processors, like the model you mentioned, in the US have one) sometimes it'll just tell you what it is.

 

Anyway, when you get it to do that, listen closely into the earpiece for touchtones. If you can hear it dialing out, try to get a recording of it, and we'll help you decode it. A microphone is probably usable so long as there isn't a lot of noise. As a rule of thumb for any recording, you'll want to listen to what it's picking up as it's happening. If you can hear the tones through your headphones, it's probably usable. If they're available, you might want to try finding a pickup coil. Basically, instead of picking up sounds acoustically, a pickup coil picks up handset noise inductively using a roll of magnetic wire. The result is much, much better. If you find yourself investing a lot of time near payphones - or any phone you can't directly record from, you might want to think about building you're own; they're literally just wire with a 3.5 millimeter plug on it.

 

3) Talk to your friend who mentioned the AXE-10s, and see if he'll mention any of the switching systems that used to be used, and the interoffice signaling protocols they used. This is important because if Serbia is like Mexico, they used to have Ericsson crossbar systems installed before they bought AXE-10s. At least there, they used a very strange, almost inverted dialpulse system for talking to other switches. Basically, it worked exactly like an inverse rotary dial; so like, instead of ten pulses for the number 0, there'd be just one, and there'd be ten pulses for the number 1.

 

At least in the US, a lot of phone company internal numbers, payphone numbers and other things of the sort are assigned with the last four digits 99xx and 00xx because those would physically take the longest amount of time to dial. For the sake of convenience or consistency or whatever, most of our phone companies still put their internal stuff there to this day.

 

Oh, and speaking of which, I took a few minutes to call some numbers in your capital. I dunno if it's anything special, but I found a modem. If you happen to have one lying around and a program like Hyper Terminal, you might want to see if it's anything interesting; +381-11-30-20-900.

Edited by ThoughtPhreaker
0

Share this post


Link to post
Share on other sites

I'll try to get the numbers and the touchtones. The modem is only a fax machine AFAIK, but nice find. Phone modems are rather rare in Serbia. Sorry for the really REALLY late reply.

0

Share this post


Link to post
Share on other sites
I'll try to get the numbers and the touchtones. The modem is only a fax machine AFAIK, but nice find. Phone modems are rather rare in Serbia. Sorry for the really REALLY late reply.

 

No worries! I've been pretty busy myself. For what it's worth, when I called it I remember being positive it was a modem. Though the route I got to your country was also somewhat questionable, so it's possible there was something stupid like an out of band modem standard that ruined the result. Try comparing this to an actual fax machine, though; whatever comes after the 2100 hertz tone should be fairly distinct from the number I gave you.

 

As for phone modems in and of themselves, their uncommonness is kind of a blessing here in the US; they're still used pretty frequently in industries like broadcasting or telecom. Finding one in the wild is usually a guarantee of either a dial-up internet number or something good.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0