Freaks Macintosh Archive

home *** CD-ROM | disk | FTP | other *** search

/ Freaks Macintosh Archive / Freaks Macintosh Archive.bin / Freaks Macintosh Archives / Phreaking⁄Wardialers / Phreaking texts / RedBoxIdeas.txt < prev next >

Wrap

Text File | 1999-01-28 | 9KB | 411 lines

/////////////////////////////////////////////////////////////////////////////// Ideas in Red Boxing: Mercury Switches and Brute Force: By: Cybernetik January 1992 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Introduction --------------- Radio Shack's DTMF Dialer (cat # 43-141) can be easily modified to produce the same frequencies that Pay Phones use for quarter/nickel/dime signaling back to Ma Bell. This is done by switching the crystal in the unit from 3.579Mhz To 6.5535 MHz. This information is completely covered in another file (See 2600 Magazine for details) and will not be covered here. What I will attempt to cover in this article is 1) A simple way of modifiying the dialer to switch between DTMF and Red Box Tones, and 2) A low-cost idea for building the red box from scratch. Parts Needed ---------------- Ohm Meter Solder Soldering Iron Epoxy or Duco Cement XT1 6.5535 Mhz Crystal <You should know this by now!> M1,M2 2 Sub-Micro-Mini Mercury switches Don't get the ones that radio shack sells. They're WAY too big. They'll never fit inside the case. Our goal here is to fit _everything_ inside the case. This box will function exactly like Count Zero's "Combo Box" <I perfer to call it a Pink Box, seeing as it combines both the features of White and Red boxing> Schematic C R Y S T A L S ---------------- 3.5xx Mhz 6.5535 Mhz -=-=-=-=- -=-=-=-=- | | | | | | | | M1 \ | M2 \ | | | | | O-----------------------------------+-------|-------------+-------+ pads on circuit board | | where original crystal was removed from | | O-------------------------------------------+---------------------+ Step-By-Step Construction Details ------------------------------------ ** REMOVE ALL BATTERIES BEFORE CONTINUING! ** 1> Disassemble the dialer. Remove the 4 screws holding the case together, and save them. Some prying is necessary to split the case open, and should be done with the utmost caution. You _MAY_ desolder the two yellow wires holding the speaker to the circuit board if you want more room to work in, so long as you remember where you removed them from. Placement of these two wires is not crucial. You don't have to remember which wire goes to what pad, just where you removed them from. (Which will probably be near the top of the unit) 2> Carefully remove the original crystal from the circuit board. This will be a small silver cylindrical object, roughly 4 cm long and .25 cm wide, Soldered horizontally above the battery case, on the circuit board. Save it! 3> Using an OhmMeter, find out the orientation of the two mecury switches. Hold the leads to each side of the switch, turning the switch upside down and right side up until you get a reading of ZERO on the ohmmeter. This means that you've got a connection through the switch. Mark an arrow or something on the switch so that you can remember the orientation. 4) Using Expoy or Duco Cement, Attach the mercury switches, to the circuit board , so that one's orientation is UP, and the other, DOWN. When I speak of UP And DOWN, I'm talking about UP and DOWN in relation to the entire unit. UP means pointing towards the top, where the three buttons are. Down means pointing towards the battery case. This is exteremly important. If you make a mistake, and have them both in the same direction , the switching action of the mercury switches will be meaningless. 5) Solder one wire to each leg of the switches. Solder the other end of these two wires to the bottom pad that you removed the original crystal from. 6) Solder a wire from the top pad to a leg on the 3.5535MHz Crystal. 7) Solder a wire from the top pad to a leg on the 6.5535MHz Crystal. 8) Solder the remaining leg on the 3.5535 MHz Crystal to the remaining leg on one of the mercury switches. 9) Solder the remaining leg on the 6.5535 MHz Crystal to the remaining leg on the other mercury switch. ** ALWAYS REFER TO THE ABOVE SCHEMATIC IF YOU GET CONFUSED! ** TAKE CARE WHEN SOLDERING! THE CIRCUIT BOARD IS WIMPY, AND COPPER PADS WILL JUST MELT OFF THE BOARD IF GIVEN EXTREME HEAT! Reassembly ----------- 10) If necessary, remove the Piezo Speaker (the smaller one) to make room for the new parts. This speaker is only used during the programming of the dialer, and you can probably live without it. Clever people can move this to a different location within the dialer. 11) Cement the two crystals inside the dialer. Make sure of a few things: The bodies of the crystals are metal. If you want to place them in an area with lots of surrounding chips and parts, place cement down first, then the crystal to prevent shorting. The expoy can act as a wonderful insulator, and give you much more freedom as far as parts placement goes. 12) Place the back on the dialer, push it together, and insert the 4 screws again. Tighten. Testing/Troubleshooting --------------------------- Turn the dialer on. Insert batteries. Toggle the STORE/DIAL switch to STORE. Store 1 * in P1, 2 *'s in P2, and 5 *'s to P3. Return the switch to DIAL. Press P3. If you hear quarter tones, then you're halfway there. Turn the unit upside down. Press P3 again. If you're hearing DTMF tones, You're set. Depending on how you wired the mercury switches, You may have to flip the unit around to hear the different tones. I've got the Red Box tones active when I turn my unit upside down, which I think is perferred. (It tends to be a bit more discret)... ************ Part Two ************ So, now that you've got a decently looking/functioning Pink Box, go off and try it. Bone AT&T a few times. If you're intrested in building a Red Box from scratch, I'll offer a simple block diagram, and some ideas. I'm not in the mood to type out a complete schematic for it, but If I recieve enough requests, then I'll provide complete details. Insane techincal discussion follows. Ask me questions if you can't understand me. Don't sit there being confused. **** A red box can be created with 4-5 chips. You'd need 2 XR2207 VCO's (Voltage Controlled Oscillator), an LM386 Audio Amplifier, a 556 Timer to do your timings for you, and a 74191 counter chip. In theory: The duty cycle of the 556 would control the Make/Break ratio of the tones, acting as a clock. You'd have to adjust this ratio with either a scope or freq counter, taking a bit of time, but it'd be worth it. A scope would be preferable, because you could SEE the timings and adjust accordingly. The 74191 would be given the output of the 556. Some arrangement of gates would tell the 74191 when to stop, and you'd switch these gates, on and off with three switches. It may even be easier to have three switches controlling the 74191's SET inputs in binary. (You'd have to hold swithes 3 and 1 to get 5 quarter 'clicks'. Not too elegant, but functional.) You'd have to set the two VCO's to the approiate frequency using potentionmeters. Simple if you've got a freq counter. Also, you'd have to set the VCO's to function with a sine wave. This is only a thought. I wouldn't want to go through the trouble of building this, seeing for $30 you can toss one together via radio shack... --------------------------------------------------------------------- Any questions? Send mail to me on ATDT, V0iD or Internet mail to jna@silver.lcs.mit.edu =========================--------------------========================