home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacker Chronicles 1
/
HACKER1.ISO
/
hack
/
mish9.txt
< prev
next >
Wrap
Text File
|
1992-03-04
|
10KB
|
277 lines
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$ $
$ Lex Luthor $
$ and $
$ The Legion Of Doom/Hackers $
$ Present: $
$ Hacking Cosmos Part 2 $
$ Intermediate Course $
$ $
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$ $
$ In Part II we will explain how to $
$ find out various information about $
$ a Telephone number. Also, files, $
$ paths and directories will be $
$ explained. $
$ $
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$ (C) Written 23-Sept-84 $
$ L.O.D. Recursive Systems INC. $
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
NOTE: Everything shown in UPPER CASE is printed by COSMOS or typed by you.
I would like to correct a mistake I made in Part 1, I got a little carried
away with the capabilties of COSMOS. You Cannot enter someones name and get
thier phone #. What COSMOS is primarily used for is: To assign Central Office
Equipment to cable pairs, and telephone numbers. It maintains records of all
relevent facilities including subscriber cable and office equipment, process
service and work orders, and it produces bulk assignments for office additions
and rearrangements. In short, it automates the frame in your Central Office.
It prints lists at the beggining of each day, telling what numbers to connect,
and disconnect. Also, to keep track of everything going on in the frame.
HACKING ACCTS:
------- ------
Most COSMOS systems run on either a PDP 11/45 or 11/70 made by DEC, and can
usually handle up to 96 terminals which are either hard-wired, or remotly dial
into the system. If you don't know your local COSMOS dial-up or don't have an
account you can probably bullshit 1 out of your Test Board, frame, or switch.
They all should have the Dial-up, password and WireCenter in your area. Tell
them you are Joe Comosolo from the COSMOS data center and youv'e noticed
illegal access attempts. Ask them who is having the problem and ask them for an
account/password to do an on-line check to see what the problem is.
Typical COSMOS accts are: MF02, PA52, DP08, etc. Those 2 letter prefixes
in the beggining of the acct stand for:
PA- LooP Assignment center.
DA- Network Admin center.
RS- Repair Service.
MF- Frame and Toll.
FC- Frame Control center.
GA- General Inquiries.
DC- Data Conversion.
NT- NTec.
DP- DisPatch.
CI- CIC.
The more important accounts which are used for service order entry are, in
order of importance:
ROOT
SYS
BIN
PREOP
COSMOS
COSMOS is the account that the test board uses, and is now mainly found on the
older versions of the COSNIX operating system. The typical COSMOS passwords
are like: WETEST, MILK48, RINGIT. I have known people to guess a pass which
was a color or an anmimal then they entered other account names and different
colors and got other pw's, but it is very unlikely that you will guess a pw.
Some accounts don't have passwords but you will rarely get that lucky.
Sometimes all you need is the dial-up to get in. Whoever was last on forgot
to hit CTRL-Y to log off, and just hung up, so when you call, you get the WC%
sitting there! I hate to have to rely on this method of entry, and prefer
having an account/password. Well, you are now in, and can do some of the
things explained in this file.
TRANSACTION CODES:
----------- ------
Once you log in you should get the prompt of WC% where WC is the Wire Center
and % indicates that the system is on-line. From that prompt, you can type
certain commands that will enable you to do different things. The ISH or INQ
commands (Inquire about a Circuit) will print out various information about the
number you do it to. From the prompt, type ISH or INQ <C/R>. You will then have
to type an H which means HUNT then TN which is the Telephone Number 935-2481
and the system will print an underscore "-". You then type an "." and.........
WC% ISH
H TN 935-2481
-.
TN 935-2481
ST WK PD DATE 07-16-78 TYPE B
**ORD F24030161451 DD 01-20-84 FDD 01-20-84
OE 003-601-403
ST WK PD DATE 07-16-78 CS 1FR US 1FR FEA RNNL
**ORD F24030161451 DD 01-20-84 FDD 01-20-84
LOC WC1014 LOC W13-03L14/4-04
CP 45-1262
ST WK PD DATE 11-02-82
**ORD F24030161451 DD 01-20-84 FDD 01-20-84
LOC WC1010 LOC W10-06L01/3/12
HUNT SEQUENCE FOR TN 935-2481
TN 935-2482 TN 935-2484
** ISH COMPLETED 09-24-84
WC%
Here is an explanation of what was just printed out about the number 935-2481:
LINE 1 --> TN 935-2481
Is the Telephone number that you inquired about.
LINE 2 --> ST WK PD DATE 07-16-78 TYPE B
ST means STatus, WK PD is the WorK PerioD, the date following is when the TN
935-2481 was first installed, and TYPE sometimes abbreviated as TT is the
Telephone number Type, where B is a POTs (Personal number) with Hunting.
Hunting means that when the number 935-2481 is busy, the call will be forwarded
automatically to the next number until it finds an idle line. The TT TYPE
could be any one of the following:
B -- POTs hunting.
C -- Coin.
G -- Complex services, e.g., Direct
Inward Dialing, Radio Common
Carrier, etc.
O -- Official (company).
Q -- Centrex, WATS, large PBX's.
X -- POTs non-hunting.
LINE 3 --> **ORD F24030161451 DD 01-20-84 FDD 01-20-84
ORD stands for service or work ORDer which has a maximum of 20 Alphanumeric
Characters. DD is the Due Date, and FDD is the Frame Due Date, which I assume
is/was the last time the line was worked on.
LINE 4 --> OE 003-601-403
OE stands for Operating Exchange which, in this case is a #1ESS. Check HACKING
COSMOS Part III for the formats of Operating Exchanges. By seeing what format
the OE is, you can tell what type of CO the number is served by.
LINE 5 --> ST WK PD DATE 07-16-78 CS 1FR US 1FR FEA RNNL
ST, WK, PD were all explained in LINE 2, CS is the Customer Class of Service,
1FR stands for Flat Rate. US is the USOC (Uniform Service Order Code) which are
identification codes used on Service Orders and Equipment records to identify
items of service or equipment. Each code conisists of 3 or 5 characters, each
one being either a letter or a number. FEA RNNL stands for Customer FEAtures.
R = Rotary, N = Non-sleeve, N = Non-essential, and L = Loop started. The
typical type of line is Loop started, A ground start is used on PBX's and such.
LINE 6 --> (repeat of LINE 3)
LINE 7 --> LOC WC1014 LOC 213-03L14/4-04
LOC is the LOCation.
LINE 8 --> CP 45-1262
CP is the CablePair 45-1262.
LINES 9-11 --> (Have been previously explained.)
LINE 12 --> HUNT SEQUENCE FOR TN 935-2481
TN 935-2482 TN 935-2484
As explained earlier, when 935-2481 is busy, it will HUNT to 935-2482 if that
is busy, it will goto 2483 and so on.
You can also inquire upon the Cable Pair, by:
WC% ISH
H CP 45-1262
-.
The information printed will be similar to what was printed about the TN.
PATHS, FILES AND DIRECTORIES:
------ ----- --- ------------
If you have a semi-priveledged acct., type LS /* to see what files you have
access to. You will probably see something similar to:
/BIN: /ETC: /USR:
CP COSNIX BIN
DATE INIT COSMOS
ECHO LINES PREOP
LCASE PASSWD SO
MOTD SYSGEN SYS
STAT UIDS TMP
In actuality, these directories/files will be in "single file", I just put them
in 3 columns to save space/paper.
To run a program/process just type the filename at the WC% promt. If you want
to view a file in a directory, in this case we will use the /BIN directory,
you would type:
WC% CD /BIN
You first Connect to the Directory then to print the file MOTD which stands for
Message Of The Day, type:
WC% PR /MOTD
FRI APR. 10, 1984 11:37:16 MOTD PAGE 1
ATTN: ALL USERS
MAKE SURE YOU LOG OUT PROPERLY
THANK YOU
Some files may have an "!" appended to the end of them on the older versions
of COSNIX, those files should be text files and you should have no problem
PRinting them. Other files may be encrypted, or you mistook a file for a
program and all you get is garbage.
If you do not know what directory a file you are looking for is in use the
FIND <file-name> command. As shown below, PERMIT is what we are looking for:
WC% FIND PERMIT
/DEV/PERMIT
You can either connect to the /DEV directory then PRint the file or type:
WC% PR /DEV/PERMIT
The most looked up file would probably be the PASSWD file.
WC% CAT /ETC/PASSWD
ROOT:YXMDIMME:0::/:
SYS:YXORBMBX:1::/USR/SYS:
BIN:TMMZAKZF:3::/BIN:
PREOP::8::/USR/PREOP:
COSMOS:LEORVVB4:39::/USR/TMP:/BIN/PERMIT
PA02:ZSKD4ET:40::/USR/TMP:/BIN/PERMIT
99 times out of 100 the passwords will be encrypted. Notice that there are 2
colons after the PREOP account, that means that there is no password, so after
entering PREOP at the ;LOGIN: it will jump to WC? then if it is a valid WC, you
will get in. The way COSMOS checks to see if the pass is valid is: after you
enter your account, and password, the system encrypts the pw you just typed,and
compares it to the encrypted password in the PASSWD file. If it is correct, you
will be in, if not, INVALID LOGIN.
In Part 3 I will have the PREFIX, FORMATS AND CODE VALUES Chart which gives all
the needed definitions of the abbreviations that the system prints out when
performing most transactions.
Lex Luthor
Legion of Doom!
Legion of Hackers
ACKLOWLEDGEMENTS:
-----------------
SHARP RAZOR
THE WARLOCK
And last but not least, I would like to thank SOUTHERN BELL for letting me use
thier COSMOS facilities to obtain the information needed to write this phile
DOWNLOADED FROM P-80 SYSTEMS....