Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Phreaking Cellular - Misc. :: dna1.txt

The DNA Box - Hacking cellular phones #1




                                                            JAN-89
                     ͻ 
                    Ķ      THE DNA BOX        
                    Ķ Hacking Cellular Phones Ŀ
                     Ѽ 
                                   
                          P A R T   O N E                                

It turns out that there are several Japanese handheld transceivers (HT's) 
availible in the US for use by ham radio hobbyists that have hidden 
features allowing them to operate in the 800MHz band used by cellular
telephones. Using an FSK decoder chip and a personal computer running an
assembly language program to record and decypher the ID beeps at the beginning
of cellular calls, a "phone book" of cellular ID's can be compiled. A simple 
FSK oscillator controlled by the PC can then be used to dial out using the
Handheld Transceiver and the captured ID codes.

A low tech analysis could be done by taping the beeps and playing them back
at slow speed into an oscilloscope. An edited tape may even be adequate for
retransmission; no decyphering required.

Several radio stores in Los Angeles sell the HT's and have given advice in
the past about how to access the hidden out-of-band tuning features in the
ROMS of the Japanese HT's. It's possible now to listen in to cellular
phone conversations without building any special hardware. In fact if you
have a good antenna, or live near a cellular repeater tower, you can
pick up celluar calls using a UHF TV with a sliding tuner by tuning in
"channels" between 72 and 83 on the UHF dial.

Beside the obvious benefits of unlimited, untraceable, national mobile
voice communication, there are other uses for cellular hacking.
For instance: most people using cellular phones are pretty upscale.
It may be possible to scan for ID codes of the telephones of major
corporations and their executives and get insider stock trading information.
Simply by logging the called and calling parties you will be able to compile
a database mapping out the executive level command & communication structure.
If this is linked to a remote controlled tape deck you will know precisely
what is going on and be able to note any unusual activity, such as calls
between the executives of corporations that are in a takeover or leveraged
buy out relationship. It is even likely that you will occasionally intercept
calls between investors and their stock brokers, or calls discussing plans
for new contracts.

This data is most safely used for insider trading of your own; there will be
no way that the Securities and Exchange Commission can establish a link
between you and the insiders. A more risky proposition would be to offer any
intelligence gathered to competitors for a price as industrial espionage.

Then there are the anarchy & disruption angles for cybernetic guerrilla
action at the corporate economic & financial level. Leaking info to the
press can kill a deal or move stock prices prematurely. Intelligence
gathered via cellular hacking can also be used to plan operations against
corporate mainframes by providing names and keywords, or indicating vital
information to be searched for. Listening to the phone calls of candidates
and their campaign staff is also a field rich in possibilities.

A related technology waiting to be hacked is the nationwide net of pocket
pagers. The possibilities for executive harrassment using beeper technology
are relatively unexplored.

There are also several on-line instant stock & commodity quotation systems
that use SCA subcarriers to transmit investment data. By watching activity
on these networks you will be able to look over the shoulder of investors
as they plan their strategy - what kind of inquiries are they making and what
the results are.

Here are a few of the online investment services (business offices, ca.1987)

DATAQUICK             1-800-762-DATA (voice)    Southern CA Real Property Data
Lotus Signal/QuoTrek  1-800-272-2855 (voice)    Stock Market Data
                      1-800-433-6955 (voice)
FutureSource          1-800-621-2628 ext.34 (voice) Futures Trading Data
           (Or check recent ads in Wall Street Journal etc.)

At any rate, I propose that we start pooling info about cellular phones
toward the goal of building a 'rosetta stone' of cellular dialing protocols,
frequencies, technical info and hardware/software hacks.

High on the hit list is a service/repair manual for a cellular phone, and
journal or technical articles about the inner workings of the cellular
phone system.
Ŀ
 The DNA BOX - Striking at the Nucleus of Corporate Communications.      
 A current project of...                                                 
 
        Outlaw
     Telecommandos
   ݳ޺ݳ޳ݳ
   ݳ޺ݳ޳ݳ
   01-213-376-0111




TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH