TUCoPS :: Phreaking General Information :: gtmcp3.txt

The Guide to Mostly Chirpy Phreaking 3/3

The Guide To Mostly Chirpy Phreaking - 
Part Three - Final  (The last Chapter of GTMCP)
Written By: Cuebiz (Black Sheep Crew)
Revision (not much corrections made) on Febuary 2nd 2001

Introduction to Chapter Three
Okay, Before I say anything else. I would like to let everyone know that Iam
really really fucken drunk while typing this shit out. Please dont mind the
shit-load of swearing and some of the more stupid shit that I will tend to
say through out this file. Thanks for your patience. ;)

Conferences and Voice BBS’s
This is the main social gathering for us nasty phone phreakers and you will
soon find out that there is ALOT of "phone-sex in trade for k0d3z" going on
and find the perverted side of the underground and well, Alot of the time
you’ll encounter a bunch of lamers who just want k0d3z so they can call their
friends in another state and shit, But, The only good thing about actually
staying connected is the opportunity to meet other phreaks that you’ve been
chatting with on IRC and to find out shit like, Who’s was lying on IRC about
their age and shit (Hehe, k0rn-Chic, Iam talking to YOU!), Well, If you’re
lucky you’ll meet some elite dudes in voice-bridges (Conferences, Bridges,
The same thing, Just different slangs). I used to jump on the DefCon Voice
BBS back in the day so, Here, I’ll explain to you what a  Voice BBS does and
how it works. A Voice-Bulletin Board System is all in all, A machine set up
somewhat of a one-connect system with not only one on one conference
capabilities but, Different conference "rooms" that you may enter to talk
with other phreakers and shit. Okay, When I was on the RailRoadz Conference
BBS (RailRoadz always had more interesting features to offer than Defcon),
It worked something like this, You call the number, If you have an account on
the system you enter your access code and passcode and then you’re greeted
with a sweet lady’s voice saying,"Welcome to RailRoadz Baby, Iam glad you
came, The place where all your dreams and fantasies come to a reality" (This
obviously was a front in case feds or someone tried to monitor it and shit,
DUH!), Then a generic computer voice jumps on stating your options. It would
of sounded something like this,"Press 1 for the administratve menu, 2 to turn
paging on, 3 for the Voice Chat menu, 4 to call another user, 5 to check
messages or 9 to exit the system". Okay, If you dont understand, This is the
411 on what these choices mean. Okay, If you press 1, You can change things
like your paging greeting (Like a VMS), And your passcode. Pressing number 2
to activate paging. Now, Paging is pretty much exactly how it sounds. If
someone uses the "4" option to call you, They’ll be transfered to your vmb,
But, If you have paging turned on and someone tries to call you, You’ll be
told that you have someone calling and you can press 1 to send them to your
vmb or press 5 if you want to talk to whoever it is (You two are connected to
a "private chat-room" to talk privatly). Lastly the number 3 choice is for the
voice chat menu, This is if you want to join a "public chat room" and talk to
everyone. There are mostly just six "rooms" that you can go in on RailRoadz
they are as follows,Naughty Wives, Dead Kids, Happy Hookers, Phreaky Talk,
Gay Men, And Fantasies, Okay, Back in the day when I was running it, We made
it look like this for a good reason, Feds. Now, Iam really not sure if
RailRoadz even exists anymore (I think so, But I could be wrong), But, We
made it so that the Gay Men room had two secret codes that you could enter
to hit the Advise Section, This is where alot of code trading was going on.
Hmm. Dead Kids was made for the feds, We had a recording playing 24/7 talking
about h/p shit that was like, Total bullshit (We made it to look like a bunch
of newbies that found a nice place to "hang" on the lines (hehe). So, If you
entered Dead Kids, You would hear something like this, "Yo man, Whats up with
all the hacking? I dont know, Iam trying to Then figuire out how to use
cracker jack. I think I know how to use cracker jack, But some elite dude
said that cracker jack is a virus.", This is just an example, But we had our
youngest members making these fresh recordings everyday, So, If the feds WERE
watching us, They’d probably record them and we could laugh at them. Okay,
Upon subscription to RailRoadz, You’ll be told that you must NOT say the
words Hacking, Hacker, Hack, Phreak, Phreaker, Phreaking, Codes, Passwords,
Passcodes, And Login’s. This was made a rule for a good and obvious reason.
Instead we state that you must make up alternatives to these words in place
of them. Most of our users would abide by these rules and we had alot of fun
for that one year that I helped run RailRoadz. Alas, memories....

kr4nk ph0ne-callz t0 pe0ple and sh1t
Prank calling, No matter what anyone says, IS part of phreaking. This is what
happens when you’re exposed to your phone for too long. You will tend to get
lazy and a little frustrated at things that you wouldn’t usually even notice.
You’ll tend to have people yell at you alot over the phone and become
somewhat immune to it. You’ll want revenge. You’ll want to unwind without
actually walking away from your phone, You’ll want to harrass people. You’ll
soon (Just like me) compile a list of WATS numbers that end up in people’s
houses and you’ll prank them over and over and over again until they wish
that they would just die or become def already. Here’s some tips that I found
to make up a good prank call. You may want to record them for future laughter.

1) Ask alot of questions. This really pisses people off when someone calls
   them and then asks them something. Most of the time, You’ll get a, "Well,
   Who is this?". Heh.
2) Answer their questions very precise (With a bunch of bullshit of course)
   and then ask them a question in return.
3) If they wont answer your questions say something like this, "Well, I
   answered YOUR questions, Why dont you answer mine?".
4) Ask them to do things for you, Like fart or sing an Elvis Presley song or
5) Make alot of wierd songs up and sing them out loudly. (Tom Green’s "Bum
   Bum Song" works).
6) Try making animal sounds and ask them if it sounds like a real animal. (I
   like this one!)

You know that I wouldn’t leave you empty handed. Here’s a couple of WATS
numbers that you all can call to harrass.
1) This is an old man who says he gives directions, But doesn’t  -
2) These people take scores for games, Tell ‘em you’re from the national
   flower picking game or something, Boys -vs- Girls, Heh. Anyways. heres the
   number - 1-800-323-3027
3) 1-800-hACKER1 is the Gables Inn, I always call them and say, "What?
   Gay-Balls Inn?".

A brief Understanding of Cellular Phones-
I get alot of emails from people asking me questions about cellular phones.
Though most of ‘em are newbies from alt.phreaking and alt.2600.phreakz, I’ve
decided that this part would be a must to help decrease my daily emails by
like, 98.9%. First and foremost. I will NOT tell you how to program every
single farking phone in the world (Obviously). I’ll leave that to you to find
on the net or some other schmuck that wouldn’t mind typing out a fucken
database describing every single make, And version, then fucken details on
programming every single one of ‘em (good luck!). So, If you’re looking for
that, I advise you to stop reading right now and go back to the top and read
the fucken introduction to this fucken file once more. Okay, Now that
everythings squared off. Here we go....

Analog and Digital phones
The difference between analog and digital cell phones is exactly the same as
the differenes between analog landline switching and digital switching.
Digital switching, You have a digital switch that is helping you with all your
calls, Which means that everything should go faster and easier viasatelite.
Analog works via radio waves, Which is exactly why at times your connection
is lost an  sometimes full of static. Analog has been used since the fricken’
50’s and is still being used in today’s market (Though analog technology has
changed alot since then, Its still using the same principles as its older
brothers of the 50’s). Well, Everything is somewhat the same other than
switching. Dont give in to any of that bullshit that those fucken store
clerks tell you. It all is exactly the same except for the fact that people
can never get that, "The person you’re calling is out of your call area",
Crap when attempting to call you. Thats it! You’re phone will still have a
bad connection if you’re in the fricken mountains and shit, You still have to
put the phone down when going under a bridge, And its still all about the
better phones. Digital phones are not better because of switching or
Satelites or any shit like that, Its because they just made better phones for
Digital switching to attract the millions of people who are amazed by WebTV
and America Online ;)

Okay, On with the cloning!
I know you’ve heard this before. Hmm. Lets take Enemy of The State for an
example. Remember when that one old dude was in that van or car or whatever
vehicle they were driving and he pulled out his analog phone and used it to
tap that one government dudes cellular phone? Well, If you know what Iam
talking about, Then you should recall him saying that he needed an ESN/MIN
pair  to tap that dudes cell. well, He cloned that government dudes phone if
you haven’t figured it out yet, and this is exactly what you can do too. Heh,
I mean, Don’t try to clone government official’s cellular phones, But I mean
you will be able to "tap" people’s phones through their analog cellular phones
(Cool, Huh?). Okay, Lets start with ESN’s. ESN stands for Electronic Serial
Number and  is a 11 digit Ocal number that is a small part of cellular
identification for billing purposes and many, Many other things that include
triangular satelite tracing (Yeah, Tracing people!). Okay, Your ESN is stored
in a ROM that is soldered onto the main phone-board. This is the hardest part
of actually cloning a phone because if you fuck up with this, You’ll have to
get another phone and shit, So, After you actually got it off, You’re NOT
home free yet, You still have to get a blank ROM in there and program it with
another ESN that will be sure to match your MIN (The phone number and area
code that corresponds with that ESN) which is stored in your NAM, If you get
the chance to work in a fucken cellular phone retail place and happen to see
a little thing that looks somewhat like a laptop, I advise you to take it,
(Well, This is how the one I got looks like) for this is what we call a NAM
programmer and this will allow you to read/write onto ROMs and NAMs (Very
useful for cloning, And I mean REALLY useful!). Some phones or I should say
most phones allow you to program your NAM but obviously you can’t change your
ESN through your phone itself. Okay, You will find NAM programming techniques
all around the net or you could just try out Dr.Who’s RadioPhone for all your
damn cell phone shit that you ever could want! Hmmm. What’s in a NAM that
could be changed? Umm. You could change your secuirity code through it (Duh!),
Your MIN, Your SID (System ID), And well, I guess thats about everything
general (Some phones have special features that allow certain things for you
to reprogram). You can get MIN/ESN pairs by using widely available software
out there on the net, I advise you to to to Http://Pots.Gr, PotGirl’s crew
has some 0day w4rez that could be useful to you. Well, I would type more but,
My mind is kind of failing me right now, Heh. Well, Later people.... Get
drunk, Fuck girls (Yes, Even you foxy phreaker chics), And Raise Hell with

 Binary Code
Okay, Most of the time. You’ll run into machine code that we call Binary.
Just so that you dont give up when you see this, Here’s the alphabet translated
into Binary. Note: Sometimes when working with OKI’s and Pagers, You’ll need
to know this shit.

A = 01000001              N = 01001110
B = 01000010              O = 01001111
C = 01000011              P = 01010000
D = 01000100              Q = 01010001
E = 01000101              R = 01010010
F = 01000110              S = 01010011
G = 01000111              T = 01010100
H = 01001000              U = 01010101
I = 01001001              V = 01010110
J = 01001010              W = 01010111
K = 01001011              X = 01011001
L = 01001100              Y = 01011001
M = 01001101              Z = 01011010

A Brief Understanding Of Pagers
Pagers, Hmm. to me, Pagers are somewhat better than phones. Here I will try
to explain to you why I think that. Lets start off with the basics, Pagers
are identified by capcodes. capcodes are, Just like ESN/MIN pairs,
Responsible for billing, Of course, Identifying your pager and your location
anywhere in the world for billing purposes (Well, Depending on your pager
service and what provider you have). What happens when two people have the
same capcodes? Well, This The means that both of you get a page at almost the
same time. Heh, This is what I meant by that Pagers can be better than cell-
phones crap. You can keep taps on someone without them knowing it (It doesn’t
take much to find out someones capcode and then program your PAL to that same
capcode) and find out actual phone numbers where these people are from and who
your "target" is talking to over the phone. I can say that I have had several
of these "cloned" pagers running for some time now, Keeping taps on some
people and well, noone has had any suspisions yet (they’ve been running for 2

Types of Pagers
Okay, There are basically just four types of pagers out on the market (There
are WAY more out there that, Just like cell-phones, I dont have the time to
explain). The types of pagers go as follows:

1) Numeric Display - This is the most common. You know, One of those pagers
  that you call and get that, "please enter your telephone number or numeric
  message after the tone!.... Beep!".

2) Tone-Only Pagers - This type is extremely common with people who know who
 they have to call and all this pager actually does is beeps the pager. The
 pager has no display or anything it’s somewhat of an alarm clock that anyone
 can ring and drive you outta your mind.

3) Alpha-Numeric - Alpha numeric is of course, letters and numbers that would
 beep an alpha-numeric pager that can display letters and numbers. This type
 of pager is being used more often by doctors and people involved in
 metropolitan areas. (More on this type of pager later)

4)Voice-Pagers - This type works somewhat like a voicemail. You call the
number leave a message and then the voice is played when someone checks their
pager for messages. The Key Pulse staff (Well, Not the whole staff, Okay,
Okay, It was me and a scene whore, big deal!) has given away three of these
("SkyTel" and they weren’t activated, Of course) for a prize at a recent CON
(Hi VenG!). I like cloning these and then listening to these wierdos talk.
It really amuses me.

Okay, Thats about it for the types of pagers.. Hmmm. What else should you
know? Umm.

Alpha-Numeric Pagers
Okay, Any alpha-numeric data that you send is in seven-bit format and is
sent at approximately 24.4kps. Post Office Standardization Advisory Group, Or
POCSAG is a type of transmition that is by far the most common all over the
world and is the only way that Alph-Numeric codes can be sent. This type of
transmitoin was originally made up by some post office in the UK or something
like that. Umm. Okay, This is a good one. Alpha-Numeric pagers are mostly
used by doctors and well, Business people, Okay, Well, I know SkyTel does it
(I don’t know for sure if RAM or Page-Net use this yet, But I’ve heard they
do), Iam talking about email-paging. This is when you get an email and then
its sent through to a paging terminal that strips the To: and From: parts and
just sends you the message. This can only be done through an alpha-numeric
pager and the right service and provider. Hmm. Umm. Oh, And I get the news
off some dudes pager, So, This a plus, Huh? How about that? Getting the news
every morning. Heh. Okay. Well, I shall pass out now for about an hour or so.
I’ll continue typing this out later on tonight.

Misc. Pager shit That you should know about.
POCSAG is the most popular type of transmition for pagers both numeric or
alpha-numeric.Getting capcodes, Like getting ESNs can be "snarfed" outta the
airwaves. Hmm. What else? Oh yeah, If you’re pretty lazy like me, Then you’ll
find that hooking up your scanner to your box equipted with some easily ]
downloaded software, You can capture and sucessfully decode POCSAG pages
(I haven’t found a good reason for doing this yet, But I tried it and well,
It works).

Closing of Pager Section (For now, I’ll be back. Fjear!)
Well, Iam fucken wasted off my ass right now and I managed to type some
pretty cool shit here. Well, If you hate this, Eat shit and die. If you like
it, I feel all that good karma just flying my way!

A Brief Understanding Of Everything Else.
This is where I try to explain everything before I get my ass down to the
farkin’ rave thats about to happen in about twenty minutes. Heh. Last night I
was so damn drunk and still managed to type out a decent file.

Okay, The long hated Caller-ID.  How does it work? Let me tell you......
Caller ID is a stream of data sent to anyone subscribed to to the service
(Caller-ID Service) from your local telco that reveals what phone number
you’re calling from. This is a prank callers worst
nightmare. This has been a pain in the ass for a long time because we all
know that when Caller ID came out, So did all those CLASS codes (*67, and *69
are some of them). This ment that someone could disable the ol’ *67
(Anonymous calling) and you would have NO choice other than go to a payphone
or call from your home/cell  phone. This really sucks since the people who I
love to give prank calls at all hours of the night, Have found out they could
block me from *67’ing all my calls to them and well, I now have to call them
from payphones (Its not as fun from a payphone). Of course they had caller-ID
and that really pissed me off. Hmm. Later in the file, I’ll describe to you
some ways to get around caller-ID but, For now, Lets just say that there’s no
way (Okay?). Umm. How does it work? Heres a good example. When you call
someone up, The telco sends your telephone number to your called party (If
they have caller ID enabled, Which means they are paying for it) and its
displayed on either their telephone that has a caller-id device on it or
their little box that is hooked up to their phone that will display your
first/last name and your telephone number (Some even show your address).
Okay, What happens when they DONT have anonymous calls disabled? Then,
"Blocked Call", "Unknown", Or "Anonymous" are displayed instead.  Its really
more complicated, But, Iam a little too tired to type out a file talking
about everything.

Getting past Caller-ID Tips
1) Use a calling card, When you call them this way, The calling card # will
   be displayed in place of yours. Cool, Huh?
2) Call from a Pay-Phone! This is one of the best ways.
3) Use diverters/PBX’s/ and Extenders. They will display the Diverters/PBX’s/
   or Extenders # in place of yours.

A little about System 75
System 75’s are systems that are owned by ATNT and shit and they are
"rented" out to comps. System 75’s can also be used for setting up
conferences, Voice Mail systems, Ect... (Everything any other telco system
can do). This means alot to the experienced phreaker since conferences are
the number one choice for association (That, IRC, and VMB’s). Okay, hmm. The
main use that I like to abuse with any System 75 is its PBX features. Some of
these are running off AUDIX and all you really have to do is call up their
AUDIX system and then find their PBX extension. If you’re lucky, You’ll find
it and then you’ll be able to just dial out like normal (press 9+1+[Area code
and phone number). Well, You can read more about System 75’s all over the net.

How Does it look like in a DMS?
Finally. Today. I got to see inside a DMS box. A friend of mine finally lost
his hacker-virginity to me while he voluntarily let me take a look around his
DMS-100 box remotely (heh, I now have a HUGE ass long distance bill). Okay, I
took alot of shit out of my screen-captures like the CO name and shit (I dont
want to get a friend in trouble now, Right?). Anyways, This is what I got.

enter  user name

enter password

And when you’re in you’ll get this:


This is pretty much all I got for that ONE time I actually log’d in. Well,
Off to the next section....

Cool Webpages  and recommended reading.
Apparently, Noone deserves to be in this section. Iam really sorry. I advise you to read phrack
and to ask around for people who’ve been to the Key Pulse FTP home (Over 2000+ phreaking

Since I was practically drunk for the entire time of this version, I feel somewhat proud of myself.
I would like to give a big "wazzUuP!" to the following people.

Kandy Acid - For being there for me whenever I needed you. Thanks alot...
	     You’re my best friend.

Subex - For your friendship. Thanks alot dude!

ApexSys - Well, I guess, I beat you to writting a beginners guide, hehe

Rane - Sup dude! Told you I would write a beginners file one of these days!

Claire - Thank you for being SO nice to me. I really appreciate everything 
         you’ve done.

Slut139 -  You’re such a good scene chic. gotta love yah! Even though you get
	   me on bad terms with Claire once in a while.

SlickRick - For being SO cool when I get kick/banned from W’s and X’s in all
	    those channels. And dont’ worry, Iam setting up a conference SOON!

[C]Speed - For writting that one time for the Pofd Journal. I really appreciated it.

Faceless - For giving me an auto-op in #bgh, and #tds. w3rd.

                               EOF dammit!

