Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Phreaking General Information :: omnac.txt

Optus Mobile National Activation Center




 Optus Mobile National Activation Center - NightScout

 - An Introduction to Mobiles in Australia -

 Telstra and Optus, unlike Vodafone, usually sell mobile fones through
 dealers. This means that the company you buy from is merely acting as an
 agent, and once you are connected they have nothing more to do with you
 (except possibly for the fone's warranty). All Vodafone sales, plus some
 Telstra and Optus sales, are made by individual companies (sometimes called
 resellers) that purchase air-time from the network carrier. You can basically
 tell which you are with by who sends you a bill. If the networks send you a
 bill, you bought through a dealer - the safe (but usually more expensive)
 option. If a different company sends you the bill (eg Mobile Innovations, B,
 Oxygen, etc) then you bought from a reseller. This is usually cheaper, but
 riskier - if your reseller goes bust, anything could happen. Chances are the
 network would step in and continue your contract (you're paying them money,
 so why not?) but one never knows when it comes to Australia's telcos.

 If you buy from a dealer, the store earns a rebate to cover the cost of the
 phone (say $300) and of course a profit for connecting you to their network.
 A good store will connect you on the most appropriate plan for you, and sell
 you only those extra services that you require. A bad store will try to push
 you into going on a higher plan (they get more profit for connecting you on a
 $100 plan than a $10 plan) and sell you extra services like insurance which
 they earn commission on.


 - The Connection on Paper -

 While a reseller generally connects you themselves because they are
 effectively your network provider (although your fone still says 'Yes
 Optus'), a dealer is merely the connection agent. Once the sale is made, the
 sales assistant will fill out an A4-sized form titled "Application for Mobile
 Digital Service" (a CDMA or MobileSat connection is similar, but not covered
 here). A scan of the form is attached. In the left column, they fill out an
 Outlet Code. Each dealer has their own code, which is two letters followed by
 three numbers. I am still trying to find more outlet codes, but at the moment
 I know that Tandy is TAxxx, so I'm guessing most other stores work on a
 similar format (eg Optus Direct is probably OPxxx or ODxxx). Choose a low
 number for the xxx - say 034 for example. Then the salesperson fills in their
 name (first name only usually). Outlet name/number is just a general term -
 Optus Direct Sydney would be specific enough. This is not asked on the fone,
 so for our purposes is not necessary. ID should be collated below this area.
 The standard combination is Drivers Licence (40 points), Credit Card
 (40 points), and rates notice/bank statement (30 points). If in doubt make
 stuff up, but there must be at least one photo id (licence, passport) and
 note that birth certificates are NOT valid ID, and you cannot have two of one
 thing (two bank statements are NOT okay, but one rates notice and one bank
 statement is okay). The sales assistant signs the area below this.


 - Part A -

 Tick Personal account, and fill in the details of the person signing the
 contract. Account name is the person's full name (middle initial/name
 included). Existing mobile number is only valid if the person already has an
 Optus digital mobile and wants to keep that account for their new phone. User
 name is if the person using the phone is a different person (eg dad buying
 phone for kid). The person who signs the account still gets the bill. Date of
 birth and drivers licence should be filled out (if u can't get a licence
 number the whole process will take much longer). Fill in time at home address
 (generally be fairly honest here even if you illegally signing someone else
 up, sometimes they can get access to these figures). Previous address applies
 if time at current is less than 2 years (so ppl who have just moved aren't
 disadvantaged by these stats). Residential status is best if it is
 owner/buyer (at this point I'll mention that a computer decides if the
 account is approved, not a human, so some answers are 'better' than others,
 but don't lie too much. A person being connected with ideal information is
 likely to arouse the suspicion of the data entry person from Optus. Tick
 whatever credit card is applicable - it is used to get a credit rating. You
 do not need to provide the card number, but if you say the person has a
 Mastercard and they don't, the data entry clerk will be suspicious. The next
 part is employment status, employer, position, and length. Ignore the
 business applicant and customer upgrade from analogue sections.


 - Part B  -

 The non-fixed term plan section is only for people with an existing phone,
 there is no difference (they still run a credit check) so for now just sign
 up to a fixed-term contract. Optus offers 'yes' Value 10 and 15, and 'yes'
 Plus 25, 35, 55, 75, 100, and 155. Make sure you refer to the plan by its
 full name (not 'yes 15' or 'the 15 dollar one', but 'yes value 15').


 - Part C -

 The access card no is the little number printed on the back of a SIM card.
 Obtaining these could be a problem, since you need a card number that is not
 already taken. I cannot provide those from my place of employment as Optus
 registers each card number and knows where they go to. I am researching if
 there is some way of generating these numbers. Please contact me if you can
 help. The Optus clerk will ask for the code, but generally don't require
 those digits preprinted on the form. The mobile number is provided by the
 clerk later. Write down the handset model (eg Nokia 5110, Ericsson T10s) and
 the IMEI number (the number written on the box of the fone, on the back of
 the fone, and stored inside the fone, which you can retrieve by pressing
 *#06#). These cannot be traced by law (even the Federal Police can't trace
 these) so you can use your own fone's, or if you want to be extra-safe,
 anyone else's (borrow their fone for a minute and copy the IMEI code). Leave
 call access and diversion open (don't tick any boxes).


  - Part D -

 This is the part where you can sign up to charged services. Firstly CallerID,
 which is still a free service. In order to get it, don't tick a box, just
 tell the clerk you want it when they ask. This way if Optus decides to charge
 for it in the future they will have to ask you if you want it continued,
 since you never signed for it (theoretically at least). VoiceMail is another
 one they ask you about. You only have to tick boxes here if you want special
 VoiceMail, like the group services feature. For simplicity's sake, I would
 not suggest getting these. Optus UpDate is one of those features the telcos
 charge ridiculous rates for, in return for simply sending an SMS message to
 your phone every now and then with some information. Until this gets cheaper
 no-one but top business executives are going to see how useful mobiles can
 be as a news receiving device. Don't subscribe to this unless you want an
 extended setup time. SurePage is a feature than makes your fone act like a
 pager (you get a special number and when ppl call it a text message is sent
 to your fone). SafeGuard Insurance is offered, which insures your fone
 against things like theft or accidental damage. The service is also
 ridiculously expensive for what it offers. The higher the service (Business
 is the highest, Basic the lowest, with Essential a medium one) the more
 things are covered, but the higher your premiums are. Finally we have free
 services - Call Hold/Wait - tick it if u want it, and Directory Assistance.
 Tick this one if you want the number listed in the white pages (the clerk
 sometimes asks "Do you want it in the white pages?" instead of "do you want
 directory assistance?" for this section, since the term listed is confusing).
 Finally how do you want your account sorted - date or number called. The last
 section must be signed and dated before the Activation Call is made.


  - The Connection - Optus National Activation Center -

 After this is all completed, you must call the Activation Center. The number
 is 1800 551 300, but I would advise blocking your number with the prefix 1831
 just in case. A computer answers, press 1 for the Digital Activation Center.
 Note that since someone is about to give Optus money, they give this section
 ultra-high priority, so you will rarely be put on hold. Get ready to be put
 onto a real person immediately. These people get in trouble if they don't
 reach certain call quotas, so be prepared for a fast-talking clerk. They will
 answer, usually with their name, and ask how they can help. Be friendly at
 this point, but don't beat around the bush. Some clerks become pricks if you
 are not friendly, but if you waste their time others will also get angry.
 Speak pleasantly and at a reasonable pace, without sounding rushed. A little
 background noise typical of a store could help, but don't make it obvious you
 are putting it on. Say "Hi, how are you going, my name's NightScout (replace
 with name of choice) and I've got a digital activation for you". They will
 ask where you are calling from. Give them your Outlet Code in the phonetic
 alphabet (eg T=Tango, A=Alpha, O=Omega, etc - this alphabet should be on the
 net somewhere). So OA034 would be Omega-Alpha-Zero-Three-Four (I am not
 saying this store exists, it's just a random code). The next question (unless
 they ask for your name again) will be "what ID have you sighted?". You do not
 have to give the point value, just the name (eg "licence, visa card, rates
 notice"). There is only space for 3 forms of ID, but up to about 4 or 5 is
 okay if necessary. Optus takes your word for it that you have used your
 judgement that all ID is valid and okay. Next they ask "Is the customer new
 to Optus?". In most cases the answer is yes, if not they assume they are
 upgrading their current analogue or digital phone and ask for their current
 number. Next comes the personal details in Part A. Sometimes the order will
 swap around a bit (eg they might ask for a drivers licence number before
 their address, or whatever). 

 I advise you to fill out the form even if you are just calling for
 experimentation's sake. This way you will have details ready even if they
 swap around with their questions. It also makes you sound a little more
 realistic if you sound like you are looking at the contract in front of you.
 Eventually they will ask for the plan - remember to refer to it by it's full
 name, and if they ask, you want a fixed term plan (they will usually assume
 this unless you specifically ask for a 'SIM-only Connect'). The contract
 length is 24 months - they sometimes ask this to catch out ppl that aren't
 genuine, but not often. Give them the Access (SIM) card number, IMEI number
 and Handset model (they will repeat it back to you for confirmation). At this
 point they generally ask you to hold for the credit check, or they may ask
 for the Part E section details first. I am guessing that during this time
 they verify the Access card number as well, but am not positive. When they
 come back, they will tell you if the application has been successful or not.
 You should be fairly wary at this point. I am not sure what Optus will do if
 their verifications show them you are not genuine, they might just tell you
 to phuk off and hang up or they might stall you and trace the call. Generally
 they will just say the application has been successful or denied. If it was
 denied they offer to speak to the customer at which time they talk about why
 they were declined and mention offers like Optus Express (prepaid). If it was
 successful they will usually ask you for all the optional service options
 like Caller ID, VoiceMail, UpDate, SurePage, SafeGuard and the Optional
 Services section. Then they will talk to the customer and "congratulate them
 on choosing Optus", and confirm the details. This includes their name and
 address, and also which optional services they want (so that commission-paid
 salespersons don't 'accidentally' tick SafeGuard), and if they have any
 questions - necessary by law so ppl aren't forced into signing without
 understanding something first. Finally they will ask for the salesperson and
 give them the mobile fone number, to be filled out on the form. They then ask
 if there is anything else - tell them "no and thanks very much" and hangup.
 Within minutes the SIM card will be given authority to access the network.


 - Uses of this Information -

 Well if you're reading this you probably consider yourself a hacker or a
 phreak, so you should already have some idea of the possible uses of this
 information. As I said in the disclaimer I do not condone the misuse of this
 text, but a number of possibilities exist for its use. You may just want to
 test this out for fun or to learn. You may have somehow obtained a blank SIM
 and want to connect your fone using phony details so u can get some free
 calls. Or lastly you could probably do this all in your enemy's details so
 that they receive a bill for a service they never applied for. I should
 mention a few things first though.

 Firstly, remember that excessive misuse of this information will result in
 the whole thing being spoiled for everyone. Optus may end up requiring
 passcodes for individual activators like what happens in some places
 overseas. My advice is that if you get worried that the clerk suspects you,
 or even if they come back and say that your Access (SIM) card number is
 invalid, you could probably get out of this without making it sound like you
 are phony by saying something like "I'm sorry, the customer (maybe refer to
 them by name to sound more convincing) has a few concerns and questions. I
 won't keep you waiting, how about I call back in 5 minutes?" This kind of
 thing will get you off the hook (no pun intended) without arousing further
 suspicion. If you really want to get off the fone immediately (you strongly
 suspect they are tracing you) you could say something like "I've gotta deal
 with a shoplifter, I'll call back". Whatever you do, don't just hang up
 without saying anything. Doing so will probably result in them investigating
 the call, and maybe phoning the store who's outlet code you gave and asking
 if "NightScout" works there. This is the kind of thing that makes the
 security of the system get harder to beat. Use your social engineering skills
 as a hacker/phreaker to sound convincing. Put yourself in the shoes of a
 salesperson and sound like them. It might be wise to say something at the
 start of the call like "This is the first connection I've done, so I might
 have a few questions". This is more likely to get the clerk to slow down and
 take it easy on you when you make mistakes as well.

 So how can you get Outlet Codes? Well if you've got any social engineering
 skills you should know this should be fairly easy. Phone a place that you
 know is an Optus Dealer (remember, DEALERS only - they will probably have a
 sign in their store like "Optus Exclusive Dealer", or go in and ask them) and
 say you are from the Optus National Mobile Activation Center and need to know
 their Outlet code for some reason or another. This may be more likely to work
 if the 15-year-old sales assistant answers, since even they are fairly likely
 to know the code. If not tell them it might be written with their Optus
 connection sheets. On the other hand, you might be more likely to convince
 the store to give you their code if you ask for the manager right away. It's
 up to you, but have a good reason for asking for the code before you call. My
 suggestion is as follows:
 
   My name is NightScout and I'm calling from the Optus National Activation
   Center. We're having some database problems and need to verify some store
   details with you. Now this is Optus Direct, Shop 1234, Westfield Parramatta
   Shoppingtown, Parramatta, right? Okay, that's great, now just to confirm
   this for us could you please give us your Activation Center Outlet Code?
   Terrific, your details are all fine, thanks for your time." 

 Don't repeat this exactly, as it's my script, but you get the idea. If you
 don't have their shop number (it's usually on a little sticker next to the
 sign at the front of the store if they are in a shopping center) make one up
 and pretend to note the new number when they correct you.

 So what is the point of the form if the connection is done over the phone?
 Well the form is necessary to make the contract legal, which is why it must
 be signed. It is done in triplicate, with the top (white) copy to be sent to
 Optus within a week or so in a special Optus-security envelope. The customer
 keeps the middle (blue) copy, and the store keeps the bottom (pink) copy. I
 am not sure what happens if Optus does a connection without receiving the
 letter. Presumably they would call the store after a week or so, who would of
 course tell them they don't have any record of the contract. As for the
 person getting a bill for service fees (even if no calls are made) I don't
 know if they would get it before Optus 'clicked' and realised what has
 happened or not.

 So now, the only problem is getting SIM card numbers (if you don't know what
 a SIM card is, you shouldn't try this out). Generally the card number is
 05 xxxxx xxxxx x, but I am not sure as to whether this number is generated
 credit-card style or not. One thing I do know is that each card is issued
 to a store, and they have a database of where each card has gone. Even if
 you get a correct card number, they may question the fact that you are
 claiming to call from Optus Direct Parramatta when their database shows the
 card was issued to a suburban Tandy store near Perth. At this point, you
 could have a problem. If the card was issued to the same chain of stores they
 might not question it (they often send blank SIMs to each other if a store
 runs out) but otherwise they may. The only possible solution is to, before
 giving them the SIM card number, tell them to ensure the registration goes to
 your store because you ran out of SIM cards and your Optus rep (shop-talk for
 a sales representative) obtained some from somewhere else for you. Then give
 the code. As for the problem of actually getting valid unused SIM card
 numbers, I am currently researching this topic, but if you know a) how they
 are generated or b) how to get a list, please email me using the address
 below.

 If you test this information out, you do so at your own risk, but I would
 still like to hear from you to see how you went, and if you've learned
 anything about Optus and the mobile network.


 NightScout - nightscout@mail.com



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH