phrack/phrack8/9.txt

569 lines
24 KiB
Plaintext

==Phrack Inc.==
Volume One, Issue Eight, Phile #9 of 9
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
PWN PWN
PWN Phrack World News PWN
PWN PWN
PWN Issue Seven/Part Two PWN
PWN PWN
PWN Compiled and Written by Knight Lightning PWN
PWN PWN
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
P-80: Sting Board? August 28, 1986
------------------
Below is a compilation of miscellaneous messages taken from the Communication/
Phreak section and the Elite user section of Pirate 80 Systems, a BBS run by
Scan Man, also known as Scott Higgonbotham. Everything in []s are notes from
Sally Ride and myself.
*******************
****** ******
****** *******
****** ********
****** ******
*****************
******
******
****** E I G H T Y
******
******
FOR THE SERIOUS COMMUNICATIONS HOBBYIST
WELCOME ABOARD
<><><><><><><><><><><><>
<> Knowledge is Power <>
<> Thomas Jefferson <>
<><><><><><><><><><><><>
[Enter: An up and coming young phreaker named Shawn.]
Msg#: 7284 *COMMUNICATIONS*
05/28/86 19:43:24 (Read 42 Times)
From: SHAWN
To: ALL
Subj: CODES
OK HERE WE GO 800 446 4462 SKYLINE (CODE: XXXXXXX)
800 626 9600 CODE (XXXXXXX)
800 222 4482 CODE (XXXXXX)
800 521 8400 CODE (XXXXXXXX)
800 227 0073 CODES (xxxxXxx X=0-9)
METRO CODES: XXXXXX, XXXXXX, XXXXXX, XXXXXX, XXXXXX
PBX: 312 455 7287 (CODE XXXX+Y)
503 652 6016: ID: XXX,XXX PASS ****
later,
Shawn
[In the above message, the numbers were followed by codes that I have since
censored out. This magazine will *NOT* publish codes.]
-------------------------------------------------------------------------------
[It's common knowledge that a BBS userlog must be blanked before a BBS can be
used as a sting board. I've also heard that law enforcement officials have
been trying to bust P-80 and Scan Man for a long time, but have not been able
to accomplish anything. Even the infamous Detective Dan Pasquale {See past
issues of Phrack World News, "Phoenix Phortress Stings 7" and "Oryan QUEST Vs.
Dan Pasquale"} and John Maxfield, head of BoardScan, are frustrated at being
unable to deal with Scan Man. On June 20, 1986, or thereabouts, the following
message appeared in the logon to P-80;
"BI-ANNUAL USERLOG CLEANUP IN
EFFECT. ALL MEMBERS PLEASE
RE-LOGIN AS A NEW USER..."]
-------------------------------------------------------------------------------
Msg#: 7870 *COMMUNICATIONS*
06/20/86 22:04:41 (Read 50 Times)
From: ICARUS 1
To: ALL
Subj: TMC BUST
TMC has just nailed a hacker associate of mine for $935. The destination
numbers were called and someone spilled their guts. The guy who got busted
is worried because the Alliance bills have not come in yet. TMC users beware.
Make sure your friends are amnesiacs as the phreaker's bible says.
Icarus
[Some friendly advice from Icarus 1, too bad not everyone heeded the message.]
-------------------------------------------------------------------------------
Msg#: 7894 *COMMUNICATIONS*
06/21/86 19:44:09 (Read 44 Times)
From: ICARUS 1
To: SCAN MAN (Rcvd)
Subj: REPLY TO MSG# 7870 (TMC BUST)
He was busted by TMC in the state of Nebraska.
Icarus
-------------------------------------------------------------------------------
Msg#: 7898 *COMMUNICATIONS*
06/21/86 20:43:10 (Read 43 Times)
From: MAX MADDNESS
To: ICARUS 1 (Rcvd)
Subj: REPLY TO MSG# 7870 (TMC BUST)
Hey check it out, I use TMC in Youngstown, Ohio (216-743-6533), but when TMC
calls my phreak friends, they think the calls originate from Akron, Ohio which
is 60 or so miles away. So when TMC calls and asks, "Do you know anyone in
Akron?" people usually are honest and just say no. So even if I call
+relatives, etc. usually I'm safe.
Max
-------------------------------------------------------------------------------
Msg#: 7880 *COMMUNICATIONS*
06/21/86 05:30:37 (Read 51 Times)
From: THE FALCON
To: ALL
Subj: TMC
What is the number to TMC? I just want to know so that I'm sure not to use it.
Oh well, thanx and later.
\_The Falcon_/
-------------------------------------------------------------------------------
Msg#: 7952 *COMMUNICATIONS*
06/23/86 13:06:23 (Read 44 Times)
From: SHAWN
To: ICARUS 1 (Rcvd)
Subj: REPLY TO MSG# 7870 (TMC BUST)
Well I told you guys a while ago that this would happen so stay away from them.
Icarus
-------------------------------------------------------------------------------
Msg#: 7961 *COMMUNICATIONS*
06/23/86 17:15:41 (Read 47 Times)
From: BLADE RUNNER
To: ALL
Subj: TMC
I was wandering around some guys hard drive this weekend and found some AT&T
mail regarding TMC. From what I understand TMC is involved in the AT&T
AGETRIAL project. Which indicates to me that TMC is also into computers and
consequently knows what a hacker is. Another thing that was found was some
information on the 1PSS switch that has been developed by AT&T and has already
been deployed in dome BOCS and other communications networks. This troubles me
in that this is the first that I have heard about it. I meant to say that it
has been deployed on some networks already. If you have any valid information
on the 1PSS SWITCH please post it and it will show up in the P.H.I.R.M. update
issue for July, giving you credit for the information of course.
BLADE RUNNER (PRESIDENT)
P.H.I.R.M.
-------------------------------------------------------------------------------
Msg#: 8456 *COMMUNICATIONS*
07/13/86 13:48:51 (Read 75 Times)
From: SCAN MAN
To: SHAWN (Rcvd)
Subj: REPLY TO MSG# 7691 (GENERAL)
GOT ANY CODES FOR 800-451-2300?
[***IMPORTANT*** This is TMC's Miami, Florida dial-up. An interesting request
from the sysop of one of the nation's top code boards. For those of you who
remember it was Scan Man who asked the infamous Whacko Cracko Brothers, Inc.
{See PWN Issue II, "The Life And Crimes of The Whacko Cracko Brothers, Inc."}
to scan some codes on a certain dial-up just before they were arrested. Now he
is asking Shawn for TMC codes, kinda interesting that Shawn got investigated
less than a week later by TMC Security Department isn't it?]
-------------------------------------------------------------------------------
Msg#: 8970 *COMMUNICATIONS*
08/10/86 06:41:48 (Read 34 Times)
From: SHAWN
To: SCAN MAN (Rcvd)
Subj: REPLY TO MSG# 8456 (GENERAL)
Well sorry it took me so long to find this message I kept forgetting to look at
this one. Anyway if you really need some [codes, referring to the last
message] I can dig some up easy enough well hack some I should say noting you
can get about 100 in a matter a 10 or 15 minutes so its no big deal to me
either way also watch 800 637 7377 I'm telling you now people that this company
has tracing stuff and I have talked with them they offer me a job and I'm goin
to take it but dont worry I'm not goin to be busting people I have to make it
so you guys cant get in notin it is very easy to make it at least very hard to
do ho well be careful.
[Be careful indeed! 800-637-7377 is TMC's Las Vegas dial-up. What would you do
if you were about to lose your computer and maybe your freedom? Work for the
other side? The kid really has a way with words, I haven't seen spelling and
grammer like that since first grade. As for his not busting people, isn't that
a laugh, he has already stated that he will bust anyone he can starting with
the lower level phreaks who are only into code abuse.]
-------------------------------------------------------------------------------
Msg#: 8974 *COMMUNICATIONS*
08/10/86 13:14:13 (Read 34 Times)
From: JOHNNY ROTTEN
To: ALL
Subj: PHREAKERS QUEST
To all users of Phreaker's Quest...
What happened to it? It just rings. If you have any info. Leave mail or
whatever.
<Johnny Rotten>
-------------------------------------------------------------------------------
Msg#: 9058 *COMMUNICATIONS*
08/13/86 06:58:12 (Read 30 Times)
From: SHAWN
To: JOHNNY ROTTEN
Subj: REPLY TO MSG# 8974 (PHREAKERS QUEST)
Well you see I came very close to getting busted they called my voice line that
is TMC of 800 637 7377 and I have never given it out to anyone at all [I bet!]
so I knew that i was in for it they told me they knew I ran a board and they
said they could not get in I kept deleted them haha anyways I had 2 choices 1
take it down 2 get busted.
[Wonder how they got your home number Shawn? Did you give it out for
validation on Pirate-80? Maybe around the time of the "Bi-annual userlog
cleanup"? Or, could it be the cops are smart enough to ask the phone company
for any other line running into a house where a suspect BBS is running?]
-------------------------------------------------------------------------------
Msg#: 9052 *COMMUNICATIONS*
08/12/86 19:10:47 (Read 29 Times)
From: JIM RATH
To: ALL
Subj: TMC
Listen people... it is time to stop screwing with TMC.. (7377 number). Our
good friend Shawn of Phreakers Quest just had his BBS put down from them.
Shawn met some guy from TMC, and they have had ANI on the number for months
now. If you value your own security, throw away any and all TMC information
NOW, or you might be suffering the consequences later.
For details on the "Bust" call Theives Underground II. It's SCARY!
-------------------------------------------------------------------------------
Msg#: 9054 *COMMUNICATIONS*
08/12/86 23:50:02 (Read 28 Times)
From: SCAN MAN
To: JIM RATH (Rcvd)
Subj: REPLY TO MSG# 9052 (TMC)
Where is Thieves Underground located?
[Why is Scan Man so interested in what Shawn is saying about his experience
with TMC? I mean plenty of people on Pirate-80 have run-ins with some form of
security everyday and he doesn't go researching them, why is this "TMC Run-IN"
so important to him? Maybe he has a personal reason to be interested, then
again maybe not.]
-------------------------------------------------------------------------------
Msg#: 9086 *COMMUNICATIONS*
08/14/86 13:36:37 (Read 25 Times)
From: JIM RATH
To: SCAN MAN (Rcvd)
Subj: REPLY TO MSG# 9054 (TMC)
I believe TU is in Texas somewhere.. dunno where exactly (never really bothered
remembering).. 214 AC though
-------------------------------------------------------------------------------
Msg#: 9110 *COMMUNICATIONS*
08/15/86 03:54:20 (Read 16 Times)
From: SHAWN
To: JIM RATH (Rcvd)
Subj: REPLY TO MSG# 9052 (TMC)
If you want some details why dont you just ask me seeing as though i would be
the one to ask the TU only knows what i tell him and scan man i need to talk
with you about this they did have an idea of some things going on here and so
one i would rather say it to yo then type it in
shawn
-------------------------------------------------------------------------------
Indeed, what is going on here Shawn? Just what did TMC mention about
Pirate-80? And why not post it in on the public boards? For the answer to
that maybe one could talk to Jeff Namey who works for TMC and is very proud to
acclaim the efforts of one Scott Higgonbotham and his sting BBS Pirate 80 which
has, in his own words, "Saved my company from near bankruptcy at the hands of
the hackers."
It is also interesting to note that Scan Man recently admitted to being a
computer security consultant in Phrack Pro-Phile IV. He said his boss didn't
know about his outside phreak/hack interests.
Scan Man also claims to have infiltrated various security organizations. I
wonder if he has infiltrated or simply joined as a regular member.
-------------------------------------------------------------------------------
The following are highlights of a conversation with Ben Graves of TMC, around
August 25th or 26th (SR=Sally Ride BG=Ben Graves):
SR: Mr. Graves I need to talk to you about one of your employee's a Scott
Higgonbotham (Scan Man).
BG: What about Scott?
SR: Well, my company is concerned with the impact of computer hackers on our
business. Scott attended a convention in Miami around January and gave
his business card to one of our security people. I'm following up on
their conversation with the idea that perhaps my company could be given
access to Scott's electronic bulletin board. In this way we could monitor
for hackers abusing our codes.
BG: That may be something we can arrange. I know that Scott has been a great
help to TMC since we were able to pick him up. We began to have a big
problem with hackers awhile back and Scott seems to have some of the
answers. He's not in right now, can I have your number and I'll have him
call you back?
SR: You sure can. So, Scott's bulletin board has helped you reduce your
losses to toll fraud?
BG: Well, that's just one of the ways Scott has used to work on the problem.
But, he has been very effective.
SR: Thanks, Ben, I'll be waiting for the call.
-------------------------------------------------------------------------------
The following are highlights of conversation with Pauline Frazier of TMC from
around September 5, 1986 (Sally Ride: SR Pauline Frazier: PF)
Operator: TMC, may I help you?
SR: Yes, Ben Graves, please.
Operator: I'm sorry, Mr. Graves is no longer employed here.
SR: Oh!? Well, is Scott Higgonbotham in?
Operator: One moment, please.
PF: Hello, this is Pauline Frazier, I'm the office manager, may I help you?
SR: Well, maybe, I was trying to reach Ben Graves, I just talked to him last
week about another one of your employees, Scott Higgonbotham, now the
receptionist says Ben no longer works here.
PF: Yes, that is true, and neither does Mr. Higgonbotham.
SR: May I ask why?
PF: I'm really not able to say much, I think you should talk to our
Regional Security Director, Kevin Griffo, he's on 804-625-1110. He could
tell you much more than I can.
SR: O.K., but maybe I should tell you why I'm interested. I was talking to
Ben about an electronic bulletin board Scott is running. My company has
someone on it and we're concerned that things might not be legal on there.
There are access codes being posted of my company's and yours'. Could
that be why they're no longer employed?
PF: Do you mean he is posting TMC codes on there?
SR: Well, I can't say he's the one posting the codes, but he is letting them
be posted, along with a lot of other information such as computer logins
and passwords.
PF: Well, you know I never did like it when they hired that fellow. And,
I told them so, too. When he started we had a problem with toll fraud,
but nothing like it is now. He was able to catch a few of those hackers
while he was here, and we pressed charges, but the problem just seemed to
get worse and worse.
SR: So, he actually had some hackers arrested?
PF: Yes, several. He started working here in Charleston and then they
sent him to New York when things got bad up there. But, things never
have gotten any better since he's started here or in New York either.
Sir, please, call Mr. Griffo about all this he can tell you more than I.
SR: I will. Do you think he'd be in now?
PF: Well, it's late here and he's probably gone home, try Monday.
SR: Thanks, I will.
(But you told me plenty, sweetheart!)
[For the record I had a VERY similar chat with Pauline Frazier, it turned up
the same results.]
-------------------------------------------------------------------------------
The following are highlights of a conversation with Kevin Griffo, TMC,
September 9th (Sally Ride: SR Kevin Griffo: KG).
Oper: TMC, may I help you?
SR: Yes, Kevin Griffo, please.
Oper: His line is busy now, can he call you back?
SR: Well, this is urgent, may I hold?
Oper: Certainly, I'll let him know you're holding.
KG: Hello, this is Kevin.
SR: Mr. Griffo I've been referred to you by one of your Charleston employees,
Pauline Frazier. She felt I should tell you what I told her yesterday
about one of your now former employees, I think, Scott Higgonbotham.
KG: Yeah, we let him go just last week. What about him?
SR: My company feels Scott is running an illegal BBS and has for sometime been
allowing access codes to be posted. Codes for your company's toll
switches as well as ours and other's are being entered on his system as
well as computer system logins and passwords.
KG: Well, I'm not surprised. I have been to Scott's home to see the bulletin
board. I knew codes were being posted, but I thought he was taking care
of reporting them.
SR: May I ask why you let him go?
KG: Certainly, Scott just wasn't solving our problems. In fact, some of our
people have thought he was somewhat to blame for many of them. Even
though, at first, he appeared to be the answer. He was able to identify
several computer hackers for us.
SR: So, he did bust some hackers? Has he done so recently? I think a young
man using the name Shawn on the bulletin boards was recently identified by
your company.
KG: No, he hasn't gotten anyone recently that I'm aware of, but he could have
turned them over to one of the local franchises. You see TMC is a
franchise operation. We try to help the franchises, but many do their
own thing. We wouldn't necessarily know about all that goes on.
SR: I'm sorry to hear you had this trouble. Perhaps, my company could
be of assistance. We do work of a similar nature.
KG: I'd certainly be interested in any help you could give. Can you put
together a written proposal?
-------------------------------------------------------------------------------
I also had an interesting conversation with Larry Algard of Pacific Northwest
Bell. He confirmed that he had met Scott Higgonbotham at the Miami CFCA
conference last January. He also mentioned that Scott had told him about his
"sting" bulletin board, Pirate-80 in West Virginia.
For those who are interested:
TMC (Charleston Office).......................304-345-7275
Pauline Frazier, Office Manager (TMC).........See above
Jeff Namey, Accounts Receivable (TMC).........304-744-6555
TMC (Miami Office)............................305-371-3544
TMC (Tidewater)...............................804-625-1110
Larry Algard (Pacific North West Bell)........503-242-8862
Pacific North West Bell (Employee Directory)..800-426-7039
Or write to; TMC
405 Capitol St.
Parlor Suite
Charleston, West Virginia 25301
All the thoughts in []'s and other information are the insane ramblings of
Sally Ride:::Space Cadet and Knight Lightning, you tell me, are we spaced out
or what?! The TMC employee interviews were by Sally Ride:::Space Cadet with
me doing the background information.
It was at this point in time that we decided to have a talk with Scan Man
directly and give him a chance to clear his name and reputation.
Unfortunately, Scan Man was very uncooperative and constantly avoided answering
the questions I asked him. He also added that everything said in the
interviews were lies. He claims that Kevin Griffo has never been to his house,
he doesn't know Ben Graves, and Pauline Frazier hated him because she knew he
was a hacker.
He then went on to imply that Sally Ride:::Space Cadet was actually an employee
of some communications carrier himself because of the terminology he used in
some of his posts on P-80.
Scan Man claimed that he has been telling people that he worked for TMC for
quite some time and he only needed the codes from Shawn because he was going to
be in Miami later that week. In other words, Shawn's near bust and his asking
for TMC codes may have been a simple coincidence.
He claims to have done system analysis for TMC, but also admitted to securing
some of their computer systems, which isn't a crime.
As for his being at the Miami CFCA conference, I will assume that he was
infiltrating the con and was spotted as being a hacker. In order to gain the
respect and confidence of the security officials, he told them that his
bulletin board was a sting. Now, that story completely is believable with the
exception of how he arrived, a plane trip paid for by TMC.
Scan Man's last words contained a threat that if this affected his home life,
he would personally track down the writers and contributors and shoot them with
his rifle.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Notes from KL:
One thing that I should mention is the fact that Pirate-80 has *NEVER* been
busted or investigated. I mean its not hard to get onto and there are codes
plastered everywhere you look. How many boards do you know of that have been
busted for having codes on them? One example of this is with the credit card
numbers owned by Richard Sandza, author of "The Night Of The Hackers" and "The
Revenge Of The Hackers," both printed in Newsweek Magazine.
"It wasn't long before I found out what was being done with my credit-card
numbers, thanks to another friendly hacker who tipped me to Pirate 80, a
bulletin board in Charleston, W. Va., where I found this: 'I'm sure you guys
have heard about Richard Standza [sic] or Montana Wildhack. He's the guy who
wrote the obscene story about phreaking in NewsWeek [sic]. Well, my friend
did a credit card check on TRW...try this number, it's a VISA...Please nail
this guy bad...Captain Quieg [sic].'"
See this? This was published in "The Revenge Of The Hackers" in Newsweek
Magazine! And what happened to P-80? Nothing! Here Richard Sandza has just
announced to thousands of people that P-80 has credit card numbers posted on it
and nothing happened. Why? The answer to that is left to the reader.
There are a few other things to mention about Scan Man/P-80/TMC. Supposedly
all of the computer equipment that P-80 runs on was donated by TMC themselves.
It is also believed that Scan Man's only duty to the company was to report TMC
codes so that they could be turned off. It would appear that this had changed
but, we at Phrack Inc. in no way take any opinion whatsoever about the
innocence or guilt of Scan Man. We leave it to the reader to decide for
him/herself.
I'm sure all parties concerned would appreciate you NOT calling the above
numbers if all you plan to do is harass people or anything else among those
same lines. After all a job is a job and harassing someone wouldn't do
anyone any good either, it would just make them mad. If you are going to call,
make sure it is for knowledge purposes only! Above all do NOT call Scan Man to
harass him or his innocent family. My suggestion is that if you feel that Scan
Man is an informant or whatever, then stop just calling his board.
One last thing, a *VERY* big thank you to Sally Ride:::Space Cadet for a job
well done and for all the time he spent working on the article.
Information Provided by
Knight Lightning & Sally Ride:::Space Cadet
and directly/indirectly by
Blade Runner/Evil Jay/Forest Ranger/Icarus 1/Jack The Ripper/Jim Rath
Johnny Rotten/Larry Algard/Max Madness/Oryan QUEST/P-80 Systems/Scan Man/Shawn
Suicidal Nightmare/Taran King/The Falcon/TMC Staff
and other Anonymous Sources
-------------------------------------------------------------------------------
PS: For those interested, this investigation was sparked by the interception of
a memo from Larry Algard (Pacific Northwest Bell) to his boss, George Reay.
What was in the memo? Several things, but mostly it spoke of the January
CFCA (Communications Fraud Control Association) conference in Miami,
Florida where Larry met one Scott Higgonbotham, Security Director for TMC
(Tele-Marketing Company) who told him that he operated a "sting" bulletin
board named Pirate 80 in West Virginia.
_______________________________________________________________________________