M4phr1k's "Wall of Voodoo" This is the official home site of www.m4phr1k.com and acts as a companion site to the War Dialing, PBX, and Voicemail hacking sections in Hacking Exposed editions 2-6 My site is for and always has been dedicated to WHITE HAT War Dialers, PBX, and Voicemail Box testing specialists! The tools and techniques discussed here are to help you learn how to strengthen your security posture and is disclosure in full! Techniques shown here should be used at your own risk! (Moving my pages to Google Sites during June 09 so some info may be incomplete and links may be quirky should be done by July 2009) "M4phr1k" (aka Stephan Barnes) I am currently with Ciphent  I was the original VP of Sales of Foundstone and left about 2 years after the McAfee acquistion  Pictured here are some of the best minds I have had the pleasure to work with and you know who you are. The cumulative knowledge of this core group of people is what solidified Foundstone as a name that will forever be remembered. Many important people have come and gone after this initial group but it is very likely that without this catalyst of chemistry initially, things would be entirely different historically for Foundstone.  Pictured from Right to Left (all Foundstone employees of the time in July 2000 at Foundstone’s first Blackhat) George Clute – original angel investor and Chairman of the Board Stu McClure – CTO and President, currently doing good, now back at McAfee after a well deserved break Saumil Shah – Managing Principal Consultant - http://saumil.net/index.html Shreeraj Shah – Principal Consultant Kevin Mandia – Director of Forensics and IR, Currently CEO of Mandiant AD (Alan Deane) – VP of Business Development - so I had a few Chardonnay’s what of it?, McAfee Eric Budke – The very first Foundstone consultant JD Glaser –VP of Engineering Brian Lewis – Software Development Kurt Weiss – Education Logistics engine Gary Bahadur (back row high standing on fountain lip 1st left) – Chief Information Officer, KRAA Security George Kurtz – Chief Executive Officer, McAfee Matt Weiss – Corporate Office Manager Clinton Mugge – Managing Principal Consultant and CEO of Symosis Melanie Woodruff – Principal Consultant – hey Clazy, currently at Wachovia Financial Services/Wells Fargo Stephan Barnes – VP of Sales (kneeling with the company rhetorically on my shoulders) currently with IO Active Will Chan – VP of Knowledge Management and master of words, currently in Hong Kong back to work Dane Skagen – Director of Education –Currently doing something with Joel Scambray Jason Glassberg – Managing Principal Consultant (back row high standing on fountain lip 3rd from left) President of Kasaba Chris Prosise – VP of Professional Services and Education – hey buddy! Relaxing in Stocks! Joel Scambray – Managing Principal Consultant currently creating a consulting powerhouse Robin Keir – Senior Software Engineer and absolute wizard _ After McAfee bought Foundstone in Oct 2004 I stayed on for about a year and a half and then I took a break for a while Since Foundstone I have worked for Special Ops Security  Mandiant M Hacking Exposed now in its 6th Edition  War Dialing, PBX, Voicemail hacking is my section – always has been since the 2nd Edition Many thanks to Stu, George, and Joel for letting me tap the lines so to speak M4phr1k's Wall of Voodoo provides additional techniques and explanations in addition to those already explained Dial-Up, PBX, and Voicemail hacking sections in the Hacking Exposed series of books. __________________________________________________ Hack Notes – I contributed to the chapter on War Dialing/PBX/hacking thanks to my good friend Clinton Mugge of Symosis, formerly C-Level Security  ---------------------------------------------------------------------------------------------------- Are you LOW TECH? I am when I need to be! Remember Procomm Plus? Check out my HOW TO get ProComm Plus Test Drive ready for use and how to use a TYMNET 800 Connection as an example for learning how brute forcing DIAL-UP works. Remember, War Dialing, PBX and VMB hacking still work! Have you shut down all of those Old Backdoors that can be accessed (possibly) via SprintNet or Tymenet)? Here is a "How To" lesson for you on how to access an 800 tymenet number. MANUAL:
You connect by typing C and "some info" (say any three letters) and wait for a response Here is a Hint : Phrack 42, SprintNet sections Have Fun See how this is done! OR GO AUTOMATED!: If you really want to use my stuff you need to learn ProComm Plus Aspect Scripting anyway Here is TYM800.ASP a neat little ProComm Plus ASP (Aspect Programming Language script) that would do this for you.
works with PCPLUSTD as an ASPECT SCRIPT FILE go to my PCPLUSTD how to section and setup PCPLUSTD then come back HERE to see how to run the TYM800 program --------------------------------------------------------------------------------------- PLEASE NOTE. PCPLUSTD is OLD, but VERY EFFICIENT. NEWER PROCOMM PLUS has MORE ASPECT COMMANDS (hence you can do more), But after a while you'll believe you can get by with these early versions because NONE OF THIS is that COMPLICATED! This simple concept is the foundation on how we Brute Force Dial Up connections! Learn the basics and you're on your way! You don't need an air hammer to drive in a simple nail: When War Dialing match the technology to the technology When you are war dialing you might come up with a gambit of modem connections that are look odd and foreign - old school if you will. New school communications programs sometimes provide too much clutter and noise so going back to the old school is almost surefire and steady way to succeed. Case in point: I have seen a router that ToneLOC caught and dumped in the FOUND.log and when using the newer ProComm Plus 32 to go back and dial it up, it could not figure out the parity and chunked up the display. What to do? Go OLD SCHOOL: ProComm Plus Test Drive (the old demo version of ProComm Plus) Set it up and wa-la, you are generally ready to go (caveats apply) Here are the instructions on HOW to set up PCPLUSTD and here is the program along with one of my example scripts ------------------------------------------------------------------------------------------------------------------- Don't forget to test PBX and Voicemail systems like Seimens and Rolm LHF (Low Hanging Fruit) Banners section updated - send me your Banners ill post and give you credit! ------------------------------------------------------------------------------------------------------------------- LOW LEVEL TECHNIQUES will get you every time! Stuff like KeyStroke Loggers from Keyghost.com ------------------------------------------------------------------------------------------------------------------- DISCLAIMER: The contents of these pages (in one form or another from multiple BBS's to multiple ISP's to where we are today have been maintained by myself, Stephan Barnes, aka M4phr1k from 1985 to 2009 (present) Has it been that long? Old Phreakers never die, the just lose a little tone ;> Stephan Barnes (M4phr1k) can be reached at StephanDBarnes@gmail.com |
