United Phone Losers
issue no. 20 - June 30, 2000
this issue edited by linear

in this issue

Written by linear

Holy shit! Twenty issues of UPL. We've come a long way, haven't we, children? And they say most 'zines will never make it past their third issue. Anyway, this issue is a pretty good sized one. That's UPL - what we lack in quality, we make up for in quantity! We have a cool new section that will hopefully become a regular part of UPL called "Phreakly World News" which is a bunch of phreak-related news stuff. Also an article by newest UPL staffer, Harry Tuttle. I didn't write any neato - burrito articles this issue because I've been busy working on other stuff. Like the UPL/PLA Telephone Director0y 2000. Yes, I've actually been working on it, and you can all expect a release sometime (hopefully early) July. Also, I had to prepare for our domain's new host. We're no longer with kracked.com. I'm really impressed with the server we're on now (netherweb.com). Okay, enough of my rambling, now - on with Ewe Pea El Twin Tea.

--- linear

Automated Harassment Update
Written by RedBoxChiliPepper

Imagine this - I get an email. Then another and another. Oh, and then another! And then several minutes later I get another. And every single one of them contain questions about my automated harassment article in UPL #019 and there's nothing I can do about it!

Okay, so I got a lot of mail about the harassment article and most of them asked the same questions and offered to solve the same problems for me. They were all more or less about messageblaster.com not working according to my instructions. This was my fault because I left out a small part of the script. Below I'll print a few of the different emails I've received with some solutions and insight into your questions.

From: "bolokk" 
Subject: your article in UPL 19
Date: Wed, 31 May 2000 14:40:28

I read your article, and I must say that it was an interesting idea. Do you know any java script? I was wondering if it would be possible to add some javascript so that the form data was automatically sent as soon as the page loaded.

That way, you could make the page reload after minute or so, and every time it did load, it would call what ever number was specified in the HTML code.

[Wow, now THAT'S a good idea! Unfortunately I've never experimented with javascript so I'm completely clueless when it comes to writing or modifying it's code. Maybe another reader will see this and send in a solution... ]

From: "oph"
Date: Mon, 5 Jun 2000 23:18:36 EDT
Subject: In regards to your article in UPL 19.

"Finally!", I thought, reading over the article for a third time, "There really is a way to use Mr. Wakeup to call someone repeatedly!" (When I had first seen www.mrwakeup.com in your links section sometime last year, I'd tried mutliple ways of using it to force someone else to basically dial and dial and dial a desired number, but I couldn't succeed.)

Ha. Little did I know how complicated it would all end up being. Long story short, I tried and managed to reach some mild success by following your instructions (which, at the time they were written, I don't believe they were at fault.). For the sake of being linear I'm going to write down what I've attempted, succeeded at, and ultimately gained in the last 24 hours:

1. www.mrwakeup.com and www.iping.com are both self defeating, in as much the same way as they were when I first tried exploiting the service. I.E., that while setting up the html up was easy (I ran into no errors while doing it, meaning it worked fine), the victim, once dialed, is subjected to a message and then a choice -- they can either press 1, and be hit with a advertisement, or press 9, and cancel. If they hit 9 www.mrwakeup.com and www.iping.com both will refuse to ever dial that number again. At least, near as I can tell.

[Doh! I never counted on that happening and if they had some kind of a blocking feature like that when I was playing around with it, I sure didn't notice it. My "test subject" didn't either because he endured months upon months of 24 hour mrwakeup.com calls. ]

2. The faxback was horribly interesting, but complicated. I can't quite understand the html for it. While I was able to get as far as bringing up the request page with all the value's and whatnot filled out as I wished, it wouldn't actually submit the request. Also, when I asked a friend to look at it, I recieved the shocking news that they didn't even recieve the submit form: they received an error. I looked at it later and received the same error, too. I've lost the copy of the error (damn windows pos computer from circuit city mother fucking sucks bitch moan ect), but I'm not surprised at all that I couldn't get it to work.

[The Apple Faxback service was my main source of torture for the test subject and was the one service that just never would quit calling him. Mrwakeup.com was actually having a hard time getting through because of all the constant fax calls.

But I can understand how figuring out how to make the fax back service work correctly could be hard since it makes you go through 2 steps to submit your faxback request. All you have to do is copy the html right before you hit the "submit" button on the 2nd page. You have to turn your document code into a hidden tag and if memory serves me correctly, the other tags from the previous page are already hidden for you.]

3. While www.messageblaster.com looked the most promising, I fully expected it not to work. After roughly 15 days of the exploit being shown in the UPL ezine in a format that was easy to copy and paste I expected to have it patched or fixed or basically unusable It was. When using www.messageblaster.com to call a target the following notice comes up:

HTTP Error 405 405 Method Not Allowed

[This was actually my fault because I left a small part out of the script I went over in my previous article. Where it says "form method=POST" there should be a /MB right after messageblaster.com so that it looks like this:

form method="POST" action="http://www.messageblaster.com/MB/ bin/PwIsapi.dll" name="PForm2"

Since I left out that /MB part, anybody who followed my instructions were doomed to failure although many people wrote me to tell me they figured out the problem. There is also something else that messageblaster.com recently changed in their script that will keep it from working - it's no longer possible to insert your own custom message when you have their system call you. I discovered this only a few days ago so I think it's something they changed due to abuse, possibly from my article.

If you try to insert your custom message for the PWF_BODY value, you'll get an error when you try to submit it. Instead, they go by numbers now, 1 through 4. And each number determines which sample message your victim will hear. So replace your custom messages with a number like this:

input type="hidden" name="PWF_BODY" value="1" ]

4. Finally -- I merely can't find any other companies, groups, or webpages that would let me abuse/misuse/explore their service. I've looked through every search engine I can think of (I admit, not many) and I can come up with barely, barely a few pages about www.messageblaster.com or www.mrwakeup.com.

[I know that more must exist! We'll work on that and if I find enough of them I'll release a part 3 to this article. Your "porn page" looks good and other readers should check it out at http://aoph.tripod.com/index.html for a good example on how to implement these scripts. ]

From: "xavier"
Date: Mon, 19 Jun 2000 19:42:57 EDT
Subject: Harrasment!!!

Recently I read UPL019 and I was plesantly suprised that you wrote an article. After reading this I tried it out and I am a experiance html writer so I had no problem. But!!! Scince I was new at this I have some questions. First off I decided to use this not to call people, but to enter me in a contest about 1000 times. The script was much like the phone thing you talked about. Here is my finished script.

[That's an excellent idea for an alternative use to this - winning contests! I edited the script out of this article so you won't get any competition from other readers. Thanks for the new idea! ]

Okay, that's about it for the email. I got a lot more of it but decided not to print it all since the rest of it was more or less the same. I hope this followup article has helped anyone that had problems getting messageblaster.com to work.

If anyone finds new web-based call back services, please email me at rbcp //at// phonelosers // . // org and if I get enough of them I'll make them available for everybody. I'm positive there are more out there - I found a few small companies using them last year but after just a little abuse they closed them down. One of them was for some insurance company - you put just your phone number into a form and you phone rang immediately with hold music until a live person answered the phone.

Another place to look might be on porn pages. I recall being sent a URL awhile back which had a form on it so that their phone sex operators could call you and try to get your credit card number. I tried it on myself and it rang my phone immediately but several weeks later I tried it and it was dead. More of those have to exist!

--- RedBoxChiliPepper

State of the Union
Written by linear

There's been a few changes in the UPL, so I thought I should comment on them. I'll start up with our staff list....

Let's jump back a few weeks - The UPL staff was as follows: linear, Jaded, RTF, Jc, el caco, and nawleed. Now, we'll jump forward a bit, to UPL018. Now, the staff has been trimmed to linear, Jaded, RTF, Jc, and el caco. Apparently I had kicked nawleed out. But by the time UPL019 comes around, the staff is back to linear, Jaded, RTF, Jc, el caco, and, once more, nawleed. No one questions his return, and it's as if he was never gone. We're one big happy family. But now, as I peice together UPL020, the staff has undergone another change: linear, Jaded, RTF, Jc, nawleed, and Harry Tuttle.

So, what the hell happened to el caco, and who the hell is this Tuttle fellow? I'll explain. el caco did something that, well, disgusts me - He joined the military. And though he is welcome to return once his stay in the military is over, I will not forgive him for it, nor will he be a part of the staff until he is no longer a part of the military.

I don't want to think of Harry Tuttle as a replacement, but I guess he is in a way. However, if and when el caco returns to us here in the UPL, Tuttle will remain a staff member. He is not temporary.

I've wanted to bring in Tuttle for a while now, and almost did so when nawleed fell off the staff list. But I felt it would be better to wait a while. Harry Tuttle is a good friend of mine, living here in the 909 (four out of six UPLers in the 909.... hrm). Although not well known in our phone loser scene, Tuttle is an active phone abuser, and very knowledgable in our subject matter. And at least he won't join the military.

Oh, and yes, he did get his handle from the movie "Brazil".

Okay, so we that taken care of, now I'll explain why we left Kracked.com's servers, and went to netherweb.com

Basically, I was unhappy that, in order to get anything done while we were with kracked, I had to go trhough Micah (owner of kracked). With netherweb, anything I want done, I can do it that second by myself. If I want a new POP3 account created, I do it. I don't have to email Kracked.com and hope that it will be done sometime three months from now. That was the main reason for me leaving. Plus I feel netherweb offers a much better service, at not too much more than what I was paying at Kracked.

I do feel kind of bad about leaving Kracked, because Micah was, overall, really good to us, and I don't want him to take anything personally, but I had to make the move anyway.

I encourage anyone with their own website in need of a very good host at affordable prices to check out netherweb. And in order to help out UPL with their hosting fees, please use our referral ID if you decide to use them. To do this, sign up through the following URL:


Well, now for one of the most important things, the UPL/PLA irc server! We got it back up, so everyone set their clients to irc.phonelosers.net port 6667 and come hang out with all the UPL Generation-X Superstars! #phonelosers

Guess that's it, oh, look out for the PLA/UPL Telephone Director0y 2k coming out sometime in July. If you want to submit any phone numbers, I suggest you do it soon.

--- linear

Phreakly World News
Written by RedBoxChiliPepper & The UPL News Team

Phreakly World News will hopefully become a regular section in UPL issues. If you have anything that you think is newsworthy, send it to UPL and we might include it here.

More false phone bills claimed - International calls being investigated
Taken from the PioneerPlanet newspaper in St. Paul, MN on May 12, 2000
by AMY SHERMAN STAFF WRITER - http://www.pioneerpress.com

The case of the mysterious phone calls to South Pacific islands has spread from a tiny street in Eagan to the east metro area and has gotten the attention of state and telephone company officials. About 30 residents from Inver Grove Heights, Woodbury, St. Paul and other cities say that they too have been falsely billed for calls to Vanuatu. Most calls were to the same psychic service. The residents came forward after reading about four Eagan residents profiled in a Pioneer Press story Monday who say they were wrongly billed for calls to the same service. The bills range from about $25 to $700.

Spurred by the Pioneer Press' inquiries on behalf of the growing number of customers, a US West official said Thursday that the company is investigating. The state Attorney General's office also is looking into the matter.

"US West is as perplexed as anyone else is at the volume of calls being billed and placed," spokesman Bryce Hallowell said. "We're looking into the matter extensively right now." Telecommunications experts say it's easy to steal telephone service. That's plausible, Hallowell said. And if that's the case here, US West will work with authorities to find the perpetrator.

[Now I'm no detective, but there's a PLA State Site located in St. Paul at http://homepages.go.com/~mpla/mpla.html and in their articles section they have a "how to" guide on beige boxing that was written just 7 days before this article hit the paper. Why don't these silly US West people notice this? ]

The company has traced one customer's connection to the Internet, and will explore whether that could be the case with other calls, Hallowell said. Not all the customers have Internet access, although many do. US West checked the lines for those who have complained and found nothing suspicious.

[Traced their customers' connection to the Internet? What the hell does that mean? I get the feeling that Amy Sherman (the writer for this story) uses AOL and doesn't understand technology issues very well. What probably happened was that some of the psychic calls were made on a customer's computer line. ]

Consumers have spent hours trying to get their charges dropped. Only some have succeeded. All are adamant that no one from their home called Vanuatu.

"I'll go to court. I'll take a lie detector test. I'll swear on the Bible we did not make these calls and will not pay them," said David Libertini of Mendota Heights.

[Wow, David sure seems sure of himself. Let's just see how sure David really is about this:

RBCP: Dialing 651-905-3851... ring... ring...
Lady: Hello?
RBCP: Hi, could I speak to David Libertini please?
Lady: He's not here. You might want to try back next week. Would you like me to take a message?
RBCP: Well this is Big Steve at US West and I was calling about those phone calls he was wanting to dispute. Basically I wanted to find out if maybe he could come into court tomorrow morning to swear on the Bible and then maybe take a lie detector test regarding the calls.
Lady: Oh. Well he's not even here until Monday.
RBCP: Okay well I can try back. There's also been some new developments in the case too because there's been about 15 or so new overseas calls made from your line recently.
Lady: Oh my! On our line?
RBCP: Yes. The last one was made just 10 minutes ago from your line.
Lady: But I'm the only one here today and I'm sure I didn't make it.
RBCP: Well if you're the only one there then you must be the culprit! That settles it, case closed. I just knew you would confess if I put enough pressure on you! I'll see you in court lady! ]

Similarities exist among many of the bills: Several of the alleged victims have cordless telephones. Many of the phone calls were for exactly 30 minutes. Several calls were made right in a row from the same number. No one was home when many of the calls were made. A few reported that they had not been able to get a dial tone about that time. About nine of the alleged victims live near each other in Inver Grove Heights.

Here's a glance at the experiences of a few consumers: Jim Wolff, a US West employee, said he was shocked to discover about $216 worth of charges on his bill to his St. Paul home. Four consecutive phone calls were made on Oct. 19. At the time, Wolff and his wife were at work and their daughter was at school.

Eight calls were made within about an hour one day from Jean McGroarty's line. The next day, six were made on her daughter's line. Julie Hauck's home is right by her mother's. Her husband, Phillip Hauck, found an open telephone box nearby. No one was at either home when the calls were made.

About 11 a.m. Sept. 29, Lorraine Stark of Eagan noticed her phone was dead, so she called US West. She later received a bill for two calls about that time. Each 30-minute call cost about $183. Stark said US West later told her that the line was checked at 12:20 p.m. Some residents speculate that someone has connected a phone to a telephone box in the area.

The equipment needed to pull that off is cheap and easily available, according to John Brandenburg, a telecommunications manager for ClickShip Direct Inc., based in Brooklyn Park. "It's not at all difficult for somebody who knows what they're doing to steal dial tone from neighbors," Brandenburg said.

Dan Cady, who works at Eschelon Telecom in Golden Valley, agrees. "It's very easy to hack into people's phone lines and call anywhere. It's something I could teach you how to do in five minutes."

[We decided to call up Dan at work and ask him if we could come in to his office so he could teach us how to hack into people's phone lines in just five minutes but he wasn't willing to work with us. I bet he doesn't really know how to do anything. ]

Cady has another culprit in mind: cordless telephones -- particularly those that are a few years old. But Cady declined to explain how that's done because he didn't want to give instructions on stealing telephone service. The fact that many calls were for exactly 30 minutes suggests that perhaps someone has electronically set up a system so the calls are made for that amount of time, Cady said.

[The 30 minute deal is so that people don't run up their phone bills by talking for days at a time on phone sex and psychic lines. Why would someone "electronically set up a system" that calls a number in the South Pacific islands and just sits there for 30 minutes? Would a psychic sit there for 30 minutes if it were an automated thing calling her? ]

Nearly all of the consumers have AT&T and are furious at their long distance carrier. Some are also frustrated with US West, while others feel the company helped resolve their bills.

"We believe somebody made the call," said AT&T spokeswoman Lee Ann Kuster. "Somebody with access to the phone or computer placed the call whether they realized it or not."

This unusual telephone business has left one Eagan teenager in the delightful position of getting her parents to admit they might have been wrong. When the Searses saw about $35 for calls to Vanuatu, they told Holly that she must have made the calls because she was off from school that day.

"They're like `You owe us 35 bucks'. I'm like, `What?' " Holly said. "They had me convinced I did do it. I didn't." When the family read that other Eagan residents had been billed for calls to the same country, Holly got her money back. "We made good with our daughter, but we're still out $35," said her father, Paul Sears.

[Haha, now that's funny. It almost makes me wanna call up Holly's dad and laugh at him. Well, why not? Here's an exclusive UPL interview transcript with Holly's dad:

RBCP: Dialing 651-452-1880... ring... ring... ring...
Paul: Hello?
RBCP: Good answer. Hi, this is Ben from AT&T. I'm calling about the $35.00 dispute you have with us. Is this Paul?
Paul: Yes!
RBCP: Well I just wanted to let you know that we still don't believe you or that cockananny story about how Holly wasn't home at the time and we're still not going to refund your money. What, you think we were born yesterday??
Paul: Who did you say you were with?
RBCP: I said I was with AT&T. The phone company, you know?
Paul: Oh. And you're calling to tell me that I still have to pay?
RBCP: Yeah. But I'm not really with AT&T. I was just kidding about that part. I'm really with the UPL News Team and I wanted to interview you about the whole ordeal with your phone bill.
Paul: Do you always misrepresent yourself like that when you call for an interview?
RBCP: Yeah, it helps to break the ice. Don't you feel relaxed now?
Paul: Not really. What's your name again?
RBCP: Please hold all questions until after the interview. Now how long has Holly been addicted to these psychic and porn lines?
Paul: ... *click* ]

kkk.com and whitepower.com gets hacked!
Normally I don't care if a website gets hacked or not, but since the hack displayed a link to phonelosers.org on the bottom of the hacked page, it made me very happy. What made me even happier was that the hacker used the domain hijacking method that UPL published a few issues ago. And even better - people wanting to get educated on the KKK were instead stuck with reading a bunch of PLA and UPL issues. So hopefully we changed a few people for the better.

On a similar note - if the headquarters of UPL or PLA gets burned down within the next few weeks, we probably know who did it and why. Wow, A web page hack on a domain name that lasts over a week - that's gotta be some kind of record!

Luvox Phreak Gets Out!
Some of you may know of a girl called Luvox Phreak who disappeared from the scene last year without any notice or reason. It turns out that her parents sent her off to a fate worse than boot camp for teens - first to some lock-down place in Ensenada, Mexico for 4 months and then to some mind control place (Provo Canyon School) in Provo, Utah for a year. It's been hell but she turns 18 soon and will be unleashed onto society once again very soon.

Domain Name Hijacking Becoming Popular!
Some of you may remember the article on domain name hijacking in UPL Issue #16. Well, it looks like domain name hijacking has become a major problem for one internet company.

The people who run the web.net domain had their domain hijacked and recieved a lot of media coverage over it. Apparently it was stolen for several days during May 2000 before they finally convinced Network Solutions to give it back to them. Here's a story by the Toronto Star:

Web Networks Domain Hijacked by Hacker 
May 31, 2000

Since Saturday May 27, nonprofit Canadian Internet host Web Networks (www.web.net) has been locked in a desperate struggle to prevent the 'netjacking' of their online services by unknown hackers.

On Friday May 26, a still-unknown party contacted Network Solutions via the World Wide Web and directed them to change the contact name and the IP numbers (the Internet equivalent of an address) for the 'web.net' domain.

Network Solutions, the largest and oldest of the companies empowered to register and administer domain names, complied with this order without the required authorization. In theory, changing the contact name and IP numbers requires the use of an encrypted password or faxed-back authorization. No one at Web Networks was consulted either electronically or by phone to authorize this change.

Over the last three days, Web Networks staff and users have watched in frustration as their domain has been shifted across the globe from server to server. The hacker has moved the domain from Indonesia to Hong Kong to the US in an attempt to throw them off the trail. Web Networks is now struggling with two different domain registrars and a US Web host in an attempt to restore service to their users.

As a result of this netjacking, over 3500 Canadian charities and non-profit organizations are without e-mail or Web sites. "The theft of web.net is disrupting the work of everyone from human rights activists working to stop executions in Latin America to people who offer day-to-day social service counselling over the Internet," says Web Networks' Executive Director Tonya Hancherow. "It's not an exaggeration to say that lives and livelihoods are at stake here."

At least one other domain name - bali.com - has been stolen by the same hacker. It is likely that other domain names have also been affected. "Network Solutions has all the information it needs to identify the affected domains and fix the situation," say Web Networks' business advisor Mark Surman. "It defies belief that it has taken them so long to act."

Web Networks has provided e-mail, WWW hosting and other Internet services to 3500 Canadian non-profit organizations and charities since 1988. They have owned the 'web.net' domain name since 1993.

[Here's another clip from an article on msnbc.com - I've edited out a lot from this article since it basically says the same thing as the Toronto Star's article. ]

Web sites ‘stolen’ by hackers Valuable domain names pilfered five days ago, still ‘missing’
By Bob Sullivan at MSNBC on May 31, 2000

The connection between the two Web heists was discovered by Toronto Star technology columnist K.K. Campbell, who will report on the incident in Thursday’s editions. He thinks the two sites were targeted because the domain names themselves could fetch a hefty price if they were sold. "These are valuable names," he said. "They both fit into that ‘grade A’ name space. Each is worth at least $100,000."

By today, the contact information for both sites had been changed again. Bali.com is currently registered to Anton Widodo, allegedly of Madrid, and Web.net to Paul Vernon of Hong Kong. Widodo, Vernon and Tandoko did not reply to e-mails.

"In our case I don’t understand the motive except doing us harm," said Peter Rieger, who operates Bali.com. His site is a tourist portal for Bali and gets about 20,000 unique users per month. "The damage is quite substantial. We are losing a lot of business because of this."

Rieger is also concerned that as time passes and registration information continues to be changed it will become harder to reverse the changes made by the computer vandals.

The criminals are apparently exploiting a quirk in the domain registration system that allows domain holders to change the numeric IP address a domain name points to.

In mid-April, Solid Oak Software in California briefly lost control of WhoAmI.com. Later that month, a series of high-profile Internet sites were hijacked, rendering the home pages of Adidas and Manchester United temporarily unavailable. Also hit: LucasArts.com, Viagra.com, Slovenia.com, Croatia.com, Washington.com and Canada.com. Some of the sites were redirected to a political message which read "Kosovo is Serbia."

In all those cases, computer vandals used a technique called "spoofing" to trick Internet registrar Network Solutions Inc. into believing that they were the rightful owners of a Web domain name. Then, with just an e-mail, they were able to alter the domain information.

A spokesman for Network Solutions said Bali.com and Web.net were likely victims of the same trick, but added the incident is still under investigation.

"It’s happened in the past, but fortunately infrequently," said Brian O’Shaughnessy. "It happens to names of some merit rather than names of no merit." He said Network Solutions handles up to 30,000 database changes every day. When a change request is made, the rightful owner of the Web address is notified via e-mail and asked to verify the change. Rieger said he wrote back immediately to Network Solutions and asked that the change not be made, but that didn’t help.

"That’s an incredible amount of volume, and in some cases the request is sent out to the rightful owner and his response may get caught up in that," O’Shaughnessy said.

The original e-mail request to change Bali.com’s account information was sent by someone identifying himself as Billy Tandoko from dnsmaster@JSPNETWORK.COM, according to e-mails supplied to MSNBC by Rieger. JSPNetwork.com is owned by a California company. The cellular phone number listed in the domain name database for the company was not operating when called by MSNBC.

Tandoko then switched to gudangduit@YAHOO.COM, a free e-mail address, when the final changes to Bali.com were made. That same address was listed as the contact for Web.net until Wednesday morning. So far, there are no other known domain name heists connected to Tandoko, and O’Shaughnessy said Network Solutions investigators are only aware of the two incidents. But the domain name system database indicates one other Billy Tandoko using another free e-mail account, billyas@HOTMAIL.COM, to register a Web site but which site is not known. The domain name database does not allow members of the public to find domain names by contact information. E-mails sent to that account were not returned.

ABCnews.com recently did a story on "female hackers." Several names were mentioned that some readers may recognize, including Colleen Card from PLA and Wedz from the 303 crowd. The full story is located at the following URL: http://www.abcnews.go.com/sections/tech/DailyNews/hackerwomen000602.html

I recently found this article in the Weekly World News and I just can't believe that this topic hasn't gotten any serious coverage from the major networks. Geez, what's wrong with the media these days??

. . . & blow your family to smithereens!
from: http://www.weeklyworldnews.com/archive/stories/1823.html

WASHINGTON -- Right now, computer hackers have the ability to turn your home computer into a bomb and blow you to Kingdom Come -- and they can do it anonymously from thousands of miles away!

Experts say the recent "break-ins" that paralyzed the Amazon.com, Buy.com and eBAY websites are tame compared to what will happen in the near future.

Computer expert Arnold Yabenson, president of the Washington-based consumer group National CyberCrime Prevention Foundation (NCPF), says that as far as computer crime is concerned, we've only seen the tip of the iceberg. "The criminals who knocked out those three major online businesses are the least of our worries," Yabenson told Weekly World News.

"There are brilliant but unscrupulous hackers out there who have developed technologies that the average person can't even dream of. Even people who are familiar with how computers work have trouble getting their minds around the terrible things that can be done.

"It is already possible for an assassin to send someone an e-mail with an innocent-looking attachment connected to it. When the receiver downloads the attachment, the electrical current and molecular structure of the central processing unit is altered, causing it to blast apart like a large hand grenade.

"As shocking as this is, it shouldn't surprise anyone. It's just the next step in an ever-escalating progression of horrors conceived and instituted by hackers." Yabenson points out that these dangerous sociopaths have already:

Vandalized FBI and U. S. Army websites.

Broken into Chinese military networks.

Come within two digits of cracking an 87-digit Russian security code that would have sent deadly missiles hurtling toward five of America's major cities. "As dangerous as this technology is right now, it's going to get much scarier," Yabenson said.

"Soon it will be sold to terrorists cults and fanatical religious-fringe groups. Instead of blowing up a single plane, these groups will be able to patch into the central computer of a large airline and blow up hundreds of planes at once.

"And worse, this e-mail bomb program will eventually find its way into the hands of anyone who wants it. That means anyone who has a quarrel with you, holds a grudge against you or just plain doesn't like your looks, can kill you and never be found out."

There's a new book out called Virus Proof which features screen shots from a couple PLA web pages (red boxing page & the scanner page) as well as the main page for the WraithTech site.

I trotted over to Borders last night to have a look at it and it seems that most of the web site screen shots are mainly used as fillers so they can sell this cheap paperback book for $35.99 but I'm all excited that they put me in it. They also show shots of just about every web site that the PLA links to including NTOP, AT&T, PPN and the Phone Rangers. For some odd reason UPL, you didn't make it. We suck.

Whatever you do, don't buy the book! You can view the reviews and stuff at:


But the book itself seems rather useless to me. Like the section on phreaking has a list that educates people on what a phone phreak is. It goes something like this:
  • A phone phreaker is a person who phreaks phones for free calls.
  • A phreaks primary goal is to make free phone calls.
  • Johnny Draper discovered a whistle that makes phone company tones and they threw him into jail for 15 years because of it.
Bah, there were some other "points" that the book brought up that were really funny but I can't think of them this early in the morning.

DEF CON 8 will be going on July 28-30, 2000 at the Alexis Park Hotel & Resort in Las Vegas, Nevada.
Meet all your favorite Generation-X phone loser supserstars there, such as RedBoxChiliPepper, linear, Harry Tuttle, Jaded, Jc, and more! Cost is $50 at the door for all three days.

DEF CON is an annual computer underground party for hackers held in Las Vegas, Nevada, every summer for the past seven years. Over those years it has grown in size, and attracted people from all over the planet. Well, no one from North Korea has shown up (that we know of) but if they did I'm sure we would convince them to tell us elite government sekrets. That's what it is all about. Meeting other spies, er, people and learning something new.

We are not trying to teach you to learn how to hack in a weekend, but what we are trying to do is create an environment where you can hang out with people from all different backgrounds. All of them interested in the same thing, computer security. To do this we have taken over the complete hotel at the Alexis Park Resort. Does all of this seem interesting? Then it can be yours for the low low price of only $50 at the door.

For more information and different events scheduled for DEF CON 8, please visit http://www.defcon.org 

Why I'm Looking Forward To Getting A Job
Or: How I Want To Fuck Up The Corporate Workplace
Written by Harry Tuttle

The writer of this rant does not support any of the actions that will be mentioned. So if you get caught doing anything illegal with dog poop, we won't be in deep shit. You will. Literally. Hahahaha. Also I'd just like to say that this is my first article written for UPL and it has almost nothing to do with phones. I'm also fully aware that I am a dork so no one has to point that out. Besides, you will probably think higher of me than I do. And one more thing. The only reason that I'm in UPL is that I'm sleeping with linear (not really, though I wish I was). So that job is taken. Now for the article, enjoy.

Two words: Monkey wrenching. Plain and simple sabotage. Most people think that getting a teen age job is the first step to the shackles of adult slavery. I see it as an opportunity to have fun messing with evil companies that are destroying our world. I get weak in the knees with anticipation when thinking of running magnets over the pokemon videos that I'm arranging at Cockbuster Video. It fills me with joy to imagine myself causally walking down the halls of any office (especially a telemarketing one) and snipping each and every phone cord with my shiny new scissors. And it doesn't just have to be random sabotage either, you can bring politics into the mix. A job at Kinky's Copies would suit any politically subversive individual. Imagine it, unlimited resources at your disposal to corrupt (or educate, depending on who you ask) the population. Or you could charter a club at school and use the budget to make hundreds of flyers. The irony would be that your school is funding the distribution material that they undoubtedly would be against. But back to sabotage, that's the real reason your reading this. Personally I would like to work for any religious "wrong" organization that has mailing lists and send every last person some nice porn. Imagine Pat Robertson's face when he realizes his organization is responsible for the mass distribution of "harmful matter." Here's a few good ideas that I've heard of. Use your job at Murder King to spread anti-meat flyers. "Mommy, what's anal electrocution?" Become a mail boy (or what ever they are called) at some big company and "lose" all the important letters, like bills, checks, AOL disks. Once you have been losing the company's mail for a while you have to find some way to frame a fellow employee or your boss. Hate the rich? Then get a job in a fancy hotel and piss in the rich people's soup (or any other disgusting act) while participating in a class-action lawsuit against your employers for the urine content of their food (this idea was stolen form Fight Club as well as the bird idea which is coming up. Yes there will be a bird one). If food contamination isn't your cup of tea, here's something everyone can enjoy. Fucking with car salesmen. And you don't even need to get a job as one. Go down to the local pet food store and buy mass quantities of Pigeon food. You can guess what happens next. Sneak up on to the roof of the place and spread it everywhere. By morning ever car in the lot should be white once the birds are done with them (this has been the bird one). Speaking of pets, a dog can be a useful helper in your exploits. Collect a good sample of Fido's droppings and take them with you to your part time job at the country club. When you're out collecting balls for the Man you can place you pets little present in all 18 holes. Speaking of dog crap, why not put some in the air-conditioning vents of your office. One more suggestion. Those little plastic zip cords that can be bought at Radio Shack are excellent for causing minor annoyances and wasting people's time. You could lock them around door nobs, bicycle spokes (bike cops... hehe). You could even use them to lock chairs to tables. Use your imagination. My advice is to fuck the system in any way you can. The more creative and fun the better. Like Jello Biafra says - pranks aren't only necessary in this day and age, they're also good for the soul.

Peace love and freedom,
--- Harry Tuttle

Internet Privacy in the UK
Written by s0lidstate

I was noising around one day when I came across a phonelosers site out of the UK (http://www.phonelosers.free-online.co.uk/). I looked around till I found this disturbing article talking about how MI5 (like the CIA only British) is talking about fully monitoring all data-traffic in and out of the ISP.

Now, I know most of you, who the fuck cares about those fucking bastards, better them than us. Wrong. How will other nations view this action. Consider this, the CIA or FBI implement a new law requiring all ISP in the United States and its repective territories to install a black box on their equipment that monitors all data coming in and going out of the ISP, then all the data is sent back to Langley with logs of everything you viewed, people you talked to on IRC, AOLIM, or ICQ. Records and transcripts of email sent and recieved by you. Not a pretty picture is it. Well, its not happening in 5 years, not 10 or 20, its happening now.

Now your probably thinking, "How the !@#$ did all this !@#$ come about s0lid???". For some time, it has been obvious to Ministers and civil servants that British law needed updating to cope with the internet. Thus, a special cabinet office headed by Professor Jim Norton, the fruit of their labor concluded with the Electronic Commerce Bill since in an period when online trading becomes ubiquitous, for example, some way has to be found of making 'digital signatures' legally valid.

The bill went through all the turns of loops of the Parliament and parts of it dealing with he sections about data encryption, interception and surveillance, were so fucked up that they threatened to screw the Bill. Yet given the ongoing problem, the problematic parts were discarded and the Electronic Commerce Bill went into effect in 1999.

The people in the UK that feel most threatend are the businesses and people who do business with people in the UK over the internet. Encryption is key to e-commerce these days in age, and most businesses are not willing to give up encryption keys and pins. Its predicted that if the bill goes into effect, most e-commerce businesses will move into neighboring Ireland and other surrounding coutries, thus threatening the UK's image as 'the most e-commerce friendly nation in the world.'

I could go on and on about details but I imagine you already have a good clean thought of what is happening to our UK neighbors over in Europe. Don't let the UK become the model of the internet of tomorrow.

--- s0lidstate

New Security In Telco Boxes
Written by Bor

It seems that the local phreaks around here in the 813 and 727 area codes have made an impact on the security in the equipment that GTE uses. It seems that in about three new telco boxes I've seen, they've all had new security features, which will not please any of us.

I was walking to the local movie theater about three weeks ago, when I passed the new telco box that they have just installed. I looked at it, and noticed something very funny about it. It had NO lock on the outside. I figured "my god, this is great, no lock, no nothing, wide open." well, this was a great thought until I opened the telco box. It seems that GTE has gotten smarter, and has found a way to keep most of us out of their precious telco boxes.

When I opened the box, I found about six more black boxes inside. NO WIRES. All of the boxes had seperate locks on them, and looked as if it would take a seperate key to open each box. So, as of now, at least in the Tampa Bay area, that the newest telco boxes are very secure. I've seen these kind of telco boxes on three occasions in both the 727 and 813 area codes. Take from this what you will.

--- Bor

Response to Phreaked by Twisted Faith
Written by Phractal

I thouroghly enjoyed your article in UPL019, Twisted Faith. I could definetly relate to some of your views on the current phreak scene. This was also especially becuase I had joined the hacker-phreaker scene about the same time you did. I originally started to wonder about hacking with some friend of mine (I don't even remember who),way back in 1997 sometime. One day, he msged me and gave me a link to the "Novice's Guide to Hacking: 1989 Edition by the Mentor". Even though it was old, I read through it eager to find out how to hack. I read it and it mentioned stuff like "bury all your hacking materials", and "a good place to hack is your local college". Immediatly, I was saying to myself, "Woah! This IS THE REAL DEAL!" My friend and I both tried to hack using the methods described in this (at the time) 8 year old file. I don't know if you've tried this yourself, but TELENET hardly has any NUAs left in operation, although the network still exists. My friend gave up hacking after that. A month later, I went to a local computer show, and there was a lady selling a whole bunch of CDs. A lot of shareware crap and (most likely) pirated games. There was also this CD called HaCkErZ Kr0nIckLeZ that I saw. It said HaCkErZ Kr0nIckLeZ in bright red and had images of skulls all around it along with faded words around them, all spelled in elite ways. These words included "Hacking" "Phreaking" "IP-Snifferz" "IRC War" "Anarchy" "Virii" "Unix" and so on. For ten bucks, I bought the CD. At this time, I really didn't have an idea that there was a whole underground still active on the internet, and still on dying BBSes as well (at the time). The CD had a lot of bomb anarchist cookbook and carding crap on it, but a lot of things also that taught me the basics for hacking and phreaking. The files were a bit outdated, the most recent ones were from circa 1996, but I still learned a great deal about h/p. I was first drawn to hacking, and it seemed too hard at first. Unix? IP sniffers? Rootkits? What's a packet? Is TELENET still around? What's the difference between TELENET and TELNET? How do I get a shell with AOL? So I turned to phreaking...

I started scanning a lot (war-dialing) for interesting carriers and stuff. I thought this was especially cool because I thought I was hacking and phreaking at the same time. I was taking apart the phones in my house. I could spot every payphone in a 50 mile radius from me. Then, in the winter of 97-98, with school and other personal issues, I sorta dropped out of a scene I was barely in. I hadn't even talked with anyone who was into h/p over the phone or internet. I hadn't even gone on IRC yet, although I did install mIRC from the IRC war section of my HaCkErZ Kr0nIckLeZ CD Rom. In Summer of 98 I returned, and built a redbox and beige box. I was also attracted to the idea of having these gizmos, like James Bond tools, like you were, Twisted Faith. I heard of a website hackersclub.com/km in a textfile I saw on that CD. I went their and started talking to some of the guys on irc.hackersclub.com under various nicks. I also had started to notice the PLA around the internet. Whenever I typed in phreaking into a search engine, I always saw PLA as a link. Originally, I though that PLA was just sort of an index for all the PLA state sites (not an actual site itself, let alone its own magazine, but I soon got really into the Issues when I discovered the PLA issues and everything. There was also some mention of System Failure Magazine on the BNF or something, so I hopped to sysfail.org, and I was really drawn to them as well. I really got into the early issues, because at the time, that's all that was currently published, and I understood about half of each issue. I recall logicbox calling the first seven or so issues, 'the lame issues' or something like that. Now, I am understanding all of the early ones, and understanding half of the later ones. So for a while in late 1998 and early 1999 I was this guy who redboxed all the time and raved about how cool PLA was.

In the summer of 1999, I started to IRC more, and traveled beyond irc.hackersclub.com and onto EFnet. There I saw the #peng crowd and some people in #phonelosers, but I was too late to go to #rock (it's invite only if you don't know). By this time I had noticed quite a underground community, and had read several texts/zines including SysFail, OCPP, DPP, cDc and some of the original OCPP Alt.Phreaking FAQs. I was browsing phonelosers.org, and I came across a link above the top that said "United Phone Losers: http://welcome.to/the_upl". I thought maybe it was some sort of thing like PLA-UPL war, like LOD-MOD. I really like the UPL, because I Understood everything that they wrote about. I then went on IRC to say hi to them. I became one of the first non-UPL persons in #phonelosers on irc.2600.net. Today that channel is dead. There used to be many many people in that channel, but now I'm not sure where all those folks are, mostly on EFnet I think. I noticed though there was a lot of "We're leeter than you" people against UPL and just in general. People were always fighting with each other, on IRC especially. "You read PLA? You're so LAME!" "Lamer got no skills!" I never ever, to this day, once considered myself "leet", or "too leet for you". I studied the older files of the hacker scene. I especially liked PHUN magazine and the cDc text files. I noticed, they seemed more complete, more organized. Today, I see too many people who are lost, and seem to not care about anything more than to be leeter than the next guy. It upset me. I don't want this to turn into a "The scene has gone to trash" article, but that's the way I felt sometimes. Only after a while, do I truly understand why the authors of text files say "Don't expect to be spoon-fed information". I understand this, because I figured out most of what I know by myself. I didn't have a friend to guide me into hacking and learn a lot of principles that many people are spoon fed.

Lately, I have sort of abandonned phreaking and focused a lot on computers. Particularly Linux, but I think soon enough, I will return to phreaking before the summer is over.

I don't know exactly why I wrote this. I guess it was because I like Twisted Faith's article, plus the fact that he didn't leave his email, so I didn't know where to write to. I also wanted to write to just write something like this...

--- Phractal

Raping McDonald's Computer System
Written by Jolly Spamhead

A nice thing about McDonald's is that it is linked via computer and modem to the MD HQ in OakBrook, Illinois. Check your local phone book for a McDonald's with 2 lines. The second line is the computer line. If you aren't able to get the number, read below to learn how to get it really easy!

McDonald's are listed by Restaurant Number in the phonebook. You can retrieve the number, then call the restaurant, asking for the manager. When the fucker identifies himself, with his name, you write the name down, and tell him to get bent, hangup, and to go chug some big fat cock!

With this information you have now, you can now call McDonald's 800 number, or any McDonald's Corporation HQ number in OakBrook, Illinois and they will tranfer your call to the right place. You tell them you haven't been receiving updates or any purchase orders, you identify yourself (The dood's name), and your store number, and location (city, state...). They will check the listings, and read off the phone number of the computer line.

If they won't give it to you they will give you the option to change the computer number, where you would then give them your enemies phone number or something, and they will get called by modem repeatedly McDonald's stylee harassment even!

Some Tings To Do If You Can't Get The Computer Number
Call your local McDonald's, identify yourself as John Fuckoff of Bullshit Computer Services calling from McDonald's HQ in Oakbrook, IL. Say you are updating your records, and need the computer telephone number. Write down the number, then give them a bullshit verification number.


Find the phone box outside and open it up and connect a biege box to the box and type your local ANI number. Do this for each line that enters the restaurant. You now have have the number. Close the box but before you go home piss urine all over the box for me. I no like McDonald's! ;)

Once You Get The Numbers
Now that you have the number, there is a lot you can do. It is not smart to enter the computer though. Although goods are buried in there, any changes you make are corrected that night with a verification call. It is also verified by voice.

However, everything in the restaurant is connected to the computer. Once you call the number, and connect to the computer, just sit there. The computer will freeze all time clocks, order programs, etc. Every display will be marked BUSY until u disconnect. Cool Huh?

This prevents anyone from punching in or out, the manager from checking labor, printing schedules, do inquiries about anything... basically interrupt most managerial and work duties. So in other words... FUCKS UP SHIT BIGTIME at Micky D's for that day!

Now if you get a constant busy signal when u dial in, this is very easy to get around. Dial 0 and ask for an operator interrupt for the phone number (This costs a buck btw). The operator breaks in, the beep will hang up their modem, allowing you to call right back in (Do this fast!).

Peace, Love and Have Fun!
--- Jolly Spamhead

Cactus Box (humor)
Written by Bela_Lagousi

The cactus box is the most amazing box in the world. It slices it dices and it does everything that a beige box with a voice changer attached would. If you want you can put it in a briefcase and add an UNDEAD BOX to be even cooler. It is not even a real new box just Bela writing an article really fast for linear.

What You Need
  • one (1) Cactus shaped phone from Spencer's Gifts
  • two (2) Aligator clips
  • one (1) Tele-Fun (inline) Voice Changer
  • one (1) package
  • two (2) part epoxy
  • one (1) plastic flower pot
  • one (1) package Plastice Easter Baskett Grass
  • ten (10) shots espresso
  • three (3) NoDoz Pills
  • one (1)
  • six (6) pack Jolt cola various flavors
  • two (2) turtle doves and a partrige in a pare tree

  • Step 1. turn cactus phone into biege box
  • Step 2. Espresso
  • Step 3. Follow the drections to attach voice changer
  • Step 4. Espresso, Jolt
  • Step 5. Put in Plastic Flower Pot
  • Step 6. Espresso, Jolt, NoDoz
  • Step 7. Add fake grass
  • Step 8. 2 shots espresso Jolt Jolt rest of NoDoz
  • Step 8. all the caffine products
  • Step 8. BZZZZ bzzzz Bzzz bZZZZZ
  • Step 8. Pass out
  • Step 9. EMT's revive you from coma step
  • 10. Your invisible, no one will see your beige box or recognize you voice

YOU: "Hello Sydney, Do you like scary Movies?"
SYDNEY: "Who is this?"
YOU: "Your Mom is a fuken Whore."
COP: "Hey Kid stop cussing at the potter Cactus."

--- Bela_Lagousi

Some Notes on Linux Installations
Written by Phractal

Well, many hackers like to have this thing called Linux on their computers. Why? It is a clone of unix, which is used on many many servers using TCP/IP, and you could possibly connect and gain access to those unix servers more easily if you have unix on your comp at home. You can also implement REAL exploits when you have unix on your comp. You also feel elite when you are using any type of command prompt operating system (Don't you feel cooler using DOS than Windows?).

This article will hopefully some hax0rs to break free of windows and experience unix for themselves. Now please - don't think I am a unix guru, I am not, I am far from that. I still have a LOT to learn.

I have seen plenty of linux/unix articles out there, but there is not one that is suitable for the complete newbie to installing linux. There was some good advice in the Hacking Tutorial from cyberarmy.com/tute, but they suggest starting off with some sort of weird linux version that runs IN dos/windows, and boasting that it does not need partitioning. This is true, but please do not use this version of linux, or any Linux emulators or Linux for Win/DOS. If you want to excell in your quest for eliteness, I suggest you learn how to put an operating system on a computer the REAL way. A real operating system is not reliant on another to fully function.

What is mentioned here can also be found in several linux manuals, but very few are user friendly and can be frustrating. Linux for dummies is very good, but its installation instructions are for RedHat specifically, and I believe that other distributions are better and you will learn more from them (cough slackware cough). This is meant as a general instruction notes for any linux distrobution. So, if you are going to install linux the "manly" way, you will have to partition your hard disk. This is a way of dividing the disk, so it will be used for linux and linux alone, and won't get confused with other operating systems. You will most likely use Linux fdisk or "Disk Druid" to set up your partitions and do other things with them (covered later). The hardest part of a linux installation is slicing and dicing your hard drive into several segments. (You will want to make at least two partitions for linux)

I would suggest using a windows utility, like Partition Magic to slice up your hard drive first. Let's say all your hard drive is, is C:. Use the windows slicer to make D: and E: into partitions, make D: about 1 GB or more. This is where all your linux stuff will be installed onto. You can use the other partition for swap space, which is what is used when you run out of physical RAM. Make a swap drive even if you have 256 MB RAM (like phractal does, he he). Try to make it twice your Physical RAM. If you have 32 MB RAM, make your swap 64 MB. You can also make yet another f-rad partiation. This is really an addon to the first one, but you can store stuff like /home or /usr/local in these. You can also view other several partitions at a time, unlike DOS or Windows.

OK, now you should have two or three partitions setup for linux. If you had C:, you now have D: E:, and possibly F: for linux. These partitions are for Windows though, most likely WIN95 FAT32 partitions. When you are finally installing linux, you will need to use linux fdisk to change those partitions you made from WIN95 FAT32 to Linux native and Linux swap. Your installation manual should provide you with the commands to use when you reach fdisk, like "t" allows you to change the partition id, which is what you need to change those partitions into linux partitions. The linux partition(s) that you use to install software onto will be linux native drives (code 82), and the partition you will use for swap is called linux swap (code 83), difficult, huh?

By predetermining the partition sizes in the more friendly windows, you will not have to do it in fdisk. Fdisk is notorious for accidently wiping hard drives. Now who would EVER wipe thier hard disk, who would EVER do THAT?

--- Phractal

Hacking Girls The Cyberpunk Way (bad humor)
Written by Jolly Spamhead & Seth

In this report I will attempt to quantify the personality traits of the troubled teen with the intent of creating a psychological profile (or signature). The techniques used to arrive at these conclusions are the same used by the FBI to profile unknown serial killers to facilitate their capture. All the conclusions are based on real-life interviews, long exposure to several people possessing the target personality, as well as some behavioral psychology. This report is divided into a theory and a practice section as well as a small section on exploitation. At the end of this report you should have all the information you need to identify the personality type defined in this report and with practice should be able to exploit the female for your enjoyment.

The personality we are defining is that of a troubled teen. Specifically, we seek female teens from 12 to 18 years of age (possibly older) with severe unipolar depression. The reason for this will become evident later. We also seek a highly extroverted personality with little or no inhibitions. A side effect of this will be mild to severe hyperactivity, which we must also look for. So, we desire a depressed, extroverted, hyperactive female. Luckily, these traits go hand in hand. Additionally, the behavior associated with them is easy to identify, even from a distance. In the next section, a behavioral profile will be provided that can be used a template for this personality.

We begin our profile with an examination of the subject. This can be broken into several pieces. As with any profile, not everything will be the same for every subject. The more parts that fit, the better the chance of a match.

HEAD: Examine the subjects head. Is her hair dyed? Does it show evidence of being dyed multiple times? The more times the better. Next look at her ears. Multiple self-inflicted piercings with strange studs should be evident. Also look for make-up. We want a purple color scheme, though this may, or may not be evident. Also look for scarring, (white or red lines). The more scarring the better.

ARMS and LEGS: Look closely at the subjects wrists and forearms. Search for evidence of scarring in these locations. Heavy scarring on the wrists is an indication of attempted suicide (a plus for us). Also look for names that have been carved into her skin. She may chose to hide her names by carving them in hard to see places, so don't be discouraged just yet. Another good sign is burn marks. Be careful though, severe physical or sexual abuse will produce the wrong type of personality, we want all the damage to be self-inflicted.

BODY: The overall female should be very thin most of the time, although obesity is a possibility too. She will have used starvation as a means to attempt suicide in the past. We seek a physically attractive female, so feel free to discard females that are disturbing to look at.

Now that we have screened for a female with the above physical characteristics we have to take a look at her mind. Even here, observation is key. It will be easier to inventory her mind if you try to start a conversation. The proper type will undoubtedly start the conversation for you, and begin telling her life story, given a little prodding. Watch her body language as she talks. She will subconsciously emphasize certain points, which we want to know about. Here is what we are looking for:

BEHAVIOR: The female will try to always be at the center of attention. Given the proper setting (a house party, for instance) she will not hesitate to run around completely naked. This is a very good sign as it requires a VERY uninhibited personality (even with large amounts of alcohol). She will begin to talk to whoever is near her, and will continually steer the conversation back to her. She will complain about her life, how bad her day was, and given enough time she will drop important details. This release of information will happen whether the subject is inebriated or not, the hallmark of this personality. Areas to question the subject on are as follows:

DRUG and ALCOHOL USE: The subject should use drugs heavily, if not now, in the past. She may have convictions and be on probation for use and sale of marijuana. Generally, she will not use harder drugs than pot, if anything else it will usually be "shrooms" or LSD. She will also use alcohol heavily, generally in a social setting. All this drug use will generally take place with her friends in a closed setting. Don't expect to see this at bar or other open gathering.

MEDICAL HISTORY: Here is the most important section. If you've gotten this far everything here should fit perfectly. She will have been treated for "depression" in the past, most likely with an in-patient stay at a mental facility. The reason for her stay will be attempted suicide or suicidal ideations (thinking about ending it). The methods she will use will not be effective (like a shotgun blast to the head) but will be designed to attract attention.

Horizontal wrist slashing will bleed a lot, but is generally not fatal and can be repaired. Overdosing on over the counter drugs, and consuming household cleaning products are also popular. While these methods can work, the subject will call her friend and tell the friend that she just tried to commit suicide. This leads to the hospital, a suicide watch, and in-patient commitment. The subject will also be seeing a therapist. The reason for this is that the medication she is taking requires monitoring by a psychiatrist. Popular brand names are Prozac, Paxil, Zoloft, but they all are anti-depressants. Specifically they are selective seritonin reuptake inhibitors, in other words they work by increasing the pool of serotonin in the brain, thus reducing depression. She will most likely not be taking the old school anti-depressants. These so called MAO inhibitors have so many side effects that is usually prescribed when nothing else will work. She will also need something for that hyperactivity, Ritalin being the drug of choice. To summarize: she is currently on anti-depressants and is seeing a therapist due to depression and attempted suicide. If you can come to this conclusion from your conversation, then you are in good shape. :)

FAMILY HISTORY and CHILDHOOD: The subject will have had a relatively sheltered childhood with in a small town. This can vary actually, she may in fact live in a city and may have one or both parents, who can have a varying amount of financial security. Obviously, you want to find a female with rich parents. Something goes horribly wrong. The female will be rejected by her mother, who will continually disapprove of everything she does. This will lead to continuos feelings of rejection and anxiety. In an attempt to get attention she will latch on to anyone who approves of her and soothes the pain in her mind. This is where the promiscuous sex comes in. She uses sex as a tool to ease her mental pain, but this will not work. No matter how much sex she has, how many boyfriends she gets, no matter how much she drinks, or smokes, the underlying pain always comes back. She will do a good job covering it up, but she overcompensates, leading to exaggerated reactions. If you spend enough time with the female you will see that she does not deal well with change. Her personality will "break" for awhile, during which you will be treated to fits of screaming and crying. During these episodes the female will be feeling completely alone. If the episode last long enough she will try to commit suicide. To her, physical pain is nothing compared to the mental torture she has to endure. This also explains the need to carve her body, and do her own piercings.

The control she exerts on her body, and the pain she inflicts, gives her an escape. To find out how closely the female fits in here requires good conversation skills. Watch her body language and try to see what you can pick up. Chances are, all this will hit dead on.

FRIENDS: She will have many friends and acquaintances. Her best friend will usually be fairly normal, so it would be good for you to question her alone. Not to much in this area, take mental notes about who she likes and dislikes, it will be useful in the future if you try to start any sort of "relationship".

SEXUAL ORIENTATION: The subject will almost always be bi-sexual. Depending on how much she likes you, she will be willing to have a sex with you and two or more girls. In fact, your best bet for group sex is with this personality type. The other partners will usually be her friends, or someone she feels comfortable with. Due to the sensitive nature of this topic, you should find a way to figure it out without direct questioning or until you've known the subject for awhile.

After you've done a satisfactory interview you will know whether you have found the right person or not. If you are sure you have a proper personality fix you can move on to the next section. Otherwise, try somebody else, in the next section we talk about ways to increase your success.

To actually exploit this type of personality you must first find some candidate girls. Here are some excellent locations:

Boarding Schools for Girls: Basically these are psychiatric facilities for rich girls. Try and find a party near the school, chances are some of the most lucrative finds will show up. If possible, through your own party (this is kind of extreme though).

Rural High Schools: Everyone knows people out in a rural setting have nothing to do. Use this to your advantage by infiltrating the party scene. You will undoubtedly find several targets.

Colleges: Less likely, due to the fact that someone as mentally disturbed as we want would most likely not make it to college (though there are exceptions). Worth a try any ways. Get into the party scene, go to bars around the college, frat parties are great, IF you can get in.

Clubs and Bars: Everyone who goes to these are underage. Use this to your advantage. Profiling is harder in this setting, but if your good you should have no problem.

What you do once you have found your target? Well, I'm sure you can figure it out. Capitalize on the person for sex, money and drugs. The more involved you get with the one girl, chances are you can get her friends too. One thing to keep in mind though, you will either get a positive or negative reaction. Discard the person if she responds negatively. If you really want a particular girl, you can try, but with this personality, there is an immediate reaction. If the reaction is positive, your in with about 5 minutes effort. Otherwise, it will take much, much longer. Don't bother, find another one.

If you have completed this report you have all the necessary information to identify this personality. Now all you need is practice, and lots of it. A total jolly spamhead disregard for ethics is also helpful. In no time you should be getting more sex than you know what to do with.

--- Jolly Spamhead & Seth

[note from linear: please don't take this seriously, i don't condone this, blah blah blah.]

Guide To Being an 31773 Fraudster
Written by Toku

Mail fraud. The thing that separates the men from the boys. No other thing is quite like it, you screw over someone you have never, and will never (hopefully) meet! The following is based on my personal experiences, and is a guide for those who wish to be men.

Step one: make 100+ email addresses. (hint: make them all the same password for ease). these will be your "references" :) so try to use exotic addresses like coolio@webskulker.com, hotstuff@burritowrestlers.net, and downNdirty@migitz.com.

Step two: make a web site on geocities or whatever, and list all those e-mails you just made as past traders with you. go to G.A.B (http://www.gabtraders.com/)and register as a good trader so you look real. it takes 3 offenses to be banned, so you will need to make a new account every three or so times.

Step three: find a "trading" site for whatever hobbies you enjoy, or ones you hate. either bid on a item or post one of your own. (only bid if you want it, as selling is easier). now, once you reach an agreement, give the link to your references, and say you will recommend them to the G.A.B. hall of fame, etc. AT ALL COSTS MAKE THEM SEND YOU THE STUFF FIRST!!! if your selling insist on Money order, as this is the easiest to cash (hell, i've cashed them without ID). if you have a fake name w/ check cashing card be my guest...

Step four: Give them that PO box you made under a fake name (see PLA 14 at http://www.phonelosers.org/issue/pla043.html for more on that). And have them send it off it normally comes in week. Cash it before they void it or whatever.

Step five: Insist that it never arrived. This is key, as they sometimes think it was the post office who is at fault. (Ok, so its not key...)

This is very profitable, though i do ask you at least try to target pokemon players, as no one deserves it more then those poor, Ukrainians.

A nice touch for these things is to use a picture to go along with your add. The best place to get these is from a auction site. Find a nice picture, then give the picture's URL from your auction. If its some AOLers site, sometimes the owner will be harassed for the fraud you commit!!!

IF you insist, you can use auction sites, i like Trading pages better because of the complete lack of any real documentation, etc. (Not sure why it matters though...). Here are the ones i have used successfully:

To find a good Trading/Auction site use go to http://www.whatsonthe.net/auctnmks.htm , or do a search.

For the truly paranoid: so far i have found two sites that offer proxies to the world, anonimizer, and anonamouse. COMBINE THEM! http://ctservice.de/taker/cgi-bin/anon-www.cgi/http://anon.free.anonymizer.co m/http://www.google.com will put you at the google search engine via BOTH, for extra security.

I hope this helped you all, i STRONGLY recommend limiting yourself to $20 US or less per "sale"...

P.S. as of now step five has yet to work. if anyone gets it to, please e-mail me!

--- Toku

The Basics of IP Spoofing
Written by PhAnToM7

This article isnt written to show anything more than the basics of spoofing. Things like what it is and how it works. IP spoofing is in essence lying about what your ip is to any inquiring host. You can use ip spoofing just to remain anynonomous or as step in a more elaborate attack. I will break this article into relevent and easily read sections.

Section 1
In this section I will cover the part and hosts used in an attack.
  • The Hosts: A=target B=trusted host C=unreachable host D=attacking host
    In this article we are not concerned with the data bits of the TCP "conversation". On unix trusted realationships is gained to easily in that if D has an account with A you can .rhosts file:echo "D username" > ~/.rhosts(if root does this the diffrence is that its hoatwide while this is more individual) now with this in place you can use any of the r* commmands without those damn passwords!this commands allow address based authentication based off the server requests.
  • Rlogin rlogin is a protocol that that one to login remotely into a host and if a trust realtionship is/has been achieved then there is no password authentication.It will authenticate via the ip address.using the r* command from above we could remotely login to A if we could use the commands to get a trust relationship.
  • IP (Internet Protocol) Now i will explain a little bit about general internet spoofing and protocols. IP is a connectionless network protocol in the TCP/IP protocol.It has two 32 bit header fields to hold address info. IO is the busiest of the protocols of the TCP/IP because all internet traffic is encapsulated in IP datagrams. One of the IP protocols job is to route packets across/around the network. It has no processes to guareentee the packet gets there.IP just spits out packets and hopes they eventually get there. And since is has no connection is doesnt keep track of packet info. Each packet is sent without consideration to other packets. This fact and the fact that adjusting the IP stack to show an arbitrary IP makes IP easily conquerable.
  • TCP (Transmission Control Protocol) TCP is the connection based piece of the TCP/IP protocol.the connection based mean that both host must establish a connection before data can be exchanged. the reliability is provided a number of ways but the only two we are concerned about are data sequencing and acknowledgment. TCP assigns sequence numbers to every segment and acknowledges any and all dat received from the other host.

Section 2
Ssequence Numbers, Acknowledgments and Other Flags

since TCP is reliable it has a way to recover from all lost, damaged, and out of order data. It does this by assigning a sequence number to every byte and requirng acknowledgemnt upon arrival from the other host TCP can guareentee delivery of the data.These sequencing numbers run from 0 to 4,294,967,295. Every byte exchanged across TCP along with some flags is sequenced. In the sequence number field (in the header) will be the sequence number of the very first byte of data in the segment. The acknowledgement field (in the header) holds the number of the value of the next excpected sequence number. It also acknowledges all data you ACK thorught it minus 1.TCP uses a sliding window to tell the other end how much it can buffer. Since window size is 16 bits the maximum is 65535 bytes. Window size can be thought of as an advertsiement from any one TCP of how high the highest acceptable sequence numbers can be. There are other TCP header flags worth mentioning and they are:

RST (reset) PSH (push) FIN (finish)

If a RST is recieved the connection is immendiatley torn down.RST are normally sent when the other host receives a segment that doesnt meld with the rest. PSH tells the reciever to pass all queued data to the application as soon as possible. The FIN is the graceful way a an application begins a grateful closing of the connection. Connection termination is a 4 way process. When 1 host recieves a FIN it then ACKs it and doesnt expect any more data(but sending is still possible).

Section 3
TCP Establishment

In order to exchange data using TCP both hosts must establish a connection. TCP establishes a connection using a 3 step process usually called the three way handshake. IF machine 1 is running Rlogin and machine 2 to connect via Rlogin it is as follows

1 syn----->to 2 1 <-----syn/ack from 2 1 ack----->2

At first the client is telling the server that it wants a connection. That is the purpose of the SYN flag.The client is telling the server that the sequence numbers are valid. The client will set the sequence number in the TCP header to its ISN (initial sequence number). Then after getting this the server will respond with its own ISN and an acknowledgment of the clients first segment.The client then ACKs the servers ISN. Now data can be exchanged.

Section 4
Sequence Number Incrementing

The initial sequence number when a host is started is set to 1. (TCP actually calls this variable 'tcp_iss' it is the intial sequence number. the other variable is 'tcp_irs' and is established during the 3 way handshake. The ISN is incremented by 128,000 every second which causes the 32 bit counter to to completely cycle every 9.32 hours if there are no connections. However every time there is a connection it is incremented by 64,000. One important reason behind this is to minimize the chance that old data from the same remote ip address and ports doesnt show up to mess things up.

Sectoin 5

To grant simaltaneous access to TCP module it provide a useful interface called port. Ports are used to identify netwrok processess. These are stricly transport layer. IP along with TCP provides a ending point for network communication. All internet trafic can be categorized by 4 numbers: source ip address, source port, destination IP, destination port.

Section 6
SPOOFING(the attack)

the attack consists of several steps. First a target is chosen. Next a pattern of trust is discovered along with a trusted host. The trusted host is then disabled and the host's TCP sequence numbers are sampled. The trusted host is impersonated, sequence numbers are guessed, and connection attempts are made at an only address based authentication based system. If successful you can do what you want.

Section 7
Patterns of Trust

After a target is chosen the attacker must find the pattern of trust. this is assuming the taget trust someone if not it would end here. Figuring this trust pattern out can be easy or difficult. A 'showmount -e' may show where the filesystems are exported and rcpinfo can be useful too. another desperate option is try neighboring IP's using brute force.

Section 8
Syn Flooding

Once the trust is found it must be disabled.Since you are goig to impersoante them make sure they cant get any traffic to mess things up! There are many ways of accomplishing this. A normal TCP is started by the client issuing a SYN to the server. Normally the server will sned a SYN/ACK back with 3 2-bit source addresses in the IP header. then the TCP will continued as pictured above. There is a upper limit of SYN's a TCP can process for a single socket. This limit is called the backlog and is the length of the queue where incoming connections are kept.One the limit is reached the TCP silently discards all incoming SYN requets until the others can be dealt with. And there is the attack. The attacker sends several SYN request on the port the attacker needs disabled. the attacker must also must make sure that his IP is spoofed with that of a unreachable host. usually BSD has a backlog of 5, linux is usually 6. there is also a grace margin of 3/2.This mean that TCP will allow up to backlog*3/2+1. This will allow a sicket at least connection even if the it has a backlog of 0.

Section 9
Sequence Number Sampling and Prediction

Now the attacker need to know where in the 32 bit sequence number the target's TCP is. The attacker connects to a TCP on the target. just prior to the attack and completes a 3 way handshake. during this the attacker should save the ISN of the target. this is usually repeated several times to make sure of the corrcet ISN. From this the attacker needs to to learn the RTT (round trip total). This is necesary to predict the next ISN. The attacker has the baseline ISN and knows how the sequnece numbers are incremented. so with that yu can calculate how long it will take to get across the internet. After this nfo is known the the attacker needs to move on to the next step of the attack. when it arrives at the target several things may happen dependng on accuracy of the attackers predictions. If the data is exactly right the the data will be placed in the next availible position. If the sequence number is less than expected the data is considered a retransmission and is discarded. If the sequence number is greater than expected within the recieve window the data byte is considered a future byte and is held pending the arrival of the other bytes. If this is greater and is not within the window size it will send back a segment with the expected sequence number.

Section 10

Here is the main part of the attack.the attacking host spoofs her IP to be that of the trusted host(which is now dying of a DoS) the attacker then try to connect on port 513 of the target.the target will send a SYN/ACK which will go to the trusted host. If everything works the way it should it will be dropped by the trusted host. after this the attacker must back off and let the target send another SYN/ACK. Then after that the attacker sends an ACK with the correct sequence number. after this a connection can be made and data transfer is acomplished. i would suggest a backdoor inserted for easier access later. ofter a 'cat + + >> ~/.rhosts works. this is easier because it allows simple quick access back in.

Section 11
Why It Works

This works because of the fact that trusted network work off of only network address based authentication. The most difficult is guessing sequence numbers.

Shout Outs
All the members of the group Armageddon (Sysshok, Dr_Doom, LaVA, Abyss, ap0KaL1pSe, mUsSoLiNi, Spyder_uk, Jibbs). Thanks you guys kick ass.

And HPD Circuit, Fips, Jomamma, Nero, and Sect0r1 you guys are the best, hell yes!

They can't catch us all

--- PhAnToM7


The United Phone Losers are not role models. The things described in this document should never be tried by anyone. In fact, you shouldn't have even read this file. What would your mother say if she caught you reading  this? You make us sick! Oh, and when the authorities ask where you got all this information, just say Cult of the Dead Cow or something.

"Wasn't me, Slim Shady Said To Do It Again!"

United Phone Losers


       Jaded         Harry Tuttle


Rufus T. Firefly          nawleed