morpheus
|
|
response 5 of 7:
| 
Nov 11 07:13 UTC 1998 |
no, you can't use wardialers to scan vmbs, unless
1) you site and manually listen for "Mailbox ...", which would
probably get rapidly dull, or
2) you simply get access to the computer that the sysadm configures
this shit on, and set up a brand new box. (Rather than hacking the pin
on a box).
I prefer the latter technique.
Now, some information to help you with the latter technique:
Audix voicemail systems (which are usually attached to a
lucent/definity switch) have a dialup that is one exchange higher than
the phone numbers they control, so for a company that has its
switchboard and vmb's in exchange 298, the computer dialup would be
299xxxx. The last two digits are often 13. So, for a company with
numbers in the 298 exchange, you could scan 299xx13 for carriers.
The prompt typically looks like that of a UNIX system. It MAY say
something along the lines of Keyboard locked... if you get in, it will
say something like
******************
THIS IS AT&T/LUCENT PROPRIETARY, AND FOR AUTHORIZED USERS ONLY. USE OF
THIS SYSTEM IMPLIES CONSENT TO MONITORING.
IF YOU ARE AN UNAUTHORIZED USER, YOU WILL BE PROSECUTED, FOUND GUILTY,
AND PLACED IN A PRISON, WHERE YOU WILL BE ANALLY RAPED BY A GUY NAMED
BUBBA, SO DON'T HACK HERE UNLESS YOU HAVE PLENTY OF PETROLEUM JELLY,
AND ARE GOOD AT GIVING ORAL SEX TO AN OILY MEXICAN GUY NAMED "JESUS"
WHO MAKES SHANKS IN SHOP. WE ARE CURIOUS, HAVE YOU EVER SEEN THE MOVIE
"BLOOD IN, BLOOD OUT?" IF SO, THAT IS WHAT WE ARE AIMING TO CONVEY WITH
THIS WARNING. YOU WILL HAVE A SORE ASSHOLE IF YOU ARE NOT A STARCH-
COLLARED TYPE WHO MAKES $116,000 PER YEAR FOR TYPING A FEW COMMANDS
EACH DAY. WE LIKE STARCH-COLLARED TYPES, AND CONSEQUENTLY DUB THEM TO
BE AUTHORIZED USERS. TO RECAP: IF YOU ARE NOT AN AUTHORIZED USER, WE
BANISH YOU TO THE FIREY DEPTHS OF HELL. IN THE NAME OF THE FATHER, THE
SUN, AND THE HOLY HOST, AMEN.
***********
It is safe to ignore this warning. The programmers only put it only put
it there to let you know that you have succesfully hacked the system.
The terminal emulation used is kinda funky. vt-100 may work, though.
Typically, in menues, keystroke commands are Control-X, Control-C,
Control-Y, and Control-R. Everything is menu based (well, almost) in
terms of account creationg.
Passwords are often left to defaults, of which there are several. One
account just to let you see how the system is set up is browse/looker
(or maybe that is a definity default, i really don't remember).
Yeah, Audix is nice, quite sophisticated, but very complicated. I know
some sysadm's who have never had to use all of the available options.
Also pretty common is Rolm PhoneMail. Rolm has dialups that are
typically in the same exchange as the numbers being controlled. They
typically end in 99. This rule of numbering goes for ROLM CBXs, for
Rolm PhoneMail and OSLs.
I have never run across a default password on a rolm (except once, when
they were doing a cut over to a new software version and hadn't change
the passwd yet).
ROLM doesn't have the cute little interfact that AUDIX does. But, the
nice thing about Rolm PhoneMail is that will often allow unlimited
tries. The older phonemail systems only had a password that you needed
to enter, but the newer ones require login and pass. This really isn't
any harder to hack, though, as the login will be something along the
lines of tech or operator... etc. (once again i don't really remember,
but it won't be too hard to hack). On these newer systems (i think
software version is like 5.1 or greater... if that is the right format
for revision numbers) it gives like 6 password tries per accountname
before presenting an error message. At that point you just re-enter the
accountname and start hacking again.
On a side note, unless you are an idiot, if you ever see an option like
"ANI Enable? ............................ NO" on a rolm or **** ANI
OPTIONS ***** on an Audix, please don't change it to yes/enabled.
|