UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
December
Su M Tu W Th F Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#42950 - 07/02/07 09:40 AM On the subject of tracfones... kinda
demonica Offline
UGN Newbie

Registered: 07/02/07
Posts: 3
okee dokee folks, being that im noew here i don wanna step on any toes or nothin, so you admins email me if i go wrong. For strictly educational purposes i would like to delve into tracfone hacking...

Top
Sponsored Links
      
#42951 - 07/02/07 09:52 AM Re: On the subject of tracfones... kinda [Re: demonica]
demonica Offline
UGN Newbie

Registered: 07/02/07
Posts: 3
once again not steping on toes (*prayers to above*) i work at a convieniance store that sells tracfones and i have figured out to a point the process that is used for activation....

i would like the ok from the admins here b4 i post nE details but the basics with minamal Nfo are as follow:

1: idiot casheir # 14 scans tracfone minute card on register
2: activation data is sent to tracfone server (url unnamed ;#) via telnet or some sorta ssh probably
3: buyer calls company and follows automated voice promts to enter pin
4: server beams info to fone saying "alright already give 'em his freakin minutes!"
5: buyer wears stupid grin cause he thinks he gets good deal!

ok so for a viable hack u need several things:

1: url and connection type (telnet/ssh or other)
2: algorythm for generating new keys( just compare several cards with a matmaticly oriented buddy of yours!)
3: a nice pretty gui to slap on the package!
*grinns to high heaven*

demonica signing out for now(/yells "whaddya mean WE RAN OUTA COFFEE! Must have caffine!!!!!!")

Top
#42955 - 07/02/07 08:11 PM Re: On the subject of tracfones... kinda [Re: demonica]
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
If the thread devs into stealing paid goods it'll be promptly locked. It's also good to keep in mind that several .gov agencies visit this site regularly, so posting about telecommunications fraud isn't something smart to do.

Now, discovery of the activation and maintenance processes is perfectly fine to talk about...

And #a2 It'd be SSH or another secure service; telnet and standard web based would leave them open for sniffing and I'm sure they thought of this. Likely it's a simple web-ap hidden behind an ssl connection.

As for #a4, minutes aren't stored on phones anymore, they're stored on server to where they cannot be edited short of a refil card.

As for what you'd need, b1 is correct, you'd also need the port in which connections are handled; which can get kind of tricky as well, as they can use both SSL (port 443) and another port over the ssl connection.

B2 it'd be likely that the account number is a raw number/letter combination, there would also be some sort of authentication string (likely an MD5ed password) as well as some sort of unique id for that store and possibly one to identify employees. Likely it'd be something such as aaaaaaaaaa.###### where a is the store/location id and # is the unique employee id.

B3, who needs a GUI? Adobe's licensing system for example runs off of a telnet server, nothing fancy ;\)
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#42956 - 07/02/07 10:20 PM Re: On the subject of tracfones... kinda [Re: Gremelin]
demonica Offline
UGN Newbie

Registered: 07/02/07
Posts: 3
Awwwww shuks but the gui makes it som much more fun! anywho yay for admins! hehe thanks for the promt reply and a couple 'o side notes

yes theres several things they do when they swipe the card.
1: they (mystery casheir #1) first have to log on to the stores private network (whalmart *shudders*) but odlly enough they dont use a ssh in the store network

1A: user enters casheir number (asigned to user @ hire)
1B: logs in(pass?)
1C: scans barcode @ register
1D: swipes magnetic strip on card

(given that i dont do they cashier job ima gona sweat talk to a friend 'o mine so be back soon)

Top
#44048 - 11/07/07 10:28 AM Re: On the subject of tracfones... kinda [Re: demonica]
ZER0_DECEPTION Offline
UGN Poser

Registered: 10/04/07
Posts: 64
Loc: Eugene, OR, USA
demonica,

How did it go? Was the self-education worthwhile, or were there too many roadblocks? The ability to hack a tracfone would be indeed powerful. Not only could you keep yourself anonymous, but that'd be huge savings. Though I'd never think to rip off a big company that rips it's faithful off!! **evil grin**

And on an educational level, that'd be a very satisfying experience!
_________________________
>\zer0.Deception/<

発見

Top

Moderator:  Gremelin 
Featured Member
Registered: 10/28/14
Posts: 1
Forum Stats
2152 Members
46 Forums
36183 Topics
71353 Posts

Max Online: 1567 @ 04/25/10 05:20 AM
Top Posters
UGN Security 29344
Gremelin 7193
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
cdefgh368568, HushHush, golqm, Tim050, Gecko666
2151 Registered Users
Who's Online
0 registered (), 309 Guests and 345 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!