Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Jul 2007
Posts: 3
D
UGN Newbie
OP Offline
UGN Newbie
D
Joined: Jul 2007
Posts: 3
okee dokee folks, being that im noew here i don wanna step on any toes or nothin, so you admins email me if i go wrong. For strictly educational purposes i would like to delve into tracfone hacking...

Joined: Jul 2007
Posts: 3
D
UGN Newbie
OP Offline
UGN Newbie
D
Joined: Jul 2007
Posts: 3
once again not steping on toes (*prayers to above*) i work at a convieniance store that sells tracfones and i have figured out to a point the process that is used for activation....

i would like the ok from the admins here b4 i post nE details but the basics with minamal Nfo are as follow:

1: idiot casheir # 14 scans tracfone minute card on register
2: activation data is sent to tracfone server (url unnamed ;#) via telnet or some sorta ssh probably
3: buyer calls company and follows automated voice promts to enter pin
4: server beams info to fone saying "alright already give 'em his freakin minutes!"
5: buyer wears stupid grin cause he thinks he gets good deal!

ok so for a viable hack u need several things:

1: url and connection type (telnet/ssh or other)
2: algorythm for generating new keys( just compare several cards with a matmaticly oriented buddy of yours!)
3: a nice pretty gui to slap on the package!
*grinns to high heaven*

demonica signing out for now(/yells tired "whaddya mean WE RAN OUTA COFFEE! mad mad Must have caffine!!!!!!")

Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
If the thread devs into stealing paid goods it'll be promptly locked. It's also good to keep in mind that several .gov agencies visit this site regularly, so posting about telecommunications fraud isn't something smart to do.

Now, discovery of the activation and maintenance processes is perfectly fine to talk about...

And #a2 It'd be SSH or another secure service; telnet and standard web based would leave them open for sniffing and I'm sure they thought of this. Likely it's a simple web-ap hidden behind an ssl connection.

As for #a4, minutes aren't stored on phones anymore, they're stored on server to where they cannot be edited short of a refil card.

As for what you'd need, b1 is correct, you'd also need the port in which connections are handled; which can get kind of tricky as well, as they can use both SSL (port 443) and another port over the ssl connection.

B2 it'd be likely that the account number is a raw number/letter combination, there would also be some sort of authentication string (likely an MD5ed password) as well as some sort of unique id for that store and possibly one to identify employees. Likely it'd be something such as aaaaaaaaaa.###### where a is the store/location id and # is the unique employee id.

B3, who needs a GUI? Adobe's licensing system for example runs off of a telnet server, nothing fancy wink


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Jul 2007
Posts: 3
D
UGN Newbie
OP Offline
UGN Newbie
D
Joined: Jul 2007
Posts: 3
Awwwww shuks but the gui makes it som much more fun! anywho yay for admins! hehe thanks for the promt reply and a couple 'o side notes

yes theres several things they do when they swipe the card.
1: they (mystery casheir #1) first have to log on to the stores private network (whalmart *shudders*) but odlly enough they dont use a ssh in the store network

1A: user enters casheir number (asigned to user @ hire)
1B: logs in(pass?)
1C: scans barcode @ register
1D: swipes magnetic strip on card

(given that i dont do they cashier job ima gona sweat talk to a friend 'o mine so be back soon)


Joined: Oct 2007
Posts: 64
Z
UGN Poser
Offline
UGN Poser
Z
Joined: Oct 2007
Posts: 64
demonica,

How did it go? Was the self-education worthwhile, or were there too many roadblocks? The ability to hack a tracfone would be indeed powerful. Not only could you keep yourself anonymous, but that'd be huge savings. Though I'd never think to rip off a big company that rips it's faithful off!! **evil grin**

And on an educational level, that'd be a very satisfying experience!


>\zer0.Deception/<

発見

Link Copied to Clipboard
Member Spotlight
Posts: 43
Joined: November 2002
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
unreal 1
Crime 1
Ice 1
Dartur 1
Powered by UBB.threads™ PHP Forum Software 7.7.5