70 lines
2.5 KiB
Plaintext
70 lines
2.5 KiB
Plaintext
|
|
|
|
How to hack CBVs (Call-back Verification Systems)
|
|
|
|
by Morpheus
|
|
|
|
|
|
Many BBSs today use "Call Back Verification Systems" to verify new users,
|
|
as opposed to having to voice verify all the new users. Most of the BBSs
|
|
running the CVBSs are the mainstream boards, and are often run by shitheads
|
|
on a power trip, but sometimes it is useful to have accounts on these types
|
|
of system, and I'll tell you how to go about doing this...
|
|
|
|
All of the verifiers I've seen worked like this:
|
|
|
|
1) User logs on / CBV is called
|
|
|
|
2) CBV displays text telling the user what to do
|
|
|
|
3) CBV hangs up
|
|
|
|
4) CBV dials users number
|
|
|
|
5) User answers phone with an ATA
|
|
|
|
6) BBS usually has a delay, then asks for the user's password
|
|
|
|
7) User enters his/her password
|
|
|
|
8) BBS upgrades user
|
|
|
|
|
|
|
|
The way the hacker tricks the CBV is by calling the BBS before the BBS dials
|
|
out. This is accomplished in different ways... depending on the remote setup.
|
|
|
|
1) If the BBS's modem is set to answer the phone automatically, then all you
|
|
have to do is call before the CBV dials out... you should get a CONNECT
|
|
string, and you're on... (note: this doesn't always work, you may need to try
|
|
a few times)
|
|
|
|
2) If the BBS program answers the phone manually, (ie the modem is set to S0=0)
|
|
you'll need to do it a little differenty. If the BBS's modem is not set to
|
|
look for a dialtone, you can dial like this:
|
|
ATDXXX-XXXX;
|
|
wait a little bit and you should hear the remote modem try and dial
|
|
then send an ATA after it's done dialing, and it will think you answered.
|
|
|
|
3) The last method is the one you need if the BBS is set up with X2 or X4 (or
|
|
X6 or X7 on an HST). You need to have a second phone line. You proceed just
|
|
like you would under method 2, except the remote modem will never dial, it
|
|
will just picking up and returning, because there it gets no dial tone. So,
|
|
all you need to do is use your call confrence button (if you don't have one,
|
|
make one) while the other line is on hook... that will send the remote
|
|
modem a dial tone, and it'll dial. Answer the phone like you would in #2.
|
|
|
|
|
|
|
|
Conclusion
|
|
|
|
This is a really simple procedure, and it shows that the CBV are almost
|
|
totally worthless. But, if you ever want access on a board running one, and
|
|
don't want to give your real phone number, this is the way to go. If you
|
|
know of any ways of preventing this, please tell us... There's an antidote
|
|
for every cure. <grin>
|
|
|
|
ng this, please tell us... There's an antidote
|
|
for every cure. <grin>
|
|
|