informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/hacking/cbiinfo

278 lines
19 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

******************************************************************************
* *
* *
* // USING AND ABUSING C.B.I. // *
* *
* by *
* *
* the GHOST *
* *
******************************************************************************
CBI is a credit referral service, similar to TRW (though rather inferior).
Basically, with the advent of large-scale credit use for high-end purchases, a
need arose for a service which various businesses, banks, lending agents etc.
could quickly and easily get a complete credit history on a potential customer.
Thus, these establishments can have at their beck and call your entire credit
history: all your credit cards, their limits, any mortgages you have and their
current status, as well as various other tidbits such as loans, car reposses-
sion defaulted extensions of credit, and the like. Some peoples credit files
are quite extensive, while others are surprisingly incomplete. This, I sup-
pose, reflects the ammount of credit usage the individual in question has
employed. To make these credit referral services quickly and easily accessi-
ble, these companies have been kind enough to place all their records in an
online databasewhich can be called and referenced by a legitimate account-
holder via modem. Forutunately for us, the hacker community, this wonderful
database can also be called and accessed illegally. THAT is where the phun
begins.
PART 3: Okay, how do I get on?
To make the lives of the various legal users of their system easier, CBI has
established numerous access points to their database. Unfortunately, at the
timeof the writing of this phile, I only have two working dialup for CBI. They
are: 1-713-591-8100 Houston, Texas
1-804-466-1619 Norfolk, Virginia
Also, the voiceline for CBI's 'Equifax Credit Information Services' is
1-201-842-7500. Call it and social engineer yourself a dialup or six. Once
you're ready to call, TAKE PRECAUTIONS. NEVER call a CBI dialup directly, or
just through a code. ESPECIALLY if you're trying to hack out an account.
Rather, use an outdial, or better yet, use several outdials. Make it HARD for
them to track you down. ATTHEVERY LEAST, use a diverter. I usually use a single
outdial, which seems to be safe enough for simply accessing the system.
As I said, for hacking, a more 'layered' approach is advisable. Okay, so now
you've dialed the number from your cheesy outdial. The system connects. But,
nothing appears on your screen. CBI does not recognize the standard 'carriage
return' generated by your 'return' key. Rather, CBI accepts [cntrl-s] (^s) as
a return. So, to awaken the system, hit cntrl-s (you may need to follow this
with a return sometimes). Wait a few seconds and you'll see:(LA)PLEASE SIGN-ON:
The system has no echo, so you may want to call with half duplex for some
visualre-assurance. You now enter your account. Accounts appear in two formats:
613bb2114-c2 OR 613bb2114-c2,az,p.
The system will accept either one (ie, the 'az,p.' is not necessary). After you
finish typing in the account, hit [cntrl-s] again. There will be a few seconds
brief wait, and if the account you entered is valid, the system will say:
Blammo. You're in.
PART 4: How to pull files
Once you're in, there are 2 BASIC commands that you need to know to pull
peoples files. There are various other commands for more powerful accounts, but
as a low end user, you need not worry about these, and if you area a more
experienced user, then you don't need ME to tell them to you!
The files in the CBI database are referenced by either name and address or
social security number. If you know either of these for your prospective
target,you're in business. First, the easy one: To pull a persons credit file
with their SS number, enter this command:
id-sss-###-##-####.[cntrl-s]
Where #'s are the digits of the SS #. Do not forget the period at the end of
thecommand, it IS necessary. Also, remember to enter the command with controls,
NOT return.
Next, the more useful method of pulling a file. Enter the following:
nm-first,last.ca-house #,streetname,streettype,town,state,zipcode.[cntrl-s]
As for the name, you MUST have the full last name, but you only need to enter
the first initial or a partial name. For the address, spelling the streetname
and town correctly are important. Also, the zipcode is NOT NECESSARY. You can
just put the period after the state and hit ^s. Streettype refers to blvd, st,
rd, ln, ct...etc, you get the idea...you can either spell it out or use the
common abbreviation. For towns or streets with 2 words, ie 'Seaside Heights'
enter it exactly as is, for example:
nm-lamer,joe.ca-666,wanker,ln,seaside heights,nj.^s
PART 5: What's this weird number shit?
When you successfully pull a file, you'll see something like this:
*WAD,DICK SINCE 08/24/85 FAD 07/09/90 FN-300
72B,WOMBAT,BV,SCROTUM,SD,01010,TAPE RPTD 07/85
223,DERF,DR,TESTICLE,TX,43524,TAPE RPTD 09/87
BDS-09/14/58,SSS-121-32-1234
01 ES-,DERFLINK INC,HOSEHEAD,CA
02 EF-,SELF EMPLOYED,SCROTUM,SD
03 E2-,ADMIN,BEVCO ELECTR.,NJ
So what the hell does this shit mean? Well, obviously, it begins with the
person's name. 'SINCE' refers to the first time Equifax generated a file on
thisperson, while FAD is the last time the file was updated. Next is listed the
person's places of residence, both present and past. (RPTD is the last date
thatthey were still listed as being at that address). The 'BDS-' line contains
the person's birthdate and social security number, and sometimes their age as
well. The following '01 ES' type lines concern the person's employers, again
both present and past, with addresses for them.
Next, you'll see the following:
*SUM-08/85-07/90,PR/OI-NO,FB-NO, ACCTS:3,HC$0-25000, 2-ONES, 1-FOUR.
*INQS-OCEAN NATL 444bb952 11/23/90
Okay, this is a little more complex. The SUM indicates the period during which
this person has had credit of any kind. I do not know what PR/OI and FB indica
te ACCTS: is the number of entries on the list about to follow, ie, the amount
of credit extensions this person has ever had. HC$ is the span on the values
of these credit extensions. That is, he has been extended as much as $25,000
at onetime. The 'ONES, FOURS, FIVES, NINES, ZEROS' etc indicate the TYPE of
credit accounts the person has. I am still in the process of deciphering
what each one means. INQS is self explanatory. Listed are all the firms which
have recently pulled this person's file, and the date they did so.
Next comes the good part:
* FIRM/ID CODE RPTD OPND H/C TRM BAL P/D CS MR ECOA ACCOUNT NUMBER
SEARS *906DC29 08/90 07/85 0 523 R4 01 J 8764-5648374612846
CITIBK-MC *906BB40 08/90 11/88 5000 1234 R1 34 S 542412345678
GMAC *906FA34 07/90 10/87 25K 10Y 10K I1 17 A 192-123456789
END OFREPORT CBI AND AFFILIATES - 11/26/90
Okay, broken down, this shit means:
FIRM/ID CODE: The creditor and its CBI account code. RPTD: Last time that entry
was updated, either due to purchase or change in credit extension. OPND: Date
the account was first opened. H/C: Ammount of credit. In the case of actual
credit cards, this is the card limit. TRM: Length of time the credit is extend-
ed for, in weeks. If followed by a 'M', it is in months, and if followed by a
'Y' it is in years. BAL: Ammount still owed on the card as of the last update.
P/D, CS, MR, ECOA: beats the shit outta me!!! ACCOUNT NUMBER: Self-explanatory.
VISAS begin with a 4, MASTERCARDS begin with a 5, DISCOVER with a 6, etc. If
you are uncertain as to whether an account is a card or not, run it thru your
friendly credit checker to check. Many entries will have helpful explanatory
footnotes like: CLOSED ACCOUNT, CARD STOLENORLOST, REDEEMED REPOSESSION
REALESTATE MORTGAGE, AUTOLOAN, ACCOUNTCLOSEDBYCONSUMER
PART 7: Safe use/abuse of CBI
Okay, so you have an account and you know how to use it, right? So, what
next?Well, firstly, you'd better cover your ass. As I said earlier, be sure to
call CBI through some sort of number-diverting system. To preserve the life of
your account and protect your ass, you should also take the following precau-
tions. First, try to call CBI dialups only during normal business hours
LOCALTOTHE DIALUP (based on whatever time zone it's in). That is, Monday-
Friday from 9:00amto 6:00pm if at all possible. Try NOT to call ATALL after
12:00 midnight, as this is extremely suspicious. Secondly, never pull files
sequentially from your phone book (more on this later). Skip around as far as
last names go. Thirdly, don't be greedy...don't pull 100 files per
call...stick to 10-20, no more that 30. Lastly, don't bother pulling the file
of the President. We already tried pulling ole' George's file, but all we
got was his social security # and a message stating that that file was 'not
available'.
PART 8: Who do I pull?
It's essential that you never waste time on CBI, as accounts are valuable and
not to be trifled away. So, don't spend all your time pulling your friends
filesor your neighbor's. Go for the BIGBUCKS. Get out your local phone book and
run through it looking for names with 'attorney', 'MD', 'DDS' and such after
them. Then pull THOSE files. Also, its not a good idea to only pull files from
your local area...so...run down to your local library. All libraries have phone
directories for major cities nationwide. (Don't bother with the Manhattan guide,
as none of those addresses are residential ones, all offices and such). Again,
try to pull the files of affluent folks. When you take an address from a phone
book, always try to make sure it isn't an office address. Many directories will
list both office and 'res' ie residential numbers and addresses. You must have
the person's BILLING address to pull his/her file. There are various other ways
to get peoples names and addresses, so be creative and have fun.
PART 9: Getting an account
This is the REAL hard part. Most people simply trade away their hard-earned
info for a CBI account. Frankly, the fact that few people know how to get new
ones is the reason why there are so few in circulation. SO, its time for all
youhacks to start getting them YOURSELF. How, you may ask? There are two ways.
The most commonly used way is to social-engineer them. Flip thru your local
phone book and find a small car dealership. Call them up. Pretend you are a
CBI or Equifax employee. Again, be creative. If you sound like a 14yr old,
or if you can't lie to save your ass, don't try this. You'll only phuck things
up for the rest of us. Design your own scams. Be convincing. Leave them a number
to call you back at...a loop, or a BBS #, or better yet, find a number thats
always busy. Or, if you have one, set up a VMB to issue a greeting as the office
of the person who you are impersonating. In short, be devious. After all, you're
a hacker!
Method two is a bit more tough. All CBI accounts that I've ever run into so far
take on a simple format, presented above. Now, you'll notice that the beginning
of an account (613bb2114) looks remarkably like the IDNUMBER presented in the
files you pull (ie 906dc29). The reason for this is that they are ONEINTHESAME.
Yes, thats right, CBI is nice enough to give you an extensive listing of partial
accounts for all of its subscribers. All accounts take on this format:
[3 DIGITS][2 LETTERS][2-5 DIGITS][a dash][2 CHARACTERS, EITHER NUMBER ORLETTER]
Quaint, yes? Now, since the company codes provide parts one thru three, all you
need to figure out is the 2-character code after the dash. In all cases I've
seen so far, this has been a letter followed by a number, but I am not certain
that this is ALWAYS the case.
So, in short: HACK AWAY.
PART 10: Company Codes
COMPANY CODE COMPANY CODE COMPANY CODE
A & S 426dc33 ALLSTATE 465ig14 AMERIFEDRL 444bb7072
AMEX 906on259 AMEX 906on267 AMEXOPTIMA 906bb5130
AM EXPRESS 458on2792 BANCAMER-V 906bb206 BENF BNCHG 444fp289
BEN SMITH 882an137 BERKLY MTG 444fs1399 BK OF MDSN 843bb342
BK OF NY 404bb539 BLOMNGDALE 404dc21 BNY DE GLD 496on747
BNY DE STD 496bb82 BONWIT TEL 404cg94 BRADLEE'S 426dc1577
C & S 401bb4880 C & S COMM 872bb213 CARTSVBKFA 444fs1381
CHASE EDUC 728bb10420 CHASE(USA) 905bb587 CHASE VISA 496on598
CHASE VISA 426bb756 CHEM BK,DE 426bb3859 CHEM BK,NJ 444bb3469
CHEM BK,NJ 444bb3626 CHEM BK,NJ 444bb5605 CHRYS 1ST 444fp2137
CHRYSLER 906fa26 CITIBANK 906bb115 CITIBK-MC 906bb40
CITICORP 906fm6418 CITICORPSA 447fs844 CITI PRVS 906bb289
CNB USA 496on291 COMMERCE 901bb5101 COMMONWELT 906fm6335
CORESTATES 496on218 CORESTATES 458on3022 CRESENT 402re30375
CRSI-CHARM 426cg544 CS NATNL 872bb31 CS OTC 872bb205
CTL JER MC 444bb143 CTL JER SI 444bb6173 CTY FD MTG 444fm11838
DE TR 458on3014 DISCOVER 155on44 DISCOVR CD 905on1497
EFX-SML042 444zb361 EQUIBANK 496on648 FFB NEWJER 444bb5654
FIDELITY NA 496bb587 FIELD BROS 906cg2913 FJNB/SO MC 444bb5704
FLEET FUND 416fm2092 FNB TRV IL 444bb465 FNB TRV MC 444bb52C62
FNB TRV OD 444bb5308 FNB TRV VS 444bb5290 GE CAPITAL 404ff262
GE CAPITAL 906ff278 GE CAPITAL 906ff260 GECAP-TOPS 404ff1039
GECAP-CALD 404ff825 GECC 906ff252 GIMBELS 426dc561
GLENDALE 181fs320 GMAC 444fa483 GMAC 906fa34
GOTTSHALKS 163dc2280 GRDN ST OC 444bb2719 HBNA VISA 163bb17526
HMDEPOT 404hz141 HUGHES CHV 444an1082 IAR EQUITA 444zb00577 <0B>3ڐ3 
<EFBFBD>JC PENNEY 906dc185 JC PENNEY 444dc10639 JC PENNEY 906dc193
LITTMANS 444ja591 LORD & TAY 906dc151 MACYS 444dc49
MARINE MID 405bb280 MBNA AMER 801on119 MBNA AMER 801bb2942
MELLON BK 496bb74 MERIDN MTG 496fm271 MH/MC 426bb2380
MHT/MC 426bb541 MH/VISA 426bb1895 MH/VISA 426bb2406
MIDLTIC IL 444bb804 MIDLTIC OD 444bb3253 MNB/N IL 444bb9466
MOBIL OIL 906oc99 MONGRM-USA 404bb3483 NATL STATE 444bb1315
NATWST MTG 444fm12285 NCNB 805bb2492 NEIMAN-M 906dc656
NISSAN MTR 444fa848 NJNB 444bb6173 NJNB 444bb1869
NWB 444yc1311 NWB 444bb6363 NWB 444bb6496
NWB 444bb564 NWB 444bb3436 OCEAN NATL 444bb952
PNB IL 891bb186 PRIMERICA 496on44 RICE&HLMAN 444an2452
ROOTS 444cs315 SEARS 906dc29 SEARS 444dc510
SEARS 905dc3081 SEC PAC BK 180bb19097 SHOP CHARG 444cg377
SLMA-LSCP 496fz45 SNAPPER 404tz19 SNSONE TOY 444an4177
SPIEGELS 906dm10 STEINBACH 403dc1426 STERNS 496dc319
STRAWBRIDG 496dc20 STRD ROOF 444ki54 SUN RF MKT 606oc10587
SVGSBK SOC 414bb917 TOYOTA MTR 906fa67 TYOTA MOTR 444fa814
UCT RIKEL 444bb5035 UJB MC GLD 444bb9466 UJB-MID ST 444bb978
UJB/SO IL 444bb2248 UJB VISA 444bb1182 UJB VISA 444bb4491
UNIVRSL BK 444on366 UNIVRSL BK 444on200 UNIVRSL BK 444on358
UNIVRSL BK 444on341 WCI-HUFKOO 404hf375 YEGEN ASSO 444an449
1 VALLY BK 496fs380 1ST CARD 404bb182 1ST CARD 155on85
1STDEPOSIT 163bb19418 1ST JER CR 444zb668 1ST OMNI 801on1182
1ST STATE 444bb2958 ?????????? 444bb1331 ?????????? 465zb134
PART 11: THE END
Well, thats all for now. With this info, you neophytes should be quite capable
of using those CBI accounts you've been gleefully trading for so long. And,
with luck, a few more of you will start hacking out accounts. If any one has
other CBI dialups, or just other company codes for a possible 'UPDATE
PHILE'...'CBI=The Revenge', please send them to me. I can be contacted via
feedback at: CYBERNETIK LIMBO (908)269-7042
Or at:
SOCIAL DISTORTION (908)303-0927, user #4.
Also, you can mail me on QSD chat at TymNet NUA 208057040540.
My box is 'ghost [pm]'.
Feel free to contact me if you have any questions about the info presented in
this phile, or if you're interested in becoming a Panther Modern.
Finally, a few brief greets and thanks to: Neuromancer, Midnite Raider, Cyber-
Sage, RatFink, Digital-Demon, and particularly to Sir Hairy Legg, who got me on
to CBI in the first place.
Oh, one other thing. The information presented in this phile is for informa-
tional purposes only, to shed a glimmer of light on the inner workings of the
arcane electronic world. In no way does this file condone or encourage credit
fraud, illegal system access, or any other crimes. Equally, the author dis-
claims ALL RESPONSIBILITY for any misuse of the information presented above, or
any crimes committed thereby.
But that never stopped ya before, now did it? Muahahahahah!
*******************************************************************************
* This Phile Brought To You By *
* *
* the Panther Modernz *
* the GHOST *
* (C)Nov. 26, 1990 *
* *
*******************************************************************************
Reference in New Issue View Git Blame Copy Permalink