CircuitBomB's Guide to Phreaking and Social Engineering prt1

Phone stuff....
Post Reply
User avatar
Forum Assassin
Forum Assassin
Posts: 1215
Joined: 20 Aug 2005, 16:00

CircuitBomB's Guide to Phreaking and Social Engineering prt1

Post by CommonStray »


Public Release


Disclaimer: I am not responsible for what you do with this or the information contained herin this document. For Entertainment and Informational uses only ;)

1.Whats Phreaking and What is a Phreak? Is it Illegal?
2.Why Would I Phreak?
3.Phreak Ethics
5.ANI/ANAC Numbers
6.Rainbow Books
7.Sites and Resources
8.Social Engineering Part 1

1.Whats Phreaking and What is a Phreak? Is it illegal?

If you've ever manipulated a telephone or telephone service for your own purposes you've Phreaked, its like Hacking with a telephone. Phreaking basically gives you two major things when done: Free local/longdistance calls along with certain free pay-for services (ie Conference calling) and gives you a look into a phone and the services which it uses.

A Phreak is a person who: uses techniques and tricks with a telephone of any kind or its service to manipulate its original functioning or programming to achieve personal gain.

illegal? Yes

Title 18 of the United States Code section 1029 states that standard phreaking devices, such as blue boxes, used to steal phone service from [...] switches, are unquestionably "counterfeit access devices." It is not only illegal to use counterfeit access devices, but it is even illegal to build them. "Producing," "designing," "duplicating," or "assembling" [...] boxes are all federal crimes today, and if you do this, the Secret Service has been charged by Congress to come after you. *(9)


2.Why Would I Phreak?

For information - to learn how the phone system works, what you can do with it, aside from getting free phone calls (local/longdistance) you also learn about what phones and the service they use can do ie: conference calling, call forwarding (a telephone proxy? ;p ), operator signals and methods, trunk lines, wardialing, all these things and more you can gain access too by phreaking.

3.Phreak Ethics

Alot of the same attributes and rules here can be applied to common hacker ethics and should be considered seriously.A.dont get caught! Phreaking at night is the best time unless you absolutely have to phreak
during the day, it can also be good to have mabey 1 or 2 trustworthy phreak friends keep watch for you depending on the circumstances.

B.dont ever use your own home phone line for boxing, and dont talk about projectsC.use an alias never ever ever reveal your real name or information while phreaking

C.use an alias never ever ever reveal your real name or information while phreaking

D.dont ever mention anything about phreaking while doing it

E.dont leave materials in the open, keep it secret, safe, and hidden.

F.dont set out to destroy a service or phone contact, others may want to use them as well sure to listen for out of the ordinary beeps or clicks while on a phone while phreaking, someone may be listening, if thats the case hang up and find another location or wait for another day. use defense as much as offense.

4.Boxing: The Phreaker's Hardware

A Box is the Phreaks best friend, they are the normally homemade electronic devices which enable a Phreak to accomplish what they want to do, here you will find what each box is and a short description on what they do and if they still work with the system.

The Red Box:
This box generates tones into payphones to gain free phone calls, Payphones used to generate a certain tone when coins were diposited, this box would record the tones, and you would replay them back into the reciever and get free calls. To Date Red Boxing is practically dead, given that phone companies have evolved technology in their systems and set up counter-measures, still dont hurt to try :D

Some people get this message when trying ... _coins.mp3

Instructions to make a Red Box can be found at this site

The Black Box
This box is created to defeat toll charges for phone calls and specifically to block a supervison signal when the phone was picked up (ie: signal telling the phone company your phone is ringing when really your using it). When your phone is ringing it pushes a certain amount of electricity through the line to make it ring, when you pick up the phone the amount drops and sends a signal back to the phone company youve picked up the phone thus you start getting billed. The black box keeps the amount of electricity from dropping when its picked up. Using this box however can be dangerous because you cant use it for very long, when you call someone and let it ring and ring and ring eventually an automated response will tell you the party your calling cant be reached. Using the box can be easily caught by an operator when your phones been ringing for an hour :D

The Beige Box
Ahh a Favorite and generally used box amongst phreaks. Its more difficult than red boxing, and also more of a risk, but you dont have to call an operator and its not limited to use a pay phone. The Beige Box can connect to an line pair (tip and ring/green and red) wires from any telephone system graybox or connection grid. Normally made from a home phone (slimline - with a cord) all it takes is some wire splicing and alligator clips attached to the red and green wires. Its generally suspicious walking around with a telephone in your hand (especially when its a home phone, they dont make cell phones big anymore) but if you have an idea of how phones work and are wired, you can easily make a
biege box that is easily concealed and uses a headset( i once made a cordless one and one that went around my wrist or hung on my belt with a headset)

The Green Box
The Green Box, unlike the Red Box, generates tones to emulate Coin collect, Coin Return, and Ringback tones on payphones/fortress phones. The called party must have the green box when you call them, and have it activated for this to work. What happens is when you call a party they activate the green box, pick up the phone and woot woot you got your money back. The tones are as follows:

COIN COLLECT 700 + 1100
COIN RETURN 1100 + 1700
RINGBACK 700 + 1700

Before any of these signals is sent from the called party they must first alert the MF detectors at the CO by sending 900 + 1500 Hz or a single 2600 Hz wink (90 ms) followed by a 60 ms gap and then the appropriate signal for at least 900 ms.

The Cheese Box
This box is named after the type of box it was found in. What it does is make your telephone a payphone. Why? you ask would you want to make your phone into a payphone? Simple, using a payphone decreases the chances of your telphone being tapped and/or traced or even being called by the cops, its kind of like turning a puppy into a gaurd dog to keep away unwanted guests and religous persons/salesmen asking for donations and money.What you need is:

1 Set of Red Box tones
The number for your prefix's Intercept Operator-scan for 1 Call forwarding Service on the line

When you get the intercept operator's number in your area use the call forwarding to forward the calls to her/him, this makes your phone stay off the hook (basically it waits for a coin to dropped) Now all you do is use the Red Box tones to make the call.

The Acrylic Box
The Acrylic Box's purpose is to obtain three-way calling, call waiting and programmable call-forwarding for free (plus makes bud boxing easier). Doing this requires stealing the service from someone else in your area/block. What you need is:

Phone Company Can/Box
Few feet of wire
wire strippers
Hex wrench

Find the Phone Company can/box that services your area and open it with the Hex wrench. Next find your line and someones line who has the services for which you will be obtaining (note: if the numbers arnt listed in the can/box you will have to use your local ANI/ANAC to find the umbers). When you have the lines identified, wire the black and yellow wires of the victims line to your black and yellow wires on your line. Disconnect the victims black and yellow lines. You can try leaving them connected, I dont know if it causes problems or not. Be careful with this box, for when the victim realizes their services dont work anymore, they will have the phone company come out and check, letting them see why and what person to what line did it isnt a great idea.

Heres a summary of more boxes

Aerobox Beige Box for payphones
Assassin Box sends high voltage through phones
Aqua Box defeat FBI Lock and Trace
Battery Box Defeats muted mouth piece on payphones
Blast Box phone microphone amplifier
Blaze Box sets of fire alarms by remote
Blotto Box shorts out all phones in your area
Blue Box generates 2600hz tone
BND Grey Box take out a BBS
Breaker Box supposedly damages house wiring
Brown Box creates party line
Bud Box tap neighbors phone
Bypass Box bypasses muted handsets on postpay phones
Cerulean Box make hydrogen from your phone line
Chatreuse Box use electricity from phone
Charge Box shows when long distance call is charged
Chrome Box manipulates traffic signals
Clear Box free calls from postpay phones
Color Box phone conversation recorder
Con Box prevents use of extensions on line
Conference Box name says it all
Copper Box causes crosstalk interference
Crimson Box hold button
Cryptobox analog voice scrambler
Dark Box re-route calls
Dayglo Box connect to neighbors phone line
Delier Box listen in on calls
Demerit Box speakerphone
Divertor Box re-route calls
DLOC Box create party line
D.U.O. Box visual line tester
Flow Box allows phreaking Nortel Millenium Phones
Gold Box dialout router
Infinity Box remote activated phone tap
Infrared Box prevents use of remote controls/IRDA Devices
Inter Box universal phone line interface
Jack Box touch-tone key pad
Light Box in-use light
Logic Box defeats caller ID
Lunch Box AM transmitter
Magenta Box connect remote phone line to another
Mauve Box phone tap without cutting into the line
Meeko Box multi-purpose direct line interface
Mirror Box DIY caller ID
Neon Box external microphone/audio interface
Noise Box creates line noise
Olive Box external ringer
Party Box creates party line
Pearl Box tone generator
Pink Box creates party line
Plaid Box free touch tone service
Purple Box hold button
Rainbow Box kill trace
Razz Box tap neighbors phone
Ring-Busy Box no incoming calls
Rock Box add music to phone line
Scarlet Box causes interference
Silver Box create DTMF tones for A,B,C, and D
Smurf Box use PC as SF generator
Snow Box underground TV transmitter
Static Box raises voltage on phone line
Stealth Box yeilds line to rightful owner when beige boxing
Stop Box defeats terminal alarms
Stopper Box stops answering machines on pickup
Switch Box add services
Tan Box phone conversation recorder
Telezapper Box diable telemarketing predictive dialers
Time Box diconnect line at predetermined time
TV Cable Box see sound waves on TV
Twin Box switch between two POTS lines
Urine Box create disturbance on phone headset
Violet Box stop payphone from hanging up
White Box DTMF key pad
Yellow Box add line extension

For Schematics or directions to build a box please e-mail me at

5.ANI/ANAC numbers

ANAC stands for "Automated Number Announcment Circuit" and ANI stands for "Automatic Number Identification. Basically you call the ANAC/ANI number in your area and it tells you the number that you are calling from. This is great when acrylic boxing or beige boxing. Scan your prefix to find the ANI/ANAC in your area or check here for some lists ... AC_ANI.TXT ... TFANAC.TXT

6.Rainbow Books

Ah the Rainbow Books. These are government evaluations on many things like computer system security to verification systems (ie: voice, fingerprints etc...) You used to be able to get them for free (Im going to test this again) by writing or calling.

Infosec Awareness Division
Fort George G. Meade, MD 20755-6000
or call: (800)688-6115

Small List and summarized description

Orange 1 D.O.D. Trusted Computer Systems
Green D.O.D. Password Management
Yellow Computer Security Requirements
Yellow 2 Computer Security Requirements
Tan Understanding Audit In Trusted Systems
Bright Blue Trusted Product Evaluation
Neon Orange Understanding Discretionary Access
Teal Green Glossary Of Computer Terms
Orange 2 Understanding Configurations
Red Interpretation Of Evaluation
Burgundy Understanding Design Documentation
Dark Lavender Understanding Trusted Distrobution
Venice Blue Computer Security Sub-Systems
Aqua Understanding Security Modeling
Dark Red Interpretations Of Environments
Pink Rating Maintenence Phase
Purple Formal Verification Systems
Brown Understanding Trusted Facilities
Yellow-Green Writing Trusted Facility Manuals
Light Blue Understanding Identification And Authentication In
Trusted Systems
Blue Product Evaluation Questionaire
Gray Selecting Access Control List
Lavander Data Base Management Interpretation
Yellow 3 Understanding Trusted Recovery
Bright Orange Understanding Security Testing
Purple 1 Guide To System Procurement
Purple 2 Guide To System Procurement
Purple 3 Guide To System Procurement
Purple 4 Guide To System Procurement
Green Understanding Data Remanence
Hot Peach Writing Security Features
Turquiose Understanding Information Security
Violet Controlled Access Protection
Light Pink Understanding Covert Channels

7.Sites and Resources

Thee best resource for up to date info regarding phreaking

yay for the PLA

pla Ohio woot woot for these guys, good stuff
good site lots of info

8.Social Engineering Part 1

Social Engineering is the most effective way to obtain information,(other than google)(but basically for certain needs like a phone number CC number etc...) has always been. It involves communication with other humans face to face or voice to voice. You have
to be a relaxed/superior person and talker, if person to person you want use common hand signals to exaggerate what your saying. Salesmen are social engineers and their ultimate goal is to influence you to buy what their selling. Unlike Phishing (pc social engineering) when you SG in a natural environment (work, store, phone, place where your not supposed to be etc..) you can change the emotional stresses in your voice to sound
convincing, sincere, surprised etc, to make the person you SG'ing feel more comfortable in doing what you want. Another Social Engineering tactic which doesnt involve speech, is peremphial vison (think i spelled it right) its the act of seeing your surroundings without making direct contact with you eyes, this is good in conversations dealing with something familiar/personal with the target your SG'ing. Practice this with your friends by making an "OK" signal with your hands and showing it away/below/to the side of the body/eyes without saying "look at this", when your friend looks at it (because its natural reaction to look/react to a hand signal) slug them in the arm and vise versa, until you can naturally see it without direct sight and therefor avoid getting slugged. Another good tactic for Social Engineering is appearance, depending on what your
SG'ing for, and where, you want to be able to blend in with the surroundings, such as dressing up as a phone lineman, or cable technicial, carry something that makes it look like your doing something important (clipboard w/ form etc..)Knowing exactlty what your talking about when SG'ing is good too, but always be aware that you want to know more than
whats necessary, and be able to talk about it as well, the ability to improvise on the dime is a very useful technique when dealing with persons in a conversation. ANyways hope this
doc helps you out. Look for more guides and tuts from me in the Future and check out woot woot!

User avatar
Forum Assassin
Forum Assassin
Posts: 1215
Joined: 20 Aug 2005, 16:00

Post by CommonStray »

about rainbow books update

INFOSEC Awareness Division
Ft. George G. Meade, MD 20755-6000
(410) 766-8729 (Barbara Keller)

The first copy is free, additional copies are available for a nominal fee from the Governement Printing Office. Write to:

Superintentent of Documents
U.S. Government Printing Office
Washington, D.C. 20402
or phone (202) 783-3238 (MC, Visa, CHOICE)

User avatar
Site Owner
Site Owner
Posts: 11638
Joined: 06 Apr 2005, 16:00
Location: In your eye floaters.

Post by bad_brain »

REAL nice! :D
Is phreaking still alive in the US? I was already asked to establish a phreaking-board, but here in germany it´s completely dead (just boring mobile-phone stuff)....:? But if people are still interested I would surely create a new board... :)

User avatar
Posts: 202
Joined: 08 Jun 2005, 16:00
Location: Belgium

Post by Xonet »

Great guide, i've read a few guide's about phreaking but mosly stopped after a few pages cuz it was quite difficult for a phreak-newbie, this one is easy 8) , id like to try phreaking but i don't know if it'll work since i live in Belgium and the systems might be very different :( (does anyone know if it is different or not?)

ps: do you own a cap'n crunch whistle? :D i've read that it's a collector's item among phreaks.

User avatar
Forum Assassin
Forum Assassin
Posts: 1215
Joined: 20 Aug 2005, 16:00

Post by CommonStray »

i wish i had a capt. crunch whistle! :D lol, phreaking isnt totally dead, theres some things that pretty much are, like blue boxing and red boxing :( but not to fear phreaking surrounds all aspects of the phone and its system, wether its mobile or not as long as there is a phone wireless or jacked, theres gonna be phreaks :D

phreakingisnt totally dead in the US, check out they have a list of PLA sites located around the states, awesome resource too...

User avatar
Posts: 5
Joined: 01 Jan 2006, 17:00

Post by dfr3ak »

Wow! this is absolutely new for me... phreaking! Cool! now i've got to read more about how a cellphone works... this maybe a new ground for me... phreaking mobile phones... :) thanks CircuitB0mb! :D

User avatar
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
Location: Michigan USA

phreaking is it still alive???

Post by DNR »

Hmm with the passing of analog phone signals and old switches, so pass the art of boxing. Digital software and switching can filter out signals like on a computer network.
A lot of what was covered may not work. I.e. the capt crunch whistle.
The ideology behind preaking still lives, you need to crack the digital equipment. One old school preak technique that would work is making a box from a mobile phone and attaching directly to the neighborhood / home's phone box.
I guess unWEP'ed wifi's are the new hack since you can do VOIP or surf the net. Get Netstumbler and start wardriving.

Social Engineering is indeed a hack, a psychological/socialogical hack. Just spend time watching the environment you want to crack. I have walked pass many security checkpoints and obtained special priviledges just by blending in with traffic <free lunch buffet anyone?>. People usually look for something out of ordinary rather than pay attention to normal traffic. Learning interviewing/interrogation techniques and building your communications skills helps for people hacking.
People are more open to people that 'act like them' or even show interest in them. Again, you observe/research the person you want to 'hack', so you can accomplish this. Just play an "Actor" and pick "who do I want to be today".

Hacking to me is a personality issue, an obsession/compulsion for me to want to decompile everything in my everyday life. Circumvention of social interaction is a thrill as much as a puter 'sploit. Hacking people is just learning about how people think/work.


User avatar
Forum Assassin
Forum Assassin
Posts: 1215
Joined: 20 Aug 2005, 16:00

Post by CommonStray »

it is true that alot of what I covered may not work, anymore it depends where you live and what your doing, utilizing payphones for example is (i believe) a rarity or even done anymore.

people are more receptive to people that are similiar to themselves, andmost people like to listen to someone who has something good to say to them, about them as well.

nicely added post DNR 8)

Post Reply