///Start Exploit //Thursday March 08, 04:30:08am, 2001 __________Telus Posing Exploit__________ _______exploit written by theGonz_______ ___According to friends this exploit only works with 3COM ADSL Modems!!!___ theContents: ------------ 1.) Intro to this exploit 2.) How to do this exploit 3.) My history with this exploit 4.) The risk this exploit poses 5.) Dictionary 6.) Contact info theIntro: --------- One day while hardEncoding my ip, my friend noticed my computer name had changed from "theGonz" to "LittleNikkie" so I started to wonder what the hell was going on, after a bit of effort was put into what the hell caused my computer name to change I found out that by hardEncoding your ip to one in use you become them on the Telus network without having to register your network card to their account. Thus making it impossible to get caught. theExploit: ----------- In order to do this you must know a tiny bit about TCP/IP. First you open DOS and type "ipconfig" this lists the basics about your TCP/IP settings. Then you want to type in "ip config /all" this lists everything needed in order to set your TCP/IP settings to pose as someone you must open the properties of TCP/IP. The eaisest way if you have "Network Neighbourhood" on your desktop to right click Properties, then in properties of Network Neighbourhood view the properties of TCP/IP once your in here everything should be filled in and set so you cant change it (Obtain an IP address automatically) etc. So all the info in your DOS window should but put over into the properties of TCP/IP (excluding ip address). for Alberta the info is as follows: SubNETMask: 255.255.252.0 Default GateWay: 142.59.96.1 DNS 1: 209.115.152.150 DNS 2: 209.115.152.130 IP Range: 142.59.0.0 - 142.59.255.255 the info for B.C or Ontario can be gathered by searching Telus.net for dns settings (after selecting your province) since their site wasent working when i wrote this. then all the info should be put within being specified by you, you should be able to pick your own ip address and restart your computer and have internet connection with that ip but if you are on for more then 1 day your lease on the ip will expire and you might just get leased the ip that your posing as, thus whatever you do online is on your shoulders again, so if you hack the government you can expect to goto jail or something. So change it, then do whatever you gotta do then change it back (let server specify settings) then restart.. It is a very easy exploit but dont over do it ;) theHistory: ----------- When I first discovered this I didnt want anyone but Telus to know so they could fix it, but they had different plans. When I called Telus to report the security hole they would NOT let me speak to their boss or anyone with more power then them. After explaning it to them over 20 times they put me on hold for a good 30-40 minutes to read the logs to try to find out what I did and how, after they came back on the phone he was studdering and overcame his dumbfound look that was whiped all across his face and said "wh----whe---where---did---yo----you-----lllllearn -----this---lii-------littttllle---triiiick" after I burst into a laughing stage I promptly said any moron that knows anything about TCP/IP should know this. He then proceeded to ask more retarded questions then asked to talk to my mom that was sitting beside me. Since my brother was listening on the other phone in his room I knew what he was saying, so my brother ran out and said he was terminating my account for messing with their security. After this I was pretty pissed so I hardEncoded my ip to the one last specified to me (to enable my account) and it worked. But after this Telus would not answer their tech support line, usually it takes them 2-3 minutes, I was on the phone for over 30 minutes and they never answered because they were all trying to figure out what I did. then I decided to call the news since its a big security issue with a major ISP. When I was explaning to Ted from channel-7 news my phone made a loud beep (exactly like that of the beep you use on switchboards to change lines etc) then my phone went dead when I was explaning how to do it. I called him back on my dads cell phone (not through Telus) and explained everything, then after I hung up his phone rang, I answered it and it was the sound of dial up internet, such as that as if someone was trying to connect to his cell phone as if it were a server. Anyways they did some filming and shit but no reporter took the case so it kinda died down but I am going to pursue it till they fix it so no-one can pose as me and hack the govmt and me go to jail. Until then use this exploit wisely and good :) theRisk: -------- The risk this exploit poses is that if someone uses your ip address and hacks the government, or even if some moron that you hacked sends Telus a log they look who that ip was leased to at that time then gives them shit, thus if one of your friends is on Telus and you wanted to piss him off you could do that. theDictionary: -------------- hardEncode - specifing your TCP/IP settings. Telus - a homo ISP that I could run while riding my unicycle better then all of their morons they have now. theContactInfo: -------------- ICQ: 70503877 AIM: th3g0nz MSN: therealgonz@hotmail.com WWW: http://grip.dhs.org Email: dave@calgary-riders.com ////theGonz signing off, enjoy my first exploit published ///End Exploit //Thursday March 08, 04:56:28am, 2001