A hacker and phone phreak nicknamed Phlash -because of the speed with which he'd managed a number of great hacks - was once almost resigned to the fact that he couldn't get any information about the computers at a particular embassy. "They were really tight-lipped," he told me. "I tried bull-shitting them, but they wouldn't have any of it. And line connections were hard to establish. And once on, they only gave you two chances before disconnecting you. So I needed some other way of getting in."
From scavenging around in the trash bins he found evidence that at least one computer there used a particular cheapo-brand modem. Since it was his only clue, Phlash got some literature from the modem manufacturer, and found that all their modems came with a home-brew terminal emulator, which featured, among other
technical details, the ability to define character translation tables for both incoming and outgoing data.
Sometimes people want to be able to press a certain key on their keyboard, but have it come out as a different key on the computer they're connected to. For example, a lot of times editing keys such as Backspace don't work the way they should when you connect to a different computer, because when you press Backspace, the remote computer ignores it. To really send a Backspace to the remote computer, you might have to type Control-Backspace. If your terminal program allows it, you can set up a translation table to press Control-Backspace for you. A translation table is a file that contains each key you can type, and the character that is to be sent through the phone lines when you type that key. If you had this Backspace problem, you would set up your table so that any time you pressed Backspace, the computer would translate that to Control- Backspace, and send that to the computer on the other end of the line.
Translation tables also work the other way. They take incoming data from the remote computer, and translate the characters into other characters. If you want to get rid of annoying linefeeds in a file, for instance, you can set up the table so anytime it sees a Control-J, it translates it to a null, or to a tap of the spacebar.
Phlash realized that a translation table could be used to his advantage. He took a copy of the terminal program and composed both an incoming and outgoing translation table, both of which were made to jumble characters. If someone were to connect with a computer using these translation tables, nothing they typed on
the keyboard would match its on-screen output. Any data they received would be totally garbled gibberish.
He typed up a short INSTALL program and saved it to a floppy disk. His INSTALL program looked in the directory for the already-installed terminal program, moved any existing translation tables to the floppy disk, and copied his newfangled tables over.
Phlash then printed up a convincing letter from the desk of "Technology Office, Second Branch, Director" which said, To comply with new regulations governing cryptography, and the exchange of corn-munications between ourselves and others in any foreign nation, we ask that you install this new, more secure version of communications software which includes functions to ensure the confidentiality of all state matters.
He gave explicit instructions for the installation, then concluded with, "Any questions or comments should be directed toward Sr. Benjamin Marcques, at telephone number 9-212-WXY-WXYZ." And he mailed it to a top person at the embassy.
Weeks later he got his phone call. "Actually, they had tried calling before but I had been away," Phlash told me later. "That poor woman went almost a week without being able to use her modem because I did that sneaky thing to her! When she called me, I went through the whole engineering bit, asking her to try logging on like she usually did. Of course it didn't work. I asked her if there was anyplace else she usually called, and there was. So we tried that. Didn't work either. Finally I decided it was in her best interest to try going through the reinstallation again. Naturally that reversed the four translation tables, so everything was peachy
again. Of course now I also had all I needed to get into two important government accounts!"
Phlash said that he was getting so caught up in his pretend role that he almost forgot to get the passwords and phone numbers. During the course of "helping" the embassy worker, he suggested that perhaps it was a problem with the phone line: "Which phone number are you dialing in from?"
You would also want to ask if there were any alternate numbers to try. Unlike typical reverse engineering, this particular case involved no physical entry of the computer site. Normally, access is needed to set up a hardware or software problem of some sort, and to set up advertising for your unique brand of assistance.
How to gain access is touched on elsewhere in this book.
