


 `- <| The Telus 4O3-31O-5555 Divertor Exploit |> -`


notes: this article has been written to point out
       a small yet potentially hazardous vulnerability
       within the 'Band 1 INWATS' regional (403)-310-5555
       Telus customer care system in Calgary, Alberta, Canada.


docs:


 For the last couple of months I've received several (approximately 20)
 annoying repeat calls from the Telus customer care line; (403)-310-5555,
 from slack-jawed marketing bastards who want me to sign up for their
 rip-off long-distance plans. Normally my reaction to such calls is always
 to pick up the receiver and slam it down as fast as I can in a hopeful
 attempt that they'll take a hint that I don't want their long-distance
 shit service (T-MAX calling cards all the way, bay-be!). 

 However today I felt a little bit of love in my heart for the capitalist
 pigs (or maybe it was the vodka doin' the thinkin'?), so I decided to
 actually pick up the phone and wait for a chipper Telus employee to
 coerce me into becoming a LD subscriber. To my surprise I wasn't greeted
 with a voice, but instead a total of 30 seconds of silence. 

 "What the hell is going on?" I thought to myself. Immediately after, a
 sweet enchanting female voice said aloud: "Hello, Telus communications?
 Hello, anybody there?" "Hi, you just called me from 310-5555, are you
 going to drown me out with your marketing crap or what?" I asked her.

 "Oh no! You must be another customer who got routed to our main office.
 See what Telus has done for all of Alberta is about a couple of months
 ago we upgraded our router software and since then around 50-75% of the
 calls me make out to customers gets automatically re-routed back to us."
 she responded.

 I then proceeded to ask "I see, well I have a question for you. I hope
 you don't mind answering it." 

 "sure... annyyything" she responded with such young cheerfulness it struck
 a thousand evil sexual ideas in me all involving whips, chains and butt
 plugs. 

 "Well, when my call got routed back to you what was displayed on your
  screens for ANI information?" I asked.

 "Excuse me, ANI?" she said with confusion.

 "Caller ID..." I responded.

 "Ohh... it says, hrm... 403-310-5555" she said again with confusion. 
 (musta been a blonde)

 "all right. That's all I wanted to know. Thanks a lot." I concluded.

 "No problem. Thanks for calling Telus Communications, have a WONDERFUL day!"
 she ended with more cheerful glee. Fuckin' bitch musta taken too much
 Prozac before her shift. Figures.

 -

 Wowwy, she didn't even see me as being in the same area code!

Now, what do you think one has the ability to do when they get re-routed
to the main line at Telus Communications with their ANI information displaying
"Telus Communications, 310-5555"? Social engineering of course! :)

http://www.dictionary.com/cgi-bin/dict.pl?term=Social%20Engineering

Having such an obvious divertor is wonderful when social engineering a
Telus employee out of their bounties and bounties of useful information.

Imagine for a second that you have just found a map to the hidden cave
of fortune, but when you got there you were confronted by a big scary
ogre who wanted you to prove you were the true prince of riches that
he's been waiting for for 15 years. You've gotta use wit, charm and charisma
to get into that cave or else he's going to crush you like a little bug
and eat your dead carcass. The same goes for social engineering Telus employees.

So if sometime in the future you *DO* get that phone call from 403-310-5555
and just happen to get re-routed to a ditsy operator broad, you'll know
how to get whatever information you want outta them (ie. DATUs, routing 
codes, test #s, an outdial, etc) because *YOU* went to the url explaining
social engineering and *YOU* read my horrible analogy!

Now go get 'em my telco tigers! 

The Clone

02/21/01

www.nettwerked.net