Title : Hacking : OSL Systems
Author : Evil Jay
==Phrack Inc.==
Volume Two, Issue 12, Phile #7 of 11
-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-
\ /
/ Hacking : OSL Systems \
\ /
/ Written by Evil Jay \
\ /
/ (C) 1987/88 Evil Jay \
\ /
-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-
Prologue:
This file is for all those people who are running across the OSL system
and are constantly confused about getting in and what to do once you're in.
Because of the trouble I had getting a manual on the system from ROLM, I
was forced to write this file from what I already know, and what I can do
on the few systems I have gained access to. Since this file is far from
complete (without a manual, most are), I'll leave it to you, to write up
future files on the OSL system. Credit goes to Taran King who got me
interested in writing the file, and who tried to help me get a manual (my
social engineering leaves something to be desired).
What is OSL:
Actually it has been termed as Operating Systems Location, Off Site
Location and a lot of other names. Which? I'm not sure. What I can tell
you is that it's an operating system running on an IBM (?) that does
remote maintenance operations on a ROLM PBX (Referred to as CBX I
believe). As I said, this file is not too complete, and I was unable to
get very much information about the system, or the PBX system itself. I
believe Celtic Phrost wrote a file on ROLM PBX systems, and you might want
to read that or other ROLM files for more information.
Getting In:
If you have trouble logging in, try changing your parity. Also, this
system will only except uppercase. The first thing you should see when you
get a carrier is the following:
MARAUDER10292 01/09/85(^G) 1 03/10/87 00:29:47
RELEASE 8003
OSL, PLEASE.
?
MARAUDER10292 is the system identification. Most of the time, this will
be the name of the company running the OSL system, but occasionally you
will find a system, you will not be able to identify. CN/A it. It might be
your only chance of gaining access to that particular system.
01/09/85. This is a mystery to me. It could be the time that the system
first went up (but sounds unlikely), the date of the current version of
the OSL operating system...etc.
The ^G is a Control-G, and rings a bell at your terminal. I do not know
why, but it does...
The rest of the text on that line is the current time and date.
RELEASE 8003 could be, again, the revision number of the software
package. I don't know.
OSL PLEASE means that you can now attempt to login.
The ? is your prompt. Remember the uppercase only. Naturally we are
going to type "OSL" to login. Once this is done, we will receive this
prompt:
KEY:
This is the password prompt, and so far as I can tell, can be anything
up to, say, 20 characters long. Obviously we are going to try MARAUDERS or
MARAUDER as a password. Here's the tricky part. Some systems do not tell
you whether the password was right or not. Sometimes, if it's right, you
will get a ? prompt again. If not, you will get an ERROR msg. It depends
on the system. Each system is set up a different way. Also, some systems
require all alphabetics, while others require alphanumerics and sometimes
they will require both. Again, you may or may not get an ERROR message.
You can ABORT anything at any time by sending a BREAK. One good thing
about the system is that you have, so far as I can tell, unlimited
attempts at guessing the "KEY". Also, Druidic Death says that "," is a
default, or is commonly used (I don't remember which). Unfortunately, I
have never been able to get this to work myself.
Your IN!:
Okay, first thing we need to do is type HELP. If you have access, which
again, differs from system to system, you will get a menu that looks like
so. (Maybe not, but I am through telling you how strange this system is.)
PLEASE ENTER ONE OF THE FOLLOWING COMMANDS
LREP - DISPLAY REPORT MENU
LST - LIST REPORT COMMANDS CURRENTLY STORED
ACD - ADD AN ACD COMMAND
DEL - DELETE AN ACD COMMAND
MOD - MODIFY AN ACD COMMAND
SUS - SUSPEND AN ACD COMMAND
ACT - ACTIVATE AN ACD COMMAND
LREP: This lists a menu of reports you can view.
LST : This lists all the commands that have been stored in the buffer.
ACD : This activates a command.
DEL : This deletes a command in the buffer.
MOD : This modifies a command in the buffer.
SUS : This suspends a command in the buffer.
ACT : This activates a command in the buffer.
Commands Explained:
Okay, so now we'll go through all of these commands and show you what they
do, and of course, explain each example.
LREP:
LREP lists a number of reports which can be ran. Here is an example:
REP# NAME SYNTAX
---- ---- ------
1 - CURRENT STATUS ACD 1,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP)
2 - CUMULATIVE STATUS ACD 2,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP)
3 - TRUNK DISPLAY GROUP ACD 3,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP)
4 - POSITON PERFORMANCE ACD 4,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP)
5 - ABBREVIATED AGENT ACD 5,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP)
6 - DAILY PROFILE ACD 6,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP)
7 - CUMULATIVE AGENT ACD 7,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP)
Current Status : Gives you the current status of the PBX system.
Cumulative Status: Quite obvious.
Trunk Display Grp: Obvious again.
Position Prfrmnce: ???
Abbreviated Agent: ???
Daily Profile : Gives you a report of how the PBX ran on date 00/00/00.
Cumulative Agent : ???
ACD:
I purposely skipped all the other commands, since they are pretty obvious.
They all have to do with adding commands to the buffer, modifying them and
running them..etc. If you get access to a system, it would be wise to LST
all of the commands that the operators have been running and then try them
yourself. No biggy, but oh well. The ACD command activates a command and
lists the desired report on your terminal. While the whole thing can be
typed on one line, you can just type ACD <REPORT NUMBER> <CR> and do it
step by step (a little easier to get the hang of it). Now we'll go through
this, and show you an example of building a command to list the Trunk
Display Report.
?ACD 3
<CTRL-G>FIRST GP OR AGENT ID: (Try 1)
<CTRL-G>LAST GP OR AGENT ID: (Try 2)
START TIME: (Enter START TIME in army time such as 22:52:00)
INTERVAL: (Not sure, hit return)
# OF INTERVALS: (Not sure, hit return)
CLEAR(Y/N): (Type Y, but this is stored in the last cleared log)
REPEAT DAILY?: (No!)
PRINT LAST CLEARED(Y/N): (Here's where the last cleared shows up)
It then prints out the command and executes it, showing you the desired
report.
The end result:
Some other things can be done, such as commands like C and M and a host
of others, but unfortunately, as I said, these systems are very strange
and it's hard to find two alike. The computer is not worthless, and
lots of things can be done on it, but this file is getting quite lengthy.
If there is enough demand, I will write a follow-up. In the meantime, if I
have made any mistakes, or you have more knowledge that you would like to
share with me, I can be reached on the following boards:
ShadowSpawn Private, Hell Phrozen Over, Phantasie Realm and a few others.
-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-
\ /
/ An Evil Jay/Phrack, Inc. \
\ /
/ Presentation \
\ /
-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-