==Phrack Inc.== Volume Two, Issue 12, Phile #7 of 11 -/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\- \ / / Hacking : OSL Systems \ \ / / Written by Evil Jay \ \ / / (C) 1987/88 Evil Jay \ \ / -/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\- Prologue: This file is for all those people who are running across the OSL system and are constantly confused about getting in and what to do once you're in. Because of the trouble I had getting a manual on the system from ROLM, I was forced to write this file from what I already know, and what I can do on the few systems I have gained access to. Since this file is far from complete (without a manual, most are), I'll leave it to you, to write up future files on the OSL system. Credit goes to Taran King who got me interested in writing the file, and who tried to help me get a manual (my social engineering leaves something to be desired). What is OSL: Actually it has been termed as Operating Systems Location, Off Site Location and a lot of other names. Which? I'm not sure. What I can tell you is that it's an operating system running on an IBM (?) that does remote maintenance operations on a ROLM PBX (Referred to as CBX I believe). As I said, this file is not too complete, and I was unable to get very much information about the system, or the PBX system itself. I believe Celtic Phrost wrote a file on ROLM PBX systems, and you might want to read that or other ROLM files for more information. Getting In: If you have trouble logging in, try changing your parity. Also, this system will only except uppercase. The first thing you should see when you get a carrier is the following: MARAUDER10292 01/09/85(^G) 1 03/10/87 00:29:47 RELEASE 8003 OSL, PLEASE. ? MARAUDER10292 is the system identification. Most of the time, this will be the name of the company running the OSL system, but occasionally you will find a system, you will not be able to identify. CN/A it. It might be your only chance of gaining access to that particular system. 01/09/85. This is a mystery to me. It could be the time that the system first went up (but sounds unlikely), the date of the current version of the OSL operating system...etc. The ^G is a Control-G, and rings a bell at your terminal. I do not know why, but it does... The rest of the text on that line is the current time and date. RELEASE 8003 could be, again, the revision number of the software package. I don't know. OSL PLEASE means that you can now attempt to login. The ? is your prompt. Remember the uppercase only. Naturally we are going to type "OSL" to login. Once this is done, we will receive this prompt: KEY: This is the password prompt, and so far as I can tell, can be anything up to, say, 20 characters long. Obviously we are going to try MARAUDERS or MARAUDER as a password. Here's the tricky part. Some systems do not tell you whether the password was right or not. Sometimes, if it's right, you will get a ? prompt again. If not, you will get an ERROR msg. It depends on the system. Each system is set up a different way. Also, some systems require all alphabetics, while others require alphanumerics and sometimes they will require both. Again, you may or may not get an ERROR message. You can ABORT anything at any time by sending a BREAK. One good thing about the system is that you have, so far as I can tell, unlimited attempts at guessing the "KEY". Also, Druidic Death says that "," is a default, or is commonly used (I don't remember which). Unfortunately, I have never been able to get this to work myself. Your IN!: Okay, first thing we need to do is type HELP. If you have access, which again, differs from system to system, you will get a menu that looks like so. (Maybe not, but I am through telling you how strange this system is.) PLEASE ENTER ONE OF THE FOLLOWING COMMANDS LREP - DISPLAY REPORT MENU LST - LIST REPORT COMMANDS CURRENTLY STORED ACD - ADD AN ACD COMMAND DEL - DELETE AN ACD COMMAND MOD - MODIFY AN ACD COMMAND SUS - SUSPEND AN ACD COMMAND ACT - ACTIVATE AN ACD COMMAND LREP: This lists a menu of reports you can view. LST : This lists all the commands that have been stored in the buffer. ACD : This activates a command. DEL : This deletes a command in the buffer. MOD : This modifies a command in the buffer. SUS : This suspends a command in the buffer. ACT : This activates a command in the buffer. Commands Explained: Okay, so now we'll go through all of these commands and show you what they do, and of course, explain each example. LREP: LREP lists a number of reports which can be ran. Here is an example: REP# NAME SYNTAX ---- ---- ------ 1 - CURRENT STATUS ACD 1,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP) 2 - CUMULATIVE STATUS ACD 2,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP) 3 - TRUNK DISPLAY GROUP ACD 3,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP) 4 - POSITON PERFORMANCE ACD 4,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP) 5 - ABBREVIATED AGENT ACD 5,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP) 6 - DAILY PROFILE ACD 6,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP) 7 - CUMULATIVE AGENT ACD 7,(FIRST),(LAST),(START),(INT),(#INT),(CLR),(REP) Current Status : Gives you the current status of the PBX system. Cumulative Status: Quite obvious. Trunk Display Grp: Obvious again. Position Prfrmnce: ??? Abbreviated Agent: ??? Daily Profile : Gives you a report of how the PBX ran on date 00/00/00. Cumulative Agent : ??? ACD: I purposely skipped all the other commands, since they are pretty obvious. They all have to do with adding commands to the buffer, modifying them and running them..etc. If you get access to a system, it would be wise to LST all of the commands that the operators have been running and then try them yourself. No biggy, but oh well. The ACD command activates a command and lists the desired report on your terminal. While the whole thing can be typed on one line, you can just type ACD and do it step by step (a little easier to get the hang of it). Now we'll go through this, and show you an example of building a command to list the Trunk Display Report. ?ACD 3 FIRST GP OR AGENT ID: (Try 1) LAST GP OR AGENT ID: (Try 2) START TIME: (Enter START TIME in army time such as 22:52:00) INTERVAL: (Not sure, hit return) # OF INTERVALS: (Not sure, hit return) CLEAR(Y/N): (Type Y, but this is stored in the last cleared log) REPEAT DAILY?: (No!) PRINT LAST CLEARED(Y/N): (Here's where the last cleared shows up) It then prints out the command and executes it, showing you the desired report. The end result: Some other things can be done, such as commands like C and M and a host of others, but unfortunately, as I said, these systems are very strange and it's hard to find two alike. The computer is not worthless, and lots of things can be done on it, but this file is getting quite lengthy. If there is enough demand, I will write a follow-up. In the meantime, if I have made any mistakes, or you have more knowledge that you would like to share with me, I can be reached on the following boards: ShadowSpawn Private, Hell Phrozen Over, Phantasie Realm and a few others. -/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\- \ / / An Evil Jay/Phrack, Inc. \ \ / / Presentation \ \ / -/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-