Well i know some of you liek to dabble in the phreaking area i know i did for a long time just thought i would toss out a snippet of code i wrote a long while back for spoofing caller IDs in the open source PBX known as Asterisk i used Vitelity.net as my main sip/iax provider and as a back up i also reccomend link2voip.com i know the owners of both and both are awesome people
hopefully this is usful to some one out there :)


;Old Extension to go into the spoof
;================================================= =============
exten => 265,1,Authenticate(5905)
exten => 265,2,Goto(ani-spoof,500,1)

[ani-spoof]
;We enter here, make sure that that file exists please!
exten => 500,1,background(/var/lib/asterisk/sounds/ivr/enternumbertospoof)
exten => 500,2,Waitexten(5)
exten => 500,3,Hangup()

;Someone then enters a 10 digit number to spoof as,
;we then set the ANI using the SetCIDNum function with the 'a' flag set
exten => _NXXNXXXXXX,1,Playback(/var/lib/asterisk/sounds/ivr/thankyou)
exten => _NXXNXXXXXX,2,SetCIDnum(${EXTEN},a)
exten => _NXXNXXXXXX,3,DISA(no-password,ani-spoof)

;then at the DISA dial tone the person enters the 11 digit number to call, (10 digit no. plus 1)
exten => _1NXXNXXXXXX,1,Playback(/var/lib/asterisk/sounds/ivr/pleasewait)
exten => _1NXXNXXXXXX,2,Dial(SIP/AccountNumber/${EXTEN},50)
exten => _1NXXNXXXXXX,3,Congestion()

exten=>i,1,playback(invalid)
exten=>i,2,goto(500,1)


You can also manually set a hard CID when making out bound from a certain extentions via


exten => _NXXXXXX,1,Set(CALLERID(num)=7806666666)
exten => _NXXXXXX,2,Dial(SIP/accountnumber/1780${EXTEN},50)
exten => _NXXXXXX,3,Congestion()


or you can set 3 digit cid's same way

exten => _NXXXXXX,1,Set(CALLERID(num)=911)
exten => _NXXXXXX,2,Dial(SIP/accountnumber/1780${EXTEN},50)
exten => _NXXXXXX,3,Congestion()


to impliment set a extention that goes to a sub in your dial plan in extentions.conf

like so

in your inbound sub ie [INBOUND]



exten => 265,2,Goto(outbound,1)

[outbound]
exten => _NXXXXXX,1,Set(CALLERID(num)=7806666666)
exten => _NXXXXXX,2,Dial(SIP/accountnumber/1780${EXTEN},50)
exten => _NXXXXXX,3,Congestion()


or if you want to dial nothing but 10 digit numbers

exten => _1NXXNXXXXXX,1,Set(CALLERID(num)=7806666666)
exten => _1NXXNXXXXXX,2,Dial(SIP/accountnumber/${EXTEN},50)
exten => _1NXXNXXXXXX,3,Congestion()


Cheers and hope you have just as much fun as i do making prank calls world wide and call people from there own numbers and such

oh and also a word of advice if you call a ATT wireless customer from there own number and they do not pick up it goes directly into there VM ;)

-warweed

Oh fuck yes! Finally an interesting topic. Thanks for the share. I've never actually gotten around to using Asterisk but it has always been really interesting to me. Did you go with NuFone?

Naw i used a Combination i had a old P2 running debian running asterisk on it then i used Vitelity for there international voip service and i used link2voip for there local service and i used freeworlddialup for there toll free services .. i had like 4 SPA-1001 sipura phone adapters and 2 wifi based mobile phones

but yeah i had run several asterisk based PBX's over the time so if you need suport setting up dial plans or need debugging support let me know

Thanks for the offer man. When I ever have a need and get off my ass then I'll start to fux wid it. I've been going over the manual again so I'm pretty confident I'll be able to set it up within an hour if when I need to.

dial plans are the easier parts it php agi scripting and peering that can be a pain espcially secure network peering

right now im running a small private vpn with a secure asterisk server over it so that this certain group can contact each other and each person has a local provider or tie in so that if we ring the computer with no responce it tries a mobile and ect..

but we have fucked with voice req and text to speech ect..

call flooding ie spooling in calls lol one day we called every verizon pay phone in the north dakota international airport

there is so many fun things to do with asterisk such as listening to music controling computers turning off and on computers get server info and control servers ect...

the amount of things you can do is only limited to your coding ability

I'm glad you've found a calling in phreaking. You seem to know your shit when it comes to this stuff. Any good resources you'd like to share with the class? I've only dabbled in this field, but I would really like to get some more juicy info on the subject.

well new age phreaking is kinda a personal thing and is shared usally between one another in the "scene"


but what do you want to know and i will try and share with you my knowledge

also http://www.hackcanada.com/canadian/zines/k_1ine/

some of the k-1ine issues have more uptodate article but after a close friend and fellow phreaker in our community committed suicide we stopped publishing k-1ine with the final tribute article on 4/20/08

I'm glad you've found a calling in phreaking. You seem to know your shit when it comes to this stuff. Any good resources you'd like to share with the class? I've only dabbled in this field, but I would really like to get some more juicy info on the subject.
also as true with the 80's

dumpster dive dumpster dive dumpster dive ..
i sneak under telco fences and grab what ever i can shreaded paper bags of paper (no organics) and toss em over or under the fences if i can goto a remotle location go through stuff usally i go for anythign with hand written notes memo's larger grouped stacked papers books manuals ect..

you can and will find ALOT of stuff most days

some days nothing .. :)

i have found all sorts of test numbers :)


Also wardialing is another fun past time ... I have a apartment atm. and most people know that either your phone box is in the laundry / utility room or it is outside eitherway there easy to get into ..

with soem quick bridging and disconnecting you can use who ever in the buildings you wants phone line :)

i usally see who comes and goes from the building and who works ect.. so i war dial using there lines with a auto dialer like toneloc till i know about when there coming home and then i go disconnect my bridge and goto to the next person ect...

in about 10,000 toll free number blocks your bound to find probally over 100-1000 intresting numbers

and 200 of them are going to be worth dialing

i will post a sample of some of the stuff you could find but for privacy block out most the numbers

Some idea's on were to get started scanning ;)


MILITARY/GOVERNMENT-------------------------------------------------------------------


___ GENERAL ___

202.456 Al Gore - Presidential Candidate
703.545. Air Force, Department of (USA) - Information
202.433. Anacostia Naval Station
301.981. Andrews Air Force Base Operator
613.996. Canadian Consulate (for calls originating in the USA)
800.267. Canadian Consulate (for calls originating in Canada)
202.456. Council to the President
703.607. DISA Global Headquarters - Duty Officer Phone
703.607. Defense Information System Agency Personell Locator
301.227. Defense Mapping Agency TTY
800.468. Defense Reutilization and Marketing Service
703.325. Defense Security Service HQ (Field Office)
202.647. Department of the State
202.647. Department of the State
202.622. Department of the Treasury
202.622. Department of the Treasury
614.692. DoD Network Information Center Helpdesk
800.365. DoD Network Information Center Helpdesk
212.384. FBI
202.418. FCC Switchboard
800.688. Federal Information Center
800.688. Federal Government Info line
202.632. Federal Communications Commission
888.CALL Federal Communications Commission
800.358. FEMA Map Service Center
800.462. FEMA Nationwide Disaster Assistance
800.879. FEMA Temporary Recruitment for Disaster Area
804.633. Fort A.P. Hill Directorate of Human Resources
804.633. Fort A.P. Hill Directorate of Morale, Welfare and Recreation

804.633. Fort A.P. Hill Directorate of Training, Mobilization, and Security

804.633. Fort A.P. Hill Game Check Station
804.633. Fort A.P. Hill Public Affairs
703.524. Fort Meyers Officers Club
703.696. Fort Meyers Library
703.696. Fort Meyers Officers Club Pool
703.351. Fort Meyers Armed Forces Bank
703.818. GETS Test Line
800.818. GETS User Assistance Helpline
710.NCS. Government Emergency Telephone System Dial-In
800.829. Internal Revenue Service Main
800.829. Internal Revenue Service Forms and Booklets
800.829. Internal Revenus Service Criminal Investigations
719.721. Joint National Integration Center (JNIC) High-Performance Computing
719.721. JNIC User Services/ Helpdesk
719.721. JNIC Visitor Control Voice ext 8253
301.744. JITC Washington Ops. (DSN 354-2602)
520.538. JITC Fort Huachuca (DSN 879-5000)
520.538. JITC Fort Huachuca Visitor Support Center (DSN 879-5429)
520.538. JITC Phone Hotline (DSN 879-5482)
520.538. JITC Office of the Commander
202.45 Vice President, Immediate Office
202.45 White House Cheif of Staff
202.45 White House Comment Line
202.45 White House Operating Status Notification Line
202.45 White House Personell Officer
202.25 White House Switchboard
202.45 White House Situation Room
202.45 White House Visitor Office Information
703.54 White Oak Naval Ordanance Labratory
505.67 White Sands Missle Range
710.99 That odd 710 number that did the thing with the sherrif that one time.
some ones i do not mind giving out ;) thou some may not be working anymore i know some do

727.551.9889 elevator phone
810.732.9037 elevator fone
860.563.6571 elevator fone
810.732.9037 elevator
860.563.6571 elevator
401.863.71xx 80+ elevator phones in Brown University College


Fucking with people in elevators is a great pastime :)

also always remember optivert meaning go through your operator covertly
so instead of directly dialing a number press '0' from your home phone and when the operator comes on say hi i am having troubles dialing a number was wondering if you might be able to assist me they more then likly will say sure whats the number please just give them the number and they will put it thorugh rather then using your caller ID and your ANI and your callback it will be theres but still billed to you

im suprised more people are not intrested in war dialing / phreaking anymore pfft if only you guys knew what your missing / could do lol



provider confrence calling company confrences with outdialing features both local and international voicemail hacking broadcasting jumping all over the planet lol there is no limit what you can find hell i found number were you could call in and get sensor data on a local power substation and run diagnostic tests lol

or numbers that control mainframes lol

im suprised more people are not intrested in war dialing / phreaking anymore pfft if only you guys knew what your missing / could do lol



provider confrence calling company confrences with outdialing features both local and international voicemail hacking broadcasting jumping all over the planet lol there is no limit what you can find hell i found number were you could call in and get sensor data on a local power substation and run diagnostic tests lol

or numbers that control mainframes lol

Well, we really don't have any pros here anymore. Except for you though as it seems. Maybe, if you have time, you can get us all started. Shit. I would LOVE to start learning more about phreaking. It's interesting as fuck.

im suprised more people are not intrested in war dialing / phreaking anymore pfft if only you guys knew what your missing / could do lol



provider confrence calling company confrences with outdialing features both local and international voicemail hacking broadcasting jumping all over the planet lol there is no limit what you can find hell i found number were you could call in and get sensor data on a local power substation and run diagnostic tests lol

or numbers that control mainframes lol


I'm extremely fascinated by phreaking and the experience of exploring the telephone system. I'm only 18 and have recently in the past years started to read up about this. Learning how to do things is essentially impossible unless you have someone to teach and show you. I understand that being able to hear each specific click and tone in order to determine where you are or what you've just passed is really amazing. Though, it takes a while to be able to get to that point without fault.

I don't know where to start.

So far I just like calling interesting numbers, hearing or talking to whoever picks up or whatever picks up.

Question: Is there a way to get inside of a PBX of say some random company, then somehow spoof your way into the system and dial out using their lines? Of course, you're calling from your outside line, payphone, home phone, whatever it may be.

I read a lot of 2600 btw. And the Best of 2600. >.> I'm more of a computer hacker, hardware hacking is my fun. Exploring places too, dumpster diving, etc. I recently learn how to spoof your ANI from a nice little article in that book :)

Btw: That number, about the substation... do explain more..

of course there are ways to "hack your way" into a companys PBX most companys now use newer nortel or 3com hardware PBX's i would start by reading more into those ;) :) and setup and configureing

start scanning for companys 1800 numbers when you find a company alot of times they have employee directorys or mailboxes usally when you get to some ones VM if you mash * or # it will ask you for a login to check VM this is were i usally check first .. you can hack vm's and you can hand scan VM's i like the old skool method of hand scanning personally

once you reach a vm login on newer pbx's they defualt 3 trys then the system hangs up on you

try the extention number as the login first and then the password as a extention

alot of times companys will setup VM's in bulk so they have unused VM's in there platfform

in the case of the company i first broke i found a vm on the system that was not in use that was defualt the ext. for user and ext. for password and the admin had sent out vm broadcasts with the companys new confrence extention and password .. in this case it was ext. 260 was the confrence and at the time no password (till a company member dropped in on a bunch of phreakers) lol and noticed there bill sky rocketed to a couple thousand because of international calls lol you can also use old dos programs to "war dial" a pbx and to find extentions in that pbx i personally like toneloc for this

thou i like http://www.sandstorm.net/products/phonesweep/screenshots.php

sandstorms phonesweep to but you require certain hardware to use this software :P

i will write a bit more on the subject later

the cool thing about toneloc is it can detect modem's and fax machines i like modems ;) for obvious reasons mainly because most modems now adays are some computer that has been sitting in the companys closet for years well forgotten about and if the most insecure part of a whole network ;)

most modems now adays are some computer that has been sitting in the companys closet for years well forgotten about and if the most insecure part of a whole network

That makes me LoL. It's always some old forgotten thing that ends up being the way in.

Hey its old, why bother care about it? :P

But yet they don't know.


And thanks for the tips. I've called some 1800 numbers, its neat, going through prompts, trying out random extensions to see who I can reach and then pretending to be someone who I'm not. Such as an security expert from Bell >.> :)

I'm gunna try that VM trick later on. See what I can find.


What were you up to during the Ma Bell days, Warweed?

If only i was allowed to tell you some of the things i found and things i have done with phone networks ;) lets put it this way there is ALWAYS a way into everything

you know those little apartment door entry things look a little somthing like this http://www.mircom.com/images/tas/mus-1000s_lg.jpg

there called mircoms and like most products the rely on 2 things ... one that there programmers are good and there are no problems and two the end user is a redtarded hill billy

so like most companys they do somthing stupid they put in a back door code something to allow that red neck hillbilly who wrote his password down on a match book and lost it in a drunken gang bang to get back into his buildings admin panel to re program the damn thing to the right phone number or right extention ...

well do yourself a favour if you don't sound like a underage idiot find yourself a mircom and find it on the product page and call there tech and be that drunken hill billy ;) get yourself the back door codes trust me it ain't hard just ask them what to do if you lost your code ..

then go back to your mircom and login add yourself a extention 666 that dials your phone and press 9 when your phone rings ... and your in ...

or better yet my friends ;) find out what carrier that number is that the mircom dials from and setup another extention to call that carrier and setup a confrence under that name (which the line will be registered to the buildings name or bussiness that owns the apartment) then laugh when your at home and have a way to call anyware you want ...

or how about this ... use mircom to setup a ext. to call 900 numbers and get pin logins by billing to the number your calling from ;)

see my trend lol

there is a Million and one things you can do :P

Exploitz would you mind if i made just a "phreaking thread" and you merged this thread into it ? it seems like there are people intrested in the subject but nothings catchign there eyes :P

Here is a good tutorial on the use of toneloc
http://www.textfiles.com/hacking/tl-user.txt

i know i know it's on textfiles but it is not badly written :P

...there called mircoms and like most products the rely on 2 things ... one that there programmers are good and there are no problems and two the end user is a redtarded hill billy

so like most companys they do somthing stupid they put in a back door code something...

This is very true for many things. ATMs to name one.

you know those little apartment door entry things look a little somthing like this

when I was younger I had lived in an apartment building. Beside mine was a buildin which had old people living in it, every floor, every apartment.

I used to go over, dial a random number and pretend to be a cable technician working on the lines in the area. We had construction around very often, so, this ploy worked usually. My voice was still that of a kid, with a little vocal alteration, I was usually able to trick the old folks and get inside the building quite easy. The addition of the poor quality connection made it even easier.

You could say that the intercoms had cameras, but this building was similar to mine - other than the architecture. Same intercom system, so I knew for a fact that there was no camera systems through the buildings coax.

I'd never really go inside considering nothing of interest was in there, but the joy of being able to do that was enough for me.


And yes! Phreaking thread =D


If only i was allowed to tell you some of the things i found and things i have done with phone networks lets put it this way there is ALWAYS a way into everything

I'd be interested in hearing you out, if we could talk in private or something. I enjoy reading and listening to stories from the major phreaking era. If not, it's quite alright.

msn : warweed12 @ hotmail dot com

is the only real way to get ahold of me until such time as i complete writing my secure chat program