Penetration Testing mailing list archives
Re: "Digital" War Dialing
From: "Champ Clark [Vistech]" <champ () bundy vistech net>
Date: Wed, 20 Dec 2006 01:27:26 -0500
On Tue, Dec 19, 2006 at 10:25:17AM -0500, David M. Zendzian wrote:
By digital do you mean like an office PBX digital or VOIP digital? If you mean VOIP your going to run into a little problem in that the digitizing of the analog->digital modulation the modem does to go over a VOIP line will introduce errors that will cause your modem to not be able to properly connect.
Nah - It's not as difficult as you think. I've used VoIP (IAX2 and SIP) to do "war dialing" with traditional hardware modems. All you need is IAX2 or SIP hardware. For example, a ATA or PAP2 (you can pick this up at Staples). I used a PAP2 (comes with dual lines). Instead of hooking up a standard phone to do VoIP, you hook up your modem. You are correct about it causing problems, but a few little tricks will making connections not a problem. For one, do _not_ enabled compression (G.729, GSM, etc). You need the VoIP signal to be as clean as possible. Use G.711 (ulaw) or alaw. You then need to set your baud rate to 2400 or 1200 baud. With this, connection are easily possible. I've gotten up to 4800 baud connection, but when you pass the 9600 mark - you end up with problems as you where saying. At higher speeds theres a lot of signal multiplexing/compression going on that does screw up a VoIP "war dialing" session. Lower rates, there's no problems. The disadvantages: You might miss numbers that don't accept lower baud rates. I've actually found this to be rare but it does happen. The advantages: Caller ID spoofing. For example, set your caller ID to a fax machine. Then, if people attempt to call you back, they just think it was a fax gone bad. Also, since you're not using the normal PSTN, you ANI will show as the VoIP provider. It can be done, it just takes a little tweaking. I've done VoIP based war dialing many, many times. No problem. I typically use a USR Courier with the PAP2. That goes into my Asterisk server, then out to my IAX2 or SIP provider. Asterisk allows me to record the sessions for later review. Of course, Asterisk isn't a requirement. With iWar, a ATA/PAP2, modem and a VoIP provider work fine.
Tools like iwar work by using voip a speaker & your ability to say "hey, that's a modem!" :)
This is semi-correct. It's actually used as a faster method of "hand scanning". That is, iWar works as a full on VoIP client (with caller ID spoofing). No additional hardware required. In the works right now is signal processing in iWar. That is, to detect (based on a rule set?) interesting tones and what have you. This doesn't mean it'll _connect_, but give the user the ability to "detect" interesting things. Theres been talk about including a fully based software modem in iWar, but right now the focus appears to be on detect and not connection. Perhaps in the future a software based modem will be implemented.
I also recently saw a posting that a VOIP provider is finally getting service that supports standard FAX machines. I haven't been able to confirm this but if it's true then modems should also work a little better with whatever they have.
Fax over VoIP isn't new. I can't comment on the quality, but from what I've heard it works "okay". For example, check out IAXmodem (http://iaxmodem.sf.net). This software has been around for a while and supports faxing over the IAX2 protocol. Top end speed (I believe) is 9600 baud. The point is, war dialing over VoIP isn't that hard and actually does work :) -- Champ Clark III | Vistech Communications,Inc. | 850-942-0388 x 101 http://www.vistech.net GPG Key ID: 58A2A58F Key fingerprint = 7734 2A1C 007D 581E BDF7 6AD5 0F1F 655F 58A2 A58F If it wasn't for C, we'd be using BASI, PASAL and OBOL.
Attachment:
_bin
Description:
Current thread:
- "Digital" War Dialing 09sparky (Dec 16)
- Re: "Digital" War Dialing Volker Tanger (Dec 17)
- Re: "Digital" War Dialing Champ Clark [Vistech] (Dec 17)
- Re: "Digital" War Dialing David M. Zendzian (Dec 19)
- Re: "Digital" War Dialing Champ Clark [Vistech] (Dec 19)
- <Possible follow-ups>
- RE: "Digital" War Dialing Michael Scheidell (Dec 17)