VoIP - The new Phreaking

VoIP - The new Phreaking

By ghost | 23322 Reads |

0     0

VoIP Basics

The days of Phreaking are long past and dead, pay phones no longer cough up goods anymore, and an entire branch of hacking practically died over night. Or did it?

Phreaking by traditional terms is long dead, the phone systems now employ systems that put tones on a second band which makes almost all boxes useless except for the Beige and Red boxes from what I know.

Where this falls a new era has come, and a new form of hacking along with it. This new advent in phone systems has come to be known as VoIP, or Voice over Internet Protocol.

As VoIP becomes more prominent we find that the line between hackers and phreakers is about to fade completely into the gray. VoIP is a phone system that runs by connecting to your internet access, or rather via an ethernet cord. Think vonage and all those annoying commercials you had to sit through, VoIP in basic form.

This article will tell you some of the basics of VoIP and what to expect.

Now then, let's begin.

As mentioned earlier VoIP works through an ethernet cord attached to the internet. As a hacker you should be informed that anything plugged into the internet is a far cry from secure, even including the CIA, FBI, and other top security fortresses (though they are substantially more difficult.)

The beauty of the VoIP system is that it's also a server that starts automatically and runs a protocol known as TFTP on port 69. One of the most lethal tools in VoIP hacking is also one that is useful in any field. Google. (Just a side note there's a reason everyone always tells you to use it before asking.)

Google is your best friend in finding vulnerable boxes to tap.

Try this line in google -

inurl:"NetworkConfiguration" cisco site:http://www.target.com

Remove the site tag unless you are after a certain site.

This should provide you with quite a bit of information, the Admin CP of the PBX (Phone Box) and all the data. Look for the TFTP server and run a ping on that IP, if it returns data you're in. Save the rest of that Data, you'll need it later

Get into Nmap or your favorite port scanner and plug in the same IP in a UDP scan. If 69 is open then you're golden.

You HAVE to be on Unix or at least an emulator like Cygwin for any further. Type in TFTP and the IP address.If a TFTP prompt comes up it worked, now you need a config file to get anywhere. Open up the file with that Data from earlier.

Type in -

get sep(insert MAC adress here).cnf

If you get a list of Data then it all worked out and you hit the gold mine. You have the Phone Extension, Voicemail Password, and Telnet Password to their phone.

From here I'll let you find out what to do with this information until I learn enough to write the next article.

Mind you if you do any of this on a PBX that you do not own I assume no responsibility if you get busted for it. Practice safe browsing, use a Proxy!

Until next time.

• Lemur