News items for tag phreaking - Koos van den Hout

2013-10-24 (#) 5 years ago
Interesting incoming caller-id in the logs: 003960. Country code 396 is the Vatican so maybe their switchboard got tired of the calls by phreakers and started calling back. Not that I ever did such a thing. The conclusion that this was faked is more appropiate.

Tags: , ,
2013-02-25 (#) 6 years ago
New attempts to get a call out via the unauthenticated SIP context on my asterisk testserver, this time attempts to get connected to +96277xxxxxxx numbers. These are Orange Jordan mobile phone numbers. The originating IPs are also in Jordan so I guess the attacker is waiting for the mobile phone to ring.

Tags: , , ,
2013-02-10 (#) 6 years ago
Playing with some blue box apps on the Android tablet: Phone Losers Blue Box: simple Blue Box application and Tone dialer FREE: DTMF / Blue box / Red box.

Both are more of a gimmick than really usable, although rumours that MF is still in use in some remote corners of the world are persistent.

Fun to hear those tones from the Android tablet. It does make me wonder: if I play tones like these in a big crowd, will I get seasoned phreaks to look up when I play some MF...

Tags: , ,
2012-10-09 (#) 6 years ago
I just found Intercept Service with Jane Barbe where ElmerCat has put a lot of time and energy into saving, splitting and digitizing phone phreaking recordings. My first thought was to take the Jane Barbe recordings and set up a few intercepts of my own. Maybe for playing with the people who try to break in to my asterisk testserver or (more constructive) to set up a Jane Barbe intercept service which can be used on Collectors*Net.
Found (unsurprisingly) via "1000 Abstract Machines" ... and a New Generation of Phone Phreaks? - The History Of Phone Phreaking.

Update: Ok, using the 'Jane Barbe' digits in Asterisk isn't very hard. Download the .mp3 files from soundcloud and convert them to the asterisk .gsm format:
$ mkdir janebarbe
$ sox JB-0-neutral.mp3 -r 8000 -c 1 janebarbe/0.gsm
..
$ sox JB-is-not-in-service.mp3 -r 8000 -c 1 janebarbe/is-not-in-service.gsm 
$ sox JB-the-number-you-have-reached.mp3 -r 8000 -c 1 janebarbe/the-number-you-have-reached.gsm
And put that entire janebarbe directory in the directory where asterisk expects the digit files for language 'janebarbe' which is /usr/share/asterisk/sounds/digits/janebarbe/ in the 'old' directory structure and /usr/share/asterisk/sounds/janebarbe/digits/ in the 'new' directory structure. Look at Asterisk multi-language - voip-info.org for details on directory structures.

Using the digits is now simple, a test:
exten => s,1,Answer()
exten => s,n,Wait(1)
exten => s,n,Playback(digits/janebarbe/the-number-you-have-reached)
exten => s,n,Set(CHANNEL(language)=janebarbe)
exten => s,n,SayDigits(1234567890)
exten => s,n,Playback(digits/janebarbe/is-not-in-service)
exten => s,n,Hangup
Will have Jane Barbe telling you what you expect. This can be used as an invalid-number intercept.

Tags: , , , , ,
2012-01-15 (#) 7 years ago
I got around to watching Boxing and phreaking presentation by BillSF and KC - Hackers on Planet Earth 1994 and suddenly some things I heard back then make a lot more sense to me. I had people tell about basic blueboxing, I read the documentation and I gave it a try on a (borrowed) demon dialer. But no success, and maybe that is for the best. Other people were better at this, some went to jail for it. One day, there is going to be an awesome book via The History of Phone Phreaking by Phil Lapsley with a lot of the stories.

Listening / watching this I went 'Oh!' and 'Right!' a few times, because of nuggets of information coming out. For example, the subtle differences between R1 signalling and C5 signalling which explains the difference between 2600 Hz only seize and 2400+2600 Hz seize. For R1 signalling, read an overview at the Wikipedia article on Blueboxing. For C5 (CCITT signalling system number 5) read the Wikipedia article on Signalling System No. 5.

The modern counterpart of all this, VoIP security attacks and defending against them, is what I get to play with now. This is all a lot more accessible with Asterisk and affordable computer - telephone interfaces.

Tags: ,
2011-10-11 (#) 7 years ago
Slate magazine has reprinted the "Secrets of the Little Blue Box" article from 1971 which inspired Steve Jobs. The same Ron Rosenbaum now writing for Slate was the author of the 1971 esquire article, which can be found via Secrets of The Little Blue Box - The History of Phone Phreaking Blog where Phil Lapsley has a quality scan of the original.

It's still amazing to read about the original phreaking community and how technical knowledge spread before the worldwideweb.

Found via Slate Reprints Blue-Box Article That Inspired Jobs - slashdot.

Tags: , ,
2011-09-24 (#) 7 years ago
Sommige dingen veranderen niet.. ze innoveren wel. Fraude met telefooncentrales blijft voorkomen en neemt zelfs weer toe volgens berichten van KPN: Telefooncentrales bedrijven vaker doelwit crimineel - nu.nl, Telefooncentrales vaker gekraakt - NOS Nieuws

Het staat niet in de artikelen, maar VoIP helpt vast met het mogelijk maken van deze fraude. En toegang van buiten tot de beheerinterface van een telefooncentrale moet goed afgeschermd zijn. Er zijn vast omgevingen waar dat nodig is, bijvoorbeeld voor beheer op afstand, maar zorg dan voor goede afscherming door middel van onder andere VPN. En 'standaard' wachtwoorden zijn natuurlijk al helemaal fout.

Zolang via systemen aangesloten aan het publieke telefoonnet er manieren zijn om of geld te verdienen (0900-nummers) of kosten naar anderen te verplaatsen (voor dure gesprekken naar het buitenland) is er een reden om te zoeken naar wegen voor 'toll fraud'. En met een groot genoeg aanbod van slachtoffers werkt het ook met de 'hit and run' aanpak: zoveel mogelijk geld binnenhalen in zo kort mogelijke tijd voor de volgende rekening komt en de route afgesloten wordt.

Ik zie een duidelijke toegevoegde waarde in snelle detectie van duidelijke onregelmatigheden: dagelijks de kosten in de gaten houden en bij grote afwijkingen direct alarm slaan. En als gegevens over de kosten niet direct dagelijks beschikbaar zijn is het in ieder geval verstandig om per dag de totalen minuten per categorie uit te rekenen en daar afwijkingen in te signaleren. Bij categorie├źn denk ik dan aan binnenland, west-europa+usa, rest van europa en verder daarbuiten. En de andere vraag is of in een bedrijf uberhaupt toegang tot dure 0900 nummers of verre buitenlanden nodig is, maar als er toegang verkregen is tot een beheersinterface is het natuurlijk een simpel kunstje om voor de frauduleuze gesprekken deze toestemming (weer) aan te zetten.

Tags: , ,
2011-03-20 (#) 8 years ago
I recorded a podcast narrating an experiment in telephony and blueboxing.

Via the blog linked to the history of phone phreaking I found about an audio art project dedicated to Joybubbles, one of the oldest phone phreaks. This audio art is available in style, via the telephone. On a phone number in New York city: country code 1, number 718-362-9578.

I can call this as an international call, which will cost me, but with the current competition on prices for phone calls that isn't too big a deal.

But there is a better way. More in style. Combining the modern technology of Voice over IP with old-school phone phreaking.

Listen to me setting up the call via voip and ProjectMF in the US and blueboxing it from there to New York. But with permission from the owner of ProjectMF.

Websites mentioned in this podcast:

Yes, quality of the recording isn't great. The setup with a speakerphone generates lots of echo. And I need to work on my presentation.
Listen to audio attachment:
MP3 media: Telephony and blueboxing (rightclick, select save-as to download)

Tags: , , ,
2011-02-15 (#) 8 years ago
I followed a link to the Linux Call Router and found this gem on the page: www.blueboxing.org which has some good descriptions of blueboxing as it was 'back then' from the European view. And the Linux call router offers the option of CCITT-5 handling. You can also download Beep-Beep on the site which is a nice software bluebox (CCITT-5 dialer) for Linux. One advantage over CAESAR which I tried before in 2008 is that it can set a sequence of multiple digits and play it at once. Which has at least one advantage: the result sounds a lot like I expect from 'phreaking' sounds. And Jolly Eversberg runs a CCITT #5 exchange which you can phreak. Indeed, "Phreaking never dies!".

Tags: , ,
2008-09-09 (#) 10 years ago
No success in getting CĂSAR to reliably box a call on the Project MF server last evening. I think the main problem is with the sound driver or sound hardware not liking what I want to do: generate multi frequency tones. Lots of weird clicks and echoes happened on two different systems (with alsa sound drivers). But I had fun with Asterisk in the process. Legal phreaking over voip: who would have thought that to be possible.
Update 2008-09-09: It's now working. I installed CĂSAR on another PC running the oss sound drivers, and there were no weird clicks and echos. I added the pure 2600 tone to the caesar.rc file as
tone clear_test {
freq 2600
delay 0 duration 500
}
map '=' clear_test
and I could play with the projectmf server after I put the speakerphone close to the speakers. Loads of fun with the echo test: hearing my own voice echoed over a server with a Chicago phone number. Although I called it via the iax2 method.

Tags: , , , ,
2008-09-08 (#) 10 years ago
The History of Phone Phreaking. A very cool site about the history (and history it is, going waaay back) of phone phreaking. With interesting information about the process of researching that history.

Found via Jason Scott: The FBI File of Yipl/TAP

Interesting thing to try: see if I can get CĂSAR, an open-source MF / DTMF generator or blue box for Linux working to make a call to the Project MF server to simulate blue boxing. But it will be from a phone behind an asterisk test server so I don't have to pay to call a US number.

Tags: , , ,

, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews