[TOOL] iWar PSTN Auditing Tool
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 19 Jan 2006 17:16:09 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
iWar PSTN Auditing Tool
------------------------------------------------------------------------
SUMMARY
DETAILS
iWar is a "war dialer" written completely in C for Unix types of operating
systems (Linux, FreeBSD, OpenBSD, etc). It is intended for legal phone
security equipment auditing.
Current Features:
* Full and Normal logging: Full logging records all possible events
during dialing (busy signals, no answers, carriers, etc). By default it
only records things that we might find interesting (carriers, possible
telco equipment).
* ASCII flat file and MySQL logging: You can log to a traditional ASCII
flat file, and record information into a MySQL database.
* Dials randomly or sequentially.
* Remote system identification: When finding a remote modem and
connecting, iWar will remain connected and attempt to identify the remote
system type.
* Key stroke marking: When actively "listening" to iWar work, if you hear
something interesting, you can manually "mark" it by hitting a key. You
can also enter a "note" about something you find interesting.
* Multiple modem support, because... well, hey - this is "Unix". iWar
will support as many modems you can hook up
* Nice "curses" based display. This means that if you're using iWar from
a Linux console or a VT100 based terminal, it should work fine. It's not a
escape sequence kludge, but true "curses".
* Full control over the modem: Unlike other 'kludges', iWar doesn't just
open the modem as a typical "file". It controls the baud rate, parity, and
CTS/RTS (Hardware flow control) DTR (Data terminal ready). This is
important for controlling the modem and making it preform the way you want
it to during scanning. For example, DTR hang ups.
* Blacklisted phone number support: For numbers the system should never
dial.
* Save state: If within the middle of a "wardialing" session you want to
quit, you can save the current state to a file. This allows you to come
back later and restart iWar where you left off. (via the '-l' option)
* Load pre-generated numbers: You can load a file (via the '-L' option)
of numbers that you want to dial. This is useful if you want to load
numbers generated by another routine (perl/shell script/etc).
* Tone location, if your modem supports it. iWar uses two different
methods. The traditional "ATDT5551212w;" (Toneloc) and "silence"
detection.
* Records remote system banners on connection for later review
* iWar can be used to attack PBX's and Voice mail systems
* Terminal window so you can watch modem interactions and carrier results
in real time
* Support the IAX2 (Intra-Asterisk eXchange) "Voice over IP" (VoIP)
protocol. This allows you to scan without the need of additional hardware!
To my knowledge, iWar is the first war dialer with VoIP functionality
* In IAX2 mode, iWar acts as a "full blown" VoIP client. In this mode,
key 0-9, * and # play there DTMF equivalents. In this mode, you can also
directly "talk" (using a microphone) with the remote target if so desired.
* In IAX2 mode, if your VoIP provider supports it, you can "set" your
caller ID number (caller ID spoofing).
* Comes with complete source code and is released under the GNU General
Public License.
ADDITIONAL INFORMATION
The information has been provided by <mailto:beave@xxxxxxxxxxxxxxxxx> Da
Beave.
To keep updated with the tool visit the project's homepage at:
<http://www.softwink.com/iwar/> http://www.softwink.com/iwar/
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [NEWS] ACT P202S VoIP Wireless Phone Multiple Vulnerabilities
- Next by Date: [NEWS] AmbiCom Bluetooth Object Push Buffer Overflow
- Previous by thread: [NEWS] ACT P202S VoIP Wireless Phone Multiple Vulnerabilities
- Next by thread: [NEWS] AmbiCom Bluetooth Object Push Buffer Overflow
- Index(es):
Relevant Pages
|
