The co-founder of the Metasploit Project aims to upgrade wardialers this week, speeding surveys of blocks of phone numbers using voice-over-IP lines and storing data on who or what answers the phone at each number.
Dubbed Warvox, the software makes war dialing which, today, involves expensive software and modem banks to efficiently check numbers much less expensive and less time-consuming by using voice-over-IP lines. With only about 4 percent of numbers leading to modems, traditional war dialing misses the point, said HD Moore, the author of Warvox and project lead of the Metasploit Project.
"There are not that many modems out there," he said. "So they go through ten thousands numbers just to find a few hundred modems, at most."
War dialing remains popular among penetration testers because corporate security frequently misses problems such as unsecured modems, unauthorized wireless access points and other asset issues, Moore said. In 2002, one hacker claimed that 90 percent of companies could be attacked through modem lines. Today, modems are still a problem for some companies especially infrastructure firms that employ modems as part of their SCADA network.
The Warvox software, which waits on a final bug fix before before being released, uses pay-per-minute voice-over-IP lines to dial roughly ten lines at the same time and record 20 seconds of any answer. The additional audio data makes war dialing a lot more interesting, because it does not just look for lines connected to modems but also classifies other lines as well, Moore said. For example, by comparing the pauses between words, the security researcher was able to pick out numbers that used the same voicemail system.
"I was helping a friend with his war dialing project and just trying to speed it up," Moore said. "Instead, I found all sorts of interesting things," including a line that returned a fresh dial tone and a company's internal directory.
The legality of using the software is questionable, he added. For the foreseeable future, Moore plans to only use Warvox when doing authorized penetration tests or in international jurisdictions where war dialing is allowed.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos