Posted on Thursday, 29th July 2010 by Michael
AMJchan: Automating the chan_sip.so patching for Magic Jack
AMJchan is a shell script written by the Digital Offensive team to quickly and accurately patch your Asterisk server for use with the Magic jack. This script was developed and tested on Centos, fedora and Redhat. The script can be easily altered to use another package manager other then yum to make it cross system compliant.
Posted in Code | Comments (0)
Posted on Friday, 16th July 2010 by Michael
Commission based position available with Digital Offensive
Looking for someone that has the time, motivation and ability to generate leads and write proposals to help grow our business. This is a commission based position and due to that there is no benefits being offered. All commissions will be based on the final contract amount and paid after successful completion and payment of the contract. At the current time we are not taking applications from recruiters. All applicants must be at least 18 years old to apply.
Posted in Blog | Comments (0)
Posted on Friday, 9th July 2010 by Michael
Simple Asterisk Auto Dialer
What is it:
This simple shell script was created by Michael LaSalvia of Digital Offensive to auto dial numbers and plays back a message to the person that picks up the phone. This script will take a comma separated file (CSV) that is setup as follows:
Number,Sound,Trunk_Name
And automate the dialing and playing of that sound / message. The sound can be in the standard gsm format or an mp3 file. This is useful for automating phone campaigns or just having a good time messing with friends.
How it works:
This script takes advantage of the Asterisk outgoing spool directory. The script creates a “call” file using the variables that you provided in the csv file as well as the variables you set in the script. The file is then moved into the /var/sppol/asterisk/outgoing directory where asterisk will process the “call” file and place the call.
Posted in Code | Comments (1)
Posted on Wednesday, 7th July 2010 by Michael
CheckPoint Site to Site VPN Audit automation with “fwm logexport and scripting”
Up to recently we use to pay a third party SEIM provider to provide us reporting for all our site to site VPN tunnels. This is due to an audit requirement we had that said that our system administrators had to report on any time their vendor connected to the tunnel. If they connected they had to provide the start date & time, the end date & time, the duration of the connection, the source address and destination address, the protocol & port as well as the tunnel name.
Due to the cost of the third party SEIM provider as well as their not so wonderful service we decided to find a replacement. The only issue is the replacements we found all cost over 100,000 a year. This is when Michael Yan and I set forth to develop our own solution.
We are happy to bring you “CP-VPN-Auto-Audit 1.0”. This system is compromised of 4 scripts that run together to export your logs, format them into individual tunnel csv reports and then email them to the system administrators.
Read the rest of this entry…
Posted in Code | Comments (2)
Posted on Thursday, 10th June 2010 by Michael
MJSIP: Automating the Magic Jack SIP retrieval
What is it:
MJSIP is a simple Perl script written by a co-worker and myself. This script uses regular expression matching to automate the finding of your SIP password in the dump file.
MJSIP has been tested on over 50 Jacks that were purchased and registered this month (6/07/10). Each Magic Jack we tested worked flawlessly.
Though this tool has been tested and we have worked out many of the bugs there are two conditions that we are aware of that will cause MJSIP not to return a password back to you. The first condition is if you dumped the memory wrong using the SIPDump tool. The second condition is if your Magic Jack password contains the same letter or number more than 4 x in a row.
Posted in Papers | Comments (9)
Posted on Wednesday, 9th June 2010 by Michael
Can you pop me now?
Like most programs Asterisks offers the ability to launch system commands from with inside the application. This means it is possible for either a developer or a malicious person to execute system commands by simply editing the dial plan and making a phone call.
This is nothing new the ability to execute system commands from within an Asterisk based PBX has been around since it was first developed. A quick Google on the topic of “Asterisk system command” shows me that it has at least been documented since 2007 according to the article found here:
http://www.voip-info.org/wiki/index.php?page_id=166
This article goes into great detail explaining how to set this up. The article also points out how this is insecure and provides a few additional dial plans that can be used to help thwart this command from being abused.
My article is going to look at this from the malicious standpoint and how to create a true phone home.
So you have just popped a Linux box and noticed that is running Asterisk besides the normal mischief you can cause such as racking up long distance calls and recording conversations. Let’s make sure you can get back in any time you want by simply making a call.
Posted in Papers | Comments (0)
Posted on Wednesday, 5th May 2010 by Michael
Overcoming SIP over NAT
On most of the Asterisk based PBX forums on the internet one of the top help related questions posted is “the phone rings and I can answer it but there is no voice” or one of many variants of that question. The issue is most likely due to the fact you are running the PBX behind a NAT. Most likely your PBX is either behind your home router or your enterprise firewall and you are using a RFC 1918 IP address for it. You are also most likely either doing inbound port forwarding or one to one NATing depending on your firewall.
Posted in Papers | Comments (0)
Posted on Friday, 2nd April 2010 by Michael
Blue Coat URL Redirection Vulnerability
The Blue Coat web filter is one of the industry’s leading web filtering solutions. It provides the organization the ability to filter where their employee’s, vendors, customers or guests can go online.
The Blue Coat Web filter has an issue where it will display a base64 encoded URL in the following format http://blue_coat_name/?cfru=aHR0cDovL3d3dy5nb29nbGUuY29tLw== when it has an error.
Posted in Security Advisories | Comments (0)
Posted on Monday, 22nd March 2010 by Michael
After months of research of a simple way to create custom ringtones for Cisco IP phones I have come up with the following methods based on the Cisco documentation located at : http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/3_0_9/a3rings.html . Cisco requires that the custom ringtones meet strict guidelines. This baffles me as my cell phone can play full length mp3 files as a custom ringtones and costs a fraction of a Cisco IP phone. Oh well I digress. To accomplish this I chose to use the “sox” application. Sox is like a Swiss army knife for sound editing and the best part it is free.
I have created a simple shell script below that will automate the process for you. This script was written to run on the Linux based PBX (Trixbox, PBX in a Flash, Asterisk and so on). Though with a little editing of the script you can use it to just create the ringtones and not install them.
Posted in Code | Comments (0)
Posted on Wednesday, 17th March 2010 by Michael
It has come to my attention through several comments and emails that a lot of the links that contain these tools no longer work. So in order to provide them to the masses I have uploaded them to my site. They can be accessed at this link: http://www.digitaloffensive.com/mj/mj.rar
If you like your SIP info retrieved for you, we offer remote retrieval support for $10.00 per Magic Jack:
I have also corrected the download link for the mjproxy source code in my article: http://www.digitaloffensive.com/mjproxy.c.tar.gz
Posted in Blog | Comments (4)