Digital Offensive

Posted on Tuesday, 31st August 2010 by Michael

Facebook Bot: FBCbot.pl

FBCbot is a bot written in Perl to interface with Facebook on the users behalf. The bot is still in its infant stage and could definitely be improved upon. Currently FBCbot was developed on Linux though since it is written in Perl it can be modified to run on Windows as well. The FBCbot was developed in a way to allow for quick writing and adding of additional modules to it. Side note I am pretty new to programming in Perl, so if you see something that could be improved please let me know.

Read the rest of this entry…

Posted in Code | Comments (0)

Posted on Thursday, 26th August 2010 by Michael

WARNING: Do not plug your Magic Jack in for any updates even if you need to renew. There seems to be a recent update that is causing the password to change on every registration.

We have been able to rule out the following false information that is circulating on the net. From the dumps and the traffic we captured they are still using proxy01 and the user account is still E########01.

Until we can get a few test Jacks to test with we are temporarily removing the SIP retrieval service.

If you have a jack you want to donate please contact us as we work on this issue.

Posted in Blog | Comments (0)

Posted on Thursday, 12th August 2010 by Michael

Is your site truly secure if the little box says it is?

Site verified secure! You see this on many sites out there. They all proudly display an image from a company saying that their site is scanned daily and has been determined secure. How many of these sites truly verify your site is secure? Have you checked your site lately?

While doing some research on a product I was interested in, I stumbled upon a cross site scripting vulnerability in the search box of the vendor’s website.  I was not to concern, as many search boxes on the internet are vulnerable to XSS.  I was about to move on until I noticed this iamge at the bottom of the page:

Read the rest of this entry…

Posted in Papers | Comments (0)

Posted on Monday, 2nd August 2010 by Michael

ADA: Asterisk Desktop Assistant by Diginum

The Asterisk Desktop Assistant is a plug-in that allows you to be able to click on telephone numbers inside of Microsoft Office Products, Firefox and Thunder Bird. Once you click on the number it will ring your phone, once you answer it will then dial and connect you to the number you clicked.

The Asterisk Desktop Assistant can be found her for download: http://blogs.digium.com/2008/12/22/asterisk-desktop-assistant-windows-click-to-call-and-more/

Though Diginum provides a great website and a lot of data on how to install this plug-in their directions are extremely high level and it takes more tweaking then they have documentation on.

Read the rest of this entry…

Posted in Papers | Comments (0)

Posted on Thursday, 29th July 2010 by Michael

AMJchan: Automating the chan_sip.so patching for Magic Jack

AMJchan is a shell script written by the Digital Offensive team to quickly and accurately patch your Asterisk server for use with the Magic jack. This script was developed and tested on Centos, fedora and Redhat. The script can be easily altered to use another package manager other then yum to make it cross system compliant.

Read the rest of this entry…

Posted in Code | Comments (1)

Posted on Friday, 16th July 2010 by Michael

Commission based position available with Digital Offensive

Looking for someone that has the time, motivation and ability to generate leads and write proposals to help grow our business. This is a commission based position and due to that there is no benefits being offered. All commissions will be based on the final contract amount and paid after successful completion and payment of the contract. At the current time we are not taking applications from recruiters. All applicants must be at least 18 years old to apply.

Read the rest of this entry…

Posted in Blog | Comments (0)

Posted on Friday, 9th July 2010 by Michael

Simple Asterisk Auto Dialer

What is it:

This simple shell script was created by Michael LaSalvia of Digital Offensive to auto dial numbers and plays back a message to the person that picks up the phone. This script will take a comma separated file (CSV) that is setup as follows:

Number,Sound,Trunk_Name

And automate the dialing and playing of that sound / message. The sound can be in the standard gsm format or an mp3 file.  This is useful for automating phone campaigns or just having a good time messing with friends.

How it works:

This script takes advantage of the Asterisk outgoing spool directory. The script creates a “call” file using the variables that you provided in the csv file as well as the variables you set in the script. The file is then moved into the /var/sppol/asterisk/outgoing directory where asterisk will process the “call” file and place the call.

Read the rest of this entry…

Posted in Code | Comments (2)

Posted on Wednesday, 7th July 2010 by Michael

CheckPoint Site to Site VPN Audit automation with “fwm logexport and scripting”

Up to recently we use to pay a third party SEIM provider to provide us reporting for all our site to site VPN tunnels. This is due to an audit requirement we had that said that our system administrators had to report on any time their vendor connected to the tunnel. If they connected they had to provide the start date & time, the end date & time, the duration of the connection, the source address and destination address, the protocol & port as well as the tunnel name.

Due to the cost of the third party SEIM provider as well as their not so wonderful service we decided to find a replacement. The only issue is the replacements we found all cost over 100,000 a year. This is when Michael Yan and I set forth to develop our own solution.

We are happy to bring you “CP-VPN-Auto-Audit 1.0”. This system is compromised of 4 scripts that run together to export your logs, format them into individual tunnel csv reports and then email them to the system administrators.
Read the rest of this entry…

Posted in Code | Comments (2)

Posted on Thursday, 10th June 2010 by Michael

MJSIP: Automating the Magic Jack SIP retrieval

What is it:

MJSIP is a simple Perl script written by a co-worker and myself. This script uses regular expression matching to automate the finding of your SIP password in the dump file.

MJSIP has been tested on over 50 Jacks that were purchased and registered this month (6/07/10). Each Magic Jack we tested worked flawlessly.

Though this tool has been tested and we have worked out many of the bugs there are two conditions that we are aware of that will cause MJSIP not to return a password back to you. The first condition is if you dumped the memory wrong using the SIPDump tool. The second condition is if your Magic Jack password contains the same letter or number more than 4 x in a row.

Read the rest of this entry…

Posted in Papers | Comments (13)

Posted on Wednesday, 9th June 2010 by Michael

Can you pop me now?

Like most programs Asterisks offers the ability to launch system commands from with inside the application. This means it is possible for either a developer or a malicious person to execute system commands by simply editing the dial plan and making a phone call.

This is nothing new the ability to execute system commands from within an Asterisk based PBX has been around since it was first developed. A quick Google on the topic of “Asterisk system command” shows me that it has at least been documented since 2007 according to the article found here:

http://www.voip-info.org/wiki/index.php?page_id=166

This article goes into great detail explaining how to set this up. The article also points out how this is insecure and provides a few additional dial plans that can be used to help thwart this command from being abused.

My article is going to look at this from the malicious standpoint and how to create a true phone home.

So you have just popped a Linux box and noticed that is running Asterisk besides the normal mischief you can cause such as racking up long distance calls and recording conversations. Let’s make sure you can get back in any time you want by simply making a call.

Read the rest of this entry…

Posted in Papers | Comments (0)