ThoughtPhreaker

Toll-free diverter

43 posts in this topic

Hi ThoughtPhreaker,

I tried your diverter and was really surprised to hear my spoofed number read back to me by the MCI ANAC (1-800-444-4444). I didn't know you could spoof ANI that way.

What DID provider do you have for the 516 number? Are you using Asterisk to divert and spoof, or some other platform? Also, do the VOIP providers allow you to spoof for free?

Thanks a lot. Oh, and by the way, your voice prompts are very nice too :)

Thanks,

Kaya

0

Share this post


Link to post
Share on other sites

Yeah, I tried it with the 800-437-7950 ANAC and got the exact same thing!

I had the number I was "calling from" as 301-958-1337 (entire exchange invalid, previously used for verizon test numbers) and I'll be darned but it read that back as my ANI.

Hm, so you could theoretically call a calling card 800 number and have it pass your spoofed CID to a toll number, basically using any calling card like spoof card?

Calling cards generally don't pass ANI though...

0

Share this post


Link to post
Share on other sites
What DID provider do you have for the 516 number?

The 516 DID is a free account on ipcomms.net. Unless you have no other choice, I'd personally avoid them. I think they start listening to the calls on your DID if you get a lot of them, because a while back, they started accusing me of running a calling card service. It could be that my particular DID takes a long IP route (NY --> Georgia --> My house), but I also get an unusual amount of delay on my DID. The fact that they mysteriously block ping requests on their SIP server doesn't exactly make me too confident about this, either.

Are you using Asterisk to divert and spoof, or some other platform? Also, do the VOIP providers allow you to spoof for free?

Yep, Asterisk runs the show for the diverter. Every provider I've heard of doesn't charge you to spoof, but some charge you to call toll-free numbers.

Thanks a lot. Oh, and by the way, your voice prompts are very nice too :)

Thanks! I'm glad someone else thinks it was a better decision to make my own prompts rather then slap on the default asterisk recordings.

Calling cards generally don't pass ANI though...

Are you sure? Every calling card I have except one passes ANI fields (I haven't checked any others, but all the ones ran by major carriers like MCI and AT&T pass privacy bits too). The one that doesn't pass ANI has nothing to do with the card itself, though, it's perfectly capable of trying to pass it. This particular company just interconnects with a lot of really strange long distance carriers that don't always pass it right, so there's days it'll work fine in some areas, and other days you'll get some random number, if anything. I say days, too, because if you're familiar with this particular card company, you may've figured out they'll change long distance carriers to some areas almost literally *every* day.

0

Share this post


Link to post
Share on other sites
Are you sure? Every calling card I have except one passes ANI fields (I haven't checked any others, but all the ones ran by major carriers like MCI and AT&T pass privacy bits too). The one that doesn't pass ANI has nothing to do with the card itself, though, it's perfectly capable of trying to pass it. This particular company just interconnects with a lot of really strange long distance carriers that don't always pass it right, so there's days it'll work fine in some areas, and other days you'll get some random number, if anything. I say days, too, because if you're familiar with this particular card company, you may've figured out they'll change long distance carriers to some areas almost literally *every* day.

Yeah, I've actually seen MCI cards not pass my ANI. I was using a few old cards my parents have (from late 90s?) that were showing ANI as either 212-547-0000 or 312-470-9921 when calling into ANACs from NPA 301, both of which are obviously internal MCI numbers, seeing as both exchanges have the OCN of "MCIMETRO, ATS, INC."

The cards do spoof your CID as the outgoing CID though. I've confirmed this by calling my cell phone with the same cards.

So these old MCI cards at least have CID and ANI that do not match, CID showing your number, but ANI showing the internal MCI line (being used for the call?)

And that still doesn't explain how your diverter is spoofing ANI! B)

...and it certianly is.

Edit: Oh yes. I have seen ANI fails out of calling cards on rare occasion.

Edited by Skunkworks
0

Share this post


Link to post
Share on other sites
Yeah, I've actually seen MCI cards not pass my ANI. I was using a few old cards my parents have (from late 90s?) that were showing ANI as either 212-547-0000 or 312-470-9921 when calling into ANACs from NPA 301, both of which are obviously internal MCI numbers, seeing as both exchanges have the OCN of "MCIMETRO, ATS, INC."

Internal numbers? I think the point of there is just for them to be there. Seriously, I've seen the numbers you're talking about too, and they only come up in the charge number field on toll-free calls. In the case of an ANI fail, if that field wasn't there, a lot of toll-free calls would just go to error recordings. The reason for this is, for toll-free calls to route properly, the area you're calling needs to be known in a lot of cases. If you want to see what it's really passing, these ANACs don't supervise so you can call them on their dime.

541-584-0021 - Reads last seven digits of charge #

712-580-9999 - NPA read is charge #, rest is calling party #

And that still doesn't explain how your diverter is spoofing ANI! B)

There's a field in SIP that's specifically there for the gateway to set as your number before the call progresses to the telephone network. It only makes sense to let people pass whatever looks good, because a lot of times, as is the case with PRIs as well, there can be more than one number assosciated with a PBX or a calling card platform, and to give the right contact number, it only makes sense to let whatever is processing the first step of the call let it decide for itself what that number should be.

Oh, right, and wouldn't it be a lot nicer if a calling card platform passed your number instead of some random number to the person you were calling?

0

Share this post


Link to post
Share on other sites

If you ever feel like scanning with the diverter, I added a new option. On 796-7228, press * when you want to hang up and you'll get dumped back to the prompt for the number you want to call.

Also, if you happen to find a dialtone on a toll-free number that responds to nothing, verfiy it first. Chances are it's just the dialout provider not knowing what a CBCAD message is.

0

Share this post


Link to post
Share on other sites

Okay, so a dilemma came my way about a week ago. I was talking to someone about my diverter, and they mentioned the prospect of how badly something like this could be abused. It got me thinking about a certain bill that came into place some time ago, requiring all companies providing phone service to report failed social attempts to both the FBI and the secret service. So I did a search in my logs for the number to a certain wireless provider, and found more than several calls to it.

So, yeah, fuck it. After about a week of consideration and looking for the main number to other companies doing phone stuff, I just decided to take it down. I expected things slightly less than legal to happen. It's a diverter, right? If you drop it publicly, these things happen, sure. I'm not going to take the chance of being responsible for some kiddie who thinks they're hot shit for shutting off someone's phone, though. I hate to bring it down to this, but yeah, if you want to spoof, just do it on your own time.

0

Share this post


Link to post
Share on other sites

Thanks for keeping it up as long as you did. I can't blame you for taking it down.

0

Share this post


Link to post
Share on other sites

Since I've been getting a lot of PMs about this, I'd like to make one thing clear. The diverter wasn't shut down because of financial difficulties. There are many CLECs willing to pay you to send them your toll-free traffic. Had this been an issue, I would've sent my traffic to them instead of stopping the service. The reason it was shut down has to do with the shady activity that was going on. I have no problem letting a couple of shifty calls fly, but when calls that have the potential to include secret service involvement become something happening on a weekly basis, I don't want anything related to me being involved.

To put it another way, much like a number of things that've been posted on this board, the service is gone. End of story.

0

Share this post


Link to post
Share on other sites

Have you thought of bringing it back but only allowing calls to a set of whitelisted toll free numbers?

The few times I used your diverter to spoof I was only calling anacs and other automated numbers to see what results various ANI combinations would produce. I gotta say that was pretty cool, especially when I got 800-437-7950 to read back 313-370-0000 as my ANI (I still have the recording...)

Basically, what do you think of the idea of bringing it back but only letting it dial out to a small group of pre-screened numbers that couldn't in any way be used for criminal activities? It really is a shame that people abused it like that.

0

Share this post


Link to post
Share on other sites

I'll consider it. In the meantime, though, I'm having a couple of difficulties that really won't allow me to host anything for a few days.

0

Share this post


Link to post
Share on other sites

I would love to see how you set up your extensions.conf

Can you help me get a free DID? And btw, how do you dial out of the trixbox? Is that part of the DID also?

0

Share this post


Link to post
Share on other sites

Here is an example of a basic diverter in an Asterisk dialplan. A welcome message is played which prompts the user for a 1-800 number. The PBX then waits for the number to be punched in. If the number entered is valid, the CID is changed and the outward call is made. If the number entered is invalid, the caller is returned to the beginning of the menu. In the case of a time out, the call is ended. It's pretty basic, but works as expected.

[800Diverter]

exten => s,1,Playback(${SRN_PBX_Diverter_Welcome})

exten => s,n,WaitExten()

exten => _1800NXXXXXX,1,Playback(${SRN_PBX_Diverter_Dialing})

exten => _1800NXXXXXX,n,Set(CALLERID(all)=Joe Phreak <6665551212>)

exten => _1800NXXXXXX,n,Dial(SIP/${EXTEN}@provider,300,r)

exten => i,1,Playback(${SRN_PBX_Diverter_InvalidNumber})

exten => i,n,GoTo(800Diverter,s,1)

exten => t,1,Playback(${SRN_PBX_Diverter_Goodbye}

exten => t,n,HangUp()

0

Share this post


Link to post
Share on other sites
Here is an example of a basic diverter in an Asterisk dialplan. A welcome message is played which prompts the user for a 1-800 number. The PBX then waits for the number to be punched in. If the number entered is valid, the CID is changed and the outward call is made. If the number entered is invalid, the caller is returned to the beginning of the menu. In the case of a time out, the call is ended. It's pretty basic, but works as expected.

[800Diverter]

exten => s,1,Playback(${SRN_PBX_Diverter_Welcome})

exten => s,n,WaitExten()

exten => _1800NXXXXXX,1,Playback(${SRN_PBX_Diverter_Dialing})

exten => _1800NXXXXXX,n,Set(CALLERID(all)=Joe Phreak <6665551212>)

exten => _1800NXXXXXX,n,Dial(SIP/${EXTEN}@provider,300,r)

exten => i,1,Playback(${SRN_PBX_Diverter_InvalidNumber})

exten => i,n,GoTo(800Diverter,s,1)

exten => t,1,Playback(${SRN_PBX_Diverter_Goodbye}

exten => t,n,HangUp()

Thanks! I'll make sure to study up on Asterisk configs more :D

Why an 800 number btw? :-/

0

Share this post


Link to post
Share on other sites

Here's the script I was using for my diverter, sans the toll-free restriction and suicide hotline blacklist. Give it a couple of sounds and a provider to work with, and you should be set. Just be aware that SetCallerID() was deprecated in 1.6, so you'll have to modify that bit unless you're using 1.4/1.2 .

There's a couple of free DID providers. If you're on the west coast, http://www.ipkall.com should work better for you, or http://www.ipcomms.net if you're in the East. It doesn't make much difference, you can still use both; it's just if you use one on the opposite side of the country, you'll get a lot more delay on your call.

   [tf-aniset]
exten => 1,1,Background(callingfrom3)
exten => 1,2,Waitexten(6)
exten => 1,3,Background(callingfrom3)
exten => 1,4,Waitexten(6)
exten => 1,5,Background(callingfrom3)
exten => 1,6,Waitexten(15)
exten => 1,7,Hangup()
exten => *67,1,SIPAddHeader(Privacy: id)
exten => *67,2,Playback(okay2)
exten => *67,3,Goto(1,1)
exten => 1138,1,Goto(tf-after38,1,1)
exten => *38,1,Goto(tf-after38,1,1)
exten => 1167,1,SIPAddHeader(Privacy: id)
exten => 1167,2,Playback(okay2)
exten => 1167,3,Goto(1,1)
exten => _XXXXXXXXXX,1,SetCallerID(+1${EXTEN})
exten => _XXXXXXXXXX,2,Goto(tfspoof,1,1)
exten => _1XXXXXXXXXX,1,SetCallerID(+${EXTEN})
exten => _1XXXXXXXXXX,2,Goto(tfspoof,1,1)
exten => i,1,Playback(prompt3)
exten => i,2,Playback(notvalid)
exten => i,3,Goto(1,1)
[tf-after38]
exten => 1,1,Background(bong)
exten => 1,2,Waitexten(6)
exten => 1,3,Background(bong)
exten => 1,4,Waitexten(6)
exten => 1,5,Background(bong)
exten => 1,6,Waitexten(15)
exten => _1XXXXXXXXXX,1,SIPAddHeader(Diversion:<tel:+${EXTEN}>\;reason=user-busy\;screen=no\;privacy=off)
exten => _1XXXXXXXXXX,2,Playback(okay2)
exten => _1XXXXXXXXXX,3,Goto(tf-aniset,1,1)
exten => _XXXXXXXXXX,1,SIPAddHeader(Diversion:<tel:+1${EXTEN}>\;reason=user-busy\;screen=no\;privacy=off)
exten => _XXXXXXXXXX,2,Playback(okay2)
exten => _XXXXXXXXXX,3,Goto(tf-aniset,1,1)
exten => i,1,Playback(prompt3)
exten => i,2,Playback(notvalid)
exten => i,3,Goto(1,1)
[tfspoof]
exten => 1,1,Background(tocall)
exten => 1,2,Waitexten(6)
exten => 1,3,Background(tocall)
exten => 1,4,Waitexten(6)
exten => 1,5,Background(tocall)
exten => 1,6,Waitexten(15)
exten => 1,7,Hangup()
exten => _1XXXXXXXXXX,1,Playback(prompt2)
exten => _1XXXXXXXXXX,2,Playback(silence/1|noanswer)
exten => _1XXXXXXXXXX,3,dial(SIP/${EXTEN}@provider)
exten => _1XXXXXXXXXX,4,Hangup()
exten => _XXXXXXXXXX,1,Playback(prompt2)
exten => _XXXXXXXXXX,2,Playback(silence/1|noanswer)
exten => _XXXXXXXXXX,3,dial(SIP/1${EXTEN}@provider)
exten => _XXXXXXXXXX,4,Hangup()
exten => i,1,Playback(prompt3)
exten => i,2,Playback(notvalid)
exten => i,3,Goto(1,1)

0

Share this post


Link to post
Share on other sites

I'm trying to use this service, but when I attempt to dial a number, all I get is the answer tone. I don't get the voice prompts anymore :(

Hello there,having problem using that service?Toll Free Numbers gives you the ability to project an established, professional image, expand your reach and simplify your communications infrastructure. With a wide array of advanced features, Freedom800.com is able to deliver the image, productivity, and professionalism of a Fortune 500 corporate telecommunications system at a price you can afford.

Edited by JennyMay
0

Share this post


Link to post
Share on other sites

Me thinks the admins need to bounce that JennyMay user. :)

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now