I just finished writing a stock checking program where I can dial my home phone number, enter a pin number, and have my computer read my current stock prices... I'm now interested in caller ID Spoofing. I have my computer set up to launch applications and perform tasks by a simple phone call. I want to integrate caller ID Spoofing into the mix of these tasks BUT i have not found a decent read on the subject.
Has anyone tried or know of applications or hardware that can spoof a caller id?
~posted by toast
~from syntaxmaster
Caller ID spoofing; and how caller ID works
how caller ID works
Since the Caller ID signal is only generated at the called party's exchange, and the caller's line is only connected after the called party has answered the line, it should be impossible to fake the Caller ID data without access to the called party's line or exchange. ;edited;
;pasted;
To send caller ID information to your home, the phone company uses an FSK technique identical to a 1,200 baud modem and it sends ASCII character data to the caller ID box. The modem message is sent between the first and second ring. So the phone rings once, and if you could listen to the phone line just after that ring, you would hear a "bleeeep" sound about half a second long. If you decoded the bleep, you would find that it contains (in the simpler of the caller ID systems):
A series of alternating 1s and 0s to help the caller ID box get the timing down
A series of 180 1s
A byte representing the type of message
A byte representing the length of the message
Month, day, hour and minute, each represented with a pair of bytes
The 10 digit phone number in 10 bytes
A checksum byte
There is also a more advanced system that contains the caller's name, etc., but its technique is identical (the telcom system performs a 'phone book' lookup service). Each character is sent as a standard 8-bit ASCII character preceded by a "0" start bit and followed by a "1" stop bit.
The caller ID box contains a modem to decode the bits, a little circuit to detect a ring signal, and a simple processor to drive the display.
;edited;
Note: this is why you need the caller ID service from your telco, otherwise it will not send the caller ID signal to your home.
once you have the service, you can use a computer to play with it as well, but not for spoofing. end note.
In any case, if you do anything too naughty, the authorities will still be able to track you down using the billing data. All you can do is make the data unavailable. Examples of this are using 141/*67 or placing a call via the operator, a non-SS7 calling card, a payphone, or an analogue mobile phone.
In a nutshell, since caller ID is done at the telcom level prior to the connection to the called party - you'll need to spoof at that level. Telcom have set up their system to prevent spoofing for their billing purposes. They know who you are. It is easier to get caller ID nfo than it is to hide it;
www.digitalroom.net/index2.html
www.ainslie.org.uk/callerid/cli_faq.htm
How do you spoof? Besides Pay as you Go cellphones, and obscure calling card services like this one;
http://www.shomer-tec.com/site/product. ... 570743D87D
You can hack exchange boxes (those green telco boxes in your neighborhood), you can connect a box to a neighbors box on the side of his house, you can crack a nearby phonebooth. The answer is mostly a hardware and telcom exchange level hacking.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
But...But... DNR!!
I had to combine a few programs that all interact to check my stocks
1. I installed Phone Dialer Pro
2. I downloaded WGET
3. I installed a text to voice reader (will post link later today)
4. I wrote a batch script to combine each of these programs.
Batch Script
1. WGET the webpage of my stock & echo it out to a file
2. Finds the line of text with my stock quote and echos out to a second file
3. Uses a text to voice converter and creates a human voice .wav with the current stock quote
4. Launches wmplayer and plays the current stock quote .wav
How does it all tie in?
Phone Dialer Pro is set to listen through my dial up modem and will respond only if the # is my cell phone. I enter a pin number and it launches the batch. I have the mic set as speakerphone once the call has been answered. After the batch file gets the stock quote it plays the wav through the speakers. The microphone then autoconverts the wav to a 8mhz 16kb frequency that can pass through the phone line.
Modem Commands
I havnt had the chance to echo any AT commands to my modem yet but i will try to familiarize myself with the syntax and batch it up. If I figure this out I can get rid of Phone Dialer Pro and have complete control over incoming & outgoing calls based on errorlevels in the batch script.
I had to combine a few programs that all interact to check my stocks
1. I installed Phone Dialer Pro
2. I downloaded WGET
3. I installed a text to voice reader (will post link later today)
4. I wrote a batch script to combine each of these programs.
Batch Script
1. WGET the webpage of my stock & echo it out to a file
2. Finds the line of text with my stock quote and echos out to a second file
3. Uses a text to voice converter and creates a human voice .wav with the current stock quote
4. Launches wmplayer and plays the current stock quote .wav
How does it all tie in?
Phone Dialer Pro is set to listen through my dial up modem and will respond only if the # is my cell phone. I enter a pin number and it launches the batch. I have the mic set as speakerphone once the call has been answered. After the batch file gets the stock quote it plays the wav through the speakers. The microphone then autoconverts the wav to a 8mhz 16kb frequency that can pass through the phone line.
Modem Commands
I havnt had the chance to echo any AT commands to my modem yet but i will try to familiarize myself with the syntax and batch it up. If I figure this out I can get rid of Phone Dialer Pro and have complete control over incoming & outgoing calls based on errorlevels in the batch script.
Very good toast, I am impressed. It looks like you have a good tweak there.
But I guess the question comes back, why is spoofing important then? Are you testing for security vulnerabilities?
You could check the security of Phone Dialer Pro by trying to call thru another phone and see if it makes sure its the cell phone.
Let me know.
DNR
But I guess the question comes back, why is spoofing important then? Are you testing for security vulnerabilities?
You could check the security of Phone Dialer Pro by trying to call thru another phone and see if it makes sure its the cell phone.
Let me know.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
-
Nerdz
- The Architect
- Posts: 1127
- Joined: 15 Jun 2005, 16:00
- 18
- Location: #db_error in: select usr.location from sucko_member where usr.id=63;
- Contact:
http://www.fakecaller.com/ maybe you can find something usefull there...
Give a man a fish, you feed him for one day.
Learn a man to fish, you feed him for life.
Learn a man to fish, you feed him for life.
Haha, That made my day.nerdzoncrack wrote:http://www.fakecaller.com/ maybe you can find something usefull there...
