Hack MagicJack to work with your Asterisk PBX Installation, 20$ Calls for a year!

Recently there's been a bit of a conversation about hacking the MagicJack VOIP boxes to enable it to work with Asterisk. Like some of the other list users, we weren't aware of this, but this was posted as a followup. Probably old for most of you, but some may find it useful for your Magic Jack.

As of 5-31-08 to obtain your sip credentials you will need to dump your memory while magicjack.exe is running in order to view the decrypted password.
All other information can be had with any packet capture program.

Original, and All credit goes here: http://revolution.hackthisbox.com/magicjack/readme

Replace EXXXXXXXXXX01 with your MJ number. Include E and 01.
Replace the proxy proxy1.Atlanta.talk4free.com:5070 with the proxy your MJ registers to and change host=67.90.138.70 to host=YourProxyIPHere.
Replace XXXXXpasswordXXXXX with your password. Currently a 20 character string consisting of numbers and letters. Mine is all uppercase.

~~~~~sip.conf~~~~~

register => EXXXXXXXXXX01:XXXpasswordXXXX@proxy1.Atlanta.talk4free.com:5070

[magicjack]
context=incoming
username=EXXXXXXXXXX01
type=friend
secret=XXXXXpasswordXXXXX
port=5070
nat=yes
insecure=very
host=67.90.138.70
fromuser=EXXXXXXXXXX01
dtmfmode=inband
qualify=2000

~~~~~sip.conf~~~~~

~~~~~extensions.conf~~~~~

[incoming]
exten => YourMJNumber,1,Answer
exten => YourMJNumber,2,Dial(sip/sipura,30,r) ;dial someone...such as an ATA

[MagicJackOutgoing]
exten => _1NXXNXXXXXX,1,Dial(SIP/${EXTEN}@magicjack,30,r)
exten => _1NXXNXXXXXX,2,congestion()
exten => _1NXXNXXXXXX,102,busy()
exten => i,1,Hangup
exten => t,1,Hangup
exten => h,1,Hangup

[sip]
include => MagicJackOutgoing

~~~~~extensions.conf~~~~~

Just like the rest of us, craigs list finally announces it’s tired of spammers, voip abusers and prepaid cellular abusers.. right on!

Found this over on the voipsupply blog, it's a little old, but probably new to some of you. Read on.

 

 

Not sure how I missed this, I like to think of myself as being on top of the industry but I just came across this over the weekend.

Craigslist.org, the popular free classified ad site, has been at war with spammers for some time. According to some reports, 90+% of ads in some categories are generated by spambots. Craigslist has deployed countermeasures including CAPTCHA and other techniques, but spammers have quickly evolved their techniques to sidestep them.

A few months back, Craiglist instituted a telephone verification process that places an automated outbound call to a user placing a classified ad in certain categories. The call delivers a unique code using text to speech, which is then used by the poster to authenticate the ad they are placing.

This is an effective measure for dealing with spam, and a great thing for legitimizing the Craigslist user experience….but not so great if you are a Craigslist user and you also happen to be a VoIP or prepaid cellular user.

The problem is that Craigslist is categorically blocking legitimate VoIP and Pre-paid cellular users from authenticating themselves.

The phone verification process is fairly straight forward. When you place an ad in many categories on Craigslist, you are presented with the form below.

Craigslist blocks most VoIP phone numbers, including those from services like Grand Central and Tossable Digits. This is an apparent broad stroke to counter the use of such services by spammers to game Craigslist’s voice verification.

Craig’s uses a 3rd party service, ReduceFraud.com to screen out VoIP and Pre-paid cellular numbers, and will not deliver an automated verification call to a number that is determined to be such. (Since only SPAMMERS use VoIP and Pre-Paid Cellular!!!) What sophisticated algorithm does ReduceFraud.com use to identify VoIP numbers, you ask? They check the DID number to see who owns the NPA NXX X number block, and if the DID number is owned by Level 3 Communications, they classify it as VoIP of course. Whizbang!

Coincidentally, ReduceFraud.com is owned and operated by a CA firm called Telecentrex, who offers their own hosted VoIP service.

Amazingly, this has created a business opportunity for resourceful entrepreneurs. Literally dozens of services have popped up offering everything from VoIP DID Numbers that Craigslist classifies as Fixed Lines, to pre-authenticated Craigslist user accounts, to full-blown Craigslist Super Spammer Software Packages.

I even found programming requsts on e-Lance, Rentacoder and GetaFreeLanceer.com
offering to pay for workarounds.

I would love to find out which service provider Craigslist is using to delivery their automated outbound verification calls. It would be cost-prohibitive to incure circuit-switched LD charges to deliver all those millions of calls…..VoIPMonitor estimated nearly 24 million VoIP users by 2008 (i.e 24 Million frustrated, would-be Craigslist users)…..I would not be surprised to learn that the provider was leveraging VoIP to send these very same outbound verification calls. Now wouldn’t that be ironic?

Spamming People using Dead VOIP Numbers..

So, Someone posted this to the Asterisk-Users list today, interesting because I myself have received a few calls from these toll frees, well, not these specific ones, but from ones with the exact same circumstances. This post got me to thinking, what if spammers are trolling all the SIP/IAX Providers websites that list out the VOIP DID Prefixes without username/password that are available, or are just reading off regular mailings from these companies. IE: Say you scan a few websites, and see that they have did's available in a bunch of prefixes, you simply call all the ones that are available with a wardialer and see which ones aren't dead, and which ones are. Then, use the dead ones in your outgoing CID spoof, which will lead back to the originating voip company, and not yourself. I'm not saying that's what these people are doing, but just something that I started thinking about when reading this guys post. I'm sure there are a plethora of ways they could be doing this, but interesting none the less. anyway, here's the post:

 

 

 

Hello all,

not sure this belongs here, but I'm wondering if anyone else has
received "phone spam" lately. Over the last eight weeks, I've received
over 60 calls to my toll-free numbers, originating from various fake
numbers in the 940 and 956 area codes. When I still *listened* to them,
they began with "for all your office needs go to smtmco.com."

Whenever I call the numbers back (based on caller id), I get one or two
rings, then a click, then dead air. That's also the reason I'm posting
this here -- these folks either have access to a large pool of numbers,
or to a list of "dead" numbers. The last six numbers (three today) are:
940.387.0483
956.982.1640
940.891.6197
956.554.7617
940.891.6099
956.421.3378

The 956 numbers are all SWBell exchanges, while the 940s are GTE/Verizon
exchanges. All calls came in through my toll-free numbers (which in
turn are hosted by vitelity/exgn).

The website referenced isn't loading, but registered to:

Registrant:
Sales Team
321 High School Rd NE, PMB 348
Suite D3
Bainbridge Island, Washington 98110
United States
(800) 921-0136 ; NS1.ORDERSHOPPER.COM

Ordershopper.com also seems a dead-end, as it's registered "by proxy",
as all good spammers do.

I have since established a greylisting function, which simply does the
zapateller and then prompts the caller to call back within ten minutes
to be put through. If the same caller (by ID) calls the same number
within those 10 minutes, he's put through to a person and whitelisted.
If the caller hangs up before hearing the message (during the SIT tone),
the numbers is marked for blacklisting. Outgoing calls are
automatically whitelisted, as are certain (local) area codes. This has
kept the phone silent for a couple of weeks, and afaik, no valid calls
were killed.

But the real question is -- has anyone else seen this?

Photos and Presentation Materials from HITBSecConf2008 – Dubai Released

The codes, tools, exploits, slides and other presentation goodies from
HITBSecConf2008 - Dubai are available for download! You will also find a
'bonus download' of the live recording of DJ Negative's set from the
HITB Post Conference Party at the URL below :)

http://conference.hitb.org/hitbsecconf2008dubai/materials/

The official photos from the training, conference and party have also
been posted on-line at the HITB Photos page:

http://photos.hitb.org/

===

Don't forget that the Call for Papers for HITBSecConf2008 - Malaysia
October 27th - 30th, Kuala Lumpur, Malaysia) will open on the 5th of May.

We're back at The Westin Kuala Lumpur with an expanded program featuring
an additional track (HITB Labs) to our usual dual-track conference, 4
keynote speakers and over 25 international experts joining them.

We're expecting a 1000+ attendees from around the world to join us, so
if you have something cool, new and unreleased you'd like to present -
please do submit! See you in October!

Warmest regards,
The HITB Team

New Service Lets Canucks Opt Out of Telemarketing. Yay!

Even though I have asterisk blocking telemarketers to voicemail hell, I figure this is still of significance for our readers. This new service launched by Micheal Geist.. Here's a description he wrote about his new creation..

Regular readers of my work will know that I have been frustrated by Canada's do-not-call list, which contains far too many exceptions and has taken an embarrassingly long time to become operational. In response, today I am launching iOptOut, a website that will allow Canadians to opt-out of further phone calls (and emails) from dozens of organizations with a single click.

I began to develop the site soon after the do-not-call bill became law. The premise is simple - under the law, exempted organizations (which include charities, political parties, polling companies, newspapers, and companies with a prior business relationship) are permitted to make unsolicited telephone calls despite the inclusion of a number in the do-not-call registry. However, organizations must remove numbers from their lists if specifically requested to do so.

Check out the site Here : iOptOut