__________ __ ________________ / _____/ \ / \/ _ \__ ___/___ _____ _____ \_____ \\ \/\/ / /_\ \| |_/ __ \\__ \ / \ / \\ / | \ |\ ___/ / __ \| Y Y \ /_______ / \__/\ /\____|__ /____| \___ >____ /__|_| / \/ \/ \/ \/ \/ \/ [ 1998 - 2010 - Hacking, Phreaking & Anarchy in the UK ] January 12 2010 . Author -=The Firestarter=- ---------------------------------------------------------- [ Abusing Skype: Phreakers paradise? ] ---------------------------------------------------------- Recently (Autumn 2003?) i've been abusing the wonders of Skype: VoIP for the masses Other than being able to talk to other skype users all over the world for free (whether talking to them is done as a wind up, to alliviate bordom or to guenuinly get to know people), its also handy for staying in touch with other krew members and such like. Of course all this is all well and good, but it really comes into its own when it allows you to dial freefone numbers WITHOUT having anything more than a normal free account. So entering: +44 800 890 011 Would connect you to the UK's direct dial number for AT&T in the states. This opens up a whole host of posibilities! For a start, with the basic free account that we are dialing out from, there is no way to dial back, thus any return call number wont be too easy for the recivier to get hold of. Of course we're not 100% anonymous, but it does give us an extra layer of security when dialing out and dealing with really small companies etc. Although that said, i'm sure if you abused it enough Skype would gladly grass you up should any telco come asking questions. Skype Via Socks ---------------- In order to try and gain total anonymity we'll try routing calls via free SOCKS proxy servers. Skype seems to support SOCKS 5 & HTTPS proxy servers. I assume it doesn't support SOCKS 4 as it wouldn't be able to handle the more advanced ways that VOiP travel the internet. SOCKS 5 proxies, sadly, aren't as popular to find as opposed to there SOCKS 4 couterparts. Nonetheless we'll strive to see what can be found. Now, routing Skype though one or two SOCKS proxies will no doubt decrease the call quality, although admitidly not by much. You should be more worried about the link between the two servers going down. Now once we're all set up and after pissing around with SOCKSCHAIN for hours we finally get something thats working to an extent. Using this we can happily wardial numerous freefone numbers (albeit by hand) to see what wonders can be discovered. it does somewhat have advantages when it comes to phreaking via skype. for a start it keeps a record of the numbers that you've dialed so you can get any juicy mis-dialed numbers down. its handy to be able to hear shit through your speakers (or headset if thats your set up). It is however a bit of a pain in the arse when it coes to entering numbers using the mouse. its also a bit of a fucker when it comes to wardialing using something like ToneLoc as you need seriously overpriced hardward to wire your modem up. Personally i've no experience with it, when i do i'll write about it, unless someone beats me too it and sends something in. That said regarding toneloc though, from my own experience in wardialing, i've always scanned by hand when it comes to seriously looking for shit. So we can scan for voice mail systems all over the world, numerous PBX's, Voice Bridges etc etc as long as the number to call it is free. Already the account is semi-anonymous in the sense that you don't have to pay for it, and you could always (in theory) connect to the system using stolen wireless networks or whatnot. Or even wire up two pre-paid moile phones to connect to the net and use that. or if your just using VOiP - just use the pre-paid mobile phone. Routing your connection via numerous proxy servers will aid in hiding your identity but might take you some time to get all set up. Although that said, if you had one secure SOCKS5 proxy and/or HTTPS proxy then using that might be useful. As i see it at the moment, in theory usiing skype for phreaking is an awesome idea and to many extents its very practicle, but i do believe that more research and development is going to need to be put in if we're to devise any ways of utilising it securely. Oh well at least it'll give us something to look into on an evening. More on VOiP as we exploit it