• War Dialing in 2023 and Beyond

    From warmfuzzy@700:100/37 to All on Tue Aug 1 01:52:34 2023
    Is War Dialing (from the classic movie "War Games") still a thing? I think so. There are a lot of big corporations that still have a remote access option though the Plain Old Telephone System (POTS). In my last corporation that I worked for they had what seemed to be an active and yet never used RJ-11 plug in the staff lounge. The server tower was about 20 meters away, and one could imagine how a person could install a wifi pipe from the server closet to the staff lounge and the wire connected to a nano computer that is both hard to detect and not in plain sight.

    This is just a thought. I have not hacked them nor will I. I'm just considering how easy it would be to add a backdoor to the building. Their system is fairly secure, they use Active Directory (I think), and their internal network is encrypted. However, lets say you just want some sort of secure method to communicate to "home base" without worrying about back-tracing your comms. This could be done by hooking the internal ethernet connection to a POTS computer, etc. etc. So it would be very slow (at about 7 K/sec), but if you're looking to find some sort of way to talk with, your paranoid friends using a method of proxying like this can be in place for the worst case scenario.

    No, I haven't tried this, again I'm not going to, but hypothetically a setup like this can be done on systems that are so large that they can't easily be secured.

    A nearby library also had a dial-in using an old 28.8 kbps to get into their library catalog remotely. It is doubtful that the admins at that library even realize that there is still a BBS on their network.

    A modern day phone phreak can still find lots of juicy networks to explore, but rather than in the past where they would access active communication routes, the routes now-a-days have been forgotten about, just being left and completely forgotten about.

    Cheers!
    -warmfuzzy

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (700:100/37)
  • From poindexter FORTRAN@700:100/20 to warmfuzzy on Tue Aug 1 07:55:00 2023
    warmfuzzy wrote to All <=-

    Is War Dialing (from the classic movie "War Games") still a thing? I think so. There are a lot of big corporations that still have a remote access option though the Plain Old Telephone System (POTS).

    War dialing for access ports is still possible, but modern central
    office phone switches can track sequential dialing and flag it.

    In my last
    corporation that I worked for they had what seemed to be an active and
    yet never used RJ-11 plug in the staff lounge.

    At my first job, they had a wall phone in the lounge for people to make
    personal calls. This was way before cell phones.

    This is just a thought. I have not hacked them nor will I. I'm just considering how easy it would be to add a backdoor to the building.
    Their system is fairly secure, they use Active Directory (I think), and their internal network is encrypted. However, lets say you just want
    some sort of secure method to communicate to "home base" without
    worrying about back-tracing your comms. This could be done by hooking
    the internal ethernet connection to a POTS computer, etc. etc. So it would be very slow (at about 7 K/sec), but if you're looking to find
    some sort of way to talk with, your paranoid friends using a method of proxying like this can be in place for the worst case scenario.

    Checkout the podcast "Darknet Diaries" for stories of penetration
    testing. Most intrusions are physical.




    ... Back in the stream that feeds the ocean that feeds the stream.
    --- MultiMail/Win v0.52
    * Origin: realitycheckBBS.org -- information is power. (700:100/20)
  • From paulie420@700:100/71 to warmfuzzy on Tue Aug 1 16:51:34 2023
    This is just a thought. I have not hacked them nor will I. I'm just considering how easy it would be to add a backdoor to the building.
    Their system is fairly secure, they use Active Directory (I think), and their internal network is encrypted. However, lets say you just want
    some sort of secure method to communicate to "home base" without
    worrying about back-tracing your comms. This could be done by hooking
    the internal ethernet connection to a POTS computer, etc. etc. So it would be very slow (at about 7 K/sec), but if you're looking to find
    some sort of way to talk with, your paranoid friends using a method of proxying like this can be in place for the worst case scenario.

    I wasn't too big into phreaking, but I was a dialer... I mainly used it in the late 90s to find unix shells, but also hunted for any computer system that would answer with Hayes commands.

    I also fired bluebeep back up in the early oughts when VOIP PBXs at corporations became a huge thing - I won't go into detail about THAT part here, but found many systems and some exploits.

    When VOIP came to the masses, it was awesome to scan in areas that were unattainable prior. Might be useful today, but not on the old softwarez that we used on DOS, or even 32bit Win... does anyone know of 'current' dialers? (Even if considered legacy now-a-days...)



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: 2o fOr beeRS bbS >> 20ForBeers.com:1337 (700:100/71)