Monday, September 17, 2007

Phone Phreaking

Introduction
Phone phreaking is basically just hacking over a phone line. This could include phone line tapping, breaking into phone networks, gaining free long distance, and sometimes it is considered part of the realm of social engineering. Social engineering is gaining information by tricking people directly instead of hacking machines; you in other words "engineer using social tactics." In this post you will learn how to tap your own home phone line.


Tools needed:
Windows 95 dialer. exe ( RAR | EXE )
Free MP3 Recorder ( Main | Mirror)
A computer connected to a phone line... like what you did back in the days of Dialup.
Lets go back to the future using the Windows 95 Dialer.exe tool (It must be windows 95, NT/2000 will not work) Open it up and tell it to dial a letter. I normally put in "f".

This will bring up a new window that asks you to pick up the receiver. Just ignore that until you're done. You should hear the phone line in through your speakers.


The best time to listen in is to wait till someone starts dialing or after the parties have begun talking on the phone. If done too soon (like when you still have the tone) you will get a busy signal and it will hang up. Another practical use I have found for this program is when the answering machine picks up in another part of the house, I can hear the live recording by picking up just at the right moment.

I recommend getting a copy of Free MP3 Sound Recorder if you want to record the conversation. Any program will work that allows you to record windows internal sounds. (you could also use Audacity with a cable connecting your microphone to teh speaker, but unless you have a audio speaker you won't be able to here the conversation.
This will record the sound of the phone line allowing you to save it to mp3/wav format. Another recorder that I found to be pretty good was: http://www.roemersoftware.com/sound-recorder-comparison.html (get the free version)

Instructions for "Free MP3 Sound Recorder":
Click file--> New
Then Select Record and stereo checkboxes.
Click Ok and select the file format you want... I normally choose mp3.
Click Ok and select where you want to save the file.
A new window will come up saying "Do you want to start recording now?"
Select yes if you have the call on the line, or no if you have yet to make the call.

End Notes:
I have found that with practice I can have the line recording in thirty seconds (that is including the time to start each program). In many US states it is illegal to record a phone call without the consent at least one party. But you can find a complete list here: http://www.rcfp.org/taping/states.html

3 comments:

Anonymous said...

This is phone tapping, not phreaking, and your trivial example works only on circuits to which you have direct physical access. Phreaking is not a realistic possibility in modern telephone networks because of the technologies employed (and more specifically the ones deprecated) following successful exploitation many years before your interest in it grew. Your 'articles' are of poor quality and are misleading because they are factually inaccurate. Your netbios 'hacking' 'article' is nothing more than a pointer to port-scanning and brute-force password cracking the netbios service. Guessing passwords isn't hacking. I wouldn't draw attention to yourself in the realm of competent security researchers in the future, if I were you.

AEL said...

I agree, that this is phone tapping more than phreaking. Although this particular "hack" or whatever you want to call it could be used on a remote system. The general coding behind the program(TAPI phone) could be stripped out and inserted into a Trojan which then in turn could:

A. Dial whatever number it likes (this types have been called dialers in the past, for running up large phone charges to the infected PC)

B. Randomly listen in on the infected PC's line till it detects another sound(like voice or modem) other than the dial tone. One program that does this is now is modem spy which works with all Voice modems.

Also please realize that I didn't write this blog for experts. I wrote this to inform the everyday computer user what a hacker could do in order to make them more security aware. Thanks for you comment.

Anonymous said...

You have no idea what you are talking about haha, man people post crap about the most trivial things.