Spamming With Asterisk

I wrote this simple script years ago when I needed to load test a bunch of Asterisk machines and simply scaled it back down to a level that’s simply annoying. Be aware that this can completely tie up every line you have if you set it to. I don’t advocate using this for malicious purposes. You could cron it to set a reminder or something less nefarious. To use this you need to have followed my previous guide on how to set up Asterisk. The code and functionality is pretty simple.

#!/usr/bin/perl

$numbertocall = "15552223333";
$numberofcalls = "200";

for($j=0;$j<$numberofcalls;$j++)
{
        $first = int(rand(899) + 100);
        $second = int(rand(899) + 100);
        $last = int(rand(8999) + 1000);
        $callerid = $first.$second.$last;
        open($fh, '>', "/tmp/$number.call");
        print $fh "Channel: SIP/flowroute/$numbertocall\n";
        print $fh "Application: Playback\n";
        print $fh "Data: tt-weasels\n";
        print $fh "CallerID: $callerid\n";
        close $fh;
        system("chown asterisk /tmp/$number.call");
        system("mv /tmp/$number.call /var/spool/asterisk/outgoing/");
        print "Called $numbertocall using $first-$second-$last\n";
        sleep(30);
}

Let’s go over the code.

This should be fairly self evident. You plug in the number to dial and how many time it’s supposed to dial it. It’s currently set to 200. Note that if you keep this set at 200 and ignore the resulting calls that it will leave a voicemail saying “weasels have eaten your phone system” from a random number 200 times.

$numbertocall = "15552223333";
$numberofcalls = "200";

Our for loop simply keeps creating calls until the limit is reached or you ctrl+c

for($j=0;$j<$numberofcalls;$j++)
{
...
}

Here’s the fun part. We generate a random caller-id that will get set and shown on the recipient’s phone. Every time.

$first = int(rand(899) + 100);
$second = int(rand(899) + 100);
$last = int(rand(8999) + 1000);
$callerid = $first.$second.$last;

Now, we write a file to /tmp containing the actual call information. This includes using flowroute as our outbound SIP trunk, the built in Asterisk application called Playback, the included sound file called “tt-weasels”, and we set our caller-id to what we generated earlier.

open($fh, '>', "/tmp/$number.call");
print $fh "Channel: SIP/flowroute/$numbertocall\n";
print $fh "Application: Playback\n";
print $fh "Data: tt-weasels\n";
print $fh "CallerID: $callerid\n";
close $fh;

Next, we chown the file so that the asterisk user can manage it and move it to “/var/spool/asterisk/outgoing”. This folder is special. Asterisk is constantly watching it for .call files like we’re generating and automatically picks them up and spawns a call with the contained information. You could achieve something similar using the AMI but this works perfectly fine as well. Once the call is moved we sleep for 30 seconds before generating another.

system("chown asterisk /tmp/$number.call");
system("mv /tmp/$number.call /var/spool/asterisk/outgoing/");
print "Called $numbertocall using $first-$second-$last\n";
sleep(30);

Assuming you named the file “dialer.pl” you can simply run “perl dialer.pl” to start it. Output should look similar to this

root@asterisk:~# perl dialer.pl 
Called 15552223333 using 555-111-4444

If you’d like to watch the calls being picked up and processed by asterisk you can run “asterisk -rvvv” to get verbose output

asterisk*CLI> 
    -- Attempting call on SIP/flowroute/15552223333 for application Playback(tt-weasels) (Retry 1)
  == Using SIP RTP CoS mark 5
    -- <SIP/flowroute-00000004> Playing 'tt-weasels.gsm' (language 'en')
[Feb 24 00:30:44] NOTICE[1365]: pbx_spool.c:402 attempt_thread: Call completed to SIP/flowroute/15552223333
asterisk*CLI> 

Use this responsibly and don’t encapsulate the existing for loop with another to generate a lot of concurrent calls to completely tie up the phone system of telemarketers forcing them to change their DID blocks.

Asterisk Setup

I’ve been using Asterisk off and on for the past 10 years or so. For those wondering it’s basically software phone system often called a PBX. You can use it to do some very crazy things. I won’t cover those in this post as it’s meant to simply be a precursor to assist in setting it up for later posts. You’ll need a VPS or a Linux VM. I’ll be doing this on Ubuntu 14.04 but any debian derivative, Arch, and most other distros should have it in the repo.

First, ssh into your machine and install Asterisk.

root@asterisk:~# apt-get update && apt-get install asterisk

Once that’s done we need a way to actually make phone calls. I use a SIP provider called FlowRoute found at flowroute.com. I’ve used them for several years now with no issues whatsoever. The prices are cheap ($0.0098/min for US-48) so credits usually last me a while. They’ll also give you $0.25 to start with so you can try it out. Create an account there and log in. Once you’re in you need to click the “Interconnection” button at the top.

interconnection

From here you need to click the “System Configurator” link in orange underneath the “Tech Prefix” section

configurator

Then select “Asterisk” from the dropdown menu

configuration

Once you’re there all you should have to do is copy and paste the values in the three black boxes and put them at the end of their respective files.

/etc/asterisk/sip.conf

sip.conf

/etc/asterisk/extensions.conf

extensions.conf

Once done check to make sure Asterisk is running and start it if it’s not.

root@asterisk:~# service asterisk status
 * Asterisk PBX is running

Then open the Asterisk shell with “asterisk -r” and reload the config with “reload”

root@asterisk:~# asterisk -r
Privilege escalation protection disabled!
See https://wiki.asterisk.org/wiki/x/1gKfAQ for more details.
Asterisk 11.7.0~dfsg-1ubuntu1, Copyright (C) 1999 - 2013 Digium, Inc. and others.
Created by Mark Spencer <markster@digium.com>
Asterisk comes with ABSOLUTELY NO WARRANTY; type 'core show warranty' for details.
This is free software, with components licensed under the GNU General Public
License version 2 and other licenses; you are welcome to redistribute it under
certain conditions. Type 'core show license' for details.
=========================================================================
Connected to Asterisk 11.7.0~dfsg-1ubuntu1 currently running on asterisk (pid = 942)
asterisk*CLI> reload
asterisk*CLI>

Then you should be able to run “sip show peers” and show a connection to flowroute

asterisk*CLI> sip show peers
Name/username             Host                                    Dyn Forcerport ACL Port     Status      Description                      
flowroute/redacted        333.333.333.333                               a             5060     Unmonitored                                  
1 sip peers [Monitored: 0 online, 0 offline Unmonitored: 1 online, 0 offline]

That’s it! You’re all set up. One thing you should absolutely do at this point is secure your Asterisk installation. If you’re on a VPS you will have people try to brute force/scan your Asterisk service constantly. Read this page for information. I should have some new posts soon on fun things to do with Asterisk.

Open Plex Servers

I was having a bit of an issue with Plex the other day with it being accessible without using my VPN and got it working by opening the default 32400 port. I didn’t leave it like that but I was wondering who did. It turns out that a little over 3,000 people did. Pretty much any of those IP’s will give you full access to their library if you simply add /web to the end of the URL that shodan returns. What’s worse is that you can then queue up jobs to re-encode all the video or simply delete the libraries all together. I don’t advise this and simply verified that functionality on my already installed Plex server before fixing my own issue.

openplex

 

Search pattern is here. You’ll need to log in to view it.

https://www.shodan.io/search?query=X-Plex-Protocol+-unauthorized