Log in
Forgot password ?
Become a member for free
Sign up
Sign up
Dynamic quotes 

4-Traders Homepage  >  News  >  Companies  >  All News

News : Companies

Latest NewsCompaniesMarketsEconomy & ForexCommoditiesInterest RatesBusiness LeadersFinance ProfessionalsCalendarSectors

How to Build Your Own Caller ID Spoofer: Part 2

share with twitter share with LinkedIn share with facebook
share via e-mail
07/12/2018 | 07:20pm CEST

In Part 1, we talked about the need for organizations to test their security programs by performing social-engineering campaigns with their employees so they can understand employee susceptibility to these kinds of tactics, the potential impact to the organization of this kind of attack, and develop methods of defending against a real attack. We spoke about the need for accurately simulating threat actors by setting up an Asterisk PBX server and configuring a SIP trunk in order to communicate with a chosen service provider. We discussed how to create an extension, how to manually set your caller ID, and how to interact with your brand new SIP trunk with Linphone, a popular open-source softphone application.

This post will take it a step further. We will discuss how to setup a DID external telephone number, configure a DISA and forward your call to your PBX, and how to setup an extension configuration to create a menu for you and your users to automate the spoofing process. This way, you can dial a telephone number, enter (via touch-tone) the telephone number you want to spoof, and enter the telephone number you want to call.

And just to be completely and totally clear: The techniques described here are useful for bolstering your credibility when performing a penetration testing engagement that has a social engineering component. Spoofing your caller ID isn't illegal in the United States, but misrepresenting your identity can be illegal in many situations. So, always get your client's informed consent before tricking their employees. Always, always, always.

Alrighty, with that out of the way, let's get started!

Setting up DID with your Service Provider

This step will be done through your service provider. You need to choose your external DID telephone number which will be used to externally dial in to your PBX. If your provider has a login portal like mine, you should be able to set this up online. Here's an example of what it looks like on my provider's portal:

These DIDs should not be very expensive. My service provider charges about 50 cents a month. Once you've got your DID telephone number, you need to be sure to route your DID to the Trunk we setup on the service provider earlier. This should also be possible through your VoIP provider's portal. Here's an example of what routing DIDs looks like with my provider's portal:

Configuring DISA to Route Internal DID Calls to Internal Extension

With this step, we'll be setting up the bridge that will link the external phone number to your PBX. For network engineers, this is functionally similar to setting up a VPN. You'll need to ensure the DISA module is installed in your version of Asterisk.

  • Applications → DISA
    • You can install this plugin by:
      • Admin → Module Administration.
      • Select Standard, Extended, and Unsupported and click 'Check Online.'
  • Once installed, navigate to Applications → DISA
  • Click 'Add DISA'
    • Create a name.
    • Add a PIN to authenticate when dialing in to your DISA.
    • Everything else should remain default.
  • Connectivity → Inbound Routes
  • Enter your DID telephone number provided from your service provider.
  • Set Destination to the DISA we created earlier.

Writing Custom Extension to Spoof Calls on the Fly

Shoutout to Ventz from vpetkov.net for his blog on spoofing caller ID on the fly. I largely based my configuration off his example provided here:


Custom Asterisk configurations must be saved in '/etc/asterisk/' and contain 'custom' in the name (e.g., vim /etc/asterisk/extensions_custom.conf). The following configuration answers the incoming call from our external dialed in DISA, reads the instructions (audio file), accepts the user input, and dials the user-specified number with the assigned user-specified caller-id:

The configuration answers the call then waits two seconds. The file 'welcome' is then played, which is located in The system then waits for user input, accepting up to 10 digits to be entered. The user submitted digits are then assigned to the outbound caller ID variable. The system then reads back the input submitted by the user, plays the file, and assigns the user input to the destination phone number variable.


All of this information took me a few years to learn. Not because it was difficult, but mostly because I didn't know I had a need for it, I had a different system/process in place for spoofing caller ID, and the information for how to spin up the infrastructure wasn't readily available. Hopefully this will help you out with getting your spoofer rig setup. If you have any questions throughout the process, feel free to reach out via Twitter (fr4nk3nst1ner). We follow strict guidelines which are documented and approved in our customer contracts and only perform Vishing and spoof Caller ID after authorization has been provided. Remember to follow the rules, hack only authorized folks, and have fun with your next telephone pretexting gig!


Rapid7 Inc. published this content on 12 July 2018 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 12 July 2018 17:19:02 UTC

share with twitter share with LinkedIn share with facebook
share via e-mail
Latest news "Companies"
05:48aUR ENERGY : US Government To Investigate Uranium Imports
05:48aTHAI AIRWAYS INTERNATIONAL PCL : Thailand Moves To Repatriate 5,000 Citizens Working In Saudi Arabia
05:48aWMP rules to be tightened further
05:48aTelecom merger to usher in 5G era
05:47aTSINGTAO BREWERY : Roll out the barrel
05:46aMore Chinese firms make Fortune Global 500
05:45aLeading global smart card developer UBIVELOX enters cryptocurrency market with strategic alliance with Pundi X
05:44aSOCIETE GENERALE : eyes Nhon Trach 3&4 thermal power plants
05:44aVEMI GROU : US Vemani Group buys 20 per cent stake in Vietnamese fintech firm
05:44aHO CHI MINH CITY SECURITIES : Handover delay of Mandarin Garden 2 to cut Hoa Phat’s profit by VND200 billion
Latest news "Companies"