ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    FreePBX hardening ...

    Scheduled Pinned Locked Moved IT Discussion
    freepbx
    24 Posts 8 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch @Skyetel
      last edited by JaredBusch

      @Skyetel said in FreePBX hardening ...:

      @scottalanmiller said in FreePBX hardening ...:

      @Dashrender said in FreePBX hardening ...:

      @scottalanmiller said in FreePBX hardening ...:

      @marcinozga said in FreePBX hardening ...:

      @IRJ The scenario described above doesn't look like automated attack, and it's rather unlikely bots would be exploiting PBX to make international calls.

      Actually that's exactly what is done. Bots setting up calls.

      I'm curious - to what end? what's the benefit to them?

      It's big money. Huge money. If you hack a phone system and get free calling to high cost places, then sell that to people making calls at low rates, you can undercut other phone carriers, and pay nothing. So the profit on it is huge.

      Imagine being able to run a whole phone company, at essentially zero cost.

      Or sell illegal calling cards. Thats really common too.

      Or simply being the telco charging the high rate. You setup bots to call into your system and sit there holding the connection.

      1 Reply Last reply Reply Quote 0
      • JaredBuschJ
        JaredBusch @JaredBusch
        last edited by

        @JaredBusch said in FreePBX hardening ...:

        So I tested.

        The codes do appear to work on an inbound call, contrary to what that patch shows.

        I cannot make it transfer in such a way as my inbound call stays on the call though.

        But I can make the recipient side, such as my extension, be connected to some random number, potentially causing toll charges.

        1. Call DID
        2. Press *2 or ##
        3. Hear "transfer" and then dialtone.
        4. Dial a valid number
        5. Call is connected.

        I would expect that *2 attended transfer could be abused like this, but I could not get it to talk.

        hahahaha wait.. i was testing from another FreePBX system.. as that was an outbound call, of course it was allowed to make the transfer...

        So I disabled *2 and ## on the PBX I was calling out from.

        No, I cannot dial in to a FreePBX system and make this work.

        Totally patched 3 years ago.

        1 Reply Last reply Reply Quote 0
        • B
          BraswellJay @JaredBusch
          last edited by

          @JaredBusch said in FreePBX hardening ...:

          @BraswellJay said in FreePBX hardening ...:

          It appears that as currently set up, our FreePBX instance would suffer from this same kind of attack.

          I would love it if you can prove this.

          Because this was patched 3 years ago.

          Just to follow up, I guess I effed up. I thought I had successfully done this but as you said it is not possible.

          1 Reply Last reply Reply Quote 0
          • F
            flaxking @marcinozga
            last edited by flaxking

            @marcinozga said in FreePBX hardening ...:

            @IRJ The scenario described above doesn't look like automated attack, and it's rather unlikely bots would be exploiting PBX to make international calls.

            I think this is the first episode of the Darknet Diaries

            1 Reply Last reply Reply Quote 0
            • 1
            • 2
            • 2 / 2
            • First post
              Last post